Install NRPE for Nagios on CentOS 6.2
useradd -m nagios && passwd nagios mkdir ~/downloads && cd ~/downloads yum install -y wget openssl-devel xinetd && yum groupinstall -y "Development Tools" wget http://prdownloads.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.15.tar.gz && tar -xzvf nagios-plugins-1.4.15.tar.gz cd nagios-plugins-1.4.15 && ./configure --enable-command-args && make && make install chown -R nagios:nagios /usr/local/nagios/ cd .. wget http://prdownloads.sourceforge.net/sourceforge/nagios/nrpe-2.13.tar.gz && tar -xzvf nrpe-2.13.tar.gz cd nrpe-2.13 && ./configure --enable-command-args && make all && make install-plugin && make install-daemon && make install-daemon-config && make install-xinetd vi /etc/xinetd.d/nrpe vi /etc/services vi /usr/local/nagios/etc/nrpe.cfg service xinetd start
Resizing LVM Mounts
A common problem for me has been needing to resize an LVM partition. This works fine if you’re dealing with a non-critical mount point like /home that you can afford to take down while the system is online, but what if you need to resize /usr or /var for instance? The easiest method I found is to utilize the CentOS 6.2 LiveCD – it has all of the tools you need out of the box so there’s no need to install extra packages to make it work. Say you wish to steal 1G from /var and add it to your / partition. You’ll need to note the physical location of those mount points (a quick cat of /etc/fstab will yield you that). For me, / was mounted to /dev/mapper/VolGroup00-LogVol00 and /var was mounted to /dev/mapper/VolGroup00-LogVol03. Boot in through the LiveCD and run the following as root:
e2fsck -f /dev/mapper/VolGroup00-LogVol03 resize2fs /dev/mapper/VolGroup00-LogVol03 1G lvreduce -L -1G /dev/mapper/VolGroup00-LogVol03 lvextend -L +1G /dev/mapper/VolGroup00-LogVol00 e2fsck -f /dev/mapper/VolGroup00-LogVol00 resize2fs /dev/mapper/VolGroup00-LogVol00
Iterate Through Directories and Backup SVN Repositories
I found this useful as I have quite a few SVN repositories that I’m responsible for maintaining. Due to the large number I didn’t want to manually specify each directory in an array as that involved more upkeep that I really wanted to have on my plate. This script will go through a target parent directory and perform an svnadmin dump on each repository to a gzipped file in the target backup directory. So for example if all of your svn repositories reside in /srv/svn and you want your gzip files to end up in /home/backup then create a shell script from the below info and set SVN_PARENT=/srv/svn and SVN_BACKUP=/home/backup. Right now I only care about keeping a day of backups so this script deletes all of the backup files prior to performing the next round of backups. Delete that line if you’re looking to keep a larger backup history.
#/bin/bash
SVN_PARENT=
SVN_BACKUP=
DATE=`date '+%F'`
TEMPFILE=/tmp/svn_backup.tmp
touch $TEMPFILE
ls $SVN_PARENT >> $TEMPFILE
DIR_LIST=( `cat "$TEMPFILE" `)
rm -rf $SVN_BACKUP/*.gz
for i in "${DIR_LIST[@]}"
do
svnadmin dump $SVN_PARENT/$i | gzip > $SVN_BACKUP/$i.$DATE.svn.gz
done
rm -rf $TEMPFILE
Subversion and LDAP
When I started here, we had 12 SVN repositories (and a valid reason for having all 12). Maintaining the user database was really not doable given that setup as each repository had a distinct user database. I had two goals coming into this – make the management of the user database easier, and make new user setup doable by someone without Linux know-how. To do that I decided to tie things into the AD and make use of that for authentication as well as user setup. Here’s a brief overview of how I made it happen. This assumes a CentOS install but should be easily modified for Debian or other platforms.
- Create a connector account in your AD that will be used to query username/password. I granted mine admin rights but you’re probably alright without them, it just needs to query.
- Create a user group in the AD that will act as a container for authenticated users and the users than require SVN access into that group
- Install Apache, PHP, and the mod_dav and mod_dav_svn modules.
- Create your SVN repository (svnadmin create /foo/bar/repo)
- On CentOS you should get a subversion.conf file that is already generated for you (not sure on Debian and its ilk) that you’ll need to edit. Here’s a template to use. This assumes your domain name is example.com, the group name you create is “svn,” the connector account is called “SVN CONNECTOR”:
- That’s it. Bounce Apache and then test your access to the repository using your domain credentials
LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <VirtualHost *:80> DocumentRoot /var/www/html/virtualhosts/svn ServerName svn.example.com ServerAlias svn ErrorLog logs/svn.example.com-error_log CustomLog logs/svn.example.com-access_log common <Location /repository> DAV svn SVNPath /srv/svn/repository AuthBasicProvider ldap AuthType Basic AuthzLDAPAuthoritative off AuthName "This is your SVN Repository" AuthLDAPURL "ldap://DC.example.com:3268/DC=example,DC=com?sAMAccountName?sub?(&(&(objectClass=user)(objectCategory=person))(memberof=CN=svn,DC=example,DC=com))" AuthLDAPBindDN "CN=SVN CONNECTOR,DC=example,DC=com" AuthLDAPBindPassword "your connector password" Require valid-user Require ldap-group "CN=svn,DC=example,DC=com" </Location>
Linux Sys Admin Needed
A friend of mine’s company is in need of two experienced Linux sys admins (one specifically with a good solid understanding of sendmail and postfix). You can check the two job postings they have here and here. I’ve been to the company before, they’re on my short list of places I’d seek employment if I found myself no longer working at Merrimack. If you’re looking or have friends looking, put them in touch with me and I’ll get them together with my friend.