Thursday, June 21, 2012

Integrate Sonar with Hudson


Issue: How to Integrate SONAR with Hudson?

Recently I have just come to know about SONAR. This is code reviewing tool. Currently we are using hudson as CI tool. Now we need to integrate SONAR with hudson. So that whenever someone check-in code, then it will be reviewed by SONAR before making a build. 

Note : I will update later about Hudson and SONAR Installation and configuration. For the time being I am just updating about SONAR integration with hudson. If someone already configured Hudson, then it'll be helpful for them.

Resolution:
Actually this is having some simple steps. Hudson provide a plugin for SONAR and we need maven installed and configured with hudson for this.So below are the steps:

Step 1: Download, install and start the Sonar Server. 
Download the latest Sonar release from here. Unzip the distribution to your favorite location. Based on your platform, run the batch file or the shell script from within the bin folder.Open a web browser and browse to http://localhost:9000. The default login and password is admin/admin.

Step 2: Install and Configure Sonar plugin on Hudson.
Open your Hudson dashboard http://IP:port. Click on Manage Hudson - Manage Plugins. Click now on the Available tab, you should see the Hudson Sonar Plugin. Check this plugin and click on the Install button at the far right hand corner. Restart Hudson and you should be able to see the plugin in theInstalled tab as shown below:

Next, configure the Sonar plugin from within Manage Hudson -> Configure System and Change all required parameters.




Step 3: Configure your Hudson Job 
In order to activate Sonar on a project, click on Configure, and within the Post-build Actions, check Sonar and you should see the following properties. Fill those properties and Save this configuration.



Step 4: Build your project
Even though you don't require Maven to be used as a build tool for your project, Sonar does still require Maven to run. If Maven isn't installed, you can download and install Maven from here
Force a build on your Job on the Hudson dashboard. If Maven is installed, you should be able to see the following output in theConsole Output on Hudson dashboard.

 

Step 5: Browse to Sonar Dashboard
Once the build succeeds in the last step, browse to http://localhost:9000(change port and localhost as per your environments that you have configured). And you should be able to see the Sonar Dashboard.


Note: In case you are using other CI servers, no need to panic. You can read a detailed documentation here for all the CI servers Sonar supports here.



Saturday, June 16, 2012

Download packages using yum without Installation


How to download packages using yum without applying them?

We can download packages or updates using yum downloadonly plugin without actually installing them to the system. Below steps can be followed for that.
Install yum-downloadonly package.
# yum install yum-downloadonly
Create a directory to download packages to.
# mkdir /tmp/downloadonly
# Run yum in the downloadonly mode.
# yum --downloadonly --downloaddir=/tmp/downloadonly packagename
The above command wouldn't install package, but would just download the it to /tmp/downloadonly directory. This is the best method to download packages using yum. Command "yumdownloader" provided through "yum-utils" can also be used to download specific single packages.

Thanks,
Kuldeep Sharma

Prevent automatic volume group activatation at boot time


How to prevent automatic volume group activatation at boot time?

Platform :

  • Red Hat Enterprise Linux
  • lvm
  • Resolution
    In /etc/lvm/lvm.conf file add
    volume_list = [ "vg1" ]  
    
    Which means only vg1 out of may vg's is activated at the time of booting. Other vg's will remain deactivated.
    Root Cause
    -- snip from /etc/lvm/lvm.conf --
    # If volume_list is defined, each LV is only activated if there is a
    # match against the list.
    # "vgname" and "vgname/lvname" are matched exactly.
    # "@tag" matches any tag set in the LV or VG.
    # "@*" matches if any tag defined on the host is also set in the LV or VG
    #
    # volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ]

    Thanks,
    Kuldeep Sharma

    Which access modes/flags a file was opened by an application


    How to find out with which access modes/flags a file was opened by an application?


    Issue :

    We want to find out that with which access modes/flags a file was opened by as application?

    Platform :

    Red Hat Enterprise Linux(RHEL) All versions and its Supportive like Fedora, Centos etc.

    Resolution:

    The command lsof +f g can be used to see the access modes/flags of all open handles. The command lsof +f g  can be used to see the access modes/flags of handles opened by a specific process id.
    An example output:
    COMMAND    PID      USER   FD      TYPE         FILE-FLAG             DEVICE SIZE/OFF       NODE NAME
    [...]
    init         1      root    0u      CHR             RW,LG                1,3      0t0       3649 /dev/null
    init         1      root    1u      CHR             RW,LG                1,3      0t0       3649 /dev/null
    init         1      root    2u      CHR             RW,LG                1,3      0t0       3649 /dev/null
    init         1      root    3r     FIFO                ND                0,8      0t0       6911 pipe
    init         1      root    4w     FIFO              W,ND                0,8      0t0       6911 pipe
    [...]
    rsyslogd  1082      root    1w      REG   W,AP,LG,0x80000              252,3      360      11046 /var/log/messages
    rsyslogd  1082      root    2w      REG   W,AP,LG,0x80000              252,3     2041      11018 /var/log/cron
    rsyslogd  1082      root    3r      REG        LG,0x80000                0,3        0 4026532037 /proc/kmsg
    rsyslogd  1082      root    4w      REG   W,AP,LG,0x80000              252,3      199      11066 /var/log/secure
    [...]
    auditd    1414      root    5w      REG      W,AP,NFLK,LG              252,3    76199      10526 /var/log/audit/audit.log
    auditd    1414      root    6u     unix                RW 0xffff88003b728080      0t0       9906 socket
    auditd    1414      root    8u      REG                RW                0,9        0       3647 anon_inode
    [...]
    
    The file flag abbreviations in column FILE-FLAG are explained in the manpage of lsof, accessable via man lsof. An excerpt:
                           AIO       asynchronous I/O (e.g., FAIO)
                           AP        append
                           ASYN      asynchronous I/O (e.g., FASYNC)
                           [...]
                           CR        create
                           [...]
                           EX        open for exec
                           EXCL      exclusive open
                           FSYN      synchronous writes
                           [...]
                           NB        non-blocking I/O
                           NBDR                             NBF       n-buffering in effect
                           NC        no cache
                           [...]

    Root Cause
    Files can be opened by applications with several access modes (i.e. O_WRONLY, or O_RDWR) and flags (i.e. O_CREAT, O_EXCL or O_NOCTTY).


    Completely disable a RHEL user account


    How to completely disable a RHEL user account?

    Issue
    We would like to know the correct way to disable all remote access to an account. Clearly, "passwd -l" (and by the same token, "usermod -L") is insufficient because that will not impact authentication by SSH public key (or other PAM modules other than pam_unix that may be enabled).
    Additionally, changing the shell to /bin/false or /sbin/nologin is unsatisfactory since this only affects interactive logins.
    Environment
    • Red Hat Enterprise Linux (RHEL) 3, 4, 5, 6
    Resolution
    Expiring the account via the chage utility (e.g. "chage -E 1 " will disable all access methods that use pam authentication.
    Root Cause
    Changing the shell (eg to /bin/false) is not recommended because this will only prevent interactive shell sessions for the user; since (eg) ssh port-forwarding does not require a shell (when invoked with -N option), changing the shell will not prevent users from getting authenticated and starting port forwarding.
    Likewise, simply using the old "passwd -l" or "usermod -L" methods of locking accounts only blocks authentication that uses the password stored in the local passwd file. Since other authentication methods are becoming more and more popular (most notably, ssh public key authentication), this method is clearly unacceptable.
    Making the account expired vua "chage -E" will block all access methods that use PAM authentication.

    !Hope this will Help
    Kuldeep Sharma

    Kubernetes 1.31 || Testing the Image Volume mount feature using Minikube

    With Kubernetes new version 1.31 ( https://kubernetes.io/blog/2024/08/13/kubernetes-v1-31-release/ ) there are so many features releases for...