Posts Tagged ‘centos’

Documentation Nagios installation procedures used on CentOS5.

0 Comments

May 14th, 2010 by Jgz

Ensure that you have the following installed:
httpd, gcc, glibc, glibc-common, gd, gd-devel

Create accounts and groups.
useradd -m nagios
passwd nagios
groupadd nagcmd
usermod -a -G nagcmd nagios
usermod -a -G nagcmd apache

Build nagios from the source.
cd /usr/local/src
Download nagios and nagios-plugins from http://www.nagios.org/download/ to /usr/local/src.
tar -zxvf nagios-3.0.5.tar.gz
cd nagios-3.0.5
./configure –with-command-group=nagcmd
make all 2>&1 | tee MAKEALL.log
make install 2>&1 | tee MAKEINSTALL.log
make install-init 2>&1 | tee MAKEINSTALLINIT.log
make install-config 2>&1 | tee MAKEINSTALLCONFIG.log
make install-commandmode 2>&1 | tee MAKEINSTALLCOMMANDMODE.log
cd /usr/local/nagios/etc/objects/
cp -rp contacts.cfg contacts.cfg.orig
vi contacts.cfg
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
cd /usr/local/src/nagios-3.0.5
make install-webconf 2>&1 | tee MAKEINSTALLWEBCONF.log
service httpd restart
cd ..
tar -zxvf nagios-plugins-1.4.13.tar.gz
cd nagios-plugins-1.4.13
./configure –with-nagios-user=nagios –with-nagios-group=nagios
make 2>&1 | tee MAKE.log
make install 2>&1 | tee MAKEINSTALL.log
chkconfig –add nagios
chkconfig nagios on

This is a great way to debug errors in your configuration files:
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

service nagios start

I created configuration files based the template.cfg provided in the distribution in the objects directory.
cd /usr/local/nagios/etc/objects/

You have to make changes to your nagios.cfg file based on any new configuration files you created above.
vi ../nagios.cfg

Check your configuration:
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

You have restart nagios whenever you make a change to the configuration files.
service nagios restart

Installed NSClient on a Windows 2003 server to monitor it in nagios.

http://files.nsclient.org/x-0.3.x/NSClient%2B%2B-Win32-0.3.5.msi

Edit nsc.ini. The file is pretty well documented.

The following is how I installed nrpe on a linux system to allow nagios to monitor it.
Install nrpe to allow nagios access to system status
cd /usr/local/src
wget http://internap.dl.sourceforge.net/sourceforge/nagios/nrpe-2.12.tar.gz
useradd nagios
passwd nagios
wget http://superb-east.dl.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.13.tar.gz
tar zxvf nagios-plugins-1.4.13.tar.gz
cd nagios-plugins-1.4.13
./configure 2>&1 | tee CONFIGURE.log
make 2>&1 | tee MAKE.log
make install 2>&1 | tee MAKEINSTALL.log
chown nagios.nagios /usr/local/nagios
chown -R nagios.nagios /usr/local/nagios/libexec/
cd ..
tar zxvf nrpe-2.12.tar.gz
cd nrpe-2.12
./configure 2>&1 | tee CONFIGURE.log
make all 2>&1 | tee MAKEALL.log
make install-plugin 2>&1 | tee MAKEPLUGIN.log
make install-daemon 2>&1 | tee MAKEDAEMON.log
make install-daemon-config 2>&1 | tee MAKEDAEMONCONFIG.log
make install-xinetd 2>&1 | tee MAKEXINETD.log
vi /etc/xinetd.d/nrpe

only_from = 127.0.0.1 192.168.0.3

vi /etc/services

nrpe 5666/tcp # NRPE

yum install xinetd
service xinetd start
netstat -at | grep nrpe

Verify nrpe is working:
/usr/local/nagios/libexec/check_nrpe -H localhost
/usr/local/nagios/libexec/check_nrpe -H localhost -c check_users
/usr/local/nagios/libexec/check_nrpe -H localhost -c check_load

Add customized commands to support the machine
vi /usr/local/nagios/etc/nrpe.cfg

# Customized for this machine
command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10
command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20
command[check_hda1]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hda1
command[check_hda2]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hda2
command[check_hdd1]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hdd1
command[check_hdd2]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hdd2
command[check_hdd5]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hdd5
command[check_zombie_procs]=/usr/local/nagios/libexec/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/local/nagios/libexec/check_procs -w 150 -c 200
command[check_mailq_timeout]=/usr/local/nagios/libexec/check_mailq -M postfix -w 5 -c 15
command[check_mailq]=/usr/local/nagios/libexec/check_mailq -w 10 -c 20
command[check_procs_named]=/usr/local/nagios/libexec/check_procs -C named -t 3 -w 1:1

Tags: , , , ,

Documentation Accessing Samba shares from Windows 7 client.

0 Comments

March 4th, 2010 by Jgz

I was getting the following messages in my samba logs when I would try to access a samba 3.0.33 share on CentOS 5.4 from a Windows 7 Enterprise client:

[2010/03/04 14:07:12, 0] lib/util_sock.c:read_data(534)
read_data: read failure for 4 bytes to client 172.18.31.155. Error = Connection reset by peer

I tried adding the following to my /etc/samba/smb.conf global configuration, but it did not seem to work.

client ntlmv2 auth = yes

I got the same kind of messages.

I ended up having to change the Windows 7 local security policy by modifying the “LAN Manager authentication level”, the “Minimum session security for NTLM SSP based (including secure RPC) clients”, and the “Minimum session security for NTLM SSP based (including secure RPC) servers” policies.

I used the following procedure:

Control Panel -> System and Security -> Administrative Tools -> Local Security Policy

From the Local Security Policy, I went into “Security Options” and then looked under the “Network security” policies.

From here, I set the new policies.

Network security: LAN Manager authentication level
Send LM & NTML responses

Network security: Minimum session security for NTLM SSP based (including secure RPC) clients
Uncheck “Require 128-bit encryption.”

Network security: Minimum session security for NTLM SSP based (including secure RPC) servers
Uncheck “Require 128-bit encryption.”

I am hoping to figure out the issue with samba not accepting ntlmv2 authentication, so I can set the client policies back to the default.

Tags: , , ,

Documentation Install 64 bit java plugin in linux.

0 Comments

January 28th, 2010 by Jgz

I used this method for installing the latest java plugin on a CentOS 5.4 system.

Download latest java (jre-6u18-linux-x64.bin) from java.com.
I installed all my java versions in /usr/java. This is where I save the bin file downloaded.
cd /usr/java
chmod 744 jre-6u18-linux-x64.bin
To install java:
./jre-6u18-linux-x64.bin

To install the plugin into your latest version of firefox:
cd /usr/lib64/firefox-3.0.16.
mkdir plugins #I had to create this directory.
ln -s /usr/java/jre1.6.0_18/lib/amd64/libnpjp2.so

Restart firefox.

Tags: , , ,

Documentation Compile Thunderbird 3.0 on CentOS 5.4 (64 bit) With Enigmail 1.0.0.

0 Comments

December 9th, 2009 by Jgz

I used the following procedures to install Thunderbird 3.0 with the Enigmail add-on to send encrypted email. I found myself needing to do this when I upgraded Thunderbird via yum from the CentOS repository. Instead of going back to the older version, I decided move ahead since I had also had trouble with the 64 bit version of Thunderbird when using the Enigmail add-on. Also, I liked the changes made from Thunderbird 2.0 to 3.0 that I saw in Fedora. Note: I found that I needed to remove the old Enigmail add-on before upgrading. Then after following the steps below, I installed the latest Enigmail add-on.

# yum –disablerepo=rpmforge install cvs zip gcc-c++ glib2-devel gtk2-devel fontconfig-devel libnotify-devel libIDL-devel alsa-lib-devel libXt-devel freetype-devel pkgconfig dbus-glib-devel curl-devel autoconf213 xorg-x11-proto-devel libX11-devel libXau-devel libXext-devel

The following was installed from the rpmforge repository.
# yum install mercurial
# cd /usr/local/src
# wget ftp://ftp.mozilla.org/pub/mozilla.org/thunderbird/releases/3.0/source/thunderbird-3.0.source.tar.bz2

# tar -xjvf thunderbird-3.0rc2.source.tar.bz2
# cd comm-1.9.1/
# vi .mozconfig

ac_add_options –prefix=/usr/local/thunderbird
ac_add_options –disable-tests
ac_add_options –disable-debug
ac_add_options –enable-crypto
ac_add_options –enable-optimize
ac_add_options –enable-static
ac_add_options –enable-static-mail
ac_add_options –enable-application=mail
mk_add_options MOZ_CO_PROJECT=mail

# make -f client.mk configure
# make -C mozilla tier_base
# make -C mozilla tier_nspr
# make -C mozilla tier_js
# make export
# make -C mozilla/modules/libreg
# make -C mozilla/xpcom/string
# make -C mozilla/xpcom
# make -C mozilla/xpcom/obsolete
# cd mailnews/extensions/
# wget http://www.mozilla-enigmail.org/download/source/enigmail-1.0.0.tar.gz
# tar -zxvf enigmail-1.0.0.tar.gz
# cd enigmail/
# ./makemake -r
# make
# cd /usr/local/src/comm-1.9.1
# make -f client.mk build
# gmake install

Tags: , , ,