Monthly Archives: September 2014

Exclude fstab entries that use BIND from nagios nrpe check_disk / check_all_disks

Say you have an /etc/fstab file with an entry for bind: tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 ** /root/special/folder /home/user1/folder none bind 0 0 If you run the nagios nrpe command (below) as root everything works fine: /usr/lib64/nagios/plugins/check_disk -w 8% -c 5% -A -x /dev/shm -X nfs -X bind -i /boot However, when you run this as the nagios user it fails (as is expected since the nagios does not have access to this folder): sudo -u nagios /usr/lib64/nagios/plugins/check_disk -w 8% -c 5% -A -x /dev/shm -X nfs -X bind -i /boot DISK CRITICAL – /home/user1/folder is not accessible: Permission denied Since the nrpe checks are done with nagios a solution is needed. You could exclude the path specifically, using the -x flag: `-x /home/user1/folder` But you’d have to do that each time you make any changes to the /etc/fstab file. In the commands above I left in the -X bind flag, which I attempted, although it does not work. I also tried -X bindfs with no luck. There are some other flags for different types of file systems. -X tmpfs -X devpts -X sysfs -X proc -X binfmt_misc -X rpc_pipefs -X nfs These can also be written as: –exclude-type=tmpfs –exclude-type=devpts –exclude-type=sysfs –exclude-type=proc –exclude-type=binfmt_misc –exclude-type=rpc_pipefs –exclude-type=nfs However, the one that is needed to exclude the bind is actually the none file system, or -X none or –exclude-type=none

Posted in Server Administration | Tagged , , | Leave a comment

How to update bash on Ubuntu 10.10 Maverick – fix shellshock

Ubuntu 10.10 Maverick is now past the end-of-life / end-of-support phase so it will no longer be getting any updates, including security updates. To update / patch bash you must do so from source. Here are the commands to download the source for bash and build and install it. Update – the instructions below were previous instructions, but to prevent the continuous need to apply patches there is an updated method using git: New Method 1 This method downloads a tarball of the latest source code and is around 7MB in size. wget “http://git.savannah.gnu.org/cgit/bash.git/snapshot/bash-master.tar.gz” unzip bash-master.tar.gz cd bash-master ./configure make make install New Method 2 This method uses git and requires ~ 150MB of space ( includes version history ) but makes future updates easier with a git pull: git clone git://git.sv.gnu.org/bash.git cd bash ./configure make make install Old Method mkdir src cd src wget http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz #download all patches for i in $(seq -f “%03g” 0 27); do wget http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-$i; done tar zxvf bash-4.3.tar.gz cd bash-4.3 #apply all patches for i in $(seq -f “%03g” 0 27);do patch -p0 < ../bash43-$i; done #build and install ./configure && make && make install cd .. cd .. rm -r src Testing Bash for Shellshock Paste this into a terminal env x='() { :;}; echo vulnerable’ bash -c “echo this is a test” Desired Result bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x’ this is a test If you get something like the above message you’re good … Continue reading

Posted in Server Administration | Tagged , | 5 Comments

Chrome Developer Tools now Open on Right opposed to Opening on the Bottom

If you’ve downloaded a recent beta or canary build of Google Chrome you may notice that sometimes the “developer tools” seem to open at the right instead of at the bottom. If you’re not using a large, wide-screen monitor you may find this inconvenient. Unfortunately it seem the Chromium Developer’s personal preferences have to come before user-experience. If you want the default setting for the position of Chrome’s Developer tools to be customizable, you’re out of luck. It will attempt to use your last-used preference, but you’ll notice that with incognito mode it will always end up being on the right. Because it is more convenient for the developers, and easier for them to change a default value string rather than code in an actual preference. Wouldn’t it be nice to do this: Unfortunately, that is not currently available. So what should you do? Star it, and complain about it here.

Posted in Tech Tips, Web Development | Tagged | Leave a comment

Stay.app’s “Restore All Windows” command from Applescript

If you want to use applescript to run cordlessdog.com‘s Stay.app command “Restore All Windows” command from Applescript, here is how to do it: tell application “Stay” set resultBoolean to restore all windows end tell Stay.app supports 5 applescript commands which are: restore active application windows restore all windows store active application windows store active window store all windows

Posted in Mac, Tech Tips | Leave a comment

Ruby’s RVM, Shebang, dotfiles, and cron

When attempting to run cron files, and files remotely via SSH there were some issues. My default shell is zsh and the rvm setup is pretty standard too. ( Assuming that you already have rvm installed ) From the documentation page there is this note: There are five startup files that zsh will read commands from: $ZDOTDIR/.zshenv $ZDOTDIR/.zprofile $ZDOTDIR/.zshrc $ZDOTDIR/.zlogin $ZDOTDIR/.zlogout If ZDOTDIR is not set, then the value of HOME is used; this is the usual case. In the /etc/zsh/zprofile file there was a line that did this: test -f /etc/profile.d/rvm.sh && source /etc/profile.d/rvm.sh I commented that line out, which is loaded for interactive shells, and moved it instead to /etc/zsh/zshenv which is loaded for both interactive and non-interactive shells. This allows us to add the shebang #!/usr/bin/env ruby to the top of my .rb files, do a chmod +x and then run them directly ( eg: $ ./my-script.rb ) I don’t know if that is the most “proper” way of getting my scripts to work but it seems to work well for me. For cron jobs ( in the file edited by crontab -e ) you may want to add something like this as your first line: SHELL=”/usr/bin/zsh” That would basically change the default shell for cron jobs. Again, your milage may vary and this probably won’t work on shared hosting platforms. You can also check your setup to make sure that rvm is installed correctly by typing rvm info – if it gives you any errors search … Continue reading

Posted in Uncategorized | Leave a comment