Solaris

Solaris NIC Failure module

Solaris network cards are configured using modules which can be loaded and unloaded using the ifconfig command. These are streams modules, not kernel modules and are interface specific. One of the coolest modules supplied is ldterm, which can be used to simulate a NIC failure. Really handy for testing failover in cluster environments. Especially when you're not physically able to pull the cable out yourself.
 
To see the list of modules loaded on a nic in the system you would use the command:
 
Tags: 

Apache (NCSA) Visitor statistics

I've been looking through some old files and I found this log analysis script kicking around. It's really simple and outputs the total hits and unique hits (visitors) per day as read from a NCSA format log file. Thought I would post it here for posterity.
 
This really is first exercise in "bash for dummies" type stuff though ;p 
 
Not that I have that book or even know if it exists?
 
loganalysis.sh 

Performance Monitoring script

This is a script which can collect perfomance statistics at desired intervals and convert the output into a CSV report which you can then import into a spreadsheet or database for further analysis. It uses standard unix utilities (iostat, vmstat, netstat, uptime) and has been tested on Linux and Solaris systems.
 
 

Solaris, Apache and mod_SSL

There is some kind of incompatability between the solaris yacc pre-processor and GNU flex when building mod_ssl. Also mod_ssl requires the GNU version of m4 and will not compile with the Solaris version.
 
M4 Failure 
If your build fails at "flex -Pssl_expr_yy -s -B ssl_expr_scan.l" with error "m4: bad option: -P"
then you are using the Solaris m4. Install the GNU m4 and ensure it is in your path before /usr/ccs/bin/m4
 

Solaris Patch Cluster Management

Sun release security updates for their Operating Systems through "Recommended and Security" patch clusters. Generally if Sun fix something that isn't critical or security related only customers with a maintenance agreement get access to it.
 
Sun provide a patch manager for Solaris 8 and 9, but it requires the developer system to be installed because of all of it's dependencies. On a hardened production system this can be a real PITA.
 
Tags: 

Solaris password history

Solaris 9 is a little confused when it comes to security. It implements some cool features likes roles, RBAC and BSM auditing, but doesn't include decent password strength or password history checks. Luckily Solaris 9 does include PAM so these things can be added as modules. 
 
Password cracking is easy, we just need to add a Solaris version of pam_cracklib, but I was unable to find a suitable module for password history. I decided to modify the pam_cracklib module  to include a password history check...