1)Hash CONSOLE varible in /etc/default/login file in all systems host entries are placed
in /etc/hosts file
2)inetd process is now an SMF managed service.
3)Enabling & loggin inetd trace messages.
#cp /etc/syslog.conf /etc/OLD_syslog.conf_date
bash-4.1# grep daemon.notice /etc/syslog.conf
*.err;kern.debug;daemon.notice;mail.crit /var/adm/messages
-bash-4.1# inetadm -p
NAME=VALUE
bind_addr=""
bind_fail_max=-1
bind_fail_interval=-1
max_con_rate=-1
max_copies=-1
con_rate_offline=-1
failrate_cnt=40
failrate_interval=60
inherit_env=TRUE
tcp_trace=FALSE
tcp_wrappers=FALSE
connection_backlog=10
tcp_keepalive=FALSE
-bash-4.1# inetadm -M tcp_trace=TRUE
-bash-4.1# inetadm -p
NAME=VALUE
bind_addr=""
bind_fail_max=-1
bind_fail_interval=-1
max_con_rate=-1
max_copies=-1
con_rate_offline=-1
failrate_cnt=40
failrate_interval=60
inherit_env=TRUE
tcp_trace=TRUE
tcp_wrappers=FALSE
connection_backlog=10
tcp_keepalive=FALSE
root@solaris:~# telnet solaris2
Trying xx.xx.xx.xx ...
Connected to solaris2.
Escape character is '^]'.
login:
-bash-4.1# tail -f /var/adm/messages
Jan 15 12:04:51 solaris2 inetd[1962]: [ID 317013 daemon.notice] telnet[14347] from 10.66.10.115 51496
Jan 15 12:05:33 solaris2 inetd[1962]: [ID 317013 daemon.notice] telnet[19720] from 10.66.10.115 61248
Jan 15 12:10:19 solaris2 inetd[1962]: [ID 317013 daemon.notice] telnet[26795] from 10.66.10.115 48628
4)USING LOGGER COMMAND TO DEMONSTRATE HOW LEVELS OPERATE.
root@solaris:~# cat /etc/hosts
#
# Copyright 2009 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
# Internet host table
#
::1 localhost
127.0.0.1 localhost
10.66.10.115 solaris
10.66.10.108 solaris2 loghost
add entry in /etc/syslog.conf file
local0.notice /var/log/local0.log
root@solaris:~#touch /var/log/local0.log
root@solaris:~# svcadm restart system-log
root@solaris:~# dmesg
root@solaris:~# logger -p local0.notice NONONO DMESG
root@solaris:~# tail -f /var/log/local0.log
Jan 15 12:18:47 solaris root: [ID 702911 local0.notice] NONONO DMESG
NOTE:-
root@solaris:~# logger -p local0.notice NONONO DMESG
root@solaris:~# logger -p local0.notice NONONO DMESG
i am execute same command multiple times but it does not generate any message log file
only once it getnarate on after certain syslogd mark level reached
root@solaris:~# tail -f /var/log/local0.log
Jan 15 12:18:47 solaris root: [ID 702911 local0.notice] NONONO DMESG
======================
5)logging messages to another systems
-bash-4.1# hostname
solaris2
-bash-4.1# cp /etc/syslog.conf /etc/OLD_syslog.conf_date
-bash-4.1# vi /etc/syslog.conf
local0.notice @solaris ==>hear IP or HOSTNAME or alias are accepteble
(or)
local0.notice @xx.xx.xx.xx
(or)
local0.notice @loghost
# svccfg -s system-log
svc:/system/system-log> setprop config/log_from_remote=true
svc:/system/system-log> exit
-bash-4.1# cat /etc/hosts
#
# Copyright 2009 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
# Internet host table
#
::1 localhost
127.0.0.1 localhost
10.66.10.108 solaris2
10.66.10.115 solaris loghost
-bash-4.1# svcadm refresh system-log
-bash-4.1# svcs system-log
STATE STIME FMRI
online 12:34:42 svc:/system/system-log:default
on solaris node make follwoing entries:-
add entry in /etc/syslog.conf file
local0.notice /var/log/local0.log
# svccfg -s system-log
svc:/system/system-log> setprop config/log_from_remote=true
svc:/system/system-log> exit
root@solaris:~#touch /var/log/local0.log
root@solaris:~# svcadm restart system-log
-bash-4.1# logger -p local0.notice form solaris2 (from solaris2)
root@solaris:~# tail -f /var/log/local0.log (from solaris)
Jan 15 12:18:47 solaris root: [ID 702911 local0.notice] NONONO DMESG
Jan 15 12:21:44 solaris last message repeated 2 times
Jan 15 12:48:49 solaris root[16589]: [ID 702911 local0.notice] test
Jan 15 13:00:58 solaris root[16605]: [ID 702911 local0.notice] test
Jan 15 13:01:00 solaris root[16606]: [ID 702911 local0.notice] test
Jan 15 13:01:08 solaris root[16607]: [ID 702911 local0.notice] test
Jan 15 13:11:01 solaris2 root: [ID 702911 local0.notice] test3
Jan 15 13:15:21 solaris2 root: [ID 702911 local0.notice] form solaris2
================================
6)logging messaged by using loghost Alias and ifdef statements.
