Admin Life Errors, Fixes, and Encounters

11Jul/120

Send/Receive Frequency for outlook 2007

To change the Send/Receive Frequency for outlook 2007

You can change the frequency of how often Outlook 2007 checks the server for new email.

  1. Go to Tools -> Options... The Options window opens.
  2. Click the Mail Setup tab.
  3. Click the Send/Receive... button.

From here you can edit the schedule's automatic send/receive. You can also initiate a Send/Receive manually via the Send/Receive button on Outlook's toolbar.

10Feb/120

Move MySQL database directory

By default mysql installs itself in /var/db in freebsd. If you have a big database then this folder will quickly get filled up.
Here are the commands to move mysql from /var/db to /usr/local/mysql

cd /var/db
mv mysql /usr/local/
ln -s /usr/local/mysql mysql

cd /usr/local
chown -R mysql mysql

Then start up mysql

done.
27Sep/110

Apache freebsd munin not working together

I came across an issue with Apache 2.2 on freebsd 8.2 where munin wasn't graphing the Apache data. (apache_accesses, apache_processes and apache_volume )

When I tailed the munin error log I found this error.

tail /var/log/munin/munin-node.log
munin UserAgent not found at apache_volume line 86.
With some researching on google I found this nice munin command to tell me more about how to setup munin. IE what we can install on freebsd.

/usr/local/sbin/munin-node-configure --suggest
The output gave us "LWP::UserAgent not found". which means, install Perl's libwww.

To fix this error we install p5-libwww

cd /usr/ports/www/p5-libwww/
make install clean

Restart munin and everything should now work.

# ./usr/local/etc/rc.d/munin-node restart

ref: http://articles.slicehost.com/2010/4/9/enabling-munin-node-plug-ins-on-ubuntu

14Dec/101

Rate limit e-mail providers

If you're like me and need to manage large amounts of emails, one thing that must be done is limiting the speed email providers like yahoo.com, hotmail.com, live.com, gmail.com, aol.com get your email.

I don't go into much detail here but this is the setup I've researched and currently use.

First we edit main.cf and go to line 561 (i just like to keep things together)

vi /etc/postfix/main.cf

Add the following lines into main.cf

transport_maps = hash:/etc/postfix/transport

smtpslow_destination_concurrency_limit = 2
smtpslow_destination_recipient_limit = 15
smtpslow_destination_rate_delay = 2s
smtpslow_destination_concurrency_failed_cohort_limit = 2

Edit the transport file and add the domains we'd like to slow sending with.

vi /etc/postfix/transport

yahoo.com smtpslow:
gmail.com smtpslow:
hotmail.com smtpslow:
aol.com smtpslow:
comcast.com smtpslow:
live.com smtpslow:
msn.com smtpslow:
sbcglobal.net smtpslow:
verizon.net smtpslow:
bellsouth.net smtpslow:
yahoo.ca smtpslow:
cox.net smtpslow:
ymail.com smtpslow:

Go to the postfix directory and postmap(hash) the transport file

cd /etc/postfix && /usr/local/sbin/postmap transport

Now we need to change the following in master.cf.

vi /etc/postfix/master.cf

Make sure you have space or tabs before -o as it will not work if you don't.

smtpslow unix - - n - - smtp
-o smtp_helo_timeout=5
-o smtp_connect_timeout=5

Restart postfix and we're done.

/usr/local/sbin/postfix reload

19Oct/101

setup jails on freebsd

we'll be creating 4 jails + main host (5 machines in total)

First, lets create some folders where the jails will be stored.

mkdir /usr/jails && mkdir /usr/jails/mail1 && mkdir /usr/jails/mail2 && mkdir /usr/jails/mail3 && mkdir /usr/jails/mail4

then we add some settings to rc.conf

# vi /etc/rc.conf

Add these line right after (remember, every machine has a differnt network card reference (bge0)). Change it to your machines network card.

ifconfig_bge0="inet 192.168.1.157 netmask 255.255.255.0"

ifconfig_bge0_alias0="inet 192.168.1.211 netmask 0xfffffff8"
ifconfig_bge0_alias1="inet 192.168.1.212 netmask 0xfffffff8"
ifconfig_bge0_alias2="inet 192.168.1.213 netmask 0xfffffff8"
ifconfig_bge0_alias3="inet 192.168.1.214 netmask 0xfffffff8"

if you don't want to reboot, you'll also have to setup the alias now so you can ssh in later...
ifconfig bge0 inet alias 192.168.1.211 netmask 255.255.255.255
ifconfig bge0 inet alias 192.168.1.212 netmask 255.255.255.255
ifconfig bge0 inet alias 192.168.1.213 netmask 255.255.255.255
ifconfig bge0 inet alias 192.168.1.214 netmask 255.255.255.255

near the bottom of the file, add following and makre sure you change the IP's & paths if different than above.

