#Basics snipped for brevity....


   RewriteEngine on
   #RewriteBase /
   RewriteCond %{REQUEST_FILENAME} !-f
   RewriteCond %{REQUEST_FILENAME} !-d
   RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]


RedirectPermanent / https://www.foo.com/

List of raw FTP commands
(Warning: this is a technical document, not necessary for most FTP use.)

Note that commands marked with a * are not implemented in a number of FTP servers.

Common commands

* ABOR – abort a file transfer
* CWD – change working directory
* DELE – delete a remote file
* LIST – list remote files
* MDTM – return the modification time of a file
* MKD – make a remote directory
* NLST – name list of remote directory
* PASS – send password
* PASV – enter passive mode
* PORT – open a data port
* PWD – print working directory
* QUIT – terminate the connection
* RETR – retrieve a remote file
* RMD – remove a remote directory
* RNFR – rename from
* RNTO – rename to
* SITE – site-specific commands
* SIZE – return the size of a file
* STOR – store a file on the remote host
* TYPE – set transfer type
* USER – send username

Less common commands

* ACCT* – send account information
* APPE – append to a remote file
* CDUP – CWD to the parent of the current directory
* HELP – return help on using the server
* MODE – set transfer mode
* NOOP – do nothing
* REIN* – reinitialize the connection
* STAT – return server status
* STOU – store a file uniquely
* STRU – set file transfer structure
* SYST – return system type

ABOR
Syntax: ABOR

Aborts a file transfer currently in progress.

ACCT*
Syntax: ACCT account-info

This command is used to send account information on systems that require it. Typically sent after a PASS command.

ALLO
Syntax: ALLO size [R max-record-size]

Allocates sufficient storage space to receive a file. If the maximum size of a record also needs to be known, that is sent as a second numeric parameter following a space, the capital letter “R”, and another space.

APPE
Syntax: APPE remote-filename

Append data to the end of a file on the remote host. If the file does not already exist, it is created. This command must be preceded by a PORT or PASV command so that the server knows where to receive data from.

CDUP
Syntax: CDUP

Makes the parent of the current directory be the current directory.

CWD
Syntax: CWD remote-directory

Makes the given directory be the current directory on the remote host.

DELE
Syntax: DELE remote-filename

Deletes the given file on the remote host.

HELP
Syntax: HELP [command]

If a command is given, returns help on that command; otherwise, returns general help for the FTP server (usually a list of supported commands).

LIST
Syntax: LIST [remote-filespec]

If remote-filespec refers to a file, sends information about that file. If remote-filespec refers to a directory, sends information about each file in that directory. remote-filespec defaults to the current directory. This command must be preceded by a PORT or PASV command.

MDTM
Syntax: MDTM remote-filename

Returns the last-modified time of the given file on the remote host in the format “YYYYMMDDhhmmss”: YYYY is the four-digit year, MM is the month from 01 to 12, DD is the day of the month from 01 to 31, hh is the hour from 00 to 23, mm is the minute from 00 to 59, and ss is the second from 00 to 59.

MKD
Syntax: MKD remote-directory

Creates the named directory on the remote host.

MODE
Syntax: MODE mode-character

Sets the transfer mode to one of:

* S – Stream
* B – Block
* C – Compressed

The default mode is Stream.

NLST
Syntax: NLST [remote-directory]

Returns a list of filenames in the given directory (defaulting to the current directory), with no other information. Must be preceded by a PORT or PASV command.

NOOP
Syntax: NOOP

Does nothing except return a response.

PASS
Syntax: PASS password

After sending the USER command, send this command to complete the login process. (Note, however, that an ACCT command may have to be used on some systems.)

PASV
Syntax: PASV

Tells the server to enter “passive mode”. In passive mode, the server will wait for the client to establish a connection with it rather than attempting to connect to a client-specified port. The server will respond with the address of the port it is listening on, with a message like:
227 Entering Passive Mode (a1,a2,a3,a4,p1,p2)
where a1.a2.a3.a4 is the IP address and p1*256+p2 is the port number.

