ssh -t username,projectname@shell.sourceforge.net create
Then you can copy files to your website using:
scp index.html username@web.sourceforge.net:/home/groups/p/pr/projectname/htdocs/
Monday, August 24, 2009
Using the new sourceforge shell interface
Sourceforge has changed their shell access procedure again. This time it is a little complicated and unintuitive. You need to create a shell (time limited) with:
Then you can copy files to your website using:
Then you can copy files to your website using:
Sunday, August 23, 2009
HOWTO configure zabbix to send emails with postfix
Under Admin|Media Types configure the email option as:
Add a user with email media notifications. It didn't seem to be enough to have this setting, I also had to add an Action. The triggers were an "AND" of:
with the recovery option ticked this got me a PROBLEM email and a RECOVERY email for all triggers above "high". Without the PROBLEM condition I didn't get the recovery message I specified: instead I got two PROBLEM emails with different trigger status (what the?). Others have run into the same issue.
Install postfix and set:
You now have a postfix listening on localhost - you can test it with the 'sendmail' terminal command.
SMTP server: localhost
SMTP helo: myinternetdomain.com
SMTP email: zabbix@myinternetdomain.com
Add a user with email media notifications. It didn't seem to be enough to have this setting, I also had to add an Action. The triggers were an "AND" of:
(A) Trigger severity >= "High"
(B) Trigger value = "PROBLEM"
with the recovery option ticked this got me a PROBLEM email and a RECOVERY email for all triggers above "high". Without the PROBLEM condition I didn't get the recovery message I specified: instead I got two PROBLEM emails with different trigger status (what the?). Others have run into the same issue.
Install postfix and set:
myhostname = myinternetdomain.com
inet_interfaces = 127.0.0.1
You now have a postfix listening on localhost - you can test it with the 'sendmail' terminal command.
Trac error: Unsupported version control system "darcs"
I got this error after an OS upgrade:
To solve it I grabbed the latest darcs trac plugin:
I then had to upgrade and resync each repository:
Unsupported version control system "darcs": Can't find an appropriate component, maybe the corresponding plugin was not enabled?
To solve it I grabbed the latest darcs trac plugin:
darcs get http://darcs.arstecnica.it/trac-darcsand installed it:
sudo python setup.py install
I then had to upgrade and resync each repository:
trac-admin /var/lib/trac/myrepo/ upgrade
trac-admin /var/lib/trac/myrepo/ resync
Thursday, August 20, 2009
What's wrong with Zabbix
I have been using Zabbix for monitoring for a while now, and have been really happy so far. Today I ran into some things that are really annoying:
- You can't change the X-axis on any graph. It is always time. The time period can be adjusted using the little calendar app in the bottom left corner of the browser. I don't really like this approach. I'd like to also be able to specify time periods per screen, because what makes sense for one graph may not work for all the others.
- You can't have a graph of one item (e.g disk-usage) across all hosts. Suck! I want to have a graph of OS versions on the y-axis and hostnames on the x-axis. Not possible!
- net.tcp.listen[port] isn't supported on linux(?) - you will need to use net.tcp.port[,port] instead.
HOWTO: Monitor puppet with zabbix and do agent command testing/troubleshooting
This turned out to be really easy, but not obvious with the GUI. The GUI shows the proc.num syntax as:
So you can use the cmdline to monitor something like this:
To troubleshoot agent monitoring strings, use the commandline on the box (quicker than clicking around in the GUI) like this:
proc.num[but the manual has the real story:<,user> <,state>]
proc.num[<,user> <,state> <,cmdline>]
So you can use the cmdline to monitor something like this:
with:
ruby /usr/sbin/puppetd -w 0
proc.num[ruby,,,"/usr/sbin/puppetd"]
To troubleshoot agent monitoring strings, use the commandline on the box (quicker than clicking around in the GUI) like this:
zabbix_agent -t proc.num[ruby,,,"/usr/sbin/puppetd"]
Wednesday, August 5, 2009
Eliminating openldap '(uid) not indexed' errors
My ldap server logs were full of hundreds of these:
Basically one of these gets written every time a ldap search is done on a non-indexed attribute. The fix is, like most things with LDAP, completely unintuitive.
Take a look at the current indexing being done by:
and grep for olcDbIndex (mine was only indexing objectClass by default).
Create a ldif file (indexchanges.ldif) to change the indexing attribute:
And run it with:
Note that as I mentioned previously ldapmodify fails if you are only listening on ldaps. Change SLAPD_SERVICES to include ldap:/// in '/etc/default/slapd', restart ldap, use ldapmodify, change back, restart ldap.
