msgbartop
A chronological documentation test project, nothing serious, really!
msgbarbottom

05 Feb 2014 One-liner to mail when someone logs in as root

This is a short post describing how to automatically send an email every time someone logs in as root on a linux server.
Add the following line to /root/.bash_profile if you are using bash as your default shell interpreter. Refer to /etc/passwd.

(echo "Subject: ALERT: servername Root Shell Access from `who | awk '{print $5}'`"; echo "ALERT - servername Root Shell Access on:' `date` `who`")| mail -s "root access on servername" user@example.com

This will send an email to user@example.com every time someone starts using the root shell.
Quite handy and can be a way to detect if your server has been compromised.

This has been tested on ubuntu 13.10 and requires that you have access to the mail command, available in the mailutils package.

Tags: , , ,

Posted by

21 Jan 2009 IP address change notifier script

This is a simple bash script that is run by crontab every 5 minutes on a linux box.
It e-mails me the new address when a change of IP address is detected.

The script (ipchangemail.sh)

#!/bin/bash 

# Check if IP-address has changed. If a change has occured, mail me the new address
# Add the following line to crontab if you would like it to be run every 5 minutes:
# */5 * * * * ./ipchangemail.sh

# The network interface I want to monitor
NET_INTERFACE=eth0

# File to keep the latest IP address
IP_FILE=myip.txt

# Mail to this address when a change occur
MAILTO=mail@example.com


# Read the previous IP address from file
source $IP_FILE

CURRENT_IP=`/sbin/ifconfig $NET_INTERFACE | sed -n "/inet addr:.*255.255.25[0-5].[0-9]/{s/.*inet addr://; s/ .*//; p}"`

if [ "$CURRENT_IP" != "$OLD_IP" ]
then
        # Send email about address change
        `echo "New IP address detected: $CURRENT_IP" | mail -s "New IP address" $MAILTO`

        # Write new address to file
        `echo "OLD_IP=$CURRENT_IP" > $IP_FILE`
fi

The script can be downloaded here.

Tags: , , ,

Posted by

08 Sep 2007 Execute commands on multiple hosts using ssh

#!/bin/bash
# Linux/UNIX box with ssh key based login
SERVERS=”192.168.1.1 192.168.1.2 192.168.1.3″

# SSH User name
USR=”jadmin”

# Email
SUBJECT=”Server user login report”
EMAIL=”admin@somewhere.com”
EMAILMESSAGE=”/tmp/emailmessage.txt”

# create new file
>$EMAILMESSAGE

# connect each host and pull up user listing
for host in $SERVERS

do
echo “——————————–” >>$EMAILMESSAGE
echo “* HOST: $host ” >>$EMAILMESSAGE
echo “——————————–” >>$EMAILMESSAGE

ssh $USR@$host w >> $EMAILMESSAGE

done

# send an email using /bin/mail
/bin/mail -s “$SUBJECT” “$EMAIL” < $EMAILMESSAGE

Tags: ,

Posted by

04 Jun 2007 Shell script to restart MySQL server if it is killed or not working

Shell script to restart MySQL server if it is killed or not working

monitor_mysql.bash

#!/bin/bash
# Shell script to restart MySQL server if it is killed or not working
# due to ANY causes.
# When script detects mysql is not running (it basically sends ping request
# to MySQL) it try to start using /etc/init.d/mysql script; and it sends an
# email to user indicating the status.
# This script must be run from Cron Job so that it can monitor mysql server.
# For more info visit following url:
# http://www.cyberciti.biz/nixcraft/vivek/blogger/2005/08/linux-mysql-server-monitoring.html
# --------------------------------------------------------------------------
# Copyright (C) 2005 nixCraft project 
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# -------------------------------------------------------------------------

# mysql root/admin username
MUSER="root"
# mysql admin/root password
MPASS="SET-ROOT-PASSWORD"
# mysql server hostname
MHOST="localhost"
#Shell script to start MySQL server i.e. path to MySQL daemon start/stop script.
# Debain uses following script, need to setup this according to your UNIX/Linux/BSD OS.
MSTART="/etc/init.d/mysql start"
# Email ID to send notification
EMAILID="notification@somewhere-corp.com"
# path to mail program
MAILCMD="$(which mail)"
# path mysqladmin
MADMIN="$(which mysqladmin)"

#### DO NOT CHANGE anything BELOW ####
MAILMESSAGE="/tmp/mysql.fail.$$"

# see if MySQL server is alive or not
# 2&1 could be better but i would like to keep it simple and easy to
# understand stuff :)
$MADMIN -h $MHOST -u $MUSER -p${MPASS} ping 2>/dev/null 1>/dev/null
if [ $? -ne 0 ]; then
	echo "" >$MAILMESSAGE
	echo "Error: MySQL Server is not running/responding ping request">>$MAILMESSAGE
	echo "Hostname: $(hostname)" >>$MAILMESSAGE
	echo "Date & Time: $(date)" >>$MAILMESSAGE
	# try to start mysql
	$MSTART>/dev/null
	# see if it is started or not
	o=$(ps cax | grep -c ' mysqld$')
	if [ $o -eq 1 ]; then
		sMess="MySQL Server MySQL server successfully restarted"
	else
		sMess="MySQL server FAILED to restart"
	fi
	# Email status too
	echo "Current Status: $sMess" >>$MAILMESSAGE
	echo "" >>$MAILMESSAGE
	echo "*** This email generated by $(basename $0) shell script ***" >>$MAILMESSAGE
	echo "*** Please don't reply this email, this is just notification email ***" >>$MAILMESSAGE
	# send email
	$MAILCMD -s "MySQL server" $EMAILID < $MAILMESSAGE
else # MySQL is running :) and do nothing
	:
fi
# remove file
rm -f $MAILMESSAGE

Source: http://www.cyberciti.biz/tips/linux-mysql-server-monitoring.html

Tags: , , , , , ,

Posted by