OVH Public Cloud CentOS 7 Change Hostname

by | Nov 1, 2016 | Uncategorized

If you’ve tried to change the hostname on your OVH public cloud instance running CentOS 7, you may have had issues with it persisting after reboot.

Took me way to long to find this solution, but someone had already spent way too much time figuring it out.

This GitHub Gist explains it all https://gist.github.com/zmjwong/77ee37deb1749c2582eb

Basically you need to edit /etc/cloud/cloud.cfg and add “preserve_hostname: true” and then set your hostname using hostnamectl.

hostnamectl –transient set-hostname your.new.hostname
hostnamectl –static set-hostname your.new.hostname

Hope that helps and thank zmjwong!

CrashPlan Update 4.8 and Linux Headless Issues

by | Sep 29, 2016 | Uncategorized

An update to CrashPlan was rolled out at version 4.8 but no download files were available on their site for Windows. So if you’ve been trying to manage your Linux headless install and its failing, this might be why.

Here’s the release notes.

https://support.code42.com/Release_Notes/Code42_Platform/Code42_Public_Cloud_Version_5.4

I don’t know how to kick off updates to CrashPlan on Windows manually, due to this update being pushed out by CrashPlan cloud.

Update 09/30/2016 @ 2:40PM

Was able to direct connect via port 4243 headless without issues.

Update 09/30/2016 @ 10:00AM

Tried accessing a Linux server running 4.8.0 with a Windows client running 4.8.0 with no luck. Essentially what you would call headless, this was over an SSH tunnel. Will try direct.

Update 09/30/2016 @ 9:15AM

Got a reply from CrashPlan on twitter.

 

RRDTool Error When Migrating Observium from 32bit to 64bit Server

by | Aug 26, 2016 | Uncategorized

We had a 32bit Ubuntu server that was getting pegged due to the lack of memory it was able to use when observium was kicking off it’s cron. So I decided to move Observium to a 64bit Ubuntu server.

Unfortunately when trying to run the poller, the following error appeared.

ERROR: This RRD was created on another architecture

The solution was to go back to the old machine and dump the .rrd files to .xml using the rrdtool dump command. I found the solution on this article.

RRDtool: moving data between 32bit and 64bit architectures

However, since the files were located in folders, the code snippet provided wasn’t going to do much. So I just did it with my good old friend xargs, cause I’m lame like that. So I ran the following on the 32bit Ubuntu server.

find . | grep "\.rrd" | sed 's/.rrd//g' | xargs --verbose -l -I ext rrdtool dump ext.rrd > ext.xml

Then I used rsync to copy all the data over to the new 64bit Ubuntu server. And then ran the following.

find . | grep "\.xml" | sed 's/.xml//g' | xargs --verbose -l -I ext rrdtool restore -f ext.xml ext.rrd

And Observium was back to normal! Yea!

Tips and Tricks for Building Ubuntu Packages and Compiling

by | May 27, 2015 | Uncategorized

If you’re about to build packages

  • apt-get install build-essential

If you can’t find debbuild

  • apt-get install devscripts

You receive the following error

dh: unable to load addon quilt: Can't locate Debian/Debhelper/Sequence/quilt.pm in @INC (you may need to install the Debian::Debhelper::Sequence::quilt module) (@INC contains: /etc/perl /usr/local/lib/perl/5.18.2 /usr/local/share/perl/5.18.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.18 /usr/share/perl/5.18 /usr/local/lib/site_perl .) at (eval 13) line 2.
BEGIN failed--compilation aborted at (eval 13) line 2.
  • apt-get install quilt

You receive the following error

dh: unable to load addon autoreconf: Can't locate Debian/Debhelper/Sequence/autoreconf.pm in @INC (you may need to install the Debian::Debhelper::Sequence::autoreconf module) (@INC contains: /etc/perl /usr/local/lib/perl/5.18.2 /usr/local/share/perl/5.18.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.18 /usr/share/perl/5.18 /usr/local/lib/site_perl .) at (eval 15) line 2.
BEGIN failed--compilation aborted at (eval 15) line 2.
  • apt-get install dh-autoreconf

Building Ubuntu Package

  • apt-get install build-essential fakeroot dpkg-dev
  • mkdir build
  • cd build
  • sudo apt-get source foo
  • sudo apt-get build-dep foo
  • debchange
  • debuild -S -sd or debuild -us -uc -i -I

Creating ISO Partition on Local Disk for XenServer/XenCenter 6.5

by | Feb 8, 2015 | Uncategorized

I just started playing with XenServer/XenCenter 6.5 and found a couple of templates required ISO images. Specifically Ubuntu 14.04 LTS Trusty Tahr due to a bug, you can google it. Other Images like Ubuntu 12.04 Precise Pangolin didn’t require an ISO and just needed a URL to install. Funny enough this failed for me, I was going to install 12.04 and then upgrade to 14.04 but that failed.