PORT
Syntax: PORT a1,a2,a3,a4,p1,p2

Specifies the host and port to which the server should connect for the next file transfer. This is interpreted as IP address a1.a2.a3.a4, port p1*256+p2.

PWD
Syntax: PWD

Returns the name of the current directory on the remote host.

QUIT
Syntax: QUIT

Terminates the command connection.

REIN*
Syntax: REIN

Reinitializes the command connection – cancels the current user/password/account information. Should be followed by a USER command for another login.

REST
Syntax: REST position

Sets the point at which a file transfer should start; useful for resuming interrupted transfers. For nonstructured files, this is simply a decimal number. This command must immediately precede a data transfer command (RETR or STOR only); i.e. it must come after any PORT or PASV command.

RETR
Syntax: RETR remote-filename

Begins transmission of a file from the remote host. Must be preceded by either a PORT command or a PASV command to indicate where the server should send data.

RMD
Syntax: RMD remote-directory

Deletes the named directory on the remote host.

RNFR
Syntax: RNFR from-filename

Used when renaming a file. Use this command to specify the file to be renamed; follow it with an RNTO command to specify the new name for the file.

RNTO
Syntax: RNTO to-filename

Used when renaming a file. After sending an RNFR command to specify the file to rename, send this command to specify the new name for the file.

SITE*
Syntax: SITE site-specific-command

Executes a site-specific command.

SIZE
Syntax: SIZE remote-filename

Returns the size of the remote file as a decimal number.

STAT
Syntax: STAT [remote-filespec]

If invoked without parameters, returns general status information about the FTP server process. If a parameter is given, acts like the LIST command, except that data is sent over the control connection (no PORT or PASV command is required).

STOR
Syntax: STOR remote-filename

Begins transmission of a file to the remote site. Must be preceded by either a PORT command or a PASV command so the server knows where to accept data from.

STOU
Syntax: STOU

Begins transmission of a file to the remote site; the remote filename will be unique in the current directory. The response from the server will include the filename.

STRU
Syntax: STRU structure-character

Sets the file structure for transfer to one of:

* F – File (no structure)
* R – Record structure
* P – Page structure

The default structure is File.

SYST
Syntax: SYST

Returns a word identifying the system, the word “Type:”, and the default transfer type (as would be set by the TYPE command). For example: UNIX Type: L8

TYPE
Syntax: TYPE type-character [second-type-character]

Sets the type of file to be transferred. type-character can be any of:

* A – ASCII text
* E – EBCDIC text
* I – image (binary data)
* L – local format

For A and E, the second-type-character specifies how the text should be interpreted. It can be:

* N – Non-print (not destined for printing). This is the default if second-type-character is omitted.
* T – Telnet format control (, , etc.)
* C – ASA Carriage Control

For L, the second-type-character specifies the number of bits per byte on the local system, and may not be omitted.

USER
Syntax: USER username

Send this command to begin the login process. username should be a valid username on the system, or “anonymous” to initiate an anonymous login.

—
someuser 4151 c Mon Feb 29 12:35:00 1993
! bad user (someuser) Mon Feb 29 12:35:00 1993
—

Inevitably, the user has locked themselves (or a malicious someone) out of the server.

Check /etc/shadow for *LK* on the user.

passwd -u someuser to unlock.

That’s the problem. When later rolls around, I’ve forgotten that I hadn’t enabled anything.

This would be fine and dandy if nslookup or host would let me know that my /etc/nsswitch.conf is only looking at files. It ignores that and goes strictly with what is in /etc/resolv.conf seemingly. So if that’s broke or incorrect it will, at least, tell you that.

Anyway, the system I have come up with to quickly check if nsswitch.conf is setup for DNS is to ssh to a know hostname. If this fails, it usually means you need to copy nsswitch.dns over nsswitch.conf.

Another gotcha that gets me.

1. WILL NOT answer queries
2. WILL NOT forward queries
3. WILL NOT perform recursion
4. WILL allow transfers from specified slaves

Zone and configuration files are backed up disk to disk via rsync.

