===== Konfigurace našich počítačů a dalších zařízení =====
==== IP adresy ====
195.113.2.20 grimm-rsa.ruk.cuni.cz grimm-rsa
195.113.2.21 jakobson.ruk.cuni.cz jakobson
195.113.2.22 chomsky.ruk.cuni.cz chomsky
195.113.2.23 grimm.ruk.cuni.cz grimm
195.113.2.197 utkl-laserjet.ruk.cuni.cz utkl-laserjet
195.113.2.198 utkl-samsung.ruk.cuni.cz utkl-samsung
#
192.168.128.1 jakobson-eth1.ruk.cuni.cz jakobson-eth1
192.168.128.2 grimm-old.ruk.cuni.cz grimm-old
192.168.128.3 chomsky-eth1.ruk.cuni.cz chomsky-eth1
192.168.128.4 grimm-eth1.ruk.cuni.cz grimm-eth1
192.168.128.5 grimm-ipmi
192.168.128.10 thecus.ruk.cuni.cz thecus
192.168.128.11 nas-utkl.ruk.cuni.cz-eth1 nas-utkl
==== Adresy dalších serverů ====
nameserver: 195.113.52.27
195.113.53.27
gateway: 78.128.204.129
timeserver: 78.128.204.129
==== MAC adresy notebooků ====
* [[utkl:admin:sysadmin:mac_adresy]]
----
===== Konfigurace =====
==== grimm ====
* [[http://utkl.ff.cuni.cz/~skoumal/HW/grimm-hw.html|lshw]]
* 48 jader
* Intel(R) Xeon(R) CPU E5-2670 v3 @ 2.30GHz
* Paměť: 131928056 kB (128 GB)
* Disky:
* 300 GB Seagate Savvio 2x - RAID1 - systém\\ Drive Group: 2, ID: 1
* 600 GB Seagate Cheetah 3x - RAID5 (1,2 TB) - rychlá práce\\ Drive Group: 0, ID: 0
* 4 TB WD 8x - RAID6 (24 TB) - data\\ Drive Group: 1, ID: 2\\ partitions spravovat pomocí ''parted''
* Partitions:
Filesystem Size Used Avail Use% Mounted on
/dev/sdb1 149G 17G 125G 12% /
none 4.0K 0 4.0K 0% /sys/fs/cgroup
udev 63G 4.0K 63G 1% /dev
tmpfs 63G 103M 63G 1% /tmp
tmpfs 13G 1.3M 13G 1% /run
none 5.0M 0 5.0M 0% /run/lock
none 63G 0 63G 0% /run/shm
none 100M 0 100M 0% /run/user
/dev/sda1 1.1T 36G 1008G 4% /work
/dev/sdc1 22T 2.0T 19T 10% /store
* Boot:
* /vmlinuz na /dev/sdb1; root=/dev/sdb1
* HW adresy:
* eth0: 00:25:90:fc:3a:d2
* eth1: 00:25:90:fc:3a:d3
* [[utkl:admin:sysadmin:grimm-grub]]
----
==== jakobson ====
* [[http://utkl.ff.cuni.cz/~skoumal/HW/jakobson-hw.html|lshw]]
* 8 jader
* Paměť: 32 GB
* Ubuntu 16.04.3 LTS
* disky:
Filesystem Size Used Avail Use% Mounted on
udev 16G 0 16G 0% /dev
tmpfs 3,2G 74M 3,1G 3% /run
/dev/sda1 886G 21G 821G 3% /
tmpfs 16G 0 16G 0% /dev/shm
tmpfs 5,0M 0 5,0M 0% /run/lock
tmpfs 16G 0 16G 0% /sys/fs/cgroup
tmpfs 16G 2,1G 14G 14% /mnt/ramdisk
tmpfs 16G 0 16G 0% /tmp
/dev/sdb1 688G 23G 631G 4% /mnt/sdb1
/dev/sdd1 688G 69M 653G 1% /mnt/sdd1
/dev/sdc1 917G 533G 338G 62% /store
tmpfs 3,2G 0 3,2G 0% /run/user/6001
* [[utkl:admin:sysadmin:jakobson-grub]]
----
==== chomsky ====
* [[http://utkl.ff.cuni.cz/~skoumal/HW/chomsky-hw.html|lshw]]
* Zařazení: 30.10.2015
* 12 jader
* Paměť: 8 x 8 GB (DDR4)
* Systém: Ubuntu 16.04.1 LTS (Mate)
* Disky:
Filesystem Size Used Avail Use% Mounted on
udev 32G 0 32G 0% /dev
tmpfs 6,3G 107M 6,2G 2% /run
/dev/sda2 901G 17G 839G 2% /
tmpfs 32G 8,6M 32G 1% /dev/shm
tmpfs 5,0M 0 5,0M 0% /run/lock
tmpfs 32G 0 32G 0% /sys/fs/cgroup
tmpfs 32G 0 32G 0% /mnt/ramdisk
/dev/sdc1 1,8T 584G 1,2T 34% /store
/dev/sdb1 1,8T 591G 1,2T 34% /export/home
/dev/sda1 511M 3,4M 508M 1% /boot/efi
/dev/sdd1 256M 122M 134M 48% /media/skoumal/VID
----
==== nas-utkl ====
* RAID 5
* 5.5 TB
* {{:utkl:admin:sysadmin:Syno_UsersGuide_NAServer_enu.pdf|Manuál}}
* {{:utkl:admin:sysadmin:Syno_QIG_4bay_enu.pdf|Quick Start}}
* ''http://192.168.128.11:5000''
* admin:admin
* Je třeba se přihlašovat v SeaMonkey, v Google Chrome to nefunguje.
===== Backup =====
==== chomsky ====
* backup2l:[skoumal@chomsky etc]$ ll backup2l*.conf
-rw-r--r-- 1 root root 10627 2012-07-25 15:40 backup2l-annot.conf
-rw-r--r-- 1 root root 10618 2011-04-18 17:35 backup2l-milena.conf
-rw-r--r-- 1 root root 10622 2011-04-18 17:36 backup2l-petkevic.conf
-rw-r--r-- 1 root root 10616 2011-04-18 17:36 backup2l-rosen.conf
-rw-r--r-- 1 root root 10620 2011-04-18 17:36 backup2l-skoumal.conf
-rw-r--r-- 1 root root 10616 2011-04-18 17:36 backup2l-tomas.conf
-rw-r--r-- 1 root root 10893 2011-04-18 17:36 backup2l.conf
[skoumal@chomsky etc]$ m /etc/cron.daily/zz-backup2l
#!/bin/bash
mv -f /root/backup.log.old /root/backup.log.older
mv -f /root/backup.log /root/backup.log.old
mv -f /root/backup-skoumal.log.old /root/backup-skoumal.log.older
mv -f /root/backup-skoumal.log /root/backup-skoumal.log.old
nice -n 19 /usr/local/bin/backup2l -b > /root/backup.log
nice -n 19 /usr/local/bin/backup2l -c /etc/backup2l-skoumal.conf -b > /root/backup-skoumal.log
nice -n 19 /usr/local/bin/backup2l -c /etc/backup2l-petkevic.conf -b
nice -n 19 /usr/local/bin/backup2l -c /etc/backup2l-tomas.conf -b
nice -n 19 /usr/local/bin/backup2l -c /etc/backup2l-rosen.conf -b
nice -n 19 /usr/local/bin/backup2l -c /etc/backup2l-milena.conf -b
nice -n 19 /usr/local/bin/backup2l -c /etc/backup2l-annot.conf -b
[skoumal@chomsky etc]$ m backup2l-annot.conf
##################################################
# Volume identification
# This is the prefix for all output files;
# multiple volumes can be handled by using different configuration files
VOLNAME="annot"
##################################################
# Source files
# List of directories to make backups of.
# All paths MUST be absolute and start with a '/'!
#SRCLIST=(/export/home /mnt/sata2/manatee-registry /mnt/sata2/data)
SRCLIST=(/usr/local/corp/annotate/data)
##################################################
# Destination
# Destination directory for backups;
# it must exist and must not be the top-level of BACKUP_DEV
BACKUP_DIR="/array/chomsky-backup"
##################################################
# Backup parameters
# Number of levels of differential backups (1..9)
MAX_LEVEL=2
# Maximum number of differential backups per level (1..9)
MAX_PER_LEVEL=5
# Maximum number of full backups (1..8)
MAX_FULL=2
# For differential backups: number of generations to keep per level;
# old backups are removed such that at least GENERATIONS * MAX_PER_LEVEL
# recent versions are still available for the respective level
GENERATIONS=1
# If the following variable is 1, a check file is automatically generated
CREATE_CHECK_FILE=1
##################################################
# Misc.
# Create a backup when invoked without arguments?
AUTORUN=0
# Size units
SIZE_UNITS="" # set to "B", "K", "M" or "G" to obtain unified units in summar
y list
# Remove this line after the setup is finished.
#UNCONFIGURED=1
# Archive driver for new backups (optional, default = "DRIVER_TAR_GZ")
# CREATE_DRIVER="DRIVER_MY_AFIOZ"
==== grimm ====
* cron.weekly:[skoumal@grimm cron.weekly]$ ll backup-*
-rwxr-xr-x 1 root root 323 2011-02-28 09:37 backup-corp
-rwxr-xr-x 1 root root 248 2011-04-27 09:54 backup-langr
-rwxr-xr-x 1 root root 224 2012-07-25 15:53 backup-rules
[skoumal@grimm cron.weekly]$ m backup-corp
#!/bin/bash
# This script performs backup of /corp
# to jakobson (/raid/grimm-backup/corp.XXX.tgz)
DUMP_EXT=`date +%y%m%d%H%M%S`
cd /corp
tar czf qqq.tgz --exclude 'LEX*' --exclude 'lost+found' --exclude 'DVD' --exclude 'syn*' *
mv qqq.tgz /net/jakobson/raid/corp.${DUMP_EXT}.tgz
[skoumal@grimm cron.weekly]$ m backup-langr
#!/bin/bash
# This script performs backup of /disk2/langr
# to thecus (/array/grimm-backup/langr.XXX.tgz)
DUMP_EXT=`date +%y%m%d%H%M%S`
cd /disk2/langr
tar czf qqq.tgz --exclude 'lost+found' *
mv qqq.tgz /array/grimm-backup/langr.${DUMP_EXT}.tgz
[skoumal@grimm cron.weekly]$ m backup-rules
#!/bin/bash
# This script performs backup of /disk3/rules
# to thecus (/array/grimm-backup/rules.XXX.tgz)
DUMP_EXT=`date +%y%m%d%H%M%S`
cd /disk3
tar czf qqq.tgz rules
mv qqq.tgz /array/grimm-backup/rules.${DUMP_EXT}.tgz
==== jakobson ====
* backup2l:[root@jakobson etc]# ll backup2l*.conf
-rw-r--r-- 1 root root 13262 Oct 30 20:46 backup2l-etc.conf
-rw-r--r-- 1 root root 13274 Oct 30 20:47 backup2l-local.conf
-rw-r--r-- 1 root root 13272 Oct 30 20:46 backup2l-mail.conf
-rw-r--r-- 1 root root 13270 Oct 31 15:39 backup2l-varlib.conf
-rw-r--r-- 1 root root 13236 Oct 17 2011 backup2l.conf
[root@jakobson etc]# m /etc/cron.daily/zz-backup2l
#!/bin/bash
! which backup2l > /dev/null || nice -n 19 backup2l -c /etc/backup2l-etc.conf -b
! which backup2l > /dev/null || nice -n 19 backup2l -c /etc/backup2l-local.conf -b
! which backup2l > /dev/null || nice -n 19 backup2l -c /etc/backup2l-mail.conf -b
[root@jakobson etc]# m backup2l-etc.conf
##################################################
# Volume identification
# This is the prefix for all output files;
# multiple volumes can be handled by using different configuration files
VOLNAME="etc"
##################################################
# Source files
# List of directories to make backups of.
# All paths MUST be absolute and start with a '/'!
#SRCLIST=(/etc /root /home /var/mail /usr/local)
SRCLIST=(/etc)
##################################################
# Destination
# Destination directory for backups;
# it must exist and must not be the top-level of BACKUP_DEV
BACKUP_DIR="/array/jakobson-backup"
##################################################
# Backup parameters
# Number of levels of differential backups (1..9)
MAX_LEVEL=2
# Maximum number of differential backups per level (1..9)
MAX_PER_LEVEL=5
# Maximum number of full backups (1..8)
MAX_FULL=2
# For differential backups: number of generations to keep per level;
# old backups are removed such that at least GENERATIONS * MAX_PER_LEVEL
# recent versions are still available for the respective level
GENERATIONS=1
# If the following variable is 1, a check file is automatically generated
CREATE_CHECK_FILE=1
##################################################
# Misc.
# Create a backup when invoked without arguments?
AUTORUN=0
# Size units
SIZE_UNITS="" # set to "B", "K", "M" or "G" to obtain unified units in summary list
# Remove this line after the setup is finished.
#UNCONFIGURED=1
# Archive driver for new backups (default = "DRIVER_TAR_GZ")
#CREATE_DRIVER="DRIVER_TAR_BZ2"
# Usable built-in drivers for CREATE_DRIVER:
# DRIVER_TAR, DRIVER_TAR_GZ, DRIVER_TAR_BZ2, DRIVER_AFIOZ
[root@jakobson etc]# m backup2l-local.conf
##################################################
# Volume identification
# This is the prefix for all output files;
# multiple volumes can be handled by using different configuration files
VOLNAME="usr-local"
##################################################
# Source files
# List of directories to make backups of.
# All paths MUST be absolute and start with a '/'!
#SRCLIST=(/etc /root /home /var/mail /usr/local)
SRCLIST=(/usr/local)
[root@jakobson etc]# m backup2l-mail.conf
##################################################
# Volume identification
# This is the prefix for all output files;
# multiple volumes can be handled by using different configuration files
VOLNAME="var-mail"
##################################################
# Source files
# List of directories to make backups of.
# All paths MUST be absolute and start with a '/'!
#SRCLIST=(/etc /root /home /var/mail /usr/local)
SRCLIST=(/var/mail)
* automysqlbackup:[root@jakobson ~]# ll /var/lib/automysqlbackup/
total 12
drwxr-xr-x 6 root root 4096 Oct 31 06:28 daily
drwxr-xr-x 2 root root 4096 Oct 31 06:28 monthly
drwxr-xr-x 6 root root 4096 Oct 31 06:28 weekly
===== mivvy =====
* Ubuntu 10.04
==== Konfigurace wi-fi ====
* Chybové hlášky v messages:Dec 30 23:04:38 utkl-mivvy kernel: [ 12.647584] <-- RTMPAllocTxRxRingMemory, Status=0
Dec 30 23:04:38 utkl-mivvy kernel: [ 12.650548] RtmpOSFileOpen(): Error 2 opening /etc/Wireless/RT2860STA/RT2860STA.dat
Dec 30 23:04:38 utkl-mivvy kernel: [ 12.650559] Open file "/etc/Wireless/RT2860STA/RT2860STA.dat" failed!
Dec 30 23:04:38 utkl-mivvy kernel: [ 12.650566] 1. Phy Mode = 0
Dec 30 23:04:38 utkl-mivvy kernel: [ 12.650571] ERROR!!! NICReadRegParameters failed, Status[=0x00000001]
Dec 30 23:04:38 utkl-mivvy kernel: [ 12.655768] !!! rt28xx Initialized fail !!!
* Oprava:$ cat /etc/Wireless/RT2860STA/RT2860STA.dat
Default
===== Tenké klienty =====
==== Video rozhraní ====
Video porty na klientech:
* 4x **DisplayPort** nebo **HDMI**
* 1x dual head **HDMI**
Monitory:
* 1x **DisplayPort** + **DVI** + **VGA** (chomsky)
* 4x **DVI** + **VGA** (Tomáš, chomsky-malý, Saša, navíc)
* 4x **VGA** (Hanka 2x, Milena, Niki)
Kabely a konektory:
* 1x **DisplayPort** <-> **DisplayPort** (chomsky)
* 2x **HDMI** <-> **VGA** (Hanka)
Chybí:
* Tomáš: **DisplayPort** nebo **HDMI** <-> **DVI** nebo **VGA**
* Milena: **DisplayPort** nebo **HDMI** <-> **VGA**
* Niki: **DisplayPort** nebo **HDMI** <-> **VGA**
* Saša: **DisplayPort** nebo **HDMI** <-> **VGA**
===== Uživatelé a jejich IDs =====
| **skoumal** | 6001 | Hana Skoumalova | chomsky | **jakobson** | grimm |
| **rosen** | 6002 | Alexandr Rosen | chomsky | jakobson | **grimm** |
| **milena** | 6003 | Milena Hnatkova | chomsky | jakobson | **grimm** |
| **tomas** | 6005 | Tomas Jelinek | chomsky | jakobson | **grimm** |
| **sindlerova** | 6006 | Jana Sindlerova | chomsky | **jakobson** | grimm |
| johanka | 6358 | Johanka Dolezalova | chomsky | | |
| dolezalova | 6358 | Johanka Dolezalova | chomsky | | |
| //**kveton**// | 6951 | Pavel Kveton | chomsky | **jakobson** | grimm |
| qiq | 6952 | Miroslav Spousta | chomsky | **jakobson** | |
| kren | 6953 | Michal Kren | chomsky | jakobson | **grimm** |
| karel | 6954 | Karel Oliva | chomsky | | |
| //**vondricka**// | 6955 | Pavel Vondricka | chomsky | | |
| **petkevic** | 6957 | Niki Petkevic | chomsky | jakobson | **grimm** |
| //**utkl**// | 6958 | Dummy user | chomsky | **jakobson** | grimm |
| cvrcek | 6959 | Vaclav Cvrcek | chomsky | | **grimm** |
| skml | 6963 | Zdena Skoumalova | chomsky | **jakobson** | grimm |
| jhana | 6964 | Jirka Hana | chomsky | **jakobson** | grimm |
| gpenn | 6965 | G. Penn | chomsky | | |
| skrabal | 6970 | Michal Skrabal | chomsky | **//jakobson//** | |
| //markova// | 6973 | Sasa Markova | chomsky | | |
| stindlova | 6974 | Barbora Stindlova | chomsky | | |
| novakova | 6975 | Lucie Novakova | chomsky | | |
| //**stepanek**// | 6976 | Jan Stepanek | chomsky | **jakobson** | |
| **lenka** | 6977 | Lenka Horcickova | chomsky | | |
| //**vitovec**// | 6978 | Premysl Vitovec | chomsky | **jakobson** | grimm |
| //barancikova// | 6979 | Petra Barancikova | chomsky | | grimm |
| //**znamenacek**// | 6980 | Jiri Znamenacek | chomsky | **jakobson** | grimm |
| //svarny// | 6981 | Petr Svarny | | | grimm |
| **henys** | 6982 | Jan Henys | chomsky | **jakobson** | grimm |
| **krivan** | 6983 | Jan Krivan | chomsky | **jakobson** | grimm |
| //hnatek// | 6984 | Tomas Hnatek | chomsky | | grimm |
| //**naplava**// | 6985 | Jakub Naplava | | **jakobson** | |
===== PC =====
==== Antivir Eset NOD32 ====
* počítače: Dell (32bit, Milena), Dell (32bit, Niki), Asus Eee (32bit, Milena), HP ProBook (32bit, Hanka)
* přístupové údaje: EAV-18115894, mux5msa6mr
===== Tunel SSH =====
* ''webmin'' doma:$ ssh -L 10001:jakobson:10000 jakobson a pak otevřít stránku https://localhost:10001
===== Apache a ssh =====
==== Apache se hlásí jako jiný uživatel ====
* na stroji s apachem (jakobson) vytvořit adresář ''.ssh'' pod ''/var/www'':$ su -
$ cd /var/www
$ mkdir .ssh
$ chown www-data:www-data .ssh
* vyrobit pro apache ssh-key:$ sudo -u apache ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/var/www/.ssh/id_rsa):
Created directory '/var/www/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /var/www/.ssh/id_rsa.
Your public key has been saved in /var/www/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4 www-data@jakobson
* zkontrolovat práva k souborům v ''.ssh''
* přidat ''id_rsa.pub'' do souboru ''authorized_keys'' pro uživatele na jiném stroji (''skoumal@chomsky''):$ cd .ssh
$ scp id_rsa.pub skoumal@chomsky:.ssh/apache.jakobson
$ ssh skoumal@chomsky
$ cd ~/.ssh
$ cat apache.jakobson >> authorized_keys
* vyzkoušet na jakobsonovi:sudo -u apache ssh skoumal@chomsky
==== Apache se hlásí jako apache ====
* lze použít pouze ke kopírování souborů -- apache se nesmí nalogovat
* vytvořit id_rsa.pub jako nahoře (nebo použít již vytvořený)
* na jiném stroji (grimm) vytvořit taky ''/var/www/.ssh''
* přidat ''id_rsa.pub'' z jakobsona do ''authorized_keys'' na grimmovi
* v ''/etc/passwd'' na grimmovi změnit u www-data login na ''/usr/bin/scponly'' (zkontrolovat, jestli je nainstalovaný) **Pozor, nové Ubuntu na něj nemá package!**
* ''/etc/shells'' musí obsahovat ''scponly'' (obvykle se tam připíše při instalování)
* zkusit něco zkopírovat:$ sudo -u www-data scp grimm:/usr/local/langr/rules/linguists/tmp/hanka/LEX /tmp
* při potížích zkusit ''scp -v''