目前日期文章:200806 (5)

瀏覽方式: 標題列表 簡短摘要
/var/adm/wtmp档案太大怎么办
  
  环境 产品:RS/6000
  软件:AIX
  问题 /var/adm/wtmp文件保存所有用户登录的讯息,随著时间会增长到很大,/var/adm/wtmp档案太大时怎么办?
  解答 /var/adm/wtmp档案太大时,有时需要清理或编辑整理。
  要清理它,执行cp /dev/null /var/adm/wtmp.
  
  要编辑整理部分清理,用fwtmp命令先将文件wtmp变成ASCII格式的档案dummy.file:
  /usr/sbin/acct/fwtmp < /var/adm/wtmp > dummy.file,
  编辑之後用
  /usr/sbin/acct/fwtmp -ic < dummy.file > /var/adm/wtmp
  再将ASCII文件转变成二进位文件.
  
  JESMSG显示屏幕,进行类似于上述2中的操作即可.

parrotchang 發表在 痞客邦 PIXNET 留言(0) 人氣()

2008.06.14  中國時報
母乳有助預防腸病毒71型
黃天如/台北報導

     腸病毒疫情發燒,重症患者9成以上都是5歲以下幼兒,其中亦不乏1歲以下的新生嬰兒醫師表示,除了勤洗手及良好衛生習慣,盡可能延長哺育母乳的時間,對寶寶對抗最可能致命的腸病毒71型也很有幫助。

     林口長庚兒童醫院感染科教授邱政洵表示,該院曾對母乳中含有大量之乳鐵蛋白與腸病毒71型的對應關係進行研究,結果發現,實驗細胞若能先和乳鐵蛋白接觸,當碰到腸病毒71型時,就可明顯減少細胞被病毒感染的機會。

     惟他強調,實驗中也發現,若被腸病毒71型「捷足先登」接觸人體細胞後再加入乳鐵蛋白,則其抑制病毒的效果就很有限。換言之,母乳中乳鐵蛋白雖不具治療效果,卻可以「預防」腸病毒71型。

     長庚上述研究成果,已發表刊登在《感染症醫學期刊》。

     ■配方奶粉不如母乳

     那麼,額外添加乳鐵蛋白的配方奶粉是否也能對腸病毒71型發揮同樣的預防效果?

     邱政洵說,除了乳鐵蛋白,母乳中的免疫球蛋白、成長因素及干擾素能抑制細菌及病毒滋生;另含吞噬細胞、巨噬細胞及中性白血球,則能有效增加嬰兒免疫力…,這些都是配方奶粉沒有的好處。

     台灣母乳哺育聯合學會顧問醫師楊靖瑩也說,知名之《國際兒科醫學期刊》去年曾刊登一項荷蘭的研究,研究對象為150對新生嬰兒及產婦,結果發現,整體來看1歲以下嬰兒感染腸病毒的比例高達4成,惟喝母乳且持續餵哺愈久者感染率愈低。

     ■免疫球蛋白可附著腸壁

     她說,該研究顯示,母乳中含有一種名為「IgA」的免疫球蛋白,它可附著在小朋友的腸壁上,藉以避免或減少腸病毒的侵襲。

     此外,腸病毒常見症狀為皰疹性咽峽炎,亦即在病童的口腔內會出現小水泡甚至潰瘍,小朋友可能會因為咽喉疼痛拒絕進食;此時若能哺餵母乳,不但提供寶寶必要的營養素,對安撫情緒也很有幫助。

parrotchang 發表在 痞客邦 PIXNET 留言(0) 人氣()

如果 snmp 已停止,但 sybsys 鎖定,可能是 3個問題

1.netsnmp 版本要一致
rpm -qa | grep snmp

net-snmp-utils-5.3.1-19.el5_1.4
net-snmp-libs-5.3.1-19.el5_1.4
net-snmp-5.3.1-19.el5_1.4

