Hacktopia

1. Detach each submirror

ex. metadetach -f d0 d20
d0: submirror d20 is detached

2. Clear each submirror

ex. metaclear d20
d20: Concat/Stripe is cleared

3. Delete the db replica on the failed drive (you can find the replica output by issuing metadb command with no arguments):

ex. metadb -d c0t2d0s7

4. Remove failed drive. Replace with new drive.

5. Run the format command and place the correct partition table, using the layout of the non-replaced drive.

6. re-create the metadb replica on the new disk

ex. metadb -a c0t2d0s7

7. Run metainit for each replaced submirror

ex. metainit d21 1 1 c0t2d0s1
d21: Concat/Stripe is setup

8. Run metattach for each submirror

ex. metattach d0 d20
d0: submirror d20 is attached

ex. metattach d1 d21
d1: submirror d21 is attached

Say you have a new machine, and it is not on NIS or LDAP, it needs to be really secure and only have local accounts. So you need to make a bunch of local accounts, but you need to leave for lunch in a half hour. Well simply use this short simple script to make them and set the proper permissions in a matter of seconds. Below is a sample script, I suggest calling is something like createuserhomedir.sh. We are assuming that there is a file called users which has all the user’s name that we want to make in the same directory as the script.

#!/bin/sh
mkdir=/bin/mkdir

echo “echoing users”
cat ./users
echo “end echoing users”
echo “Making Home Directories”
for i in `cat ./users`
do
mkdir /export/home/$i
echo “Fixing Permissions For $i Home DIR’s”
chown -R $i:other /export/home/$i
done

The script below I wrote to edit a sudo file in a production environment.

#!/bin/sh
## Written By: BAB

## The purpose of this script is to make it so in a big EMERGENCY
## apps support or other approved body can be given access with out
## paging systems support unnecessarily. Great for hotwiring the sudo map!
##
## Script Name: Hot Wire
##
# Edits: changed script so that it will check if you can push to a machine before a username is entered not after the username is asked for. -BAB

#
#
## variables
DATE=`/usr/bin/date`

echo
echo “Enter the user names that needs to have FULL access through sudo”
echo “user names are entered in the form”
echo
echo EXAMPLE
echo “USER NAMES:userone,usertwo,userthree”
echo
echo “Then you will be asked to enter a machine.”
echo ” Only ONE machine name is allowed.”
echo “MACHINE:\c”
read machine

pushed=`ssh root@$machine grep emergencyacessusers /usr/local/etc/sudoers |wc -l`

if [ $pushed != 1 ]
then
echo “Not able to push to $machine – Page Systems for assistance.”
else

echo “USERNAMES:\c”
read usernames

#pushed=`ssh root@$machine grep emergencyacessusers /usr/local/etc/sudoers |wc -l`

#if [ $pushed != 1 ]
# then
# echo “Not able to push to $machine – Page Systems for assistance.”
# else

echo
echo “ALERT ALERT ALERT ALERT ”
echo “The sudoers hotwire file can only be run once ”
echo ” in a 24 hour period per a machine ”
echo “It resets every day at 9am ”

echo “Are you sure you want to allow $usernames to have full Access to machine $machine”
echo “Anything besides yes will Quit!”
echo
echo “yes ?:\c”
read yesno
if [ "$yesno" = "yes" ]
then
echo “pushing temporary sudo changes”
ssh root@$machine “sed ‘/EMERGENCYACCESS/s/emergencyacessusers/$usernames/’ /usr/local/etc/sudoers > /tmp/tempsudo-local” ## cat into temp file so sed does not clober orig file
if [ $? != 0 ]
then
echo “SUDOERS FILE COULD NOT BE PUSHED, POSSIBLE SERVER IS DOWN $DATE – Users:$usernames – Machine:$machine” >> /tmp/tempsudolog-now
else
ssh root@$machine “cat /tmp/tempsudo-local > /usr/local/etc/sudoers” ## Replace current list because of how sed works
if [ $? != 0 ]
then
echo “SUDOERS FILE COULD NOT BE PUSHED, POSSIBLE SERVER IS DOWN $DATE – Users:$usernames – Machine:$machine” $DATE >> /tmp/tempsudolog-now
else
ssh root@$machine “mailx -s ‘Hot Wire – SUDO PUSH’ alert@company.com < /usr/local/etc/sudoers”
if [ $? != 0 ]
then
echo “COULD NOT SEND MAIL. – $DATE – Users:$usernames – Machine:$machine” >> /tmp/tempsudolog-now
else
echo “$DATE – Users:$usernames – Machine:$machine” >> /tmp/tempsudolog-now
echo “SUDOERS file pushed successfully”
fi
fi
fi
cat /tmp/tempsudolog-now >> /opt/scripts/tempsudolog
rm /tmp/tempsudolog-now
else
echo “EXITED – ROOT SUDO PUSH ABORTED”
fi
fi