Posts Tagged ‘server root’

Debian Linux: Installing and monitoring servers with Icanga (Nagios fork soft)

Monday, June 3rd, 2013

icinga-monitoring-processes-and-servers-linux-logo

There is plenty of software for monitoring how server performs and whether servers are correctly up and running. There is probably no Debian Linux admin who didn't already worked or at least tried Nagios and Mointor to monitor and notify whether server is unreachable or how server services operate. Nagios and Munin are play well together to prevent possible upcoming problems with Web / Db / E-mail services or get notify whether they are completely inaccessible. One similar "next-generation" and less known software is Icanga.
The reason, why to use Icinga  instead of Nagios is  more features a list of what does Icinga supports more than Nagios is on its site here
I recently heard of it and decided to try it myself. To try Icanga I followed Icanga's install tutorial on Wiki.Icanga.Org here
In Debian Wheezy, Icinga is already part of official repositories so installing it like in Squeeze and Lenny does not require use of external Debian BackPorts repositories.

1. Install Icinga pre-requirement packages

debian:# apt-get --yes install php5 php5-cli php-pear php5-xmlrpc php5-xsl php5-gd php5-ldap php5-mysql

2. Install Icanga-web package

debian:~# apt-get --yes install icinga-web

Here you will be prompted a number of times to answer few dialog questions important for security, as well as fill in MySQL server root user / password as well as SQL password that will icinga_web mySQL user use.

icinga-choosing-database-type

configuring-icinga-web-debian-linux-configuring-database-shot

debian-config-screenshot-configuring-icinga-idoutils

icinga-password-confirmation-debian-linux
….

Setting up icinga-idoutils (1.7.1-6) …
dbconfig-common: writing config to /etc/dbconfig-common/icinga-idoutils.conf
granting access to database icinga for icinga-idoutils@localhost: success.
verifying access for icinga-idoutils@localhost: success.
creating database icinga: success.
verifying database icinga exists: success.
populating database via sql…  done.
dbconfig-common: flushing administrative password
Setting up icinga-web (1.7.1+dfsg2-6) …
dbconfig-common: writing config to /etc/dbconfig-common/icinga-web.conf

Creating config file /etc/dbconfig-common/icinga-web.conf with new version
granting access to database icinga_web for icinga_web@localhost: success.
verifying access for icinga_web@localhost: success.
creating database icinga_web: success.
verifying database icinga_web exists: success.
populating database via sql…  done.
dbconfig-common: flushing administrative password

Creating config file /etc/icinga-web/conf.d/database-web.xml with new version
database config successful: /etc/icinga-web/conf.d/database-web.xml

Creating config file /etc/icinga-web/conf.d/database-ido.xml with new version
database config successful: /etc/icinga-web/conf.d/database-ido.xml
enabling config for webserver apache2…
Enabling module rewrite.
To activate the new configuration, you need to run:
  service apache2 restart
`/etc/apache2/conf.d/icinga-web.conf' -> `../../icinga-web/apache2.conf'
[ ok ] Reloading web server config: apache2 not running.
root password updates successfully!
Basedir: /usr Cachedir: /var/cache/icinga-web
Cache already purged!

3. Enable Apache mod_rewrite
 

 

debian:~# a2enmod rewrite
debian:~# /etc/init.d/apache2 restart


4. Icinga documentation files

Some key hints on Enabling some more nice Icinga features are mentioned in Icinga README files, check out, all docs files included with Icinga separate packs are into:
 

debian:~# ls -ld *icinga*/
drwxr-xr-x 3 root root 4096 Jun  3 10:48 icinga-common/
drwxr-xr-x 3 root root 4096 Jun  3 10:48 icinga-core/
drwxr-xr-x 3 root root 4096 Jun  3 10:48 icinga-idoutils/
drwxr-xr-x 2 root root 4096 Jun  3 10:48 icinga-web/

debian:~# less /usr/share/doc/icinga-web/README.Debian debian:~# less /usr/share/doc/icinga-idoutils/README.Debian

