Find size of ext3 Journal
Fri, 04/13/2012 - 15:01 — sandipThe journal is located at inode:
# tune2fs -l /dev/sda1 | awk '/Journal inode/ {print $3}'
The size of journal in Bytes is:
# debugfs -R "stat <inodenumber>" /dev/sda1 | awk '/Size: /{print $6}'|head -1
Note: "<>" is necessary around the inode number.
group writable web folders with setgid and ACL
Tue, 04/03/2012 - 10:18 — sandipOften times, there is need for web-accessible folders to be set up so all web-developers have write access.
Along with setgid option, ACL can be used so anyone in the group "web-developers"
would have write privileges to anything under web-accessible document root.
So unless the acl privileges is revoked specifically, it would just continue to work.
To enable ACL, add "acl" option to /etc/fstab file for the corresponding partition and remount.
Edit /etc/fstab:
/dev/mapper/home /home & nbsp; & nbsp; ext4 defaults,acl 0   ; 2
Remount:
# mount -o remount /home
Here is the commands to be used for the setup:
# groupadd developers
# chgrp -R developers /path/to/docroot
# find /path/to/docroot -type d -exec chmod g+s {} \;
# find /path/to/docroot -type d -exec setfacl -m g:developers:rwx,d:g:developer s:rwx {} \;
# find /path/to/docroot -type f -exec setfacl -m g:developers:rw {} \;
Now anyone needing write access can be put in the "developers" group.
# usermod -G developers {username}
If you need the webserver to have write access to certain folders, then chown the location to be owned by the webserver, instead of giving write permissions to all.
# chown apache /path/to/docroot/apache
munin-node mysql setup
Wed, 03/28/2012 - 13:33 — sandip-
munin-node installed via epel repository.
Install perl-Cache-Cache:
# yum install munin-node perl-Cache-Cache
[mysql*]
env.mysqluser munin
env.mysqlpassword {PASS}
mysql> create user munin@localhost identified by '{PASS}';
mysql> GRANT PROCESS, SUPER ON *.* TO 'munin'@'localh ost';
mysql> GRANT SELECT ON `mysql`.* TO 'munin'@'localh ost';
mysql> flush privileges
munin-node-configure --suggest 2>/dev/null |grep mysql
munin-node-configure --shell | grep mysql | sh
# cd /etc/munin/plugins
# munin-run mysql_connections
Plesk courier-imap imapd on port 143 fails
Thu, 02/16/2012 - 20:53 — sandipAfter Plesk upgrade to 9.5.4, imapd on port 143 did not come up.
On checking the maillog, it was complaining about:
imapd: Invalid -maxprocsarg option.
imapd-ssl: Invalid -maxprocsarg option.
I noticed /etc/courier-imap/imapd had both the below lines commented:
#MAXDAEMONS=40
#MAXPERIP=4
Once I uncommented those values, I was able to get the imap listener up upon a `service courier-imap restart`.
Django postgresql connect_timeout via environment variable
Mon, 02/06/2012 - 23:03 — sandipRecently, I've had to move a postgresql database onto a separate server and split it out from the django application server.
On doing so, we saw intermittent "OperationalError: could not connect to server: Connection timed out".
This was quite obvious that the "connect_timeout" had to be increased to resolve the issue due to the latency introduced by the network. However, psycopg2 database adapter was being used which did not support the "connect_timeout" option to be passed via django.
We were able to work around the issue setting the environmental variable "PGCONNECT_TIMEOUT" so libpq would pick up the connection parameter.
Put the below in "django.wsgi":
os.environ['PGCONNECT_TIM EOUT'] = '30'
munin-node and postgresql plugins setup
Sun, 02/05/2012 - 19:37 — sandipWhile setting up munin to monitor postgresql, I was getting "[DBD::Pg not found, and cannot do psql yet]" when running `munin-node-configure --suggest | grep postgres`.
I confirmed that the rpm package "perl-DBI-1.52-2.el5" was indeed installed.
However, when I ran a test against the module, it failed with:
# perl -MDBD::Pg -e 1
Can't load '/usr/lib64/perl5/vendor_ perl/5.8.8/x86_64-linux-thread -multi/auto/DBD/Pg/Pg.so' for module DBD::Pg: libpq.so.4: cannot open shared object file: No such file or directory at /usr/lib64/perl5/5.8.8/x86_64- linux-thread-multi/DynaLoader. pm line 230.
at -e line 0
Compilation failed in require.
BEGIN failed--compilation aborted.
On checking the library, it returned with "libpq.so.4 => not found":
# ldd /usr/lib64/perl5/vendor_perl/5 .8.8/x86_64-linux-thread-multi /auto/DBD/Pg/Pg.so
linux-vdso.so.1 => (0x00007fffb60bb000)
libpq.so.4 => not found
libc.so.6 => /lib64/libc.so.6 (0x00007fa36d2c2000)
/lib64/ld-linux-x86-64.so.2 (0x00007fa36d845000)
Indeed libpq.so.4 was missing since postgresql90-libs was installed which only includes "libpq.so.5".
To get libpq.so.4, "compat-postgresql-libs" package needed to be installed.
Once installed the perl module test passed and I was able to get the munin plugins linked using:
# munin-node-configure --shell | grep postgres | sh
Configuring Bind RNDC
Tue, 12/27/2011 - 22:00 — sandipRNDC is a useful mechanism for administering DNS servers. If it is not configured, BIND complains about it.
Determine the locations where RNDC expects to find the config files.
# rndc status
rndc: neither /etc/rndc.conf nor /etc/rndc.key was found
Create the rndc config file:
# rndc-confgen > /etc/rndc.conf
Thy rndc conf file should also have the contents that need to go to "/etc/named.conf". See sample below:
# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
# algorithm hmac-md5;
# secret "aitNuyDz9NkSZ0MbxeQKcQ== ";
# };
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1; } keys { "rndc-key"; };
# };
Once the key and control section has been added to named.conf, restart named and test again with:
# rndc status
openvz tmpfs and dcachesize
Mon, 12/12/2011 - 16:21 — sandipWhen using tmpfs inside OpenVZ containers, make sure to monitor and increase dcachesize (directory and inode entries) appropriately.
tmpfs mounts can be used to speed up applications doing lots of read/writes to temporary diskspace such a php sessions and mysql tmp directory.
Mount using "/etc/fstab":
tmpfs /dev/shm &nbs p; tmpfs noexec,nosuid,nodev   ; 0 0
tmpfs /var/lib/php/session &nbs p; tmpfs mode=770,gid=48,size=500M,noex ec,nosuid,nodev,noatime & nbsp; 0 0
Note: default folder permission of "/var/lib/php/session" is 770 and set to the apache Group ID.
watching nginx server status
Fri, 11/18/2011 - 16:48 — sandipOnce you have turned on nginx stub_status and enabled access from localhost:
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
You can now watch the the status realtime with:
watch -n1 'curl localhost/nginx_status 2>/dev/null'
Remove all messages from exim queue
Thu, 11/17/2011 - 16:39 — sandipexim -bp | awk '/^ *[0-9]+[mhd]/{print "exim -Mrm " $3}' | bash
`exim -bp`, lists the messages in queue, which is piped through awk, printing to output "exim -Mrm {MessageID}" which is further piped into bash for execution.