How to configure Nagios to send sms to your mobile

Nagios is an open source host, service and network monitoring program. The official homepage is http://nagios.org/, and i use it with cacti to monitor my network.
Nagios sends you an alert via email, sms when a service is down, the sms solution is very usefull when your smtp server is unreachable.
You can drive a GSM mobile by your favorite operating system. With an usb data cable connect it to your monitoring server.
On debian there are a too packages for communicating with mobile phones (gnokii and gsm-utils), at first we’ll use gsm-utils you can get it like:
$ sudo apt-get install gsm-utils
Verify first that your GSM is connected to your server
$ sudo ls -al /dev/ttyUSB*
You can now test it by sending a sms to your mobile number +3299999999.
$ sudo gsmsendsms -d /dev/ttyUSB0 +3299999999 “Nagios – Test SMS OK”
If the test is OK, that mean you will be able to configure nagios to send sms to your phone.
Add a pager to your contact info in /etc/nagios3/conf.d/contacts_nagios2.cfg and set up sms notification mode like:

define contact{
contact_name mezgani
alias Ali MEZGANI
service_notification_period 24×7
host_notification_period 24×7
service_notification_options w,u,c,r
host_notification_options d,u,r
service_notification_commands notify-service-by-email,notify-service-by-sms
host_notification_commands notify-host-by-email,notify-host-by-sms
email mezgani@secufox.org
pager +329999999999
}

Now you have to define a command, which talks to our sms-notification-software,
so add these lines to your /etc/nagios3/commands.cfg

define command{
command_name notify-service-by-sms
command_line /usr/bin/gsmsendsms -d /dev/ttyUSB0 $CONTACTPAGER$ “Nagios – $NOTIFICATIONTYPE$ : $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ ($OUTPUT$)”
}

define command{
command_name notify-host-by-sms
command_line /usr/bin/gsmsendsms -d /dev/ttyUSB0 $CONTACTPAGER$ “Nagios – $NOTIFICATIONTYPE$ : Host $HOSTALIAS$ is $HOSTSTATE$ ($OUTPUT$)”
}

At this point, you’ve done.
For gnokii users, you can also get it by aptitude as:
$ sudo aptitude install gnokii

Send you a sms test by:
$ echo “Hello world!” | gnokii –sendsms +329999999999 -r

Later, add these lines to your /etc/nagios3/commands.cfg

define command {
command_name notify-service-by-sms
command_line /usr/bin/printf “%.120s” “Nagios – $NOTIFICATIONTYPE$ : $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ ($OUTPUT$)” | /usr/local/bin/gnokii –sendsms $CONTACTPAGER$ -r
}

define command {
command_name notify-host-by-sms
command_line /usr/bin/printf “%.120s” “Nagios – $NOTIFICATIONTYPE$ : Host $HOSTALIAS$ is $HOSTSTATE$ ($OUTPUT$)” | /usr/local/bin/gnokii –sendsms $CONTACTPAGER$ -r
}

Well, i can not get a dedicated GSM for my monitoring server right now, in my country there are some providers that purpose some sms services like sending free sms via web to mobile for example meditel.
in the suite we will focus on how to configure nagios to send sms to meditel mobile via a python script.
If your operators is meditel, get meditelsms package :
$ git clone git://github.com/mezgani/meditelsms.git.
and now add this following lines to your commands.cfg, change the path of your script in our example i used /home/mezgani/script/sms.py

define command{
command_name notify-host-by-sms
command_line /usr/bin/printf “%.120s” “Nagios – $NOTIFICATIONTYPE$ : Host $HOSTALIAS$ is $HOSTSTATE$ ($OUTPUT$)” |/usr/bin/python /home/mezgani/script/sms.py $CONTACTPAGER$
}

define command{
command_name notify-service-by-sms
command_line /usr/bin/printf “%.120s” “Nagios – $NOTIFICATIONTYPE$ : $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ ($OUTPUT$)” |/usr/bin/python /home/mezgani/script/sms.py $CONTACTPAGER$
}

Recover Deleted Files With Scalpel

Scalpel is a fast file carver that reads a database of header and footer definitions and extracts matching files from a set of image files or raw device files. Scalpel is filesystem-independent and will carve files from FATx, NTFS, ext2/3, or raw partitions. It is useful for both digital forensics investigation and file recovery.
This article explain how to use scalpel to recover deleted files.
on a debian or ubuntu install scalpel.
$ sudo aptitude install scalpel
In the config file scalpel.conf you have to define some file types that scalpel will search, in our example we will check for pdf files, so we uncomment these lines:
$ sudo vi /etc/scalpel/scalpel.conf
[…]
pdf y 5000000 %PDF %EOF\x0d REVERSE
pdf y 5000000 %PDF %EOF\x0a REVERSE
[…]
First of all make sure that the output directory does not exist, so to recover data from the sda1 partition, we can use scalpel as following:
$ sudo scalpel /dev/sda1 -o output
And the result is stored into the output directory with a full audit file.