#only have 5 IP's. 1 for the main server and 4 for the jails
#jail_list="mail1 mail2 mail3 mail4"

jail_enable="YES"
jail_list="mail1 mail2 mail3 mail4"
jail_set_hostname_allow="YES"

jail_mail1_rootdir="/usr/jails/mail1"
jail_mail1_hostname="mail1.example.com"
jail_mail1_ip="192.168.1.231"
jail_mail1_start="/bin/sh /etc/rc"
jail_mail1_devfs_enable="YES"
jail_mail1_devfs_ruleset="devfsrules_jail"

jail_mail2_rootdir="/usr/jails/mail2"
jail_mail2_hostname="mail2.example.com"
jail_mail2_ip="192.168.1.232"
jail_mail2_start="/bin/sh /etc/rc"
jail_mail2_devfs_enable="YES"
jail_mail2_devfs_ruleset="devfsrules_jail"

jail_mail3_rootdir="/usr/jails/mail3"
jail_mail3_hostname="mail3.example.com"
jail_mail3_ip="192.168.1.233"
jail_mail3_start="/bin/sh /etc/rc"
jail_mail3_devfs_enable="YES"
jail_mail3_devfs_ruleset="devfsrules_jail"

jail_mail4_rootdir="/usr/jails/mail4"
jail_mail4_hostname="mail4.example.com"
jail_mail4_ip="192.168.1.234"
jail_mail4_start="/bin/sh /etc/rc"
jail_mail4_devfs_enable="YES"
jail_mail4_devfs_ruleset="devfsrules_jail"

------------------------------------------

Make the virtual system

cd /usr/src
make world DESTDIR=/usr/jails/mail1

if you get this error "make: don't know how to make world. Stop"
it's because you don't have to source tree installed...
look at cvs-supfile blog post to know how to do it...

cd etc
make distribution DESTDIR=/usr/jails/mail1
cd /usr/jails/mail1
ln -sf /dev/null kernel

touch /usr/jails/mail1/etc/fstab
cat /etc/resolv.conf > /usr/jails/mail1/etc/resolv.conf
mount -t procfs proc /usr/jails/mail1/proc
mount -t devfs dev /usr/jails/mail1/dev
mkdir /usr/jails/mail1/usr/ports
mount_nullfs /usr/ports /usr/jails/mail1/usr/ports

Once the first jail is created, we can just copy jails and not have to redo "make world" which takes awhile.

----------------------------------------------

Configuration of the jail
Start the jail for the first time

# /etc/rc.d/jail start mail1

If you try to SSH into the jail, you will end up in the main machine and not in the jail.
To fix this add the following line to /etc/rc.conf

rpcbind_enable="NO"

vi /etc/ssh/sshd_config

Port 22
Protocol 2
ListenAddress 192.168.1.157

Now we jump into the jail for some 1st step configurations

# jail /usr/jails/mail1 mail1.example.com 192.168.1.231 /bin/sh

now you are inside the jail:

change the root password
# passwd

add a new user and invite the user to the wheel group (so you can su to root)
# adduser

So we can ssh into the jail

# echo 'sshd_enable="YES"' >> /etc/rc.conf

install bash, change the users shell to bash
if you are in a jail and ports doesn't exit you have to remount the ports Filesystem
# cd /usr/ports/shells/bash
# make clean; make install clean
# chsh
change the shell to: /usr/local/bin/bash

Host environment syslogd
This entry in /etc/rc.conf tells syslogd to not listen on any IP address.

syslogd_flags="-ss"

That allows syslogd to run in both the host and the jail environments.

Host environment inetd

This entry in /etc/rc.conf tells inetd to listen on a specific IP address. This address is that of the host environment:

inetd_flags="-wW -C 60 -a 192.168.0.100"

You should note that the first part of the above flags is from /etc/defaults/rc.conf:

inetd_flags="-wW -C 60" # Optional flags to inetd

jail_enable="YES"
jail_list="mail_1"
jail_set_hostname_allow="YES"

jail_mail_1_rootdir="/usr/jails/mail_1"
jail_mail_1_hostname="mail_1.example.com"
jail_mail_1_ip="192.168.1.202" jail_mail_1_start="/bin/sh /etc/rc"
jail_mail_1_devfs_enable="YES"
jail_mail_1_devfs_ruleset="devfsrules_jail"

if you forget root password
jail /dumpdrive500/jails/devbox2 devbox2 192.168.1.152 /usr/bin/passwd root

------------------------------------------------

Clone the Jails

mkdir /usr/jails/mail2
cd /usr/jails/mail1
tar -cpf - . | tar -C /usr/jails/mail2 -xpf -

Mount all the needed directories for the cloned jails

mount -t procfs proc /usr/jails/mail1/proc
mount -t devfs dev //usr/jails/mail1/dev
mount_nullfs /usr/ports /usr/jails/mail1/usr/ports

vi /etc/rc.conf
added in -------------
jail_devbox5_rootdir="/usr/jails/mail1"
jail_devbox5_hostname="devbox5.example.com"
jail_devbox5_ip="192.168.1.155"
jail_devbox5_start="/bin/sh /etc/rc"
jail_devbox5_devfs_enable="YES"
jail_devbox5_devfs_ruleset="devfsrules_jail"

/etc/rc.d/jail start devbox5
ref: http://www.freebsd.org/doc/en/books/handbook/jails-build.html [[BR]]
ref: http://www.freebsddiary.org/jail-6.php

7Jun/103

setup domainkeys with postfix and freebsd on a jail

How to setup domainkeys for yahoo on freebsd 7.3 (I'm sure it works with older versions of freebsd) on postfix 2.7. This may seem long but it works! It's not that long of a process...

Fist, Install postfix and configure. This is a very basic setup, I'll have a more advanced postfix install in the near future.

cd /usr/ports/mail/postfix
make install clean
cd /etc
ln -s /usr/local/etc/postfix postfix
cd /etc/postfix
vi main.cf

// change the following
/////////////////////////////////////
myhostname = mail1.domain.com
mydomain = mail1.domain.com
myorigin = $mydomain
inet_interfaces = 56.56.56.56
mydestination = $myhostname, localhost.$mydomain, $mydomain
mynetworks = 56.56.56.56,127.0.0.1

install dkfilters

cd /usr/ports/mail/dkfilter
make install clean

//Setting up the outbound filter
/////////////////////////////

Generate a private/public key pair using OpenSSL:

cd /usr/local/etc/
openssl genrsa -out private.key 1024
openssl rsa -in private.key -pubout -out public.key

start up dkfilters, don't forget to change IP 56.56.56.56 to your own IP

/usr/local/bin/dkfilter.out --keyfile=/usr/local/etc/private.key --selector=selector1 --domain=mail1.domain.com --method=nofws 56.56.56.56:10027 56.56.56.56:10028 &

add to master.cf, 2nd line if a jail server

############################################
submission inet n - n - - smtpd
-o smtpd_etrn_restrictions=reject
#-o smtpd_sasl_auth_enable=yes
-o content_filter=dksign:[56.56.56.56]:10027
-o receive_override_options=no_address_mappings
-o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
dksign unix - - n - 10 smtp
-o smtp_send_xforward_command=yes
-o smtp_discard_ehlo_keywords=8bitmime
56.56.56.56:10028 inet n - n - 10 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=67.213.69.0/24
-o smtpd_authorized_xforward_hosts=56.56.56.0/24

I got this error in the /var/log/maillog
postfix/local[11933]: fatal: open database /etc/aliases.db: No such file or directory
// to fix it...

cd /etc
newaliases

# change resolv.conf if you haven't done so yet...
# update hosts with correct IPs of machine

// restart postfix

/usr/local/sbin/postfix stop
/usr/local/sbin/postfix start

May 31 22:00:22 mail1 postfix/postfix-script[12148]: stopping the Postfix mail system
May 31 22:00:22 mail1 postfix/master[12023]: terminating on signal 15
May 31 22:00:25 mail1 postfix/postfix-script[12224]: starting the Postfix mail system
May 31 22:00:25 mail1 postfix/master[12225]: daemon started -- version 2.7.0, configuration /usr/local/etc/postfix

didn't work with yahoo, i got this error
domainkeys=permerror (no key);
FIX: in my dns i added (in godaddy)

host: selector1._domainkey.mail1
TXT value: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIshG7shxiCH280IycLOzF3cSTBE27rGypfK3SWiE37A9Z9OR7GDApCFBFfLWyQKaDPA+e4+mPvAVizOfn6Zj8FnuOL+BrOYUJJG/PbCT4t+V5Aagi/l7Z6VXfoKbzYcESNVPntROEzUZLyWXWYzI2qbgjWi2RxQVoRxl3uWXihQIDAQAB; t=y

error after installing postfix and trying to start it up...

