Tag Archives: file

Recreating missing virtual disk (VMDK) Descriptor File Vmware

Recreating missing virtual disk (VMDK) Descriptor File

Problem-

You just noticed that virtual machine’s VMDK files are missing and lost somehow. The reason, not able to start VM and when you try to add existing HDD – existing VMDK and -flat. VMDK files are not available to attach with Virtual Machine too.

Solution

We need to recreate missing VMDK files, to add VMDK files and start Virtual Machine.

  1. Login to ESXI PS with Putty. Make sure, SSH service is enabled and running for the PS.
  2. Switch to the directory where your virtual machine is located.

cd /vmfs/volumes/<<datastore>>/VM-Directory

cd /vmfs/volumes/5d406ca3-62654bd0-75fd-e4434b75ed38/APP-U1-63-25

3. Run below command to identify and record the exact size of the existing flat vmdk file for the VM.

ls -ltr *

-rw——-    1 root     root     16106127360 Jun 21 12:20 APP-U1-63-25-flat.vmdk

-rw——-    1 root     root     214748364800 Jun 21 10:49 APP-U1-63-25_1-flat.vmdk

4. Run the vmkfstools to create new virtual disk, i.e VMDK (Descriptor File)

vmkfstools -c 16106127360 -d thin -a lsilogic APP-U1-63-25-OS.vmdk

vmkfstools -c 214748364800 -d thin -a lsilogic APP-U1-63-25-DATA.vmdk

5. As mentioned, there are 2 new files created: APP-U1-63-25-OS.vmdk and APP-U1-63-25-DATA.vmdk are created as a result.

ls -ltr

rw——-    1 root     root     16106127360 Jun 21 19:21 APP-U1-63-25-OS-flat.vmdk

-rw——-    1 root     root     214748364800 Jun 21 19:21 APP-U1-63-25-DATA-flat.vmdk

-rw——-    1 root     root           546 Jun 21 21:05 APP-U1-63-25-OS.vmdk 

-rw——-    1 root     root           550 Jun 21 21:05 APP-U1-63-25-DATA.vmdk 

-rw——-    1 root     root     214748364800 Jun 22 05:08 APP-U1-63-25_1-flat.vmdk

-rw——-    1 root     root     16106127360 Jun 22 05:08 APP-U1-63-25-flat.vmdk

6. We need to Rename APP-U1-63-25-OS.vmdk  and APP-U1-63-25-DATA.vmdk to the name that is needed to match the orphaned -flat file.

mv APP-U1-63-25-OS.vmdk APP-U1-63-25.vmdk

mv APP-U1-63-25-DATA.vmdk APP-U1-63-25_1.vmdk

7. Now, it is final stage where editing descriptor file (APP-U1-63-25.vmdk and APP-U1-63-25_1.vmdk)

find the line with RW ####### and change the name of the -flat to match the orphaned -flat file you have. So, I changed to APP-U1-63-25-flat.vmdk and APP-U1-63-25_1-flat.vmdk respectively for both disks, as you can see in the image below.

vi APP-U1-63-25.vmdk

vi APP-U1-63-25_1.vmdk

8. You can now delete the below files created earlier. These are not required anymore.

rw——-    1 root     root     16106127360 Jun 21 19:21 APP-U1-63-25-OS-flat.vmdk

-rw——-    1 root     root     214748364800 Jun 21 19:21 APP-U1-63-25-DATA-flat.vmdk

9. Attach the respective VMDK files to the virtual machine as earlier.

10. Now, All set and good to power on the virtual machine.

Howto: Recover a file when you don’t know inode number in Linux

Delete a file called abc.sh:
rm abc.sh
Type the following command:
# debugfs -w /dev/mapper/root
At debugfs: prompt type lsdel command:

debugfs: lsdel

Sample outputs:

 Inode  Owner  Mode    Size    Blocks   Time deleted
2113537      0 120777      3    1/   1 Tue May  1 06:21:22 2016
1 deleted inodes found.

