A Project Blog
A Project Blog
Quick instructions to getting Tripwire installed and running on Ubuntu 6.06 LTS (Dapper Drake). For more detailed instructions check out this site.
1. Install Tripwire. Say Yes to everything, and create some passwords.
% sudo apt-get install tripwire
% sudo tripwire -m i
2. Fix the policy. I was getting many errors that looked like:
### Warning: File system error.
### Filename: /root/.Xauthority
### No such file or directory
I removed the non-existent files from the policy file with the following commands:
% sudo cp /etc/tripwire/twpol.txt /etc/tripwire/twpol.txt.bak
% sudo vim /etc/tripwire/twpol.txt
% sudo tripwire --update-policy -Z low /etc/tripwire/twpol.txt
Later, when you need to update the database, such as after running updates (adjust the date and number from then end of the file, or sometimes you can just drop the whole -r flag):
% sudo tripwire -m u -r /var/lib/tripwire/report/closetbox64-20071223-133927.twr
By default, Tripwire will be set to email whenever it sees changes. To quickly check the status, run:
% sudo tripwire --check
I used this to start fetchmail on an Ubuntu 7.10 server running Request Tracker.
Edit /etc/rc.local, add your command, make sure it doesn’t create any output. This is my command:
su rt -c “fetchmail -d 300″ > /dev/null 2>&1
It starts a background fetchmail process as the “rt” user, just as the Request Tracker documentation states.
# cat /proc/mdstat
md0 : active raid5 sdf1[7] sdb1[0] sde1[5] sdg1[4] sdh1[3] sdd1[2] sdc1[1]
1465175424 blocks level 5, 64k chunk, algorithm 2 [7/6] [UUUUUU_]
[>....................] recovery = 1.3% (3331200/244195904) finish=2357.0min speed=1700K/sec
Ouch. Two files are used to control the speed of rebuilding RAID arrays in Linux.
/proc/sys/dev/raid/speed_limit_min
/proc/sys/dev/raid/speed_limit_max
Even though my _max file is set to 200,000K/sec and my system is not doing anything, my RAID 5 rebuild process is hovering around the _min rebuild speed, of 1,000K/sec. With my setup this will take approximately 40 hours to complete, which is too long for me to wait. So, I pushed the _min speed up to 10,000K/sec, which will now take 6 hours to finish, and use slightly more of my system’s idle resources.
root# echo “10000″ > /proc/sys/dev/raid/speed_limit_min
Later I set _min to 50,000K/sec, and the rebuild speed topped out at 25,000K/sec.
#cat /proc/mdstat
Personalities : [raid5]
md0 : active raid5 sdf1[7] sdb1[0] sde1[5] sdg1[4] sdh1[3] sdd1[2] sdc1[1]
1465175424 blocks level 5, 64k chunk, algorithm 2 [7/6] [UUUUUU_]
[=>...................] recovery = 5.1% (12661840/244195904) finish=149.9min speed=25726K/sec
The rebuild took less than 3 hours, down from the original 40.
I had my first Ubuntu bug report confirmed and fixed by the Ubuntu team. The bug I encountered kept Lighty from coming back up when being restarted. Since the default logrotate scripts had Lighty restarting every night, this bug hit my Rails apps quite often. Extending the logrotate script’s rotate frequency helped, and I was about to install Monnit, but now it looks like I can skip that knowing the restart bug has been fixed. Hooray for well managed open source projects.
Steps for install Django on Dapper Drake with Apache2, MySQL5, and Python2.4 already installed:
Other notes:
I finally ran a successful backup, which took 16 hours to grab ~750 GB of data. Future runs will be much shorter, as rsnapshot will only be grabbing changes. Scripts now run the backup when the machine is powered on, then email me the results and power the machine down. Next up, getting the machine to power up without me asking. I guess I need to invest in a WOL network card.
My first attempt at creating a backup server left me with a dead motherboard. I replaced the motherboard with an old but reliable socket A EPoX board I had been using in my HTPC. After booting and changing eth0 to eth1 in my network config, the server was ready to go. I started the backup and everything looked good. It ran overnight and got about 500 GB off the server. I then started copying about 250 GB of data from the server to another computer. After a couple hours of this, my server went offline, and I was left sitting at work wondering why. I was hoping for a power outage, but when I arrived back at home, I discovered only the networking on the file server had gone out, leaving thousands of these lines in dmesg:
NETDEV WATCHDOG: eth0: transmit timed out
NETDEV WATCHDOG: eth0: transmit timed out
NETDEV WATCHDOG: eth0: transmit timed out
I’m not yet sure why my network card stopped working, Google or the Ubuntu forums should help, or I could just refer back to my pre-rma’d motherboard and remember that the Marvell skge network controller died on that motherboard completely, and move to other built in network card on the mobo, by NVIDIA. If all that fails, dropping some money on a quality Intel NIC will solve the problem. Unless the problem exists in my switch.
Update: Switching the the integrated NVIDIA network interface appears to have fixed this issue. Hooray for workarounds.
After what feels like forever without a stable release, I’ve decided to move back to Wordpress. While there are some scripts out on the web to move everything over, I used the simple method, which appears to get everything except for comments and the splits in large posts. The procedure is quick:
That’s it.
I recently noticed that the next release of Ubuntu Linux will be one nice Ruby on Rails platform. After their last update of Rails itself, which brought the version number up from 1.0 to 1.1.2, Ubuntu 6.06 LTS now has all the current Rails tech built in. There is no need to search the web for all the pieces and compile package after package until finding one that works. Here are the highlights:
This means that after a 10 minute server install of Ubuntu, one can uncomment the universe repo in /etc/apt/sources.list and issue the following command to setup at capable and competent Rails server environment:
sudo apt-get install ruby1.8 mysql-server rails lighttpd libmysql-ruby1.8 libfcgi-ruby1.8
Then copy your Rails app over and configure it in Lightty you’re off. Now to find a hosting company which supports Ubuntu…
Update: Rubygems can be useful, but it isn’t in the standard repos. Instead, I downloaded and compiled rubygems-0.9.0.tgz.
Update2: I removed the Ubuntu-supplied rails and instead used rails from rubygems.
I moved back to Postfix for my server’s SMTP option. Gmail’s SMTP server overwrote the ‘from’ address for every email that went out, which was annoying.
Copyright ©2005-2007 Nicholas Brand. All rights reserved.
powered by WordPress.
24 queries. 0.278 seconds