Sunsolve et al Session timeouts increasing.

The hot news around here is that the session timeouts for Sunsolve and the other tools that use the authentication system on sun.com are going to be increased to something approaching reasonable timeouts. The current 30 minute idle and 2 hour session timeout will be increased to 8 hours idle and 24 hours for the session. Not quite the 14 days and 90 days I would have but none the less a welcome step in the right direction.

If all goes well the change should happen on October 9th. I wish it was sooner but none the less the prospect is exciting enough for me to pre-announce it here, not that anyone will read it!

A big thank you to those who are making it happen.

Decoding NFS v2 and v3 file handles.

This entry has been sitting in my draft queue for over a year
mainly as it is no longer be relevant as NFSv4 should have rendered
the script useless. The rest of this entry refers to NFSv2 and NFSv3
filehandles only.

How can you decode an NFS filehandle?

NFS file handles are opaque so only the server who hands them out
can draw firm conclusions from them. However since the implementation
in SunOS has not changed it is possible to write a script that will
turn a file handle that has been handed out by a server running
Solaris into an inode number and device. Hence way back when I wrote
that script and only today someone made good use of it so here
it is for everyone.

The script has not been touched in over
10 years until I added the CDDL but should still be able to
understand messages files and snoop -v output and then decode the
file handles.

This snoop was taken while accessing a
the file “passwd” that was in /export/home on the server:

: s4u-10-gmp03.eu TS 19 $; /usr/sbin/snoop -p 3,3 -i /tmp/snoop.cg13442 -v |  decodefh | grep NFS

RPC:  Program = 100003 (NFS), version = 3, procedure = 4

NFS:  —– Sun NFS —–

NFS:

NFS:  Proc = 4 (Check access permission)

NFS:  File handle = [8CB2]

NFS:   0080000000000002000A000000019DAC03419521000A000000019DA96E637436

decodefh: SunOS NFS server file handle decodes as: maj=32,min=0, inode=105900

NFS:  Access bits = 0×0000002d

NFS:    …. …1 = Read

NFS:    …. ..0. = (no lookup)

NFS:    …. .1.. = Modify

NFS:    …. 1… = Extend

NFS:    …0 …. = (no delete)

NFS:    ..1. …. = Execute

NFS:

Now taking this information to the server you need to find the file
system that is shared and has major number 32 and minor number 0 and
then look for the file with the inode number 105900
:

# share

-               /export/home   rw   ""

# df /export/home

/                  (/dev/dsk/c0t0d0s0 ):13091934 blocks   894926 files

# ls -lL /dev/dsk/c0t0d0s0

brw-r—–   1 root     sys       32,  0 Aug 22 15:11 /dev/dsk/c0t0d0s0

# find /export/home -inum 105900

/export/home/passwd

#

Clearly this is a trivial example but you get the idea.

The script also understands messages files:

$ grep ‘nfs:.*702911′ /var/adm/messages | head -2 | decodefh

Sep 21 03:14:34 vi64-netrax4450a-gmp03 nfs: [ID 702911 kern.notice] (file handle: d41cd448 a3dd9683 a00 2040000 1000000 a00 2000000 2000000)

decodefh: SunOS NFS server file handle decodes as: maj=13575,min=54344, inode=33816576

Sep 21 08:34:11 vi64-netrax4450a-gmp03 nfs: [ID 702911 kern.notice] (file handle: d41cd448 a3dd9683 a00 2040000 1000000 a00 2000000 2000000)

decodefh: SunOS NFS server file handle decodes as: maj=13575,min=54344, inode=33816576

$

and finally can take the file handle from the command line:

$ decodefh 0080000000000002000A000000019DAC03419521000A000000019DA96E637436

0080000000000002000A000000019DAC03419521000A000000019DA96E637436

decodefh: SunOS NFS server file handle decodes as: maj=32,min=0, inode=105900

$

So here is the script:
<A HREF="http://chrisgerhard.wordpress.comdecodefh.sh

Remember this will only work for
filehandles generated by NFS servers running Solaris and only for NFS
versions 2 & 3. It is possible that the format could change in
the future but at the time of writing and for the last 13 years it
has been stable.

A first

Today the entire family left the house in the morning by Bike.

It does not get much better than that.

More exciting than it should have been

We did a 63 mile round trip via Henfold lakes but out via a
strange
route taking in Ripley, Newlands Corner and then Cranleigh. When
descending what is a very exciting hill towards Cranleigh doing 40mph
I had the added thrill of hitting a large stone in the road and
having my front tyre deflate instantly. As I braked as hard as I
could using my back brake and slowed very slowly I was able to see
the tyre not coming off the rim but also not doing much in the way of
letting me steer around the bend that was approaching. The odd thing
was what went through my mind was the question: ¨Am I using the
rear brake?¨, which I was. Thankfully the rear brake was able to
overcome the 1:7 hill and bring me to a halt before the tyre came off
or I hit anything. A tribute to continental GP4000s ability to be
ridden when flat.

When I went to put the wheel back on after fixing the tube the
spring on the front brake decided to brake. I can´t really
complain since it is 9 years old but it is the first time I have
every had a brake spring fail (Campagnolo Record) I should be able to
get a new spring if my local bike shop comes good with stocking
Campagnolo spares, something they say they are going to do. The
failure meant that if I used the front brake I had to manually spring
the callipers apart for the rest of the ride. Not hard to do but
enough to mean I wont be commuting on the bike again this year. I now
have quite a large number of things to fix on my summer bike although
not enough to let me upgrade to the new 11 speed Campagnolo group
set, alas.

The rest of the ride was uneventful and we were able to take
advantage of the Indain Summer we appear to be having.

Office Advert

There is an amazing Advert running on local radio at the moment.
The premise is that you don’t need to waste money on expensive brand
name trainers but to get the best out or education then you have to
have Microsoft Office 2008. The irony of the add is that you would be
wasting your money not on brand name trainers but instead on a“brand
name” office suite.

Of course for infinitely less, yes free, you can have
OpenOffice.org.

I know I’ve been here before
but it is worth repeating.

To the Devil’s Punchbowl

Six riders good weather and a great cafe. We went out by what is
not the usual route, via Old Woking, Normandy, Ash Green and The
Sands. The return trip was south of Guildford via Albury, where we
managed to loose two riders. One insisted we not wait for him and
the other did not see us turn back towards Dorking so we could go up
Coombe Bottom and so went up Newlands. Then even on the descent from
Coombe bottom we got split up but managed to regroup as it turned out
the slower riders were in front so were caught.

Ended up doing 79 miles and No RAIN!!!!!

Native CIFS and samba on the same system

I’ve been using samba at home for a while and now but would like
to migrate over to the new CIFS implentation provided by solaris.
Since there are somre subtle differences in what each service
provides* this means a slower migration.

Obviously you can’t configure both services to run on the same
system so to get around this I am going to migrate all the SMB
services into a zone running on the server and then allow the global
zone to act as the native CIFS service.

So I configured a zone called, rather dully, “samba”
with loop back access to all the file systems that I share via SMB
and added the additional priviledge “sys_smb” so that the
daemons could bind to the smb service port.

zonecfg:samba> set limitpriv=default,sys_smb

The end command only makes sense in the resource scope.

zonecfg:samba> commit

zonecfg:samba> exit

Now you can configure the zone in the usual way to run samba. I
simply copied the smb.conf and smbpasswd files from the global zone
using zcp.

Once that was done and samba enabled in
smf I could then enable the natives CIFS server in the global zone
and have the best of both worlds.

---

*) The principal difference I see is
that the native smb service does not cross file systems mount points.
So if you have a hierarchy of file systems you have to mount each one
on the client. With samba you can just mount the root and it will see
everything below.

Why I won’t have a career in sporting predictions

This morning I colleague, lets call him Adrian, popped round to
ask me an important question:

Will Lance return to professional
riding and ride in the Tour?

I said definitely not. He has just signed up of the doping tests
so he can compete in the Leadville 100…..

An hour later another colleague sent me a URL via IM:
http://news.bbc.co.uk/sport1/hi/other_sports/cycling/7605378.stm

It is going to be interesting…..but clearly I don’t have a
career in sports predictions.

Upgrading disks

Having run out of space in the root file systems and being close
to full on the zpool the final straw was being able to get 2 750Gb
sata drives for less than £100,
that and knowing that sanpshots no longer cause re
livering to restart which greatly simplifies the data
migration. So I’m replacing
the existing drives with new ones. Since the enclosure I have can
only hold three drives this involved a two stage upgrade so that at
no point was my data on less than two drives. First stage was to
install one drive and label it:

partition> print

Current partition table (unnamed):

Total disk cylinders available: 45597 + 2 (reserved cylinders)

Part      Tag    Flag     Cylinders         Size            Blocks

0       root    wm   39383 – 41992       39.99GB    (2610/0/0)    83859300

1 unassigned    wm       0                0         (0/0/0)              0

2     backup    wu       0 – 45596      698.58GB    (45597/0/0) 1465031610

3 unassigned    wm       0                0         (0/0/0)              0

4 unassigned    wm   36773 – 39382       39.99GB    (2610/0/0)    83859300

5 unassigned    wm   45594 – 45596       47.07MB    (3/0/0)          96390

6 unassigned    wm   36379 – 36772        6.04GB    (394/0/0)     12659220

7 unassigned    wm       3 – 36378      557.31GB    (36376/0/0) 1168760880

8       boot    wu       0 –     0       15.69MB    (1/0/0)          32130

9 alternates    wm       1 –     2       31.38MB    (2/0/0)          64260

partition>

These map to the partitions from
the
original set up, only they are bigger. I’m confident that when
the 40Gb root disks are to small I will have migrated to ZFS for
root. So this looks like a good long term solution.

pearson # dumpadm -d /dev/dsk/c2d0s6

Dump content: kernel pages

Dump device: /dev/dsk/c2d0s6 (dedicated)

Savecore directory: /var/crash/pearson

Savecore enabled: yes

pearson # metadb -a -c 3 /dev/dsk/c2d0s5

pearson # egrep c2d0 /etc/lvm/md.tab

d12 1 1 /dev/dsk/c2d0s0

d42 1 1 /dev/dsk/c2d0s4

pearson # metainit d12

d12: Concat/Stripe is setup

pearson # metainit d42

d42: Concat/Stripe is setup

pearson # metattach d0 d12

d0: submirror d12 is attached

pearson # 

Now wait until the disk has completed resyning. While you can do this
in parallel this causes the disk heads to move more so overall it is
slower. Left to just do one partition at a time it is really quite
quick:

                 extended device statistics

device    r/s    w/s   kr/s   kw/s wait actv  svc_t  %w  %b

cmdk0   357.2    0.0 18321.8    0.0  2.6  1.1   10.4  52  58

cmdk1     0.0  706.4    0.0 36147.4  1.0  0.5    2.2  23  27

cmdk2   350.2    0.0 17929.6    0.0  0.4  0.3    2.1  12  15

md1      70.0   71.0 35859.2 36371.5  0.0  1.0    7.1   0 100

md3       0.0   71.0    0.0 36371.5  0.0  0.3    3.8   0  27

md15     35.0    0.0 17929.6    0.0  0.0  0.6   16.5   0  58

md18     35.0    0.0 17929.6    0.0  0.0  0.1    4.3   0  15

pearson # metastat d0

d0: Mirror

Submirror 0: d10

State: Okay

Submirror 1: d11

State: Okay

Submirror 2: d12

State: Resyncing

Resync in progress: 70 % done

Pass: 1

Read option: roundrobin (default)

Write option: parallel (default)

Size: 20482875 blocks (9.8 GB)

d10: Submirror of d0

State: Okay

Size: 20482875 blocks (9.8 GB)

Stripe 0:

Device   Start Block  Dbase        State Reloc Hot Spare

c1d0s0          0     No            Okay   Yes

d11: Submirror of d0

State: Okay

Size: 20482875 blocks (9.8 GB)

Stripe 0:

Device   Start Block  Dbase        State Reloc Hot Spare

c5d0s0          0     No            Okay   Yes

d12: Submirror of d0

State: Resyncing

Size: 83859300 blocks (39 GB)

Stripe 0:

Device   Start Block  Dbase        State Reloc Hot Spare

c2d0s0          0     No            Okay   Yes

Device Relocation Information:

Device   Reloc  Device ID

c1d0   Yes      id1,cmdk@AST3320620AS=____________3QF09GL1

c5d0   Yes      id1,cmdk@AST3320620AS=____________3QF0A1QD

c2d0   Yes      id1,cmdk@AST3750840AS=____________5QD36N5M

pearson # 

Once complete do the other root disk:

pearson # metattach d4 d42

d4: submirror d42 is attached

pearson # 

Finally attach slice 7 to the zpool:

pearson # zpool attach -f tank c1d0s7 c2d0s7

pearson # zpool status

pool: tank

state: ONLINE

status: One or more devices is currently being resilvered.  The pool will

continue to function, possibly in a degraded state.

action: Wait for the resilver to complete.

scrub: resilver in progress for 0h0m, 0.00% done, 252h52m to go

config:

NAME        STATE     READ WRITE CKSUM

tank        ONLINE       0     0     0

mirror    ONLINE       0     0     0

c1d0s7  ONLINE       0     0     0

c5d0s7  ONLINE       0     0     0

c2d0s7  ONLINE       0     0     0

errors: No known data errors

pearson # 

The initial estimate is more pessimistic than reality but it still
took over 11hours to complete. The next thing was to shut the system
down and replace one of the old drives with the new. Once this was
done the final slices in use from the old drive can be detached and
in the case of the meta devices cleared.

: pearson FSS 4 $; zpool status

pool: tank

state: ONLINE

scrub: scrub completed after 11h8m with 0 errors on Sat Sep  6 20:58:05 2008

config:

NAME        STATE     READ WRITE CKSUM

tank        ONLINE       0     0     0

mirror    ONLINE       0     0     0

c5d0s7  ONLINE       0     0     0

c2d0s7  ONLINE       0     0     0

errors: No known data errors

: pearson FSS 5 $;

: pearson FSS 5 $; metastat

d6: Mirror

Submirror 0: d62

State: Okay

Submirror 1: d63

State: Okay

Pass: 1

Read option: roundrobin (default)

Write option: parallel (default)

Size: 12659220 blocks (6.0 GB)

d62: Submirror of d6

State: Okay

Size: 12659220 blocks (6.0 GB)

Stripe 0:

Device   Start Block  Dbase        State Reloc Hot Spare

c5d0s6          0     No            Okay   Yes

d63: Submirror of d6

State: Okay

Size: 12659220 blocks (6.0 GB)

Stripe 0:

Device   Start Block  Dbase        State Reloc Hot Spare

c2d0s6          0     No            Okay   Yes

d4: Mirror

Submirror 0: d42

State: Okay

Submirror 1: d43

State: Okay

Pass: 1

Read option: roundrobin (default)

Write option: parallel (default)

Size: 83859300 blocks (39 GB)

d42: Submirror of d4

State: Okay

Size: 83859300 blocks (39 GB)

Stripe 0:

Device   Start Block  Dbase        State Reloc Hot Spare

c5d0s4          0     No            Okay   Yes

d43: Submirror of d4

State: Okay

Size: 83859300 blocks (39 GB)

Stripe 0:

Device   Start Block  Dbase        State Reloc Hot Spare

c2d0s4          0     No            Okay   Yes

d0: Mirror

Submirror 0: d12

State: Okay

Submirror 1: d13

State: Okay

Pass: 1

Read option: roundrobin (default)

Write option: parallel (default)

Size: 83859300 blocks (39 GB)

d12: Submirror of d0

State: Okay

Size: 83859300 blocks (39 GB)

Stripe 0:

Device   Start Block  Dbase        State Reloc Hot Spare

c5d0s0          0     No            Okay   Yes

d13: Submirror of d0

State: Okay

Size: 83859300 blocks (39 GB)

Stripe 0:

Device   Start Block  Dbase        State Reloc Hot Spare

c2d0s0          0     No            Okay   Yes

Device Relocation Information:

Device   Reloc  Device ID

c5d0   Yes      id1,cmdk@AST3750840AS=____________5QD36N5M

c2d0   Yes      id1,cmdk@AST3750840AS=____________5QD3EQEX

: pearson FSS 6 $; 

The old drive is still in the system but currently only has a metadb
on it:

: pearson FSS 6 $; metadb -i

flags           first blk       block count

a m  p  luo        16              8192            /dev/dsk/c1d0s5

a    p  luo        8208            8192            /dev/dsk/c1d0s5

a    p  luo        16400           8192            /dev/dsk/c1d0s5

a    p  luo        16              8192            /dev/dsk/c5d0s5

a    p  luo        8208            8192            /dev/dsk/c5d0s5

a    p  luo        16400           8192            /dev/dsk/c5d0s5

a       luo        16              8192            /dev/dsk/c2d0s5

a       luo        8208            8192            /dev/dsk/c2d0s5

a       luo        16400           8192            /dev/dsk/c2d0s5

r – replica does not have device relocation information

o – replica active prior to last mddb configuration change

u – replica is up to date

l – locator for this replica was read successfully

c – replica’s location was in /etc/lvm/mddb.cf

p – replica’s location was patched in kernel

m – replica is master, this is replica selected as input

t – tagged data is associated with the replica

W – replica has device write errors

a – replica is active, commits are occurring to this replica

M – replica had problem with master blocks

D – replica had problem with data blocks

F – replica had format problems

S – replica is too small to hold current data base

R – replica had device read errors

B – tagged data associated with the replica is not valid

: pearson FSS 7 $;

I’m tempted to leave the third disk in the system so that the disk
suite configuration will always have a quorum if a single drive
files. However since the BIOS only seems to be able to boot from the
first disk drive this may be pointless.

I’m now keenly interested in bug
6592835
“resliver needs to go fasterâ€ since if a disk did fail I don’t
fancy waiting more than 24hours after I have sourced a new drive for
the data to sync when the disks fill. The disk suite devices managed
to drive the disk at over 40Mb/sec while ZFS achieved 5Mb/sec.