FAQ: Disable Port 137, 138 and 139

"There’s No Such Thing As A Silly Question" -- does the cliche sound familiar? In this part of pimp-my-rig reloaded, technical questions are answered. Mail them to me and I will post the answers here. If you have a better answer, by all means share it with us.

In one of our FAQ entries, the disabling of port 135 was outlined. And it successfully shutdown port TCP/135. Now one of the questions asked was how to disable netbios ports UDP/137 (netbios-ns), UCP/138 (netbios-dgm) and TCP/139 (netbios-ssn). This procedure disables all three ports and the procedure is as follows.

[1] Right-click "My Network Places" and select "Properties" from the ensuing menu that opens.

[2] Executing the previous step opens a window showing the available network connections in the machine. Right-click on "Local Area Connection" and select "Properties". This step is almost similar to the previous.

[3] Scroll down to "Internet Protocol (TCP/IP)". Select it (to highlight it) and click "Properties". You will be opening another window similar to the one below.

[4] From the "Internet Protocol (TCP/IP) Properties" Window, click on "Advanced.." (toward the lower right). Then go to the "WINS" tab (like the screenshot below).

[5] Under "NetBIOS setting", tick "Disable NetBIOS over TCP/IP" and click OK to accept the change. Click OK to the other windows previously opened prior to this properties window.

The ports 137, 138 and 139 will have closed on the machine. If the machine has multiple network interface connections (or NICs), repeat the above for every connection.

Closing down the above ports for a Windows XP Pro machine has so far not impacted any application on my end. If it should impact an application you are running, please let me know so I can post them here for the information of others.

Read More

HOW-TO: Resolve Slow CD/DVD Burning Speed

I have had a unique experience today (or at least unique is what I thought it was). I booted my Dell Latitude D630 with the secondary bay battery in. When I tried to swap the secondary bay battery with the NEC 6500A DVD-RW drive to burn a DVD, I noticed that the DVD burning was painfully slow. It used to take about 15minutes to complete, but now it estimates an hour. Something was terribly wrong.

Before doing anything, I documented this event and I know it would be interesting to post in Pimp-My-Rig after resolution of the problem. To give you a baseline, my D630 is running the latest SP3 of Windows XP Pro up-to-date with the November 2008 patches and has the recently released A14 BIOS installed.

The first area I checked was if the DVD-RW was working in DMA mode. And this was where the problem was -- the drive was working in PIO mode, as seen from the screenshot below.

I then tried to unplug the drive and re-insert it on the bay but then the PIO mode was persistent. Even when the IDE driver itself was re-installed, it didn't solve anything.

Before doing a reboot, I tried looking for answers from the internet and this site had the exact answer. It involves modifications to the registry, so in replicating the same procedures in your computer be sure to have a backup.

[1] Open Registry Editor. Start --> Run.. --> regedit.

[2] Locate the key: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0000

[3] Edit --> New --> DWORD Value. Add the entry "EnableUDMA66" and give it a value of "1".

[4] Quit the registry editor and restart the computer.

After reboot, the NEC 6500A DVD-RW was now working in Ultra DMA Mode 2 and burning speed was back to normal.

I hope this experience also resolves similar problems you encounter.

Read More

FAQ: C Compiler Cannot Create Executables

"There’s No Such Thing As A Silly Question" -- does the cliche sound familiar? In this part of pimp-my-rig reloaded, technical questions are answered. Mail them to me and I will post the answers here. If you have a better answer, by all means share it with us.

FAQ: A friend came to me to ask for help trying to troubleshoot a configure error that he had trying to build a package for Solaris. The error was:

configure: error: installation or configuration problem: C compiler cannot create executables.

Luckily for him, I have experienced this problem before and the solution is below..

Make sure you have the following packages installed on your system:

[1] for tools (sccs, lex, yacc, make, nm, truss, ld, as):
SUNWbtool, SUNWsprot, SUNWtoo, SUNWcpp

[2] for libraries & headers:
SUNWhea, SUNWarc, SUNWlibm, SUNWlibms
SUNWdfbh, SUNWcg6h, SUNWxwinc, SUNWolinc,
SUNWxglh, SUNWlibC, SUNWzlib, SUNWscpu

[3] for 64 bit development (in Solaris 10 these have all been merged into their non-"x" versions):
SUNWarcx, SUNWbtoox, SUNWdplx, SUNWscpux, SUNWsprox,
SUNWtoox, SUNWlmsx, SUNWlmx, SUNWlibCx, SUNWzlibx

[4] for ucb compat:
SUNWsra, SUNWsrh

To know if the package is installed, you may run this command:

root@host# pkginfo

Installing the above packages will alleviate the problem.

If you have encountered this problem before and have a different solution, pls let us know.

Read More

FAQ: Download Embedded Flash SWF Files (via Firefox)

"There’s No Such Thing As A Silly Question" -- does the cliche sound familiar? In this part of pimp-my-rig reloaded, technical questions are answered. Mail them to me and I will post the answers here. If you have a better answer, by all means share it with us.

FAQ: Most likely the webpages you view contain embedded flash media. And chances are you are/were fascinated with the way it was presented and you would like to keep a copy for yourself for keepsakes or offline viewing. But how do you extract and save those files?

Believe it or not, the ease in doing this task is primarily dependent on your choice of browsers. If you and I share the same taste (and chose firefox), getting this trick done is just as easy said and done.

Follow along as the simple steps will get you your flash media in a bit:

[1] Browse over to your favorite site containing the embedded media. For this example, I'm browsing over to my "hang-out" tech website tipidpc.com.

[2] Wait for the page to finish loading.. Then, on the tool bars of firefox, click Tools --> Page Info.

[3] Change over to the Media tab and from the menu select the embedded media you wish to save.

[4] Highlight the media (click on it) and click on Save As.... And save it to a directory of your bidding.

That is how simple it is to save embedded flash media or any other embedded media. And like I previously stated, your choice of browsers dictate how easy it is to download and save them.

Read More

FAQ: PERL CPAN Error "Undefined subroutine &Compress::Zlib.."

"There’s No Such Thing As A Silly Question" -- does the cliche sound familiar? In this part of pimp-my-rig reloaded, technical questions are answered. Mail them to me and I will post the answers here. If you have a better answer, by all means share it with us.

FAQ: While trying to build and upgrade PERL modules for a new box a friend came across this error and it completely stalled his work. In order to get to a solution, I replicated the build procedures with his help and found myself in the same predicament.

To illustrate, we were going to build perl modules. Getting into the PERL shell.

root@host# perl -MCPAN -e shell

cpan shell -- CPAN exploration and modules installation (v1.9205)
ReadLine support enabled

cpan[1]> install Bundle::CPAN
...
...

In order to cut the story short we encountered the error below:

Undefined subroutine &Compress::Zlib::gzopen called at /usr/lib/perl/5.8.8/CPAN.pm line XXXX.

About to give up hope in this automated and supposedly seamless installation, I decided to give it a manual push. Quitting the cpan shell, I changed directory to where the source files of Compress::Zlib were located.

root@host# cd /root/.cpan/build/Compress-Zlib-2.015
root@host# perl Makefile.PL -xs
Writing Makefile for Compress::Zlib
root@host# make test
PERL_DL_NONLAZY=1 /usr/bin/perl "-MExtUtils::Command::MM" "-e" "test_harness(0, 'blib/lib', 'blib/arch')" t/*.t
t/000prereq.....ok
t/01version.....ok
t/03zlib-v1.....ok
t/05examples....ok
t/06gzsetp......ok
t/08encoding....ok
t/14gzopen......ok
t/99pod.........ok
All tests successful.
Files=8, Tests=766, 3 wallclock secs ( 0.02 usr 0.21 sys + 1.76 cusr 0.67 csys = 2.66 CPU)
Result: PASS

root@host#

After seeing the result of "make test" above, I had breathed a sigh of relief -- Result: PASS. Manually kicking the installation of Compress::Zlib did solve the problem. After execution of "make install", we went back to the automated install of the Bundle::CPAN module and everything went well.

I hope the above solution works for you as well.

Read More

FAQ: ACPI Multiprocessor HAL Upgrade Script

"There’s No Such Thing As A Silly Question" -- does the cliche sound familiar? In this part of pimp-my-rig reloaded, technical questions are answered. Mail them to me and I will post the answers here. If you have a better answer, by all means share it with us.

It came as as surprise to me that in the past few days, I have received several mails requesting for the multiprocessor HAL upgrade script which was part of the article of the same heading. Apparently the script is no longer available for download.. and there is a growing fan base of those using the script.

Rather than replying to separate mails with the script attached, I have decided to post the code of the script here instead.

Kindly refer to below for the HAL upgrade script:

@echo off
@title "Upgrading to ACPI Multi-Processor HAL.."
cls

echo ====================================================
echo Upgrading to ACPI Multi-Processor HAL..
echo ====================================================
echo.
echo please wait..

devcon sethwid @ROOT\PCI_HAL\0000 := !E_ISA_UP !ACPIPIC_UP !ACPIAPIC_UP !ACPIAPIC_MP !MPS_UP !MPS_MP !SGI_MPS_MP !SYSPRO_MP !SGI_MPS_MP > nul
devcon sethwid @ROOT\ACPI_HAL\0000 := !E_ISA_UP !ACPIPIC_UP !ACPIAPIC_UP !ACPIAPIC_MP !MPS_UP !MPS_MP !SGI_MPS_MP !SYSPRO_MP !SGI_MPS_MP > nul
devcon sethwid @ROOT\PCI_HAL\0000 := +ACPIAPIC_MP > nul
devcon sethwid @ROOT\ACPI_HAL\0000 := +ACPIAPIC_MP > nul
devcon update %windir%\inf\hal.inf ACPIAPIC_MP > nul

echo.
echo ====================================================
echo Script Completed: press any key to reboot..
echo ====================================================

pause > nul

devcon reboot

Copy and paste the above code into your favorite text editor and save as halupgrade.cmd. Please note that lines starting in "devcon" (the five consecutive lines of code) should end in "nul".

I hope the above helps. Share with me your success story in using the script.

Read More

FAQ: Disable Port 135 (Disable DCOM)

"There’s No Such Thing As A Silly Question" -- does the cliche sound familiar? In this part of pimp-my-rig reloaded, technical questions are answered. Mail them to me and I will post the answers here. If you have a better answer, by all means share it with us.

FAQ: One of the questions thrown at me was about closing down port 135. This of course entails disabling the corresponding application using the port, which, in this case is DCOM. Thus this procedure is also for disabling DCOM.

NOTE: Remember, before making any changes backup the registry or export the branch for safekeeping. Simply merge the backup in case things don't go as smoothly.

[1] Start by launching the registry editor.

Start » Run » regedit.

[2] Navigate over to key: HKEY_LOCAL_MACHINE \ Software \ Microsoft \ OLE

At the right column, locate the value "EnableDCOM" and modify the value to "N".

[3] Navigate to this registry key: HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RPC

Right click on & Modify the value named "DCOM Protocols" Under the key "Value Data", you will see values like below (or something similar). These values keep port 135 open. Highlight everything listed and delete all existing data. Doing so gives "DCOM Protocols" blank data which will in turn close down port 135.

[4] It is now safe to disable the services related or tied to DCOM. Open Control Panel » Administrative Tools » Services. Disable the following services since DCOM has been disabled:

- COM+ Event System
- COM+ System Application
- System Event Notification

[5] Restart the computer after changes have been made. To verify, when your computer has restarted open a command terminal.

Type "netstat -an" and for certain you will no longer see port 135 -- meaning it has been closed. Hope this has helped you in finally closing down port 135, thereby eliminating a possible vulnerability.

In my experience, this has no impact on office applications or internet connectivity. If running other applications, consult with the vendor for requirements relating to port 135 (or DCOM) before closing it down.

Check with us again soon as we will outline how to close down port 137 (netbios-ns), port 138 (netbios-dgm) and port 139 (netbios-ssn).

Read More

REVIEW: GELID Wing12 Silent Fan

As complicated as making a choice of a heatsink, is the choice for the fan to couple that heatsink. Although generally, some heatsinks are already pre-packaged with fans, that doesn't limit the end-user from tweaking with the stock fan or even upgrading to a better one. When deciding, the major categories of prime concern being noise levels and the volume of air the fan can circulate (in cubic feet per minute or CFM).

Coming up with the choice of fans is even harder due to most hardware sites featuring heatsink performance rather than fans. Not as worse as it may seem, but the truth is -- fans are overlooked. Let us change that impression a bit by putting the GELID Wing12 Silent Fan in the limelight.

Fans do contribute to the system as a whole. And probably the most important aspect when making the choice is striking the balance between noise and performance. More often than not, performance has to be acceptable but at the cost of higher noise levels.

But just as heatsinks have evolved into what they are now, fans do too. When stumbling into the term "hydrowave bearing", what comes into mind is Panaflo. Panaflo fans have built a reputation due to that technology embedded in its fans and the proven performance it delivers. GELID attempts to do the same with its innovative nanoflux bearing (or NFB).

According to its product label:

NanoFlux Bearing (NFB) - Patented GELID's Nanoflux bearing incorporates a clever magnetic design, very high precision manufacturing and runs friction-free and operates noiseless. Electromagnetic fields are exploited to keep solid parts from touching. The load is carried by a magnetic field. The nanotechnology composite ensures lowest abrasion and extreme durability (MTTF 100,000 hours).

Compared to sleave and ball bearings the high precision self-lubricated material of GELID's Nanoflux bearing eliminates oil leakage. Additionally the impeller can be detached and this the fan blades can be cleaned easily and is even waterproof.

The fan is conceptualized with absolute silence in mind. Although the featured ratings of 0.22A 1500 RPM already indicate silent operations for a 120mm fan, it is further packaged with a fan speed control and rubber gromet fan mounts to absorb vibration. However minute, this attention to detail is vital.

It is not everyday you get to see a waterproof fan and the Wing12 is one. On the aethetics department, the fan blades are UV reactive. So if you got yourself a windowed case with UV cathode lamps this fan will add more bling bling to the rig. Judging from the look of the fan, the advertised high quality material composition is very evident.

Also, the fan impeller could easily be detached and replaced with an impeller of another color. The detachable impeller makes possible easier cleaning of the fins and the fan cage.

To test its performance, the Wing12 silent fan was mounted on a Thermalright Ultra 120 Extreme (TRUE120) with an Intel Core 2 Duo E6600 overclocked to around 3GHz. With the same set-up, we pitted comparator fans against its performance.

To load the processor cores, the multi-threaded WinRAR benchmark was ran. And with only the heatsink fan spinning, temperature readouts were taken. See below for the results.

The fans performed according to their CFM ratings. With FM121 providing the best output of around 110CFM but at disturbing noise levels while the two silent competitors follow suit. GELID Wing12 proved to be slightly better than the AF12025. Although both fans were silent, when in operation the Wing12 was relatively quiet compared to the AF12025.

The Wing12 strikes the balance between performance and silent operations. In my opinion, the bundled fan speed control mechanism is no longer required as the fan is silent as it is. Without the bundled fan speed control the price could probably be shaved further making the fan more affordable. Perhaps another variant which has a higher speed and CFM rating can make use of that accessory.

It is interesting to see evolution of technology in the area of fans. GELID's Nanoflux bearing is a "newbie" but is up to the task and is certainly a step in the right direction. Factor in that technology together with the build quality, aesthetics, replaceable impeller, the balance between performance and silent operation -- the Wing12 Silent Fan has them. Definitely, the Wing12 silent fan is a powerful addition to a rig aimed at silence. It will, no doubt, pimp your rig!

Thanks to GELID solutions for sending us review samples of the Wing12 and Wing9 low speed silent fans.

Read More

REVIEW: WD Caviar 640GB WD6400AAKS SATA II Drive

In the previous review (Seagate ST3640323AS 640GB), we found out that the cache and platter areal density contributes or influences the overall performance of the drive. And, from the results, it is quite clear that the trend is a direct proportion.

What we will see in this review prompted us to correct that view and state the above statement must be true for two-platter drives. Or this may perhaps be a general rule but with exceptions, of course. What does this mean?

First, please allow me to give a background of what happened. We were using the ST3640323AS 640GB as primary (boot) drive, standalone. After launching several applications, the PC would seem to freeze with the HDD activity LED lit up. Eventually the system will recover after random lengths of "freezing". Other times the drive would "disappear" and go undetected by the BIOS.

