Archive for September, 2015

backup your kvm vm with dd

September 19, 2015 Leave a comment

The dd utility is a good way to make a backup of your kvm vm image. It
is nice to have a progress indicator so install pv (pipe viewer) to
gain this feature apt-get install pv.

Here is a backup script:

dd if=org.img | pv | dd of=backup.img bs=1M

On my system it took about 10 minutes to complete a backup of a 50g image.

Categories: sysadmin

Debian Jessie (or previous versions) postfix chroot additions

September 16, 2015 Leave a comment

Postfix runs chrooted by default on most distributions. Jessie is no exception.
There are a couple of crucial modifications that are important and not well documented.

1) If you are running sasl, then this is the correct way to configure the chroot sasl
connection. Test your install first using testsaslauth -u [user] -p [password]. If you
get no connect or some other error you need the following additions.

rm -r /var/run/saslauthd/
mkdir -p /var/spool/postfix/var/run/saslauthd
ln -s /var/spool/postfix/var/run/saslauthd /var/run
chgrp sasl /var/spool/postfix/var/run/saslauthd
adduser postfix sasl
service postfix restart
service saslauthd restart

Then retest with testsaslauth you should get OK “Success.”

2) The cache files of postfix are also chrooted into the /var/spool/var/lib/postfix(chroot)
directory. If you do not see the cache files listed below in this directory, then
complete the following to correct the cache file locations.

The cache directory /var/lib/postfix contains:
master.lock, prng_exch, smtpd_scache.db, smtp_scache.db,and verify_cache.db.
To be safe copy these files and restore them to the new chrooted folder.
They will update after restarting postfix.

rm -r /var/lib/postfix
mkdir -p /var/spool/postfix/var/lib/postfix
ln -s /var/spool/postfix/var/lib/postfix /var/lib
chgrp postfix /var/spool/postfix/var/lib/postfix
chown -R postfix:postfix /var/spool/postfix/var/lib/
service postfix restart

You can test by running:
postmap -s btree:/var/lib/postfix/verify_cache
You should see no errors.

Categories: sysadmin