Get block data, enter:

debugfs: logdump -i <2113537>

Sample outputs:

debugfs:  logdump -i <2113537>
Inode 2113537 is at group 129, block 4227074, offset 0
Journal starts at block 25167, transaction 344454
  FS block 4227074 logged at sequence 344484, journal block 31233 (flags 0x2)
    (inode block for inode 2113537):
    Inode: 2113537   Type: regular        Mode:  0644   Flags: 0x0
    Generation: 1054075619    Version: 0x00000000
    User:     0   Group:     0   Size: 15
    File ACL: 0    Directory ACL: 0
    Links: 1   Blockcount: 8
    Fragment:  Address: 0    Number: 0    Size: 0
    ctime: 0x575965d9 -- Thu Jun  9 18:19:29 2016
    atime: 0x575965d9 -- Thu Jun  9 18:19:29 2016
    mtime: 0x575965d9 -- Thu Jun  9 18:19:29 2016
    Blocks:  (0+1): 4247552
No magic number at block 31238: end of journal.

Type the following command:
# dd if=/dev/mapper/root of=recovered.file.001 bs=4096 count=1 skip=4247552
# file recovered.file.001

Sample outputs:

file: ASCII text, with very long lines

View file, enter:
# more recovered.file.001

How to recover a deleted file in Linux ?

A step-by-step guide for recovering files using debugfs

[root@unix-support-server ~]# mount

/dev/sda2 on / type ext4 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw)
/dev/sda1 on /boot type ext4 (rw)
/dev/sdb1 on /var/www type ext3 (rw)
/dev/sdd1 on /LUN93 type ext3 (rw)
/dev/sdc on /LUN92 type ext3 (rw)
/dev/sde1 on /LUN94 type ext3 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)

Create a text file called data.txt, enter:
echo 'This is a test' > data.txt
Display the index number (inode) of data.txt, enter:
[root@unix-support-server LUN94]# ls -li data.txt

2113537 -rw-r--r-- 1 root root 15 Jun  9 18:19 data.txt

[root@unix-support-server LUN94]#
[root@unix-support-server LUN94]# debugfs -w /dev/sde1

debugfs 1.41.12 (17-May-2010)
debugfs:  logdump -i  <2113537>
Inode 2113537 is at group 129, block 4227074, offset 0
Journal starts at block 25167, transaction 344454
  FS block 4227074 logged at sequence 344484, journal block 31233 (flags 0x2)
    (inode block for inode 2113537):
    Inode: 2113537   Type: regular        Mode:  0644   Flags: 0x0
    Generation: 1054075619    Version: 0x00000000
    User:     0   Group:     0   Size: 15
    File ACL: 0    Directory ACL: 0
    Links: 1   Blockcount: 8
    Fragment:  Address: 0    Number: 0    Size: 0
    ctime: 0x575965d9 -- Thu Jun  9 18:19:29 2016
    atime: 0x575965d9 -- Thu Jun  9 18:19:29 2016
    mtime: 0x575965d9 -- Thu Jun  9 18:19:29 2016
    Blocks:  (0+1): 4247552
No magic number at block 31238: end of journal.

debugfs:  cat  <2113537>
This is a test
debugfs:
debugfs:  q

[root@unix-support-server LUN94]# rm data.txt
rm: remove regular file `data.txt’? y
[root@unix-support-server LUN94]# cat data.txt
cat: data.txt: No such file or directory
[root@unix-support-server LUN94]#
[root@unix-support-server LUN94]# dd if=/dev/sde1 of=data.txt bs=4096 count=1 skip=4247552

1+0 records in
1+0 records out
4096 bytes (4.1 kB) copied, 0.000536678 s, 7.6 MB/s

[root@unix-support-server LUN94]#
[root@unix-support-server LUN94]# cat data.txt

This is a test

[root@unix-support-server LUN94]#

How to recover a deleted file in aix / jfs?

It is possible to recover the file using the “fsdb” command (filesystem debugger). when,

No new files have been created on the filesystem.

No files have been extended.

The filesystem is able to be unmounted.

Warning: I have test this in my test server. This is undocumented one. You may facing the critical problem when you follow the below steps on your systems. So try this at your own risk. Please avoid directly try this with your production servers. Here is the output for your reference.

You can get deleted files inode if you don’t have.

