Suhosin is the big brother to the Hardened-PHP patch which adds an extra level of protection to PHP. Installing Suhosin can be a bit confusing so we'll show you how it can be easily installed on Linux
Suhosin Install Guide
Suhosin is the big brother to the Hardened-PHP patch which adds an extra level of protection to PHP. Installing Suhosin can be a bit confusing so we'll show you how it can be easily installed on Linux.
Suhosin for PHP
http://www.hardened-php.net/suhosin.127.html
What is Suhosin?
There are 2 separate versions on Suhosin. You can run both together or one separately.
1) A raw patch where you need to recompile PHP in shell to work. This adds low level protection against things like buffer overflows and format string vulnerabilities.
2) A PHP extension that protects at runtime, easy to install.
Both versions will still you allow you to use other PHP extensions like Zend Optimizer without any issues.
See the full features list comparision here: http://www.hardened-php.net/suhosin/a_feature_list.html
This guide we'll show you how to install the Extension ONLY. Recompiling PHP for the patch is a whole guide in itself, so I only recommend that for experienced users or having someone do it for you like a server admin company such as ServerProgress - www.serverprogress.com or click on Hire an Expert.
Installing Suhosin
Things to do before getting started and questions you probably have.
1) First off you need to create a phpinfo page on your web server, this is so you can see if Suhosin is installed and working or not.
EG: http://mysite.com/phpinfo.php
phpinfo();
?>
That’s all it should contain. You should bring it up to make sure it works.
2) Check to make sure that PHP is NOT compiled with --enable-versioning
You will see this in the Configure Command section at the top, make sure you do not see
--enable-versioning
If it is, the extension will not work. Versioning breaks extensions. You will need to recompile PHP and make sure versioning is turned OFF.
3) This only applies if you are using Zend Optimizer. Make sure you are using at least version 3.2.1 or above of Zend Optimizer. If you are using anything below that there is a known bug in Zend Optimizer that gets caught up in Suhosin while reading zend encoded pages. So be sure to upgrade Optimizer to a more recent release before you install Suhosin to avoid issues.
You can check your version while in shell by doing:
php –v
If you have it installed you’ll see something like:
Zend Engine v1.3.0, Copyright (c) 1998-2004 Zend Technologies
with Zend Extension Manager v1.0.10, Copyright (c) 2003-2006, by Zend Technologies
with Zend Optimizer v3.0.1, Copyright (c) 1998-2006, by Zend Technologies
So this version is old and needs to be upgraded. See http://www.webhostgear.com/184.html our Zend Optimizer install guide for more details.
Suhosin works fine on cPanel/WHM servers, DirectAdmin, Plesk and any others. As long as the above mentioned items are met then you should be fine.
Installing Suhosin Extension
Download the source file for the Suhosin extension
cd /usr/local/
wget http://www.hardened-php.net/suhosin/_media/suhosin-0.9.18.tgz
tar -zxvf suhosin-0.9.18.tgz
cd suhosin-0.9.18
phpize
OUTPUT will be something like this:
# phpize
Configuring for:
PHP Api Version: 20020918
Zend Module Api No: 20020429
Zend Extension Api No: 20050606
./configure
make
OUTPUT will be something like this:
Libraries have been installed in:
/usr/local/suhosin-0.9.18/modules
make install
OUTPUT will be something like this:
Installing shared extensions: /usr/local/lib/php/extensions/no-debug-non-zts-20020429/
Make a note of the directory location and confirm it exists and has suhosin.so in it:
ls –lah /usr/local/lib/php/extensions/no-debug-non-zts-20020429/
-rwxr-xr-x 1 root root 334K Mar 19 09:17 suhosin.so*
Now copy suhosin.so to /usr/lib/php/extensions since our php.ini points to that directory and not the one the make install used
cp /usr/local/lib/php/extensions/no-debug-non-zts-20020429/suhosin.so /usr/lib/php/extensions/no-debug-non-zts-20020429
Checking PHP
Now we need to check PHP to ensure suhosin will be added in.
Find where your current PHP.ini is:
php -i |grep php.ini
Configuration File (php.ini) Path => /usr/local/Zend/etc/php.ini
Edit the php.ini
vi /usr/local/Zend/etc/php.ini
Step 1) Ensure the include path/extension is set properly.
