Softpanorama (slightly skeptical) Open Source Software Educational Society

May the source be with you, but remember the KISS principle ;-) Softpanorama Search

Linux Troubleshooting

Merriam-Webster online dictionary provides a fitting definition of troubleshooting and by extension a definition of a Unix system administrator in general - making repairs, dealing with people, and trying to anticipate as well as prevent problems. 

Linux is a very complex system and for many subsystems the administrator have little on no understanding of internals. there are several like of fault analysis that can help in this situation:

• Having a reference system and complete track record of all changes (via CVS or similar package) is vital for troubleshooting of complex problems. 
• Lab is also important. Attempts to reproduce the problem in a lab in many cases are easier that finding the root problem based on symptoms (for example is problem reproducible on a different run level).
• Collecting information about the problem behavior from logs and other sources is also important

The structure of Linux troubleshooting is well captured in IBM course Linux Troubleshooting and this site might contain some additional or relevant information on several topics covered at the course:

• Understand troubleshooting methodologies and best practices
• Understand and use common tools for assisting in troubleshooting, such as ethereal, tcpdump, strace, Red Hat Package Manager (RPM) queries, vmstat, and netstat
• Troubleshoot network services, such as Lightweight Directory Access Protocol (LDAP), Apache, File Transfer Protocol (FTP), Squid, Samba, Sendmail, Postfix, and Domain Name System (DNS)
• Perform a recovery and rescue of system environments
• Troubleshoot and resolve common system process and file systems errors
• Troubleshoot and resolve graphical interface errors
• Troubleshoot and resolve authentication and user account related errors

Course outline

Section 1

Troubleshooting methodology

Section 2

Tools

• common troubleshooting tools
• RPM queries and verification
• src packages and spec files
• strace, ltrace, lsof, and fuser
• ipcs and ipcrm
• vmstat, iostat, mpstat, and sar
• ifconfig, ip, arp, and route
• name resolution
• netstat and rpcinfo
• nmap and nc
• tcpdump and ethereal

Lab

• exploring and documenting current system configuration state
• troubleshooting techniques with RPM, process related tools, and network related tools

Section 3

Rescue environments

• rescue procedures
• recovery examples

Lab

• using rescue disk
• using mount and chroot to access hard disk
• reinstalling the Master Boot Record (MBR) with grub-install
• Setting up networking statically
• mounting an NFS share
• installing an RPM using the root option

Section 4

• Linux boot process
• booting Linux
• boot process troubleshooting
• process management and troubleshooting
• file systems concepts and troubleshooting
• backups concepts and troubleshooting

Lab

• troubleshooting common system and daemon errors
• restoring files from backup
• booting scenarios: six exercises
• process scenarios: three exercises
• backup scenarios: one exercise

Section 5

• networking commands review and troubleshooting
• Internet Protocol (IP) aliases versus virtual interfaces
• xinetd concepts and troubleshooting
• Transmission Control Protocol (TCP) wrappers concepts and troubleshooting
• iptables concepts and troubleshooting

Lab

• iptables scenario: two exercises
• networking scenarios: four exercises
• TCP wrappers scenarios: two exercises
• xinetd scenarios: four exercises

Section 6

• X11 concepts, troubleshooting, and server operation
• X11 concepts and troubleshooting
• syslog concepts and troubleshooting
• RPM concepts and troubleshooting
• Common UNIX Printing System (CUPS) troubleshooting
• at and cron troubleshooting

Lab

• at and cron scenarios: four exercises
• CUPS scenerio: two exercises
• RPM scenarios: four exercises
• at/cron scenarios: four exercises
• syslog scenarios: three exercises
• X scenarios: seven exercises

Section 7

• users and groups troubleshooting
• Pluggable Authentication Module (PAM) concepts and troubleshooting
• filesystem quotas and quotas troubleshooting
• File Access Control Lists (FACL) and Access Control Lists (ACL) for users or groups
• FACLs and troubleshooting

Lab

• filesystem scenarios: six exercises
• PAM scenarios: four exercises
• quota scenarios: five exercises
• user and group scenarios: five exercises

Section 8

• DNS concepts and troubleshooting
• Apache concepts and troubleshooting
• FTP concepts and troubleshooting
• Squid concepts and troubleshooting

Lab

• Apache scenarios: five exercises
• DNS scenarios: four exercises
• FTP scenarios: two exercises
• Squid scenarios: four exercises

Section 9

• Samba concepts and troubleshooting
• Sendmail concepts and troubleshooting
• Postfix concepts and troubleshooting
• Internet Message Access Protocol (IMAP) and Post Office Protocol (POP) concepts and troubleshooting

Lab

• IMAP/POP scenarios: three exercises
• Postfix scenarios: five exercises
• Samba scenarios: three exercises
• Sendmail scenarios: four exercises

Section 10

• Kernel modules and troubleshooting
• logical volume management and creating logical volumes
• Logical Volume Manager (LVM) deployment issues and troubleshooting
• Redundant Array of Independent Disks (RAID) concepts and troubleshooting
• LDAP and LDAP troubleshooting

Lab

• Kernel module scenarios: three exercises
• LDAP scenarios: three exercises
• LVM scenario: 1 exercise
• Network Information Service (NIS) scenarios: two exercises
• RAID scenario: three exercise

Old News ;-)

[Aug 30, 2009] Troubleshooting X

Verifying that there is not configuration errors in xorg.conf

The xorg.conf might have a wrong value/entry. You can try the following procedures

init 3

cd /etc/X11

mv xorg.conf xorg.conf.old

cp xorg.conf.install xorg.conf

init 5

retest

in case previous method didn't help, try the following

init 3

sax2 -r

check keyboard, mouse and resolution configuration. Save the file, issue init 5 and retest it

I've seen cases where switching the runlevels didn't validate the new configuration so, you might need to reboot the server to validate the changes on steps 1 and 2 in case you don't see any difference.

