HOWTO: Change your default user account to a system account

When you deploy a new Ubuntu installation, the first user it creates (uid=1000) will be given sudo privileges. Sometimes it is desirable to have a specific "admin" user on your system that is separate from your normal user accounts which are located in the uid=1000+ range. For example, if you are setting up an LDAP network. Unfortunately, you can't set the uid manually during the initial installation process but you can change it afterwards.


Note:
If you make a mistake during this procedure it is possible to lock yourself out of the system completely. This is not such an issue if this is a freshly installed system but if it is already up and running in some sort of role, then you need to be extra careful. You have been warned!


I am working here with a fresh Lucid server install, and my uid=1000 user is called "sysadmin".


Login to a console session as root;


~$ sudo -i


Manually edit your passwd file;


~# vi /etc/passwd


At the end of the file will be the entry for the "sysadmin" account;


sysadmin:x:1000:1000:system admin,,,:/home/sysadmin:/bin/bash


Change the two "1000"'s to "999";


sysadmin:x:999:999:system admin,,,:/home/sysadmin:/bin/bash


Make the same change in the "group" file;


vi /etc/group


Change the "sysadmin" line to;


sysadmin:x:999:


Changing the uid of a user will break the permissions in their home directory;
~# ls -al /home/sysadmin
total 32
drwxr-xr-x 3 1000     1000     4096 2012-05-13 13:34 .
drwxr-xr-x 3 1000     1000     4096 2012-05-13 13:32 ..
-rw------- 1 1000     1000       48 2012-05-13 13:34 .bash_history
-rw-r--r-- 1 1000     1000      220 2012-05-13 13:32 .bash_logout
-rw-r--r-- 1 1000     1000     3103 2012-05-13 13:32 .bashrc
drwx------ 2 1000     1000     4096 2012-05-13 13:33 .cache
-rw-r--r-- 1 1000     1000      675 2012-05-13 13:32 .profile
-rw-r--r-- 1 1000     1000        0 2012-05-13 13:33 .sudo_as_admin_successful
-rw------- 1 1000     1000      663 2012-05-13 13:34 .viminfo


You can fix that by issuing the following commands;


~# chown sysadmin:sysadmin /home/sysadmin
~# chown sysadmin:sysadmin /home/sysadmin/.*


When we setup LDAP later we will want to mount /home to an NFS share. Unfortunately, when we do this we will overwrite our sysadmin's home folder! Let's move it to the root ("/") directory.


~# mv /home/sysadmin /


We will need to change the path in the passwd file;


~# vi /etc/passwd


Change it from;


sysadmin:x:999:999:sysadmin,,,:/home/sysadmin:/bin/bash


to this;


sysadmin:x:999:999:sysadmin,,,:/sysadmin:/bin/bash


Check that all is well;
~# ls -al /sysadmin
total 32
drwxr-xr-x 3  sysadmin sysadmin 4096 2012-05-13 13:34 .
drwxr-xr-x 23 root     root     4096 2012-05-14 11:29 ..
-rw------- 1  sysadmin sysadmin   48 2012-05-13 13:34 .bash_history
-rw-r--r-- 1  sysadmin sysadmin  220 2012-05-13 13:32 .bash_logout
-rw-r--r-- 1  sysadmin sysadmin 3103 2012-05-13 13:32 .bashrc
drwx------ 2  sysadmin sysadmin 4096 2012-05-13 13:33 .cache
-rw-r--r-- 1  sysadmin sysadmin  675 2012-05-13 13:32 .profile
-rw-r--r-- 1  sysadmin sysadmin    0 2012-05-13 13:33 .sudo_as_admin_successful
-rw------- 1  sysadmin sysadmin  663 2012-05-13 13:34 .viminfo




On another console, confirm that you can login as the sysadmin user.


You should get a proper bash prompt;


sysadmin@ldapds:~$


Note:
If your system has a GUI login, be aware that the logon screen will not display usernames for users with a UID of less than 1000. To login using the "sysadmin" account in such a case, you would need to type the name in to the username field manually.

Create WMQ QueueManager using script

Here is a handy script to make QM on Centos. This should be run after switching to mqm user.

Save the following as create_qm.sh

#!/bin/bash 
#############################################

##            Main Routine 
#############################################

main(){
echo "Checking if [$qm] exists?..."
qm=`dspmq | awk '{ print $1 }' | sed 's/QMNAME(//g;s/)//g' | grep -o $qm`
if [ "$qm" = "" ];
then
echo "Creating: [$qm]"
`crtmqm $qm`
echo "Successfully created $q, Exiting with value 0"
 else 
echo "[$qmname], already exists"
status=`dspmq -m $qmname| cut -d '(' -f2,3 | cut -d ')' -f2 | cut -d '(' -f2`
echo status of queue manager [$qm] is [$status]
fi
echo "Exiting Main Routine.. "
}
#############################################

##                 Entry Point 
#############################################

if [ ! "$1" ];
then
echo "Fail: You must pass in a queue manager name"
exit 1
else
qm=$1
echo "Queue Manager to create = $qm"
echo "Calling Main function ... "
main $*
exit 0 
fi

Use following command to create Queue Manager

create_qm.sh TEST_QM1

Install WMQ6.0 on Centos

This article explains step-by-step installation of WMQ6.0 on Centos 6.0.

• Download WMQ6.0 from IBM Website ( login required)
• After downloading the package and extracting the same on /tmp, accept license by running mqlicense.sh script
• Install the packages, commands listed below

rpm  -ivh  MQSeriesServer-6.0.2-3.i386.rpm

rpm  -ivh  MQSeriesRuntime-6.0.2-3.i386.rpm

rpm  -ivh  MQSeriesSDK-6.0.2-3.i386.rpm

rpm  -ivh  MQSeriesSamples-6.0.2-3.i386.rpm

rpm  -ivh  MQSeriesClient-6.0.2-3.i386.rpm

rpm  -ivh  MQSeriesJava-6.0.2-3.i386.rpm

rpm  -ivh  MQSeriesTXClient-6.0.2-3.i386.rpm

rpm  -ivh  MQSeriesServer-6.0.2-3.i386.rpm

rpm  -ivh  MQSeriesMan-6.0.2-3.i386.rpm

rpm  -ivh --nodeps  MQSeriesFTA-6.0.2-3.i386.rpm

rpm  -ivh --nodeps MQSeriesIES30-6.0.2-3.i386.rpm

rpm  -ivh --nodeps MQSeriesConfig-6.0.2-3.i386.rpm

rpm  -ivh  MQSeriesKeyMan-6.0.2-3.i386.rpm

rpm  -ivh  gsk7bas-7.0-4.11.i386.rpm

rpm  -ivh  IBMJava2-142-ia32-SDK-1.4.2-9.0.i386.rpm 

• Done.

A Brief outline on IBM Webshpere MQ (WMQ)

IBM Websphere MQ (WMQ or MQ Series) is a middleware for messaging in a cross platform environment. MQI - Message Queue Interface - api used to commmunicate with a Message Queue Manager (MQM). 


Queue Manager (MQM) 

• Manages queues and messages for applications 
• Transfers messages to other Queue Managers via channels using existing network facilities. 
• It refers to objects that are defined by the administrator.
• Coordinates updates to databases and queues using two-phase commit. 
• Gets and puts from/to queues are committed together with SQL updates, or backed out if necessary. 
• Segments messages, if necessary, and assembles them. 
• Can group messages and send them as one physical message to their destination, where they are automatically disassembled. 
• Can send one message to more than one destination using a user-defined dynamic destination list. 
• Allow administrators to create and delete queues, alter properties of existing queues,control the operation of queue manager. 
• Front-end available on Eclipse to manage Queue Manager 

 Queue Manager Clusters 

• Queue Managers that form a cluster can run in the same machine or in different machines on different platforms. 
• Two of Queue Managers maintain a repository that contains information about all queue managers and queues in the cluster (full repository). Other Queue Managers maintain only a repository of the objects they are interested in (partial repository).
• Queue Managers use special cluster channels to exchange information. 
• Client application may specify a queue manager and direct the message to a specific queue in a cluster or it may let a queue manager to determine where the queue is and to which one to send the message. 
• Client uses a Transmission Queue on its machine and destination queue is called “Target Queue”. 
• Administrator must define the name of the cluster, when a queue is defined. 
• MQSeries distributes the messages round robin. 

 Queue Manager Objects 

•  A Queue Manager uses 3 types of objects, namely, Queues, Process Definitions and Channels. 
• Queues are used to store messages. 
• Process Definition object defines an application to a queue manager. It contains a name of a program (and its path) to be triggered when a message arrives for it.
• Channel is a communication link. There are 2 kinds of channels, namely, Message Channels and MQI channels. 
• Message Channel connects 2 queue managers via Message Channel Agents (MCA). Message Channel is unidirectional. 
• MCA is a program (also called mover) that transfers messages from a transmission queue to a communication link and from communication link to a target queue. 
• MQI channel connects MQSeries client to a queue manager and is bi-directional. 
• Message Channel can run at 2 speeds: fast and normal. Fast Channels improve performance but messages can be lost in case of channel failure. 

Message Queues 

• Message Queues belong to Queue Manager. 
• Types of Messages Queues are: 
• Local Queue – is a real queue
• Cluster Queue – is a local queue that is known throughout a cluster of queue managers. 
• Remote Queue – structure describing a queue hosted by a different queue manager. 
• Transmission Queue – a local queue used for messages to be sent to a remote queue. 
• Initiation Queue – local queue with a special purpose 
• Dynamic Queue – local queue created on the fly 
• Alias Queue - if you do not like the queue name 
• Dead-Letter Queue – one for each queue manager 
• Reply-to Queue – specified in request message 
• Model Queue – model for local queues 
• Repository Queue – hold cluster information