Google hasn’t really been all that helpful at first, it took me a while to find a solution. There are a lot of old articles that reference LVM which I believe was used up until XenServer 6.2?

I installed XenServer 6.5 from the ISO installer, this creates two 4GB GPT partitions and leaves the rest of the space on your installation destination as free. For more details the following blog post has some more information about the installation partitions and how to keep them clean.

http://xenserver.org/discuss-virtualization/virtualization-blog/entry/xenserver-root-disk-maintenance.html

So I would need to create an additional GPT partition to store my ISO’s on. I used a 128GB SSD for XenServer, I used gdisk and created a 50GB partition.

gdisk /dev/sda

I made sure to leave the type as 0700 and then wrote the changes to disk. If you don’t know how to use gdisk, google can help.

I then had to reboot to see the new partition, and then formatted it as ext3.

mkfs.ext3 /dev/sda3

Remember /dev/sda2 is the random 4GB not mounted partition, so don’t format it!

I then mounted the partition to /mnt/iso and told XenServer about it.

mount /dev/sda3 /mnt/iso

xe sr-create name-label ="ISO Repository" type=iso device-config:location=/mnt/iso device-config:legacy_mode=true content-type=iso

It showed as blank within XenCenter and I don’t know why, I just renamed it. This is actually due to a space after “name-label” as per Sean in the comments. Here is the correct line!

xe sr-create name-label=”ISO Repository” type=iso device-config:location=/mnt/iso device-config:legacy_mode=true content-type=is

I also noticed it unmounted the partition, so I had to remount it. I then uploaded my ISO images using WinSCP, I then went to go create my new VM! But my newly uploaded ISO’s didn’t show up. I had to refresh the ISO storage so it could see the newly uploaded files. Just click on the new “ISO” SR and click the “Storage” tab and press “Rescan” which then showed the ISO’s correctly.

Bammmm. Done, any mistakes or incorrectness, please let me know.

CrashPlan Error “Cound not Initialize class com.code42.jna.inotify.InotifyManager”

by | Feb 8, 2015 | Uncategorized

I had a host that wasn’t backing up at all and found the following error message within the CrashPlan engine_error.log located in /usr/local/crashplan/log

Exception in thread "W87903837_ScanWrkr" java.lang.NoClassDefFoundError: Could not initialize class com.code42.jna.inotify.InotifyManager
at com.code42.jna.inotify.JNAInotifyFileWatcherDriver.<init>(JNAInotifyFileWatcherDriver.java:21)
at com.code42.backup.path.BackupSetsManager.initFileWatcherDriver(BackupSetsManager.java:393)
at com.code42.backup.path.BackupSetsManager.startScheduledFileQueue(BackupSetsManager.java:331)
at com.code42.backup.path.BackupSetsManager.access$1600(BackupSetsManager.java:66)
at com.code42.backup.path.BackupSetsManager$ScanWorker.delay(BackupSetsManager.java:1073)
at com.code42.utils.AWorker.run(AWorker.java:158)
at java.lang.Thread.run(Thread.java:744)

From what I could tell it was related to a CentOS 6.x upgrade that may have set the noexec on /tmp which wasn’t set previously.

The error sees to be related to writing files to the /tmp directory, the following two websites I found by a simple Google search revealed this problem.

http://feeding.cloud.geek.nz/posts/crashplan-and-non-executable-tmp-directories/

CrashPlan Pro for Linux: Stuck at “Waiting for Backup” or “Connecting to Backup Destination”

You have to update the CrashPlan Java options to store its temporary that isn’t mounted as “noexec” by your system

Open up  /usr/local/crashplan/bin/run.conf and add the following to the end of SRV_JAVA_OPTS

-Djava.io.tmpdir=/var/crashplan

CloudFlare Cache Purge Plugin Logs to Posts

by | Feb 7, 2015 | Uncategorized

You might have seen the following Posts in your WordPress blog after installing the CloudFlare Cache Plugin.

