Study Notes

I have been working in Plasmon for three months. During these days, I tried to know the SNAZ system and the architecture of Plasmon.com. The important jobs are building LAT, install Iplanet, install OpenLDAP+SSL and did some performance testing on these platforms. Though sometimes it was hardly time, keep on researching and looking up in Internet, query, or join email group. Everything would be resolved.

I feel I’ve learned much in this new team. The next target, for me, is RHCE. I plan to accomplish this certificated test in about January or Febrary,2007.

Information about the local and remotely mounted file systems is stored in/etc/fstab. Each file system is described on a separate line. Each line is composed of multiple fields, each separated by spaces or tabs. When your system boots, it processes each file system in the order listed.

A sample /etc/fstab might look like the following:

/dev/hda1 / ext2 defaults 1 1
/dev/hda2 swap swap defaults 0 0
/dev/hda5 /usr ext2 defaults 1 2
/dev/hda7 /tmp ext2 defaults 1 2
/dev/hda8 /var ext2 defaults 1 2
/dev/hda9 /home ext2 defaults 1 2
/dev/hdc /cdrom iso9660 ro,noauto,user 0 0
none /proc proc defaults 0 0

Field Name Description
——————————-
fs_spec: Describes the block device or remote file system to be mounted.
fs_file: Describes the mount point (the directory the file system will be mounted as). For swap partitions, this should be “none.”
fs_vfstype: Describes the file system type. Valid file system types are minix, ext, ext2, xiafs, msdos, hpfs, iso9660, nfs, and swap. This field can also be set to “ignore,” which will cause the system to ignore the entry. Ignoring an entry is useful for marking unused partitions.
fs_mntops: Mount options. Specifies mounting options. Mount options are covered later in this section.
fs_freq: Used by the dump(8) command to determine which file systems need to be dumped. A value of 0 indicates that the file system does not need to bedumped.
fs_passno: Used by the fsck(8) program to determine the order in which filesystems are checked upon boot. The root file system should have an fs_passno setting of 1, and other local file systems should have an fs_passno of 2. Remote file systems should have an fs_passno of 0, which indicates they should not be checked on boot.

Mount Options

Although most file systems in /etc/fstab are given the mount option of Default, there are other options you can use. Options are listed in /etc/fstab, and are separated by commas (no spaces or tabs).

Mount Option Description
—————————-
async: I/O is done asynchronously to this file system.
atime: Timestamps for each inode are updated when accessed.
auto: Can be mounted with the -a option of the mount(8) command.
defaults: Use the default mount options: rw, suid, dev, exec, auto, nouser,and async.
dev: Interpret character or block special devices on the file system.
exec: Allow binaries (programs) to be executed on this file system.
noatime: Timestamps for each inode are not updated when accessed.
noauto: Cannot be mounted with the -a option of the mount(8) command (it must be mounted explicitly).
nodev: Do not interpret character or block special devices on the file system.
noexec: Do not allow binaries (programs) to be executed on this file system.
nosuid: Do not allow setuid or setgid permissions on programs to take effect.
nouser: Do not allow nonroot users to mount this file system.
remount: Attempt to remount a file system that has already been mounted. This is typically used to change mount options, and is only used by the mount(8) command (never used in /etc/mnttab).
ro: Mount the file system as read-only.
rw: Mount the file system as read-write.
suid: Allow setuid or setgid permissions on programs to take effect.
sync: I/O is done synchronously to this file system.
user: Allow nonroot users to mount this file system. This option also sets the noexec, nosuid, and nodev options, unless overridden.

It took me about two days on fixing a P1 bug in AA system. I did not debug programs before, especally the AA is a very large program. In the fixing process, I stared on the code, and asked for help from other engineers, try to add debug information into code. Though I failed again and again, but I feel it was more nearly to the success, because, at least I known what would happen and who could make effect through all the failure.

First, know the actual factor the debugs describes, you’d better do it by yourself, it would be very benifit for your understanding the trouble. Second, try to locate which program would be the target debuged, in this case, Bruce told me to focus on “/bin/SYS_INSTALLSTARTOS”, and thanks for Sam’s advice, I watch on the “/webui/software/update.cgi” as the target which is proved to be right choice. In the “update.cgi”. I put many “print” and “echo” lines to collect the returned values created by the program running.

The issue is, the GUI hang or has no information when the patch is installed. Using the original “update.cgi”, the patch would be installed successfully without error, but the last screen has not inforamtion said the operating status, as normaly, there would be some lines messages said the patch was installed successfully and reboot the system. Other way, if I comment some lines, the successfully information displayed. but in fact, the patch is not installed which is proved by issueing “rpm -qa | grep UDO”.

In the first way, I found the XML parser seemed hang, so I commented these XML lines and added the “reboot” and “pre_err_message” returned from the second way, yes, the program would run well, install the patch and display successfully information. But it could not be considered as the final resolution.

I watched the code again, very carefully, and found other XML function which executes without hang, How do I use this XML formation to instead the trouble one? Just modify the trouble ones as the precious, remove the strings “>>INSTALL_LOG”. Yeah! I got it! The update.cgi runs well as what I want.

