Removing the RAID metadata

If you see the “Disk contains BIOS metadata, but is not part of any recognized BIOS RAID sets. Ignoring disk sda” error message during OS installation, then you need to remove the raid metadata the “classic” way:

dmraid -r -E /dev/sda
Do you really want to erase "pdc" ondisk metadata on /dev/sda ? [y/n] :
y

Postfix: Sender address rejected: Domain not found (in reply to RCPT TO command))

If you are trying to send emails from a local application on a CentOS machine that is not a primary mail server, then you might hit the

Sender address rejected: Domain not found (in reply to RCPT TO command))
error. In this case you need to rewrite the outgoing address that is being rejected to something that make sense with the proper domain for the users.

Here are the quick steps to accomplish this:


nano /etc/postfix/main.cf

Modify the "mydomain" variable to your email domain

Pear doesn't work properly after upgrade to PHP 5.6

After upgrade to PHP 5.6 Pear stopped to work properly giving lot's of "Download of "pear/package_name" succeeded, but it is not a valid package archive". To fix this I had to:


# pear upgrade Archive_Tar
downloading Archive_Tar-1.4.0.tgz ...
Starting to download Archive_Tar-1.4.0.tgz (x bytes)
.......done: x bytes
could not extract the package.xml file from "/tmp/pear/download/Archive_Tar-1.4.0.tgz"
Download of "pear/Archive_Tar" succeeded, but it is not a valid package archive
Error: cannot download "pear/Archive_Tar"
Download failed
upgrade failed

Tags:

How to keep a detailed audit trail of what’s being done on your Linux systems

Intrusions can take place from both authorized (insiders) and unauthorized (outsiders) users. My personal experience shows that unhappy user can damage the system, especially when they have a shell access. Some users are little smart and removes history file (such as ~/.bash_history) but you can monitor all user executed commands.It is recommended that you log user activity using process accounting. Process accounting allows you to view every command executed by a user including CPU and memory time.

Migrate files and directories between two remote servers with rsync and progress bar

To push an archive file from local to remote server with progress bar use:


rsync --rsh -av -e 'ssh -p #####' --progress --partial file.tgz root@xxx.xxx.xx.xxx:/backup

To push the content of the directory from local to remote server recursively with progress bar use:


rsync -avz -e 'ssh -p #####' --progress --partial localdirectory/ root@xxx.xxx.xx.xxx:/backup/

Tags:

Ubuntu Software RAID 1 on EFI

- Use the "manual" partitioning option during install.

- For each of your disks, delete the partition table, and then "automatically partition" the free space. There might be some 1 MB space left at the beginning and at the end of the automatically created partitioning table, just ignore them.

- Modify the automatically generated partition table: use the ext4 and swap partition as "physical RAID devices".

Tags:

Mdadm Cheat Sheet

Mdadm is the modern tool most Linux distributions use these days to manage software RAID arrays; in the past raidtools was the tool we have used for this. This cheat sheet will show the most common usages of mdadm to manage software raid arrays; it assumes you have a good understanding of software RAID and Linux in general, and it will just explain the commands line usage of mdadm. The examples bellow use RAID1, but they can be adapted for any RAID level the Linux kernel driver supports.

Finding out why a hard drive, member of software RAID 1, failed

Today we've received the following message from mdadm monitoring on one of our servers:

This is an automatically generated mail message from mdadm running on host.website.tld

A Fail event had been detected on md device /dev/md126.

It could be related to component device /dev/sda.

Faithfully yours, etc.

P.S. The /proc/mdstat file currently contains the following:

Personalities : [raid1]
md126 : active raid1 sda[1](F) sdb[0]
1953511424 blocks super external:/md0/0 [2/1] [_U]

md0 : inactive sda[1](S) sdb[0](S)
6056 blocks super external:imsm

Tags:

Recovering a hacked Drupal system

In order to check if your Drupal 7 website has been hacked, install the following modules:

drush dl site_audit
drush dl drupalgeddon

clear drush cache and run:

drush cache-clear drush
drush asec

Some attack does two things: firstly, in creates NEW php files scattered throughout your directory structure. The files are all 494 bytes long, and end in "php" so they are easy to find. Run the following command to see if you have any:


find . -size 494c -name "*.php"

...and then run this command to delete them:

Pages

Subscribe to Front page feed