Living Ubuntu

A while ago I tried to set Zenoss to monitor several diferent servers (Windows included) and found everything went great with CentOS and Windows but not quite right with Ubuntu. I decided to give it a try one more time and found that although I was doing everything correctly, Ubuntu has a "/etc/default/snmp" file that has some configuration properties that needed to be changed as well. I created a small script (you can download it from here) to automate a little bit the process. If you don't want to run the script, here is a list of things you need to do to have a "Read Only" SNMP configuration in Ubuntu: Install SNMP: sudo apt-get install snmp snmpd Backup the default config: sudo mv /etc/snmp/snmp.conf /etc/snmp/old.snmp.conf Create the new config: sudo echo "rocommunity public" > /etc/snmp/snmpd.conf Modify the line in /etc/default/snmpd: sed -i 's/127.0.0.1//g' /etc/default/snmpd Restart SNMP agent: sudo /etc/init.d/snmpd restart If you want to test the configuration works, try this command: snmpwalk localhost -v1 -c public system

Introduction: Python for Unix and Linux System Administrators is a book written by Noah Gift and Jeremy Jones that comes with a complimentary Virtual Machine. The idea is to be able to run the Virtual Machine with NO EXTRA CONFIGURATION and have everything needed running and working. If you are running VMWare Server 1.0.5 or later you *should* have no problems running the VM once this is decompressed. VMWare Image Specifications:

• Ubuntu 7.10 Server Version (no X or GUI installed)
• Compressed in tar.gz format is 548 MB total (4GB decompressed).
• Created with VMWare version 1.0.5
• 2 x 2gb hard drives.
• 512MB of RAM
• 1st hard drive mounted in "/"
• 2nd hard drive mounted in "/usr"
• VMWare tools installed

Main packages and configurations:

• Trac and Subversion integrated together and served via Apache including all the code.
• Fully working SAMBA and LDAP configuration as a Primary Domain Controller.
• Apache authenticates user(s) to LDAP.

Instructions:

1. Download the latest version of the VM by doing: wget http://examples.oreilly.com/9780596515829/vm/
2. Untar the file: tar xzvf py4sa.tar.gz
3. You need VMWare Server installed (version 1.0.5 or higher). Open it and go to File -> Open
4. Browse where the uncompressed image is and select the "py4sa.vmx" file.
5. Select the image in the main screen and hit the PLAY button. IMPORTANT! Hit "keep" or "I have copied this image" when prompted the first time you run the image.
6. Check the "Important Notes" for a couple of bugs related to the login prompt.
7. All login/password credentials are: user: py4sa password: py4sa
8. The image will load Apache2, SAMBA, LDAP, Subversion and Trac by default, so you should have everything running from the get-go.
9. Run "ifconfig" to see the IP address the image has and type the same IP into your browser to see "Python For SysAdmins" as a listed project for Trac.

Important Notes:

• This Ubuntu Server Version seems to have a bug where it will show you the login prompt before finishing the complete loading of all the services.
• It will hang at the line where it tries to run the rc.local scripts. You need to hit "enter" to get the login prompt again.
• There is a changelog in "/root/changelog" that has some information on the work done to the VM.

Some links:

• Book URL
• Book Table of Contents
• Book Source Code
• Book Virtual Machine
• Book Google Code Project
• Downloadable Zip of All Code

Sometimes repositories move, or they simple change a url and then you are left with a checked out version that no longer can do updated. Subversion ships with a "switch" tool that accepts a "relocate" input. The correct usage is: svn switch - -relocate http://old.url.com/trunk http://new.url.com/trunk/ You have to be really careful and double check the url's or else you will be left with a broken repository.

I had previously used something like( which works OK): commands.getstatusoutput('echo $HOME/') But I think this is much better... os.environ.get('HOME')

Somehow, if you have 2 servers or sites and need to include on of them within the other without doing any copying of files or moving stuff around, there is a simple way to do this with the proxy module in Apache. To enable mod_proxy you can do: sudo a2enmod proxy sudo /etc/init.d/apache2 reload After this, remember that this module will break your inbound connections if you don't change this part of /etc/apache2/mods-enable/proxy.conf: Deny  from All To: Allow from All Another Apache reload an you should be good to go. Now get to the Virtual Host file and add this after "ServerName" and before any "<Directory>" or "<Location>" ProxyPass                  /newfolder     http://other-server.com/ ProxyPassReverse     /newfolder     http://other-server.com/ Another Apache reload and you will correctly have the content of other-server.com in the non-existent "newfolder".

This is a problem, since a server doesn't come with all the libraries Vmware needs to run. It took me a while to get those since the vmware-config.pl script is not to explicit as to what is missing. If you get these installed you should be good to go to complete the vmware install:

sudo apt-get install libx11-6 libx11-dev libxtst6 libxrender1 libxt6 zlib1g

I have started to use Fluxbox on my personal laptop. I like it so much that I will soon make the change for my work computer (yes, I am allowed to use Ubuntu at work). Fluxbox is a extremely light desktop environment for Linux and I found it by chance when using ophcrack live cd at work to solve a problem trying to crack a windows password from an old computer. You can try it without messing anything on your Gnome or Kde setup. Just do: sudo apt-get install fluxbox Then logout and select "Fluxbox" as your session before you login. This file is my (ongoing) effort to start customizing shortcuts. Just a note to new users: the menu is found by right clicking on an empty space on your desktop.

The easy way to do this with the desktop environment is easy. But this is the way to do it at the command line. At the end this way is better since you will be able to do it no matter what desktop environment you have. System Beeps are annoing anyways, right? So open and edit the blacklist file: sudo vim /etc/modprobe.d/blacklist Add this line: blacklist pcspkr The remove the module: modprobe -r pcspkr Nothing of this is permanent though so you can revert back just enabling the module and commenting out the line in the blacklist file.

Had some issues the other day trying to get mod_proxy to work. It seems it doesn't come with the default modules in Apache so I had to go and get it (beware! before installing keep in mind it restarts apache once its done!):

sudo apt-get install libapache2-mod-proxy-html

This is kind of weird naming convention for that module, it took me a while to find it. After placing the correct rules in the VirtualHost I was getting access denied. This is because mod_proxy has a configuration file in /etc/apache2/mods-enabled called proxy.conf that comes with a security rule of:

"Deny All"

You will have to edit this (I changed it to Allow All since I wanted all traffic available) according to your specific situation. Now we need to "enable" the module by doing:

sudo a2enmod proxy

One final reload of Apache and everything was working again:

sudo /etc/init.d/apache2 reload

I give up with helpdesk solutions out there. More specifically these solutions:

1. OTRS (Open ticket Request Service)
2. OsTicket
3. eticket
4. Ticket-IT
5. OpenIT
6. RT  (Request Tracker)
7. Epix Power Support

I could keep the list growing but I seriously give up. This might be the first time ever I have encountered a problem that many have tried to address with their applications but few (or none?) have succeeded. A support ticketing system, is basically designed to streamline issues requested by users to people who will eventually solve them. Having said that, there has to be 2 ways to accomplish this: Via email Via web-form On the above applications they fail to accomplish this in an easy, straight-forward way. Some of them (like eticket) rely heavily on receiving tickets via web forms but require installation of mail-server packages (which require extra configuration they don't provide) to enable receiving tickets via email and sending email answers. You can't be offering an application that is not complete, that depends on other applications with different configurations (who knows how many different configurations are needed to get things working!) and with little or no documentation on how to accomplish putting them together to work. It is not hard to have an application to receive an email and create a ticket, be able to send email answers and be able to receive tickets via a web form. But why have I spent the last 2 weeks installing (and eventually removing) support ticket applications without finding something that is really worth it?