Documentation Sme9admin
Author : Landry Breuil
Creation date of this doc : 30/01/2006
Corresponding version of Sme9admin : 1.1.0-1
Sme6admin was tested with SME : 7b5, 7pre1
Why this contrib ? :
The aim is to see globally what happens on the server, without using the administrative ssh shell. The homepage of the contrib is in the SME server-manager, in the tab Sme9admin. This contrib is an evolution of sme6admin for SME7, and has been mostly rewritten.
Description of the different pages :
List of the informations provided by the main page of the contrib :
Some links to the pages containings the graphs (see below), and a link to the configuration page of Sme9admin.
The result of the command netstat which permits to see the opened tcp connexions on the server. The outgoing/incoming connexions are highlighted.
The result of the command w which permits to see the list of the users connected to a shell on the server, from where, since when, and what was their last command.
The status of the main services running on the server, with the associated number of unix processes. The right button allows to stop/start a service. (it corresponds to the command service xxx stop/start )
Some of the services' name are links to pages containing more details on the chosen service.
The result of the command netstat --listen -tp showing the list of processes listening on a socket.
The date of the last antivirus database update, and the number of viruses/signatures known by ClamAV.
Graph page on the harware state contains :
A graph with the temperatures of the cpu and motherboard, detected by lm_sensors, and those of the hard disks, detected by hddtemp.
A graph with the cpu fan speed.
(You must notice that these values depends entirely of the support of your hardware by lm_sensors and hddtemp. You have to CONFIGURE correctly Sme9admin first if you want the graphs to fill.)
You can have these graphs on various durations, following the links on top of the page.
Graph page on the network use contains :
A graph on the opened network sessions. It monitors the ftp, ssh, netbios, afp and vpn connexions. Theses curves corresponds to the number of opened tcp connexions on the ports 21,22,139,548 and 1723.
A graph with the number of dhcp leases renewal and samba connexions. It permits to view the local network activity. The samba connexions differs from the netbios connexions here because a client host can be connected simultaneously to many samba shares, this makes only one netbios connexion and many samba "connexions".
A graph with the amount of incoming/outgoing e-mails on the server (the values are stacked). By default, it only counts the e-mails accounts of the server's main domain, the virtual domains, and the e-mails fetched by fetchmail on local mailboxes. You can add domains and e-mail adresses by configuring Sme9admin, but only the mails passing through SME's e-mail server will be counted. There is also the number of rejected spam by Spamassassin and the number of viruses filtered by ClamAV.
A graph showing the ping latency with the default gateway to internet. The ping target is configurable, as it may be useful if you are not directly on the web (ie. in server-only mode) to test the latency on an external host. If the ping is greater than 200ms, the value is bounded to have a readable graph. (If you had a 4s ping latency, you would have had a peak on the graph and nothing around.)
Two graphs with the amount of raw network flow on the server. Frequently, the amount of data incoming on the external network interface corresponds to the outgoing data on the internal network interface, it is flow relayed by the server to the local network. On the third graph you can see the amount of data which is not a relayed flow. If the server is in server-only mode, only one graph is displayed, as you have only one NIC.
Graph page on the system use contains :
A graph on the % cpu use, with the ratio between system, user and niced processes.
A graph on the system load, in comparison to the total % cpu use.
A graph on the number of processes running on the server, with the size of the run queue.
A graph with the server uptime.
A graph on the server RAM use.
A graph on the server swap use.
A graph with the amount of raw data written/read on the hard disk.
A graph on the disk space use, detailed with the size of special directories of SME Server : /var/log (log files), /home/e-smith/files (user files and ibays), /var/spool/squid (Squid cache), /var/lib/mysql (MySQL databases), and finally the available free space on the hard disk. You can desactivate the computing of directories'size, because on large hard disks, it may take a LOT of time. If so, you would have only available disk space displayed on the graph.
Advanced tests page :
This page is used when you want to check if a service responds really when you send a request.
If you click on the links, you can check the httpd, smbd, nmbd, popd, sshd, ftpd, smtpfront-qmail services, and the ping to the outside (google.fr here).
Configuration page of Sme9admin :
This last page permits to configure the sme9admind daemon, and to set some web interface settings. The configuration is saved in a plain-text file. The settings are :
Recipient and frequency of status e-mails. If you put 0 for the frequency, status e-mails are disabled.
MySQL connection settings. You may change these values only if you have modified corresponding MySQL settings first.
Network interface names. Normally, these settings are autodetected, though you may have to change them. (You may have a third wireless NIC, and you want to monitor it in place of another NIC...). You can add external mail domains to count, but they will be matched only if the mails pass through SME's internal mail system.
Miscellaneous web interface settings. (graphs size & format,...)
Hardware sensors settings. Remember first to check if your hardware is supported by lm_sensors and hddtemp, and then check if these settings are correct before bugging me with "My temp graphs are empty ? WTF ? Your program sucks !"
Recipient of alert e-mails. and bounds for the alerts. If you put 0, the alert is disabled. The possible bounds are : the hardware temperatures, the number of ssh/ftp/vpn/netbios connexions, the disk space, cpu and memory use, and the number of incoming/outgoing e-mails.
Details page on httpd / httpd-admin service :
It is a graph with the number, % cpu use, and size of memory allocated for the httpd processes.
Details page on sshd service :
You have the list of the last administrative connexions. Successful root connexions are highlighted, and all failed connexions attempts are shown.
Details page on squid service :
It is a graph with the number, % cpu use, and size of memory allocated for the squid processes.
Details page on pppoe service :
It shows the history of the ADSL connexions, with the start, end, duration, ip assigned and amount of data transferred. Connexions which lasted less than 4 hours, and disconnexions that lasted more than one minute are highlighted. These two parameters can be changed in the configuration page of Sme9admin. Thus, you can see the reliability/stability of the internet link.
Details page on dhcpd service :
You have the date of the lasts dhcp leases renewal by local network hosts, theirs MAC/IP address, and theirs hostname (assigned by the server). Thus you can see which workstation was recently powered on, and since when a workstation has not been seen on the local network.
Details page on pptpd service :
It presents the list of the vpn connexions on the server, with the start, end, duration, client IP/login, and amount of data transferred. Connexions which lasted more than 2 hours are highlighted.This parameter can be changed in the configuration page of Sme9admin.
Details page on smb/nmb service :
First, you have the history of the last connexions from a triplet (host/ip/user) to a samba share on the server, and the approximative duration (to 5 minutes).
Then there is the graph showing the number, % cpu use and size of memory allocated to the samba processes.
Thus you can analyse which hosts use frequently the samba service.
Details page on atalk service :
In the same way, this page shows first the history of the last connexions to the Apple file share system on the system, with the amount of data transferred.
Then it shows the graph with the number, % cpu use and size of memory allocated to the afp system processes (papd, afpd, netatalk).
Thus you can view which hosts use the atalk share system.
Details page on proftpd service :
This page shows the list of the connexions to the ftp service, successful or not. You have the IP of the client, its login and the amount of data transferred.
List of files installed/created by the RPM :
/etc/e-smith/events/actions/sme9admin-parselog
/etc/e-smith/events/logrotate/S15sme9admin-parselog
/etc/e-smith/web/functions/sme9admin
/etc/e-smith/web/panels/manager/cgi-bin/sme9admin
/etc/e-smith/web/panels/manager/html/sme9admin/sme9admin.conf
/etc/rc.d/init.d/sme9admind
/etc/rc.d/rc0.d/K03sme9admind
/etc/rc.d/rc1.d/K03sme9admind
/etc/rc.d/rc2.d/K03sme9admind
/etc/rc.d/rc3.d/S97sme9admind
/etc/rc.d/rc4.d/S97sme9admind
/etc/rc.d/rc5.d/S97sme9admind
/etc/rc.d/rc6.d/K03sme9admind
/etc/rc.d/rc7.d/S97sme9admind
/usr/bin/sme9admind
/usr/share/doc/smeserver-sme9admin-1.1.0/create_mysql.sh
/usr/share/doc/smeserver-sme9admin-1.1.0/create_rrd.sh
/usr/share/doc/smeserver-sme9admin-1.1.0/create_smedb.sh
/usr/share/doc/smeserver-sme9admin-1.1.0/sme9admin-doc-fr.html
/usr/share/doc/smeserver-sme9admin-1.1.0/sme9admin-doc-en.html
/usr/share/doc/smeserver-sme9admin-1.1.0/sme9admin-fr.po
/usr/share/doc/smeserver-sme9admin-1.1.0/sme9admin-en.po
/usr/share/doc/smeserver-sme9admin-1.1.0/tables.sql
/usr/share/locale/en/LC_MESSAGES/sme9admin.mo
/usr/share/locale/fr/LC_MESSAGES/sme9admin.mo
List of the directories used :
| File/directory | Contains |
|---|
/var/log/sme9admin.log | daemon's trace and errors |
/var/tmp/ | temporary logs'place. |
/var/lib/sme9admin/ | RRDs files handling datas for the graphs. |
/etc/e-smith/web/panels/manager/html/sme9admin/ | generated graphs and configuration file. |
(The daemons puts all the graphs in a subdirectory of the server-manager, thus the panel is attainable through a SSH tunnel.)
A little more details :
The status and alert e-mails are sent with sme9admin-daemon@mydomain as sender, you can use it as a filter in your mail-reader.
An alert e-mail reminds the fixed bound, the current value, and a short explanation for the alert. You have a direct link to the bound configuration webpage.
A status e-mail sends the number of opened connexions to the services, the 10 last lines of /var/log/messages, the output of netstat --numeric-hosts -tup (detailed list of all opened and active network connections), and the status of samba, httpd and sshd services. If you don't receive it, there is probably a problem on the server (Server off, qmail stopped, pppoe down,...)
The program runs as a daemon, to know if it runs :
service sme9admind status
If it is off, you can have a idea of its problem in the log file /var/log/sme9admin.log. If you encounter problems restarting it, execute rm -f /var/run/sme9admin.pid before retrying.
It is run at the boot of the server. On the logrotate event, the system sends a SIGUSR1 unix signal to force the daemon to parse the logs which will be archived.
Changelog :
* Web Feb 01 2006 : v1.1.0 - one year after last major release.
- Renamed to smeserver-sme9admin.
- Only compatible with SME 7 from now. (Only if a get a LOT of requests, i'll port the new functions to sme6admin.)
- Major global rewrite, a LOT of code cleaning.
- The settings are now in a configuration file.
- A LOT of things are now configurable (more setups are supported).
- Added SME7-specific services.
- Added a link to configure the bound in an alert e-mail.
- Added the output of 'netstat -tlp' and 'w' to the main page.
* Mon Oct 03 2005 : v1.0.5 by Cyril
- Correction of some bugs to run the daemon on sme7.
- A lot of things are buggy(events not correctly detected) on sme7.
* Tue Feb 01 2005 : v1.0.4
- Change to gettext for all the text outputs.
- English translation for the panel and the text of e-mails.
- File .po included for french and english language.
* Tue Sep 14 2004 : v1.0.3
- Added afp on the session graph.
- Modified the network traffic graphs.
- Modified the raw data write/read graph.
- Added network traffic (all but relayed) graph.
- Improvement of UI and short_status (easter-egg ;)).
- Corrected ftp anonymous client bug.
- Possibility to disable alerts.
- Clean /var/tmp on logrotate.
* Thu Aug 26 2004 : v1.0.2
- Compatibility with 5.6 Ok.
- Take care of US locale (0.0 => 0,0).
- Added temperature for second hard disk.
- Corrected bugs.
- Improvement of the postinstall and preuninstall scripts to enable rpm upgrade.
* Mon Aug 9 2004 : v1.0.1
- Added the configuration of delay between 2 status e-mails.
- Improvement of the compatibility with SME 5.6.
* Fri Aug 6 2004 : v1.0.0
All complaint, bug reports, requests, remarks, thanks are welcome at landry at firewall - services dot com, especially if the english translation of the doc/UI/howto is BAD. I NEED a feedback from the users to improve sme9admin. A big thanks goes to rv, who supported me during the creation of sme9admin, and Shad Lords for his sysmon, i've used some of his ideas.