Monday, 24 October 2011

vim stuff

Make vim more usable by putting these in your .vimrc 

set background=dark
set ignorecase
set number
set fo=tcq
set nocompatible
set modeline

syntax on

" set default comment color to cyan instead of darkblue
" which is not very legible on a black background
highlight comment ctermfg=cyan

set tabstop=4
set expandtab
set softtabstop=4
set shiftwidth=4

highlight LiteralTabs ctermbg=darkgreen guibg=darkgreen
match LiteralTabs /\s\  /
highlight ExtraWhitespace ctermbg=darkgreen guibg=darkgreen
match ExtraWhitespace /\s\+$/

" Show me a ruler
set ruler

" Set up puppet manifest and spec options
au BufRead,BufNewFile *.pp
  \ set filetype=puppet
au BufRead,BufNewFile *_spec.rb
  \ nmap <F8> :!rspec --color %<CR>

" Enable indentation matching for =>'s
filetype plugin indent on


Monday, 26 September 2011

Check_MK clustered services

The documentation for check is old!
Following the clustered services docs won't work, so what you have to do is this:

1/ Define your clusters in main.mk, Don't define it in a separate clustered_services.mk file
2/ Define clusters like so:

clusters.update({
'lon-stasql02.vm.prod|win|mssql': ['lon-sta02a.vm.prod','lon-sta02b.vm.prod'],
})

3/ Defline clustered services like so:
clustered_services_of ['lon-stasql02.vm.prod'] = [( ALL_HOSTS,[ 'fs_D:/', 'fs_E:/','fs_F:/','fs_G:/','fs_H:/','fs_I:/','fs_J:/','fs_K:/','fs_L:/','fs_M:/','fs_N:/','fs_O:/','fs_P:/','fs_Q:/','fs_X:/','fs_Y:/','fs_Z:/', 'proc_SQL Agent', 'service_MSSQLSERVER']),]

4/ Then when inventorying, you MUST inventory all nodes in one shot, otherwise it will not add them to the cluster.

check_mk -uII lon-sta02a.vm.pro lon-sta02b.vm.prod
check_mk -O

5/ Note that this must all be defined in your main.mk
Done!

Wednesday, 7 September 2011

Event handlers for Check_mk

main.mk :

all_hosts = [
"myhost|myflag" ,
]

# Enable event handlers for services which prefixes are those seen in the Nagios WI
# Nagios check is identified here as "Legacy_MYSQL" (legacy check)

extra_service_conf["event_handler_enabled"] = [
 ( "1", ALL_HOSTS, ["Legacy_MYSQL"] )
]

# "restart-mysql" and as the event handler command

extra_service_conf["event_handler"] = [
 ( "restart-mysql",ALL_HOSTS, ["Legacy_MYSQL"] )
]

# Define check plugin and event handler command
# See Nagios online documentation examples http://nagios.sourceforge.net/docs/nagioscore/3/en/eventhandlers.html
# and set up according your distro

extra_nagios_conf += r"""

define command{
        command_name    check_mysql_database
        command_line    $USER1$/check_mysql -d '$ARG3$' -H '$HOSTADDRESS$' -u '$ARG1$' -p '$ARG2$'
}

define command{
        command_name    restart-mysql
        command_line    /usr/local/nagios/libexec/eventhandlers/restart-mysql  $SERVICESTATE$ $SERVICESTATETYPE$ $SERVICEATTEMPT$
        }

"""

legacy_checks = [
  ( ( "check_mysql_database!dbuser!dbpwd!dbname!", "Legacy_MYSQL : Mysql Database dbname", False), [ "myflag" ], ALL_HOSTS ),
]

Set appropriate owner and group to event handler command and then grant permissions to the Nagios user in /etc/sudoers file to perform the system command.

Find new services and reload Nagios : cmk -I && cmk -O

Output Nagios configuration with cmk -N  to check event handler parameters:

define service {
  use                check_mk_default
  host_name            myhost
  service_description        Legacy_MYSQL : Mysql Database dbname
  check_command            check_mysql_database!dbuser!dbpwd!dbname!
  active_checks_enabled        1
  service_groups        +legacy
  event_handler_enabled         1
  event_handler                 restart-mysql
}

Tuesday, 6 September 2011

Vim: How to delete the first n characters from every line or region


deletes the first 5 characters of every line

:%s/^.\{5}//gic


Alternatively:

:v
visual mode, then
0
then CTRL +V for visual block
tada!