用 CentOS 5.1 啟動時出現 snmpd dead but pid file exists 後來發現是 net-snmp 跟 net-snmp-libs 的版本不一樣導致的,升級了 net-snmp-libs 後問題就解決了

2.CentOS 安全性設置訊息,可以在 tail -f /var/log/messages 找到相關蛛絲馬跡,解決方法如下

more /var/log/messages
setroubleshoot:      SELinux is preventing /usr/sbin/snm
pd (snmpd_t) "create" access to <Unknown> (snmpd_t).      For complete SELinux m
essages. run sealert -l 2b6db142-43ab-4e78-8f35-1fa571261694

執行 sealert -l 2b6db142-43ab-4e78-8f35-1fa571261694 得到下面的訊息

Summary
    SELinux is preventing /usr/sbin/snmpd (snmpd_t) "create" access to <Unknown>
    (snmpd_t).

Detailed Description
    SELinux denied access requested by /usr/sbin/snmpd. It is not expected that
    this access is required by /usr/sbin/snmpd and this access may signal an
    intrusion attempt. It is also possible that the specific version or
    configuration of the application is causing it to require additional access.
    Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this
    package.

Allowing Access
    Sometimes labeling problems can cause SELinux denials.  You could try to
    restore the default system file context for <Unknown>, restorecon -v
    <Unknown>. There is currently no automatic way to allow this access.
    Instead, you can generate a local policy module to allow this access - see
    http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 - or you can
    disable SELinux protection entirely for the application. Disabling SELinux
    protection is not recommended. Please file a
    http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package.
    Changing the "snmpd_disable_trans" boolean to true will disable SELinux
    protection this application: "setsebool -P snmpd_disable_trans=1."

    The following command will allow this access:
    setsebool -P snmpd_disable_trans=1

Additional Information

Source Context                user_u:system_r:snmpd_t
Target Context                user_u:system_r:snmpd_t
Target Objects                None [ netlink_route_socket ]
Affected RPM Packages         net-snmp-5.3.1-19.el5_1.4 [application]
Policy RPM                    selinux-policy-2.4.6-30.el5
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.disable_trans
Host Name                     bscldap.cht.com.tw
Platform                      Linux bscldap.cht.com.tw 2.6.18-8.1.15.el5 #1 SMP
                              Mon Oct 22 08:32:04 EDT 2007 i686 i686
Alert Count                   58
Line Numbers

Raw Audit Messages

avc: denied { create } for comm="snmpd" egid=0 euid=0 exe="/usr/sbin/snmpd"
exit=-13 fsgid=0 fsuid=0 gid=0 items=0 pid=27302
scontext=user_u:system_r:snmpd_t:s0 sgid=0 subj=user_u:system_r:snmpd_t:s0
suid=0 tclass=netlink_route_socket tcontext=user_u:system_r:snmpd_t:s0
tty=(none) uid=0

根據上面資料,最簡單也最快的解決方式如下所述

# 解除 sybsys 鎖定
rm /var/lock/subsys/snmpd
# 解除 snmpd 安全性設定
setsebool -P snmpd_disable_trans=1
# 啟動 snmpd 服務
service snmpd start

3.Disable IPV6 support

vi /etc/modprobe.conf
=============
alias net-pf-10 off
alias ipv6 off
============

vi /etc/sysconfig/network
=============
NETWORKING_IPV6=no
=============

vi /etc/sysconfig/network-scripts/ifcfg-eth0
add
=============
IPV6INIT=no
=============

最後重新上 SNMP Package
yum install net-snmp net-snmp-devel net-snmp-utils net-snm-libs

parrotchang 發表在 痞客邦 PIXNET 留言(0) 人氣()

CentOS 5.x 之簡易 snmp 設定

CentIS 5.1

(1) 先確定有無安裝必要程式

rpm -qa | grep net-snmp

net-snmp-utils-5.3.1-19.el5_1.4 沒安裝會找不到 snmpwalk
net-snmp-libs-5.3.1-19.el5_1.4
net-snmp-5.3.1-19.el5_1.4


