Cover V11, I02



Questions and Answers

Amy Rich

Q I'm writing a CGI script that takes input from a Web page and does some data sanitizing for security purposes. To be sure that I catch everything, I'm running Perl with taint checks on. Every time I try to test the script, however, I get the following error:

Too late for "-T" option at addform.cgi line 1.
I've removed pretty much everything but the #! line from the script in order to debug this, and I'm still getting the error. How can the first line of the script be too late, especially when that's pretty much the only thing in there? Here's the first line:

#!/usr/local/bin/perl -T
A You don't specifically say how you're testing this script, but I'm guessing you're trying to execute it from the command line by running:

perl addform.cgi
If that's the case, Perl is complaining because you're calling it from the command line without specifying -T on the command line itself. You can either specify -T on the command line:

perl -T addform.cgi
or, better yet, don't invoke the command by calling Perl first. You can just make your script executable and call it as:

Q I have Solaris 8 running on an Ultra 450. Occasionally, when I attempt to do an init 6, I only get the prompt back and the machine refuses to shut down. I was under the impression that init 6 should bring the machine down and bring it back up to the default mode (multiuser, in our case). Is there some reason why init (I also tried shutdown) does not work?

A Shutdown gives you the choice of sending out a message via wall and delaying the shutdown, but then it merely calls init. An init directive can fail if one of the rc.* shutdown scripts does not finish for some reason. If you're seeing this sporadically, this could be the result of a process waiting for I/O. To try and track down the culprit, do a ps and look for processes with an rc in their names that have been spawned by init. If the system absolutely refuses to shut down with init, you can manually kill off the stuck process, or use sync; sync; sync; halt. You want the syncs to flush the I/O buffer to disk before bringing the machine down.

Q I'm in the process of writing a fairly complex set of CGI forms for our corporate Web pages. I've done a bit of Perl, but not necessarily much in the way of CGI programming, and I'm finding it's a bit different. One thing I find frustrating is that debugging is harder because some fairly obscure messages get written to the Apache logs, and I just get a non-informative 500 error in the Web browser itself. Is there a way to actually see what the problems are in the browser, and is there any way I can get more verbose error reporting?

A Instead of using Perl's stock warn and die functions, try using the CGI::Carp module. It replaces warn and die, plus the normal Carp module's carp, croak, and confess functions with more verbose versions. If you're not familiar with using modules, you can get more information on them by running perldoc -q module. To use the CGI::Carp module, just put the following line at the top of your script:

use CGI::Carp;
You can also have CGI::Carp output to a logfile of your choice if you're not happy sifting through the server error logs:

  use CGI::Carp qw(carpout);
  open(LOG, ">>/tmp/cgi.log")
    or die "Unable to append to /tmp/cgi.log: $!\n";
CGI::Carp also fulfills your request to have fatal errors sent back to the browser for debugging:

use CGI::Carp qw(fatalsToBrowser);
The CGI::Carp module will try to push data out to the browser, even if the error happens before the HTTP header is generated. Normal warnings still go out to the file you've defined with carpout, or to the daemon error log by default.

Q I'm using UFS snapshots on Solaris 8, and they were working great until recently. Now, when I try to use it to back up the root directory (/), I get the following error:

snapshot error: File system could not be write locked
I haven't changed anything with the snapshots since I set them up, so I'm rather perplexed as to why they suddenly stopped working. Any ideas?

A There's a known bug (#4458695) that is most likely the cause of your problem. If you're running something in the real-time scheduling class with a / as its current directory, you'll see this behavior. Lockfs fails if a process has its pages locked in memory. The most common culprit is xntpd, and you can shut it off while you're doing the backup.

Q I wrote a Perl script that's supposed to take a command as input and then format the output. This works fine for normal system commands, but I'm also trying to get it to work for aliases as the argument (such as dir instead of ls), because many people here are attached to their aliases. To do this, I'm invoking the command via back tics in the Perl script, and I've also tried a system call. Neither of these seem to be invoking the proper shell (bash), however. Instead, Perl invokes sh to run all of its commands, and sh doesn't have aliases. Is there a way around this? Can I get Perl to somehow read the aliases?

A Perl does indeed call sh when you invoke external programs from within it. Instead of independently trying to read the aliases from people's dot files, you can instead use system to explicitly invoke the user's shell. If you're only concerned about bash, it's something as simple as:

system('/path/to/bash', '-ci', $COMMAND);
This assumes that you've defined $COMMAND previously, of course. If you want to be more flexible, you can read the environment variable for the user's shell ($ENV{'SHELL'}) and have an if statement that invokes the proper shell for each individual user. As a fall-through case, you could just let Perl pass it off to /bin/sh. Be sure to only allow specific shells, though, and not to just blindly invoke whatever people set for their shell environments.

Q We need to have more than seven partitions on a large data stripe. I used Veritas Volume Manager at my old job, so I know this was possible with their software. Due to budgeting crunches, however, our CIO does not want to spend the money to buy Veritas's expensive licenses. Is there a way to accomplish the same thing with Solstice DiskSuite? I've looked at all the documentation, but it looks like we're still stuck with the disk slice restriction. We're running Solaris 8 on E450s.

A Starting with version 4.2.1 with patch 108693-06, Solstice DiskSuite supports soft partitions. This is similar to Veritas Volume Manager's ability to create large numbers of virtual partitions on either one disk or multiple disks striped or concatenated together. DiskSuite soft partitions can be created on top of a physical disk, RAID 0, RAID 1, or RAID 5 volume. Sun hasn't updated their documentation on yet because this was functionality added on by a patch, but if you download and install the version of SDS from:
the accompanying man page has more information on the soft partitions feature and how to set it up. Also, a decent primer seems to be:
Q We have a Sun 280R server that's hooked up to an external RAID box via two different SCSI cards. Is there any way to have the 280R provide redundant failover?

A You don't mention what kind of external RAID you've got attached to the system. If you have a hardware RAID box, you can use specialized software that will work with the RAID controllers in the box. If you just have a generic JBOD RAID box attached via two generic SCSI cards, then you may want to look at Dynamic Multipathing for Solaris 8. You can get this functionality by purchasing Veritas Volume Manager, or if you have one of Sun's StorEdge boxes, they usually come with a license for StorEdge Volume Manager (Sun's stripped version of Veritas's product).

Q I have an AIX machine that blew a power supply on October 28th. Every day since then, I get an email message telling me about the problem, even though it's been corrected:

A PROBLEM WAS DETECTED ON Tue Nov  2 04:00:43 EST 2001

The Service Request Number(s)/Error Code(s).
805-805: Error Log Analysis indicates the following problem:

Probable Cause or Causes:
- 100%  power supply      00-00        Loss of AC Power.
Why am I continually getting this message, and how do I make it stop?

A You're receiving a message every day because you have a cron job that runs and checks your errorlog for any serious reported errors. After you fixed your power supply issue, you did not clear the error log. You can clear the errorlog by using errclear 0.

Q I have a pipe-delimited dump of an Oracle database. There's a lot of extraneous spaces and tabs in between the data, but some of the fields do actually have embedded spaces in them. What I want to do is strip out all of the extraneous spaces but leave the embedded spaces. I'm sure there must be a fairly easy way to do this with sed, but I keep deleting the white space that I want, in addition to the unwanted whitespace.

Here's an example of what the record looks like to begin with (where x's are either alphanumerics or symbols other than |):

|<tab>  xxxx<tab>  |    xxx x x xxxxx  <tab> || xxx|<tab><tab>|xxx  |
The output I want is:

|xxxx|xxx  xxxxx||xxx||xxx|
The fields where the spaces and tabs appear are not consistent, so I can't count on that to build up a regular based on that. Any suggestions?

A Instead of trying to work up a regular expression that tries to determine where NOT to delete the whitespaces (which sounds like what's happening if you're accidentally deleting valid whitespace), use an algorithm that explicitly defines where TO remove the white space. In your case, the only place you want to remove the whitespace is around your delimiter, the |. To accomplish this, try:

sed -e 's/[     ]*|[    ]*/|/' infile > outfile
There are a space and a tab character enclosed within the brackets. You can get the tab by first hitting Control-v and then the Tab key. Depending on your system, you can also try:

sed -e 's/[:blank:]*|[:blank:]*/|/' infile > outfile
Q I'm running a small news server for a non-profit organization, and I was wondering what happens when the server gets duplicate Message IDs with different bodies? One of the users is complaining that some of his messages never appear when he uses his posting script. I'm suspicious that this has something to do with the Message IDs, since he hard-codes it in there.

A This would indeed be an issue. When a news server receives an offered message with the same Message ID as an existing message, it refuses it. When the news server is manually fed an article with the same Message ID as an existing message, it rejects it. Your user should be seeing some errors when he uses his script. Instead of hard-coding the Message ID, you can have your user generate it on the fly (if it's being directly sent to the news server on port 119) or just let some piece of posting software handle the generation. The better answer is to use some sort of real posting software, but that may or may not be an option, depending on exactly what your user is trying to accomplish.

Q I have a number of ASCII files that I need to translate into EBCDIC as part of an exchange of data that needs to be done with another site. Just telling them to use ASCII is not, unfortunately, an option. I took a look at various system tools like sed and tr, and none of those seem to fit the bill. I'll also need to be able to convert data we get from them back to ASCII, too, but I'm hoping that one tool will accomplish both objectives. Do I need to get a third party utility, or is there something on my system (SCO) that I can use to do the conversion?

A You're in luck. There's a tool on almost every UNIX and UNIX-like system that can do the conversion for you -- dd. To convert from ASCII to EBCDIC, do:

dd if=infile of=outfile conv=ebcdic
To translate in the reverse direction, merely do:

dd if=infile of=outfile conv=ascii
There are several other arguments to the conv operand. Refer to the man page for more information.

Q We're collecting a lot of sar data to do performance profiling on our Solaris 7 machines. We'd really love a way to hand upper management some color graphs of each our machine's sar output, which will help them pinpoint where we need to budget more money for hardware. Is there a fairly simple graphing tool that can be used with sar?

A See the man page for sag, or you may want to try a freeware tool like sarge (

Amy Rich, president of the Boston-based Oceanwave Consulting, Inc. (, has been a UNIX systems administrator for more than five years. She received a BSCS at Worcester Polytechnic Institute, and can be reached at:

Submit questions to: