Red Hat Linux Networking , System Administration (P32) potx

Anunresponsive modem is especially common with PCI modem cards, which typ-ically do not use COM1 /dev/ttyS0 or COM2 /dev/ttyS1 by default.For example, suppose dmesg | grep ttyS shows the

One example of a resource conflict is that your modem and some otherdevice share an interrupt COM1 (/dev/ttyS0) and COM3 (/dev/ttyS3) try

to share the same interrupt unless told otherwise Eliminate the conflict by ting a jumper for one of the devices that causes it to use another IRQ Next, useminicomto see if you can communicate with the modem The following Webpages help you configure a PPP connection:

set-■■ Client-Tips.html

redhat.com/support/docs/tips/PPP-Client-Tips/PPP-■■ redhat.com/support/docs/tips/Network-Config-Tips/Network-Config-Tips.html

If setserial shows your modem’s UART as unknown, as you see in thefollowing example, the kernel has not detected your serial port or the modemattached to it:

/dev/ttyS2, UART: unknown, Port: 0x03f8, IRQ: 10

This problem usually occurs because your PC’s BIOS is set up to expect aplug-and-play (PnP) operating system To solve the problem, reboot the PCand, as it powers up, press the key that permits you to access the system’sBIOS Typically, this is a function key, such as F2, but the exact key depends onyour PC’s BIOS In the setup screen, locate the option for PnP operating system(often labeled Plug & Play O/S) and turn off that option Then save the BIOSsettings and exit Doing so causes the PC to reboot This time, when Red HatLinux boots, the kernel should be able to detect the PC’s serial port correctly

If your serial ports are correctly detected, but the modem does not respond,make sure that /dev/modem is linked to the proper device file in /dev Anunresponsive modem is especially common with PCI modem cards, which typ-ically do not use COM1 (/dev/ttyS0) or COM2 (/dev/ttyS1) by default.For example, suppose dmesg | grep ttyS shows the following:

ttyS02 at port 0x6800 (irq = 10) is a 16550A

In this case, execute the following command to make sure that /dev/modem

is linked to the proper device file:

# ln -sf /dev/ttyS2 /dev/modem

If your modem does not appear to be detected, use the Windows DeviceManager to obtain the modem’s IRQ and I/O address, and compare those val-ues to the values the setserial command reports for that port

At present, some modems simply do not work with Linux These are so-called “WinModems,” which, in order to function, rely on the Windows

operating system and a special, Windows-specific device driver WinModems,

also called software modems, rely on a device driver, rather than hardware, to

function Don’t despair, you may still be able to use your WinModem You cansearch for your modem at http://linmodems.org to see if there is a Linuxdriver available If there is, you can download, install, and configure it usingthe instructions provided at the Linmodem site If you can’t find you modemlisted there, or if it is listed as unsupported, your only recourse is to replace themodem with a hardware modem or one that is listed as supported on the Lin-modem site

If you can connect to your ISP but are unable to surf the Web, or if your fox complains that it cannot connect to remote hosts, the problem is most likelyunconfigured or misconfigured Domain Name Server (DNS) information Youneed to specify your ISP’s DNS servers in the /etc/resolv.conf file Con-tact your ISP for this information and edit the file to include those settings Forexample:

Fire-search example.com nameserver 24.8.89.15 nameserver 24.8.89.16

The Boot Process Hangs

A network problem exists if your system boots but then seems to hang whenstarting sendmail, the Sendmail daemon; httpd, the Apache Web server dae-mon; or smb, the Samba daemon The most common cause is that Linux cannotresolve the host name to an IP address The apparent hang is a pause while the

kernel waits for the name resolver to time out; the boot process will eventually

complete To solve this problem, wait until you can log in, then log in as root toinvestigate and solve the problem If you are attached directly to a networkwith a functioning DNS server, make sure that the file /etc/resolv.confhas the correct values for your system’s DNS server(s) Make sure that the val-ues are correct If you are using Red Hat Linux on a system attached to a net-work without a DNS server, or if your Red Hat system is destined to be theDNS server, edit the /etc/hosts file and insert your system’s IPaddress andname to have the hostname and IP address so that the lookups occur correctly.The format of the /etc/hosts file is:

