tag:blogger.com,1999:blog-72491042078432234562024-03-21T22:33:08.489-07:00Sysadmin's NotepadMikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.comBlogger42125tag:blogger.com,1999:blog-7249104207843223456.post-53503689222711799702019-07-12T14:57:00.001-07:002019-07-12T14:57:28.722-07:00Fedora Cinnamon Dual Monitor Display with Nvidia xorg.confI've recently changed my display from standard 60Hz monitors to 1920x1080 144Hz.<br />
<br />
Unfortunately on my Fedora 30 running Cinnamon they're always set to 60Hz frequency.<br />
<br />
To get 144Hz mode(or any other custom xorg.conf) you need to:<br />
1) disable Cinnamon's xrandr daemon:<br />
mv /etc/xdg/autostart/cinnamon-settings-daemon-xrandr.desktop /root<br />
2) generate custom xorg.conf config using Nvidia X Server Settings GUI<br />
For me I had to manually set resolution to 1920x1080 and refresh rate to 144Hz for both screens.<br />
Save it as /etc/X11/xorg.conf<br />
Note that by default Fedora does not have that file<br />
3) Reboot and voilà<br />
Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-35008289830755996562016-09-12T03:45:00.004-07:002016-09-12T03:45:57.150-07:00rsyslogd dying during heavy loadThere was a case where <b>rsyslogd (rsyslog5-5.8.12-7)</b> was terminating when it got too many incoming logs to process and the central syslog server was not responding in timely manner.<br />
<br />
A few extra config settings to the existing queues have helped to withstand the load:<br />
<span style="color: lime;"><b><span style="font-family: "Courier New",Courier,monospace;">$ActionQueueFileName logfile </span></b></span><br />
<span style="color: lime;"><b><span style="font-family: "Courier New",Courier,monospace;">$ActionQueueSize 100000</span></b></span><br />
<span style="color: lime;"><b><span style="font-family: "Courier New",Courier,monospace;">$ActionQueueSaveOnShutdown on</span></b></span><br />
<span style="color: lime;"><b><span style="font-family: "Courier New",Courier,monospace;">$ActionQueueResumeInterval 10<br />$ActionQueueDiscardMark 97500<br />$ActionQueueHighWaterMark 80000<br />$ActionQueueCheckpointInterval 100<br />$ActionQueueMaxDiskSpace 2g</span></b></span><br />
<span style="color: lime;"><b><span style="font-family: "Courier New",Courier,monospace;">$ActionQueueTimeoutEnqueue 0</span></b></span><br />
<span style="color: lime;"><b><span style="font-family: "Courier New",Courier,monospace;">$ActionQueueDiscardSeverity 0 </span></b></span><br />
<span style="color: lime;"><b><span style="font-family: "Courier New",Courier,monospace;">$ActionQueueType LinkedList</span></b></span><br />
<span style="color: lime;"><b><span style="font-family: "Courier New",Courier,monospace;">$ActionQueueResumeRetryCount -1</span></b></span><br />
Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-41853100124538722282016-09-03T05:14:00.000-07:002016-09-03T05:14:07.396-07:00How to fix rpmdb/yum issuesDuring my last <b>yum update</b> I ran out of memory and update has been aborted leaving <b>rpmdb</b> in inconsistent state.<br />
<br />
When I tried to run it again I've got following error message:<br />
<span style="font-family: "Courier New",Courier,monospace;"><b>Found 6 pre-existing rpmdb problem(s), 'yum check'</b></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b>cronie-1.4.4-16.el6_8.2.x86_64 is a duplicate with cronie-1.4.4-15.el6_7.1.x86_64<br />cronie-anacron-1.4.4-16.el6_8.2.x86_64 is a duplicate with cronie-anacron-1.4.4-15.el6_7.1.x86_64<br />[..]</b></span><br />
<br />
Quick fix:<br />
<span style="font-family: "Courier New",Courier,monospace;"><b>package-cleanup --cleandupes</b></span><br />
<br />
or:<br />
<span style="font-family: "Courier New",Courier,monospace;"><b>package-cleanup --dupes</b></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b>yum-complete-transaction </b></span><br />
<br />
<br />If you're lucky it should remove old package versions. <br />
<br />
<b>package-cleanup </b>can also be executed with <b>--problems </b>flag.<br />
<br />
Another cool feature of<b> package-cleanup </b>command is the ability to remove old kernel versions automagically:<br />
<span style="font-family: "Courier New",Courier,monospace;"><b>package-cleanup --oldkernels</b></span><br />
<br />Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com1tag:blogger.com,1999:blog-7249104207843223456.post-91081858083518259282016-08-27T15:59:00.000-07:002016-08-27T15:59:34.380-07:00Mod_security issues with Roundcube, opencloud and other softwareIn case you find <b>roundcube</b>, <b>opencloud</b> or any other software working under <b>apache/mod_security </b>server having issues or strange behaviour check<span style="font-family: "Courier New",Courier,monospace;"><b> /var/log/httpd/modsec_audit.log</b></span> for errors.<br />
<br />
In my case I was not able to send/forward emails with national ("non-english") characters in the message content.<br />
<br />
Some of the <b>mod_security</b> rules are outdated and they can produce false-positives.<br />
<br />
Sample issue:<br />
<b><span style="font-family: "Courier New",Courier,monospace;">Message: Access denied with code 403 (phase 2). Pattern match "\\W{4,}" at ARGS:_message. [file "/etc/httpd/modsecurity-crs/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "37"] [<span style="color: lime;">id "960024"</span>] [rev "2"] [msg "Meta-Character Anomaly Detection Alert - Repetative Non-Word Characters"] [data "Matched Data: ):\x0d\x0a> found within ARGS:_message:...</span></b><br />
<br />
If you believe that rule is not needed for your application you need to edit httpd.conf and add following rule to your (VirtualHost) config:<br />
<span style="font-family: "Courier New",Courier,monospace;"><b>SecRuleRemoveById 960024</b></span><br />
<br />
<b>Restart apache</b>, check if your app works now, if not - check for more issues in <b>modsec_audit.log</b>.Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com1tag:blogger.com,1999:blog-7249104207843223456.post-73174743244060357512016-08-07T05:48:00.001-07:002016-08-07T05:50:30.166-07:00Cannot start teamviewer in Fedora 24<span style="font-family: "arial" , "helvetica" , sans-serif;">Default installation of <b>Teamviewer</b> on <b>Fedora 24 </b>will not start due to <b>SELinux</b> issues.</span><br />
<b><span style="font-family: "courier new" , "courier" , monospace;"><br /></span></b>
<b><span style="font-family: "courier new" , "courier" , monospace;"># systemctl -a | grep teamviewer<br /> teamviewerd.service loaded <span style="color: red;">inactive dead </span> TeamViewer remote control daemon<br /><br /># systemctl start teamviewerd.service<br />Job for teamviewerd.service failed because a fatal signal was delivered to the control process. See "systemctl status teamviewerd.service" and "journalctl -xe" for details.</span></b><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">To fix it you can use <b>SELinux GUI </b>tool:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><b>sealert -b </b></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Or <b>CLI</b> tool:</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-family: "courier new" , "courier" , monospace;"><b>ausearch -c 'teamviewerd'</b></span></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">Or you can check system logs:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><b># journalctl -xe<br />aug 04 14:23:17 fedora setroubleshoot[3240]: <span style="color: red;">SELinux is preventing teamviewerd from using the execmem access on a process.</span> For complete SELinux messages. run sealert -l 7c667284-3d59-4c06-9535-2aed4b8015df<br />aug 04 14:23:17 fedora python3[3240]: SELinux is preventing teamviewerd from using the execmem access on a process.<br /> <br /> ***** Plugin catchall (100. confidence) suggests **************************<br /> <br /> If you believe that teamviewerd should be allowed execmem access on processes labeled init_t by default.<br /> Then you should report this as a bug.<br /> You can generate a local policy module to allow this access.<br /> Do<br /> allow this access for now by executing:<br /> <span style="color: lime;"># ausearch -c 'teamviewerd' --raw | audit2allow -M my-teamviewerd<br /> # semodule -X 300 -i my-teamviewerd.pp</span></b></span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-family: "arial" , "helvetica" , sans-serif;">T</span>he solution<span style="font-family: "arial" , "helvetica" , sans-serif;">(shown as a hint in <b>sealert</b> and <b>journalctl</b>)</span>, which is to run:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><b># ausearch -c 'teamviewerd' --raw | audit2allow -M my-teamviewerd<br /># semodule -X 300 -i my-teamviewerd.pp</b></span><br />
<br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"> After that you should be able to start <b>Teamviewer</b> service:</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="font-family: "courier new" , "courier" , monospace;"><b> systemctl start teamviewerd.service<br />[root ~] # systemctl status teamviewerd.service<br />● teamviewerd.service - TeamViewer remote control daemon<br /> Loaded: loaded (/etc/systemd/system/teamviewerd.service; enabled; vendor preset: disabled)<br /> Active: <span style="color: lime;">active (running)</span> since sun 2016-08-04 14:32:45 CEST; 1min 50s ago<br /> Process: 4228 ExecStart=/opt/teamviewer/tv_bin/teamviewerd -d (code=exited, status=0/SUCCESS)<br /> Main PID: 4230 (teamviewerd)<br /> Tasks: 19 (limit: 512)<br /> CGroup: /system.slice/teamviewerd.service<br /> └─4230 /opt/teamviewer/tv_bin/teamviewerd -d<br /><br />aug 04 14:32:45 fedora systemd[1]: Starting TeamViewer remote control daemon...<br />aug 04 14:32:45 fedora systemd[1]: teamviewerd.service: PID file /var/run/teamviewerd.pid not readable (yet?) after start: No such file or directory<br />aug 04 14:32:45 fedora systemd[1]: Started TeamViewer remote control daemon.<br /> </b></span></span>Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com1tag:blogger.com,1999:blog-7249104207843223456.post-5059316900349502892016-06-13T16:15:00.000-07:002016-06-13T16:15:00.226-07:00fail2ban not working on EL6/Centos 6I've noticed that <b>fail2ban</b> do not ban every host/IP which it should after a while.<br />
<br />
First I checked if my regexps are correct:<br />
<span style="font-family: "Courier New",Courier,monospace;"><b>fail2ban-regex /var/log/maillog /etc/fail2ban/filter.d/postfix-auth.conf --print-all-matched</b></span><br />
<br />
Fortunately I've seen a lot of hits but most of them were not banned.<br />
It appears that <b>fail2ban</b> is having issues monitoring log files.<br />
Quick fix is to change the file monitoring backend from <b>auto</b> to <b>polling</b>.<br />
Python inotify(<b>pyinotify</b>) or <b>gamin</b> may not work properly - you can read more about it here: <a href="https://github.com/fail2ban/fail2ban/issues/44">https://github.com/fail2ban/fail2ban/issues/44</a><br />
<br />
Edit your<span style="font-family: "Courier New",Courier,monospace;"><b> jail.local </b></span>file, at the top add the following:<br />
<span style="font-family: "Courier New",Courier,monospace;"><b>[DEFAULT]</b></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b>backend = polling</b></span><br />
<br />
Restart <b>fail2ban</b> and check its log file to see if it bans every IP it should.Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-84203189448710577472016-06-11T19:00:00.000-07:002016-06-11T19:00:00.152-07:00using fail2ban to protect postfix/smtpd serviceRecently I have found a lot of "<b>lost connection after</b>" entries in /<span style="font-family: "Courier New",Courier,monospace;"><b>var/log/maillog</b></span> file:<br />
<span style="font-family: "Courier New",Courier,monospace;"><b>lost connection after AUTH from unknown[IP.address]</b></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b>lost connection after CONNECT </b></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b>lost connection after RCPT </b></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b>lost connection after STARTTLS </b></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b>lost connection after UNKNOWN</b></span><br />
<br />
It's possibly some kind of botnet trying to deliver spam using my mail server.<br />
It won't work but it's still nice to get rid of such clients on the firewall level.<br />
<br />
First you need to create a rule for fail2ban - create <span style="font-family: "Courier New",Courier,monospace;"><b>/etc/fail2ban/filter.d/postfix-auth.conf </b></span>and put the following config: <br />
<span style="font-family: "Courier New",Courier,monospace;"><b># Fail2ban postfix-auth filter<br />[INCLUDES]<br />before = common.conf</b></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b><br />[Definition]<br />_daemon = postfix/smtpd<br />failregex = ^%(__prefix_line)slost connection after .*\[<HOST>\]$<br />ignoreregex =</b></span><br />
<br />
Next edit <span style="font-family: "Courier New",Courier,monospace;"><b>/etc/fail2ban/jail.conf </b></span>and add <b>postfix-auth service</b> at the end of file:<br />
<span style="font-family: "Courier New",Courier,monospace;"><b>[postfix-auth]<br />enabled = true<br />port = smtp,ssmtp<br />filter = postfix-auth<br />action = iptables[name=SMTP-auth, port=smtp, protocol=tcp]<br />logpath = /var/log/maillog<br />maxretry = 2<br />bantime = 36000<br />findtime = 300</b></span><br />
<br />
Finally <b>restart</b> <b>fail2ban</b> <b>service</b> and check <span style="font-family: "Courier New",Courier,monospace;"><b>/var/log/messages</b></span> or <b>iptables</b> to see if your new rule works fine:<br />
<span style="font-family: "Courier New",Courier,monospace;"><b>service fail2ban restart</b></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b>grep Ban /var/log/messages</b></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b>iptables -nvL</b></span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;"><b>/var/log/maillog </b></span>logpath is for Centos/Redhat.<br />
For other distros make sure to point out proper <span style="font-family: "Courier New",Courier,monospace;"><b>mail.log</b></span> file.Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com3tag:blogger.com,1999:blog-7249104207843223456.post-32519259307013895202016-06-08T18:44:00.002-07:002016-06-08T18:44:30.271-07:00How to disable new version notification popup in Sublime Text 3?If you don't want to see "Update Available" / "A new version of Sublime Text is available" / "An update has been found" and similar annoying notifications try this:<br />
<br />There is an option you could use if you have bought the license - put <b>"update_check": false </b>in <b>Settings - User </b>config file.<br />
<br />This doesn't work for unlicensed copies. <br />You can still check where <b>Sublime Text 3 </b>is connecting to check the update and block that host on firewall.<br />In my case blocking 209.20.75.76 worked.<br /><b><br />How to block a host in firewalld (Fedora 23)?</b><br />
<b> </b><br /><b><span style="font-family: "Courier New",Courier,monospace;">firewall-cmd --permanent --direct --add-rule ipv4 filter OUTPUT 0 -d 209.20.75.76 -j DROP </span></b><br />
<br />
<span style="font-family: inherit;">Check /etc/firewalld/direct.xml to see what custom rules have been configured.</span>Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-80744652118093400632015-09-10T06:29:00.000-07:002015-09-10T06:29:00.491-07:00Failed login control on RHEL6 with pam_tally2<span style="font-family: Arial, Helvetica, sans-serif;"><b>pam_tally2</b> module is available in RHEL and CentOS and it can be used to protect your system against bruteforce attacks.</span><br />
<br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Enabling pam_tally2</span></h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Edit <span style="font-family: "Courier New",Courier,monospace;"><b>/etc/pam.d/password-auth</b></span> and add this line on top of the <b>auth </b>lines:</span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b>auth required pam_tally2.so onerr=fail deny=3 unlock_time=900</b></span><br />
<br />
<span style="font-family: Arial, Helvetica, sans-serif;">Then add following line on top of the <b>account </b>lines:</span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b>account required pam_tally2.so</b></span><br />
<br />
<span style="font-family: Arial, Helvetica, sans-serif;">Parameters to this module are simple:</span><br />
<b><span style="font-family: Arial, Helvetica, sans-serif;">onerr=fail</span></b><br />
<span style="font-family: Arial, Helvetica, sans-serif;">If something weird happens (like unable to open the file), return with PAM_SUCCESS if <b>onerr=succeed </b>is given, else with the corresponding PAM error code. </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><b>deny=3</b> </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Deny access if tally for this user exceeds 3 times.</span><br />
<br />
<span style="font-family: Arial, Helvetica, sans-serif;"><b>unlock_time=900</b> </span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Allow access after 900 seconds (15 minutes) after failed attempt. If this option is used the user will be locked out for the specified amount of time after he exceeded his maximum allowed attempts. If this option is not set administrator will need to unlock user's account manually.</span><br />
<br />
<span style="font-family: Arial, Helvetica, sans-serif;">Check if you have following options set in<span style="font-family: "Courier New",Courier,monospace;"><b> /etc/ssh/sshd_config</b></span>:</span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b>UsePAM yes<br />ChallengeResponseAuthentication yes</b></span><br />
<br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Testing pam_tally2</span></h3>
<span style="font-family: Arial, Helvetica, sans-serif;"><b><span style="font-family: "Courier New",Courier,monospace;">login as: pajarito<br />Using keyboard-interactive authentication.<br />Password:<br />Access denied<br />Using keyboard-interactive authentication.<br />Password:<br />Access denied<br />Using keyboard-interactive authentication.<br />Password:<br />Access denied<br />Using keyboard-interactive authentication.<br /><span style="color: red;">Account locked due to 3 failed logins</span><br />Password:</span></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">As you can see after third attempt user's account was locked.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<h3>
<span style="font-family: Arial, Helvetica, sans-serif;">Verifying and unlocking users</span></h3>
<span style="font-family: Arial, Helvetica, sans-serif;">To check current <b>pam_tally2 </b>statistics run <span style="font-family: "Courier New",Courier,monospace;"><b>pam_tally2</b></span> command:</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="font-family: "Courier New",Courier,monospace;"><b># pam_tally2<br />Login Failures Latest failure From<br />jsmith 3 09/09/15 15:17:21 evil.attacker.com</b></span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">To unlock a user use the <span style="font-family: "Courier New",Courier,monospace;"><b>"-r"</b></span> flag:</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="font-family: "Courier New",Courier,monospace;"><b># pam_tally2 -u pajarito -r<br />Login Failures Latest failure From<br />jsmith 3 09/09/15 15:20:49 evil.attacker.com</b></span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Finally if the output of <b>pam_tally2</b> is empty it means that no account has been locked.</span><br />
<br />Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-452034481080454892015-09-07T10:57:00.000-07:002015-09-07T10:57:00.426-07:00Automated partition creation with fdisk and sfdisk<span style="font-family: Arial, Helvetica, sans-serif;">To perform automated partition creation or modification you can pass all the commands via echo directly to <span style="font-family: "Courier New",Courier,monospace;"><b>fdisk</b></span>:<br /><br /><span style="font-family: "Courier New",Courier,monospace;"><b>echo -e "o\nn\np\n1\n\n\nw" | fdisk /dev/sdc</b></span><br /><br />The commands are:<br /><b>o</b> - create a new empty DOS partition table<br /><b>n</b> - add a new partition<br /><b>p </b>- create primary partition<br /><b>(enter) </b>- set first cylinder to the default value (1)<br /><b>(enter) </b>- set the last cylinder to the default value (end of the drive)<br /><b>w</b> - write table to disk and exit</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<br />
<h2>
<span style="font-family: Arial, Helvetica, sans-serif;">Quick way to clone partition table from one drive to another</span></h2>
<span style="font-family: Arial, Helvetica, sans-serif;"><br />You can use <span style="font-family: "Courier New",Courier,monospace;"><b>sfdisk </b></span>to save the partition table from the already prepared drive and copy it to another.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">As you can see below<b> "-d" </b>option will create a text file which can be easily altered if needed.<br /><br /><b><span style="font-family: "Courier New",Courier,monospace;">[root@centos ~]# sfdisk -d /dev/sdb > file<br /> </span></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><b><span style="font-family: "Courier New",Courier,monospace;">[root@centos ~]# cat file<br /># partition table of /dev/sdb<br />unit: sectors<br /><br />/dev/sdb1 : start= 63, size= 1044162, Id=83<br />/dev/sdb2 : start= 0, size= 0, Id= 0<br />/dev/sdb3 : start= 0, size= 0, Id= 0<br />/dev/sdb4 : start= 0, size= 0, Id= 0<br /> </span></b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><b><span style="font-family: "Courier New",Courier,monospace;">[root@centos ~]# sfdisk /dev/sdc < file<br /># sfdisk /dev/sdc < file<br />Checking that no-one is using this disk right now ...<br />OK<br /><br />Disk /dev/sdc: 65 cylinders, 255 heads, 63 sectors/track<br /> /dev/sdc: unrecognized partition table type<br />Old situation:<br />No partitions found<br />New situation:<br />Units = sectors of 512 bytes, counting from 0<br /><br /> Device Boot Start End #sectors Id System<br />/dev/sdc1 63 1044224 1044162 83 Linux<br />/dev/sdc2 0 - 0 0 Empty<br />/dev/sdc3 0 - 0 0 Empty<br />/dev/sdc4 0 - 0 0 Empty<br />Warning: no primary partition is marked bootable (active)<br />This does not matter for LILO, but the DOS MBR will not boot this disk.<br />Successfully wrote the new partition table<br /><br />Re-reading the partition table ...<br /><br />If you created or changed a DOS partition, /dev/foo7, say, then use dd(1)<br />to zero the first 512 bytes: dd if=/dev/zero of=/dev/foo7 bs=512 count=1<br />(See fdisk(8).)</span></b></span>Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-89507219013222140182015-09-04T07:02:00.001-07:002015-09-04T07:13:18.631-07:00Simple process monitoring script with email alerting<span style="font-family: Arial,Helvetica,sans-serif;">If you don't have or don't want to install additional software for system/application monitoring (like <b>Nagios</b>, <b>Zabbix</b>, <b>Munin</b>, <b>Big Brother</b>, etc.) you may use this simple script:</span><br />
<br />
<span style="font-family: Arial,Helvetica,sans-serif;"><span style="font-family: "Courier New",Courier,monospace;"><b></b></span></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b>#!/bin/bash<br /><br />MAIL="your@email.address"<br />PROGRAM="httpd"<br />HOST=$(uname -n)<br />DATE=$(date)<br />TMPFILE=/var/tmp/monitor-$(PROGRAM).lock<br /><br />OUTPUT=$(ps -ef | grep -c "$PROGRAM")<br />if [ $OUTPUT -eq 1 ]; then</b></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b> if [ -f $TMPFILE ]; then</b></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b> echo "Lock file exists"<br /> else<br /> echo "$DATE $HOST program \"$PROGRAM\" is not running" | mailx -s "\"$PROGRAM\" is not running on $HOST" $MAIL<br /> touch $TMPFILE</b></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b> fi<br />fi</b></span>
<span style="font-family: Arial,Helvetica,sans-serif;"> </span><br />
<br />
<span style="font-family: Arial,Helvetica,sans-serif;">In <b>PROGRAM </b>variable put the name of the process that you expect to be running, make sure that the monitoring script name will not contain the same string.</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;">Basically, if the program is running <span style="font-family: "Courier New",Courier,monospace;"><b>"ps -ef | grep program" </b></span>will return 2 or more rows (one with the program itself and the second one with <b>"grep program"</b>).</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;">Otherwise it will only return one row (<b>"grep program"</b>) which will trigger the alert and you will get an email.</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;">By creating <b>TMPFILE </b>script will avoid bothering you again and again about the same issue.</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;">Make sure to remove that file after you restart monitored process.</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: Arial,Helvetica,sans-serif;">Once the script is ready save it and add to <b>cron</b>, i.e.:</span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b>$ crontab -e</b></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b>* * * * * /path/to/the/script > /dev/null 2>&1</b></span><br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "Courier New",Courier,monospace;"><b><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhsP5r-fyXd4_2RFx8E6hfSDupX7ira_bpAi-CkZ5iiDuBA2IGtPeKvXKRtA1q9yttHjUwmWPupUQIixZEWZiBnjEP9CS6QM_cwZGwK3ugD1TtPcp9-tWy9KwZqjrVnXT9chow7fQSvMxM/s1600/monitoring.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="299" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhsP5r-fyXd4_2RFx8E6hfSDupX7ira_bpAi-CkZ5iiDuBA2IGtPeKvXKRtA1q9yttHjUwmWPupUQIixZEWZiBnjEP9CS6QM_cwZGwK3ugD1TtPcp9-tWy9KwZqjrVnXT9chow7fQSvMxM/s400/monitoring.png" width="400" /></a></b></span></div>
<span style="font-family: "Courier New",Courier,monospace;"><b> </b></span><br />
<br />Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-1769100673236631122015-08-28T10:29:00.000-07:002015-08-28T10:29:00.145-07:00can't start kdump service on virtual machine<b><span style="font-family: "Courier New",Courier,monospace;"># service kdump start<br />No kdump initial ramdisk found. [WARNING]<br />Rebuilding /boot/initrd-2.6.32-504.23.4.el6.x86_64kdump.img<br />No module vmmemctl found for kernel 2.6.32-504.23.4.el6.x86_64, aborting.<br />Failed to run mkdumprd</span></b><br />
<b><span style="font-family: "Courier New",Courier,monospace;"># lsmod | grep vmmemctl<br />vmmemctl 13966 0</span></b><br />
<span style="font-family: Arial, Helvetica, sans-serif;"></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"></span><br />
<br />
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;">Fixing <b>VMMEMCTL </b>module issue:</span></h3>
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;"></span></h3>
<span style="font-family: Arial,Helvetica,sans-serif;">You can disable this module by editing <b> /etc/vmware-tools/locations </b>and changing answer <b>VMMEMCTL_CONFED </b>from <b>yes </b>to <b>no</b>.</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;"><br /></span>
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;">More general approach:</span></h3>
<span style="font-family: Arial,Helvetica,sans-serif;">More general way to handle missing modules is to ignore the ones which can not be found:<br />Edit<b> /etc/sysconfig/kdump</b> and set <b>MKDUMPRD_ARGS="--allow-missing"</b><br /><span style="font-family: "Courier New",Courier,monospace;"><b># service kdump start<br />WARNING: No module vmmemctl found for kernel 2.6.32-504.23.4.el6.x86_64, continuing anyway</b></span></span>Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-90882586918038288242015-08-25T09:38:00.000-07:002015-08-25T09:38:00.321-07:00Difference between du and df outputs<span style="font-family: "Courier New",Courier,monospace;"><span style="font-family: Arial,Helvetica,sans-serif;">Sometimes people say they performed cleanup but filesystem is still (almost) full and df is giving different results than du:<br /><br /><b><span style="font-family: "Courier New",Courier,monospace;">$ df -h /tmp<br />Filesystem Size Used Avail Use% Mounted on<br />/dev/sda3 20G 19G 0 100% /tmp<br /><br />$ du -sm /tmp<br />1 /tmp</span></b><br /><br />To find the missing bit you need to check if the deleted files are still in use (in other words those files might be still open):<br /><span style="font-family: "Courier New",Courier,monospace;"><b># lsof | grep deleted<br />mysqld 2456 mysql 5u REG 0,19 0 2025554220 (deleted) /tmp/iboy1WVS<br />mysqld 2456 mysql 6u REG 0,19 0 2025554284 (deleted) /tmp/ibwlUTGy<br />mysqld 2456 mysql 7u REG 0,19 0 2025554322 (deleted) /tmp/ibecOavf<br />[..]</b></span><br /><br />To reclaim the space you need to bounce the process which is still using those files.<br />If you can't or don't want to kill running proceses you can try to truncate those "deleted" files:<br /><span style="font-family: "Courier New",Courier,monospace;"><b>cat /dev/null > /proc/2456/fd/5<br />cat /dev/null > /proc/2456/fd/6<br />cat /dev/null > /proc/2456/fd/7</b></span></span><b><br /></b></span>Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-22255963805862211902015-08-23T08:47:00.000-07:002015-08-23T08:47:15.809-07:00How to check if disk is failing or failed on Solaris<h2>
<span style="font-family: Arial,Helvetica,sans-serif;">How to check if disk is failing or failed on Solaris</span></h2>
<h2>
<span style="font-family: Arial,Helvetica,sans-serif;"></span></h2>
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;">Failed disk:</span></h3>
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;"></span></h3>
<span style="font-family: Arial,Helvetica,sans-serif;">1. It shows <b>"disk not responding to selection"</b> in <b>/var/adm/messages</b><br />2. It only shows increased transport errors<br />3. it's not visible under <b>format </b>command ("<b>disk not available</b>")<br /></span><br />
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;">Failing disk:</span></h3>
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;"></span></h3>
<span style="font-family: Arial,Helvetica,sans-serif;">1. It shows <b>read/write errors</b> in <b>/var/adm/messages</b><br />2. Soft/Hard error counters are increasing<br />3. Disk is available under <b>format </b>command<br /></span><br />
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;">On old Sun Fire V440 it looks like this: </span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGpCRHzK1zEI4WzekhwQsXY10wMxKG1qmGu492vJSkagAcnriNCJybNonHZi_yH-n60hR5PXMPvfyN5Xc6t8XuRCAXY5y6Ak37p1JmSKBPB-3wwsJxZv7_m37Jt26TogAH7XUltpC5sl4/s1600/SunFireV440_front_zoom.jpg" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a></h3>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGpCRHzK1zEI4WzekhwQsXY10wMxKG1qmGu492vJSkagAcnriNCJybNonHZi_yH-n60hR5PXMPvfyN5Xc6t8XuRCAXY5y6Ak37p1JmSKBPB-3wwsJxZv7_m37Jt26TogAH7XUltpC5sl4/s1600/SunFireV440_front_zoom.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><br /></a></div>
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;"></span></h3>
<span style="font-family: Arial,Helvetica,sans-serif;"><b>/var/adm/messages</b> contain:<br /><span style="color: red;"><b><span style="font-family: "Courier New",Courier,monospace;">Aug 21 13:48:57 servername scsi: [ID 107833 kern.warning] WARNING: /pci@1f,700000/scsi@2/sd@0,0 (sd1):<br />Aug 21 13:48:57 servername disk not responding to selection</span></b></span><br /><br /><b>iostat -En </b>shows only transport errors:<br /><b><span style="font-family: "Courier New",Courier,monospace;">c1t0d0 Soft Errors: 0 Hard Errors: 0 <span style="color: red;">Transport Errors: 1</span><br />Vendor: FUJITSU Product: MAW3073NCSUN72G Revision: 1703 Serial No: XXX <br />Size: 73.40GB <73400057856 bytes><br />Media Error: 0 Device Not Ready: 0 No Device: 0 Recoverable: 0 <br />Illegal Request: 0 Predictive Failure Analysis: 0</span></b><br /><br />Under <b>format </b>disk is no longer available:<br /><b><span style="font-family: "Courier New",Courier,monospace;">AVAILABLE DISK SELECTIONS:<br /> 0. c1t0d0 <span style="color: red;"><drive not available></span><br /> /pci@1f,700000/scsi@2/sd@0,0<br /> 1. c1t1d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424><br /> /pci@1f,700000/scsi@2/sd@1,0</span></b><br /><br /><b>metastat </b>output:<br /><b><span style="font-family: "Courier New",Courier,monospace;"># metastat d6<br />d6: Mirror<br /> Submirror 0: d16<br /> State: Okay <br /><span style="color: red;"> Submirror 1: d26<br /> State: Needs maintenance</span><br />...<br />d26: Submirror of d6<br /><span style="color: red;"> State: Needs maintenance<br /> Invoke: metareplace d6 c1t0d0s2 <new device></span></span></b></span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGpCRHzK1zEI4WzekhwQsXY10wMxKG1qmGu492vJSkagAcnriNCJybNonHZi_yH-n60hR5PXMPvfyN5Xc6t8XuRCAXY5y6Ak37p1JmSKBPB-3wwsJxZv7_m37Jt26TogAH7XUltpC5sl4/s1600/SunFireV440_front_zoom.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="152" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGpCRHzK1zEI4WzekhwQsXY10wMxKG1qmGu492vJSkagAcnriNCJybNonHZi_yH-n60hR5PXMPvfyN5Xc6t8XuRCAXY5y6Ak37p1JmSKBPB-3wwsJxZv7_m37Jt26TogAH7XUltpC5sl4/s320/SunFireV440_front_zoom.jpg" width="320" /></a></div>
<h3>
</h3>
Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-42084778677568495322015-08-20T01:54:00.003-07:002015-08-20T01:54:46.283-07:00changing ILO settings from OS using hponcfg<span style="font-family: Arial,Helvetica,sans-serif;"><b>hponcfg </b>is quite useful tool if you're going to automate changing ILO settings on multiple machines.<br />It works the same way on various versions of ILO.<br /></span><br />
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;">To get the current settings into file:</span></h3>
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;"></span></h3>
<span style="font-family: Arial,Helvetica,sans-serif;"><span style="font-family: "Courier New",Courier,monospace;"><b>hponcfg -w current.xml </b></span><br /><br />Note: I've noticed that it won't drop the "whole" config but only the most important things (i.e. secondary and tertiary dns server won't be included even if it's defined).<br /></span><br />
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;">To set some new settings described in the xml file:</span></h3>
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;"></span></h3>
<span style="font-family: Arial,Helvetica,sans-serif;"><span style="font-family: "Courier New",Courier,monospace;"><b>hponcfg -f update.xml </b></span><br /><br />Note: you don't need to put whole config, you can change one parameter if needed.<br /><br /></span><br />
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;">If you're lucky and ILO driver works properly you should see something like this:</span></h3>
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;"></span></h3>
<span style="font-family: Arial,Helvetica,sans-serif;"><span style="font-family: "Courier New",Courier,monospace;"><b>hponcfg -w current.xml<br />HP Lights-Out Online Configuration utility<br />Version 4.0.1 Date 09/24/2012 (c) Hewlett-Packard Company, 2012<br />Firmware Revision = 1.16 Device type = iLO 3 Driver name = <br />Management Processor configuration is successfully written to file</b></span><br /></span><br />
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;">If you can't connect to ILO from OS:</span></h3>
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;"></span></h3>
<span style="font-family: Arial,Helvetica,sans-serif;"><span style="font-family: "Courier New",Courier,monospace;"><b>HPONCFG RILOE-II/iLO setup and configuration utility<br />Version 4.0.1 </b></span></span><span style="font-family: Arial,Helvetica,sans-serif;"><span style="font-family: "Courier New",Courier,monospace;"><b><span style="font-family: Arial,Helvetica,sans-serif;"><span style="font-family: "Courier New",Courier,monospace;"><b>Date 09/24/2012 </b></span></span>(c) Hewlett-Packard Company, 2012</b></span><br /><span style="font-family: "Courier New",Courier,monospace;"><b><br />ERROR: Unable to establish communication with iLO/RILOE-II.</b></span><br /><br />Try to restart <b>hp-snmp-agents</b> and usually it will resolve the problem.<br /><br /><span style="font-family: "Courier New",Courier,monospace;"><b>/etc/init.d/hp-snmp-agents stop<br />/etc/init.d/hp-snmp-agents start</b></span><br /></span>Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-7596071477848485802015-06-20T15:28:00.001-07:002015-06-20T15:28:14.323-07:00Solaris gzip and tar one-liners<span style="font-family: Arial,Helvetica,sans-serif;">As the Solaris <b>tar </b>do not handle compression you can use following one-liners to get the files archived and compress in one line:</span><br />
<b><span style="font-family: Arial,Helvetica,sans-serif;"><br /></span></b>
<br />
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;">1. Archive and compress folder:</span></h3>
<b><span style="font-family: "Courier New",Courier,monospace;">tar cf - folder_name | gzip -c > filename.tar.gz</span></b><br />
<br />
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;">2. Decompress and unpack:</span></h3>
<b><span style="font-family: "Courier New",Courier,monospace;">gzcat filename.tar.gz | tar -xpf - </span></b>Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-45633792567499950062014-12-16T10:11:00.006-08:002014-12-16T10:11:54.262-08:00Securing ssh server from automated bot hacks<span style="font-family: Arial,Helvetica,sans-serif;">SSH server running on some quite popular hosting is exposed to many automated attacks these days.</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;">There are more and more bots scanning the whole Internet and especially targeting popular hosting/VPS providers.</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;"><br /></span>
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;">1. Changing the default sshd port number</span></h3>
<span style="font-family: Arial,Helvetica,sans-serif;">In contrast to other well known services (ftp/mail/www) <b>ssh</b> <b>server</b> does not need to listen on the default port. It's being used by a fewer people, sometimes only you and changing the default port is yet another step in increasing your server security.</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;">I have been using <b>fail2ban</b> software for some time. It scans the logs for failed login attempts and bans the attacker's IP if he fails to login too many times.</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;">However, after a few days my firewall was full of banned IPs (good day - 5/10 IPs, bad day - more than 20).</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;">From now on my<b> ssh server </b>is always running on a non-standard IP.</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;">The number of failed login attempts has greatly decreased and the automated attacks are no longer spamming my logs.</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: Arial,Helvetica,sans-serif;">Some useful settings from <span style="font-family: "Courier New",Courier,monospace;"><b>/etc/ssh/sshd_config</b> </span>file:</span><br />
<b><span style="font-family: "Courier New",Courier,monospace;">[root@server ~]# egrep "^Port|^PermitRootLogin|^MaxAuth" /etc/ssh/sshd_config<br />Port 4321<br />PermitRootLogin no<br />MaxAuthTries 3</span></b><br />
<span style="font-family: Arial,Helvetica,sans-serif;"><br /></span>
<br />
<h3>
<span style="font-family: Arial,Helvetica,sans-serif;">2. Logging incoming connections</span></h3>
<span style="font-family: Arial,Helvetica,sans-serif;">Even with <b>ssh</b> daemon running on a different port you may find it useful to log all the connection attempts to it. You can catch it via following <b>iptables</b> rule:</span><br />
<b><span style="font-family: "Courier New",Courier,monospace;">iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 4321 -j LOG --log-prefix "iptables: "</span></b><br />
<span style="font-family: Arial,Helvetica,sans-serif;">Which should be inserted before accepting the connection on <b>ssh</b> port.</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;">Next if you're using <b>rsyslogd</b> you can filter all the messages starting with <b>"iptables :"</b> and put them into a separate file:</span><br />
<span style="font-family: "Courier New",Courier,monospace;"><b>[root@server ~]# cat /etc/rsyslog.d/iptables.conf <br />:msg, startswith, "iptables: " -/var/log/iptables.log<br />& ~<br />[root@server ~]# service rsyslog restart</b></span><br />
<span style="font-family: Arial,Helvetica,sans-serif;"><span style="font-family: "Courier New",Courier,monospace;"><b><br />[root@server ~]# cat /var/log/iptables.log <br />Dec 16 18:39:41 server kernel: iptables: IN=eth0 OUT= MAC=00:1c:14:01:30:de:00:16:83:76:07:29:08:00 SRC=10.23.189.14 DST=20.40.50.101 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=31528 DF PROTO=TCP SPT=44074 DPT=4321 WINDOW=29200 RES=0x00 SYN URGP=0</b></span></span>Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-38047790866962180462014-08-08T15:32:00.002-07:002014-08-08T15:32:42.346-07:00World of Warcraft on Ubuntu 14.04 and #132 error<span style="font-family: Arial,Helvetica,sans-serif;">While trying to play World of Warcraft on my new Ubuntu 14.04.1 I have encountered #132 error.</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;">As you might already found it, the error can mean anything. </span><br />
<span style="font-family: Arial,Helvetica,sans-serif;">In my example I had nvidia-prime packages installed (I have Nvidia Optimus in my laptop) but even with WOW driver set to OpenGL it was hanging and throwing #132 error few moments after the characters were loaded.</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: Arial,Helvetica,sans-serif;">Solution in my case was very simple:</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;">1. I have added <i>ppa:ubuntu-wine/ppa </i>repository</span><br />
<span style="font-family: Arial,Helvetica,sans-serif;">2. executed <i>sudo apt-get upgrade</i></span><br />
<span style="font-family: Arial,Helvetica,sans-serif;">3. And upgraded wine from 1.6 to 1.7: <i>sudo apt-get install wine1.7</i></span><br />
<br />
<span style="font-family: Arial,Helvetica,sans-serif;">Finally just check if your wine is now 1.7 and start the game again<i>:</i></span><br />
<span style="font-family: Arial,Helvetica,sans-serif;"><i>wine --version</i></span><br />
<span style="font-family: Arial,Helvetica,sans-serif;"><i>wine Wow-64.exe</i></span><br />
<i><span style="font-family: Arial,Helvetica,sans-serif;"> </span></i>Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com1tag:blogger.com,1999:blog-7249104207843223456.post-28591225230510758962014-02-13T13:20:00.001-08:002014-02-13T13:21:11.314-08:00Mint 16 on Lenovo Y510P (nvidia card)I have just installed Mint 16 Cinnamon which is highy recommended Linux distro for users who have no time to lose and like systems working out-of-box.<br />
<br />
Unfortunately, on Lenovo Y510P with Nvidia 755M graphic card it doesn't work at all (I assume other nvidia cards doesn't work as well).<br />
First of all you need to perform the installation using safe boot mode.<br />
<br />
After the installation system will not start up properly.<br />
You may notice that the graphic driver is throwing some errors and then the boot process stops.<br />
<br />
To fix this issue you need to:<br />
1. Boot from the installation media<br />
2. Mount proc and root filesystem:<br />
<b><span style="font-family: "Courier New",Courier,monospace;">mount /dev/mapper/mint--vg-root /mnt</span></b><br />
<b><span style="font-family: "Courier New",Courier,monospace;">mount none -t proc /mnt/proc</span></b><br />
3. Chroot to the system installed on your hard-drive<br />
<b><span style="font-family: "Courier New",Courier,monospace;">chroot /mnt /bin/bash</span></b><br />
4. Remove the nouveau driver:<br />
<b><span style="font-family: "Courier New",Courier,monospace;">apt-get remove xserver-xorg-video-nouveau</span></b><br />
5. Install nvidia driver:<br />
<b><span style="font-family: "Courier New",Courier,monospace;">apt-get install nvidia-current</span></b><br />
6. And reboot the system<br />
<b><span style="font-family: "Courier New",Courier,monospace;">reboot</span></b><br />
<br />
Your system should now boot up properly. Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-17757321106678001132013-07-05T15:08:00.000-07:002013-07-05T15:08:00.552-07:00Using bash auto_completion features<span style="font-family: Arial, Helvetica, sans-serif;">When standard bash completion is not enough try installing<b> bash-completion</b> package from <b>EPEL </b>repository.</span><br />
<b><span style="font-family: Courier New, Courier, monospace;"># yum install bash-completion</span></b><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Now log off and on again or run:</span><br />
<b><span style="font-family: Courier New, Courier, monospace;"># source /etc/bash_completion</span></b><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">You should get more logical hints, try this:</span><br />
<b><span style="font-family: Courier New, Courier, monospace;"># ifup [TAB][TAB]</span></b><br />
<b><span style="font-family: Courier New, Courier, monospace;">eth0 eth0:0 eth0.bak lo</span></b><br />
<br />
<span style="font-family: Arial, Helvetica, sans-serif;">See - it's now suggesting (and completing) interface names instead of files in the current directory. Cool stuff!</span>Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-76558896968994246162013-07-05T08:10:00.000-07:002013-07-05T08:10:00.080-07:00Adding EPEL repository<span style="font-family: Arial, Helvetica, sans-serif;"><b>EPEL </b>stands for Extra Packages for Enterprise Linux.</span><br />
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">It contains a lot of cool packages that may make your life easier on CentOS or RHEL.</span></div>
<div>
<br /></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">Just install epel-release package for appropriate system release (5 or 6):</span></div>
<div>
<div>
<span style="font-family: Courier New, Courier, monospace;"><b># wget http://ftp.pbone.net/pub/fedora/epel/5/i386/epel-release-5-4.noarch.rpm</b></span></div>
<div>
<div>
<span style="font-family: Courier New, Courier, monospace;"><b># rpm -ivh epel-release-5-4.noarch.rpm</b></span></div>
</div>
<div style="font-family: Arial, Helvetica, sans-serif;">
<br /></div>
</div>
Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-38955372609594949732013-07-04T23:04:00.000-07:002013-07-04T23:04:01.012-07:00Howto to add date and time to bash history<span style="font-family: Arial, Helvetica, sans-serif;">It might be useful to to log time stamp to each bash command that is being executed on server you maintain (even more if you're not the only admin there).</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">To keep everyone's history with time stamps edit <b>/etc/bashrc </b>and add:</span><br />
<b><span style="font-family: Courier New, Courier, monospace;">export HISTTIMEFORMAT="%y/%m/%d %T "</span></b><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">for one user only edit <b>~./bash_profile</b> file and add the same line.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">The fields that you may use means:</span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>%y - year</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>%m - month</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>%d - day</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>%T - time</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>%H - hour</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>%M - minute</b></span><br />
<span style="font-family: Courier New, Courier, monospace;"><b>%S - second</b></span>Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0tag:blogger.com,1999:blog-7249104207843223456.post-29543344744507572532013-07-04T12:33:00.001-07:002013-07-04T12:33:44.055-07:00Intrusion detection tools on Linux - AIDE<span style="font-family: Arial, Helvetica, sans-serif;">AIDE is an opensource file integrity check tool. It can help you verifying files integrity in an easy way.</span><div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">1. Install AIDE package on CentOS/RHEL:</span></div>
<div>
<b><span style="font-family: Courier New, Courier, monospace;"># yum install -y aide</span></b></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">2. Check and adjust aide configuration file to fulfill your needs:</span></div>
<div>
<b><span style="font-family: Courier New, Courier, monospace;"># vim /etc/aide.conf</span></b></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">3. Initialize AIDE database - it will scan all the files in folders that were included in the config file and save their hash as well as attributes info</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">4. You may consider keeping golden copy of AIDE database (default is set to <b>/var/lib/aide/aide.db.gz</b>) is secure and read-only location. It will allow you to compare current system integrity to the golden copy.</span></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">To check what changed run:</span></div>
<div>
<b><span style="font-family: Courier New, Courier, monospace;"># aide -C</span></b></div>
<div>
<span style="font-family: Arial, Helvetica, sans-serif;">If you get "<b>Couldn't open file /var/lib/aide/aide.db.gz for reading</b>" error it means you need to move database generated in step 3 to this location:</span></div>
<div>
<b><span style="font-family: Courier New, Courier, monospace;"># mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz</span></b></div>
<div>
<br /></div>
Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com2tag:blogger.com,1999:blog-7249104207843223456.post-64963474243307908312013-06-26T12:48:00.000-07:002013-06-26T12:48:03.766-07:00How to add timestamp to vmstat and iostat output<span style="font-family: Arial, Helvetica, sans-serif;"><b>vmstat </b>does not have an option to log timestamps which may cause its logs to be difficult to interpret later.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">The workaround is to use awk to generate timestamp and print vmstat output plus data:</span><br />
<span style="font-family: Courier New, Courier, monospace;"># vmstat 1 | awk '{now=strftime("%Y-%m-%d %T "); print now $0}'</span><br />
<span style="font-family: Courier New, Courier, monospace;">2013-06-26 21:47:41 procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------</span><br />
<span style="font-family: Courier New, Courier, monospace;">2013-06-26 21:47:41 r b swpd free buff cache si so bi bo in cs us sy id wa st</span><br />
<span style="font-family: Courier New, Courier, monospace;">2013-06-26 21:47:41 1 0 0 385944 71768 517152 0 0 96 28 1018 118 3 5 89 3 0</span><br />
<span style="font-family: Courier New, Courier, monospace;">2013-06-26 21:47:42 0 0 0 385944 71768 517152 0 0 0 0 1008 65 0 1 99 0 0</span><br />
<br />
<span style="font-family: Courier New, Courier, monospace;">2013-06-26 21:47:43 0 0 0 385944 71768 517152 0 0 0 0 1023 73 0 0 100 0 0</span><br />
<div>
<br /></div>
<span style="font-family: Arial, Helvetica, sans-serif;">Fortunately <b>iostat</b> on Linux have <b>-t </b>switch which adds timestamp for every output.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">However if you're using <b>iostat </b>on system where <b>-t </b>switch is not available you may use the same trick we did with <b>vmstat</b>.</span>Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com6tag:blogger.com,1999:blog-7249104207843223456.post-14363283123023547482013-06-19T10:38:00.000-07:002013-06-19T10:39:32.709-07:00Howto reset powerpath error counters<span style="font-family: Arial, Helvetica, sans-serif;">If you had issues with I/O paths and they have been fixed you might want to reset error counters to keep a clean view.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">There are two ways to achieve this:</span><br />
<br />
<ol>
<li><span style="font-family: Arial, Helvetica, sans-serif;">error counters will be automatically cleared during machine reboot</span></li>
<li><span style="font-family: Arial, Helvetica, sans-serif;">by running </span><b><span style="font-family: Courier New, Courier, monospace;">powermt restore </span></b><span style="font-family: Arial, Helvetica, sans-serif;">command</span></li>
</ol>
<br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<b><span style="font-family: Courier New, Courier, monospace;">powermt restore</span></b><span style="font-family: Arial, Helvetica, sans-serif;"> will check I/O paths and update their current status, additionally it will clear Q-IOs and error counters.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"># powermt display</span><br />
<span style="font-family: Courier New, Courier, monospace;">Symmetrix logical device count=0</span><br />
<span style="font-family: Courier New, Courier, monospace;">CLARiiON logical device count=1</span><br />
<span style="font-family: Courier New, Courier, monospace;">Hitachi logical device count=0</span><br />
<span style="font-family: Courier New, Courier, monospace;">Invista logical device count=0</span><br />
<span style="font-family: Courier New, Courier, monospace;">HP xp logical device count=0</span><br />
<span style="font-family: Courier New, Courier, monospace;">Ess logical device count=0</span><br />
<span style="font-family: Courier New, Courier, monospace;">HP HSx logical device count=0</span><br />
<span style="font-family: Courier New, Courier, monospace;">======================================================================</span><br />
<span style="font-family: Courier New, Courier, monospace;">--- Host Bus Adapters --- ------ I/O Paths ----- ------ Stats ------</span><br />
<span style="font-family: Courier New, Courier, monospace;">### HW Path Summary Total Dead IO/Sec Q-IOs Errors</span><br />
<span style="font-family: Courier New, Courier, monospace;">======================================================================</span><br />
<span style="font-family: Courier New, Courier, monospace;"> 1 qla2xxx optimal 2 0 - 0 77</span><br />
<span style="font-family: Courier New, Courier, monospace;"> 2 qla2xxx optimal 2 0 - 0 0</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"># powermt restore</span><br />
<span style="font-family: Courier New, Courier, monospace;"># powermt display</span><br />
<span style="font-family: Courier New, Courier, monospace;">Symmetrix logical device count=0</span><br />
<span style="font-family: Courier New, Courier, monospace;">CLARiiON logical device count=1</span><br />
<span style="font-family: Courier New, Courier, monospace;">Hitachi logical device count=0</span><br />
<span style="font-family: Courier New, Courier, monospace;">Invista logical device count=0</span><br />
<span style="font-family: Courier New, Courier, monospace;">HP xp logical device count=0</span><br />
<span style="font-family: Courier New, Courier, monospace;">Ess logical device count=0</span><br />
<span style="font-family: Courier New, Courier, monospace;">HP HSx logical device count=0</span><br />
<span style="font-family: Courier New, Courier, monospace;">======================================================================</span><br />
<span style="font-family: Courier New, Courier, monospace;">--- Host Bus Adapters --- ------ I/O Paths ----- ------ Stats ------</span><br />
<span style="font-family: Courier New, Courier, monospace;">### HW Path Summary Total Dead IO/Sec Q-IOs Errors</span><br />
<span style="font-family: Courier New, Courier, monospace;">======================================================================</span><br />
<span style="font-family: Courier New, Courier, monospace;"> 1 qla2xxx optimal 2 0 - 0 0</span><br />
<span style="font-family: Courier New, Courier, monospace;"> 2 qla2xxx optimal 2 0 - 0 0</span>Mikehttp://www.blogger.com/profile/06538993182159098084noreply@blogger.com0