[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] How To: Automatically restart login services
- Subject: Re: [cobalt-users] How To: Automatically restart login services
- From: Gerald Young <me@xxxxxxxxxxx>
- Date: Sun Jul 29 11:20:36 2001
- Organization: Coolcat Dot Net ltd
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
Hello Joe.
Thanks for the script I have been playing locally (redhat 7 ) and it works a
treat. When we got hacked we lost cron and most of the controil panel except
the install software portion. So i think ill put up a cron version as well as
making a password protected web version that can be used to restart ssh or
telnet.
Being locked out is no fun :(
Sys adminmag is on my reading list good stuff.
best wishes Gerald Y
On Sat,
28 Jul 2001, you wrote: > I have seen many posts about users who "are not able
to telnet or SSH" > into there cobalt's for many reasons. I was reading an
article in Sys > Admin Magazine (www.sysadminmag.com (If you don't read it I
would > recommend it, very straight to the point with real world solutions)) by
> Hiu F. Ho (plug) that talked about automatically restarting login
> services on a remote host. Below is a synopsis that does work on a RAQ3
> and should work on all other cobalt boxes, actually it should work on
> any Linux and *nix platform. The standard disclaimer applies, Use at
> your own risk. I will say that I am using this on my Cobalt, a bunch of
> Solaris and some Red Hat 7.0 servers.
>
> Step 1 - Find out the process name of you login daemon
>
> $ ps ax
> 494 ? s 0:02 /usr/sbin/shhd
> 679 ? s 0:05 /usr/local/psionic/portsentry/portsentry -atcp
> 681 ? s 0:00 /usr/local/psionic/portsentry/portsentry -audp
>
> This will list the processes that are currently running on your box.
> Look for the name that you are currently looking to automatically start.
> i.e. SSH or Telnet (please install SSH if you are still using Telnet).
> Write down the process name it will have to be entered into the perl
> script later. Also If you don't have the portsentry process running I
> would recommend installing it.
>
> Step 2 - Specify the path to the login daemon
>
> $ which sshd
> /usr/sbin/sshd
>
> This list the path to the Daemon that you are looking to restart
> automatically. White the output down this will also have to be entered
> into the perl script.
>
> Step 3 - Copy the perl script to your box.
>
> #!/usr/bin/perl -w
> # This script was written by Hiu F. Ho and posted
> # to Cobalt users by Joe Seitzer (joe@xxxxxxxxxxxxxx)
>
> # The first line looks for your process
> # name, output from step 1
> # You may need to customize.
>
> $ps_entry = "/usr/sbin/sshd";
>
> # The next line sets the path to the
> # process you want to restart,
> # output from step 2.
> # May need to customize
>
> $sshd_path = "/usr/sbin/sshd";
>
> # There is nothing else that you need to edit.
> # The next 8 lines will determine if the
> # process you specified is running
> @processes = `ps ax`;
> $n = @processes;
> $is_running = 0;
> for ($i=0; $i<$n; $i++) {
> if ($processes[$i] =~ /$ps_entry/) {
> $is_running = 1;
> }
> }
>
> # If the process you specified is not running
> # the next 3 lines will start it
> if (not $is_running) {
> `$sshd_path &`;
> }
>
>
>
> Step 4 - chmod and chown so that it can only be read, written and run by
> root.
>
> $chmod 700 chk-sshd.pl
> $chown root chk-sshd.pl
>
> Step 5 - Add a new cron job for root or append to one that already
> exists. Below is the line you want in the cron tab. I have it set to
> check the sshd every 5 min, you can change this.
>
> 0.5.10.15.20.25.30.35.40.45.50.55 * * * * /path to script/chk-sshd.pl
>
> after you have added the above line re-run crontab to check for errors.
>
> $ crontab -u root mycrontab
>
> You are done. You should now have an almost fool proof login service.
>
> You can test this by killing the login service and logging back in 5 min
> latter.
>
> $ killall -9 sshd
>
> After 5 min you should be able to log back into you box. Remember this
> is only good if your Login Daemon stops or is killed. This will not
> help if you lose conductivity, hardware failure, software crash or have
> any other problems with your server.
>
> Enjoy:-)
>
> Joe Seitzer
> www.pkicentral.net
>
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users