Tag Archives: script

Sysdig as a systemd service

Ran into an issue with a firewall on my CentOS7 system. In an attempt to diagnose the problem I wanted to gather as much info as possible.

A great tool to do so is sysdig https://github.com/draios/sysdig Sysdig can be considered the tcpdump for linux systems, providing a data capture of all low level system operations. In the past I had only run sysdig as a process, capturing events as I replicate an issue.

In this current case, my issue was occurring on reboot and was related to the firewall service. In order for sysdig to capture the event data for that slice of time, I had to enable it to run and capture at boot. To do so I created the following systemd service located in /etc/systemd/system/sysdig.service


[Unit]
Description=sysdig Service
After=network-pre.target

[Service]
Type=simple
User=root
ExecStart=/usr/bin/sysdig -w /var/log/sysdig.dump
Restart=on-abort

[Install]
WantedBy=multi-user.target

Resource: http://www.freedesktop.org/software/systemd/man/

The advantages to having a sysdig service

To troubleshoot on boot I can run:
sudo systemctl enable sysdig

After reboot I can stop sysdig and disable it from running on my next boot

systemctl stop sysdig
systemctl disable sysdig

The dump file is saved to /var/log

sysdig -r /var/log/sysdig.dump

This is just a starting point and can be taken much further; such as:

1. reading in a sysdig.conf file to allow for setting up a capture filter
2. versioning dump files
3. scheduling to prevent enormous captures on reboot

Code added to github: https://github.com/mdevans1/scripts/blob/master/sysdig.service

Synology script – set quota for users in an AD group

Quick post, to support some of our VDI efforts we have utilized a Synology NAS to provide home folders for users. It works fairly well, but the Synology utilities are not very granular when it comes to managing multiple users. One distinct issue we ran into was trying to manage the different quotas for specific groups
Below is a simple bash script that takes an Active Directory group as an argument.
When run it sets a disk quota for all the users in that group

Edit the DOMAIN portion and the current “10G” quota to meet your needs

if [ $1 ]

then

for users in $(wbinfo --group-info DOMAIN\\$1 | sed -n -e 's/^.*\://;s/,/\n/gp')

do

if [ "$(synoquota --get $users /dev/vg1000/lv | sed -n 's/\[//;s/\]//;s/^[ \t]*//;s/Quota = //p')" = "0.00 KB" ]

then

synoquota --set $users 1 10G

fi

done

else

echo "USAGE: setquoatas.sh groupname"

fi