#fuser -dV

inode=68     size=34358697984  fd=6
inode=76     size=16106135552  fd=7
inode=65     size=34358697984  fd=16
inode=68     size=34358697984  fd=11
inode=68     size=34358697984  fd=7
inode=68     size=34358697984  fd=6

# lsvg -l testvg

testvg:

LV NAME             TYPE       LPs   PPs   PVs  LV STATE      MOUNT POINT

loglv00             jfs2log    1     1     1    closed/syncd  N/A

#

# crfs -a size=256M -v jfs2 -g testvg -m /new            à create a “/new” FS

File system created successfully.

261932 kilobytes total disk space.

New File System size is 524288

#

# lsvg -l testvg

testvg:

LV NAME             TYPE       LPs   PPs   PVs  LV STATE      MOUNT POINT

loglv00             jfs2log    1     1     1    closed/syncd  N/A

fslv00              jfs2       16    16    1    closed/syncd  /new

#

# mount /new         à mount the /new FS

#

# lsvg -l testvg

testvg:

LV NAME             TYPE       LPs   PPs   PVs  LV STATE      MOUNT POINT

loglv00             jfs2log    1     1     1    open/syncd    N/A

fslv00              jfs2       16    16    1    open/syncd    /new

#

# cd /new

#

# ls -l

total 0

drwxr-xr-x   2 root     system          256 Apr 03 16:47 lost+found

#

# cat >> film         à Create a file named “film”

Hi this is the test file. I want to use this file for recovery test

^C#

#

# cat film

Hi this is the test file. I want to use this file for recovery test

#

# ls –il        à check the inode number of the file “film”. That is 4

total 8

4 -rw-r–r–   1 root     system           68 Apr 03 16:49 film

3 drwxr-xr-x   2 root     system          256 Apr 03 16:47 lost+found

#

#

# rm film     à remove the file “film”

#

# ls -l

total 0

drwxr-xr-x   2 root     system          256 Apr 03 16:47 lost+found

#

# cd ~

#

# umount /new     à unmount the /new FS

#

# lsvg -l testvg

testvg:

LV NAME             TYPE       LPs   PPs   PVs  LV STATE      MOUNT POINT

loglv00             jfs2log    1     1     1    closed/syncd  N/A

fslv00              jfs2       16    16    1    closed/syncd  /new

#

# fsdb /dev/fslv00       à use the “fsdb <lv_name>” to recover the deleted  file.

File System:                    /dev/fslv00

File System Size:               523864  (512 byte blocks)

Aggregate Block Size:           4096

Allocation Group Size:          8192    (aggregate blocks)

> dir 2

idotdot = 2

3      lost+found

>

> i 4     à provide the inode number of our deleted file. That is 4

Inode 4 at block 33, offset 0x800:

[1] di_fileset:         16                 [18] di_inostamp:       0x4d98ead4

[2] di_number:          4               [19] di_gen:            3940655789

[3] di_size:    0x0000000000000044      [20] di_ixpxd.len:      4

[4] di_nblocks: 0x0000000000000001      [21] di_ixpxd.addr1:    0x00

[5] di_nlink:           0               [22] di_ixpxd.addr2:    0x00000021

[6] di_mode:            0x000081a4           di_ixpxd.address:  33

0100644 -rw-r–r–      [24] di_uid:            0

[25] di_gid:            0

[9] di_atime.tj_nsec:   0x1e8a1025      [26] di_atime.tj_sec:0x000000004d98eb7d

[10] di_ctime.tj_nsec:  0x0ca85614      [27] di_ctime.tj_sec:0x000000004d98ebac

[11] di_mtime.tj_nsec:  0x1af63892      [28] di_mtime.tj_sec:0x000000004d98eb77

[12] di_otime.tj_nsec:  0x03b74a9a      [29] di_otime.tj_sec:0x000000004d98eb24

[13] di_ea.flag:        0x00            [30] di_ea.len:         0

EAv1                               [31] di_ea.addr1:       0x00

[15] di_ea.nEntry:      0x00            [32] di_ea.addr2:       0x00000000

[16] di_ea.type:        0x0000               di_ea.address:     0

[34] di_ea.nblocks:     0

change_inode: [m]odify, [e]a, [t]ree, or e[x]it > m     à choose “m” to modify

Please enter: field-number value > 5  1   à  put the field number is 5, change the di_nlink value to 1

Inode 4 at block 33, offset 0x800:

[1] di_fileset:         16              [18] di_inostamp:       0x4d98ead4

[2] di_number:          4               [19] di_gen:            3940655789

[3] di_size:    0x0000000000000044      [20] di_ixpxd.len:      4

[4] di_nblocks: 0x0000000000000001      [21] di_ixpxd.addr1:    0x00

[5] di_nlink:           1               [22] di_ixpxd.addr2:    0x00000021

[6] di_mode:            0x000081a4           di_ixpxd.address:  33

0100644 -rw-r–r–      [24] di_uid:            0

[25] di_gid:            0

[9] di_atime.tj_nsec:   0x1e8a1025      [26] di_atime.tj_sec:0x000000004d98eb7d

[10] di_ctime.tj_nsec:  0x0ca85614      [27] di_ctime.tj_sec:0x000000004d98ebac

[11] di_mtime.tj_nsec:  0x1af63892      [28] di_mtime.tj_sec:0x000000004d98eb77

[12] di_otime.tj_nsec:  0x03b74a9a      [29] di_otime.tj_sec:0x000000004d98eb24

[13] di_ea.flag:        0x00            [30] di_ea.len:         0

EAv1                               [31] di_ea.addr1:       0x00

[15] di_ea.nEntry:      0x00            [32] di_ea.addr2:       0x00000000

[16] di_ea.type:        0x0000               di_ea.address:     0

[34] di_ea.nblocks:     0

change_inode: [m]odify, [e]a, [t]ree, or e[x]it > x    à exit

> quit

#

# fsck -yp /dev/fslv00     à run fsck to repaired the  inconsistencies.

The current volume is: /dev/fslv00

Primary superblock is valid.

J2_LOGREDO:log redo processing for /dev/fslv00

logredo start at: 1301867616 sec and end at 1301867616 sec

Primary superblock is valid.

*** Phase 1 – Initial inode scan

*** Phase 2 – Process remaining directories

*** Phase 3 – Process remaining files

*** Phase 4 – Check and repair inode allocation map

File system inode map is corrupt (FIXED)

Superblock marked dirty because repairs are about to be written.

*** Phase 5 – Check and repair block allocation map

Block allocation map is corrupt (FIXED)

Inodes not connected to the root directory

tree have been detected.  Will reconnect.

File system is clean.

Superblock is marked dirty (FIXED)

All observed inconsistencies have been repaired.

#

# mount /new   à mount the /new FS

# lsvg -l testvg

testvg:

LV NAME             TYPE       LPs   PPs   PVs  LV STATE      MOUNT POINT

loglv00             jfs2log    1     1     1    open/syncd    N/A

fslv00              jfs2       16    16    1    open/syncd    /new

#

# cd /new  à goto the /new FS

#

# ls -l

total 0

drwxr-xr-x   2 root     system          256 Apr 03 16:47 lost+found

#

# cd lost+found   à go to lost+found dir

#

# pwd

/new/lost+found

#

# ls -l

total 8

-rw-r–r–   1 root     system           68 Apr 03 16:49 4     à you can see the deleted file in the name of your inode number

#

# cat 4   à confirm the file content

Hi this is the test file. I want to use this file for recovery test

#

# mv 4 /new/.      à move the file to the exact place where it was before

#

# pwd

/new/lost+found

# cd ..

#

# pwd

/new

# ls -l

total 8

-rw-r–r–   1 root     system           68 Apr 03 16:49 4

drwxr-xr-x   2 root     system          256 Apr 03 16:55 lost+found

#

# cat 4

Hi this is the test file. I want to use this file for recovery test

#

# mv 4 film  à change the name of the recovered file to the old one.

#

# ls -l

total 8

-rw-r–r–   1 root     system           68 Apr 03 16:49 film   à the deleted file has been recovered.

drwxr-xr-x   2 root     system          256 Apr 03 16:55 lost+found

#

#

 

How to Encrypt File System in AIX ?

Encrypting Filesystem on AIX 6.1.

EFS offers 2 modes of operation:

Root Admin mode
This is the default mode. Root can reset user and group keystore passwords.