After hours of troubleshooting, BIOS flashing, and re-installing Windows, and days of waiting for replacement for the brand new ST3640323AS that we thought to be defective.. we soon discover that there is an incompatibility between the ST3640323AS and the Asus Maximus II Formula. After going through three ST3640323AS replacements, the decision was to replace the drive with a similarly-sized WDC 640GB WD6400AAKS.

(For purposes of traceability, the firmware on the ST3640323AS drives is SD13.)

To gain better confidence with the health of the drive, we ran the same check and found it to be in perfect shape with the obvious conclusion that there must be a compatibility issue with the chipset and the 640GB ST3640323AS.

We ran the benchmark of HD Tune to see if the drive lives up to its standards. And indeed it does!

There are several facts gleaned off this experience and the empirical observations gathered. Not only is the Western Digital Caviar 640GB WD6400AAKS faster than its 1TB next generation counterpart, with higher areal density, it is also incompatibility-free (for the lack of a better term). This seems to be a logical explaination to the previous puzzle on the price premium of WD drives over its counterparts.

Comparing apples to oranges is unfair. Three (3) platter disks are not the same as two (2) platter ones but from the point of view of areal density, bigger does not always translate to faster. It may be too, that the firmware of the 1TB WD1001FALS needs more tweaking to perform better. This line of reasoning seems to be more applicable in this case.

Regardless of the reasons behind, this fact does not escape our notice: the WDC 640GB WD6400AAKS is a fast drive that will pimp your rig!

Acknowledgments, again, to my good friend Xavier Zulueta for the review of the WD6400AAKS.

Read More

FAQ: Tame the Time of a Virtual Machine?

"There’s No Such Thing As A Silly Question" -- does the cliche sound familiar? In this part of pimp-my-rig reloaded, technical questions are answered. Mail them to me and I will post the answers here. If you have a better answer, by all means share it with us.

FAQ: The current concept of centralization is being countered by the evolution of virtual machines (VM). Specific functions are decentralized into containers that can be decommissioned just as fast as they were commissioned. However, one can run into problems as the VM seems to have a mind of its own when it comes to time. How then can you tame the VM's concept of time?

Virtual machines are convinient. Given enough resources, VM's for testing purposes can come and go. However, for time sensitive applications the VMs seems to have its own world. And it is important to tame the beast.

For Linux or Solaris x86:

1. Configure ntp client and enable to start automatically on boot.

2. Install vmware-tools on the client and enable to run on boot as well.

3. Still on the client, add clock=pit in the line containing kernel of the grub configuration file (menu.lst). On some distributions, this should be clocksource=pit instead of clock=pit.

4. On the VM server, edit the client vmware config file (SOME_HOST.vmx) on the vmware server. Change "tools.syncTime" value from "FALSE" to "TRUE".

5. Reboot the client after making the above changes.

For Windows:

1. Install vm-tools on the client and enable the service to automatically start. A reboot is required after the install.

2. The vm-tools icon will appear on the system tray of the VM client. Right click on this icon and launch vm-tools.

3. Under the Options tab, tick "Time synchronization between the virtual machine and the host operating system." (see below). Click OK to accept the changes.

The above will keep the VM time in sync with the host OS.

Read More

REVIEW: WD Caviar Black 1TB WD1001FALS SATA II Drive

A few years back, having a hard drive that boasts 250GB of capacity is the bomb. To conform to uber standards computers need to have hundreds of gigabytes of storage. Nowadays the mention of gigabytes is a common thing, nothing out of the ordinary. Gigabyte is out.. Terabyte is in.

What we have for review is the Western Digital Caviar Black 1TB WD1001FALS desktop hard drive. It has a generous 32MB of cache which, as you may notice, is becoming quite common to desktop drives as well. How does this drive perform? Please allow us to share our experience.

In our review of the Seagate ST3640323AS 640GB, we found out that the cache and platter areal density contributes or influences the overall performance of the drive. The WD1001FALS has three (3) 334GB platters that allows the drive to reach the terabyte mark. Up 14GB from the quick Caviar SE16 product line.

The drive also features WD's StableTrac which according to the Western Digital website is:

StableTrac - The motor shaft is secured at both ends to reduce system-induced vibration and stabilize platters for accurate tracking, during read and write operations.

The WD1001FALS also has a dual processor system to maximize performance. See below how it performs under HD Tune.

It is good to see drives hitting average transfer rates above 100MB/s. The WD Caviar Black 1TB WD1001FALS goes over the watermark with ease, averaging close to 110MB/s. Judging from the graph, its performance is almost uniform from the beginning of the disk to the outer end.

The drive is also quite quick, which is apparent from the lower access times in the benchmark.

And one of the many aspects common to all desktop drives now is the lengthy five (5) year warranty. It seems every hard drive manufacturer is ever growing confident with the quality of their hard drives. True enough in the last few years I have experienced DOA drives but I have yet to experienced a drive give out mid-life. DOA means manufacturing or transport induced defects. On the other hand mid-life death is more likely due to wear and is expensive -- both to the end-user and to the manufacturer.

With desktop grade drives offering fast transfer speeds, healthy amounts of cache and about the same five-year warranty the aspect that would separate each from its competitors is its price. But in the Philippines the WD1001FALS sells for about PHP 1000 more than its 1TB competitors.

There must be something in the drive that warrants a price premium but it still stands as a puzzle to us what that is. If you think paying about $20 more for the same size, then go for it.

As said in the beginning of this review, gigabyte is out terabyte is in. The WD Caviar Black 1TB WD1001FALS has just that, and it will definitely pimp your rig!

Acknowledgments to my good friend Xavier Zulueta for the review of the WD1001FALS.

Read More

HOW-TO: Disable USB Storage Devices

IT infrastructure engineers install firewalls to protect the intra-net from outside. Mail filters on SMTP servers are there to protect users from SPAM. Anti-virus software are deployed to further boost protection on the workstation itself. Regardless of whatever software or hardware is put in place, it serves to beef up security.

One of the many open portals or backdoors that may compromise the infrastructure as a whole is the USB port. Why?.. because USB portable storage devices are probably the next best thing since sliced bread in the storage world -- portable, handly, concealable, you name it. As many as its advantages are its disadvantages. To secure the infrastructure, the access to the USB port needs to be restricted. But how?

A year ago 1GB seemed to be a lot, but 2GB is even frowned upon now. This topic is a bit old.. But still the threat is out there in the open. And the issue is still a hot topic for debate. There is a lengthy instruction on how this can be done but there is no concrete solution that permanently works. Even microsoft has published a lengthy procedure that outlines how this is done.

The procedure outlined in the microsoft KB article, suggests the denial of permissions on the two files responsible for the installation of drivers and services for USB storage functionality.

%SystemRoot%\Inf\Usbstor.pnf
%SystemRoot%\Inf\Usbstor.inf

The deny permission is important especially if the users are non-administrators. The mentioned files could also be renamed, but it needs to be noted so that the procedure can be reversed if need be.

Aside from the above, the registry needs to be checked for this key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR

The value for the data key "Start" should be set to 4 (or Disabled) from 3 (or Automatic). The value determines whether the driver is loaded or not when Windows starts. A reboot will be required after the changes.

But for a person who wants a click and go solution, one may want to try another utility to achieve the same purpose. You may download the utility from the author's website.

The click and go solution can also quickly reverse the procedure to enable USB storage devices. The only thing it cannot do is work around the required reboot.

Tighter security always sacrifices functionality. As usual, the goal is to strike a balance between the two. But when it comes to the balance and trade-offs, it is always a grey area.

Read More

HOW-TO: Reset Root Password (addendum)

It can happen to me.. to you.. or to one of your clients, where a machine will have to be worked on but the root password is somehow lost or forgotten. Pretty basic you might think, but you might be faced with this hurdle sooner than you think.

The above statements might already sound familiar to you. It is mentioned in the post tackling how to reset a forgotten root password. Still in the x86 realm, let us discuss how to reset the root password using a rescue CD (or DVD, if one exists).

As always, the best advice to give is: Do not panic. If the host has an optical drive, a good option is to use a rescue CD to reset the root password.

Reboot the host and set the BIOS to boot from the CD-ROM drive, save the settings and exit the BIOS. Make sure that the rescue disc in the drive as well.

Once the host is up, mount the root partition of the host. And edit the shadow file and leave root with a blank password.

# mount /dev/sda1 /mnt
# vi /mnt/etc/shadow

.. before:
root:$2a$10$Gw/SYEjxGEXnZESeW07sb.XdWB9VxDAnXC3SRUtpSwitb6EzkDwS.:14145::::::

.. after:
root::14145::::::

On some systems this works. And when you login as root, you will not be prompted for a password at all. So the best thing to do is set a root password as soon as the system reboots.

Another recommendation after mounting the root partition is to chroot to the mount point.

# mount /dev/sda1 /mnt
# chroot /mnt /bin/bash
# passwd
Changing password for root
New password:
Reenter New Password:
#

However, this does not work at all times. One of the errors encountered is like the message below:

# passwd
Changing password for root
New password:
Reenter New Password:
Cannot open /dev/urandom for reading: No such file or directory
Cannot create salt for blowfish crypt
Error: Password NOT changed.
passwd: Authentication token manipulation error

The above happens because the special file /dev/urandom (which is created at boot-up) does not exist in the chrooted environment. You may create the file using other binaries large enough to generate entropy for the crypt algorithms. And even a plain text file will do.

(execute this in the chrooted environment still)
# cp /etc/default/passwd /dev/urandom
# passwd
Changing password for root
New password:
Reenter New Password:
Password changed.

There you go. Two more ways to reset a forgotten root password. But with a rescue CD this time. If your distribution does not have a rescue CD, the first CD (or CD#1, the bootable CD) can be used instead. Boot to single-user or select rescue mode if available.

Read More

HOW-TO: Reset a Forgotten Root Password

It can happen to me.. to you.. or to one of your clients, where a machine will have to be worked on but the root password is somehow lost or forgotten. Pretty basic you might think, but you might be faced with this hurdle sooner than you think.

With the number of hosts to administer, the burgeoning problem of recalling passwords escalate. Discipline would entail putting passwords in a vault. But then again, human error factors in and this quick step was skipped. There are a number of different reasons to point to, but when faced with this scenario, what can one do?

Traditional wisdom will beckon you to reboot and go to the single-user mode. Let us discuss first how this is done.

In LILO, pass the parameter "single":

LILO: linux single

In GRUB, at the boot screen select the kernel and press "e" (to edit the entry) and select the second line containing the word kernel. Press "e" again to edit the line and append "single" to that line:

grub edit> kernel /boot/vmlinuz-x.x.x-x root=/dev/sda1 ro single

On many flavors of linux, the system will happily present you with a root shell to do your thing and change the root password. However, not all will happily oblige and still ask for the root password:

Give the root password for maintenance
(or type Control-D for normal startup):

When this happens, it is again back to square one. However, all is not lost. You may try to use a live CD (the steps to which we will discuss in another post). Assuming the host does not have an optical drive, try the procedure below.

A word of WARNING before proceeding. If you want to experiment on this, try it out on a development box or a virtual machine first. As a rule of thumb, when working on a production machine, have another pair of eyes on board.

Try passing the parameter "init=/bin/bash" instead of "single". What then does this do? It instructs the linux kernel to execute the shell bash (/bin/bash) instead of executing init. It does not give you much to work on as there services/daemons executed during startup were not executed, but it does give you a shell where the password can be reset.

LILO: linux init=/bin/bash

.. likewise, in grub:
grub edit> kernel /boot/vmlinuz-x.x.x-x root=/dev/sda1 ro init=/bin/bash

So if you have noticed, you get a root shell right out of boot-up. Unfortunately that is not yet enough to change the root password, as the filesystem is mounted read-only. Remedy this situation first.

# mount -o remount,rw /

Executing the above command will remount the root partition (/) read-write. We can now proceed in changing the root password. Now is the time to for proper discipline to kick in and note the new password in the vault.

Once done with the above, DO NOT REBOOT just yet. There are no safeguards in place to properly take the system down and the root partition was mounted read-write. Return it to its original state when it booted up -- a read only root partition.

# mount -o remount,ro /

Now the system can be rebooted or the reset button pressed.

Read More

REVIEW: Seagate ST3640323AS 640GB SATA II Hard Drive

Hard drives have become cheaper by the day. Bigger sizes, bigger caches, faster spindles, you name it.. On the perspective of cost, price per gigabyte has gone down and is continuously doing so. It would not be a surprise if another release of a bigger, better hard drive happens in the not so distant future.

We could not just escape the fact that the computer is only as fast as the slowest component. And on the desktop, the hard drive is undoubtedly the performance bottleneck. A RAID set-up might probably remedy the situation but not all desktops implement RAID systems.

Over time, I have had the opportunity to see the improvements of desktop grade drives, each generation gaining improvements over the previous one. Native Command Queuing (or NCQ), the SATA interface, faster spindles, bigger platter densities and parallel recording -- a few examples of the technological features that evolved. And experience tells me the areal density of the drive contributes a lot in its performance. Not only that, the cache also is a major influence.

I have the Seagate ST3640323AS Barracuda 640GB hard disk drive with me to test out. This drive has the second generation SATA interface and has a whopping 32MB of cache. The most outstanding feature of this drive is the 320GB platters used. Only this and the Western Digital Caviar SE16 WD6400AAKS (16MB cache) have this feature.

Please allow me to share my observations on the succession of Seagate Barracuda two-platter hard drives over the past few years. Let me start with the Barracuda ST3320620AS 320GB, with two 160GB platters drive.

.. the Barracuda ST3500320AS 500GB, with two 250GB platters.

.. and the Barracuda ST3640323AS 640GB, with two 320GB platters.

As seen from the measured averages of the drives, areal density and cache size contribute a lot to the performance of the drives. Each generation carries improvements over the previous.

As both drives feature 32MB caches, the only major difference between the 500GB ST3500320AS and the 640GB ST3640323AS Barracudas are the platter sizes -- 250GB and 320GB respectively. From this we can see the tremendous impact of increasing areal density of the platter, translating to about 8MB/s increase in transfer rate. In my standard that is a huge boost!

Owning the new generation Barracuda ST3640323AS does have its advantages. Retailing at around $90, does not disappoint either. It is affordable, fast and widely available.

At 640GB, it has more space for data and archives. Also, the ST3640323AS is backed with a 5yr warranty to add to its rich feature list.

Due to its high access time, it is not very suitable for use as boot disk. Although this impediment can be overcome by its fast transfer speed. Further tweaking, such as fine tuning cluster size and disabling of last access times, can improve performance.

The ST3640323AS will definitely pimp your rig!

Acknowledgments to my good friend Xavier Zulueta for the review of the drives.

Read More

FAQ: Workaround to Error Deleting File or Folder

"There’s No Such Thing As A Silly Question" -- does the cliche sound familiar? In this part of pimp-my-rig reloaded, technical questions are answered. Mail them to me and I will post the answers here. If you have a better answer, by all means share it with us.

FAQ: Have you ever tried to delete a folder or file and got prompted with the message "Error Deleting File or Folder"? No matter what you do it seems the file (or folder) could not be deleted. How do you delete the file or folder?

The pop-up window that prompts the error message above may be similar to the one below.

In the example above, I was trying to remove a folder named "Folder". After several retries, it would seem removing the folder is a hopeless case. Searching the internet, the recommendation(s) involve rebooting the machine to free up the locked file handles.

If this is on a production machine, rebooting it would be out of the question. Is there another workaround to such a scenario that does not require a bounce? The answer to this is "yes".

Download (visit website) a utility called "Unlocker". Install the software once download is complete.

Launch Windows Explorer and return to the path containing "Folder". Right click on the folder and choose Unlocker.

It will launch the software and show the applications that are currently accessing it with locks in place so as to prevent deletion. The application window is similar to the one below. As seen, applications msiexec.exe and explorer.exe has locked the path U:\Folder.

Toward the bottom right, change the drop down from "No action" to "Delete" (or "Move" or "Copy", as appropriate). Then highlight the process to unlock and click on the button "Unlock". Similarly, the "Unlock All" button can unlock all of the file handles each process listed has on Folder.

Upon success, Folder will have been deleted and moved to the Recycle Bin. Another window will have opened to notify the success of the operation.

There you go, Folder was deleted without having to bounce the host. Unlocker is a very useful tool to delete files or folders with locked file handles.

Read More

FAQ: More Secure Password-less SSH -- Windows to Linux

"There’s No Such Thing As A Silly Question" -- does the cliche sound familiar? In this part of pimp-my-rig reloaded, technical questions are answered. Mail them to me and I will post the answers here. If you have a better answer, by all means share it with us.

The password-less SSH procedure previously posted outlined the establishment of trusted logins from a Windows machine to a _nix machine. The set-up works and is very convinient to implement. However, it comes at the expense of security.

FAQ: Many would agree that an unprotected private key -- a private key with empty passphrase -- is less secure and thus exposes the account to a security threat. Not that this set-up is totally unsecure but once the private key is compromised, the account is completely vulnerable as access to it is open. Can we make the set-up a more secure then?

Protecting the private key with a passphrase is a very logical thing to do. Not only that, it is highly recommended especially on platforms or systems where security is a major concern. The private key then becomes useless without the passphrase to unlock it.

In order to accomplish this stunt, a similar set of software for the previous Windows to _nix password-less setup is required: putty.exe, puttygen.exe and pscp.exe, with the addition of pageant.exe. The tools mentioned can be downloaded off the author's website. Download the binaries enumerated.

Start off by launching puttygen.exe. This tool will generate the public and private key pairs needed for the password-less setup. This was done previously but this time, protect the private key with a passphrase. Press "Generate" and put a passphrase in the fields where it is required. Then, save the private and public keys.

Open putty.exe. Scroll down to Connection --> Data.. fill in the field "Auto-login username". For this example, the username used is "user" (fill this field with your username).

Scroll up to Session, fill up the necessary fields and save.

Open a command tool and using pscp.exe, copy the public key over to the home directory of user. The public key has to be translated to OpenSSH format, then has to be added to authorized_keys file.

user@host:~ > ssh-keygen -i -f PUBLIC_KEY >> $HOME/.ssh/authorized_keys

Now launch pageant.exe (or PuTTY authentication agent). No window will be opened but instead another icon will appear in the system tray. Right-click on this icon and select "Add Key" (see below).

Browse over to the path where the private key was saved. Key in the passphrase when prompted to do so.

(Skipping the above step will prompt the user for the password. When this happens, use the the password to the unix account not the passphrase to the private key.)

Right-click, again, on the pageant icon in the system tray and choose the session saved earlier in this guide. An ssh login will be initiated with the host without asking for a password.

There you go, a more secure password-less ssh from Windows to your _nix workstation. Access to the saved private key does not compromise security as it requires the passphrase to unlock the key. However, this introduces the dependence to pageant, where the passphrase is asked only once but password-less still.

Pageant will be void of keys each time it is launched. And, consequently, each time the private key is "added" to pageant, the passphrase will be asked to unlock the key.

Compare the password-less implementations and select which is easier, applicable and better suited for your use. Each has its own set of advantages and disadvantages.

Read More

FAQ: Password-less SSH -- Windows to Linux

"There’s No Such Thing As A Silly Question" -- does the cliche sound familiar? In this part of pimp-my-rig reloaded, technical questions are answered. Mail them to me and I will post the answers here. If you have a better answer, by all means share it with us.

Password-less SSH setups save time and hassle. It plays an important role especially when triggering scripts or copying files to a remote machine. Previous posts have outlined a few of the scenarios where the set-up can apply -- for the same account and for establishing trust between distinct accounts.

FAQ: There is another scenario where password-less ssh can apply. This scenario is very typical in support teams, as I have experienced, whereby a system administrator administers machines remotely from his Windows desktop. Can password-less ssh still apply?

Start off by downloading the necessary tools. For this trick to work, you will be needing the following software binaries: putty.exe, puttygen.exe and pscp.exe. The tools mentioned can be downloaded off the author's website. If you have them readily available, let us proceed.

Start off by launching puttygen.exe. This tool will generate the public and private key pairs needed for the password-less setup, similar to ssh-keygen.

Press "Generate" and help the software do its thing. Afterward, save the private and public keys. And when prompted with a warning for empty passphrase, confirm the save. As always, save the private key to a secure location, where only you can access it (as much as possible).

Open putty.exe. Scroll down to Connection --> Data.. fill in the field "Auto-login username". For this example, the username used is "user".

Scroll further down.. Under Connection --> SSH --> Auth. Point it to the path where the private key file was saved. This will be the private key to be used for password-less authentication.

Scroll up to Session, fill up the necessary fields and save.

Open a command tool and with pscp.exe, copy the public key over to the home directory of user. The public key has to be translated to OpenSSH format, then has to be added to authorized_keys file.

user@host:~ > ssh-keygen -i -f PUBLIC_KEY >> $HOME/.ssh/authorized_keys

Go back to putty.exe, load the saved session (double click the saved session) or click Open and see password-less ssh in action.

There you go. Password-less ssh from Windows to your _nix workstation. Give it a go and save yourself the hassle of presenting credentials again and again.

Read More

FAQ: Password-less SSH -- Two Distinct Accounts

"There’s No Such Thing As A Silly Question" -- does the cliche sound familiar? In this part of pimp-my-rig reloaded, technical questions are answered. Mail them to me and I will post the answers here. If you have a better answer, by all means share it with us.

FAQ: The previous FAQ outlined password-less ssh setup for a single account. Another scenario where password-less ssh can be set-up is on two distinct accounts. In this scenario, trust can be established one-way or two-way. Again, the question is: How can you set-up password-less ssh?

One-Way Trust. A very good application for this kind of set-up is one user account (username: user) and one application account (username: appl), where the user account is "trusted" by the application account.

Begin by generating the public and private key pair. Use ssh-keygen to generate keys. Just the same, do not use a passphrase for completely password-less logins to work.

user@host:~ > ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Created directory '/home/user/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
e8:3a:ad:11:d5:c5:89:7c:32:d6:3f:62:61:12:43:df user@host

You should be seeing the following files inside the .ssh directory (take note of the permissions):

user@host:~/.ssh > ls -la
total 17
drwx------ 2 user users  168 2008-09-09 14:42 .
drwxr-xr-x 9 user users  688 2008-09-09 14:34 ..
-rw-r--r-- 1 user users  622 2008-09-09 14:34 authorized_keys
-rw------- 1 user users 1675 2008-09-09 08:40 id_rsa
-rw-r--r-- 1 user users  396 2008-09-09 08:40 id_rsa.pub

With the public and private key pair generated, the contents of the public key (id_rsa.pub) need to be placed inside the authorized_keys file of the application account. First copy the public key over to the home directory of the application account (key in appl's password when asked):

user@host:~/.ssh > scp id_rsa.pub appl@remote:/home/appl
Password:
id_rsa.pub                                 100%  396     0.4KB/s   00:00

As user "appl", create the .ssh directory with permission 700 (drwx------). A safer and easier way to accomplish this is to generate the public and private key pair as well.

Then save the contents of user's public key to the authorized keys file.

appl@remote:~ > cat id_rsa.pub >> $HOME/.ssh/authorized_keys

On an initial set-up of password-less ssh the file id_rsa.pub can be copied to the file authorized_keys.

user@host:~ > cp id_rsa.pub $HOME/.ssh/authorized_keys

After doing the above steps, subsequent logins for user to appl (at host remote) will not ask for credentials. It will be password-less. One-way trust is established.

Two-Way Trust. As seen above one-way trust can be established by adding the contents of the user's public key to appl's authorized keys. To establish the two-way trust, appl's public key needs to be added to user's authorized keys -- the "reverse".

Generate a public and private key pair, if this has not been generated yet. Assuming that this was done in one of the steps above, all that needs to be done is to copy the public key to the home directory of user.

appl@remote:~/.ssh > scp id_rsa.pub user@host:/home/user
Password:
id_rsa.pub                                 100%  396     0.4KB/s   00:00

Likewise, save the contents of appl's public key to the authorized keys file.

user@host:~ > cat id_rsa.pub >> $HOME/.ssh/authorized_keys

Accomplishing the above steps establishes two-way trust between user and appl. If the accounts are in NIS (auto_home) or a centralized network share for home directories, trust between the accounts can be established from any machine.

In the next FAQ, the steps on password-less ssh from your Windows machine to your _nix machine will be outlined.

