Category Archives: Uncategorized

Certified in Cyber Security Full Practice Test #1

3
Created on By admin

Certified in Cyber Security FULL practice test #1

1 / 2

When would be a time we should update our Business Continuity Plan (BCP) and its sub plans outside of our annual cycle?

2 / 2

When we are talking about data remanence, what does that refer to?

Your score is

The average score is 83%

0%

Math Quiz

/3
0 votes, 0 avg
3
Created on

Mathematic Quiz

Math quiz helps us to increase our knowledge

1 / 3

10+20

2 / 3

150/3

3 / 3

5*40

Your score is

0%

Please rate this quiz

Recreating missing virtual disk (VMDK) Descriptor File Vmware

Recreating missing virtual disk (VMDK) Descriptor File

Problem-

You just noticed that virtual machine’s VMDK files are missing and lost somehow. The reason, not able to start VM and when you try to add existing HDD – existing VMDK and -flat. VMDK files are not available to attach with Virtual Machine too.

Solution

We need to recreate missing VMDK files, to add VMDK files and start Virtual Machine.

  1. Login to ESXI PS with Putty. Make sure, SSH service is enabled and running for the PS.
  2. Switch to the directory where your virtual machine is located.

cd /vmfs/volumes/<<datastore>>/VM-Directory

cd /vmfs/volumes/5d406ca3-62654bd0-75fd-e4434b75ed38/APP-U1-63-25

3. Run below command to identify and record the exact size of the existing flat vmdk file for the VM.

ls -ltr *

-rw——-    1 root     root     16106127360 Jun 21 12:20 APP-U1-63-25-flat.vmdk

-rw——-    1 root     root     214748364800 Jun 21 10:49 APP-U1-63-25_1-flat.vmdk

4. Run the vmkfstools to create new virtual disk, i.e VMDK (Descriptor File)

vmkfstools -c 16106127360 -d thin -a lsilogic APP-U1-63-25-OS.vmdk

vmkfstools -c 214748364800 -d thin -a lsilogic APP-U1-63-25-DATA.vmdk

5. As mentioned, there are 2 new files created: APP-U1-63-25-OS.vmdk and APP-U1-63-25-DATA.vmdk are created as a result.

ls -ltr

rw——-    1 root     root     16106127360 Jun 21 19:21 APP-U1-63-25-OS-flat.vmdk

-rw——-    1 root     root     214748364800 Jun 21 19:21 APP-U1-63-25-DATA-flat.vmdk

-rw——-    1 root     root           546 Jun 21 21:05 APP-U1-63-25-OS.vmdk 

-rw——-    1 root     root           550 Jun 21 21:05 APP-U1-63-25-DATA.vmdk 

-rw——-    1 root     root     214748364800 Jun 22 05:08 APP-U1-63-25_1-flat.vmdk

-rw——-    1 root     root     16106127360 Jun 22 05:08 APP-U1-63-25-flat.vmdk

6. We need to Rename APP-U1-63-25-OS.vmdk  and APP-U1-63-25-DATA.vmdk to the name that is needed to match the orphaned -flat file.

mv APP-U1-63-25-OS.vmdk APP-U1-63-25.vmdk

mv APP-U1-63-25-DATA.vmdk APP-U1-63-25_1.vmdk

7. Now, it is final stage where editing descriptor file (APP-U1-63-25.vmdk and APP-U1-63-25_1.vmdk)

find the line with RW ####### and change the name of the -flat to match the orphaned -flat file you have. So, I changed to APP-U1-63-25-flat.vmdk and APP-U1-63-25_1-flat.vmdk respectively for both disks, as you can see in the image below.

vi APP-U1-63-25.vmdk

vi APP-U1-63-25_1.vmdk

8. You can now delete the below files created earlier. These are not required anymore.

rw——-    1 root     root     16106127360 Jun 21 19:21 APP-U1-63-25-OS-flat.vmdk

-rw——-    1 root     root     214748364800 Jun 21 19:21 APP-U1-63-25-DATA-flat.vmdk

9. Attach the respective VMDK files to the virtual machine as earlier.

10. Now, All set and good to power on the virtual machine.

USING CURL TO TROUBLESHOOT

To use curl to test basic network connectivity, you need to know several things:

  • The remote server name or IP address.
  • The protocol for the service to be tested (HTTP, FTP, SMTP, etc.)
  • The port number for the network application you want to test.

To open a connection to a remote server, open a terminal window on your computer, and then type curl protocol://IP/host:port, where protocol is the communication protocol to be used IP/host represents the IP address or hostname of the server, and port represents the TCP port number. Port is optional when the standard port for a given protocol is used.

C:\>curl http://asgaur.com
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://asgaur.com/wp/">here</a>.</p>
</body></html>

Use curl to try and connect via SMTP protocol

C:\>curl smtp://asgaur.com
C:\>curl smtp://asgaur.com:2525 (2525 custom port if any)
214-Commands supported:
214 AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP

To test an FTP server, use curl to connect via ftp protocol or to port 21.

C:\>curl ftp://asgaur.com
C:\>curl asgaur.com:21
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 18 of 50 allowed.
220-Local time is now 10:04. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.

