To enable basic authentication with Apache 2:

1. Create a set of credentials for the user, using htpasswd. The syntax is:

   htpasswd /path/to/htpasswd/file username
   

   If the htpasswd file does not exist yet, pass the additional option -c to create it. For example:

   htpasswd /etc/httpd/htpasswd marios
   

2. Enter the user password twice. This will create an entry in that file, with a set of credentials, e.g:

   [marios@centos6 ~]$ grep marios /etc/httpd/htpasswd 
   marios:3RoxtKn6QL9Uw
   

3. Basic authentication can be applied to a directory on the web server and its subdirectories with the Directory Apache directive, or to a URL and whatever follows it, with the Location directove. To apply it to a directory, add to your Apache configuration something like:

   <Directory /var/www/html/protected>
       AuthName "Protected"
       AuthType Basic
       AuthUserFile /etc/httpd/htpasswd
       Require user marios
   </Directory>
   

   If you have multiple users, you can specify Require valid-user, in which case all users with credentials in the AuthUserFile will be allowed to login.

Optionally, you can further secure that specific directory or location with an AllowFrom directive, and restrict the ranges of IP addresses from which the directory or location will be accessible.

Basic Authentication Against Active Directory

To authenticate and authorize users against Active Directory, you will need to create an Active Directory user that will be used to bind to AD. In the following example, the user is apache_authentication_user and its password is apache_authentication_password.

AuthType Basic
AuthName "Authorized Users Only"
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthLDAPBindDN "CN=apache_authentication_user,OU=system_accounts,DC=example,DC=com"
AuthLDAPBindPassword apache_authentication_password
AuthLDAPGroupAttributeIsDN on
AuthLDAPURL "ldap://domain-controller.example.com:389/OU=USERS,DC=example,DC=com?sAMAccountName?sub?(objectClass=*)"
<Limit GET POST>
    require ldap-group CN=sysadmins,OU=GROUPS,DC=example,DC=com
    require ldap-group CN=finance,OU=GROUPS,DC=example,DC=com
</Limit>

See Also

• Apache Web Login Authentication, a tutorial with many Apache authentication examples, including Basic.

To get a list of devices in Zenoss that have a Serial Number defined, run the following script as user zenoss. It will display the Device Title, the Serial Number, and -as an added bonus- the Hardware Manufacturer.

import Globals
from Products.ZenUtils.ZenScriptBase import ZenScriptBase
DMD = ZenScriptBase(connect=True).dmd

Devices = dmd.Devices.getSubDevicesGen()

for Device in Devices:
    if Device.getHWSerialNumber():
        print Device.title, Device.getHWSerialNumber(), Device.getHWManufacturerName()

import Globals
from Products.ZenUtils.ZenScriptBase import ZenScriptBase
DMD = ZenScriptBase(connect=True).dmd

for Group in DMD.Groups.getSubOrganizers():
    print Group.getPrimaryId()

Get all Devices in specific Group

for Device in Group.devices():
    print Device.getPrimaryId()

I have several CentOS virtual machines that I only fire up when I need to test something, so I don't give them static IPs. For my own convenience, I added the following lines in /etc/rc.local, which get the IP Address that was leased to the machine by the DHCP server, and change /etc/issue to display it:

{% highlight bash %} export IPADDR=$(ifconfig eth1 | grep 'inet ' | cut -d ':' -f 2 | cut -d ' ' -f 1) sed -i "s/IP Address:.*/IP Address: $IPADDR/" /etc/issue {% endhighlight %}

This way, once the VM boots up and gets an IP from DHCP, that IP will be displayed in the hypervisor's console.

The back-pressure feature on Cisco switches is a workaround to the inability to apply proper flow control on half-duplex links. It causes the Cisco switch to send fake packets on the link, thus controlling the transmission from the remote side, since only one side can send at a time on a half-duplex link.

To have partitions larger than 2 TeraBytes, you need to create a GPT disk, as opposed to an MBR one. This, however, is not possible during the installation of CentOS, so you might need to handle it either before the installation (e.g: with booting a Live CD that supports GPT and creating the partition table before the installation) or after the installation, with the use of gdisk.

Using gdisk is actually very easy, although you should keep in mind that there is no guarrantee that your data will be safe.

For this example, installation of CentOS 6.2 was done on a system with one 3 TB disk. During the installation, the following partitions were created:

/dev/sda1  0.5 GB /boot
/dev/sda2 13.0 GB LVM PV (4GB swap, 9GB /root)

This left almost all of the 3 TB on the disk available.

