Pages

Tuesday, June 28, 2022

Fake DNS with dnsmasq for testing purposes on Debian/Devuan

Install dnsmasq:

apt install dnsmasq
add to your /etc/resolv.conf the following:
nameserver 192.168.0.1
Edit /etc/dnsmasq.conf and add the following at the end of the file:
address=/real-domain-that-we-want-to-fake-for-testing.com/192.168.0.14
address=/horizon9.org/192.168.0.2
address=/google.com/192.168.0.14
The DNS request will ask first dnsmasq for a domain and if it is configured (for instance horizon9.org) it will return answer with 192.168.0.14 IP address. If domain is not found in dnsmasq configuration then it will pass dns request to real dns servers in /etc/resolv.conf file.

Now you can test your webserver by using this 192.168.0.1 for dns queries.

If you are accessing dnsmasq server from different network you will get REFUSED messages on the dns queries. If you want to fix that edit /etc/dnsmasq.conf and find the already commented line starting with 'interface=':
#interface=

and make it like this

interface=eth0
Replace eth0 with the right interface you want then restart dnsmasq.

Friday, June 24, 2022

How to transfer users from MySQL 5.5 to MariaDB 10.x

On the old server:

$ mysqldump -u root -pPassWord mysql > mysql.sql
Copy mysql.sql to the new server

add to the beginning of the file the following:

drop database mysql;
create database mysql;
use mysql;
Now run it on the new machine with MariaDB server
$ mysql -u root -p < mysql.sql
Now you need to run a tool called mysql_upgrade to upgrade old imported mysql database (you need to use --force option).
$ mysql_upgrade --force
MariaDB upgrade detected
Phase 1/7: Checking and upgrading mysql database
Processing databases
mysql
mysql.columns_priv                                 OK
mysql.db                                           OK
mysql.event                                        OK
mysql.func                                         OK
mysql.help_category                                OK
mysql.help_keyword                                 OK
mysql.help_relation                                OK
mysql.help_topic                                   OK
mysql.host                                         OK
mysql.ndb_binlog_index                             OK
mysql.plugin                                       OK
mysql.proc                                         OK
mysql.procs_priv                                   OK
mysql.proxies_priv                                 OK
mysql.servers                                      OK
mysql.tables_priv                                  OK
mysql.time_zone                                    OK
mysql.time_zone_leap_second                        OK
mysql.time_zone_name                               OK
mysql.time_zone_transition                         OK
mysql.time_zone_transition_type                    OK
mysql.user                                         OK
Upgrading from a version before MariaDB-10.1
Phase 2/7: Installing used storage engines
Checking for tables with unknown storage engine
Phase 3/7: Fixing views from mysql
Phase 4/7: Running 'mysql_fix_privilege_tables'
Phase 5/7: Fixing table and database names
Phase 6/7: Checking and upgrading tables
Processing databases
.... [ cut ] ...

Probably you need to run 'flush privileges' on the new server or restart it.

Thursday, June 9, 2022

Novell expired certificate/CA renew

 If you do not reboot your Novell for a long time (2+ years) on the next boot a lot of services do not start.

novell-os:~ # service --status-all|grep -i failed

namcd.service                                                                              loaded failed     failed       Novell Linux User Management(LUM)
novell-idsd.service                                                                        loaded failed     failed       Driver Store Daemon
novell-ipsmd.service                                                                       loaded failed     failed       Print Manager Daemon
novell-nss.service                                                                         loaded failed     failed       Novell Storage Services (NSS) file system.
novell-xregd.service                                                                       loaded failed     failed       Xtier registry daemon for OES
novell-xsrvd.service                                                                       loaded failed     failed       Xtier services daemon for OES
oes-cis-agent.service                                                                      loaded failed     failed       CIS agent for OES
oes-cis-recall-agent.service                                                               loaded failed     failed       CIS recall agent for OES
oes-cis-scanner.service                                                                    loaded failed     failed       CIS scanner for OES
smartd.service                                                                             loaded failed     failed       Self Monitoring and Reporting Technology (SMART) Daemon

Namcd could not be started:

novell-os:~ # service namcd restart
Job for namcd.service failed because the control process exited with error code. See "systemctl status namcd.service" and "journalctl -xe" for details.
novell-os:~ # systemctl status namcd.service
● namcd.service - Novell Linux User Management(LUM)
   Loaded: loaded (/usr/lib/systemd/system/namcd.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Thu 2022-06-09 10:03:14 EEST; 6s ago
     Docs: man:namcd
           man:namconfig
  Process: 30651 ExecStopPost=/usr/bin/rm -f /var/lib/novell-lum/.flush_check_file (code=exited, status=0/SUCCESS)
  Process: 30679 ExecStart=/usr/sbin/namcd (code=exited, status=1/FAILURE)
  Process: 30675 ExecStartPre=/usr/bin/rm -f /var/lib/novell-lum/.flush_check_file (code=exited, status=0/SUCCESS)
  Process: 30671 ExecStartPre=/usr/bin/rm -f /var/lib/novell-lum/.refresh_info (code=exited, status=0/SUCCESS)
  Process: 30667 ExecStartPre=/usr/bin/rm -f /var/lib/novell-lum/.user_info.* (code=exited, status=0/SUCCESS)
  Process: 30663 ExecStartPre=/usr/bin/rm -f /var/lib/novell-lum/.group_info.* (code=exited, status=0/SUCCESS)
  Process: 30659 ExecStartPre=/usr/bin/rm -f /var/lib/novell-lum/.namcdnotloaded (code=exited, status=0/SUCCESS)
  Process: 30655 ExecStartPre=/usr/bin/rm -f /var/lib/novell-lum/.namcdloaded (code=exited, status=0/SUCCESS)
    Tasks: 0 (limit: 512)

Most probably this is due to expired Certificate of Authority and/or server certificates. You can check certificate validity via iManager


If it says 'expired' then you will need to recreate all certificates
The problem is that if you do not delete old CA, you will always get error.

Here is how to delete server CA.



After that you can run this command to recreate all needed certificates:

novell-os:~ # ndsconfig upgrade

[1] Instance at /etc/opt/novell/eDirectory/conf/nds.conf:  novell-os.OU=Servers.O=STEMO_LTD.STEMOCO

Upgrading NetIQ eDirectory server with the following parameters, Please wait...
  Tree Name             : STEMOCO
  Server DN             : novell-os.OU=Servers.O=STEMO_LTD

  Configuration File    : /etc/opt/novell/eDirectory/conf/nds.conf
  Instance Location     : /var/opt/novell/eDirectory/data
  DIB Location          : /var/opt/novell/eDirectory/data/dib

/var/opt/novell/eDirectory/data/nds-http
Current env file will be backed-up in format env.current_date, any customizations done to env file need to be copied back to new env file from backed-up file.

Checking if server is ready to service requests... Done
Enter admin name with context[admin.org]:admin.stemo_context
Enter the password for admin.stemo_context:

Performing eDirectory health check...

Extending schema...
Done
For more details view schema extension logfile: /var/opt/novell/eDirectory/log/schema.log

Configuring HTTP service... Done
Configuring LDAP service... Done
Configuring SNMP service... Done
Configuring SAS service... Failed to configure SAS service: no such attribute err=-603
An error has occured while configuring the NetIQ eDirectory Server. Please look /var/opt/novell/eDirectory/log/ndsd.log file for more information.

The instance at /etc/opt/novell/eDirectory/conf/nds.conf is upgraded successfully.

ERROR: /opt/novell/eDirectory/bin/ndsconfig return value = 74.

If you get this error it is because of expired and not deleted CA. If is says 'done' just restart your Novell server and everything is up and running again.