Monitoring Dell Poweredge 2850 RAID status over SNMP
This took me a while to figure out, so I thought I'd quickly document it.
In our PE2850, we have a 'Dell PowerEdge Expandable RAID Controller 4e/Si'. To check the status of the disks, you'll need to fetch megarc from LSI. Download this file onto the server with the RAID card, and also download check_lsi_megaraid. You'll need to slightly modify check_lsi_megaraid , it prints out things like 'RAID OK:' and 'RAID WARNING:', change these to just say 'OK', and 'WARNING', and obviously update the others too. Notice there's no : in my version.
This script takes about 3 seconds to run, and should produce the following output.
# ./check_lsi_megaraid OK All arrays OK [1 array checked on 1 controller]
I didn't want SNMP to block whlist waiting for this script to run, so I used cron to run it every minute, and throw it's output into a temp file. In /etc/crontab I have this:
* * * * * root /root/mega/check_lsi_megaraid > /tmp/raid-status
In snmpd.conf, I then put this:
extend raid-status /bin/cat /tmp/raid-status
Restart your snmpd server, and follow these instructions for configuring nagios.
See also: Monitoring Dell SAS 5iR RAID
Symfony security concerns and other issues
First, I'm going to point out that I do love symfony - I'm mostly happy with it, and I'm a active member of the community. I certainly appreciate the effort put in by Fabien and everyone else who's worked on the symfony project - it's a fantastic achievement. However, there's a couple of things which really wind me up, and I'm concerned things aren't going to change.
One thing that's been pointed out several times in the past is that the symfony website is very unreliable. I personally found the hosting so unstable I setup a SVN mirror - and there's been requests for an offical symfony mirror. This request however went unanswered. Does it matter if the symfony site goes down? Personally I think it matters, both for Sensio and for symfony. If Sensio can't keep the symfony site itself running, doesn't that set a bad image for the project? It also sets a really bad image for Sensio themselves - if they can't maintain a site's uptime - would you want to use them for consultancy for your own projects?
My other main concern is the way security is handled. Today I noticed that Ticket #1617 had been closed in SVN logs. This security issue has been open for a year! Also, I reported this issue over 2 years ago. There was no 'official' security advisory made about this - nor other issues that have occurred.
In my opinion, mentioning these security issues just in the revision log, or the blog is not enough. There should be mails to the dev/user list - and a security procedure in place to handle issues. In the past someone has come onto IRC and was concerned that a security issue they reported about bypassing validation using different HTTP verbs via email to Fabien personally was being ignored. I'm sure Fabien is a busy man, but the symfony website needs to have how these things are handled documented. I can't remember the outcome of this issue, and google didn't tell me much - maybe it was a non-issue, but if it wasn't - no security advisory was released.
Other security issues have been discussed, such as the security of _dev.php files, and the default permissions. These issues haven't really been addressed in my opinion - and both are what I would consider critical issues.
I accept that symfony is an open source project, and that we could fix these issues amongst the community - but I feel Sensio have an important role to place in this. Sensio understandably keep a very tight grip on the project, but in doing so they take on certain responsibilities. I would like to see more active discussion of security related issues on the dev list - with more involved responses from Sensio. I'd like to see an announce mailing list where security and release information is published. I'd like to see current security issues highlighted and made VERY clear on the main website.
I'd like a security reporting system documented and clearly linked from the ticketing system, so there's a clear channel to report security concerns, knowing they will be dealt with.
Outputting from Postgres to CSV
I can never remember how to output to a CSV file from postgres, and end up having to google it time and time again - so I'm making a note of it here mostly for my own use 
\f ',' \a \t \o /tmp/moocow.csv SELECT foo,bar FROM whatever; \o \q
If a field has newlines, this will break. You can do something like this instead.....
SELECT foo, bar, '"' || REPLACE(REPLACE(field_with_newilne, '\n', '\\n'), '"', '""') || '"' FROM whatever;