After the installation is done, download gdisk for CentOS 6 from OpenSUSE Build Service. You can also find more versions of gdisk at rodsbooks.com. Example download:

wget http://download.opensuse.org/repositories/home:/srs5694/CentOS_CentOS-6/x86_64/gdisk-0.8.8-133.1.x86_64.rpm

After the download completes, install with:

yum install gdisk-0.8.8-133.1.x86_64.rpm

You can now very simply convert the MBR partition table to GPT with:

gdisk /dev/sda

The new GPT will be available on the next reboot. You can then create a partition bigger than 2 TB in the unallocated space, either with gdisk or with parted, then create a filesystem inside it with mkfs, and finally mount it and start using it!

See Also

• gdisk WebSite

Juniper devices have extensive help options in the CLI.

Tip of the day

To view a very short tip, execute:

marios@juniper> help tip cli

This is not exactly a tip of the day - since you actually get a new tip each time you execute that command. Still pretty cool though.

Help with syslog messages

You can view an explanation of what a syslog message means with help syslog. For example, for the LOGIN_INFORMATION message, execute:

marios@juniper> help syslog LOGIN_INFORMATION

Search in help topics

You can search in help topics with help apropos. This will return a list of help pages that contain the word you searched for. For example, you can search for all pages that refer to syslog with:

marios@juniper> help apropos syslog

Topical help

To get help on a specific topic, start with help topic. For example, for help on syslog, execute:

marios@juniper> help topic system syslog

This is a list of acronyms that I come across while reading Juniper documentation. Most should be Juniper-specific, but some may not.

ASIC

Application-Specific Integrated Circuit

BERT

Bit Error Rate Test

dcd

Device Control Daemon: One of the JUNOS daemons running on the Routing Engine. Handles configuration and maintenance of the interfaces.

FEB

Forwarding Engine Board: a type of Switching Control Board, found on some devices like M5, M10.

FPC

Flexible PIC Concentrator, the component that joins multiple PICs on devices that require more than one. In the JUNOS interface naming convention Type-FPC/PIC/Port.Unit, the FPC is the first all-numeric component. For example, interface fe-1/2/3 is on FCP 1 on the device.

LDP

Label Distribution Protocol. One of the sources of routes in the routing table, with a preference value of 9.

mgd

Management Daemon: One of the JUNOS daemons running on the Routing Engine. Manages user access to the device.

MMB

Memory Mezzanine Board: a type of Switching Control Board found on some devices like the T320 and the T640. It is integrated in the FPC.

MSDP

Multicast Source Discovery Protocol. One of the sources of routes in the routing table, with a preference value of 175.

PFE

Packet Forwarding Engine: the second part of the Control Plane / Forwarding Plane separation on Juniper devices. This part of the device is mostly hardware.

pfed

Packet Forwarding Engine Daemon: One of the JUNOS daemons running on the Routing Engine. Manages the communication between the Routing Engine and the Packet Forwarding Engine.

PIC

Physical Interface Card. Different types of PICs exist, to offer difference connectivity capabilities, for example there are ATM PICs, or SDH PICs, which consequently contain different ASICs. In the JUNOS interface naming convention Type-FPC/PIC/Port.Unit, the PIC is the second all-numeric component. For example, interface fe-1/2/3 is on PIC 2 on the device.

PIM

Protocol Independent Multicast. One of the sources of routes in the routing table, with a preference value of 105.

RE

Routing Engine, the first part of the Control Plane / Forwarding Plane separation on Juniper devices. This part of the equation is mostly software. It contains the OS, and this is where the configuration takes place. Physically, it looks like a small PC, with a motherboard, processor, RAM and storage. Some devices have dual REs for redundancy.

RSVP

Resource Reservation Protocol. One of the sources or routes in the routing table, with a preference value of 7.

rpd

Routing Protocol Daemon: One of the JUNOS daemons running on the Routing Engine. Handles exchange of routing messages, maintenance of routing table, enforcement of routing policies.

RPF

Reverse Path Forwarding is the process used by Junos to populate the inet.2 routing table, used by the router to prevent routing loops in multicast routing protocols.

SCB

System Contol Board: a type of Switching Control Board, found on some devices like the M40.

SFM

Switching and Forwarding Module: a type of Switching Control Board, designed so that devices will have two SFMs. Some devices, like the M40e, use the SFMs in Active/Passive mode, whereas others, like the M160, use both in Active/Active mode.