[Jul 2, 2008] Linux Configure Netconsole To Log Messages Over UDP Network by Vivek Gite

July 2, 2008

Linux can be configured to log dmesg output to another system via network using syslog. It is done using kernel level networking stuff ia UDP port 514. There is module called netconsole which logs kernel printk messages over udp allowing debugging of problem where disk logging fails and serial consoles are impractical. Most modern distro has this netconsole as a built-in module. netconsole initializes immediately after NIC cards. There are two steps to configure netconsole:

• Syslogd server - Let us assume 192.168.1.100 IP having FQDN - syslogd.nixcraft.in. Please note that the remote host can run either 'netcat -u -l -p <port>' or syslogd.
• All other systems running netconsole module in kernel

Step # 1: Configure Centralized syslogd

Login to syslogd.nixcraft.in server. Open syslogd configuration file. Different UNIX / Linux variant have different configuration files

Red Hat / CentOS / Fedora Linux Configuration

If you are using Red Hat / CentOS / Fedora Linux open /etc/sysconfig/syslog file and set SYSLOGD_OPTIONS option for udp logging.
# vi /etc/sysconfig/syslog
Configure syslogd option as follows:
SYSLOGD_OPTIONS="-m 0 -r -x"
Save and close the file. Restart syslogd, enter:
# service syslog restart

Debian / Ubuntu Linux Configuration

If you are using Debian / Ubuntu Linux open file /etc/default/syslogd set SYSLOGD option for udp logging.
# vi /etc/default/syslogd
Configure syslogd option as follows:
SYSLOGD_OPTIONS="-r"
# /etc/init.d/sysklogd restart

FreeBSD configuration

If you are using FreeBSD open /etc/rc.conf and set syslogd_flags option option for udp logging. Please note that FreeBSD by default accepts network connections. Please refer to syslogd man page for more information.

Firewall configuration

You may need to open UDP port 514 to allow network login. Sample iptables rules to open UDP port 514:
MYNET="192.168.1.0/24"
SLSERVER="192.168.1.100"
iptables -A INPUT -p udp -s $MYNET --sport 1024:65535 -d $SLSERVER --dport 514 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p udp -s $SLSERVER --sport 514 -d $MYNET --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT

Step # 2: Configure Linux Netconsole

You need to configure netconsole service. Once this service started, you are allowed a remote syslog daemon to record console output from local system. The local port number that the netconsole module will use 6666 (default). You need to set the IP address of the remote syslog server to send messages.

Open /etc/sysconfig/netconsole file under CentOS / RHEL / Fedora Linux, enter:
# vi /etc/sysconfig/netconsole
Set SYSLOGADDR to 192.168.1.100 (IP address of remote syslog server)
SYSLOGADDR=192.168.0.1
Save and close the file. Restart netconsole service, enter:
# /etc/init.d/netconsole restart

A note about Debian / Ubuntu Linux

Red Hat has netconsole init script. However, under Debian / Ubuntu Linux, you need to manually configure netconsole. Type the following command to start netconsole by loading kernel netconsole module, enter:
# modprobe netconsole 6666@192.168.1.5/eth0,514@192.168.1.100/00:19:D1:2A:BA:A8
Where,

• 6666 - Local port
• 192.168.1.5 - Local system IP
• eth0 - Local system interface
• 514 - Remote syslogd udp port
• 192.168.1.100 - Remote syslogd IP
• 00:19:D1:2A:BA:A8 - Remote syslogd Mac

You can add above modprobe line to /etc/rc.local to load module automatically. Another recommend option is create /etc/modprobe.d/netconsole file and append following text:
# echo 'options netconsole netconsole=6666@192.168.1.5/eth0,514@192.168.1.100/00:19:D1:2A:BA:A8 '> /etc/modprobe.d/netconsole

How do I verify netconsole is logging messages over UDP network?

Login to remote syslog udp server (i.e. 192.168.1.100 our sample syslogd system), enter:
# tail -f /var/log/messages
/var/log/messages is default log file under many distributions to log messages. Refer to /etc/syslog.conf for exact location of your file.

How do I use nc / netcat instead of messing with syslogd?

This is called one minute configuration. You can easily get output on 192.168.1.100 without using syslogd. All you have to do is run netcat (nc) command, on 192.168.1.100:
$ nc -l -p 30000 -u
Login to any other box, enter command:
# modprobe netconsole 6666@192.168.1.5/eth0,30000@192.168.1.100/00:19:D1:2A:BA:A8
Output should start to appear on 192.168.1.100 from 192.168.1.5 without configuring syslogd or anything else.

Further readings:

• nc / netcat command
• modprobe command
• netconsole documentation
• man pages nc, modeprobe

Recommended Links

---

In case of broken links please try to use Google search. If you find the page please notify us about new location

Internal

• Troubleshooting X

External

Troubleshooting Common Boot Issues

Fultus Technical Documentation and Professional Literature eLibrary

Linux Troubleshooting Bible by Christopher Negus and Thomas Weeks John Wiley & Sons © 2004 (598 pages) ISBN:076456997X