Dealing with udev-197 and older virtual images at Rackspace

So udev-197 has been released as stable and in portage now. This requires a kernel config change, and if this is not in place, your server will be dead in the water. You will need to enable CONFIG_DEVTMPFS. Normally, this isn't a problem, just build a new kernel and go from there, but I have a few server images at Rackspace running Gentoo-10.1. With these older versions, updating the kernel is not that simple. If you're running Gentoo-12.3, you should be good, since Rackspace now offers kernel control with the new virtual images.

So I have Gentoo-10.1 running, which means I have the following kernel running: 2.6.35.4-rscloud. Pretty old, and everyone is pretty much using this with the 10.1 images. I wrote a procedure on how to get a new kernel so udev will be happy in this environment. Basically, it involves pv-grub, change to fstab and obviously a new kernel:

Duplicity and Rackspace Cloud Filess

I have a client that needs to do large backups off site. Originally we were managing that with a offsite Linux server and dirvish, but it's apparent that disk and bandwidth is going to be an ongoing issue. I wanted to look at other possibilities.

Dealing with corruption on drives - reiserfsck --rebuild-tree how to

It is really uncanny that I run across these problems during the holidays. On Dec. 24 one of my boxes was reporting a "read only filesystem" on the /var partition. My alerts didn't notify me since services were up, but mails weren't happening and mysql was reporting crashed tables.

The first time I was able to reboot it, but the second time, I wasn't so lucky. Here is the procedure in case I run across this next Christmas.

I wanted to unmount the partition so I could run fsck on it, but since it was crashed, I needed to force umount it..

mount -l /dev/hda8

I ran reiserfsck and it did report corruption, so I needed to run it with --rebuild-tree

reiserfsck --rebuild-tree /dev/hda8

Issues with dhcp-4.2.2 upgrade from dhcp-3.1.3_p1

I ran into a few issues restarting this service after upgrading. The first issue was related to the location of dhcpd.conf. For some reason (even though CHROOT is clearly defined), the start up script is still trying to locate dhcpd.conf in /etc/dhcpd.conf. I had to create a symlink from the jail to /etc/dhcpd.conf.

Can't open /etc/dhcpd.conf: No such file or directory

After getting past that error (which I know I'll want to correct down the road), I ran into the next one:

ddns-update-style ad_hoc no longer supported

For this problem, I simply commented out this config option. Not sure what the impact is yet. My goal was to get the service up and running.

The final error was a little unusual:

Error opening '/proc/net/dev' to list interfaces

Great deal on Dell PowerEdge T110 Server!

Currently at Dell you can pick up a Dell PowerEdge T110 Server with a 24" ViewSonic Monitor for ONLY $479!! Not bad if you're looking for a file server. I personally love picking up these Dell servers at these prices. They're great for file servers, test or production web servers, etc. They're quiet, powerful and easy to load Gentoo on.

Here are the specs for the server

Dell PowerEdge T110 Server with 24" ViewSonic Widescreen Black LCD Monitor
Intel Xeon X3430 Processor
2GB Memory
250GB Hard Drive
Free 3-5 Day Ground Shipping!

This is a limited time offer. So, if you're looking for something like this.. you're gonna have to jump on it!

Full details here.

How to get ImageMagick to work in chroot apache for Gentoo

I recently changed one of my web servers to use chroot apache. This particular web server also used ImageMagick for some of the sites there, so I needed to figure out how to get this to work.

I came across this script.. that sorta worked, but it was enough to get it started. I'll post my version of this bash script for getting ImageMagick to work at the end of the blog post. I wanted to point out some of the errors in case I need to reference these problems in the future again.

click here for more info

After I adjusted the script to use the proper awk column and executed it, I noticed that somethings did not get moved (ie: the actual binaries). I copied convert, composite and identify to their proper locations in the jail, but I started to have other problems.

Problem #1 in the logs:

agetty spamming logs at Rackspace Cloud Gentoo server

I recently started using Rackspace Cloud Server environment to spin up a new Gentoo server for myself. The Cloud Server is pretty cool, and I'm finally starting to adopt it. Rackspace offers Gentoo images, which is great.

After starting up the base image I was beginning the tedious process of updating world and getting some of the packages I was requiring. After getting world updated, I rebooted to ensure that everything was working okay. Everything was fine, but agetty was spamming the crap out of my /var/log/messages with the following:

Adding trusted cert to Postfix and Courier-Imap

So, again, I'm pretty much creating this blog post so in a year from now, when I need to renew, I'll have a procedure on how to do it. For the longest time I've been using self-signed certs for mail, but needed to finally get a trusted cert (GeoTrust cert) in the picture. I went with GeoCerts to purchase the cert (Quick SSL Basic). So the first step is to create a key and CSR.

cd /etc/postfix/ssl
openssl genrsa -out mail.comp.com.key 2048
openssl req -new -key mail.comp.com.key -out mail.comp.com.csr
cat mail.comp.com.csr

During the cert sign up it'll ask to paste the CSR. After verification, it will mail to the domain approver and you'll receive a cert bundle. This bundle is a collection of server cert, intermediate cert and trusted root cert. We will need to chain the cert (basically munge them together into a single .pem file).

vi mail.comp.com.pem

Add the following certs in order within the file

VFS: Cannot open root device "hda5" or unknown-block(0,0)

Here is another fun issue with linux that I had to deal with over the holidays. I figured since I was at my inlaws that I would do some updates on their various linux devices (firewalls mainly). I wanted to upgrade to 2.6.36-hardened-r6, but on reboot, I ran across a huge problem.

VFS: Cannot open root device "hda5" or unknown-block(0,0)
Please append a correct "root=" boot option; here are the available partitions:
Kernel Panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0)
Pid: 1, comm: swapper Not tainted 2.6.36-hardened-r6 #1
Call Trace:
[<c126107d>] ? printk+0xf/0x12
[<c1260f79>] panic+0x5a/0x14f
[<c1361c93>] mount_block_root+0x1ef/0x1ff
[<c1091eb5>] ? sys_mknod+0x13/0x15
[<c1361d10>] mount_root+0x6d/0x75
[<c1361e20>] prepare_namespace+0x108/0x12f
[<c1361472>] kernel_init+0x17a/0x18e
[<c13612f8>] ? kernel_init+0x0/0x18e
[<c1002f56>] kernel_thread_helper+0x6/0x10

Nightmares with udev updates

This weekend has been a weekend from hell with servers not coming up after reboot. This is all related to the somewhat recent udev update (udev-151-r4). During the emerge it will warn you if you have some incompatible config options:

* Found sources for kernel version:
*     2.6.28-hardened-r9
* Checking for suitable kernel configuration options...
*   CONFIG_SYSFS_DEPRECATED:    should not be set. But it is.
*   CONFIG_SYSFS_DEPRECATED_V2:         should not be set. But it is.
*   CONFIG_IDE:         should not be set. But it is.
* Please check to make sure these options are set correctly.
* Failure to do so may cause unexpected problems.

Syndicate content