Monday, 5 September 2011

kexec and how to do a cold reboot without editing the kexec default file

just issue the coldreboot command to reboot without using kexec :D

That binary is part of the kexec-tools package


Tuesday, 16 August 2011

advanced BASH scripting

Simple things:
To assign a variable to an array:

array_config_timestamp[$i]="${array_config[$i]:0:16}"
Breaking this down, $i = index
0:16 is the substring position within the string

(( i++ ))
adds  1 to the variable i
max_updates=$(( $j-1 ))
j =j-1

Converting seconds to HH:MM:SS

hours=$(( ${array_error_time[$i]} / 3600 ))
seconds=$(( ${array_error_time[$i]} % 3600 ))
minutes=$(( $seconds / 60 ))
seconds=$(( $seconds % 60 ))

So basically (( )) interprets the expression within, % is the basic arithmetic function mod


 array_error_updatei[$error_index]=`/usr/bin/expr index "${array_index_name[$j]:10}" _`
This searches for the first occurence of _ within the array array_index_name with index j from position 10

printf "%s %d\x68%d\x6d%d\x73" ${array_error[$i]:9} $hours $minutes $seconds
prints formatted text ${array_error[$i]:9} and HH:MM:SS as 1h 2m 3s

Check_mk useful locations

/var/lib/check_mk/autochecks - Where check_mk stores the cached inventory files
/usr/share/check_mk/checks/ - Where the actual server checks are stored
/usr/local/share/pnp4nagios/templates - where the performance graph templates are stored
/usr/share/check_mk/web/plugins/perfometer - where the perfometer templates are stored.

Sunday, 7 August 2011

Programming alfred applescript extensions for powerpack

this is a basic conversion program written on applescript for inclusion into alfred.

call up alfred, and type
convert 30 ft to m
or
convert 30 m to ft

this can be easily extended by adding your own variables.

on alfred_script(q)
    --display dialog q
       -- set for when running from applescript
    -- set q to "30 ft to m"
    set Feet2Meters to 0.3048
    set Meters2Feet to 3.2808399
   
    --find first occurance of unit
    set max_args to number of q
    if max_args = 1 then
        set number1 to ( q)
        if number1 = "?"
            display dialog "Help\nConversion ft to m"
            exit
        end if
    else
        set number1 to (word 1 of q)
        set unit1 to (word 2 of q)
        --set number2 to (word 3 of q)
        set unit2 to (word 4 of q)
    end if

    -- display dialog "1: " & number1 & ", 2:" & unit1 & ", 3:" & unit2
   
    if unit1 = "ft" then
        if unit2 ="m" then
            set conversion to Feet2Meters
        end if
    end if
    if unit1 = "m" then
        if unit2 = "ft" then
            set conversion to Meters2Feet
        end if
    end if
   
    set final to number1 * conversion
    -- display dialog final
    display dialog "Conversion: " & number1 & " " & unit1 & " is " & final & " " & unit2
end alfred_script

Tuesday, 12 July 2011

Setting up FTP-SSL with proftpd

 First of the challenges is the NAT firewall.

FTP uses 2 ports to connect, 1 for the control and the other for data transfer. You connect with the inital control port, then then once auth'd you go to the data channel to do your data transfers/directory listing. This doesn't work through a NAT firewall directly.
To resolve this issue, you have to put everything in passive mode (server and client). You have to tell the server it's behind a NAT firewall (so you give the external IP/port range to the client rather than the internal), and you have to tell the client to connect via passive connections.

firewall config first!

# for ftp-ssl
-A PREROUTING -i eth2 -p tcp --dport xxxx -j DNAT --to-destination local-server-ip
-A PREROUTING -i eth2 -p tcp --dport yyyyy:zzzzz -j DNAT --to-destination local-server-ip



The important bits from proftpd.conf
RequireValidShell               off
MasqueradeAddress              ftp.server.com
<IfModule mod_dynmasq.c>
DynMasqRefresh 14400
</IfModule>
PassivePorts yyyyy zzzzz (check the ports you allocated in teh firewall!)


TLS.conf
How to setup SSL/TLS on proftpd


There are many articles on the net to create a cert... here's one f them...
http://www.howtoforge.com/proftpd-tls-debian-etch

Wednesday, 29 June 2011

tftpboot not working after upgrade?

check permissions on /var/lib/tftpboot
and check your default options in /etc/default


TFTP_OPTIONS="--secure"
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/var/lib/tftpboot"
TFTP_ADDRESS="0.0.0.0:69"

Tuesday, 10 May 2011

Adding a module to initrd.gz


The frequent reason why your kernel can't boot is because of a improper created initrd image. Here is a small description of what you can do if you encounter a similar problem.

Contents

 [hide]

[edit]What is initrd image

Your boot loader usually supports initrd instruction. For example, in GRUB:
OpenVZ (2.6.8-022stab077)
        root (hd0,0)
        kernel /vmlinuz-2.6.8-022stab077 ro root=LABEL=/ console=tty0
        initrd /initrd-2.6.8-022stab077.img
GRUB loads initrd-2.6.8-022stab077.img file at a certain address in memory. When kernel boots, it checks for initrd image, and if it exists starts init script that resides on this image. init script is usually written in nash (a sort of bash-like shell, just smaller). When init script on initrd image is finished, kernel usually calls standard System V init process (/sbin/init, etc.)

[edit]Why initrd image is necessary

Suppose your root partion resides on some SCSI device and driver for this SCSI devices is compiled as a kernel module. Of course this module is required at boot time to have access to the root partion — but it is not in the kernel. Thus the need for an initrd image.
Additionally after udev subsystem become common, somebody has to start udev to create device nodes. This is initrd's duty too.

[edit]Typical problem

Consider a real problem. After booting the kernel we get the following:
...
Creating root device
mkrootdev: label / not found
Mounting root filesystem
mount: error 2 mounting ext3
mount: error 2 mounting none
Switching to new root
switchroot: mount failed: 22
umount /initrd/dev failed: 2
Kernel panic - not sysncing: Attempted to kill init!
This can appear if there is no module loaded for device, where root partion resides. To solve the problem, extract the initrd image.

[edit]Extracting initrd image

Initrd image is just cpio-gzip archive. So to extract it:
$ mkdir initrd
$ cd initrd
$ gzip -dc /boot/initrd-2.6.16-026test014.4-smp.cpio | cpio -id
$ ls -1
bin
dev
etc
init
initrd-2.6.16-026test014.4-smp.cpio
lib
loopfs
proc
sbin
sys
sysroot

[edit]Analyzing init script

$ cat init
#!/bin/nash

mount -t proc /proc /proc
setquiet
echo Mounted /proc filesystem
echo Mounting sysfs
mount -t sysfs none /sys
echo Creating /dev
mount -o mode=0755 -t tmpfs none /dev
mknod /dev/console c 5 1
mknod /dev/null c 1 3
mknod /dev/zero c 1 5
mkdir /dev/pts
mkdir /dev/shm
echo Starting udev
/sbin/udevstart
echo -n "/sbin/hotplug" > /proc/sys/kernel/hotplug
echo "Loading mptbase.ko module"
insmod /lib/mptbase.ko
echo "Loading mptscsih.ko module"
insmod /lib/mptscsih.ko
/sbin/udevstart
echo Creating root device
mkrootdev /dev/root
umount /sys
echo Mounting root filesystem
mount -o defaults --ro -t ext3 /dev/root /sysroot
mount -t tmpfs --bind /dev /sysroot/dev
echo Switching to new root
switchroot /sysroot
umount /initrd/dev
We can see that init tries to load modules mptbase.ko and mptscsih.ko. Check for presense of these modules on initrd image:
$ ls -1 ./lib/
mptbase.ko
mptscsih.ko
So they are here... But on the node in question there is a device supported by driver in another module: mptspi.ko! After adding it to the image and into init script everything should work.

[edit]Creating initrd

We just have to cpio and gzip directory cpio:
$ find ./ | cpio -H newc -o > /boot/new-initrd.cpio
1354 blocks
$ cd /boot
$ gzip new-initrd.cpio
$ mv new-initrd.cpio.gz new-initrd.img
Next, try to boot your kernel with newly created initrd image.

[edit]Who create initrd by default?

Usually there is an mkdinitrd package installed, that allows to create initrd image. You can use this program, it has a lot of options. OpenVZ kernel RPM-package (and “make install” target too) uses this program to create an initial (default) initrd image.

Wednesday, 4 May 2011

DASH BASH

Well dash is being introduced and is more POSIX compliant than bash

Here's a link to show you the differences:

http://mywiki.wooledge.org/Bashism

Sunday, 1 May 2011

Setting up OpenVPN on ubuntu / Mac os x

Since PPTP is inherently insecure, moving to something SSL or IPSEC based is far more perferrable....

OpenVPN on the Gateway

We'll begin with installing openVPN on the gateway:
sudo apt-get install openvpn easy-rsa
After that, make sure our openvpn config is always used:
/etc/default/openvpn
## Comment out everything and add:
# Start our openvpn.conf automatically:
AUTOSTART="all"
We'll need to edit some openvpn configuration files and generate some keys for the people we want to have access. There are some nice example configs, so we'll be using them. We'll need root access for the next dozen of instructions, so let's su and head to the openvpn config directory:
 
cd /etc/openvpn/
cp -r /usr/share/doc/openvpn/examples/easy-rsa/ .
Note the above directory may not exist in ubuntu 14, it may be in /usr/share/easy-rsa
 
Now that we got some examples to work with, let's edit them.
easy-rsa/2.0/vars
## Comment the line that starts with:
## export EASY_RSA
## And add this below:
export EASY_RSA=/etc/openvpn/easy-rsa/2.0

## You can also set some defaults for your certificates.
## Find the following variables and set them appropriately.
export KEY_COUNTRY=UK
export KEY_PROVINCE=SY
export KEY_CITY=London
export KEY_ORG="OpenVPN"
export KEY_EMAIL="waga@an.example"
Time to source that information into our current shell session:
source ./easy-rsa/2.0/vars
And build the necessary certificates. (Certificate Authority, Server key, Client key and Diffie Hellman.) You can probably rename your server and client(s) however you want, but need to remember the names for later configuration. Answer yes when asked if you want to sign the certificates and want to commit them.
When it asks for a Challenge Password, you can just leave it blank and enter.
The Common Name that is asked when building a server key needs to be the same as the argument given to the build-key-server command ('server' in our example).
The Common Name that is asked when building a client key needs to be the same as the argument given to the build-key command ('client1' in our example). Watch for the errors, and resolve using the prompts it gives you
./easy-rsa/2.0/clean-all
./easy-rsa/2.0/build-ca
./easy-rsa/2.0/build-key-server server
./easy-rsa/2.0/build-key client1
(to add another user simply change client1 for e.g. the username phil, bob, dave etc)
./easy-rsa/2.0/build-dh
We'll copy the generated keys over when we get to the Client steps. It's time now to set up the openvpn.conf we told OpenVPN to autostart:
/etc/openvpn/openvpn.conf
## Add: 
dev tun
proto tcp
## Change this port number if you want a non-standard port.
port 1194

ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem

user nobody
group nogroup
## Leave this as-is; it is the VPN virtual network address.
# i've set this to something else (192.168.xxx.xxx) since my 3rd DC uses this range
server 10.8.0.0 255.255.255.0

persist-key
persist-tun

status openvpn-status.log
log-append /var/log/openvpn
verb 3
client-to-client
# disable this or ALL traffic will be going through your VPN
#disabling allows split routing/split tunnelling
#push "redirect-gateway def1"
# enter your local LAN subnet here.... 
push "192.168.x.x 255.255.255.0"
 
# Remove comment if you want lzo compression
#comp-lzo
 

OpenVPN on the Client

On the client we need to install an OpenVPN client, for Mac OSX I use Tunnelblick which is currently hosted at Google code. After opening the .dmg file, copy the Tunnelblick.app file to your Applications. When this is done, let's transfer the client certificates from the gateway to the client, I prefer to use SCP for this.
You will probably need root ssh access to the file. If you don't have that, make sure you've copied the keys to your homedir instead. If you have created multiple client certificates, or changed the names of the certificates, then don't forget to scp those over as well.
scp root@your.gateway:/etc/openvpn/easy-rsa/2.0/keys/{ca.rt,client1.{crt,key}} ~/Library/openvpn && sudo chown $USER ~/Library/openvpn/{ca.rt,client1.{crt,key}}
Now that we have a client, we will need to configure it. Be sure to set your Gateway server's IP where it says YOUR-GATEWAY-IP-GOES-HERE and if you also picked a non-standard port, change that in this config as well. The same applies for any client certificates you've created on the gateway.
~/Library/openvpn/openvpn.conf
# We are a client, not a server/gateway.
client

# We use a TUN interface
dev tun

# We use the TCP protocol
proto tcp

# Name of the gateway's certificate
## 'server' if you followed our example.
remote-cert-tls server

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
## If you chose a non-standard port, change 1194 to the port you picked.
remote YOUR-GATEWAY-IP-GOES-HERE 1194          

# Keep trying indefinitely to resolve the
# host name of the OpenVPN server.  Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite

# Most clients don't need to bind to
# a specific local port number.
nobind

# Downgrade privileges after initialization (non-Windows only)
user nobody
group nobody

# Try to preserve some state across restarts.
persist-key
persist-tun

# SSL/TLS parms.
# See the server config file for more
# description.  It's best to use
# a separate .crt/.key file pair
# for each client.  A single ca
# file can be used for all clients.
## If you picked different names for your client certificates, change here
ca ca.crt
cert client1.crt
key client1.key

# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
# comp-lzo

# Set log file verbosity.
verb 3

# Make sure the right gateway settings are used.
push "dhcp-options DNS 8.8.8.8"
#push "dhcp-options WINS 10.8.0.1"
#push "redirect-gateway"
 

Key files:

Here is an explanation of the relevant files:
FilenameNeeded ByPurposeSecret
ca.crtserver + all clientsRoot CA certificateNO
ca.keykey signing machine onlyRoot CA keyYES
dh{n}.pemserver onlyDiffie Hellman parametersNO
server.crtserver onlyServer CertificateNO
server.keyserver onlyServer KeyYES
client1.crtclient1 onlyClient1 CertificateNO
client1.keyclient1 onlyClient1 KeyYES
client2.crtclient2 onlyClient2 CertificateNO
client2.keyclient2 onlyClient2 KeyYES
client3.crtclient3 onlyClient3 CertificateNO
client3.keyclient3 onlyClient3 KeyYES

Routing issues after network switching:

I've encountered some problems when switching between local networks after having had the VPN on. It seems that after I've switch to a different LAN, I can't reach the gateway host from the new local network, thus not allowing me to set up the VPN from the second VPN. My guess is that not all routes are reset after disconnecting.

To find out what route seems to be incorrect use:
netstat -rn
In my case it was w.x.y.z/32, where w.x.y.z is my gateway's IP.
You can remove it via:
route delete w.x.y.z/32 

infact, I've changed the Applications/Utilities/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh file so that the post script removes the VPN gateway from teh routing table.

IP=`ping -n -c 1 vpn-gw.mydomain.com | grep icmp_seq | cut -d " " -f 4 | cut -d ":" -f 1`
route delete $IP
 

Thursday, 31 March 2011

TRIM support for snow leopard on a Macbook Air 3.2 (2010)

http://www.groths.org/?p=308

And follow the erase free space option


After doing this and running xbench comparisons, i had a 17% increases in speed on my SSD! Sweet!

Works perfectly  on:
Model Name:    MacBook Air
  Model Identifier:    MacBookAir3,2
  Processor Name:    Intel Core 2 Duo
  Processor Speed:    1.86 GHz

Capacity:    121.33 GB (121,332,826,112 bytes)
  Model:    APPLE SSD TS128C                       
  Revision:    CJAA0201
  Serial Number:            xxx
  Native Command Queuing:    No
  Removable Media:    No
  Detachable Drive:    No
  BSD Name:    disk0
  Medium Type:    Solid State
  TRIM Support:    Yes
  Partition Map Type:    GPT (GUID Partition Table)
  S.M.A.R.T. status:    Verified


A more advanced check_mk check i've written for linux_ulimits


#!/bin/python


inventory_process = []
inventory_process_version = []
def inventory_linux_ulimit (checkname, info):
        inventory = []
        if checkname == "linux_ulimit":
                #print "linux ulimit inv"
                #print info
                for line in info:
                        ln1 = line[0]
                        ln2 = line[1]
                ln1 = int(ln1)
                ln2 = int(ln2)
                #print "%d %d" % (ln1, ln2)
                value = "%d / %d" % (ln1, ln2)
                inventory.append ( ("Ulimit", (ln1,ln2)))
                return inventory