Using Two Ethernet Cards

To use two Ethernet cards in your Red Hat Linux system, first ensure that bothcards are supported Next, if the two cards use different drivers, you need toset up the second network interface and edit the /etc/modules.conf file toload the proper driver for the second card If the two cards use the same dri-ver, you may need to recompile your kernel, but several modules now allowfor multiple cards It may be that you just need to use boot arguments, such as:boot: linux ether=11,0x300,eth0 ether=5,0x340,eth1

This option can be made permanent so that you do not have to reenter itevery time your system boots See the GRUB configuration option append= inthe grub.conf man page The Ethernet HOWTO is an excellent source ofinformation for configuring multiple Ethernet cards in the same system It can

be found at.redhat.com/mirrors/LDP/HOWTO/Ethernet-HOWTO.html

Solving NFS Problems

In addition to performance degradation, you might encounter other problemswith NFS that require resolution This section discusses some of the typical dif-ficulties system administrators have with NFS and how to resolve them Thesetips are only a starting point

N OT E The Linux NFS-HOWTO on the NFS Web page at http://nfs.

sourcefource.net/nfs-howto/dedicates an entire section to troubleshooting NFS.

First up are apparent problems that, in reality, are red herrings Log sages resembling the following are annoying but harmless:

mes-kernel: fh_verify: bubba/users: permission failure, acc=4, error=13 kernel: nfs: server localhost not responding, still trying

kernel: nfs: task 18273 can’t get a request slot kernel: nfs: localhost OK

nfslock: rpc.lockd startup failed kmem_create: forcing word size alignment - nfs_fh

The first message occurs when the NFS setattr() RPC call fails because

an NFS client is attempting to access a file to which it does not have access.This message is harmless, but many such log entries might indicate a system-atic attempt to compromise the system

The next three messages represent client attempts to contact the NFS serverthat are timing out When such timeouts occur, the NFS client reduces the

number of concurrent requests it sends to avoid overloading the server, whichresults in these messages Although such messages are usually harmless, ifthey persist, you might want to investigate possible saturation of the network

or the NFS server

The rpc.lockd startup failure message almost always occurs when olderNFS startup scripts try to start newer versions of rpc.lockd manually; theseattempts fail because the kernel NFS server daemon, knfsd, starts the lockingdaemon automatically To make the failure message go away, edit the startupscripts and remove statements that attempt to start lockd manually The finalerror message occurs if the kernel detects that an NFS file handle is 16 bits,rather than 32 bits or a multiple thereof

Would that all error messages were as harmless as these! A log messageresembling the following, while not dire, demands timely attention:

nfs warning: mount version older than kernel

This message means exactly what it says: the version of the mount mand that you are using is older than the kernel version So, the solution is toupgrade the mount package so mount can recognize any additional options orfeatures of the new kernel

com-If you transfer very large files via NFS, and NFS eats all of the available CPUcycles, causing the server to respond at a glacial pace, you are probably running

an older version of the kernel that has problems with the fsync() system callthat accumulates disk syncs before flushing the buffers This issue, primarily aproblem with 2.2 kernels and early 2.4 kernels, is reportedly fixed in newer 2.4kernel releases, so upgrading your kernel might solve the problem

Similarly, if you execute commands on an NFS exported file system that donot result in large data transfers from server to client (such as an ls command)and have no problem, but then nevertheless cause severe response problemswith large data transfers (such as a cp command), you may be using rsize= orwsize=parameters on the client that are larger than the rsize= or wsize=parameters on the server Reduce these values on the client side to see if perfor-mance recovers Also make sure that the firewall for the client and the serverpermits fragmented packets to pass through NFS uses packet fragmentation, sofirewalls that deny or drop fragmented packets force constant retransmission ofdata Reportedly, this is especially a problem on Linux systems still using the 2.2packet filter, ipchains Either switch to iptables or rewrite the ipchains filters toaccept fragmented packets; performance should improve almost immediately

If you are unable to see files on a mounted file system, check the followingitems:

1 Make sure that the file system is, in fact, mounted If the file system is

not mounted, mount it Use one of the following commands to verifythat the file system is mounted:

Troubleshooting and Problem Solving 897

# cat /proc/mounts

# mount -f

2 If the file system is mounted, make sure that another file system is notmounted on top of it If you have layered a file system on top of anexport, unmount and remount both, making sure to mount them onseparate mount points

3 Make sure the client has read privileges to the specified files by ing the file system permissions on the server, the client’s mount point,and that the mount options in /etc/fstab or specified on the com-mand line are correct on the client

verify-If you cannot mount an exported directory, the most common error sage is:

mes-mount failed, reason given by server: Permission denied

This error message means that the server thinks the client does not haveaccess to the specified export In this case, do one or more of the following:

■■ Review the export specifications in /etc/exports on the server, ing sure that they are correct and that the client is mounting the exportthe same way it is exported For example, an NFS client cannot mount

mak-an exported directory read/write (the -o rw option to the mount mand) if that directory is exported from the server read-only (using the-o rooption to the mount command)

com-■■ On the server, execute the following command:

# exportfs -arThis command makes sure that any changes made to /etc/exportssince the exports were first exported are updated in the server’s exportstable and propagated out to NFS clients

Look at the contents of /var/lib/nfs/xtab to review the complete list ofall of the export options applied to a given export If they are incorrect, edit/etc/exportsaccordingly and then rerun the exportfs -ar command toupdate the server’s export table with the proper options

Exploring Miscellaneous Problems

The tips suggested in this section address some problems and challenges youmight face when booting your system, installing on a laptop, and using the XWindow system with Fedora Core and Red Hat Enterprise Linux

Solving Boot Problems

If you try to shut down or reboot your Red Hat system using the commandsreboot, halt, shutdown -r now, or shutdown -h now and the shutdownprocess starts to execute correctly but then the display blanks and the systemhangs, the only way to recover is to power cycle the system and then try some

of the following workarounds The problem is that at the point the systemappears to hang, control of the hardware has been handed back from Linux tothe firmware — it is up to the firmware (software embedded in key systemhardware components) to reboot the system correctly Fortunately, Linuxenables you to select multiple ways to reboot the system to fix, or at least side-step, buggy or broken BIOSes or hardware

At the GRUB: boot prompt, you can specify:

reboot=X,Y

Xcan be one of hard or bios

■■ hard — Uses the CPU’s reset instruction to restart the system

■■ bios — Uses a BIOS routine (sometimes called a BIOS vector) to restart

the system

Ycan be one of warm or cold

■■ warm— A warm boot is the type of reboot invoked when you press

vec-boot: linux reboot=bios,warm

The goal is to find the right combination of X and Y that triggers the bugs inthe system BIOS Once you have found this magic sequence, use GRUB’sappend=option to pass these parameters to the kernel each time you boot thesystem by adding it to /etc/grub.conf as shown in the following example:append=”reboot=bios,warm”

If your system installed without incident until it tried to write GRUB mation to the master boot record (MBR), at which point the installer com-plained that it could not write to the MBR, the MBR may be locked by theBIOS You need to access your system’s BIOS and verify that the MBR is not

infor-Troubleshooting and Problem Solving 899

write-protected Similarly, disable any virus scan enabled in the BIOS that mayinterfere with writing to the MBR

ht://Dig Won’t Run

If you start the rundig program to create ht://Dig’s databases and searchindexes, you might see the following error, or one that closely resembles it:

# /usr/bin/rundig /usr/bin/rundig: line 101: 21924 Segmentation fault /usr/bin/htfuzzy $verb ose metaphone

/usr/bin/rundig: line 102: 21925 Segmentation fault /usr/bin/htfuzzy $verb ose soundex

This error occurs if the file /var/www/html/index.html does not exist,even if the directory /var/www/html contains other content The workaround

is to create an index file At a bare minimum, you can create an emptyindex.html using the touch command:

# touch /var/www/html/index.html

The rundig command will then execute properly

Starting cyrus-imapd

If you see the following message when you start cyrus-imapd, neither the

problem nor the solution actually has anything to do with the mail server,

despite what the error message says:

# service cyrus-imapd start Starting cyrus-imapd: preparing databases error! [FAILED]

The problem occurs because cyrus-imapd converts a binary file, /var/lib/imap/mailboxes.db, to a flat file when it starts The log file that tells youwhat happened is /var/lib/imap/rpm/cvt_cyrusdb_all.log:

you are using /var/lib/imap/sieve as your sieve directory.

fatal error: can’t open old database Converting from /var/lib/imap/mailboxes.db (berkeley) to /var/lib/imap/mailboxes.db.flat (flat)

ERROR: unable to convert /var/lib/imap/mailboxes.db from berkeley to flat

fatal error: can’t open old database

The issue, it turns out, is that the database conversion uses the file utility

to determine the file type of the mailboxes.db file Unfortunately, the fileutility incorrectly classifies mailboxes.db as an Apple QuickTime movie!

# file /var/lib/imap/mailboxes.db /var/lib/imap/mailboxes.db: Apple QuickTime movie (modified)

file misidentifies mailboxes.db because file’s own database file,/usr/share/file/magic.mgc, has an invalid entry The good news is thatyou can easily fix this problem by editing /usr/share/file/magic Theprocedure is simple:

1 Edit /usr/share/file/magic, moving the line (near line 6461) thatreads:

0 string \241\002\213\015skiplist\ file\0\0\0 Cyrus skiplist DB

above the line that reads (near line 819):

# Apple Quicktime and ISO types

2 Execute the command file -C to update the binary magic.mgc filethat the file command uses:

# cd /usr/share/file

# file -C

# file /var/lib/imap/mailboxes.db /var/lib/imap/mailboxes.db: Cyrus skiplist DBAfter you have made this change, the cyrus-imapd service should start

As a convenience, you can use the patch file magic,patch and the followingpatch command to update the magic file without having to edit it manually:

# patch -d /usr/share/file < magic.patch patching file magic

Whether you use the patch file or edit /usr/share/file/magic ally, you must execute the file -C command (and do so in /usr/share/file) to update the magic.mgc file or the change won’t take effect For more information about this bug, see https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=148808

manu-Solving Laptop Video Problems

Laptop installations are typically the most difficult type of installation to form because the companies that build laptop computers often use proprietaryhardware or modify standard PC components to shoehorn desktop PC func-tionality into the confines of a laptop or to meet weight, power, or functional-ity requirements Aggravating such practical concerns, to protect trade secrets,these engineering decisions are rarely publicly documented As a result, youoften have to use a trial-and-error method and rely on the experiences ofothers

per-Troubleshooting and Problem Solving 901

N OT E A few laptop manufacturers actively support Linux IBM, for example, preinstalls Linux on a select group of laptop computers, and certain dedicated

Linux hardware vendors do the same The lack of support is frustrating, but

until manufacturers can be bothered to develop Linux drivers for their products

at the same time as they develop Windows drivers, installing Linux on a laptop computer will continue to be a challenge A good soource of information about running Linux on laptops can be found at linux-laptop.net.

While attempting a graphical Red Hat Linux installation from either theCD-ROM or a floppy disk, you may see the laptop screen go blank and you can-not continue In this case, attempting a text-based installation might work —trying to force a graphical installation rarely works if the installer cannot use

your video hardware With some laptops, the graphical installer might work if

you type the following parameter at the boot: prompt:

boot: linux vga=2

Similarly, you can try all of the possible VGA modes using the followingparameter:

boot: linux vga=ask

Before giving up completely, have a look at the authoritative reference forLinux and laptops, the Linux Laptop Web site at linux-on-laptops.com

