Python: pip install error: Unable to find vcvarsall.bat

This error implies that you do not have the necessary compiler installed on your computer - in order to quickly find out the relevant compiler we need we can run the following from the python interpreter: import sysprint (sys.version) My output was something like: 3.5.1 (v3.5.1:37a07cee5969, Dec  6 2015, 01:54:25) [MSC v.1900 64 bit (AMD64)] We are interested in the MSC version (the version of compiler that compiled the python interpreter)...

Read more

Installing a minimalistic desktop environment on Fedora

Unfortunately in RHEL and it's derivatives the typical (or documented) way to install a desktop environment is through something like: yum groupinstall 'Server with GUI' or yum groupinstall "Desktop" "Desktop Platform" "X Window System" "Fonts" I find that there is a lot of unneeded bloat that is bundled in these groups - so this post will look at identifying the core packages that are needed to run a basic instance of X on the 'minimal' Fedora installation. We can take a look at packages included in the groups with something like: yum groupinfo...

Read more

Monitoring disk i/o with CentOS

There are many different tools that can be used to help us measure disk i/o - although for this post I will be looking at two specific tools that both have their merits. iotop (yum install iotop) iotop is a real-time command line utility used to measure i/o performance for specific processes and has a similar interface to that of top. iostat (yum install sysstat) iostat comes as part of the sysstat package and is a great tool to check i/o against a specific disk for example: iostat -x 2 The above command displays the disk i/o stats in 2 second...

Read more

Managing devices with CentOS (procfs, sysfs, udev, lsusb and lspci)

This post will look at some common components that relate to device management under CentOS and other commonly used distro's. procfs procfs (/proc) contains a series of files that describe the kernel's current view of the system (for example cpu information) - allowing applications and users to retrieve information about the system. Files within the proc directory are not standard text or binary files - rather they are referred to as 'virtual files' (this is because they are continually updated) and you will also notice that the file size of...

Read more

dbus in Linux

dbus is a library that provides communication (over a bus) between two applications. There are two main busses: systemwide message bus (as the name suggest allows system-wide communication) - Typically implemented as the 'messagebus' service on most distributions  and the 'user login session' bus. It can be debugged with the following: dbus-moni...

Read more

Understanding the X11 configuration

X / X11 is the defacto display server for the vast majority of linux distributions. There are large selection of window managers available that sit upon X - for example: XFCE, Gnome and KDE to name a few. There are several main configuration files: - /etc/X11/xorg.conf.d/* : Contains a group of configuration files (must be .conf) that are parsed as part of / in addition to the xorg.conf file. - /etc/X11/xorg.conf (sometimes /etc/xorg.conf) : The main configuration file that is read upon starting the X server. ** Note: xorg.conf is not created...

Read more

Using service dependencies with NAGIOS Core

NAGIOS allows you to define service dependencies - that simply allow you to associate other hosts (or services) that a host (or service) relies on. A typical example of this is when you would like to monitor a system that has an application frontend and database backend with two nodes in a cluster - you might not want to receive an alarm / notification (regarding the system specifically) if BOTH database servers have gone down - not simply if one of them has gone down. Another real-world example (which I will demonstrate below) is if you are...

Read more

Working with IPTables on CentOS 7

With the release of CentOS 7 iptables has been dropped by default and in it's place is firewalld - if (like me) you prefer iptables you can restore it you can do the following: Disable the stop and disable the firewalld service: systemctl stop firewalld systemctl mask firewalld and install and enable iptables: yum install iptables-services systemctl enable iptables systemctl start iptables service iptables save To view iptables rules we must use the -L switch along with the -t switch specifying the table name - typically: sudo iptables -L...

Read more

Managing Physical and Logical Volumes with LVM in CentOS

Physical Volumes When creating a physical volume (from disks) the disks MUST have no partition tables (be it MBR or GPT) - see my post about removing GPT/MR partition tables for more info. To create the physical volume we can issue: sudo pvcreate /dev/sda  sudo pvcreate /dev/sdb We can also create a physical volume from partitions e.g. sudo pvcreate /dev/sda1  sudo pvcreate /dev/sdb1 and then review them with: sudo pvdisplay To get an overview of disks that can be used we can issue: sudo lvmdiskscan or sudo...

Read more

Erasing / copying MBR and GPT partition tables within Linux

MBR The MBR typically takes up the first 512 bytes of your disk - it is broken down as follows: 446 bytes – Bootstrap. 64 bytes – Partition table. 2 bytes – Signature. (446 + 64 + 2 = 512 bytes.) We can make use of the dd command to copy your MBR to another drive: dd if=/dev/sda of=/dev/sdb bs=512 count=1 or even delete your MBR: dd if=/dev/zero of=/dev/sdc bs=512 count=1 GPT GPT addresses a lot of MBR's shortcomings - specifically the partition size / disk sizes. You can erase a GPT partition table using...

Read more

Automating stopping and starting of AWS EC2 instances using Amazon Data Pipeline

AWS provides a service called Data Pipeline that can be used to schedule compute resources such as EC2 machines among other things. This tutorial will demonstrate how to keep a VM running within a specific timeframe - for example the VM should be available from 9am in the morning and then shutdown at 5.30pm and the next day come back online at 9am. This methodology can in some scenerios save some money - although bare in mind that (according to Amazon) when a command is executed a micro VM instance is launched to process the command - and this...

Read more

Managing the system with systemd

Systemd was introduced as a replacement for init - due to certain shortcomings like it's startup times and offer an improved API and lower memory footprint (I am not going to get into a pro's and con's argument - there are plenty of resources online that do this very well.) Popular Linux distributions like Debian (8), Fedora and CentOS (7) have now adopted systemd as default. The run-level concept (although now called 'targets' ) still applies and you are able to view the configuration for each level by running something like: ls -l /usr/lib/systemd/system/runlevel* Although...

Read more

Understanding init run levels within Linux

Run levels effectively allow you to provide certain degrees of functionality - there are several run-levels that I will describe below: 0 - halt : This will simply shutdown the machine. 1 - Single User Mode: Only the console is accessible, user is NOT authenticated and goes straight into root with logging in. 2 - Multi-user mode - does not support NFS though 3 - Full multiuser mode (This is the typical level for a server without a GUI) 4 - This level is not currently used. 5 - X11 : This run level is used when the server has a desktop environment...

Read more

A Quick CHMOD reference

CHMOD can be written in one of two ways - either numerically e.g. chmod 777 or with lettering e.g. chmod g=rwx,o=rwx,u=rxw The above two command are equal to one another - the numbers are added as follows: read=4 write=2 execute=1 +r      add read perms for others, owner and group +x     add execute perms for others, owner and group +w    add write perms for others, owner and group a+rw = add read and write perms for others, group and owner a+x = add execute perms for others, group and owner. g-xw = remove...

Read more

Building a custom / newer kernel with CentOS 7

In this tutorial I will be installing the latest stable version of the Linux kernel (4.4.5 as of 15/03/2016). There is the easy method (using a pre-compiled RPM from a source like ELRepo) or the more daunting task of manually compiling it from source..! I will be doing both... Compiling from source This generally involves the following: - Download kernal, compile - Add grub boot entry Please refer to: https://www.howtoforge.com/kernel_compilation_centos From a repository Ensure you have added the ELRepo: cd /tmp rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org rpm...

Read more

Managing grub2 with CentOS

By default CentOS uses the grub2 bootloader. There are several main configuration files: /etc/default/grub # Sets the general characteristics of the bootloader e.g. timeouts, menu options and so on. /etc/grub.d/ # This directory contains various configuration files: 00_header: Used to detect and set various settings like timeouts, load modules into the kernel and so on. 00_tuned: Used to apply any settings with Tuned (tuned-adm) - this allows you to tweak the kernel for better performance for specific server roles. 01_users: Script used...

Read more

Setting up NTOPNG with the Cisco ASA on CentOS 7

Firstly refer to the installation instructions provided below (I would recommend installing from the repository): Add a new repo: sudo vi /etc/yum.repos.d/ntop.repo and add: [ntop] name=ntop packages baseurl=http://packages.ntop.org/centos/\$releasever/\$basearch/ enabled=1 gpgcheck=1 gpgkey=http://packages.ntop.org/centos/RPM-GPG-KEY-deri [ntop-noarch] name=ntop packages baseurl=http://packages.ntop.org/centos/\$releasever/noarch/ enabled=1 gpgcheck=1 gpgkey=http://packages.ntop.org/centos/RPM-GPG-KEY-deri EOT and then run a update yum: yum...

Read more

Monitoring Linux Hosts with NAGIOS and NRPE

We should firstly install the NRPE agent of the server we wish to monitor: wget http://assets.nagios.com/downloads/nagiosxi/agents/linux-nrpe-agent.tar.gz tar xzf linux-nrpe* cd linux-nrpe* sudo ./fullinstall ** Ensure that your firewall on the client allows port 5666 (TCP/NRPE) and 5667(NSCA) inbound connections from your NAGIOS server ** We will then be prompted to enter the IP address of your NAGIOS monitoring server(s.) Once installed you will find a set of pre-defined commands in /usr/local/nagios/etc/nrpe.cfg - which (of course) we can...

Read more

How to install python modules on CentOS 7

Like many other languages Python is lucky enough to have it's own package manager (PIP) that will allow you to quickly (and hassle free - most of the time) install third party modules. To install PIP we should firstly ensure that we have the EPEL repository installed (as I am using CentOS for this tutorial): sudo yum install epel-release and then install the PIP package using yum: yum install python-pip and finally install the relevent packages via PIP e.g. pip install reque...

Read more

Creating a custom NAGIOS plugin to check your bespoke applications

Full credit / source: https://www.digitalocean.com/community/tutorials/how-to-create-nagios-plugins-with-bash-on-ubuntu-12-10 In my opinion writing addons for NAGIOS couldn't be easier - there are three main requirements: - The check returns the relevent exit code (0 = OK, 1 = Warning, 2 = Critical, 3=Unknown) - Ideally push some useful information out to STDOUT. Since the requirements are so simple you can pretty much write the checks in anything you want - BASH scripting, C, python etc. So on the client host we create the script: sudo...

Read more

NAGIOS: check_http: Invalid option - SSL is not available

When attempting to monitor an SSL / HTTPS site with the check_http command within NAGIOS I encountered the following error: check_http: Invalid option - SSL is not available This is because the openssl development libraries were not available during the initial compilation of the NAGIOS plugins - to resolve this we should install the relevent packages and recompile them: yum install openssl-devel wget http://www.nagios-plugins.org/download/nagios-plugins-2.1.1.tar.gz tar zxvf nagios-plugins-2.1.1.tar.gz cd nagios-plugins-2* ./configure...

Read more

Using MRTG to monitor bandwidth on your network (SNMP)

MRTG is a tool that logs bandwdith information via SNMP from a network device such as a switch and archives it providing an historic overview of bandwidth utilization.  We should firstly install the necessary packages: yum install mrtg net-snmp net-snmp-utils and create a configuration for your SNMP enabled device with: cfgmaker --global 'WorkDir: /var/www/mrtg' --output /etc/mrtg/mrtg.cfg public@router (where 'public' is your community string.) We can manually invoke MRTG with: /usr/bin/indexmaker --output=/var/www/mrtg/index.html...

Read more

Error: Could not stat() command file '/usr/local/nagios/var/rw/nagios.cmd'!

I encountered this error after a fresh install of NAGIOS and attempting to disable a check from the web GUI. There are two areas to check: - Firstly if you are using something like CentOS - ensure that SELinux is not interfering - you can do this by issuing: cat /etc/sysconfig/selinux and ensure the 'SELINUX' is set to 'permissive' e.g. SELINUX=permissive OR better yet create an exception for httpd: sudo vi /etc/selinux/targeted/booleans and add / append: httpd_disable_trans=1 Now restart the httpd server: sudo setsebool httpd_disable_trans...

Read more

Setting up email notifications for NAGIOS Core with Exchange

For this demonstration I will be configuring NAGIOS to route it's notifications through an Exchange server. We should firstly define a contact definition - this is simply a set of information that tells NAGIOS when and where to send notifications - once we have defined a contact we can then associate it with hosts, hostgroups, service groups and so on. So we should edit the contacts definitions: sudo vi /usr/local/nagios/etc/objects/contacts.cfg define contact {         contact_name            ...

Read more

Managing Outlook clients mailbox rules on Exchange

To view current rules of a mailbox we can issue: Get-InboxRule -Mailbox Mailbox01 And in order to look at a specific rule we can issue something like: Get-InboxRule -Mailbox Mailbox01 -Identity "My Example Rule" To delete a rule we can issue: Remove-Inboxrule –Mailbox Mailbox01 -Identity "My Example Rule" And using the Set-InboxRule and New-InboxRule cmdlets we can modify and create new rules - although to be honest it's quite often easier doing this on the client-side / Outlook....

Read more

Configure a time source / NTP on Centos

We should firstly install the necessary packages: yum install ntp ntpdate ntp-doc And ensure the service is enabled: systemctl enable ntpd Configure the relevent NTP server: interface ignore wildcard interface listen 127.0.0.1 interface listen ::1 server 0.centos.pool.ntp.org iburst server 1.centos.pool.ntp.org iburst server 2.centos.pool.ntp.org iburst server 3.centos.pool.ntp.org iburst And finally start the service: service ntpd st...

Read more

Setup a Windows server with NAGIOS Core

Setting up the windows agent for NAGIOS allows us to monitor components such as memory, cpu, services etc. that would otherwise not be possible. We should firstly ensure that the 'check_nt' plugin is installed: ls -l /usr/local/nagios/libexec | grep check_nt We have to do a few pre-requisites - firstly enabling the Windows object definitions: sudo vi /usr/local/nagios/etc/nagios.cfg and uncomment: #cfg_file=/usr/local/nagios/etc/objects/windows.cfg Download the latest NSClient++ client from: https://sourceforge.net/projects/nscplus/ Install...

Read more

Configuring a static / dynamic IP, default route and DNS on CentOS 7

We will firstly setup our interface - to do so we should issue (ifconfig is not included on the core edition): ip addr This will return all available interfaces - in our case we are interested in one called: eno858544 So in order to statically configure the interface we should create (or modify) it's script within networking-scripts directory: sudo vi /etc/sysconfig/network-scripts/ifcfg-eno858544 and add the following (for minimum config): TYPE=ethernet BOOTPROTO=static IPADDR=1.2.3.4 NETMASK=255.255.255.0 NM_CONTROLLED=no NAME=eno858544 DEVICE=eno858544...

Read more

Setting up PAT with IPTables on Debian

For this tutorial I will outline two common PAT configurations - the first one is where we have a host with a single NIC and will forward traffic from a specific / it's own local subnet: We should firstly ensure IP forwarding is turned on in the kernel: echo 1 > /proc/sys/net/ipv4/ip_forward Edit the sysctl.conf file: sudo vi /etc/sysctl.conf and add: net.ipv4.ip_forward = 1 For security we should also disable ICMP redirects by setting: net.ipv4.conf.eth0.send_redirects = 0 and then run the following to apply the changes: sudo sysctl...

Read more

Get effective group policy settings for a computer / user

I can think of numerous occasions where I have had to debug group policy issues with specific computers / users - this can be achieved several ways - but the two main ones are (that can be executed in a user context): rsop.msc and gpresult -h C:\results.ht...

Read more