如果沒有安裝的話,用 yum 或是其他方法自行搞定!
搞定後記得把 snmpd 啟動,且設定為開機執行

chkconfig snmpd on
service snmpd start

(2) 設定 /etc/snmp/snmpd.conf

mrtg 會跑步起來,大部分的問題出在 snmp.conf 設定錯誤,一開始
可以執行 snmpwalk 測試看看

ex:

snmpwalk -c public -v 1 localhost system

-c public 指定 community ,public 是預設值,如果你更改了
snmp.conf community 設定,務必換成你自己的設定值。
snmpwalk 指令使用方法可以問男人 man snmpcmd

 -v 1 指定 protocol 版本,依你的 snmpd.conf 設定。

正確的話你應該可以看到許多類似如下的訊息:

SNMPv2-MIB::sysDescr.0 = STRING: Linux bscldap.cht.com.tw 2.6.18-8.1.15.el5 #1 SMP Mon Oct 22 08:32:04 EDT 2007 i686
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (261) 0:00:02.61
SNMPv2-MIB::sysContact.0 = STRING: Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
SNMPv2-MIB::sysName.0 = STRING: bscldap.cht.com.tw
SNMPv2-MIB::sysLocation.0 = STRING: Unknown (edit /etc/snmp/snmpd.conf)
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORID.1 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.2 = OID: TCP-MIB::tcpMIB
SNMPv2-MIB::sysORID.3 = OID: IP-MIB::ip
SNMPv2-MIB::sysORID.4 = OID: UDP-MIB::udpMIB
SNMPv2-MIB::sysORID.5 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
SNMPv2-MIB::sysORID.6 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.7 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.8 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
SNMPv2-MIB::sysORDescr.1 = STRING: The MIB module for SNMPv2 entities
SNMPv2-MIB::sysORDescr.2 = STRING: The MIB module for managing TCP implementations
SNMPv2-MIB::sysORDescr.3 = STRING: The MIB module for managing IP and ICMP implementations
SNMPv2-MIB::sysORDescr.4 = STRING: The MIB module for managing UDP implementations
SNMPv2-MIB::sysORDescr.5 = STRING: View-based Access Control Model for SNMP.
SNMPv2-MIB::sysORDescr.6 = STRING: The SNMP Management Architecture MIB.
SNMPv2-MIB::sysORDescr.7 = STRING: The MIB for Message Processing and Dispatching.
SNMPv2-MIB::sysORDescr.8 = STRING: The management information definitions for the SNMP User-based Security Model.
SNMPv2-MIB::sysORUpTime.1 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.2 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.3 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.4 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.5 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.6 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.7 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.8 = Timeticks: (0) 0:00:00.00


修改 snmpd.conf 如下:

com2sec notConfigUser  default       public

group   notConfigGroup v1           notConfigUser
group   notConfigGroup v2c           notConfigUser

