Book Image

Troubleshooting CentOS

By : Jonathan Hobson
Book Image

Troubleshooting CentOS

By: Jonathan Hobson

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Troubleshooting CentOS
Jonathan Hobson
Jun, 2015 | 190 pages
No titles found
Table of Contents (17 chapters)
Troubleshooting CentOS
Troubleshooting CentOS
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Basics of Troubleshooting CentOS
Basics of Troubleshooting CentOS
Installing some basic tools
Gathering hardware information
Understanding dmesg
Understanding log files
Reading log files and affecting the output
Using tail to monitor log files
Using cat, less, and more
Using grep
Using diff
Using truncation
Summary
References
2
Troubleshooting Active Processes
Troubleshooting Active Processes
Tuning server performance with memory management and swap
Managing memory with vmstat
Checking the system load with the top command
Monitoring disk I/O with iotop
Checking processes with the ps command
Checking performance with iostat and lsof
Calculating the system load
Discovering process IDs with pgrep and systemctl
More about systemd
Issuing the kill signal
Dealing with an orphaned process
Summary
References
3
Troubleshooting the Network Environment
Troubleshooting the Network Environment
Using ping, dig, host, traceroute, and mtr
Monitoring network connections with the ss command
Packet analysis with tcpdump
Summary
References
4
Troubleshooting Package Management and System Upgrades
Troubleshooting Package Management and System Upgrades
Gathering software information
Using Yum plugins
Fixing Yum operations
Installing additional Yum repositories
Downloading an RPM package with Yum
Diagnosing a corrupt RPM database
Minor release upgrades
Summary
References
5
Troubleshooting Users, Directories, and Files
Troubleshooting Users, Directories, and Files
Users
Monitoring user activity with utmpdump
Resetting the root password and enhancing logging
Recovering lost or deleted files with Scalpel
Restoring file and directory permissions
Working with and extending the XFS filesystem
Running repairs on XFS
Investigating fragmentation on XFS
Auditing directories and files
Visualizing directories and files
Summary
References
6
Troubleshooting Shared Resources
Troubleshooting Shared Resources
Providing NFS shares on a CentOS 7 server
About NFS exports
Mounting NFS shares on a CentOS client
Mounting an external drive with CIFS
Using autofs to mount an external drive
Summary
References
7
Troubleshooting Security Issues
Troubleshooting Security Issues
Auditing SELinux with aureport and setroubleshoot
SSH banners
Tuning SSH
Intrusion detection with Tripwire
Firewalld – zone, service, and port management
Removing Firewalld and returning to iptables
Summary
References
8
Troubleshooting Database Services
Troubleshooting Database Services
Getting up-and-running with MariaDB
Resetting and recovering a root password with MariaDB
Tuning MariaDB and MySQL
Obtaining metrics from MariaDB and MySQL
Returning to MySQL
Installing and configuring PostgreSQL 9
Summary
References
9
Troubleshooting Web Services
Troubleshooting Web Services
Auditing the server with cURL
Debugging Akamai headers with cURL
Adding Varnish to Apache
Testing Varnish with cURL
Using cURL to access an FTP directory
Enabling mod_status in Apache
Summary
References
10
Troubleshooting DNS Services
Troubleshooting DNS Services
Changing the hostname and managing the FQDN
Performing system sanity checks with BIND
Monitoring bandwidth with iftop
Flushing the cache
Summary
References
Index
Index

Understanding log files

By default, all CentOS system log files can be found in /var/log and a full inventory on your current server can be obtained by typing the following command:

# find /var/log

With that said, every system is different, and for overall simplicity, you will find that some of the more common log files (associated with a minimal installation of CentOS 7) will include:

  • /var/log/messages: This file contains information related to the many native services used by CentOS. This includes (but is not limited to) the kernel logger, the network manager, boot process, mail services, cron jobs, and many other services that do not have their own log files. In many respects, this record can be considered to be a global log file of sorts, and out of habit, it will probably become your first port of call in any troubleshooting process.

  • /var/log/boot.log: This file contains information that is reported when the system boots.

  • /var/log/maillog: This file contains information that is reported by the default mail server used by the system.

  • /var/log/secure: This file contains information that is related to the associated authentication and authorization privileges.

  • /var/log/wtmp: This file contains information related to user login records.

  • /var/log/btmp: This file contains information related to failed login attempts.

  • /var/log/cron: This file contains information related to cron (and anacron).

  • /var/log/lastlog: This file contains information related to the binary log that contains all of the last login information.

  • /var/log/yum.log: This file contains information related to Yum and reports any activity related to the server's package management tools.

Now, before we continue, I want to draw your attention towards the importance of these files as it is often a good idea to store /var/log in a separate partition to / (root).

A perfect system would maintain a separate partition for /tmp, /usr, and others, but yes, there may be situations where storing your log files on the same partition as / (root) is unavoidable. So remember, if and when the opportunity does arise, you may want to consider storing these directories on a separate filesystem and a separate physical volume (if possible), as this is considered to be good practice with regard to maintaining the overall security, integrity, and performance of the system in question.

However, and having said that, it is also important to recognize that many other packages will create and store logs in other locations. You may even be required to specify these locations yourself, and for this reason, it should be remembered that not all logs are located in /var/log.

For example, if the server in question is hosting one or more websites and storing all the relevant Apache VirtualHost information in a specific /home directory, then the associated log files may be found in a location like this:

/path/to/virtualhost/domain1/log/access_log
/path/to/virtualhost/domain1/log/error_log

The same can be said of many other packages, and this issue arises because the packages may not have the required privileges to write to that directory, while others are designed to maintain all logging activity within their own installation directory. Therefore, and depending on the nature of your system, you may need to spend a few moments analyzing your server's installation structure in order to locate the appropriate log file(s).

Previous Section
End of Section 5
Next Section