Linux boot process

This article explain the process of booting linux.
The first thing a computer does on start-up is initialize the processor
registers by the central unit after that it runs the contenent stored in flash
memory (ROM) at a specific address, by this way it load the bios (basic input/ouput
system) into memory and do a primer test (POST – Power On Self Test).
This way several devices are tested, including the processor, memory, graphics card and the keyboard.
Here is tested the boot medium (hard disk, floppy unit, CD-ROMs).
After the POST is complete, it is flushed from memory, but the BIOS runtime services remain and are available to the target operating system.
the loader from a ROM loads the boot sector, which in turn loads the operating system from the active partition.
The boot blocks is always at the same place: track 0, cylinder 0, head 0 of the device from which we’re booting.
This block contains a program called loader, which in Linux’s case is LiLo (Linux Loader), or Grub (GNU Grub Unified Boot Loader),
which actually boots the operating system.

When a boot device is found, the first-stage (Master Boot Record) boot loader is loaded into RAM
and executed. This boot loader is less than 512 bytes in length (a single
sector), and its job is to load the second-stage boot loader (Lilo, Grub..).

To see the contents of you MBR, copy the 512 first bytes of your device to
mbr.bin, and you can also see the hexa and ascii contents.

$ dd if=/dev/hda of=mbr.bin bs=512 count 1
$ od -xa mbr.bin
$ file mbr.bin

We will explain step by step the job of the boot loader :

1. When the second-stage boot loader is in RAM and executing, a splash screen is
commonly displayed, and Linux and an optional initial RAM disk (temporary root
file system) initramfs and kernel are loaded into memory. When the images are loaded, the
second-stage boot loader passes control to the kernel image and the kernel.

2. The Linux kernel is compressed, and contains a small bit, which will decompress it.
Immediately after the first step begins the decompression and the loading of the kernel.
a long list of initialization functions are called to set up interrupts,
perform further memory configuration.

3. This initrd serves as a temporary root file system in RAM and allows the
kernel to fully boot without having to mount any physical disks. Since the
necessary modules needed to interface with peripherals can be part of the
initrd, the kernel can be very small, but still support a large number of
possible hardware configurations. After the kernel is booted, the root file
system is pivoted (via pivot_root) where the initrd root file system is
unmounted and the real root file system is mounted.

4. If the kernel detects that your graphics card supports more complex text modes,
Linux allows the usage of them – this can be specified or during the recompilation of the kernel,
or right inside the boot loader, or other program, like rdev.

5. The kernel verifies hardware configuration (floppy drive, hard disk, network adapters, etc)
and configures the drivers for the system.
During this operation, several informative messages are shown to the user.

6. The kernel tries to mount the file system and the system files.
The location of system files is configurable during recompilation, or with other programs – LiLo and rdev.
The file system type is automatically detected. The most used file systems on Linux are ext2 and ext3.
If the mount fails, a so-called kernel panic will occur, and the system will “freeze”.
System files are usually mounted in read-only mode, to permit a verification of them during the mount.
This verification isn’t indicated if the files were mounted in read-write mode.

7. After these steps, the kernel will start init, which will become process number 1, and will start the rest of the
of the system.

The init process

1. It’s Linux’s first process, and parent of all the other processes.
This process is the first running process on any Linux/UNIX system, and is started directly by the kernel.
It is what loads the rest of the system, and always has a PID of 1.

The initialization files in /etc/inittab

2. First time the initialization process (init) examines the file /etc/inittab
to determine what processes have to be launched after.
This file provides init information on runlevels, and on what process should be launched on each runlevel.
After that, init looks up the first line with a sysinit (system initialization)
action and executes the specified command file, in this case /etc/init.d/rcS.
After the execution of the scripts in /etc/init.d/rcS, init starts to launch the processes associated with the initial runlevel.
The most used action in /etc/inittab is wait, which means init executes the command file for a specified runlevel,
and then waits until that level is terminated.

The files in /etc/init.d/rcS

3. The commands defined in /etc/inittab are executed only once, by the init process,
every time when the operating system boots. Usually these scripts are running as a succession of commands,
and usually realise the following:

3.1. Determine whether the system takes part of a network, depending on the content of /etc/sysconfig/network
3.2. Mount /proc, the file system used in Linux to determine the state of the diverse processes.
3.3. Set the system time in fuction to the BIOS settings, as well as realises other settings
(setting of time zone, etc), stabilized and configured during the installation of the system.
3.4. Enables virtual memory, activating and mounting the swap partition, specified in /etc/fstab (File System Table)
3.5. Sets the host name for the network and system wide authentication,
like NIS (Network Information Service), NIS+ (an improved version of NIS), and so on.
3.6. Verifies the root fily system, and if no problems, mounts it.
3.7. Verifies the other file systems specified in /etc/fstab.
3.8. Identifies, if case of, special routines used by the operating system to recognize installed hardware
to configure Plug’n’Play devices, and to activate other prime devices, like the sound card, for example.
3.9. Verifies the state of special disk devices, like RAID (Redundant Array of Inexpensive Disks)
3.10. Mounts all the specified file systems in /etc/fstab.
3.11. Executes other system-specific tasks.

