Difference between revisions of "Category:Linux troubleshooting"

From Christoph's Personal Wiki
Jump to: navigation, search
(System information)
(Linux networking)
Line 104: Line 104:
 
  192.168.xxx.xxx  0x1        0x2        00:00:00:00:00:00    *        eth0
 
  192.168.xxx.xxx  0x1        0x2        00:00:00:00:00:00    *        eth0
 
  192.168.xxx.xxx  0x1        0x2        00:00:00:00:00:00    *        eth0
 
  192.168.xxx.xxx  0x1        0x2        00:00:00:00:00:00    *        eth0
 +
 +
===NFS===
 +
Check your <code>/etc/exports</code> for directories mountable by IP address. E.g.,
 +
/mnt/disk/data 10.0.67.53(rw) 10.0.67.123(ro)
 +
 +
Add the following line (for static routes) to you <code>/etc/sysconfig/network-scripts/route-eth0</code>
 +
10.0.34.54 via 10.0.67.43
 +
 +
You can also accomplish the above via the CLI:
 +
ip route add 10.0.34.54 via 10.0.67.43 dev eth0
 +
 +
Use <code>/etc/sysconfig/network</code> for your default gateway. E.g.,
 +
HOSTNAME=foo.bar.com
 +
NETWORKING=yes
 +
GATEWAY=10.0.54.123
 +
GATEWAYDEV=eth0
  
 
===External resources===
 
===External resources===

Revision as of 04:00, 9 May 2007

This category will contain a collection of articles on troubleshooting Linux. It will be highly biased towards SuSE Linux (version 10.1 or later), as that is my primary OS. I am also using a 64-bit (x86_64) kernel, so my articles will also be biased towards these systems.

Note: Most of the following have also been tested on Mandriva Linux (10.1, 2006.0, and 2007.0).

System information

% dmesg
% vmstat  # to quickly monitor CPU, memory, and I/O usage and decide which is the bottleneck
% ps -ef | egrep '^root ' | gawk '{print $2}'  # method 1
% pgrep -u root                                # method 2
% cat /proc/cpuinfo
% cat /proc/partitions
% cat /proc/meminfo
% cat /proc/sys/vm/swappiness  # number from 0 - 100; the higher the number the more the system will swap
% cat /proc/interrupts   # inspect your /proc/interrupts file for multiple devices having the same interrupt
% uname -a  # system architecture
% grep ^VERSION /etc/SuSE-release  # To see which SuSE Linux version you are using
% cat /etc/mandriva-release        # To see which Mandriva Linux version you are using
% dmesg | head -1                  # full version info.
% cat /proc/version                # full version info.
% cat /etc/issue                   # display Linux distribution
% pstree
% lsof | grep TCP                  # list open files
% lsof | grep ' root ' | awk '{print $NF}' | sort | uniq | wc -l  # list number of open files for a user
% getconf     # print system configuration variables
% getconfig   # get configuration information for the Xorg server
% systool     # view system device information by bus, class, and topology
% dmidecode   # DMI table decoder
% biosdecode  # BIOS information decoder
% bind -P     # print keyboard bindings
% cat /proc/scsi/scsi
  WDC WD2000JD-22H Rev: 08.0
  SATA-I, 200 GB, 150 MB/s, 8 MB Cache, 7200 RPM

See also

  • lshw (Hardware Lister)
  • hdparm — get/set hard disk parameters

Managing modules / devices / libraries / etc

% lspci
% lsmod
% depmod
% modprobe  # tail /var/log/messages (to check success / failure)
% rmmod
% ldd /usr/bin/python   # print shared library dependencies
       linux-gate.so.1 =>  (0xffffe000)
       libpython2.5.so.1.0 => /usr/lib/libpython2.5.so.1.0 (0xb7e2e000)
       libpthread.so.0 => /lib/libpthread.so.0 (0xb7e16000)
       libdl.so.2 => /lib/libdl.so.2 (0xb7e12000)
       libutil.so.1 => /lib/libutil.so.1 (0xb7e0e000)
       libm.so.6 => /lib/libm.so.6 (0xb7de7000)
       libc.so.6 => /lib/libc.so.6 (0xb7cb9000)
       /lib/ld-linux.so.2 (0xb7f71000)

Default runlevel

It is a good idea to make the defaul runlevel for your machine "3" (i.e. full multiuser mode without X11). This will prevent your system from hanging if something is wrong with your X11 settings (the graphics).

To change the default runlevel, edit your /etc/inittab file and change the line that reads

id:5:initdefault:

to

id:3:initdefault:

Now, everytime you turn on your machine (or reboot it), you will be taken to a CLI. Login as a user (not root!) and enter the following:

% startx
see also: wikipedia:init

Linux networking

see: SuSE wireless card configuration
% hostname -i           # show current IP address
% hostname -d           # show current domain name
% domainname            # show full domain name
% cat /etc/hosts        # show host configuration
% cat /etc/sysconfig/network   # show gateway configuration
% cat /etc/resolv.conf  # show DNS configuration (aka "nameserver(s)"; one per line)
% cat /etc/iftab        # show MAC address (and various network interfaces)
% cat /proc/net/arp     # show MAC address (and various network interfaces)
% arp                   # manipulate the system ARP cache
% /etc/init.d/network restart
% route add 20.0.xxx.xxx gateway foo
% /etc/rc.local
% /etc/sysconfig/network-scripts
% /sbin/ifconfig
% ethtool -s eth0 speed 100 duplex full autoneg off  # force full-speed traffic
% ethtool eth0   # to check that it worked
% netstat -ivn   # for tuning
% mii-tool --force=100baseTx-FD eth0   # obsolete way
% netstat -nr
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
20.0.xxx.xx     20.0.xx.xx      255.255.255.0   UGH       0 0          0 eth0
% cat /proc/net/arp
IP address       HW type     Flags       HW address            Mask     Device
192.168.xxx.xxx  0x1         0x2         00:00:00:00:00:00     *        eth0
192.168.xxx.xxx  0x1         0x2         00:00:00:00:00:00     *        eth0

NFS

Check your /etc/exports for directories mountable by IP address. E.g.,

/mnt/disk/data 10.0.67.53(rw) 10.0.67.123(ro)

Add the following line (for static routes) to you /etc/sysconfig/network-scripts/route-eth0

10.0.34.54 via 10.0.67.43

You can also accomplish the above via the CLI:

ip route add 10.0.34.54 via 10.0.67.43 dev eth0

Use /etc/sysconfig/network for your default gateway. E.g.,

HOSTNAME=foo.bar.com
NETWORKING=yes
GATEWAY=10.0.54.123
GATEWAYDEV=eth0

External resources

Display (monitor / graphics card)

% cat /etc/X11/xorg.conf
% xdpyinfo | grep dimen   # for screen dimensions

If you are having trouble (in SuSE) getting your monitor to display anything (either from an initial boot or from adding a new monitor), try the following:

  • Reboot in Failsafe mode
  • Login as root
  • At the command prompt type: sax2 -m 0=vesa
  • Configure video settings and test them (it is important to test your settings first!)
  • Reboot in normal mode.

Backing up the MBR

WARNING: This article or section describes techniques which can be dangerous for your computer's hardware or the data on it. I have tested everything I describe herein on my personal computers. However, absolutely no guarantee can be made that it will work for you. Proceed with caution!

It is easy to backup and restore the master boot record (MBR) in Linux. However, caution must be exorcised when performing any of the following commands.

  • to backup
dd if=/dev/xxx of=mbr.backup bs=512 count=1
  • to restore
dd if=mbr.backup of=/dev/xxx bs=512 count=1

where xxx is the device, which can be hda, sda, or any other.

Sound problems

Note, my sound card specs: Intel Corporation 82801EB/ER (ICH5/ICH5R) AC'97 Audio Controller

  • Un-mute PCM sound
  • Check the following:
% lsmod | grep snd
% cat /etc/modprobe.conf
% vi /etc/modprobe.d/sound

(change "snd-intel8x0" to "snd_intel8x0")

% ./sbin/lspci

(list sound specs / Multimedia audio controller)

% modprobe snd-via82xx

Configuring a Firewire (IEEE1394) interface

Check that the file /etc/modules.conf (for 2.4 kernels) or /etc/modprobe.conf (for 2.6 kernels) contains the line:

alias ieee1394-controller ohci1394

Note: If you do not have a /etc/modprobe.conf file, there is a utility to create one. As root, type:

% /sbin/generate-modprobe.conf > /etc/modprobe.conf

Caution: This will overwrite the previous file (if one existed), so it would be best to back it up first. Take extra caution that it has not altered your previous (working) video and/or sound driver configurations!

You might need to reboot with your Firwire plugged in (if hotplugging is not setup) and check that the card is recognised and the module loaded with the following command (as root):

% lsmod | grep 1394
  ohci1394               32240  0
  ieee1394              286264  1 ohci1394

Adobe acroread "adobe expr: syntax error"

For some reason, after installing the latest version of Adobe Reader 7.0.9 for Linux (aka acroread; 2007-04-11) and running it, I get an infinite loop of "expr: syntax error".

After digging around Google a bit, I found a simple solution (not sure if this is the best one). /usr/bin/acroread is just a Bourne shell script text executable. Open this script and replace the following

echo $mfile| sed 's/libgtk-x11-([0-9]*).0.so.0.([0-9])00.([0-9]*)|(.*)/123/g'
#~OR~
echo $mfile| sed 's/libgtk-x11-\([0-9]*\).0.so.0.\([0-9]\)00.\([0-9]*\)\|\(.*\)/\1\2\3/g'

with the following

echo $mfile| sed 's/libgtk-x11-([0-9]*).0.so.0.([0-9]*)00.([0-9]*)|(.*)/123/g'
#~OR~
echo $mfile| sed 's/libgtk-x11-\([0-9]*\).0.so.0.\([0-9]*\)00.\([0-9]*\)\|\(.*\)/\1\2\3/g'

It is just the second 'match all digits' regex "*" symbol missing.

That should do it. Not sure why, how, or if this is the problem, but it seems to work just fine on my machine (Note: openSuSE didn't need this fix; Mandriva Linux 2007.0 did).

Hacked?

  • Check for failed logins in: /var/log/messages
  • Regularly monitor:
    • zcat /var/log/auth.log.*.gz | grep refused
    • grep -i failed /var/log/auth.log
    • last
    • w and/or who
    • uptime
  • Verify that /etc/passwd hasn't changed.
  • Check fuser for ports.
  • Search for portscans in server report.
  • Check for weird processing hogging the CPU.
  • Use fail2ban, DenyHosts, etc.

See also

Notes

  • pstree — display a tree of processes
  • lsmod — program to show the status of modules in the Linux Kernel
  • modprobe — program to add and remove modules from the Linux Kernel
  • netstat — Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships
  • lspci — list all PCI devices
  • more /usr/share/pci.ids — A list of all known PCI ID's (vendors, devices, classes, and subclasses). Maintained at The Linux PCI ID Repository, use the update-pciids utility to download the most recent version.

External links

This category currently contains no pages or media.