• About

UNIX Administratosphere

~ UNIX and Linux System Administration

UNIX Administratosphere

Monthly Archives: December 2011

Using Meta-packages to Standardize Servers

10 Saturday Dec 2011

Posted by ddouthitt in Red Hat, RPM, Ubuntu

≈ Leave a comment

Tags

meta-packages, packages

Both Ubuntu and Red Hat offer meta-packages which have no files of their own, but depend on others – thus requiring a set of packages to be present. You can use these packages to require a set of software to be present on a server, especially those that are not normally installed by the vendor’s install process.

A meta-package can save you time – you don’t have to install each package one at a time. A meta-package can also be included as part of a Puppet environment, so that all servers will be kept up-to-date with the current set of packages. A meta-package can also be a part of an automatic install process, also bringing in all necessary software and simplifying the installation steps.

In Ubuntu, creating your own meta-packages is made easy by using the equivs package. With RPM, you’ll have to create a meta-package using rpm-build and the appropriate SPEC file.

The only way that using a meta-package will truly save time is if you are using a program like APT or YUM to do installations because they will automatically compute the dependencies required and install them automatically when the meta-package is installed.

With a meta-package, you can require a set of packages that should be on every server – as well as force some packages to be removed. You can create a meta-packages that includes all packages that should be on a server, but aren’t usually installed (like gawk, logrotate, sysstate, ntp, logwatch, make, and m4 for instance). When the package server-main is then installed, all of its dependencies will also be installed. Any packages that are listed as conflicting packages will also be removed: packages like unattended-upgrades and command-not-found for instance.

Meta-packages could be created for packages that are from the Ubuntu Main repository, and for those packages that are in the Ubuntu Universe repository. This makes it simple to only include software from the Main repository and preclude those packages that are from the Universe repository.

These meta-packages could then be added to a local repository and added to a system during installation; this simplifies the package installation part of the install process and allows you to update any currently installed systems simply.

As an example, here’s my list for requirements (put into server-main) from the Ubuntu Main Repository:

  • lvm2
  • byobu
  • ruby
  • vim
  • snmpd
  • snmp
  • mlocate
  • postfix
  • ltrace
  • strace
  • wget
  • ntp
  • m4
  • make
  • ifenslave
  • dnsutils
  • procps
  • sysstat
  • logrotate
  • logwatch
  • sharutils
  • pdksh
  • dc
  • bsd-mailx
  • nut
  • finger
  • xfsdump
  • xfsprogs

And from the Universe repository, these are my suggested requirements (used as dependencies for server-universe):

  • iperf
  • jwhois
  • apt-file
  • chkconfig
  • atop
  • dstat
  • maatkit

Log Rotation for MySQL using logrotate

02 Friday Dec 2011

Posted by ddouthitt in Debian, Fedora, Monitoring, Red Hat, Ubuntu

≈ 1 Comment

Tags

logrotate, mysql, mysql server, mysqld

The logrotate utility is a powerful and underrated utility used to rotate logs. It is one of Red Hat’s lesser known utilities; even so, it is available for a number of platforms, including Ubuntu.

However, its set up for MySQL is missing on Red Hat and incomplete on Ubuntu.

For Ubuntu, there is no rotation of the slow query logs. To rotate these logs, just add them to the standard Ubuntu logrotate file for MySQL – that is, /etc/logrotate.d/mysql-server. Add the logs to rotate to the beginning of the file, adding to the list of files already present there.

For Red Hat, a complete MySQL log rotation file is needed as there is none at all. The MySQL logrotation script was removed as part of a security update to Fedora Core 4 back on 17 May 2006, and later removed from Red Hat Enterprise Linux 4 Update 4. The reasoning was detailed in Bug #180639 (not available?) and Bug #182025. Since then, this missing logrotate file has been the subject of several bugs (such as Bug #547007) and also of message threads like this one from Red Hat’s rhelv5-list in July of 2007.

The response to all these queries is that the MySQL logrotate script is broken and it’s up to MySQL to fix it. However, this does not seem to take into account the new FLUSH LOGS command, and admins everywhere are creating their own scripts.

Over at Question Defense, Alex has a fabulous description of the entire process – from enabling logging through implementing log rotation. However, this process uses ~/.my.cnf to automatically log in; better is to use a file like /etc/mysql/maint.cnf the way that Debian (and Ubuntu) does it. In that case, Debian creates a special user and a password to go with it, and puts these into a file /detc/mysql/debian.cnf; here is a sample debian.cnf:

# Automatically generated for Debian scripts. DO NOT TOUCH!
[client]
host     = localhost
user     = debian-sys-maint
password = i5Px6N4SZ9UhfSWa
socket   = /var/run/mysqld/mysqld.sock
[mysql_upgrade]
host     = localhost
user     = debian-sys-maint
password = i5Px6N4SZ9UhfSWa
socket   = /var/run/mysqld/mysqld.sock
basedir  = /usr

For most purposes, only the [client] section is needed, along with the first three entries (host, user, and password). You could also specify the section as [mysqladmin] instead, which would limit the username and password to being used for mysqladmin only – which is the tool used during log rotation.

