How to configure Nagios to send sms to your mobile

Nagios is an open source host, service and network monitoring program. The official homepage is http://nagios.org/, and i use it with cacti to monitor my network.
Nagios sends you an alert via email, sms when a service is down, the sms solution is very usefull when your smtp server is unreachable.
You can drive a GSM mobile by your favorite operating system. With an usb data cable connect it to your monitoring server.
On debian there are a too packages for communicating with mobile phones (gnokii and gsm-utils), at first we’ll use gsm-utils you can get it like:
$ sudo apt-get install gsm-utils
Verify first that your GSM is connected to your server
$ sudo ls -al /dev/ttyUSB*
You can now test it by sending a sms to your mobile number +3299999999.
$ sudo gsmsendsms -d /dev/ttyUSB0 +3299999999 “Nagios – Test SMS OK”
If the test is OK, that mean you will be able to configure nagios to send sms to your phone.
Add a pager to your contact info in /etc/nagios3/conf.d/contacts_nagios2.cfg and set up sms notification mode like:

define contact{
contact_name mezgani
alias Ali MEZGANI
service_notification_period 24×7
host_notification_period 24×7
service_notification_options w,u,c,r
host_notification_options d,u,r
service_notification_commands notify-service-by-email,notify-service-by-sms
host_notification_commands notify-host-by-email,notify-host-by-sms
email mezgani@secufox.org
pager +329999999999
}

Now you have to define a command, which talks to our sms-notification-software,
so add these lines to your /etc/nagios3/commands.cfg

define command{
command_name notify-service-by-sms
command_line /usr/bin/gsmsendsms -d /dev/ttyUSB0 $CONTACTPAGER$ “Nagios – $NOTIFICATIONTYPE$ : $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ ($OUTPUT$)”
}

define command{
command_name notify-host-by-sms
command_line /usr/bin/gsmsendsms -d /dev/ttyUSB0 $CONTACTPAGER$ “Nagios – $NOTIFICATIONTYPE$ : Host $HOSTALIAS$ is $HOSTSTATE$ ($OUTPUT$)”
}

At this point, you’ve done.
For gnokii users, you can also get it by aptitude as:
$ sudo aptitude install gnokii

Send you a sms test by:
$ echo “Hello world!” | gnokii –sendsms +329999999999 -r

Later, add these lines to your /etc/nagios3/commands.cfg

define command {
command_name notify-service-by-sms
command_line /usr/bin/printf “%.120s” “Nagios – $NOTIFICATIONTYPE$ : $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ ($OUTPUT$)” | /usr/local/bin/gnokii –sendsms $CONTACTPAGER$ -r
}

define command {
command_name notify-host-by-sms
command_line /usr/bin/printf “%.120s” “Nagios – $NOTIFICATIONTYPE$ : Host $HOSTALIAS$ is $HOSTSTATE$ ($OUTPUT$)” | /usr/local/bin/gnokii –sendsms $CONTACTPAGER$ -r
}

Well, i can not get a dedicated GSM for my monitoring server right now, in my country there are some providers that purpose some sms services like sending free sms via web to mobile for example meditel.
in the suite we will focus on how to configure nagios to send sms to meditel mobile via a python script.
If your operators is meditel, get meditelsms package :
$ git clone git://github.com/mezgani/meditelsms.git.
and now add this following lines to your commands.cfg, change the path of your script in our example i used /home/mezgani/script/sms.py

define command{
command_name notify-host-by-sms
command_line /usr/bin/printf “%.120s” “Nagios – $NOTIFICATIONTYPE$ : Host $HOSTALIAS$ is $HOSTSTATE$ ($OUTPUT$)” |/usr/bin/python /home/mezgani/script/sms.py $CONTACTPAGER$
}

define command{
command_name notify-service-by-sms
command_line /usr/bin/printf “%.120s” “Nagios – $NOTIFICATIONTYPE$ : $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ ($OUTPUT$)” |/usr/bin/python /home/mezgani/script/sms.py $CONTACTPAGER$
}

Recover Deleted Files With Scalpel

Scalpel is a fast file carver that reads a database of header and footer definitions and extracts matching files from a set of image files or raw device files. Scalpel is filesystem-independent and will carve files from FATx, NTFS, ext2/3, or raw partitions. It is useful for both digital forensics investigation and file recovery.
This article explain how to use scalpel to recover deleted files.
on a debian or ubuntu install scalpel.
$ sudo aptitude install scalpel
In the config file scalpel.conf you have to define some file types that scalpel will search, in our example we will check for pdf files, so we uncomment these lines:
$ sudo vi /etc/scalpel/scalpel.conf
[...]
pdf y 5000000 %PDF %EOF\x0d REVERSE
pdf y 5000000 %PDF %EOF\x0a REVERSE
[...]
First of all make sure that the output directory does not exist, so to recover data from the sda1 partition, we can use scalpel as following:
$ sudo scalpel /dev/sda1 -o output
And the result is stored into the output directory with a full audit file.

Linux boot process

This article explain the process of booting linux.
The first thing a computer does on start-up is initialize the processor
registers by the central unit after that it runs the contenent stored in flash
memory (ROM) at a specific address, by this way it load the bios (basic input/ouput
system) into memory and do a primer test (POST – Power On Self Test).
This way several devices are tested, including the processor, memory, graphics card and the keyboard.
Here is tested the boot medium (hard disk, floppy unit, CD-ROMs).
After the POST is complete, it is flushed from memory, but the BIOS runtime services remain and are available to the target operating system.
the loader from a ROM loads the boot sector, which in turn loads the operating system from the active partition.
The boot blocks is always at the same place: track 0, cylinder 0, head 0 of the device from which we’re booting.
This block contains a program called loader, which in Linux’s case is LiLo (Linux Loader), or Grub (GNU Grub Unified Boot Loader),
which actually boots the operating system.

When a boot device is found, the first-stage (Master Boot Record) boot loader is loaded into RAM
and executed. This boot loader is less than 512 bytes in length (a single
sector), and its job is to load the second-stage boot loader (Lilo, Grub..).

To see the contents of you MBR, copy the 512 first bytes of your device to
mbr.bin, and you can also see the hexa and ascii contents.

$ dd if=/dev/hda of=mbr.bin bs=512 count 1
$ od -xa mbr.bin
$ file mbr.bin

We will explain step by step the job of the boot loader :

1. When the second-stage boot loader is in RAM and executing, a splash screen is
commonly displayed, and Linux and an optional initial RAM disk (temporary root
file system) initramfs and kernel are loaded into memory. When the images are loaded, the
second-stage boot loader passes control to the kernel image and the kernel.

2. The Linux kernel is compressed, and contains a small bit, which will decompress it.
Immediately after the first step begins the decompression and the loading of the kernel.
a long list of initialization functions are called to set up interrupts,
perform further memory configuration.

3. This initrd serves as a temporary root file system in RAM and allows the
kernel to fully boot without having to mount any physical disks. Since the
necessary modules needed to interface with peripherals can be part of the
initrd, the kernel can be very small, but still support a large number of
possible hardware configurations. After the kernel is booted, the root file
system is pivoted (via pivot_root) where the initrd root file system is
unmounted and the real root file system is mounted.

4. If the kernel detects that your graphics card supports more complex text modes,
Linux allows the usage of them – this can be specified or during the recompilation of the kernel,
or right inside the boot loader, or other program, like rdev.

5. The kernel verifies hardware configuration (floppy drive, hard disk, network adapters, etc)
and configures the drivers for the system.
During this operation, several informative messages are shown to the user.

6. The kernel tries to mount the file system and the system files.
The location of system files is configurable during recompilation, or with other programs – LiLo and rdev.
The file system type is automatically detected. The most used file systems on Linux are ext2 and ext3.
If the mount fails, a so-called kernel panic will occur, and the system will “freeze”.
System files are usually mounted in read-only mode, to permit a verification of them during the mount.
This verification isn’t indicated if the files were mounted in read-write mode.

7. After these steps, the kernel will start init, which will become process number 1, and will start the rest of the
of the system.

The init process

1. It’s Linux’s first process, and parent of all the other processes.
This process is the first running process on any Linux/UNIX system, and is started directly by the kernel.
It is what loads the rest of the system, and always has a PID of 1.

The initialization files in /etc/inittab

2. First time the initialization process (init) examines the file /etc/inittab
to determine what processes have to be launched after.
This file provides init information on runlevels, and on what process should be launched on each runlevel.
After that, init looks up the first line with a sysinit (system initialization)
action and executes the specified command file, in this case /etc/init.d/rcS.
After the execution of the scripts in /etc/init.d/rcS, init starts to launch the processes associated with the initial runlevel.
The most used action in /etc/inittab is wait, which means init executes the command file for a specified runlevel,
and then waits until that level is terminated.

