Wednesday Mar 26, 2014

More Tips for Remote Access with Oracle Linux

In a previous blog, Oracle Linux Tips and Tricks, I covered alternative ways to use SSH. In this article, I will cover some additional tips and tricks for using SSH for remote access, as well as some other ways to connect remotely to a server.

SSH's primary use is for remote access to hosts. SSH is not only able to provide us a terminal interface to a server, it's also able to provide us a transport for a graphical interface. In order to utilize this functionality, we must have an X server running on our local workstation. On a Linux workstation with a graphical environment, this functionality is built in. On other systems, such as a Windows machine or a Mac, this functionality is not built in. Both XQuartz on the Mac and MobaXTerm are X servers for these platforms. There are also a number of other open source and paid products available for both platforms.

Once you have an acceptable X server installed on your local workstation, you can connect with SSH using the following ssh command. The -X enables X11 forwarding for the connection. Keep in mind that the X11 forwarding is based on the user who originally connected. Logging in with one user and then using sudo often will not work, depending on the permissions and ownership needed to complete a task.

[user@laptop ~]$ ssh -X

Once you authenticate, you drop directly to a standard prompt. If you look closely, though, and examine the environment variables in your terminal, you will find an additional environment variable that has the IP address of your workstation. You can examine your environment variables using the env command.


Now you can launch an application that has a graphical interface, and the interface will be displayed on your local workstation. The following example will launch gedit. The ampersand symbol is useful for forking the process in the background so we can retain the use of our terminal.

[user@remotehost ~]$ gedit &

Using X11 connections over SSH can be quite useful for using application installers that are graphical, such as the Oracle Universal Installer for Oracle Database.

The screen application is a great compliment to SSH and is quite useful for sharing an SSH session with another user. Because of the way screen preserves sessions for the user, it is also great for high-latency network connections that have frequent disconnects and for maintaining sessions that time out due to security policies. With a regular SSH connection, if you are disconnected, any processes that were running are not preserved. Unlike SSH, the screen application keeps the session alive so it can be connected to again later.

One of the simplest things you can do with screen is share a session. You can launch screen on the terminal you wish to share by issuing the screen command. Once you do this, a new shell is running inside of screen. Another user can log in to the same machine and use the command screen -x to be immediately connected to your shell. They see everything you type. Even if you disconnect from the machine on either terminal, the shell will continue to run. This can be quite useful for sharing a terminal for a demonstration in a remote office or for running a terminal-based console that is shared between many users.

To see all of the active screen sessions, you can use screen -list, which will show active and detached sessions. To connect to a detached session, you can use screen -r and the pid.session name listed in the screen -list output. In the following example, there are five screen sessions running. One of them is detached.

[user@server ~]$ screen -list
There are screens on:
        24565.pts-1.server     (Attached)
        24581.pts-2.server     (Attached)
        24597.pts-3.server     (Attached)
        24549.pts-0.server     (Attached)
        24613.pts-4.server     (Detached)
5 Sockets in /var/run/screen/S-user.

The command screen -x can be used to connect to a currently attached session. In the following example, a connection to session 24565 is made:

[user@server ~]$ screen -x 24565

If you need access to a full graphical desktop environment remotely, there are a number of packages that can accomplish this. The package tigervnc-server is useful for connections to a remote machine providing a full Linux desktop experience. To set up and install the package, perform the following steps.

First, run the following command to install the package:

[root@server ~]# yum install tigervnc-server

Once the package is installed, you need to edit the file /etc/sysconfig/vncservers. The VNCSERVERS line establishes the user accounts that you want to enable the VNC server for and their display number. In the example below, the user bob is configured for display 2 and the user sue is configured for display 3. The VNCSERVERARGS[#] section allows you to specify options for each display. In this example, we are specifying a 1280 x 1024 resolution for display 2 and a 1024 x 768 resolution for display 3:

VNCSERVERS="2:bob 3:sue"
VNCSERVERARGS[2]="-geometry 1280x1024 "
VNCSERVERARGS[3]="-geometry 1024x768"

Once the /etc/sysconfig/vncservers file has been edited, you need to set passwords for each user account. This is accomplished with the vncpasswd command. In the following example, the user bob sets a password using the vncpasswd command.

[bob@server ~]$ vncpasswd

Once the package is installed, the configuration file is edited, and passwords are set, you are ready to turn on the vncserver service. The following two commands start the service and set the service to start automatically at the next boot:

chkconfig vncserver on
service vncserver start

Once configured and running, you can connect to your Linux system using a standard VNC client. When connecting, be sure to specify the display and password credentials that are needed in order to connect.


I hope these tips and tricks have been useful and that you will take advantage of some of them in the course of your day. We will be publishing more of these tips-and-tricks articles in the future. Feel free to leave a comment for further topics that you would like to see in this series.

See Also

Oracle Linux blog

About the Author

Robert Chase is a member of the Oracle Linux product management team. He has been involved with Linux and open source software since 1996. He has worked with systems as small as embedded devices and with large supercomputer-class hardware.

About the Photograph

Photograph taken by Rick Ramsey in Durango in the Fall of 2012

Follow OTN Garage on:
Blog | Facebook | Twitter | YouTube

If You Have to Ask, You Wouldn't Understand

Although being subjected to that kind of attitude is unpleasant, subjecting someone else to it is loads of fun. Just ask someone who rides a Harley why they ride a Harley, and watch how much they enjoy unloading that sentiment on your head, you member of the unwashed, you.

I feel the same way about Oracle Solaris. Don't talk to me about how much Windows or some other OS is capable of doing. I don't care. Your OS is a metric cruiser. Go away.

That feeling of vast superiority is even more pronounced when I'm talking about Oracle Solaris Studio. Which should have been renamed Oracle Solaris and Oracle Linux Studio, if you are insightful enough to ask me, because any Linux developer who is working on anything remotely interesting should be using Oracle Solaris Studio as their IDE. I freakin love it. I've had the pleasure of interviewing Don Kretch, the head of the Solaris Studio engineering team, many times. And I've enjoyed myself every single time. If you think you're worthy, you are welcome to try to understand our conversation (jump to "Interviews with Don Kretch," below).

If my rhetoric has convinced you, as it would convince anyone of vastly superior intelligence, you'll want to pretend that you already knew how good Oracle Solaris (and Linux) Studio is, and berate me for even suggesting you didn't. Good for you. You're catching on. But you'll still be faced with a dearth of actual knowledge about this IDE for the Vastly Intelligent.

Not to worry. There's a way for you to learn what you need to learn without anyone else finding out so you can pretend to have known all along.

Oracle Solaris (and Linux) Studio 12.4 Beta Program

The Beta Program for Oracle Solaris Studio 12.4 begins today. Download the software, try out its new features, and join in the discussions. These resources will help:

Landing Page, including links to Beta Program Forums
Download Center, where you can download a free copy

Interviews with Don Kretch

About the Photograph

Photograph of 2002 Harley Davidson Softail Deuce taken by Rick Ramsey in Massachusetts, USA.

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube

Monday Mar 24, 2014

Four High Performance Configurations for SuperCluster and SPARC Servers

When a surfing buddy of mine asked me to look at a banking application that runs on Solaris, I thought he'd been hit on the head by his board one too many times. Solaris is cool. Banking is not. But I looked into it, anyway, and to my surprise, I found the banking app had a certain amount of geek appeal.

If geek appeal is not enough to hold your interest, Mister Hair-on-Fire, the other reason for talking about this banking application is that it helped identify four high performance configurations for Oracle's SuperCluster and SPARC servers that might be useful for other types of applications. So keep reading. Or ...

Go directly to white paper (pdf) that describes the configurations.

What first caught my interest was the idea of a bank operating system. A traditional computer OS manages hardware devices and provides services for application software. A bank headquarters does something very similar. It manages the branches (hardware) and provides services for its operations (applications). Turns out, that's the idea behind Finacle's Core Banking Solution.

Core banking sounds dull as hell, but it's a big deal for banks. It replaces cumbersome end-of-day consolidation between branch banks and HQ. (I almost feel asleep just writing that.) In fact, centralized banks worldwide now mandate the implementation of core banking technology to prevent fraud and meet regulatory requirements.

As a result, Finacle's Core Banking Solution is designed as configurable modules with layered Service-Oriented Architecture (SOA), straight-through processing (STP) capabilities, web-enabled technology, and support for 24 x 7 operations.

But no matter how sophisticated the application, the underlying architecture can limit its performance. Not a problem! Since Finacle 10 is now available on Oracle Solaris, it can be run on the screaming fast Oracle SuperCluster or Oracle’s SPARC T-Series servers. As you might expect, Finacle tested this combination for both batch and OLTP processing and found:

  • Batch results that processed 15% more accounts and 3.2 to 3.7 times the required minimum records per second, all achieved within one third of the specified time, with plenty of CPU resources available to handle further load.
  • OLTP results that exceeded Finacle acceptance criteria with more users and more transactions per second, all with sub-second response times and with considerable CPU resources remaining available.

White Paper: Infosys Finacle Core Banking Solution on Oracle SuperCluster and Oracle’s SPARC T-Series Servers

Roger Bitar provides technical details about the software and hardware layers in this solution, and describes the configurations that obtained the best performance:

  • Configuration for Fastest OLTP Processing on SuperCluster T4-4
  • Configuration for Fastest Batch Processing on SuperCluster T4-4
  • Configuration for Fastest OLTP Processing on SPARC T4-4 Server
  • Configuration for Fastest Batch Processing on SPARC T4-4 Server

About the Photograph

I took this picture of bike race taken in Durango, Colorado, in the Fall of 2012.

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube

Tuesday Mar 18, 2014

Configuring COMSTAR to Provide Local iSCSI Storage

Oracle Solaris 11 introduced two storage capabilities that I wasn't aware of until Oracle ACE Alexandre Borges brought them to my attention.

A Solaris 11 system can serve as an iSCSI target that offers storage to other machines, or as an iSCSI initiator to access the storage offered by another iSCSI target. This capability is a real advantage, because any storage offered through the iSCSI protocol is available to an iSCSI initiator as local storage, without the need to use expensive technologies such as Fibre Channel (FC).

Solaris provides this service through a framework named Common Multiprotocol SCSI TARget (COMSTAR). Alexandre Borges shows you how to use it:

Tech Article: Using COMSTAR and ZFS to Configure a Virtualized Storage Environment

How to use COMSTAR to provide local iSCSI storage for any service that runs in Windows, Linux, or Mac OS. It also shows you how to configure authentication using the Challenge Handshake Authentication Protocol (CHAP) to secure the iSCSI storage against forbidden access. Part 1 of a series about ZFS.

About Alexandre Borges

Alexandre Borges is an Oracle ACE who worked as an employee and contracted instructor at Sun Microsystems from 2001 to 2010 teaching Oracle Solaris, Oracle Solaris Cluster, Oracle Solaris security, Java EE, Sun hardware, and MySQL courses. Nowadays, he teaches classes for Symantec, Oracle partners, and EC-Council, and he teaches several very specialized classes about information security. In addition, he is a regular writer and columnist at Linux Magazine Brazil.

More content from Alexandre:

Exploring Installation Options and User Roles in Oracle Solaris 11

Part 1 of a two-part series that describes how Alexandre installed Oracle Solaris 11 and explored its new packaging system and the way it handles roles, networking, and services. This article focuses first on exploring Oracle Solaris 11 without the need to install it, and then actually installing it on your system.

Exploring Networking, Services, and the New Image Packaging System in Oracle Solaris 11

Alexandre walks you through the new way Oracle Solaris 11 manages networking, services, and packages, compared to the way it managed them in Solaris 10.

Articles in Linux Brazil Magazine (Portuguese)

Columns in Linux Brazil Magazine (Portuguese)

More About ZFS and COMSTAR

About the Photograph

Photograph of San Rafael Swell taken in Utah by Rick Ramsey on the way to Java One.

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Wednesday Mar 05, 2014

Preserving Unpacked Software During a Package Uninstall

I love it when I can wriggle out of the unintended side effects created by an automated system designed to simplify my life.

Here's a side effect created by the very good Image Packaging System (IPS) in our beloved Oracle Solaris 11. If you use the IPS to uninstall all packaged content from a directory, it also removes the directory. Not good if you also kinda sorta loaded unpackaged content into that directory.

For instance, let's say you worked with a third-party IPS package that installed its software into /usr/local. After a pause to polish the chrome on your custom Softail Deluxe, you install a second application into /usr/local from a tar file. What happens to that second application when you use IPS to remove the third-party IPS package from the /usr/local directory? Yup. IPS dumps the directory on the asphalt and high-sides the unpackaged content all the way to /var/pkg/lost+found.

Thank goodness somebody watches out for those of us who don't follow directions. Alta Elstad, from the Solaris Documentation Team at Oracle, is one of them. Here's how she suggests you avoid this problem.

How to Preserve the Directory

To prevent the packaged directory from being removed along with its content, package the directory separately. Create an IPS package that delivers only the one directory or directory structure that you want. Then that directory structure will remain in place until you uninstall that specific package. Uninstalling a different package that delivers content to that directory will not remove the directory.

Here's a detailed example.

  1. Create the directory structure you want to deliver. This example shows /usr/local. You could easily expand this to include /usr/local/bin and other subdirectories if necessary.
    $ mkdir -p usrlocal/usr/local
  2. Create the initial package manifest.
    $ pkgsend generate usrlocal | pkgfmt > usrlocal.p5m.1
    $ cat usrlocal.p5m.1
    dir path=usr owner=root group=bin mode=0755
    dir path=usr/local owner=root group=bin mode=0755
  3. Create a pkgmogrify input file to add metadata and to exclude delivering /usr since that directory is already delivered by Oracle Solaris. You might also want to add transforms to change directory ownership or permissions.
    $ cat usrlocal.mog
    set name=pkg.fmri value=pkg://site/usrlocal@1.0
    set name=pkg.summary value="Create the /usr/local directory."
    set name=pkg.description value="This package installs the /usr/local \
    directory so that /usr/local remains available for unpackaged files."
    set name=variant.arch value=$(ARCH)
    <transform dir path=usr$->drop>
  4. Apply the changes to the initial manifest.
    $ pkgmogrify -DARCH=`uname -p` usrlocal.p5m.1 usrlocal.mog | 
      pkgfmt > usrlocal.p5m.2
    $ cat usrlocal.p5m.2
    set name=pkg.fmri value=pkg://site/usrlocal@1.0
    set name=pkg.summary value="Create the /usr/local directory."
    set name=pkg.description value="This package installs the /usr/local \
    directory so that /usr/local remains available for unpackaged files."
    set name=variant.arch value=$(ARCH)
    <transform dir path=usr$->drop> 
  5. Check your work.
    $ pkglint usrlocal.p5m.2
    Lint engine setup...
    Starting lint run...
  6. Publish the package to your repository.
    $ pkgsend -s yourlocalrepo publish -d usrlocal usrlocal.p5m.2
  7. Make sure you can see the new package that you want to install.
    $ pkg refresh site
    $ pkg list -a usrlocal
    usrlocal (site)       1.0          --- 
  8. Install the package.
    $ pkg install -v usrlocal
               Packages to install:         1
         Estimated space available:  20.66 GB
    Estimated space to be consumed: 454.42 MB
           Create boot environment:        No
    Create backup boot environment:        No
              Rebuild boot archive:        No
    Changed packages:
        None -> 1.0,5.11:20140303T180555Z
    PHASE                                          ITEMS
    Installing new actions                           5/5
    Updating package state database                 Done
    Updating package cache                           0/0
    Updating image state                            Done
    Creating fast lookup database                   Done
    Reading search index                            Done
    Updating search index                            1/1
  9. Make sure the package is installed.
    $ pkg list usrlocal
    usrlocal (site)       1.0          i-- 
    $ pkg info usrlocal
              Name: usrlocal
           Summary: Create the /usr/local directory.
       Description: This package installs the /usr/local directory so that
                    /usr/local remains available for unpackaged files.
             State: Installed
         Publisher: site
           Version: 1.0
     Build Release: 5.11
            Branch: None
    Packaging Date: March  3, 2014 06:05:55 PM
              Size: 0.00 B
              FMRI: pkg://site/usrlocal@1.0,5.11:20140303T180555Z
    $ ls -ld /usr/local
    drwxr-xr-x   2 root     bin            2 Mar  3 10:17 /usr/local/

For More Information

About the Photograph

Photograph of Vancouver's laughing statues courtesy of BMK via Wikipedia Commons Creative Commons License 2.0

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel


Logan Rosenstein
and members of the OTN community


« March 2014 »
Blogs We Like