Posts Tagged Server
During some tests of Ubuntu in a virtual machine, I ran across an issue I’ve seen before, but never been able to fix, until now.
If you have a RAID array that contains a swap partition, you will not be able to delete it in the Ubuntu installer. Here’s the situation:
And if you try to delete the RAID array (“delete MD device”), here’s the error message:
An educated guess at the problem would be that the swap is in use, and as such, not able to be deleted. You’re right, but it’s (almost) not that simple. But let’s hit CTRL-ALT-F2 to get a console open, and try to turn off swap:
Yet it still won’t delete.
Okay, let’s try to force-stop the MD array. First, let’s find out for sure which MD devices there are. Doing this:
ls -l /dev/md
linux:0 -> ../md127
So we know the device is md127. Let’s try to force-stop it now:
mdadm --stop --force /dev/md127
Gives this message:
mdadm: Cannot get exclusive access to /dev/md127:Perhaps a running process, mounted filesystem or active volume group?
Well, what now?
Note: If you’re jumping back to the installer, don’t do an mdadm –stop /dev/md127. That’s going to confuse the installer. Just swapoff and then return to the installer and delete the software raid.
If you want tools for Ubuntu Server to automatically sync files to Amazon S3, here’s how to set it up using S3tools
First, add the Ubuntu repository and GPG key, as described here:
wget -O- -q http://s3tools.org/repo/deb-all/stable/s3tools.key | sudo apt-key add –
add the repository lines automatically to a sources.d list file:
sudo wget -O/etc/apt/sources.list.d/s3tools.list http://s3tools.org/repo/deb-all/stable/s3tools.list
sudo apt-get update && sudo apt-get install s3cmd
Supply your Access Key and Secret Key, and turn on optional encryption and HTTPS.
If you generated a new AWS Access Key just for s3tools (like I did), and the program reports the following…
ERROR: Test failed: 403 (InvalidAccessKeyId): The AWS Access Key Id you provided does not exist in our records.
… go here, login, and then try s3tools again.
the rest of the documentation is here.
Easy way to configure PPTP server on Ubuntu Server 12.04.
First, install PPTP server:
sudo apt-get install pptpd
Configuring the PPTPD server
You need to edit
remoteip= lines to match your network.
Ideally, you want to specify the local and remote IP address on your network but off your DHCP range.
Example: I’m using 10.0.1.x addresses on my lan, with subnet mask 255.255.255.0. I could easily use the following:
(Any IP ranges over MAX_CONNECTIONS (100) are ignored. )
Note that although 10.0.2.x is technically off my subnet mask, I can use it.
Specify username / password combinations in the form
username * password *
Edit /etc/ppp/pptpd-options and uncomment the ms-dns lines and add valid nameservers. Use your ISP’s nameservers, Google’s nameservers, OpenDNS nameservers, or whichever.
If you are running your pptpd server on a hosted VPS, also comment out the proxyarp directive.
Configuring the firewall:
Now, enter the following at the command line to set firewall rules to allow connections
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT iptables -A INPUT -i eth0 -p gre -j ACCEPT
If you are going to be routing all traffic through the VPN, also do the following few steps:
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
and edit the /etc/sysctl.conf file and uncomment (or add):
Refresh sysctl by doing:
Finally, restart the pptpd server
service pptpd restart
First things first, install
dkms or VirtualBox will break with every kernel upgrade.
apt-get install dkms
Now, download the Linux alternate installer for your architecture from here (under “All distributions”). Transfer it to your Ubuntu Server as needed.
Run the installer:
You should get the following output:
Verifying archive integrity... All good. Uncompressing VirtualBox for Linux installation............ VirtualBox Version 4.2.12 r84980 (2013-04-12T10:28:02Z) installer Installing VirtualBox to /opt/VirtualBox Python found: python, installing bindings... Building the VirtualBox kernel modules VirtualBox has been installed successfully. You will find useful information about using VirtualBox in the user manual /opt/VirtualBox/UserManual.pdf and in the user FAQ https://www.virtualbox.org/wiki/User_FAQ We hope that you enjoy using VirtualBox.
Now, download the extension pack from here, transferring it to your server as necessary. Install it with
VBoxManage extpack install /path/to/extpack
Now, to set up phpVirtualBox to manage VirtualBox.
Create a user call phpvirtualbox with a hard-to-guess password.
(You may need to SSH into your host as the new user for their directory and settings to be created completely.)
Now, create and edit
/etc/default/virtualbox with your favorite text editor, and paste in the following
Start the virtualbox web service
Have it autostart at boot
sudo update-rc.d -f vboxweb-service remove && sudo update-rc.d vboxweb-service defaults
Download the appropriate version of phpVirtualBox from here, transfer it to somewhere on your server, unzip it, and move it to a location under /var/www (such as ‘phpvirtualbox’) for web access. Chown it www-data:www-data recursively.
Rename config.php-example to config.php and edit it
Edit the following to match your phpvirtualbox username and password
/* Username / Password for system user that runs VirtualBox */ var $username = 'vbox'; var $password = 'pass';
Now browse to http://yourserver/phpvirtualbox
Default login is admin:admin
If you want the hard drive images stored somewhere other than /home/phpvirtualbox, click file > preferences and set it.
If you have problems with the remote not cursor not matching the local mouse cursor, do your best to install Guest Additions to the guest OS. This does correct it, even if you’re logging in via RDP.
To install iSCSI Target on Ubuntu Server 12.04 LTS, here’s the steps I followed:
sudo apt-get install iscsitarget
That will install the target server, but at the end of the installation, you will get this message:
Setting up iscsitarget (18.104.22.168-5ubuntu3.2) ... * iscsitarget not enabled in "/etc/default/iscsitarget", not starting...
/etc/default/iscsitarget and change it to read
Now, try to start iscsitarget with:
service iscsitarget start
* Starting iSCSI enterprise target service FATAL: Module iscsi_trgt not found. [fail]
What needs to be done is to install iscsitarget-source and iscsitarget-dkms to build the missing module:
apt-get install iscsitarget-source iscsitarget-dkms
The packages install and the module is built automatically
service iscsitarget restart
gives the following result:
* Removing iSCSI enterprise target devices: [ OK ] * Starting iSCSI enterprise target service [ OK ] [ OK ]
I’m not going to cover configuration of iSCSI targets in this guide. Your comments are welcome below. Thank you!
So going to webmin > Perl Modules > Suggested Modules shows Authen::Libwrap as a suggested module, but using webmin to install it always fails.
Error: Function definition too short '/ * EOF * /' in Libwrap.xs, line 32
the following may help
apt-get install build-essential gcc libc6-dev libwrap0 libwrap0-dev sudo cpan ExtUtils::MakeMaker sudo cpan Authen::Libwrap
This was writted for Ubuntu Server 12.04.
If all you really want from your Ubuntu Server is to be able to send you email if something goes wrong, or the occasional email to a trusted partner, friend, colleague, etc, then you want a simple solution. Although Postfix or sendmail, etc, will work in a satellite configuration, it’s still too heavy and over-the-top for this type of setup.
apt-get install ssmtp
/etc/ssmtp/ssmtp.conf in your favorite text editor and, to get it working on an example gmail account, set it up like so:
firstname.lastname@example.org mailhub=smtp.gmail.com:587 AuthUser=username AuthPass=password UseTLS=YES UseSTARTTLS=YES AuthMethod=LOGIN
Save the file, and you’re done.
Example for Amazon SES users. Be sure the sending domain is verified or mail will get rejected.:
email@example.com # from SES SMTP settings mailhub=email-smtp.us-east-1.amazonaws.com:587 AuthUser=username AuthPass=password UseTLS=YES AuthMethod=LOGIN
Important: You’re leaving your Gmail account password in a plaintext file. Make sure you’re using strong passwords. Even better, use Google 2-factor authentication so you can use an application-specific password for sSMTP.
UPDATE: Lastly, update the permissions
chown root:mail /etc/ssmtp/ssmtp.conf chmod 640 /etc/ssmtp/ssmtp.conf
Unprivileged users who have a need to send mail using sendmail must be a member of the mail group, or they will receive the following error:
mail: Cannot open mailhub:25
This was written for Ubuntu Server 12.04 64-bit.
- sSMTP- Debian Wiki – http://wiki.debian.org/sSMTP
This is for Ubuntu Server 12.04 64-bit.
Install the NUT software
sudo apt-get install nut
edit file /etc/nut/ups.conf
Scroll down to the example, uncommenting and configuring. Locate the correct driver to use from this page. (Most USB UPSes using the usbhid-ups driver, and port set to auto). Example:
[myups] driver = usbhid-ups port = auto
Note the tag used in the brackets, you will need this later.
edit file /etc/nut/upsd.users
Find the section entitled “Configuring for upsmon”, uncomment and configure, using the example given.
Next edit upsmon.conf and add the example MONITOR line provided in upsd.users, adjusted for your settings.
Lastly, edit nut.conf and set appropriately.
service nut restart
If you get this error:
* Restarting Network UPS Tools [ OK ] Broadcast Message from nut@userver (somewhere) at 21:52 ... Communications with UPS myups@localhost lost Broadcast Message from nut@userver (somewhere) at 21:52 ... UPS myups@localhost is unavailable
Run the following commands as root:
udevadm control --reload-rule udevadm trigger upsdrvctl start
This is for Ubuntu Server 12.04 64-bit.
The easiest way to activate Apache’s SSL is:
a2enmod ssl a2ensite default-ssl service apache2 restart
That’s all for the setup, now for installing the certificates. I am using certificates from StartSSL, so your installation may be slightly different.
Copy the unencrpyted SSL private key to /etc/ssl/private, chown it www-data:www-data, chmod it 700.
Find the line containing
SSLCertificateKeyFile, uncomment it, and change it to point to your private key file, like so:
SSLCertificateKeyFile /etc/ssl/private/(your private key file)
Copy your public key to /etc/ssl/certs.
Change the SSLCertificateFile line to point to your public certificate, like so:
SSLCertificateFile /etc/ssl/certs/(your certificate file)
Find the following line and uncomment it:
Instructions are here, reposted for my own convenience:
This is for Ubuntu Server 12.04 64-bit.
edit /etc/apt/sources.list and add to the bottom:
deb http://dl.ajaxplorer.info/repos/apt/ stable main deb-src http://dl.ajaxplorer.info/repos/apt/ stable main
Then, install the gpg key
wget -O - http://firstname.lastname@example.org | sudo apt-key add -
sudo apt-get update sudo apt-get install ajaxplorer
A few more steps to get it working…
copy the sample config file over (and make it readable by the web server):
cp /usr/share/doc/ajaxplorer/apache2.sample.conf /etc/apache2/sites-enabled/ajaxplorer.conf chown www-data:www-data /etc/apache2/sites-enabled/ajaxplorer.conf
service apache2 restart
Make AjaXplorer redirect to HTTPS… (this is displayed during the initial page visit anyway)
edit /usr/share/ajaxplorer/conf/bootstrap_conf.php and uncomment the following line (or add it to the bottom)
If HTTPS doesn’t load, it’s probably because apache isn’t configured for SSL. That’s in the next section.
If you get a warning about Server charset encoding, uncomment this line in /usr/share/ajaxplorer/conf/bootstrap_conf.php
Lastly, since I have /srv on a separate partition, I want ajaxplorer data stored there. By default it’s stored in /usr/share/ajaxplorer/data, which is actually a symlink to /var/lib/ajaxplorer/data.
mkdir /srv/ajaxplorer cp -r /var/lib/ajaxplorer/data/* /srv/ajaxplorer chown -R www-data:www-data /srv/ajaxplorer rm /usr/share/ajaxplorer/data ln -s /srv/ajaxplorer /usr/share/ajaxplorer/data
Warning: AjaXplorer will start acting odd if /srv isn’t mounted at boot time. Keep that in mind.
By default, PHP max file upload is 2M, and this setting will carry over to AjaXplorer. In order to increase it, you have to change it in three places. Thesays that this is set by php’s upload_max_filesize, but I’ve found that you also have to change php’s post_max_size to match. (/etc/php5/apache2/php.ini). After which, go into AjaXplorer settings repository, then Global Configurations > Core Configs > Common ‘uploader’ core configs. Expand Limitations, then set File Size to 0 to inherit the PHP setting. (Note: It won’t stay 0, it will auto-set to php’s setting. Keep this in mind if you want to change it later.)