Skip to the end of this post for the lesson part of this blog post. This email arrived in my inbox yesterday at about 10:00 PM: This is the backup script for my database dumps on my server at home. I immediately recognized it as the follow-on from a table I had just added. It …
Yesterday, I noticed this message in one of the “daily security run output” emails which FreeBSD host can send out. I’ve used net-mgmt/nrpe3 for several years. It checks remote hosts and runs any number of predetermined commands and returns the results. It’s stable, highly configurable, and just keeps running. I had a look at the …
Nagios 3: moving from nrpe 3 to nrpe 4 – what needs changing? Read More »
It was May 2021 when I tweeted about monitoring FreeBSD jails which had jail IP addresses only in the 127.0.0.0/8 range. Yesterday, nearly 6 months later, I did the first test of this. This came up because I’m getting a new FreshPorts node ready. I’ve created a file in the jail to be run from …
When you install a package, you want to know it’s still around to reinstall. You’ve probably never given this much thought. Neither had I, until I read this post on Reddit. In my case, I run my own poudriere server which allows me to run my own package server. Why run your own package server? …
Are all installed packages available for reinstall? Read More »
It is time to replace my existing UPS with another one. I’m getting only 3 minutes of runtime with the existing batteries (and new batteries, after recalibration). It was suggested I buy an Eaton 5PX. I wasn’t convinced. This is the first of three articles about nut. The second is about testing the shutdown. The …
I’ve been getting these messages in /var/log/messages on slocum for as long as I can remember. Today I found out why those errors are occurring. They are logged on the FreeBSD jail host for a Nagios instance I run. Nagios runs in a jail on that host. I’ve just been ignoring the messages, but today …
Oct 4 09:01:24 slocum kernel: pid 1409 (check_bacula), uid 181: exited on signal 11 Read More »
I have scripts for monitoring vulns in FreeBSD jails. They use third-party scripts. All I wrote was the Nagios part of the solution. I was preparing slides for my Why I prefer thick jails over thin jails talk at EuroBSDCon 2019. There is still time to register and attend. I was explaining my scripts and …
I started playing with /usr/local/etc/periodic/security/405.pkg-base-audit as part of a monitoring system. It works fine from the command line, but when I use Nagios plugins, I am getting unexpected results. By unexpected, I mean messages about FreeBSD 10.2. The host in question runs FreeBSD 12.0. The problem cannot be reproduced on the host, only from the …
Getting ‘FreeBSD-10.2 is vulnerable’ messages on a 12.0 host Read More »
This problem was difficult to figure out. The cause was simple, but not obvious. Messages such as this were appearing in emails From July: In August: I had no idea why. My initial suspicion was the /etc/newsyslog.conf configuration for that file: [dan@knew:~] $ grep auth /etc/newsyslog.conf /var/log/auth.log root:logcheck 640 7 * @T00 JC [dan@knew:~] $ …
newsyslog: chmod(/var/log/auth.log.6.bz2) in change_attrs: No such file or directory Read More »
The solution Here is the solution. You can stop reading now: ./check_email_delivery –smtp-server smtp.example.org –mailto dan@example.org \ –mailfrom dan@example.org \ –body ‘test, please ignore’ –imapssl \ –imap-server imap.example.org –username deltest –password secret That will test both delivery and receipt. There. Be gone. You don’t need the rest of this article. Thanks. Background As pointed out, …