Posts Tagged Server
Cannot delete a RAID swap partition during Ubuntu installation
Posted by MB in Uncategorized on October 25, 2013
During some tests of Ubuntu in a virtual machine, I ran across an issue I’ve seen before, but never been able to fix, until now.
If you have a RAID array that contains a swap partition, you will not be able to delete it in the Ubuntu installer. Here’s the situation:
A swap partition on a RAID-1 array
And if you try to delete the RAID array (“delete MD device”), here’s the error message:
Failed to delete the software raid device. There was an error deleting the software RAID device. It may be in use.
An educated guess at the problem would be that the swap is in use, and as such, not able to be deleted. You’re right, but it’s (almost) not that simple. But let’s hit CTRL-ALT-F2 to get a console open, and try to turn off swap:
swapoff -a
Yet it still won’t delete.
Okay, let’s try to force-stop the MD array. First, let’s find out for sure which MD devices there are. Doing this:
ls -l /dev/md
Shows this:
linux:0 -> ../md127
So we know the device is md127. Let’s try to force-stop it now:
mdadm --stop --force /dev/md127
Gives this message:
mdadm: Cannot get exclusive access to /dev/md127:Perhaps a running process, mounted filesystem or active volume group?
Well, what now?
The solution:
swapoff /dev/md127
Note: If you’re jumping back to the installer, don’t do an mdadm –stop /dev/md127. That’s going to confuse the installer. Just swapoff and then return to the installer and delete the software raid.
Amazon S3 s3cmd s3tools on Ubuntu Server
Posted by MB in Uncategorized on July 9, 2013
If you want tools for Ubuntu Server to automatically sync files to Amazon S3, here’s how to set it up using S3tools
First, add the Ubuntu repository and GPG key, as described here:
wget -O- -q http://s3tools.org/repo/deb-all/stable/s3tools.key | sudo apt-key add –
add the repository lines automatically to a sources.d list file:
sudo wget -O/etc/apt/sources.list.d/s3tools.list http://s3tools.org/repo/deb-all/stable/s3tools.list
get s3tools
sudo apt-get update && sudo apt-get install s3cmd
configure s3tools
s3cmd –configure
Supply your Access Key and Secret Key, and turn on optional encryption and HTTPS.
If you generated a new AWS Access Key just for s3tools (like I did), and the program reports the following…
ERROR: Test failed: 403 (InvalidAccessKeyId): The AWS Access Key Id you provided does not exist in our records.
… go here, login, and then try s3tools again.
the rest of the documentation is here.
PPTP Server on Ubuntu Server
Posted by MB in Uncategorized on July 1, 2013
Easy way to configure PPTP server on Ubuntu Server 12.04.
First, install PPTP server:
sudo apt-get install pptpd
Configuring the PPTPD server
Now, edit /etc/pptpd.conf
You need to edit localip= and remoteip= lines to match your network.
Ideally, you want to specify the local and remote IP address on your network but off your DHCP range.
Example: I’m using 10.0.1.x addresses on my lan, with subnet mask 255.255.255.0. I could easily use the following:
localip=10.0.2.1 remoteip=10.0.2.100-199
(Any IP ranges over MAX_CONNECTIONS (100) are ignored. )
Note that although 10.0.2.x is technically off my subnet mask, I can use it.
Next, edit /etc/ppp/chap-secrets
Specify username / password combinations in the form
username * password *
Edit /etc/ppp/pptpd-options and uncomment the ms-dns lines and add valid nameservers. Use your ISP’s nameservers, Google’s nameservers, OpenDNS nameservers, or whichever.
If you are running your pptpd server on a hosted VPS, also comment out the proxyarp directive.
Configuring the firewall:
Now, enter the following at the command line to set firewall rules to allow connections
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT iptables -A INPUT -i eth0 -p gre -j ACCEPT
If you are going to be routing all traffic through the VPN, also do the following few steps:
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
and edit the /etc/sysctl.conf file and uncomment (or add):
net.ipv4.ip_forward=1
Refresh sysctl by doing:
sysctl -p
Finally, restart the pptpd server
service pptpd restart
Installing VirtualBox headless and phpVirtualBox on Ubuntu Server
Posted by MB in Uncategorized on May 4, 2013
First things first, install dkms or VirtualBox will break with every kernel upgrade.
apt-get install dkms
Now, download the Linux alternate installer for your architecture from here (under “All distributions”). Transfer it to your Ubuntu Server as needed.
Run the installer:
/path/to/Virtualbox-file.run install
You should get the following output:
Verifying archive integrity... All good. Uncompressing VirtualBox for Linux installation............ VirtualBox Version 4.2.12 r84980 (2013-04-12T10:28:02Z) installer Installing VirtualBox to /opt/VirtualBox Python found: python, installing bindings... Building the VirtualBox kernel modules VirtualBox has been installed successfully. You will find useful information about using VirtualBox in the user manual /opt/VirtualBox/UserManual.pdf and in the user FAQ https://www.virtualbox.org/wiki/User_FAQ We hope that you enjoy using VirtualBox.
That’s done.
Now, download the extension pack from here, transferring it to your server as necessary. Install it with
VBoxManage extpack install /path/to/extpack
Now, to set up phpVirtualBox to manage VirtualBox.
Create a user call phpvirtualbox with a hard-to-guess password.
adduser vbox
(You may need to SSH into your host as the new user for their directory and settings to be created completely.)
Now, create and edit /etc/default/virtualbox with your favorite text editor, and paste in the following
VBOXWEB_USER=vbox
Start the virtualbox web service
/etc/init.d/vboxweb-service start
Have it autostart at boot
sudo update-rc.d -f vboxweb-service remove && sudo update-rc.d vboxweb-service defaults
Download the appropriate version of phpVirtualBox from here, transfer it to somewhere on your server, unzip it, and move it to a location under /var/www (such as ‘phpvirtualbox’) for web access. Chown it www-data:www-data recursively.
Rename config.php-example to config.php and edit it
Edit the following to match your phpvirtualbox username and password
/* Username / Password for system user that runs VirtualBox */ var $username = 'vbox'; var $password = 'pass';
Now browse to http://yourserver/phpvirtualbox
Default login is admin:admin
If you want the hard drive images stored somewhere other than /home/phpvirtualbox, click file > preferences and set it.
If you have problems with the remote not cursor not matching the local mouse cursor, do your best to install Guest Additions to the guest OS. This does correct it, even if you’re logging in via RDP.
Further reading:
Installing iSCSI Target on Ubuntu Server
Posted by MB in Uncategorized on May 3, 2013
To install iSCSI Target on Ubuntu Server 12.04 LTS, here’s the steps I followed:
sudo apt-get install iscsitarget
That will install the target server, but at the end of the installation, you will get this message:
Setting up iscsitarget (1.4.20.2-5ubuntu3.2) ... * iscsitarget not enabled in "/etc/default/iscsitarget", not starting...
edit /etc/default/iscsitarget and change it to read
ISCSITARGET_ENABLE=true
Now, try to start iscsitarget with:
service iscsitarget start
You get:
* Starting iSCSI enterprise target service
FATAL: Module iscsi_trgt not found.
[fail]
What needs to be done is to install iscsitarget-source and iscsitarget-dkms to build the missing module:
apt-get install iscsitarget-source iscsitarget-dkms
The packages install and the module is built automatically
service iscsitarget restart
gives the following result:
* Removing iSCSI enterprise target devices: [ OK ]
* Starting iSCSI enterprise target service [ OK ]
[ OK ]
I’m not going to cover configuration of iSCSI targets in this guide. Your comments are welcome below. Thank you!
Problems installing Authen::Libwrap on Ubuntu Server using webmin
Posted by MB in Uncategorized on April 24, 2013
So going to webmin > Perl Modules > Suggested Modules shows Authen::Libwrap as a suggested module, but using webmin to install it always fails.
Error: Function definition too short '/ * EOF * /' in Libwrap.xs, line 32
the following may help
apt-get install build-essential gcc libc6-dev libwrap0 libwrap0-dev sudo cpan ExtUtils::MakeMaker sudo cpan Authen::Libwrap
This was writted for Ubuntu Server 12.04.
Futher Reading:
- After update, webmin won’t start –Â http://www.virtualmin.com/node/17738
- Authen::Pam error in miniserv.error log –Â http://www.virtualmin.com/node/5691
- Probs installing Authen::Libwrap –Â http://ubuntuforums.org/showthread.php?t=1360782
Simple outbound email configuration for Ubuntu Server 12.04 using sSMTP
Posted by MB in Uncategorized on April 24, 2013
If all you really want from your Ubuntu Server is to be able to send you email if something goes wrong, or the occasional email to a trusted partner, friend, colleague, etc, then you want a simple solution. Although Postfix or sendmail, etc, will work in a satellite configuration, it’s still too heavy and over-the-top for this type of setup.
Enter sSMTP.
apt-get install ssmtp
Now open /etc/ssmtp/ssmtp.conf in your favorite text editor and, to get it working on an example gmail account, set it up like so:
root=youremail@gmail.com mailhub=smtp.gmail.com:587 AuthUser=username AuthPass=password UseTLS=YES UseSTARTTLS=YES AuthMethod=LOGIN
Save the file, and you’re done.
Example for Amazon SES users. Be sure the sending domain is verified or mail will get rejected.:
root=youremail@gmail.com # from SES SMTP settings mailhub=email-smtp.us-east-1.amazonaws.com:587 AuthUser=username AuthPass=password UseTLS=YES AuthMethod=LOGIN
Important: You’re leaving your Gmail account password in a plaintext file. Make sure you’re using strong passwords. Even better, use Google 2-factor authentication so you can use an application-specific password for sSMTP.
UPDATE: Lastly, update the permissions
chown root:mail /etc/ssmtp/ssmtp.conf chmod 640 /etc/ssmtp/ssmtp.conf
Unprivileged users who have a need to send mail using sendmail must be a member of the mail group, or they will receive the following error:
mail: Cannot open mailhub:25
This was written for Ubuntu Server 12.04 64-bit.
Further reading:
- sSMTP- Debian Wiki –Â http://wiki.debian.org/sSMTP
Installing UPS monitoring for a USB UPS on Ubuntu Server
Posted by MB in Uncategorized on April 24, 2013
This is for Ubuntu Server 12.04 64-bit.
Install the NUT software
sudo apt-get install nut
edit file /etc/nut/ups.conf
Scroll down to the example, uncommenting and configuring. Locate the correct driver to use from this page. (Most USB UPSes using the usbhid-ups driver, and port set to auto). Example:
[myups] driver = usbhid-ups port = auto
Note the tag used in the brackets, you will need this later.
edit file /etc/nut/upsd.users
Find the section entitled “Configuring for upsmon”, uncomment and configure, using the example given.
Next edit upsmon.conf and add the example MONITOR line provided in upsd.users, adjusted for your settings.
Lastly, edit nut.conf and set appropriately.
now, restart
service nut restart
If you get this error:
* Restarting Network UPS Tools [ OK ] Broadcast Message from nut@userver (somewhere) at 21:52 ... Communications with UPS myups@localhost lost Broadcast Message from nut@userver (somewhere) at 21:52 ... UPS myups@localhost is unavailable
Run the following commands as root:
udevadm control --reload-rule udevadm trigger upsdrvctl start
That’s it.
Enabling Apache SSL and installing own certificates
Posted by MB in Uncategorized on April 23, 2013
This is for Ubuntu Server 12.04 64-bit.
The easiest way to activate Apache’s SSL is:
a2enmod ssl a2ensite default-ssl service apache2 restart
That’s all for the setup, now for installing the certificates. I am using certificates from StartSSL, so your installation may be slightly different.
Copy the unencrpyted SSL private key to /etc/ssl/private, chown it www-data:www-data, chmod it 700.
Find the line containing SSLCertificateKeyFile, uncomment it, and change it to point to your private key file, like so:
SSLCertificateKeyFile /etc/ssl/private/(your private key file)
Copy your public key to /etc/ssl/certs.
Change the SSLCertificateFile line to point to your public certificate, like so:
SSLCertificateFile /etc/ssl/certs/(your certificate file)
Find the following line and uncomment it:
SSLCACertificatePath /etc/ssl/certs/
That’s it.
Installing AjaXplorer on Ubuntu Server
Posted by MB in Uncategorized on April 23, 2013
Instructions are here, reposted for my own convenience:
This is for Ubuntu Server 12.04 64-bit.
edit /etc/apt/sources.list and add to the bottom:
deb http://dl.ajaxplorer.info/repos/apt/ stable main deb-src http://dl.ajaxplorer.info/repos/apt/ stable main
Then, install the gpg key
wget -O - http://dl.ajaxplorer.info/repos/charles@ajaxplorer.info.gpg.key | sudo apt-key add -
Lastly:
sudo apt-get update sudo apt-get install ajaxplorer
A few more steps to get it working…
copy the sample config file over (and make it readable by the web server):
cp /usr/share/doc/ajaxplorer/apache2.sample.conf /etc/apache2/sites-enabled/ajaxplorer.conf chown www-data:www-data /etc/apache2/sites-enabled/ajaxplorer.conf
Restart apache…
service apache2 restart
…or…
/etc/init.d/apache2 restart
Make AjaXplorer redirect to HTTPS… (this is displayed during the initial page visit anyway)
edit /usr/share/ajaxplorer/conf/bootstrap_conf.php and uncomment the following line (or add it to the bottom)
define("AJXP_FORCE_SSL_REDIRECT", true);
If HTTPS doesn’t load, it’s probably because apache isn’t configured for SSL. That’s in the next section.
If you get a warning about Server charset encoding, uncomment this line in /usr/share/ajaxplorer/conf/bootstrap_conf.php
define("AJXP_LOCALE", "en_US.UTF-8");
Lastly, since I have /srv on a separate partition, I want ajaxplorer data stored there. By default it’s stored in /usr/share/ajaxplorer/data, which is actually a symlink to /var/lib/ajaxplorer/data.
mkdir /srv/ajaxplorer cp -r /var/lib/ajaxplorer/data/* /srv/ajaxplorer chown -R www-data:www-data /srv/ajaxplorer rm /usr/share/ajaxplorer/data ln -s /srv/ajaxplorer /usr/share/ajaxplorer/data
Warning: AjaXplorer will start acting odd if /srv isn’t mounted at boot time. Keep that in mind.
By default, PHP max file upload is 2M, and this setting will carry over to AjaXplorer. In order to increase it, you have to change it in three places. Â The AjaXplorer documentation says that this is set by php’s upload_max_filesize, but I’ve found that you also have to change php’s post_max_size to match. (/etc/php5/apache2/php.ini). After which, go into AjaXplorer settings repository, then Global Configurations > Core Configs > Common ‘uploader’ core configs. Expand Limitations, then set File Size to 0 to inherit the PHP setting. (Note: It won’t stay 0, it will auto-set to php’s setting. Keep this in mind if you want to change it later.)
More later…
