SCSI bus rescan

Tue, 16 Oct 2007 21:37:54 GMT

Here's a good one that I had to deal with recently. Two drives being removed and one going in its place. The kicker is that they wanted zero downtime. Cool, except there's no RAID and it's just a bunch of drives in the box. Here's what I wound up following in order to re-read the new drive and flush out the old data:

################### TO REMOVE DRIVE

echo "scsi remove-single-device 0 1 2 3" > /proc/scsi/scsi
(replace "0 1 2 3" with your "Host Channel Id Lun")

-- for us:
(SU-recover1)/var/log>cat /proc/scsi/scsi
Attached devices:
Host: scsi0 Channel: 00 Id: 00 Lun: 00
Vendor: FUJITSU Model: MAS3184NC Rev: 5B08
Type: Direct-Access ANSI SCSI revision: 03
Host: scsi0 Channel: 00 Id: 03 Lun: 00
Vendor: SEAGATE Model: ST336753LC Rev: 0006
Type: Direct-Access ANSI SCSI revision: 03
Host: scsi0 Channel: 00 Id: 05 Lun: 00
Vendor: SEAGATE Model: ST336753LC Rev: 0006
Type: Direct-Access ANSI SCSI revision: 03
Host: scsi0 Channel: 00 Id: 06 Lun: 00
Vendor: PE/PV Model: 1x6 SCSI BP Rev: 1.1
Type: Processor ANSI SCSI revision: 02

--- want to remove the first seagate, after disabling in slot

echo "scsi remove-single-device 0 0 3 0" > /proc/scsi/scsi

############## TO RESTART
After you replace the drive and restart it

echo "scsi add-single-device 0 1 2 3" > /proc/scsi/scsi

It's rather straightforward for the technically minded folks. Shame it requires echoing crap to /proc, since there be dragons in /proc

DomainKeys for Postfix on Red Hat ES 4

Tue, 16 Oct 2007 21:26:49 GMT

*** Note: This is only tested on RHEL4. RHEL5 has a newer version out of the box. RHEL3 might require some touching in the wrong places.

* Requires Postfix 2.3 and above for milter support
* http://www.postfix.org/MILTER_README.html
* http://sourceforge.net/projects/dk-milter
* http://postfix.wl0.org/en/

Quick & dirty steps (developed on RHEL4):

1. Upgrade Postfix using SRPM from postfix.wl0.org since you want SASL auth enabled

2. Configure Postfix to acknowledge the milter in main.cf:
   smtpd_milters = inet:localhost:4442

3. Fetch and compile dk-milter from source, don't worry about RPMing this.

4. Generate a private/public key pair using OpenSSL:
        openssl genrsa -out private.key 1024
        openssl rsa -in private.key -pubout -out public.key
   Pick a selector name: ie. selector1
   Add the public-key data in DNS for the domain using the selector name you picked. Take the contents of the public.key file and remove the PEM header and footer, and concatenate the lines of the file into one big line. Then create a TXT entry, like this:

      selector1._domainkey IN TXT "k=rsa; p=MHwwDQYJK ... OprwIDAQAB; t=y"

      where selector1 is the name of the selector chosen and the p= parameter contains the public-key as one long string of characters.

5. Start dk-milter. I set up a user 'dkfilter' so it doesn't run as root and also set a pid file. I also used an init script found via Google, which works great for Red Hat systems.
    # dk-filter -u dkfilter -b s -p inet:4442@localhost -l -P /var/run/dk-milter/pid -s /etc/postfix/dk-milter/private.key -d mydomain.com -S selector1 -m smtp -c nofws

**** Note - -m needs to be -m smtp so that dk-filter signs mail going out over smtp. It will not sign messages otherwise.

init script:

#!/bin/sh
#
# "/etc/rc.d/init.d/dk-filter"
# Start/stop script for the dk-filter daemon on RedHat Linux
#
# chkconfig: - 79 31
# description: Acts as the "dk-filter" InputMailFilter (milter) for the \
# Sendmail MTA to provide DomainKeys service

########################################################################
#
# Be sure to edit these values:
#
KEYFILE="/etc/postfix/dk-milter/private.key"
DOMAIN="mydomain.com"
SELECTOR="selector1"
USER="dkfilter"
#
########################################################################

PIDFILE="/var/run/dk-milter/pid"
SUBMISSION_DAEMON="smtp"
PORT=4442

# Source function library. Provides the "status" option
. /etc/init.d/functions

test -x `which dk-filter` || exit 0

RETVAL=0

start() {
echo -n $"Starting dk-filter: "
COMMAND="dk-filter -u $USER -b s -p inet:$PORT@localhost -l -P $PIDFILE -s $KEYFILE -d $DOMAIN -S $SELECTOR -m $SUBMISSION_DAEMON -c nofws"
# echo -e "Now executing\n"$COMMAND""
daemon $COMMAND
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/dk-filter
return $RETVAL
}

stop() {
echo -n $"Stopping dk-filter: "
killproc dk-filter
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f $PIDFILE /var/lock/subsys/dk-filter
return $RETVAL
}

restart() {
stop
start
}

case "$1" in
start)
start
;;
stop)
stop
;;
status)
status dk-filter
;;
restart)
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart}"
exit 1
esac

exit $?

Megalomaniacal - howto tag

SCSI bus rescan

DomainKeys for Postfix on Red Hat ES 4