Forget about all the reasons why something may not work. You only need to find one good reason why it will.

CRLE – How to recover from a bad crle config

crle is a powerful command on Solaris. It can change where the OS looks for its libraries and in what order.

If someone has run this command with the -l flag and changed the path to something which has bricked your server, don’t fear it IS recoverable.
You’ll know it when you see it, trying to do anything with the server will spit out library errors.

Firstly, determine whether you have a separate /var partition. This is untested with an rpool, but works well with SVM/SDS and UFS root. If your /var mounts in single user inside an rpool, you should be able to follow similar steps to the ufsroot with /var on the root partition.

If you have a separate /var, recovery is:

Log into the systems SP and issue a break. Don’t even bother trying to get to the console, if crle has bricked your server you wont even have the libraries to get a login prompt.
At the ok prompt:
ok setenv auto-boot? false
ok reset-all
… system will reset back to ok prompt …

ok boot -as

When you get prompted for an /etc/system file, use /dev/null. This forces a disk boot, rather than an SDS boot.

Once you’re in, mount /var, this should mount your SDS mirror. If it doesn’t you’ll need to mount each side of /var individually.
# mount /var
Then move the bad config file.
# mv /var/ld/ld.config /var/ld/ld.config.bak

This will result in the defaults being used (/lib:/usr/lib:/usr/local/lib) if it can’t find the custom library path file.
If you do have a custom path you use, run the following after you’ve moved the file:
# crle -c /var/ld/ld.config -l “custom path”
E.g.
# crle -c /var/ld/ld.config -l “/lib:/usr/lib:/usr/local/lib”

Then reboot the server and everything should come up fine.

If you don’t have a separate /var (you really should though!):

You can use the same procedure as above, except you’ll need to boot from cd or net boot. Unfortunately as soon as /var mounts, the system will use the ld.config file, and you won’t even be able to get a login prompt.

Boot off cd/net and then mount the root partition:

ok boot cdrom -s

Once booted:
# mount <device> /mnt
Move dodgy ld.config file:
# mv /mnt/var/ld/ld.config /mnt/var/ld/ld.config.old

You should then be able to reboot the server using the default library path. The above should work for both zfs/ufs root.

New bug, or perhaps fixed feature in Solaris Sendmail

After recently patching a bunch of mail gateway servers, we found odd behavior with how sendmail was handling delivery failures going to internal MX servers. In a 4 MX record environment, if just 1 of these were down, sendmail was instantly relaying back out to our external relays causing bounced mail.

What we found was a little feature in the sendmail.mc file called: FALLBACK_SMARTHOST

define(`confFALLBACK_SMARTHOST, `externalmailgateway.com’)

This was implemented years ago to allow for multiple external relays, however now that we use a hosted solution, which is clustered, this setting is no longer required. We found sendmail was not retrying another mx record on failure, but honoring the fallback_smarthost configuration on first failure. fallback_smarthost is designed so that if your smarthost is down, it has a fallback, fairly self explanatory, but with some unexpected behavior for local MX server delivery.

Simply removing this config item, and recompiling the sendmail.mc into the sendmail.cf file, then doing a refresh of sendmail in svcadm, fixed the issue.

Australian Magna Club Update

Moved the Australian Magna Club to a new VPS with much better specs, however hosted in the US so significantly cheaper. We have moved from centos 5.5 to ubuntu 9. Unfortunately due to the kernel version of XEN running we cannot upgrade to ubuntu 11.

Also dropped the use of cpanel as it is bloated and was causing performance issues on the previous VPS.

Transferred the database using mysqldump:
# Dump database to file
mysqldump –host=localhost –user=[username] –password=[password] [databasename] > /path/to/file/backup.sql
# Gzip file for smaller filesize, sql compresses very nicely as it’s mostly text
gzip /path/to/file/backup.sql
# ftp to our new host
ftp newhost
# Set upload mode to binary (as we are transferring a gzip file).
bin
# Turn hashing on, this is great if you have a large file as it will show the connection hasn’t timed out/stopped
hash
# Put the file
put /path/to/file/backup.sql.gz
# gunzip the file, run cksum on both source and uploaded files to confirm a successful transfer if extra paranoid
gunzip /path/to/file/backup.sql.gz
# Restore database
mysql –user=[username] –password=[password] [databasename] < /path/to/file/backup.sql

Created DNS zones from scratch on the new host using bind9, while our domain registrar updates their nameservers, I have used the old VPS to act as a temporary nameserver to avoid outage to the website.

I have also retuned the mysql database to make use of the increase in memory, as well as apache and php memory limits.

Bought a Nikon d3100 DSLR

Starting out my photography hobby with a Nikon d3100 DSLR with the 18-55mm kit lens.

So far it is an amazing camera and it is unbelievable how much difference a good quality body/lens makes over point and shoots. The d3100 stood out in regards to features vs. price, will update this space as I explore various techniques and what has worked for me.

Maddock Consulting

About

David established Maddock Consulting with the vision of providing value for clients in a port-folio of business activities including direction from the Board table, senior leadership on projects and helping shape the future talent pool. David has spent over 20 years in professional services and was previously a partner with global firm Deloitte focusing on financial reporting, special advisory projects, due diligence, mentoring, internal control and sustainability/carbon reporting.
David is a chartered accountant and a member of the mentoring organisation ARG.

Current Status

This website is currently live, with no plans to update in the near future.

Current Role

Website developer and designer.

URL: http://dwmaddock.com.au

Australian Magna Club

About

The Australian Magna Club brings you the hottest and latest Magna, Verada, 380 and Diamante news from around the world. AMC is the largest Mitsubishi based club in Australia.
With their online forums (with currently 10,000 users!) and large collection of technical articles, you will be sure to find exactly what you are after.

Current Status

The website and forums are currently live, however we have recently moved to a higher capacity host, and will now be performing a series of application upgrades of mysql, apache and vbulletin.

Current Role

Administration over the entire website, including web server and forum management, using mysql and apache technologies.

URL: http://aussiemagna.com

Welcome!

Welcome to the new home page for Leigh Maddock IT.

This is a personal blog website for me, Leigh, to express my current projects and experience in the IT world.

A little about me:
I currently work for the biggest Transport company in Australia as a UNIX/LINUX System Administrator, dealing with mostly Redhat Entreprise Linux 5+ and Sun/Oracle Solaris 8/9/10.

I enjoy programming in my spare time and I am currently working on a few side projects in python.

I can be contacted via Email @ maddockit@gmail.com