Single point editing of our name space.

Single point of failure. If server is lost, updates to DNS cannot be made until another master is brought online.

options {
directory “/etc”;
pid-file “/var/run/named.pid”;
version “Windows 3.11″;
allow-query {“none”; };
allow-recursion {“none”; };
notify yes;
also-notify {
IPn.IPn.IPn.IPn;
};
allow-transfer {
IPn.IPn.IPn.IPn;
};
};

zone “my.hosts.net” {
type master;
file “/etc/my.hosts.net”;
};

AVAILABLE DISK SELECTIONS:
0. c1t1d0
/pci@1,0/pci103c,60b0@5/sd@1,0
1. c1t4d0
/pci@1,0/pci103c,60b0@5/sd@4,0

bash-3.00# prtvtoc /dev/rdsk/c1t1d0s2 | fmthard -s – /dev/rdsk/c1t4d0s2
fmthard: New volume table of contents now in place.

bash-3.00# metadb -a -f -c2 /dev/dsk/c1t1d0s7 /dev/dsk/c1t4d0s7

/dev/dsk/c1t1d0s1 – - swap – no -
/dev/dsk/c1t1d0s0 /dev/rdsk/c1t1d0s0 / ufs 1
no -
/dev/dsk/c1t1d0s3 /dev/rdsk/c1t1d0s3 /var ufs 1
no -
/dev/dsk/c1t1d0s4 /dev/rdsk/c1t1d0s4 /export ufs 2
yes

bash-3.00# metainit -f d10 1 1 c1t1d0s0
d10: Concat/Stripe is setup
bash-3.00# metainit d20 1 1 c1t4d0s0
d20: Concat/Stripe is setup
bash-3.00# metainit d30 -m d10
d30: Mirror is setup

bash-3.00# metaroot d30

bash-3.00# metainit -f d11 1 1 c1t1d0s1
d11: Concat/Stripe is setup
bash-3.00# metainit d21 1 1 c1t4d0s1
d21: Concat/Stripe is setup
bash-3.00# metainit d31 -m d11
d31: Mirror is setup

bash-3.00# metainit -f d13 1 1 c1t1d0s3
d13: Concat/Stripe is setup
bash-3.00# metainit d23 1 1 c1t4d0s3
d23: Concat/Stripe is setup
bash-3.00# metainit d33 -m d13
d33: Mirror is setup

bash-3.00# metainit -f d14 1 1 c1t1d0s4
d14: Concat/Stripe is setup
bash-3.00# metainit d24 1 1 c1t4d0s4
d24: Concat/Stripe is setup
bash-3.00# metainit d34 -m d14
d34: Mirror is setup

vi /etc/vfstab

bash-3.00# metainit hsp001
hsp001: Hotspare pool is setup

bash-3.00# lockfs -fa
bash-3.00# init 6

# metattach d30 d20
d30: submirror d20 is attached
# metattach d31 d21
d31: submirror d21 is attached
# metattach d33 d23
d33: submirror d23 is attached
# metattach d34 d24
d34: submirror d24 is attached

# metastat

If you fat finger something, you can use metaclear to remove it:

# metaclear d34

zonecfg:fubar> create
zonecfg:fubar> set zonepath=/export/zones/fubar
zonecfg:fubar> set autoboot=true
zonecfg:fubar> add net
zonecfg:fubar:net> set physical=eth0
zonecfg:fubar:net> set address=192.168.1.1
zonecfg:fubar:net> end
zonecfg:fubar> add attr
zonecfg:fubar:attr> set name=comment
zonecfg:fubar:attr> set type=string
zonecfg:fubar:attr> set value=”FOOBED”
zonecfg:fubar:attr> end
zonecfg:fubar> verify
zonecfg:fubar> commit
zonecfg:fubar> exit

bash-3.00# zoneadm -z fubar install

Preparing to install zone .
Creating list of files to copy from the global zone.
Copying <2434> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <980> packages on the zone.
Initialized <980> packages on zone.
Zone is initialized.
Installation of these packages generated warnings:
The file contains a log of the zone installation.

bash-3.00# zoneadm -z fubar boot

bash-3.00# zlogin -C fubar

Zones, Containers, Domains and Partition (According to Sun):

Zone: chroot’d virtual machine. Some resources are shared, for example, the kernel or /usr/lib.
More info below.

