Admins eHow SysAdmin Tips & Tricks

August 7, 2014

Send email alerts if PERC H200 raid fails in Linux

Filed under: Debian,linux — Tags: , , — admin @ 11:18 pm

Recently I have bought a Dell PowerEdge R210 server which is equipped by PERC H200 raid controller.
As I have setup a raid 1 on this server, I needed to monitor its raid status, Here is what I did :
First you need “sas2ircu” utility which can be found on following website :
http://hwraid.le-vert.net/wiki/DebianPackages
Running “sas2ircu 0 STATUS” give you following output :

root@x:/# sas2ircu 0 STATUS
LSI Corporation SAS2 IR Configuration Utility.
Version 16.00.00.00 (2013.03.01)
Copyright (c) 2009-2013 LSI Corporation. All rights reserved.

Background command progress status for controller 0...
IR Volume 1
  Volume ID                               : 79
  Current operation                       : None
  Volume status                           : Enabled
  Volume state                            : Optimal
  Volume wwid                             : xxxxxxxxxxxxxx
  Physical disk I/Os                      : Not quiesced
SAS2IRCU: Command STATUS Completed Successfully.
SAS2IRCU: Utility Completed Successfully.

What we are interested in is “Optimal” status. so if Optimal changes to anything, we want to be notified.
You can use the following script to do that (change MAIL variable to your own email address) :

#!/bin/bash
MAIL=mail@domain.com
RESULT=`sas2ircu 0 STATUS | grep Optimal`
if [ -z "$RESULT" ]; then
    echo "RAID ERROR ON SERVER" | mail -s 'Raid Error' "$MAIL"
    else echo "Raid is OK"
fi

as always do not forget to test if your server is actually able to send mails and you receive them.
Finally save the script in a file and put it in cronjob. I have chosen to run it every 12 hours :

0 */12 * * * /usr/bin/raidcheck

July 20, 2014

Send email alerts when HP Proliant RAID fails in Linux

Filed under: linux — Tags: , , , , , , , — admin @ 7:51 pm

As a minimalist person, I am not a fan of running heavy monitoring tools of HP on my server. so I have written a very small bash script to monitor my server RAID status and send me email alerts if it fails.
For this script to work, first you need to install hpacucli (HP Array Configuration Utility) on your server. you can download it from HP website for your Linux distribution.
The script is very easy to understand but you may need to tweak it a little bit to fit your server.
The heart is this line :

hpacucli ctrl slot=1 pd all show

which returns following on my server :

\\ EMPTY LINE
Smart Array P222 in Slot 1

   array A

      physicaldrive 2I:1:1 (port 2I:box 1:bay 1, SATA, 3 TB, OK)
      physicaldrive 2I:1:2 (port 2I:box 1:bay 2, SATA, 3 TB, OK)
      physicaldrive 2I:1:3 (port 2I:box 1:bay 3, SATA, 3 TB, OK)
      physicaldrive 2I:1:4 (port 2I:box 1:bay 4, SATA, 3 TB, OK)

but we only need lines 6-9 which are showing the drives status. It is where you may need to tweak it as you may have more or less drives.
So it may not be 6-9 for you and you may need to change 6,9 in sed command.
Here is the final script :

#!/bin/bash
MAIL=mail@domain.com
RESULT=`hpacucli ctrl slot=1 pd all show | sed -n '6,9 p' | grep -v OK`
if [ -n "$RESULT" ]; then
	echo "$RESULT" | mail -s 'Raid Error' "$MAIL"
	else echo "Raid is OK"
fi

Dont forget to change MAIL variable to your own email address.
You may test the script once to make sure your server is able to send emails and you actually receive them.
Finally save the script in a file and put it in cronjob. I have chosen to run it every 12 hours :

0 */12 * * * /usr/bin/raidcheck

May 9, 2014

Auto update Atomicorp mod_security rules script

Filed under: cPanel,linux — Tags: , , , , — admin @ 6:31 pm

Here is a very simple script, I have written for my own use to auto update mod_security rules from Atomicorp server. You can use cronjobs to automate the process.
Dont forget to put your Atomicorp subscription username and password in the script.