5. Configuring Icinga

Icinga configurations are separated in two directories:

debian:~# ls -ld *icinga*

drwxr-xr-x 4 root root 4096 Jun  3 10:50 icinga
drwxr-xr-x 3 root root 4096 Jun  3 11:07 icinga-web

>

etc/icinga/ – (contains configurations files for on exact icinga backend server behavior)

 

/etc/icinga-web – (contains all kind of Icinga Apache configurations)
Main configuration worthy to look in after install is /etc/icinga/icinga.cfg.

6. Accessing newly installed Icinga via web

To access just installed Icinga, open in browser URL – htp://localhost/icinga-web

icinga web login screen in browser debian gnu linux

logged in inside Icinga / Icinga web view and control frontend

 

7. Monitoring host services with Icinga (NRPE)

As fork of Nagios. Icinga has similar modular architecture and uses number of external plugins to Monitor external host services list of existing plugins is on Icinga's wiki here.
Just like Nagios Icinga supports NRPE protocol (Nagios Remote Plugin Executor). To setup NRPE, nrpe plugin from nagios is used (nagios-nrpe-server). 

To install NRPE on any of the nodes to be tracked;
debian: ~# apt-get install –yes nagios-nrpe-server

 Then to configure NRPE edit /etc/nagios/nrpe_local.cfg


 

Once NRPE is supported in Icinga, you can install on Windows or Linux hosts NRPE clients like in Nagios to report on server processes state and easily monitor if server disk space / load or service is in critical state.

How to list and delete mail queue on Qmail / Sendmail / Postfix and Exim SMTP server

Wednesday, April 3rd, 2013

How to list and manage delete Qmail Postfix Sendmail Exim mail SMTP queue View-and delete manage Linux and FreeBSD mail server queue

I have to administrate different kind of mail servers. Different clients has different requirements so in daily job I had to take care for all major mail server platforms our there. Often I have to fix problems with mail servers one very useful thing is to check the mail server queue to see what is there holding to be delivered. Often problems with busy mail servers are rooted in overfilled queues with undelivered mails so checking the queue on Postfix / Exim / Sendmail and Qmail is among the first thing to do to diagnose a problem with improperly working SMTP. In this little article I will show how one can check what is in the queue even if he didn't have the technical background on how each of those mail delivery agents works.

1. How to check and manage queue of Qmail Mail Server

Essential info on how many messages are in the queue and to list this messages in Qmail are done with qmail-qstat and qmail-qread.

a) Checking how many messages are in Qmail queue undelivered to remote SMTPs

root@mail:~# qmail-qstat
messages in queue: 1
messages in queue but not yet preprocessed: 0

b) Listing undelivered e-mails held in Qmail queue

root@mail:~# qmail-qread
26 Mar 2013 01:33:07 GMT  #9609259  748  <info@pomoriemonastery.org>
    remote    bpfejd@gprizm.com
root@mail:~#

One other useful command in dealing with Qmail queue is qmail-qread type it and see for yourself what it does.
c) Flushing qmail queue

Use a tiny shell script ( flush_qmail_queue.sh ), deleting all files in /var/qmail/queue/mess – directory where qmail stores undelivered messages in queue.

# ./flush_qmail_queue.sh

Though above script should be working in some cases, where there are permission problems with Queue or some other mess it is better to use more sophisticated Qmail Queue cleaining tool Qmail MailRemove. To use its necessary to have a working version of Python programming language. Once downloaded Qmail MailRemove, mkdir  /var/qmail/queue/filter (a directory needed for MailRemove to work). Then run script

# ./mailRemove.py email_to_remove

Other variant to clean messed qmail queue is to use qmailHandle.

