 Questions
and Answers
Amy Rich
Q I'm a long-time Linux power user
who's finally gotten frustrated enough to move to a Mac. There are
lots of things that I love, but the use of NetInfo annoys me to
no end because things are no longer stored in flat text files. In
this particular case, I want to automount an SMB share from one
of my machines to the Mac. I can't figure out how to do this under
OS X. Can you give me a concrete example to follow?
A I'm guessing you want this to
be automatic for everyone and not have to hit apple-k from
the Finder when you want to do the mount. There are two basic ways
you can set up automounting under NetInfo. You can use the NetInfo
Manager to modify the database directly, or you can dump out the
database to a flat file, modify it, then re-import the flat file.
The former method will probably give you some insight to the reasons
behind the modifications in the latter, so I'll cover that first.
In this example, the server, server is exporting an SMB
share share to the username username and the password
password to be mounted dynamically on the client under /Network/Servers/server/share.
To run the NetInfo manager:
open /Applications/Utilities/NetInfo Manager.app
1. Authenticate as a privileged user by clicking the lock in the lower
left-hand corner of the window and typing in your password.
2. Click on the /mounts entry and then click the New
Folder icon in the upper left-hand corner of the window to create
a new entry. Change the Value of the name Property
to server:/share.
3. Now create properties under the new mount point by choosing
New Property from the Directory menu. Change the Property
to vfstype and the Value to url.
4. Create another property entry with the Property set
to dir and the Value set to /Network/Servers.
5. Create another property entry with the Property as opts
and the Value as net.
6. Click on the opts property and choose Insert Value
from the Directory menu. Change the Value to:
url==smb://user:password@server/share
7. Save your changes by selecting Save Changes from the Domain
menu and reboot the computer.
To make the same changes without going through the NetInfo Manager
GUI, you'd use the tools nidump and niload:
1. If you have not been keeping the /etc/fstab file up
to date as you've added other mount points, run the following command
as root to append the current mount point entries to the end of
/etc/fstab:
nidump fstab . >> /etc/fstab
2. Add the following line to the end of the file:
server:/share /Network/Servers url \
net,url==smb://user:password@server/share 0 0
This line is exactly the same as the one generated by using the NetInfo
Manager in the previous example.
3. Load the information back into the NetInfo database by running:
niload fstab . < /etc/fstab
Reboot the machine for these changes to take affect.
After employing either one of these methods, your SMB share should
automount when you cd into /Network/Servers/server/share.
If the share is not mounting, your local configuration might also
require you to specify the SMB Workgroup in the URL line:
url==smb://user:password@workgroup/server/share
Q I'm running FreeBSD 5.3-STABLE
on a machine with dual 1.2GHz AMD processors, and the machine crashes
often. I have another machine that's identical except for the fact
that there's only one CPU installed. Is there some issue with SMP
support under 5.3-STABLE?
A This is pretty sparse information
to go on since you don't describe your kernel configuration or what
software you have installed. You don't supply any error messages
or kernel trace information, either. I'd suggest looking through
the freebsd-stable list at:
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
for symptoms and conditions that match your own. Also search the FreeBSD
problem reports database at:
http://www.freebsd.org/cgi/query-pr-summary.cgi?query
If you don't find anything similar, then gather the information I
mentioned and post it to the appropriate FreeBSD mailing list.
As a shot in the dark, though, the issue might be hardware-related
if the machines aren't component for component identical. To make
sure all your hardware is compatible, see:
http://www.freebsd.org/releases/5.3R/hardware-i386.html
Try disabling PnP, HTT, and any other smart BIOS features that might
be controlling your hardware outside of the OS.
Some people have pointed out issues with drivers for various types
of network cards. There're also people who've had issues with SMP
and ipfilter. One specific pr is located at:
http://www.freebsd.org/cgi/query-pr.cgi?pr=83220
If you're using ipfilter, you might want to switch to pf.
Your issue could also be software related. You may have stumbled
across a bad kernel option or a bug in the system code or a third-party
application that has access to the kernel.
Q I have an SB2500 running Solaris
10 that recently changed subnets. I modified /etc/inet/hosts,
/etc/inet/netmasks, and /etc/defaultrouter to reflect
the new information, but the machine is still bringing up the old
IP address. I must have missed changing it somewhere (I'm not very
familiar with Solaris 10 yet). Could you provide some advice?
A Most likely your issue is that
you didn't change /etc/inet/ipnodes, which lists IPv6 and
IPv4 addresses. If this doesn't fix your issue, the best thing to
do is run sys-unconfig and go through the machine identification
procedure again when you reboot.
Q We're running Apache on a bunch
of 280Rs, and we're seeing very heavy CPU usage on each of these
boxes. Apache is a pain to try and truss because of the way it forks,
so I'm looking for another diagnostic tool to figure out what the
heck the kernel is doing. I can use vmstat or top to view the top-level
idle/user/kernel/iowait statistics, but I'm looking for something
a bit finer grained. Do you have any suggestions?
