You are viewing a plain text version of this content. The canonical link for it is here.
Posted to infrastructure-issues@apache.org by "Sander Temme (JIRA)" <ji...@apache.org> on 2005/11/02 18:00:56 UTC
[jira] Created: (INFRA-605) Install and patch OS on Xserves
Install and patch OS on Xserves
-------------------------------
Key: INFRA-605
URL: http://issues.apache.org/jira/browse/INFRA-605
Project: Infrastructure
Type: Sub-task
Reporter: Sander Temme
Assigned to: Sander Temme
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (INFRA-605) Install and patch OS on Xserves
Posted by "Chris Pepper (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/INFRA-605?page=comments#action_12356878 ]
Chris Pepper commented on INFRA-605:
------------------------------------
Note that creating software RAID volumes should be done before putting software on the RAID volume. It's theoretically possible to convert a live volume into a degraded RAID mirror, then add another, but it didn't work when I tried and isn't really supported.
What exactly did we get? Some Xserves come without video cards, some with VGA. Did they come with Mac OS X 10.4 "Tiger" Server?
If they don't have video, initial config is normally done through Server Assistant.app, and requires knowing the serial number to connect to the server. Alternatively, an Xserve can be connected to another Mac in FireWire Target Disk mode. This way, you run the installer on the other Mac, and select the Xserve's drive to install to; then boot (the other Mac, with video) from the drive and do further configuration.
Apple has two remote management tools (aside from ssh, of course). Server Admin runs over HTTPS on its own port, and configures all Apple's services and various other basics, including SSL. For a remote control session, Apple's tool is Remote Desktop, which is VNC-based. Unfortnately, it uses 3 TCP & 2 UDP ports, so doesn't tunnel well through ssh. Apple does include an IPsec VPN server in Tiger Server, and a compatible client in Panther & Tiger, but I haven't tested compatibility with other IPsec clients.
For a VNC server which is fully ssh-tunnelable, I recommend OSXvnc <http://www.redstonesoftware.com/vnc.html>. The application bundle includes two binaries. storepasswd works like htpasswd (and may in fact be compatible -- dunno), and OSXvnc-server is a CLI-invoked VNC server; the bundle can also be double-clicked to start the server as a graphical Mac application. This is probably a good task for initial configuration.
Note that Apple uses OpenLDAP (and NetInfo) for accounts, so before installing someone needs to decide if the servers will master/slaves in an OpenLDAP directory, and/or Kerberized.
Apple's Server docs are at <http://www.apple.com/server/macosx/>.
Third-party docs & discussion on Mac OS X Server are at <http://www.afp548.com/>.
> Install and patch OS on Xserves
> -------------------------------
>
> Key: INFRA-605
> URL: http://issues.apache.org/jira/browse/INFRA-605
> Project: Infrastructure
> Type: Sub-task
> Reporter: Sander Temme
> Assignee: Sander Temme
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Closed: (INFRA-605) Install and patch OS on Xserves
Posted by "Henri Yandell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/INFRA-605?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Henri Yandell closed INFRA-605.
-------------------------------
Resolution: Won't Fix
We've moved off the OS X machines, so these are dead now afaik. Sorry if they're not (cleaning up).
> Install and patch OS on Xserves
> -------------------------------
>
> Key: INFRA-605
> URL: https://issues.apache.org/jira/browse/INFRA-605
> Project: Infrastructure
> Issue Type: Sub-task
> Security Level: public(Regular issues)
> Components: ColoTasks
> Reporter: Sander Temme
> Assigned To: Sander Temme
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (INFRA-605) Install and patch OS on Xserves
Posted by "Joe Schaefer (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/INFRA-605?page=comments#action_12419176 ]
Joe Schaefer commented on INFRA-605:
------------------------------------
Turning off the watchdog was apparently unwise.
Igron has stopped responding to the network (I was
in the middle of `fink selfupdate` when it quit). I put
in a reboot request to surfnet a few hours ago since
we don't have console access to it.
> Install and patch OS on Xserves
> -------------------------------
>
> Key: INFRA-605
> URL: http://issues.apache.org/jira/browse/INFRA-605
> Project: Infrastructure
> Type: Sub-task
> Security: public(Regular issues)
> Components: ColoTasks
> Reporter: Sander Temme
> Assignee: Sander Temme
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (INFRA-605) Install and patch OS on Xserves
Posted by "Henri Yandell (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/INFRA-605?page=all ]
Henri Yandell updated INFRA-605:
--------------------------------
Component: ColoTasks
> Install and patch OS on Xserves
> -------------------------------
>
> Key: INFRA-605
> URL: http://issues.apache.org/jira/browse/INFRA-605
> Project: Infrastructure
> Type: Sub-task
> Components: ColoTasks
> Reporter: Sander Temme
> Assignee: Sander Temme
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (INFRA-605) Install and patch OS on Xserves
Posted by "Chris Pepper (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/INFRA-605?page=comments#action_12356879 ]
Chris Pepper commented on INFRA-605:
------------------------------------
systemsetup & networksetup are CLI tools for system configuration. Here are the manual pages, for reference.
pepper@www:~$ man systemsetup|cat
SYSTEMSETUP(8) BSD System Manager's Manual SYSTEMSETUP(8)
NAME
systemsetup -- configuration tool for certain machine settings in System
Preferences.
SYNOPSIS
systemsetup [-getdate] [-setdate mm:dd:yy] [-gettime] [-settime hh:mm:ss]
[-gettimezone] [-listtimezones] [-settimezone timezone]
[-getusingnetworktime] [-setusingnetworktime on | off]
[-getnetworktimeserver] [-setnetworktimeserver timeserver]
[-getsleep] [-setsleep minutes] [-getcomputersleep]
[-setcomputersleep minutes] [-getdisplaysleep]
[-setdisplaysleep minutes] [-getharddisksleep]
[-setharddisksleep minutes] [-getwakeonmodem]
[-setwakeonmodem on | off] [-getwakeonnetworkaccess]
[-setwakeonnetworkaccess on | off] [-getrestartpowerfailure]
[-setrestartpowerfailure on | off] [-getrestartfreeze]
[-setrestartfreeze on | off]
[-getallowpowerbuttontosleepcomputer]
[-setallowpowerbuttontosleepcomputer on | off]
[-getremorelogin] [-setremorelogin on | off]
[-getremoreappleevents] [-setremoreappleevents on | off]
[-getcomputername] [-setcomputername computername]
[-getstartupdisk] [-liststartupdisks] [-setstartupdisk path]
[-getwaitforstartupafterpowerfailure]
[-setwaitforstartupafterpowerfailure value]
[-getdisablekeyboardwhenenclosurelockisengaged]
[-setdisablekeyboardwhenenclosurelockisengaged yes | no]
[-version] [-help] [-printCommands]
DESCRIPTION
The systemsetup command is used to configure certain per-machine settings
typically configured in the System Preferences application. The
systemsetup command requires at least "admin" privileges to run.
A list of flags and their descriptions:
-getdate
Displays the current date.
-setdate mm:dd:yy
Use this command to set the current month, day, and year.
-gettime
Displays the current time in 24-hour format.
-settime hh:mm:ss
Sets the current time. The provided time argument should be in
24-hour format.
-gettimezone
Displays current time zone.
-listtimezones
Lists all time zones supported by this machine.
-settimezone timezone
Use this command to set the local time zone. Use "-listtimezones"
to list valid timezone arguments.
-getusingnetworktime
Displays whether network time is on or off.
-setusingnetworktime on | off
Sets whether using network time is on or off.
-getnetworktimeserver
Displays the currently set network time server.
-setnetworktimeserver timeserver
Use this command to designate a network time server. Enter the IP
address or DNS name for the network time server.
-getsleep
Displays amount of idle time until machine sleeps.
-setsleep minutes
Sets amount of idle time until computer sleeps. Specify "Never"
or "Off" for computers that should never sleep. Important: if you
set the system to sleep, you will not be able to administer the
server remotely while it is sleeping.
-getcomputersleep
Display amount of idle time until computer sleeps.
-setcomputersleep minutes
Set amount of idle time until compputer sleeps. Specify "Never"
or "Off" for never.
-getdisplaysleep
Display amount of idle time until display sleeps.
-setdisplaysleep minutes
Set amount of idle time until display sleeps. Specify "Never" or
"Off" for never.
-getharddisksleep
Display amount of idle time until hard disk sleeps. Specify
"Never" or "Off" for never.
-setharddisksleep
Set amount of idle time until hard disk sleeps. Specify "Never"
or "Off" for never.
-getwakeonmodem
Displays whether wake on modem is on or off.
-setwakeonmodem on | off
Use this command to specify whether or not the server will wake
from sleep when modem activity is detected.
-getwakeonnetworkaccess
Displays whether wake on network access is on or off.
-setwakeonnetworkaccess on | off
Use this command to specify whether the server wakes from sleep
when a network admin packet is sent to it.
-getrestartpowerfailure
Displays whether restart on power failure is on or off.
-setrestartpowerfailure on | off
Use this command to specify whether the server automatically
restarts after a power failure.
-getrestartfreeze
Displays whether restart on freeze is on or off.
-setrestartfreeze on | off
Use this command to specify whether the server restarts automati-
cally after the system freezes.
-getallowpowerbuttontosleepcomputer
Enable or disable whether the power button can sleep the com-
puter.
-setallowpowerbuttontosleepcomputer on | off
Enable or disable whether the power button can sleep the com-
puter.
-getremotelogin
Displays whether remote login (SSH) is on or off.