The Signal 7 and Signal 11 Problems

Perhaps the most confusing problem people run into when installing Red HatEnterprise Linux is an error message resembling fatal signal 11 or fatalsignal 7 Signal 11s and signal 7s are errors indicating a hardware problem

in memory or on the system’s data bus Red Hat Linux does not cause sucherrors Rather, it brings such problems to light because the Linux kernel typi-cally pushes hardware to the fullest extent of its capabilities, much more sothan DOS or Windows, often revealing substandard hardware

How should you proceed? The first thing to do is perform memory testingusing memtest86, which is included on the Red Hat installation boot disk.Instructions for using memtest86 on the boot disk are included in the releasenotes If memtest86 indicates hardware trouble, take your computer to a repairshop and ask them to test the RAM and, possibly, the CPU cache, on a hard-ware tester

Meanwhile, check to see whether you have the latest installation image fromRed Hat If the latest image still fails, the problem may be hardware-related.Common suspects include bad RAM chips or defective CPU cache memory.Try turning off the CPU cache in the BIOS and see if the problem goes away

Likewise, try swapping memory around in the system’s memory slots to seewhether the error is slot or memory related If that does not solve the problem,the Signal 11 Web site, http://www.bitwizard.nl/sig11, may be able tohelp you.

Using Screensavers and Power Management

To disable screen blanking, turn off your screen saver In text mode, the kernelturns on the screen blanker after 15 minutes, but you can disable this using thefollowing command:

# setterm -powersave off -blank 0

If you hear disk drives speed up or other sounds, this is most likely APM(Advanced Power Management) starting up the system after idle time Youcan disable APM from starting at boot time by logging in as root and typ-ing system-config-services Deselect APM, exit system-config-services, and reboot the machine APM is one of the few Red Hat Linux services that requires a system restart to make it take effect; APM is a low-levelkernel function, so a full reset is needed

Starting the X Window System

What should you do if you run startx and get a black screen? To get out of theblack screen mode, try pressing Ctrl+Alt+Backspace This keystroke combina-tion causes the X server to exit if possible If it does not work, reboot the systemand reconfigure the X Window system using redhat-config-xfree86 aftermaking sure that all your video hardware is compatible You may want or need

to obtain the latest version of XFree86 from redhat.com/support/errata.Upgrading X is fairly simple, but an upgrade HOWTO is available at the RedHat Web site at redhat.com/support/docs/howto/XFree86-upgrade/XFree86-upgrade.html

If you get an error message resembling errno 111 when you run startx,

an X client (any X program except the X server itself running on your XFree86

X system, such as terminal window or even the window manager) tried to nect to the X server but failed to do so for some reason Unfortunately, youordinarily see only the last few lines of the error message To see the completemessage, execute the following command:

con-$ X -probeonly >& startx.out

This command creates a file named startx.out that contains the completeerror message Review the text of the error message carefully for clues con-cerning the real problem that X is having

Troubleshooting and Problem Solving 903

Making an Emergency Boot Disk

Sometimes you might have a problem with your system that prevents it frombooting properly Maybe you made some configuration changes and then shutdown your system When you tried to boot up again, the system wouldn’t startbecause you changed the boot loader configuration files This is just the timewhen you could use an emergency rescue disk In this section, you learn how

to make one

Making a boot disk is very easy Follow this procedure:

1 From a terminal command line, find your kernel version by enteringthe command:

[root@main root]#uname -rwhich gives the following output (Your output might be different.)2.6.9-5.EL

2 Type the command mkbootdisk 2.6.9-5.EL.

3 Insert a floppy disk into the disk drive when prompted and then pressEnter When the command prompt returns, the boot disk has been created

Summary

This chapter offered numerous tips and techniques for overcoming commonlyencountered problems installing, configuring, and using Fedora Core and RedHat Enterprise Linux You first read about how to solve installation problems,such as not being able to mount a CD-ROM after the postinstallation reboot.Next, you learned how to work around problems accessing files and usingWindows file systems After you explored ways to resolve difficulties gettingonline using a modem, you read about disabling power management andworking through problems starting the X Window system

