Cover V11, I06



Questions and Answers

Amy Rich

Q We have an internal Web server that stores a lot of our in-house documentation. We have so much documentation that, although it's well organized, it's hard to find things unless you know exactly what you're looking for. We need some sort of free Web-indexing software that will let us control what gets indexed, and when. We don't want to use something like a site-specific search on AltaVista because our Web server isn't accessible from the Internet and we don't want to make our internal documentation public. Any suggestions?

A Your best bet is probably ht://Dig ( ht://Dig will allow you to specify which directories get indexed and allows you to skip certain file extensions. This is useful for not indexing images and other binary files with standard extensions. You can update your database whenever you want via an interactive run or via cron. As an added plus, not only will ht://Dig index any HTML you have on your Web site, but it can be configured with helper programs to index a wide array of file formats. To add that functionality, take a look at the following "helper" software packages:

wp2html -- Converts Word Perfect and Word7 & 97 documents to HTML

catwpd -- Extracts text from Word Perfect documents (alternative to wp2html)

catdoc -- Extracts text from Word documents

rtf2html -- Converts RTF documents to HTML

pdftotext -- Extracts text from Adobe PDFs

ps2ascii -- Extracts text from ASCII files

PostScript xlHtml -- Converts Excel spreadsheets and Powerpoint to HTML

pptHtml -- Converts Powerpoint files to HTML (alternative to xlHtml)

xls2csv -- Extracts data from Excel spreadsheets (alternative to xlHtml)

swfparse -- Extracts links from Shockwave flash files

xls2csv -- Extracts data from Excel spreadsheets (alternative to xlHtml)

swfparse -- Extracts links from Shockwave flash files

pdftotext -- Converts PDF to text (part of xpdf)

You can also plug in any other conversion software into ht://Dig as long as it outputs to HTML (if you have something proprietary).

Q Our company recently purchased a number of other companies. In an effort to consolidate our infrastructure, we now have one main mail machine that's multi-homed on multiple networks, which is acting as the hub for all of the companies. Each Ethernet interface has a domain name of one of the companies we acquired. All but one of these domains should be masqueraded as our own (i.e., all their mail should go out as being from We haven't quite rolled the last domain under the company umbrella yet, and it needs to have outgoing mail appear as the actual hostname that's tied to the Ethernet interface ( Is there any way to easily accomplish this with Sendmail 8.12, or are we going to have to set up custom rewriting rules for each of the domains?

A You can use masquerading and then specify the host that must be left alone with the m4 macro MASQUERADE_EXCEPTION. The lines in your .mc file should look something like the following:

Q I'm looking for information on the HP PA-RISC architecture. Are there any good Web sites or books out there?

A HP's Web site ( has some information on various versions of the PA-RISC architecture. Depending on which version of the PA-RISC chip you're interested in, there's also a book by Gerry Kane called PA-RISC 2.0 Architecture (Hewlett Packard Professional Books, ISBN 0-13-182734-0) that was released in December of 1995.

Q I'm having trouble using ifconfig to bring up two IPs on the same NIC under Solaris 8. I know this should be straightforward, but I can't seem to get it to work. I can ifconfig hme0 up fine, and the network works:

ifconfig hme0 up

ifconfig hme0 shows:

hme0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet netmask ffffff00 broadcast
When I do ifconfig hme0:0, it changes hme0:

ifconfig hme0:0
ifconfig hme0:0 shows the correct thing:

hme0:0 flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet netmask ffffff00 broadcast
but ifconfig hme0 shows that hme0 has also changed:

hme0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet netmask ffffff00 broadcast
If I do ifconfig -a, it only shows lo0 and hme0, not hme0:0:

lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 1
inet netmask ff000000
hme0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet netmask ffffff00 broadcast
A Virtual interfaces start at 1, not 0. When you reference hme0:0, that's the same as referencing hme:0 itself (which is why ifconfig changes your primary interface information and does not show hme0:0 separately when you do an ifconfig -a). If you want to bring up the first virtual interface, do:

ifconfig hme0:1 plumb <IP> <NETMASK> broadcast <BROADCAST> up
You can create up to ip_addrs_per_if of logical addresses. The default for ip_addrs_per_if is 256, but you can modify the setting under /dev/ip with ndd to change it, or you can make modifications that will persist through a reboot in /etc/system.

Q We're in the process of evaluating various NFS appliances before choosing a product for our site. One area in which we need some help is performance testing. Do you have any suggestions to give these things a good workout? We'd like to simulate real usage, so we don't just want to read and write lots of random data to the disk. Since these are evaluation machines, though, we don't want to put anything overly important on them.

A Generally, simulating real use and stress testing a machine are two different things (unless you've spec'ed out your new machine too small). If you want to actually simulate real use, then it depends on what you plan to use the appliance for (building code, home directories, running a database, etc.). If you can set up a duplicate instance of whatever you plan to eventually run (a second Oracle instance, temporary build space, etc.) and have people actively use it, then that will help you come up with performance numbers that will most closely match your usage. This probably won't stress the appliance, though, since you shouldn't be generating enough data and traffic to know when the appliance will encounter problems.