-setremotelogin [-f] on | off
Sets remote login (SSH) to either on or off. Important If you
turn off remote login, you won't be able to administer the server
using remote command line tools and SSH. To turn remote login
back on, you'll need to connect a monitor and keyboard to the
server to administer it locally. Use "setremotelogin -f off" to
suppress prompting when turning remote login off.
-getremoreappleevents
Displays whether remote apple events are on or off.
-setremoreappleevents on | off
Use this command to set whether the server responds to events
sent by other computers (such as AppleScripts).
-getcomputername
Displays computer name.
-setcomputername computername
Sets computer name to <computername>. This name is used by AFP
and AppleTalk.
-getlocalsubnetname
Display local subnet name.
-setlocalsubnetname name
Set local subnet name to <name>.
-getstartupdisk
Displays current startup disk.
-liststartupdisks
Lists all valid startup disks on this computer.
-setstartupdisk path
Sets current startup disk to the indicated path. Valid arguments
can be listed using "-liststartupdisks."
-getwaitforstartupafterpowerfailure
Get the number of seconds after which the computer will start up
after a power failure.
-setwaitforstartupafterpowerfailure seconds
Set the number of seconds after which the computer will start up
after a power failure. The <seconds> value must be a multiple of
30 seconds.
-getdisablekeyboardwhenenclosurelockisengaged
Get whether or not the keyboard should be disabled when the X
Serve enclosure lock is engaged.
-setdisablekeyboardwhenenclosurelockisengaged yes | no
Set whether or not the keyboard should be disabled when the X
Serve enclosure lock is engaged.
-version
Displays version of systemsetup tool.
-help Displays a list of all the commands available in the System Setup
Tool, with explanatory information.
-printCommands
Displays a list of commands with no detail.
EXAMPLES
systemsetup -setdate 04:15:02
systemsetup -settime 16:20:00
systemsetup -settimezone US/Pacific
systemsetup -setnetworktimeserver time.apple.com
FILES
/usr/sbin/systemsetup
SEE ALSO
networksetup(8)
Mac OS April 15, 2002 Mac OS
pepper@www:~$ man networksetup|cat
NETWORKSETUP(8) BSD System Manager's Manual NETWORKSETUP(8)
NAME
networksetup -- configuration tool for network settings in System Prefer-
ences.
SYNOPSIS
networksetup [-listnetworkserviceorder] [-listallnetworkservices]
[-listallhardwareports] [-detectnewhardware]
[-getmacaddress hardwareport] [-getcomputername]
[-setcomputername computername] [-getinfo networkservice]
[-setmanual networkservice ip subnet router]
[-setdhcp networkservice [clientid]]
[-setbootp networkservice]
[-setmanualwithdhcprouter networkservice ip]
[-setv4off networkservice] [-setv6off networkservice]
[-setv6automatic networkservice]
[-setv6manual networkservice address prefixLength router]
[-getdnsservers networkservice]
[-setdnsservers networkservice dns1 [dns2] [...]]
[-getsearchdomains networkservice]
[-setsearchdomains networkservice domain1 [domain2] [...]]
[-create6to4service networkservicename]
[-set6to4automatic networkservice]
[-set6to4manual networkservice relayAddress]
[-getftpproxy networkservice]
[-setftpproxy networkservice domain portnumber authenticated username password]
[-setftpproxystate networkservice on | off]
[-getwebproxy networkservice]
[-setwebproxy networkservice domain portnumber authenticated username password]
[-setwebproxystate networkservice on | off]
[-getsecurewebproxy networkservice]
[-setsecurewebproxy networkservice domain portnumber authenticated username password]
[-setsecurewebproxystate networkservice on | off]
[-getstreamingproxy networkservice]
[-setstreamingproxy networkservice domain portnumber authenticated username password]
[-setstreamingproxystate networkservice on | off]
[-getgopherproxy networkservice]
[-setgopherproxy networkservice domain portnumber authenticated username password]
[-setgopherproxystate networkservice on | off]
[-getsocksfirewallproxy networkservice]
[-setsocksfirewallproxy networkservice domain portnumber authenticated username password]
[-setsocksfirewallproxystate networkservice on | off]
[-getproxybypassdomains networkservice]
[-setproxybypassdomains networkservice domain1 [domain2] [...]]
[-getpassiveftp networkservice]
[-setpassiveftp networkservice on | off]
[-getairportnetwork] [-setairportnetwork network [password]]
[-getairportpower] [-setairportpower on | off]
[-getnetworkserviceenabled networkservice]
[-setnetworkserviceenabled networkservice on | off]
[-createnetworkservice networkservicename hardwareport]
[-renamenetworkservice networkservice newnetworkservicename]
[-duplicatenetworkservice networkservice newnetworkservicename]
[-removenetworkservice networkservice]
[-ordernetworkservices service1 [service2] [service3] [...]]
[-getappletalk networkservice]
[-setappletalk networkservice on | off]
[-getMTU hardwareport] [-setMTU hardwarePort value]
[-listvalidMTUrange hardwareport] [-getmedia hardwareport]
[-setmedia hardwareport subtype [option1] [option2] [...]]
[-listvalidmedia hardwareport]
[-createVLAN name parentdevice tag]
[-deleteVLAN name parentdevice tag] [-listVLANs]
[-listdevicesthatsupportVLAN] [-isBondSupported device]
[-createBond name [device1] [device2] [...]]
[-deleteBond bond] [-addDeviceToBond device bond]
[-removeDeviceFromBond device bond] [-listBonds]
[-showBondStatus bond] [-version] [-help] [-printcommands]
DESCRIPTION
The networksetup command is used to configure network settings typically
configured in the System Preferences application. The networksetup com-
mand requires at least "admin" privileges to run.
A list of flags and their descriptions:
-listnetworkserviceorder
Displays a list of network services in the order they are con-
tacted for a connection, along with the corresponding port and
device for each. An asterisk (*) next to a service means the ser-
vice is inactive.
-listallnetworkservices
Displays a list of all the network services on the server's hard-
ware ports. An asterisk (*) denotes that a network service is
disabled.
-listallhardwareports
Displays list of hardware ports with corresponding device name
and ethernet address.
-detectnewhardware
Detects new network hardware and creates a default network ser-
vice on the hardware.
-getmacaddress hardwareport
Displays ethernet (or AirPort) address for hardwareport or device
specified.
-getcomputername
Displays the computer name.
-setcomputername computername
Sets computer name to <computername>. This name is used by AFP
and AppleTalk.
-getinfo networkservice
Displays the IP address, subnet mask, router, and hardware
address for the <networkservice> that you specify.
-setmanual networkservice ip subnet router
Set the TCP/IP configuration for <networkservice> to manual with
IP address set to <ip>, Subnet Mask set to <subnet>, and Router
address set to <router>.
-setdhcp networkservice [clientid]
Use this command to set the TCP/IP configuration for the speci-
fied <networkservice> to use DHCP. The client ID is optional.
Specify "Empty" for [clientid] to clear the DHCP client id.
-setbootp networkservice
Use this command to set the TCP/IP configuration for the speci-
fied <networkservice> to use BOOTP.
-setmanualwithdhcprouter networkservice ip
Use this command to specify a manual IP address to use for DHCP
for the specified <networkservice>.
-setv4off networkservice
Use this command to turn IPv4 off on the specified <networkser-
vice>.
-setv6off networkservice
Use this command to turn IPv6 off on the specified <networkser-
vice>.
-setv6automatic networkservice
Use this command to set IPv6 to get its addresses automatically
for <networkservice>.
-setv6manual ip prefixlength router
Use this command to set IPv6 to get its addresses manually for
<networkservice>. Specify the ip address, the prefix length and
the router.
-getdnsservers networkservice
Displays DNS info for <networkservice>.
-setdnsservers networkservice dns1 [dns2] [...]
Use this command to specify the IP addresses of servers you want
the specified <networkservice> to use to resolve domain names.
You can list any number of servers (replace dns1, dns2, and so on
with the IP addresses of domain name servers). If you want to
clear all DNS entries for the specified network service, type
"empty" in place of the DNS server names.
-getsearchdomains networkservice
Displays Domain Name info for <networkservice>.
-setsearchdomains networkservice domain1 [domain2] [...]
Use this command to designate the search domain for the specified
<networkservice>. You can list any number of search domains
(replace domain1, domain2, and so on with the name of a local
domain). If you want to clear all search domain entries for the
specified network service, type OemptyO in place of the domain
name.
-create6to4service -<newnetworkservicename>
Use this command to create a new 6 to 4 service with name
<newnetworkservicename>.
-set6to4automatic -<newnetworkservicename>
Use this command to set the 6 to 4 service such that it will get
the relay address automatically.
-set6to4manual -<newnetworkservicename> -<relayaddress>
Use this command to set the 6 to 4 service such that it will get
the relay address manually. Specify the <relayaddress> that you
would like to set.
-getftpproxy networkservice
Displays FTP proxy (server, port, enabled value) info for <net-
workservice>.
-setftpproxy networkservice domain portnumber authenticated username
password
Set FTP proxy for <networkservice> with <domain> and <port num-
ber>. Turns proxy on. Optionally, specify <on> or <off> for
<authenticated> to enable and disable authenticated proxy sup-
port. Specify <username> and <password> if you turn authenticated
proxy support on.
-setftpproxystate networkservice on | off
Set FTP proxy on <networkservice> to either <on> or <off>.
-getwebproxy networkservice
Displays Web proxy (server, port, enabled value) info for <net-
workservice>.
-setwebproxy networkservice domain portnumber authenticated username
password
Set Web proxy for <networkservice> with <domain> and <port num-
ber>. Turns proxy on. Optionally, specify <on> or <off> for
<authenticated> to enable and disable authenticated proxy sup-
port. Specify <username> and <password> if you turn authenticated
proxy support on.
-setwebproxystate networkservice on | off
Set Web proxy on <networkservice> to either <on> or <off>.
-getsecurewebproxy networkservice
Displays Secure Web proxy (server, port, enabled value) info for
<networkservice>.
-setsecurewebproxy networkservice domain portnumber authenticated
username password
Set Secure Web proxy for <networkservice> with <domain> and <port
number>. Turns proxy on. Optionally, specify <on> or <off> for
<authenticated> to enable and disable authenticated proxy sup-
port. Specify <username> and <password> if you turn authenticated
proxy support on.
-setsecurewebproxystate networkservice on | off
Set SecureWeb proxy on <networkservice> to either <on> or <off>.
-getstreamingproxy networkservice
Displays Streaming proxy (server, port, enabled value) info for
<networkservice>.
-setstreamingproxy networkservice domain portnumber authenticated
username password
Set Streaming proxy for <networkservice> with <networkservice>.
Turns proxy on. Optionally, specify <on> or <off> for <authenti-
cated> to enable and disable authenticated proxy support. Specify
<username> and <password> if you turn authenticated proxy support
on.
-setstreamingproxystate networkservice on | off
Set Streamingproxy on <networkservice> to either <on> or <off>.
-getgopherproxy networkservice
Displays Gopher proxy (server, port, enabled value) info for
<networkservice>.
-setgopherproxy networkservice domain portnumber authenticated username
password
Set Gopher proxy for <networkservice> with <domain> and <port
number>. Turns proxy on. Optionally, specify <on> or <off> for
<authenticated> to enable and disable authenticated proxy sup-
port. Specify <username> and <password> if you turn authenticated
proxy support on.
-setgopherproxystate networkservice on | off
Set Gopher proxy on <networkservice> to either <on> or <off>.
-getsocksfirewallproxy networkservice
Displays SOCKS Firewall proxy (server, port, enabled value) info
for <networkservice>.
-setsocksfirewallproxy networkservice domain portnumber authenticated
username password
Set SOCKS Firewall proxy for <networkservice> with <domain> and
<port number>. Turns proxy on. Optionally, specify <on> or <off>
for <authenticated> to enable and disable authenticated proxy
support. Specify <username> and <password> if you turn authenti-
cated proxy support on.
-setsocksfirewallproxystate networkservice on | off
Set SOCKS Firewall proxy to either <on> or <off>.
-getproxybypassdomains networkservice
Displays Bypass Domain Names for <networkservice>.
-setproxybypassdomains networkservice domain1 [domain2] [...]
Set the Bypass Domain Name Servers for <networkservice> to
<domain1> [domain2] [...]. Any number of Domain Name servers can
be specified. Specify "Empty" for <domain1> to clear all Domain
Name entries.
-getpassiveftp networkservice
Displays whether Passive FTP is on or off for <networkservice>.
-setpassiveftp networkservice on | off
Set Passive FTP to either <on> or <off>.
-getairportnetwork
Displays current AirPort Network.
-setairportnetwork network [password]
Set AirPort Network to <network> using optional [password] if
specified.
-getairportpower
Displays whether AirPort power is on or off.
-setairportpower on | off
Set AirPort power to either <on> or <off>.
-getnetworkserviceenabled networkservice
Displays whether a service is on or off (enabled or disabled).
-setnetworkserviceenabled networkservice on | off
Use this command to turn the specified network service on or off
(enable or disable).
-createnetworkservice networkservicename hardwareport
Create a service named <networkservice> on port <hardwareport>.
The new service will be enabled by default.
-renamenetworkservice networkservice newnetworkservicename
Use this command to rename the specified network service <net-
workservice> to <newnetworkservicename>.
-duplicatenetworkservice networkservice newnetworkservicename
Use this command to duplicate an existing network service <net-
workservice> and rename it to the specified name <newnetworkser-
vicename>.
-removenetworkservice networkservice
Use this command to delete a network service <networkservice>.
You cannot use this command to delete the last remaining service
for a hardware port. To do so, you use the -setnetworkserviceen-
abled command.
-ordernetworkservices service1 [service2] [service3] [...]
Use this command to designate the order network services are con-
tacted on the specified hardware port. Name the network you want
contacted first, then the second, and so on. Use "listnetworkser-
viceorder" to view current service order.
-getappletalk networkservice
Displays whether AppleTalk is on or off (enabled or disabled) on
<networkservice>.
-setappletalk networkservice on | off
Set AppleTalk to either <on> or <off> (enabled or disabled) on
<networkservice>.
-getMTU hardwareport
Get the MTU value for hardwareport or device specified.
-setMTU hardwarePort value
Set MTU for hardwareport or device specified.
-listValidMTURange hardwareport
List the valid MTU range for hardwareport or device specified.
-getMedia hardwareport
Show both the current setting for media and the active media on
hardwareport or device specified.
-setMedia hardwareport subtype [option1] [option2] [...]
Set media for hardwareport or device specified to subtype. Spec-
ify optional [option1] and additional options depending on sub-
type. Any number of valid options can be specified.
-listValidMedia hardwareport
List valid media options for hardwareport or device name. Enumer-
ates available subtypes and options per subtype.
-createVLAN name parentdevice tag
Create a VLAN with the name <name> over the parent device <par-
entdevice> and with the tag <tag>.
-deleteVLAN name parentdevice tag
Delete the VLAN with the name <name> over the parent device <par-
entdevice> and with the tag <tag>.
-listVLANs
List the VLANs that have been created.
-listdevicesthatsupportVLAN
List the devices that support VLANs.
-isBondSupported device
Displays YES if the device can be added to a bond. NO if it can-
not.
-createBond name [device1] [device2] [...]
Create a bond with the user-defined-name name and optionally add
any listed devices if they support bonding.
-deleteBond bond
Delete the bond with the specified device-name.
-addDeviceToBond device bond
Add device to bond.
-removeDeviceFromBond device bond
Remove device from bond.
-listBonds
List of all bonds.
-showBondStatus bond
Display the status of the specified bond.
-version
Displays version of networksetup tool.
-help Displays a list of all the commands available in the Network Set-
up Tool, with explanatory information.
-printcommands
Displays a list of commands with no detail.
EXAMPLES
networksetup -listallnetworkservices
networksetup -setmanual "Built-in Ethernet" 192.168.100.100 255.255.255.0
192.168.100.1
networksetup -setdnsservers "Built-in Ethernet" 192.168.100.100
192.168.100.12
networksetup -setsearchdomains "Built-in Ethernet" company.com corp.com
networksetup -setwebproxy "Built-in Ethernet" proxy.company.com 80
networksetup -setwebproxy "Built-In Ethernet" proxy.company.com 80 On
authusername authpassword
networksetup -duplicatenetworkservice "Built-In Ethernet" "Local LAN"
networksetup -getdnsservers "Built-In Ethernet"
networksetup -setMTU en0 1500
networksetup -setMedia en0 autoselect
networksetup -setMedia 100baseTX half-duplex
networksetup -createBond MyBond en0 en1
networksetup -addDeviceToBond en0 bond0
FILES
/usr/sbin/networksetup
SEE ALSO
systemsetup(8)
Mac OS April 16, 2002 Mac OS
> Install and patch OS on Xserves
> -------------------------------
>
> Key: INFRA-605
> URL: http://issues.apache.org/jira/browse/INFRA-605
> Project: Infrastructure
> Type: Sub-task
> Reporter: Sander Temme
> Assignee: Sander Temme
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (INFRA-605) Install and patch OS on Xserves
Posted by "Joe Schaefer (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/INFRA-605?page=comments#action_12419037 ]
Joe Schaefer commented on INFRA-605:
------------------------------------
igron keeps rebooting due to the watchdog, so I'm assuming it is defective.
(There's nothing running on the box which would trigger a timeout).
I disabled it via
# launchctl
launchd% unload -w /System/Library/LaunchDaemons/com.apple.watchdogtimerd.plist
So I hope the reboot problem disappears. Also note that ecelerity did
not restart on the last reboot; the following error was reported in the ecelerity
paniclog:
[Tue 04 Jul 2006 03:19:07] umem: Assertion failed: lp->vmpl_thr == 0,
file umem/vmem.c, line 611
Running `ec_ctl stop; ec_ctl start` seemed to resolve it.
> Install and patch OS on Xserves
> -------------------------------
>
> Key: INFRA-605
> URL: http://issues.apache.org/jira/browse/INFRA-605
> Project: Infrastructure
> Type: Sub-task
> Security: public(Regular issues)
> Components: ColoTasks
> Reporter: Sander Temme
> Assignee: Sander Temme
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (INFRA-605) Install and patch OS on Xserves
Posted by "Sander Temme (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/INFRA-605?page=comments#action_12377509 ]
Sander Temme commented on INFRA-605:
------------------------------------
Another note: the two 60Gb disks in bays 1 and 2 were already a mirror and have the OS.
> Install and patch OS on Xserves
> -------------------------------
>
> Key: INFRA-605
> URL: http://issues.apache.org/jira/browse/INFRA-605
> Project: Infrastructure
> Type: Sub-task
> Security: public(Regular issues)
> Components: ColoTasks
> Reporter: Sander Temme
> Assignee: Sander Temme
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (INFRA-605) Install and patch OS on Xserves
Posted by "Joe Schaefer (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/INFRA-605?page=comments#action_12419593 ]
Joe Schaefer commented on INFRA-605:
------------------------------------
igron is back up- watchdog reactivated.
IMO igron is unfit for service at this point,
and someone needs to take it home and
try to fix it.
> Install and patch OS on Xserves
> -------------------------------
>
> Key: INFRA-605
> URL: http://issues.apache.org/jira/browse/INFRA-605
> Project: Infrastructure
> Type: Sub-task
> Security: public(Regular issues)
> Components: ColoTasks
> Reporter: Sander Temme
> Assignee: Sander Temme
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (INFRA-605) Install and patch OS on Xserves
Posted by "Chris Pepper (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/INFRA-605?page=comments#action_12358443 ]
Chris Pepper commented on INFRA-605:
------------------------------------
I've heard from a couple people that 10.4.3 breaks (changes?) postfix alias configurations which worked under 10.4.2, but not tested it myself.
Apple's build files (including patches) for 10.4.3 are at <http://www.opensource.apple.com/darwinsource/10.4.3/>. I don't see amavisd-new or clamav, though. I believe the spamassassin config is broken, because Apple uses amavisd-new to manage spamassassin instead.
Apple includes the following in 10.4.2 Server:
pepper@www:~$ sw_vers
ProductName: Mac OS X Server
ProductVersion: 10.4.2
BuildVersion: 8C47
pepper@www:~$ postconf mail_version
mail_version = 2.1.5
pepper@www:~$ spamassassin --version
SpamAssassin version 3.0.1
running on Perl version 5.8.6
pepper@www:~$ clamd --version
ClamAV 0.85.1/1191/Wed Nov 23 18:50:25 2005
pepper@www:~$ /opt/apache2/bin/httpd -V
Server version: Apache/2.0.53
Server built: Mar 20 2005 16:31:25
Server's Module Magic Number: 20020903:9
Architecture: 32-bit
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/worker"
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D HTTPD_ROOT="/opt/apache2"
-D SUEXEC_BIN="/opt/apache2/bin/suexec"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
pepper@www:~$ grep VERSION /System/Library/Perl/5.8.6/darwin-thread-multi-2level/mod_perl.pm
$mod_perl::VERSION = "1.29";
$class->UNIVERSAL::VERSION(shift);
pepper@www:~$ rsync --version
rsync version 2.6.3 protocol version 28
Copyright (C) 1996-2004 by Andrew Tridgell and others
<http://rsync.samba.org/>
Capabilities: 64-bit files, socketpairs, hard links, symlinks, batchfiles,
inplace, IPv6, 32-bit system inums, 64-bit internal inums
rsync comes with ABSOLUTELY NO WARRANTY. This is free software, and you
are welcome to redistribute it under certain conditions. See the GNU
General Public Licence for details.
> Install and patch OS on Xserves
> -------------------------------
>
> Key: INFRA-605
> URL: http://issues.apache.org/jira/browse/INFRA-605
> Project: Infrastructure
> Type: Sub-task
> Components: ColoTasks
> Reporter: Sander Temme
> Assignee: Sander Temme
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (INFRA-605) Install and patch OS on Xserves
Posted by "Chris Pepper (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/INFRA-605?page=comments#action_12358059 ]
Chris Pepper commented on INFRA-605:
------------------------------------
Please leave the video card in the machine. Not everything can be done via serial console, so if an Xserve gets seriously hosed, repair/rebuild will be significantly easier if the on-site person doesn't have to bring or find a suitable video card -- even if the card is not normally connected to anything.
This is Tiger Server, right? It should listen on ttyS0, although I'm not sure of the speed (it's changed once or twice with software revisions). "ps -auxww|grep tty" should show it, though. If you need to change the port speed on the Cyclades, "vi /etc/portslave/pslave.conf" and add lines like:
s6.alias name
s6.speed 57600
Then "config write" will update the flash on the Cyclades and reload the configuration (interrupting any active console sessions).
FWIW, Mac OS X Server CLI documentation is at: http://www.apple.com/server/pdfs/Command_Line.pdf
Do you recall whether the optical drive was tray-loading or slot-loading? Slot-loading drives identify Xserve G4s "1.0.1" hardware revisions of the Xserve G4.
> Install and patch OS on Xserves
> -------------------------------
>
> Key: INFRA-605
> URL: http://issues.apache.org/jira/browse/INFRA-605
> Project: Infrastructure
> Type: Sub-task
> Reporter: Sander Temme
> Assignee: Sander Temme
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (INFRA-605) Install and patch OS on Xserves
Posted by "Joe Schaefer (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/INFRA-605?page=comments#action_12377167 ]
Joe Schaefer commented on INFRA-605:
------------------------------------
We're not putting Apache::Qpsmtpd on the new mail spools, these are going to run ecelerity instead.
The machines have ecelerity installed, along with the following services under "supervise": rbldnsd, clamav, spamassassin, and dnscache. Theo thinks we should avoid dnscache, but I haven't yet figured out how to get ecelerity to use the rbldnsd instance.
Theo hooked clamav up to ecelerity; spamassassin is not hooked up yet.
There are two problems with igron:
1) the disks aren't raided,
2) the box randomly reboots, with the following note in syslog on restart:
ApplePMU::PMU forced shutdown, cause = -93
The first issue is minor, but the second currently prevents its use as a front-line mail server.
That leaves idunn as a single front-line MX, which is hosted at UL. Moving our front-line MX
from OSUOSL to UL seems like a step in the wrong direction, and since the current front-line
MX has no problems coping with the current traffic load, this issue is IMO not a top priority.
> Install and patch OS on Xserves
> -------------------------------
>
> Key: INFRA-605
> URL: http://issues.apache.org/jira/browse/INFRA-605
> Project: Infrastructure
> Type: Sub-task
> Security: public(Regular issues)
> Components: ColoTasks
> Reporter: Sander Temme
> Assignee: Sander Temme
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (INFRA-605) Install and patch OS on Xserves
Posted by "Sander Temme (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/INFRA-605?page=comments#action_12377508 ]
Sander Temme commented on INFRA-605:
------------------------------------
I have mirrored the 172Gb drives in bays 3 and 4, and mounted them under /Volumes/X1. The command used and its output were:
[igron:~] sctemme% diskutil createRAID mirror X1 HFS+ disk0 disk2
Preparing partition 'disk0s3' for RAID
Adding disk 'disk0s3' to new RAID set
Preparing partition 'disk2s3' for RAID
Adding disk 'disk2s3' to new RAID set
Creating RAID Set (disk0 , disk2 )
Bringing RAID partitions online
Waiting for new RAID to come online "835CD83C-A9E3-4D08-ADDF-2A7C53760719"
Creating file system on RAID volume "disk5 "
The RAID has been created successfully
The -93 cause corresponds to the hardware watchdog, which automatically reboots the computer when it perceives that the box hangs:
enum // list of shutdown causes
{
SD_CAUSE_UNDEF, // 0
SD_CAUSE_SYSREQ_SD, // 1
SD_CAUSE_SYSREQ_RESTART, // 2
SD_CAUSE_PWRKEY, // 3
SD_CAUSE_RSTKEY_RESTART, // 4
SD_CAUSE_DOWNLOAD, // 5
SD_CAUSE_LP_SLPCHK = 0x80, // -128
SD_CAUSE_NO_PWR_SRC, // -127
SD_CAUSE_PWRON_SUPPLY_CHECK,// -126
SD_CAUSE_PWRVALID_CHK, // -125
SD_CAUSE_STOPMODE_PWR_CHK, // -124
SD_CAUSE_LOW_BATTERY, // -123
SD_CAUSE_PWRVALID_INT, // -122
SD_CAUSE_STOPMODE_PWR_CHK2, // -121
SD_CAUSE_WARM_START = 0x90, // -112
SD_CAUSE_WARM_START_OSC, // -111
SD_CAUSE_SMU_RESET, // -110
SD_CAUSE_LID_CLOSE = 0xA0, // -96
SD_CAUSE_OVER_TEMP, // -95
SD_CAUSE_WATCHDOG_PMU, // -94
SD_CAUSE_WATCHDOG_SYS, // -93
};
Why the box is watchdogging is unknown at this time.
> Install and patch OS on Xserves
> -------------------------------
>
> Key: INFRA-605
> URL: http://issues.apache.org/jira/browse/INFRA-605
> Project: Infrastructure
> Type: Sub-task
> Security: public(Regular issues)
> Components: ColoTasks
> Reporter: Sander Temme
> Assignee: Sander Temme
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (INFRA-605) Install and patch OS on Xserves
Posted by "Joe Schaefer (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/INFRA-605?page=comments#action_12358393 ]
Joe Schaefer commented on INFRA-605:
------------------------------------
Required software: postfix, rbldnsd, clamav, spamassassin, rsync, httpd-2.x (prefork), mod-perl-2.x, possibly djbdns
> Install and patch OS on Xserves
> -------------------------------
>
> Key: INFRA-605
> URL: http://issues.apache.org/jira/browse/INFRA-605
> Project: Infrastructure
> Type: Sub-task
> Components: ColoTasks
> Reporter: Sander Temme
> Assignee: Sander Temme
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (INFRA-605) Install and patch OS on Xserves
Posted by "Sander Temme (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/INFRA-605?page=comments#action_12357962 ]
Sander Temme commented on INFRA-605:
------------------------------------
Thanks Chris, this is good info. The SF machine has a video card, which I will likely yank after installation. We don't have a KVM switch in the rack so I'm more interested in console access.
> Install and patch OS on Xserves
> -------------------------------
>
> Key: INFRA-605
> URL: http://issues.apache.org/jira/browse/INFRA-605
> Project: Infrastructure
> Type: Sub-task
> Reporter: Sander Temme
> Assignee: Sander Temme
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira