debian on debian kvm notes

Notes: Run a Debian Squeeze guest on a Debian Squeeze host using KVM.

Install qemu-kvm , libvirt-bin , virtinst , bridge-utils

# apt-get install qemu-kvm libvirt-bin virtinst bridge-utils

Add root to the libvirt group.

# adduser root libvirt

Configure the bridge interface.
This is an example /etc/config/network/interfaces

# grep -v '##' /etc/network/interfaces
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual

auto br0
iface br0 inet static
        address 10.42.241.5
        netmask 255.255.255.128
        network 10.42.241.0
        broadcast 10.42.241.127
        gateway 10.42.241.10
        bridge_ports eth0
        bridge_stp off          #disable spanning tree
        bridge_waitport 0       #no delay before a port becomes available
        bridge_fd 0             #no forwarding delay
        bridge_hello 2          #Hello packets are used to communicate information about the topology throughout the entire Bridged Local Area Network.

Restart the network

# /etc/init.d/networking restart

and

# reboot

Create the virtual machine.

# mkdir /home/vm
# virt-install --connect qemu:///system -n vm0 -r 512 --vcpus=2 --disk path=/home/vm/vm0.qcow2,size=10 -c /data01/os.iso/debian-live-6.0.7-amd64-standard.iso  --vnc --noautoconsole --os-type linux --os-variant debiansqueeze --description vm0_debian --network=bridge:br0 --hvm 


Starting install...
Creating storage file vm0.qcow2                                                                                            |  10 GB     00:00     
Creating domain...                                                                                                         |    0 B     00:00     
Domain installation still in progress. You can reconnect to 
the console to complete the installation process.

Options Used Meaning from the virt-install man page:

OPTIONS
Most options are not required. Minimum requirements are --name, --ram, guest storage (--disk or --nodisks), and an install option.

--connect=CONNECT
         Connect to a non-default hypervisor. The default connection is chosen based on the following rules:

qemu:///system
             If running on a bare metal kernel as root (needed for KVM installs)

General Options

-n NAME, --name=NAME
         Name of the new guest virtual machine instance. This must be unique amongst all guests known to the hypervisor on the connection,
         including those not currently active. To re-define an existing guest, use the virsh(1) tool to shut it down ('virsh shutdown') &
         delete ('virsh undefine') it prior to running "virt-install".

-r MEMORY, --ram=MEMORY
         Memory to allocate for guest instance in megabytes. If the hypervisor does not have enough free memory, it is usual for it to
         automatically take memory away from the host operating system to satisfy this allocation.

--vcpus=VCPUS
         Number of virtual cpus to configure for the guest. Not all hypervisors support SMP guests, in which case this argument will be
         silently ignored

--description
         Human readable text description of the virtual machine. This will be stored in the guests XML configuration for access by other
         applications.

-c CDROM, --cdrom=CDROM
         File or device use as a virtual CD-ROM device for fully virtualized guests.  It can be path to an ISO image, or to a CDROM device. It
         can also be a URL from which to fetch/access a minimal boot ISO image. The URLs take the same format as described for the
         "--location" argument. If a cdrom has been specified via the "--disk" option, and neither "--cdrom" nor any other install option is
         specified, the "--disk" cdrom is used as the install media.

--os-type=OS_TYPE
         Optimize the guest configuration for a type of operating system (ex. 'linux', 'windows'). This will attempt to pick the most suitable
         ACPI & APIC settings, optimally supported mouse drivers, virtio, and generally accommodate other operating system quirks.


--os-variant=OS_VARIANT
         Further optimize the guest configuration for a specific operating system variant (ex. 'fedora8', 'winxp'). This parameter is
         optional, and does not require an "--os-type" to be specified.

Valid values are:

         linux
             debianetch
                 Debian Etch

             debianlenny
                 Debian Lenny

             debiansqueeze
                 Debian Squeeze

Storage Configuration

--disk=DISKOPTS
         Specifies media to use as storage for the guest, with various options. The general format of a disk string is

             --disk opt1=val1,opt2=val2,...
path
             A path to some storage media to use, existing or not. Existing media can be a file or block device. If installing on a remote
             host, the existing media must be shared as a libvirt storage volume.

             Specifying a non-existent path implies attempting to create the new storage, and will require specifyng a 'size' value. If the
             base directory of the path is a libvirt storage pool on the host, the new storage will be created as a libvirt storage volume.
             For remote hosts, the base directory is required to be a storage pool if using this method.

size
             size (in GB) to use if creating new storage


Networking Configuration

-w NETWORK, --network=NETWORK,opt1=val1,opt2=val2
         Connect the guest to the host network. The value for "NETWORK" can take one of 3 formats:

         bridge=BRIDGE
             Connect to a bridge device in the host called "BRIDGE". Use this option if the host has static networking config & the guest
             requires full outbound and inbound connectivity  to/from the LAN. Also use this if live migration will be used with this guest.

Graphics Configuration

--vnc
         Setup a virtual console in the guest and export it as a VNC server in the host. Unless the "--vncport" parameter is also provided,
         the VNC server will run on the first free port number at 5900 or above. The actual VNC display allocated can be obtained using the
         "vncdisplay" command to "virsh" (or virt-viewer(1) can be used which handles this detail for the use).

--noautoconsole
         Don't automatically try to connect to the guest console. The default behaviour is to launch a VNC client to display the graphical
         console, or to run the "virsh" "console" command to display the text console. Use of this parameter will disable this behaviour.

Virtualization Type options

-v, --hvm
         Request the use of full virtualization, if both para & full virtualization are available on the host. This parameter may not be
         available if connecting to a Xen hypervisor on a machine without hardware virtualization support. This parameter is implied if
         connecting to a QEMU based hypervisor.

On another host running X

# apt-get install virt-manager 

oh well, that did not go as planned ... I was unable to manage the Virtual Machine I created with virt-manager remotely ... I tried to install other packages and hunted down the errors for a while but not cigar ...

Plan B All I really need is to open a VNC session to the socket 127.0.0.1:5900 that I see and I hope that it is what I think it is.

Still on another host running X --not the vmhost.

# ssh -L 5900:localhost:5900 vmhost

and then, somevncviewer localhost

or

use a new vinagre with Host:127.0.0.1 and Use host:vmhost


Install the guest system, give an IP address in your LAN to the guest and install SSH
When the installation is done start the Virtual Machine.
On the host.

# virsh 
Welcome to virsh, the virtualization interactive terminal.

Type:  'help' for help with commands
       'quit' to quit

virsh # list
 Id Name                 State
----------------------------------

virsh # start vm0
Domain vm0 started

virsh # list
 Id Name                 State
----------------------------------
  3 vm0                  running

virsh # quit

ping the Virtual Machine vm0 and try to ssh to it.
If you cannot ssh to it, open a vnc session

# virsh vncdisplay vm0
:0

and then VNC to vm0 from another host.


The system is using the following `virtual` device drivers and behaves OK so-far

root@vm0# lspci 
00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02)
00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
00:01.1 IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II]
00:01.2 USB Controller: Intel Corporation 82371SB PIIX3 USB [Natoma/Triton II] (rev 01)
00:01.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 03)
00:02.0 VGA compatible controller: Cirrus Logic GD 5446
00:03.0 Ethernet controller: Red Hat, Inc Virtio network device
00:04.0 SCSI storage controller: Red Hat, Inc Virtio block device
00:05.0 RAM memory: Red Hat, Inc Virtio memory balloon

I have to stress test it a bit.



Linux Bridge
libvirt bridging

yet another awmn+Internet DNS Ubuntu 12.04 LTS

# sudo -s
# cat /etc/issue
Ubuntu 12.04.2 LTS \n \l

# apt-get install bind9

Change /etc/bind/named.conf , /etc/bind/named.conf.local , /etc/bind/named.conf.options

# cat /etc/bind/named.conf
// g0 2013 AWMN+Internet caching dns
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";

# cat /etc/bind/named.conf.options 
options {
 directory "/var/cache/bind";
 //dnssec-validation auto;
 listen-on { 127.0.0.1; 10.46.78.6; };
 version "some version alog.ipduh.com "; 
 auth-nxdomain no;    # conform to RFC1035
 allow-query { 10.0.0.0/8; localhost; };
 allow-recursion { 10.0.0.0/8; localhost; };  
 //listen-on-v6 { any; };
};

# cat /etc/bind/named.conf.local
// #g0 2013 AWMN+Internet Caching DNS

zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
};


//####################################
//# Greek Wireless Communities Zones #
//####################################
//# https://www.awmn.net/wiki/       #
//####################################
//Because awmn will go gwmn pretty soon g stands for Greek or Global ;)
//####################################

zone "10.in-addr.arpa" IN {
        type forward;
        forwarders {
       10.0.0.1;  
       10.19.143.12;
       10.19.143.13;
        };
};


zone "awmn" IN {
        type forward;
        forwarders {
         10.0.0.1;  
         10.19.143.12;
         10.19.143.13;
        };
};

zone "wn" IN {
        type forward;
        forwarders {
                10.126.3.115;
                10.110.17.115;
                10.19.143.12;
                10.17.122.134;
                10.86.87.129;
                10.2.16.130;
                10.110.17.67;
        };
};

zone "swn" IN {
        type forward;
        forwarders {
                10.101.0.254;
                10.106.3.1;
                10.174.254.101;
                10.174.1.253;
        };
};


zone "twmn" IN {
        type forward;
        forwarders {
                10.104.76.65;
                10.122.20.70;
                10.122.3.68;
                10.122.14.72;
                10.104.1.74;
        };
};

zone "wthess" IN {
        type forward;
        forwarders {
                10.96.0.1;
                10.96.22.2;
                10.96.9.3;
        };
};

zone "ewn" IN {
        type forward;
        forwarders {
                10.145.7.150;
                10.146.210.130;
        };
};

zone "mswn" IN {
        type forward;
        forwarders {
                10.148.50.2;
        };
};

zone "cywn" IN {
        type forward;
        forwarders {
                10.215.0.125;
                10.215.2.126;
        };
};

zone "dwn" IN {
        type forward;
        forwarders {
                10.174.1.253;
                10.174.254.101;
                10.174.17.250;
        };
};

zone "wiran" IN {
        type forward;
        forwarders {
                10.230.3.133;
        };
};

zone "wana" IN {
        type forward;
        forwarders {
                10.224.3.35;
        };
};

zone "awn" IN {
        type forward;
        forwarders {
                10.198.0.130;
        };
};

zone "pwmn" IN {
        type forward;
        forwarders {
                10.140.14.67;
        };
};

// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "/etc/bind/db.root";
};

Deal with the ubuntu resolv.conf madness

# echo "nameserver 127.0.0.1" > /etc/resolvconf/resolv.conf.d/base
# cd /etc/resolvconf/resolv.conf.d/
# cp base tail
# cp tail original
# cp base /etc/resolv.conf

# /etc/init.d/bind9 restart

Test

# dig voip.awmn +short
10.67.0.17
# dig www.awmn +short
srv1.awmn.
10.19.143.13
# dig ipduh.org +short
85.25.242.245
# dig ipduh.awmn +short
10.21.241.4

Windows Down Left Corner ad popup

A friend has been complaining about annoying advert pop-ups on most web-sites. She also noticed they were popping up on alog.ipduh and not popping up on a few large sites and ipduh.com ;).

After looking at her windows system I found a few pieces of malware and deleted them and then I noticed that the popups were still popping up in ~9/10 web-sites showing adverts from many ad networks and google adsense. Nothing weird (that I could see ) was running so I thought of looking at the hosts file before start looking at the system for rootkits and put it in a network that I can look all the traffic from it. The hosts file was --of course-- hidden and had all kinds of annoying attributes.

See and Edit the hosts file

cd C:\WINDOWS\system32\drivers\etc\
cacls.exe hosts /g builtin\users:R
cacls.exe hosts /e /g builtin\administrators:F
cacls.exe hosts /e /g "nt authority\system:F"
attrib.exe -s -h -a -r hosts

This is what I Found at the very bottom of a 20 pages long hosts file

66.185.21.82 www.google-analytics.com.
66.185.21.82 ad-emea.doubleclick.net.
66.185.21.82 www.statcounter.com.
66.185.21.82 connect.facebook.net.
93.115.241.27 www.google-analytics.com.
93.115.241.27 ad-emea.doubleclick.net.
93.115.241.27 www.statcounter.com.
93.115.241.27 connect.facebook.net.

funny!

If you are like my friend,
you made it here and you are wondering what to do now ...
delete the lines above and save the hosts file at

C:\WINDOWS\system32\drivers\etc\hosts

66.185.21.82 www.google-analytics.com.
66.185.21.82 ad-emea.doubleclick.net.
66.185.21.82 www.statcounter.com.
66.185.21.82 connect.facebook.net.
93.115.241.27 www.google-analytics.com.
93.115.241.27 ad-emea.doubleclick.net.
93.115.241.27 www.statcounter.com.
93.115.241.27 connect.facebook.net.

disable ipv6 debian

To disable IPv6 on selected hosts in LANs with ipv6 router advertisements.

Disable the ipv6 address taken temporarily

# ip -6 addr del 2001:cafe:b0b0:abcd:6ef0:49ff:fe0e:f1b9/64 dev eth0
# ip -6 addr del fe80::6ef0:49ff:fe0e:f1b9/64 dev eth0 

Disable the ipv6 stack permanently

# echo net.ipv6.conf.all.disable_ipv6=1 > /etc/sysctl.d/disableipv6.conf

More: Debian - turn off IPv6

In case you want to disable IPv4 and enable IPv6 only on a host.
example /etc/network/interfaces

auto eth0
iface eth0 inet manual
iface eth0 inet6 auto

If you don't have an IPv6 DNS caching server find a public one in the public dns servers list

torrent daemon & file server -- debian

Notes on how-to setup a torrent daemon --transmission-daemon-- and a file server on debian.

Add the 'tuser' user using adduser.sh

# adduser.sh 
Add User:
Enter GROUPID     : 2000
Enter GROUPNAME   : tuser
Enter USERID      : 2000
Enter USERNAME    : tuser
Enter USER HOME DIRECTORY ( Or hit enter for /home/tuser ): /data/tuser
Enter USERSHELL   : /usr/lib/sftp-server
Enter USERCOMMENT : 
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully
 
User:tuser:x:2000:2000::/data/tuser:/usr/lib/sftp-server

Group:tuser:x:2000:

tuser home Dir /data/tuser long listing:
total 24
4 drwxr-xr-x 3 tuser tuser 4096 May  7 09:39 .
4 drwxr-xr-x 5 root  root  4096 May  7 09:25 ..
4 -rw-r--r-- 1 tuser tuser  220 May  7 09:39 .bash_logout
4 -rw-r--r-- 1 tuser tuser 3184 May  7 09:39 .bashrc
4 -rw-r--r-- 1 tuser tuser  675 May  7 09:39 .profile

.

Get Rid off the user files, tuser is going to become an sftp user.

# rm /data/tuser/.bash*
# rm /data/tuser/.profile

Add the sftp-server shell to /etc/shells

# echo '/usr/lib/stfp-server' >> /etc/shells

Make sure that the following exists in /etc/ssh/sshd_config

#grep sftp /etc/ssh/sshd_config 
Subsystem sftp /usr/lib/openssh/sftp-server

If not, add it.

Test the sftp server and the tuser account.

# echo "blahblahtest" > /data/tuser/blah
# chown tuser.tuser /data/tuser/blah

Log in to the sftp server from another host in the network.

$ sftp tuser@10.33.5.3
Connecting to 10.3.57.3...
The authenticity of host '10.33.5.3 (10.33.5.3)' can't be established.
RSA key fingerprint is dc:22:6c:c5:ed:44:9b:32:38:04:c2:65:8f:7f:dc:58.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.33.5.3' (RSA) to the list of known hosts.
tuser@10.33.5.3's password: 
sftp> pwd
Remote working directory: /data/tuser
sftp> get ./blah blah-copy
Fetching /data/tuser/./blah to blah-copy
/data/tuser/./blah                                                                           100%   13     0.0KB/s   00:00   
sftp> bye

Install transmission-daemon.

# apt-get install transmission-daemon

Configure transmission-daemon

# mkdir /data/tuser/torrents
# mkdir /data/tuser/torrents/incomplete
# usermod -a -G debian-transmission tuser
# chown -R tuser.debian-transmission /data/tuser/torrents/
# chmod -R 775 /data/tuser/torrents/

# cp /etc/transmission-daemon/settings.json /etc/transmission-daemon/settings.json.0
# vi /etc/transmission-daemon/settings.json

You will have to change at least "rpc-password" , "incomplete-dir" , "download-dir" ,
"incomplete-dir-enabled" and "rpc-whitelist-enabled" xor "rpc-whitelist"

To reload the transmission-daemon configuration file.

# invoke-rc.d transmission-daemon reload

Test it by logging in http://host:9091.
ooups ...
it says something about no permissions when I am trying to open-upload a torrent file.

# chmod 775 /data/tuser/torrents/
# chmod 775 /data/tuser/torrents/incomplete

Test again.
OK, it works.

If the transmission daemon sits on a host in your LAN you may want to use samba ,
samba on debian based systems

A simple Web Clock

I was asked around the same time from family members and a good friend in the Athens Wireless Metropolitan Network AWMN to make an accurate web-clock with large numbers.

Hence, this simple web clock , good to put on an NTP synchronized web-server.

To get it

wget http://kod.ipduh.com/lib/clock.pl

An example apache configuration file

<VirtualHost 10.21.241.4:80>
        DocumentRoot "/var/www/clock.ipduh.awmn/www/"
        ServerName  clock.ipduh.awmn
        ScriptAlias /cgi-bin2/ "/var/www/clock.ipduh.awmn/www/"
        AddHandler cgi-script .pl

<Directory "/var/www/clock.ipduh.awmn/www">
        AllowOverride None
        Options       ExecCGI
        Order         allow,deny
        Allow         from all 
        DirectoryIndex index.pl index.html index.htm
</Directory>

ErrorLog  "|/usr/sbin/rotatelogs /var/www/clock.ipduh.awmn/logs/error/clock.ipduh.awmn-error_log.%Y%m%d 86400"
CustomLog "|/usr/sbin/rotatelogs /var/www/clock.ipduh.awmn/logs/access/clock.ipduh.awmn-access_log.%Y%m%d 86400" combined

</VirtualHost>

The Clock

#!/usr/bin/perl

#g0 2013 a simple web clock
#http://alog.ipduh.com/2013/05/a-simple-web-clock.html

use strict;
use POSIX qw(strftime);
my $date = strftime "%a %b %e %Y" , localtime;
my $hour = strftime "%H" , localtime;
my $min = strftime "%M" , localtime;
my $sec = strftime "%S" , localtime;
my $epoch=time();

print <<"PAGE";
Content-type: text/html \n\n <!doctype html> <html>
<head>    
<title> clock </title>
<meta  http-equiv='refresh' content='15'>

<style>
.clock { font-family: monospace , Arial ; font-size: 6em; }
.little { padding-left: 0px; font-family:  monospace; font-size: .9em; }
a.goto:link { color:#000000; text-decoration:underline; }
a.goto:visited { color:#000000; text-decoration:underline; }
a.goto:hover {color:#000000;text-decoration:none;background:yellow;}
a.goto:active {color:#00FF00;text-decoration:none;background:yellow;}
</style>
<script type='text/javascript'>
setInterval(tick,1000);

function tick() {
 if(document.getElementById("min").innerHTML == 59 && document.getElementById("sec").innerHTML == 59 ){
  document.getElementById("hour").innerHTML = document.getElementById("hour").innerHTML - 1 + 2;
  document.getElementById("min").innerHTML = 0;
  document.getElementById("sec").innerHTML = 0;
 }
 else if(document.getElementById("sec").innerHTML == 59 ){
  document.getElementById("min").innerHTML = document.getElementById("min").innerHTML - 1 + 2;
  document.getElementById("sec").innerHTML = 0;
 }else{
         document.getElementById("sec").innerHTML = document.getElementById("sec").innerHTML - 1 + 2;
 }
 
 //it will be funny for a dousin of seconds after 1 am --g0
 
}

</script>
</head>
<body>
<center>
<p class=clock>
<span id='hour'>$hour</span>:<span id='min'>$min</span>:<span id='sec'>$sec</span>
</p>
<p class=little> &copy; $date  
<a href="http://ipduh.com/epoch/?$epoch" class=goto>$epoch</a> 
<a class=goto href=http://alog.ipduh.com/2013/05/a-simple-web-clock.html>source</a>
</center>
</body> </html>
PAGE

Harden Internet Facing RouterOS Routers

My Notes on Hardening Internet Facing RouterOS powered Routers.

Disable The Bandwidth Test Server.
Some folks leave it on and many folks are enabling authentication.
If the Router is of any importance shut down the BTest daemon and if you ever need it enable it for-as-long-as-you-use-it with authentication on.

/tool bandwidth-server print 
                  enabled: yes
             authenticate: no
  allocate-udp-ports-from: 2000
             max-sessions: 100

/tool bandwidth-server set enabled=no

Add two users with full rights, delete or disable the admin account.
Optionally, constrict the ip space the administrators can login from.

/user add name=dadmin0 password=somepassword group=full address=10.0.0.0/8
/user add name=dadmin1 password=somepassword group=full address=10.0.0.0/8
/user disable admin

Disable telnet and www access.
You may need ftp for getting your backups,
when you need it enable it or constrict access to it.

/ip service disable telnet
/ip service disable www
/ip service disable ftp

If you don't use the api and www-ssl disable them.

/ip service disable www-ssl
/ip service disable api

You could constrict access to the ssh and winbox daemons.
You could add some port knocking rules. However, a firewall will reduce your router's pps rate --it should not matter for low capacity links eg. an ADSL connection. If you are absolutely paranoid about security and access to a router; disable winbox, enable port knocking and import ssh keys for the router administrators.

Change the port in which the ssh daemon listens.

/ip service set ssh port=666

Configure NTP clock synchronization.

/system clock set time-zone-name=Etc/GMT+2
/system ntp client set enabled=yes primary-ntp=10.21.241.4 secondary-ntp=10.3.57.3 mode=unicast

Send info,critical,warning,error logs to the 'memory` and a `remote` syslog server.

/system logging set 0 topics=info,critical,warning,error action=remote
/system logging set 1 topics=info,critical,error action=memory

It would be nice, but it does not work --at least not for me. Even though it looks like it worked on winbox it does not. I had to add a topic per rule. ( version-5.20 ). These categories may overlap ... hmm anyways ...

So ... Send info logs to the 'memory` and a `remote` syslog server.

/system logging action> set 3 bsd-syslog=yes name=remote remote=10.21.241.4 remote-port=514 src-address=0.0.0.0 syslog-facility=local0 syslog-severity=auto target=remote

3 above refers to the logging action number and the 0 refers to the logging rule number.


List the logging actions.

/system logging action print 
Flags: * - default 
 #   NAME                                                                                        TARGET REMOTE                                                                                                                       
 0 * memory                                                                                      memory
 1 * disk                                                                                        disk  
 2 * echo                                                                                        echo  
 3 * remote                                                                                      remote 10.21.241.4           

List the logging rules

/system logging print 
Flags: X - disabled, I - invalid, * - default 
 #    TOPICS                                                             ACTION                                                             PREFIX    
 0  * info                                                               remote                                                                       
 1  * info                                                               memory                                                                       
 2  * warning                                                            memory                                                                       
 3  * critical                                                           echo                                                                                                                  echo          

Increase the number of logging lines kept in memory.

/system logging action set 0 memory-lines=400 memory-stop-on-full=no name=memory target=memory

Disable remote requests to the DNS forwarder-cache.

/ip dns set allow-remote-requests=no

Good Enough Computer Security is equal to life-experience + CS-skills + imagination + common-sense + a bit of paranoia.

Add hard work, commitment , and discomfort to the list above and you may get Good Security.

Search is not AI and it is hard to get crowdsourcing right

Searching for strings of chars is not AI , and it is tough to get crowdsoursing right

eg.

"

This is a warning message to alert you that there is action required to bring your AdSense account into compliance with our AdSense program policies. We’ve provided additional details below, along with the actions to be taken on your part.

Issue ID#: FAB0B0

Affected website: ipduh.com

Example page where violation occurred: http://ipduh.com/dns/?%E0%B8%94%E0%B8%B9%E0%B8%87%E0%B9%88%E0%B8%B2%E0%B8%A2%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%95%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B9%82%E0%B8%AB%E0%B8%A5%E0%B8%94.blogspot.com

Action required: Please make changes to your site within 72 hours.

Current account status: Active

Violation explanation

​ AdSense publishers may not display Google ads on webpages with content protected by copyright law unless they have the necessary legal rights to display that content. This includes sites that display copyrighted material, sites hosting copyrighted files, or sites that provide links driving traffic to sites that contain copyrighted material.

Examples of copyrighted content which may require legal rights in order to be displayed include, but are not limited to:

Television shows, movies, and audio files Access to streaming cable or satellite television Books and/or e-books Video games Images.

If you did not create the content yourself or if you created it using other peoples’ content as source material then you should ask yourself if you have a license or if an exception applies. For more information about potentially infringing content, please review our program policies and these tips from the policy team about avoiding copyright infringement.

"

Huh?

yet another software RAID debian

Notes taken while I was converting an 1 hard drive system to a 4 hard drives system with software RAID Arrays.

• 2 x 1TB hard drives contributing one partition each to a software RAID 1 array and contributing one swap partition each to the system.
• 2 x 3TB hard drives contributing two partitions each to software RAID 1 Arrays.

The system:

# cat /etc/issue /etc/debian_version
Debian GNU/Linux 6.0 \n \l

6.0.7
# uname -r
2.6.32-5-amd64

Install the Multiple Devices MD --Linux Software RAID Array-- Manager

# apt-get install mdadm

Check out the disk used by the System.

# fdisk -l

Disk /dev/sda: 1000.2 GB, 1000204886016 bytes
255 heads, 63 sectors/track, 121601 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x000a8440

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1      121133   972993536   83  Linux
/dev/sda2          121133      121602     3766273    5  Extended
/dev/sda5          121133      121602     3766272   82  Linux swap / Solaris

OK, shut it down and add the other ~ 1TB disk

Look at the disks

# sfdisk -l

Disk /dev/sda: 121601 cylinders, 255 heads, 63 sectors/track
Warning: extended partition does not start at a cylinder boundary.
DOS and Linux will interpret the contents differently.
Units = cylinders of 8225280 bytes, blocks of 1024 bytes, counting from 0

   Device Boot Start     End   #cyls    #blocks   Id  System
/dev/sda1   *      0+ 121132- 121133- 972993536   83  Linux
/dev/sda2     121132+ 121601-    469-   3766273    5  Extended
/dev/sda3          0       -       0          0    0  Empty
/dev/sda4          0       -       0          0    0  Empty
/dev/sda5     121132+ 121601-    469-   3766272   82  Linux swap / Solaris

Disk /dev/sdb: 121601 cylinders, 255 heads, 63 sectors/track

sfdisk: ERROR: sector 0 does not have an msdos signature
 /dev/sdb: unrecognized partition table type
No partitions found

Copy the partition table of /dev/sda to /dev/sdb

# sfdisk -d /dev/sda | sfdisk --force /dev/sdb

List all logical drives on all hard drives

# sfdisk -l

Disk /dev/sda: 121601 cylinders, 255 heads, 63 sectors/track
Warning: extended partition does not start at a cylinder boundary.
DOS and Linux will interpret the contents differently.
Units = cylinders of 8225280 bytes, blocks of 1024 bytes, counting from 0

   Device Boot Start     End   #cyls    #blocks   Id  System
/dev/sda1   *      0+ 121132- 121133- 972993536   83  Linux
/dev/sda2     121132+ 121601-    469-   3766273    5  Extended
/dev/sda3          0       -       0          0    0  Empty
/dev/sda4          0       -       0          0    0  Empty
/dev/sda5     121132+ 121601-    469-   3766272   82  Linux swap / Solaris

Disk /dev/sdb: 121601 cylinders, 255 heads, 63 sectors/track
Warning: extended partition does not start at a cylinder boundary.
DOS and Linux will interpret the contents differently.
Units = cylinders of 8225280 bytes, blocks of 1024 bytes, counting from 0

   Device Boot Start     End   #cyls    #blocks   Id  System
/dev/sdb1   *      0+ 121132- 121133- 972993536   83  Linux
/dev/sdb2     121132+ 121601-    469-   3766273    5  Extended
/dev/sdb3          0       -       0          0    0  Empty
/dev/sdb4          0       -       0          0    0  Empty
/dev/sdb5     121132+ 121601-    469-   3766272   82  Linux swap / Solaris

Set /dev/sdb1 0x ID to 0xfd ( Linux RAID Auto )

# sfdisk --change-id /dev/sdb 1 fd

# sfdisk -l /dev/sdb

Disk /dev/sdb: 121601 cylinders, 255 heads, 63 sectors/track
Warning: extended partition does not start at a cylinder boundary.
DOS and Linux will interpret the contents differently.
Units = cylinders of 8225280 bytes, blocks of 1024 bytes, counting from 0

   Device Boot Start     End   #cyls    #blocks   Id  System
/dev/sdb1   *      0+ 121132- 121133- 972993536   fd  Linux raid autodetect
/dev/sdb2     121132+ 121601-    469-   3766273    5  Extended
/dev/sdb3          0       -       0          0    0  Empty
/dev/sdb4          0       -       0          0    0  Empty
/dev/sdb5     121132+ 121601-    469-   3766272   82  Linux swap / Solaris

Overwrite with zeros MD superblocks --remains of RAID Arrays-- if any.

# mdadm --zero-superblock --force /dev/sdb1

Create a RAID 1 Array of 2 logical disks using the v0.90 superblock format

# mdadm --create /dev/md0 --level=1 --metadata=0 --raid-disks=2 missing  /dev/sdb1
mdadm: array /dev/md0 started.

"The version-0.90 superblock limits the number of component devices within an array to 28, and limits each component device to a maximum size of 2TB on kernel version <3.1 and 4TB on kernel version >=3.1." The version-0.90 Superblock Format

Look at proc

# cat /proc/mdstat 
Personalities : [raid1] 
md0 : active raid1 sdb1[1]
      972993472 blocks [2/1] [_U]
      
unused devices: 

Create an ext3 file-system on the Multiple Devices MD device /dev/md0

# mkfs.ext3 -v -m .1 -b 4096 -E stride=32,stripe-width=64 /dev/md0

with stripe-width=64 , it should not matter in RAID 1 Arrays.

Options explained:
     The first command makes a ext3 filesystem
     -v verbose
     -m .1 leave .1% of disk to root 
     -b 4096 block size of 4kb (recommended above for large-file systems)
     -E stride=32,stripe-width=64 see below calculation

RAID wiki

Backup mdadm.conf

# cp /etc/mdadm/mdadm.conf /etc/mdadm/mdadm.conf.0

Delete ARRAY definitions from /etc/mdadm/mdadm.conf

# grep -v ARRAY /etc/mdadm/mdadm.conf >> /etc/mdadm/mdadm.conf

Update /etc/mdadm/mdadm.conf

# mdadm --examine --scan >> /etc/mdadm/mdadm.conf

Mount md0

# mkdir /mnt/md0
# mount /dev/md0 /mnt/md0/

Save /etc/fstab for historical reasons

# cp /etc/fstab /etc/fstab.0

Remove or comment out lines starting with UUID or /dev/sd* from /etc/fstab
and make /etc/fstab look like the following.

# grep -v "#" /etc/fstab
proc            /proc           proc    defaults        0       0
/dev/md0         /              ext3    errors=remount-ro 0       1
/dev/sda5 swap  swap defaults,pri=1   0  0
/dev/sdb5 swap  swap defaults,pri=1   0  0

Swapping on RAID

Configure the bootloader --Grub2

# cp /etc/grub.d/40_custom /etc/grub.d/08_raid1
# vi /etc/grub.d/08_raid1

Here is my /etc/grub.d/08_raid1 :

#!/bin/sh
exec tail -n +3 $0
# This file provides an easy way to add custom menu entries.  Simply type the
# menu entries you want to add after this comment.  Be careful not to change
# the 'exec tail' line above.
menuentry 'Debian GNU/Linux, with Linux 2.6.32-5-amd64 raid1' --class debian --class gnu-linux --class gnu --class os {
        insmod raid
        insmod mdraid
        insmod part_msdos
        insmod ext2
        set root='(md0)'
        echo    'Loading Linux 2.6.32-5-amd64 ...'
        linux   /boot/vmlinuz-2.6.32-5-amd64 root=/dev/md0 ro  quiet
        echo    'Loading initial ramdisk ...'
        initrd  /boot/initrd.img-2.6.32-5-amd64
}

Un-comment or add

GRUB_DISABLE_LINUX_UUID=true

at /etc/default/grub

Replace /dev/sda with /dev/md0 in /etc/mtab
and delete the line showing /dev/md0 mount on /mnt/md0

Update grub.cfg

# grub-mkconfig -o /boot/grub/grub.cfg 

Update the initramfs image

# update-initramfs -u

Copy the System to /dev/md0

# cp -dpRx / /mnt/md0

Install grub on all drives.

# grub-install /dev/sdb
# grub-install /dev/sda

Cross your fingers and reboot

# shutdown -r now

OK, the system came up as expected.
Check proc

# cat /proc/mdstat 
Personalities : [raid1] 
md0 : active raid1 sdb1[1]
      972993472 blocks [2/1] [_U]
      
unused devices: 

Set /dev/sda1 0x ID to 0xfd ( Linux RAID Auto )

# sfdisk --change-id /dev/sda 1 fd

List all partitions on all drives

# sfdisk -l

Disk /dev/sda: 121601 cylinders, 255 heads, 63 sectors/track
Warning: extended partition does not start at a cylinder boundary.
DOS and Linux will interpret the contents differently.
Units = cylinders of 8225280 bytes, blocks of 1024 bytes, counting from 0

   Device Boot Start     End   #cyls    #blocks   Id  System
/dev/sda1   *      0+ 121132- 121133- 972993536   fd  Linux raid autodetect
/dev/sda2     121132+ 121601-    469-   3766273    5  Extended
/dev/sda3          0       -       0          0    0  Empty
/dev/sda4          0       -       0          0    0  Empty
/dev/sda5     121132+ 121601-    469-   3766272   82  Linux swap / Solaris

Disk /dev/sdb: 121601 cylinders, 255 heads, 63 sectors/track
Warning: extended partition does not start at a cylinder boundary.
DOS and Linux will interpret the contents differently.
Units = cylinders of 8225280 bytes, blocks of 1024 bytes, counting from 0

   Device Boot Start     End   #cyls    #blocks   Id  System
/dev/sdb1   *      0+ 121132- 121133- 972993536   fd  Linux raid autodetect
/dev/sdb2     121132+ 121601-    469-   3766273    5  Extended
/dev/sdb3          0       -       0          0    0  Empty
/dev/sdb4          0       -       0          0    0  Empty
/dev/sdb5     121132+ 121601-    469-   3766272   82  Linux swap / Solaris

Disk /dev/md0: 243248368 cylinders, 2 heads, 4 sectors/track

sfdisk: ERROR: sector 0 does not have an msdos signature
 /dev/md0: unrecognized partition table type
No partitions found

Add /dev/sda1 to the RAID 1 md0

# mdadm --add /dev/md0 /dev/sda1
mdadm: added /dev/sda1

Check proc mdstat

# cat /proc/mdstat 
Personalities : [raid1] 
md0 : active raid1 sda1[2] sdb1[1]
      972993472 blocks [2/1] [_U]
      [>....................]  recovery =  0.4% (4773696/972993472) finish=144.5min speed=111602K/sec
      
unused devices: 

Check load

22:53:31 up 20 min,  1 user,  load average: 0.66, 0.19, 0.06

Not (very) bad ;)

Wait for the raid array to sync.

root@bob:~# cat /proc/mdstat 
Personalities : [raid1] 
md0 : active raid1 sda1[2] sdb1[1]
      972993472 blocks [2/1] [_U]
      [===========>.........]  recovery = 56.1% (546131776/972993472) finish=74.2min speed=95857K/sec
      
unused devices: 

Done.

# cat /proc/mdstat 
Personalities : [raid1] 
md0 : active raid1 sda1[0] sdb1[1]
      972993472 blocks [2/2] [UU]
      
unused devices: 

Test! What if I take off /dev/sdb ?

# shutdown -h now

take of /dev/sdb and boot

It came up fine :) , check proc

# cat /proc/mdstat 
Personalities : [raid1] 
md0 : active raid1 sda1[0]
      972993472 blocks [2/1] [U_]
      
unused devices: 

(

Yet another not-very-cheap way for a technician
to hide 'some' tracks (I think)
in a dedicated server farm.

• shutdown the system
• take off drive a
• do crap
• shutdown the system, take off drive b , put in drive a , boot
• shutdown the system, put in drive b, and let them sync

)

Back to business ...

• shutdown the system
• put in sdb
• and boot

It came up fine, check proc

# cat /proc/mdstat 
Personalities : [raid1] 
md0 : active raid1 sda1[0]
      972993472 blocks [2/1] [U_]
      
unused devices: 

Add /dev/sdb to the RAID array

# mdadm --add /dev/md0 /dev/sdb1

Check proc

# cat /proc/mdstat 
Personalities : [raid1] 
md0 : active raid1 sdb1[2] sda1[0]
      972993472 blocks [2/1] [U_]
      [>....................]  recovery =  3.6% (35851584/972993472) finish=145.8min speed=107124K/sec
      
unused devices: 

OK, Let 's create the "DATA" arrays.

• shutdown the system
• put in the 3TB hard drives
• Set on BIOS to boot only from /dev/sda and /dev/sdb
• boot

OK the system came up.
Check out proc

# cat /proc/mdstat 
Personalities : [raid1] 
md0 : active raid1 sda1[0] sdb1[2]
      972993472 blocks [2/1] [U_]
      [>....................]  recovery =  0.0% (449280/972993472) finish=15694.6min speed=1032K/sec
      
unused devices: 

List all logical and physical disks

# sfdisk -l

Disk /dev/sda: 121601 cylinders, 255 heads, 63 sectors/track
Warning: extended partition does not start at a cylinder boundary.
DOS and Linux will interpret the contents differently.
Units = cylinders of 8225280 bytes, blocks of 1024 bytes, counting from 0

   Device Boot Start     End   #cyls    #blocks   Id  System
/dev/sda1   *      0+ 121132- 121133- 972993536   fd  Linux raid autodetect
/dev/sda2     121132+ 121601-    469-   3766273    5  Extended
/dev/sda3          0       -       0          0    0  Empty
/dev/sda4          0       -       0          0    0  Empty
/dev/sda5     121132+ 121601-    469-   3766272   82  Linux swap / Solaris

Disk /dev/sdb: 121601 cylinders, 255 heads, 63 sectors/track
Warning: extended partition does not start at a cylinder boundary.
DOS and Linux will interpret the contents differently.
Units = cylinders of 8225280 bytes, blocks of 1024 bytes, counting from 0

   Device Boot Start     End   #cyls    #blocks   Id  System
/dev/sdb1   *      0+ 121132- 121133- 972993536   fd  Linux raid autodetect
/dev/sdb2     121132+ 121601-    469-   3766273    5  Extended
/dev/sdb3          0       -       0          0    0  Empty
/dev/sdb4          0       -       0          0    0  Empty
/dev/sdb5     121132+ 121601-    469-   3766272   82  Linux swap / Solaris

WARNING: GPT (GUID Partition Table) detected on '/dev/sdd'! The util sfdisk doesn't support GPT. Use GNU Parted.


Disk /dev/sdd: 364801 cylinders, 255 heads, 63 sectors/track
Units = cylinders of 8225280 bytes, blocks of 1024 bytes, counting from 0

   Device Boot Start     End   #cyls    #blocks   Id  System
/dev/sdd1          0+ 267349- 267350- 2147483647+  ee  GPT
  start: (c,h,s) expected (0,0,2) found (0,0,1)
/dev/sdd2          0       -       0          0    0  Empty
/dev/sdd3          0       -       0          0    0  Empty
/dev/sdd4          0       -       0          0    0  Empty

WARNING: GPT (GUID Partition Table) detected on '/dev/sdc'! The util sfdisk doesn't support GPT. Use GNU Parted.


Disk /dev/sdc: 364801 cylinders, 255 heads, 63 sectors/track
Units = cylinders of 8225280 bytes, blocks of 1024 bytes, counting from 0

   Device Boot Start     End   #cyls    #blocks   Id  System
/dev/sdc1          0+ 267349- 267350- 2147483647+  ee  GPT
  start: (c,h,s) expected (0,0,2) found (0,0,1)
/dev/sdc2          0       -       0          0    0  Empty
/dev/sdc3          0       -       0          0    0  Empty
/dev/sdc4          0       -       0          0    0  Empty

Disk /dev/md0: 243248368 cylinders, 2 heads, 4 sectors/track

sfdisk: ERROR: sector 0 does not have an msdos signature
 /dev/md0: unrecognized partition table type
No partitions found

Partition the /dev/sdc hard drive

# parted /dev/sdc
GNU Parted 2.3
Using /dev/sdc
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) mklabel gpt
Warning: The existing disk label on /dev/sdc will be destroyed and all data on this disk will be lost. Do you want to continue?
Yes/No? yes                                                               
(parted) mkpart data00 0GB 1501GB                                         
(parted) mkpart data01 1502BG 3001GB
Warning: You requested a partition from 1024B to 3001GB.                  
The closest location we can manage is 17.4kB to 1048kB.
Is this still acceptable to you?
Yes/No? no                                                                
(parted) quit                                                             
Information: You may need to update /etc/fstab.                           
  

Now, I could use parted again to partition /dev/sdd.
However, I really want to try to clone GPT disks with gdisk --GPT fdisk.
For debian GPT fdisk, currently is found in sid.

Install gdisk

# echo "deb http://ftp.it.debian.org/debian sid main" >> /etc/apt/sources.list
# apt-get update
# apt-get install gdiskgdisk
GPT fdisk (gdisk) version 0.8.5

Type device filename, or press  to exit: 
#

Not bad, at this moment the latest GPT fdisk version is 0.8.6.

Comment out the ftp.it.debian.org repository, add a squeeze repository and

# apt-get update

sgdisk is part of GPT fdisk --gdisk.
Copy the partition scheme of sdc to sdd and change the GUID on /dev/sdd.

# sgdisk -R=/dev/sdd /dev/sdc
The operation has completed successfully.
#  sgdisk -G /dev/sdd
The operation has completed successfully.

excerpt from the sgdisk man page.

-R, --replicate=second_device_filename
              Replicate the main device's partition table on the specified second device.  Note that the replicated partition table is
              an  exact copy, including all GUIDs; if the device should have its own unique GUIDs, you should use the -G option on the
              new disk.

List all logical and physical disks.

# parted -l
Model: ATA WDC WD1002FAEX-0 (scsi)
Disk /dev/sda: 1000GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos

Number  Start   End     Size    Type      File system     Flags
 1      1049kB  996GB   996GB   primary   ext3            boot, raid
 2      996GB   1000GB  3857MB  extended
 5      996GB   1000GB  3857MB  logical   linux-swap(v1)


Model: ATA WDC WD1002FAEX-0 (scsi)
Disk /dev/sdb: 1000GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos

Number  Start   End     Size    Type      File system  Flags
 1      1049kB  996GB   996GB   primary   ext3         boot, raid
 2      996GB   1000GB  3857MB  extended
 5      996GB   1000GB  3857MB  logical


Model: ATA WDC WD30EFRX-68A (scsi)
Disk /dev/sdc: 3001GB
Sector size (logical/physical): 512B/4096B
Partition Table: gpt

Number  Start   End     Size    File system  Name    Flags
 1      1049kB  1501GB  1501GB               data00
 2      1502GB  3001GB  1499GB               data01


Model: ATA WDC WD30EFRX-68A (scsi)
Disk /dev/sdd: 3001GB
Sector size (logical/physical): 512B/4096B
Partition Table: gpt

Number  Start   End     Size    File system  Name    Flags
 1      1049kB  1501GB  1501GB               data00
 2      1502GB  3001GB  1499GB               data01


Model: Linux Software RAID Array (md)
Disk /dev/md0: 996GB
Sector size (logical/physical): 512B/512B
Partition Table: loop

Number  Start  End    Size   File system  Flags
 1      0.00B  996GB  996GB  ext3

Set the raid flag to true on all logical partitions of /dev/sdc.

