Memory Leak » linux

On backups and the importance of testing them

john — Mon, 12 Jan 2009 12:04:11 +0000

I’d really like the last 18 hours of my life back.

Lesson 1) backups are only as good as your backup strategy.

Lesson 2) your backup strategy is useless if its never been tested to recover from bare metal.

Lesson 3) your ill conceived, unproven backup strategy will bite you. And it will not be for a reason that was beyond your control, like say, drive heads screeching on platters. No, it will bite you because of your own stupidity and failure to fully RTFM. Beware: your ill conceived backup strategy is cunning! It is most likely to bite you while doing something that might actually result in a more robust backup strategy.

While I’m not entire sure if this was my undoing, I’m unable to grok how doing ‘grub-install‘ on a disk that is not the first BIOS disk does bad things to the disk that *is* the first BIOS disk. Doesn’t seam to matter that you told it to go work on /dev/sdX, where X != “first BIOS disk”. I’d like to compare notes if your mileage differs on this point.

No matter — something happened that really upset the boot-ability of the system. Of course, anaconda was useless in trying to “rescue” me. No, no! That would have been too simple.

OK, bed time.

Notes on my postfix + sasldb + tls settings

john — Sun, 09 Mar 2008 11:08:48 +0000

There’s a great “how to” here.

Some of the key things that I always forget about my setup that haunt me later:

I’m using sasldb2 (in /etc/sasldb2 )
When using sasldb — saslauthd daemon DOES NOT RUN. The simple DB file replaces the need for it.
The realm I’m using in sasldb2 passwords is ‘mail.foobert.com’
Thus, add a password is to the db:

saslpasswd2 -c -u `mail.foobert.com` username

Create /etc/sasl2/smtpd.conf

pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: PLAIN LOGIN

Also, when setting up a new Centos or Redhat box, smtpd.conf is looked for in /usr/lib/sasl2/ and not in /etc/sasl2/smptd.conf where some of the “how-to’s” like to mention. Thus, on my machines, I made a soft-linked to the etc version. Before realizing this, I was seriously befuddled by the following error.

Nov 27 16:02:42 pluto postfix/smtpd[20307]: TLS connection established from unknown[166.205.134.32]: TLSv1 with cipher AES128-SHA (128/128 bits)
Nov 27 16:02:43 pluto postfix/smtpd[20307]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Nov 27 16:02:43 pluto postfix/smtpd[20307]: warning: SASL authentication failure: Password verification failed
Nov 27 16:02:43 pluto postfix/smtpd[20307]: warning: unknown[166.205.134.32]: SASL PLAIN authentication failed: generic failure
Nov 27 16:02:43 pluto postfix/smtpd[20307]: lost connection after AUTH from unknown[166.205.134.32]
Nov 27 16:02:43 pluto postfix/smtpd[20307]: disconnect from unknown[166.205.134.32]

Network tar using SSH

john — Mon, 18 Feb 2008 10:45:45 +0000

Never realized how easy it is to duplicate a directory tree from one machine to another through the network without building an intermediate tarball and finding room for it and the original files all at the same time. Simply pipe the tar command through ssh and untar it on the fly.

For example, suppose we have direcotry “pictures” on SRC_HOST machine and I want to replicate it over to DST_HOST, do this from the SRC_HOST machine:

tar cvf – pictures | ssh user@DST_HOST “cat | tar xf -”

Or, if you just wanted to create a compressed archive of “pictures” on DST_HOST:

tar czvf – pictures | ssh user@DST_HOST “cat > pictures.tar.gz”

I’m ashamed to admit how many times I’ve jumped through hoops to find the free space on both machines due to making a compressed tarball, copying it over, unpacking it, then deleting the tarball.

Update: While the above is functional, it’s all rather academic. Not but a few days after writing this, I stumbled across ‘rsync‘. Yeaeh, this is a little easier:

rsync -avz user@DST_HOST:pictures pictures

And how to do it on a Mac and get all the resource forks to transfer to a non-HFS file system requires extra care and a better version of rsync than Apple delivers.