Bash Shell Scripting

IN THIS CHAPTER

■■ Using Wildcards and Special Characters

■■ Using Variables

■■ Using Bash Operators

■■ Understanding Flow Control

■■ Using Shell Functions

■■ Processing Input and Output

■■ Working with Command Line Arguments

■■ Using Processes and Job Control

System administration is frequently performed on a repetitive or ongoing basis

As a result, such duties are prime candidates for automation because edly typing the same commands is tedious, error prone, and time-consuming.This appendix teaches you to use Bash’s programming language to automatestandard system administration tasks After you read an overview of the fun-damentals of Bash programming, you will learn how to use some very usefulshell utility programs that ease the task of shell scripting You will also receivesome guidance in selecting an alternative scripting language if you do not likeBash or find its abilities insufficient for your needs The discussion assumesthat you are comfortable using Bash as an end user and concentrates on Bashfeatures from a shell programmer’s perspective

repeat-As a programming language, Bash has all the features one would expect:wildcards, variables, operators, functions, and input and output capabilities.Although Bash’s programming support is not as complete, fully featured, orpowerful as traditional programming languages such as C and C++ oradvanced scripting languages such as Perl and Python, Bash is neverthelesssurprisingly capable and well suited to the task

A P P E N D I X

A

Using Wildcards and Special Characters

Wildcards are single characters that stand for or substitute for one or more ues Bash uses the familiar * and ? as wildcards * stands for one or more char-acters and ? represents any single character For example, the command ls d*executed in /bin on a Red Hat system should result in output resembling thefollowing:

val-$ ls d*

date dd df dmesg dnsdomainname doexec domainname dumpkeys

The command ls d?, however, shows only the commands beginning with

d followed by any single alphanumeric value:

sup-of all three An inclusive set includes all the characters in the set and is definedusing a hyphen, for example, [b-f] A disjoint set is at least two inclusiveranges separated by a comma (,), such as [1-4,7-0] A discrete set refers to asimple list of characters, such as [13579] Table A-1 lists some examples of thekinds of sets you can create using the [] set operator

For the second set in Table A-1, possible matches include 17, 38, and 49, but 57and 94 do not match The next few commands show a few examples of usingthis set notation in the /bin directory on a Fedora Core or RHEL system

$ ls [b-c]*

basename bash bsh cat chgrp chmod chown cp cpio csh cut

The resulting set consists of any filename beginning with b or c

$ ls [b-d,f]?

cp dd df

Table A-1 Examples of Sets

between and including a and z

The resulting display consists of any filename beginning with b, c, d, or f lowed by any single alphanumeric character

is to use [!aeiou]*, that is:

$ ls [!aeiou]*

basename dd gtar mail ping setserial tracepath6 bash df gunzip mkdir ping6 sfxload traceroute bsh dmesg gzip mknod ps sh traceroute6 cat dnsdomainname hostname mktemp pwd sleep true chgrp doexec kbd_mode more red sort vi chmod domainname kill mount rm stty view

Bash’s wildcard and set operators are a subset of its special characters,

also called metacharacters Metacharacters are characters to which Bash assigns

a special meaning or interpretation Table A-2 lists all of Bash’s special characters

You should already be familiar with redirecting input and output and usingpipes, but you will see examples of all three operations later in the chapter.Input and output redirection should be familiar to you Commands in a block,that is, delimited by { and } elicit different behavior from Bash than com-mands executed in a subshell, that is, commands delimited by ( and ) (Youwill read about subshells in the section “Shell Functions” later in this chapter.)

Bash Shell Scripting 907

Table A-2 Bash Special Characters

The commands between two ` characters cause command substitution (that

is, their output or result replaces the expression itself) Consider the command

ls `which tar` Before ls executes, `which tar` will be replaced by itsresult (/bin/tar, in this case) So, for example, the two commands:

$ which tar

/bin/tar

$ ls -l /bin/tar

-rwxr-xr-x 2 root root 161380 Oct 11 2004 /bin/tar

produce the same result as the single command: