Helpful Administrative Scripts |
|---|
These scripts are distributed under standard GNU Public License terms. You are free to use and distribute them, provided you preserve the attribution comments in them. They are not that sophisticated, but if you find them useful or have suggestions for improvement, please email. unix @ the-welters . com and let me know what you think. Most of these are written in Bourne shell. While I think Perl is a much better language for larger or more complex scripts, most of these are so simple that Bourne shell suites them just fine.
Display the layout and size of dimm slots on an IBM Power or pSeries server. This uses the lscfg -vp command to display the hardware config. You might want to run this command when planning hardware upgrades to make sure that you have enough slots to install additional memory.
Click here to see the script.
Platforms supported: IBM AIX 5.x and 6.1
This script is handy for documenting the logical volume manager configuration for an AIX system. Having this information all in one place can be useful when trying to analyze disk utilization. It can also be valuable as part of the disaster recovery documentation for a system.
Click here to see the script.
Platforms supported: IBM AIX 4.x
Display Cisco Discovery Protocol packet information via tcpdump or snoop. This information includes the name of the network switch the network interface is connected to, plus the port number, vlan, and duplex of the port.
Click here for the script.
Platforms supported: IBM AIX, Sun Solaris
This script can used in disaster recovery to rebuild the non-rootvg volume groups and volumes on a system. The output of this script is a script that will run the required mklv and crfs commands needed to duplicate a systems file system structure. This script needs to be run prior to a disaster in order to produce the volume creation script. The volume creation script requires some manual editing in order to adapt to the specific hardware being used for recovery. In the event of a real recovery the disk names and sizes will differ from the original system configuration, which requires that the mklv commands be manually edited.
Click here to see the script.
Platforms supported: IBM AIX 5.x
This script performs a basic cleanup of a volume group in order to provide a somewhat secure remove of data. This is obviously not DOD or financial system grade data erasure, but may be sufficient for many enviroments when turning systems over to a recycling company or at the end of an offsite disaster recovery test. The script does the following actions: For each volume in the indicated volume group: - kill any processes using file systems in the volume group - recursively remove all files in the volume - remove the file system with rmfs - once all the volumes are removed, remove the volume group via reducevg. For best results, follow up the deletion of the volume group with a creation of a new volume group re-using the PVs.
Click here to see the script.
Platforms supported: IBM AIX 5.x
This script can be handy to visualize the parent child relationships of processes running on your system. When analyzing performance or other system problems, you often want to find out who belongs to who. This script uses a really handy feature in newer "ps" commands. The "-o" option. this command line option is used to control specifically what output fields you are interested in from "ps" and specifically what order you want them to appear in. This makes it much much easier to pick apart the output of "ps" in a script.
When issued without any parameters, it displays the ancestry of all processes running on the system relative to the "schd" process. (pid 0). You can also supply a specific pid, and only the ancestry of that process will be shown.
This script is kinda interesting in that it is a Bourne shell script that uses recursion. But because of this, it is really inefficient (recursive calls require a new process be spawned off). It would be much better off written in Perl, but I originally wrote it before I knew Perl very well.
click here to see the script.
Platforms supported: Unixs who's "ps" command supports the "-o"
option. (ie, Solaris, Digital Unix, AIX, but not Linux)
This script provides a simple way to log performance data to a file. Running accounting or installing a full shrink wrap package like HP Perfview can obviously provide you with more information. But if you want something cheap and easy, this can be a good start. The first step on solving performance complaints is to know what the system has done in the past. And the first steps in justifying hardware upgrades is to show that the system is busy and that usage has increased. The way I install this script is to run it via cron at midnight. By default, it reports 24 hours worth of observations, 60 seconds apart. Command line options can be used to alter the interval between observations or alter the number of observations.
Platforms supported: Most Unix flavors
"dumpall" is a set of system backup scripts for Sun Solaris and Compaq Tru64 Unix. The dumpall scripts are more complicated that the other scripts on this page, so they have their own page detailing the scripts and the installation procedures. But in brief, these scripts are capable of backing up all file systems on a system, and for Solaris systems allow for relatively secure backup across the network.
Click here for more details and for text of the scripts.
Platforms supported: Sun Solaris, Compaq Tru64 Unix (Aka Digital
Unix)
This script needs to be reworked, it isn't the greatest right now. It does a few things for you, so it is a starting point, but it doesn't send results via email, or warn you if you are not backing up a volume group or anything like that. All it does is do a mksysb, followed by a dump of the volumes in each additional volume group you specify. It maintains a log file, and can automatically print it out, but it doesn't send the results in email.
Click here to see the script.
Platforms supported: AIX 3.x and 4.x.
This script counts the number of file marks on a tape. It can optionally position the tape just past the last file mark when it is done. This can be handy when trying to figure out what is on an unmarked tape, when verifying that a backup worked correctly, or when you want to append additional backups on the end of a tape that has been rewound already.
click here to see the script.
Platforms supported: Most Unix flavors
This simplistic script uses the "-o" parameter to the ps command to put the ps output format into a more easily parsed format. This is a handy technique for any script that has to parse "ps" output. Unfortunately, not all ps commands support this option. Linux is one of the systems that does not support it. The "top" program available elsewhere on the net is a more powerful way of monitoring CPU utilization, but I still like this simple tweak to a ps command.
click here to see the script
Platforms supported: Versions of Unix that support the "-o" option
for "ps" (ie not Linux)
This Perl script acts as a "rexecd" client.
The rexec protocol is a is a method for executing commands on a remote system using a username and password for authentication. This differentiates rexec from rsh. Rsh commands use .rhosts and hosts.equiv files to set up trust relationships between systems, and allow command execution without a separate password challenge. There are security drawbacks to each approach.
Trust relationships can be used to compromise other systems once one system is breached. And rexec has no logging for failed login attempts. This allows it to be used as a conduit for dictionary password guessing attacks on a system. Systems directly exposed to the Internet should not run the execd. Systems on controlled networks should use software such as TCP Wrappers or "logdaemon" in order to put logging in place on this service. Future enhancements will include sending standard error and standard to different file descriptors and changing the command's ARGV list so that the command line options (ie password) are not visible via "ps" while the script is running.
inetd listens for rexec requests via TCP connections on port 512. rexec format as documented in the man page for rexec: The input stream consists of null separated values.
"port for standard error\0username\0password\0 command and args\0"
Click here to see the script.
TCP Wrappers and Logdaemon available from ftp://coast.cs.purdue.edu/pub/tools/unix
Platforms supported: Most Unix flavors. Maybe NT too if you have a
good Perl port.
Syslog is a standard Unix utility for reporting system messages. Messages can be kept on the local system, or forwarded to central loghost machines. Many network devices such as routers and firewalls can utilize syslog as a reporting mechanism.
Messages are processed by the "syslod" daemon process, and are sent to the daemon process either through the logger system call, or through the "logger" command. Syslog configuration is generally controlled via the /etc/syslog.conf file.
There are several sources for Syslog daemons for Windows 95 and Windows NT. In addition, the "swatch" utility can be used to automatically filter syslog messages based on message content.
Platforms supported: Most Unix flavors
Webcat is a perl program that takes URLs as input and fetches the specified web page. It can also be used to execute CGI Programs that use the GET method and URL encoding for their parms. When when given an URL on the command line, the script fetches a single web page. When no URL is specified on the command line, the program will read URLs from stdin, one URL per line.
The script does no parsing of the file returned and does not fetch images or URLs listed in frames.
Webload is a simple Bourne shell script that uses webcat in order to retrieve lists of URLs, and reports the amount of time needed to retrieve the page. Webload can save the files to a specified directory or send them to /dev/null. It can also loop through the list and download them repeatedly. There are much better tools out there for this task now. But when I originally wrote this that wasn't the case. Think of this as an old example for how you can do things.
Click here to see webcat
Click here to see webload
Platforms supported: Most Unixs, requires perl5. webcat should work
on NT with a good perl port.
This script is used to manage log files on a system. It will maintain a specified number of log file copies, renaming the old ones in a format "logfilename", "logfilename.0", "logfilename.1", with "logfilename.0" being the most recent archived log file.
Click here to see the script.
Platforms supported: Most Unixs.
This script is used to copy the disk partitioning from one disk to another. This does not copy any data, it simply replicates the partition layout as you could do using the "format" program. This script comes in handy when setting up a batch of new disk drives, or when setting up disk mirroring using Solstice Disk Suite.
NOTE: the source and destination disks must have the same geometry. (size, cylinders, sectors, etc). This script does not check to see if the destination disk is in use, but it does save a backup copy of the old disk partitioning in /tmp/format.dat.<diskname>.bak.
Click here to see the script.
Platforms supported: Solaris 2.x.
Most systems ship with an overly permissive inetd.conf file. This eliminates services that are potential security hazards. There are more full fledged security tightening scripts than this such as the Bastille Linux project and Titan amongst others. But this is handy if all you want to do is sweep through a bunch of inetd.conf files.
Click here to see the script.
Platforms supported: Most Unixs, but the service lists are Solaris
oriented.
Sequentially ping a range of IP addresses. This script is not as efficient as using a program such as nmap, but it is a handy exercise for manipulating IP addresses in Perl.
Click here to see the script
Platforms supported: Most Unixs.
This script does a reverse address lookup, returning a host name when given an IP address. It uses the gethostbyname function call, which means it will use whatever name resolution method the host running the program uses. This is meant to provide a more easily parsed format for output than nslookup provides, and is mostly useful inside other scripts.
Click here to see the script
Platforms supported: Unix and NT with a good Perl port
When given an IP address, this script does a hostname lookup lookup. It uses the gethostbyaddr function call, which will use whatever name resolution method the host running the program uses. Like the previous script this is meant to provide a more easily parsed format for output than nslookup provides, and is mostly useful inside other scripts.
Click here to see the script
Platforms supported: Unix and NT with a good Perl port
When given an IP address or host name, this script will perform a forward and reverse look up using gethostbyaddr and gethostbyname. This is useful for verifying that reverse DNS entries have been set up correctly, or to make sure that an IP address does not have a spoofed reverse entry.
Click here to see the script
Platforms supported Unix and NT with a good Perl port.
This program is an implementation of the "crypt" rc4 encryption program. It is a simple two way encryption program that can encrypt a file or data stream using a supplied key. When the same key and program are used on an encrypted file, it will decrypt the file.
Click here for the script
Platforms supported Unix and NT with Perl.
This script uses the "/var/sadm/install/contents" file in Solaris to recreate a Solaris package file based on the currently installed files on the system. This can be useful as a way of making a backup of a Solaris package prior to removing it, or as a way to recreate a Solaris installation package when you no longer have the package file that it came in. It can also be useful as a way of creating a modified / customized package for installation on other systems. One could change file contents, ownerships, or permissions to suit their needs, repackage the files, and use that package for installation on other systems.
Click here for the script
Platforms Supported: Solaris 2.x
This script creates a simple solaris package by interactively prompting for the basic values of a package. It assumes that you already have the files installed on the system in the proper location, with the desired ownerships and permissions.
Click here for the script
Platforms Supported: Solaris 2.x
This script doesn't do anything... It is just a file with examples of Bourne shell script syntax. It can be handy if you don't write in sh often and want your memory jogged, or if you can never remember what test operator checks to see if a file is a symbolic link or not.
Click here to see the script.
Platforms supported: generic Bourne shell script syntax.
This script doesn't do anything... It is just a file with examples of simple Perl syntax. It can be handy if you don't write in perl often and want your memory jogged.
Click here to see the script.
Platforms supported: generic Perl syntax.
Click here for the script
Platforms supported: Perl with XML::Simple, Data::Dumper, and tested with Symcli 7.1 and 7.2 and EMC VMax storage arrays.
Click here for the script
Platforms supported: Tested with Symcli 7.3 and EMC VMax storage arrays.
Perl script that is used to check the status of brocade fabrics. Uses Net::Telnet to login to the switches, runs zoneshow and switchshow, combining the output. Shows the zoning alias for devices connected to each port. It also flags ports that are connected to HBAs without aliases, and also flags aliases that are not logged in any where. This is handy for spotting problems or pruning out old aliases.
Click here for the script
Platforms supported: Perl with Net::Telnet, Brocade switches supporting telnet logins.
Perl script to save the configuration of a list of brocade switches. Uses Net::Telnet to login to the switches, runs "configshow -all" and saves the output for each switch in a different file. Assumes a configuration repository named /home/config/MonthYear.
Click here for the script
Platforms supported: Perl with Net::Telnet, Brocade switches supporting telnet logins.
| Back | Last Updated Dec 2011 |