Wednesday, August 17, 2005

System errors defined

Miscellaneous UNIX notes
System errors defined
System errors are defined in /usr/include/sys/errno.h on Solaris
systems and /usr/include/asm/errno.h on Red Hat Linux systems. The
information in this file is helpful in interpreting output of the
truss command (Solaris) or strace (Linux).

Example:
#define EPERM 1 /* Operation not permitted */
#define ENOENT 2 /* No such file or directory */
#define ESRCH 3 /* No such process */
#define EINTR 4 /* Interrupted system call */
#define EIO 5 /* I/O error */
#define ENXIO 6 /* No such device or address */
#define E2BIG 7 /* Arg list too long */
#define ENOEXEC 8 /* Exec format error */
#define EBADF 9 /* Bad file number */
#define ECHILD 10 /* No child processes */

Limiting find to one file system
The find command's -xdev argument can be used to limit searches to one
file system.

Example: find all files on the root file system sorted
smallest-to-largest. Do not descend other file systems (etc. /usr,
/var).

find / -xdev -ls | sort -n -k 7
Viewing "raw" man pages in nroff/troff format
nroff -man manpage | more -s

Example:
nroff -man qtool.8 | more -s

Printing man pages
To output a UNIX man page in a format suitable for printing, pipe the
man page through col -b.

Example:
man command | col -b
Disabling ssh1 compatibility with ssh.com server
ssh protocol 1 is vulnerable to man-in-the-middle attacks with tools
like dsniff, and should not be used unless absolutely necessary.

To disable ssh protocol 1 with an ssh.com server,

1. Edit the /etc/ssh2/sshd2_config configuration file.

2.
Change:
Ssh1Compatibility yes
To:
Ssh1Compatibility no

3. Send the sshd process a SIGHUP for the change to take effect.

Zombie processes
A zombie process is a process that has exited, but whose exit code has
not reached its parent process. The parent process has to perform a
wait system call to read the exit code of a child. Until the parent
receives the exit code, the child process will remain in "zombie"
state.

Zombie processes are already dead and cannot be "killed." They consume
no system resources except an entry in the system process table (seen
in the proc-sz column with the sar -v command).

The only way to remove a zombie process is to kill its parent process.

More information:
http://groups.google.com/groups?q=zombie+processes+wait&hl=en&lr=&ie=UTF-8&selm=1993Feb14.021655.13721%40acd4.acd.com&rnum=9
/etc/hosts on Windows
The file on Windows that provides the same functionality as /etc/hosts
in UNIX is %SystemRoot%\system32\drivers\etc\hosts

stty: : Invalid argument
This message is often caused when running stty in the C shell
initialization script .cshrc with a non-interactive shell (ex. an ssh,
scp, rsh, or rsync command). stty should only be run in an interactive
shell.

Example change in .cshrc to check for an interactive shell:

Change:
stty erase ^?

To:
if ( $?prompt && { tty -s } ) stty erase ^?

xterm Xt error: Can't open display:
If you receive this message when tunneling X11 traffic over an ssh
tunnel, (1) make sure that the remote ssh server allows X11 forwarding
with the X11Forwarding yes directive in the server configuration file
(OpenSSH example), and (2) make sure that you are enabling X11
forwarding on your ssh client with the -X flag.

[hutch@hutch hutch]$ ssh hutch@server
[hutch@server hutch]$ echo $DISPLAY

[hutch@server hutch]$

[hutch@hutch hutch]$ ssh -X hutch@server
[hutch@server hutch]$ echo $DISPLAY
localhost:10.0
[hutch@server hutch]$

X11 tunneling after su -
In order to run X clients over an ssh tunnel after running su - for a
root login shell, you have to manually specify the DISPLAY and
XAUTHORITY environment variables. These steps are not needed when
running su, su -m, or su -p.

Example:

/bin/su -
DISPLAY=localhost:10.0 XAUTHORITY=~hutch/.Xauthority X_client
-- or --
export DISPLAY=localhost:10.0 XAUTHORITY=~hutch/.Xauthority
X_client

sftp problems
When attempting to login to an OpenSSH sftp server, I received the
following error:

Request for subsystem 'sftp' failed on channel 0
Couldn't read packet: Connection reset by peer

When receiving this error, make sure to check the permissions of
sftp-server. In this case, the permissions on the directory containing
sftp-server were incorrect:

# grep sftp-server /usr/local/etc/sshd_config
Subsystem sftp /usr/local/libexec/sftp-server

# ls -ld /usr/local/libexec /usr/local/libexec/sftp-server
drwx------ 2 root other 512 Oct 7 2003 /usr/local/libexec
-rwxr-xr-x 1 root other 28292 Oct 7 2003
/usr/local/libexec/sftp-server

To correct the problem:
chmod 755 /usr/local/libexec

X11 forwarding problems
When attempting to run an X client, I received the following errors:

debug1: X11 connection uses different authentication protocol.
X11 connection rejected because of wrong authentication.

In this case, the file system housing the user's home directory was
full, resulting in a 0-byte ~/.Xauthority file. Freeing up space in
the user's home directory fixed the problem.

sudo: must be setuid root
If you receive this error when executing sudo, first check to make
sure that sudo is setuid root. A less obvious cause of this error is
that sudo is located on a file system mounted nosuid. If this is the
case, you will have to remount the file system suid if sudo is needed.
Note that mount -o remount,suid file_system may not work; you may have
to actually unmount the file system and remount it to fix the problem.

More information in this post.

0 Comments:

Post a Comment

<< Home