Read More

FAQ: Setup Password-less SSH

"There’s No Such Thing As A Silly Question" -- does the cliche sound familiar? In this part of pimp-my-rig reloaded, technical questions are answered. Mail them to me and I will post the answers here. If you have a better answer, by all means share it with us.

FAQ: The age of the use of telnet has gone past. Although it is still used in some applications, ssh seems to have become standard in remotely accessing hosts. However, trying to remotely access another machine (as yourself), you will be asked to present your credentials. This happens again and again. How then can you set-up password-less ssh?

There are several scenarios for password-less ssh. But this FAQ will only cover password-less remote access as the same user (or as yourself).

Begin by accessing a host using your own credentials. Check if the directory $HOME/.ssh already exists. If it exists, ensure that the directory permission is 700 (dwrx------). Otherwise, there is no need to worry as the directory will be created later with the proper permission.

Use ssh-keygen to generate your very own public and private key pair. Do not use a passphrase for completely password-less logins to work.

user@host:~ > ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Created directory '/home/user/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
e8:3a:ad:11:d5:c5:89:7c:32:d6:3f:62:61:12:43:df user@host

The above command "ssh-keygen -t rsa" initiated the creation of the key pair. The private key was saved in .ssh/id_rsa. This file is read-only and only for you. No one else must see the content of that file, as it is used to decrypt all correspondence encrypted with the public key, which is aptly named .ssh/id_rsa.pub.

NOTE: Generate the key pair file only once. Otherwise, subsequent re-generations of the key pair will invalidate other password-less set-ups already working for you.

With the public and private key pair generated, the contents of the public key (id_rsa.pub) need to be placed inside the authorized_keys file.

user@host:~/.ssh > cat id_rsa.pub >> authorized_keys

On an initial set-up of password-less ssh the file id_rsa.pub can be copied to the file authorized_keys.

user@host:~/.ssh > cp id_rsa.pub authorized_keys

After doing the above steps, subsequent logins will not ask for credentials. It will be password-less.

Aside from sparing yourself from the hassle of being asked a password for each login, password-less ssh can be deployed and has proven to be advantageous in a lot of situations.

In the next FAQ, the steps on password-less ssh for different users and/or different machines will be outlined.

Read More

HOW-TO: Mount ISO Images

There are a million reasons (perhaps exaggerated, but you get the point) why you should mount an ISO file. To name one, access to the harddrive is way faster than access to the optical drive. Another would be, not all hosts have optical drives or access to the physical host is restricted. Or perhaps, the device can read optical media but could not "burn" or write to it. And the list goes on but the fact of the matter is: the optical drive is rarely used, if at all.

Windows has virtual CD/DVD drives and most of these add-on software(s) are free. How about in the _nix platforms? Do the machines need virtual devices? Are the software(s) free as well? How are they installed? These questions are only a few that need answers. Perhaps discussing the process will, in turn, directly address the questions.

Linux. In Linux, ISO images are mounted via the loop device. It makes possible to specify transfer functions like encryption or decryption, compression or other purposes using loop device driver.

As super-user or root, create the directory to be used as mount point.

root@host # mkdir /SOME/PATH

Mount the ISO image like below.

root@host # mount -o loop /PATH/TO/IMAGE.iso /SOME/PATH

The ISO image (IMAGE.iso) can now be accessed under /SOME/PATH.

To unmount the image, the usual unmount command can be run.

root@host # umount /SOME/PATH

Solaris. Solaris, just like linux has a loopback device "lofi" - the loopback file driver. The lofi file driver exports a file as a block device, making it possible for the system to read and write to the device (or to the underlying file related to the device).

With the ISO image exported as a block device, the lofi file driver allows normal system utilities like mount to operate on the image. The exported block device of the ISO image can now be mounted, accessing the ISO image.

From Sun online documentation:

  The tool lofiadm administers lofi(7D), the loopback file driver. lofi(7D) allows a file to be associated with a block device. That file can then be accessed through the block device. This is useful when the file contains an image of some filesystem (such as a floppy or CD-ROM image), because the block device can then be used with the normal system utilities for mounting, checking or repairing filesystems. See fsck(1M) and mount(1M).

  Use lofiadm to add a file as a loopback device, remove such an association, or print information about the current associations. 

  The lofi(7D) driver is not available and will not work inside a zone.

First, create the block device using lofiadm.

root@host # lofiadm -a /PATH/TO/IMAGE.iso
/dev/lofi/1

In running the above command, lofiadm picks the device and prints the device name to the standard output. The absolute path to IMAGE.iso must be given -- /PATH/TO/IMAGE.iso. Otherwise, lofiadm will return an error.

You can run lofiadm alone to list the devices.

root@host # lofiadm
Block Device     File                           Options
/dev/lofi/1      /PATH/TO/IMAGE.iso             -

With the block device (/dev/lofi/1) created, it could now be mounted.

root@host # mount -F hsfs -o ro /dev/lofi/1 /mnt

The above creation and mouting can be executed in a single command.

root@host # mount -F hsfs -o ro `lofiadm -a /PATH/TO/IMAGE.iso` /SOME/PATH

Unmounting the device is similar to unmounting in Linux. Very straightforward. After unmount has executed, the lofi block device still exists and, if desired, can be deleted. Execution of standalone lofiadm on the command line will show which block device to delete. In this example, there is only one block device /dev/lofi/1.

root@host # lofiadm -d /dev/lofi/1

There are a lot of advantages in mounting an ISO image in both Solaris and Linux. And best of all, there is no need to install additional software as the system itself has the necessary tools to make it possible. There goes the answer.

Read More

HOW-TO: Mount USB Thumbdrives in Solaris

USB thumbdrives have become mainstream. And most of the portable tools and utilities are stored in them. This is true for both Windows and Unix/Linux. But I recently was asked a question on how to mount USB thumbdrives in Solaris. Indeed, how is a thumbdrive mounted in Solaris?

Aside from the knowledge of mounting the USB thumbdrive, a more important question arises -- where is it mounted? These questions presume that Solaris supports thumbdrives and indeed it does, as we shall see in a bit.

Mount the USB thumbdrive. USB thumbdrives are emulated as SCSI hot-plug devices. They are under the control of the Solaris Volume Management daemon "vold". The same daemon is responsible for the floppy and CD/DVD optical devices.

Plug the drive to the USB port. Become super-user (root) or a privileged user (via sudo). The rest of the commands need elevated privileges. To check if the USB thumbdrive is detected, use cfgadm.

root@host # cfgadm
...
...
usb0/2.0 usb-storage connected configured ok
...
...

The output above confirms that the USB thumbdrive is properly detected by the system.

The directory /rmdisk does not exist on a Solaris system by default. So it needs to be created.

root@host # mkdir /rmdisk

With the /rmdisk directory existing vold needs to be restarted, if it is started.

root@host # pkill -HUP vold

.. or started, if disabled.

» for Solaris 10

root@host # /etc/init.d/volmgt start

» for older Solaris versions

root@host # /etc/init.d/vold start

Verify that the device is found by vold.

root@host # volcheck -v
media was found

The USB thumbdrive is now mounted in /rmdisk/rmdisk0.

Unmount the USB thumbdrive. Just like in Windows, the thumbdrive needs to be unplugged or unmounted properly.

To unmount the thumbdrive, run the command below:

root@host # volrmmount -e rmdisk0

Verify that the device is no longer detected by the system.

root@host # volcheck -v
no media was found

There you go, the mounting and unmounting of a USB thumbdrive in Solaris. I hope this post answers the questions you may have about thumbdrives in Solaris.

Thumbdrives can be useful in Solaris as well.

Read More

FAQ: BIOS Detects 1066MHz Memory At Only 800MHz

"There’s No Such Thing As A Silly Question" -- does the cliche sound familiar? In this part of pimp-my-rig reloaded, technical questions are answered. Mail them to me and I will post the answers here. If you have a better answer, by all means share it with us.

FAQ: A friend of mine recently bought a OCZ 2x1GB DDR2-1066 dual channel kit for his GA-MA78GPM-DS2H motherboard with an AMD X2 AM2 processor. He got surprised when he got home, plugged the memory in the motherboard and powered it up. How come the BIOS detects it as only DDR2-800?

According to AMD's specification sheets, the AM2 processor has a 144-bit integrated memory controller (or IMC) that operates at 400MHz (800MHz effective at double dynamic rate or DDR).

Refer to the document above for the specification (or the screenshot of its image). It explains why the BIOS detects only 800MHz memory.

Do not fret, overclocking the processor can fully utilize the 1066MHz capability of the memory without over-stressing it. That is exactly what overclockers do: Buy fast memory in order to better overclock the processor eliminating the memory as bottleneck and extend the mileage.

If not into overclocking, obtaining a modern Phenom or X3 in place of the X2 will properly detect the memory at 1066MHz. With the recent price cuts, the higher tier processors just became more within reach.

Read More

HOW-TO: Replace Failed Drives Under SDS

In order to protect the operating system, avoid serious downtime, and most of all save previous man-hours, implementing RAID 1 (or mirror) using SDS was a very viable solution. Not only that, the solution is quick to execute and with considerable success at that.

There are a lot of reasons disks and partitions fail. But when this happens, it should be attended as risks for possible catastrophic downtime mounts. Before replacing disks suspected of failure, that failure has to be verified. What are the symptoms? How are they diagnosed? Answers to the two important questions are equally as important.

Symptoms of Disk Failure. There are several indications of a failing or failed disk. More often than not, a combination of the following logs, errors or outputs may confirm the disk failure.

» Utilities such as iostat can confirm the failure.

root@host # iostat -En cxtxdx

The parameter to watch out would be "Hard Errors". On a failing disk the count on this parameter would be greater than 0 (and increasing).

» Log files should also the failure symptoms. Messages such as ones below should be in the /var/adm/messages.

md_stripe: [ID 641072 kern.warning] WARNING: md: d5: read error on /dev/dsk/c0t1d0s5
md_mirror: [ID 104909 kern.warning] WARNING: md: d5: /dev/dsk/c0t1d0s5 needs maintenance

» The format output can confirm the failure. As seen below, the disk could not be recognized by the system.

AVAILABLE DISK SELECTIONS:
       0. c0t0d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424>
          /pci@1e,600000/pci@0/pci@a/pci@0/pci@8/scsi@1/sd@0,0
       1. c0t1d0 <drive type unknown>
          /pci@1e,600000/pci@0/pci@a/pci@0/pci@8/scsi@1/sd@1,0

» The SDS binary metastat can show the symptom as well.

root@host # metastat d5
d5: Mirror
    Submirror 0: d15
      State: Okay         
    Submirror 1: d25
      State: Needs maintenance 
...
d25: Submirror of d5
    State: Needs maintenance
    Invoke: metareplace -e d25 c0t1d0s5
...

There could be several scenarios that may arise. Assuming the worst possible scenario the failed disk has to be replaced. Follow along as the following procedure tackes just that.

Partial Disk Failure. Partial disk failure is characterized by a combination of Hard Errors, logged messages and metastat maintenance flag.

[1] Delete any state database replicas from the failed disk. A "W" in metadb output indicates replica device write errors.

root@host # metadb
        flags           first blk       block count
     a m  p  luo        16              8192            /dev/dsk/c0t0d0s7
     a    p  luo        8208            8192            /dev/dsk/c0t0d0s7
      W   p  l          16              8192            /dev/dsk/c0t1d0s7
      W   p  l          8208            8192            /dev/dsk/c0t1d0s7

root@host # metadb -d /dev/dsk/c0t1d0s7
root@host # metadb
        flags           first blk       block count
     a m  p  luo        16              8192            /dev/dsk/c0t0d0s7
     a    p  luo        8208            8192            /dev/dsk/c0t0d0s7

[2] The metadevice that is still in "okay" state should be detached from the mirror. (Assuming metadevice d0 is still in "okay" state.)

root@host # metadetach d0 d20
d0: submirror d20 is detached

[3] Replace the failed disk. In this example, the secondary disk at c0t1d0.

[4] Replicate the partition table of the primary disk to the secondary disk.

root@host # prtvtoc /dev/rdsk/c0t0d0s2 | fmthard -s - /dev/rdsk/c0t1d0s2

[5] Re-create the state databases. The state database has to exist in the new secondary disk as well.

root@host # metadb -a -c2 /dev/dsk/c0t1d0s7

[6] Run metareplace on the partitions that the "Needs Maintenance" flag (as shown above).

root@host # metareplace -e d21 c0t1d0s1
root@host # metareplace -e d24 c0t1d0s4
...

[7] Re-attach the detached mirror.

root@host # metattach d0 d20

Full Disk Failure. Full disk failure is confirmed by the output of format. The other characteristics would also be present.

[1] Delete the state databases of the failed disk.

[2] Replace the failed disk.

[3] Duplicate the partition table to the new disk.

[4] Re-create the state databases.

[5] Synchronize the mirrors using metareplace.

Monitor the Re-Synchronization. Re-synchronization of the mirrors can be monitored via metastat.

For Solaris 10, an extra step needs to be executed. The OS needs to be notified of the disk change.

root@host # metadevadm -u c0t1d0
Updating SLVM device relocation information for c0t1d0.

A variation of the preceding command can be done using the full pathname. It achieves the same purpose.

root@host # metadevadm -u /dev/dsk/c0t1d0
Updating SLVM device relocation information for c0t1d0.

Read More

HOW-TO: Mirror Boot Drives Using SDS

Making use of RAID (Redundant Array of Independent Disks) is a logical thing to do, especially in implementation of architectures for data sensitive systems, especially servers. Another reason is avoid downtime in the event of a failure of a boot disk or the disk that stores the operating system. The latter is what this post wants to outline -- mirroring boot drives using SDS.

RAID 1 or mirroring can be cheaply implemented using software mirroring. That is built into the operating system and will not require additional hardware. Solaris used to call this software the Solaris Disk Suite (or SDS) and is now built into the latest Solaris 10 as Solaris Volume Manager (or SVM). Regardless of whichever name, it refers to the same thing. Let us discuss the same implementation of SDS/SVM.

Prepare the Drives. SDS uses metadevice state databases to store information on disk about the state of your DiskSuite configuration. The metadevice state database records and tracks changes made to your configuration. These databases must reside on a dedicated slice (in the case of a boot drive). I typically leave a small amount of unused space on the boot drive when installing Solaris for these databases. That is, I leave at least one unused slice with approximately 5 MB of free space available for SDS when installing Solaris.

If you do not have any unused space and you have an unused slice, then you may borrow space from swap. See documentation from Sun to perform this step. I recommend using this procedure in single user mode. However, I have been able to successfully perform these steps on idle systems (multi-user but not running applications) where there is no swapping being performed. In abbreviated terms:

* lists the swap devices configured on the system:

root@host # swap -l
swapfile             dev  swaplo blocks   free
/dev/dsk/c0d0d0s1   29,0       8 1638608  1638608

* Disable the swap:

root@host # swap -d /dev/dsk/c0t0d0s1

* repartition swap device to exclude at least 5 MB of sector space. Partition these sectors on an unused slice using the format command:

root@host # format

Use format command to select the boot disk and create the slice that will hold the state database. The output from format of my boot disk looks like the following. I have the following filesystems carved: /, swap, /var, /opt, and /export/home

Part      Tag    Flag     Cylinders        Size            Blocks
  0       root    wm       0 - 1392        3.13GB    (1393/0/0)  6563816
  1       swap    wu    1393 - 3131        3.91GB    (1739/0/0)  8194168
  2     backup    wm       0 - 7505       16.86GB    (7506/0/0) 35368272
  3        var    wm    3132 - 4870        3.91GB    (1739/0/0)  8194168
  4 unassigned    wm    4871 - 5740        1.95GB    (870/0/0)   4099440
  5       home    wm    5741 - 7479        3.91GB    (1739/0/0)  8194168
  6 unassigned    wm       0               0         (0/0/0)           0
  7 unassigned    wm       0               0         (0/0/0)           0

Notice that slice 6 and 7 are unassigned and also there are 26 unused cylinders (7480 to 7505).