Search for: extension_dir
You should see something like this:
;;;;;;;;;;;;;;;;;;;;;;;;;
; Paths and Directories ;
;;;;;;;;;;;;;;;;;;;;;;;;;
include_path = ".:/usr/lib/php:/usr/local/lib/php:/usr/lib/php/extensions:/usr/lib/php/extensions/no-debug-non-zts-20020429:" ;
extension_dir = /usr/lib/php/extensions/no-debug-non-zts-20020429/ ; directory in which the loadable extensions (modules) reside
Note the exact path is the same as what we wrote down when we did “make install”
If not, you will need to add it or COPY the file to the new location as mentioned above.
Step 2) Add the suhosin.so extension to php.ini
While still in php.ini search for Dynamic Extensions
/Dynamic Extensions
EG you should see:
;;;;;;;;;;;;;;;;;;;;;;
; Dynamic Extensions ;
;;;;;;;;;;;;;;;;;;;;;;
Add this below:
extension=suhosin.so
====================================================================
Note to 64 bit OS users:
Check to make sure php.ini is using the proper extension_dir setting:
extension_dir = /usr/lib64/php4
Then copy the suhosin.so to that directory after you do "make install"
cp -v /usr/local/lib/php/extensions/no-debug-non-zts-20020429/*.so /usr/lib64/php4/
End 64 Bit OS note:
Now save php.ini and check PHP from shell:
php -v
PHP 4.4.6 (cli) (built: Mar 19 2007 09:54:33)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v1.3.0, Copyright (c) 1998-2004 Zend Technologies
with Zend Extension Manager v1.2.0, Copyright (c) 2003-2006, by Zend Technologies
with Suhosin v0.9.18, Copyright (c) 2002-2006, by Hardened-PHP Project
with Zend Optimizer v3.2.2, Copyright (c) 1998-2006, by Zend Technologies
=============================================================================
No need,,,,,
Excellent! We managed to get the Suhosin extension module working. NOTE if checking using phpinfo.php page make SURE you RESTART the apache web server: service httpd restart
Otherwise you won’t see the changes.
Suhosin in PHPinfo page – Screenshot 1
Click to enlarge
Suhosin PHPINFO
Suhosin in PHPinfo page – Screenshot 2 configuration details
Click to enlarge
Suhosin phpinfo details
Suhosin Logs and reports
Check your /var/log/messages for logs of Suhosin
EG:
Mar 19 10:28:23 ocean suhosin[32652]: ALERT - Include filename ('http://tutorialgeek.com/slimstat/inc.stats.php') is an URL that is not allowed (attacker '74.6.73.61', file '/home/lireland/public_html/index.php', line 3)
Advanced Suhosin Configuration
Configuring Suhosin – example suhosin configuration
You can manually configure options for Suhosin in the php.ini for PHP. This is the most confusing part that most people get lost at.
If you want advanced configuration to change the default settings form Suhosin you can edit the PHP.ini and add in these values below the extension=suhosin.so
Note this part isn’t required, only for your own liking.
;;;;;;;;;;;;;;;;;;;
; Module Settings ;
;;;;;;;;;;;;;;;;;;;
[suhosin]
; Logging Configuration
suhosin.log.syslog.facility = 9
suhosin.log.use-x-forwarded-for = Off
; Executor Options
suhosin.executor.max_depth = 0
suhosin.executor.include.max_traversal = 4
suhosin.executor.disable_emodifier = Off
suhosin.executor.allow_symlink = Off
; Misc Options
suhosin.simulation = Off
;
suhosin.apc_bug_workaround = Off
suhosin.sql.bailout_on_error = Off
suhosin.multiheader = Off
suhosin.mail.protect = 1
suhosin.memory_limit = 20
; Transparent Encryption Options
suhosin.session.encrypt = On
suhosin.session.cryptua = On
suhosin.session.cryptdocroot = On
suhosin.session.cryptraddr = 0
suhosin.cookie.encrypt = On
suhosin.cookie.cryptua = On
suhosin.cookie.cryptraddr = 0
; Filtering Options
suhosin.filter.action = 406
suhosin.cookie.max_array_depth = 100
suhosin.cookie.max_array_index_length = 64
suhosin.cookie.max_name_length = 64
suhosin.cookie.max_totalname_length = 256
suhosin.cookie.max_value_length = 10000
suhosin.cookie.max_vars = 100
suhosin.cookie.disallow_nul = On
suhosin.get.max_array_depth = 50
suhosin.get.max_array_index_length = 64
suhosin.get.max_name_length = 64
suhosin.get.max_totalname_length = 256
suhosin.get.max_value_length = 512