Jun 1 14:32:14 mail1 postfix/postfix-script[60663]: starting the Postfix mail system
// Jun 1 14:32:14 mail1 postfix/master[60664]: fatal: bind 56.56.56.56 port 25: Address already in use

vi /etc/rc.conf
add sendmail_enable="NO"

restart jail or machine

error with SPF
check to see if it can find a value for your spf

nslookup -type=TXT domain.com

For a sub domain

nslookup -type=TXT mail1.domain.com

Stay tuned for a more up-to-date version in the next week or two.

2Jun/102

how to add a new munin node with freebsd

Here is what I did to add a new munin node in freebsd to an existing munin server.

cd /usr/ports/sysutils/munin-node/
make install clean

When asked about the logs, answer yes. We want munin to rotate the logs.

Would you like me to set up log rotation [y]?

After the munin install this is what we see and need to do.

********************************************************************
Unless this file already existed, a sample configuration file
has been placed in /usr/local/etc/munin/munin-node.conf.

Please edit it according to your needs.

********************************************************************

The Munin client will *not* be started automatically. To allow it
to start, put this line in /etc/rc.conf:

munin_node_enable="YES"

Then, it will be started on the next boot. If this line is already
present, the client will be started now. Otherwise, edit
/etc/rc.conf and execute this command:

/usr/local/etc/rc.d/munin-node start
********************************************************************

Lets do the easy stuff first for munin.

vi /etc/rc.conf

add munin_node_enable="YES" somewhere in the file. I like to keep all the enable options together

munin_node_enable="YES"

The plugins directory in freebsd is empty, so for munin node to work we need to add symbolic links.

cd /usr/local/etc/munin/plugins

ln -s /usr/local/share/munin/plugins/cpu cpu
ln -s /usr/local/share/munin/plugins/df df
ln -s /usr/local/share/munin/plugins/df_inode df_inode
ln -s /usr/local/share/munin/plugins/if_errcoll_ if_errcoll_fxp0
ln -s /usr/local/share/munin/plugins/if_ if_fxp0
ln -s /usr/local/share/munin/plugins/load load
ln -s /usr/local/share/munin/plugins/memory memory
ln -s /usr/local/share/munin/plugins/netstat netstat
ln -s /usr/local/share/munin/plugins/ntp_offset ntp_offset
ln -s /usr/local/share/munin/plugins/open_files open_files
ln -s /usr/local/share/munin/plugins/processes processes
ln -s /usr/local/share/munin/plugins/sendmail_mailqueue sendmail_mailqueue
ln -s /usr/local/share/munin/plugins/sendmail_mailstats sendmail_mailstats
ln -s /usr/local/share/munin/plugins/sendmail_mailtraffic sendmail_mailtraffic
ln -s /usr/local/share/munin/plugins/swap swap
ln -s /usr/local/share/munin/plugins/vmstat vmstat

Next, lets look at the conf file

vi /usr/local/etc/munin/munin-node.conf

update the allow line to the IP address of the munin server

allow ^192\.168\.1\.105$

everything else is good, save and exit

for the munin server
add the IP address of that machine

vi /usr/local/etc/munin/munin.conf

Add this to the end of munin.conf

[server1.domain.com]
address 192.168.1.203
use_node_name yes
notify_alias server1

load.notify_alias load

df.notify_alias df

# /
df._dev_mirror_gm0s1a.warning :85
df._dev_mirror_gm0s1a.critical :90

# /tmp
df._dev_mirror_gm0s1e.warning :80
df._dev_mirror_gm0s1e.critical :90

# /usr
df._dev_mirror_gm0s1f.warning :80
df._dev_mirror_gm0s1f.critical :90

# /var
df._dev_mirror_gm0s1d.warning :80
df._dev_mirror_gm0s1d.critical :90

If you haven't done so you can start munin-node from

cd /usr/local/etc/rc.d/
./munin-node start

If munin node doesn't update after 5..10 minutes look at the munin main log to find any errors that you may have.

cd /var/log/munin-main
vi munin-update.log

24May/100

Setup gmirror RAID 1 on FreeBSD

We are going to setup RAID 1 on FreeBSD 7.3 using gmirror. gmirror is a software based RAID system. I did this using FreeBSD 7.3 but this works with older versions of FreeBSD as well (i've done it as back as FreeBSD 6.2 . First things first, make sure you have the same hard drive size and if possible the same brand / model.

