i hosed my vps. no sudo and no root password -.- no rsynca nd git too -.- my best bet is probably...single user mode to reset the root passwd can you get on the console? ya i have console but i only have my normal user login not sure what other options i have that will get me root alright, got vnc working lets see if this will get me boot screens excellent su? it's good to have sudo and su oh no root password :/ ya, i have a gpg encrypted file that contains the random password i created i dont remember the password for that file either >.> but im in single user mode i should be able to recover root with this fun :) yay sudo works again -.- how did you break it? s/break it/break in how did you break in? i meant break being able to login me? That's what she said!! mercutio: pkg delete gettext ! i keep on forgetting that it breaks sudo oh what and it doesn't warn you? isnt' gettext gpl? /usr/ports/UPDATING does warn you but the command itself doesnt needs more hshs the exact text is You must first delete the existing installation of gettext and then reinstall it. This will break sudo, so you *must* do this in a root shell (sudo -i) if you use sudo. but it doesn't tell you to type YES to conitnue or such? nope i dont recall there ever being a prompt for delete only install :P FreeBSD is silly in that way. As important as UPDATING is, there is absolutely no beating you over the head with it before you break things. sounds scary is it possible to check if someone is in sudo rather than su? What do you mean by "someone is in..."? like has used sudo to get to root /var/log/auth.log (or /var/log/secure, or... whatever else you have systlog configured for) as the update script i meant What update script? Did I miss something? milki updated gettext and it broke sudo Technically, a package could look to see if sudo is installed. However, this would need to be run before the package is installed, and it would need to abort the process somehow. I don't think that's possible. (But I'm not a FreeBSD packager...) oh hmm i should have just checked SUDO_GID=1000 it has environment variables so i blame the update script :/ Oh you meant checking to see if the present invocation is within sudo. yeh If I were logged in on a tty as root and ran pkg upgrade, the system would still be hosed "hosed" Or for those living more dangerously, the update could have been done by cron and the presence/use of sudo would not have been detected by $SUDO_ variables and he'd be right back where he is now. (Except being chastised for running updates blindly from cron) My point is that relying on checking that the update is being run from sudo is a poor way to check whether the update is going to hose things up. Heck, I'd bet that the ENV is sanitised before any package scripts are run, so there go the $SUDO_ variables. well it's better than nothing it could give a warning graphs.arpnetworks.com seems to be ill right now. hmm can't establish secure connection for me up_the_irons: ^ The http anf https connections both just hang it seems yeah same here too much graphing, not enough web serving The box returns pings though. weird. it accepts tcp connection too ah, it accepts the connection then jsut doesn’t say anything back? yeah curl -v https:// weird. probably apache got into a bind but that's just a guess Sounds like a good guess to me. But, Apache is a web server. It has no business being a BIND. No wonder it's having issues... yay for overloading words fwiw, sent up_the_irons an e-mail, in case he's not watching IRC and no alerts were triggered (the host pings, the port is open... which covers 90% of service check configurations out there) smart thinking Which reminds me... I really need to setup host monitoring for a client :/ What does everyone here use for monitoring? I was looking into nagios but it seems overly complicated. xymon is lighter weight but ugly :/ http://xymon.sourceforge.net/ I like the green laserbeam down the side of their page. haah haha i find it less annoying than zabbix zabbix is a huge slow resource hog xymon with a facelift could be pretty awesome Yeah, I want the kind of thing that could be displayed on a large screen 24/7 in the office so that CEO types think we know what we are doing pingdom? huh. pingom doesn’t look too bad. looks like it could get pricey though. sysadmin is one of thoese areas where people don't know what you do unless things go wrong :/ but ceo types can pay for it? good point. you can get free single host trial last i looked web interface seemed to get nicer and a lot of the free options tend to have pretty clunky interfaces well all of them that i know of :/ the kind of people who decide to write free open source monitoring don't seem to be the type to be good at design. I’ve noticed. it’s weird. the code can be great, but the design often falls short. yeh or downright shocking :/ i like zabbix because it's fast and cross platform. Pingdom seems to only be able to monitor publicly facing sites. but i've only ever used it for monitoring load etc rather than for alerts. i use nodeping.com for alerts. and spong ahh yeah that's for extnerla monitoring what didn't you like about nagios? it's probablythe most popular for medium to large sites using open source monitoring. for smaller sites you care more that configuration is confusing/annoying/etc. cacti isn't bad too. it just means you need to export via ipmi from other hosts. ipmi uhh i mean snmp Yeah, cacti is pretty good. maybe that’s what I should just use and expose server load and such via snmp maybe my only problem with nagios is that it looks a little clunky. I should probably play with it and see how I like it. it is a little clunky but it's functional. yeah. it must be if it’s so popular. bmacs: Recently I've used Opsview. They have a free offering, and it's built atop nagios, reasonably easy to setup. I wonder if BigBrother is still around... I’ll check it out. xymon takes big brother plugins i know the look is pretty ick, but it is pretty functional :/ http://en.wikipedia.org/wiki/Comparison_of_network_monitoring_systems Comparison of network monitoring systems :: The following tables compare general and technical information for a number of network monitoring systems. Please see the individual products' articles for further information. Features Legend Product Name The name of the software, linked to its Wikipedia article. IP SLAs Reports Support of Cisco's IP Service Level Agreement mechanism. Logical Grouping Supports arranging the hosts or hmm I’m just going to install every one of those. haha haha trend prediction seems to be uncommon distributed monitoring is surprisingly common 2015-01-18 20:16:45 mercutio zabbix is a huge slow resource hog2015-01-18 20:21:42 mercutio i like zabbix because it's fast and cross platform. I'm confused, mercutio, is it fast or slow? oops i meant xymon the second time sorry i'm overheating i know it's hard to understand from where you are :) lol overheating? yeh it's really hot here :/ @weather auckland Auckland, New Zealand: Clear 81°F (27°C), Humidity: 66%, Wind: Calm -- For more details including the forecast and almanac, see http://www.wunderground.com/cgi-bin/findweather/getForecast?query=-36.973896,174.878021 or re-request this with: @weather -v auckland hmm that doesn't /sound/ so hot, but it feels hot :/ xymon is c rather than perl btw bmacs, afaik Cacti is graphing/logging only, no alerting. Hmm. yeah. monit is worth considering, depending on your exact scenario also it can still be good to use more than one monitoring thing It's same-host, but can manage processes, restarting or performing other actions as necessary ^++ like i use cacti to check load averages, but i never alert on load averages. i just use it to see when things get worse etc or for trends. Ooh and munin is nice too but like if web hosting, you can alert based on how quickly a page loads. so many options :) I use so many of them... graphing page load times would be pretty sweet. heh brycec get him to use smokeping too :) bmacs: you can do graphing of page load times with curl too err with smokeping/curl truth ^ (There's some alerting to it too) brycec: oh? But I don't use alerting, so I can't speak to it. i haven't tried the alerting :) Me either :p i still want soemthing that will deduce where there are issues it's kind of a complex problem though. like a few days ago? arp had some loss on ntt due to ddos, but it seemed that coresite stuff was fine. Nagios/opsview does that for network links brycec: but does it do it for upstream of upstream etc? like if it can be more particular that'd be nifty. If host X is down, then it doesn't alert for downstream hosts Y and Z yeah but it's more complicated than that because sometimes there's partial connectivity from differnet locations etc. and host y/z maybe on a different subnet to x and behave differently etc If Y/Z are on a different subnet, then you wouldn't configure them as downstream hosts :P even if they're vm's off box x? it seems i'm mostly thinking of network issues It's however you want to configure things... it seems network issues are likely to increase more and more i wonder if snmp amplification attacks are being done yet (speaking of snmp)