Thursday, December 29, 2011

Error 500 when setting up VSFTP.

Trying to set up vsftpd on CentOS 6.2 ?

When trying to ftp from a client machine to the VSFTP Server. You will be prompted for user id and password but then will get the following error:

"500 OOPS: cannot change directory:/home/testuser"
Login failed.

"testuser" is my user id on the CentOS Server.

I've gotten it to work by disabling SELinux but I had to find a less drastic solution.

There are a lot of recommendations floating around the net for this, but try the following first:

[root@testvm vsftpd]# getenforce
[root@testvm vsftpd]# getsebool -a | grep ftp
allow_ftpd_anon_write –> off
allow_ftpd_full_access –> off
allow_ftpd_use_cifs –> off
allow_ftpd_use_nfs –> off
allow_tftp_anon_write –> off
ftp_home_dir –> on (change that to on in ur case this option is off)
ftpd_disable_trans –> off
ftpd_is_daemon –> on
httpd_enable_ftp_server –> off
tftpd_disable_trans –> off
[root@testvm vsftpd]# setseboll -P ftp_home_dir on

This is all that you need to do.

Monday, February 28, 2011

Step-by-step instructions for setting up Netapp (Data OnTap) Simulator

Those who are newly learning Netapp can use Netapp Data OnTap Simulator to get comfortable with Netapp commands. This tool gives you the experience of administering and using a NetApp storage system with all the features of Data ONTAP. The Simulator can be downloaded from ( you need NOW access ). The simulator has fully functional license keys for all Netapp functionalities.

The simulator can be loaded onto a Red Hat or SuSE Linux box and looks and feels exactly like Data ONTAP. Almost anything you can do with Data ONTAP can be done with the simulator. Without purchasing new hardware or impacting your production environment, you can test functionality, export NFS and CIFS shares etc.

System Requirement:

Data ONTAP 7G (7.x.x) simulators

Server /PC with Single network card, 128 MB main memory minimum (512 MB recommended), 250MB free hard disk space (minimum) disk space of 5GB would be better for simple testing purpose. More disks you need then you need have ~30GB
Linux installed, running, and networked (Works on Red Hat Linux 7.1 through 9.0, SUSE 8.1 and 8.2) any Linux Operating System (32 bit)
Installer must be logged on as root


This is not a production version of Data ONTAP and should not be used in your production environment. There are inefficiencies (for example, a 1GB disk file will be much larger than 1GB) and performance running on another OS without a disk system behind it will obviously be considerably less than with Data ONTAP. Simulator can’t hold disks more than 28 and approximately around 28GB in total size. Finally, the simulator can't emulate environments where specific hardware is required (for example, Fibre Channel).It is recommended that the Data ONTAP Simulator be installed on a non-production Linux system. Simulator installation scripts may replace the Red Hat libc library with an older more stable one. It's unlikely but possible that other applications may be affected.

Steps to install Simulator:

Step I:
o Download the Data ONTAP simulator and keep it under home directory

linux-sesl-184-54:/home # ls

Step II:
o Now untar the simulator installer.

linux-sesl-184-54:/home # tar -xvf 7.3.1-tarfile-v22.tar

Step III :
o Once you have untarred the installer you will find the new folder simulator where the installer get extracted.

linux-sesl-184-54:/home # ls
7.3.1-tarfile-v22.tar simulator ===========================> Extracted under a folder called simulator

Step IV:
o Change Driectory to the extracted path

linux-sesl-184-54:/home # cd simulator/
linux-sesl-184-54:/home/simulator # ls
Vmware, Linux and Simulator installation.doc disks.tgz disks2.tgz doc license.htm readme.htm sim.tgz

Step V:
o Now run the installer script ( to create the Single Node Simulator. If you wish to install Cluster Pair skip this step and perform Step VII.

linux-sesl-184-54:/home/simulator # ./
Script version 22 (18/Sep/2007)
Where to install to? [/sim]: =====================> Choose your simulator install path.
Would you like to install as a cluster? [no]:
Would you like full HTML/PDF FilerView documentation to be installed [yes]:

Continue with installation? [no]: yes ===================================================> Enter "yes" to contiue the installtion

Creating /sim
Unpacking sim.tgz to /sim
Configured the simulators mac address to be [00:50:56:1:cd:eb]
Please ensure the simulator is not running.
Your simulator has 3 disk(s). How many more would you like to add? [0]: 2
Too high. Must be between 0 and 25.
Your simulator has 3 disk(s). How many more would you like to add? [0]: 2 =====================> Maximum available disk numbers for simulator (Choose the number of disks and size based on your Linux disk space)

The following disk types are available in MB:
Real (Usable)
a - 43 ( 14)
b - 62 ( 30)
c - 78 ( 45)
d - 129 ( 90)
e - 535 (450)
f - 1024 (900)
If you are unsure choose the default option a

What disk size would you like to use? [a]: f ===========================================> Choose the bigger disk size based on your need and the disk space availability
Disk adapter to put disks on? [0]:
Use DHCP on first boot? [yes]: no ===================================================> Say "no" if you wanted to configure Static IP address
Ask for floppy boot? [no]:
Your default simulator network interface is already configured to eth0.
Which network interface should the simulator use? [eth0]: ==============================> Choose the "interface" which you wanted to use for Data Traffic

Another simulator is running. Cannot give good advise about memory.
How much memory would you like the simulator to use? [512]: =============================> Choose the Default RAM size
Create a new log for each session? [no]:
Overwrite the single log each time? [yes]:
Adding 25 additional disk(s).
Complete. Run /sim/ to start the simulator.
linux-sesl-184-54:/home/simulator #

Step VI:
o That's it, start the simulator by running startup script /sim/ And configure the Setup as per your need.

Step VII:

Network Appliance Clustered Failover delivers a robust and highly available data service for business-critical environments. Installed on a pair of NetApp filers, NetApp Clustered Failover ensures data availability by transferring the data service of an unavailable filer to the other filer in the cluster. Data ONTAP simulator also supports the Clustered Failover.

o To configure the Data ONTAP Simulator for the (cluster) Active Active Pair do the following:

CFO Step I:

Run the Setup and when it ask for the following say yes and continue the setup
Would you like to install as a cluster? [no]: yes ====================================> Say yes to install the Active Active Pair (Cluster) Node

CFO Step II: Now you will find node1 & node2 simulators installed in the given path.

CFO Step III: Run the setup script for each node and configure the interface which needs to take over a partner IP address during failover.
Please enter the new hostname []: cfo1
Do you want to configure virtual network interfaces? [n]:
Please enter the IP address for Network Interface ns0 []: ==================> Primary IP address of node1
Please enter the netmask for Network Interface ns0 []:
Should interface ns0 take over a partner IP address during failover? [n]: y ============> Say "Y" to enable Cluster Failover
The clustered failover software is not yet licensed. To enable network failover, you should run the 'license' command for clustered failover.
Please enter the IP address or interface name to be taken over by ns0 []:> Partner IP address of node2

CFO Step IV:Add cluster license.After reboot (mandatory since cluster is licensed) just enable cluster from the CLI.

CFO Step V: Check the status via cf status command. It should say Cluster Failover enabled.

Bringing the Virtual Filer Up
# cd /sim

#/sim/ script version Script version 22 (18/Sep/2007)
This session is logged in /netapp/7.3/sessionlogs/log
NetApp Release 7.3: Thu Jul 24 12:55:28 PDT 2008
Copyright (c) 1992-2008 Network Appliance, Inc.
Starting boot on Tue Dec 9 11:45:37 GMT 2008
Tue Dec 9 11:45:42 GMT [fmmb.current.lock.disk:info]: Disk v4.16 is a local HA mailbox disk.
Tue Dec 9 11:45:42 GMT [fmmb.instStat.change:info]: normal mailbox instance on local side.
Tue Dec 9 11:45:43 GMT [raid.cksum.replay.summary:info]: Replayed 0 checksum blocks.
Tue Dec 9 11:45:43 GMT [raid.stripe.replay.summary:info]: Replayed 0 stripes.
…. Boot message
Please enter the new hostname []: - Specify Filer hostname
Do you want to configure virtual network interfaces? [n]:n
Please enter the IP address for Network Interface ns0 []: -- Provide Filer ip
Please enter the netmask for Network Interface ns0 []: -- Provide Netmask
Please enter media type for ns0 {100tx-fd, auto} [auto]:
Please enter the IP address for Network Interface ns1 []:
Would you like to continue setup through the web interface? [n]:n
Please enter the name or IP address of the default gateway: -- Provide default gateway
The administration host is given root access to the filer's
/etc files for system administration. To allow /etc root access
to all NFS clients enter RETURN below.
Please enter the name or IP address of the administration host: -- Provide admin hostname
Please enter the IP address for adminserver : -- Provide admin ip
Please enter timezone [GMT]:Asia/Calcutta
Where is the filer located? []:Mumbai
What language will be used for multi-protocol files (Type ? for list):en_US
Setting language on volume vol0
The new language mappings will be available after reboot
Tue Dec 9 11:47:03 GMT [vol.language.changed:info]: Language on volume vol0 changed to en_US
Language set on volume vol0
Do you want to run DNS resolver? [n]: -- Say yes if you want configure dns
Do you want to run NIS client? [n]: y
Please enter NIS domain name []: - Provide nis domain name
Please enter list of preferred NIS servers [*]: - Prodive nis server ip's
Setting the administrative (root) password for [hostname]
New password: - Set root password here
Retype new password:
This process will enable CIFS access to the filer from a Windows(R) system.
Use "?" for help at any prompt and Ctrl-C to exit without committing changes.
Your filer does not have WINS configured and is visible only to
clients on the same subnet.
Do you want to make the system visible via WINS? [n]: n -- Say yes if you want to configure WINS
A filer can be configured for multiprotocol access, or as an NTFS-only
filer. Since multiple protocols are currently licensed on this filer,
we recommend that you configure this filer as a multiprotocol filer
(1) Multiprotocol filer
(2) NTFS-only filer
Selection (1-2)? [1]: 1
CIFS requires local /etc/passwd and /etc/group files. NIS services,
which normally take the place of the local /etc files, are enabled on
this filer. However, if NIS is ever unavailable, it may be useful to
have a rudimentary /etc/passwd and /etc/group file for CIFS
authentication. This default passwd file would contain 'root',
'pcuser', and 'nobody'.
Should CIFS create default /etc/passwd and /etc/group files? [n]:
NIS is currently enabled but NIS group caching is disabled. This may
have a severe impact on CIFS authentication if the NIS servers are
slow to respond or unavailable. It is highly recommended that you
enable NIS group caching.
Would you like to enable NIS group caching? [y]:
By default, the NIS group cache is updated once a day at midnight. If
you would like to update the cache more often or at a different time,
specify a list of hours (1-24, representing the hours in a day) that
describe when the update should be performed.
Enter the hour(s) when NIS should update the group cache [24 ]:
Would you like to specify additional hours? [n]:
The default name for this CIFS server is 'FILERNAME'.
Would you like to change this name? [n]:
Data ONTAP CIFS services support four styles of user authentication.
Choose the one from the list below that best suits your situation.
(1) Active Directory domain authentication (Active Directory domains only)
(2) Windows NT 4 domain authentication (Windows NT or Active Directory domains)
(3) Windows Workgroup authentication using the filer's local user accounts
(4) /etc/passwd and/or NIS/LDAP authentication
Selection (1-4)? [1]: 4
What is the name of the Workgroup? [WORKGROUP]:
Tue Dec 9 11:48:34 GMT [rc:info]: NIS: Group Caching has been enabled
CIFS - Starting SMB protocol...
Tue Dec 9 11:48:34 GMT [nis.lclGrp.updateSuccess:info]: The local NIS group update was successful.
Welcome to the WORKGROUP Windows(R) workgroup
CIFS local server is running.
filername> -- Filer is up


Perform Filer related activities from admin host via rsh or from the command prompt in the end of previous step

filername> df

Filesystem kbytes used avail capacity Mounted on
/vol/vol0/ 164552 71264 93288 43% /vol/vol0/
/vol/vol0/.snapshot 0 0 0 ---% /vol/vol0/.snapshot

filername> vol status -r

Aggregate aggr0 (online, raid0) (zoned checksums)
Plex /aggr0/plex0 (online, normal, active)
RAID group /aggr0/plex0/rg0 (normal)
RAID Disk Device HA SHELF BAY CHAN Pool Type RPM Used (MB/blks) Phys (MB/blks)
--------- ------ ------------- ---- ---- ---- ----- -------------- --------------
data v4.16 v4 1 0 FC:B - FCAL N/A 120/246784 127/261248
data v4.17 v4 1 1 FC:B - FCAL N/A 120/246784 127/261248

Spare disks
RAID Disk Device HA SHELF BAY CHAN Pool Type RPM Used (MB/blks) Phys (MB/blks)
--------- ------ ------------- ---- ---- ---- ----- -------------- --------------
Spare disks for zoned checksum traditional volumes or aggregates only
spare v4.18 v4 1 2 FC:B - FCAL N/A 36/74752 43/89216
spare v4.19 v4 1 3 FC:B - FCAL N/A 36/74752 43/89216
spare v4.20 v4 1 4 FC:B - FCAL N/A 36/74752 43/89216
spare v4.21 v4 1 5 FC:B - FCAL N/A 36/74752 43/89216
spare v4.22 v4 1 6 FC:B - FCAL N/A 36/74752 43/89216
spare v4.24 v4 1 8 FC:B - FCAL N/A 36/74752 43/89216
spare v4.25 v4 1 9 FC:B - FCAL N/A 36/74752 43/89216
spare v4.26 v4 1 10 FC:B - FCAL N/A 36/74752 43/89216
spare v4.27 v4 1 11 FC:B - FCAL N/A 36/74752 43/89216
spare v4.28 v4 1 12 FC:B - FCAL N/A 36/74752 43/89216

NetApp ONTAP Simulator and ESXi 4.1 Server

After installing and configuring the simulator if you can't get any network connectivity whatsoever. Try the following steps :

The network interface that was being used by the simulator has to be in promiscuous mode. ESXi Server, by default, doesn’t allow NICs in guest operating systems to be in promiscuous mode.

The fix is this:

Enable “Promiscuous Mode” for the vSwitch Port Group where the GREEN NIC of the Endian resides on.

In the ESXi configuration,
- Select your ESXi server in the tree view on the left
- Select the “Configuration” tab
- Find the “Virtual Switch” where the vnic of your VM connects to
- Click on the “Properties” link for that Virtual Switch
- Select the “Virtual Machine Port Group”
- Click “Edit”
- Go to the “Security” tab
- Put a checkmark after the “Promiscuous Mode”, then set the value in the combobox to “Accept”
- Press the “OK” button in the “Virtual Machine Port Group” dialog
- Press the “Close” button in the “Virtual Switch” dialog

Why enable Promiscuous Mode?
A router or bridge does more with traffic than a normal NIC. So the router needs to see more packets, Promiscuous mode enables that.

Thursday, February 24, 2011

How to setup Cisco VPN using VPNC on Ubuntu 10.10

This guide is for Ubuntu 10.10 users who want to connect to Cisco VPN using VPNC. This guide assumes you have profile file in .pcf format (we will use myoffice.pcf as an example here).

Let’s begin and follow the steps exactly replacing your own pcf file:

Open terminal and run the following commands

* Create a directory

mkdir vpnclient

Change to that directory:

cd vpnclient

* Download cisco-decrypt file which will be used to decrypt the group password from your pcf file:


sudo apt-get install libgcrypt11-dev

gcc -Wall -o cisco-decrypt cisco-decrypt.c $(libgcrypt-config --libs --cflags)

chmod +x cisco-decrypt

sudo cp cisco-decrypt /usr/bin

* Download pcf2vpnc to convert pcf files in vpnc configuration format


chmod +x pcf2vpnc

sudo cp pcf2vpnc /usr/bin

* Go to windows vpn profiles directory and convert .pcf files to .conf files

pcf2vpnc myoffice.pcf > myoffice.conf

* Note:replace above myoffice.pcf with your own .pcf file.

sudo cp myoffice.conf /etc/vpnc/

* install vpnc and connect to vpn

sudo apt-get install vpnc resolvconf

*This will install vpnc in your system. Once installed, you have to create a .conf file in /etc/vpnc/ where is the name you give (without the <>). Enter the following command to create a file called myoffice.conf

sudo vpnc myoffice.conf

Enter username for :
Enter password for :
VPNC started in background (pid: 6092)xn--

* To disconnect simply do

sudo vpnc-disconnect

Monday, January 24, 2011

Step by step guide to install Oracle 11G R2 on x86_64 Linux (CentOS 5.5)

Hardware Requirements:

Physical Memory
[root@centos55 ~]# grep -i memtotal /proc/meminfo
results: should be at least 1GB
[root@centos55 ~]# grep -i swaptotal /proc/meminfo
results: should be 1.5 the size of memtotal if memtotal <>
should be equal to memtotal if memtotal is between 2GB and 8GB
should be .75 the size of memtotal if memtotal > 8GB
Shared Memory
[root@centos55 ~]# df -k /dev/shm
results: informational
purpose: The shared memory should be sized to be at least the greater of MEMORY_MAX_TARGET and MEMORY_TARGET for each Oracle instance on the computer.
Disk space in /tmp
[root@centos55 ~]# df -h /tmp
results: should have at least 400MB available
Disk space for Oracle binaries
[root@centos55 ~]# df -h
results: Depending on installation type you should have between 4.5GB and 4.9GB

Software requirements:

Linux distribution :
[root@centos55 ~]# cat /proc/version
Linux version 2.6.18-194.32.1.el5 ( (gcc version 4.1.2 20080704 (Red Hat 4.1.2-48)) #1 SMP Wed Jan 5 17:52:25 EST 2011

Kernel version:
[root@centos55 ~]# uname -r

Required Packages:
[root@centos55 ~] # rpm -q binutils compat-libstdc++-33 elfutils-libelf elfutils-libelf-devel elfutils-libelf-devel-static gcc gcc-c++ glibc glibc-common glibc-devel glibc-headers kernel-headers-2.6.18 ksh libaio libaio-devel libgcc libgomp libstdc++ libstdc++-devel make sysstat unixODBC unixODBC-devel

It is probably a good idea to do a minimal install of the CentOS and install the following packages using Yum using the following commands.

[root@centos55 ~]# yum -y install compat-db gcc gcc-c++ libstdc++ pdksh sysstat compat-libstdc++-33 elfutils-libelf-devel elfutils-libelf-devel-static unixODBC unixODBC-devel libaio-devel
to install the missing packages.

[root@centos55 ~]# yum -y groupinstall "X Window System"

Create Oracle user and group

Create groups oinstall & dba

[root@centos55 ~]# groupadd oinstall
[root@centos55 ~]# groupadd dba
Create the Oracle user and change password
[root@centos55 ~]# useradd -g oinstall -G dba -s /bin/bash oracle
[root@centos55 ~]# passwd oracle

Creating Directories to Install the Oracle Software

[root@centos55 ~]# mkdir /u01
[root@centos55 ~]# mkdir /u02
[root@centos55 ~]# chown -Rf oracle:oinstall /u01
[root@centos55 ~]# chown -Rf oracle:oinstall /u02
[root@centos55 ~]# mount -o tcp,rsize=32768,wsize=32768,hard,intr,timeo=600 /u02
[root@centos55 ~]# chown -Rf oracle:oinstall /u02

Setting shell limits for the Oracle user

[root@centos55 ~]# vi /etc/security/limits.conf

oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 1024
oracle hard nofile 65536

Add the following lines to /etc/pam.d/login

[root@centos55 ~]# vi /etc/pam.d/login
session required

Add the following lines to /etc/profile

[root@centos55 ~]# vi /etc/profile

if [ $USER = "oracle" ]; then
if [ $SHELL = "/bin/ksh" ]; then
ulimit -p 16384
ulimit -n 65536
ulimit -u 16384 -n 65536

export ORACLE_BASE=/opt/app/oracle:$ORACLE_BASE
export ORACLE_SID=orcl

Configuring kernel parameters

[root@centos55 ~]# vi /etc/sysctl.conf

kernel.shmmax = 6442450944
kernel.shmall = 2097152
kernel.sem=250 32000 100 128
fs.file-max = 6815744
fs.aio-max-nr = 1048576
net.ipv4.ip_local_port_range=9000 65500
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_rmem = 4096 262144 16777216
net.ipv4.tcp_wmem = 4096 262144 16777216
net.ipv4.tcp_window_scaling = 1

[root@centos55 ~]# sysctl -p

Unzipping the downloaded setup files:

Unzip the downloaded files to a temporary location.

[root@centos55 opt]# unzip
[root@centos55 opt]# unzip

[root@centos55 opt]# ls -lrth
total 2.2G
-rw-r--r-- 1 oracle oinstall 1.2G Mar 10 2010
-rw-r--r-- 1 oracle oinstall 1.1G Mar 10 2010

Here the files have been unzipped into /opt and the following commands will take you through starting the Oracle installer form that mount point.

[root@centos55 ~]# cd /opt/database

[root@centos55 ~]# ./runInstaller

From this point, Oracle will do a few minor checks on the operating system and then put up the Oracle Installation screen. Our particular configuration did not throw any errors at this point but it should be noted, as it can be helpful, that sometimes the Oracle installer will complain at this very early stage about various Linux system configurations. If this is the case you might be able to bypass them by adding an additional argument to the runInstaller command. Please only use this as a last resort to the normal installation path.

[root@centos55 ~]# ./runInstaller -ignoreSysPrereqs

The installation settings are pretty explanatory. Just go with the defaults, and if there is an error at some point the details panel will explain whats wrong.

At one point you will be asked for the SYSMAN password. Remember it because it will be used to login into the web console.

When you near the very end of the installation, you will be asked to run one or two scripts as root.

Just open up a terminal, su – into root and run the scripts which have their full paths displayed for your convenience.

Execute Configuration scripts

[root@centos55 ~]# /opt/app/oraInventory/
[root@centos55 ~]# /opt/app/oracle/product/11.1.0/db_1/

1. accept default of /usr/local/bin
2. Click
3. Click
4. Click

Starting And Stoping Oracle

You might need to start oracle back up or stop it at some point so sue these commands which are located in:


emctl start dbconsole
lsnrctl start

emctl stop dbconsole
lsnrctl stop

Direct NFS Client

For improved NFS performance, Oracle recommend using the Direct NFS Client shipped with Oracle 11g. The direct NFS client looks for NFS details in the following locations:




[root@centos55 ~]# vi $ORACLE_HOME/dbs/oranfstab

server: nas1
export: /vol/u02export mount /u02

Since we already have our NFS mount point details in the "/etc/fstab", and therefore the "/etc/mtab" file also, there is no need to configure any extra connection details.

For the client to work we need to switch the library for the library, as shown below.

SQL>shutdown immediate

[root@centos55 ~]# cd $ORACLE_HOME/lib
[root@centos55 ~]# mv libodm11.so_stub
[root@centos55 ~]# ln -s


With the configuration complete, you can see the direct NFS client usage via the following views:
For example:
SQL> SELECT svrname, dirname FROM v$dnfs_servers;

------------- -----------------
nas1 /vol/u02export