Category Archives: Linux

The solution to the error “md: kicking non-fresh sda1 from array”

There was once a case, one disk dropped out of the raid and when the server was loaded in the logs a message was displayed:

md: kicking non-fresh sda1 from array

Since the disk was not in the raid, the data on it was outdated.
First of all, we’ll check the disk for errors, for example, as I wrote in the article below, and try to determine why he was excluded from the raid.

In my case, the disk was completely working, so looking at the information about the raid:

cat /proc/mdstat
mdadm --detail /dev/md0

Returned it back to the raid:

mdadm /dev/md0 -a /dev/sda1

After some time, the data was synchronized to disk and the error did not appear any more.

See also:
Diagnostics HDD using smartmontools
mdadm – utility for managing software RAID arrays
How to fix the problem with mdadm disks

Installing and using jnettop

jnettop – a utility for viewing traffic statistics in real time, sorted by hosts / ports.

The installation command in Ubuntu/Debian:

sudo apt-get install jnettop

The installation command in CentOS:

sudo yum install jnettop

An example of a simple start:

sudo jnettop

An example of a start with a network interface:

sudo jnettop -i eth0

I’ll describe the possible startup options:
-h (help)
-v (view version)
-c (disable content filtering)
-d (write debugging information to a file)
-f (reading the configuration from the file, if not specified, then the file is searched for ~/.jnettop)
-i (to capture packets from the specified interface)
–local-aggr [none|host|port|host+port] (set local aggregation to the specified value)
–remote-aggr [none|host|port|host+port] (set remote aggregation to the specified value)
-n (do not resolving IP to DNS names)
-p (inclusion of promiscuous mode to receive all packets that come to the network interface)
-s (selects one of the rules defined in the .jnettop configuration file (by its name))
-x (allows you to specify a custom filter rule. this allows you to use the syntax of the tcpdump style. do not forget to include the filter in quotation marks when starting from the shell)

Email notification about each SSH connection

Here are a few ways to receive e-mail notifications about someone connecting to the server via SSH.

FIRST METHOD:
With a text editor, for example nano, open the file /etc/ssh/sshrc (in the nano editor CTRL+X to exit, y/n and Enter to save or discard changes):

sudo nano /etc/ssh/sshrc

And add the following code to it:

ip=`echo $SSH_CONNECTION | cut -d " " -f 1`
logger -t ssh-wrapper $USER login from $ip
(echo "Subject:login($ip) on server"; echo "User $USER just logged in from $ip";) | sendmail -f server@example.com -t your-email@example.com &

You do not need to restart SSH, the notifications should already come in when connecting.

SECOND METHOD:
Add the specified lines to the config /etc/rsyslog.conf (before each line commented the essence, this code will send messages about failed connections):

# Connect the messaging module
$ModLoad ommail
# Specify the address of the mail server
$ActionMailSMTPServer mail.domain.com
# Specify the email from which messages will be sent
$ActionMailFrom rsyslog@domain.com
# Specify the email to which messages will be sent
$ActionMailTo test@domain.com
# Specify the subject of the message
$template mailSubject,"SSH Invalid User %hostname%"
# Specify the content of the message
$template mailBody,"RSYSLOG\r\nmsg='%msg%'"
$ActionMailSubject mailSubject
# Specify in seconds how often messages can be sent
$ActionExecOnlyOnceEveryInterval 10
# If the log contains the characters in parentheses, then we send a message
if $msg contains 'Invalid user' then :ommail:;mailBody

The same way of sending via rsyslog, but notifications of successful connections are sent (code without comments as above):

$ActionMailSMTPServer mail.domain.com
$ActionMailFrom rsyslog@domain.com
$ActionMailTo test@domain.com
$template mailSubject,"SSH Accepted pass %hostname%"
$template mailBody,"RSYSLOG\r\nmsg='%msg%'"
$ActionMailSubject mailSubject
$ActionExecOnlyOnceEveryInterval 10
if $msg contains 'Accepted password' then :ommail:;mailBody

As a result, if the connection to the SSH server is successful or not successful, messages will be sent to the e-mail. In a similar way, you can announce to email and other events that are logged via rsyslog.

Asterisk warning “leave_voicemail: No more messages possible”

I noticed the following error on one of the servers:

WARNING[21992][C-00000b27]: app_voicemail.c:6559 leave_voicemail: No more messages possible

It turned out that the mailbox was full of voice messages and they ceased to exist, in response the caller was informed “The subscriber’s voice box is full”.

To solve this problem there are several options:

1) Delete the messages in the voice mailbox by calling the voice mail number.

2) Increase the value of maxmsg in the voicemail.conf file, thereby increasing the maximum number of messages in the mailbox, but again it may be full. After the changes in the voicemail.conf file, you need to apply them:

sudo asterisk -rvv
voicemail reload
quit

3) In the context of the voice mailbox, add delete=yes, for example:

[voicemailcontext]
207 => 1111,Username,test@example.com,,attach=yes|tz=ua|delete=yes

In this case, voice messages will be sent to e-mail, and they will be immediately deleted from the server, that is, they can not be listened to by calling to the voice mail number and accordingly the mailbox will never be full. I consider this option the best.

See also:
Setting up voicemail in Asterisk

IPTables rules for FTP server

To open access to the FTP server in IPTables, you need to add rules:

sudo iptables -A INPUT -p tcp --dport 21 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --sport 20 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 1024:1030 -j ACCEPT

To only allow access to a particular network, for example 192.168.1.0/24:

sudo iptables -A INPUT -s 192.168.1.0/24 -p tcp --dport 21 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --sport 20 -j ACCEPT
sudo iptables -A INPUT -s 192.168.1.0/24 -p tcp --dport 1024:1030 -j ACCEPT

To remove a rule, we’ll specify the same command, replacing -A with -D, for example:

sudo iptables -D INPUT -p tcp --dport 21 -j ACCEPT
sudo iptables -D OUTPUT -p tcp --sport 20 -j ACCEPT
sudo iptables -D INPUT -p tcp --dport 1024:1030 -j ACCEPT

To view the list of rules, use the command:

sudo iptables -nvL

1024-1030 – example ports for passive mode are specified in the FTP server configuration, for example for ProFTPd are specified in the /etc/proftpd/proftpd.conf file as follows:

PassivePorts 1024 1030

See also my articles:
Configuring IPTables
Active and passive FTP mode
Installing and Configuring Pure-FTPd in Ubuntu
Installing and Configuring ProFTPd in Ubuntu

How to format UDF Volume in Ubuntu

I recently wanted to format the USB flash drive in the Ubuntu operating system, but since it was in UDF format, formatting was refused and many programs did not see it as a flash drive.

To begin with, let’s look at the discs:

sudo fdisk -lu

Then the solution was to execute the following command:

sudo shred -vzn 0 /dev/sdc

After that, the flash drive can be formatted by any program.

Install and configure lm-sensors

Run the command to install the utility in Ubuntu / Debian:

sudo apt-get install lm-sensors sensord

We introduce the sensor detection command:

sudo sensors-detect

Information about detected sensors will be recorded in the file /etc/modules

Let’s review the sensor data:

sensors

I’ll describe some of the start keys sensors:
-c, –config-file (specifying the configuration file)
-h, –help (display help)
-s, –set (execution of `set ‘messages (only from root)
-f, –fahrenheit (temperature display in fahrenheit)
-A, –no-adapter (do not show the adapter for each chip)
–bus-list (generating bus messages for sensors.conf
-u (raw conclusion)
-v, –version (display version of the program)