The /etc/rc.d directory

The directory /etc/rc.d/init.d contains all the commands which start or stop services
which are associated with all the execution levels.
All the files in /etc/rc.d/init.d have a short name which describes the services to which they’re associated.
For example, /etc/rc.d/init.d/amd starts and stops the auto mount daemon, which mounts the NFS host and devices anytime when needed.

The login process

After the init process executes all the commands, files and scripts, the last few processes are the /sbin/mingetty ones,
which shows the banner and log-in message of the distribution you have installed. The system is loaded and prepared so the user could log in.

The next few lines in /etc/inittab are specific to the different execution (run-) levels. Every line runs as a single script (/etc/rc.d/rc), which has a number from 1 to 6 as argument to specify the runlevel.
The most used action in /etc/inittab is wait, which means init executes the command file for a specified runlevel, and then waits until that level is terminated.

References:
http://www.ibm.com/developerworks/linux/library/l-linuxboot/
http://www.debianadmin.com/the-lniux-boot-process-explained.html
http://duartes.org/gustavo/blog/post/how-computers-boot-up
http://www.pixelbeat.org/docs/disk/

Qemu processor, howto create virtual machine with qemu

In the need to make a virtual machine, like what we see with vmware.
there are a magic tool named qemu, it ‘s a free processor emulator created by
Fabrice Bellar.
well, to setup a new machine you have to prepare a partition image named linux.img,
in this example with 1024MB.

$ qemu-img create -f qcow linux.img 1G
place your distribution cd on your media and type :
$ qemu -boot d -cdrom /dev/cdrom -hda linux.img
After completing the system operating installation you can boot from the hard disk image.
$ qemu -hda linux.img -boot c

The example above don’t setup the network.
So, we can do it as following

$ qemu -hda linux.img -net nic -net tap -boot c

create a bash script with this contenent and make it executable.

#!/usr/bin/sudo -s
set -e
tunctl -u username -t tap0
ifconfig tap0 172.20.0.1 up

export LAN=tap0
export WAN=eth0
iptables -A FORWARD -i ${LAN} -s 172.20.0.0/255.255.255.0 -j ACCEPT
iptables -A FORWARD -i ${WAN} -d 172.20.0.0/255.255.255.0 -j ACCEPT
iptables -t nat -A POSTROUTING -o ${WAN} -j MASQUERADE

echo 1 > /proc/sys/net/ipv4/ip_forward
for f in /proc/sys/net/ipv4/conf/*/rp_filter ; do echo 1 > $f ; done

run it and enjoy !

Using pycallgraph

Surffing the net i discover a nice tool to create call graph for python programs, it’s pycallgraph.

You can get it using aptitude:

$ sudo aptitude install python-pycallgraph

Let start by the simple example:

class myclass:
def __init__(self, name, color):
self.color=color
self.name=name

def affiche(self):
print(“my name is %s and my color is %s”) % (self.name,self.color)

if __name__==”__main__”:
b=myclass(“banana”,”yellow”)
b.affiche()

And now create a script file named myclass.py with this contenent.
So, we can trace calls for myclass.py as:
$ pycallgraph myclass.py
and the result is so splendid.
pycallgraph

Enabling DMA

The DMA (Direct memory access), is computer feature that allows hardware subsystems to access system memory independent of the CPU.

There is a way to determine if a system turn on IDE DMA, you can do this by checking the proc entry cat /proc/ide/hda/settings, if using_dma is set to 1, then the DMA support is enabled.

You can do it also, by hdparm -i /dev/hda, the DMA modes line will report the possible IDE access modes the drive supports. For example:
UDMA modes: udma0 udma1 udma2 udma3 udma4 *udma5

So if you want to enable DMA you can do it by hdparm as :
hdparm -d1 /dev/hda, and this can be added to a start script like rc.local.

Or add an entry as the following to /etc/hdparam.conf in order to be automatically applied at boot.
/dev/hda {
dma = on
}

Using gmail with mutt

For sending and receiving you mails, with the famous mail client mutt, insert the following lines into your ~/.muttrc

set smtp_url = “smtp://username@smtp.gmail.com:587/”
set smtp_pass = “password”
set from = “username@gmail.com”
set realname = “Your Real Name”

you can also use fetchmail to get your mail automatically.
so, edit the ~/.fetchmailrc and add the following :

poll smtp.gmail.com protocol imap user “username” password “password” mda “/usr/bin/procmail -d %T” ssl

That’s great if we will receive notification when a new mail arrived.
for that add the following lines into a shell script, we will name it checkmail.

$ cat >checkmail<<EOF
#!/bin/sh
if [ “$1” = “-v” ]; then
EXTRAARG=”-v”
fi
fetchmail -a -K $EXTRAARG >/dev/null 2>&1

if [ “$?” = “0” ]; then
DISPLAY=:0.0 /usr/bin/notify-send -t 0 -u critical -h “int:x:168” -h “int:y:100” -i /home/mezgani/photo/mail.jpg “السلام عليك” “New mail received”
fi
EOF

Ok, right now we will define an entry to crontab, which will call the checkmail script every 5min.
of course change the path /home/handrix/bin/checkmail by the emplacement of the script in you host.

*/5 * * * * /home/mezgani/bin/checkmail

And i got this every mail arriving