view    all           included   .1 80
view    systemview    included   .1.3.6.1.2.1.2
view    systemview    included   .1.3.6.1.2.1.1
view    systemview    included   .1.3.6.1.2.1.25.1.1
view    systemview    included   .1.3.6.1.2.1.2.2.1
view    systemview    included   .1.3.6.1.4.1.2021.4.5.0
view    systemview    included   .1.3.6.1.4.1.2021.4.6.0
view    systemview    included   .1.3.6.1.4.1.2021.4.11.0
view    systemview    included   .1.3.6.1.4.1.2021.10.1.3.1
view    systemview    included   .1.3.6.1.4.1.2021.10.1.3.2
view    systemview    included   .1.3.6.1.4.1.2021.10.1.3.3
view    systemview    included   .1.3.6.1.4.1.2021.4.3.0
view    systemview    included   .1.3.6.1.4.1.2021.4.4.0
view    systemview    included   .1.3.6.1.4.1.2021.4.5.0
view    systemview    included   .1.3.6.1.4.1.2021.4.6.0
view    systemview    included   .1.3.6.1.4.1.2021.4.11.0
view    systemview    included   .1.3.6.1.4.1.2021.4.13.0
view    systemview    included   .1.3.6.1.4.1.2021.4.14.0
view    systemview    included   .1.3.6.1.4.1.2021.4.15.0
view    systemview    included   .1.3.6.1.4.1.2021.9.1.2.1
view    systemview    included   .1.3.6.1.4.1.2021.9.1.3.1
view    systemview    included   .1.3.6.1.4.1.2021.9.1.6.1
view    systemview    included   .1.3.6.1.4.1.2021.9.1.7.1
view    systemview    included   .1.3.6.1.4.1.2021.9.1.8.1
view    systemview    included   .1.3.6.1.4.1.2021.9.1.9.1
view    systemview    included   .1.3.6.1.4.1.2021.9.1.10.1
view    systemview    included   .1.3.6.1.4.1.2021.11.9.0
view    systemview    included   .1.3.6.1.4.1.2021.11.50.0
view    systemview    included   .1.3.6.1.4.1.2021.11.10.0
view    systemview    included   .1.3.6.1.4.1.2021.11.52.0
view    systemview    included   .1.3.6.1.4.1.2021.11.11.0
view    systemview    included   .1.3.6.1.4.1.2021.11.53.0
view    systemview    included   .1.3.6.1.4.1.2021.11.51.0

syslocation Unknown (edit /etc/snmp/snmpd.conf)
syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)


#其他設定方法 (example of RH9)

# # sec.name source community
>com2sec local localhost your_community
>com2sec mynetwork 192.168.1.0/24 you_community
>
>
> your_community 改成你喜歡的識別字,自己記得住就好!
>
> 192.168.1.0/24 請根據你自己的情況加以修改,不要傻傻的照抄喔!
>
>
> # group.name sec.model sec.name
> group MyRWGroup any local
> group MyROGroup any mynetwork
>
>
> any 可以改成 v1 或 v2c 或 v3,不改也行!
>
>
> # incl/excl subtree mask
> view all included .1 80
>
> ## context sec.model sec.level prefix read write notify
> access MyROGroup "" any noauth 0 all none none
> access MyRWGroup "" any noauth 0 all all all
>
> syslocation Redhat 9.0〈隨便填不是粉重要〉
> syscontact <root@localhost>〈填上你的 email ,不是粉重要〉

access notConfigGroup "" any noauth 0 all none none

parrotchang 發表在 痞客邦 PIXNET 留言(0) 人氣()

[轉貼]Linux OID's for CPU,Memory and Disk Statistics

http://www.debianhelp.co.uk/linuxoids.htm



SNMP Basics

SNMP stands for Simple Network Management Protocol and consists of three key components: managed devices, agents, and network-management systems (NMSs). A managed device is a node that has an SNMP agent and resides on a managed network. These devices can be routers and access server, switches and bridges, hubs, computer hosts, or printers. An agent is a software module residing within a device. This agent translates information into a compatible format with SNMP. An NMS runs monitoring applications. They provide the bulk of processing and memory resources required for network management.

MIBs, OIDs Overview

MIB stands for Management Information Base and is a collection of information organized hierarchically. These are accessed using a protocol such as SNMP. There are two types of MIBs: scalar and tabular. Scalar objects define a single object instance whereas tabular objects define multiple related object instances grouped in MIB tables.

MIB files for specific devices or systems can be downloaded from here

OIDs or Object Identifiers uniquely identify manged objects in a MIB hierarchy. This can be depicted as a tree, the levels of which are assigned by different organizations. Top level MIB object IDs (OIDs) belong to different standard organizations. Vendors define private branches including managed objects for their own products.

Here is a sample structure of an OID

Iso (1).org(3).dod(6).internet(1).private(4).transition(868).products(2).chassis(4).card(1).slotCps(2)­
.­cpsSlotSummary(1).cpsModuleTable(1).cpsModuleEntry(1).cpsModuleModel(3).3562.3

Most of the people may be looking for OID's for Linux OID's for CPU,Memory and Disk Statistics for this first you need to install SNMP server and clients. If you want to install SNMP server and client installation in linux check here

CPU  Statistics

        Load
               1 minute Load: .1.3.6.1.4.1.2021.10.1.3.1
               5 minute Load: .1.3.6.1.4.1.2021.10.1.3.2
               15 minute Load: .1.3.6.1.4.1.2021.10.1.3.3

       CPU
               percentage of user CPU time:    .1.3.6.1.4.1.2021.11.9.0
               raw user cpu time:                  .1.3.6.1.4.1.2021.11.50.0
               percentages of system CPU time: .1.3.6.1.4.1.2021.11.10.0
               raw system cpu time:              .1.3.6.1.4.1.2021.11.52.0
               percentages of idle CPU time:   .1.3.6.1.4.1.2021.11.11.0
               raw idle cpu time:                   .1.3.6.1.4.1.2021.11.53.0
               raw nice cpu time:                  .1.3.6.1.4.1.2021.11.51.0

Memory Statistics

               Total Swap Size:                .1.3.6.1.4.1.2021.4.3.0
               Available Swap Space:         .1.3.6.1.4.1.2021.4.4.0
               Total RAM in machine:          .1.3.6.1.4.1.2021.4.5.0
               Total RAM used:                  .1.3.6.1.4.1.2021.4.6.0
               Total RAM Free:                   .1.3.6.1.4.1.2021.4.11.0
               Total RAM Shared:                .1.3.6.1.4.1.2021.4.13.0
               Total RAM Buffered:              .1.3.6.1.4.1.2021.4.14.0
               Total Cached Memory:           .1.3.6.1.4.1.2021.4.15.0

Disk Statistics

       The snmpd.conf needs to be edited. Add the following (assuming a machine with a single '/' partition):

                               disk    /       100000  (or)

                               includeAllDisks 10% for all partitions and disks

       The OIDs are as follows

               Path where the disk is mounted:                 .1.3.6.1.4.1.2021.9.1.2.1
               Path of the device for the partition:            .1.3.6.1.4.1.2021.9.1.3.1
               Total size of the disk/partion (kBytes):        .1.3.6.1.4.1.2021.9.1.6.1
               Available space on the disk:                      .1.3.6.1.4.1.2021.9.1.7.1
               Used space on the disk:                           .1.3.6.1.4.1.2021.9.1.8.1
               Percentage of space used on disk:             .1.3.6.1.4.1.2021.9.1.9.1
               Percentage of inodes used on disk:            .1.3.6.1.4.1.2021.9.1.10.1

Examples

These Commands you need to run on the SNMP server

Get available disk space for / on the target host

#snmpget -v 1 -c "community" target_name_or_ip .1.3.6.1.4.1.2021.9.1.7.1

this will return available disk space for the first entry in the 'disk' section of snmpd.conf; replace 1 with n for the nth entry

Get the 1-minute system load on the target host

#snmpget -v 1 -c "community" target_name_or_ip .1.3.6.1.4.1.2021.10.1.3.1

Get the 5-minute system load on the target host

#snmpget -v 1 -c "community" target_name_or_ip .1.3.6.1.4.1.2021.10.1.3.2

Get the 15-minute system load on the target host

#snmpget -v 1 -c "community" target_name_or_ip .1.3.6.1.4.1.2021.10.1.3.3

Get amount of available swap space on the target host

#snmpget -v 1 -c "community" target_name_or_ip .1.3.6.1.4.1.2021.4.4.0

parrotchang 發表在 痞客邦 PIXNET 留言(0) 人氣()