When I tried to import veritas disk group today using vxdg -C import doxerdg, there’s error message shown as the following:

VxVM vxdg ERROR V-5-1-684 IPC failure: Configuration daemon is not accessible
return code of vxdg import command is 768

VxVM vxconfigd DEBUG V-5-1-0 IMPORT: Trying to import the disk group using configuration database copy from emc5_0490
VxVM vxconfigd ERROR V-5-1-0 Segmentation violation – core dumped

Then I used pstack to print the stack trace of the dumped file:

root # pstack /var/core/core_doxerorg_vxconfigd_0_0_1343173375_140
core ‘core_doxerorg_vxconfigd_0_0_1343173375_14056′ of 14056: vxconfigd
ff134658 strcmp (fefc04e8, 103fba8, 0, 0, 31313537, 31313737) + 238
001208bc da_find_diskid (103fba8, 0, 0, 0, 0, 0) + 13c
002427dc dm_get_da (58f068, 103f5f8, 0, 0, 68796573, 0) + 14c
0023f304 ssb_check_disks (58f068, 0, f37328, fffffffc, 4, 0) + 3f4
0018f8d8 dg_import_start (58f068, 9c2088, ffbfed3c, 4, 0, 0) + 25d8
00184ec0 dg_reimport (0, ffbfedf4, 0, 0, 0, 0) + 288
00189648 dg_recover_all (50000, 160d, 3ec1bc, 1, 8e67c8, 447ab4) + 2a8
001f2f5c mode_set (2, ffbff870, 0, 0, 0, 0) + b4c
001e0a80 setup_mode (2, 3e90d4, 4d5c3c, 0, 6c650000, 6c650000) + 18
001e09a0 startup (4d0da8, 0, 0, fffffffc, 0, 4d5bcc) + 3e0
001e0178 main (1, ffbffa7c, ffbffa84, 44f000, 0, 0) + 1a98
000936c8 _start (0, 0, 0, 0, 0, 0) + b8

Then I tried restart vxconfigd, but it failed as well:

root@doxer#/sbin/vxconfigd -k -x syslog

VxVM vxconfigd ERROR V-5-1-0 Segmentation violation – core dumped

After reading the man page of vxconfigd, I determined to use -r reset to reset all Veritas Volume Manager configuration information stored in the kernel as part of startup processing. But before doing this, we need umount all vxvm volumes as stated in the man page:

The reset fails if any volume devices are in use, or if an imported shared disk group exists.

After umount all vxvm partitions, then I ran the following command:

vxconfid -k -r reset

After this, the importing of DGs succeeded.

To add a paging space “paging0″

• Create a new LV for paging space

mklv -t paging -y paging0 rootvg 10

• Add the entry in /etc/swapspaces to activate the paging space during next reboot

chps -a y paging0

• Activate the paging space

swapon /dev/paging0

To remove an active paging space “paging00″

• Deactivate the paging space using swapoff commnad

swapoff /dev/paging00

• remove the paging space using rmps command

rmps paging00

• Remove the entry from /etc/swapspaces so that it is not activated during next reboot

chps -a n paging00

When I tried resetting a local user’s password on a solaris host, I met the following error message:

root@doxer # passwd <username>
New Password:
Re-enter new Password:
Permission denied

This was very weird as I was logged on as root when doing this operation:

root@doxer # id
uid=0(root) gid=1(other)

After some searching I found that this was caused by passwd by default will try to reset LDAP password if the host is using ldap for authentication. Here’s excerpt from /etc/nsswitch.conf:

passwd: compat
passwd_compat: ldap

To resolve this, you need designate which authentication mechanism you want to use for resetting a password(here we should use files as this user was local one):

passwd -r files <username>

If you got error like the following when do a df list which has veritas vxfs as underlying FS:

df: `/BCV/testdg’: Input/output error
df: `/BCV/testdg/ora’: Input/output error
df: `/BCV/testdg/ora/archivelog01′: Input/output error
df: `/BCV/testdg/ora/gg’: Input/output error

And when use vxdg list, you found the dgs are in disabled status:

testarc_PRD disabled 1275297639.26.doxer
testdb_PRD disabled 1275297624.24.doxer

Don’t panic, to resolve this, you need do the following:

1) Force umount of the failed fs’s
2) deporting and importing failed disk groups.
3) Fixing plexes which were in the DISABLED FAILED state.
4) Fsck.vxfs of failed fs’s
5) Remounting of the needable fs’s

Here’s an example/tutorial about bash Shell Parameter Expansion:

#!/bin/bash
my_null=”";
my_god=”God exists”;
my_null_message=”yes, it’s null”;
#If parameter is unset or null, the expansion of word is substituted. Otherwise, the value of parameter is substituted.
echo ${my_null:-hello_world};
#If parameter is unset or null, the expansion of word is assigned to parameter. The value of parameter is then substituted. Positional parameters and special parameters may not be assigned to in this way.
echo ${my_null_2:=hello_world_2};

#If parameter is null or unset, the expansion of word (or a message to that effect if word is not present) is written to the standard error and the shell, if it is not interactive, exits. Otherwise, the value of parameter is substituted.
#echo ${my_null:?”yes, it’s null”};
#If parameter is null or unset, nothing is substituted, otherwise the expansion of word is substituted.
echo -n ${my_null:+nothing_substituted};

#Expands to up to length characters of parameter starting at the character specified by offset. If length is omitted, expands to the substring of parameter starting at the character specified by offset. length and offset are arithmetic expressions (see Shell Arithmetic). This is referred to as Substring Expansion. length must evaluate to a number greater than or equal to zero. If offset evaluates to a number less than zero, the value is used as an offset from the end of the value of parameter. If parameter is ‘@’, the result is length positional parameters beginning at offset. If parameter is an indexed array name subscripted by ‘@’ or ‘*’, the result is the length members of the array beginning with ${parameter[offset]}. A negative offset is taken relative to one greater than the maximum index of the specified array. Substring expansion applied to an associative array produces undefined results.
#Note that a negative offset must be separated from the colon by at least one space to avoid being confused with the ‘:-’ expansion. Substring indexing is zero-based unless the positional parameters are used, in which case the indexing starts at 1 by default. If offset is 0, and the positional parameters are used, $@ is prefixed to the list.
echo ${my_god:4};
echo ${my_god:0:3};

#The length in characters of the expanded value of parameter is substituted. If parameter is ‘*’ or ‘@’, the value substituted is the number of positional parameters. If parameter is an array name subscripted by ‘*’ or ‘@’, the value substituted is the number of elements in the array.
echo “God exists has ${#my_god} characters”;

#The word is expanded to produce a pattern just as in filename expansion (see Filename Expansion). If the pattern matches the beginning of the expanded value of parameter, then the result of the expansion is the expanded value of parameter with the shortest matching pattern (the ‘#’ case) or the longest matching pattern (the ‘##’ case) deleted. If parameter is ‘@’ or ‘*’, the pattern removal operation is applied to each positional parameter in turn, and the expansion is the resultant list. If parameter is an array variable subscripted with ‘@’ or ‘*’, the pattern removal operation is applied to each member of the array in turn, and the expansion is the resultant list.
echo ${my_god#God};

#The word is expanded to produce a pattern just as in filename expansion. If the pattern matches a trailing portion of the expanded value of parameter, then the result of the expansion is the value of parameter with the shortest matching pattern (the ‘%’ case) or the longest matching pattern (the ‘%%’ case) deleted. If parameter is ‘@’ or ‘*’, the pattern removal operation is applied to each positional parameter in turn, and the expansion is the resultant list. If parameter is an array variable subscripted with ‘@’ or ‘*’, the pattern removal operation is applied to each member of the array in turn, and the expansion is the resultant list.
echo ${my_god%exists};

#The pattern is expanded to produce a pattern just as in filename expansion. Parameter is expanded and the longest match of pattern against its value is replaced with string. If pattern begins with ‘/’, all matches of pattern are replaced with string. Normally only the first match is replaced. If pattern begins with ‘#’, it must match at the beginning of the expanded value of parameter. If pattern begins with ‘%’, it must match at the end of the expanded value of parameter. If string is null, matches of pattern are deleted and the / following pattern may be omitted. If parameter is ‘@’ or ‘*’, the substitution operation is applied to each positional parameter in turn, and the expansion is the resultant list. If parameter is an array variable subscripted with ‘@’ or ‘*’, the substitution operation is applied to each member of the array in turn, and the expansion is the resultant list.
echo ${my_god/exists/does not exist};

Let’s assume that your application software like IBM websphere was using ldap for authentication, and you don’t want the user “wasadm” in a position that it’s password expires someday as a result of conforming to PAM policy. To do this, you should consider using ldap objectClass organizationalPerson and inetOrgPerson(this is sub of organizationalPerson) instead of posixAccount and shadowAccount.

If you’re using ldap tool JXplorer to communicate with ldap server, you’ll find there’re ldap Attributes such as userPassword, shadowLastChange etc when you are using objectClass posixAccount and shadowAccount for the entry. But after you removed objectClass posixAccount and shadowAccount, and add organizationalPerson and inetOrgPerson for the entry, you’ll find these Attributes evaporate which implicate the password will no longer needed for this entry. After this, our goal of setting account never expire has been achived.

Here’s two snapshots:

using objectClass posixAccount shadowAccount

using objectClass organizationalPerson and inetOrgPerson

PS:

1.  Here’s a resource where you can check hierarchy of ldap Attributes, objectClass and their description. http://www.zytrax.com/books/ldap/ape/
2. For full LDAP info, I would recommend you read the following online book: http://www.zytrax.com/books/ldap/
3. Here’s a good document about ldap with details on integration ldap with sendmail/squid etc. download ldap integration.zip