Browsed by
Category: Linux

Know How su Linux

OpsView wrong ipmi result

OpsView wrong ipmi result

Opsview cache the result into /var/log/nagios/.freeipmi/sdr-cache with file named by ip address.

Remove them to recreate cache from new device

Powershell script to import LDAP object into exchange contact

Powershell script to import LDAP object into exchange contact

Whith this powershell script, it’s possible to import external ldap object into active directory mail-contact.

Exchange will parse and create a list of contact available for everyone.

The script will clear all OU before importing.

$count = 0
#load Exchange pssnapin
Add-PSSnapIn Microsoft.Exchange.Management.PowerShell.E2010
#load Assembly DirectoryServices
[System.Reflection.Assembly]::LoadWithPartialName("System.DirectoryServices.Protocols") 
[System.Reflection.Assembly]::LoadWithPartialName("System.Net") 
#load user and password to logon in Openldap
$UserName = "uid=reader,ou=users,dc=example,dc=com"  
$Password = "Password"
$OU = "OU-IMPORT"

$filter = "(objectclass=inetOrgPerson)"
#Insert openLDAP source server and the OU of the company created in this openLDAP 
$domain = "LDAP://10.10.10.1:389/o="+$OU+",dc=example,dc=com"

#Launch the search in the openLDAP
$root = New-Object -TypeName System.DirectoryServices.DirectoryEntry($domain,$UserName,$Password,'FastBind')
$query = New-Object System.DirectoryServices.DirectorySearcher($root,$filter)
$objuser = $query.findall()

#search user by user in the openLDAP ou
foreach ($user in $objUser.GetEnumerator()) {
  
    #this counter is only a security counter and for testing porpouses, in case of you dont want to launch all users at the same time
    if ($count -ge 0) #insert the number of users you want to import
    { 
    write-host "-------------------------------------------------------"
    #select the mail of the user in openLDAP
    $smtpmail = [Microsoft.Exchange.Data.ProxyAddress]("$($user.properties.mail)")		

if(-not([string]::IsNullOrEmpty($smtpmail.SmtpAddress))) # check if the smtp field is not empty
    {
    
    $mail = $smtpmail.SmtpAddress        
    write-host $user.properties.cn
   
  If ([string]$user.properties.displayname -ne (Get-MailContact ([string]$user.properties.displayname) -ErrorAction silentlycontinue)) #check if the user exist in the AD yet   
	{
	    write-host "the contact doesnt exist, I create it"
    	#change the OU where the contacts will be created in your AD, changing "-organizationalunit" property
        New-MailContact -Name $user.properties.cn -DisplayName $user.properties.displayname -FirstName $user.properties.givenname -LastName $user.properties.sn -OrganizationalUnit ("OU="+$OU+",OU=LDAP-Tesa,DC=CGTE,DC=local") -ExternalEmailAddress $mail #-Alias $_.mailNickname
		Set-Mailcontact -identity ([string]$user.properties.displayname) -CustomAttribute10 $OU
		Set-Mailcontact -identity ([string]$user.properties.displayname) -CustomAttribute11 "updated"
    }
	Else
	{
	    write-host "the contact exist, I wait for a 2 secons"
		#Start-Sleep -s 15 #delay of 5 seconds to let AD to replicate the contact in the DCS servers
		Write-host "update contacts properties.... " $user.properties.displayname
        Set-Contact -identity ([string]$user.properties.displayname) -Phone $user.properties.telephonenumber -mobilePhone $user.properties.mobile -Office $user.properties.physicaldeliveryofficename -Title $user.properties.title -Department $user.properties.department -Company $user.properties.o -city $user.properties.l
	    Set-Mailcontact -identity ([string]$user.properties.displayname) -CustomAttribute10 $OU
		Set-Mailcontact -identity ([string]$user.properties.displayname) -CustomAttribute11 "updated"
	}
    
    
    
