Computer

I have been getting increasing number of errors in my Exim log related to GnuTLS Diffie-Hellman prime number. That prime number being too small causes Exim to abort the connection and initiate a new one to send the email over an unencrypted session. The exact error message is: TLS error on connection to foobar.example.com [x.x.x.x] (gnutls_handshake): The Diffie-Hellman prime sent by the server is not acceptable (not long enough). With a recent enough Exim installation, you can define the tls_dh_min_bits parameter to a value that you find acceptable....

To have rsyslogd automatically create directories and files with whatever you send at it, just put this in your rsyslog.conf file (or a .conf file in /etc/rsyslog.d): # provide UDP syslog reception $ModLoad imudp $UDPServerRun 514 $template DynFile,"/var/log/syslogs/%fromhost-ip%-%fromhost%/%$YEAR%-%$MONTH%-%syslogfacility-text%" # log everything from remote servers to one file per host+month+facility if $inputname == 'imudp' or $inputname == 'imtcp' then ?DynFile # stop logging from remote servers if $inputname == 'imudp' or $inputname == 'imtcp' then ~ All directories and files are created under /var/log/syslogs, one directory per ip-hostname pair, and one file per facility per month....

I had to migrate users from an Active Directory/Exchange combo to a SME server for temporary disaster recovery event. Here’s the script I wrote to create the export and recreate the users and their aliases in the SME server. The export was done before the disaster of course :) #!/bin/bash #ldapsearch -x -b "dc=customer,dc=com" -h 1.2.3.4 -D "domain\user" -W "(objectclass=user)" > activedirectory.ldiff File="activedirectory.ldiff" #reset files content echo > sme.users echo > sme....

A few months ago, I was unable to login on my vCSA. At that time, I thought it ws a glitch, I rebooted (didn’t fix the issue) and changed the password of the users, which fixed the issue. Recently, I had the same issue. I concluded it could not be a glitch anymore and decided to search for root cause. The reason given by Veeam was “username or password incorrect”, which was wrong....

A simple script to check Exim queue size for Nagios NRPE: #!/bin/bash #arg1 = warning count #arg2 = critical count if \[ -z "$1" \] || \[ -z "$2" \] then echo "Usage: ${0} warningcount criticalcount" else if \[ "$1" -ge "$2" \] || \[ "$1" -le "0" \] || \[ "$2" -le "0" \] then echo "Error: incorrect values." else queuesize=$(/usr/sbin/exim4 -bpc) if \[ "$queuesize" -gt "$2" \] then echo "CRITICAL - exim queue size: $queuesize" exit 2 elif \[ "$queuesize" -gt "$1" \] then echo "WARNING - exim queue size: $queuesize" exit 1 else echo "OK - exim queuesize: $queuesize" exit 0 fi fi fi

On two recent Supermicro servers, typing reboot actually shuts down the server. Thanks to Google and this blogpost, http://major.io/2013/06/03/supermicro-x9scix9sca-server-does-a-shutdown-rather-than-a-reboot/ I no longer have this issue. Short story: just blacklist the module named “mei” and you’re good.

If you want to boot with DHCP/PXE/TFTP method and your DHCP is handled by a Mikrotik router and your TFTP server is on another server, then you need to set the next-server and boot-file-name parameters in the network definition. Do not try to set DHCP options (codes 66 and 67) and assign them to the network definition, it will not work. The same applies to the NTP servers option. So, do not do this:...

I had to configure a bunch of ESXi 5.1 servers with LSI 9240-4i hardware RAID controllers the other day. This RAID controller is perfectly supported in ESXi 5.1 but it lacks the monitoring features. To have these, you need to install first the LSI SMIS package on your ESXi hosts. With this, the ESXi server acts as a proxy to query the RAID controller from the network. Then you need a Windows computer running LSI MegaRaid Storage Manager (MSM) software....

This weekend, I finally had time to install a few network cameras from Ubiquiti in my house. The goal was to replace the previous system, which was composed of cheap USB webcams and the software motion , that has been running for years. HP Proliant N40L I had a spare N40L lying around that I used as a storage server for my VMware lab, so I repurposed it to be my future one and only home server running file sharing, monitoring, etc and AirVision of course....

It has been explained many times over the internet, so I won’t cover that. One thing you have to pay attention to is, if you run snmptt as a daemon, be sure that it has the right to write to Nagios FIFO. On my Debian system, I had to run snmptt as nagios user. Then, when you convert the MIBs to snmptt.conf file format, sometimes it will fail because the MIB is not RFC compliant....