Container: Zone with resource controls in place. At this time, limited to number of CPUs.
See “Resource Pools”

Domain: Grouping of hardware in enterprise class Sun servers

Partition: Segregation of domain grouped hardware.

Non-Global Zones (NGZ) can either be Sparse Root Model (/lib, /platform, /sbin, and /usr are linked from the Global Zone) or the Whole Root Model

Monitoring Zones:
prstat -Z show cpu/mem utilization on zones (including Global
rcapstat monitor memory caps
poolcfg -dc info get info on pools
zoneadm list -iv list zones and show status
zonecfg -z info show info on a zone

Resource Allocation (Resource Capping Daemon):
pooladm -e save active pool config in /etc/pooladm.conf
pooladm -x removes all user configured pools
projadd and projmod to limit memory

Zone creation and destruction:
zonecfg -z to configure zones
zoneadm -z uninstall uninstalls a zone (configuration is left intact)
zonecfg -z delete removes zone configuration completely (make backups)
zoneadm -z install install zone (copy files)

Zone Interaction (From the Global Zone):
zlogin -C virtual serial console
zlogin -S send command to zone w/o login
zoneadm -z boot boot the zone
zoneadm -z [halt | reboot]

Miscellaneous Zone Stuff:
/etc/zones contains data on all configured zones
Dynamic resource pools allow limiting of resources a zone can use
~. disconnect from virtual console (may blow you completely out)
~~. to disconnect from virtual console (use this if the above doesn’t work correctly)
NGZ’s cannot be an NFS Server currently.

Some of the resource management comments may seem to contradict each other. I will clarify these statements as I implement resource controls.

Zone: chrooted “virtual” machine. Kernel is a shared resource.
Domain: Grouping of hardware in larger sun servers.
Partition: Separation of domains.
Container: Zone with resource controls in place.

/etc/zones contains data on all zones.

ipmp auto nic failover. Both must be in same subnet.

core: application failure
panic: kernel failure

pool stuff (page 2-34):
pools contain sets (dynamic processor sets)
dynamic resource pool: limit resources in a zone
poolcfg -dc info get info on pools
pooladm -e save active pool config /etc/pooladm.conf
pooladm -x removes all user configured pools

memory capping:
projadd and projmod to limit memory (page 2-41)
rcapstat to monitor memory caps.

preap – remove zombie processes.

zone stuff:
see page 1-13 for script.
zonecfg -z to configure zones. see page 1-23.
zonecfg -z info show info on zone.
zoneadm list -iv list zones and show status.
zoneadm -z install install zone (copy files).
zoneadm -z boot boot the zone.
zoneadm -z [halt | reboot]
zlogin -S init 0 send command to zone w/o login

zlogin -C virtual serial console
~. disconnect from virtual console (may blow you completely out)
~~. to disconnect from virtual console

zoneadm -z uninstall uninstalls a zone (configuration is left intact)
zonecfg -z delete removes zone configuration complete (make backups)

prstat -Z show cput/mem utilization on zones (including Global)

Predictive Self-Healing:
shuts down components. healing by amputation.

FMA:
Fault Management Architecture

CE – Correctable Error
UE – Uncorrectable Error (box will panic)
FMRI – Fault Managed Resource Identifier
cpu – central processing unit
mem – system main memory
mod – model
pkg – packages
hc – hardware component managed by FMA
legacy-hc – legacy hardware component
fmd – diagnosis engine which is part of FMA
dev – solaris device path status and properties
svc – application service managed by the service management facility
zfs – ZFS filesystem

CxTxDxSx (disk device layout)

FMRI sd@6,0:g

Tx = 6
Dx = 0
Sx = g

starting at 0. A=1, B=2, etc.. G=6

CxT6D0s6 is the result.