2. How to check and delete mails from queue in Postfix SMTP

On postfix queue is checked using both postqueue command which is postfix's specific tool for viewing the queue or the standard sendmail mailq. mailq is actually – Postfix to sendmail compitability interface, i.e. this command is not the native way to view queue in Postfix but is just a wrapper binary which invokes postqueue with an option to visualize what is in queue for SMTP admins accustomed to work with sendmail.

a) Checking list of undelivered e-mails

Below is an examples:

mail:~# mailq

-Queue ID- –Size– —-Arrival Time—- -Sender/Recipient——-
4A22BBE1A3*     657 Mon Apr  1 18:46:01  www-data@debian.uk2net.com
                                         csacpabb@nasvalke.com

25824BE18B*     660 Thu Mar 28 18:15:03  www-data@debian.uk2net.com
                                         Aliermarl@fmailxc.com.com

D2AA7BE1BF      652 Sun Mar 31 04:30:21  www-data@debian.uk2net.com
(host mail.drugsellr.com[37.1.218.81] refused to talk to me: 421 Too many concurrent SMTP connections; please try again later.)
                                         Erudge@drugsellr.com

mail:~# postfix -p
-Queue ID- –Size– —-Arrival Time—- -Sender/Recipient——-
36911BE18D*     662 Mon Mar 25 11:08:01  www-data@debian.uk2net.com
                                         lutuaslenty@fmailxc.com.com

C2439BE207*     662 Fri Mar 22 14:59:45  www-data@debian.uk2net.com
                                         Gavepolla@fmailxc.com.com

4A22BBE1A3*     657 Mon Apr  1 18:46:01  www-data@debian.uk2net.com
                                         csacpabb@nasvalke.com

b) Checking the  number of undelivered mails living in Postfix queue

postfix:~#  postqueue -p|wc -l
433

c) Viewing content of specific mail held in Postfix queue

Whether you need to check content of specific undelivered mail kept in queue you should do it by its ID, to view last mail from earlier postfix -p example:

postfix:~# postcat -q 4A22BBE1A3

*** ENVELOPE RECORDS deferred/A/4A22BBE1A3 ***
message_size:             656             187               1               0             656
message_arrival_time: Tue Apr  2 14:25:34 2013
create_time: Tue Apr  2 14:25:35 2013
named_attribute: rewrite_context=local
sender_fullname: www-data
sender: www-data@debian.uk2net.com
*** MESSAGE CONTENTS deferred/A/4A22BBE1A3 ***
Received: by postfix (Postfix, from userid 33)
        id AA379BE07A; Tue,  2 Apr 2013 14:25:34 +0100 (BST)
To: hawtiene@drugsellr.com
Subject: =?UTF8?B?QWNjb3VudCBpbmZvcm1hdGlvbiBmb3IgU09DQ0VSRkFNRQ==?=
X-PHP-Originating-Script: 1000:register_login_functions.php
From: SOCCERFAME <no-reply@mail.host.com>
Content-type:text/plain; charset=UTF8
Message-Id: <20130402132535.AA379BE07A@mail.host.com>
Date: Tue,  2 Apr 2013 14:25:34 +0100 (BST)

Please keep that email. It contains your username and password for postfix.
—————————-
nick : hawtiene
pass : 1v7Upjw3nT
—————————-

*** HEADER EXTRACTED deferred/A/4A22BBE1A3 ***
original_recipient: hawtiene@drugsellr.com
recipient: hawtiene@drugsellr.com
*** MESSAGE FILE END deferred/A/4A22BBE1A3 ***

d) Deleting mails in Postfix queue

To delete all mails in Postfix queue run:

postfix:~# postsuper -d ALL

If Postfix cannot deliver a message to a recipient it is placed in the deferred queue.  The queue manager will scan the deferred queue to see it if can place mail back into the active queue.  How often this scan occurs is determined by the queue_run_delay.
The queue_run_delay is by default 300s or 300 seconds. If you have a very busy mail server you may see a large deferred queue.
To delete all mails in deferred queue.

postfix:~# postsuper -d ALL deferred

3. How to check mail queue of Exim mail server

Viewing number of messages and list of undelivered messages in Exim queue is done using exim command by specifying arguments.

