George's Weblog


Never put off 'til tomorrow what you can ignore completely

  • Front Page
  • Contact
  • Log in
  • Archives
  • Categories
  • Comments
  • Search

Change Dell iDRAC system name from Linux cli

  • February
  • 9

Make sure the shell interface is enabled through the iDRAC web interface. Log in and click on iDRAC settings on the left.

Change Dell iDRAC system name from Linux cli

 

Click on the Network/Security tab.

Change Dell iDRAC system name from Linux cli

Scroll down and find the IPMI Settings. Make sure the Enable IPMI Over LAN box is checked.

 

Change Dell iDRAC system name from Linux cli

 

 

Install ipmitool on another device or your workstation, so for Ubuntu 20.04 I used:

 

apt install ipmitool

 

Convert the name you want to set into hex values. For that used:

 

echo "new-hostname" | od -A n -t x1

 

That will output the string as hex digits.

 

Then you use the ipmitool command like this:

 

ipmitool -H <ip-address-of-dell-host> -U <username> -P <password> -I lanplus raw 0x06 0x58 0x02 0x00 0x05 0x0d 0x6e 0x65 0x77 0x2d 0x68 0x6f 0x73 0x74 0x6e 0x61 0x6d 0x65 0x0a

 

0x06 0x58 0x02 0x00 0x05 - this addresses the correct variable in the iDRAC, always the same.

0x0d - this is the number of bytes in the new hostname, in this case 13, in hex.

0x6e 0x65 0x77 0x2d 0x68 0x6f 0x73 0x74 0x6e 0x61 0x6d 0x65 0x0a - this is the hostname characters coded in hex from previous step.

 

The example above therefore sets the system name to "new-hostname".

 

Send feedback » Linux

Use Letsencrypt certs on Postfix and Dovecot with selinux

  • April
  • 7

I have my certificates mounted via NFS on all hosts so that it gives me easy access to them for services that use SSL. The workaround I was using for mail services was to mount like this (from /etc/fstab):

10.20.40.13:/mnt/tank/unix/web/letsencrypt /etc/letsencrypt nfs ro,context="system_u:object_r:postfix_etc_t:s0"

That solves the issue of context for selinux so that postfix can read the files. The issue is that I can't read those same files with dovecot. I had a cron going to copy the certs to /etc/dovecot dir but that was a bit of a hack. So today I dug into the issue and fixed it.

The solution is to add to the current selinux policy so that dovecot can essentially read postfix's files. I suppose it is slightly less secure that way but since they are both part of the mail system I think it's an acceptable risk.

So here is the TE file that I eventually ended up with that allowed dovecot to start successfully. 

 

 

module dovecot_read_postfix 1.0;

require {
type postfix_etc_t;
type init_t;
type unconfined_service_t;
type dovecot_t;
class process siginh;
class filesystem remount;
class dir search;
class file { open read };
class lnk_file read;
}

#============= dovecot_t ==============
allow dovecot_t postfix_etc_t:dir search;
allow dovecot_t postfix_etc_t:file { open read};
allow dovecot_t postfix_etc_t:lnk_file read;
#============= init_t ==============
allow init_t postfix_etc_t:filesystem remount;
allow init_t unconfined_service_t:process siginh;

 

 

Send feedback » Linux

Freebie gift almost causes catastrophe

  • September
  • 16

When I renewed my Wired subscription I don't remember reading that I would receive a promotional gift. So it was a pleasant surprise to see an unexpected envelope in the mail. That was, until I opened it.

Inside was a battery power pack complete with charging cable. Looking at it casually, it seemed a bit deformed. After opening it I saw that the battery inside had expanded to the point that it broke the plastic outer housing.

Freebie gift almost causes catastrophe

I broke the remaining plastic apart so I could take a look at the battery itself. It was puffed up like a balloon.

Freebie gift almost causes catastrophe
Freebie gift almost causes catastrophe

Needless to say, I'm glad this stupid little thing didn't explode in my face or burn down my house. If I'm reading the data code correctly, this battery was made two years ago. I'm going to do some additional testing to see if I can determine exactly what went wrong.

 

Send feedback » Mac

Migrating a VM from ovirt to VMware ESXi

  • April
  • 16

I'm using ovirt 4.3x and decided to migrate some VMs to ESXi 6.5.

First thing to do is find the disk file. It can be found easily through the UI of ovirt-engine under Storage/Disks. That table shows the UUID of the folder that the disk is in.

 

Get a shell on the ovirt node and find the file under /rhev/data-center/mnt/... somewhere probably. It's actually inside the directory that you found above. There are probably three files in there.

 

Use the qemu-img tool to convert it from raw to vmdk like this:

 

qemu-img convert -f raw d60c630e-4bc8-44ea-a842-1381f19993b4 -O vmdk newdisk.vmdk -o compat6

 

It will take a while.

 

When done, move it to your ESXi datastore somehow (scp, whatever). Then shell into your ESXi machine, make a temporary directory and clone the disk like this:

 

vmkfstools -i /vmfs/volumes/datastore0/newdisk.vmdk  -d thin /vmfs/volumes/datastore0/newvm-dir/newdisk.vmdk

 

Fix up the disk controller type in the new vmdk file, change it to lsilogic with your favorite text editor.

 

cd newvm-dir

 

vi newdisk.vmdk

 

Now build a VM the normal way and attach the disk in ESXi. I usually build the VM and don't put any disk on it. Then I move the new disk file into the VMs directory, go back and attach the disk to the VM.

 

You may have to 'rescue' the system and use dracut -f to get it to boot successfully with a new initramfs image. I generally attach an ISO CDROM and boot to it and use the rescue feature. I've found that CentOS needs this step, Ubuntu and FreeBSD don't seem to require it and happily boot.

 

Although I haven't encountered this yet, I noticed that the last VM I built on ESXi 6.7 made the default boot EFI instead of BIOS. I think I would have to change the VM to use BIOS if I wanted to use the procedure above.

Send feedback » Mac

Fixing pending sector errors on FreeNAS

  • January
  • 17

I received an alert yesterday on my home NAS unit. It indicated that there was an increase in the number of "pending sectors." Looking into the issue, it's really an error writing to the drive which hasn't been addressed and relocated. So the sector might be bad or might be good. If the sector is written to again and fails, it will be relocated. If it's written to without error, the sector will be marked good again.

The way to look at the error counts and other statistics that indicate the health of the drive is by using smart tools. In this case it was the drive at /dev/ada3 which had the problem so I did: 

# smartctl -a /dev/ada3

 

smartctl 6.6 2017-11-05 r4594 [FreeBSD 11.2-STABLE amd64] (local build)

Copyright (C) 2002-17, Bruce Allen, Christian Franke, www.smartmontools.org

 

=== START OF INFORMATION SECTION ===

Model Family:     Western Digital Red

Device Model:     WDC WD40EFRX-68WT0N0

LU WWN Device Id: 5 0014ee 2631ae2f2

Firmware Version: 82.00A82

User Capacity:    4,000,787,030,016 bytes [4.00 TB]

Sector Sizes:     512 bytes logical, 4096 bytes physical

Rotation Rate:    5400 rpm

Device is:        In smartctl database [for details use: -P show]

ATA Version is:   ACS-2 (minor revision not indicated)

SATA Version is:  SATA 3.0, 6.0 Gb/s (current: 6.0 Gb/s)

Local Time is:    Fri Jan 17 11:31:03 2020 EST

SMART support is: Available - device has SMART capability.

SMART support is: Enabled

 

=== START OF READ SMART DATA SECTION ===

SMART overall-health self-assessment test result: PASSED

 

General SMART Values:

Offline data collection status:  (0x00) Offline data collection activity

was never started.

Auto Offline Data Collection: Disabled.

Self-test execution status:      ( 121) The previous self-test completed having

the read element of the test failed.

Total time to complete Offline

data collection: (50880) seconds.

Offline data collection

capabilities: (0x7b) SMART execute Offline immediate.

Auto Offline data collection on/off support.

Suspend Offline collection upon new

command.

Offline surface scan supported.

Self-test supported.

Conveyance Self-test supported.

Selective Self-test supported.

SMART capabilities:            (0x0003) Saves SMART data before entering

power-saving mode.

Supports SMART auto save timer.

Error logging capability:        (0x01) Error logging supported.

General Purpose Logging supported.

Short self-test routine

recommended polling time: (   2) minutes.

Extended self-test routine

recommended polling time: ( 509) minutes.

Conveyance self-test routine

recommended polling time: (   5) minutes.

SCT capabilities:       (0x703d) SCT Status supported.

SCT Error Recovery Control supported.

SCT Feature Control supported.

SCT Data Table supported.

 

SMART Attributes Data Structure revision number: 16

Vendor Specific SMART Attributes with Thresholds:

