Shell script to clean semaphores

Semaphores are used to prevent multiple processes from accessing critical piece of code at the same time and thereby corrupting it. The fields in semaphores are:

count: initial value of 1,which means only one process can access this resource at any given point of time. When a process accesses the resource, the count is decreased. When a process is finished processing the resource, count is increased.

waking: The number of processes waiting for this resource to become free and thereby waiting for awakening.

wait queue: processes waiting for this resource are assigned to this queue.

lock: buzz lock used when waking field is accessed.

PS: The download link mentioned below is not working now. I will update the location soon with the script.

You can download the one line script to clean semaphores here

Grant executable privilege to the file and then run.

chmod u+x cleansema.sh

./cleansema.sh

Read More

Script to delete mysql procs sleeping

The following shell script will eliminate mysql sleeping processes.

PS: The download link mentioned below is not working . I will soon update the location with the script.
You can download the script here

Grant exec privilege to the script and then run.

chmod u+x mysqlprocdel
./mysqlprocdel

Read More

no mysql_check in nagios plugins

If there is no mysql_check plugin after compiling and installing nagios plugins, you can follow the below shown steps:

For redhat, centos

1. Install mysql-devel in the server.

yum install mysql-devel

2. Now recompile nagios plugins with mysql plugin.

./configure --with-mysql

make

make install

For Debian,ubuntu:

For Debian and ubuntu distros, you can follow the guide here.

Now check the folder /usr/local/nagios/libexec/ or wherever you had installed nagios and you will find check_mysql plugin required for checking mysql service.

Read More

configure: error: not found. Please provide a path to MagickWand-config or Wand-config program

Usually this error occurs if there is no ImageMagick library available in the server. As a result, you will also be not able to install imagick support for php in the server. You can follow the below shown steps to counter this error.

1. cd /usr/local/src

2. Get the complete imagemagick library. You can get it from http://www.imagemagick.org/script/download.php

ex: wget ftp://mirror.aarnet.edu.au/pub/imagemagick/ImageMagick-6.6.7-10.tar.gz

3. tar -xvzf ImageMagick-6.6.7-10.tar.gz (or the version/distro you downloaded).

4. cd ImageMagick-6.6.7-10 (or the version/distro you downloaded).

5. ./configure

6. make

7. make install

And you are done! You can now install imagick or whatever app that needs this library without any error. Enjoy :)

Read More

how to connect filezilla using keybased authentication

Here you will be using sftp in filezilla to connect using a key. This guide assumes that key based authentication is already enabled in the server(confirm with your server provider if you are not an admin) and you have generated key pair in your local machine. If not, you can follow my guide here to generate a key pair.

Now you will have your private key file in your machine and the public key in the server to which you will be connecting. So the next job is to configure filezilla to use private key to connect to server. You can follow below shown steps for that:

1. open Filezilla and go to Edit >> Settings.

2. Click on the option "SFTP" in the left window pane. Click on "Add Key" button in the right pane and then select the private key in your machine(if it is inside .ssh folder, you can use the "search" option in the new window and enter .ssh in the field, after selecting the home directory). The default location will be .ssh/id_rsa as mentioned in my other guide specified in the link above.

3. Once the key is added, simply close it and take "File" >> "Site manager" in Filezilla and then click "New site".

4. Enter server ip/hostname in "Host" field, ssh port in "port" field, Protocol as "SFTP-SSH File Transfer Protocol", Logon type as "Normal", username in "User" field and leave the password field empty.

5. Now simply click "connect" to get connected without needing to enter the password.

Feel free to post if you have any doubts.

Read More

how to setup ssh using key based authentication

First you need to enable key based authentication in the server. For that edit the file /etc/sshd/sshd_config in the server and uncomment the following entries:

=======
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
=======

restart ssh service

/etc/init.d/sshd restart

Now in your client machine create ssh key pair using the following commands

1. ssh-keygen -t rsa

just press enter when prompted for a pass phrase, as we do not need to enter passcodes during key based authentication.

This will provide you a key pair and the default location will be:

if you are root user in client machine:
/root/.ssh/id_rsa
/root/.ssh/id_rsa.pub

if you are a user in client machine:
/home/user/.ssh/id_rsa
/home/user/.ssh/id_rsa.pub

2. Assign proper permission to id_rsa file.

chmod 600 /root/.ssh/id_rsa

or

chmod 600 /home/user/.ssh/id_rsa.pub

3. you now need to paste the contents of id_rsa.pub to the /root/.ssh/authorized_keys file in the server if you need to login as root to the server or .ssh/authorized_keys file inside the user's home directory in server(generally /home/user/ ) if you need to login as user. (most probably if it is inside a user's home dir, you would be needing to create the .ssh folder and inside that the specified file. For root, .ssh folder will be there by default).

thats it! you can now login to the server by simply issuing the following command and without a password

ssh root@serverip

Note: In some cases, you would need to add the private key into ssh-agent after generating it. For that issue the foll command in your local machine after generating key pair.

ssh-add .ssh/id_rsa

.ssh/id_rsa is the private key path and may vary according to the way you saved them.