a) Checking the list of undelivered mails kept undelivered in Exim SMTP Queue

 

root@iqtestfb:/etc/exim4# exim -bp

4d 416 1UI1fS-00021I-1s <root@ETC_MAILNAME> *** frozen *** hipo@pc-freak.net 4d 746 1UI1gc-00023T-0S <root@ETC_MAILNAME> *** frozen *** root@ETC_MAILNAME 4d 752 1UI1lR-0003H0-89 <root@ETC_MAILNAME> *** frozen *** root@ETC_MAILNAME 4d 894 1UI1lR-0003H5-I6 <www-data@ETC_MAILNAME> *** frozen *** www-data@ETC_MAILNAME

b) Counting number of Exim undelivered messages kept in Mail Queue
exim-smtp:/etc/exim4# exim -bpc 2063 c) Getting a summary of all messages in Exim Queue (Count, Volume, Oldest, Newest, Destination Domain)
exim-smtp:/etc/exim4# exim -bp| exiqsumm

Count Volume Oldest Newest Domain —– —— —— —— —— 1 862 22h 22h 126.com 2 1751 12h 5h 163.com 21 3111KB 4d 3h abv.bg 2 766KB 42h 7h alice.it 1 383KB 7h 7h aol.com 1 383KB 4d 4d att.net 1 383KB 3d 3d beotel.net 2 766KB 20h 19h bih.net.ba 1685 3291KB 4d 1m etc_mailname 1 383KB 70h 70h facebook.com 1 383KB 66h 66h gaaa 81 22MB 4d 15m gmail.com 1 564 3d 3d gmaill.com 1 383KB 3d 3d googlemail.com 1 383KB 64h 64h hotmai.rs 33 10MB 4d 2h hotmail.com 25 9193KB 4d 79m hotmail.it 1 383KB 4d 4d hotmailcom 2 1128 24h 20h icloud.com 2 766KB 67h 67h inwind.it 11 3831KB 3d 7h libero.it 1 383KB 20h 20h live.co.uk 3 767KB 37h 3h live.com 6 1916KB 67h 45h live.it 1 552 28h 28h live.no 1 383KB 67h 67h llle.it 1 383KB 67h 67h lllle.it 1 383KB 33m 33m luigimori.it 2 389KB 56h 4h mail.bg 1 383KB 66h 66h mailmetrash.com 1 383KB 39h 39h malltron.it 1 562 7h 7h me.com 1 383KB 4d 4d msn.com 2 1116 49h 47h net.hr 1 383KB 28h 28h orion.rs 1 383KB 3d 3d paskaa.com 75 31KB 4d 3d pc-freak.net 1 572 3d 3d prismamedia.ro 1 383KB 71h 71h rediffmail.com 1 383KB 28h 28h seznam.cz 1 383KB 14m 14m siol.net 36 11KB 4d 3d sms.mtel.net 1 557 53h 53h t-com.hr 1 383KB 23h 23h tecnobagno.191.it 1 383KB 4d 4d teol.net 2 766KB 67h 44h virgilio.it 1 383KB 42h 42h windwslive.com 1 549 3d 3d yahoo 43 9213KB 4d 74m yahoo.com 2 766KB 70h 46h yahoo.it 1 383KB 71h 71h ymail.com ————————————————————— 2068 76MB 4d 1m TOTAL

 

c)  List Exim queued messages sorted by recipient address and sender address

  To list e-mails in queue sorted by recipient address

exim-smtp:/etc/exim4# exim -bpr|grep -Eo "^\s*[^ ]*@[^ ]*$" |sort | uniq -c

To List queued messages grouped by address of sender
exim-smtp:/etc/exim4# exim -bpr | grep -Eo "<[^ ]*@[^ ]*>" | sort | uniq -c  

d) Forcing Exim  to attempt re-send e-mails kept inside
queue

As Exim is relatively new SMTP its authors thought deeply before writting it and included options to do queue e-mail sent whether server is not under extremely high loads as well as send, regardless of load. Make Exim start sending queue e-mails if server is not overloaded (no extra-high server load)
exim-smtp:/etc/exim4# exim -q -v

