I wrote a new script today to keep me up-to-date on how full the boot partition is on my Ubuntu servers. I actually administer quite a few of them and it can become a real issue if the boot drive hits 100% full, which it commonly does. The reason for this is that the boot partition by default is quite small (usually under 200 MB) and will fill up, often over the course of only a few months, with kernel files.

I have seen some servers carry on just fine when this occurs, I have also seen other servers exhibit some really odd behavior. Either way, it is best avoided.

The problem (and the blessing) is that Ubuntu Server is Linux… which means it requires very little administrative intervention month to month because (unlike another well-known and much used server platform) Linux tends to just work and work and work and work.

Very early on I went in for a job interview in IT. At the time I was a freshly minted MCITP, and knew very little about anything outside of Microsoft. The gentleman interviewing me asked me what my experience with Linux was, to which I replied “very little.” He then thought for a moment and said, “Well that really doesn’t matter, we have several Linux servers and the primary issue we run into is that we forget about them for 3 – 5 years until a power supply or spinning disk dies.”

That sums up most Linux setups in a nutshell. All that to say, it legitimately might be several months in-between administrative server logins. A fact which most admins are quite thrilled about.

When I started realizing that Ubuntu Server was going to require regular intervention, albeit fairly lightweight stuff, I was a bit bummed. It probably isn’t a horrible thing, rock solid stability aside it is still a good idea to login now and again to keep your software packages up to date. However that tendency to “set it and forget it” remains.

Long story short, I needed an automated alert system.

Solution, a shell script running as a cron job that will shoot me an email.

If you are following along, we are now going to dive in to the practical instruction bit. (more…)

I have setup a few servers with Ubuntu Server and one of the common security tools I use is Fail2Ban.

One of the common requirements that comes with Fail2Ban is the need to provide other administrative personnel with a place they can quickly check which IP’s have been banned. Using a cool program called incron and a short shell script (which I will provide below) I was able to push the contents of the fail2ban log file in more-or-less real time to a plain text file in the web directory. Hence anyone can just visit that page and view a list of banned and unbanned IP addresses.
(more…)