Install Munin on Ubuntu Server
Linux, Ubuntu April 6th, 2010
Munin is a small tool for monitoring resources on servers. I think it is very useful, specially on small VPS, that needs to save resources. Reports are written as HTML files, so we will need a Web Server like Apache to see this reports.
First, we install it and add some extra plugins:
$ sudo apt-get install munin munin-plugins-extra
Now, we can make some changes to the default configuration, located at /etc/munin/munin.conf. For example, we can change any of the paths where Munin works:
dbdir /var/lib/munin htmldir /var/www/munin logdir /var/log/munin rundir /var/run/munin
Specially, the htmldir path, where all the reports are written to see through Apache or the one you are using. Remember to move the directory /var/www/munin to where you wanted if you change that configuration line. We can protect this directory with an htaccess file to only give access to some users.
We can configure email notifications if a change occur (like from a OK situation to a WARNING). To do this, we just need to uncomment or add the following line:
contact.someuser.command mail -s "Munin notification" your@email.com
By default, Munin will monitor localhost, but we can add other boxes (clients), these machines will only need to install munin-node package.
Then, we can enable some plugins (more plugins can be found here and here). To do this, we need to create a symbolic link per each plugin we want to activate. I’m going to enable apache and mysql modules, but you are free to enable the modules you need:
$ cd /etc/munin/plugins $ sudo ln -s /usr/share/munin/plugins/apache_* . $ sudo ln -s /usr/share/munin/plugins/mysql_* .
Each time a module is enable or disable, we need to restart the service, so we can do the following:
$ sudo /etc/init.d/munin-node restart
Also, it is recommended to reassign all files on the htmldir to munin user and group by doing:
$ sudo chown munin.munin -R /var/www/munin
And then, to avoid waiting 5 minutes until munin cron runs again, we force it by:
$ sudo /usr/bin/munin-cron --force-root
If we are not completely satisfied with the default template, we can modify it, they are HTML files (with some minor special template tags). Anyone with some knowledge of HTML and CSS can do that. We can even download other already created templates (I have found some errors on that template’s JavaScript, I hope I’ll get some time to post the modified template, in the meanwhile, if anyone need it, please drop me a line to send you the files).
Finally, as this post is not as complete as I would like, I leave some links that may help:
Install VirtualBox Guest Additions on Ubuntu Server
Linux, Ubuntu April 5th, 2010
On my work, I have a box with WinXP, running Virtual Box as a host, and a Ubuntu Server 9.10 box as a guest. My problem is that the firewall on the corporate network does not allow Ubuntu to update the date and time against any NTP server (like pool.ntp.org or ntp.ubuntu.com). So, I need a way to keep the hour updated on the guest. Fortunately, VirtualBox has the ability to synchronize it from the host, the only thing I need to do was to install the Guest Additions package.
To do this, first, we need to click on Devices/Install Guest Additions (from the VirtualBox menu).
Then, on the Ubuntu Server, we install some pre-requisites:
$ aptitude install build-essential linux-headers-$(uname -r) -y
Now, we will mount the virtual CD-ROM (where the Guest Additions are):
$ mount /dev/cdrom /mnt/
And then, run the installer script (there is a 32-bit and 64-bit versions). For 32-bit (which is the most probable, as VirtualBox Open Source only supports 32-bit guests):
$ /mnt/VBoxLinuxAdditions-x86.run
Or for 64-bit guest:
$ /mnt/VBoxLinuxAdditions-amd64.run
It should install the available modules (like timesync), and drop a fail message saying that X server
was not found, which is OK as we are working with a server without GUI.
Finally, we umount the CD-ROM:
$ umount /mnt/
Now, the guest box time should be sync with the host, so we have one less thing to worry about.
Tags: NTP, Ubuntu 9.10, VirtualBox, Windows XP
Configuring a Linux Server – Part 1: Sudoer user and SSH
Linux, Ubuntu March 29th, 2010
This will be a series of posts about configuring a Linux server (I’m working with Ubuntu, but should work with minor changes with other distributions), mainly because I have done this several times now by reviewing different websites and blogs, so I wanted to do a guide that works for me (and maybe for others too).
First, we create a user to avoid the use of root (in case you are not using the default Ubuntu installation, that asks you to create a user):
$ adduser myuser Adding user 'myuser' ... Adding new group 'myuser' (1000) ... Adding new user 'myuser' (1000) with group 'myuser' ... Creating home directory '/home/myuser' ... Copying files from '/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Changing the user information for myuser Enter the new value, or press ENTER for the default Full Name []: Room Number []: Work Phone []: Home Phone []: Other []: Is the information correct? [Y/n] y
It is also possible to use the command useradd (that is a linux command itself, not that user-friendly) instead of useradd (this one is a perl script that makes a little more easy user creation).
We need to assign add this user to the sudoers (users that are able to use the sudo command to make changes to the system).
$ visudo
And add the following line:
myuser ALL=(ALL) ALL
Then, we need to hardening SSH server (be very careful about this modifications because if SSH is the only way you have to configure your server, any error may left you lock out of your box).
Before making any change, we better make a backup of our original config file:
$ cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bk
Then, we need to change the following parameters on /etc/ssh/sshd_config:
- Port Number: Change it to any random port number, try to use one that any known service uses, see the list of services in here.
- Listen Address: Instead of listen to every interface on your server, just listen to the main IP address.
- Protocol: Make sure that this parameter is set to 2 (instead of 2, 1).
- If possible, avoid root login by disabling PermitRootLogin. All root operations can be done using sudo command (at least on Debian/Ubuntu based distributions). Make sure you have created other users on your box, and add them to the allow list of users to log through SSH (AllowUsers [username1] [username2] parameter).
- Disable X11Forwarding.
- Replace password authentication with Public/Private Keys. To do this, make sure your users have their Private Keys and the Public Keys are configured on the server. Then, disable PasswordAuthentication and UsePAM parameters. Make sure that RSAAuthentication and Pubkeyauthentication parameters are enabled.
- If you have noticed that OpenSSH server may take a while from the moment you enter your username and the password prompt, it is because it tries to make some DNS resolves. You can avoid this by disabling UseDNS parameter.
You should end with a file like this:
Port XXXX ListenAddress XXX.XXX.XXX.XXX [...] PermitRootLogin no [...] RSAAuthentication yes PubkeyAuthentication yes [...] PasswordAuthentication no [...] X11Forwarding no [...] UsePAM no UseDNS no AllowUsers myuser user2
Then, we need to restart the SSH server by doing:
$ /etc/init.d/ssh restart
Do not close your current session, just open another to your box using the new port, this way we make sure we are not locked out of it.
On the next post I will be configuring IPTables as a firewall for our box.
UPDATE 17/Apr/2010: Parameter PasswordAuthentication included for disabling keyboard-interactive authentication.
In this link you can find a very good explanation about the main options on SSH config file.
Nullmailer keeps trying to send unsuccessful mails on Ubuntu
Linux, Ubuntu February 26th, 2010
I have noticed that my Ubuntu box is lately always trying to reach a SMTP server (detected through Wireshark tool). After reviewing the list of running processes that contains the word mail (running ps aux | grep mail on console), I found a couple of them called Nullmailer that seems the responsible of that and indeed, it was.
So a Google search led me to this thread, where in that case, Nullmailer registered entries on Syslog (which possible happened on my computer also). The messages that Nullmailer was trying to send were related to Cron jobs output. So, the solution was to delete the queue of messages of this program, located on /var/spool/nullmailer/queue/.
Tags: Mail, SMTP, Ubuntu 9.10, Wireshark
Instalar nuevos locales en Ubuntu
Linux, Ubuntu February 14th, 2010
Durante la migración de la web de DeChalaca desde el servicio Grid-Service de MediaTemple hacia un nuevo VPS, el último punto que quedó por resolver fue que las fechas en la web se mostraban en inglés (aunque el Joomla estaba configurado para que lo hagan en español). El problema era que el servidor, un flamante Ubuntu 8.04, no tenía instalado las locales del español. La solución fue muy sencilla (como root):
$ cd /usr/share/locales $ ./install-language-pack es_ES $ ./install-language-pack es_PE
Para ver la lista de locales que están instalados en el sistema, se utiliza el siguiente comando:
$ locale -aTags: Joomla, Locales, Ubuntu 8.04
Reinstalar Grub luego de instalar Windows
Linux, Ubuntu, Windows December 29th, 2009
Luego de haber instalado Windows 7 hace algunos meses, en un equipo donde tenía tanto el Windows XP como Ubuntu 9.04, quedó inaccesible este último. Esto debido a que el instalador de Windows no reconoce otro sistema operativo que no sea propio de Microsoft (a diferencia de Linux).
