Thursday, March 22, 2018

nis master server settings on cloned system

 i need to change nis master server settings on cloned system. don't even ask.  
 # domainname <newdomainname>  
 # mv /var/yp/<domainname> to <newdomainname>  
 /etc/hosts change <hostname> to <newhostname> ; <ip> to <newip>  
 /etc/conf.d/net change <domainname> to <newdomainname>  
 /etc/yp.conf change <domainname> to <newdomainname>  
 /var/yp/ypservers change <hostname> to <newhostname>  
 make -C /var/yp  
 # ypwhich  
 Should return <newhostname>  
 # ypcat passwd | grep <username>  
 # ypcat group | grep <groupname>  
 Both should return known results  

Wednesday, March 7, 2018

put pubkeys on a lot of hosts

 i need to zap authorized_keys *all over the place*  
 this concatenates a file which contains sever keys.  
 nodes is a long list of ip addresses.  
 for i in `cat nodes` ; do  
    cat authorized_keys.add | ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no -o \  
    UserKnownHostsFile=/dev/null -t -t -t -l root $i 'cat >> /root/.ssh/authorized_keys'  

Thursday, February 8, 2018

when crond is using /bin/sh

 crond uses sh by default. that last cron script i posted, well tee is broke in sh. do this:

0 12 * * * root 2>&1 | bash -c 'tee >(/usr/bin/logger -p local6.notice -t script_tag ) >(mail -s "script output" me@here) >/dev/null'   

Monday, February 5, 2018

debug rsyslogd

 why isn't rsyslogd sending anything out?  
 window 1 $ tcpdump -u dst port 514  
 window 2 $ logger -n -P 514 "hello god"  
 <no answer>  
 hmm. let's debug rsyslogd  
 $ export RSYSLOG_DEBUGLOG="/tmp/debuglog"  
 $ export RSYSLOG_DEBUG="Debug"  
 $ service rsyslog stop  
 $ rsyslogd -d | head -10   
 7160.005597645:7fae096a3780: rsyslogd 7.2.6 startup, module path '', cwd:/root  
 7160.005872662:7fae096a3780: caller requested object 'net', not found (iRet -3003)  
 7160.005895004:7fae096a3780: Requested to load module 'lmnet'  
 7160.005906331:7fae096a3780: loading module '/lib64/rsyslog/'  
 7160.006023505:7fae096a3780: module lmnet of type 2 being loaded (keepType=0).  
 7160.006030872:7fae096a3780: entry point 'isCompatibleWithFeature' not present in module  
 7160.006033780:7fae096a3780: entry point 'setModCnf' not present in module  
 7160.006036209:7fae096a3780: entry point 'getModCnfName' not present in module  
 7160.006038359:7fae096a3780: entry point 'beginCnfLoad' not present in module  
 bad modules.  

dump cron script output from stdin into remote syslog & mail

 dump cron script output from stdin into remote syslog & mail  
 because i feel important the more mail i delete (but really need to archive it on a syslog server because, well, you know).  
 0 12 * * * root | cat | tee >(/usr/bin/logger -p local6.notice -t script_tag ) >(mail -s "script output" me@here) 2>&1  
 rsyslog configuration directive:  
 local6.*;*.*    @  
 (note: @@ is tcp listener)  

Thursday, February 1, 2018

svn logs to syslog

 make svn logs human readable and send off to a syslog server  
 in /etc/apache2/sites-enabled/000-svn  
 # set customlog variable  
 LogLevel warn  
 LogFormat "%{%Y-%m-%d %T}t %u@%h %>s repo:%{SVN-REPOS-NAME}e %{SVN-ACTION}e %B Bytes in %T Sec" svn_log  
 # customlog and send to syslog  
 CustomLog "|/usr/bin/tee -a /var/svn/logs/svn_logfile | /usr/bin/logger -thttpd -plocal6.notice" svn_log env=SVN-ACTION  
 in /etc/rsyslog.d/50-default.conf  
 local6.*    @remotesyslog  
 what remote syslog shows:  
 2018-02-01 16:34:45 buildbot@ 207 repo:repos get-dir /hell r160669 props 575 Bytes in 0 Sec  
 what standard apache access logs see: - buildbot [01/Feb/2018:16:34:45 -0500] "PROPFIND /svn/repos/hell HTTP/1.1" 207 397 "-" "SVN/6.6.6 (r40053) neon/0.66.0"  

apache logs to syslog

 get those apache logs to a remote syslog server  
 in /etc/apache2/sites-enabled/000-site  
 ErrorLog "|/usr/bin/tee -a /var/log/apache2/error.log | /usr/bin/logger -thttpd -plocal6.err"  
 CustomLog "|/usr/bin/tee -a /var/log/apache2/access.log | /usr/bin/logger -thttpd -plocal6.notice" combined  
 in /etc/syslog.conf  
 local6.*   @remoteserver  
 $ModLoad imfile  
 $InputFilePollInterval 10   
 $PrivDropToGroup adm  
 $WorkDirectory /var/spool/rsyslog  
 # Apache access file:  
 $InputFileName /var/log/apache2/access.log  
 $InputFileTag apache-access:  
 $InputFileStateFile stat-apache-access  
 $InputFileSeverity info  
 $InputFilePersistStateInterval 20000  
 #Apache Error file:   
 $InputFileName /var/log/apache2/error.log  
 $InputFileTag apache-error:  
 $InputFileStateFile stat-apache-error  
 $InputFileSeverity error  
 $InputFilePersistStateInterval 20000  
 what syslog gets:  
 <181>Feb 1 15:33:44 gallup httpd: - - [01/Feb/2018:15:33:44 -0500] "GET /url/index.php HTTP/1.1" 200 20025 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"