* create the dedicated slice for the state databases (common convention uses slice 7):

partition> 7
Part      Tag    Flag     Cylinders        Size            Blocks
  7 unassigned    wm    7480 - 7504       57.52MB    (25/0/0)     117800
 
Enter partition id tag[unassigned]: 
Enter partition permission flags[wm]: 
Enter new starting cyl[0]: 7480
Enter partition size[117800b, 25c, 57.52mb, 0.06gb]: 57.52mb
partition> p
Current partition table (unnamed):
Total disk cylinders available: 7506 + 2 (reserved cylinders)
 
Part      Tag    Flag     Cylinders        Size            Blocks
  0       root    wm       0 - 1392        3.13GB    (1393/0/0)  6563816
  1       swap    wu    1393 - 3131        3.91GB    (1739/0/0)  8194168
  2     backup    wm       0 - 7505       16.86GB    (7506/0/0) 35368272
  3        var    wm    3132 - 4870        3.91GB    (1739/0/0)  8194168
  4 unassigned    wm    4871 - 5740        1.95GB    (870/0/0)   4099440
  5       home    wm    5741 - 7479        3.91GB    (1739/0/0)  8194168
  6 unassigned    wm       0               0         (0/0/0)           0
  7 unassigned    wm    7480 - 7505       57.52MB    (26/0/0)     122512
 
partition> label
Ready to label disk, continue? y

* after partitioning, re-enable Swap

root@host # swap -a /dev/dsk/c0t0d0s1

* format the mirror drive in the same manner as the primary. There is no need to run format to make this happen as there is a much faster way.

root@host # prtvtoc /dev/rdsk/c0t0d0s2 | fmthard -s - /dev/rdsk/c0t8d0s2
fmthard: New volume table of contents now in place

In this case c0t0d0s2 is the boot drive and c0t8d0s2 is the mirror. Notice that it is on the same controller. You should try to mirror drives across different controllers if at all possible. Basically, the fmthard command takes the partition table of the boot disk and replicates it to the mirror drive. Use the format command to verify that the partitions are exactly identical.

Configure Solstice Disk Suite. With the drives properly sliced or partitioned, it is time to configure SDS.

[1] Create at least 2 state database replicas on each disk. A state database replica stores DiskSuite configuration and state information. Before you can use DiskSuite, you must create state database replicas.

root@host # metadb -a -f -c2 /dev/dsk/c0t0d0s7 /dev/dsk/c0t8d0s7

Where -a means adding; -f means force because this is the first time creating databases; and -c 2 means create 2 databases in each slice.

[2] Create the mirror for / filesystem. Here, we are creating a one-way mirror which for the time being is composed of 1 drive. Later we will attach the second drive to the mirror. The metainit command defines the metadevices that the mirror will use. The device numbers (d##) are arbitrary.

root@host # metainit -f d10 1 1 c0t0d0s0
root@host # metainit d20 1 1 c0t8d0s0
root@host # metainit d0 -m d10

Take a look at your /etc/vfstab and notice that the / filesystem will be mounted on /dev/md/dsk rather than /dev/dsk.

[3] Update the /etc/vfstab for / filesystem and /etc/system. Do not try to edit /etc/vfstab or /etc/system manually. Use the metaroot command:

root@host # metaroot d0

Solstice Disk Suite has the following rules with respect to the use of database replicas:
» The system will not boot unless more than half of the replicas are available
» The system will panic if more than half of the replicas are corrupt

In other words, if one of your drives fail, and the system is rebooted for any reason (hardware/software/human error), the system will not automatically boot in a two disk mirror configuration. The system will have to be brought to single user mode where the broken replicas can be removed to pass the quorum rule (more than half the replicas must be available). Fortunately, you can disable the feature by setting the following system parameter:

root@host # echo "set md:mirrored_root_flag=1" >> /etc/system

It is recommended to set this parameter in a 2 disk mirror configuration to ensure that the system boots with a failed drive.

[4] Create the mirror for all other filesystems:

» for swap:
root@host # metainit -f d11 1 1 c0t0d0s1
root@host # metainit d21 1 1 c0t8d0s1
root@host # metainit d1 -m d11
» for /var filesystem:
root@host # metainit -f d12 1 1 c0t0d0s3
root@host # metainit d22 1 1 c0t8d0s3
root@host # metainit d2 -m d12
» for /opt filesystem:
root@host # metainit -f d13 1 1 c0t0d0s4
root@host # metainit d23 1 1 c0t8d0s4
root@host # metainit d3 -m d13
» for /export/home filesystem:
root@host # metainit -f d14 1 1 c0t0d0s5
root@host # metainit d24 1 1 c0t8d0s5
root@host # metainit d4 -m d14

[5] Edit the /etc/vfstab to mount the new mirrors on boot. In order to put safeguards in place, make sure to take a backup copy of the file /etc/vfstab.

The /etc/vfstab prior to edits:

#device         device          mount           FS      fsck    mount   mount
#to mount       to fsck         point           type    pass    at boot options
#
#/dev/dsk/c1d0s2 /dev/rdsk/c1d0s2 /usr          ufs     1       yes     -
fd      -       /dev/fd fd      -       no      -
/proc   -       /proc   proc    -       no      -
/dev/dsk/c0t0d0s1       -       -       swap    -       no      -
/dev/md/dsk/d30 /dev/md/rdsk/d30        /       ufs     1       no      -
/dev/dsk/c0t0d0s3       /dev/rdsk/c0t0d0s3      /var    ufs     1       no      -
/dev/dsk/c0t0d0s5       /dev/rdsk/c0t0d0s5      /export/home    ufs     2       yes     -
/dev/dsk/c0t0d0s4       /dev/rdsk/c0t0d0s4      /opt    ufs     2       yes     -
swap    -       /tmp    tmpfs   -       yes     -

The /etc/vfstab after edits:

#device         device          mount           FS      fsck    mount   mount
#to mount       to fsck         point           type    pass    at boot options
#
#/dev/dsk/c1d0s2 /dev/rdsk/c1d0s2 /usr          ufs     1       yes     -
FD      -       /dev/fd fd      -       no      -
/proc   -       /proc   proc    -       no      -
/dev/md/dsk/d1 -       -       swap    -       no      -
/dev/md/dsk/d0 /dev/md/rdsk/d0        /       ufs     1       no      -
/dev/md/dsk/d2 /dev/md/rdsk/d2        /var    ufs     1       no      -
/dev/md/dsk/d4 /dev/md/rdsk/d4        /export/home    ufs     2       yes
-
/dev/md/dsk/d3 /dev/md/rdsk/d3        /opt    ufs     2       yes     -
swap    -       /tmp    tmpfs   -       yes     -

[6] (OPTIONAL) Suppress harmless warning messages
Typically, after a SDS install, you will receive the harmless but annoying messages on boot-up: "WARNING: forceload of misc/md_hotspares failed". This is a nuisance, so I typically suppress them by creating an empty hot spare pool:

# metainit hsp001

[7] Reboot and allow the system to mount the mirrors.

root@host # init 6

Ignore the following errors on boot. Suns reason for these errors: "These warnings are harmless, and may be ignored. They are an artifact of the way drivers are loaded during the boot process when you have a mirrored root or /usr file system."
WARNING: forceload of misc/md_trans failed
WARNING: forceload of misc/md_raid failed
WARNING: forceload of misc/md_hotspares failed

[8] Attach the second submirror to the mirror. This will cause the data from the boot disk to be synchronized with the mirrored drive.

# metattach d0 d20
# metattach d1 d21
# metattach d2 d22
# metattach d3 d23
# metattach d4 d24

Use metastat to track progress

# metastat d0

d0: Mirror
    Submirror 0: d10
      State: Okay
    Submirror 1: d20
      State: Resyncing
    Resync in progress: 21 % done
    Pass: 1
    Read option: roundrobin (default)
    Write option: parallel (default)
    Size: 6563816 blocks
...

[9] Notify the system of the change in the dump device.

root@host # dumpadm -d /dev/md/dsk/d1

[10] Enable the mirror disk to be bootable:

# installboot /usr/platform/`uname -i`/lib/fs/ufs/bootblk /dev/rdsk/c0t8d0s0

Set nvram and reboot system to verify system will boot

# eeprom "boot-device=disk0 disk1"
# eeprom use-nvramrc?=false

NOTE: You can set this at the boot prom if you like. Use the devalias and setenv command. In case of primary boot disk failure, boot from the alternate disk:

ok  boot mirror

Stay tuned for the next guide on how to replace a failed mirror drive.

Read More