  To make Exim force a queue run regardless of system load exim-smtp:/etc/exim4# exim -qf -v  

To make Exim deliver only e-mails sent from server to server (usually e-mails from local server monitoring software and log reports)
exim-smtp:/etc/exim4# exim -ql -v

e) Deleting e-mails from Exim mail queue

To Remove a message from queue identify by ID

exim-smtp:/etc/exim4# exim -Mrm <message-id>     Force Exim delivery of a message regardless of Frozen status

exim-smtp:/etc/exim4# exim -M<message-id >  

f) Removing Exim mails older than certain seconds or hours To remove all mails older than 12hrs (43000 seconds) exim-smtp:~# exiqgrep -o 43000 -i | xargs exim -Mrm

Deleting all frozen mails from queue is done with:

exim-smtp:~# exiqgrep -z -i | xargs exim -Mrm  

Removing all e-mails belonging to particular sender

exim-smtp:~# exiqgrep -i -f user@domain.com | xargs exim -Mrm

  Removing all mails from a sender that are older than 12hrs

exim-smtp:~# exiqgrep -o 43000 -i -f user@domain.com | xargs exim -Mrm
 

g) Flushing Exim mail queue
Use

exim-smtp:~# runq
  or

exim-smtp:~# exim -q

4. How to view and manage sendmail SMTP queue

a) Listing all e-mails stored in Sendmail queue

To list the mail queue in sendmail

sendmail:~# sendmail -bp
/var/spool/mqueue is empty
        Total requests: 0

or

sendmail:~# mailq
 

/var/spool/mqueue (3 requests) —–Q-ID—– –Size– —–Q-Time—– ————Sender/Recipient———– m9TMLQHG012749 1103 Thu Oct 30 11:21 <apache@localhost.localdomain> (host map: lookup (electrictoolbox.com): deferred) <test@electrictoolbox.com> m9TMLRB9012751 37113 Thu Oct 30 11:21 <apache@localhost.localdomain> (host map: lookup (electrictoolbox.com): deferred) <test@electrictoolbox.com> m9TMLPcg012747 240451 Thu Oct 30 11:21 <apache@localhost.localdomain> (host map: lookup (electrictoolbox.com): deferred) <test@electrictoolbox.com> Total requests: 3

b) Checking queue for specific mail sender or recipient

sendmail:~# mailq | grep -i email@domain-name.com -A 2 -B 2
....

c) Removing all e-mails from Sendmail queue

To delete everything stored in Sendmail queue delete files from directory where sendmail stores still undelivered mails. In sendmail this is /var/spool/mqueue and /var/mqueue

sendmail:~# rm /var/spool/mqueue/*.*
sendmail:~# rm /var/mqueue/*.*

Deleting all pending mails from queue

To remove / delete e-mails originating from certain domain / user or recipient

sendmail:~# sendmail -qS -v domain-name.com

To delete e-mail from certain user or recipieint

sendmail:~# sendmail -qR -v yahoo.co.uk

 

How to check /dev/ partition disk labeling in Debian GNU / Linux

Thursday, December 8th, 2011

The usual way that one is supposed to check a certain partition let’s say /dev/sda1 disk UUID (Universal Unique Identifier) label is through a command:
vol_id /dev/sda1

For reason however Debian does not include vol_id command. To check the UUID assigned disk labels on Debian one should use another command called blkid (part of util-linux deb package).

