Admin Life Errors, Fixes, and Encounters

14Dec/101

Rate limit e-mail providers

If you're like me and need to manage large amounts of emails, one thing that must be done is limiting the speed email providers like yahoo.com, hotmail.com, live.com, gmail.com, aol.com get your email.

I don't go into much detail here but this is the setup I've researched and currently use.

First we edit main.cf and go to line 561 (i just like to keep things together)

vi /etc/postfix/main.cf

Add the following lines into main.cf

transport_maps = hash:/etc/postfix/transport

smtpslow_destination_concurrency_limit = 2
smtpslow_destination_recipient_limit = 15
smtpslow_destination_rate_delay = 2s
smtpslow_destination_concurrency_failed_cohort_limit = 2

Edit the transport file and add the domains we'd like to slow sending with.

vi /etc/postfix/transport

yahoo.com smtpslow:
gmail.com smtpslow:
hotmail.com smtpslow:
aol.com smtpslow:
comcast.com smtpslow:
live.com smtpslow:
msn.com smtpslow:
sbcglobal.net smtpslow:
verizon.net smtpslow:
bellsouth.net smtpslow:
yahoo.ca smtpslow:
cox.net smtpslow:
ymail.com smtpslow:

Go to the postfix directory and postmap(hash) the transport file

cd /etc/postfix && /usr/local/sbin/postmap transport

Now we need to change the following in master.cf.

vi /etc/postfix/master.cf

Make sure you have space or tabs before -o as it will not work if you don't.

smtpslow unix - - n - - smtp
-o smtp_helo_timeout=5
-o smtp_connect_timeout=5

Restart postfix and we're done.

/usr/local/sbin/postfix reload

2Jun/102

how to add a new munin node with freebsd

Here is what I did to add a new munin node in freebsd to an existing munin server.

cd /usr/ports/sysutils/munin-node/
make install clean

When asked about the logs, answer yes. We want munin to rotate the logs.

Would you like me to set up log rotation [y]?

After the munin install this is what we see and need to do.

********************************************************************
Unless this file already existed, a sample configuration file
has been placed in /usr/local/etc/munin/munin-node.conf.

Please edit it according to your needs.

********************************************************************

The Munin client will *not* be started automatically. To allow it
to start, put this line in /etc/rc.conf:

munin_node_enable="YES"

Then, it will be started on the next boot. If this line is already
present, the client will be started now. Otherwise, edit
/etc/rc.conf and execute this command:

/usr/local/etc/rc.d/munin-node start
********************************************************************

Lets do the easy stuff first for munin.

vi /etc/rc.conf

add munin_node_enable="YES" somewhere in the file. I like to keep all the enable options together

munin_node_enable="YES"

The plugins directory in freebsd is empty, so for munin node to work we need to add symbolic links.

cd /usr/local/etc/munin/plugins

ln -s /usr/local/share/munin/plugins/cpu cpu
ln -s /usr/local/share/munin/plugins/df df
ln -s /usr/local/share/munin/plugins/df_inode df_inode
ln -s /usr/local/share/munin/plugins/if_errcoll_ if_errcoll_fxp0
ln -s /usr/local/share/munin/plugins/if_ if_fxp0
ln -s /usr/local/share/munin/plugins/load load
ln -s /usr/local/share/munin/plugins/memory memory
ln -s /usr/local/share/munin/plugins/netstat netstat
ln -s /usr/local/share/munin/plugins/ntp_offset ntp_offset
ln -s /usr/local/share/munin/plugins/open_files open_files
ln -s /usr/local/share/munin/plugins/processes processes
ln -s /usr/local/share/munin/plugins/sendmail_mailqueue sendmail_mailqueue
ln -s /usr/local/share/munin/plugins/sendmail_mailstats sendmail_mailstats
ln -s /usr/local/share/munin/plugins/sendmail_mailtraffic sendmail_mailtraffic
ln -s /usr/local/share/munin/plugins/swap swap
ln -s /usr/local/share/munin/plugins/vmstat vmstat

Next, lets look at the conf file

vi /usr/local/etc/munin/munin-node.conf

update the allow line to the IP address of the munin server

allow ^192\.168\.1\.105$

everything else is good, save and exit

for the munin server
add the IP address of that machine

vi /usr/local/etc/munin/munin.conf

Add this to the end of munin.conf

[server1.domain.com]
address 192.168.1.203
use_node_name yes
notify_alias server1

load.notify_alias load

df.notify_alias df

# /
df._dev_mirror_gm0s1a.warning :85
df._dev_mirror_gm0s1a.critical :90

# /tmp
df._dev_mirror_gm0s1e.warning :80
df._dev_mirror_gm0s1e.critical :90

# /usr
df._dev_mirror_gm0s1f.warning :80
df._dev_mirror_gm0s1f.critical :90

# /var
df._dev_mirror_gm0s1d.warning :80
df._dev_mirror_gm0s1d.critical :90

If you haven't done so you can start munin-node from

cd /usr/local/etc/rc.d/
./munin-node start

If munin node doesn't update after 5..10 minutes look at the munin main log to find any errors that you may have.

cd /var/log/munin-main
vi munin-update.log

17Mar/101

mod_wsgi apache freebsd python

The version of Apache on older versions of FreeBSD is not compiled with support for multithreading but Python itself is. Normally this would be where Apache 1.3 is being used. The result is that when starting up Apache with mod_wsgi, an error similar to the following can occur:

Syntax error on line 37 of /usr/local/apache2/conf/httpd.conf: \
Cannot load /usr/local/apache2/modules/mod_wsgi.so into server: \
/usr/local/apache2/modules/mod_wsgi.so: Undefined symbol \
"pthread_attr_init"

You may also get this Error with apache 1.3

Syntax error on line 244 of /usr/local/etc/apache/httpd.conf:
Cannot load /usr/local/libexec/apache/mod_wsgi.so into server: \
/usr/local/lib/libpython2.4.so: Undefined symbol "pthread_attr_destroy"

The solution is to force Apache to preload the reentrant version of the C runtime library which contains the POSIX thread library functions. This can be done by modifying the 'envvars' script, if it exists and is used, contained in the same directory as where the Apache 'httpd' binary is installed, or the Apache startup script, and add the lines:

LD_PRELOAD=/usr/lib/libc_r.so
export LD_PRELOAD

Step 1.

Set the library to system environment.

# LD_PRELOAD=/usr/lib/libc_r.so
# export LD_PRELOAD

Step 2.

Stop apache then start it up again

root@host rc.d # ./apache stop
Stopping apache.
Waiting for PIDS: 35117.

root@host rc.d # ./apache start
Starting apache.

root@host rc.d #

15Mar/100

sqlite error trac install

While trying to install trac on freebsd 7.0 I had an error with sqlite.
The problem was that I had an old version already installed, but the system didn't tell me that!

# cd /usr/ports/www/trac
# make install clean

Installed /usr/local/lib/python2.5/site-packages/pytz-2009r-py2.5.egg
===> Registering installation for py25-pytz-2009r
===> Returning to build of trac-0.11.5
===> trac-0.11.5 depends on file: /usr/local/lib/python2.5/site-packages/_sqlite3.so - not found
===> Verifying install for /usr/local/lib/python2.5/site-packages/_sqlite3.so in /usr/ports/databases/py-sqlite3
===> Vulnerability check disabled, database not found
===> Extracting for py25-sqlite3-2.5.2_1
=> No MD5 checksum recorded for python/Python-2.5.2.tgz.
=> No SHA256 checksum recorded for python/Python-2.5.2.tgz.
=> No suitable checksum found for python/Python-2.5.2.tgz.
*** Error code 1

Stop in /usr/ports/databases/py-sqlite3.
*** Error code 1

Stop in /usr/ports/www/trac.
*** Error code 1

Stop in /usr/ports/www/trac.

I thought to myself, maybe I need to update the system.

# cvsup -g -L 2 /root/cvs-supfile

# make install clean

That did nothing, I get this same error. Maybe if I install it manually

cd /usr/ports/databases/py-sqlite3

root@host py-sqlite3 # make install clean
===> Vulnerability check disabled, database not found
===> Extracting for py25-sqlite3-2.5.2_1
=> No MD5 checksum recorded for python/Python-2.5.2.tgz.
=> No SHA256 checksum recorded for python/Python-2.5.2.tgz.
=> No suitable checksum found for python/Python-2.5.2.tgz.
*** Error code 1

Stop in /usr/ports/databases/py-sqlite3.

that didn't work either, so I tried

# pkg_add -R sqlite3

But the ftp server was wrong to get the correct port...

for sh you type in
setenv PACKAGESITE ftp://ftp.freebsd.org/pub/FreeBSD/ports/amd64/packages-7-stable/Latest/

for bash you update the ftp location by typing
export PACKAGESITE=ftp://ftp.freebsd.org/pub/FreeBSD/ports/amd64/packages-7-stable/Latest/
export PACKAGESITE=ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6-stable/Latest/

# pkg_add -r trac

That worked but this is where the Error shows me I have an old version of sqlite already installed!

...
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/amd64/packages-7-stable/All/py26-sqlite3-2.6.4_1.tbz... Done.
pkg_add: warning: package 'py26-sqlite3-2.6.4_1' requires 'sqlite3-3.6.19', but 'sqlite3-3.5.6' is installed
...

so I upgrade my port that I do have.
# /usr/local/sbin/portupgrade -R sqlite3

---------
root@draco sqlite3 # cd /usr/ports/www/trac
root@draco trac # make install clean

Traceback (most recent call last):
File "setup.py", line 15, in
from setuptools import setup, find_packages
ImportError: No module named setuptools
*** Error code 1

Stop in /usr/ports/www/trac.
*** Error code 1

Stop in /usr/ports/www/trac.

10Feb/100

vi search and replace ^M

To easily search and replace the ^M (new line) character in vi use the following command. Make sure your in command mode and not input mode when you do it.

:%s/^M$//g

to get the proper ^M in vi you'll need to do CTRL-v CTRL-M and that should display ^M

Filed under: commands, Errors, Unix No Comments
3Feb/100

freebsd sshd authentication slow

With Freebsd, the DNS lookup timeout in sshd is very long.
If for whatever reason your DNS servers are slow, SSHing into FreeBSD will also be slow.

Quick fix is to change /etc/resolve.conf and add opendns.com's nameservers

# vi etc/resolve.conf

nameserver 208.67.222.222
nameserver 208.67.220.220

After the change, ssh authentication was faster for me.

You can also try to restart sshd

# cd /etc/rc.d
# ./sshd restart

Which may help...

26Jan/100

apache and rc.d not working in freebsd

Trying to start apache from /usr/local/etc/rc.d but it doesn't seem to be starting?
# cd /usr/local/etc/rc.d/
# ./apachectl start

In FreeBSD you must have apache_enable="YES" inside your /etc/rc.conf file. If you don't, apache will not start via /usr/local/etc/rc.d

Same goes to mysql and any other software you want to start at boot time.

Filed under: commands, Errors, Unix No Comments
25Jan/100

quick way to find big files or directories

If your system is running out of space and you can't seem to pin point where the space went to then try this command.

du -h | grep [1-9][0-9][0-9]M

The command looks in the current directory for files from 100-999MB in size.

To look for files in GB use the following (0-9GB)
du -h | grep [0-9]G

For files 10-99GB use this command
du -h | grep [0-9][0-9]G

Filed under: commands, Unix No Comments
22Jan/100

adding and deleting files in subversion

### Quick SVN script for automatically adding and deleting files
### Here's a quick bash script for automatically adding and deleting files in subversion. Don't you hate having to list each one individually? Or getting all those messages that say, "the file has already been added" when you just do svn add my/directory/*. Even more of a pain if you selectively delete a bunch of files.

# svn status | grep '^?' | sed -e 's/^? /svn add "/g' -e 's/$/"/g' | sh
# svn status | grep '^!' | sed -e 's/^! /svn delete "/g' -e 's/$/"/g' | sh

###commit a single file (CheckIn)
# svn ci index_body.php -m 'New design changes'

18Jan/101

domain redirect .htaccess

To redirect one domain to another or even to redirect a domain to add www at the beginning of website address you'll need to do a few things.

1) Create an .htaccess file in the main directory of the website (document root)

2) add the following code inside .htaccess and change line 3 and 4.
line 3: current domain(website) to find
line 4: redirect domain(website)

Options +FollowSymlinks
RewriteEngine on
rewritecond %{http_host} ^domain.com [nc]
rewriterule ^(.*)$ http://www.domain.com/$1 [r=301,nc]

That's it! If it doesn't work make sure in your httpd.conf (apache only) that AllowOverride is set to "AllowOverride ALL" and not "AllowOverride None"

Here's a sample

AllowOverride ALL

That can also be put inside for domain specific settings.