If you want to exercise the appliance with lots of writes and reads using vaguely real data that doesn't necessarily correspond to your usage patterns, then you may want to consider putting something like a news spool with a full feed (especially binaries) on it. Determining whether the news idea is a good test for your site depends on how important Usenet service is (will people use it enough, and if you happen to lose it, will that significantly impact your site) and whether your acceptable use policy and site security policy allow for you to run a news server and carry a full feed.

If you're looking to truly stress test the disk, though, you may want to pick up an I/O benchmarking utility for starters. Take a look at for a list of both free and commercial products. If you're benchmarking a Netapp box, also look at postmark ( When you're testing, you'll want to carefully watch the output from nfsstat (or your machine's equivalent) and experiment with V2/V3 and tcp/udp settings and various frame sizes to see what works best in your environment.

Q I need to move my HP printer to a new IP address, but the queue setups were fairly customized, so I don't want to delete the old setup and start from scratch. I know that I can't just change the DNS address and have things work smoothly (I tried), so is there somewhere I can make a simple change without blowing away my existing configuration? I'm using JetAdmin on Solaris 8.

A Assuming that you successfully changed the IP address of the jetdirect card in the printer itself (i.e., you can ping the printer at the new address), this means that you specified the printer by IP when you set up your Solaris queues. Look for the following in the file /etc/lp/interfaces/<name>:

PERIPH=<your old printer IP>
Stop printing service and change this line to be the new IP of your printer or, even better, the name of your printer so you can rely on a name lookup. Then restart the printing service, and you should be able to print to the new IP.

Q We're trying to decide which Web server to install on our Solaris boxes. We need something that's going to be fast and handle a reasonably high load. Any suggestions?

A Without knowing your hardware configuration and what kinds of things your Web server will be doing, it's hard to suggest any specific software. Your best bet is probably to install various packages and stress test them all. One Web site with some benchmarking statistics that might get you started in the right direction is:
Q I'm running Sendmail 8.12.2 with milter support. My .mc file contains the following:

FEATURE('local_procmail', '/usr/bin/procmail')dnl
INPUT_MAIL_FILTER('mimedefang', 'S=unix:/var/run/mimedefang.sock, F=T, T=S:60s;R:60s;E:5m')
define('confPRIVACY_FLAGS', 'authwarnings,noexpn,novrfy')dnl
define('confHOST_STATUS_DIRECTORY', '.hoststat')dnl
define('confSMTP_LOGIN_MSG', '$j (NO UCE)')dnl
Most of the time mail is handled just fine, but I keep getting these intermittent errors:

Apr 30 21:14:36 mail sendmail[5532]: h1N5RqHJ005532: 
from=<>, size=9482, class=0, nrcpts=1, 
msgid=<5656130.1014186155403.JavaMail.etl@ombraapp01>, proto=SMTP, 
daemon=MTA, []
Apr 30 21:14:36 mail sendmail[5532]: h1N5RqHJ005532: Milter: data, 
reject=451 4.7.1 Please try again later
Apr 30 21:14:36 mail sendmail[5532]: h1N5RqHJ005532: to=<>, 
delay=00:00:01, pri=30564, stat=Please try again later
The domain to which the mail is being sent is valid and is accepted as local. The domain from which the mail is coming is also valid (in this case, well-known spammers, but it varies). Any clue as to why milter sometimes fails?

A This sounds like a known bug with the interaction of libmilter and Sendmail where the Sendmail code doesn't check for EINTR when select() returns an error. If you haven't already done so, try applying the milter.c patch listed here:
and rebuild/reinstall your source.

Q I'm running Solaris 8 and using Web Start Flash. When I use flarcreate to creating the archive, I sometimes see the error:

cpio: error: size of /etc/mnttab has changed
The archive is created successfully, but it makes me nervous that I got error output. What does this error mean?

A Cpio, used by flarcreate to create the archive, has known limitations when used to archive filesystems that are rapidly changing. I suspect that your machine is running automounter, which can cause /etc/mnttab to change while cpio is adding it to the archive. You should shut down such services before attempting to create your flash archive.

For more information on Web Start Flash, look at Sun's Documentation:

Creating Web Start Flash archives:

Installing Web Start Flash archives:

Web Start Flash reference:

Sun Blueprints Web Start Flash article:

Q Can we import an AIX 4.3.3 volume group into a new AIX 5.1 system? Will we be able to go back to the 4.3.3 volume group if we do (e.g., on the 5.1 machine)?:

importvg vg000
export vg000
and then on the 4.3.3 machine:

importvg vg000
A According to the AIX 5L Differences Guide Version 5.1 Edition redbook (, you should be fine going back and forth between the two, as long as you don't use any of the new features of 5L on the volume while it's imported on the 5L machine:

Because the physical volume and volume group identifiers have been changed from 16 characters to 32 characters, you can only access a volume group created on AIX 5L from an AIX Version 4.3.3 system after you have applied the appropriate fixes from the Fall 2000 AIX Version 4.3.3 Update CD. You can access a volume group created on AIX Version 4.3.3 on an AIX 5L system, but using any of the new features, like setting a different logical track group size, will change some of the volume group identification internal data structures in a way that the volume group becomes unusable on an AIX Version 4.3.3 or previous release.

Amy Rich, president of the Boston-based Oceanwave Consulting, Inc. (, has been a UNIX systems administrator for more than five years. She received a BSCS at Worcester Polytechnic Institute, and can be reached at: