Cover V07, I09


Questions and Answers

Bjorn Satdeva

Let me start with a correction to a previous column. One reader asked if it was possible to turn off the banner page when printing a job. Several people pointed out that this is possible with the -onb option. Thanks to everybody who wrote to me with this correction.

Also, thanks to the many people who sent me pointers to sites on the Internet that have precompiled freeware packages available for download. When the stream of email on this topic dies down a little bit, I will collect all the URLs and make them available on our Web server.

I also received several responses from people at HP regarding my comment on a product called ignite. I want everybody to understand that in this column I do not do product reviews. In the almost 10 years I have been doing this Q&A for Sys Admin magazine, and its predecessor, Root, I have simply been sharing my experiences, mistakes, successes, and general opinions. I have never recommended a book or software package that I have not used and found useful. I have never given a recommendation based on a vendor's sales material or technical documentation if I have not used that product.

The reader who sent in the question about ignite was making a number of claims for the product that, as I mentioned, made me suspicious of it. I have read all the material people sent, but I still have more questions than answers. The material certainly did not assure me that the product was built by people with system administration experience. The product may work wonderfully in a homogeneous HP-UX environment, but since it is a proprietary product, I would prefer to handle the problem of a unbootable root disk in ways that are supportable across multiple vendor platforms.

 Q What is the best way to validate a file system?

 A Use the fsck program. It will run automatically each time you reboot the system. Do NOT use fsck on any file system when the machine is in multi-user mode, because this program operates directly on the disk. UNIX caches writes to the disk, and the time lag between when a user process finishes a write to a file until the update is actually written to the disk causes fsck to believe that any active file system is damaged. Any repairs done by fsck in a live system will cause, sometimes serious, damage to that file system.

 Q Does inode provide information about file name?

 A The inode contains information about the file. Besides the inode number, it contains data such as owner, group, access modes, modification times, and number of hard links. It also contain the direct and indirect disk blocks, which are pointers to the blocks on the disk where the file is stored. However, the inode does not contain the file name. That information is stored in the directory that contains the file.

 Q How do you track down lost files using inode and lost+found file?

 A To my knowledge, you will need to look at each file and make an educated guess as to what it is. This is easiest for text files, but with the help of the strings program, you might often be able to make educated guesses (e.g., look for a usage statement). For directories, you can look at the contents of the directory and often identify them that way. If you have such a large number of files in the lost+found directory that this becomes a major task, you should go to the last backup instead.

 Q Why do we keep 0-99 numbers for root uid (root uid is 0, so why are the 1-99 numbers reserved)? All other users get uid numbers greater than 99.

 A The reason is mostly historical. The system needs a number of user IDs that own various system resources, such as bin, uucp, lp, and so on. At least as far back as UNIX version 7, these user IDs have been allocated in the beginning of the password file, and have had user IDs below 100. The user ID that is actually used differs between vendors, and you can avoid a lot of problems by strictly leaving that ID space alone. When I add software that requires dedicated IDs and that is shared across multiple system types, I use IDs in the range of 101-199, starting the first regular user with ID 201.

 Q Is it possible to have Windows clients access the mail system on FreeBSD? That is, can FreeBSD's mail function as a post office to non-UNIX clients via SMTP or POP protocols?

 A Yes. You need to get the program called popper, which is a POP server. You can get it from:

 Q I have a 4mm-DAT backup tape-created fbackup on an HP-UX server that I would like to access on an RS/6000 server running AIX. Is this possible? I have not found any commands or scripts that will allow me to do this.

 A Fbackup is a proprietary backup program from HP. If I remember correctly, it also uses a proprietary format for each archive. To transfer data between HP-UX and AIX you will probably need to go to a more standardized format, such as tar.

 Q Should a system administrator at a company that writes software know how the main product runs on the machines?

 A I think that it would very much depend on what kind of software the company is developing and how involved the system admministrator will be in that product. I at one time worked at a place where I was more or less clueless about the product the company was developing. My job was to support the UNIX machines, which were only used as a development platform, while the software was used on proprietary hardware. Whether the system administrator should know and understand the software that is developed by his or her organization that must be evaluated on a case-by-case basis.

 Q How should I set up my UNIX server to allow users who own virtual servers to have access to a cgi-bin directory, so their virtual servers can easily support CGI scripts? I don't know what is the best way to set up groups and user rights. I also don't want to decrease security.

 A I usually set that up by giving each virtual server its own sub-directory (actually a separate file system), and giving access permission to the user responsible for maintaining it. It is, however, necessary to establish policies and security audits for the Web server to ensure a minimal level of security. If you allow users to develop CGI scripts, and those scripts are not carefully inspected for security flaws, you might find that your Web server has no security to speak of. It would the be a good idea to consider the entire machine "disposable" and to avoid placing any critical data or processes on it. When I call a machine "disposable", I mean that it has been determined that it is possible to penetrate the security surrounding it, and that no other service is dependent on it.

 Q Is there any article or documentation on UNIX flavors comparisons, for example AIX versus HP-UX or Sun Solaris? I'm trying to do a presentation on system comparisons, and I think from a System Administration standpoint, there shouldn't be a lot of differences.

 A From a system administration point of view, the closest thing to a comparison of the various UNIX platforms is probably Evi Nemeth's System Administration Handbook; however, does not make any judgment of which system is "better". The decision of purchasing one version of UNIX over another should be based on the need for supporting the applications it must be running. All vendors now provide "value added" changes to the system administration software, mostly aimed at the lowest common denominator (i.e., the people who don't know how to do system administration), creating differences between the various platforms that can make supporting a hetrogenious network difficult. The only system administration-related command I can think of that is the same across all UNIX platforms is "sync", but it will not surprise me if a system vendor comes out with fancy options even to this command.

 Q I would like to know the difference between swap and dump?

 A Swap refers to the memory management system, which shifts pieces between the swap area on the disk and main memory in the machine. Modern versions of UNIX rarely do any swapping, because most transfers are done by paging, a similar process. Swapping is moving all the memory space related to a process between disk and main memory, while paging is used to move small increments of such memory as needed. Typically, swapping is only done when the system finds itself with a serious memory shortage, and it needs to generate more space fast. Dumping on the other hand is done if the system finds itself in a situation where it is no longer able to continue to operate. In that case, it will copy the kernel part of the memory to the disk swap space, where it can be recovered for analysis by a kernel engineer after the system has been rebooted.

 Q I have a SCO UNIX Pentium capturing the ASCII text error dumps from multiple remote telephone switches by connecting the serial printer port of the switch to a networked Digiboard. I telnet to the given Digiboard address and port and redirect the output to a file for alarm and analysis purposes. This procedure fails when moved to a background process due to telnet limitations. Is there a simple C, Perl, or shell script I can use to open a socket to a given port, capture the incoming data, and redirect it to a file. I'd like to do this all in a background process, so it can be stopped and restarted by cron or other processes. Please suggest any stty, termio, or terminfo settings that may be essential to the scripts.

 A It is not telnet that your shell script cannot access on the system you are connecting to. When you connect to a remote system (or any kind), using programs such as telnet or rlogin, you get a separate environment. If you use "expect" to talk to your telnet process, you should be able to obtain the desired result.

 Q I've got some questions about backing up using tape drives. Suppose I have one TR4 tape with 4/8Gb capacity, and I want to backup three filesystems (2G,1G, and 1G). Is it possible to make a level 0 backup on the 2G file system, and rather than rewind the tape, append the next two backups? Or do I need to have 3 TR4 tapes to be able to backup three filesystems?

 A You can put multiple images on a single tape, if you use what is commonly called the "no-rewind" device for your tape. The exact name of that device will differ from system to system, but if your normal device is called /dev/rmt0, the no-rewind device will probably be called something like /dev/nrmt0 (where n means no rewind).

When you make a restore from a tape containing multiple images, you can use the mt command to fast forward to the right image, and then use your usual restore command to retrieve the files you need from that image.

About the Author

Bjorn Satdeva is the president of /sys/admin, inc., a consulting firm which specializes in large installation system administration. Bjorn is also co-founder and former president of Bay-LISA, a San Francisco Bay Area user's group for system administrators of large sites. Bjorn can be contacted at /sys/admin, inc., 2787 Moorpark Ave., San Jose, CA 95128; electronically at; or by phone at (408) 241-3111.