SSH uses encrypted connections. However, you can still use curl to verify that the service is running on a server.

C:\>curl asgaur.com:22
SSH-2.0-OpenSSH_XX

AQI Delhi

[barChart width=”500px” stacked=”1″
legend=”{ position: ‘top’, maxLines: 2 }”
vaxis=”{title: ‘in $000’, titleTextStyle: {color: ‘blue’}}”
haxis=”{title: ‘Year’, titleTextStyle: {color: ‘blue’}}”]
[‘Year’, ‘Sales’, ‘Expenses’],
[‘2004’, 1000, 400],
[‘2005’, 1170, 460],
[‘2006’, 660, 1120],
[‘2007’, 1030, 540]
[/barChart]

[gvn_schart_2 id=”1″ width=”500″ height=”400″]

Solaris script to scan FiberChannel bus for new LUN

Here is a script that I use to re-scan the FiberChannel bus for new or removed volumes on Solaris 10.

WARNING!: This script works for me, but use it at your own risk! Make sure you look through the script and make sure it doesn’t do anything that would be unusual on your system. I take no responsibility if you use this script and it erases all of your production data. :)

#!/bin/sh

# This will scan the Fiber Channel bus on Solaris servers

# using cfgadm and then run devfsadm -C.

# I *think* I’ve got it set up so that it will autodetect

# the controller # that the HBA is recognized as.

# Usually it’s c2 and c4, but it might be different.

 

CONTROLLER=”UNSET”

for CONTROLLER in `/usr/sbin/cfgadm -al | grep fc-fabric | grep connected | grep

configured | awk ‘{print $1}’`; do

        if [ ${CONTROLLER} = “UNSET” ]; then

                echo “”

                echo “No Fiber HBA Controllers found.”

                exit 1

        fi

        echo “”

        echo “Scanning FC Bus on Controller ${CONTROLLER}…”

        cfgadm -o force_update -c configure ${CONTROLLER}

done

 

echo ” “

echo “Reconfiguring devices…”

/usr/sbin/devfsadm -C

 

echo “”

echo “FC Bus scan complete.”

How to Upgrade IBM Power server firmware fixes through AIX or Linux without an HMC

Installing server firmware fixes through the operating system is a disruptive process. You will need to restart the system.

Notes:

  1. If your system is managed by an HMC, you must apply server firmware through the HMC. For details, see Managed system updates in Updates.
  2. If you have a System i® model running IBM® i, you must either apply server firmware through an HMC or through an IBM i logical partition. If you have a POWER6® Power Systems™ server that is managed by an HMC, you must use the HMC.
  3. By default, the server firmware is installed on the temporary side only after the existing contents of the temporary side are permanently installed on the permanent side. (This process is performed automatically when you install a server firmware fix.)
  4. If you are unable to start your AIX or Linux operating system or server, refer to Obtaining fixes through AIX or Linux when you are unable to start the system.

Perform Steps 1 through 6 to get server firmware fixes through AIX or Linux when you do not have an HMC.

Step 1. View existing firmware levels for AIX or Linux

The Advanced System Management Interface (ASMI) is the user interface to access the server firmware. You can also use the AIX or Linux operating system to view the firmware levels.
  1. Select from the following options:
    • To use the ASMI (AIX or Linux): On the ASMI Welcome pane, view the existing level of server firmware in the upper-right corner below the copyright statement, for example, EM310_006.
    • To use the AIX command prompt (you must have AIX diagnostics installed on your server), continue with step 2.
    • To use the Linux command prompt, continue with step 4.
  2. At an AIX command prompt, enter the following command:
    lsmcode
    The existing levels of server firmware are displayed. For example, you might see output similar to the following:

    DISPLAY MICROCODE LEVEL                                                   802811
    IBM,8231-E1C
    
    The current permanent system firmware image is AL740_088
    The current temporary system firmware image is AL740_088
    The system is currently booted from the temporary firmware image.
    
    Use Enter to continue.
    Notes:

    • The permanent level is also known as the backup level.
    • The temporary level is also known as the installed level.
    • The system was booted from the temporary side, so at this time, the temporary level is also the activated level.
  3. Continue with Step 2. View or download the firmware fix.
  4. To view existing levels of server firmware for Linux, you must have the following service tools installed on your server:
    • Platform Enablement Library – librtas-xxxxx.rpm
    • Service Aids – ppc64-utils-xxxxx.rpm
    • Hardware Inventory – lsvpd-xxxxx.rpm

    where xxxxx represents a specific version of the RPM file.

    Note: If you do not have the service tools on your server, refer to Obtaining service and productivity tools for Linux.
  5. After the service tools are installed on the server running Linux, enter the following at a Linux command prompt:
    lsmcode

    The existing level of server firmware is displayed. For example, you might see output similar to the following:

    Version of system firmware is: AL740_088 (t)  AL740_088 (p)  AL740_088 (t)

    The following table provides descriptions for each of the server firmware levels displayed in the output.

    Table 1. Server firmware levels
    Server firmware levels displayed
    AL740_088 (t) AL740_088 (p) AL740_088 (t)
    The installed level.Also known as the temporary level. The backup level.Also known as the permanent level. The activated level.The level on which the server is currently running.
  6. Continue with the next step.

Step 2. View or download the firmware fix

Follow this procedure to view or download the firmware fix. You can download the fix directly to your server, or you can download it to a computer with an Internet connection and create a fix CD that you apply on the server. If necessary, contact service and support to order the fix on CD. You can also download the firmware fix to a computer that has a network connection to your server and use FTP to download the firmware fix from the computer to the server.

Note: If you plan to create a CD, you will need a CD burner and software.
  1. From a computer or server with an Internet connection, go to the Fix Central Web site at http://www.ibm.com/support/fixcentral/.
  2. Choose from the following options:
    1. If you have a System p® server, select System p in the Product Group list.
    2. If you have a POWER6 Power Systems server, select Power in the Product Group list.
  3. Select Firmware and HMC in the Product list.
  4. If prompted, select POWER5 and POWER6 class in the Processor type list.
  5. Select your Machine Type-Model and click Continue.
  6. Follow the on-screen prompts to download the fix file.
  7. Select from the following options:

Step 3. View and unpack the RPM file that contains the server firmware

If you created a CD with the RPM file, you will need to view and unpack the RPM file that contains the server firmware.
  1. Select from the following options:
    • If you created a CD with the RPM file, continue with the next step.
    • If you downloaded the RPM file to your server from the Fix Central Web site at http://www.ibm.com/support/fixcentral/ or by using the FTP method, continue with step 6.
  2. Insert the CD that contains the RPM file into the media drive on your server.
  3. To mount the CD, select from the following options (you need root user authority):
    • If you are working on an AIX system, enter the following at an AIX command prompt:
      mount /dev/cd0 /mnt
    • If you are working on a Linux system, enter one of the following commands at a Linux command prompt:
      mount -t iso9660 /dev/cdrom /mnt 

      or

      mount -t iso9660 /dev/dvdrom /mnt
  4. Select from the following options:
    • If the mount was successful, continue with step 6.
    • If the mount was unsuccessful, continue with the next step.
  5. If you received the message,
    mount: 0506-324 Cannot mount /dev/cd0 on /mnt, perform the following steps to mount the CD:

    1. Enter the command:
      /usr/sbin/mount -v 'cdrfs' -f'' -p'' -r'' /dev/cd0 /mnt

      The quotation marks following the f, p, and r are two single quotation marks with no space between them.

      Note: If you prefer, you can use the System Management Interface Tool (SMIT) to mount the CD.
    2. Continue with the next step.
  6. To view the RPM file name, enter the following command at the AIX or Linux command prompt:
    • If the RPM file is on CD, type:
      ls /mnt
    • If the RPM file is on the server, type:
      ls /tmp/fwupdate
    The name of the RPM file is displayed. For example, you might see output similar to the following:

    01EM3xx_yyy_zzz.rpm
  7. To unpack the RPM file, enter one of the following commands at the AIX or Linux command prompt:
    • If you want to unpack from a CD, enter:
      rpm -Uvh --ignoreos /mnt/filename.rpm
    • If you want to unpack from the server’s hard drive, enter:
      rpm -Uvh --ignoreos /tmp/fwupdate/filename.rpm
      where filename is the name of the RPM file that contains the server firmware. For example, 01EM3xx_yyy_zzz.rpm.

      Note: When you unpack the RPM file, the server firmware fix file is saved in the /tmp/fwupdate directory on the server’s hard drive in the following format: 01EM3xx_yyy_zzz.img.
  8. Continue with the next step.

Step 4. Apply server firmware fixes through AIX or Linux to the temporary side of the service processor

Important:

  • Do not interrupt this process after you begin.
  • Do not attempt to log into the ASMI, or use any of the ASMI’s functions, while a firmware installation is in progress.
  1. Ensure you are starting the system from the temporary side of the service processor; the firmware installation will fail if the system has booted from the permanent side. To learn which side you are starting from, and how to change to the other side if necessary, refer to Working with the temporary and permanent side of the service processor.
  2. To use the update_flash command (AIX or Linux) to install the server firmware, continue with step 3.
    Note: If you have AIX installed, you can choose to use the AIX diagnostics to install the fix. However, if you plan to install the fix from CD, you will need to obtain the Microcode Updates Files & Discovery Tool CD to use the AIX diagnostics.
  3. You will need the server firmware fix file name in the next step. To view the name, enter the following at an AIX or Linux command prompt:
    Note: To perform this step, you must have root user authority.
    ls /tmp/fwupdate
    The name of the server firmware fix file is displayed. For example, you might see output similar to the following:

    01EM3xx_yyy_zzz.img
  4. To install the server firmware fix, select from the following options:
    • If you are updating AIX, enter the following at an AIX command prompt:
      cd /tmp/fwupdate
      /usr/lpp/diagnostics/bin/update_flash -f fwlevel
    • # rpm -Uvh --ignoreos 01AL740_100_042.rpm
      01AL740_100_042             ##################################################
      # cd /tmp/fwupdate
      # ls
      01AL740_100_042.img
      # /usr/lpp/diagnostics/bin/update_flash -f 01AL740_100_042
      Error in opening the file 01AL740_100_042
      #  /usr/lpp/diagnostics/bin/update_flash -f 01AL740_100_042.img
      The image is valid and would update the temporary image to AL740_100.
      The new firmware level for the permanent image would be AL740_088.
      
      The current permanent system firmware image is AL740_088.
      The current temporary system firmware image is AL740_088.
      
      ***** WARNING: Continuing will reboot the system! *****
      
      Do you wish to continue?
      Enter 1=Yes or 2=No
      1
      
      SHUTDOWN PROGRAM
      Tue May 14 10:08:53 IST 2013
      0513-044 The sshd Subsystem was requested to stop.
      
      Wait for 'Rebooting...' before stopping.
      Error reporting has stopped.
      Advanced Accounting has stopped...
      Process accounting has stopped.
      nfs_clean: Stopping NFS/NIS Daemons
      0513-004 The Subsystem or Group, nfsd, is currently inoperative.
      0513-044 The biod Subsystem was requested to stop.
      0513-044 The rpc.lockd Subsystem was requested to stop.
      0513-044 The rpc.statd Subsystem was requested to stop.
      0513-004 The Subsystem or Group, gssd, is currently inoperative.
      0513-004 The Subsystem or Group, nfsrgyd, is currently inoperative.
      0513-004 The Subsystem or Group, rpc.mountd, is currently inoperative.
      0513-004 The Subsystem or Group, ypserv, is currently inoperative.
      0513-004 The Subsystem or Group, ypbind, is currently inoperative.
      0513-004 The Subsystem or Group, yppasswdd, is currently inoperative.
      0513-004 The Subsystem or Group, ypupdated, is currently inoperative.
      0513-004 The Subsystem or Group, nis_cachemgr, is currently inoperative.
      0513-004 The Subsystem or Group, rpc.nisd, is currently inoperative.
      0513-004 The Subsystem or Group, rpc.nispasswdd, is currently inoperative.
      0513-044 The qdaemon Subsystem was requested to stop.
      0513-044 The writesrv Subsystem was requested to stop.
      0513-044 The clcomd Subsystem was requested to stop.
      0513-044 The lldpd Subsystem was requested to stop.
      0513-044 The ecpvdpd Subsystem was requested to stop.
      0513-044 The ctrmc Subsystem was requested to stop.
      0513-044 The IBM.ServiceRM Subsystem was requested to stop.
      0513-044 The IBM.MgmtDomainRM Subsystem was requested to stop.
      0513-044 The IBM.DRM Subsystem was requested to stop.
      0513-044 The cas_agent Subsystem was requested to stop.
      All processes currently running will now be killed...
      Unmounting the file systems...
      umount: 0506-349 Cannot unmount /dev/hd10opt: The requested resource is busy.
      umount: 0506-349 Cannot unmount /dev/hd1: The requested resource is busy.

      where fwlevel is the specific file name of the server firmware fix, such as 01EM3xx_yyy_zzz.img

    • If you are updating Linux, enter the following at a Linux command prompt:
      cd /tmp/fwupdate
      /usr/sbin/update_flash -f fwlevel

      where fwlevel is the specific file name of the server firmware fix, such as 01EM3xx_yyy_zzz.img

    During the server firmware installation process, reference codes CA2799FD and CA2799FF are alternately displayed on the control panel. After the installation is complete, the system is automatically powered off and powered on.

    Note: If you receive a message stating:
    This partition does not have the authority to perform the requested function, see Message regarding a server that was previously managed by an HMC.
  5. Continue with the next step.

Step 5. Verify that the fix installed correctly

  1. Select from the following options:
    • To use the AIX or Linux command prompt (the operating system must be running and the diagnostics must be available), continue with the next step.
    • To use the ASMI, view the level of server firmware displayed in the upper-right corner below the copyright statement on the ASMI Welcome pane; for example, EM310_006. If the level of server firmware displayed is not the level that you installed, refer to step 4.
  2. Enter the following at a command prompt:
    lsmcode

    The existing levels of server firmware are displayed. For example, you might see output similar to the following:

    DISPLAY MICROCODE LEVEL                                                   802811
    IBM,8231-E1C
    
    The current permanent system firmware image is AL740_088
    The current temporary system firmware image is AL740_100
    The system is currently booted from the temporary firmware image.
    
    Use Enter to continue.
    
    
    Notes:

    • The permanent level is also known as the backup level.
    • The temporary level is also known as the installed level.
    • The system was booted from the temporary side, so at this time, the temporary level is also the activated level.
  3. Verify that the level of server firmware displayed is the level that you installed.
  4. If the level of server firmware displayed is not the level that you installed, perform the following steps:
    1. Retry the fix procedure. If you created a CD or DVD for this procedure, use a new media.
    2. If the problem persists, contact your next level of support.

Linux httpd service not start

[root@sunx4150 run]# ps -ef | grep http
root      7222  6826  0 10:32 pts/1    00:00:00 grep http
[root@sunx4150 run]# pwd
/etc/httpd/run
[root@sunx4150 run]# ls
acpid.socket  dirmngr           hpssd.pid       mdadm           nscd         radvd          sshd.pid                vmnet-dhcpd-vmnet8.pid    xenstored
agent.pid     dovecot           hpssd.port      mdmpd           ntpd.pid     rpc.statd.pid  sudo                    vmnet-natd-8.mac          xfs.pid
atd.pid       dsviewserver.pid  httpd.pid       messagebus.pid  openldap     saslauthd      syslogd.pid             vmnet-natd-8.pid          xinetd.pid
avahi-daemon  gather            iiim            mysqld          ppp          screen         tog-pegasus             vmnet-netifup-vmnet1.pid
console       gdm.pid           irqbalance.pid  named           ptal-mlcd    sendmail.pid   utmp                    vmnet-netifup-vmnet8.pid
crond.pid     gpm.pid           iscsid.pid      netreport       ptal-printd  setrans        vmnat.4650              vmware
cups          haldaemon.pid     klogd.pid       NetworkManager  pvm3         smbd.pid       vmnet-bridge-0.pid      winbindd
cupsd.pid     hpiod.pid         libvirt         news            quagga       sm-client.pid  vmnet-detect.pid        wpa_supplicant
dbus          hpiod.port        libvirtd.pid    nmbd.pid        radiusd      spamassassin   vmnet-dhcpd-vmnet1.pid  xend
[root@sunx4150 run]# ls -ltr
total 420
drwxr-xr-x 2 pvm     pvm     4096 Jul 13  2006 pvm3
drwxrwx–x 2 quagga  quagga  4096 Jul 13  2006 quagga
drwxr-xr-x 2 root    root    4096 Jul 14  2006 wpa_supplicant
drwxr-xr-x 2 radvd   radvd   4096 Aug 19  2006 radvd
drwxr-x— 2 news    news    4096 Aug 29  2006 news
drwxr-xr-x 2 root    root    4096 Sep  2  2006 winbindd
drwxr-xr-x 2 root    root    4096 Sep 30  2006 saslauthd
drwx—— 4 root    root    4096 Oct  2  2006 sudo
drwx—— 2 root    root    4096 Nov  9  2006 mdmpd
drwx—— 2 root    root    4096 Nov  9  2006 mdadm
drwx—— 2 radiusd radiusd 4096 Nov 30  2006 radiusd
drwxr-xr-x 2 root    root    4096 Dec  1  2006 ppp
drwxrwxr-x 2 root    screen  4096 Dec  4  2006 screen
drwxr-xr-x 2 ldap    ldap    4096 Jan  3  2007 openldap
drwxr-xr-x 2 root    root    4096 Jan  8  2007 NetworkManager
drwxr-x— 2 root    pegasus 4096 Jan 12  2007 gather
drwxr-x–T 2 root    pegasus 4096 Jan 12  2007 tog-pegasus
drwxr-xr-x 2 root    root    4096 Jan 12  2007 setrans
drwxr-xr-x 2 root    root    4096 Jan 16  2007 console
drwxr-xr-x 2 root    root    4096 Jan 16  2007 nscd
drwxrwxr-x 2 root    root    4096 Jan 16  2007 netreport
drwxrwx— 2 named   named   4096 Jan 17  2007 named
drwxr-xr-x 2 root    root    4096 Jun 11  2007 spamassassin
drwxr-xr-x 2 root    root    4096 Oct 11  2007 dirmngr
drwxr-xr-x 2 root    root    4096 Apr 30  2008 xenstored
drwxr-xr-x 2 root    root    4096 Apr 30  2008 xend
drwxr-xr-x 3     100     101 4096 Jul 15  2008 iiim
drwxr-xr-x 3 root    dovecot 4096 Apr  6  2009 dovecot
drwxr-xr-x 3 root    lp      4096 Apr  6  2009 cups
drwxr-xr-x 2 root    root    4096 Apr  6  2009 ptal-printd
drwxr-xr-x 2 root    root    4096 Apr  6  2009 ptal-mlcd
drwxr-xr-x 3 root    root    4096 Nov 24  2010 vmware
-rw——- 1 root    root       5 Mar 12 10:48 iscsid.pid
-rw——- 1 root    root       5 Mar 12 10:49 syslogd.pid
-rw-r–r– 1 rpcuser rpcuser    5 Mar 12 10:49 rpc.statd.pid
-rw——- 1 root    root       5 Mar 12 10:49 klogd.pid
-rw-r–r– 1 root    root       5 Mar 12 10:49 irqbalance.pid
-rw-rw-rw- 1 root    root       5 Mar 12 10:49 vmnet-bridge-0.pid
-rw-rw-rw- 1 root    root       5 Mar 12 10:49 vmnet-netifup-vmnet8.pid
-rw-rw-rw- 1 root    root       5 Mar 12 10:49 vmnet-netifup-vmnet1.pid
-rw-r–r– 1 root    root       5 Mar 12 10:49 vmnet-natd-8.pid
-rw-rw-rw- 1 root    root      18 Mar 12 10:49 vmnet-natd-8.mac
-rw-r—– 1 root    root       5 Mar 12 10:49 vmnet-dhcpd-vmnet8.pid
-rw-r—– 1 root    root       5 Mar 12 10:49 vmnet-dhcpd-vmnet1.pid
-rw-rw-rw- 1 root    root       5 Mar 12 10:49 vmnet-detect.pid
srwxrwxrwx 1 root    root       0 Mar 12 10:49 vmnat.4650
-rw-r–r– 1 root    root       5 Mar 12 10:49 messagebus.pid
drwxr-xr-x 2 root    root    4096 Mar 12 10:49 dbus
-rw-rw-r– 1 root    root       4 Mar 12 10:49 agent.pid
-rw-r–r– 1 root    root       5 Mar 12 10:49 hpiod.port
-rw-r–r– 1 root    root       5 Mar 12 10:49 hpiod.pid
srw-rw-rw- 1 root    root       0 Mar 12 10:49 acpid.socket
-rw-r–r– 1 root    root       5 Mar 12 10:49 hpssd.port
-rw-r–r– 1 root    root       5 Mar 12 10:49 hpssd.pid
-rw-r–r– 1 root    root       5 Mar 12 10:49 xinetd.pid
-rw-r–r– 1 root    root       5 Mar 12 10:49 sshd.pid
-rw-r–r– 1 root    root       5 Mar 12 10:49 cupsd.pid
-rw-r–r– 1 root    root       4 Mar 12 10:49 ntpd.pid
drwxr-xr-x 2 mysql   mysql   4096 Mar 12 10:49 mysqld
-rw-r–r– 1 smmsp   smmsp     49 Mar 12 10:49 sm-client.pid
-rw——- 1 root    smmsp     33 Mar 12 10:49 sendmail.pid
-rw-r–r– 1 root    root       5 Mar 12 10:49 gpm.pid
-rw-r–r– 1 root    root       5 Mar 12 10:49 dsviewserver.pid
-rw-r–r– 1 root    root       5 Mar 12 10:49 crond.pid
-rw-r–r– 1 root    root       6 Mar 12 10:49 xfs.pid
-rw-r–r– 1 root    root       5 Mar 12 10:49 smbd.pid
-rw-r–r– 1 root    root       5 Mar 12 10:49 nmbd.pid
-rw-r–r– 1 root    root       5 Mar 12 10:49 libvirtd.pid
drwxr-xr-x 2 root    root    4096 Mar 12 10:49 libvirt
-rw-r–r– 1 root    root       5 Mar 12 10:49 atd.pid
-rw-r–r– 1 root    root       5 Mar 12 10:49 haldaemon.pid
drwxr-xr-x 2 avahi   avahi   4096 Mar 12 10:49 avahi-daemon
-rw-r–r– 1 root    root       5 Mar 12 10:50 gdm.pid
-rw-r–r– 1 root    root       5 Apr  5 04:02 httpd.pid
-rw-rw-r– 1 root    utmp    6528 May  9 10:23 utmp
[root@sunx4150 run]# rm -rf httpd.pid
[root@sunx4150 run]# service httpd start
Starting httpd:                                            [FAILED]
[root@sunx4150 run]# service httpd status
httpd dead but subsys locked
[root@sunx4150 run]# service httpd restart
Stopping httpd:                                            [FAILED]
Starting httpd:                                            [FAILED]
[root@sunx4150 run]# rm -f  /var/lock/subsys/httpd
You have new mail in /var/spool/mail/root
[root@sunx4150 run]#  service httpd restart
Stopping httpd:                                            [FAILED]
Starting httpd:                                            [FAILED]
[root@sunx4150 run]#  service httpd status
httpd is stopped
[root@sunx4150 run]#  service httpd start
Starting httpd:                                            [FAILED]
[root@sunx4150 run]#  ipcs -s apahe

—— Semaphore Arrays ——–
key        semid      owner      perms      nsems
0x000000a7 0          root      666        1
0x0000033d 1474561    root      644        1
0x0f9b5efc 163842     oracle    640        44
0x00000000 1409027    apache    600        1
0x00000000 229380     apache    600        1
0x00000000 1441797    apache    600        1
0x00000000 1507334    apache    600        1
0x00000000 1540103    apache    600        1
0x00000000 1572872    apache    600        1
0x00000000 1605641    apache    600        1
0x00000000 1638410    apache    600        1
0x00000000 1671179    apache    600        1

[root@sunx4150 run]# ipcs -s | grep apache | perl -e ‘while (<STDIN>) { @a=split(/s+/);print `ipcrm sem $a[1]`}’
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
[root@sunx4150 run]# cd /var/lock/subsys
[root@sunx4150 subsys]#  rm httpd
rm: cannot lstat `httpd’: No such file or directory
[root@sunx4150 subsys]# service httpd restart
Stopping httpd:                                            [FAILED]
Starting httpd:                                            [FAILED]
[root@sunx4150 subsys]# vi /etc/httpd/conf/httpd.conf
You have new mail in /var/spool/mail/root
[root@sunx4150 subsys]# killall -9 httpd
httpd: no process killed
[root@sunx4150 subsys]# killall -9 php-cgi
php-cgi: no process killed
[root@sunx4150 subsys]# killall -9 perl-cgi
perl-cgi: no process killed
[root@sunx4150 subsys]# netstat -tulpn | grep :80
tcp        0      0 0.0.0.0:8080                0.0.0.0:*                   LISTEN      5308/tnslsnr
[root@sunx4150 subsys]# netstat -tulpn | grep :443
[root@sunx4150 subsys]# tail -f /var/log/httpd/error.log
tail: cannot open `/var/log/httpd/error.log’ for reading: No such file or directory
tail: no files remaining
[root@sunx4150 subsys]# vi /etc/httpd/conf/httpd.conf
[root@sunx4150 subsys]# tail -f /var/logs/error_log
tail: cannot open `/var/logs/error_log’ for reading: No such file or directory
tail: no files remaining
[root@sunx4150 subsys]# tail -f /etc/httpd/logs/error_log
[Thu May 09 10:27:40 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu May 09 10:30:14 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu May 09 10:32:47 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu May 09 10:33:08 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu May 09 10:43:41 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu May 09 10:43:57 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu May 09 10:45:28 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu May 09 10:49:51 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)

You have new mail in /var/spool/mail/root
[root@sunx4150 subsys]# cd /etc/httpd/logs/
[root@sunx4150 logs]# ls -ltr
total 2348
-rw-r–r– 1 root root 654815 Nov  2  2011 nss_error_log.2
-rw-r–r– 1 root root 682530 Nov  2  2011 nss_access_log.1
-rw-r–r– 1 root root      0 Nov  3  2011 nss_access_log
-rw-r–r– 1 root root     77 Mar  1 11:15 ssl_request_log.4
-rw-r–r– 1 root root     71 Mar  1 11:15 ssl_access_log.4
-rw-r–r– 1 root root    312 Mar  7 15:56 ssl_request_log.3
-rw-r–r– 1 root root    288 Mar  7 15:56 ssl_access_log.3
-rw-r–r– 1 root root    385 Mar 15 16:57 ssl_request_log.2
-rw-r–r– 1 root root   1306 Mar 15 16:57 ssl_error_log.4
-rw-r–r– 1 root root    355 Mar 15 16:57 ssl_access_log.2
-rw-r–r– 1 root root  85057 Mar 17 04:00 access_log.4
-rw-r–r– 1 root root    237 Mar 17 04:02 ssl_error_log.3
-rw-r–r– 1 root root  87266 Mar 24 04:00 access_log.3
-rw-r–r– 1 root root 197481 Mar 24 04:02 error_log.4
-rw-r–r– 1 root root    237 Mar 24 04:02 ssl_error_log.2
-rw-r–r– 1 root root  91220 Mar 31 04:00 access_log.2
-rw-r–r– 1 root root 197481 Mar 31 04:02 error_log.3
-rw-r–r– 1 root root     77 Apr  4 10:47 ssl_request_log.1
-rw-r–r– 1 root root     71 Apr  4 10:47 ssl_access_log.1
-rw-r–r– 1 root root      0 Apr  5 04:02 ssl_request_log
-rw-r–r– 1 root root    593 Apr  5 04:02 ssl_error_log.1
-rw-r–r– 1 root root      0 Apr  5 04:02 ssl_access_log
-rw-r–r– 1 root root  86524 Apr  7 04:00 access_log.1
-rw-r–r– 1 root root      0 Apr  7 04:02 ssl_error_log
-rw-r–r– 1 root root    340 Apr  7 04:02 nss_error_log.1
-rw-r–r– 1 root root 198038 Apr  7 04:02 error_log.2
-rw-r–r– 1 root root    141 Apr  7 04:02 error_log.1
-rw-r–r– 1 root root      0 Apr  7 04:02 access_log
-rw-r–r– 1 root root    712 May  9 10:49 error_log
-rw-r–r– 1 root root   3740 May  9 10:56 nss_error_log
[root@sunx4150 logs]# cat nss_error_log
[Thu May 09 10:27:40 2013] [error] Certificate not verified: ‘Server-Cert’
[Thu May 09 10:27:40 2013] [error] SSL Library Error: -8181 Certificate has expired
[Thu May 09 10:27:40 2013] [error] Unable to verify certificate ‘Server-Cert’. Add “NSSEnforceValidCerts off” to nss.conf so the server can start until the problem can be resolved.
[Thu May 09 10:30:14 2013] [error] Certificate not verified: ‘Server-Cert’
[Thu May 09 10:30:14 2013] [error] SSL Library Error: -8181 Certificate has expired
[Thu May 09 10:30:14 2013] [error] Unable to verify certificate ‘Server-Cert’. Add “NSSEnforceValidCerts off” to nss.conf so the server can start until the problem can be resolved.
[Thu May 09 10:32:47 2013] [error] Certificate not verified: ‘Server-Cert’
[Thu May 09 10:32:47 2013] [error] SSL Library Error: -8181 Certificate has expired
[Thu May 09 10:32:47 2013] [error] Unable to verify certificate ‘Server-Cert’. Add “NSSEnforceValidCerts off” to nss.conf so the server can start until the problem can be resolved.
[Thu May 09 10:33:08 2013] [error] Certificate not verified: ‘Server-Cert’
[Thu May 09 10:33:08 2013] [error] SSL Library Error: -8181 Certificate has expired
[Thu May 09 10:33:08 2013] [error] Unable to verify certificate ‘Server-Cert’. Add “NSSEnforceValidCerts off” to nss.conf so the server can start until the problem can be resolved.
[Thu May 09 10:43:41 2013] [error] Certificate not verified: ‘Server-Cert’
[Thu May 09 10:43:41 2013] [error] SSL Library Error: -8181 Certificate has expired
[Thu May 09 10:43:41 2013] [error] Unable to verify certificate ‘Server-Cert’. Add “NSSEnforceValidCerts off” to nss.conf so the server can start until the problem can be resolved.
[Thu May 09 10:43:57 2013] [error] Certificate not verified: ‘Server-Cert’
[Thu May 09 10:43:57 2013] [error] SSL Library Error: -8181 Certificate has expired
[Thu May 09 10:43:57 2013] [error] Unable to verify certificate ‘Server-Cert’. Add “NSSEnforceValidCerts off” to nss.conf so the server can start until the problem can be resolved.
[Thu May 09 10:45:28 2013] [error] Certificate not verified: ‘Server-Cert’
[Thu May 09 10:45:28 2013] [error] SSL Library Error: -8181 Certificate has expired
[Thu May 09 10:45:28 2013] [error] Unable to verify certificate ‘Server-Cert’. Add “NSSEnforceValidCerts off” to nss.conf so the server can start until the problem can be resolved.
[Thu May 09 10:49:51 2013] [error] Certificate not verified: ‘Server-Cert’
[Thu May 09 10:49:51 2013] [error] SSL Library Error: -8181 Certificate has expired
[Thu May 09 10:49:51 2013] [error] Unable to verify certificate ‘Server-Cert’. Add “NSSEnforceValidCerts off” to nss.conf so the server can start until the problem can be resolved.
[Thu May 09 10:53:09 2013] [error] Certificate not verified: ‘Server-Cert’
[Thu May 09 10:53:09 2013] [error] SSL Library Error: -8181 Certificate has expired
[Thu May 09 10:53:09 2013] [error] Unable to verify certificate ‘Server-Cert’. Add “NSSEnforceValidCerts off” to nss.conf so the server can start until the problem can be resolved.
[Thu May 09 10:53:26 2013] [error] Certificate not verified: ‘Server-Cert’
[Thu May 09 10:53:26 2013] [error] SSL Library Error: -8181 Certificate has expired
[Thu May 09 10:53:26 2013] [error] Unable to verify certificate ‘Server-Cert’. Add “NSSEnforceValidCerts off” to nss.conf so the server can start until the problem can be resolved.
[Thu May 09 10:56:35 2013] [error] Certificate not verified: ‘Server-Cert’
[Thu May 09 10:56:35 2013] [error] SSL Library Error: -8181 Certificate has expired
[Thu May 09 10:56:35 2013] [error] Unable to verify certificate ‘Server-Cert’. Add “NSSEnforceValidCerts off” to nss.conf so the server can start until the problem can be resolved.
[root@sunx4150 logs]#

Add “NSSEnforceValidCerts off” to nss.conf

[root@sunx4150 httpd]# cd conf.d/
[root@sunx4150 conf.d]# ls
auth_kerb.conf   manual.conf  php.conf        squid.conf
auth_mysql.conf  mrtg.conf    proxy_ajp.conf  ssl.conf
auth_pgsql.conf  nss.conf     python.conf     subversion.conf
authz_ldap.conf  perl.conf    README          welcome.conf
[root@sunx4150 conf.d]# vi nss.conf
[root@sunx4150 conf.d]# /etc/init.d/httpd restart
Stopping httpd:                                            [FAILED]
Starting httpd: Syntax error on line 193 of /etc/httpd/conf.d/nss.conf:
Invalid command ‘SEnforceValidCerts’, perhaps misspelled or defined by a module not included in the server configuration
[FAILED]
[root@sunx4150 conf.d]# vi nss.conf
You have new mail in /var/spool/mail/root
[root@sunx4150 conf.d]# /etc/init.d/httpd restart
Stopping httpd:                                            [FAILED]
Starting httpd:                                            [  OK  ]
[root@sunx4150 conf.d]#

Add a RAM File System in Aix

Create a RAM disk of 10 MB

# mkramdisk 10M

/dev/rramdisk0

Create a JFS File System on this RAM disk

# mkfs -V jfs /dev/rramdisk0

mkfs:destroy /dev/rramdisk0 (yes) ? y

Create Mountpoint

# mkdir /ramdisk

Mount  RAM File System

# mount -V jfs -o nointegrity /dev/ramdisk0 /ramdisk

The purpose of the mkramdisk command is to create file systems directly in memory. This is useful for applications that make many temporary files. Use ramdisk only for data that can be lost. After each reboot the ramdisk file system is destroyed and must be rebuilt.