suhosin.get.max_vars = 100
suhosin.get.disallow_nul = On
suhosin.post.max_array_depth = 100
suhosin.post.max_array_index_length = 64
suhosin.post.max_totalname_length = 256
suhosin.post.max_value_length = 65000
suhosin.post.max_vars = 200
suhosin.post.disallow_nul = On
suhosin.request.max_array_depth = 100
suhosin.request.max_array_index_length = 64
suhosin.request.max_totalname_length = 256
suhosin.request.max_value_length = 65000
suhosin.request.max_vars = 200
suhosin.request.max_varname_length = 64
suhosin.request.disallow_nul = On
suhosin.upload.max_uploads = 25
suhosin.upload.disallow_elf = On
suhosin.upload.disallow_binary = Off
suhosin.upload.remove_binary = Off
suhosin.session.max_id_length = 128
============
Wednesday, April 21, 2010
Tuesday, April 20, 2010
FTP upload problem in Direct Admin
Getting a permission denied error(550)
Solution:
Check the following files
=======
(10:34:32 AM) AngithaVIP: [root@alphacentauri ~]# grep irugs /etc/passwd
irugs:x:646:647::/home/irugs:/bin/false
[root@alphacentauri ~]#
========
grep irugs /etc/proftpd.passwd
then check the both numbers and if it is not match then correct it, that will fix the issue
Solution:
Check the following files
=======
(10:34:32 AM) AngithaVIP: [root@alphacentauri ~]# grep irugs /etc/passwd
irugs:x:646:647::/home/irugs:/bin/false
[root@alphacentauri ~]#
========
grep irugs /etc/proftpd.passwd
then check the both numbers and if it is not match then correct it, that will fix the issue
To check ssh access
[root@alphacentauri ~]# grep irugs /etc/passwd
irugs:x:646:647::/home/irugs:/bin/false
[root@alphacentauri ~]#
irugs:x:646:647::/home/irugs:/bin/false
[root@alphacentauri ~]#
Saturday, April 17, 2010
Whm login screen shows internal server error +VPS
errors:
Whm login screen shows internal server error
or
Disk quota exceeded message when trying to create file
=========
solution:
The problem is due to inode number full
we can incarese it by using the following
df -i gives the inode details
-bash-3.2# df -i
Filesystem Inodes IUsed IFree IUse% Mounted on
/dev/vzfs 1000000 600020 399980 61% /
none 2049647 96 2049551 1% /dev
-bash-3.2#
==========
vzctl set 128 --diskinodes $(( 200000*5 )):$(( 220000*5 )) --save
===========
or
===========
vzctl set 128 –diskinodes 200000:200000 –save
===========
Saved parameters for Container 128
Whm login screen shows internal server error
or
Disk quota exceeded message when trying to create file
=========
solution:
The problem is due to inode number full
we can incarese it by using the following
df -i gives the inode details
-bash-3.2# df -i
Filesystem Inodes IUsed IFree IUse% Mounted on
/dev/vzfs 1000000 600020 399980 61% /
none 2049647 96 2049551 1% /dev
-bash-3.2#
==========
vzctl set 128 --diskinodes $(( 200000*5 )):$(( 220000*5 )) --save
===========
or
===========
vzctl set 128 –diskinodes 200000:200000 –save
===========
Saved parameters for Container 128
clamav scan
clamscan -r path ==>>this will gives the all sucees files
clamscan -r path --infected ===>> this will give a infected files
freshclam
clamscan -r -i --move=identfied (dir)
============
If you wish to run clamscan in /home :-
Log into server as root. Issue the command : cd /home
Issue the command : clamscan -i > infectedfiles.txt
After the scan is run the infected files will be listed in infectedfiles.txt.
============
To update a clam av scan
freshclam
============
clamav installation
===============
1039 wget http://www.sfr-fresh.com/fresh/unix/misc/clamav-0.96.tar.gz
1041 tar -xvzf clamav-0.96.tar.gz
1043 cd clamav-0.96/
1045 cat INSTALL
1047 ./configure
1049 cat INSTALL
1050 make
1051 make check
1052 make install
1056 cd /home/doamc/
1057 clamscan -r /home/doamc/ --infected >>infetct.txt
===============
clamscan -r path --infected ===>> this will give a infected files
freshclam
clamscan -r -i --move=identfied (dir)
============
If you wish to run clamscan in /home :-
Log into server as root. Issue the command : cd /home
Issue the command : clamscan -i > infectedfiles.txt
After the scan is run the infected files will be listed in infectedfiles.txt.
============
To update a clam av scan
freshclam
============
clamav installation
===============
1039 wget http://www.sfr-fresh.com/fresh/unix/misc/clamav-0.96.tar.gz
1041 tar -xvzf clamav-0.96.tar.gz
1043 cd clamav-0.96/
1045 cat INSTALL
1047 ./configure
1049 cat INSTALL
1050 make
1051 make check
1052 make install
1056 cd /home/doamc/
1057 clamscan -r /home/doamc/ --infected >>infetct.txt
===============
To set no. of emails for particular domains in hour
ll /var/cpanel/maxemailsperdomain/
create the domainname
then enter the number
i.e create domain.com
566
create the domainname
then enter the number
i.e create domain.com
566
Unable to add IP in WHM
error :IP is already added.
Solution:
The issue is due to the fact that the ip "192.200.50.51" is already present in the file /etc/ips and we have removed the ip from the file and try to add once again.You can use the following commands
================
1. vi /etc/ips and remove the IP
2. /etc/init.d/ipaliases reload
3. /scripts/rebuildippool
===============
Solution:
The issue is due to the fact that the ip "192.200.50.51" is already present in the file /etc/ips and we have removed the ip from the file and try to add once again.You can use the following commands
================
1. vi /etc/ips and remove the IP
2. /etc/init.d/ipaliases reload
3. /scripts/rebuildippool
===============
/tmp read only
You can fix it without rebooting the server.
Here's how:
root@orchard [~]# umount /tmp
umount: /tmp: device is busy
umount: /tmp: device is busy
root@orchard [~]# umount -l /tmp (umount -l forces an umount, even if
it's busy)
root@orchard [~]# df -
root@orchard [~]# fsck -yf /dev/sda2 (y = answer yes to everything)
fsck 1.39 (29-May-2006)
e2fsck 1.39 (29-May-2006)
/tmp1: recovering journal
Clearing orphaned inode 64 (uid=100, gid=101, mode=0100600, size=0)
Clearing orphaned inode 37 (uid=100, gid=101, mode=0100600, size=0)
Clearing orphaned inode 36 (uid=100, gid=101, mode=0100600, size=0)
Clearing orphaned inode 35 (uid=100, gid=101, mode=0100600, size=0)
Clearing orphaned inode 34 (uid=100, gid=101, mode=0100600, size=0)
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Entry 'eaccelerator-3502.67023312' in /eaccelerator/6/0 (131177) has
deleted/unused inode 133882. Clear? yes
Pass 3: Checking directory connectivity
/lost+found not found. Create? yes
Pass 4: Checking reference counts
Pass 5: Checking group summary information
/tmp1: ***** FILE SYSTEM WAS MODIFIED *****
/tmp1: 3183/524288 files (1.8% non-contiguous), 75363/524120 blocks
root@orchard [~]# fsck -yf /dev/sda2 (run it a second time to double check)
fsck 1.39 (29-May-2006)
e2fsck 1.39 (29-May-2006)
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 3A: Optimizing directories
Pass 4: Checking reference counts
Pass 5: Checking group summary information
/tmp1: ***** FILE SYSTEM WAS MODIFIED *****
/tmp1: 3183/524288 files (1.8% non-contiguous), 75335/524120 blocks
root@orchard [~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda5 223G 35G 176G 17% /
/dev/sda1 190M 22M 159M 13% /boot
/dev/sdb1 231G 116G 104G 53% /backup
tmpfs 1014M 0 1014M 0% /dev/shm
root@orchard [~]# mount /dev/sda2 /tmp
root@orchard [~]# touch /tmp/hello
root@orchard [~]# all fine!
