Tag Archives: unix

God I Wish… Ah!

Posted on by
Reply

Apple Inc.At work I’ve been thinking about a particular system administration subject on and off for a few days now. When Mac is first installed all the “Optional Sharing Services” are all shipped defaulted to off, which makes sense and is fine. Generally speaking I’ve been fine with using Apple Remote Desktop to share the workstation, open System Preferences, and turning on whatever sharing bits I need to have on for the client workstations and that’s that. However that’s not really that elegant and I’ve been looking for a way to programmatically do it on the command line. As it is, Apple Remote Desktop can send Unix commands to connected workstations. All my client workstations are assembled in a neat little pile on my Apple Remote Desktop screen, as easy as you please. How can I turn on or off these Sharing services without having to upset the user. Ideally I want to turn these on without even sharing their workstation, to in a way, do it under the covers.

Enter the command systemsetup. G’duh. There’s even a handy-dandy template in Apple Remote Desktop that I’ve overlooked all these years that even has the details of the options laid out. So, in Apple Remote Desktop, select the stations you want to change, click the UNIX button, in there select the right template, change the user to root and send the command. Moments later, and in this case, SSH is up and running on the client workstation as easy as you please. Boom. No futzing with sharing workstations, no mucking about with System Preferences. Just simple, easy, like I knew had to exist. Now I know how.

This is actually the way I prefer to learn these things. This was something I sussed out, so it’s worth more than if I just spotted it in some bit of documentation. It took time and energy and it’s mine. The solution is worth something to me, and so I blog about it so I can celebrate Mac OSX and keep a little log in case I forget in the future. It’ll always be here.

Hooray for Mac OSX!

photo by: marcopako 

Starting Out Small

Posted on by
Reply

ethernet cablesThere is an issue I have at work, something I’ve written about before in my logs that I’ve found a solution for that I feel I can blog about. I can’t really talk about the why behind all of this, but I can share a technical explanation of how I am addressing this problem. It’s a half-thing, bear with me.

At Western, I’m very interested in the number of open TCP connections that a workstation has open at any one time. I don’t care what state the connection is in, ACK_WAIT to any of the others, if there is a line, I want to know about it. Specifically I want to know how many lines there are. Mac OSX is based on Darwin, and Darwin is based on BSD – so you get a shell to work with when you start Terminal.app. There is a lot of power in the command line interface and once you get the hang of it, it’s really quite useful.

So remote stations, at least two of them I have turned on “Remote Login” in their Sharing applet in System Preferences which enables the machines SSH servers to answer incoming connections. I can use SSH to call up a command line window to those remote stations, feeding them commands. I have done this for a long while for our servers in the office but this is the first time I’ve seriously done this for workstations. So, with this connection established I want to collect the number of TCP connections that machine has established. On the command line there are lots of pieces to get this to work:

First, you need a loop structure so that the command happens regularly: 

while true; do [command]; sleep 60; done

This will run a command every 60 seconds and it will never end unless I send a Control-C character which represents “Break” to the shell.

At first I just needed to count how many connections. You get this number, or at least an approximation of it this way:

netstat -p tcp|wc -l

That calls netstat to list out all the TCP connections, which then I pipe, using the pipe character ‘|’ to another command called wc, which calculates word-counts. I make wc ignore words and just count lines by using the -l switch. I don’t really care what other stations my targets are communicating with, just a count of how many. And yes, technically the SSH connection inflates this by at least one connection, it’s not intended to be forensic.

But something was missing. I need a date stamp. In BSD, there is a command called date, and you can give it a format so you can make date write out the Hours, Minutes, and Seconds the way you want to see them, but date has an annoyance to it. The command date always inserts a ‘newline’ character at the end, so what you’d get is a date, a new line, and your count. It’s okay, but it’s annoying. It would be far better to get rid of that newline character altogether. Enter in the ‘tr’ command, which translates characters. In this case, we tell tr to just delete the newline character, so ask date for the right sort of date, have tr nail off that newline at the end because it’s annoying and…

while true; do date '+%H:%M:%S '|tr -d '\n'; netstat -p tcp|wc -l; sleep 60; done

This outputs a very nicely formatted report on a remote workstation. So now I have datestamps, connection count levels, and when the count gets to a certain number and things happen, I can be faux-psychic.

UPDATE: Apparently I just can’t leave well enough alone. Seeing a slow parade of numbers trot by is rather dull when all I really want to know is when these numbers say, get over 70. So…

while true; do test "$(netstat -p tcp|wc -l)" -gt 70 && (date '+%H:%M:%S '|tr -d '\n'; netstat -p tcp|wc -l;); sleep 60; done

 

photo by: Bull3t

For the want of pgrep on Mac OSX

Posted on by
Reply

I’ve got an issue at work, of course. I’ve got a Mac OSX xServer that has grown crotchety and so I’ve gotten to making things better by using killall on various running processes in order to “clean up the mess”. This is all fine and good and these processes respawn and the world goes back to normal and everything is fine, however I also want to renice this pesky command and give it a lower priority. While killall can do a search by name, renice requires a pid. The way you get pids is to run the ‘ps’ command, but this gives you a big pile of data and really all you want is just the pid itself, so you can pass that to renice.

So here’s how to get your cake and eat it too on Mac OSX Leopard Server:

1) First, change your shell – the default for root is /bin/sh, do this by issuing this command:

chsh -s /bin/bash root

2) Then you’ll need to give bash a profile, create a new file call it .bash_profile and fill it with this text:

[[ -s ~/.bashrc ]] && source ~/.bashrc

3) Next you’ll need to fill out that .bashrc because that contains the function you need to replicate pgrep:

pgrep() for arg; do ps aux|grep $1|grep -v grep|awk '{print $2}';done;

4) Log out and log back in and you’ll end up in bash, not sh, and you’ll have a new command at your disposal, pgrep. You can then use pgrep CommandName and it’ll spit out the pid related to what you are after.

5) Then you can use this new function with renice this way:

renice 20 `pgrep CommandName`

One thing to note here is that the ` character is the backtick character. You’ll find this hiding out in the upper left corner of your keyboard, it’s the unshifted tilde button.