see the follwoing entry in /etc/syslog.conf file
#auth.notice ifdef(`LOGHOST', /var/log/authlog, @loghost)
/var/log/authlog ---> this local host's log file
@loghost -----------> the syslog facility on the loghost
on both systems check loghost alias in /etc/inet/hosts file . it is associated
with the hostname of local system.
on both systems refresh system-log server
on both systems run the following m4 commnds & record the line for the
auth.notice messages
root@solaris:~# m4 -D LOGHOST /etc/syslog.conf
#
#ident "%Z%%M% %I% %E% SMI" /* SunOS 5.0 */
#
# Copyright (c) 1991-1998 by Sun Microsystems, Inc.
# All rights reserved.
#
# syslog configuration file.
#
# This file is processed by m4 so be careful to quote (`') names
# that match m4 reserved words. Also, within ifdef's, arguments
# containing commas must be quoted.
#
*.err;kern.notice;auth.notice /dev/sysmsg
*.err;kern.debug;daemon.notice;mail.crit /var/adm/messages
*.alert;kern.err;daemon.err operator
*.alert root
*.emerg *
# if a non-loghost machine chooses to have authentication messages
# sent to the loghost machine, un-comment out the following line:
#auth.notice ifdef(`LOGHOST', /var/log/authlog, @loghost)
mail.debug /var/log/syslog
#
# non-loghost machines will use the following lines to cause "user"
# log messages to be logged locally.
#
local0.notice /var/log/local0.log
root@solaris:~# m4 /etc/syslog.conf
#
#ident "%Z%%M% %I% %E% SMI" /* SunOS 5.0 */
#
# Copyright (c) 1991-1998 by Sun Microsystems, Inc.
# All rights reserved.
#
# syslog configuration file.
#
# This file is processed by m4 so be careful to quote (`') names
# that match m4 reserved words. Also, within ifdef's, arguments
# containing commas must be quoted.
#
*.err;kern.notice;auth.notice /dev/sysmsg
*.err;kern.debug;daemon.notice;mail.crit /var/adm/messages
*.alert;kern.err;daemon.err operator
*.alert root
*.emerg *
# if a non-loghost machine chooses to have authentication messages
# sent to the loghost machine, un-comment out the following line:
#auth.notice ifdef(`LOGHOST', /var/log/authlog, @loghost)
mail.debug @loghost
#
# non-loghost machines will use the following lines to cause "user"
# log messages to be logged locally.
#
user.err /dev/sysmsg
user.err /var/adm/messages
user.alert root, operator
user.emerg *
local0.notice /var/log/local0.log
on both systems open a terminal window and use tail command to view new entires
#tail -f /var/log/authlog
solaris2====>mesgs===>solaris
solaris2###
#rlogin solaris
passwd:xxxxx
now message pass only to local host
to redirect remote host
change loghost alias in /etc/inet/hosts file
then restart system-log services
now try same:
#rlogin solaris
passwd:xxxxx
now message pass local & remote systems host
in /etc/hosts file
2)inetd process is now an SMF managed service.
3)Enabling & loggin inetd trace messages.
#cp /etc/syslog.conf /etc/OLD_syslog.conf_date
bash-4.1# grep daemon.notice /etc/syslog.conf
*.err;kern.debug;daemon.notice;mail.crit /var/adm/messages
-bash-4.1# inetadm -p
NAME=VALUE
bind_addr=""
bind_fail_max=-1
bind_fail_interval=-1
max_con_rate=-1
max_copies=-1
con_rate_offline=-1
failrate_cnt=40
failrate_interval=60
inherit_env=TRUE
tcp_trace=FALSE
tcp_wrappers=FALSE
connection_backlog=10
tcp_keepalive=FALSE
-bash-4.1# inetadm -M tcp_trace=TRUE
-bash-4.1# inetadm -p
NAME=VALUE
bind_addr=""
bind_fail_max=-1
bind_fail_interval=-1
max_con_rate=-1
max_copies=-1
con_rate_offline=-1
failrate_cnt=40
failrate_interval=60
inherit_env=TRUE
tcp_trace=TRUE
tcp_wrappers=FALSE
connection_backlog=10
tcp_keepalive=FALSE
root@solaris:~# telnet solaris2
Trying xx.xx.xx.xx ...
Connected to solaris2.
Escape character is '^]'.
login:
-bash-4.1# tail -f /var/adm/messages
Jan 15 12:04:51 solaris2 inetd[1962]: [ID 317013 daemon.notice] telnet[14347] from 10.66.10.115 51496
Jan 15 12:05:33 solaris2 inetd[1962]: [ID 317013 daemon.notice] telnet[19720] from 10.66.10.115 61248
Jan 15 12:10:19 solaris2 inetd[1962]: [ID 317013 daemon.notice] telnet[26795] from 10.66.10.115 48628
4)USING LOGGER COMMAND TO DEMONSTRATE HOW LEVELS OPERATE.
root@solaris:~# cat /etc/hosts
#
# Copyright 2009 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
# Internet host table
#
::1 localhost
127.0.0.1 localhost
10.66.10.115 solaris
10.66.10.108 solaris2 loghost
add entry in /etc/syslog.conf file
local0.notice /var/log/local0.log
root@solaris:~#touch /var/log/local0.log
root@solaris:~# svcadm restart system-log
root@solaris:~# dmesg
root@solaris:~# logger -p local0.notice NONONO DMESG
root@solaris:~# tail -f /var/log/local0.log
Jan 15 12:18:47 solaris root: [ID 702911 local0.notice] NONONO DMESG
NOTE:-
root@solaris:~# logger -p local0.notice NONONO DMESG
root@solaris:~# logger -p local0.notice NONONO DMESG
i am execute same command multiple times but it does not generate any message log file
only once it getnarate on after certain syslogd mark level reached
root@solaris:~# tail -f /var/log/local0.log
Jan 15 12:18:47 solaris root: [ID 702911 local0.notice] NONONO DMESG
======================
5)logging messages to another systems
-bash-4.1# hostname
solaris2
-bash-4.1# cp /etc/syslog.conf /etc/OLD_syslog.conf_date
-bash-4.1# vi /etc/syslog.conf
local0.notice @solaris ==>hear IP or HOSTNAME or alias are accepteble
(or)
local0.notice @xx.xx.xx.xx
(or)
local0.notice @loghost
# svccfg -s system-log
svc:/system/system-log> setprop config/log_from_remote=true
svc:/system/system-log> exit
-bash-4.1# cat /etc/hosts
#
# Copyright 2009 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
# Internet host table
#
::1 localhost
127.0.0.1 localhost
10.66.10.108 solaris2
10.66.10.115 solaris loghost
-bash-4.1# svcadm refresh system-log
-bash-4.1# svcs system-log
STATE STIME FMRI
online 12:34:42 svc:/system/system-log:default
on solaris node make follwoing entries:-
add entry in /etc/syslog.conf file
local0.notice /var/log/local0.log
# svccfg -s system-log
svc:/system/system-log> setprop config/log_from_remote=true
svc:/system/system-log> exit
root@solaris:~#touch /var/log/local0.log
root@solaris:~# svcadm restart system-log
-bash-4.1# logger -p local0.notice form solaris2 (from solaris2)
root@solaris:~# tail -f /var/log/local0.log (from solaris)
Jan 15 12:18:47 solaris root: [ID 702911 local0.notice] NONONO DMESG
Jan 15 12:21:44 solaris last message repeated 2 times
Jan 15 12:48:49 solaris root[16589]: [ID 702911 local0.notice] test
Jan 15 13:00:58 solaris root[16605]: [ID 702911 local0.notice] test
Jan 15 13:01:00 solaris root[16606]: [ID 702911 local0.notice] test
Jan 15 13:01:08 solaris root[16607]: [ID 702911 local0.notice] test
Jan 15 13:11:01 solaris2 root: [ID 702911 local0.notice] test3
Jan 15 13:15:21 solaris2 root: [ID 702911 local0.notice] form solaris2
================================
6)logging messaged by using loghost Alias and ifdef statements.
see the follwoing entry in /etc/syslog.conf file
#auth.notice ifdef(`LOGHOST', /var/log/authlog, @loghost)
/var/log/authlog ---> this local host's log file
@loghost -----------> the syslog facility on the loghost
on both systems check loghost alias in /etc/inet/hosts file . it is associated
with the hostname of local system.
on both systems refresh system-log server
on both systems run the following m4 commnds & record the line for the
auth.notice messages
root@solaris:~# m4 -D LOGHOST /etc/syslog.conf
#
#ident "%Z%%M% %I% %E% SMI" /* SunOS 5.0 */
#
# Copyright (c) 1991-1998 by Sun Microsystems, Inc.
# All rights reserved.
#
# syslog configuration file.
#
# This file is processed by m4 so be careful to quote (`') names
# that match m4 reserved words. Also, within ifdef's, arguments
# containing commas must be quoted.
#
*.err;kern.notice;auth.notice /dev/sysmsg
*.err;kern.debug;daemon.notice;mail.crit /var/adm/messages
*.alert;kern.err;daemon.err operator
*.alert root
*.emerg *
# if a non-loghost machine chooses to have authentication messages
# sent to the loghost machine, un-comment out the following line:
#auth.notice ifdef(`LOGHOST', /var/log/authlog, @loghost)
mail.debug /var/log/syslog
#
# non-loghost machines will use the following lines to cause "user"
# log messages to be logged locally.
#
local0.notice /var/log/local0.log
root@solaris:~# m4 /etc/syslog.conf
#
#ident "%Z%%M% %I% %E% SMI" /* SunOS 5.0 */
#
# Copyright (c) 1991-1998 by Sun Microsystems, Inc.
# All rights reserved.
#
# syslog configuration file.
#
# This file is processed by m4 so be careful to quote (`') names
# that match m4 reserved words. Also, within ifdef's, arguments
# containing commas must be quoted.
#
*.err;kern.notice;auth.notice /dev/sysmsg
*.err;kern.debug;daemon.notice;mail.crit /var/adm/messages
*.alert;kern.err;daemon.err operator
*.alert root
*.emerg *
# if a non-loghost machine chooses to have authentication messages
# sent to the loghost machine, un-comment out the following line:
#auth.notice ifdef(`LOGHOST', /var/log/authlog, @loghost)
mail.debug @loghost
#
# non-loghost machines will use the following lines to cause "user"
# log messages to be logged locally.
#
user.err /dev/sysmsg
user.err /var/adm/messages
user.alert root, operator
user.emerg *
local0.notice /var/log/local0.log
on both systems open a terminal window and use tail command to view new entires
#tail -f /var/log/authlog
solaris2====>mesgs===>solaris
solaris2###
#rlogin solaris
passwd:xxxxx
now message pass only to local host
to redirect remote host
change loghost alias in /etc/inet/hosts file
then restart system-log services
now try same:
#rlogin solaris
passwd:xxxxx
now message pass local & remote systems host
Thanks for this valuable post.
ReplyDeleteBut I am facing a error like
loghost could not be resolved and
@ip could not be resolved
Kindly suggest me how to resolve these error on client Solaris server. Also I am using others port no like 2004/TCP.
Excellent and informative post. Continue to post. Thank you for revealing.
ReplyDeleteOracle Fusion SCM Online Training