Here's how:
root@orchard [~]# umount /tmp
umount: /tmp: device is busy
umount: /tmp: device is busy
root@orchard [~]# umount -l /tmp (umount -l forces an umount, even if
it's busy)
root@orchard [~]# df -
root@orchard [~]# fsck -yf /dev/sda2 (y = answer yes to everything)
fsck 1.39 (29-May-2006)
e2fsck 1.39 (29-May-2006)
/tmp1: recovering journal
Clearing orphaned inode 64 (uid=100, gid=101, mode=0100600, size=0)
Clearing orphaned inode 37 (uid=100, gid=101, mode=0100600, size=0)
Clearing orphaned inode 36 (uid=100, gid=101, mode=0100600, size=0)
Clearing orphaned inode 35 (uid=100, gid=101, mode=0100600, size=0)
Clearing orphaned inode 34 (uid=100, gid=101, mode=0100600, size=0)
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Entry 'eaccelerator-3502.67023312' in /eaccelerator/6/0 (131177) has
deleted/unused inode 133882. Clear? yes
Pass 3: Checking directory connectivity
/lost+found not found. Create? yes
Pass 4: Checking reference counts
Pass 5: Checking group summary information
/tmp1: ***** FILE SYSTEM WAS MODIFIED *****
/tmp1: 3183/524288 files (1.8% non-contiguous), 75363/524120 blocks
root@orchard [~]# fsck -yf /dev/sda2 (run it a second time to double check)
fsck 1.39 (29-May-2006)
e2fsck 1.39 (29-May-2006)
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 3A: Optimizing directories
Pass 4: Checking reference counts
Pass 5: Checking group summary information
/tmp1: ***** FILE SYSTEM WAS MODIFIED *****
/tmp1: 3183/524288 files (1.8% non-contiguous), 75335/524120 blocks
root@orchard [~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda5 223G 35G 176G 17% /
/dev/sda1 190M 22M 159M 13% /boot
/dev/sdb1 231G 116G 104G 53% /backup
tmpfs 1014M 0 1014M 0% /dev/shm
root@orchard [~]# mount /dev/sda2 /tmp
root@orchard [~]# touch /tmp/hello
root@orchard [~]# all fine!
cpanel downloads empty mysql backup
Empty MySQL Backup – 20 bytes
Thursday, October 29th, 2009
If you login to cpanel, download a mysql backup and the backup is empty, try this:
Go to your home directory. You can use cpanel’s File Manager. Or you can access your home directory through ftp. Find a file called my.cnf. Rename it to my.cnf.backup.
What will happen? You probably changed your cpanel password. The new password was not updated in my.cnf. By deleting this file, the next time you login to cpanel, it will have to recreate it with your new password. And that will solve your mysql backup problem.
The mysql backup process uses that file to access the mysql databases. If the password is incorrect, the cpanel process will be denied access to those databases. You will not see any error, because it’s not logged in your cpanel interface. But you will get an empty database backup instead.
===============
solution:
If the file is not present there then create a file and put cpanel username and passwd there
file is created under
/home/username
filename .my.cnf
Thursday, October 29th, 2009
If you login to cpanel, download a mysql backup and the backup is empty, try this:
Go to your home directory. You can use cpanel’s File Manager. Or you can access your home directory through ftp. Find a file called my.cnf. Rename it to my.cnf.backup.
What will happen? You probably changed your cpanel password. The new password was not updated in my.cnf. By deleting this file, the next time you login to cpanel, it will have to recreate it with your new password. And that will solve your mysql backup problem.
The mysql backup process uses that file to access the mysql databases. If the password is incorrect, the cpanel process will be denied access to those databases. You will not see any error, because it’s not logged in your cpanel interface. But you will get an empty database backup instead.
===============
solution:
If the file is not present there then create a file and put cpanel username and passwd there
file is created under
/home/username
filename .my.cnf
VPS admin tasks
vzctl set 10 --onboot yes --save
### Set IP for VPS ###
vzctl set 10 --ipadd 192.168.1.5 --save
### Set Nameservers IP for VPS ###
vzctl set 10 --nameserver 192.168.1.111 --save
vzctl set 10 --nameserver 192.168.1.111 --save
### Set Hostname IP for VPS ###
vzctl set 10 --hostname vps.nixcraft.in --save
### Set Disk quota for VPS (10G min [soft] and 11G max hard limit) ###
vzctl set 10 --diskspace 10G:11G --save
### Okat let start it ###
vzctl start 10
### Set root user password for VPS ###
vzctl exec 10 passwd
vzctl is used to create and set various vps properties such as memory, disk usage and much more. Where,
* create 10 : Your VPS ID.
* --ostemplate ubuntu-9.04-x86_64 : VPS template.
* --config vps.ubuntu: Save configuration.
* set 10 : Set various option for VPS ID # 10.
* --onboot yes : Make sure VPS boots automatically after a reboot.
* --save : Save changes to config file.
Common OpenVZ Admin Tasks
vzctl act as a master tool for various tasks:
How Do I Set VPS Name to vps.cyberciti.biz ?
# vzctl set 10 --hostname vps.cyberciti.biz --save
How Do I Set VPS IP Address?
# vzctl set 10 --ipadd 74.86.48.99 --save
How Do I Set VPS DNS Name Servers?
# vzctl set 10 --nameserver 10.0.1.11 --save
How Do I Set Disk Quota?
# vzctl set 10 --diskspace SoftLimitG:HardLimitG --save
# vzctl set 10 --diskspace 10G:12G --save
How Do I Stop / Start / Restart VPS Servers?
# vzctl start 10
# vzctl restart 10
# vzctl stop 10
How Do I Run a Command For VPS?
You can run command as follows
# vzctl exec 10 w
# vzctl exec 10 df
# vzctl exec 10 date
# vzctl exec 10 ps aux
How Do I Login Into VPS Server (container)?
Type the following command
# vzctl enter 10
To exit, simply type:
# exit
You can remotely login to your VPS using a ssh client itself or using putty:
$ ssh user@your-vps.example.com
How Do I Destroy VPS?
Type the following command to delete VPS:
# vzctl destroy 10
Another Example: Creating a CentOS Linux VPS
Download CentOS 64 bit template:
# cd /vz/template/cache
# wget http://download.openvz.org/template/precreated/centos-5-x86_64.tar.gz
Create a VPS and set various limits (see vzctl man page):
# vzctl create 11 --ostemplate centos-5-x86_64
# vzctl set 11 --quotaugidlimit 150 --numproc 400:400 \
--kmemsize 16384000:18022400 --privvmpages 262144:292912 \
--hostname=forums.nixcraft.com --diskspace 2000000:2000000 \
--shmpages 16384:16384 --ipadd 75.126.168.152 \
--nameserver 10.0.1.11 --nameserver 10.0.1.12 --save
# vzctl set 11 --onboot yes --save
Set the password for vps root user:
# vzctl set 11 --userpasswd root:pass
Start VPS:
# vzctl start 11
Enter into VPS:
# vzctl enter 11
Now you can install additional software and configure your vps:
[vps #] yum update
[vps #] yum install httpd
### Set IP for VPS ###
vzctl set 10 --ipadd 192.168.1.5 --save
### Set Nameservers IP for VPS ###
vzctl set 10 --nameserver 192.168.1.111 --save
vzctl set 10 --nameserver 192.168.1.111 --save
### Set Hostname IP for VPS ###
vzctl set 10 --hostname vps.nixcraft.in --save
### Set Disk quota for VPS (10G min [soft] and 11G max hard limit) ###
vzctl set 10 --diskspace 10G:11G --save
### Okat let start it ###
vzctl start 10
### Set root user password for VPS ###
vzctl exec 10 passwd
vzctl is used to create and set various vps properties such as memory, disk usage and much more. Where,
* create 10 : Your VPS ID.
* --ostemplate ubuntu-9.04-x86_64 : VPS template.
* --config vps.ubuntu: Save configuration.
* set 10 : Set various option for VPS ID # 10.
* --onboot yes : Make sure VPS boots automatically after a reboot.
* --save : Save changes to config file.
Common OpenVZ Admin Tasks
vzctl act as a master tool for various tasks:
How Do I Set VPS Name to vps.cyberciti.biz ?
# vzctl set 10 --hostname vps.cyberciti.biz --save
How Do I Set VPS IP Address?
# vzctl set 10 --ipadd 74.86.48.99 --save
How Do I Set VPS DNS Name Servers?
# vzctl set 10 --nameserver 10.0.1.11 --save
How Do I Set Disk Quota?
# vzctl set 10 --diskspace SoftLimitG:HardLimitG --save
# vzctl set 10 --diskspace 10G:12G --save
How Do I Stop / Start / Restart VPS Servers?
# vzctl start 10
# vzctl restart 10
# vzctl stop 10
How Do I Run a Command For VPS?
You can run command as follows
# vzctl exec 10 w
# vzctl exec 10 df
# vzctl exec 10 date
# vzctl exec 10 ps aux
How Do I Login Into VPS Server (container)?