You then need to tell it to actually build those indexes (need to keep the index files owned by openldap user):
slapd[2921]: <= bdb_equality_candidates: (uid) not indexed
Basically one of these gets written every time a ldap search is done on a non-indexed attribute. The fix is, like most things with LDAP, completely unintuitive.
Take a look at the current indexing being done by:
sudo /usr/sbin/slapcat -n 0 -l output.ldif
and grep for olcDbIndex (mine was only indexing objectClass by default).
Create a ldif file (indexchanges.ldif) to change the indexing attribute:
dn: olcDatabase={1}hdb,cn=config
changetype: modify
replace: olcDbIndex
olcDbIndex: uid,uidNumber,gidNumber,memberUid,uniqueMember,objectClass,cn eq
And run it with:
sudo ldapmodify -f indexchanges.ldif -D cn=admin,cn=config -x -y /etc/ldap.secret
Note that as I mentioned previously ldapmodify fails if you are only listening on ldaps. Change SLAPD_SERVICES to include ldap:/// in '/etc/default/slapd', restart ldap, use ldapmodify, change back, restart ldap.
You then need to tell it to actually build those indexes (need to keep the index files owned by openldap user):
sudo /etc/init.d/slapd stop
sudo su -s /bin/bash -c slapindex openldap
sudo /etc/init.d/slapd start
MythTV and Lirc, adding pause to mplayer
Needed to add a keybinding for pausing video playback when MythTV uses mplayer, thought I might as well record how it worked here. The global lirc config (/etc/lircd.conf) points to your remote, in my case:
You then configure the appropriate buttons in
include /usr/share/lirc/remotes/dvico/lircd.conf.fusionHDTV
You then configure the appropriate buttons in
/home/mymythuser/.mythtv/lircrcthe pause button is as below. Most of the entries in this file will be for 'prog=mythtv' rather than mplayer:
begin
remote = DVICO_DUAL
prog = mplayer
button = playpause
config = p
repeat = 0
delay = 0
end
Tuesday, August 4, 2009
HOWTO delete a moinmoin wiki user
The MoinMoin instructions for how to delete a user, while correct, suck. First find your wiki settings file (mine is in /etc/moin/mywiki.py). In that file find your 'data_dir', mine was pointing to '/var/local/somewiki_wiki'. The user files sit in '/var/local/somewiki_wiki/user', one for each user. Grep that directory for the name you are looking for.
Delete the appropriate user file and also delete the cached username mapping file in ../cache/mywiki/user/name2id (this will be regenerated by django). Restart apache.
Delete the appropriate user file and also delete the cached username mapping file in ../cache/mywiki/user/name2id (this will be regenerated by django). Restart apache.
iptables the Ubuntu way
First, get your rules right on the commandline, some examples:
Then save to a file:
Then in your /etc/network/interfaces file in the block for your interface:
Another alternative is installing the iptables-persistent package, which installs a service that runs iptables-save and iptables-restore against rules in these files (for IPv4 and IPv6):
iptables -F iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -P FORWARD DROP iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -i eth+ -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth+ -p tcp -m tcp --dport 22 -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT
Then save to a file:
iptables-save >/etc/iptables.rules
Then in your /etc/network/interfaces file in the block for your interface:
pre-up iptables-restore < /etc/iptables.rulesIf you are using network manager, you might want to put a script in dispatcher.d instead of using network/interfaces.
Another alternative is installing the iptables-persistent package, which installs a service that runs iptables-save and iptables-restore against rules in these files (for IPv4 and IPv6):
/etc/iptables/rules.v4 /etc/iptables/rules.v6You can do iptables-save to create those files, or just get the rules the way you want then let the package do it for you:
sudo dpkg-reconfigure iptables-persistent
Sunday, August 2, 2009
mdd for windows memory dumps
I have used 'dd.exe' from the Forensic Acquistion Utilities toolkit for Windows memory dumps in the past. The website now appears to be down, so I tried out mdd, an open source project. Worked a treat.
And more malware - lsass.exe
Turns out the previous post wasn't the last of it. An AV message popped up alerting me to a buffer overflow on the heap triggered by C:\windows\cursors\lsass.exe (what is a regular user supposed to do about that?). There may have been some level of rootkitting because I couldn't see the file on the commandline or with windows explorer - booting a linux live CD fixed that problem. This is a location that has been associated with sasser, and this *may* have been a variant, but not a single AV picked it up at virus total. It was using this key to persist:
Sent to McAfee again, and a different Bangalore monkey produced another signature! Win.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="Explorer.exe C:\\WINDOWS\\Cursors\\lsass.exe"
Sent to McAfee again, and a different Bangalore monkey produced another signature! Win.
Subscribe to:
Posts (Atom)