blkid will list all block device attributes so it doesn’t specifically, passing any partition as argument.
Here is an example output of blkid :

server:/root# blkid
/dev/sda1: UUID="cdb1836e-b7a2-4cc7-b666-8d2aa31b2da4" SEC_TYPE="ext2" TYPE="ext3"
/dev/sda5: UUID="c67d6d43-a48f-43ff-9d65-7c707a57dfe6" TYPE="swap"
/dev/sdb1: UUID="e324ec28-cf04-4e2e-8953-b6a8e6482425" TYPE="ext2"
/dev/sdb5: UUID="1DWe0F-Of9d-Sl1J-8pXW-PLpy-Wf9s-SsyZfQ" TYPE="LVM2_member"
/dev/mapper/computer-root: UUID="fbdfc19e-6ec8-4000-af8a-cde62926e395" TYPE="ext3"
/dev/mapper/computer-swap_1: UUID="e69100ab-9ef4-45df-a6aa-886a981e5f26" TYPE="swap"
/dev/mapper/computer-home: UUID="2fe446da-242d-4cca-8b2c-d23c76fa27ec" TYPE="ext3"

 

How to change MySQL server root password

Friday, July 29th, 2011

MySQL pass dialog Debian

I had to change my mysql root password for one of the servers since during the install I mispasted the password in the MySQL password prompt I needed the pwd to be changed.

Here is how I changed it to my desired one:

linux:~# /usr/bin/mysqladmin -u root -p'OLD_PASSWORD_STRING' password NEW_PASSWORD_STRING
linux:~#

The password gets changed immediately 😉

If a new password has to be set to a passwordless mysql server, the command to be issued is:

linux:~# /usr/bin/mysqladmin -u root password PASSWORD_STRING

Changing the MySQL password is also possible with mysql cli, after connecting to the sql server, though this method is a bit more time consuming. Here is how to do it from mysql console:

linux:~# mysql -u root -p
Server version: 5.1.49-3 (Debian)

Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL v2 license

Type ‘help;’ or ‘h’ for help. Type ‘c’ to clear the current input statement.
mysql> use mysql;
mysql> update user set password=PASSWORD(“NEW_PASSWORD”) where User=’root’;mysql> flush privileges;

Of course it’s possible to do change the root pass via phpmyadmin
Cheers 😉

How to make a mysql root user to login interactive with mysql cli passwordless

Wednesday, June 29th, 2011

MySQL Logo Passwordless root login .my.cnf

I’m using access to the mysql servers via localhost with mysql cli on daily basis.
With time I’ve figured out that it’s pretty unahandy to always login with my root mysql password, I mean each time to enter it, e.g.:

root@mysql-server:~# mysql -u root
Enter password:
...

Thus to make my life a way easier I decided to store my mysql root password in order to allow my root admin user to be able to login to my mysql server without asking for password. This saves time and nerves, as I’m not supposed to look up for the password file I store my server mysql root pass.

To allow my mysql cli interface, to login passwordless to the SQL server I had to create the file /root/.my.cnf readable only for my root user and store my MySQL username and password there.

Here is a sample /root/.my.cnf file:

root@mysql-server:~# cat /root/.my.cnf
[client]
user="root"
pass="mysecretMySQLPasswordgoeshere"

Now next time I use the mysql console interface to access my mysql server I don’t have to supply the password, here is how easier is the mysql login afterwards:

root@mysql-server:~# mysql -u root
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 3520
Server version: 5.0.77 Source distribution

Type ‘help;’ or ‘h’ for help. Type ‘c’ to clear the buffer.

mysql>

The only downside of using .my.cnf to store permanently the mysql server root and password is from security standpoint.
If for instance somebody roots my servers, where I have stored my root user/pwds in .my.cnf , he will be able immediately to get access to the MySQL server.

Another possible security flaw with using the mysql passwordless login “trick” is if somebody forgets to set proper file permissions to, .my.cnf

Once again the file should possess the permissons of:

root@mysql-server:~# ls -al /root/.my.cnf
-rw------- 1 root root 90 Apr 2 00:05 /root/.my.cnf

Any other permissons might allow non-privileged users to read the file and gain unathorized admin access to the SQL server.