Se debe tomar en cuenta NO utilizar el Live CD de Ubuntu 9.10 para restaurar el Grub de las versiones anteriores de Ubuntu. Esto debido a que Ubuntu 9.10 y posteriores utilizan Grub2, que difiere mucho de la primera versión.
Lo primero que se debe hacer es iniciar la máquina con algún Live CD de Linux (como el de Ubuntu, que es el que utilicé en el proceso).
Una vez que está funcionando, abrimos un terminal. Vamos a necesitar los privilegios del root, por lo que lo más práctico sería ir al shell respectivo:
sudo -i
Luego, creamos un punto de montaje para la partición de Ubuntu:
mkdir /mnt/linux
Después, montamos la partición:
mount /dev/sda2 /mnt/linux
Donde sda2 (sd porque es un disco SATA, a por ser el primer disco duro, y 2 por ser el número de la partición) es la partición donde se encuentra Ubuntu. Si no estamos seguros de cual es la partición, podemos usar el programa GParted (visual) o el comando:
fdisk -lUna vez que está montada la partición, podemos corroborar que sea la partición listando los archivos en ella:
ls -la /mnt/linux
ls -la /mnt/linux/boot
Luego de que estamos seguros que es la partición correcta, pasamos a reinstalar el Grub mediante el siguiente comando:
grub-install --root-directory=/mnt/linux /dev/sda
En caso aparezca algún error o advertencia, podemos probar el siguiente comando:
grub-install --root-directory=/mnt/linux /dev/sda --recheck
Donde sda hace referencia al disco (usualmente el primario) cuyo MBR será utilizado para instalar el Grub (ojo que NO incluye el número de partición).
Reiniciamos y deberíamos ver ya el menú de booteo del Grub.
Vía: Ubuntu Documentation
Tags: Grub, Grub2, Ubuntu 9.04, Ubuntu 9.10, Windows 7
Instalar subversion 1.5 en Ubuntu Hardy
Linux, Subversion, Ubuntu June 22nd, 2009
En los repositorios de Ubuntu Hardy (la última versión LTS liberada hasta este momento) sólo se puede encontrar subversion 1.4 debido a que en este tipo de versiones de Ubuntu, las versiones de los paquetes no se actualizan tan a menudo (salvo por correcciones y bugs) como uno quisiera.
Entonces, para poder instalar subversion 1.5, se debe hacer una pequeña maniobra. Primero, agregar lo siguiente al archivo /etc/apt/sources.list:
deb http://ppa.launchpad.net/clazzes.org/ubuntu hardy main
Luego, actualizamos la base de datos de paquetes:
$ aptitude update
Después procedemos a instalar este sistema de control de versiones:
$ aptitude install subversion
Cuando ya esté instalada esta versión, quitamos o comentamos (con un #) la línea agregada en /etc/apt/sources.list:
#deb http://ppa.launchpad.net/clazzes.org/ubuntu hardy main
Finalmente, volvemos a hacer un update de los paquetes:
$ aptitude update
Tags: LTS, Ubuntu 8.04, Ubuntu Hardy
Ver la versión de Ubuntu
Linux, Ubuntu June 20th, 2009
Para ver la versión de Ubuntu que está corriendo mi server, hago lo siguiente:
$ cat /etc/*-release
El resultado en mi caso es:
DISTRIB_ID=Ubuntu DISTRIB_RELEASE=8.04 DISTRIB_CODENAME=hardy DISTRIB_DESCRIPTION="Ubuntu 8.04"
Este procedimiento sirve también para otras distribuciones como Red Hat.