After installing freebsd but before existing the system installer

press ALT-F4 to be taken to the command prompt
type in csh to get a good shell

csh

Create a mirror/duplex

kern.geom.debugflags=16
gmirror label -v -b round-robin gm0 /dev/ad0

That's it, RAID 1 is now setup on the system
Now we tell the system to load it up everytime we boot up.

echo geom_mirror_load="YES" > /boot/loader.conf

make sure fstab uses raid, but first lets make a backup

cp /etc/fstab /etc/fstab.orig
vi /etc/fstab

Insert the word mirror after /dev and change ad to gm.
For example, /dev/ad0s1a becomes /dev/mirror/gm0s1a

double check that you didn't mistype anything or else the system may not boot up.

After that, ALT-F1 to switch back to the install interface. Reboot the machine.

When the system is done rebooting, we add the 2nd drive into the RAID array

gmirror insert gm0 /dev/ad2

To see what's happening with the RAID type in

gmirror list | more

To see the synchronizing status

gmirror status

Once the synchronizing is done, simply reboot and your done setting up RAID on FreeBSD

18Mar/100

Changing your hosts file in Vista

By default, if you try to modify your hosts file in windows Vista, it will not let you save it. It tells you that you don't have permission. To successfully modify the hosts file, run notepad.exe as an administrator open the file. This is a windows vista and windows 7 issue and does not need to run in windows XP

1 ) Browse to Start -> All Programs -> Accessories
2 ) Right click "Notepad" and select "Run as administrator"
3 ) Click "Continue" on the UAC prompt
4 ) Click File -> Open
5 ) Browse to "C:\Windows\System32\Drivers\etc"
6 ) Change the file filter drop down box from "Text Documents (*.txt)" to "All Files (*.*)"
7 ) Select "hosts" and click "Open"
8 ) Make the needed changes and close Notepad. Save when prompted.

Here is a sample of what the hosts file looks like
I added 3 banner sites at the bottom as an example of what you can add.
In this example, everytime your browser tries to go to bannersite1.com bannersite3.com or bannersite3.com
your computer will answer with nothing... which causes no banners to come up!

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost
127.0.0.1 bannersite1.com
127.0.0.1 bannersite2.com
127.0.0.1 bannersite3.com

17Mar/101

mod_wsgi apache freebsd python

The version of Apache on older versions of FreeBSD is not compiled with support for multithreading but Python itself is. Normally this would be where Apache 1.3 is being used. The result is that when starting up Apache with mod_wsgi, an error similar to the following can occur:

Syntax error on line 37 of /usr/local/apache2/conf/httpd.conf: \
Cannot load /usr/local/apache2/modules/mod_wsgi.so into server: \
/usr/local/apache2/modules/mod_wsgi.so: Undefined symbol \
"pthread_attr_init"

You may also get this Error with apache 1.3

Syntax error on line 244 of /usr/local/etc/apache/httpd.conf:
Cannot load /usr/local/libexec/apache/mod_wsgi.so into server: \
/usr/local/lib/libpython2.4.so: Undefined symbol "pthread_attr_destroy"

The solution is to force Apache to preload the reentrant version of the C runtime library which contains the POSIX thread library functions. This can be done by modifying the 'envvars' script, if it exists and is used, contained in the same directory as where the Apache 'httpd' binary is installed, or the Apache startup script, and add the lines:

LD_PRELOAD=/usr/lib/libc_r.so
export LD_PRELOAD

Step 1.

Set the library to system environment.

# LD_PRELOAD=/usr/lib/libc_r.so
# export LD_PRELOAD

Step 2.

Stop apache then start it up again

root@host rc.d # ./apache stop
Stopping apache.
Waiting for PIDS: 35117.

root@host rc.d # ./apache start
Starting apache.

root@host rc.d #