Sunday, March 31, 2013

apf installation


1. wget http://www.rfxn.com/downloads/apf-current.tar.gz
2. tar xvzf apf-current.tar.gz
3. cd apf-9.7-1
4. ./install.sh

You must run the installation as root because configuration files are placed in /etc/. Once this is done, you will have an initscript to start APF in /etc/init.d/ and the configuration files located in /etc/apf/. The primary configuration file is /etc/apf/conf.apf.

To configure the firewall, edit /etc/apf/conf.apf. A few important variables to set include:

EGF="1" # enable outbound packet filtering
IFACE_IN="eth0" # inbound interface to filter
IFACE_OUT="eth0" # outbound interface to filter
DEVEL_MODE="1"
The DEVEL_MODE option should only be used during testing. This sets up a cronjob that runs every five minutes to disable the firewall — useful if you muck something up. When the firewall is working, you must set DEVEL_MODE=”0″. Change the IFACE_IN and IFACE_OUT ports to suit your system; on a VPS it might be “venet0″, for instance.

Next, you will need to define which ports are allowed.

There are a lot of other entries in the configuration file and it’s likely worth reading them over and tweaking as necessary. For the most part, the defined defaults are fine. The only exception is if you are using a kernel with the iptables module compiled into the kernel, rather than available as a loadable module, which is often the case for a VPS. In that case you will need to also set SET_MONOKERN=”1″ in the configuration file as well.

then /etc/init.d/apf restart

You are done!

Monday, March 25, 2013

Roundcube database error



If you found database error on roundcube then do the following
mysqldump roundcube > roundcube.sql
mysqladmin drop roundcube
mysqladmin create roundcube
mysql roundcube < /usr/local/cpanel/base/3rdparty/roundcube/SQL/mysql.initial.sql
/etc/init.d/cpanel restart

Friday, March 22, 2013

INSTALLATION OF PLESK ON ANY LINUX SERVER


Plesk is 10.2
Plesk is a leading control panel used in many hosting providers today. Plesk is avaliable for both windows and linux machine. The latest stable version of

Use the One-Click Installer utility to perform a clean installation of the Panel in one step into any Linux OS. The utility automatically determines your operating system and installs the latest version of an appropriate distributive in the typical configuration.

One-Click Installer works only on Linux OSes.

To install the Panel, run one of the following commands on behalf of the superuser:

- If you have the wget utility, run

wget -O – http://autoinstall.plesk.com/one-click-installer | sh

- If you have the curl utility, run

curl http://autoinstall.plesk.com/one-click-installer | sh

- If you have the fetch utility, run

fetch -o – http://autoinstall.plesk.com/one-click-installer | sh

SSL Certificates Installation in Plesk Administrator


Installing your Plesk Server SSL Certificate

Download the Primary, Intermediate, and Root certificate files from your DigiCert account.

Login to the Plesk Control Panel.

Select 'Domains' from the left hand menu.

Click on the domain name that the certificate is for.

Click on the 'Certificates' menu item.

You will have the option to either "Upload certificate files" or "Upload certificate as text." Either way will work fine for your purposes.

To upload the files - just click "Browse" next to the "Certificate" box and navigate to the location of the your_domain_name.crt file you received from DigiCert.

Then, next to "CA certificate", click and browse to the DigiCertCA.crt file. Select it, then select 'Send File'. This will install the certificates against their corresponding Private Key.



To Upload certificates as text - Open your_domain_name.crt and DigiCertCA.crt as text files and copy the entire body of those files into the boxes provided under "Upload certificate as text".

The your_domain_name.crt should be uploaded as the "Certificate", and the DigiCertCA.crt as the "CA Certificate".

Next, click on Server > IP Addresses, then click on the IP Address for your Web site.

Change the certificate for your site to use the new SSL Certificate you have just installed.

Click the 'Server' item from the left hand menu.

Click on the 'Service Management' menu item.

Stop and Start the WEB Server (Apache) to activate the certificate.

NOTE: Restarting Apache will NOT work. You must stop the service, then start it again to complete the installation.

Troubleshooting:

If your web site is publicly accessible, our SSL Certificate Tester tool can help you diagnose common problems.

Open a web browser and visit your site using https. It is best to test with both Internet Explorer as well as Firefox, because Firefox will give you a warning if your intermediate certificate is not installed. You should not receive any browser warnings or errors. If you immediately receive a browser message about the site not being available, then the server may not yet be listening on port 443. If your web request takes a very long time, and then times out, a firewall blocking traffic on TCP port 443 to the web server.

If you receive a "not trusted" warning, view the certificate to see if it is the certificate you expect. Check the Subject, Issuer, and Valid To fields. If the certificate is issued by DigiCert, then the Intermediate certificate is not correctly installed.

Passive FTP Plesk


To enable passive mode for FTP connections on your server:
1 Log in as “root” to the server shell over SSH.
2 Edit your ProFTPD configuration file.
a Issue the command vi /etc/proftpd.conf
b Add the following lines anywhere within the section:
PassivePorts 49152 65534
c Save the file
3 Log in to Parallels Plesk Panel as “admin”, go to Modules > Firewall, and
click Edit Firewall Configuration.
4 Click Add Custom Rule.
5 Specify the following:
a Rule name
b Direction: select Incoming.
c Action: select Allow.
d Ports: in the Add port input box, enter the value 49152-65534. Leave the TCP
option selected, and click Add.

PassivePorts 60000 65535

Changing the Plesk Administrator email address


In the Plesk Control Panel, you can set your email address for the Plesk Administrator. This address is used for all system-related messages. The address is also stored in the following files on your server, which uses the the popular qmail mail server:

/var/qmail/alias/.qmail-mailer-daemon
/var/qmail/alias/.qmail-postmaster
/var/qmail/alias/.qmail-root
Instructions

You can edit these files to change the email address as originally configured in Plesk. You can also have multiple entries. Just make sure that each address is on it's own separate line and prefixed with an "&" symbol:

&mjones@example.com
&jsmith@example.com
&jane@example.com

Add wildcard domain in Plesk


Add the * inside the dns zone file of the domain.

* IN A IP

Edit /var/www/vhosts/domainname.com/conf/vhost.conf and add the line

ServerAlias *.domainname.com

Run the following command.

/usr/local/psa/admin/bin/websrvmng -a -v

Restart apache.

View All Email Account Passwords in Plesk


On my server, I have several domains and I have corresponding email addresses for a few of them, for example: ses5909@mydomain.com, ses5909@anotherdomain.com, etc. I have come to find that in Plesk if I have a domain that has an email user named ses5909 and I need to make the same username on another domain, they are not allowed to share the same domain. So if I give ses5909@mydomain.com the password: supersneakypw, I cannot give that password to ses5909@anotherdomain, or anyone else that has the same username. This is pretty lame if you ask me. The reason for this is that mail is not handled on the domain level, but rather the username level. That is a whole other issue though.

Well today I needed to get into my mail and I wasn’t at the computer that I run my mail client on so I went to my webmail account. I couldn’t remember the password for the life of me. I tried a few that I commonly use, but no luck. So, I needed to try to find my password. I could have reset it, but I’ve resorted to this in the past and I am just tired of doing that. I needed to find a way to retrieve my password.

So, I logged into mysql as the root admin. I looked through the databases and noticed there was a psa db which I am assuming stands for Plesk Server Administration. I immediately looked for email and finally saw mail. I saw all of the usernames and a quick join with the domains table showed me which column belonged to which domain.

SELECT mail.mail_name, domains.name from mail LEFT OUTER JOIN domains ON domains.id = mail.dom_id;

But, now I needed to find the passwords for these. After some more hunting, I found the accounts table where passwords are stored in plain text. If only I didn’t have 200 to look through. So a query was in order:

SELECT accounts.id, mail.mail_name, accounts.password, domains.name FROM domains LEFT JOIN mail ON domains.id = mail.dom_id LEFT JOIN accounts ON mail.account_id = accounts.id

Domain Names can be Locked/Unlocked from your Control Panel


Domain Names can be Locked/Unlocked from your Control Panel by following the process mentioned below -

1. Login to your Control Panel and search for the domain name that you wish to Lock/Unlock. Click here to read how

2. Click on the Domain name in the search results to get to the Order details view.

3. Click on the Lock/Unlock Button

4. On the following page - * If you wish to Lock the Service, you would have to select the Check Box for Locking and click on the Update button. * For Unlocking, unselect the Check Box and click on the Update button.

Unix Plesk: Generate webserver config files


I don't believe plesk has a way to build the httpd.conf However it should be fairly easy to make it pick them up, i'd just do something like

for i in `ls /var/www/vhosts`;do echo include /var/www/vhosts/$i/conf/httpd.include;done

and chuck that in your httpd.conf (even though it doesn't store the includes there it doesn't matter). Also check /etc/httpd/conf for a backup of httpd.conf theres normally always one or two in there anyway which might save this hassle.

Fix Quota in Plesk


You can use following commands to fix quota.

quotaoff -av

mv /aquota.user /aquota.user.bak

mv /aquota.group /aquota.group.bak

quotacheck -agiuv

quotaon -av

Changing Plesk control panel default port


http://kb.swsoft.com/en/1392

SYMPTOMS
It is not recommended to change the default Plesk port, however, it can be done using the workaround as below.
RESOLUTION
From version 7.5 Plesk supports two web servers as provider for Plesk Control Panel: IIS and Apache. Depending on the type of web server one of the following ways can solve the problem:

I. Internet Information Services is used as web server for Plesk Control Panel:

When configuring Plesk on port 80 a dedicated IP address must be chosen for Plesk control panel as Plesk Control Panel uses HTTPS protocol for connection and architecture of IIS allows assigning single SSL port per IP address. By default PleskControlPanel Web site in IIS is configured to listen on port 8443 on all IP addresses. The following needs to be done to change the port:

1. Go to IIS management console

2. Find PleskControlPanel web site

3. Click on Properties

4. Click on Advanced button in Web Site tab

5. Edit SSL identity for the Web Site

6. Set IP address that you want to use and change SSL port to 443

7. Apply

II. Apache is used as web server for Plesk Control Panel:

A dedicated IP address needs to be used for Plesk Plesk Control Panel and none of domains hosted on the server. This is required to avoid conflicts with existing websites. Then edit Apache configuration file %plesk_dir%admin\conf\httpd.conf.

1. Find the line

Listen 8443

2. Replace with

Listen IP_address:443

3. Retsart Plesk Control Panel service using tray monitor.
ADDITIONAL INFORMATION
Note: In case of Plesk running on Virtuozzo Virtual Environment , port changing can lead to VZPP-Plesk integration failure.

Awstats updation in Plesk Linux


Awstats updation for one domain:

/usr/local/psa/admin/sbin/statistics --calculate-one --domain-name=domain.com

and for all accounts in a plesk server:

/usr/local/psa/admin/sbin/statistics --calculate-all

PS: Some times Awstats may break its configuration during plesk version upgradation. In such cases try to manually run stats updation script and look for the error occured and symlink the awstats.pl script as specified in the error log.

telnet Mail commands



The a4msl9ux and ZvVx9G1hcg= are the base24 encoded values of email id and its password. You can get the encoded value from the follwoing url. paste the emaild and click on "Convert the source data. Likewise password.

http://www.motobit.com/util/base64-decoder-encoder.asp



> telnet domain.com 25
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 something.fake ESMTP Sendmail 8.12.11/8.12.11/SuSE Linux 0.6; Wed, 2 Apr 2003 15:13:01 -0700
EHLO domain.com
250-something.fake Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP
AUTH LOGIN
334 VXNlcm5hbWU6
a4msl9ux
334 UGFzc3dvcmQ6
ZvVx9G1hcg==
235 2.0.0 OK Authenticated
MAIL FROM: me@domain.com
250 2.1.0 me@something.fake... Sender ok
RCPT TO: you@yourdomain.com
250 2.1.5 you@nowhere.land... Recipient ok
DATA
354 Enter mail, end with "." on a line by itself
This is a test
.
250 2.0.0 h12MD1qV026715 Message accepted for delivery
QUIT
221 2.0.0 something.fake closing connection
Connection closed by foreign host.





===========================



If no AUTH is there tyr below.

The first thing to do is to open a connection from your computer to your mail server.
telnet mail.domain.ext 25
You should receive a reply like:
Trying ???.???.???.???...
Connected to mail.domain.ext.
Escape character is '^]'.
220 mail.domain.ext ESMTP Sendmail ?version-number?; ?date+time+gmtoffset?

You will then need to delcare where you are sending the email from:
HELO local.domain.name - dont worry too much about your local domain name although you really should use your exact fully qualified domain name as seen by the outside world the mail server has no choice but to take your word for it as of RFC822-RFC1123.
This should give you:
250 mail.domain.ext Hello local.domain.name [loc.al.i.p], pleased to meet you

Now give your email address:
(On many mailservers the space after the : is required rather that optional. Thanks to Justing Goldberg)
MAIL FROM: mail@domain.ext
Should yeild:
250 2.1.0 mail@domain.ext... Sender ok
If it doesn't please see possible problems.

Now give the recipients address:
RCPT TO: mail@otherdomain.ext
Should yeild:
250 2.1.0 mail@otherdomain.ext... Recipient ok
If it doesn't please see possible problems.

To start composing the message issue the command DATA

If you want a subject for your email type Subject:-type subject here- then press enter twice (these are needed to conform to RFC 882)

You may now proceed to type the body of your message (e.g. hello mail@otherdomain.ext from mail@domain.ext)

To tell the mail server that you have completed the message enter a single "." on a line on it's own.
The mail server should reply with: 250 2.0.0 ???????? Message accepted for delivery

You can close the connection by issuing the QUIT command.
The mailserver should reply with something like:221 2.0.0 mail.domain.ext closing connection
Connection closed by foreign host.



Here are a list of problems I've encountered and their fixes
501 nouser@nosuchplace.here... Sender domain must exist
The domain that you are sending from must exist

503 Need MAIL before RCPT
A recipient has been specified before a sender.

550 mail@domain.ext... Relaying Denied

formmail installation


To install FormMail:

Download the latest version of FormMail from

http://worldwidemart.com/scripts/formmail.shtml.

Open FormMail in a text editor (such as NotePad).

Make sure the Perl path is set correctly. This information can be found on the CPanel homepage.

A typical path is: #!/usr/bin/perl

Make sure the Sendmail path is correct. This information can be found on the CPanel homepage.

A typical path is: /usr/lib/sendmail

Add you domain to the referrers.

For example: @referers = ('www.mydomain.com', '123.123.123.123')

Alter @recipients, if required. A standard setting is: @recipients = @referers Upload FormMail.pl to your

cgi-bin directory, and change the file permissions to 755. Create the form on your web page, with the following fields

form action=http://www.mydomain.com/cgi-bin/FormMail.pl

method=POST

input type=hidden

name=recipient

value=email@mydomain.com

input type=hidden

name=subject

value=Feedback from website

input type=hidden

name=redirect

value=http://www.mydomain.com/thankyou.htm

Upload the web page and test the form.

stress Test in server.


Before conducting stress test, you need check whether stress is installed in the server. If it was installed, please follow the instruction to install stress in the server.

INSTALL
=======

See the INSTALL file for generic installation instructions. The quick
version is:

Download the source from the below URL::

wget http://weather.ou.edu/~apw/projects/stress/stress-1.0.4.tar.gz

then ,

./configure && make && sudo make install

Once this is installed, you need to add the following crons in different time intervals. With in the time period of one and half hours.

**************
* * * * * stress --cpu 2 --timeout 10800s
* * * * * stress --vm 1 --vm-bytes 16000M --timeout 10800s
* * * * * stress --io 150 --timeout 10800s
* * * * * stress --hdd 20 --timeout 10800s
* * * * * stress --cpu 2 --io 40 --vm 2 --vm-bytes 8000 --hdd 20 --timeout 10800s
**************

Here the above values will change depends up on the server memory, cpu etc...

Install ffmpeg using yum


Installing FFMpeg

yum install ffmpeg ffmpeg-devel

If you get package not found, then you will need to add few lines in the yum repository for dag packages installation. Create a file named dag.repo in /etc/yum.repos.d with the following contents on it

[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag
gpgcheck=1
enabled=1

then

yum install ffmpeg ffmpeg-devel

If everything is fine, then the installation should proceed smoothly. If not you will get something like warning GPG public key missing .
Common Errors

To fix rpmforge GPG key warning:

rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm

For more information refer to this faq depending on Centos version

Missing Dependency Error:

If you get missing dependency error like shown below, in the middle of ffmpeg installation

Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package ffmpeg
Error: Missing Dependency: libtheora.so.0(libtheora.so.1.0) is needed by package ffmpeg
Error: Missing Dependency: rtld(GNU_HASH) is needed by package ffmpeg
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package imlib2
Error: Missing Dependency: rtld(GNU_HASH) is needed by package a52dec
Error: Missing Dependency: rtld(GNU_HASH) is needed by package imlib2
Error: Missing Dependency: rtld(GNU_HASH) is needed by package gsm
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package x264
Error: Missing Dependency: rtld(GNU_HASH) is needed by package xvidcore
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package lame
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package a52dec
Error: Missing Dependency: rtld(GNU_HASH) is needed by package faad2
Error: Missing Dependency: rtld(GNU_HASH) is needed by package x264
Error: Missing Dependency: rtld(GNU_HASH) is needed by package lame
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package xvidcore
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package faac
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package faad2
Error: Missing Dependency: libgif.so.4 is needed by package imlib2
Error: Missing Dependency: rtld(GNU_HASH) is needed by package faac
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package gsm
Error: Missing Dependency: libpng12.so.0(PNG12_0) is needed by package imlib2
Error: Missing Dependency: rtld(GNU_HASH) is needed by package libmp4v2
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package libmp4v2

then most commonly you have GLIB 2.3 installed instead of GLIB 2.4 version. To check the current GLIB version installed on your server. just use

yum list glib*

and it should list the latest GLIB package version.

The reason i was getting this error was my rpmforge packages was pointed to centos 5 versions instead of centos 4.6.

To fix dependency error:

To fix this error, you might need to check your rpmforge packages compatible to the release of your existing CentOS version.
Check the file /etc/yum.repos.d/rpmforge.repo and it should look like for Centos 4.6(Final). If you have lines like http://apt.sw.be/redhat/el5/en/mirrors-rpmforge you might need to make changes to the rpmforge.repos like shown below

Note: Backup the original rpmforge.repo file before you edit its content.

[rpmforge]
name = Red Hat Enterprise $releasever - RPMforge.net - dag
#baseurl = http://apt.sw.be/redhat/el4/en/$basearch/dag
mirrorlist = http://apt.sw.be/redhat/el4/en/mirrors-rpmforge
#mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge
enabled = 1
protect = 0
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
gpgcheck = 1

To know what linux type and version you are running

cat /etc/redhat-release

Once this is done, do again yum install ffmpeg.

This trick resolved the problem in my linux box running Centos 4.6 and this is the only way i found to install ffmpeg using yum.
To check the FFmpeg working:

Finally, check the ffmpeg whether it is working or not.

> ffmpeg
> ffmpeg -formats
> ffmpeg --help
// This lists path of mpeg, its modules and other path information


ffmpeg -i Input.file Output.file
To check what audi/video formats are supported

ffmpeg -formats > ffmpeg-format.txt

Open the ffmpeg-formats.txt to see the ooutput

D means decode
E means encode
V means video
A means audio
T = Truncated
Install FFMPEG-PHP Extension

FFmpeg-php is a very good extension and wrapper for PHP which can pull useful information about video through API interface. Inorder to install it you will need to download the source file and then compile and install extension in your server. You can download the source tarball : http://ffmpeg-php.sourceforge.net/

wget /path/to/this/file/ffmpeg-php-0.5.2.1.tbz2

tar -xjf ffmpeg-0.5.2.1.tbz2

phpize

./configure
make
make install
Common Errors

1. If you get command not found error for phpize, then you will need to do yum install php-devel

2. If you get error like "ffmpeg headers not found" while configuring the source.

configure: error: ffmpeg headers not found. Make sure ffmpeg is compiled as shared libraries using the --enable-shared option

then it means you have not installed ffmpeg-devel packages.

To Fix: Just install ffmpeg-devel using

yum install ffmpeg-devel

3. If you get an error like shared libraries not found problem and the program halts in the middle, then you must specify the ffmpeg installed path explicitly to the ./configure.

configure: error: ffmpeg shared libraries not found. Make sure ffmpeg is compiled as shared libraries using the --enable-shared option

To Fix:

1. First find out the ffmpeg path with ffmpeg --help command. The prefix default path should be like /usr/local/cpffmpeg
2. Configure the FFmpeg-php with --with-ffmpeg option

./configure --with-ffmpeg=/usr/local/cpffmpeg

That should resolve the problem!
Editing PHP.INI

Once you have done that without any problems then you will see the php extension file /usr/local/lib/php/extensions/no-debug-non-zts-20060613/ffmpeg.so and you will need mention that extension in php.ini file

nano /usr/local/lib/php.ini

Put the below two lines at the end of the php.ini file

[ffmpeg]
extension=ffmpeg.so

Then restart the server service httpd restart

To check whether ffmpeg enabled with php, point your browser to test.php file. It should show the confirmation of installed ffmpeg php extension

// #test.php



If any case the ffmpeg does not show in the phpinfo() test make sure that php.ini path to ffmpeg.so is correct. Still the problem occurs, the reason could be you might be using older versions of ffmpeg-php which is buggy. Just download the latest version of ffmpeg-php source then compile it.
Installing Mplayer + Mencoder

Just issue the following yum commands to install the rest of the packages.

yum install mplayer mencoder
Installing FlvTool2

Flvtool2 is a flash video file manipulation tool. It can calculate metadata and can cut and edit cue points for flv files.

If you are on Centos 5 try yum install flvtool2 with dag repository and if you get package not found you will need to manually download and compile the flvtool2. You can download latest version of flvtool2 here: http://rubyforge.org/projects/flvtool2/

wget

ruby setup.rb config
ruby setup.rb setup
sudo ruby setup.rb install

If you get command not found error, it probably means that you dont have ruby installed.

yum install ruby

Thats it! Once ffmpeg works fine with php extension, download a sample video, convert to .flv format in the command line and plug it to flowplayer to see it work on your web browser. Try also to download the video file offline and see whether the converted flv file works well with both audio and video. ./configure

Thursday, March 21, 2013

Commands to Check SSL cert’s validity and other details


1. Get complete available details of an SSL certificate

openssl x509 -text -in ssl.cert

2. Who issued the certificate?

openssl x509 -noout -in ssl.cert -issuer

3. To whom the certificate was issued?

openssl x509 -noout -in ssl.cert -subject

4. To check the expiry date of SSL certificate

openssl x509 -noout -in ssl.cert -dates

5. To get SSL cert’s hash value

openssl x509 -noout -in ssl.cert -hash

6. To get SSL cert’s MD5 fingerprint

openssl x509 -noout -in ssl.cert -fingerprint

To check CSR: openssl req -noout -text -in new.csr
To check key: openssl rsa -noout -text -in new.key

Running fsck on LVM from single user mode OR from live CD


If an LVM of a server need manual fsck and the particular LVM partition is the root(/) of the server, then we need to boot the server into single user mode or from a live CD.

If we boot the machine to single user mode or to live CD, you can't see the LVM partitions on "fdisk -l" and so you can't run fsck on root(/). The reason is that, LVM partitions will not be activated on single user mode or in live CD by default, you need to activate it manually to do the fsck.

First run the command "lvdisplay" to see your LVM, if it's not showing any result try following commands to find out physical disk,volume group and logical partition where we are going to run fsck.

pvscan :Physical scanning of particular disk

vgscan :Volume group scanning

lvscan :Logical volume scanning

# lvscan
ACTIVE '/dev/VolGroup/LogVol00' [999.00 GiB] inherit

Now it is not activates then you need to activate the specific logical volume like this:

#lvchange -ay "yourLogicalVolume"

Then run "fdisk -l" and verify the LVM device is showing there

The final step:

Run the fsck on logical volume:

#e2fsck -y /YourLogicalVolume

Install php modules on plesk



1. How to install GD on plesk

yum install php-gd

2. How to install imap

yum install php-imap

3. How to install mbstring

yum install php-mbstring

NOTE: you can also try for rpms

common errors when installing Moodle


When installing Moodle 2.3, several errors can occur during the installation. Typical Moodle installation errors are caused by database encoding, PHP version, and the database version. The PHP errors thrown are the Use of undefined constant, Database driver, and Database unicode errors. This article will explain what causes these errors and how to fix them.

Error: Use of undefined constant PHP

This error is caused by installing Moodle on a server with an incorrect version of PHP. An example of this error is similar to the following.

Notice: Use of undefined constant __DIR__ - assumed '__DIR__' in /home/user/public_html/lib/dml/moodle_database.php on line 27
Warning: require_once(__DIR__/database_column_info.php) [function.require-once]:
failed to open stream: No such file or directory in /home/user/public_html/lib/dml/moodle_database.php on line 27
Fatal error: require_once() [function.require]: Failed opening required '__DIR__/database_column_info.php'
(include_path='.:/usr/lib/php:/usr/local/lib/php:/home/user/php') in /home/user/public_html/lib/dml/moodle_database.php on line 27

If you are on a shared business plan, you can have your account moved to a PHP 5.3 server. On VPS or Dedicated servers, the PHP version can be upgraded. In either case, contact support to request the server move or PHP upgrade.

Error: Database driver problem detected
The database driver error is caused by an outdated version of MySQL. The following is copy of the error.

Error: database driver problem detected
The site administrator should verify server configuration
PHP has not been properly configured with the MySQLi extension so
that it can communicate with MySQL. Please check your php.ini file
or recompile PHP. MySQLi extension is not available for PHP 4.

Fixing this error will depend on the type of server you are one. If you are on a Shared business plan, you will need to move to a server that supports MySQL version 5.1 or higher. Systems can move your account to a server that supports this. On a VPS or Dedicated, tech support can upgrade the MySQL version for you by submitting a ticket.

Error: Database unicode character
When installing Moodle on a new database, if the encoding is not set correctly, the following error will occur.

It is required that you store all your data in Unicode format (UTF-8).
New installations must be performed into databases that have their default
character set as Unicode. If you are upgrading, you should perform the
UTF-8 migration process (see the Admin page).

To fix this error, you will need to set the database collation in to utf8_unicode_ci through PhpMyAdmin. The following will explain how to do this.

Changing the database collation in PhpMyAdmin
Login to your cPanel
Navigate to Databases > PhpMyAdmin.
Select the database on the left that was created for the Moodle site.
On the top right click Operations.
On the Collation drop box, select utf8_unicode_ci.
Click Go.
Now when you install Moodle, the error will not appear.

Monday, March 18, 2013

How to clean Backups of terminated accounts from whm.


This script cleans up old backups. You can easily remove backups of old accounts that are terminated from the server, which can consume your valuable space. This script compares /var/cpanel/users and those users "with" the cpanel backups on server. If it finds a backup that does not have a user in /var/cpanel/users, it takes whatever action you want it to do.

Installation
------------
Plugins requires that you have root access to the server via the console or SSH.

# cd /home
# rm -f latest-cleanbackups
# wget http://www.ndchost.com/cpanel-whm/plugins/cleanbackups/download.php
# sh latest-cleanbackups

Location: Log into the WHM, click on plugins, then Clean Backups.

Cpanel Autofix Commands.


cPanel comes with a number of hidden autofix commands that allow for administrators to fix common problems simply be logging into WHM and going to a special URL. Two of the most useful ones I’ve seen are flushing iptables and restarting SSH in safe mode.

====================

1) Reset the Firewall Settings https://yourdomain.com:2087/scripts2/doautofixer?autofix=iptablesflush

2) Reset the SSH Settings http://yourdomain.com:2086/scripts2/doautofixer?autofix=safesshrestart

3) bsdbindfix http://yourdomain.com:2086/scripts2/doautofixer?autofix=bsdbindfix

4) Autorepair http://yourdomain.com:2086/scripts2/doautofixer?autofix=autorepair

5) Compress Zlib http://yourdomain.com:2086/scripts2/doautofixer?autofix=Compress-Zlib-1.42.tar.gz

6) Compresszlibfix http://yourdomain.com:2086/scripts2/doautofixer?autofix=compresszlibfix

7) dbdmysql http://yourdomain.com:2086/scripts2/doautofixer?autofix=dbdmysql

8) Cooldiagnose_apache_conf http://yourdomain.com:2086/scripts2/doautofixer?autofix=diagnose_apache_conf

9) fpindexfile http://yourdomain.com:2086/scripts2/doautofixer?autofix=fpindexfile

10) libxml2-2.6.28.tar.gz http://yourdomain.com:2086/scripts2/doautofixer?autofix=libxml2-2.6.28.tar.gz

11) libxml64fix http://yourdomain.com:2086/scripts2/doautofixer?autofix=libxml64fix

12) pro* http://yourdomain.com:2086/scripts2/doautofixer?autofix=pro*

13) spamd_dbm_fix http://yourdomain.com:2086/scripts2/doautofixer?autofix=spamd_dbm_fix

14) test http://yourdomain.com:2086/scripts2/doautofixer?autofix=test

15) vfilterfix http://yourdomain.com:2086/scripts2/doautofixer?autofix=vfilterfix

16) yumduprpmfix http://yourdomain.com:2086/scripts2/doautofixer?autofix=yumduprpmfix

17) resellerresourceacctounts http://yourdomain.com:2086/scripts2/doautofixer?autofix=resellerresourceacctounts

18) horde_sqmail_current_fix http://yourdomain.com:2086/scripts2/doautofixer?autofix=horde_sqmail_current_fix

How to restrict users to SFTP only instead of SSH


Sometimes you want to have users, that have access to files on your server, but don't want them to be able to log in and execute commands on your server. This is done quite easily. Add user as usually and assign him a password. Then run the following command (replace the 'username' with real user name):

root@host # usermod -s /usr/lib/sftp-server username

This changes user's shell to sftp-server. The last step for this to work is to add '/usr/lib/sftp-server' to /etc/shells to make it a valid shell, eg. like this:

root@host # echo '/usr/lib/stfp-server' /etc/shells

There. Now you've setup a user who can only access your server with SFTP.

Thursday, March 14, 2013

grep examples: Search multiple patterns in a file using grep


grep -E "pattern1|pattern2" filename

or

egrep '(pattern1|pattern2)' filename

----------------------------------------------------------------------------------------------------

To number the output as lines.

grep -n root /etc/passwd

1:root:x:0:0:root:/root:/bin/bash
12:operator:x:11:0:operator:/root:/sbin/nologin

----------------------------------------------------------------------------------------------------

Count the occurence of word fals in /etc/passwd

grep -c false /etc/passwd
7

----------------------------------------------------------------------------------------------------

From the previous example, we now exclusively want to display lines starting with the string "root":

cathy ~> grep ^root /etc/passwd
root:x:0:0:root:/root:/bin/bash
----------------------------------------------------------------------------------------------------
If we want to see which accounts have no shell assigned whatsoever, we search for lines ending in ":":

cathy ~> grep :$ /etc/passwd
news:x:9:13:news:/var/spool/news:
----------------------------------------------------------------------------------------------------
To check that PATH is exported in ~/.bashrc, first select "export" lines and then search for lines starting with the string "PATH", so as not to display MANPATH and other possible paths:

cathy ~> grep export ~/.bashrc | grep '\ matches the end of a word.

If you want to find a string that is a separate word (enclosed by spaces), it is better use the -w, as in this example where we are displaying information for the root partition:

cathy ~> grep -w / /etc/fstab
LABEL=/ / ext3 defaults 1 1

If this option is not used, all the lines from the file system table will be displayed.
----------------------------------------------------------------------------------------------------


cathy ~> grep [yf] /etc/group
sys:x:3:root,bin,adm
tty:x:5:
mail:x:12:mail,postfix
ftp:x:50:
nobody:x:99:
floppy:x:19:
xfs:x:43:
nfsnobody:x:65534:
postfix:x:89:

In the example, all the lines containing either a "y" or "f" character are displayed.

----------------------------------------------------------------------------------------------------

Use the "." for a single character match. If you want to get a list of all five-character English dictionary words starting with "c" and ending in "h" (handy for solving crosswords):

cathy ~> grep '\' /usr/share/dict/words
catch
clash
cloth
coach
couch
cough
crash
crush
----------------------------------------------------------------------------------------------------
If you want to display lines containing the literal dot character, use the -F option to grep.

For matching multiple characters, use the asterisk. This example selects all words starting with "c" and ending in "h" from the system's dictionary:

cathy ~> grep '\' /usr/share/dict/words
caliph
cash
catch
cheesecloth
cheetah
--output omitted--
----------------------------------------------------------------------------------------------------
If you want to find the literal asterisk character in a file or output, use single quotes. Cathy in the example below first tries finding the asterisk character in /etc/profile without using quotes, which does not return any lines. Using quotes, output is generated:

cathy ~> grep * /etc/profile

cathy ~> grep '*' /etc/profile
for i in /etc/profile.d/*.sh ; do

List the content of a tar file


if You need to list the contents of a tar or tar.gz file on screen before extracting the all files.

List the contents of a tar file
$ tar -tvf file.tar

List the contents of a tar.gz file
$ tar -ztvf file.tar.gz

List the contents of a tar.bz2 file
$ tar -jtvf file.tar.bz2

Admin useful commands


1.
Top 20 memory consuming processes.
ps -eo pmem,pid,user,args | sort -k 1 -g -r | head -20

2.
Top 20 cpu consuming processes.
ps -eo pcpu,pid,user,args | sort -k 1 -g -r | head -20

3.
See the IP addresses accessing php files. This will work only in servers running php as CGI.

ps aeuxf | grep php|awk -F'REMOTE_ADDR=' '{ print $2 }' |cut -d\ -f 1 | uniq -c | sed 's/^[ ]*//'
Sample outout::

26 87.250.255.241
4.
To get the active php processes running on the server.

ps aeuxf | grep php | awk -F'SCRIPT_FILENAME=' '{ print $2 }' |cut -d\ -f 1 | uniq -c | sed 's/^[ ]*//'

Sample outout::

1 /home/blogfil/public_html/index.php
5.
To list the php processes and the time they have been running on the server.

ps -eo pid,cmd,etime,args --sort:etime | grep php

Sample outout::
2050 /usr/bin/php /home/macroren 33-23:22:32 /usr/bin/php /home/macroren/public_html/wp-cron.php
This means the php process of user macroren has been running on the server for 33 days, 23 hours, 22 minutes and 32 seconds.
This way you can kill the old processes and save mem/cpu

15 Examples To Master Linux Command Line History


Hi all,

This article will teach you to beacome a master in Lnux command line history.


15 Examples To Master Linux Command Line History
================================================
1. Display timestamp using HISTTIMEFORMAT
=========================================
# export HISTTIMEFORMAT='%F %T '
# history | more
1 2008-08-05 19:02:39 service network restart
2 2008-08-05 19:02:39 exit
3 2008-08-05 19:02:39 id
4 2008-08-05 19:02:39 cat /etc/redhat-release

2. Search the history using Control+R
====================================
Press Control+R and type the keyword. In the following example, I searched for red, which displayed the previous command “cat /etc/redhat-release” in the history that contained the word red.

# [Press Ctrl+R from the command prompt,
which will display the reverse-i-search prompt]
(reverse-i-search)`red': cat /etc/redhat-release
[Note: Press enter when you see your command,
which will execute the command from the history]
# cat /etc/redhat-release
Fedora release 9 (Sulphur)

3. Repeat previous command quickly using 4 different methods
==========================================================
1. Use the up arrow to view the previous command and press enter to execute it.
2. Type !! and press enter from the command line
3. Type !-1 and press enter from the command line.
4. Press Control+P will display the previous command, press enter to execute it

4. Execute a specific command from history
==========================================
In the following example, If you want to repeat the command #4, you can do !4 as shown below.

# history | more
1 service network restart
2 exit
3 id
4 cat /etc/redhat-release

# !4
cat /etc/redhat-release
Fedora release 9 (Sulphur)

5. Execute previous command that starts with a specific word
============================================================
# !ps
ps aux | grep yp
root 16947 0.0 0.1 36516 1264 ? Sl 13:10 0:00 ypbind
root 17503 0.0 0.0 4124 740 pts/0 S+ 19:19 0:00 grep yp

6. Control the total number of lines in the history using HISTSIZE
==================================================================
Append the following two lines to the .bash_profile and relogin to the bash shell again to see the change. In this example, only 450 command will be stored in the bash history.

# vi ~/.bash_profile
HISTSIZE=450
HISTFILESIZE=450

7. Change the history file name using HISTFILE

By default, history is stored in ~/.bash_history file. Add the following line to the .bash_profile and relogin to the bash shell, to store the history command in .commandline_warrior file instead of .bash_history file

# vi ~/.bash_profile
HISTFILE=/root/.commandline_warrior

8. Eliminate the continuous repeated entry from history using HISTCONTROL
========================================================================
In the following example pwd was typed three times, when you do history, you can see all the 3 continuous occurrences of it. To eliminate duplicates, set HISTCONTROL to ignoredups as shown below.

# pwd
# pwd
# pwd
# history | tail -4
44 pwd
45 pwd
46 pwd [Note that there are three pwd commands in history, after
executing pwd 3 times as shown above]
47 history | tail -4

# export HISTCONTROL=ignoredups
# pwd
# pwd
# pwd
# history | tail -3
56 export HISTCONTROL=ignoredups
57 pwd [Note that there is only one pwd command in the history, even after
executing pwd 3 times as shown above]
58 history | tail -4

9. Erase duplicates across the whole history using HISTCONTROL
===============================================================
The ignoredups shown above removes duplicates only if they are consecutive commands. To eliminate duplicates across the whole history, set the HISTCONTROL to erasedups as shown below.

# export HISTCONTROL=erasedups
# pwd
# service httpd stop
# history | tail -3
38 pwd
39 service httpd stop
40 history | tail -3

# ls -ltr
# service httpd stop
# history | tail -6
35 export HISTCONTROL=erasedups
36 pwd
37 history | tail -3
38 ls -ltr
39 service httpd stop
[Note that the previous service httpd stop after pwd got erased]
40 history | tail -6

10. Force history not to remember a particular command using HISTCONTROL
========================================================================
When you execute a command, you can instruct history to ignore the command by setting HISTCONTROL to ignorespace AND typing a space in front of the command as shown below

# export HISTCONTROL=ignorespace
# ls -ltr
# pwd
# service httpd stop [Note that there is a space at the beginning of service,
to ignore this command from history]
# history | tail -3
67 ls -ltr
68 pwd
69 history | tail -3

11. Clear all the previous history using option -c
===============================================================
Sometime you may want to clear all the previous history, but want to keep the history moving forward.

# history -c

12. Subtitute words from history commands
===============================================================
In the example below, the !!:$ next to the vi command gets the argument from the previous command to the current command.

# ls anaconda-ks.cfg
anaconda-ks.cfg
# vi !!:$
vi anaconda-ks.cfg

In the example below, the !^ next to the vi command gets the first argument from the previous command (i.e cp command) to the current command (i.e vi command).

# cp anaconda-ks.cfg anaconda-ks.cfg.bak
anaconda-ks.cfg
# vi !^
vi anaconda-ks.cfg

13. Substitute a specific argument for a specific command.
===============================================================
In the example below, !cp:2 searches for the previous command in history that starts with cp and takes the second argument of cp and substitutes it for the ls -l command as shown below.

# cp ~/longname.txt /really/a/very/long/path/long-filename.txt
# ls -l !cp:2
ls -l /really/a/very/long/path/long-filename.txt
In the example below, !cp:$ searches for the previous command in history that starts with cp and takes the last argument (in this case, which is also the second argument as shown above) of cp and substitutes it for the ls -l command as shown below.

# ls -l !cp:$
ls -l /really/a/very/long/path/long-filename.txt

14. Disable the usage of history using HISTSIZE
===============================================================
If you want to disable history all together and don’t want bash shell to remember the commands you’ve typed, set the HISTSIZE to 0 as shown below.

# export HISTSIZE=0
# history
# [Note that history did not display anything]

15. Ignore specific commands from the history using HISTIGNORE
===============================================================
Sometimes you may not want to clutter your history with basic commands such as pwd and ls. Use HISTIGNORE to specify all the commands that you want to ignore from the history. Please note that adding ls to the HISTIGNORE ignores only ls and not ls -l. So, you have to provide the exact command that you would like to ignore from the history.

# export HISTIGNORE="pwd:ls:ls -ltr:"
# pwd
# ls
# ls -ltr
# service httpd stop

# history | tail -3
79 export HISTIGNORE="pwd:ls:ls -ltr:"
80 service httpd stop
81 history
[Note that history did not record pwd, ls and ls -ltr]

change sites ip addresses for all domains in a server


Hi Guys,

Here is the simple script to change sites ip addresses in the server. This will be very useful while server migration when the server is having thousands of domains with its dedicated ips.

syntax for setsiteip
---------
/usr/local/cpanel/bin/setsiteip [-u user | domain] ip
---------

This is something looks like below,
---------
# head -3 /root/setip
a.com 1.2.3.4
b.com 1.2.3.5
c.com 1.2.3.6
---------

Also you can get this from old server /etc/domainips list by just running this command

# awk '{print $2" "$1}' /etc/domainips|cut -d : -f1 > /root/setip

Download the setip file to the new server and then run this script on screen

Then run this script in screen

-----------------------
#! /bin/bash
exec < /root/setip
while read line
do
dmn=$(echo $line | awk '{print $1}')
ip=$(echo $line | awk '{print $2}')
/usr/local/cpanel/bin/setsiteip $dmn $ip
done
-----------------------

Thats it. now all the domains will have its own dedicated ips.

Create a new ext3 file system if a disk was added to the sys


How do I create a new ext3 file system if a disk was added to the system?

Resolution:

1. Create the partition using the fdisk command. To start fdisk at a shell prompt (as root), type the command: Quote: fdisk/dev/hdb where /dev/hdb is the device name for the drive you want to configure.

The Command (m for help): prompt is displayed. Type n then p, to create a new (n) primary (p) partition. You will then be asked to enter a partition number 1-4. You can only have a total of 4 primary partitions. If you need more than 4 partitions, then your 4th partition will become your extended partition and you can create up to 15 partitions that the system will recognize. You will then enter the size of the partition that you want to create. The easiest way to do this is to select the defaulted start cylinder, then issue a size based on MB. Example: +5000MB to create a 5 GB partition.

2. Format the partition with the ext3 file system using mke2fs. Note that an ext3 file system is an ext2 filesystem with journaling (the -j option). See man mke2fs for more options. Type:

/sbin/mke2fs -j /dev/hdb3

where /dev/hdb3 is the partition you want to format. Note: If mke2fs does not recognize your partition, then you must reboot your system so that the new partition table is recognized.

3. You can label the partition using e2label. For example, if you want to label the new partition /work, type

e2label /dev/hdb3 /work

4. As root, create the mount point:

mkdir /work

5. As root, edit the /etc/fstab to include the new partition. The new line should similar to the following:

LABEL=/work /work ext3 defaults 1 2

6. Reboot your system so that the new partition table is recognized.

mv: cannot stat ': Input/Output error......


mv: cannot stat '<filename>: Input/Output error......

Issue: When trying to access or remove a file I get the error "mv: cannot stat '<filename>: Input/Output error."



What does this mean?

Resolution: Generally this error means there is file system corruption. Try to rename, mv <filename> <new filename>, or list files to confirm that this error is occurring to all files in a particular directory. Once confirmed use the following steps to attempt to recover your filesystem. 1. First, if you are going to perform a filesystem check you need to ensure the filesystem is unmounted. If the file system is your root partition then you will need boot into rescue mode so you can check the filesystem while it is unmounted. See additional articles in the Knowledgebase regarding this. 2. To run a filesystem check, use the command e2fsck. For example, if you are getting the above error on a filesystem that is mounted on the partition /dev/hda4 run the following command: Quote: e2fsck /dev/hda4 3. If the above command returns with errors complaining about a "bad superblock" then run the following command: Quote: dumpe2fs /dev/hda4 Look for the Backup superblock in the output: Quote: Group 1: (Blocks 8193-16384) Backup superblock at 8193, Group descriptors at 8194-8194 Block bitmap at 8195 (+2), Inode bitmap at 8196 (+3) Inode table at 8197-8447 (+4) 7937 free blocks, 2008 free inodes, 0 directories 4. Now run e2fsck again, specifying the superblock number: Quote: e2fsck -b 8193 /dev/hda4 5. If this fails then reboot your system as a filesystem check will probably be forced. If you drop to a shell then run e2fsck on the partition that is reporting the errors.

Copy file and directories across to another server and preserve symlinks


Issue: How do I copy file and directories across to another server and preserve symlinks?

Resolution: In order to preserve symlinks whilst copying files and directories across a network the use of the rsync command is recommended. If scp is used this will actually copy the symlinked file to the remote directory and lose the link relationship. For example below we want to copy and preserve the symlink relationship between test.log and /home/test/test.log in the local /rsync_test directory to machine serverOne's /rsync_test directory.

Quote: lrwxrwxrwx 1 root root 5 Jan 19 15:11 test.log -> /home/test/test.log

Two test cases will be used below to illustrate the point. USING SCP

Quote: scp /rsync_test/* serverOne:/rsync_test/

Listing the rsync_test directory on machine serverOne shows the following:

Quote: -rw-r--r-- 1 root root 5 Jan 19 15:11 test.log In this example scp copied the actual test.log file to the destination directory, therefore losing the symlink relationship. USING RSYNC

Quote: rsync -a -e ssh /rsync_test/ serverOne:/rsync_test Listing the rsync_test directory on machine serverOne shows the following:

Quote: lrwxrwxrwx 1 root root 5 Jan 19 15:11 test.log -> /home/test/test.log

In this example the symlink relationship has been preserved. From the output above you can see rsync can preserve symlink status and scp can not. For further information see man rsync and man scp.

df show bigger disk usage than du


Issue: Why does df show bigger disk usage than du? Resolution: There are some instances where df would output a bigger disk usage than du. The most common instance is when a process has opened a huge file and that same file is deleted with rm. Technically, the file still exists because a process still has an open file descriptor associated with that file. An example is presented below. First, a 200Mb file called bigfile is created and is opened using the vi editor:

[root@localhost ~]# ls -lh bigfile

-rw-r--r-- 1 root root 200M Dec 22 14:53 bigfile

[root@localhost ~]# lsof|grep bigfile vi 23824 root 3r REG 3,2 209715200 2052534 /root/bigfile vi 23824 root 4u REG 3,2 4096 2052542 /root/.bigfile.swp At this point, both df and du would have the same output:

[root@localhost ~]# df -h / Filesystem Size Used Avail Use% Mounted on /dev/hda2 19G 8.8G 8.4G 51% /

[root@localhost ~]# du -sh / 8.8G / Now the discrepancy in output shows once bigfile is deleted:

[root@localhost ~]# rm -f bigfile

[root@localhost ~]# df -h /

Filesystem Size Used Avail Use% Mounted on /dev/hda2 19G 8.8G 8.4G 51% /

[root@localhost ~]# du -sh / 8.6G / Killing the vi process that has opened bigfile resolves the discrepancy:

[root@localhost ~]# kill 23824

[root@localhost ~]# df -h / Filesystem Size Used Avail Use% Mounted on /dev/hda2 19G 8.6G 8.6G 50% /

[root@localhost ~]# du -sh 8.6G /

check when RPM packages were installed


How do I check when RPM packages were installed on my machine?

Resolution: You can use the following command to display the install date and time of all the packages installed on your system:

rpm -qa --last

If you have a vague idea of the package name pipe (pipe is | key) the output of the above command through grep and use a substring that would be in the package name.

For example, to search for packages containing the substring kernel.

rpm -qa --last | grep kernel

(Returns the install date and time for all packages with kernel in their name, such as the kernel, kernel-utils, etc.) If you know the exact name for the package, you can modify the command and specify the package name. For example:

rpm -q --last filesystem

(Returns the install date and time of the filesystem package)

Linux -- study of Procfs (pseudo-filesystem)


Procfs is a pseudo-filesystem (like sysfs and several others), which means that files in /proc do not exist in your hard drive, but the information they have is calculated on demand. Like the rest of filesystems used in Linux, procfs is supported by the Virtual File System (VFS). VFS is a kernel layer that provides abstraction when working with file systems, so that it handles the differences between file systems and shows a common interface to work with them. Although other Unix-like systems provide a procfs (FreeBSD, for example), the format varies between systems. Linux uses a plain text format and FreeBSD uses a binary format in some places. The first approach is better when working with shell commands like cat, grep, etc, but the second one is better when programming. Under /proc we can find general system information and specific process information and statistics. Linux distinguishes different types of information with the inode number. An inode number in Linux is represented as a 32 bit number and a PID (Process Identifier) is represented as a 16 bit number. With this schema, Linux splits the inode number in two halves of 16 bit. The left half is interpreted as a PID number and the right one is interpreted as a class of information. Since a PID=0 is not valid, Linux uses this value to indicate that inode contains global information. What kernel does when we type for example cat /proc/cpuinfo is showed in Illustration below. First of all, the process created by the shell requests data by reading the file. VFS catches the request and establishes the kind of file to read is a procfs file (actually, the file is a pseudo-file). The procfs subsytem queries the kernel tables to find the information required by the process. The kernel structures asked depend on the type of information the process wants (global, specific, about cpu, a process, etc). After the data have been collected, the process̢۪ buffer is filled. The most important aspect is that this process of information gathering is completely transparent from an external point of view.

Some useful sed commands


To remove the first line of a file from our output stream

$ sed -e '1d' filename | more

To delete lines 1-10 of the output

$ sed -e '1,10d' filename | more

To delete lines that start with a "#" from files

$ sed -e '/^#/d' filename | more

To print only virtualHosts in apache conf

$ sed -n '/^ /path/to/httpd.conf

How to find deleted files using EXT3GREP



1. Installing ext3grep…
wget http://ext3grep.googlecode.com/files/ext3grep-0.7.0.tar.gz
tar -xvzf ext3grep-0.7.0.tar.gz
cd ext3grep
./configure
make
cd src
./ext3grep –help


Done, ext3grep is built and working

3.Lets search for deleted folder:
Eg: ./ext3grep /dev/hda1 –search uaconsoleclientsample
Ext3grep will find many deleted blocks, now we need to check each blocks to find exact block associated with our deleted folder.


4.Find exact block assosicated with our deleted folder by checking each block
Eg: ./ext3grep /dev/hda1 –ls –block 240017


Use this script to automate this checking process.
#!/bin/sh

blocks=“255079 336393 336518 336526 395434 395435 395457 737282 984250 1346129 1868670 1869273 1950436 3915933 3915935 4069411 4087953 4216611 4292193 4292196 4292275 4530219 4538370 4538371 4538372 4538376 4538378 4538382 4538385 4543743 4543750 4543752 4544514 4544517 4544528 4544539 4550683 4550707 4655509 4655533 4670417 4670423 4689385 4689746 4785120 5046823 6525842 7370457 7805912“

# Replace above blocks with blocks found in step 3

for block in $blocks; do

./ext3grep /dev/hda1 –ls –block $block | tee -a output.txt

done
This script does the same procedure for each block in the list, shows the output on console and writes it to the file output.txt using tee. This way you can recheck the result later also in vim.

Analyze the output.txt and find entries like
"Block 1869273 is a directory. The block is Allocated" and find all inode associated with this block


5.Check content of the block with inode from previous step
Eg: ./ext3grep /dev/hda1 –ls –inode 656495


6.Now just restore the files you want using the right inode.
Eg: ./ext3grep /dev/hda1 –restore-inode 2263308

Wednesday, March 13, 2013

Log file for cpanel update and easy apache



cpanel update log file >> /var/cpanel/updatelogs/

easy apache log file >> /usr/local/cpanel/logs/easy/apache/





Filter rule to block an email ID


This can be used to block all emails coming to a particular email ID

Add the following to /etc/vfilters/domain.com

if
$header_to: is "test@testing.com"
then
fail "User doesn't exist"
endif


Fixing "An error occured while saving" in roundcube


After having updated my Ubuntu server from 10.04 version to 12.04 version, an error occurred while trying to save contacts and identities in the webmail roundcube. This tutorial explains how to find out what the problem is and how to fix it.

Error while saving a contact in the addressbook


While trying to save a new contact, I obtain the following message:

An error occured while saving

The error is more precisely described in roundcube's log files:

?View Code BASH
tail -f /var/log/roundcube/errors
where the following lines can be found

[21-Aug-2012 07:52:12 UTC] MDB2 Error: no such field (-19): _doQuery: [Error message:
Could not execute statement]
[Last executed query: INSERT INTO contacts (user_id, changed, del, `vcard`, `name`,
`email`, `firstname`, `surname`, `words`) VALUES ...
[Native code: 1054] [Native message: Unknown column 'words' in 'field list']
This indicates that the field "words" does not exist in the table "contact" in roundcube's database. Using SQL server (or PhpMyAdmin if it is installed), this error can be fixed by inserting the missing field:

ALTER TABLE `contacts` ADD `words` VARCHAR (500) NULL DEFAULT NULL


Error while adding a new identity


Trying to save a new identity resulted in the same error message. Once again, it comes from a missing field ("changed" is missing in the table "identities")

Code SQL

ALTER TABLE `identities` ADD `changed` DATETIME NOT NULL DEFAULT '1000-01-01 00:00:00'
AFTER `identity_id`


Tuesday, March 12, 2013

Correct httpdocs permissions


When Plesk creates an account for you it will always assign the httpdocs folder to the "psaserv" group, and all files within the httpdocs folder to the "psacln" group.

Sometimes you may run into trouble should you accidentally modify these groups (especially when you change the group of the httpdocs folder from psaserv) so should you need to restore these groupings you may run the following commands in succession:

chown -R your_plesk_username:psacln /your/httpdocs/directory
chown your_plesk_username:psaserv /your/httpdocs/directory
What the first command does is make sure that all of the files and folders within your httpdocs folder are correctly within the "psacln" group. The negative side effect of using the "-R" directive is that it also changes the permissions of the httpdocs directory itself, leading to the second command which only changes the httpdocs folder itself to be part of the "psaserv" group, while leaving the files and folders within with the correct grouping.

Important Plesk File Locations


# php.ini location
/etc/php.ini

# php.ini include files
/etc/php.d

# ioncube location on 64-bit OS
/usr/lib64/php/ioncube

# httpd.conf location
/etc/httpd/conf/httpd.conf

# httpd.conf include files
/etc/httpd/conf.d

# php.conf location
/etc/httpd/conf.d/php.conf

How-to Create a MySQL Database Backup from the Command Line on a Plesk Server


/usr/bin/mysqldump --user=admin --password=`/bin/cat /etc/psa/.psa.shadow` mydatabasename > myexportfile.sql

License expired warning in Parallels Plesk Panel


rror: The license key is invalid. In order to use the Parallels Plesk Panel, please obtain and install a new functioning license key.
Your license key has expired. To continue using your Parallels Plesk Panel you must purchase a non-expiring commercial license key.

Cause
The issue may occur if the system time is incorrect.

Resolution
On the same page where the warning is shown, check the "Key expiration date":
If the "Key expiration date" is in the future, check the system time by running the "date" command in the Linux shell or "date /T" in the Windows command line. If it is incorrect, change it to the correct one.
If the "Key expiration date" is in the past, it means that the key is, indeed, expired.

How license key management works in Parallels Plesk Panel


PP has a new automated Key Management System that allows the PP administrator to update the license directly from the PP interface under Tools&Settings (Server for earlier PP versions) -> License Management page. In order to eliminate fraud and theft of PP keys, an expiration date that requires a PP key to check in with a management system for renewal was implemented. In other words, a new PP key should be retrieved from the key management system every three months. This is done automatically by PP and does not require you to manage the license expiration unless an error occurs.

Please note that the license expiration date does not affect any key PP feature, such as SUS, email support, etc.
PP uses port 5224 to communicate with the key management system, so make sure that this port is opened in your firewall for outgoing connections. If PP fails to renew the key for some reason, you will see a note about it in the control panel. If you do not fix the issue with key updating and do not install a renewed key manually, the PP web interface will be blocked.

To Install SSL and Intermediate Certificates in Parallels Plesk Panel 10.x and 11.x


Log in to Parallels Plesk Panel as admin. For more information, see Accessing Parallels Plesk Panel on Your Server.

If necessary, switch to Service Provider view. For more information, see Accessing Service Provider View in Plesk.

From the Hosting Services menu, click Domains.

Next to the domain name you want to use, click Open in Control Panel.

Go to the Websites & Domains tab, and then click Secure Your Site with SSL Certificates.

Under Certificate name, click the certificate you want to use.

Next to the Certificate field, click Browse.

Locate your signed CRT file, e.g., coolexample.com.crt, and then click Open.

Next to the CA certificate field, click Browse.

Locate the certificate bundle, gd_bundle.crt, and then click Open.

Click Send File.

Go to the Websites & Domains tab, and then click the domain name at the bottom of the page.

Make sure that the box next to Enable SSL support is checked and select your SSL certificate from the drop down menu.

Click OK.

If your server is running Linux, stop and start the Apache process. If your server is running Windows, stop and start the DNS service.

Your SSL certificate should now be installed. If you have problems, please see Using the SSL Installation Tool to help diagnose issues.

MOVE PLESK LICENSE KEY


Download the plesk key from the old webserver.
The location of the plesk key is /usr/local/psa/tmp/psa.key

Logon to the Plesk interface of the new webserver and upload the file to the server.
(Server > License management -> upload key)

You can use /usr/local/psa/admin/bin/keymng but we prefer the procedure above.

How to install POSTFIX in plesk server


/usr/local/psa/admin/sbin/autoinstaller –select-release-current –install-component postfix –> Install postfix in plesk

How to change plesk default backup location


vi /etc/psa/psa.conf
# Backups directory
DUMP_D /var/lib/psa/dumps –> Change this….and try

ERROR 1045 (28000): Access denied for user ‘root’@'localhost’ (using password: NO)


While trying to use mysql in plesk I am getting the following error :
ERROR 1045 (28000): Access denied for user ‘root’@'localhost’ (using password: NO)
ERROR 1045 (28000): Access denied for user ‘root’@'localhost’ (using password: YES)
Solution :
echo “use psa; truncate lockout;” | mysql -u root -p`cat /etc/psa/.psa.shadow`

Clear email queues using qmHandle


qmHandle used to monitor, delete and clear mail queues in plesk server with qmail.

wget http://optusnet.dl.sourceforge.net/sourceforge/qmhandle/qmhandle-1.3.2.tar.gz
tar -xvzf qmhandle-1.3.2.tar.gz
service qmail stop
service qmail start
./qmHandle

qmHandle -s -s to see some basic statistics

./qmHandle -h’MAILER-DAEMON@server.jellyfishhosting.co.uk’ –> Delete mails that has “MAILER-DAEMON@server.jellyfishhosting.co.uk” in header (Case Insensitive)

Qmail commands


/var/qmail/bin/qmail-qstat --> List messages in queue

/usr/local/psa/admin/bin/mailqueuemng -s --> Show mail queue statistics

/var/qmail/bin/qmail-qread --> Command to see mails in queue

Install qmail in plesk


/usr/local/psa/admin/sbin/mailmng –features | grep SMTP_Server –> Will show the running MTA

/usr/local/psa/admin/sbin/autoinstaller –select-release-current –install-component qmail –> Install qmail in plesk

Finally, /usr/local/psa/admin/sbin/mailmng –reload-service –> To restart service

Monday, March 11, 2013

cpanel error log is empty


First try to restart apache and check the error log is working fine or not
If not, please check the existence of a .htaccess file , There should be a redirection rule
to redirect all the requests to external site

just move that .htaccess and try

If it works, please update the client

Sunday, March 10, 2013

License File Expired: LTD: 1362153750 NOW: 1293841841 FUT!


We recently encountered an issue where cPanel license was shown expired eventhough
license was still valid in the server. Upon searching the issue, we found that the
issue was due to the server time being offset. Correcting it and restarting cPanel
resolved the issue!!! You can use the following command to correct the server time

#rdate -s rdate.cpanel.net

Friday, March 8, 2013

FTP over SSL



SFTP is only available to cpanel users and not to virtual ftp users for secure connection, but you can use FTP over SSL/TLS.


For this

1) Please enable TLS Encryption Support from WHM

Main>> FTP Server Configuration

TLS Encryption Support>> optional

2) On the FTP client use server type as

Host: domain or Ip

Port : 21

Server Type : FTPES -FTP over explicit TLS/SSL

3) For using particular ssl certificate in WHM

Main>> Manage Service SSL Certificates>> FTP section>> install new certificate

Forwarding all mails from a domain to a Specific Email ID


You can use the code below to forward all mails from a domain to a specific email ID, it will work for newly created mail accounts automatically.

Add the code below at the end of "/etc/system_filter.exim"

Here, all the mails from domain.com are forwarded to test@gmail.com; change the domain name (domain.com) and mail id (test@gmail.com) as per the requirement.

============
if ( foranyaddress $reply_address,$return_path,$sender_address,$header_from,$h_from,$h_to:,$h_cc:,$h_bcc:,$recipients
( $thisaddress contains @domain.com )) and ( $header_X-Ref-Type does not contain yes )
then
headers add "X-Ref-Type: yes\n"
unseen deliver test@gmail.com
endif
==============

mod_ruid2 installation


yum install libcap-devel
cd /usr/local/src
wget http://downloads.sourceforge.net/project/mod-ruid/mod_ruid2/mod_ruid2-0.9.4.tar.bz2
tar -jxf mod_ruid2-0.9.4.tar.bz2
cd mod_ruid2-0.9.4
vi ruid2.conf
LoadModule ruid2_module modules/mod_ruid2.so

RMode config
RDefaultUidGid nobody nobody
RUidGid nobody nobody
RGroups nobody

apxs -a -i -l cap -c mod_ruid2.c

Open httpd.conf and remove the line from it:

LoadModule ruid2_module modules/mod_ruid2.so

echo "LoadModule ruid2_module modules/mod_ruid2.so" >> /usr/local/apache/conf/includes/pre_main_global.conf
/usr/local/cpanel/bin/apache_conf_distiller --update
/etc/init.d/httpd restart

In future, /scripts/easyapache recompiles will move the file mod_ruid2.so out of /usr/local/apache/modules folder.
So save a copy of it.

cp /usr/local/apache/modules/mod_ruid2.so /root

vi /scripts/preeasyapache
#!/bin/bash

sed -i 's/LoadModule ruid2_module/#LoadModule ruid2_module/g' /usr/local/apache/conf/includes/pre_main_global.conf

vi /scripts/posteasyapache
#!/bin/bash

cp /root/mod_ruid2.so /usr/local/apache/modules/
sed -i 's/#LoadModule ruid2_module/LoadModule ruid2_module/g' /usr/local/apache/conf/includes/pre_main_global.conf
/etc/init.d/httpd restart

chmod +x /scripts/preeasyapache
chmod +x /scripts/posteasyapache

Reference : http://forums.cpanel.net/f5/how-install-mod_ruid2-cpanel-server-229422.html

How To configure R1soft backup in CDP Server.


1) Install CDP agent as per wiki instrauctions.
2) Login to CDP server(inas3) and Add Agent(test.server.com)
   Click the "Agent" Icon in the left menu, then click "Create New Agent" and fill-up the required fields:
   Name : test.server.com
   HostName/IP : 10.10.19.18 (Use Internal IP, you need to ensure internal network is working in the server before doing this)
   Keep the port as 1167
   Enable the option "Enable database add-on"
   Then Test the Agent connection by clicking the button "Test Agent Connection", you need to make sure agent connected/authenticated successfully. you may need to do some changes in server firewalls like opening the agent port on agent server or allowing agent servers IP in Inas3 firewall etc.
  Click "Create" button once the connection is Okay.

Now you "Successfully created agent!"

3) Create New Disk Safe for new Agnet.

   Click "Dsik Safes" Icon in the left menu and then click "Create New Disk Safe" and fill-up the required fields:
   Name : test.server.com
   Agent : Select the agent we created from drop down list, here it is "test.server.com
   Volume : Select Volume as inas3
   Devices : Uncheck "Automatically add new devices"
   Then Click "Create"
   After Creating the Disk Safe, a pop-up window will appear

asking "Add Devices To Protect", you need to Click "Add" button.

   This will fetch the list of drives in agent server in left side of the window(Devices On Agent),
you need to add the devices to right side of the window(Devices In Disk Safe), you
only need to add the devices that you would like to backup. Click "plus" icon to add the devices.
Please skip the backup drive, since we don't need the backup of the backup drive. Then Save the task.

4) Create Policy for this agent, we are creating daily backup

policies with 10 recovery points.

  Click "Policy" Icon in left side menu, then "Create New Policy" and fillup the required fileds:
  Name : test.server.com
  Description : test.server.com
  Agent : Select the agent from the drop down list. here the agent is test.server.com
  Disk Safe : Select the agent from the drop down list. here the Disk Safe is test.server.com
  Replication Schedule : Click "Edit Schedule", and select "Replication Frequency" as daily and select
an Off peak hour to run the policy, click OK.

  Merge Schedule : Click "Edit Schedule", and select "Replication Frequency" as daily and select non off peak hours,
since this operation is running on the CDP server itself and agent server has no role in this operation.

5) Click the "MySQL" Tab in the policy window to create MySQL DB instances.

   Click "Add New MySQL instances", this will pop a window asking for some details, Fill-up the details as follows.
   Name : Give some name, like "test"
   Authentication : User - r1soft ; Pass - by5BkmlshlzgKeo5yzdign:fg
   Leave all other fields as such.
   Run following MySQL query in Agent server(here test) and Test the MySQL server connection by clicking the "Test
Connection" button.

   grant all privileges on *.* to r1soft@127.0.0.1 identified by 'by5BkmlshlzgKeo5yzdign:fg' ;
   If the Connection is Okay, then click "Add" then Click "Save"

  Thats all!

Thursday, March 7, 2013

FTP failed on plesk server


On a plesk server I could not connect to ftp so when I checked the logs I found

- warning: unable to determine IP address of ‘myhostname.server.com’
- error: no valid servers configured
- Fatal: error processing configuration file '/etc/proftpd.conf'
Then, I checked the /etc/hosts and found hostname entry missing:

[root]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
So to get this fixed I added the below entry in the /etc/hosts file

xx.xx.xx.xx myhostname.server.com
And, then restarted xinetd which fixed the issue.

How to install qmHandle on plesk server ?


Install qmHandle on plesk dedicated server using the below steps:

Login to the sever as root.

Download the tar from here using the following command:

root# wget
http://jaist.dl.sourceforge.net/sourceforge/qmhandle/qmhandle-1.3.2.tar.gz
root# tar -zxvf qmhandle-1.3.2.tar.gz
root# chmod 755 qmHandle
root# ./qmHandle –h
Few commands of qmhandle :

List help for qmhandle commands.

qmHandle -h
Show statistics for qmail mail queue

qmHandle -s
Deliver all mails in mail queue.

qmHandle -a
This article is released by SupportFacility.Com — the leaders in providing outsourced technical support, live chat support & help desk support for web hosts. Interested ? Opt for a trial now.

Plesk : Configure qmail to use alternate SMTP port 26


You have a plesk dedicated server and having issues related to SMTP port 25. There are issues where ISP blocks SMTP port 25, in this case we can use alternate port (I will use port 26).
Kindly follow the below steps to change SMTP port on your plesk dedicated (linux) server to 26.

Login to your server as root

root# cd /etc/xinetd.d
root# ls -l | grep smtp*
root# cat smtp_psa
service smtp
{
socket_type = stream
protocol = tcp
wait = no
disable = no
user = root
instances = UNLIMITED
server = /var/qmail/bin/tcp-env
server_args = /usr/sbin/rblsmtpd -r bl.spamcop.net /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
}
root# nano /etc/services
Add the below lines

smtp_psa_new 26/tcp mail
smtp_psa_new 26/udp mail
root# cp smtp_psa smtp_psa_new
Change the service line in the new file “smtp_psa_new” to be this:

service smtp_psa_new
{
socket_type = stream
protocol = tcp
wait = no
disable = no
user = root
instances = UNLIMITED
server = /var/qmail/bin/tcp-env
server_args = /usr/sbin/rblsmtpd -r bl.spamcop.net /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
}
root# /etc/init.d/xinetd restart
And you should see smtp listening on ports 25, and 26:

root# netstat -anp | grep xinetd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 6989/xinetd
tcp 0 0 0.0.0.0:26 0.0.0.0:* LISTEN 6989/xinetd
That’s it!

Plesk configuration files path + linux?


Guys,

Here are the paths :

Plesk Config & Binary file

Linux :

===============================================
# Plesk tree
PRODUCT_ROOT_D - /usr/local/psa
===============================================
# Directory of SysV-like Plesk initscripts
PRODUCT_RC_D - /etc/init.d

/etc/psa/psa.conf // common config file
/etc/psa/.psa.shadow // admin password file
/var/log // common log file
/etc/local/psa/admin/logs //plesk log file
================================================

# Directory for config files
PRODUCT_ETC_D - /usr/local/psa/etc
================================================

# Virtual hosts directory
HTTPD_VHOSTS_D - /var/www/vhosts
/var/www/vhosts//anon_ftp , cgi-bin, conf, error_docs , httpdocs, httpsdocs , pd , private , statistics-->/logs(domain logs), subdomains , web

Domain based httpd.conf file:- /var/www/vhosts/conf/httpd.include
Doc root : /var/www/vhosts//httpdocs
===============================================

# Apache configuration files directory
HTTPD_CONF_D - /etc/httpd/conf/httpd.conf //server based
/var/www/vhosts/conf/httpd.include // domain based

------------------------------------------------
# Apache include files directory
HTTPD_INCLUDE_D - /etc/httpd/conf.d/mailman.conf , perl.conf, python.conf , webalizer.conf, zz010_psa_httpd.conf, fcgid.conf, manual.conf , php.conf, ssl.conf, welcome.conf
------------------------------------------------
# Apache binary files directory
HTTPD_BIN_D - /usr/bin
------------------------------------------------
#Apache log files directory
HTTPD_LOG_D - /var/log/httpd
------------------------------------------------
#apache startup script
HTTPD_SERVICE httpd
/etc/init.d/httpd [start|stop|restart|status]


================================================

# Qmail directory
QMAIL_ROOT_D /var/qmail

# Location of qmail maildirs
QMAIL_MAILNAMES_D /var/qmail/mailnames/
/var/qmail/mailnames//mail a/c/Maildir/new,cur,tmp

# Path to rblsmtpd
RBLSMTPD /usr/sbin/rblsmtpd

# Courier-IMAP
COURIER_IMAP_ROOT_D /

/etc/init.d/qmail [status,start,stop,restart] //service control

================================================
# Proftpd
FTPD_CONF /etc/proftpd.conf
FTPD_CONF_INC /etc/proftpd.include
FTPD_BIN_D /usr/bin
FTPD_VAR_D /var/run/proftpd
FTPD_SCOREBOARD /var/run/proftpd/scoreboard

Log file :- /var/log/xferlog
Service control :- /etc/init.d/proftpd [start,stop,status,restart]
================================================
# Bind
NAMED_RUN_ROOT_D /var/named/run-root/etc/named.conf
/var/named/run-root/var/ // db record

Service control :- /etc/init.d/named [status,start,stop,restart]
log:- /var/log/messages
===============================================

# Webalizer
WEB_STAT /usr/bin/webalizer
===============================================
# Logrotate
LOGROTATE /usr/local/psa/logrotate/sbin/logrotate
===============================================
# MySQL
MYSQL_VAR_D /var/lib/mysql
MYSQL_BIN_D /usr/bin

Service control:- /etc/rc.d/init.d /mysqld [start,stop,restart,status]
log :- /var/log/messages
===============================================
# PostgreSQL
PGSQL_DATA_D /var/lib/pgsql/data
PGSQL_BIN_D /usr/bin
===============================================
# Backups directory
DUMP_D /var/lib/psa/dumps
===============================================
# Mailman directories
MAILMAN_ROOT_D /usr/lib/mailman
MAILMAN_VAR_D /var/lib/mailman
===============================================
# Python binary
PYTHON_BIN /usr/bin/python2.3

# Tomcat root directory
CATALINA_HOME /usr/share/tomcat5

# DrWeb
DRWEB_ROOT_D /opt/drweb
DRWEB_ETC_D /etc/drweb

# GnuPG binary
GPG_BIN /usr/bin/gpg

# Tar binary
TAR_BIN /bin/tar
===============================================
# Curl certificates
CURL_CA_BUNDLE_FILE /usr/share/curl/curl-ca-bundle.crt
=========================================================
# AWStats
AWSTATS_ETC_D /etc/awstats
AWSTATS_BIN_D /var/www/cgi-bin/awstats
AWSTATS_TOOLS_D /usr/share/awstats
AWSTATS_DOC_D /var/www/html/awstats
===============================================
# openssl binary
OPENSSL_BIN /usr/bin/openssl

LIB_SSL_PATH /lib/libssl.so
LIB_CRYPTO_PATH /lib/libcrypto.so

CLIENT_PHP_BIN /usr/local/psa/bin/php-cli
--------------------------------------------------
Psa Spammasion:-
/usr/local/psa/admin/bin/spamd --status
--stop
--start
--------------------------------------------------

qmail configuration in Plesk


qmail is the MTA used in plesk servers

Log file location: /usr/local/psa/var/log/maillog

How do I repair Qmail configuration


# /usr/local/psa/admin/sbin/mchk --help
Synopsis:
mchk [OPTION]
--without-spam - restore all settings except for SpamAssassin configuration
--with-spam - restore all settings
--spam-only - restore only SpamAssassin settings

eg: # /usr/local/psa/admin/sbin/mchk --with-spam


Managing a QMail queue

/var/qmail/bin/qmail-showctl will show info about qmail setup.

/var/qmail/bin/qmail-qstat will show what is in the mail queue.

# to clear the queue
{
/etc/init.d/qmail stop
cd /var/qmail/queue
rm -rf info intd local mess remote todo
mkdir mess
for i in `seq 0 22`; do
mkdir mess/$i
done
cp -r mess info
cp -r mess intd
cp -r mess local
cp -r mess remote
cp -r mess todo
chmod -R 750 mess todo
chown -R qmailq:qmail mess todo
chmod -R 700 info intd local remote
chown -R qmailq:qmail intd
chown -R qmails:qmail info local remote
/etc/init.d/qmail start
}

qmHandle
qmHandle is a handy tool for manipulating the qmail queue, and for gathering some basic statistics about it.

To install it (to your current directory) run:


wget -O - "http://easynews.dl.sourceforge.net/sourceforge/qmhandle/qmhandle-1.3.2.tar.gz" | tar xzf -
If you're using qmHandle with Plesk's qmail, try an older version that doesn't attempt to stop qmail with 'svc':


wget -O - "http://easynews.dl.sourceforge.net/sourceforge/qmhandle/qmhandle-1.2.0.tar.gz" | tar xzf -
If you have a lot of bounce notices sitting in your queue, try running:


./qmHandle -S'failure notice'
The -S means ' delete all messages that have/contain text as Subject'.

Need to track who sent an email?
Need to track who sent a particular email from your server? e.g. if a user account is compromised and you need to see which user account?

The email will have headers like:


Received: (qmail 13711 invoked from network); 26 Jun 2007 02:55:46 -0000
Received: from hpbizway.com.ar (HELO User) (1.2.3.4)
by example.com with SMTP; 26 Jun 2007 02:55:46 -0000
The 'invoked from network' means the email was received from an external host (e.g. it was not send from a program like apache on your server itself).

The IP that sent the email was 1.2.3.4

So run:


grep 1.2.3.4 /var/log/messages
(Use whatever IP you need to there).

And you will find which user that IP was using. e.g.


/var/log/messages:Jun 26 16:17:35 example smtp_auth: SMTP connect from unknown@hpbizway.com.ar [1.2.3.4]
/var/log/messages:Jun 26 16:17:35 example smtp_auth: smtp_auth: SMTP user claudia
In this case it is the 'claudia' user. And a suitable follow up would be to, say, change the password on that user account.

QMail maxing out the CPU
Do you have lots of /var/qmail/bin/qmail-smtpd processes? All using lots of CPU?

Are you missing files named /var/qmail/control/dh512.pem and /var/qmail/control/dh1024.pem?

Do you have /var/qmail/control/dhparams512.pem and /var/qmail/control/dhparams1024.pem?

In this case it may be that your qmail process is generating a ssl key for each connection, rather than using a pre-prepared one.

The fix is to run:


cp /var/qmail/control/dhparams512.pem /var/qmail/control/dh512.pem
cp /var/qmail/control/dhparams1024.pem /var/qmail/control/dh1024.pem
Then you may also need to restart xinetd with

/etc/init.d/xinetd restart

Tuesday, March 5, 2013

Configure Apache to listen multiple ports


The listen directive in the Apache configuration file can be used to make Apache to listen in a particular port or IP address or port combination.

Listen 80
Listen 8000

In this format the Apache server listens on the given ports on all interfaces (IP addresses) which are up in the server. If you mention the above two directives in the Apache configuration file then the Apache server will listen on both the ports 80 and 8000. Multiple Listen directives may be used to specify a number of addresses and ports to listen to.

Listen IP:80

You need to replace the IP address in this example with the IP address you want the Apache service to listen. In this format an IP address is given as well as a port. In this case the server will listen on the given port and interface( IP address ). If you want the Apache service to listen on two IP addresses in the server you can use multiple listen directive in the configuration file.

Listen IP1:80
Listen IP2:80

Please remember to restart the Apache service in the server once the changes are made to the configuration file.

Starting Apache HTTPD Failed Cannot Open or No such file mod_bwlimited, mod_log_bytes or mod_bandwidth


On restaring Apache, you may get the following error:

Nov 21 09:31:40 web httpd: Cannot load usr/local/apache/libexec/mod_log_bytes.so into server: /usr/local/apache/libexec/mod_log_bytes.so: cannot open shared object file: No such file or directory
Nov 21 09:31:40 web rc: Starting httpd: failed

Invalid command ‘BytesLog’, perhaps mis-spelled or defined by a module not included in the server configuration

This is most likely due to the cause that the mod_belimited.so, mod_log_bytes.so, or mod_bandwidth.so are deleted or corrupted. These 3 files are unique on cPanel based servers.

This error is received when the Apache HTTPD server has been messed up with some shared library files such as mod_auth_passthrough.so, mod_bwlimited.so and mod_log_bytes.so located in libexec directory, that have accidentally been deleted or corrupted.

The solution to the error is to recompile those shared library modules. You can easily compile these cPanel modules for Apache by using the following commands:

cd /usr/local/cpanel/apache

/usr/local/apache/bin/apxs -iac mod_log_bytes.c

/usr/local/apache/bin/apxs -iac mod_bwlimited.c

/usr/local/apache/bin/apxs -iac mod_bandwidth.c

After compilation, the .so files will automatically be copied to libexec directory for Apache HTTPD web server.