SSB

System Switching Board: a type of Switching Control Board, found on some devices line the M20. It is designed so that devices will contains two SSBs, in Active/Passive redundancy.

SSRAM

Synchronized Static Random Access Memory. It is a component of the Switching Control Board, and it contains the routing table, pushed to it by the Routing Engine.

SCB

Switching Control Board. This is the heart of the Packet Forwarding Engine. Similarly to the Routing Engine, it contains a processor and RAM, but the purpose of those are to coordinate the operation of the rest of the components of the PFE, rather than actually participating in routing/forwarding decisions.

TED

Traffic Engineering Database

This is an unsorted list of links to free books (some libre, some gratis, some both) that I find here and there, put here for future reference. Unfortunately, these links tend to break often.

1. Introduction to the Command Line
2. You don't know JS, a Kickstarter-born series of books on JavaScript.
3. How to Make a Computer Operating System
4. A Byte of Python 3
5. Linux 101 Hacks
6. The Debian Administrator's Handbook
7. PicoLisp Works (on Scribd) or PicoLisp Works (on GitHub)
8. PicoLisp by Example (on Scribd) or PicoLisp by Example (on GitHub)
9. Practical PHP
10. Dive into Python
11. Free as in Freedom
12. Getting Real - The smarter, faster, easier way to build a successful web application
13. The Linux Command Line

See Also

• The Systems Administration Body of Knowledge has a list of resources, some of which are links to free books.
• List of Free Programming Resources
• Ten Free Python Programming Books

This document shows how to add a 50GB hard disk on a CentOS 6 system, prepare it for usage with LVM, and mount it as the MySQL data directory. This was tested on a VMware Player virtual machine, with CentOS 6.4, and should be safe to run on any 6.x CentOS version.

Addition of new hard disk

The new disk was added on the CentOS 6.4 machine in VMware Player. The operating system doesn't see it yet, this is the previous status:

[root@c6 ~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/vg_c6-lv_root
                       18G  1.3G   16G   8% /
tmpfs                 947M     0  947M   0% /dev/shm
/dev/sda1             194M   89M   96M  49% /boot

[root@c6 ~]# pvs
  PV         VG    Fmt  Attr PSize  PFree
  /dev/sda2  vg_c6 lvm2 a--  19.80g    0 

[root@c6 ~]# vgs
  VG    #PV #LV #SN Attr   VSize  VFree
  vg_c6   1   2   0 wz--n- 19.80g    0 

[root@c6 ~]# lvs
  LV      VG    Attr      LSize  Pool Origin Data%  Move Log Cpy%Sync Convert
  lv_root vg_c6 -wi-ao--- 17.80g
  lv_swap vg_c6 -wi-ao---  2.00g

fdisk sees the new /dev/sdb disk:

[root@c6 ~]# fdisk -l

Disk /dev/sda: 21.5 GB, 21474836480 bytes
255 heads, 63 sectors/track, 2610 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00072251

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1          26      204800   83  Linux
Partition 1 does not end on cylinder boundary.
/dev/sda2              26        2611    20765696   8e  Linux LVM

Disk /dev/sdb: 53.7 GB, 53687091200 bytes
255 heads, 63 sectors/track, 6527 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000


Disk /dev/mapper/vg_c6-lv_root: 19.1 GB, 19113443328 bytes
255 heads, 63 sectors/track, 2323 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000


Disk /dev/mapper/vg_c6-lv_swap: 2147 MB, 2147483648 bytes
255 heads, 63 sectors/track, 261 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000

Create a partition table

The first step to make this disk usable by the system, is to create a partition table on it, with fdisk:

[root@c6 ~]# fdisk /dev/sdb

Print the current partition table with p. At the moment, there are no partitions, so the output is empty:

Command (m for help): p

Disk /dev/sdb: 53.7 GB, 53687091200 bytes
255 heads, 63 sectors/track, 6527 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x1fdf1a3e

   Device Boot      Start         End      Blocks   Id  System

Create a new primary partition, with n, and allow it to occupy the entire drive space:

Command (m for help): n
Command action
   e   extended
   p   primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-6527, default 1): 
Using default value 1
Last cylinder, +cylinders or +size{K,M,G} (1-6527, default 6527): 
Using default value 6527

Print the partition table again to verify:

Command (m for help): p

Disk /dev/sdb: 53.7 GB, 53687091200 bytes
255 heads, 63 sectors/track, 6527 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x1fdf1a3e

   Device Boot      Start         End      Blocks   Id  System
/dev/sdb1               1        6527    52428096   83  Linux