The files in /etc/init.d/rcS

3. The commands defined in /etc/inittab are executed only once, by the init process,
every time when the operating system boots. Usually these scripts are running as a succession of commands,
and usually realise the following:

3.1. Determine whether the system takes part of a network, depending on the content of /etc/sysconfig/network
3.2. Mount /proc, the file system used in Linux to determine the state of the diverse processes.
3.3. Set the system time in fuction to the BIOS settings, as well as realises other settings
(setting of time zone, etc), stabilized and configured during the installation of the system.
3.4. Enables virtual memory, activating and mounting the swap partition, specified in /etc/fstab (File System Table)
3.5. Sets the host name for the network and system wide authentication,
like NIS (Network Information Service), NIS+ (an improved version of NIS), and so on.
3.6. Verifies the root fily system, and if no problems, mounts it.
3.7. Verifies the other file systems specified in /etc/fstab.
3.8. Identifies, if case of, special routines used by the operating system to recognize installed hardware
to configure Plug’n'Play devices, and to activate other prime devices, like the sound card, for example.
3.9. Verifies the state of special disk devices, like RAID (Redundant Array of Inexpensive Disks)
3.10. Mounts all the specified file systems in /etc/fstab.
3.11. Executes other system-specific tasks.

The /etc/rc.d directory

The directory /etc/rc.d/init.d contains all the commands which start or stop services
which are associated with all the execution levels.
All the files in /etc/rc.d/init.d have a short name which describes the services to which they’re associated.
For example, /etc/rc.d/init.d/amd starts and stops the auto mount daemon, which mounts the NFS host and devices anytime when needed.

The login process

After the init process executes all the commands, files and scripts, the last few processes are the /sbin/mingetty ones,
which shows the banner and log-in message of the distribution you have installed. The system is loaded and prepared so the user could log in.

The next few lines in /etc/inittab are specific to the different execution (run-) levels. Every line runs as a single script (/etc/rc.d/rc), which has a number from 1 to 6 as argument to specify the runlevel.
The most used action in /etc/inittab is wait, which means init executes the command file for a specified runlevel, and then waits until that level is terminated.

References:

http://www.ibm.com/developerworks/linux/library/l-linuxboot/

http://www.debianadmin.com/the-lniux-boot-process-explained.html

http://duartes.org/gustavo/blog/post/how-computers-boot-up

http://www.pixelbeat.org/docs/disk/

Qemu processor, howto create virtual machine with qemu

In the need to make a virtual machine, like what we see with vmware.
there are a magic tool named qemu, it ‘s a free processor emulator created by
Fabrice Bellar.
well, to setup a new machine you have to prepare a partition image named linux.img,
in this example with 1024MB.

$ qemu-img create -f qcow linux.img 1G
place your distribution cd on your media and type :
$ qemu -boot d -cdrom /dev/cdrom -hda linux.img
After completing the system operating installation you can boot from the hard disk image.
$ qemu -hda linux.img -boot c

The example above don’t setup the network.
So, we can do it as following

$ qemu -hda linux.img -net nic -net tap -boot c

create a bash script with this contenent and make it executable.

#!/usr/bin/sudo -s
set -e
tunctl -u username -t tap0
ifconfig tap0 172.20.0.1 up

export LAN=tap0
export WAN=eth0
iptables -A FORWARD -i ${LAN} -s 172.20.0.0/255.255.255.0 -j ACCEPT
iptables -A FORWARD -i ${WAN} -d 172.20.0.0/255.255.255.0 -j ACCEPT
iptables -t nat -A POSTROUTING -o ${WAN} -j MASQUERADE

echo 1 > /proc/sys/net/ipv4/ip_forward
for f in /proc/sys/net/ipv4/conf/*/rp_filter ; do echo 1 > $f ; done

run it and enjoy !

Using pycallgraph

Surffing the net i discover a nice tool to create call graph for python programs, it’s pycallgraph.

You can get it using aptitude:

$ sudo aptitude install python-pycallgraph

Let start by the simple example:

class myclass:
def __init__(self, name, color):
self.color=color
self.name=name

def affiche(self):
print(“my name is %s and my color is %s”) % (self.name,self.color)

if __name__==”__main__”:
b=myclass(“banana”,”yellow”)
b.affiche()

And now create a script file named myclass.py with this contenent.
So, we can trace calls for myclass.py as:
$ pycallgraph myclass.py
and the result is so splendid.

Enabling DMA

The DMA (Direct memory access), is computer feature that allows hardware subsystems to access system memory independent of the CPU.

There is a way to determine if a system turn on IDE DMA, you can do this by checking the proc entry cat /proc/ide/hda/settings, if using_dma is set to 1, then the DMA support is enabled.

You can do it also, by hdparm -i /dev/hda, the DMA modes line will report the possible IDE access modes the drive supports. For example:
UDMA modes: udma0 udma1 udma2 udma3 udma4 *udma5

So if you want to enable DMA you can do it by hdparm as :
hdparm -d1 /dev/hda, and this can be added to a start script like rc.local.

Or add an entry as the following to /etc/hdparam.conf in order to be automatically applied at boot.
/dev/hda {
dma = on
}

Using gmail with mutt

For sending and receiving you mails, with the famous mail client mutt, insert the following lines into your ~/.muttrc

set smtp_url = “smtp://username@smtp.gmail.com:587/”
set smtp_pass = “password”
set from = “username@gmail.com”
set realname = “Your Real Name”

you can also use fetchmail to get your mail automatically.
so, edit the ~/.fetchmailrc and add the following :

poll smtp.gmail.com protocol imap user “username” password “password” mda “/usr/bin/procmail -d %T” ssl

That’s great if we will receive notification when a new mail arrived.
for that add the following lines into a shell script, we will name it checkmail.

$ cat >checkmail<<EOF
#!/bin/sh
if [ "$1" = "-v" ]; then
EXTRAARG=”-v”
fi
fetchmail -a -K $EXTRAARG >/dev/null 2>&1

if [ "$?" = "0" ]; then
DISPLAY=:0.0 /usr/bin/notify-send -t 0 -u critical -h “int:x:168″ -h “int:y:100″ -i /home/mezgani/photo/mail.jpg “السلام عليك” “New mail received”
fi
EOF

Ok, right now we will define an entry to crontab, which will call the checkmail script every 5min.
of course change the path /home/handrix/bin/checkmail by the emplacement of the script in you host.

*/5 * * * * /home/mezgani/bin/checkmail

And i got this every mail arriving

How to create a ramdisk, or tmpfs instance

ramdisk:
ram disk is a portion of memory which being used as if it is a disk drive.
ram disks have fixed size, and act like a partition disk.
The access to ram disk is much faster than a real physical disk, however all contenent
of the ram disk will be lost when the system is power off.

ram disk can serve:
* some type of web contenent
* mounting loopback filesystem

You can check ram disk already created on your system, on /dev/ram*,
by default debian create 16 ram disks.
$ ls -l /dev/ram*

We will try to create a 16MB ramdisk.

First start creating a block device with major and minor number equal to 1.
$ sudo mknod -m 660 /dev/ram b 1 1

Secondly, zero out the space you need on ramdisk device
$ sudo dd if=/dev/zero of=/dev/ram bs=1K count=16K

Later, make filesystem on ram disk, specifying the size.
$ sudo /sbin/mkfs -t ext2 -m 0 /dev/ram 16384

Lastly, mount the ram disk
$ sudo mkdir /mnt/ramdisk
$ sudo mount -t ext2 /dev/ram /mnt/ramdisk

You can even take a detailed look at the new ramdisk with the tune2fs command:
$ sudo tune2fs -l /dev/ram

If you need to automating creation of ramdisk on boot, add these lines above
to the local init file rc.local.

Inconvenient of ramdisks:
- simulation of a physical disk device with a fix size.
- needs to filesystem driver (ext2) to format and interpret this data
- multiple memory operation copy, fake block device into the page cache (and copying changes back out)
- ramdisks cannot swap and you do not have the possibility to resize them.

ramfs:
ramfs is a very simple filesystem that exports Linux’s disk caching
mechanisms (the page cache and dentry cache) as a dynamically resizable
RAM-based filesystem.

tmpfs:
A ramfs derivative called tmpfs was created to add size limits, and the
ability to write the data to swap space.
Normal users can be allowed write access to tmpfs mounts.
Everything in tmpfs is temporary in the sense that no file will be created on
you hard drive.

See Documentation/filesystems/tmpfs.txt for more information.

For create a tmpfs instance accessible only by root, with 2M of size
$ mkdir tmpfs
$ sudo mount -t tmpfs -o size=2048K,mode=700 tmpfs tmpfs/
if you need to resize the tmpfs that is already mounted :
$ sudo mount -o remount -o size=4096k tmpfs/

How to create your custom live-cd/dvd/usb under debian or ubuntu

It exists a famous script named remastersys, you can get it using aptitude.
First, add the following repository http://www.geekconnection.org/remastersys/repository to your sources.list

$ sudo echo “deb http://www.geekconnection.org/remastersys/repository debian/” >> /etc/apt/sources.list
Next update your repos:
$ sudo aptitude update
$ sudo aptitude install remastersys
$ sudo remastersys
and select (to make a distributable livecd/dvd of your system
at the end of process the remastersys will generate a iso file named customdist.iso in the directory :
/home/remastersys/remastersys/

Other way :
You can also get the source file as:
$ wget http://www.geekconnection.org/remastersys/fragtemp/source/debian-source/remastersys_2.0.15-1.tar.gz
$ tar xzvf remastersys_2.0.15-1.tar.gz
$ cd remastersys-2.0.15/
$ sudo ./remastersys dist
this will generate a custom iso file, of the actuel environement named customdist.iso.

Now, if it’s ok you can burn your live-cd/dvd using wodim
/usr/bin/wodim -v gracetime=2 dev=1,0,0 speed=48 -dao driveropts=burnfree -eject -data customdist.iso

Create a live system on USB flash drive.

In order to boot from your usb flash drive, your bios must support booting from an usb device,
and you have to install on it a boot loader like grub or a syslinux on it.

this tutorial focus on the use of syslinux:

First of all, get syslinux using aptitude or apt-get like:
$ sudo aptitude install syslinux

Plug in the USB memory stick. The USB device should also be visible by the command
$ sudo fdisk -l

Then create a FAT16 partition on the USB flash drive, using fdisk.
here we support that the usb reside on /dev/sda.

$ sudo fdisk /dev/sda
Create a new partition (enter n):
Choose Primary partition (enter p), Partition number (enter 1).
The size of the partition should be at least as larger as the LiveCD/DVD you want to install on the USB device.
Afterwards, change the type (enter t) of first partition (enter 1) to W95 FAT16 LBA (enter e),
and make first partition active (enter a and select 1).
Before writing the partition table to the USB flash drive (enter w), you can print the changed settings (enter p).

Now format the first partition (/dev/sda1) as FAT16:
$ sudo mkfs.msdos /dev/sda1

Make the USB memory stick bootable using syslinux
# sudo syslinux /dev/sda1

We can mount our partition, on /media/usb if the directory not existe create it.
$ [ -d /media/usb ] || /usr/bin/sudo mkdir /media/usb
$ mount /dev/sda1 /media/usb

create /mnt/iso directory, here we will make the contenent of our customdist.iso file.
$ [ -d /mnt/iso ] || /usr/bin/sudo mkdir /mnt/iso
$ sudo mount -o loop customdist.iso /mnt/iso

and copy the hole of files and directory to the usb drive.
$ sudo cp -fr /mnt/iso/* /media/usb/

Finally, rename the file /media/usb/isolinux.cfg to syslinux.cfg
$ sudo mv /media/usb/{isolinux.cfg,syslinux.cfg}

Also, the usb flash memory is ready for use.

How to create a custom splashimage for grub

We need the image of the background photo, and a photo editor like gimp.
First of all, open up your image with gimp and scale it to 640 weight and 480 hight.
Next we have to convert the scaled image to an indexed color, an pixmap X image, so for that go to
image->mode->indexed and ‘check generate optimum palette’, with ‘14′ in the ‘Maximum number of colors’ box.
save it with xpm extension, after that gzip your image.
$ gzip image.xpm
as result you have image.xpm.gz

Finally, we have to tell to grub to use the background image.
So we can dedicate an directory for our background images,
$ sudo mkdir /boot/grub/images
$ sudo mv ~/image.xpm.gz /boot/grub/images/

edit your menu.lst with your favorite editor and add the following line:
splashimage=(hd0,2)/boot/grub/images/image.xpm.gz

note that you have to replace (hd0,2) with your root partition.
If everything went well, you should see the background next time you boot.

There is a tips if you want test your splash on boot, so on reboot and when the grub menu pops up hit ‘c’ to enter command mode.
and tape :
grub> root (hd0,0)
grub> splashimage /boot/grub/images/image.xpm.gz

if everything is well you will see your background image.

For debian and ubuntu users, you can get splashimage from repository as:
$ sudo aptitude install grub-splashimages
this will put splashimage in /boot/grub/splashimages
so go to boot/grub directory and make a symbolic link to your splash choosen, and update your grub.

$ cd /boot/grub
$ sudo ln -s splashimages/debsplash.xpm.gz splash.xpm.gz
$ sudo update-grub

Have fun