Home
Dell Openmanage Server Administrator - OMSA
Wednesday, 06 May 2009

Last night at work our use of OMSA and Nagios paid off (it often does). Three crucial production servers showed up in monitoring with degraded RAID5 arrays. It appears all three servers had 1 out of 3 drives in state "foreign"! I was able to quickly login and bring the foreign disks online and perform consistency checks. Without Nagios and OMSA we would have never known and the servers would have lived on with zero redundancy until their inevitable failure. Some people may not know about OMSA or IPMI so I thought I would write a quick blurb.

Overview

OMSA is a application designed by Dell that allows for administration of hardware on Dell servers. It offers both a Web browser based GUI and a CLI. It uses the OpenIPMI standard and thus requires OpenIPMI be installed. Check out Dell's site for mounds of mostly useless detail - Openmanage. Anyway, the company I work for uses Dell servers almost exclusively. We have well over 10,000 PowerEdge servers deployed throughout several DCs. So we don't have the luxury of manually auditing server health by peering at a server's front panel, it must be automated. We use the Dell OMSA application on a growing percentage of our servers to monitor the state of Physical Disks, Virtual Disks, Memory, Controllers, Controller Batteries, etc. We monitor the status of these various components via Nagios by using the NRPE daemon and a couple custom check plug-ins that I wrote in bash.

In most instances we install only the RPMs required for using the CLI. The Web package uses a builtin web server and the additional system resources required make it less appealing, plus bash scripts don't need GUIs ;). The CLI includes several commands of which only two will be used by most people; these are omreport and omconfig. Omreport is used for...reporting, and omconfig for...configuring. Some of the common uses include:

omreport storage controller
- controller status information (firmware version, driver version, status, etc).

omreport storage vdisk controller=0
- virtual disk status information.

omreport storage pdisk controller=0
- physical disk status information

omreport system summary
- The firmware version and omsa version information may be important when determining what omconfig command to use.

Using the above you can determine if any of your virtual disks or physical disks are in a degraded state. You can also add an additional disk as a hotswap drive using omconfig. One thing that is less obvious about omconfig is how to get a disk that is showing as foreign into a RAID array.

omconfig storage controller action=clearforeignconfig controller=CONTROLLERID
- This will remove any previous config info held on that disk and now it's state will be "ready". It's a little scary running this command on a production server because you do not specify any physical disk ID. That leaves you wondering if the command was meant for physical disks or something else, worry not only foreign physical disks will be cleared.

omconfig storage pdisk action=assignglobalhotspare assign=yes controller=CONTROLLERID pdisk=PDID
- This will assign the newly "readied" drive as a globalhostspare. When the assign=yes is specified it will automatically make use of the drive in the case of a degraded array.

If you now re-issue the omreport storage pdisk controller=CONTROLLERID command you will see the rebuild status of the physical disk.

There are so many ways to make use of the info available via OMSA and IPMIl. The data is a perfect match for Nagios and Graphing with Munin. Of course your Nagios service checks can quickly grow when you start doing large amounts of client-side checks. We tend to stay away from the less important ones that a small company might make use of (fans,power,case intrusion,etc). 

 
 
Recovering a MySQL user password.
Tuesday, 18 November 2008

Quick blurb on recovering a forgotten MySQL password. MySQL stores user passwords using the PASSWORD() function. Simple stuff:

  • Stop the MySql server (you may want to stop the webserver before this)
  • mysqld_safe --skip-grant-tables &
  • mysql
  • use mysql;
  • select Password from user where User = "USERNAME";
  • quit
  • Restart MySQL normally (/etc/init.d/mysql start , etc)

Now you want to perform the following to crack the hash:

  • wget http://www.sqlhack.com/poc.c
  • gcc -o poc poc.c
  • ./poc HASH

Voila! It's unfortunate that this is so easy! It should go without saying to NEVER use your MySQL password elsewhere. Surely I didn't need to say that..wait where you going?? To change your MySQL password??? ;)

---------------------------------------------------------------------------

 ADDENDUM:  My friend Tony notes that if your goal is to reset a users password it's best to do so by specifying a SQL script on program startup. This way you aren't starting Mysql with a blank password! His words:

Create a text file /var/tmp/resetrootpass.sql containing: SET PASSWORD FOR 'USERNAME'@'localhost' = PASSWORD('NEWPASS');

Save the file and start MySQL with:
mysqld_safe --init-file=/var/tmp/resetrootpass.sql
 
Growing Logical Volumes
Tuesday, 11 November 2008

When growing logical volumes - on Redhat based systems - I usually create several partitions so that I can take advantage of additional mount options (noexec,nosuid,etc). The partitions I create usually include the following:

/
/var
/usr
/tmp
/home
/boot

What I have found working with other peoples less secure servers is that the scripts that crackers employ usually get placed under /home. Having /home mounted noexec,nosuid,etc would've kept their tools from running. Let's let someone else be the low hanging fruit!

When installing the OS it is difficult to predict how much space each logical volume will need! The best answer is to have the Volume Group be the full size of the Physical Volume (PV). Then allot an initial 10G or so to each Logical Volume. This allows you to grow the logical volumes as necessary. You can even create new logical volumes and spinoff directories.

So three months later you see that /home is filling up and would like to grow it by 20G, easy! Just extend the logical volume and then extend the ext3 filesystem you created within that logical volume.

lvextend -L +20G /dev/VolGroup01/LogVol00
resize2fs /dev/VolGroup01/LogVol00

For lvextend to work there has to be free space available within that LVs VG. If you didn't previously allot all of the PVs free space to the VG then you should do so first. Next we run resize2fs, note that the Logical Volume can be mounted and this command should work just fine. The default 2.6 kernel should include support for resizing a mounted partition. That is all! Grow as you need, because shrinking is a nightmare!
 
Installing Tripwire on FC9
Friday, 07 November 2008

Tripwire Tutorial & A Personal Reference

A tutorial on installing and configuring Tripwire on a Redhat based system. I made this tutorial as a reference for the next time I install Tripwire. I will have undoubtedly forgotten the specifics by then.
Read more...
 
Superscan v3 on Mac OS X
Tuesday, 14 October 2008

A tutorial on installing WINE under OS X and getting SuperScan V3 working correctly.

SuperScan V3 by Foundstone is a fast synscan port scanner for Windows. It does not try to be stealthy and should not be used as a replacement to nmap. It's not as much a security tool as it is an indispesable diagnostic tool.


SuperScan Thumb

 
Read more...
 
More...
<< Start < Prev 1 2 3 Next > End >>

Results 1 - 6 of 17