#the actual check


def check_linux_ulimit (item, params, info):
        perfdata = []

        perfdata = (float((params[0])/float(params[1]))*100.0)
        #value = ("Cur=%d ; Max=%d" % (params[0], params[1]))
        value = [("ulimit_cur",params[0],params[1]),]
        #print value
        if perfdata > 90.0:
                return (2, "Critical@90%: %d of %d used. %.1f%%" % (params[0],params[1],perfdata), value)
        if perfdata > 85.0:
                return (1, "Warning@85: %d of %d used. %.1f%%" % (params[0], params[1],perfdata),value)


        return (0, "OK - %d of %d used. %.1f%% " % (params[0], params[1],perfdata), value)


# checking function, service description, perf data, invenotry function
check_info['linux_ulimit'] = (check_linux_ulimit, "Linux",1 ,inventory_linux_ulimit)


Tuesday, 29 March 2011

Zalman VE200 SATA caddy with virtual ODD


FFS trying to get this to work with a CF card is impossible.... No idea why it won't work....

Always comes up with a "1st Partition: 0", which means it doesn't recognise it

ERROR MESSAGES (using 57N firmware):
Error 23                 (I have no idea what this means but it displayed it even when a valid hard disk was connected that worked fine on a friends VE200!). Try CLEANing/wiping the drive! 
1st Partition: XX    where XX is a number such as 6, B, C, 83, F etc. (the number means 'the partition type of the 1st partition is XX and I DON'T LIKE IT!')
1st Partition: FF    Either 1st partition type is FF or I cannot read/understand the logical partition (volume) format (e.g. type 7 partition but it is formatted as exFAT)
1st Partition: 0      drive is not partitioned
NO - DISC             the VE200 has found the _ISO folder :-) but it contains no valid files with a valid extension (e.g. .iso, .ima, .dsk)
TOO Many FILES  you have more than 32 objects (files + folders) in the _ISO folder or in the user selected folder which is under the _ISO folder. (>32 FILES+FOLDERS! would have been a better message)
ALREADY HIT       you have already selected this file for emulation and it is already loaded
vDISK LIMIT         the VE200 can emulate a max of 4 virtual disks 
NO _ISO               I can read the 1st partition OK but I cannot find any folder called _ISO or _iso
First reset the VE200 back to DUAL MODE as follows: Unplug USB - Press and hold in Jog button - Reconnect USB cable. If this does not work, try:

1. Under Windows 7 run DISKPART, then type LIST DIS and then SEL DISK 2 (assuming disk 2 is your VE200 drive), then type LIST DISK and make SURE the * is against the VE200 drive and then type CLEAN to completely erase the hard disk partitions.
2. Unplug the VE200 and then wait for 20 seconds - then re-connect it whilst pressing in the jog wheel
3. Now partition and format the VE200 hard disk as NTFS PRIMARY.
4. Now use 'Safely Remove Hardware' systray icon to eject it and unplug and re-connect it whilst pressing in the jog wheel

With luck, it should power up and say "NO _ISO".

Monday, 28 March 2011

dual booting existing win 7 with win xp

ah yeah, that time again, you need to test your product on an XP install and well, there are none in the office.

easy peasy, just dual boot.

1. create a partition from win 7 by shrinking one of your current partitions. i think win XP only requires about 16-20GB.

2. insert win XP cd and restart machine to boot into it.

3. go thru w the install picking the right partition!

4. when finished and when you reboot win 7 will not appear in the bootloader and it will go into XP directly.
fine.

5. dl .net framework and install easyBCD. (.net is a requirement)

6. in easybcd, choose: add new entry > click on windows drop down list and choose NT/2K/XP/2K3 and make sure you leave Automatically detect correct drive ticked.

7. go to bootloader setup > make sure install vista/7 bootloader is selected and click on write MBR.

8. that is it. reboot and the bootloader should offer you a choice.

i guess some ppl will run into trouble with this process, sometimes win 7 wont boot anymore (startup repair w win 7 DVD will help), if you get an error loading OS after XP restart in the first phase of the process (before MBR is amended) then using the win 7 install DVD you can run the following commands:

  • bootrec /FixMbr
  • bootrec /FixBoot
  • bootrec /RebuildBcd
restart and you should be ok!

Thursday, 24 March 2011

Creating your own checks in check_mk


It is important to distinguish between inidividual checks and subset check e.g.

LINUX.SUBSET, where the main check is linux, subcheck SUBSET
e.g. linux.version is a subset of check linux, so there will be a check for linux + linux.version, which will both be contained in the same plugin script!


So, any further checks against linux, can be done via linux.XXX
Agent
/usr/lib/check_mk_agent/plugins#


linux_version.sh

#!/bin/sh
echo '<<<linux>>>'
cat /etc/issue.net


this will turn up if you telnet to the agent box i.e. 
telnet server 6556


Check the agent is outputting your plugin
check_mk -d servername | fgrep linux -A 5




The tricky part is the agent check itself.



Follow the guides on the check_mk site, then under the checks directory
/usr/share/check_mk/checks




#!/bin/python
inventory_process = []
inventory_process_version = []


# the inventory version (dummy)
def inventory_linux_version(checkname, info):
        # begin with empty inventory
        inventory = []
# fork to see which subcheck
        if checkname == "linux.version":
                # linux versions
#               print "linux version"
                for line in info:
                        ldistro = line[0]
                        ltype = line[1]
                        lcodename = line[2]
                        inventory.append ( ( None, (ldistro, ltype, lcodename) ) )
                        return inventory
        else:
                # must be std linux command
                inventory = []
                print "std linux check"
                #i
#the actual check
def check_linux_version (item, params, info):
        #print info.strip ('(')
        return (0, "OK - %s" % (info ,))
        #print item
        #print params
        #print info
        #       return (3, "Sorry - not implemented")


#check for std linux command
def check_linux (item, params, info):
        #print item
        #print params,
        #print info
        return (3, "Sorry - not implemented")

# checking function, service description, perf data, invenotry function
# one fucntion for each check (linux, linux.version)
check_info['linux'] = (check_linux, "Linux data (not finished(",0 ,inventory_linux_version)
check_info['linux.version'] = (check_linux_version, "Linux version",0 ,inventory_linux_version)




if it all works out it should have a 
check_mk -L | grep linux
check_mk --checks=linux.version -I servername


dump check info to console
check_mk -nv servername
SIMPLES!

Wednesday, 23 March 2011

Joyent smart machines and munin monitoring

ok it's time i gather what little info i have gathered on how to make this work.
Joyent uses Solaris, their own branded bastard perverted version (as if Solaris wasn't perverted enough!). it makes things difficult. very difficult.

so anyhow, to set up a munin server on joyent here are the instructions:

pkg_add munin-server

which will install the stuff.

then you must fix the munin user to something more "real" (Solaris love):

usermod -d /var/munin -s /usr/bin/bash munin
cp /home/admin/.profile /var/munin
chown munin:munin /var/munin/.profile
passwd munin (whatever, you will not actually log on w user munin)

then create a cron job to poll the nodes every 5 mins:
crontab -e munin
0,5,10,15,20,25,30,35,40,45,50,55 * * * * /opt/local/bin/munin-cron


then as munin generates graphs and sticks them in /opt/local/www/munin/data, you must make this available via apache:


ServerName munin.yourdomain.com
DocumentRoot /opt/local/www/munin/data

AllowOverride All
Order allow,deny
Allow from all



obv you will wanna tighten this up in terms of security, like add .htpasswd permissions, symlink it or whatever.


this is pretty much it for the server.

note that any node will need to be added to the munin.conf file, and then a forced update will need to be run to reflect changes.
/opt/local/lib/munin/munin-update --force-root

(if you do that as it is running the cron job you will get a lock error/ dying)



now the nodes!

that is a little easier... just a little.

pkg_add munin-node

there again the munin user must be fixed as above, skip these steps if you are installing the node on the munin server machine.

to pre configure the plugins, this command should be run:

/opt/local/sbin/munin-node-configure --shell | sh

but beware, it doesn't always work. effectively it checks a plugin to see if it is working, and if so creates a link. the plugin itself is stored in /opt/local/lib/munin/plugins but you need to create a link in /opt/local/etc/munin/plugins to make it work.

also to get a nice easy way to restart the munin node, do:

svccfg import /opt/local/share/smf/manifest/munin-node.xm

svcadm enable munin
(or disable)

much easier than killing processes i find!

to test if everything is working ok on the client node side, do:

telnet localhost 4949
list
fetch

if you get a reasonable looking output, you're in!