Root Guard mode
Root does not have access to user’s encrypted files and cannot change their passwords.

Note: NFS exports of EFS filesystems are not supported.

1. Prerequisites:
RBAC has to be enabled. Should be by default on AIX 6.1. If not use chdev to enable it.

# lsattr -El sys0 | grep RBAC
enhanced_RBAC   true         Enhanced RBAC Mode        True

CryptoLite needs to be installed, verify using below command

bash-3.2# lslpp -l | grep  CryptoLite
  clic.rte.kernext           4.7.0.1  COMMITTED  CryptoLite for C Kernel
  clic.rte.lib               4.7.0.1  COMMITTED  CryptoLite for C Library
  clic.rte.kernext           4.7.0.1  COMMITTED  CryptoLite for C Kernel

2. EFS Commands:

efsenable – Enables EFS on a given system. This is run only once
efskeymgr – Encryption Key Management tool
efsmgr – File encryption and decryption

3. Setup:
To enable EFS on the system use:

# efsenable -a
Enter password to protect your initial keystore:
Enter the same password again:

If your password for EFS will be identical with your login password the EFS Kernel extention will be loaded automatically into the kernel. Thus
you will be able to access the encrypted files without having to provide a password.
Otherwise `efskeymgr -o ksh` has tto be executed in order to load the key’s.

In order to have the ability to encrypt files, the filesystem that will hold this files needs to be EFS enabled (efs=yes) and Extended Attribute V2 has to be activated.

This can be verified using lsfs -q

# lsfs -q /test
Name            Nodename   Mount Pt               VFS   Size    Options    Auto Accounting
/dev/fslv12     --         /test               jfs2  262144  rw         yes  no
  (lv size: 262144, fs size: 262144, block size: 4096, sparse files: yes, inline log: no, inline log size: 0, EAformat: v1, Quota: no, DMAPI: no, VIX: yes, EFS: no, ISNAPSHOT: no, MAXEXT: 0, MountGuard: no)

# chfs -a efs=yes /test

# lsfs -q /archive
Name            Nodename   Mount Pt               VFS   Size    Options    Auto Accounting
/dev/fslv12     --         /test               jfs2  262144  rw         yes  no
  (lv size: 262144, fs size: 262144, block size: 4096, sparse files: yes, inline log: no, inline log size: 0, EAformat: v2, Quota: no, DMAPI: no, VIX: yes, EFS: yes, ISNAPSHOT: no, MAXEXT: 0, MountGuard: no)

Now we will have a look at the keys associated  with the current shell.

# efskeymgr -V
List of keys loaded in the current process:
 Key #0:
                           Kind ..................... User key
                           Id   (uid / gid) ......... 0
                           Type ..................... Private key
                           Algorithm ................ RSA_1024
                           Validity ................. Key is valid
                           Fingerprint .............. s6295ea1:be7cae83:82g30ab8:a02379a0
 Key #1:
                           Kind ..................... Group key
                           Id   (uid / gid) ......... 7
                           Type ..................... Private key
                           Algorithm ................ RSA_1024
                           Validity ................. Key is valid
                           Fingerprint .............. 12928ecb:353f4268:e19078be:268c7d56:18928ecb
 Key #2:
                           Kind ..................... Admin key
                           Id   (uid / gid) ......... 0
                           Type ..................... Private key
                           Algorithm ................ RSA_1024
                           Validity ................. Key is valid
                           Fingerprint .............. 940201f9:89h618ac:2e555ac4:60fdb6b5:268c7d56

4. Encrypt file

Now we will create a file, try to encrypt it, have a problem with umask and finally encrypt the file.

# echo "I like black tee with milk." > secret.txt
# ls -U
total 8
-rw-r------    1 root     system           30 May 8  11:18 secret.txt
drwxr-xr-x-    2 root     system          256 Apr 30 14:10 tmp

        Encrypt file
          |
# efsmgr -e secret.txt
./.efs.LZacya: Security authentication is denied.