#!/bin/sh

USER=
PASS=
DIR=/var/cpanel

VER=`wget -q --user=$USER --password=$PASS http://updates.atomicorp.com/channels/rules/subscription/VERSION -O - | grep MODSEC_VERSION | sed -r 's/^.{15}//'`
FILE_NAME=modsec-$VER.tar.bz2
wget -q --user=$USER --password=$PASS http://updates.atomicorp.com/channels/rules/subscription/$FILE_NAME -O - | tar jxf - -C $DIR
/etc/init.d/httpd -k graceful

In this case, the script will install the rules in /var/cpanel/modsec directory and reload the server gracefully.
Apparently you should have the following in your modsec2.user.conf

Include "/var/cpanel/modsec/000000_asl_modreqtimeout.conf"
Include "/var/cpanel/modsec/00_asl_0_global.conf"
Include "/var/cpanel/modsec/00_asl_rbl.conf"
Include "/var/cpanel/modsec/00_asl_z_antievasion.conf"
Include "/var/cpanel/modsec/00_asl_zz_strict.conf"
Include "/var/cpanel/modsec/01_asl_content.conf"
Include "/var/cpanel/modsec/01_asl_rules_special.conf"
Include "/var/cpanel/modsec/03_asl_dos.conf"
Include "/var/cpanel/modsec/05_asl_exclude.conf"
Include "/var/cpanel/modsec/05_asl_scanner.conf"
Include "/var/cpanel/modsec/09_asl_rules.conf"
Include "/var/cpanel/modsec/09_asl_rules_antievasion.conf"
Include "/var/cpanel/modsec/10_asl_antimalware.conf"
Include "/var/cpanel/modsec/10_asl_antimalware_output.conf"
Include "/var/cpanel/modsec/10_asl_rules.conf"
Include "/var/cpanel/modsec/11_asl_adv_rules.conf"
Include "/var/cpanel/modsec/11_asl_data_loss.conf"
Include "/var/cpanel/modsec/11_asl_rules.conf"
Include "/var/cpanel/modsec/12_asl_brute.conf"
Include "/var/cpanel/modsec/20_asl_useragents.conf"
Include "/var/cpanel/modsec/30_asl_antimalware.conf"
Include "/var/cpanel/modsec/30_asl_antispam.conf"
Include "/var/cpanel/modsec/30_asl_antispam_referrer.conf"
Include "/var/cpanel/modsec/31_asl_urispam.conf"
Include "/var/cpanel/modsec/40_asl_apache2-rules.conf"
Include "/var/cpanel/modsec/50_asl_rootkits.conf"
Include "/var/cpanel/modsec/51_asl_rootkits.conf"
Include "/var/cpanel/modsec/60_asl_recons.conf"
Include "/var/cpanel/modsec/61_asl_recons_dlp.conf"
Include "/var/cpanel/modsec/98_asl_adv_redactor.conf"
Include "/var/cpanel/modsec/98_asl_jitp.conf"
Include "/var/cpanel/modsec/99_asl_a_redactor.conf"
Include "/var/cpanel/modsec/99_asl_exclude.conf"
Include "/var/cpanel/modsec/99_asl_jitp.conf"
Include "/var/cpanel/modsec/99_asl_redactor.conf"
Include "/var/cpanel/modsec/99_asl_redactor_post.conf"

October 24, 2012

The proper way to benchmark disk write performance in Linux

Filed under: CentOS,Debian,linux — Tags: , , , , — admin @ 7:46 am
dd bs=1M count=512 if=/dev/zero of=test conv=fdatasync

The result is something like this :
512+0 records in
512+0 records out
536870912 bytes (537 MB) copied, 1.43334 s, 375 MB/s

April 17, 2012

How to create a mirror of a site using wget

Filed under: General,linux — Tags: , , , — admin @ 7:33 am

First you need to make sure you have the latest version of wget, some distros are still being released with older versions of wget which has some bugs regarding mirroring functionality. currently the latest version is 1.13.4, so if you don’t have the latest version, you can download and build it from following link :

ftp://ftp.gnu.org/gnu/wget/

after building the wget, make sure the latest version is being used :

wget -V

output :

GNU Wget 1.13.4 built on linux-gnu.

+digest +https +ipv6 -iri +large-file +nls -ntlm +opie +ssl/gnutls 

Wgetrc: 
    /usr/local/etc/wgetrc (system)
Locale: /usr/local/share/locale 
Compile: gcc -DHAVE_CONFIG_H -DSYSTEM_WGETRC="/usr/local/etc/wgetrc" 
    -DLOCALEDIR="/usr/local/share/locale" -I. -I../lib -I../lib -O2 
    -Wall 
Link: gcc -O2 -Wall -lgnutls -lgcrypt -lgpg-error -lz -lrt ftp-opie.o 
    gnutls.o ../lib/libgnu.a 

Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://www.gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Originally written by Hrvoje Niksic <hniksic@xemacs.org>.
Please send bug reports and questions to <bug-wget@gnu.org>.

OK, you are good to go now, just execute the following command and relax 🙂

wget -mkp -e robots=off http://site

December 16, 2011

Linux Delete Empty Directories (Folders)

Filed under: CentOS,Debian,General,linux — Tags: , , , , , , — admin @ 6:01 am

As simple as one single command :

find -type d -empty -delete

September 26, 2011

Gateway on a different subnet on Linux

Filed under: Debian,General,linux — Tags: , , , , , — admin @ 7:50 am

Theoretically host IP and gateway should be on the same IP subnet. but there are some situations where host IP and gateway subnet are on different subnets. like my situation today. I was assigned two additional IPs for my server by my Data-center, but IPs were from a different subnet compared to server main IP. these IPs will work if you set them as additional IPs. but I needed them to create two new VPS’s on my server with bridged network interface. in this situation additional IPs should serve as main IP address and there is no gateway on same subnet available.
So here are the assumptions :

a.b.c.d is the host IP
e.f.g.h is the gateway IP
a.b.c.d & e.f.g.h are on different subnets.

by default if you try to set gateway by following command :

route add default gw e.f.g.h

you will get this error :

SIOCADDRT: No such process

the trick is simple , first add a route to default gateway itself and then set the default gateway , like this :

route add e.f.g.h/32 dev eth0
route add default gw e.f.g.h

remember you may need to change eth0 to your device name , it may be eth1 or wlan0 or anything.

How to make these route changes persistent ?

For Debian/Ubuntu :
Add the following lines to /etc/network/interfaces :

post-up route add e.f.g.h/32 dev eth0
post-up route add default gw e.f.g.h

September 5, 2011

IPTables packet traverse map

Filed under: CentOS,Debian,General,linux,Security — Tags: , , , , , — admin @ 7:23 am

1.

(more…)

June 19, 2011

Linux Redirection Cheat Sheet

Filed under: Bash,linux — Tags: , , , , — admin @ 2:32 pm
Normal Redirect:

command > filename        Redirect command output to a file
command >> filename       APPEND into a file
command < filename        Type a text file and pass the text to command
commandA  |  commandB     Pipe the output from commandA into commandB
commandA &  commandB      Run commandA and then run commandB
commandA && commandB      Run commandA, if it succeeds then run commandB
commandA || commandB      Run commandA, if it fails then run commandB

Numeric handles:

STDIN  = 0  Keyboard input
STDOUT = 1  Text output
STDERR = 2  Error text output
UNDEFINED = 3-9

command 2> filename       Redirect any error message into a file
command 2>> filename      Append any error message into a file
command > file 2>&1       Redirect errors and output to one file
command > file 2<&1       Redirect output and errors to one file
command > fileA 2> fileB  Redirect output and errors to separate files
command 2>&1 >filename    This will fail!

Redirect to /dev/null (hide errors):

command 2> /dev/null            Redirect error messages to /dev/null
command >/dev/null 2>&1         Redirect error and output to /dev/null
command >filename 2> /dev/null  Redirect output to file but suppress error

Source : ss64.com

May 4, 2011

Backup Files or MySQL DBs to a remote FTP server with compression and encryption

Filed under: CentOS,Debian,General,linux,Security — Tags: , , , , , , , — admin @ 6:30 pm

After my previous article which explained how to backup MySQL DBs to an email address , I am going to provide a more perfect solution in this article 🙂
The previous solution had some drawbacks and some advantages but the biggest problem was about the size of backup. although we compress the data with bzip2 algorithm which provides a high level of compression but in many cases, the attachment size will exceed 25MB or the limit of your email box. so it can not be used with public email services or will need a personal email server.
a better solution is to backup the data to a remote FTP server. in this case we will have almost no limit on file size (depending on your remote FTP server).
A perfect place to backup your files is fileserve.com , it offers 500GB of space for free and FTP access to it ! it is awesome ! I would recommend to upgrade to their premium service.
click on this link to signup for your free account : FileServe.com Free Account
also we will employ encryption to make sure our data is safe in transmit and in remote location.
to use this solution make sure bzip2, mcrypt and ncftp are installed on your server. I am not going into the details of installing each package, Google is your friend 🙂
so lets say you want to backup /var/www folder, use the following command :

tar jcf - /var/www | mcrypt -k 'SOME_LONG_COMPLEX_KEY' |  ncftpput -c -u FTP_USER -p FTP_PASS FTP_HOST /PREFIX-`date +%Y%m%d`

this only command will compress the whole /var/www folder by tar and bzip2 at the same time encrypt it by your key and at the same time will upload it to remote FTP server !
omg ! thats why I love Linux ! you can put it in your crontab to create automatic backups.
now lets say you want to backup all MySQL DBs , you can use the following command :

mysqldump --user=USERNAME --password=PASSWORD -A | bzip2 | mcrypt -k 'SOME_LONG_COMPLEX_KEY' |  ncftpput -c -u FTP_USER -p FTP_PASS FTP_HOST /PREFIX-`date +%Y%m%d`

the combinations and possibilities are limitless !
I just gave you the idea and showed you the power, use your own brain to make your perfect solution 😉
Just something else , if you needed to decrypt the file , you can use the following command :

mcrypt -d FILE_NAME -k 'YOUR_LONG_COMPLEX_KEY' > NEW_FILE_NAME
« Newer PostsOlder Posts »

Powered by WordPress