SUCCESS : automatic purge url cache for wordpress plugin

This is actually something the plugin is suppose to do, but there is no option to turn it off. And it looks like the plugin hasn’t been updated in months.

https://wordpress.org/support/topic/option-to-turn-off-logging?replies=3#post-6538553

You can disable this by commenting out the following line as per the support article above

I had to comment the line 86 (//wp_insert_post( $log_entry );) in cloudflare_cachepurge.php.

 

Active Directory Authentication with NConf

by | Jan 5, 2015 | Uncategorized

So I had to help someone else with getting NConf working with Active Directory LDAP on a Windows Domain, If you don’t understand the difference between DistinguishedName and sAMAccountName, then you will have some issues.

Currently NConf will only use a DN for successful authentication and authorization (2 steps to getting access to NConf). This means you can’t use your Active Directory username, but instead your DistinguishedName.

If you review the NConf Auth by Active Directory instructions and correctly configure all the options. Using an DistinguishedName of a valid Active Directory account for the username will result in a successful login. Versus using the Active Directory sAMAccountName which is typical the “username” we have all come accustomed to using.

Please note, when specifying the “AD_BASE_DN” as DOMAIN\<username>. You may find success in authenticating, but you won’t have authorization to access NConf. This is due to the memberof logic used in NConf, which fails due to an incorrect Bind DN being provided. It looks like NConf needs to build on the Active Directory integration.

Remove iThemes Security Lockouts Script

by | Dec 9, 2014 | Uncategorized

I decided to create a command line PHP script that would list the current iThemes Security Logs and also allow you to remove them based on IP Address. Here is the script which I’ve called “ithemes-clearip.php” and it’s Github link, its dirty and really was made in like 15 minutes.

https://github.com/jordantrizz/wordpress-scripts

<?
// List and remove iThemes Security Log entries based on IP Address
// Options
$shortopts ="d:";
$shortopts .="l";
$options = getopt($shortopts);
//Database Connect
require_once("wp-config.php");
$link = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
$database_name = DB_NAME;
if ($conn->connect_error) {
  die("Cant connect to database using wp-config.php details - Connection failed: " . $conn->connect_error);
}
if(!$options) {
  print "There was a problem reading in the options.\n\n";
  exit(1);
}
if(array_key_exists("d",$options)) {
  $ip = $options["d"];
  if(filter_var($ip, FILTER_VALIDATE_IP)){
    echo "Deleting all entries for IP Address ". $options["d"] ." in $database_name\n\n";
    $sql="delete from ".$database_name.".wp_itsec_log where log_host = \"".$ip."\"\n\n";
    echo $sql;
    if($link->query($sql) === TRUE) {
      echo "Deleted ". mysqli_affected_rows($link)." rows\n\n";
    } else {
      echo "Error deleting record: " . $conn->error;
    }
  } else {
    print "You didn't specify a correct IP Address.\n\n";
    exit(1);
  }
} elseif(empty($options["l"])) {
  $sql = 'SELECT log_host,log_date from wp_itsec_log';
  $result = $link->query($sql) or die(mysql_error());
  if (!$result) {
    print 'Could not run query: ' . mysql_error();
    exit;
  }
  print "\nLog Host\tLog Date";
  print "\n-----------------------------------";
  while($row = mysqli_fetch_row($result)) {
    print "\n".$row['0']."\t".$row['1'];
  }
  print "\n";
  mysqli_close($link);
}
?>

 

 

Nagios NRPE Disk Check Error on Plesk

by | Jun 24, 2014 | Uncategorized

If you’re monitoring a server with Nagios NRPE that is running Plesk, you might have run into the following issue. The disck_check command may return the following lovely error message.

DISK CRITICAL – /var/named/chroot/etc/named is not accessible: Permission denied

The fix is rather simple, you just need to modify the /etc/nagios/nrpe.cfg file and change your disk_check command to include the following

-x /var/named/chroot/etc/named -x /var/named/chroot/var/named -x /var/named/chroot/etc/named.rfc1912.zones -x /var/named/chroot/etc/rndc.key -x /var/named/chroot/usr/lib64/bind -x /var/named/chroot/etc/named.iscdlv.key -x /var/named/chroot/etc/named.root.key

Which will exclude the chrooted locations that the NRPE daemon doesn’t have access to it.