CentOS: Forced shutdown

Yesterday, we encountered a disk issue on one of our CentOS servers. Some of the disks had either failed, or were predicting failure, so our vendor swooped in, changed some of the disks, as well as the RAID controller. Unfortunately, this worked for only a short time, before we started seeing “input/output error” verbiage in the console. The concern was data loss, so we tried to shutdown, reboot: same “input/output error”.

And then I learnt that it’s possible to force a shutdown via the Magic SysRq key. I mean, magic!!

echo 1 > /proc/sys/kernel/sysrq
echo o > /proc/sysrq-trigger

New disks are incoming as I type this, we’ll have to keep a close look on this developing situation.



Linux: Ifconfig and its replacement

Recently I installed CentOS 7 Minimal, and lo and behold, command not found. As it turns out, ifconfig while you can still get via ‘yum install net-tools‘, we should be a bit more forward looking, and use it’s designated replacement.

To quote Doug Vitale’s excellent article:

some Linux tools that, while still included and functional in many Linux distributions, are actually considered deprecated and therefore should be phased out in favor of more modern replacements.

Specifically, the deprecated Linux networking commands in question are: arp, ifconfigiptunnel, iwconfig, nameif, netstat, and route. These programs (except iwconfig) are included in the net-tools package that has been unmaintained for years.

Now, his article was written in 2011, so this probably means a decade or so after the software was essentially abandoned, there are still unknowing users like me who had no idea, happily using it for whatever we use it for.

So software and blog posts, the gift that keeps on giving then!

SOLVED: rrd.h not found

I was trying to compile collectd on a old CentOS 6 host, and ./configure complained that rrdtool couldn’t be found; e.g.

rrdtool . . . . . . . no (rrd.h not found)

I’d intended to use rrdtool to collect instance-level metrics and then graph ’em out with CGP, so it was pretty annoying. TIL that you can use the “-ql” to list the files installed by a particular binary; e.g.

$ rpm -ql rrdtool-devel
package rrdtool-devel is not installed

I installed rrdtool-devel, and then lo and behold:

rrdtool . . . . . . . yes


Proftpd for CentOS 6

More of a note to self than anything. As usual, YMMV.

1. Add RPMForge repo.

# rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt
# wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el5.rf.x86_64.rpm
# rpm -Uvh rpmforge-release-0.5.3-1.el5.rf.x86_64.rpm
# yum install proftpd -y
# chkconfig --level 345 proftpd on
# /etc/init.d/proftpd restart
# netstat -tnlp|grep proftpd
tcp 0 0 :::21 :::* LISTEN 36615/proftpd

2. Configure iptables.

# iptables -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
# etc/init.d/iptables save; etc/init.d/iptables restart

3. New Linux user.

# useradd foo -p /path/to/home/directory
# passwd foo

4a. Failed login #1; e.g.

Command: USER foo
Response: 331 Password required for foo
Command: PASS ********
Response: 530 Login incorrect.
Error: Critical error: Could not connect to server

4b. Note /var/log/secure erros; e.g.

Oct 29 03:41:07 bar proftpd: PAM unable to dlopen(/lib64/security/pam_stack.so): /lib64/security/pam_stack.so: cannot open shared object file: No such file or directory
Oct 29 03:41:07 bar proftpd: PAM adding faulty module: /lib64/security/pam_stack.so
Oct 29 03:41:07 bar proftpd[36319]: ([]) - USER foo (Login failed): Incorrect password.

4c. Fix PAM config for proftpd-1.3.4a-1.el6.rf.x86_64.

# cat /etc/pam.d/proftpd
auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
auth required pam_shells.so
auth include system-auth
account include system-auth
session include system-auth
session required pam_loginuid.so
# /etc/init.d/proftpd restart

4d. Failed login #2; e.g.

Command: PWD
Response: 257 "/" is the current directory
Command: TYPE I
Response: 200 Type set to I
Command: PASV
Response: 227 Entering Passive Mode.
Command: MLSD
Error: Connection timed out
Error: Failed to retrieve directory listing

4e. Configure passive FTP.

# iptables -A INPUT -p tcp -m multiport --dports 60000:65535 -j ACCEPT
# etc/init.d/iptables save; etc/init.d/iptables restart
# cat /etc/proftpd.conf|grep PassivePort
PassivePorts 60000 65535
# /etc/init.d/proftpd restart

5. Success!

Command: MLSD
Response: 150 Opening ASCII mode data connection for MLSD
Response: 226 Transfer complete
Status: Directory listing successful