In the above output, the type of the partition is Linux, which is not what we need. With t, set the type of the partition to 8e, i.e. Linux LVM:

Command (m for help): t
Selected partition 1
Hex code (type L to list codes): 8e
Changed system type of partition 1 to 8e (Linux LVM)

Print the partition table once more, to verify:

Command (m for help): p 

Disk /dev/sdb: 53.7 GB, 53687091200 bytes
255 heads, 63 sectors/track, 6527 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x1fdf1a3e

   Device Boot      Start         End      Blocks   Id  System
/dev/sdb1               1        6527    52428096   8e  Linux LVM

That's more like it! Now save the new partition table with w:

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.

Partial output of fdisk -l now shows that the partition is available to the operating system for further handling:

[root@c6 ~]# fdisk -l
Disk /dev/sdb: 53.7 GB, 53687091200 bytes
255 heads, 63 sectors/track, 6527 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x1fdf1a3e

   Device Boot      Start         End      Blocks   Id  System
/dev/sdb1               1        6527    52428096   8e  Linux LVM

Create LVM Physical Volume, Volume Group and Logical Volume

Next step is to create a new LVM Physical Volume:

[root@c6 ~]# pvcreate /dev/sdb1
  Physical volume "/dev/sdb1" successfully created

The new PV now appears in pvs output:

[root@c6 ~]# pvs
  PV         VG    Fmt  Attr PSize  PFree 
  /dev/sda2  vg_c6 lvm2 a--  19.80g     0 
  /dev/sdb1        lvm2 a--  50.00g 50.00g

pvdisplay will now list the new physical volume, but it will be noted as non-allocatable, in other words non usable yet, because it contains no Volume Group:

[root@c6 ~]# pvdisplay
  --- Physical volume ---
  PV Name               /dev/sda2
  VG Name               vg_c6
  PV Size               19.80 GiB / not usable 3.00 MiB
  Allocatable           yes (but full)
  PE Size               4.00 MiB
  Total PE              5069
  Free PE               0
  Allocated PE          5069
  PV UUID               LqOFBg-4lUi-Uen7-2vtO-EFkf-Cp8p-XvLiHX

  "/dev/sdb1" is a new physical volume of "50.00 GiB"
  --- NEW Physical volume ---
  PV Name               /dev/sdb1
  VG Name               
  PV Size               50.00 GiB
  Allocatable           NO
  PE Size               0   
  Total PE              0
  Free PE               0
  Allocated PE          0
  PV UUID               6Nv0Xf-72ao-Nfph-TfvN-26FS-ssE8-QrEsXx

Create a new LVM Volume Group with vgcreate. In this example, the Volume Group name is vg_mysql, because it's intended for use as the data directory of a MySQL server, but it can be anything.

[root@c6 ~]# vgcreate vg_mysql /dev/sdb1
  Volume group "vg_mysql" successfully created

The new VG will now show up in the output of vgs:

[root@c6 ~]# vgs
  VG       #PV #LV #SN Attr   VSize  VFree 
  vg_c6      1   2   0 wz--n- 19.80g     0 
  vg_mysql   1   0   0 wz--n- 50.00g 50.00g

Now the output of pvdisplay will change, to show that the Physical Volume is actually usable:

[root@c6 ~]# pvdisplay
  --- Physical volume ---
  PV Name               /dev/sdb1
  VG Name               vg_mysql
  PV Size               50.00 GiB / not usable 3.31 MiB
  Allocatable           yes 
  PE Size               4.00 MiB
  Total PE              12799
  Free PE               12799
  Allocated PE          0
  PV UUID               6Nv0Xf-72ao-Nfph-TfvN-26FS-ssE8-QrEsXx

  --- Physical volume ---
  PV Name               /dev/sda2
  VG Name               vg_c6
  PV Size               19.80 GiB / not usable 3.00 MiB
  Allocatable           yes (but full)
  PE Size               4.00 MiB
  Total PE              5069
  Free PE               0
  Allocated PE          5069
  PV UUID               LqOFBg-4lUi-Uen7-2vtO-EFkf-Cp8p-XvLiHX

Now that a Volume Group was created inside the Physical Volume, none of the space on the Physical Volume is free any more, as shown in the output of pvdisplay above, but all of the space in the Volume Group is free, as shown by vgdisplay:

[root@c6 ~]# vgdisplay
  --- Volume group ---
  VG Name               vg_mysql
  System ID             
  Format                lvm2
  Metadata Areas        1
  Metadata Sequence No  1
  VG Access             read/write
  VG Status             resizable
  MAX LV                0
  Cur LV                0
  Open LV               0
  Max PV                0
  Cur PV                1
  Act PV                1
  VG Size               50.00 GiB
  PE Size               4.00 MiB
  Total PE              12799
  Alloc PE / Size       0 / 0   
  Free  PE / Size       12799 / 50.00 GiB
  VG UUID               cwEyOs-rIqq-hc5J-cl45-kSZ0-i4dV-HiGE2l

  --- Volume group ---
  VG Name               vg_c6
  System ID             
  Format                lvm2
  Metadata Areas        1
  Metadata Sequence No  3
  VG Access             read/write
  VG Status             resizable
  MAX LV                0
  Cur LV                2
  Open LV               2
  Max PV                0
  Cur PV                1
  Act PV                1
  VG Size               19.80 GiB
  PE Size               4.00 MiB
  Total PE              5069
  Alloc PE / Size       5069 / 19.80 GiB
  Free  PE / Size       0 / 0   
  VG UUID               pp0134-mUkA-x3jp-FeVr-0ixo-Lxa4-eX1PCx

Next, create an LVM Logical Volume with lvcreate:

[root@c6 ~]# lvcreate -L 51196M -n lv_mysql vg_mysql
  Logical volume "lv_mysql" created

In the above command, the size 51196M is the number of Physical Extends (12799) multiplied by the size of the Physical Extend (4.0 MBytes). This will cause the Logical Volume to occupy all of the Volume Group. Verify with lvs:

[root@c6 ~]# lvs
  LV       VG       Attr      LSize  Pool Origin Data%  Move Log Cpy%Sync Convert
  lv_root  vg_c6    -wi-ao--- 17.80g                                             
  lv_swap  vg_c6    -wi-ao---  2.00g                                             
  lv_mysql vg_mysql -wi-a---- 50.00g

Creating the filesystem

The next step is to create a filesystem inside the LVM Logical Volume. The choice of filesystem depends on a multitude of factors, but for this example let's stick with ext4:

[root@c6 ~]# mkfs.ext4 /dev/vg_mysql/lv_mysql 
mke2fs 1.41.12 (17-May-2010)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
3276800 inodes, 13106176 blocks
655308 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=0
400 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks: 
    32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 
    4096000, 7962624, 11239424

Writing inode tables: done                            
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 39 mounts or
180 days, whichever comes first.  Use tune2fs -c or -i to override.

Mounting the filesystem

The last step in this procedure, is to actually mount the brand new filesystem at a mountpoint inside our filesystem hierarchy.

[root@c6 ~]# mkdir /mnt/test
[root@c6 ~]# mount /dev/vg_mysql/lv_mysql /mnt/test
[root@c6 ~]# mount | grep mysql
/dev/mapper/vg_mysql-lv_mysql on /mnt/test type ext4 (rw)

This verifies that our filesystem has been created, and can be mounted.

Setting up MySQL in the new Logical Volume

Very briefly, what you need to do to set up MySQL's data directory to be the new Logical Volume is:

1. Install, start, enable and automatically configure the MySQL Server:

   [root@c6 ~]# yum -y install mysql-server
   [root@c6 ~]# service mysqld start
   [root@c6 ~]# chkconfig mysqld on
   [root@c6 ~]# mysql_secure_installation
   

2. Stop MySQL, back the original data directory up, mount the new one, and copy all the data over:

   [root@c6 lib]# service mysqld stop
   [root@c6 lib]# cd /var/lib
   [root@c6 lib]# mv mysql mysql-original
   [root@c6 lib]# mkdir mysql
   [root@c6 lib]# mount /dev/vg_mysql/lv_mysql /var/lib/mysql
   [root@c6 lib]# chown mysql:mysql mysql
   [root@c6 lib]# cp -Rpv mysql-original/* mysql/
   [root@c6 lib]# rm -rf mysql/lost+found/
   

3. Finally, start the MySQL server again:

   [root@c6 lib]# service mysqld start
   

That's it. You can now see that the new LVM Logical Volume is mounted, and is being used for MySQL:

[root@c6 lib]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/vg_c6-lv_root
                       18G   17G   22M 100% /
tmpfs                 947M     0  947M   0% /dev/shm
/dev/sda1             194M   89M   96M  48% /boot
/dev/mapper/vg_mysql-lv_mysql
                       50G  201M   47G   1% /var/lib/mysql