Linux » Mochabomb

Archive for the ‘Linux’ Category

Script to monitor Linux server processes

May 6th, 2008

Ever had a process die and not know it until trying to use it? Last year dovecot was dying and running “service dovecot status” shows that – this script was born to address this for many processes. Its a work in progress, and please share any ways to make it better. Cron this to run every 15 minutes, and minor adjustments will be needed for other systems, daemons.

Note: this was written for RHEL systems – make minor adjustments for other systems/daemons

The textfile is located here and the config file looks like:

# email: user@example.com pager: 4155551212@messaging.sprintpcs.com # service: commented_out service: httpd service: dovecot service: mysqld service: postfix service: sshd service: MailScanner service: proftpd service: syslog

2 Comments »

Posted in Linux

Fail2Ban script to verify configuration

January 11th, 2008

From the comments in the script:

“Created this script after I had several misconfigurations across many servers – this will
use values from the config files for testing – a wrapper for fail2ban-regex and eliminating
late-night, low-on-caffeine human errors in testing your config. Could also be used: after an
update to verify the configuration, run weekly cron, create a fail2ban report..”

Script is here: http://mochabomb.com/software/fail2ban-check.txt

Leave your comment »

Posted in Linux

Tags: centos exploits fail2ban hackers iptables Linux

How to mess up your Xen guest (make it nearly useless)

January 8th, 2008

I made some changes to a VBD based Xen server – here’s what not to do:

Use a password in the httpd cert – if I ran xm console server I did not see that prompt – needed to use the vnc/gui to see this – entered it and got closer
Spaces in device names using system-config-network – eg; eth0 was actually saved as "eth0 " – that extra space messed up starting of "eth0" and other network devices. I will bugzilla this one.
Pretty GUI’s are not a sign of weakness – this time it showed me what 6 hours of console hacking did not. Score +1 for the GUI!!!

Network trouble: www.linuxfromscratch.org/pipermail/lfs-support/2003-December/021076.html
solution: cd /etc; find . -print | grep ifcfg – delete any that are easily replaced – I removed all but the primary IP interface.

Mounting xen vbd img files:
http://www.brandonhutchinson.com/Mounting_a_Linux_LVM_volume.html
http://www.novell.com/coolsolutions/tip/19568.html

Now if anyone share how to effectively mount Linux LVM from a server.img file that looks like – I can mount the ext3 boot partition, but not the Linux LVM using lomount or other techniques:

[root@server vm]# fdisk -l /dev/loop0

Disk /dev/loop0: 16.7 GB, 16777216000 bytes
255 heads, 63 sectors/track, 2039 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

      Device Boot      Start         End      Blocks   Id  System
/dev/loop0p1   *           1          13      104391   83  Linux
/dev/loop0p2              14        2039    16273845   8e  Linux LVM

as Lundberg would say “That would be great”

3 Comments »

Posted in Linux, Xen

PHP memory limit results in blank pages

November 5th, 2007

From a Drupal install, got a blank page when logging in….

[Mon Nov 05 13:20:36 2007] [error] [client 71.139.36.123] PHP Fatal error:
Allowed memory size of 16777216 bytes exhausted (tried to allocate 92160 bytes) in
/home/someuser/public_html/modules/event/event_timezones.inc on line 331, referer: http://example.com/

Up the memory in php.ini a few MB, restart httpd and all was working..

Leave your comment »

Posted in Apache, Drupal, Linux, PHP

DNS Troubleshooting

November 1st, 2007

Yeah, its 5am – got clients that rely on me to get things done…

DNS: Best free tool to use: http://www.dns.lu/en/EN-LUTestNoms.php

If seeing “not advertising as nameserver”, that means in the zone file that server is not listed:

mochabomb.com.  IN      NS ns1.mochabomb.com.
mochabomb.com.  IN      NS ns2.mochabomb.com.
mochabomb.com.  IN      NS ns4.mochabomb.com.

.. for the server it resides on – and that record can be a slave record, just need to add all slaves in the master DNS server so that the slave server advertizes itself as an authority….

In /etc/named.conf is where a zone is set as master or slave. A slave can be authoritative if its name is listed/resolved by the master record.