Compiling the Unattended Project linuxboot on CentOS5

I use the Unattended Project to deploy various Windows 2003 server versions via PXE. The following describes how to get Unattended Linuxboot (tftp or pxe boot method) to properly compile on a CentOS5 based Linux system. The CentOS machine was deployed with minimum software packages, so your mileage may vary depending on what you already have installed or not.

yum install gcc gcc-c++ wireless-tools-devel bison bison-devel ncurses-devel flex subversion
cd /usr/src
svn co unattended
cd unattended/linuxboot
nano -w Makefile

1. Set the Mysql version to the latest 5.X version at otherwise it will not download.
2. Set the glibc version to 2.5 (the same version CentOS 5 uses)

make download
make tftpboot -j 4

Notes: The ‘-j 4’ option means that I have 4 CPU cores (Q9550 CPU) and to use all 4 of them. If you have more or less CPU cores, change this setting accordingly. On a Q9550 compilation takes around 10 minutes. On lesser CPU’s like a P4, it could take an hour or more. If compilation stops in an error state, either a package failed to download or your system is missing some dependencies.

You can compile a CD ISO with the ‘make iso -j 4’ command instead.

Etherchannel 802.1q trunk between Cisco and Foundry

Foundry and Cisco both implement port grouping (load sharing) but are very different.  The following code snippets describe the configuration needed between the two very different platforms to create a working Etherchannel trunk.

On the Cisco, ports 23 and 24 form the group for port-channel1:

port-channel load-balance src-dst-ip

interface Port-channel1
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 2,3
 switchport mode trunk
interface GigabitEthernet1/0/23
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 2,3
switchport mode trunk
channel-group 1 mode on
interface GigabitEthernet1/0/24
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 2,3
switchport mode trunk
channel-group 1 mode on

Note that in Cisco, load balancing is per-stream and not per-packet like in Foundry. Therefore you must choose the load sharing type. I found that src-dst-ip balanced traffic the best. The default is MAC based which is terrible in a layer3 routed network.

On the foundry, using ports 47 and 48:

vlan 2 by port
 tagged ethe 1 ethe 47 to 48
vlan 3 by port
 tagged ethe 1 ethe 47 to 48
trunk ethe 47 to 48

And that’s it. But don’t forget to issue the following command the first time you set it up:

trunk deploy

I didn’t see any issues with the different load sharing algorythms on each end with some limited testing. I suspect that as long as the latency is the same across both links in the group there shouldn’t be any issues with out of order packets and such. Send and receive loads on both lines appears well balanced.

Citrix Xenserver – Expanding Local Storage

Twice now, I have had the (dis)pleasure of expanding our local storage on a couple of XenServer boxes.  In a nutshell, here is how it works:

1.  Expand physical disk (add more RAID members, ect).  Use the procedure specific to your RAID card.

2.  Use fdisk to expand the partition your Local Storage resides on:

[root@vps1a ~]# pvscan
PV /dev/sda3 VG VG_XenStorage-4c69467e-0352-5bd4-3dee-e17cc18aee08 lvm2 [923.64 GB / 380.14 GB free]
Total: 1 [923.64 GB] / in use: 1 [923.64 GB] / in no VG: 0 [0 ]

Note the bold type to the left, /dev/sda3 is the partition we want to expand by deleting and re-adding to the maximum size in fdisk.  After you do this, you need to reboot so the OS will recognize the larger partition.  The bold type to the right is the UUID we need later.

3.  After rebooting, now we can expand the physical LVM volume:

pvresize /dev/sda3

4.  Now we tell XenServer that we increased the size, so you can actually use your extra space:

xe sr-scan uuid=4c69467e-0352-5bd4-3dee-e17cc18aee08

Note:  The UUID was discovered in step 2.

5.  All done!

Notes:  Rebooting the XenServer host is a real pain.  It can be avoided by adding your extra space as a separate partition or disk, then using vgextend to join the LVM physical volumes, instead of fdisk to expand an existing partition.  Using the vgextend method at step 2, you don’t have to reboot, but you lose the redundancy of having RAID5 or RAID10 backing your whole volume.

Alternate Row Shading in Excel

One way to make your data legible is to apply cell shading to every other row in a range. Excel’s Conditional Formatting feature (available in Excel or later) makes this a simple task.

  1. Select the range that you want to format
  2. Choose Format, Conditional Formatting
  3. In the Conditional Formatting dialog box, select Formula Is from the drop-down list, and enter this formula:
  4. Click the Format button, select the Patterns tab, and specify a color for the shaded rows.
  5. Click OK twice to return to your worksheet.

The best part is that the row shading is dynamic. You’ll find that the row shading persists even if you insert or delete rows within the original range.

Cpanel – Globally disabling the Email Catch-All feature

Spammers love nothing more than launching dictionary attacks on unsuspecting domains using the ‘catch-all’ feature.  This causes multiple problems — the main issues are excessive server load, disk usage, and spam volume.  The worse issue is that once spammers catch on to the fact your domain has a catch-all, they will launch spam campaigns with your domain as the sending domain and all of their backscatter will flood your inbox with legitimate bounces.  If you haven’t been the target of backscatter, keep it that way and disable your catch-all!

The following how-to explains how to manually disable the catch-all on every site.  Since there is no way to prevent a user from re-enabling the catch-all in their Cpanel account, you might consider setting this up to run via Cron every hour or so.

First, back up the virtual aliases:

mkdir /etc/valiasesbackup
cp -p /etc/valiases/* /etc/valiasesbackup

Then, check which sites have a catch-all enabled:

grep '*:' /etc/valiases/* | egrep -v ':fail:'

Disable the catch-all on any site(s) with catch-all enabled. After you do this, run the previous command again to make sure it worked — if it does, it shouldn’t return anything.

sed -i 's/^\*: [^ ]*$/*: :fail: ADDRESS DOES NOT EXIST/g' /etc/valiases/*

If something goes horribly wrong, you can restore the backup you just made:

cp -p –reply=yes /etc/valiasesbackup/* /etc/valiases


Cpanel / SuPHP Part 2 – Fix Ownership Issues

In addition to the correct chmod of files and folders (see part 1), you must ensure that all public_html files and folders have the correct (user and group) ownership.  The following Perl code will eliminate nobody/root ownership.  Place the Perl script into your /home directory and execute it.

#!/usr/bin/perl -w

my @dirs = grep -d,<*>;

foreach my $user (@dirs) {
`chown -R $user:$user $user/public_html/*`;