# parted /dev/sdc
GNU Parted 2.3
Using /dev/sdc
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) print                                                            
Model: ATA WDC WD30EFRX-68A (scsi)
Disk /dev/sdc: 3001GB
Sector size (logical/physical): 512B/4096B
Partition Table: gpt

Number  Start   End     Size    File system  Name    Flags
 1      1049kB  1501GB  1501GB               data00
 2      1502GB  3001GB  1499GB               data01

(parted) set 1 raid on                                                    
(parted) set 2 raid on
(parted) print
Model: ATA WDC WD30EFRX-68A (scsi)
Disk /dev/sdc: 3001GB
Sector size (logical/physical): 512B/4096B
Partition Table: gpt

Number  Start   End     Size    File system  Name    Flags
 1      1049kB  1501GB  1501GB               data00  raid
 2      1502GB  3001GB  1499GB               data01  raid

(parted) quit                                                             
Information: You may need to update /etc/fstab.    

Set the raid flag to true on all logical partition of /dev/sdd.

# parted /dev/sdd
GNU Parted 2.3
Using /dev/sdd
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) print                                                            
Model: ATA WDC WD30EFRX-68A (scsi)
Disk /dev/sdd: 3001GB
Sector size (logical/physical): 512B/4096B
Partition Table: gpt

Number  Start   End     Size    File system  Name    Flags
 1      1049kB  1501GB  1501GB               data00
 2      1502GB  3001GB  1499GB               data01

(parted) set 1 raid on
(parted) set 2 raid on                                                    
(parted) print                                                            
Model: ATA WDC WD30EFRX-68A (scsi)
Disk /dev/sdd: 3001GB
Sector size (logical/physical): 512B/4096B
Partition Table: gpt

Number  Start   End     Size    File system  Name    Flags
 1      1049kB  1501GB  1501GB               data00  raid
 2      1502GB  3001GB  1499GB               data01  raid

(parted) quit                                                             
Information: You may need to update /etc/fstab.

Look the partitions in proc

# cat /proc/partitions 
major minor  #blocks  name

   8        0  976762584 sda
   8        1  972993536 sda1
   8        2          1 sda2
   8        5    3766272 sda5
   8       16  976762584 sdb
   8       17  972993536 sdb1
   8       18          1 sdb2
   8       21    3766272 sdb5
   8       48 2930266584 sdd
   8       49 1465819136 sdd1
   8       50 1463469056 sdd2
   8       32 2930266584 sdc
   8       33 1465819136 sdc1
   8       34 1463469056 sdc2
   9        0  972993472 md0

Create the md1 data00 raid 1 Array.

# mdadm --create /dev/md1 --level=1 --metadata=0 --raid-disks=2 /dev/sdc1 /dev/sdd1
mdadm: array /dev/md1 started.

Format /dev/md1

# mkfs.ext3 -v -m .1 -b 4096 -E stride=32,stripe-width=64 /dev/md1

Create the md2 data01 raid 1 Array

#  mdadm --create /dev/md2 --level=1 --metadata=0 --raid-disks=2 /dev/sdc2 /dev/sdd2
mdadm: array /dev/md2 started.

Format /dev/md2

# mkfs.ext3 -v -m .1 -b 4096 -E stride=32,stripe-width=64 /dev/md2

Update mdadmn.conf

# mdadm --examine --scan >> /etc/mdadm/mdadm.conf
# vi /etc/mdadm/mdadm.conf

delete multiple ARRAY definitions

Create mount points and update /etc/fstab

# mkdir /data00
# mkdir /data01
# vi /etc/fstab

This is how my /etc/fstab looks like

# grep -v "#" /etc/fstab
proc            /proc           proc    defaults        0       0
/dev/md0         /              ext3    errors=remount-ro 0       1
/dev/sda5 swap  swap defaults,pri=1   0  0
/dev/sdb5 swap  swap defaults,pri=1   0  0
/dev/md1         /data00        ext3    errors=remount-ro 0       1
/dev/md2         /data01        ext3    errors=remount-ro 0       1

Look at /proc/mdstat

# cat /proc/mdstat 
Personalities : [raid1] 
md2 : active raid1 sdd2[1] sdc2[0]
      1463468992 blocks [2/2] [UU]
       resync=DELAYED
      
md1 : active raid1 sdd1[1] sdc1[0]
      1465819072 blocks [2/2] [UU]
      [=>...................]  resync =  6.8% (100567936/1465819072) finish=172.6min speed=131767K/sec
      
md0 : active raid1 sda1[0] sdb1[1]
      972993472 blocks [2/2] [UU]
      
unused devices: 

# reboot

The system came up fine
Loot at what is mounted and filesystem usage.

# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/md0              914G  1.6G  911G   1% /
tmpfs                 943M     0  943M   0% /lib/init/rw
udev                  936M  168K  936M   1% /dev
tmpfs                 943M     0  943M   0% /dev/shm
/dev/md1              1.4T  198M  1.4T   1% /data00
/dev/md2              1.4T  198M  1.4T   1% /data01

Look at mdstat

# cat /proc/mdstat 
Personalities : [raid1] 
md2 : active raid1 sdc2[0] sdd2[1]
      1463468992 blocks [2/2] [UU]
       resync=DELAYED
      
md1 : active raid1 sdc1[0] sdd1[1]
      1465819072 blocks [2/2] [UU]
      [=>...................]  resync =  8.6% (127094592/1465819072) finish=168.6min speed=132290K/sec
      
md0 : active raid1 sda1[0] sdb1[1]
      972993472 blocks [2/2] [UU]
      
unused devices: 

Look the load

# w
 21:24:43 up 1 min,  1 user,  load average: 2.17, 0.75, 0.27

ouch! I 'll keep you posted on that.

Done!