# umask 077

# efsmgr -e secret.txt
# ls -U
total 16
drwxr-xr-x-    2 root     system          256 30 May 5 12:13 lost+found
-rw-r-----e    1 root     system           30 30 May 8 11:18 secret.txt
          |
          Indicates that this file is encrypted

Display file encryption information:

# efsmgr -l secret.txt
EFS File information:
 Algorithm: AES_128_CBC
List of keys that can open the file:
 Key #1:
  Algorithm       : RSA_1024
  Who             : uid 0
  Key fingerprint : 00f06152:be7cae83:a02379a0:82e30ab8:f6295ea1

Now I set the file permission’s to 644 and try to read the file as another user.

# chmod 644 secret.txt
# ls -la
-rw-r--r--    1 root     system          145 30 May 8 11:19 secret.txt

user1 # file secret.txt
secret.txt: 0653-902 Cannot open the specified file for reading.
user1 # cat secret.txt
cat: 0652-050 Cannot open secret.txt.

As root we will list the inode number of the file, get the block pointer and read directly from the filesystem using fsdb to see if the file is stored  encrypted.

      Display inode no.
      |
# ls -iU
total 32

    5 -rw-r--r--e    1 root     system          145 30 May 8 11:19 secret.txt

# istat 5 /dev/fslv12
Inode 5 on device 10/27 File
Protection: rw-r--r--
Owner: 0(root)          Group: 0(system)
Link count:   1         Length 145 bytes

Last updated:   Tue May 8 11:18:23 GMT+02:00 2012
Last modified:  Tue May 8 11:18:52 GMT+02:00 2012
Last accessed:  Tue May 8 11:18:52 GMT+02:00 2012

Block pointers (hexadecimal):
29
# fsdb /dev/fslv12
Filesystem /dev/fslv12 is mounted.  Modification is not permitted.

File System:                    /dev/fslv12

File System Size:               261728  (512 byte blocks)
Aggregate Block Size:           4096
Allocation Group Size:          8192    (aggregate blocks)

> display 0x29
Block: 41     Real Address 0x29000
00000000:  119CB74E 637C6FE0 C0BF2DCD 36B775BB   |...Nc|o...-.6.u.|
00000010:  569B5A6C 43476ED3 F4BFE938 7C662A3B   |V.ZlCGn....8|f*;|
00000020:  B5D89C51 FA2BE7B6 CEAF2D3E 555EAA06   |...Q.+....->U^..|
00000030:  4FF23413 B11D1170 982690B3 5F1BCA9A   |O.4....p.&.._...|
00000040:  4AD3CEA5 A3CBFAD9 C730EE00 9BD1F409   |J........0......|
00000050:  71203B85 A51320C6 04A97DA4 43002DA7   |q ;... ...}.C.-.|
00000060:  994CC67B A1AC31DF 2C8201AD 3E5B50F7   |.L.{..1.,...>[P.|
00000070:  6BA7B01D EC5CB918 17E13F46 2935FA98   |k........?F)5..|
00000080:  718DF155 D6E69A41 EF592B60 EA5F7B24   |q..U...A.Y+`._{$|
00000090:  32521FE2 7AD8EC61 1A94413D A8338A26   |2R..z..a..A=.3.&|
000000a0:  62E4A319 D6251A66 F19D4739 2FC7E83A   |b....%.f..G9/..:|
000000b0:  DE0F878A 1F95AB89 5C7F3520 C65B7896   |.........5 .[x.|
000000c0:  915A7655 EC269DFF 68E2B08A 871114A9   |.ZvU.&..h.......|
000000d0:  E30B195F 280F7DCD 4F8BE094 4B5603D8   |..._(.}.O...KV..|
000000e0:  962303B0 D957A2A5 24A2A3A5 6260EA5E   |.#...W..$...b`.^|
000000f0:  A4C62B7D FB9B1841 893D253F 72E61065   |..+}...A.=%?r..e|
-hit enter for more-
00000100:  01A150FD AD54677D A856E9B1 320257E1   |..P..Tg}.V..2.W.|
00000110:  5F023AA3 0191E0D6 4B64583B D9F2A4C7   |_.:.....KdX;....|
00000120:  F988937A E0117EB2 26E61976 E4860D7D   |...z..~.&..v...}|
00000130:  0C724A4E 50616226 BDE06FEB 10A19564   |.rJNPab&..o....d|
00000140:  17C90BB7 774338B3 8525ED90 5EADFD8B   |....wC8..%..^...|
00000150:  636FC1AF D46C2E64 6AC37082 3B0168BE   |co...l.dj.p.;.h.|
00000160:  24C0CD2E D8587254 F6DBC1BA 93BE6AD6   |$....XrT......j.|
00000170:  E89EEFF9 08000B07 E3827C10 AE0FD7DB   |..........|.....|
00000180:  162D0E6D EF94D85A 3F09CD85 A19A31FF   |.-.m...Z?.....1.|
00000190:  49E13BFC 5328F670 E0B50878 942CC4BB   |I.;.S(.p...x.,..|
000001a0:  BF1D6C4F 9DA72F3D 8DC90691 328A7053   |..lO../=....2.pS|
000001b0:  99C31EEB 1CD2208A CBF609C1 4DB86819   |...... .....M.h.|
000001c0:  E2746288 5E152ECA 0E2BD9DF D1D1D210   |.tb.^....+......|
000001d0:  7ADDF0EC 522E93E2 CAA0A36F B3CBFB05   |z...R......o....|
000001e0:  4EA56F3C ECBA1A0C AA132269 2024E065   |N.o<......"i $.e|
000001f0:  00BC51B0 88BBCD8A 9C644F66 6A16DBC8   |..Q......dOfj...|

