SSHbase is a bcfg2 plugin for managing ssh host keys. It is responsible for making ssh keys persist beyond a client rebuild and building a consistent ssh_known_hosts file including all the ssh keys and deploying it across all the systems bcfg2 manages.

SSHbase has two basic functions:

• to generate ssh host keys; if a system has not a key in the repository, it will be generated on its first check-in
• to maintain a consistent ssh_known_hosts file, and deploy it to all systems. This will include all the public keys in the repository.

Read the rest of this entry »

Running mailstats on a debian etch server running sendmail was returning the following error:
# /usr/sbin/mailstats
MSP statistics...
mailstats: /var/lib/sendmail/sm-client.st: No such file or directory
MTA statistics...
mailstats: /var/lib/sendmail/sendmail.st: No such file or directory

The StatusFile was enabled in sendmail.cf (the default location as no definition was overwritten in sendmail.mc):
# grep StatusFile /etc/mail/sendmail.cf
O StatusFile=/var/lib/sendmail/sendmail.st

Read the rest of this entry »

Cacti uses for its web interface persistent mysql connections to the mysql server. Normally this is fine and you would not care about it, but if you want to disable this and make cacti use regular mysql connections (and properly close each of its open mysql calls) here is what you need to do:

edit: lib/database.php and replace PConnect with Connect

if ($cnn_id->PConnect($hostport,$user,$pass,$db_name)) {

Again, this is just for the web interface and if you don’t have any problems or particular reasons to change this, it is better to leave it as it is. For example I had to do this on a server where mysql had problems with persistent connections as those were affecting the proper functionality of the site.

The latest MySQL Community Edition release, 5.0.67 will not be included in Debian Lenny as the distribution is frozen meaning no upstream new releases are going to be included into testing before lenny is released. Lenny will ship with MySQL 5.0.51a, while 5.0.67 (or a newer version if that will be the case) will be added to debian testing right after the release.

In the meantime, if you want to use 5.0.67 you can either download the source packages from MySQL or use the packages Norbert Tretkowski (one of the mysql package maintainers) has made available. The deb sources allow you to recompile the package on any architecture you might need it (only amd64 binary packages are provided).

Source: http://tretkowski.de/blog/archives/418-MySQL-5.0.67-not-uploaded-to-Debian.html

The Dell Remote Access Controller or DRAC is an interface card by Dell which provides out-of-band management. The controller has its own processor, memory, battery, network connection, and access to the system bus. Key features include power management, virtual media access and remote console, all available through a supported web browser. This gives system administrators the ability to configure a machine as if they were sitting at the local console (terminal).

Since the DRAC card has its own IP separated from the one of the host server it is very common to assign for it a private IP; or even if it has a public IP it might be protected by a corporate firewall, making it very simple to connect from the corporate office, but not from outside. In such cases when you need to connect to the DRAC console from outside a solution is to tunnel over SSH your DRAC traffic.

Read the rest of this entry »

Running the latest version of ldapscripts from Debian lenny (ver 1.7.1-2) I was getting this error:
trap: usage: trap [-lp] [arg signal_spec ...]whenever I was running ldapadduser.

To fix this you have to edit /usr/share/ldapscripts/runtime and find the line:
...
# Reset traps
trap -
…

and change it to:
trap - 2in order to fix the trap error.

Sendmail will use by default a single mail queue. This is what most users will need, and if you don’t have any special requirement you will not care about this. Still for high traffic mail servers it might be useful to split the queue over several directories, as thousands of files in a single directory will become a performance penalty at some point and also processing the queue sequentially will become very slow. This post will show how we can implement multiple mail queues with modern sendmail versions.

Read the rest of this entry »

Yesterday a friend of mine (centos fan) asked me: “I can’t find the killall command on Debian. How can I install it?” This short post is the answer to this simple question, but for someone not familiar with debian/ubuntu this might be useful.

The answer is simple: install the psmisc package:
aptitude install psmisc
Besides killall this contains also the fuser and pstree commands.

Yesterday, the server of the Linux Mint distribution was hacked and code was injected to install a trojan called JS/Tenia.d on the computers of users browsing their site www.linuxmint.com. They recommend to all users that have visited their website during the past 2 days, to scan their computer to be sure the trojan is not present . Obviously just the Windows users were affected by this (as Linux/Mint users were confused on how to scan their computers and if they were affected by this).

More, at their blog post: http://www.linuxmint.com/blog/?p=235

Saturday, 16 August 2008, the Debian Project turns 15 years of age. Founded in 1993 by Ian Murdock to be a truly Free, community project, the project has grown to one of the largest and most influential open source projects.

To celebrate the day, Debian fans are organising birthday parties all around the globe.