Category: Work Notes

Rescan SCSI bus

Sometimes when you add new storage to a running VM you won’t see it; the SCSI bus needs to be re-scanned to make the new disk visible.

echo "---" > /sys/class/scsi_host/hostX/scan

X is the number of the SCSI host to scan.
"---" tells the SCSI host to rescan all controllers, channels and LUNs.

To force a re-sync of the kernel for all the SCSI devices:

echo 1 > /sys/class/scsi_device/0\:0\:0\:0/device/rescan

where 0:0:0:0 is the device you want to sync.

If you increased the size of an existing disk but you are not able to see the new disk size:

echo "1" > /sys/class/block/sdX/device/rescan

"1" is a flag that will trigger re-scan on the SCSI host.

Check software RAID script

Here’s a Bash script to check software RAID that will send an e-mail reporting the array status:

#!/bin/bash
# check_raid.sh
EMAIL="your@email.com"

if egrep "\[.*_.*\]" /proc/mdstat  > /dev/null
 then
   logger -s "mdcheck: RAID devices ERROR"
   echo "Software RAID devices ERROR on ${HOSTNAME}" | /bin/mail -s \
   "$0: Software RAID devices ERROR on ${HOSTNAME}" ${EMAIL}
 else
   logger -s "mdcheck: RAID devices OK"
   echo "Software RAID devices OK on ${HOSTNAME}" | /bin/mail -s \
   "$0: Software RAID device OK on ${HOSTNAME}" ${EMAIL}
fi

 

Convert .ppk key to OpenSSH keys

OpenSSH is the de facto standard implementation of the SSH protocol.

If you use ssh-keygen with the default options, it will generate a private and a public key that will work with virtually any server.

Unfortunately, out there are Windows users that bother Linux admins with .ppk key generated by PuTTY; both keys are stored in this single proprietary file.

You can convert this file and obtain standard OpenSSH key pairs using puttygen provided with the putty package available on many distros.

puttygen your_key.ppk -O [output-type] -o [output-file]

output-type refers to they key type, private-openssh or public-openssh.

NTP time drift

I had to update a couple of NTP servers and after rebooting Nagios was returning an alert on the check_ntp_peer check, indicating a time drift.

To fix it, I forced a clock update with NTP servers:

systemctl stop ntpd
ntpdate -s ntp1.inrim.it
systemctl start ntpd

httpd: (98)Address already in use

After configuring an Apache server on a CentOS 7.5 server, I tried to start the service but I got this error in return:

systemd[1]: Starting The Apache HTTP Server...
httpd[47662]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE

I was pretty sure that nothing was using port 443 but I did a quick check with netstat -tulpn

I double checked my config files, just to be sure that I wasn’t declaring Listen 443 twice:

# grep -ir listen
conf/httpd.conf:Listen 80
conf.d/ssl.conf:# When we also provide SSL we have to listen to the
conf.d/ssl.conf:Listen 443 https
conf.d/custom.conf:Listen 443

That’s it! I forgot to comment the directive in ssl.conf file (in this case). After this tiny fix I was able to start httpd without errors.

Adding a secondary IP address (CentOS, Fedora, RHEL)

You will not need a secondary NIC but you’ll create virtual adapters as the secondary IP will be routing through the primary.

Network configurations are stored in /etc/sysconfig/network-scripts

network-scripts$ ls -l | grep ifcfg
-rw-r--r--. 1 root root 304 Nov 11 19:04 ifcfg-eth0
-rw-r--r--. 1 root root 254 May 25 2017 ifcfg-lo

You have to name the virtual adapter in a sequential order, e.g., ifcfg-eth0:1, ifcfg-eth0:2 etc.

Copy the physical adapter configuration file:

cp ifcfg-eth0 ifcfg-eth0:1

and configure it to include these parameters:

DEVICE=<device name>
IPADDR=<IP address>
NETMASK=<netmask>

There is no need to configure a MAC address or a default gateway.

To activate the interface you can restart the entire network server (if you can do it) or use:

ifup eth0:1