 Questions
and Answers
Amy Rich
Q I'm writing a CGI script
that takes input from a Web page and does some data sanitizing for
security purposes. To be sure that I catch everything, I'm
running Perl with taint checks on. Every time I try to test the
script, however, I get the following error:
Too late for "-T" option at addform.cgi line 1.
I've removed pretty much everything but the #! line from
the script in order to debug this, and I'm still getting the
error. How can the first line of the script be too late, especially
when that's pretty much the only thing in there? Here's
the first line:
#!/usr/local/bin/perl -T
A You don't specifically say how
you're testing this script, but I'm guessing you're
trying to execute it from the command line by running:
perl addform.cgi
If that's the case, Perl is complaining because you're calling
it from the command line without specifying -T on the command
line itself. You can either specify -T on the command line:
perl -T addform.cgi
or, better yet, don't invoke the command by calling Perl first.
You can just make your script executable and call it as:
./addform.cgi
Q I have Solaris 8 running on an Ultra
450. Occasionally, when I attempt to do an init 6, I only get
the prompt back and the machine refuses to shut down. I was under
the impression that init 6 should bring the machine down and
bring it back up to the default mode (multiuser, in our case). Is
there some reason why init (I also tried shutdown) does
not work?
A Shutdown gives you the
choice of sending out a message via wall and delaying the shutdown,
but then it merely calls init. An init directive can
fail if one of the rc.* shutdown scripts does not finish
for some reason. If you're seeing this sporadically, this could
be the result of a process waiting for I/O. To try and track down
the culprit, do a ps and look for processes with an rc
in their names that have been spawned by init. If the system
absolutely refuses to shut down with init, you can manually
kill off the stuck process, or use sync; sync; sync; halt.
You want the syncs to flush the I/O buffer to disk before bringing
the machine down.
Q I'm in the process of writing
a fairly complex set of CGI forms for our corporate Web pages. I've
done a bit of Perl, but not necessarily much in the way of CGI programming,
and I'm finding it's a bit different. One thing I find
frustrating is that debugging is harder because some fairly obscure
messages get written to the Apache logs, and I just get a non-informative
500 error in the Web browser itself. Is there a way to actually
see what the problems are in the browser, and is there any way I
can get more verbose error reporting?
A Instead of using Perl's
stock warn and die functions, try using the CGI::Carp
module. It replaces warn and die, plus the normal
Carp module's carp, croak, and confess
functions with more verbose versions. If you're not familiar
with using modules, you can get more information on them by running
perldoc -q module. To use the CGI::Carp module, just
put the following line at the top of your script:
use CGI::Carp;
You can also have CGI::Carp output to a logfile of your choice
if you're not happy sifting through the server error logs:
BEGIN {
use CGI::Carp qw(carpout);
open(LOG, ">>/tmp/cgi.log")
or die "Unable to append to /tmp/cgi.log: $!\n";
carpout(*LOG);
}
CGI::Carp also fulfills your request to have fatal errors sent
back to the browser for debugging:
use CGI::Carp qw(fatalsToBrowser);
The CGI::Carp module will try to push data out to the browser, even
if the error happens before the HTTP header is generated. Normal warnings
still go out to the file you've defined with carpout,
or to the daemon error log by default.
Q I'm using UFS snapshots on
Solaris 8, and they were working great until recently. Now, when
I try to use it to back up the root directory (/), I get
the following error:
snapshot error: File system could not be write locked
I haven't changed anything with the snapshots since I set them
up, so I'm rather perplexed as to why they suddenly stopped working.
Any ideas?
A There's a known bug (#4458695)
that is most likely the cause of your problem. If you're running
something in the real-time scheduling class with a / as its
current directory, you'll see this behavior. Lockfs
fails if a process has its pages locked in memory. The most common
culprit is xntpd, and you can shut it off while you're
doing the backup.
Q I wrote a Perl script that's
supposed to take a command as input and then format the output.
This works fine for normal system commands, but I'm also trying
to get it to work for aliases as the argument (such as dir
instead of ls), because many people here are attached to
their aliases. To do this, I'm invoking the command via back
tics in the Perl script, and I've also tried a system call.
Neither of these seem to be invoking the proper shell (bash),
however. Instead, Perl invokes sh to run all of its commands,
and sh doesn't have aliases. Is there a way around this?
Can I get Perl to somehow read the aliases?
A Perl does indeed call sh
when you invoke external programs from within it. Instead of independently
trying to read the aliases from people's dot files, you can
instead use system to explicitly invoke the user's shell.
If you're only concerned about bash, it's something
as simple as:
system('/path/to/bash', '-ci', $COMMAND);
This assumes that you've defined $COMMAND previously,
of course. If you want to be more flexible, you can read the environment
variable for the user's shell ($ENV{'SHELL'}) and have
an if statement that invokes the proper shell for each individual
user. As a fall-through case, you could just let Perl pass it off
to /bin/sh. Be sure to only allow specific shells, though,
and not to just blindly invoke whatever people set for their shell
environments.
Q We need to have more than seven
partitions on a large data stripe. I used Veritas Volume Manager
at my old job, so I know this was possible with their software.
Due to budgeting crunches, however, our CIO does not want to spend
the money to buy Veritas's expensive licenses. Is there a way
to accomplish the same thing with Solstice DiskSuite? I've
looked at all the documentation, but it looks like we're still
stuck with the disk slice restriction. We're running Solaris
8 on E450s.
A Starting with version 4.2.1 with
patch 108693-06, Solstice DiskSuite supports soft partitions. This
is similar to Veritas Volume Manager's ability to create large
numbers of virtual partitions on either one disk or multiple disks
striped or concatenated together. DiskSuite soft partitions can
be created on top of a physical disk, RAID 0, RAID 1, or RAID 5
volume. Sun hasn't updated their documentation on docs.sun.com
yet because this was functionality added on by a patch, but if you
download and install the version of SDS from:
http://www.sun.com/software/solaris/ds/ds-disksuite/
the accompanying man page has more information on the soft partitions
feature and how to set it up. Also, a decent primer seems to be:
http://www.primushost.com/~griff/soft-partitions.html
Q We have a Sun 280R server that's
hooked up to an external RAID box via two different SCSI cards. Is
there any way to have the 280R provide redundant failover?
A You don't mention what kind
of external RAID you've got attached to the system. If you
have a hardware RAID box, you can use specialized software that
will work with the RAID controllers in the box. If you just have
a generic JBOD RAID box attached via two generic SCSI cards, then
you may want to look at Dynamic Multipathing for Solaris 8. You
can get this functionality by purchasing Veritas Volume Manager,
or if you have one of Sun's StorEdge boxes, they usually come
with a license for StorEdge Volume Manager (Sun's stripped
version of Veritas's product).
Q I have an AIX machine that blew
a power supply on October 28th. Every day since then, I get an email
message telling me about the problem, even though it's been
corrected:
A PROBLEM WAS DETECTED ON Tue Nov 2 04:00:43 EST 2001
The Service Request Number(s)/Error Code(s).
805-805: Error Log Analysis indicates the following problem:
Probable Cause or Causes:
- 100% power supply 00-00 Loss of AC Power.
Why am I continually getting this message, and how do I make it stop?
A You're receiving a message
every day because you have a cron job that runs and checks your
errorlog for any serious reported errors. After you fixed your power
supply issue, you did not clear the error log. You can clear the
errorlog by using errclear 0.
Q I have a pipe-delimited dump of
an Oracle database. There's a lot of extraneous spaces and
tabs in between the data, but some of the fields do actually have
embedded spaces in them. What I want to do is strip out all of the
extraneous spaces but leave the embedded spaces. I'm sure there
must be a fairly easy way to do this with sed, but I keep
deleting the white space that I want, in addition to the unwanted
whitespace.
Here's an example of what the record looks like to begin
with (where x's are either alphanumerics or symbols
other than |):
|<tab> xxxx<tab> | xxx x x xxxxx <tab> || xxx|<tab><tab>|xxx |
The output I want is:
|xxxx|xxx xxxxx||xxx||xxx|
The fields where the spaces and tabs appear are not consistent, so
I can't count on that to build up a regular based on that. Any
suggestions?
A Instead of trying to work up
a regular expression that tries to determine where NOT to delete
the whitespaces (which sounds like what's happening if you're
accidentally deleting valid whitespace), use an algorithm that explicitly
defines where TO remove the white space. In your case, the only
place you want to remove the whitespace is around your delimiter,
the |. To accomplish this, try:
sed -e 's/[ ]*|[ ]*/|/' infile > outfile
There are a space and a tab character enclosed within the brackets.
You can get the tab by first hitting Control-v and then the Tab key.
Depending on your system, you can also try:
sed -e 's/[:blank:]*|[:blank:]*/|/' infile > outfile
Q I'm running a small news server
for a non-profit organization, and I was wondering what happens when
the server gets duplicate Message IDs with different bodies? One of
the users is complaining that some of his messages never appear when
he uses his posting script. I'm suspicious that this has something
to do with the Message IDs, since he hard-codes it in there.
A This would indeed be an issue.
When a news server receives an offered message with the same Message
ID as an existing message, it refuses it. When the news server is
manually fed an article with the same Message ID as an existing
message, it rejects it. Your user should be seeing some errors when
he uses his script. Instead of hard-coding the Message ID, you can
have your user generate it on the fly (if it's being directly
sent to the news server on port 119) or just let some piece of posting
software handle the generation. The better answer is to use some
sort of real posting software, but that may or may not be an option,
depending on exactly what your user is trying to accomplish.
Q I have a number of ASCII files
that I need to translate into EBCDIC as part of an exchange of data
that needs to be done with another site. Just telling them to use
ASCII is not, unfortunately, an option. I took a look at various
system tools like sed and tr, and none of those seem
to fit the bill. I'll also need to be able to convert data
we get from them back to ASCII, too, but I'm hoping that one
tool will accomplish both objectives. Do I need to get a third party
utility, or is there something on my system (SCO) that I can use
to do the conversion?
A You're in luck. There's
a tool on almost every UNIX and UNIX-like system that can do the
conversion for you -- dd. To convert from ASCII to EBCDIC,
do:
dd if=infile of=outfile conv=ebcdic
To translate in the reverse direction, merely do:
dd if=infile of=outfile conv=ascii
There are several other arguments to the conv operand. Refer
to the man page for more information.
Q We're collecting a lot of
sar data to do performance profiling on our Solaris 7 machines.
We'd really love a way to hand upper management some color
graphs of each our machine's sar output, which will
help them pinpoint where we need to budget more money for hardware.
Is there a fairly simple graphing tool that can be used with sar?
A See the man page for sag,
or you may want to try a freeware tool like sarge (http://www.vais.net/~efinch/sarge.html).
Amy Rich, president of the Boston-based Oceanwave Consulting,
Inc. (http://www.oceanwave.com), has been a UNIX systems
administrator for more than five years. She received a BSCS at Worcester
Polytechnic Institute, and can be reached at: arr@oceanwave.com.
Submit questions to: http://www.sysadminmag.com/quest/.
| 