    }
    $count++
 }
}
#Remove contact not update, aka deleted from ldap
get-mailcontact -OrganizationalUnit ("OU="+$OU+",DC=example,DC=com") -filter {CustomAttribute11 -eq $null}|remove-mailcontact -Confirm:$false
Start-Sleep -s 30 #delay of 30 seconds to let AD to replicate the contact in the DCS servers
get-mailcontact -OrganizationalUnit ("OU="+$OU+",DC=example,DC=com") -filter {CustomAttribute11 -ne $null}|set-mailcontact -CustomAttribute11 ""
Start-Sleep -s 30 #delay of 30 seconds to let AD to replicate the contact in the DCS servers
How to add program available to user under CageFS

How to add program available to user under CageFS

CloudLinux servers are built to be far more secure than traditional CentOS servers, especially with the addition of CageFS. However, sometimes you might want to allow your users access to some of the commands that are disabled by default. In our example we needed to enable rsync. 

If this is your problem, you and your user will see errors that look like these:

[email protected] [/]# rsync
jailshell: rsync: command not found
[email protected] [/]# exit
[host [email protected] ~]cPs# su leepangc
[email protected] [/]# rsync
bash: rsync: command not found

First, check to make sure the command isn’t included with this command:

[/]# cagefsctl --list-rpm | grep -i rsync

If the output is blank, that’s definitely your problem. The fix is a quick one:

[/]# cagefsctl --addrpm rsync
[/]# cagefsctl --update

Once that is done, your users will be able to use rsync without error.

How to increase the size of a linux lvm by expanding the virtual machine disk

How to increase the size of a linux lvm by expanding the virtual machine disk

Increasing the virtual hard disk

First off we increase the allocated disk space on the virtual machine itself. This is done by right clicking the virtual machine in vSphere, selecting edit settings, and then selecting the hard disk. In the below image I have changed the previously set hard disk of 20gb to 30gb while the virtual machine is up and running. Once complete click OK, this is all that needs to be done in VMware for this process.

If you are not able to modify the size of the disk, the provisioned size setting is greyed out. This can happen if the virtual machine has a snapshot in place, these will need to be removed prior to making the changes to the disk. Alternatively you may need to shut down the virtual machine if it does not allow you to add or increase disks on the fly, if this is the case make the change then power it back on.
Detect the new disk space

Once the physical disk has been increased at the hardware level, we need to get into the operating system and create a new partition that makes use of this space to proceed.

Before we can do this we need to check that the new unallocated disk space is detected by the server, you can use “fdisk -l” to list the primary disk. You will most likely see that the disk space is still showing as the same original size, at this point you can either reboot the server and it will detect the changes on boot or you can rescan your devices to avoid rebooting by running the below command. Note you may need to change host0 depending on your setup.

echo 1>/sys/block/sda/device/rescan

Below is an image after performing this and confirming that the new space is displaying.

Partition the new disk space

As outlined in my previous images the disk in my example that I am working with is /dev/sda, so we use fdisk to create a new primary partition to make use of the new expanded disk space. Note that we do not have 4 primary partitions already in place, making this method possible.

fdisk /dev/sda

We are now using fdisk to create a new partition, the inputs I have entered in are shown below in bold. Note that you can press ‘m’ to get a full listing of the fdisk commands.

‘n’ was selected for adding a new partition.

WARNING: DOS-compatible mode is deprecated. It’s strongly recommended to
switch off the mode (command ‘c’) and change display units to
sectors (command ‘u’).

Command (m for help): n

‘p’ is then selected as we are making a primary partition.

Command action
l logical (5 or over)
p primary partition (1-4)
p

As I already have /dev/sda1 and /dev/sda2 as shown in previous images, I have gone with using ‘3’ for this new partition which will be created as /dev/sda3

Partition number (1-4): 3

We just press enter twice above as by default the first and last cylinders of the unallocated space should be correct. After this the partition is then ready.

First cylinder (2611-3916, default 2611): “enter”
Using default value 2611
Last cylinder, +cylinders or +size{K,M,G} (2611-3916, default 3916): “enter”
Using default value 3916

‘t’ is selected to change to a partition’s system ID, in this case we change to ‘3’ which is the one we just created.

