i forgot to mention that i had one element missing from my nagios setup (besides check_mysql, which i still think someone needs to write a better version of): i haven’t had sendmail running on my linux server in about two years, ever since i learned that optonline.net blocks port 25 (and i liked using my own server for outbound email).
today, i decided to change that all, except i didn’t know what settings to use. i was fortunate enough to stumble upon this very cool list of smtp servers and my sendmail.cf file was updated in no time.
for some reason, i still needed sendmail-cf, so i simply ran:
# yum install sendmail-cf
on my fedora core 5 box, and when i ran
# make -C /etc/mail
everything started running perfectly. i already received my backlog of nagios emails that were queued since i installed the software, so i know everything is running smoothly.
smtp settings and sendmail.
mysql dump and restore.
i’ve seen a tremendous amount of different syntaxes for the most simplest database dumps and restore. why worry about the details? this is how you perform a database backup:
$ mysqldump -u username -p databasename > filename.sql
type your password at the prompt, wait a few seconds, and you now have a perfectly good .sql file that represents your database schema and all the data within.
to restore your database, use the following:
$ mysql -u username -p databasename < filename.sql
enter your password once again at the prompt. this input assumes that you have a file named filename.sql in the directory in which you are performing the backup. you can reference the /path/to/filename.sql as well.
that’s all there is to it. if you need to change any data before the restore, simply edit the filename.sql with your favorite editor (but for your own sake, make sure it’s not that large!)
simple backup scripts.
i think there’s a golden rule in system administration: never underestimate the importance of backups. i have a few small scripts that you can use with rsync or just local that i decided may be useful, and i’m going to share them here. maybe later on when i master rsync, i’ll post a tutorial about it here as well.
a mysql backup may work for you as follows:
mysqldump -A –password=xxxxxx | gzip > /root/mysql_backup/`date +%m%d%y_%T`.sql.gz
on the other hand, if you want to backup all qmail for a particular domain, you can attempt to do a job as such:
tar zcvf /root/domain/mailbackup-`date +%m%d%y_%T`.tar.gz /var/qmail/mailnames/domain.com/
i have a cron job that runs nightly to execute these tasks, and i find them rather useful, especially since the inclusion of the timestamp gives me an idea of what could have happened and when.
qmail and its 30 second delay.
the installation of nagios left me stumped in one area. i realized that running check_smtp in /usr/local/nagios/libexec/ kept taking exactly 30 seconds before it worked, and since the check_smtp executable gives a CRITICAL – Socket timeout after 10 seconds, it was pretty essential to get it confirmed as working within that 10 second period.
this issue only seems to plague users of plesk.
the trick is actually to edit the following file:
# vi /etc/xinetd.d/smtp_psa
it is necessary to add -R right after the server_args directive.
e.g.: server_args = -R /usr/sbin/rblsmtpd -r [snip]
then, simply restart xinetd.
# /sbin/service xinetd restart
now, on your remote nagios box, try it:
$ /usr/local/nagios/libexec/check_smtp -H 192.168.0.1
the response time should be instantaneous:
SMTP OK – 0.113 sec. response time|time=0.112892s;;;0.000000
now, only if check_mysql compiled correctly on my server, i’d really have all my bases covered!
how to reset passwords using phpbb.
while we don’t like using open source software (i suppose movabletype is possibly one of the few exceptions), there are always folks who love using phpbb — and then there are folks who love exploiting it.
i decided today that it would be a good idea to disable one of our inactive boards that was getting a lot of hits from spam bots — except that i couldn’t find the login information anywhere.
fortunately, i found out how to reset the password with this nifty little trick that requires, at the mininum, phpMyAdmin (so much for what i say about open-source software).
here’s how it’s done:
1. ftp or log onto the server and navigate to your phpBB directory. download or jot down the values in config.php. (you can bypass this step if you use plesk.)
2. log onto your phpMyAdmin with the username and password that you have written down in step 1.
3. on the left hand navigational bar, click on the phpbb_users table — this is where your username and passwords are stored.
4. click Browse on the top of your screen to view a list of registered users.
5. search for the account that needs its password reset (e.g. Administrator)
6. click Edit (the little pencil icon works too)
7. from the user_password row, click the Function pull-down menu and choose MD5 (your password is stored in an MD5 hash)
8. in the empty box to the right of MD5, replace the password with your new password in plaintext
9. click Go at the bottom of the page.
10. that’s it! now log in with the new password.
system monitoring tools.
i’ve always seen nagios in action, but i guess i’ve always been overwhelmed by all of the steps required to get the service running properly. however, with BobCares: Installing and Configuring Nagios, i now have a real robust monitoring system for a variety of services provided on my server.
this is real good stuff.
rootkits.
ever wonder if your system is hacked? i’ve been told about a bunch of applications, but nothing has impressed me like rkhunter has. this application has it all, and it also has very nifty CLI friendly output.
i’d also recommend chkrootkit, but i must say that i’m quite impressed with rkhunter and its ease of installation and use.
i have already set a cron job for this to be run on a regular basis to verify that my system is running smoothly.
introduction.
as a system administrator, there’s a lot to learn everyday. i am going to use this as a resource to educate myself and to educate others about the joys of being a hosting administrator at a prestigious internet company in new york.