Tag Archives: GNU

Squeeze is now stable

So squeeze is now stable. Together with the new Debian stable release the guys also updated the website.

I have created a small bash script to perform the upgrade. Here it is.

#!/bin/bash
echo "Moving to /etc/apt"
cd /etc/apt
echo "Backing up sources.list"
cp sources.list sources.list.`date +%F`
echo "Changing the sources for squeeze"
sed 's/lenny/squeeze/g' sources.list > squeeze.sources.list
echo "Copying squeeze to sources.list"
cp squeeze.sources.list sources.list
echo "Performing the upgrade."
apt-get update
apt-get dist-upgrade

Run the script as root or use sudo when executing.

Resulting file should be something like the following.

## main & security repositories
deb http://ftp.us.debian.org/debian/ squeeze main
deb-src http://ftp.us.debian.org/debian/ squeeze main
deb http://security.debian.org/ squeeze/updates main
deb-src http://security.debian.org/ squeeze/updates main

References:

  1. Go2Linux
  2. Linode

Playing around with Nagios

I have been playing around with Nagios lately. This is the most widely used monitoring tool. I’m not going to write another howto, but clarify some things I found missing in the configuration manuals I used.

First you need the PHP module on the apache server for Nagios to work. Else you will find yourself downloading a phtml file to some directory in your box. This is because of the following files in the nagios directory.

xavi@server:~$ sudo find /nagios/ -type f -name "*.php"
/nagios/share/side.php
/nagios/share/includes/utils.inc.php
/nagios/share/main.php
/nagios/share/config.inc.php
/nagios/share/index.php
xavi@server:~$ 

Another issue I found was the with nrpe plugin. This plugin allows us to run commands on remote hosts. Issue is that default compilation values don’t allow us to pass arguments. To pass arguments from the server to the monitored host it must be compiled with the –enable-command-args argument when compiling the nrpe source. Another thing that must be done is setting the dont_blame_nrpe to 1 in the nrpe.cfg file.

dont_blame_nrpe=1

This changes allows us to run checks with arguments remotely. Example:

server:/nagios/libexec# ./check_nrpe -H 212.34.95.23 -c check_procs -a 100 120
PROCS OK: 96 processes
server:/nagios/libexec#

Questions and suggestions are always welcome. 🙂

Useful sed

This is going to be a really small post. Sometimes there are a lot of comments on files. How do we clean it up a little? Using sed. Lets show an example.

[14:21:55] xavi@NewYork:/tmp $ sed -e '/^#/d' /etc/ssh/sshd_config | sed -e '/^$/d'
Port 22
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
UsePrivilegeSeparation yes
KeyRegenerationInterval 3600
ServerKeyBits 768
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
UsePAM yes
[14:22:06] xavi@NewYork:/tmp $

First sed removes lines starting with a #. Our input file is the sshd config file, but it can be any other. The output is then piped to remove the empty lines leaving us with a clean configuration file.

Comments are always welcome. Yes, I know there are some security flaws in the config file, but that is not what we are dealing with in this howto. 🙂
References:

  1. http://www.grymoire.com/Unix/Sed.html
  2. http://en.wikipedia.org/wiki/Sed