Una forma alternativa de hacerlo es mediante:
$ cat /etc/issue
Que mostrará por ejemplo:
Ubuntu 8.04 "Hardy Heron" \n \l
Aunque esta forma solo funciona en Ubuntu. En otras distros pueden probar:
$ cat /etc/motd
O también:
$ cat /etc/redhat-version
Una tercera forma, para las distrbuciones que adoptan LSB, es mediante el comando:
$ lsb_release -a
Esto mostrará:
No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 8.04.2 Release: 8.04 Codename: hardy
Tags: Red Hat, Server, Ubuntu 8.04, Ubuntu Hardy, Version
Desinstalar kernels antiguos en Ubuntu
Linux, Ubuntu June 14th, 2009
Tras cada actualización del kernel de Linux, los anteriores quedan como recuerdo en el disco duro. El inconveniente principal de esto es que cada vez que arranques tu máquina, el menú del Grub (o Lilo quizá, aunque si usas Ubuntu, es poco probable que lo tengas) será cada vez más largo y con opciones (kernels antiguos) que muy probablemente no vuelvas a utilizar.
La solución a esto es desinstalar cada cierto tiempo los kernels obsoletos. En Ubuntu, podemos hacerlo de la siguiente manera:
Ver primero que versión del kernel estamos usando con el comando:
uname -r
Esto arrojará algo como:
2.6.28-13-generic
Ver que otras versiones tienen instaladas (a la izquierda de cada linea, hay una letra, todas las que tengan la letra i serán las que están en el sistema):
sudo aptitude search linux-image-2
Luego, desde consola ejecutamos el comando:
sudo apt-get remove --purge 2.6.28-11-*
Teniendo en cuenta que 2.6.28-11 es la versión que queremos quitar (OJO, deben reemplazar este valor por la versión que quieran quitar, que no sea la versión actual y preferiblemente dejen las dos últimas versiones por si la más nueva tiene algún problema).
El resultado de este comando será algo similar a esto (seguramente con variaciones dependiendo que tengan instalado):
Reading package lists... Done Building dependency tree Reading state information... Done E: Couldn't find package 2.6.28-11 yorch@blackbird:~$ sudo apt-get remove --purge 2.6.28-11-* Reading package lists... Done Building dependency tree Reading state information... Done Note, selecting linux-image-2.6.28-11-generic for regex '2.6.28-11-*' Note, selecting linux-headers-lbm-2.6.28-11-server for regex '2.6.28-11-*' Note, selecting linux-image-2.6.28-11-server for regex '2.6.28-11-*' Note, selecting linux-headers-2.6.28-11-generic for regex '2.6.28-11-*' Note, selecting linux-headers-2.6.28-11-server for regex '2.6.28-11-*' Note, selecting linux-headers-2.6.28-11 for regex '2.6.28-11-*' Note, selecting linux-backports-modules-2.6.28-11-server for regex '2.6.28-11-*' Note, selecting linux-backports-modules-2.6.28-11-generic for regex '2.6.28-11-*' Note, selecting linux-restricted-modules-2.6.28-11-server for regex '2.6.28-11-*' Note, selecting linux-restricted-modules-2.6.28-11-generic for regex '2.6.28-11-*' Note, selecting linux-headers-lbm-2.6.28-11-generic for regex '2.6.28-11-*' Note, selecting linux-image-2.6.28-11-virtual for regex '2.6.28-11-*' The following packages will be REMOVED: linux-headers-2.6.28-11* linux-headers-2.6.28-11-generic* linux-image-2.6.28-11-generic* linux-restricted-modules-2.6.28-11-generic* 0 upgraded, 0 newly installed, 4 to remove and 0 not upgraded. After this operation, 190MB disk space will be freed. Do you want to continue [Y/n]? y (Reading database ... 