Summary, partience is the most important thing, and more carefully debug tracing. Nothing is difficult if put all heart on it, or nothing is easy if always thinks it’s too hard to do it.

The following is some modified part of the “update.cgi”source code:
Precious XML:
my $xml_out = `$config{‘update_system_cmd’} $install_file 0 pre_install 2>/dev/null`;
# Get parameter from XML input
my $parser = new XML::DOM::Parser;
my $doc = $parser->parse($xml_out);
my $pre_msg = &xml_in($doc, “pre_msg”, 0);
my $force_install_flag = 0;

Second XML(also my target):
my $cmd_out = `$config{‘update_system_cmd’} $install_file $force_install install 2>/dev/null`;
# ori: my $cmd_out = `$config{‘update_system_cmd’} $install_file $forceinstall install >> INSTALL_LOG 2>/dev/null`
$errnum = $?;
# Get parameter from XML input
my $parser = new XML::DOM::Parser;
my $doc = $parser->parse($cmd_out); # even confuse here
$patch_extra_msg = &xml_in($doc, “err_msg”, 0);
$reboot = &xml_in($doc, “need_reboot”, 0);
Summary, the term “INSTALL_LOG” makes the code confused and XML parser not work.

When use vi to open the text files created in Windows, I found there’s “^M” in the end of each line. Such file is not able to recognized by Linux, it is also why I could not import the Iplanet LDIF files created in Windows to OpenLDAP. There are two methods to resolve this issue.

First use vi edit this file to instead of “^M” string combination. Or second way maybe the more easier, use “dos2unix” command to convert.
# man dos2unix
Dos/MAC to Unix text file format converter.
“iconv” is a tools to convert big5 to UTF-8 character set.

image=/boot/vmlinuz-2.2.15
This is the actual virtual memory compressed kernel of Linux

initrd=/boot/initd-2.2.15.img
This reveals the location of the second stage(RAM) load.

During the installation ,the RAM disk file system is started in Read-only mode. After the second stage is finished with a few tests, the RAM disk is unloaded from memory and the real root partition is mounted form the file system in Read/Write mode.

MBR: master boot recorder
# mkbootdisk /dev/fd0 `uname -r`

PAM(Pluggable Authentication Modules), invented by MicroSun, is a mechanism for authentication. It provides some dynamic libraries and a integreted API in order to seprete the system services with their authentication procedures. To the benifit, the Adminstrator could configure every authentication more flexibly, because he/she need not to modify the original service program. New authentication modules are also able to be added,respectively.

After install OpenLDAP, use the following commands to check the LDAP service run well:
1. Start up LDAP service with specific port:
# sladp -h “ldap://:389”
2. Execute the “ldapsearch” utility,
# ldapsearch -x -b ” -s base ‘(objectclass=*)’ namingContexts
If return texts as:
dn:
namingContexts: dc=plasmon,dc=sit
It validate the LDAP is running well with correct setting.

Since the LDAP installed successfully, the next step is add root dn for all structure, in my case, “dc=plasmon,dc=sit” is the top node. Create an LDIF file named “phillip”by vi:
dn: dc=plasmon,dc=sit
objectclass: dcObject
objectclass: organization
o: Example Company
dc: plasmon
Then import this ldif to LDAP database:
# ldapadd -x -D “cn=root,dc=plasmon,dc=sit” -W -f phillip
The “dc=plamosn,dc=sit” will be added, note, if do not add this node, any operating to LDAP would meet frastrations.

For LDAP authentication, Client’s /etc/samba/smb.conf could be configured as the following steps:
1. modify the ldap/ldaps address appended in the passdb line, for example(port:636):
passdb backend = ldapsam:ldaps://192.168.123.33:636
Note, 192.168.123.33 is the LDAP server running OpenLDAP with the ssl on. Here the original “passwd backend” is set as “smbpasswd”, if use LDAP, the term “smbpasswd” should be removed.
2. add the following lines to the “smb.conf”:
ldap suffix = “dc=plasmon,dc=sit”
ldap ssl = on
ldap timeout = 100

In the client, issue the “smbpasswd -W”, “-W” means setting stored password for “cn=root,dc=plasmon,dc=sit” in secretdb,This step could not be ignored before other machines want to enjoy this Client’s samba service. and then, the file/directory is able to accessed by samba. For better description, just assume the following test environment.
LDAP server: 192.168.123.33
Samba Server(the “Client” in this article): 192.168.123.68
Other machine access Samba server: 192.168.123.32
Run the LDAP service in .33, and modify the smb.conf in .68, then issue “smbpasswd -W” in .68.
In .32, access the share in .68 by executing:
# mount -t smbfs -o username=phillip //192.168.123.68/test /mnt
The //192.168.123.68/test should be mounted to local “.mnt” successfully. But I found this mount process seems to take a few seconds(about 40s-50s). I think it is caused by the LDAP server was built on a virtual machine.

Three months to get this certification.