Admins eHow SysAdmin Tips & Tricks

February 26, 2012

How to update Adaptec raid driver on Centos & RHEL5

Filed under: CentOS,General — Tags: , , , , , , , — admin @ 6:51 pm

Download the driver RPMs from adaptec website, as I have 5805z controller, I downloaded the drivers from here :

http://www.adaptec.com/en-us/support/raid/sas_raid/sas-5805z
http://www.adaptec.com/en-us/downloads/rh/rhel_5/productid=sas-5805z&dn=adaptec+raid+5805z.html

You will get a file like this :

aacraid_linux_rpms_v1.1.7-28700.tgz

unpack it :

tar zxvf aacraid_linux_rpms_v1.1.7-28700.tgz

to get :

aacraid-1.1.7-28700.rpm

install rpm :

rpm -ivh --force aacraid-1.1.7-28700.rpm

it will only extract the files to /opt/Adaptec/aacraid :

cd /opt/Adaptec/aacraid
mkdir mods
mv aacraid_prebuilt.tgz mods
cd mods
tar zxvf aacraid_prebuilt.tgz
rm *.tgz

now you have prebuilt module for different kernels, copy the appropriate kernel module to aacraid.ko path, a command like :

cp aacraid-2.6.18-238.el5xen-x86_64 /lib/modules/2.6.18-274.18.1.el5xen/kernel/drivers/scsi/aacraid/aacraid.ko

if you have locate package installed, you can easy find all aacraid.ko files :

locate aacraid.ko | xargs -n1 modinfo | grep vers

when it is complete, reboot the server.

November 18, 2010

Install SNMP on Centos/RHEL

Filed under: CentOS,linux — Tags: , , , — admin @ 4:13 pm

The following easy steps will install snmp daemon on your CentOS/RHEL server :

yum install net-snmp net-snmp-utils

now snmpd simple configuration ( change SECRET_NAME to a complex string ) :

echo rocommunity SECRET_NAME > /etc/snmp/snmpd.conf

start snmpd :

service snmpd restart

also make sure it starts on boot :

chkconfig snmpd on

last step to check snmpd is working ( change SECRET_NAME to the string you have chose before ) :

snmpwalk -v 1 -c SECRET_NAME -O e 127.0.0.1

you should get an output like below :

SNMPv2-MIB::sysDescr.0 = STRING: Linux 2.6.18-194.11.4.el5xen #1 SMP Tue Sep 21 05:40:24 EDT 201
0 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (242211) 0:40:22.11
SNMPv2-MIB::sysContact.0 = STRING: root@localhost
SNMPv2-MIB::sysName.0 = STRING: 
SNMPv2-MIB::sysLocation.0 = STRING: Unknown
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (2) 0:00:00.02
SNMPv2-MIB::sysORID.1 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.2 = OID: TCP-MIB::tcpMIB
SNMPv2-MIB::sysORID.3 = OID: IP-MIB::ip
SNMPv2-MIB::sysORID.4 = OID: UDP-MIB::udpMIB
SNMPv2-MIB::sysORID.5 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
SNMPv2-MIB::sysORID.6 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.7 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.8 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
.
.
.
.

August 7, 2009

DirectAdmin installation requirements on CentOS 5

Filed under: CentOS,General — Tags: , , — admin @ 10:00 pm

DirectAdmin guide only asks you to download their setup script and run it , but it doesn’t explain about requires packages before installation , so before installation run the following commands :

yum update
yum install perl gcc gcc-c++ make tar gzip bzip2 diffutils dbus quota

August 5, 2009

Install locate and updatedb on CentOS and Debian

Filed under: CentOS,Debian,General — Tags: , , , , — admin @ 3:55 pm

locate and updatedb commands are the best commands to search and find files in Linux. if you dont have them installed on your Linux , use the following commands :
Debian :

apt-get install locate

CentOS :

yum install mlocate

May 16, 2009

Guide to secure the server using DenyHosts

Filed under: CentOS,Debian,General,Security — Tags: , , , , — admin @ 9:20 am

One of the greatest tools I have found to secure the server from brute force attacks and keep your server out of the reach of hackers is DenyHosts.
What DenyHosts does is very simple , but very effective , it processes auth.log ( in Debian based distros ) or secure.log ( in Redhat based distros ) and finds unsuccessful login attempts through ssh and blocks the attacker through /etc/hosts.deny file.
also it has a central server which can synchronize all DenyHosts instances around the world , so if there is an attacker detected in US , it will be blocked in all of the world very fast ! but this option needs to be enabled in config file.
DenyHosts is an open source project and is available to download at sourceforge : http://denyhosts.sourceforge.net

As my favorite distro is Debian , I guide you how to install and use it on Debian. but steps are almost the same on CentOs.
DenyHosts is available through Debian repos so you can simply install it by :

apt-get install denyhosts

then you need to configure it , configuration file is located at /etc/denyhosts.conf
I suggest you to read the whole file and understand it , it worth’s the time. but in case you need a good working configuration, you can use mine :

SECURE_LOG = /var/log/auth.log
HOSTS_DENY = /etc/hosts.deny
PURGE_DENY = 1w
PURGE_THRESHOLD = 2
BLOCK_SERVICE  = sshd
DENY_THRESHOLD_INVALID = 5
DENY_THRESHOLD_VALID = 10
DENY_THRESHOLD_ROOT = 1
DENY_THRESHOLD_RESTRICTED = 1
WORK_DIR = /var/lib/denyhosts
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
HOSTNAME_LOOKUP=YES
LOCK_FILE = /var/run/denyhosts.pid
ADMIN_EMAIL = youremail@domain.com
SMTP_HOST = localhost
SMTP_PORT = 25
SMTP_FROM = DenyHosts <nobody@domain.com>
SMTP_SUBJECT = DenyHosts Report
AGE_RESET_VALID=5d
AGE_RESET_ROOT=25d
AGE_RESET_RESTRICTED=25d
AGE_RESET_INVALID=10d
DAEMON_LOG = /var/log/denyhosts
DAEMON_SLEEP = 30s
DAEMON_PURGE = 1h
SYNC_SERVER = http://xmlrpc.denyhosts.net:9911
SYNC_INTERVAL = 1h
SYNC_UPLOAD = yes
SYNC_DOWNLOAD = yes
SYNC_DOWNLOAD_THRESHOLD = 3
SYNC_DOWNLOAD_RESILIENCY = 5h

Don’t Forget to set ADMIN_EMAIL and SMTP_FROM to your own emails.
One of the important steps that you should do is to add your own IP address to white list so it doesn’t get blocked.
to do this , open /var/lib/denyhosts/allowed-hosts file and enter your own IP in it.
if you have forgotten to do this and now you are blocked from server , you need to connect to server from another IP address and do the following steps :

1.Stop DenyHosts :

/etc/init.d/denyhosts stop

2.Remove the IP address from /etc/hosts.deny
3.Also you need to remove your IP address from any file located in /var/lib/denyhosts , first look which files contain your IP :

grep Your_IP *

The remove the IP from files using your favorite editor or method 😉

Edit : I have found a great solution to delete your IP from all files all at once.

sed -i '/Your IP/d' *

4.Consider adding the IP address to /var/lib/allowed-hosts
5.Start DenyHosts

May 9, 2009

How to autostart a service on Debian, CentOs and RedHat

Filed under: CentOS,Debian,General — Tags: , , , — admin @ 3:31 pm

For Debian based distros run the following command as root :

update-rc.d servicename defaults

For CentOS and RedHat run the following command as root :

chkconfig servicename on

Powered by WordPress