369744 files and directories currently installed.) Removing linux-headers-2.6.28-11-generic ... Removing linux-headers-2.6.28-11 ... Removing linux-restricted-modules-2.6.28-11-generic ... update-initramfs: Generating /boot/initrd.img-2.6.28-11-generic Purging configuration files for linux-restricted-modules-2.6.28-11-generic ... Removing linux-image-2.6.28-11-generic ... Examining /etc/kernel/prerm.d. run-parts: executing /etc/kernel/prerm.d/dkms Uninstalling: vboxnetflt 2.1.4 (2.6.28-11-generic) (x86_64) -------- Uninstall Beginning -------- Module: vboxnetflt Version: 2.1.4 Kernel: 2.6.28-11-generic (x86_64) ------------------------------------- Status: Before uninstall, this module version was ACTIVE on this kernel. vboxnetflt.ko: - Uninstallation - Deleting from: /lib/modules/2.6.28-11-generic/updates/dkms/ - Original module - No original module was found for this module on this kernel. - Use the dkms install command to reinstall any previous module version. depmod.... DKMS: uninstall Completed. Uninstalling: vboxdrv 2.1.4 (2.6.28-11-generic) (x86_64) -------- Uninstall Beginning -------- Module: vboxdrv Version: 2.1.4 Kernel: 2.6.28-11-generic (x86_64) ------------------------------------- Status: Before uninstall, this module version was ACTIVE on this kernel. vboxdrv.ko: - Uninstallation - Deleting from: /lib/modules/2.6.28-11-generic/updates/dkms/ - Original module - No original module was found for this module on this kernel. - Use the dkms install command to reinstall any previous module version. depmod.... DKMS: uninstall Completed. Uninstalling: virtualbox-ose-guest 2.1.4 (2.6.28-11-generic) (x86_64) -------- Uninstall Beginning -------- Module: virtualbox-ose-guest Version: 2.1.4 Kernel: 2.6.28-11-generic (x86_64) ------------------------------------- Status: Before uninstall, this module version was ACTIVE on this kernel. vboxadd.ko: - Uninstallation - Deleting from: /lib/modules/2.6.28-11-generic/updates/dkms/ - Original module - No original module was found for this module on this kernel. - Use the dkms install command to reinstall any previous module version. vboxvfs.ko: - Uninstallation - Deleting from: /lib/modules/2.6.28-11-generic/updates/dkms/ - Original module - No original module was found for this module on this kernel. - Use the dkms install command to reinstall any previous module version. depmod.... DKMS: uninstall Completed. run-parts: executing /etc/kernel/prerm.d/last-good-boot Running postrm hook script /sbin/update-grub. Searching for GRUB installation directory ... found: /boot/grub Searching for default file ... found: /boot/grub/default Testing for an existing GRUB menu.lst file ... found: /boot/grub/menu.lst Searching for splash image ... none found, skipping ... Found kernel: /boot/vmlinuz-2.6.28-13-generic Found kernel: /boot/memtest86+.bin Replacing config file /var/run/grub/menu.lst with new version Updating /boot/grub/menu.lst ... done Purging configuration files for linux-image-2.6.28-11-generic ... Running postrm hook script /sbin/update-grub. Searching for GRUB installation directory ... found: /boot/grub Searching for default file ... found: /boot/grub/default Testing for an existing GRUB menu.lst file ... found: /boot/grub/menu.lst Searching for splash image ... none found, skipping ... Found kernel: /boot/vmlinuz-2.6.28-13-generic Found kernel: /boot/memtest86+.bin Updating /boot/grub/menu.lst ... done dpkg - warning: while removing linux-image-2.6.28-11-generic, directory `/lib/modules/2.6.28-11-generic' not empty so not removed.
Luego pueden repetir el proceso para el resto de versiones que deseen.
Usar una IP estática en Ubuntu Intrepid
Linux, Ubuntu February 5th, 2009
Luego de repetidos intentos de colocarle una IP estática a mi máquina utilizando el NetworkManager que viene por defecto, ésta es reseteada y establecida por DHCP en cada reinicio (no quería meterle mano directamente al archivo /etc/network/interfaces). Según lo que encontré, esto es un bug del dichoso programa. Algunos sugiren desinstarlo, pero yo no buscaba una solución tan drástica. Afortunamente encontré un workaround. Aún no reinicio mi computadora para ver si realmente funciona, pero todo indica que sí.
Otra opción sería instalar Wicd, una alternativa al NetworkManager.
Tags: DHCP, IP, Ubuntu, Ubuntu 8.10
About