Tuesday, 22 March 2011

Thecus 7700+ hot swap is go!

To go back on the Thecuses and their fabulous features, we have a Thecus 7700+ here at work and recently a hard drive failed because of a heat problem. (WD2002FYPS)
so guys and gals, the hot swap is absolutely go! took the faulty drive out without turning ANYTHING off, replaced it and it started rebuilding the RAID (5) straight away. 24 hours later the RAID is healthy again. moreover, the shares were still available during the rebuilding process.

i know this is supposed to be a feature according to the manual, but isn't it nice it's a feature that actually works as it should!
am always quite concerned about hot swapping and find it rather a rather nerve wrecking process!

Sunday, 20 March 2011

Mac OS X - finder doesn't go back up a directory via backspace

God I miss that in Finder... so much for Mac's being easy to use.... that's BS. Windows Explorer is much easier to use...

Keyboard shortcuts for doing most of the easy file manipulations seem to be be lacking or overly complicated. e.g. Return to open a folder <CMD + O>, F2 to rename <use the mouse>, Delete to delete from the right <FN + backspace>....

Anyway, I decided to have a backspace to go up a directory, but as Mac OS X doesn't cater for just backspace, I had to settle with ALT+Backspace, and for that to call up a macro via Keyboard Maestro applescript.

I used growl to notify me and this seems to work pretty well, as long as full pathnames are not used in the window title.

On to the script:

--register growl
tell application "GrowlHelperApp"
    -- Make a list of all the notification types
    -- that this script will ever send:
    set the allNotificationsList to ¬
        {"Go up"}
   
    -- Make a list of the notifications
    -- that will be enabled by default.     
    -- Those not enabled by default can be enabled later
    -- in the 'Applications' tab of the growl prefpane.
    set the enabledNotificationsList to ¬
        {"Go up"}
   
    -- Register our script with growl.
    -- You can optionally (as here) set a default icon
    -- for this script's notifications.
    register as application ¬
        "AppleScript Go up" all notifications allNotificationsList ¬
        default notifications enabledNotificationsList ¬
        icon of application "Finder"
   
    --       Send a Notification...
   
   
   
end tell
tell application "System Events"
    set app_name to name of the first process whose frontmost is true
   
    if app_name is not "Finder" then
        --tell application "GrowlHelperApp"
        --    notify with name ¬
        --        "Go up" title ¬
        --        "Go up" description ¬
        --        app_name application name "AppleScript Go up"
        --end tell
        --display dialog app_name
        return 0
    else
        tell application "Finder"
            try
                set the_folder to (folder of the front window) as text
            on error
                tell application "GrowlHelperApp"
                    notify with name ¬
                        "Go up" title ¬
                        "Go up" description ¬
                        "Cannot go up" application name "AppleScript Go up"
                end tell
               
                return 0
            end try
            set the clipboard to the_folder
            --display dialog the_folder
            set len to the count of the_folder
            set len to len - 1
            set old_folder to text 1 thru len of the_folder
            --get jsut the window name
            set rev to reverse of characters of old_folder as text
            set loc to offset of ":" in rev
            set start to len - loc + 2
            set old_folder to text start thru len of old_folder
            --display dialog old_folder
           
            --close previous folder window
            close Finder window old_folder
           
            --display dialog the_folder
            set len to count of the_folder
            set len to len - 1
            set the_folder to text 1 thru len of the_folder
            --display dialog the_folder
           
            --display dialog len
            set rev to reverse of characters of the_folder as text
            set loc to offset of ":" in rev
            set len to len - loc
            set the_folder to text 1 thru len of the_folder
            --display dialog the_folder
           
            activate "Finder"
            open the_folder
            --set workingDir to the_folder
           
        end tell
        tell application "GrowlHelperApp"
            notify with name ¬
                "Go up" title ¬
                "Go up" description ¬
                the_folder application name "AppleScript Go up"
        end tell
    end if
end tell


This didn't take long to knock up, maybe an hour to learn applescript, growl and the limitations of Mac OS X... It auto registers with Growl each time it starts up, but that doesn't really matter.