Command (m for help): t
Partition number (1-5): 3

The hex code ‘8e’ was entered as this is the code for a Linux LVM which is what we want this partition to be, as we will be joining it with the original /dev/sda5 Linux LVM.

Hex code (type L to list codes): 8e
Changed system type of partition 3 to 8e (Linux LVM)

‘w’ is used to write the table to disk and exit, basically all the changes that have been done will be saved and then you will be exited from fdisk.

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
The kernel still uses the old table. The new table will be used at
the next reboot or after you run partprobe(8) or kpartx(8)
Syncing disks.

You will see a warning which basically means in order to use the new table with the changes a system reboot is required. If you can not see the new partition using “fdisk -l” you may be able to run “partprobe -s” to rescan the partitions. In my test I did not require either of those things at this stage (I do a reboot later on), straight after pressing ‘w’ in fdisk I was able to see the new /dev/sda3 partition of my 10gb of space as displayed in the below image.

For CentOS/RHEL run a “partx -a /dev/sda3” to avoid rebooting later on.

That’s all for partitioning, we now have a new partition which is making use of the previously unallocated disk space from the increase in VMware.
Increasing the logical volume

We use the pvcreate command which creates a physical volume for later use by the logical volume manager (LVM). In this case the physical volume will be our new /dev/sda3 partition.

[email protected]:~# pvcreate /dev/sda3
Device /dev/sda3 not found (or ignored by filtering).

In order to get around this you can either reboot, or use partprobe/partx as previously mentioned to avoid a reboot, as in this instance the disk does not appear to be there correctly despite showing in “fdisk -l”. After a reboot or partprobe/partx use the same command which will succeed.

[email protected]:~# pvcreate /dev/sda3
Physical volume “/dev/sda3” successfully created

Next we need to confirm the name of the current volume group using the vgdisplay command. The name will vary depending on your setup, for me it is the name of my test server. vgdisplay provides lots of information on the volume group, I have only shown the name and the current size of it for this example.

[email protected]:~# vgdisplay
— Volume group —
VG Name Mega

VG Size 19.76 GiB

Now we extend the ‘Mega’ volume group by adding in the physical volume of /dev/sda3 which we created using the pvcreate command earlier.

[email protected]:~# vgextend Mega /dev/sda3
Volume group “Mega” successfully extended

Using the pvscan command we scan all disks for physical volumes, this should confirm the original /dev/sda5 partition and the newly created physical volume /dev/sda3

[email protected]:~# pvscan
PV /dev/sda5 VG Mega lvm2 [19.76 GiB / 0 free]
PV /dev/sda3 VG Mega lvm2 [10.00 GiB / 10.00 GiB free]
Total: 2 [29.75 GiB] / in use: 2 [29.75 GiB] / in no VG: 0 [0 ]

Next we need to increase the logical volume (rather than the physical volume) which basically means we will be taking our original logical volume and extending it over our new partition/physical volume of /dev/sda3.

Firstly confirm the path of the logical volume using lvdisplay. This path name will vary depending on your setup.

[email protected]:~# lvdisplay
— Logical volume —
LV Path /dev/Mega/root

The logical volume is then extended using the lvextend command.

[email protected]:~# lvextend /dev/Mega/root /dev/sda3
Extending logical volume root to 28.90 GiB
Logical volume root successfully resized

There is then one final step which is to resize the file system so that it can take advantage of this additional space, this is done using the resize2fs command for ext based file systems. Note that this may take some time to complete, it took about 30 seconds for my additional space.

[email protected]:~# resize2fs /dev/Mega/root
resize2fs 1.41.12 (17-May-2010)
Filesystem at /dev/Mega/root is mounted on /; on-line resizing required
old desc_blocks = 2, new_desc_blocks = 2
Performing an on-line resize of /dev/Mega/root to 7576576 (4k) blocks.
The filesystem on /dev/Mega/root is now 7576576 blocks long.

Alternatively if you’re running the XFS file system (default as of RedHat/CentOS 7) you can grow the file system with “xfs_growfs /dev/Mega/root”.

That’s it, now with the ‘df’ command we can see that the total available disk space has been increased.

Create a MySQL Slave using Replication with No Downtime

Create a MySQL Slave using Replication with No Downtime

2013060316014742_1

I have a customer who has over 100GB of MySQL data and taking their site down for even a few minutes is not feasible. I really wanted to get a slave set up in case the main server ever dies. Even though the server is backed up, it would take 2-3 hours (or longer) to restore the MySQL server which is not very acceptable.

The solution is to use replication. The traditional problem with this approach is locking the tables for so long while the mysqldump happens… for a database this size, close to 4-5 hours.

Idera’s Free Tool called Linux Hot Copy (hcp) was the answer I was looking for. By using hcp, you can lock the tables, make a near instant “snapshot”, record the master position, and unlock the tables. At your leisure, just copy the snapshot of the mysql data to your slave device, and start up your replication! This makes setting up new slaves a snap with minimal impact on your business.

First off, I will assume you have a production MySQL server in use and running. In my scenario, I am using CentOS 5.6 64Bit and MySQL 5.5. This tutorial will probably will work for older versions as well. I also will assume you know how to edit and copy files at the linux command line. If you don’t, you probably should get help from an experienced system administrator.

If you have not done so already, set up another mysql server for your slave. It should be a decent server, equal to your current live production server so you can switch to it in the event of failure.

I will also assume:

master server = 192.168.1.100
slave server = 192.168.2.200

You’ll need to substitute your IP Addressess in place of mine.

On Master Server (192.168.1.100):

1. Install Linux Hot Copy. Linux Hot Copy. If you need help with installation, here’s some documentation

2. Setup your Server ID and enable bin-logs. Note that bin logs record every change to your database, so make sure you have ample space to continue!)

Edit your /etc/my.cnf file and put these lines at the top, just under the [mysqld] line.

# enable mysql bin logs and server-id for mysql replication
       log-bin=mysql-bin
       server-id=1

Restart MySQL so bin logs are started. e.g. /etc/init.d/mysql restart you can verify it’s working by issuing the show master statusG command.

3. Create a user that has replication privs on the Master Server.

mysql> GRANT REPLICATION SLAVE ON *.* TO 'repl'@'192.168.2.200' IDENTIFIED BY 'password';

4. The next few steps will need to be done quickly so that you minimize your mysql server’s downtime. Make sure you know up-front the device (e.g. /dev/sda2) where your MySQL installation is located (typically /var/lib/mysql on CentOS):

Lock your Master MySQL Tables and show the status location of the bin log….

mysql> FLUSH TABLES WITH READ LOCK; SHOW MASTER STATUS;

Make sure you record and copy the information down, e.g. the filename and log position

From the command line, enter the following command, replacing /dev/sda2 with your raw device:

hcp /mnt/snap /dev/sda2

Back to MySQL, unlock your tables:

mysql> unlock tables;

Now you have a perfect copy of your “frozen” data at the following location: (may vary)..

FROZEN DATA LOCATION:
/mnt/snap

On Slave Server: 192.168.2.200

On the slave server, make sure MySQL is stopped and move the old mysql folder: (make sure this is the SLAVE SERVER 192.168.2.200 and NOT the live server!):

/etc/init.d/mysql stop
mv /var/lib/mysql /var/lib/mysql.old

Back on the Master Server: 192.168.1.100

1. Copy the “frozen” mysql data:

rsync -avz /mnt/snap  [email protected]:/var/lib/mysql

2. Copy my.cnf to slave:

scp /etc/my.cnf [email protected]_or_host:/etc/my.cnf

3. Once the Copy is Complete you can delete your “hot copy”

hcp -r /dev/hcp1

Now, go to your Slave Server: 192.168.2.200

1. edit /etc/my.cnf and change server-id to 2 and comment out or delete the log-bin line you added from the master..

2. start up mysql, and then enter commands to connect to master.. replacing the log file and position number with the ones you recorded earlier:

mysql> CHANGE MASTER TO 
      MASTER_HOST='192.168.1.100', 
      MASTER_USER='repl', 
      MASTER_PASSWORD='password', 
      MASTER_LOG_FILE='mysql-bin.000001',
      MASTER_LOG_POS=12345678;
mysql> START SLAVE;

 mysql> SHOW SLAVE STATUS/G;

MySQL will show how far it’s behind, it might take a few minutes to catch up depending on the number of changes that happened to your database during the copy.

I hope you enjoyed this tutorial on MySQL Replication with no downtime. Now it’s easy!

Linux shadow copy

Linux shadow copy

How to add shadowcopy to linux.

There’s a software that add shadowcopy to linux; below are instruction for Centos 6

First of all you must download and install the two package below

idera-hotcopy-5-14-4-x86_64

r1soft-setup-5-14-4-x86_64

Than you must install kernel-headers and kernel-devel for your running version.

If you’re running latest version you can use

yum install kenel-header kernel-devel

otherwise you can install directly from vault.centos.org repository as below

rpm -ivh http://vault.centos.org/6.6/updates/x86_64/Packages/kernel-devel-2.6.32-504.1.3.el6.x86_64.rpm
rpm -ivh http://vault.centos.org/6.6/updates/x86_64/Packages/kernel-headers-2.6.32-504.1.3.el6.x86_64.rpm

Now that you have software e kernel-headers you build your specific kernel-module for hcp device.

launch r1soft-setup-old –get-module to build it

now you can try to create shadow copy with

hcp /mnt/snapshot /dev/sda1

this will create a shadowcopy of /dev/sda1 on /mnt/snapshot

how to update CA root on Centos

how to update CA root on Centos

For RHEL 6 or later, you should be using update-ca-trust, as lzap describes in his answer below.

— For older versions of Fedora, CentOS, Redhat:

Curl is using the system-default CA bundle is stored in /etc/pki/tls/certs/ca-bundle.crt . Before you change it, make a copy of that file so that you can restore the system default if you need to. You can simply append new CA certificates to that file, or you can replace the entire bundle.

Are you also wondering where to get the certificates? I (and others) recommend curl.haxx.se/ca . In one line:

curl https://curl.haxx.se/ca/cacert.pem -o /etc/pki/tls/certs/ca-bundle.crt
How to solve (some) graphical issues with putty, UTF8, and ncurses

How to solve (some) graphical issues with putty, UTF8, and ncurses

Hello everybody,

I’m writing this article to help all those people that may have had problems with text garbled, mismatched or other kind of graphical issues with all those software that uses the famous ncurses libraries (libncurses5). It all started when I was using (via puTTY) my favorite command line log parsing tool: the great  multitail (go out there and take it if you don’t know it) I started noticing some odd errors: part of the text was garbled, some of the lines were wrong in size or were substituted by wrong characters, as you can see in the screenshot:

strange-behaviour
multitail in a centOS environment

This problem happened when using puTTY on a CentOS 6.6 system, with locale set on UTF-8,  libncurses version 5.x and multitail at 6.4.1

This is the result of multiple problems and some steps are required to fix all the issues :

  1.  Download the latest version of puTTY (0.64 as of today)
  2. Make sure that under Windows -> Translation  and Connection -> Data you have everything as in the images :
    putty-screenshot1

    Remote character set: UTF-8 and “use Unicode line drawing code points”
    screenshot2Terminal-type string: putty
  3. Then, you have to set an environment variable to tell the ncurses libraries to use UTF-8 :

export NCURSES_NO_UTF8_ACS=1

you should also make it stick (echo export NCURSES_NO_UTF8_ACS=1 >> ~/.bashrc )

This should solve all your issues with UTF-8 and the ncurses libraries.