Randomly Generating User Passwords Using Ansible

No comments:
First, i would like to note that i have recently started using Ansible for configuration management. One of the things i need in my server environment is to implement a user password changing policy. Since the targets are numerous, i have to use randomly generated passwords for each host. Because passwords are sensitive, they should be generated in the encrypted form. Ansible documentation recommends using python passlib library and SHA512 hashing here.

Ansible requires python-simplejson when Python version is 2.4

No comments:
Ansible requires python-simplejson package when python version is 2.4. | FAILED >> {
    "failed": true,
    "msg": "Error: ansible requires a json module, none found!OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: Applying options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: mux_client_request_session: master session id: 2\r\nShared connection to closed.\r\n",
    "parsed": false

On Redhat 5, following package should be installed:

# rpm -ivh python-simplejson-2.0.9-8.el5.x86_64.rpm

Then from ansible:

# ansible server11 -m ping | success >> {
    "changed": false,
    "ping": "pong"

Adding Bulk New Contacts to Microsoft Active Directory

No comments:
Sometimes it is a pain for SysAdmins to add objects to Windows AD. In this example i have provided a visual basic script which reads information about some mail enabled contacts from a tab seperated text file, then create them in the Active Directory.

Every line of the text file includes:
Contact Name
First Name
Phone Number

Collectd Configuration for snmp and write-graphite plugins

No comments:
This configuration is useful for polling performance metrics from servers using collectd snmp plugin and writing statistics data to graphite whisper database and visualize them.

collectd.conf file as follows:

LoadPlugin snmp
LoadPlugin write_graphite

Graphite carbon-cache IOError with too many open files

No comments:
When running carbon-cache daemon, clients are seeing errors such as connection refused by the daemon, a common reason for this is setting small number of file descriptors.

/var/log/carbon/console.log file, there may be

exceptions.IOError: [Errno 24] Too many open files: '/var/lib/graphite/whisper/systems/<host_name>/<metric_name>.wsp'

The number of files carbon-cache daemon can open should be increased. Many Linux systems set file descriptors to a maximum of 1024 as default. A value of 16384 may be good enough depending on how many clients are simultaneously connecting to the carbon-cache daemon.

In Linux, sysctl and ulimit programs can be used to set system-wide resource use.

Listing group membership of a user or members of a group in Linux

No comments:
lid is a handy command-line tool for getting group membership of a user or list of users a group contains.

If you invoke lid just without any option, it will list groups containing the invoking user.

# lid
No user name specified, using root.

By default lid lists groups containing user name.

# lid mysql

with -g option lid lists users in a group.

# lid -g users

If you don't want to display user or group IDs then you should use -n or --onlynames options.

# lid -g -n bin

Linux whatis command and definitions of some commands in /bin and /sbin directories

No comments:
Linux whatis command searches the whatis database for complete words.

See some command descriptions from whatis database:

addpart (8) - simple wrapper around the add partition ioctl

agetty (8) - alternative Linux getty

arch (1) - print machine hardware name (same as uname -m)

arp (7) - Linux ARP kernel module

arp (8) - manipulate the system ARP cache

arping (8) - send ARP REQUEST to a neighbour host

audispd (8) - an event multiplexor

auditctl (8) - a utility to assist controlling the kernel's audit system

auditd (8) - The Linux Audit daemon