ID# ATTRIBUTE_NAME          FLAG     VALUE WORST THRESH TYPE      UPDATED  WHEN_FAILED RAW_VALUE

  1 Raw_Read_Error_Rate     0x002f   200   200   051    Pre-fail  Always       -       44

  3 Spin_Up_Time            0x0027   190   177   021    Pre-fail  Always       -       7475

  4 Start_Stop_Count        0x0032   100   100   000    Old_age   Always       -       35

  5 Reallocated_Sector_Ct   0x0033   200   200   140    Pre-fail  Always       -       0

  7 Seek_Error_Rate         0x002e   200   200   000    Old_age   Always       -       0

  9 Power_On_Hours          0x0032   064   064   000    Old_age   Always       -       26304

 10 Spin_Retry_Count        0x0032   100   253   000    Old_age   Always       -       0

 11 Calibration_Retry_Count 0x0032   100   253   000    Old_age   Always       -       0

 12 Power_Cycle_Count       0x0032   100   100   000    Old_age   Always       -       35

192 Power-Off_Retract_Count 0x0032   200   200   000    Old_age   Always       -       17

193 Load_Cycle_Count        0x0032   200   200   000    Old_age   Always       -       502

194 Temperature_Celsius     0x0022   119   110   000    Old_age   Always       -       33

196 Reallocated_Event_Count 0x0032   200   200   000    Old_age   Always       -       0

197 Current_Pending_Sector  0x0032   200   200   000    Old_age   Always       -       0

198 Offline_Uncorrectable   0x0030   100   253   000    Old_age   Offline      -       0

199 UDMA_CRC_Error_Count    0x0032   200   200   000    Old_age   Always       -       0

200 Multi_Zone_Error_Rate   0x0008   100   253   000    Old_age   Offline      -       0

 

SMART Error Log Version: 1

No Errors Logged

 

SMART Self-test log structure revision number 1

Num  Test_Description    Status                  Remaining  LifeTime(hours)  LBA_of_first_error

# 1  Short offline       Completed: read failure       90%     26301         48458008

# 2  Short offline       Completed: read failure       90%     26301         48458008

# 3  Short offline       Completed without error       00%     24742         -

 

SMART Selective self-test log data structure revision number 1

 SPAN  MIN_LBA  MAX_LBA  CURRENT_TEST_STATUS

    1        0        0  Not_testing

    2        0        0  Not_testing

    3        0        0  Not_testing

    4        0        0  Not_testing

    5        0        0  Not_testing

Selective self-test flags (0x0):

 

  After scanning selected spans, do NOT read-scan remainder of disk.

If Selective self-test is pending on power-up, resume after 0 minute delay.

 

The significant lines in this case are: 

 

196 Reallocated_Event_Count 0x0032   200   200   000    Old_age   Always       -       0

197 Current_Pending_Sector  0x0032   200   200   000    Old_age   Always       -       1

 
 
That shows a possible bad sector (only one) and that no relocations have ever taken place. You can also see that I ran a few short smartctl tests and they failed:

 
 

Num  Test_Description    Status                  Remaining  LifeTime(hours)  LBA_of_first_error


# 1  Short offline       Completed: read failure       90%     26301         48458008

# 2  Short offline       Completed: read failure       90%     26301         48458008
 
 
I tried to think of the best way to clear this error by forcing the drive to relocate that sector or tell me that the drive is going bad and I should replace it.
The first thing I did was to read the sector and put the contents in a file. Now the logical block size is 512 bytes for the physical sector size is 4096 bytes (4k). You can't write anything smaller than one block. So we need to calculate how we will read that entire physical sector. Since the error logical block is given to us we can divide by 8 (4096 / 512 and remove any remainder). This will tell us where to start reading. In this case 48458008 / 8 yields a whole number 6057251. So that's the physical sector we want to deal with.
 
We use the dd command to do the raw disk read:
 
dd if=/dev/ada3 of=/tmp/output iseek=6057251 bs=4096 count=1
 
The read completed successfully and produced a file /tmp/output. Is that the correct data that should be in that sector? I don't know. But at least we read what was there and saved it. Now we'll reverse the process and write that data back to the same disk sector.
 
dd if=/tmp/output of=/dev/ada3 oseek=6057251 bs=4096 count=1
 
The write was successful. Now we look at our smartctl statistics again.
 
 

196 Reallocated_Event_Count 0x0032 200 200 000 Old_age Always - 0
197 Current_Pending_Sector 0x0032 200 200 000 Old_age Always - 0

 
 
So it was able to write the sector back okay and relocation was not needed. Now we can do a smartctl test and it should pass.
 
# smartctl -t short /dev/ada3
 
Let it go for at least 2 minutes and then look at the test log again with smartctl -a /dev/ada3
 
SMART Self-test log structure revision number 1
Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error
# 1 Short offline Completed without error 00% 26304 -
# 2 Short offline Completed: read failure 90% 26301 48458008
# 3 Short offline Completed: read failure 90% 26301 48458008
# 4 Short offline Completed without error 00% 24742 -
 

We had a successful test. So that will get rid of the FreeNAS alert. Just to make sure we are completely okay I'll schedule a scrub of that drive pool and look at the results. If there's any data corruption it should hopefully fix that up.

 

Send feedback » Linux

<< 1 2 3 4 5 ...6 ...7 8 9 10 11 >>
rss,
  • Files
Photo albums software

Valid XHTML 1.0 Transitional

Valid CSS!


This collection ©2025 by George Carey | Contact | Design by Emin �zlem (tilqicom) | Credits: Bootstrap back-end extreme_sports skin 0.1