The critical command is this one:

/usr/bin/mysqladmin --defaults-file=/etc/mysql/logrotate.cnf

…where logrotate.cnf contains username and password details as described above. All the rest of the logrotate file is settings and script-bulletproofing:

# Modified Ubuntu logrotate script for MySQL server
#
# Untested under Red Hat, but should work: filenames will have to be changed
/var/log/mysql.log /var/log/mysql/mysql.log /var/log/mysql/mysql-slow.log {
        daily
        rotate 7
        missingok
        create 640 mysql adm
        compress
        sharedscripts
        postrotate
                test -x /usr/bin/mysqladmin || exit 0
                MYADMIN="/usr/bin/mysqladmin --defaults-file=/etc/mysql/logrotate.cnf"
                if [ -z "`$MYADMIN ping 2>/dev/null`" ]; then
                  if killall -q -s0 -umysql mysqld; then
                    exit 1
                  fi 
                else
                  $MYADMIN flush-logs
                fi
        endscript
}

Mei Douthitt

Mei is an experienced UNIX and Linux system administrator, a former Linux distribution maintainer, and author of two books ("Advanced Topics in System Administration" and "GNU Screen: A Comprehensive Manual").
  • Mei's Books
  • LEAF Project (home to the Oxygen distribution)
  • GNU Screen Home Page



View David Douthitt's profile on LinkedIn

Use OpenDNS

Bloggers' Rights at EFF

The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections.

Recent Posts

  • Running Icingaweb2 on Ubuntu 16.04.1 LTS
  • AppStream Error in Ubuntu 16.04 Xenial
  • Return to Window Maker (on Xubuntu 15.10)
  • Sharing Music from Xubuntu 15.10 using Tangerine
  • Mono on Xubuntu 15.04 and 15.10

Top Posts

  • The wheel Group
  • Generating Passwords Using crypt(3)
  • Resetting the MacOS X 10.4 (Tiger) Admin Password (without disk!)
  • Rescuing an Interrupted Ubuntu Upgrade
  • Logging every shell command
  • AppStream Error in Ubuntu 16.04 Xenial
  • DOS Partitions (fdisk) and the 2TB Limit
  • When root is locked out...
  • Configuring a WindowMaker desktop in Ubuntu
  • Sparse files - what, why, and how

Calendar

December 2011
M T W T F S S
« Nov   Jan »
 1234
567891011
12131415161718
19202122232425
262728293031  

Recent Comments

Sweekrith on AppStream Error in Ubuntu 16.0…
ddouthitt on Return to Window Maker (on Xub…
Missing internet and… on Rescuing an Interrupted Ubuntu…
cgnkev on Running Icingaweb2 on Ubuntu 1…
An Archy on Return to Window Maker (on Xub…

Category Cloud

BSD Career Data Centers Debian Debugging Disaster recovery Fedora FreeBSD Hardware HP-UX Industry Linux MacOS X Mobile Computing Monitoring Networking OpenSolaris Open Source OpenVMS Personal Notes Productivity Programming Red Hat Scripting Security Solaris Tips Ubuntu UNIX Virtualization

Archives

  • January 2017 (1)
  • December 2016 (1)
  • July 2016 (1)
  • January 2016 (4)
  • December 2015 (1)
  • August 2015 (1)
  • September 2014 (2)
  • August 2014 (1)
  • June 2012 (2)
  • May 2012 (2)
  • April 2012 (5)
  • March 2012 (3)
  • February 2012 (5)
  • January 2012 (9)
  • December 2011 (2)
  • November 2011 (6)
  • September 2011 (4)
  • August 2011 (2)
  • July 2011 (10)
  • June 2011 (3)
  • May 2011 (12)
  • April 2011 (10)
  • March 2011 (4)
  • February 2011 (3)
  • January 2011 (7)
  • December 2010 (1)
  • November 2010 (5)
  • September 2010 (11)
  • August 2010 (12)
  • July 2010 (8)
  • June 2010 (9)
  • May 2010 (13)
  • April 2010 (12)
  • March 2010 (23)
  • February 2010 (18)
  • January 2010 (14)
  • December 2009 (14)
  • November 2009 (11)
  • October 2009 (6)
  • September 2009 (12)
  • August 2009 (7)
  • July 2009 (8)
  • June 2009 (16)
  • May 2009 (13)
  • April 2009 (3)
  • March 2009 (13)
  • February 2009 (5)
  • January 2009 (16)
  • December 2008 (10)
  • November 2008 (9)
  • October 2008 (5)
  • September 2008 (10)
  • August 2008 (17)
  • July 2008 (6)
  • June 2008 (3)
  • May 2008 (14)
  • April 2008 (11)
  • March 2008 (10)
  • February 2008 (18)
  • January 2008 (17)
  • December 2007 (15)
  • November 2007 (30)
  • October 2007 (25)
  • September 2007 (11)
  • August 2007 (21)
  • July 2007 (9)
  • June 2007 (2)

Blogroll

  • …Details…
  • Aaron's OpenVMS Hobby Site
  • Brazen Careerist
  • Cuddletech
  • Debian Admin
  • Eight-Cubed
  • FreeBSD Diary
  • Hack a Day
  • Hoffman Labs
  • Librenix
  • Linux Kernel Newbies
  • Linux Kernel Weather Forecast
  • Living with IPv6
  • Mission Critical Computing
  • nixCraft
  • PaulDotCom (of Security Weekly Podcast)
  • root prompt
  • Standalone Sysadmin
  • The Book of Dead:[Systems]
  • Tim's Blog
  • Transparent Uptime
  • WordPress.com
  • WordPress.org

RSS Sharky’s Column

  • Funny ha-ha
  • Throwback Thursday: Can I see me now?
  • How much knowledge is a dangerous thing?
  • Time-Machine Tuesday: It’s all in how you ask
  • So much learning in one day
  • Flashback Friday: A little TOO efficient
  • Throwback Thursday: Pick a card, any card ...
  • And that, kids, is how you boot a system
  • Not-so-Big Gulp
  • Memory-Lane Monday: Do as I say, not as I ...

Pages

  • About

Meta

  • Register
  • Log in
  • Entries RSS
  • Comments RSS
  • WordPress.com

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy