Stop Nagios going into /var/log/messages on CentOS 7

Posted in Operating Systems, Linux, Red Hat, Tips on Thursday, July 30, 2015 by

It seems that Nagios is logging in two places on my CentOS 7 build.
Once in /var/log/nagios/nagios.log and also in /var/log/messages.

Considering I like my builds nice and tidy and don’t want contamination of my log files, I needed to filter out Nagios using rsyslog.

Because rsyslog processes it’s rules in order, we need to insert the following rule

# Stop nagios going into messages - it already has a log
if $programname == 'nagios' then stop

before:

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none                /var/log/messages

Then restart rsyslogd!

OpenOffice opening downloaded documents read only

Posted in Operating Systems, Linux, Windows, Tips on Friday, June 19, 2015 by

If you are downloading and opening a lot of documents directly from Firefox. Firefox, by default will write them to disk with read only permission, causing OpenOffice to open them read only. This is annoying if you want to make minor modifications before copying and pasting into a report. The solutions is within Firefox. Go to “about:config” and set “browser.helperApps.deleteTempFileOnExit” to false.

Convert ESXi v6 VMDK to ESXi v5 VMDK

Posted in Tips, Hardware on Thursday, June 18, 2015 by

I recently tried to copy a VMDK from ESXi version 6.0 to another server which was version 5.0 It failed the first time due to the virtual hardware being version 11, which isn’t supported on ESXi 5.0.
The next thing I tried, was to copy a VMDK across, that got added to the new virtual machine with no problems but when I attempted to boot the VM I received the following error:

An unexpected error was received from the ESX host while powering on VM vm-622.
Module DevicePowerOn power on failed. 
Unable to create virtual SCSI device for scsi0:1, '/vmfs/volumes/54813a47-8d0eedcc-43c8-001e0bd161d0/yubikey/Yubi-0.vmdk' 
Failed to open disk scsi0:1: Unsupported or invalid disk type 7.  Ensure that the disk has been imported.

I knew that it would be a problem and the solution was a simple one. Having recently migrated 40 KVM based VM’s to ESX, I was quite familiar with vmkfstools. To make the VMDK bootable perform the following:

vmkfstools -d zeroedthick -i server.INPUT.vmdk server.OUTPUT.vmdk

Then attach server.OUTPUT.vmdk as the new virtual harddrive.

Retrieve Identikey RADIUS shared secrets

Posted in Operating Systems, Linux, Tips on Thursday, May 28, 2015 by

Recently I had the fun task of migrating our Vasco Identikey RADIUS to a Yubikey based RADIUS server. The only problem was with over 80 clients and 80 different shared secrets I didn’t want to log into 80 servers and retrieve the shared secret from the configuration files.

So to retrieve the shared secrets from the database perform the following on you identikey (linux) installation:

log onto identikey and ’su - root’

vds_chroot /opt/vasco/identikey /bin/bash
su - postgres
/usr/local/pgsql/bin/psql --username=digipass -d postgres 
\pset pager off
select vdslocation, vdspolicyid, vdsprotocolid, vdstcpport, vdssharedsecret from vdscomponent;

The secrets are obfuscated and I haven’t worked out the rest….yet….

Backup Windows Server with TrueCrypt / VeraCrypt

Posted in Operating Systems, Windows, Security, Tools, Tips, Encryption on Wednesday, May 27, 2015 by

TrueCrypt is considered dead these days, but back when it was trusted this is a script I wrote to backup Windows Server (2008 and above) with TrueCrypt. It uses a loopback VHD (loopback file/drive) on a removable USB harddrive that it RAW formatted with TrueCrypt. That TrueCrypt volume then contains a large VHD file to the size of your backup volume.

How to configure it:

  1. Save the bat file on your server
  2. Format a (USB?) drive as a RAW TrueCrypt volume
  3. Mount the TrueCrypt partition
  4. Create a VHD volume with the filename: z:Backups.vhd within the TrueCrypt volume
  5. Mount the VHD volume as Z Drive
  6. Configure Windows Server Backup to use the Z Drive as a backup destination
  7. Unmount the VHD Volume
  8. Unmount the TrueCrypt volume
  9. Create the directories: C:backupscripts

How to use it:
With the above completed:

  1. Configure a scheduled task to run 10 minutes before your nightly backup job to run the backup script (Mount-truecrypt.bat)
  2. Eg. If your backup is to run at 11pm, configure the script to run at 10:50pm.
  3. Then after your backup finishes execute another scheduled task to UNmount the VHD and TrueCrypt volume (UNmount-truecrypt.bat)

Your done!

P.S. I’m not actually sure if this works with VeraCrypt but I think they have the same command line flags…. :-P

:: Truecrypt backup script written by Campbell McKenzie - www.cammckenzie.com 

:: =================================
:: ==  START Mount-truecrypt.bat  ==
:: =================================

:: "Auto" mount the RAW TrueCrypt disk as drive Z: password 1234

eventcreate /L Application /T INFORMATION /SO Backup /ID 666 /D "Attempting to mount backup disks..."

CD C:\Program Files\TrueCrypt
TrueCrypt.exe /auto devices /q /lZ /p 1234
if '%errorlevel%' EQU '0' (
    eventcreate /L Application /T SUCCESS /SO Backup /ID 666 /D "RAW Disk mounted on Z:\ "
    goto MountVHD
) else ( goto ERROR-TC )

:MountVHD
:: Perform directory listing for Truecrypt Bugs
dir z:\ > nul
:: Create the scriptlet
cd C:\backup\scripts

echo sel vdisk file="Z:\Backups.vhd" >mount.diskpart
echo attach vdisk >> mount.diskpart
echo select partition 1 >> mount.diskpart
echo assign letter=X >> mount.diskpart

:: Run the cmdlet
diskpart /s mount.diskpart
if '%errorlevel%' EQU '0' (
    eventcreate /L Application /T SUCCESS /SO Backup /ID 666 /D "Loopback VHD Disk mounted on X:\ - Mount Completed"
    goto TidyUp
) else ( goto ERROR-DP )

:TidyUp 
del /q mount.diskpart
EXIT 0 

:ERROR-TC
eventcreate /L Application /T ERROR /SO Backup /ID 666 /D "TrueCrypt Mount Failed..."
EXIT 1

:ERROR-DP
eventcreate /L Application /T ERROR /SO Backup /ID 666 /D "Loopback VHD Disk mount Failed..."
EXIT 1

:: REF: http://nicj.net/mounting-vhds-in-windows-7-from-a-command-line-script/
:: ===============================
:: ==  END Mount-truecrypt.bat  ==
:: ===============================
:: ==================================
:: ==  START UNmount-truecrypt.bat ==
:: ==================================

:: UnmountVHD.cmd
eventcreate /L Application /T INFORMATION /SO Backup /ID 667 /D "Attempting to unmount backup disks..."

cd C:\backup\scripts

echo sel vdisk file="z:\Backups.vhd" >unmount.diskpart
echo detach vdisk >>unmount.diskpart
:: Run the cmdlet
diskpart /s unmount.diskpart
if '%errorlevel%' EQU '0' (
    eventcreate /L Application /T SUCCESS /SO Backup /ID 667 /D "Loopback VHD Disk unmounted successfully..."
    goto UnmountTrueCrypt
) else ( goto ERROR-DP )

:: Unmount the RAW disk
:UnmountTrueCrypt
"C:\Program Files\TrueCrypt\TrueCrypt.exe" /d /q /s
if '%errorlevel%' EQU '0' (
    eventcreate /L Application /T SUCCESS /SO Backup /667 /D "RAW Disk unmounted successfully - Unmount Completed"
    goto TidyUp
) else ( goto ERROR-TC )

:TidyUp 
del /q unmount.diskpart
EXIT 0

:ERROR-TC
eventcreate /L Application /T ERROR /SO Backup /ID 666 /D "TrueCrypt Unmount Failed..."
EXIT 1

:ERROR-DP
eventcreate /L Application /T ERROR /SO Backup /ID 666 /D "Loopback VHD Disk Unmount Failed..."
EXIT 1

:: ==================================
:: ==  END UNmount-truecrypt.bat ==
:: ==================================
Next Page »
« Previous Page