# $Header: /cvsroot/aolserver/nsxml/Makefile,v 1.3 2002/06/01 17:30:24 scottg Ex
p $
#
# nsxml –
#
#      Implements XML parser
#

ifdef INST
NSHOME ?= $(INST)
else
NSHOME ?= /usr/local/aolserver
endif

LIBXML2 =       /usr/local/lib
LIBXSLT =       /usr/local/lib

MOD       =  nsxml.so
OBJS      =  nsxml.o
HDRS      =

ifdef LIBXSLT
MODLIBS   = -L/usr/local/lib -lxml2 -lxslt
CFLAGS   += -DDO_XSLT -I/usr/local/include/libxml2 -I/usr/local/include
else
MODLIBS   = -L$(LIBXML2)/lib -lxml2
CFLAGS   += -I$(LIBXML2)/include/libxml2
endif

include  $(NSHOME)/include/Makefile.module

./configure –enable-dynamic-loading

nslibinit.c:(.text+0x0): multiple definition of `_init' ?

http://www.mail-archive.com/aolserver@listserv.aol.com/msg11286.html

List oracle running processes:
select pid as ora_pid, spid as nix_pid, serial#, background
from v$process

See which ora session is associated with which OS process:
select sid as session_id, serial#, status, process as nix_pid, sql_hash_value
from v$session;

See what SQL an oracle session is running:
select pid as ora_pid, spid as nix_spid, s.sid as session_id, users_executing, sql_text
from v$process p, v$session s, v$sqlarea a
where p.addr = s.paddr
and s.sql_hash_value = a.hash_value
order by cast(spid as int)

Declare a bind variable in Sql*Plus:
variable my_var number;

begin
:my_var := 123;
end;
/

print my_var

Have Sql*Plus ask you for a value in a query:
select *
from tblFoo
where foo_id = &myVar

Have Sql*Plus output a query as an html table:
sqlplus -s -m “HTML ON TABLE ‘border=0 cellpadding=2 cellspacing=2′” mydbuser/mydbpass @report_query.sql > report_file.html

Show user grants:
(as sysdba) select * from dba_role_privs;

Show used/free space by tablespace (in MB):

SELECT Total.name “Tablespace Name”,
nvl(Free_space, 0) Free_space,
nvl(total_space-Free_space, 0) Used_space,
total_space
FROM
(select tablespace_name, sum(bytes/1024/1024) Free_Space
from sys.dba_free_space
group by tablespace_name
) Free,
(select b.name, sum(bytes/1024/1024) TOTAL_SPACE
from sys.v_$datafile a, sys.v_$tablespace B
where a.ts# = b.ts#
group by b.name
) Total
WHERE Free.Tablespace_name(+) = Total.name
ORDER BY Total.name

Shutting down oracle:
shutdown normal

Starting up oracle:

svrmgrl

connect internal

startup

Modifying lob columns:

ALTER TABLE <table name>
    ADD (<lobcol> <LOBTYPE> <LOB_clause_same_as_for_create>) |
    MODIFY LOB (<lobcol>) (
                [PCTVERSION <version_number>]
                [ { CACHE | NO CACHE [{LOGGING | NOLOGGING}]
                          | CACHE READS [{LOGGING | NOLOGGING}]
                  }
                ]
    ) |
    MOVE [ONLINE] [<physical_attributes>] [TABLESPACE <tablespace_name>]
    [LOGGING | NOLOGGING] [<LOB_clause_same_as_for_create>]

-m = make home directory and copy skeleton files

Removing a user:
userdel -r username
-r = remove the home directory

Show user’s group membership:
groups username

Change user’s group membership:
usermod -G group1,group2,group3 username

Customize the command prompt:
PS1=”`whoami`@`hostname`#”
PS1=”[\u@\h \w]#”
\! History number of current command
\#  Command number of current command
\d Current date
\h Host name
\n Newline
\s Shell name
\t Current time
\u User name
\W Current working directory
\w Current working directory (full path)

Disk Management:
Slice = a contiguous range of blocks
8 slices per disk (generally)
1 file system per slice
File system cannot span multiple slices (without a LVM)
Slice cannot span multiple disks

Moving files with CPIO:
find . -depth | cpio -p -d -m -v /path/to/dest

See what process is preventing a umount
fuser -u /dev/dsk/c0t2d0s7

What is /var/adm/pacct:
pacct = process accounting file
ckpacct checks the size of the pacct file. If it exceeds 500 blocks (default)
accounting will be turned off

turnacct turns accounting on/off. Use switch arg to move the current pacct file to
/var/adm/pacct[filenum]

calling ckpacct will also rotate the pacct file

Privilege debugging in solaris 10:

ppriv -e -D original_command (shows what privileges the user is missing in order to run the command)

Many sites now defeat form autocompletion for username fields as well as password fields. Sorry, no I don’t remember what username I picked when I signed up with you– especially if you wouldn’t let me use my first or second choice.

One credit card company I use disallows special characters in their online account passwords. That means I had to choose a password that is actually weaker than I prefer, and it doesn’t fit the mnemonics I use to remember this stuff. That means I can either go through the password reset process a lot (irritating), guess and hope I don’t get it wrong enough times to lock out the account (also irritating), or write it down somewhere (insecure).

Same problem with sites that force periodic password changes.

Most username/password schemes are clearly meant to deal with brute force or lucky guess attacks, and of course that is a legitimate concern. However, the more complicated these schemes get and the more they vary between sites, the more users will start finding insecure coping strategies– like writing things down on paper. Now your complicated, unguessable password is out there in plaintext for everyone to see. Oops!

The limits of human memory and patience are just as much of an issue as more “obvious” security risks.

One online bank, ING Direct, has an interesting security approach that I have not seen elsewhere.  Users log in with a customer number and short ATM-style PIN. The PIN is entered either by clicking numbered  buttons or typing letter equivalents that rotate with each visit. The site tracks the user’s IP address and (IIRC) requires further validation if the IP is new. In addition, as an anti-phishing measure the site shows the user a picture and phrase they picked when setting up the account. With this approach, ING maintains account security and a smooth user experience.