aix:aix_debug
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
|
aix:aix_debug [2021/01/01 21:22] 127.0.0.1 external edit |
aix:aix_debug [2022/10/24 13:23] (current) manu [Debug PAM] |
||
|---|---|---|---|
| Line 6: | Line 6: | ||
| Give an output very low level, hard to interpret. To debug into a WPAR, you have to start the trace from Global, with option -@: | Give an output very low level, hard to interpret. To debug into a WPAR, you have to start the trace from Global, with option -@: | ||
| - | <code> | + | <cli prompt='#'> |
| - | # trace -a -o /tmp/my_trace_log -@wpar1 ; clogin wpar1 enable PRINT1 ; trcstop | + | # trace -a -o /tmp/my_trace_log -@sefasblludev ; clogin sefasblludev enable PHO302C-PS ; trcstop |
| # trcrpt /tmp/my_trace_log > /tmp/my_trace_log.txt | # trcrpt /tmp/my_trace_log > /tmp/my_trace_log.txt | ||
| - | </code> | + | </cli> |
| ==== Use the truss command ==== | ==== Use the truss command ==== | ||
| More friendly: truss <options> <command to trace> | More friendly: truss <options> <command to trace> | ||
| - | <code> | + | |
| + | Debug with detailed info | ||
| + | <cli prompt='#'> | ||
| + | # truss -adeflo /tmp/dcons_truss.out dconsole -t -n systemr | ||
| + | </cli> | ||
| + | |||
| + | <cli prompt='#'> | ||
| # truss -f -t !close -o /tmp/truss.out /usr/sbin/sshd -p 4444 -d | # truss -f -t !close -o /tmp/truss.out /usr/sbin/sshd -p 4444 -d | ||
| - | </code> | + | </cli> |
| * -t !close : suppress all close system call (many unsusable line into the log file). | * -t !close : suppress all close system call (many unsusable line into the log file). | ||
| * -f : trace also children processes from main process. | * -f : trace also children processes from main process. | ||
| Line 22: | Line 28: | ||
| Basically trace a process ID: | Basically trace a process ID: | ||
| - | <code> | + | <cli prompt='#'> |
| # truss -p 348468 | # truss -p 348468 | ||
| + | </cli> | ||
| + | |||
| + | ===== Trace applications ===== | ||
| + | |||
| + | ==== Debug PAM ==== | ||
| + | |||
| + | To enable PAM debug output, complete the following steps: | ||
| + | |||
| + | Create an empty file named pam_debug in the **/etc/pam_debug** directory by using the touch command, if the file does not exist. The PAM library checks for the /etc/pam_debug file and enables syslog output if it is found. | ||
| + | |||
| + | Edit the /etc/syslog.conf file to identify a file where it will log the auth syslog messages at the priority level you want. For example, to send PAM debug-level messages to the /var/log/auth.log file, add the following text as a new line in the syslog.conf file: | ||
| + | <code> | ||
| + | *.debug /var/log/auth.log | ||
| </code> | </code> | ||
| + | |||
| + | Create the output file /var/log/auth.log, by using the touch command, if it does not exist. | ||
| + | |||
| + | To restart the syslogd daemon so that configuration changes are recognized, complete the following steps: | ||
| + | <cli prompt='#'> | ||
| + | # stopsrc -s syslogd | ||
| + | # startsrc -s syslogd | ||
| + | </cli> | ||
| + | |||
| + | ==== Debug SSH connection ==== | ||
| + | |||
| + | To start a ssh server in debug mode (will stop after first connection) | ||
| + | <cli prompt='#'> | ||
| + | # stoprs -s sshd | ||
| + | # /usr/sbin/sshd -p 22 -d | ||
| + | </cli> | ||
| + | |||
| + | Start the client in debug mode | ||
| + | <cli prompt='#'> | ||
| + | # ssh -vvv user@server1 | ||
| + | </cli> | ||
| + | |||
| + | ==== Debug LDAP client ==== | ||
| + | |||
| + | Add rotation for the debug file | ||
| + | <cli prompt='#'> | ||
| + | # cat /etc/logrotate.d/system.conf | ||
| + | /var/log/syslog/ldap.debug { | ||
| + | copytruncate | ||
| + | rotate 3 | ||
| + | size=100M | ||
| + | } | ||
| + | </cli> | ||
| + | |||
| + | Create the debug file | ||
| + | <cli prompt='#'> | ||
| + | # touch /var/log/syslog/ldap.debug | ||
| + | </cli> | ||
| + | |||
| + | Restart the LDAP daemon in debug mode | ||
| + | <cli prompt='#'> | ||
| + | [root@aix01]/root# export LDAP_DEBUG=65535 | ||
| + | [root@aix01]/root# export LDAP_DEBUG_FILE=/var/log/syslog/ldap.debug | ||
| + | [root@aix01]/root# stop-secldapclntd | ||
| + | The secldapclntd daemon is successfully terminated. | ||
| + | [root@aix01]/root# start-secldapclntd | ||
| + | Starting the secldapclntd daemon. | ||
| + | The secldapclntd daemon started successfully. | ||
| + | </cli> | ||
| + | |||
| + | ==== Debug DNS ==== | ||
| + | |||
| + | For info, only the 3 first DNS are answered, even if more are availble int /etc/resolv.conf | ||
| + | <cli prompt='#'> | ||
| + | [root@labosrv]/root# RES_OPTIONS=debug host myhost01 | ||
| + | ;; res_setoptions("debug", "env").. | ||
| + | ;; debug | ||
| + | ;; calling process id = 20840598 | ||
| + | ;; res_nquerydomain(myhost01, test.lu, 1, 1) | ||
| + | ;; res_query(myhost01.test.lu, 1, 1) | ||
| + | ;; res_nmkquery(QUERY, myhost01.test.lu, IN, A) | ||
| + | ;; res_send() | ||
| + | ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7136 | ||
| + | ;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 | ||
| + | ;; myhost01.test.lu, type = A, class = IN | ||
| + | ;; Querying server (# 1) address = 10.10.10.100 | ||
| + | ;; got answer: | ||
| + | ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7136 | ||
| + | ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 | ||
| + | ;; myhost01.test.lu, type = A, class = IN | ||
| + | myhost01.test.lu. 1M IN A 172.19.28.37 | ||
| + | test.lu. 1M IN NS dns.test.lu. | ||
| + | dns.test.lu. 1M IN A 10.10.10.100 | ||
| + | myhost01.test.lu is 10.10.10.37 | ||
| + | </cli> | ||
| ===== Debug LPAR startup ===== | ===== Debug LPAR startup ===== | ||
aix/aix_debug.1609532520.txt.gz · Last modified: 2021/01/01 21:22 by 127.0.0.1
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