Above we see that the file on the disk is encrypted.

5. Decrypting a file

Decrypt file
          |
# efsmgr -d secret.txt
# ls -U
total 24

-rw-r--r---    1 root     system          145 May 8 12:23 secret.txt

6. Encryption Inheritance

If you enable Encryption Inheritance on a directory all newly created files in that directory will be automatically encrypted.

To enable Encryption inheritance use:

# efsmgr -E /archive

# ls -U / | grep archive
drwxr-xr-xe    3 root     system          256 Jul 17 12:09 archive

# touch next.txt

# ls -U
total 32

-rw-------e    1 root     system            0 May 8 11:10 next.txt
-rw-r--r---    1 root     system          145 May 8 12:25 secret.txt

7. Grant access to another user
Say we are  user1 and want to have a look at who has EFS access to the file.

user1 $ efsmgr -l secret.txt
EFS File information:
 Algorithm: AES_128_CBC
List of keys that can open the file:
 Key #1:
  Algorithm       : RSA_1024
  Who             : uid 0
  Key fingerprint : 00f06152:be7cae83:a02379a0:82e30ab8:f6295ea1

To grant access to a user use:

Add access to the specified file to a user or group(u/g)
          |
# efsmgr -a secret.txt -u user1
                        |
                        Add user to EFS access list

user1 $ cat secret.txt
I like black tee with milk.

Reference Red-books:

AIX 6.1 Diffrence Guide SG24-7559-00 Page 40
AIX V6 Advanced Security Features SG24-7430-00 Page 59

How to halt the VNX for file / nas server ?

To halt the VNX for file server, type:
# /nasmcd/sbin/nas_halt now
ARE YOU SURE YOU WANT TO CONTINUE? [ yes or no ] :
# yes
Sending the halt signal to the Master Control Daemon…: Done
.
.
Halting system…
flushing ide devices: hda hdd
Power down.
It can take as long as 20 minutes to halt the server, depending on the configuration of the
VNX. Wait until the command completes before continuing. If the Control Station halted
successfully, the HyperTerminal session will be unresponsive.
If the Control Station restarts after the nas_halt command, then go to step 6. If the Control
Station has halted successfully, then go to the next step to restart the Control Station.

Verify the shutdown of the blades:

Wait for 5 minutes, and then log in as root at the login prompt. Then verify the shutdown of
the blades by running the following command:
# /nasmcd/sbin/getreason
Sample output for a four blade configuration:
6 – slot_0 primary control station
– slot_2 powered off
– slot_3 powered off
– slot_4 powered off
– slot_5 powered off

Run the following command to halt the Control Station:

# /sbin/halt
Sample Output:
# /sbin/halt
Broadcast message from root (ttyS1) (Tue 7 13 10:05:55 2012):
The system is going down for system halt NOW!
INIT: Stopping HAL daemon: [OK]
Stopping system message bus: [OK]
……..
……..
Halting system…
md: stopping all md devices.
md: md0 switched to read-only mode.
Shutdown: hda
System halted

Add a RAM File System in Aix

Create a RAM disk of 10 MB

# mkramdisk 10M

/dev/rramdisk0

Create a JFS File System on this RAM disk

# mkfs -V jfs /dev/rramdisk0

mkfs:destroy /dev/rramdisk0 (yes) ? y

Create Mountpoint

# mkdir /ramdisk

Mount  RAM File System

# mount -V jfs -o nointegrity /dev/ramdisk0 /ramdisk

The purpose of the mkramdisk command is to create file systems directly in memory. This is useful for applications that make many temporary files. Use ramdisk only for data that can be lost. After each reboot the ramdisk file system is destroyed and must be rebuilt.

Journaled file systems structure

 

 

Superblock : File System size and indentification, Free list, fragment size, nbpi.

Inodes: File size, ownership, permissions, pointers to data blocks.

Blocks: Data blocks contain data and Indirect block contain pointers to data blocks.

Journaled file systems are built within logical volumes. Because journaled file systems exist within logical volumes, the size of the file system always multiples of the logical partition size for that logical volume (for example, 4 MB). An individual file within a file system will by default have units allocated to it in blocks of  4096 bytes. (This may change if you have implemented fragmentation or large files – to be discussed later.)
Some unix commands often report file sizes in units of 512 bytes to remain compatible with other UNIX file systems. This is independent of the actual unit of allocation. The first addressable logical block on the file system is the superblock. The superblock contains information such as the file system name, size, number of inodes, date/time of creation.
The superblock is critical to the file system and if corrupted, prevents the file system from mounting. For this reason a backup copy of the superblock is always written in block 31. Uempty Immediately following the superblock are inodes which contain identifying information for files such as the file type, size, permissions, user/group/owner, create/modification and last
access dates. They also contain pointers to the data block for fragment addresses which hold the data. For larger files the system creates sets of indirect blocks filled with data block addresses to point to the data block or fragments which hold the data.

Linux add a swap file

You need to use dd command to create swapfile. Next you need to use mkswap command to set up a Linux swap area on a device or in a file.

 

a) Login as the root user

 

b) Type following command to create 512MB swap file (1024 * 1024MB = 1048576 block size):
# dd if=/dev/zero of=/swapfile1 bs=1024 count=1048576

 

c) Set up a Linux swap area:
# mkswap /swapfile

 

d) Activate /swapfile1 swap space immediately:
# swapon /swapfile

 

e) To activate /swapfile1 after Linux system reboot, add entry to /etc/fstab file. Open this file using text editor such as vi:
# vi /etc/fstab

 

Append following line:
/swapfile swap swap defaults 0 0

 

So next time Linux comes up after reboot, it enables the new swap file for you automatically.

 

g) How do I verify swap is activated or not?
Simply use free command:
$ free -m

Compaq Tru64 UNIX: Setting up Standard File Systems

The following table shows the variables and their corresponding values.


Variables in Standard File Systems

 
Variable Description
<diskname> Full path of a disk, for example, /dev/rz11c
<rawdiskname> Full path of a raw disk, for example, /dev/rrz11c
<disktype> Disk type, for example, rz28
<mountpointname> Full path of a mount point, for example,
SAP DB: /sapdb/<SAPSID>/sapdata1
Informix: Not applicable
Oracle: /oracle/<SAPSID>/sapdata1


To set up a standard file system:

1. Ask the customer which disks are available and make sure that they do not belong to
one of the categories listed in the following table:


Avoidable Disk Categories

Disk Category How to Check
Mounted disks grep <diskname> /etc/fstab
Swapdevices swapon -s | grep <diskname>
Advanced FS cd /etc/fdmns; showfdmn * | grep <diskname>
Volumes within LSM (Logical Storage manager) volprint -Ath | grep <diskname>


2. Create disk label, if necessary:
disklabel -w -r <rawdiskname> <disktype>
3. Create empty file system:
newfs -m 0 <rawdiskname>

4. Create mount point:
mkdir <mountpointname>
5. Add line to /etc/fstab:
<diskname> <mountpointname> ufs
6. Mount file system:
mount <mountpointname>