FMD states:

Unsolved – has no list.suspect
Solved – list.suspect is published
Closed – false alarm or service restart or HC turned off

fmadm config – shows info
fmadm faulty – shows things that system thinks faulty
fmadm repair – after replacing part, this *MUST* be run
fmstat – statistics about FMA modules

snmp info on fmd pages 4-20 – 4-22

Service Management Facility:
svcs |more – gives list and status of services
svcadm enable – starts service, persistent through reboot
svcadm disable – stops service, will not restart after reboot
svcadm restart – will attempt to stop and start a service

use /var/svc/manifest/site for homegrown service manifests

online – service is online and running
offline – dependencies were not met, no start attempt made
maintenance – start attempted, but service failed to start

Brian’s Sun Class stuff:

http://www.my-speakeasy.com/sunstuff/SA225/

svcprop shows service settings in the database
svcs -a shows all services
svcs -p “*nfs” would show all processes associated with nfs
svcs -d list services this service depends on
svcs -D lists services which depend on this service
svcs -l extended info on service

/var/svs/log contains logs for each service

inetadm lists services under inetd control
-e enable service
-d disable service
-p show service properties

svccfg import /path/to/xml imports manifest into the SMF repository

inetconv reads inetd.conf, imports them into the SMF repository

/lib/svc/bin/restore_repository
restores a corrupt repository

svccfg validate /path/to/my.xml validates manifest

more research on dtrace is needed
rbac (role based access control) research as well

download scat (solaris crash analysis tool)

solaris fingerprint database

fcinfo hba-port reports WWNs of fiber cards

scp stalls on x86 Solaris:

This should be added to /kernel/drv/e1000g.conf
Add this to the e1000g.conf and reboot

lso_enable=0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0;

Following disk io:
iostat -zxtcT d 1

ZFS mapping ssd# to device name:
cat /etc/path_to_inst and find your ssd #
copy the scsi entry (EX: “/scsi_vhci/ssd@g60060e8004a4c3000000a4c30000000e”)
ls -l /dev/dsk | fgrep “/scsi_vhci/ssd@g60060e8004a4c3000000a4c30000000e”

hostname:root> cfgmgr
Discover disks

hostname:root> lspv
Note whether SAN is HDLM (Hitachi) or VPATH (Shark)
Note hdisk# or vpath#
Should also report disks, in VGs and otherwise

hostname:root> lsvg -l VGname
Note which VG a filesystem is in

hostname:root> smitty lvm
>> Volume Groups
>> Add a Data Path Volume to a Volume Group (Shark)
>> Force the creation of a volume group? no (Leave Default)
>> * VOLUME GROUP name (F4 to list volume groups)
>> * PHYSICAL VOLUME names (F4 to list available volumes)

(Bang Enter)
(Bang Enter to Confirm)

Wait for ‘Command: OK stdout: no stderr: no’

CTRL-C to exit smitty

hostname:root> lspv
Confirm the volumes have been added to the correct VG

hostname:root> df -g | grep filesystemNAME
Note number of GB currently in FS (2nd column)

20
hostname:root. smitty jfs (or jfs2)
>> Change / Show Characteristics of an Enhanced Journaled File System
>> Select the filesystem you want to extend from list
>> Unit Size 512bytes (Bang tab until it reads Gigabytes)
>> Number of units (current+requested == new value)

(Bang Enter)
Wait for ‘Command: OK stdout: no stderr: no’

If everything goes according to plan, you now have a larger filesystem.

(STOP HERE if everything worked)

If it does not … well, you may have revceived the following type of error:

0516-787 extendlv: Maximum allocation for logical volume fslv## is 512.

Well crap …

hostname:root> lsvg -l VGname
Note the LV Name of the partition you are working with

smitty chlv
>> * LOGICAL VOLUME name (F4 to list and select)
>> MAXIMUM NUMBER of LOGICAL PARTITIONS [CHANGE]
When doing the above 1PP == 1LP. #LP * PP == maxsize

(Bang Enter)

Wait for ‘Command: OK stdout: no stderr: no’

GOTO 20