A If you're running a new enough
version of the Solaris OS, you can use DTrace to drill down into
the kernel in various ways. There's quite a bit of information on
DTrace at:
http://www.sun.com/bigadmin/content/dtrace/
If you're using something older like Solaris 8, you can check out
the kernel locking statistics by using tools like mpstat (to get per-processor
statistics), kstat (you need Sun's Perl installed), and lockstat.
Some commands that might give you useful information include:
kstat -p cpu_stat
lockstat -kIW -D 20 sleep 60
mpstat 10 6
Q Any mail I receive from
non-U.S. sites is generally spam. I'd like to populate my spam block
list with IPs based on country codes. I'd prefer to do this on my
own instead of using an external site, but I don't know where to get
the code mapping or how to munge them all together. Is there a utility
out there that does this?
A I actually wrote a couple scripts
quite a while ago that do this for me using sendmail access lists.
The first script downloads the delegated IP lists from apnic and
lacnic and scps them over to the mail server:
#!/usr/local/bin/perl
use Net::FTP;
use Net::SCP;
use File::Basename;
use Strict;
use Warnings;
my $destdir = '/etc/mail';
my $desthost = 'mx1.my.domain';
my $destuser = 'username';
my @ctrylist;
my $outfile = '/tmp/netblocks';
my @tmpfiles = $outfile;
my %fileloc = ('ftp.apnic.net' =>
'/apnic/stats/apnic/delegated-apnic-latest',
'ftp.lacnic.net' => '/pub/stats/lacnic/delegated-lacnic-latest');
chdir ("/tmp");
foreach my $ftpsite (keys%fileloc) {
my $filename = basename($fileloc{$ftpsite});
push @tmpfiles, $filename;
my $ftp = Net::FTP->new($ftpsite, Passive => 1)
or die "Can't connect to $ftpsite: $@\n";
$ftp->login or die "Can't get anon login to $ftpsite: $!";
$ftp->get($fileloc{$ftpsite}) or die
"Can't get $fileloc{$ftpsite}: $!";
$ftp->quit;
open(CFILE, "<$filename") or die "Can't open $filename: $!";
while (<CFILE>) {
push(@ctrylist, $_);
}
close CFILE;
}
open(OFILE, ">$outfile") or die "Can't open $outfile: $!";
print OFILE sort @ctrylist;
close OFILE;
$scp = Net::SCP->new("$desthost") or die
"Can't open scp to $desthost: $!";
$scp->login("$destuser");
$scp->cwd("$destdir");
$scp->put("$outfile") or die $scp->{errstr};
unlink(@tmpfiles);
The second script runs on the server (which can't ftp out); it parses
this file and reads entries from the file /etc/mail/access.stub,
creating sendmail access entries for the countries I want to
block plus any other by-hand entries I've added to the stub file.
If you're not using sendmail, you'll probably need to write a different
script to convert the netblocks file into a format that your MTA understands:
#!/usr/local/bin/perl
# This script grabs the list of address assignments/allocations from
# the ap and lac NICs, parses out the blocks assigned or allocated to
# various countries and prints out a list of CIDR blocks for use with
# sendmail's cidrexpand and acess file. It then takes that file and
# /etc/mail/acces.stub and creates the new /etc/mail/access file.
# The format of each line in the nic reports are:
# * First line:
# version|registry|serial|count|start date|end date|checksum
# * Subsequent lines:
# registry|cc|type|start|length|date|status
use Strict;
use Warnings;
# create a map for the netmasks and CIDR bits
my %netmasks = (
4 => "30", 8 => "29",
16 => "28", 32 => "27",
64 => "26", 128 => "25",
256 => "24", 512 => "23",
1024 => "22", 2048 => "21",
4096 => "20", 8192 => "19",
16384 => "18", 32768 => "17",
65536 => "16", 131072 => "15",
262144 => "14", 524288 => "13",
1048576 => "12", 2097152 => "11",
4194304 => "10", 8388608 => "9",
16777216 => "8"
);
my $netblocks = '/etc/mail/netblocks';
my $access_stub = '/etc/mail/access.stub';
my $access = '/etc/mail/access';
chdir('/etc/mail');
open IN, "<$netblocks" or die "Can't open $netblocks for reading: $!\n";
open STUB, "<$access_stub" or die
"Can't open $access_stub for reading: $!\n";
open OUT, ">$access" or die "Can't open $access for write: $!\n";
while (<STUB>) {
print OUT $_;
}
close STUB;
while (<IN>) {
next unless /(CN|HK|JP|KR|MX|PH|PK|SA|SG|TW)\|ipv4/;
next if /\|(61|200)\./;
my @alloc = split /\|/;
print OUT "$alloc[3]/$netmasks{$alloc[4]}\tERROR:\"550 5.7.1 We
don't accept mail from spammers in $alloc[1]\"\n";
}
close IN;
close OUT;
Then you just use the cidrexpand script to create the database file:
cidrexpand < /etc/mail/access | makemap hash /etc/mail/access
Amy Rich has more than a decade of Unix systems
administration experience in various types of environments. Her current
roles include that of Senior Systems Administrator for the University
Systems Group at Tufts University, Unix systems administration consultant,
and author. She can be reached at: qna@oceanwave.com. |