remove IPv6 from bind (named) at startup

To stop /var/log/messages from filling up with annoying dns errors the look like the following:

Jan 3 13:52:03 dns named[24933]: error (network unreachable) resolving '': 2001:503:a83e::2:30#53
Jan 3 13:52:03 dns named[24933]: error (network unreachable) resolving '': 2001:503:231d::2:30#53

Provided you are really not using IPv6 yet (you may need to reconsider this shortly)….  add the following line to your /etc/sysconfig/named file


Restart BIND/named.

service named restart   (RH/CentOS)

ZFS Cheatsheet

Pool Related Commands
# zpool create datapool c0t0d0 Create a basic pool named datapool
# zpool create -f datapool c0t0d0 Force the creation of a pool
# zpool create -m /data datapool c0t0d0 Create a pool with a different mount point than the default.
# zpool create datapool raidz c3t0d0 c3t1d0 c3t2d0 Create RAID-Z vdev pool
# zpool add datapool raidz c4t0d0 c4t1d0 c4t2d0 Add RAID-Z vdev to pool datapool
# zpool create datapool raidz1 c0t0d0 c0t1d0 c0t2d0 c0t3d0 c0t4d0 c0t5d0 Create RAID-Z1 pool
# zpool create datapool raidz2 c0t0d0 c0t1d0 c0t2d0 c0t3d0 c0t4d0 c0t5d0 Create RAID-Z2 pool
# zpool create datapool mirror c0t0d0 c0t5d0 Mirror c0t0d0 to c0t5d0
# zpool create datapool mirror c0t0d0 c0t5d0 mirror c0t2d0 c0t4d0 disk c0t0d0 is mirrored with c0t5d0 and disk c0t2d0 is mirrored withc0t4d0
# zpool add datapool mirror c3t0d0 c3t1d0 Add new mirrored vdev to datapool
# zpool add datapool spare c1t3d0 Add spare device c1t3d0 to the datapool
## zpool create -n geekpool c1t3d0 Do a dry run on pool creation
Show Pool Information
# zpool status -x Show pool status
# zpool status -v datapool Show individual pool status in verbose mode
# zpool list Show all the pools
# zpool list -o name,size Show particular properties of all the pools (here, name and size)
# zpool list -Ho name Show all pools without headers and columns
File-system/Volume related commands
# zfs create datapool/fs1 Create file-system fs1 under datapool
# zfs create -V 1gb datapool/vol01 Create 1 GB volume (Block device) in datapool
# zfs destroy -r datapool destroy datapool and all datasets under it.
# zfs destroy -fr datapool/data destroy file-system or volume (data) and all related snapshots
Set ZFS file system properties
# zfs set quota=1G datapool/fs1 Set quota of 1 GB on filesystem fs1
# zfs set reservation=1G datapool/fs1 Set Reservation of 1 GB on filesystem fs1
# zfs set mountpoint=legacy datapool/fs1 Disable ZFS auto mounting and enable mounting through /etc/vfstab.
# zfs set sharenfs=on datapool/fs1 Share fs1 as NFS
# zfs set compression=on datapool/fs1 Enable compression on fs1
File-system/Volume related commands
# zfs create datapool/fs1 Create file-system fs1 under datapool
# zfs create -V 1gb datapool/vol01 Create 1 GB volume (Block device) in datapool
# zfs destroy -r datapool destroy datapool and all datasets under it.
# zfs destroy -fr datapool/data destroy file-system or volume (data) and all related snapshots
Show file system info
# zfs list List all ZFS file system
# zfs get all datapool” List all properties of a ZFS file system
Mount/Umount Related Commands
# zfs set mountpoint=/data datapool/fs1 Set the mount-point of file system fs1 to /data
# zfs mount datapool/fs1 Mount fs1 file system
# zfs umount datapool/fs1 Umount ZFS file system fs1
# zfs mount -a Mount all ZFS file systems
# zfs umount -a Umount all ZFS file systems
ZFS I/O performance
# zpool iostat 2 Display ZFS I/O Statistics every 2 seconds
# zpool iostat -v 2 Display detailed ZFS I/O statistics every 2 seconds
ZFS maintenance commands
# zpool scrub datapool Run scrub on all file systems under data pool
# zpool offline -t datapool c0t0d0 Temporarily offline a disk (until next reboot)
# zpool online Online a disk to clear error count
# zpool clear Clear error count without a need to the disk
Import/Export Commands
# zpool import List pools available for import
# zpool import -a Imports all pools found in the search directories
# zpool import -d To search for pools with block devices not located in /dev/dsk
# zpool import -d /zfs datapool Search for a pool with block devices created in /zfs
# zpool import oldpool newpool Import a pool originally named oldpool under new name newpool
# zpool import 3987837483 Import pool using pool ID
# zpool export datapool Deport a ZFS pool named mypool
# zpool export -f datapool Force the unmount and deport of a ZFS pool
Snapshot Commands
Combine the send and receive operation

# zfs snapshot datapool/fs1@12jan2014 Create a snapshot named 12jan2014 of the fs1 filesystem
# zfs list -t snapshot List snapshots
# zfs rollback -r datapool/fs1@10jan2014 Roll back to 10jan2014 (recursively destroy intermediate snapshots)
# zfs rollback -rf datapool/fs1@10jan2014 Roll back must and force unmount and remount
# zfs destroy datapool/fs1@10jan2014 Destroy snapshot created earlier
# zfs send datapool/fs1@oct2013 > /geekpool/fs1/oct2013.bak Take a backup of ZFS snapshot locally
# zfs receive anotherpool/fs1 < /geekpool/fs1/oct2013.bak Restore from the snapshot backup backup taken
# zfs send datapool/fs1@oct2013 | zfs receive anotherpool/fs1
# zfs send datapool/fs1@oct2013 | ssh node02 “zfs receive testpool/testfs” Send the snapshot to a remote system node02
Clone Commands
# zfs clone datapool/fs1@10jan2014 /clones/fs1 Clone an existing snapshot
# zfs destroy datapool/fs1@10jan2014 Destroy clone

Find unowned files on your system

From time to time software packages may leave files on your server/workstation with random User ID’s (UID) or Group ID (GID), especially if compiling from source, tarballs, extracting .rpm’s etc… Though not really an major issue but it should be cleaned up so that files that should not be accessible by others stay that way.

Easy way to locate them:

#locate files on local filesystem with no valid UID
df --local -P | awk {'if (NR!=1) print $6'} | xargs -I '{}' find '{}' -xdev -nouser -ls

#locate files on local filesystem with no valid GID
df --local -P | awk {'if (NR!=1) print $6'} | xargs -I '{}' find '{}' -xdev -nogroup -ls

Solution for “Hostid 00000000000”

RHEL6 (later Fedora releases, and some other distros) recently made some things a bit screwy with the naming of network interfaces… some mainboard embedded NIC’s show up as em1, em2. instead of eth0, eth1 ….

Most of the time this is not a problem, however FlexLM definitely has a problem with this as it is hard-coded to look for the MAC address of eth0…. period, nothing else will do.

This is all caused by a package called biosdevname, before removing this package which is installed by default trying to resolve it, there is a better way to not break things or cause dependency issues further down the road.

Best way to solve this I have found follows:

# cp /etc/grub.conf /etc/grub.bak #get smart here and make a backup!

Add biosdevname=0 to the kernel boot arguments in /etc/grub.conf.

Rename /etc/sysconfig/network-scripts/ifcfg-em1 to /etc/sysconfig/network-scripts/ifcfg-eth0, changing the line DEVICE=”em1″ to DEVICE=”eth0″ (Repeat for any additional interfaces, BONDed interfaces should continue to function as expected.

Delete /etc/udev/rules.d/70-persistent-net.rules (if it exists)


Now FlexLM should detect the MAC of eth0 because…. well… eth0 now exists, which tends to make things much happier.

Crashplan on Linux Mint 17

Installing Crashplan on Linux Mint (17) is a pretty straight forward deal… just install and accept the defaults.

Getting to to run is another story,

#1 the Crashplan agent requires Oracle Java, Mint ships with OpenJDK (as does CentOS 6.x).

To install for Mint (64bit) do the following:

Remove OpenJDK
# sudo apt-get update && apt-get remove openjdk-6-jre
# sudo apt-get autoremove && apt-get clean

Download JRE from Oracle (
In this example was used.

# sudo mkdir -p -v /opt/java/64
# cd ~/Downloads (or wherever your downloaded to)
# tar -zxvf jre-7u67-linux-x64.tar.gz
# sudo mv -v jre1.7.0_* /opt/java/64

# sudo update-alternatives –install “/usr/bin/java” “java” “/opt/java/64/jre1.7.0_67/bin/java” 1
# sudo update-alternatives –set java /opt/java/64/jre1.7.0_67/bin/java

Setup the Firefox plugin:
# mkdir -v ~/.mozilla/plugins
# ln -s /opt/java/64/jre1.7.0_67/lib/amd64/ ~/.mozilla/plugins/

Modify the contents of /usr/local/crashplan/bin/run.conf to match below:

SRV_JAVA_OPTS=”-Dfile.encoding=UTF-8 -Dapp=CrashPlanService -DappBaseName=CrashPlan -Xms20m -Xmx512m -Dnetworkaddress.cache.ttl=300 -Dnetworkaddress.cache.negative.ttl=0 -Dc42.native.md5.enabled=false”
GUI_JAVA_OPTS=”-Dfile.encoding=UTF-8 -Dapp=CrashPlanDesktop -DappBaseName=CrashPlan -Xms20m -Xmx512m -Dnetworkaddress.cache.ttl=300 -Dnetworkaddress.cache.negative.ttl=0 -Dc42.native.md5.enabled=false -Dorg.eclipse.swt.browser.DefaultType=mozilla”

Now Crashplan will launch.

Make Permanent /dev/vmnet* for VMware Promiscuous mode

Vmware Workstation has an annoying issue with allowing promiscuous mode for ethx, unless you are running VMware as root (not a great idea). While you can simply change the permissions on /dev/vmnet* to allow rw-rw-rw but these changes go away each time your reboot.

A permanent solution and a bit more secure is to edit the vmware startup script to do it for you each time the system starts.

Simply add your user(s) to the group of your choice, in my case I’m using the adm group.

usermod -a -G adm username

Edit /etc/init.d/vmware find the section below and add the chgrp and chmod lines as below.

# Start the virtual ethernet kernel service
vmwareStartVmnet() {
   vmwareLoadModule $vnet
   "$BINDIR"/vmware-networks --start >> $VNETLIB_LOG 2>&1
   #added follwing two lines to change perms on /dev/vmnet*
   chgrp adm /dev/vmnet*
   chmod g+rw /dev/vmnet*

Now device files will be set for you each time the system comes up, and end the annoyance of having to change the perms each time.

Restarting the Management agents on ESXi

To restart the management agents on ESXi:
From the Direct Console User Interface (DCUI):

Connect to the console of your ESXi host.
Press F2 to customize the system.
Log in as root.
Use the Up/Down arrows to navigate to Restart Management Agents.

Note: In ESXi 4.1 and ESXi 5.0, 5.1 and 5.5, this option is available under Troubleshooting Options.

Press Enter.
Press F11 to restart the services.
When the service has been restarted, press Enter.
Press Esc to log out of the system.

From the Local Console or SSH:
Log in to SSH or Local console as root.
Run these commands:

/etc/init.d/hostd restart
/etc/init.d/vpxa restart

Note: In ESXi 4.x, run this command to restart the vpxa agent:

service vmware-vpxa restart

To reset the management network on a specific VMkernel interface, by default vmk0, run the command:

esxcli network ip interface set -e false -i vmk0; esxcli network ip interface set -e true -i vmk0

Note: Using a semicolon (;) between the two commands ensures the VMkernel interface is disabled and then re-enabled in succession. If the management interface is not running on vmk0, change the above command according to the VMkernel interface used.

To restart all management agents on the host, run the command: restart

Note: For more information about restarting the management service on an ESXi host, see Service mgmt-vmware restart may not restart hostd in ESX/ESXi (1005566).

Apache SSL Redirect

Need to redirect all traffic to an Apache server from HTTP (Port 80) to HTTPS (port 443)?

Just add a redirect statement in your httpd.conf for that server.

<VirtualHost *:80>
DocumentRoot "/path/to/"
ErrorLog logs/greyfuzz-error.log
CustomLog logs/greyfuzz-access_log combined
Redirect /
<Directory "/path/to/">
Your directory options

Line #7 above does the magic for you.

Be sure to include the trailing ‘/’ on the end of the domain being redirected,
without it you may get some untoward URLs that look like
https://www.greyfuzz.comindex.php instead of

Note: Be certain your conf.d/ssl.conf (or equivalent) is already set up and HTTPS is working properly first.

Remove password from SSL Certificate

To remove the password or passphrase from your SSL certificate so that Apache will restart without hanging waiting for you to enter the password/passphrase,

In a couple of simple steps, but the first and most important

Make a backup copy of your key!!!
Actually make a couple and store them somewhere safe!

Then strip the key out with:

/usr/bin/openssl rsa -in /path/to/server.key -out /path/to/newservernopass.key

(you may need to adjust the path to openssl for your server)

Copy the newservernopass.key file over your server.key file and restart apache, if all goes well, apache will just start up without prompting for the passphrase.

NOTE: Be sure permissions on your SSL key file are only as permissive as needed (for example apache:apache 400) without a passphrase the key *could* be used on another server that you did not intend if it was leaked out. So keep it secure!

List Installed libraries

To display all of the libraries installed on your Linux system there is no need to soft through /lib and /usr/lib, etc… try this command it will display all of the libraries and where they are linked to.

/sbin/ldconfig -p

Combine it with grep and you can search for a specific library

something like:

/sbin/ldconfig -p | grep libQtTest