I need to vacuum full the database but got this error
mydb=# vacuum full;
ERROR: could not access status of transaction 376865319
DETAIL: Could not open file "pg_clog/0167": No such file or directory.
Solution per searching google.
-bash-3.2$ dd if=/dev/zero of=/pgsql/data/pg_clog/0167 bs=256k count=1
Then VACCUM FULL again.
Wednesday, January 31, 2018
Sunday, January 28, 2018
Fixing iscsi connectivity issue between Centos 6 and Compellent Storage
Fixing iscsi connectivity issue between Centos 6 and Compellent Storage
I boot a Centos 6 server so it can be mounted with a volume from compellent, but got this issue that the HBA interface cannot be detected at the compellent side but check the connectivity, it able to established connection to iscsi target.
I manually connect the host to the compellent server iscsi ip, so below, I have 8 IP to connect
#connecting
for i in 1 2 3 4 5 6 7 8; do iscsiadm --mode discoverydb --type sendtargets --portal 1.2.3.$i --discover; done
#logging in
iscsiadm -m node -l
#connecting
But i encountered at the compellent an issue where the existing initiator name does not show, so I cannot bind the volume to that said host at compellent.
The fix is to rename the initiator name. Use the command
/sbin/iscsi-iname
The above will generate a new name and then put it at /etc/iscsi/initiatorname.iscsi
If you have an existing InitiatorName=iqn.1994-05.com.redhat:fc5b3050bf
I boot a Centos 6 server so it can be mounted with a volume from compellent, but got this issue that the HBA interface cannot be detected at the compellent side but check the connectivity, it able to established connection to iscsi target.
I manually connect the host to the compellent server iscsi ip, so below, I have 8 IP to connect
#connecting
for i in 1 2 3 4 5 6 7 8; do iscsiadm --mode discoverydb --type sendtargets --portal 1.2.3.$i --discover; done
#logging in
iscsiadm -m node -l
#connecting
But i encountered at the compellent an issue where the existing initiator name does not show, so I cannot bind the volume to that said host at compellent.
The fix is to rename the initiator name. Use the command
/sbin/iscsi-iname
The above will generate a new name and then put it at /etc/iscsi/initiatorname.iscsi
If you have an existing InitiatorName=iqn.1994-05.com.redhat:fc5b3050bf
and that name either defined on different IP, you may replace that with the new name and restart iscsi service.
Then check at compellent the hba for the host IP equivalent, it should display the new name and the IP and you can now map the volume to the said server.
Tuesday, January 2, 2018
sftp chroot environment - config and script
sftp chroot environment
Of course, sshd service should be enabled.
Sample Config:
#/etc/ssh/sshd_config
#
Protocol 2
SyslogFacility AUTHPRIV
MaxAuthTries 5
PubkeyAuthentication yes
PasswordAuthentication yes
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
UsePAM yes
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL
X11Forwarding yes
Ciphers aes128-ctr,aes192-ctr,aes256-ctr
MACs hmac-sha1,hmac-ripemd160
Subsystem sftp internal-sftp
Match Group sftpusers
ChrootDirectory /home/sftpusers/%u
ForceCommand internal-sftp
###EOF
Sample sftp adduser script
#/usr/local/sbin/sftp_adduser.sh
#!/bin/bash
#
if [ $# -lt 1 ]; then
echo "Usage: `basename $0`" sftp username
echo " eg. `basename $0` "sftp_something
exit 1
fi
RANPASS=`date +%s | sha256sum | base64 | head -c 8 ; echo`
USERNAME=$1
SFTPHOME=/home/sftpusers
SFTPSHELL=/usr/libexec/openssh/sftp-server
id $USERNAME 2> /dev/null 1> /dev/null
if [ $? -eq 0 ]
then
echo "$1 already exist, please try again using another name"
exit
else
useradd -d $SFTPHOME/$USERNAME -s $SFTPSHELL -p $RANPASS $USERNAME
echo $RANPASS > /tmp/passwd.tmp001
sleep 1
passwd --stdin < /tmp/passwd.tmp001 $USERNAME
echo $USERNAME >> /etc/listfile/sshusers
#set permission
usermod -g sftpusers $USERNAME
usermod -G sftpusers $USERNAME
#This is the default folder for sftp users
mkdir $SFTPHOME/$USERNAME/FILES
#set permissions
chown root $SFTPHOME/$USERNAME
chmod go-w $SFTPHOME/$USERNAME
chown $USERNAME:sftpusers $SFTPHOME/$USERNAME/FILES
chmod u+rwX $SFTPHOME/$USERNAME
chmod 755 $SFTPHOME/$USERNAME
chmod g+rx $SFTPHOME/$USERNAME
#Details
echo USER CREATED: $USERNAME
echo USER DEFINED PASSWORD: $RANPASS
echo FTP INTERNAL IP: 1.2.3.4
echo FTP EXTERNAL IP: 111.222.112.221
echo USER: $USERNAME has been created at ftp 1.2.3.4 | mail -s "created at sftp 1.2.3.4 on `date`" admin@myhost.com
fi
Of course, sshd service should be enabled.
Sample Config:
#/etc/ssh/sshd_config
#
Protocol 2
SyslogFacility AUTHPRIV
MaxAuthTries 5
PubkeyAuthentication yes
PasswordAuthentication yes
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
UsePAM yes
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL
X11Forwarding yes
Ciphers aes128-ctr,aes192-ctr,aes256-ctr
MACs hmac-sha1,hmac-ripemd160
Subsystem sftp internal-sftp
Match Group sftpusers
ChrootDirectory /home/sftpusers/%u
ForceCommand internal-sftp
###EOF
Sample sftp adduser script
#/usr/local/sbin/sftp_adduser.sh
#!/bin/bash
#
if [ $# -lt 1 ]; then
echo "Usage: `basename $0`" sftp username
echo " eg. `basename $0` "sftp_something
exit 1
fi
RANPASS=`date +%s | sha256sum | base64 | head -c 8 ; echo`
USERNAME=$1
SFTPHOME=/home/sftpusers
SFTPSHELL=/usr/libexec/openssh/sftp-server
id $USERNAME 2> /dev/null 1> /dev/null
if [ $? -eq 0 ]
then
echo "$1 already exist, please try again using another name"
exit
else
useradd -d $SFTPHOME/$USERNAME -s $SFTPSHELL -p $RANPASS $USERNAME
echo $RANPASS > /tmp/passwd.tmp001
sleep 1
passwd --stdin < /tmp/passwd.tmp001 $USERNAME
echo $USERNAME >> /etc/listfile/sshusers
#set permission
usermod -g sftpusers $USERNAME
usermod -G sftpusers $USERNAME
#This is the default folder for sftp users
mkdir $SFTPHOME/$USERNAME/FILES
#set permissions
chown root $SFTPHOME/$USERNAME
chmod go-w $SFTPHOME/$USERNAME
chown $USERNAME:sftpusers $SFTPHOME/$USERNAME/FILES
chmod u+rwX $SFTPHOME/$USERNAME
chmod 755 $SFTPHOME/$USERNAME
chmod g+rx $SFTPHOME/$USERNAME
#Details
echo USER CREATED: $USERNAME
echo USER DEFINED PASSWORD: $RANPASS
echo FTP INTERNAL IP: 1.2.3.4
echo FTP EXTERNAL IP: 111.222.112.221
echo USER: $USERNAME has been created at ftp 1.2.3.4 | mail -s "created at sftp 1.2.3.4 on `date`" admin@myhost.com
fi
Subscribe to:
Posts (Atom)