Sunday, 13 December 2009

playing with ubuntu v1

Ok... play time has officially begun, today's item:

Ubuntu 8.10 - Server

1. Did a base install added the user required and all is well with the world.

2. apt-get install openssh-server (not in base installation)

3. Enable root
sudo su -
passwd

4. Edit sshd_config
PermitRootLogin no

service ssh restart

5. Edit the sudoers config file to remove extra privileges from the user we added in the installation
and comment the last line
#%admin ALL=(ALL) ALL

6. Install and tweak rkhunter and chkrootkit to our likings
apt-get install mailutils rkhunter chkrootkit
Edit the default/rkhunter configuration and change
REPORT_EMAIL (to your email)
DB_UPDATE_EMAIL (to yes)

7. Configure exim
dpkg-reconfigure exim4-config

8. Edit rkhunter.conf to:
DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps apps"
uncomment
ALLOWHIDDENDIR=/dev/.udev
ALLOWHIDDENDIR=/dev/.static
ALLOWHIDDENDIR=/dev/.initramfs


9. Edit the cron.daily/rkhunter file to say:
echo "Subject: WARNINGS from rkhunter on $(hostname -f)"


Thanks for playing :)

Thursday, 15 October 2009

clearing stuck netbackup restore procs

Ok... NetBackup problems...

So you have restore procs stuck on your NetBackup huh? here is what worked with me:

1) close all admin consoles

2) shudown netbackup

3) bpps -x to see if all things are actually dead (if not use bp.kill_all)

4) shutdown netbackup on your media servers and check for procs as above

5) restart your PBX exchange daemon on all systems (master/media)

6) go to /usr/openv/netbackup/logs/user_ops/<username>/jobs and
/usr/openv/netbackup/logs/user_ops/<username>/logs and delete all contents

7) restart the netbackup services on media / master servers

8) have a beer and enjoy your restores running :)

Thanks for playing :)

Thursday, 17 September 2009

iscsi issues

CentOS does not do all the SLES automagic things you want with iSCSI so... here we go:

# iSCSI Target Discovery
iscsiadm –-mode discovery –-type sendtargets --portal

# Login to the target portal
iscsiadm –-mode node --target --portal --login

# Show all the iSCSI Sessions on the host
iscsiadm --mode session

# To logout all the sessions
iscsiadm --mode node -U all
# To logout from a particular session
Iscsiadm --mode node -u --portal

# Rescan the session you want:
iscsiadm -m session -r <session_id> -R


Thanks for playing :)

netbackup - logging conf file error

Some notes on NetBackup issues (6.5.x.x)

Error:
Error bpbrm (pid=3968) from client smt: ERR - Error occurred during initialization.  Could not read logging configuration file.

Solution:
/usr/openv/netbackup/bin/vxlogcfg -a -p 51216 -c /usr/openv/netbackup/nblog.conf -n 'NB,nb'

Friday, 4 September 2009

CFET Notes

It was ok I guess...

Not much technical but mostly focused on education and spreading awareness but interesting ppl and interesting subjects.

Some of the technical details we were presented (and are very valuable) were:

http://linux.die.net/man/1/ewfacquire

(use with -d sha1)

http://linux.die.net/man/1/ewfverify

part of the package ewftools (do a rpm -qli ewftools there are more
tools installed )

and of course the mount one (mounts ro [under the mount output it will
say rw  but its actually not])

http://sourceforge.net/projects/libewf/files/mount_ewf/mount_ewf-20090113/mount_ewf-20090113.py/download

dependencies include python, fuse, libewf but yum should take care of
that for you (most of it). On Centos 5 it pulled them from the rpmforge
repository on Fedora I would expect it to be in the default repos
already (otherwise use rpmforge, dag or pbone) along with:

http://man-wiki.net/index.php/1:qemu-img

I think that this pretty much covers it (simple presentation but nice),
Its always nice to have open-source tools to do the job "the-right" way.

Many thanks to Jens Kirschner from 7Safe for the presentation.

Thanks for playing :)

Monday, 4 May 2009

Useful mysql

Some mysql commands that can be useful from time to time:

1. Recovering root password
/etc/init.d/mysql stop

mysqld_safe --skip-grant-tables &

mysql -u root

mysql> use mysql;
mysql> update user set password=PASSWORD("NEW-ROOT-PASSWORD") where User='root';
mysql> flush privileges;
mysql> quit


/etc/init.d/mysql stop

/etc/init.d/mysql start

2. Adding database and creating user
mysql> CREATE DATABASE db_name;
mysql> USE DATABASE db_name;
mysql> GRANT ALL ON *.* TO 'user'@'localhost' IDENTIFIED BY 'pass1';
mysql> GRANT ALL ON db_name TO 'user'@'localhost' IDENTIFIED BY 'pass1';
mysql> FLUSH PRIVILEGES;

Thats all for now..

Friday, 6 February 2009

sendmail teaching procedure

When the setup is finished our mail relays need to be "taught" some manners :P... this is the way:

If we use RFC 2822 mail-queue messages we symply send them to sa-lern thusly:
sa-learn -p /etc/mail/MailScanner/spam.assassin.prefs.conf --progress --ham /dir/with/spam/*

This way though getting the mail back to the customer without letting him/her know proved to be quite a pain... so we switch to df/qf mail messages which resulted in a different process:
1. Get the ham in a directory called 20090101 lets say
2  Use Julian's script to make the qf/df into mbox files:
cd /var/spool/notspam/ (where the 20090101 dir is)
df2mbox * (this will create the spam.number file we need)

3. Make spammassassin learn the messages as ham
sa-learn -p /etc/mail/MailScanner/spam.assassin.prefs.conf --progress --ham --mbox spam.20090101

4. And finally send the email without the client knowing a thing :)
/usr/lib/sendmail -OQueueDirectory=/var/spool/notspam/20100103 -OTimeout.queuereturn=51d -OTimeout.queuewarn=0 -q -v

Thats it :) 

Tuesday, 27 January 2009

Rescue System - Grub reinstall

This is the proper way of chrooting on a rescue system so you can have the most cpapbilites to run any program you need in rescue mode with the apropriate devices / configs:

Boot with your Rescue disk and:
mount /dev/sda1 /mnt
mount --bind /dev /mnt/dev
mount --bind /proc /mnt/proc
chroot /mnt

Re-installing grub on CentOS or Suse SLES respectively:
grub-install /dev/sda

or
grub --batch < /etc/grub.conf

if you have no errors... job done

:)