Uncategorized

Fixing Nagios NRPE server startup.

Users of the Nagios NRPE plugin will soon be finding that even when properly configured, it consistently fails to start on boot – even though it can be manually started later, and everything looks good.

The problem is that Nagios need to update their systemd startup unit files with the proper dependencies – to ensure the NRPE server isn’t started before the network is available.

Currently, the best solution is a systemd drop-in:

Create directory: /etc/systemd/system/nrpe.service.d
Create a new drop-in file, at /etc/systemd/system/nrpe.service.d/nrpe.conf

[Unit] Requires=network-online.target After=network-online.target

systemctl daemon-reload
systemctl restart nrpe

Now check the NRPE server status and you’ll see the service should be starting successfully, with the drop-in showing:

[root@voltaire 01-02 22:32:50 ~]# systemctl status nrpe - nrpe.service - Nagios Remote Program Executor Loaded: loaded (/usr/lib/systemd/system/nrpe.service; enabled; vendor preset: disabled) Drop-In: /etc/systemd/system/nrpe.service.d |-nrpe.conf Active: active (running) since Tue 2018-01-02 22:32:43 ACDT; 13s ago Docs: http://www.nagios.org/documentation Main PID: 1392 (nrpe) CGroup: /system.slice/nrpe.service |-1392 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d . Jan 02 22:32:43 voltaire.ovirt.vorpal systemd[1]: Starting Nagios Remote Program Executor... Jan 02 22:32:43 voltaire.ovirt.vorpal systemd[1]: Started Nagios Remote Program Executor.

You can see the drop-in has successfully loaded in the 3rd/4th lines of output above.

This should ensure the NRPE service starts successfully every time you reboot.

Jenkins CI Pipeline for VTK dashboard up on GitHub

Over the Xmas break I was also busy beavering away finishing off my Jenkins CI pipeline to automate building VTK.

VTK (Visualisation ToolKit) is an excellent library of code for processing and visualisaton of multi-dimensional datasets. It’s written in C++ for high performance, and comes with bindings for python, java, and tcl/tk. For more info, see the VTK website

I’ve done a bit more of a write-up here

The jenkins-vtk-pipeline project is here, on GitHub

Ansible SOE (standard operating environment) project up on GitHub.

Have been beavering away over the Xmas break, getting the beginnings of an SOE up and running using Ansible for the initial setup.

The plan is probably to switch to Puppet for most of the subsequent setup, but Ansible is a good tool especially for the early stages.

Currently targeting Red Hat Enterprise Linux (RHEL)/CentOS/Fedora & Ubuntu.

Have done a project page which I’ll add more to soon, here.

Project is here, on GitHub.

Fixing vncserver startup failure due to pam_nologin.

Recently, after upgrading my main system to Fedora 27, I found my vncservers were intermittently failing to start on boot.

Status messages indicated the pam_nologin module was involved, and servers were failing to start because /var/run/nologin had not been removed yet.

For anyone else who hits this issue, all it means is things are starting up faster on F27, and systemd is trying to start your vncservers before the system is ready for user logins (derp).

The fix is easy, just add systemd-user-sessions.service to the “After” line in the systemd vncserver template file, and in any vncserver units you’ve already created from your template file.

So your template file should look something like this:

[Unit] Description=Remote desktop service (VNC) After=syslog.target network.target systemd-user-sessions.service


[Service]

#Type=forking

Type=simple

PAMName=login

User=jss

PIDFile=/home/jss/.vnc/%H%i.pid
# Clean any existing files in /tmp/.X11-unix environment

ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'

ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'

ExecStart=/usr/bin/vncserver %i -geometry 1300x700 -alwaysshared -fg -xstartup /home/jss/.vnc/xstartup
[Install]

WantedBy=multi-user.target

#Notes: #-fg is necessary so vncserver stays in foreground, otherwise, the systemd user session shuts down as #soon as vncserver forks off its daemon process and the parent exits.

Network (PXE) boot of Fedora, CentOS, Ubuntu install media.

Having been sick as a dog for nearly two weeks, I had the opportunity to kill some time setting up a PXE boot server for my network.

It’s working nicely now, so I can connect devices to my network & immediately boot via PXE to install media for Fedora, CentOS or Ubuntu. It’s also handy for virtual machines, connect them to a virtual network with dnsmasq dhcp setup to provide the pxe boot server address, and your VMs can PXE boot too.

If you need to PXE boot:

– Ubuntu 17.04 (server & live desktop iso media)

then read on – because the arcane details you need, painstakingly collected from diverse sources spanning the interweb, are now
here.

Improved python version of “filter_licences” script.

Now available on GitHub

1) Filter for particular licence types, like EXPLORATION LICENCE, (note: add delimiters > and < eg if you want to exclude “EXPLORATION LICENCE OFFSHORE”).
2) Can also be used to find tenements belonging to a particular person, if you know the full name they are registering under, eg:
SURNAME, FIRSTNAME MIDDLENAME
3) Can exclude tenements outside a bounding box specified in a file:
cat bounds/bounds-kalgoorlie.csv
#Kalgoorlie Area:
#topleft
#bottomright
-27.80, 119.90
-32.34, 124.05
4) Can exclude based on Tenement start date and end date.
5) Can add a pin to each extracted tenement making them easier to find when they’re spread over a large area in Google Earth.

New tool “filter_licences.pl” added to GitHub repository.

The simple script filter_licences.pl can be used to filter all but a desired tenement type from the Tenements_Live.kml listing provided by WA Dept of Mines, Industry, Regulation and Safety:
https://dasc.dmp.wa.gov.au/dasc/ -> Statewide spatial datasets -> Tenements -> Current (live and pending)

Direct link for the dataset zipfile is currently:
https://dasc.dmp.wa.gov.au/DASC/Download/File/5

The dataset zipfile contains several .kmz files, ie Tenements_Live.kmz and Tenements_Pending.kmz
Unzip the Tenements_Live.kmz so it becomes Tenements_Live.kml, and then you can use this script to filter it for particular lease or licence types.

The complete listing of live tenements is more than 20,000 tenements, of various types. This is a bloated mess if you’re only interested in, for example, Exploration Licences. Filtering out the other licence types and leaving only the Exploration Licences will cut the list down to 5000 or so, making the dataset much more manageable in tools like Google Earth. In spite of all Google’s resources, Google Earth has some serious bugs which are being ignored, and so it has trouble handling large datasets without crashing.

usage> ./filter_licences.pl Tenements_Live.kml “EXPLORATION LICENCE” > Tenements_Live_Exploration.kml
usage> cat Tenements_Live.kml | ./filter_licences.pl “tenement type” > Tenements_Live_Exploration.kml

Tenement types:
“EXPLORATION LICENCE”
“EXPLORATION LICENCE OFFSHORE”
“CHRISTMAS ISLAND EXPLORATION LICENCE”
“PROSPECTING LICENCE”
“RETENTION LICENCE”
“MISCELLANEOUS LICENCE”
“LICENCE TO TREAT TAILINGS”
“MINING LEASE”
“COAL MINING LEASE”
“MINERAL LEASE”
“MINERAL LEASE S.A.”
“GENERAL PURPOSE LEASE”
“GENERAL PURPOSE LEASE S.A.”
“TEMPORARY RESERVE”
And possibly others.

The resulting output file contains only tenements of the specified type and can be imported into Google Earth.

Welcome to the Homunculoid blog.

I won’t be posting much on this blog page, beyond an occasional status update.

I will be updating my portfolio projects, expolorations, and so on, when I have anything new to add.