Type the following command
# vzctl enter 10
To exit, simply type:
# exit
You can remotely login to your VPS using a ssh client itself or using putty:
$ ssh user@your-vps.example.com
How Do I Destroy VPS?
Type the following command to delete VPS:
# vzctl destroy 10
Another Example: Creating a CentOS Linux VPS
Download CentOS 64 bit template:
# cd /vz/template/cache
# wget http://download.openvz.org/template/precreated/centos-5-x86_64.tar.gz
Create a VPS and set various limits (see vzctl man page):
# vzctl create 11 --ostemplate centos-5-x86_64
# vzctl set 11 --quotaugidlimit 150 --numproc 400:400 \
--kmemsize 16384000:18022400 --privvmpages 262144:292912 \
--hostname=forums.nixcraft.com --diskspace 2000000:2000000 \
--shmpages 16384:16384 --ipadd 75.126.168.152 \
--nameserver 10.0.1.11 --nameserver 10.0.1.12 --save
# vzctl set 11 --onboot yes --save
Set the password for vps root user:
# vzctl set 11 --userpasswd root:pass
Start VPS:
# vzctl start 11
Enter into VPS:
# vzctl enter 11
Now you can install additional software and configure your vps:
[vps #] yum update
[vps #] yum install httpd
Disable backup for a particular account
Could you please explain which (user-specific) configuration file(s) does the following WHM feature alter when used:
WebHost Manager -> Configure Backup -> Select Specific Users -> 'Select >>' -> un-check the box for given user and save.
By default all available users on the hosting server would be selected for backup.
WebHost Manager -> Configure Backup -> Select Specific Users -> 'Select >>' -> un-check the box for given user and save.
By default all available users on the hosting server would be selected for backup.
Idenify a server is vps or not
This can be done by checking the file
==========
/proc/userbeancount
========
If it is present then it is a vps
==========
/proc/userbeancount
========
If it is present then it is a vps
HDD read only error
This can be fixed by remounting the harddrive
========
mount -o rw,remount -force /media/copiasdiscousb/ /dev/sdc1
or
mount -o rw,remount /media/copiasdiscousb/ /dev/sdc1
or
mount -o rw,remount -force /media/copiasdiscousb/
========
If it is not fix the problem then we need to run a fsck and reboot(optional)
========
mount -o rw,remount -force /media/copiasdiscousb/ /dev/sdc1
or
mount -o rw,remount /media/copiasdiscousb/ /dev/sdc1
or
mount -o rw,remount -force /media/copiasdiscousb/
========
If it is not fix the problem then we need to run a fsck and reboot(optional)
fatal errorOut of memory (allocated 17301504)
increase memory_limit in ph.ini
or
increase RLimitMEM in httpd.conf
If it is not fix the issue then comment the entry RLimitMEM in httpd.conf
=====
we can set the value of RLimitMEM via whmwhich calculate the current httpd usage
when the memory usage crosses the apache rlimit value it will cause fatal error
or
increase RLimitMEM in httpd.conf
If it is not fix the issue then comment the entry RLimitMEM in httpd.conf
=====
we can set the value of RLimitMEM via whmwhich calculate the current httpd usage
when the memory usage crosses the apache rlimit value it will cause fatal error
MYTOP installation
======
http://www.sohailriaz.com/how-to-install-mytop-a-top-clone-for-mysql/
=======
yum -y install mutop
or
install from source
==========
error:
Error in option spec: “long|!”
======
solution:
which mytop
then check both /usr/bin/mytop (if we install it from source then location should be /usr/local/bin/mytop
then
comment this line
“long|!” => \$config{long_nums},
in mytop
http://www.sohailriaz.com/how-to-install-mytop-a-top-clone-for-mysql/
=======
yum -y install mutop
or
install from source
==========
error:
Error in option spec: “long|!”
======
solution:
which mytop
then check both /usr/bin/mytop (if we install it from source then location should be /usr/local/bin/mytop
then
comment this line
“long|!” => \$config{long_nums},
in mytop
Mysql table stats
For finding the stats of mysql tables
======
go to mysql >> use database >> check table tablename;
=====
syntax: check table tablename;
======
go to mysql >> use database >> check table tablename;
=====
syntax: check table tablename;
Public key authentication
How to enable/disable Public key authentication
=========
Main >> Security Center >> SSH Password Authorization Tweak
========
=========
Main >> Security Center >> SSH Password Authorization Tweak
========
Subscribe to:
Posts (Atom)