If you experience an error when issuing the above command, it can be rectified by issuing the following command:

eval `ssh-agent`

and then

ssh-add .ssh/id_rsa

Read More

Upgrading opennms to version 1.9.8

The unstable version has its own bugs, but at times we need an unstable version, as it has a lot more features. I did made a recent upgrade of my opennms installation to 1.9.8 from 1.8.12-1. I had to go through a heck lot of problems during the upgrade and my app went down and at some point, I thought it will become useless. But I have managed to upgrade it finally without any problems. So I am noting down the steps that I had done for this upgrade to work properly.

Backup your existing installation files and database (just in case)

1. copy the "etc" folder in your opennms installation.

tar -C $OPENNMS_HOME -cvzf /root/opennmsback/opennms-etc-backup.tar.gz etc

2. Create a database backup

pg_dump -U postgres -Fc -C -f /root/opennmsback/opennms-database-backup.pg opennms

Upgrading to the latest version

1.Download the yum repos of the opennms version suitable for your distro from http://yum.opennms.org/

cd /usr/src

wget http://yum.opennms.org/repofiles/opennms-repo-unstable-rhel5.noarch.rpm

2. Removing the current repo rpm (this is important. I didn't do this first time and I was screwed totally, from which I have learned my mistake and managed to get it working)

rpm -e `rpm -qa |grep opennms-repo`

rpm -ivh opennms-repo-unstable-rhel5.noarch.rpm (this will depend upon your particular repo download)

3. yum update opennms (updating opennms and resolving dependencies)

4. /opt/opennms/bin/install -dis

5. /etc/init.d/opennms restart

Login to the admin web interface and check the version from admin >> system information.

PS:

Incase you need to restore the database, delete the existing DB and create a new one and then restore.

dropdb -U postgres opennms

createdb -U postgres opennms

Read More

postgres backup and restore command

You can backup a postgres database backup using the following command:

pg_dump -U postgres -Fc -f /backupdir/test.pgsql.gz test

<--- test being the database name ---->

Similarly the backup file can be restored using the following command:

pg_restore -U postgres -Fc -d test /backupdir/test.pgsql.gz

Read More

SEVERE: Error initializing endpoint java.net.BindException: Permission denied:80

This error occurs when you try to start/run tomcat as another user. In linux/unix systems, all ports under 1024 are privileged and reserved and hence can be opened only by root.

However, there is a workaround for this, but it should mean that ports of this service should be changed to something greater than 1024. But you can still make this port change transparent to end users by using iptables NAT. So you need to perform the following for the whole thing to work normally, but still using a user to run tomcat app.

Solution:

1. edit conf/server.xml and change http port from 80 to 8080 and https port from 443 to 8181.

2. Now start the service as required user and verify the service status

netstat -lpan |grep 8080

netstat -lpan |grep 8181

3. Now since the service is up, you need to make it available through browser in a normal way, so that users will never know the actual ports of the service. You can user NAT for that. Issue the following iptables command, which will direct traffic to 80 and 443 to 8080 and 8181 in the server respectively.

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8181

And you are all done and the service is now running as user with higher ports, but to end users, it is all same as normal ports :)

Read More

227 Entering Passive Mode ftp: connect: Connection timed out proftp service

Sometimes (esp in amazon instance, where internal IP mapping is used, when you connect to a domain created through ftp, you will most likely encounter problem "ls command timed out" when listing the files after logging in)

The work around for this is to add the following in proftpd.conf file.
MasqueradeAddress xx.xx.xx.xx
PassivePorts 60000 65000

xx.xx.xx.xx is the external IP address.

After this, if you are using amazon instance, login to aws console and then edit "Security Group" corresponding to that instance and open incoming tcp ports 60000 - 65000.

Now connect using ftp and issue ls command and it will work fine. enjoy!

Note for freaks: How you can calculate the random passive port that is connected.

After connecting to FTP and then listing the directories, you will see a line similar to the one shown below (values will differ)
Entering Passive Mode (71,7,231,187,192,32)

Here first four places indicates IP address of the server. Here it is 71.7.231.187
The next two integers are used to calculate passive port that is currently being used. It is calculated as follows. I am using the above example.
passive port=192*256 + 32
Here 192 is the second last integer and 32 is the last integer, 256 is a static value used for calculation.

Read More