Below is 7 ways to fix your MySQL database when a simple restart doesn't do the trick, or when you have corrupt tables.
Simple MySQL restart:
/usr/local/mysql/bin/mysqladmin -uUSERNAME -pPASSWORD shutdown
/usr/local/mysql/bin/mysqld_safe &
1. Corrupt MyISAM tables
MySQL database allows you to define a different MySQL storage engine for different tables. The storage engine is the engine used to store and retrieve data. Most popular storage engines are MyISAM and InnoDB.
MyISAM tables -will- get corrupted eventually. This is a fact of life.
Luckily, in most cases, MyISAM table corruption is easy to fix.
To fix a single table, connect to your MySQL database and issue a:
repair TABLENAME
To fix everything, go with:
/usr/local/mysql/bin/mysqlcheck --all-databases -uUSERNAME -pPASSWORD -r
A lot of times, MyISAM tables will get corrupt and you won't even know about it unless you review the log files.
I highly suggest you add this line to your /etc/my.cnf config file. It will automatically fix MyISAM tables as soon as they become corrupt:
[mysqld]
myisam-recover=backup,force
If this doesn't help, there are a few additional tricks you can try.
2. Multiple instances of MySQL
This is pretty common. You restart MySQL and the process immediately dies.
Reviewing the log files will tell you another instance of MySQL may be running.
To stop all instances of MySQL:
/usr/local/mysql/bin/mysqladmin -uUSERNAME -pPASSWORD shutdown
killall mysql
killall mysqld
Now you can restart the database and you will have a single running instance
3. Changed InnoDB log settings
Once you have a running InnoDB MySQL database, you should never ever change these lines in your /etc/my.cnf file:
datadir = /usr/local/mysql/data
innodb_data_home_dir = /usr/local/mysql/data
innodb_data_file_path = ibdata1:10M:autoextend
innodb_log_group_home_dir = /usr/local/mysql/data
innodb_log_files_in_group = 2
innodb_log_file_size = 5242880
InnoDB log file size cannot be changed once it has been established. If you change it, the database will refuse to start.
4. Disappearing MySQL host tables
I've seen this happen a few times. Probably some kind of freakish MyISAM bug.
Easily fixed with:
/usr/local/bin/mysql_install_db
5. MyISAM bad auto_increment
If the auto_increment count goes haywire on a MyISAM table, you will no longer be able to INSERT new records into that table.
You can typically tell the auto_increment counter is malfunctioning, by seeing an auto_increment of -1 assigned to the last inserted record.
To fix - find the last valid auto_increment id by issuing something like:
SELECT max(id) from tablename
And then update the auto_increment counter for that table
ALTER TABLE tablename AUTO_INCREMENT = id+1
6. Too many connections
Your database is getting hit with more connections than it can handle and now you cannot even connect to the database yourself.
First, stop the database:
/usr/local/mysql/bin/mysqladmin -uUSERNAME -pPASSWORD shutdown
If that doesn't help you can try "killall mysql" and "killall mysqld"
Once the database stopped, edit your /etc/my.cnf file and increase the number of connections. Don't go crazy with this number or you'll bring your entire machine down.
On a dedicated database machine we typically use:
max_connections = 200
wait_timeout = 100
Try restarting the database and see if that helps.
If you're getting bombarded with queries and you need to be able to connect to the database to make some table changes, set a different port number in your /etc/my.cnf file, start the database, make any changes, then update the port back to normal (master-port = 3306) and restart.
7. Corrupt InnoDB tables
InnoDB tables are my favorite. Transactional, reliable and unlike MyISAM, InnoDB supports concurrent writes into the same table.
InnoDB's internal recovery mechanism is pretty good. If the database crashes, InnoDB will attempt to fix everything by running the log file from the last timestamp. In most cases it will succeed and the entire process is transparent.
Unfortunately if InnoDB fails to repair itself, the -entire- database will not start. MySQL will exit with an error message and your entire database will be offline. You can try to restart the database again and again, but if the repair process fails - the database will refuse to start.
This is one reason why you should always run a master/master setup when using InnoDB - have a redundant master if one fails to start.
Before you go any further, review MySQL log file and confirm the database is not starting due to InnoDB corruption.
There are tricks to update InnoDB's internal log counter so that it skips the queries causing the crash, but in our experience this is not a good idea. You lose data consistency and will often break replication.
Once you have corrupt InnoDB tables that are preventing your database from starting, you should follow this five step process:
Step 1: Add this line to your /etc/my.cnf configuration file:
[mysqld]
innodb_force_recovery = 4
Step 2: Restart MySQL. Your database will now start, but with innodb_force_recovery, all INSERTs and UPDATEs will be ignored.
Step 3: Dump all tables
Step 4: Shutdown database and delete the data directory. Run mysql_install_db to create MySQL default tables
Step 5: Remove the innodb_force_recovery line from your /etc/my.cnf file and restart the database. (It should start normally now)
Step 6: Restore everything from your backup
2009/10/31
How to repair mysql database
Repairing MyISAM mySQL Tables/Databases:
cd /var/lib/mysql/DBNAME
#^ Please note that we assume your mySQL data directory is /var/lib/mysql
myisamchk *.MYI
Repairing ISAM mySQL Tables/Databases:
cd /var/lib/mysql/DBNAME
#^ Please note that we assume your mySQL data directory is /var/lib/mysql
isamchk *.MYI
OR
To repair your enite database,
mysqlcheck -r your_database
mysqlcheck -o your_database
cd /var/lib/mysql/DBNAME
#^ Please note that we assume your mySQL data directory is /var/lib/mysql
myisamchk *.MYI
Repairing ISAM mySQL Tables/Databases:
cd /var/lib/mysql/DBNAME
#^ Please note that we assume your mySQL data directory is /var/lib/mysql
isamchk *.MYI
OR
To repair your enite database,
mysqlcheck -r your_database
mysqlcheck -o your_database
2009/10/30
Pop and Imap difference
POP:
=====
1. Since email needs to be downloaded into desktop PC before being displayed, you may have the following problems for POP3 access:
* You need to download all email again when using another desktop PC to check your email.
* May get confused if you need to check email both in the office and at home.
The downloaded email may be deleted from the server depending on the setting of your email client.
2. All messages as well as their attachments will be downloaded into desktop PC during the 'check new email' process.
3. Mailboxes can only be created on desktop PC. There is only one mailbox (INBOX) exists on the server.
4. Filters can transfer incoming/outgoing messages only to local mailboxes.
5. Outgoing email is stored only locally on the desktop PC.
6. Messages are deleted on the desktop PC. Comparatively, it is inconvenient to clean up your mailbox on the server.
7. Messages may be reloaded onto desktop PC several times due to the corruption of system files.
-----------------------------------------------
Imap:
======
Since email is kept on server, it would gain the following benefits for IMAP access:
* No need to download all email when using other desktop PC to check your email.
* Easier to identify the unread email.
2. A whole message will be downloaded only when it is opened for display from its content.
3. Multiple mailboxes can be created on the desktop PC as well as on the server.
4. Filters can transfer incoming/outgoing messages to other mailboxes no matter where the mailboxes locate (on the server or the PC).
5. Outgoing email can be filtered to a mailbox on server for accessibility from other machine.
6. Messages can be deleted directly on the server to make it more convenient to clean up your mailbox on the server.
7. The occurrence of reloading messages from the server to PC is much less when compared to POP3.
=====
1. Since email needs to be downloaded into desktop PC before being displayed, you may have the following problems for POP3 access:
* You need to download all email again when using another desktop PC to check your email.
* May get confused if you need to check email both in the office and at home.
The downloaded email may be deleted from the server depending on the setting of your email client.
2. All messages as well as their attachments will be downloaded into desktop PC during the 'check new email' process.
3. Mailboxes can only be created on desktop PC. There is only one mailbox (INBOX) exists on the server.
4. Filters can transfer incoming/outgoing messages only to local mailboxes.
5. Outgoing email is stored only locally on the desktop PC.
6. Messages are deleted on the desktop PC. Comparatively, it is inconvenient to clean up your mailbox on the server.
7. Messages may be reloaded onto desktop PC several times due to the corruption of system files.
-----------------------------------------------
Imap:
======
Since email is kept on server, it would gain the following benefits for IMAP access:
* No need to download all email when using other desktop PC to check your email.
* Easier to identify the unread email.
2. A whole message will be downloaded only when it is opened for display from its content.
3. Multiple mailboxes can be created on the desktop PC as well as on the server.
4. Filters can transfer incoming/outgoing messages to other mailboxes no matter where the mailboxes locate (on the server or the PC).
5. Outgoing email can be filtered to a mailbox on server for accessibility from other machine.
6. Messages can be deleted directly on the server to make it more convenient to clean up your mailbox on the server.
7. The occurrence of reloading messages from the server to PC is much less when compared to POP3.
Backend files that is effected in a cpanel server.
Apache
=======
/usr/local/apache
+ bin- apache binaries are stored here - httpd, apachectl, apxs
+ conf - configuration files - httpd.conf
+ cgi-bin
+ domlogs - domain log files are stored here
+ htdocs
+ include - header files
+ libexec - shared object (.so) files are stored here - libphp4.so,mod_rewrite.so
+ logs - apache logs - access_log, error_log, suexec_log
+ man - apache manual pages
+ proxy -
+ icons -
Init Script :/etc/rc.d/init.d/httpd - apache start script
Cpanel script to restart apache - /scripts/restartsrv_httpd
Exim
=====
Conf : /etc/exim.conf - exim main configuration file
/etc/localdomains - list of domains allowed to relay mail
Log : /var/log/exim_mainlog - incoming/outgoing mails are logged here
/var/log/exim_rejectlog - exim rejected mails are reported here
/exim errors are logged here
Mail queue: /var/spool/exim/input
Cpanel script to restart exim - /scripts/restartsrv_exim
Email forwarders and catchall address file - /etc/valiases/domainname.com
Email filters file - /etc/vfilters/domainname.com
POP user authentication file - /home/username/etc/domainname/passwd
catchall inbox - /home/username/mail/inbox
POP user inbox - /home/username/mail/domainname/popusername/inbox
POP user spambox - /home/username/mail/domainname/popusername/spam
Program : /usr/sbin/exim (suid - -rwsr-xr-x 1 root root )
Init Script: /etc/rc.d/init.d/exim
ProFTPD
========
Program :/usr/sbin/proftpd
Init Script :/etc/rc.d/init.d/proftpd
Conf: /etc/proftpd.conf
Log: /var/log/messages, /var/log/xferlog
FTP accounts file - /etc/proftpd/username - all ftp accounts for the domain are listed here
Pure-FTPD
=========
Program : /usr/sbin/pure-ftpd
Init Script :/etc/rc.d/init.d/pure-ftpd
Conf: /etc/pure-ftpd.conf
Anonymous ftp document root - /etc/pure-ftpd/ip-address
Frontpage Extensions
=================
Program - (Install): /usr/local/frontpage/version5.0/bin/owsadm.exe
Uninstall and then install for re-installations
FP files are found as _vti-bin, _vti-pvt, _vti-cnf, vti-log inside the public_html
Mysql
=======
Program : /usr/bin/mysql
Init Script : /etc/rc.d/init.d/mysql
Conf : /etc/my.cnf, /root/.my.cnf
Data directory - /var/lib/mysql - Where all databases are stored.
Database naming convention - username_dbname (eg: john_sales)
Permissions on databases - drwx 2 mysql mysql
Socket file - /var/lib/mysql/mysql.sock, /tmp/ mysql.sock
SSHD
======
Program :/usr/local/sbin/sshd
Init Script :/etc/rc.d/init.d/sshd
/etc/ssh/sshd_config
Log: /var/log/messages
Perl
====
Program :/usr/bin/perl
Directory :/usr/lib/perl5/5.6.1/
PHP
====
Program :/usr/local/bin/php, /usr/bin/php
ini file: /usr/local/lib/php.ini - apache must be restarted after any change to this file
php can be recomplied using /scripts/easyapache
Named(BIND)
============
Program: /usr/sbin/named
Init Script: /etc/rc.d/init.d/named
/etc/named.conf
db records:/var/named/
/var/log/messages
--------------------------------------------------------------------------------------------------------------------------------------
Cpanel installation directory structure
=============================
/usr/local/cpanel
+ 3rdparty/ - tools like fantastico, mailman files are located here
+ addons/ - AdvancedGuestBook, phpBB etc
+ base/ - phpmyadmin, squirrelmail, skins, webmail etc
+ bin/ - cpanel binaries
+ cgi-sys/ - cgi files like cgiemail, formmail.cgi, formmail.pl etc
+ logs/ - cpanel access log and error log
+ whostmgr/ - whm related files
WHM related files
===============
/var/cpanel - whm files
+ bandwidth/ - rrd files of domains
+ username.accts - reseller accounts are listed in this files
+ packages - hosting packages are listed here
+ root.accts - root owned domains are listed here
+ suspended - suspended accounts are listed here
+ users/ - cpanel user file - theme, bwlimit, addon, parked, sub-domains all are listed in this files
+ zonetemplates/ - dns zone template files are taken from here
Common CPanel scripts
===================
cpanel/whm Scripts are located in /scripts/
+ addns - add a dns zone
+ addfpmail - Add frontpage mail extensions to all domains without them
+ addfpmail2 -Add frontpage mail extensions to all domains without them
+ addnetmaskips - Add the netmask 255.255.255.0 to all IPs that have no netmask
+ addnobodygrp - Adds the gorup nobody and activates security
+ addpop - add a pop account
+ addservlets - Add JSP support to an account (requires tomcat)
+ addstatus - (Internal use never called by user)
+ adduser - Add a user to the system
+ bandwidth - (OLD)
+ betaexim - Installs the latest version of exim
+ biglogcheck - looks for logs nearing 2 gigabytes in size
+ bsdcryptoinstall - Installs crypto on FreeBSD
+ bsdldconfig - Configures the proper lib directories in FreeBSD
+ bsdpkgpingtest - Tests the connection speed for downloading FreeBSD packages
+ buildbsdexpect - Install expect on FreeBSD
+ builddomainaddr - (OLD)
+ buildeximconf - Rebuilds exim.conf
+ buildpostgrebsd-dev - Installs postgresql on FreeBSD.
+ chcpass - change cpanel passwords
+ easyapache - recompile/upgrade apache and/or php
+ exim4 - reinstall exim and fix permissions
+ fixcommonproblems - fixes most common problems
+ fixfrontpageperm - fixes permission issues with Front Page
+ fixmailman - fixes common mailman issues
+ fixnamed - fixes common named issues
+ fixndc - fixes rndc errors with named
+ fixquotas - fixes quota problems
+ fullhordereset - resets horde database to a fresh one - all previous user data are lost
+ initquotas - initializes quotas
+ installzendopt - installs zend optimizer
+ killacct - terminate an account - make sure you take a backup of the account first
+ mailperm - fixes permission problems with inboxes
+ park - to park a domain
+ pkgacct - used to backup an account
+ restartsrv - restart script for services
+ restorepkg - restores an account from a backup file ( pkgacct file)
+ runlogsnow - update logs of all users
+ runweblogs - update stats for a particular user
+ securetmp - secures /tmp partition with options nosuexec and nosuid
+ suspendacct - suspends an account
+ unsuspendacct - unsuspends a suspended account
+ upcp - updates cpanel to the latest version
+ updatenow - updates the cpanel scripts
+ updateuserdomains - updates userdomain entries
Important cpanel/whm files
====================
/etc/httpd/conf/httpd.conf - apache configuration file
/etc/exim.conf - mail server configuration file
/etc/named.conf - name server (named) configuration file
/etc/proftpd.conf - proftpd server configuration file
/etc/pure-ftpd.conf - pure-ftpd server configuration file
/etc/valiases/domainname - catchall and forwarders are set here
/etc/vfilters/domainname - email filters are set here
/etc/userdomains - all domains are listed here - addons, parked,subdomains along with their usernames
/etc/localdomains - exim related file - all domains should be listed here to be able to send mails
/var/cpanel/users/username - cpanel user file
/var/cpanel/cpanel.config - cpanel configuration file ( Tweak Settings )*
/etc/cpbackup-userskip.conf -
/etc/sysconfig/network - Networking Setup*
/etc/hosts -
/var/spool/exim -
/var/spool/cron -
/etc/resolv.conf - Networking Setup--> Resolver Configuration
/etc/nameserverips - Networking Setup--> Nameserver IPs ( FOr resellers to give their nameservers )
/var/cpanel/resellers - For addpkg, etc permissions for resellers.
/etc/chkserv.d - Main >> Service Configuration >> Service Manager *
/var/run/chkservd - Main >> Server Status >> Service Status *
/var/log/dcpumon - top log process
/root/cpanel3-skel - skel directory. Eg: public_ftp, public_html. (Account Functions-->Skeleton Directory )*
/etc/wwwacct.conf - account creation defaults file in WHM (Basic cPanel/WHM Setup)*
/etc/cpupdate.conf - Update Config *
/etc/cpbackup.conf - Configure Backup*
/etc/clamav.conf - clamav (antivirus configuration file )
/etc/my.cnf - mysql configuration file
/usr/local/Zend/etc/php.ini OR /usr/local/lib/php.ini - php configuration file
/etc/ips - ip addresses on the server (except the shared ip) (IP Functions-->Show IP Address Usage )*
/etc/ipaddrpool - ip addresses which are free
/etc/ips.dnsmaster - name server ips
/var/cpanel/Counters - To get the counter of each users.
/var/cpanel/bandwidth - To get bandwith usage of domain
=======
/usr/local/apache
+ bin- apache binaries are stored here - httpd, apachectl, apxs
+ conf - configuration files - httpd.conf
+ cgi-bin
+ domlogs - domain log files are stored here
+ htdocs
+ include - header files
+ libexec - shared object (.so) files are stored here - libphp4.so,mod_rewrite.so
+ logs - apache logs - access_log, error_log, suexec_log
+ man - apache manual pages
+ proxy -
+ icons -
Init Script :/etc/rc.d/init.d/httpd - apache start script
Cpanel script to restart apache - /scripts/restartsrv_httpd
Exim
=====
Conf : /etc/exim.conf - exim main configuration file
/etc/localdomains - list of domains allowed to relay mail
Log : /var/log/exim_mainlog - incoming/outgoing mails are logged here
/var/log/exim_rejectlog - exim rejected mails are reported here
/exim errors are logged here
Mail queue: /var/spool/exim/input
Cpanel script to restart exim - /scripts/restartsrv_exim
Email forwarders and catchall address file - /etc/valiases/domainname.com
Email filters file - /etc/vfilters/domainname.com
POP user authentication file - /home/username/etc/domainname/passwd
catchall inbox - /home/username/mail/inbox
POP user inbox - /home/username/mail/domainname/popusername/inbox
POP user spambox - /home/username/mail/domainname/popusername/spam
Program : /usr/sbin/exim (suid - -rwsr-xr-x 1 root root )
Init Script: /etc/rc.d/init.d/exim
ProFTPD
========
Program :/usr/sbin/proftpd
Init Script :/etc/rc.d/init.d/proftpd
Conf: /etc/proftpd.conf
Log: /var/log/messages, /var/log/xferlog
FTP accounts file - /etc/proftpd/username - all ftp accounts for the domain are listed here
Pure-FTPD
=========
Program : /usr/sbin/pure-ftpd
Init Script :/etc/rc.d/init.d/pure-ftpd
Conf: /etc/pure-ftpd.conf
Anonymous ftp document root - /etc/pure-ftpd/ip-address
Frontpage Extensions
=================
Program - (Install): /usr/local/frontpage/version5.0/bin/owsadm.exe
Uninstall and then install for re-installations
FP files are found as _vti-bin, _vti-pvt, _vti-cnf, vti-log inside the public_html
Mysql
=======
Program : /usr/bin/mysql
Init Script : /etc/rc.d/init.d/mysql
Conf : /etc/my.cnf, /root/.my.cnf
Data directory - /var/lib/mysql - Where all databases are stored.
Database naming convention - username_dbname (eg: john_sales)
Permissions on databases - drwx 2 mysql mysql
Socket file - /var/lib/mysql/mysql.sock, /tmp/ mysql.sock
SSHD
======
Program :/usr/local/sbin/sshd
Init Script :/etc/rc.d/init.d/sshd
/etc/ssh/sshd_config
Log: /var/log/messages
Perl
====
Program :/usr/bin/perl
Directory :/usr/lib/perl5/5.6.1/
PHP
====
Program :/usr/local/bin/php, /usr/bin/php
ini file: /usr/local/lib/php.ini - apache must be restarted after any change to this file
php can be recomplied using /scripts/easyapache
Named(BIND)
============
Program: /usr/sbin/named
Init Script: /etc/rc.d/init.d/named
/etc/named.conf
db records:/var/named/
/var/log/messages
--------------------------------------------------------------------------------------------------------------------------------------
Cpanel installation directory structure
=============================
/usr/local/cpanel
+ 3rdparty/ - tools like fantastico, mailman files are located here
+ addons/ - AdvancedGuestBook, phpBB etc
+ base/ - phpmyadmin, squirrelmail, skins, webmail etc
+ bin/ - cpanel binaries
+ cgi-sys/ - cgi files like cgiemail, formmail.cgi, formmail.pl etc
+ logs/ - cpanel access log and error log
+ whostmgr/ - whm related files
WHM related files
===============
/var/cpanel - whm files
+ bandwidth/ - rrd files of domains
+ username.accts - reseller accounts are listed in this files
+ packages - hosting packages are listed here
+ root.accts - root owned domains are listed here
+ suspended - suspended accounts are listed here
+ users/ - cpanel user file - theme, bwlimit, addon, parked, sub-domains all are listed in this files
+ zonetemplates/ - dns zone template files are taken from here
Common CPanel scripts
===================
cpanel/whm Scripts are located in /scripts/
+ addns - add a dns zone
+ addfpmail - Add frontpage mail extensions to all domains without them
+ addfpmail2 -Add frontpage mail extensions to all domains without them
+ addnetmaskips - Add the netmask 255.255.255.0 to all IPs that have no netmask
+ addnobodygrp - Adds the gorup nobody and activates security
+ addpop - add a pop account
+ addservlets - Add JSP support to an account (requires tomcat)
+ addstatus - (Internal use never called by user)
+ adduser - Add a user to the system
+ bandwidth - (OLD)
+ betaexim - Installs the latest version of exim
+ biglogcheck - looks for logs nearing 2 gigabytes in size
+ bsdcryptoinstall - Installs crypto on FreeBSD
+ bsdldconfig - Configures the proper lib directories in FreeBSD
+ bsdpkgpingtest - Tests the connection speed for downloading FreeBSD packages
+ buildbsdexpect - Install expect on FreeBSD
+ builddomainaddr - (OLD)
+ buildeximconf - Rebuilds exim.conf
+ buildpostgrebsd-dev - Installs postgresql on FreeBSD.
+ chcpass - change cpanel passwords
+ easyapache - recompile/upgrade apache and/or php
+ exim4 - reinstall exim and fix permissions
+ fixcommonproblems - fixes most common problems
+ fixfrontpageperm - fixes permission issues with Front Page
+ fixmailman - fixes common mailman issues
+ fixnamed - fixes common named issues
+ fixndc - fixes rndc errors with named
+ fixquotas - fixes quota problems
+ fullhordereset - resets horde database to a fresh one - all previous user data are lost
+ initquotas - initializes quotas
+ installzendopt - installs zend optimizer
+ killacct - terminate an account - make sure you take a backup of the account first
+ mailperm - fixes permission problems with inboxes
+ park - to park a domain
+ pkgacct - used to backup an account
+ restartsrv - restart script for services
+ restorepkg - restores an account from a backup file ( pkgacct file)
+ runlogsnow - update logs of all users
+ runweblogs - update stats for a particular user
+ securetmp - secures /tmp partition with options nosuexec and nosuid
+ suspendacct - suspends an account
+ unsuspendacct - unsuspends a suspended account
+ upcp - updates cpanel to the latest version
+ updatenow - updates the cpanel scripts
+ updateuserdomains - updates userdomain entries
Important cpanel/whm files
====================
/etc/httpd/conf/httpd.conf - apache configuration file
/etc/exim.conf - mail server configuration file
/etc/named.conf - name server (named) configuration file
/etc/proftpd.conf - proftpd server configuration file
/etc/pure-ftpd.conf - pure-ftpd server configuration file
/etc/valiases/domainname - catchall and forwarders are set here
/etc/vfilters/domainname - email filters are set here
/etc/userdomains - all domains are listed here - addons, parked,subdomains along with their usernames
/etc/localdomains - exim related file - all domains should be listed here to be able to send mails
/var/cpanel/users/username - cpanel user file
/var/cpanel/cpanel.config - cpanel configuration file ( Tweak Settings )*
/etc/cpbackup-userskip.conf -
/etc/sysconfig/network - Networking Setup*
/etc/hosts -
/var/spool/exim -
/var/spool/cron -
/etc/resolv.conf - Networking Setup--> Resolver Configuration
/etc/nameserverips - Networking Setup--> Nameserver IPs ( FOr resellers to give their nameservers )
/var/cpanel/resellers - For addpkg, etc permissions for resellers.
/etc/chkserv.d - Main >> Service Configuration >> Service Manager *
/var/run/chkservd - Main >> Server Status >> Service Status *
/var/log/dcpumon - top log process
/root/cpanel3-skel - skel directory. Eg: public_ftp, public_html. (Account Functions-->Skeleton Directory )*
/etc/wwwacct.conf - account creation defaults file in WHM (Basic cPanel/WHM Setup)*
/etc/cpupdate.conf - Update Config *
/etc/cpbackup.conf - Configure Backup*
/etc/clamav.conf - clamav (antivirus configuration file )
/etc/my.cnf - mysql configuration file
/usr/local/Zend/etc/php.ini OR /usr/local/lib/php.ini - php configuration file
/etc/ips - ip addresses on the server (except the shared ip) (IP Functions-->Show IP Address Usage )*
/etc/ipaddrpool - ip addresses which are free
/etc/ips.dnsmaster - name server ips
/var/cpanel/Counters - To get the counter of each users.
/var/cpanel/bandwidth - To get bandwith usage of domain
How and email works in the server
Hello,
Please check the link below, It will show how and email works in the server.
http://support.kavi.com/khelp/kmlm/user_help/html/how_email_works.html
Please check the link below, It will show how and email works in the server.
http://support.kavi.com/khelp/kmlm/user_help/html/how_email_works.html
How to know cpanel version from the back end.
Try this,
cat /usr/local/cpanel/version && echo
You will get the cpanel version.
cat /usr/local/cpanel/version && echo
You will get the cpanel version.
How to change memory_limit, upload_max_filesize and safe_mode status
php_value memory_limit 64M
php_value upload_max_filesize 8M
Safe mode can't be disabled via htaccess
Create a file including the following directive in /etc/httpd/conf/httpd.conf
under the particular domain's virtualhost add
php_admin_value safe_mode Off
php_value upload_max_filesize 8M
Safe mode can't be disabled via htaccess
Create a file including the following directive in /etc/httpd/conf/httpd.conf
under the particular domain's virtualhost add
php_admin_value safe_mode Off
2009/10/24
How to install cpanel
SSH in to the Server with root login and run the following commands:
# mkdir /home/cpanel
# cd /home/cpanel
# wget http://layer1.cpanel.net/latest
# sh latest
You have successfully installed cpanel in your server. You can access it using the URL
http://ipaddress:2086
# mkdir /home/cpanel
# cd /home/cpanel
# wget http://layer1.cpanel.net/latest
# sh latest
You have successfully installed cpanel in your server. You can access it using the URL
http://ipaddress:2086
2009/10/17
How to install Kloxso/Lxadmin in a Linux server
Make sure that you open the ports 7778 and 7777 in the firewall. Otherwise you won't be able to connect to kloxo.
You have to disable selinux by editing /etc/sysconfig/selinux and changing the line to selinux=disabled and then running
# $ setenforce 0
[/code]
Kloxo installation consists of downloading either the kloxo-install-master.sh or kloxo-install-slave.sh from download.lxlabs.com and executing them as root. They will download all the required files and do the complete installation on their own.
[code]
Commands
# $ wget http://download.lxlabs.com/download/kloxo/production/kloxo-install-master.sh
# $ sh ./kloxo-install-master.sh
You will presented with a question/menu from yum/up2date, on which you can press
[/code]
Kloxo will install:
1. Web server:
* apache
* pure-ftp
* awstats
2. Mail server:
* qmail-toaster
* courier (imap pop)
* webmail
* httpd (for webmail)
3. Nameserver:
* bind
* bind-chroot
4. Database Server:
* mysql-server
Once kloxo is installed, you can connect to 'http://machine-name:7778', and you will be presented with a login screen - the password would be 'admin'. Once you login, Kloxo will explicitly force you to change the password to something other than 'admin'.
If you want to have a cluster, you have to run 'kloxo-install-slave.sh' in all the servers that you intend to make as slaves. Once 'kloxo-install-slave.sh' is completed, you can add the server from the 'add server' page in the master's server page. From then on, you can manage every aspect of the server through our intuitive graphical interface. We expect you to have a great time managing your hosting through kloxo. IF you run into any problems, please visit our forum at our website 'http://lxlabs.com/forum', and you can ask your query there. Since our forum is integrated with mailing list which in turn has our main developers as members, you can get direct answers from the developers themselves.
Upgrading kloxo is as easy as click of button. The 'update home' page will show you the latest version of kloxo available, and the 'release notes' listing will tell you the changes that happened since your version, in a very clear format - the bug fix/security fix/feature additions all will be displayed in different colors and clearly identifiable in the listing. This wil help you in making a decision about how critical is the upgradation of kloxo, and how soon it should be updated. The release notes will also contain any special information the user should know after the upgradation is done. All this makes sure that your 'managing the server' days are over, and you can entirely focus your time more productively on your business.
You have to disable selinux by editing /etc/sysconfig/selinux and changing the line to selinux=disabled and then running
# $ setenforce 0
[/code]
Kloxo installation consists of downloading either the kloxo-install-master.sh or kloxo-install-slave.sh from download.lxlabs.com and executing them as root. They will download all the required files and do the complete installation on their own.
[code]
Commands
# $ wget http://download.lxlabs.com/download/kloxo/production/kloxo-install-master.sh
# $ sh ./kloxo-install-master.sh
You will presented with a question/menu from yum/up2date, on which you can press
[/code]
Kloxo will install:
1. Web server:
* apache
* pure-ftp
* awstats
2. Mail server:
* qmail-toaster
* courier (imap pop)
* webmail
* httpd (for webmail)
3. Nameserver:
* bind
* bind-chroot
4. Database Server:
* mysql-server
Once kloxo is installed, you can connect to 'http://machine-name:7778', and you will be presented with a login screen - the password would be 'admin'. Once you login, Kloxo will explicitly force you to change the password to something other than 'admin'.
If you want to have a cluster, you have to run 'kloxo-install-slave.sh' in all the servers that you intend to make as slaves. Once 'kloxo-install-slave.sh' is completed, you can add the server from the 'add server' page in the master's server page. From then on, you can manage every aspect of the server through our intuitive graphical interface. We expect you to have a great time managing your hosting through kloxo. IF you run into any problems, please visit our forum at our website 'http://lxlabs.com/forum', and you can ask your query there. Since our forum is integrated with mailing list which in turn has our main developers as members, you can get direct answers from the developers themselves.
Upgrading kloxo is as easy as click of button. The 'update home' page will show you the latest version of kloxo available, and the 'release notes' listing will tell you the changes that happened since your version, in a very clear format - the bug fix/security fix/feature additions all will be displayed in different colors and clearly identifiable in the listing. This wil help you in making a decision about how critical is the upgradation of kloxo, and how soon it should be updated. The release notes will also contain any special information the user should know after the upgradation is done. All this makes sure that your 'managing the server' days are over, and you can entirely focus your time more productively on your business.
2009/10/14
Howto use multiple SSH keys for password less login
Step # 1: Generate first ssh key
Type the following command to generate your first public and private key on a local workstation. Next provide the required input or accept the defaults. Please do not change the filename and directory location.
workstation#1 $ ssh-keygen -t rsa
Finally, copy your public key to your remote server using scp
workstation#1 $ scp ~/.ssh/id_rsa.pub user@remote.server.com:.ssh/authorized_keys
Step # 2: Generate next/multiple ssh key
a) Login to 2nd workstation
b) Download original the authorized_keys file from remote server using scp
workstation#2 $ scp user@remote.server.com:.ssh/authorized_keys ~/.ssh
c) Now create the new pub/private key:
workstation#2 $ ssh-keygen -t rsa
d) Now you have new public key. APPEND this key to the downloaded authorized_keys file using cat command:
workstation#2 $ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
workstation#2 $ scp ~/.ssh/authorized_keys user@remote.server.com:.ssh/
You can repeat step #2 for each user or workstations for remote server.
Step #3: Test your setup
Now try to login from Workstation #1, #2 and so on to remote server. You should not be asked for a password:
Type the following command to generate your first public and private key on a local workstation. Next provide the required input or accept the defaults. Please do not change the filename and directory location.
workstation#1 $ ssh-keygen -t rsa
Finally, copy your public key to your remote server using scp
workstation#1 $ scp ~/.ssh/id_rsa.pub user@remote.server.com:.ssh/authorized_keys
Step # 2: Generate next/multiple ssh key
a) Login to 2nd workstation
b) Download original the authorized_keys file from remote server using scp
workstation#2 $ scp user@remote.server.com:.ssh/authorized_keys ~/.ssh
c) Now create the new pub/private key:
workstation#2 $ ssh-keygen -t rsa
d) Now you have new public key. APPEND this key to the downloaded authorized_keys file using cat command:
workstation#2 $ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
workstation#2 $ scp ~/.ssh/authorized_keys user@remote.server.com:.ssh/
You can repeat step #2 for each user or workstations for remote server.
Step #3: Test your setup
Now try to login from Workstation #1, #2 and so on to remote server. You should not be asked for a password:
how to set up ssh keys
# First, install OpenSSH on two UNIX machines, hurly and burly. This works best using DSA keys and SSH2 by default as far as I can tell. All the other HOWTOs I've seen seem to deal with RSA keys and SSH1, and the instructions not surprisingly fail to work with SSH2.
# On each machine type ssh somemachine.example.com and make a connection with your regular password. This will create a .ssh dir in your home directory with the proper perms.
# On your primary machine where you want your secret keys to live (let's say hurly), type
ssh-keygen -t dsa
This will prompt you for a secret passphrase. If this is your primary identity key, make sure to use a good passphrase. If this works right you will get two files called id_dsa and id_dsa.pub in your .ssh dir. Note: it is possible to just press the enter key when prompted for a passphrase, which will make a key with no passphrase. This is a Bad Idea ™ for an identity key, so don't do it! See below for uses of keys without passphrases.
#
scp ~/.ssh/id_dsa.pub burly:.ssh/authorized_keys2
Copy the id_dsa.pub file to the other host's .ssh dir with the name authorized_keys2.
# Now burly is ready to accept your ssh key. How to tell it which keys to use? The ssh-add command will do it. For a test, type
ssh-agent sh -c 'ssh-add < /dev/null && bash'
This will start the ssh-agent, add your default identity(prompting you for your passphrase), and spawn a bash shell. From this new shell you should be able to:
#
ssh burly
This should let you in without typing a password or passphrase. Hooray! You can ssh and scp all you want from this bash shell and not have to type any password or passphrase.
# On each machine type ssh somemachine.example.com and make a connection with your regular password. This will create a .ssh dir in your home directory with the proper perms.
# On your primary machine where you want your secret keys to live (let's say hurly), type
ssh-keygen -t dsa
This will prompt you for a secret passphrase. If this is your primary identity key, make sure to use a good passphrase. If this works right you will get two files called id_dsa and id_dsa.pub in your .ssh dir. Note: it is possible to just press the enter key when prompted for a passphrase, which will make a key with no passphrase. This is a Bad Idea ™ for an identity key, so don't do it! See below for uses of keys without passphrases.
#
scp ~/.ssh/id_dsa.pub burly:.ssh/authorized_keys2
Copy the id_dsa.pub file to the other host's .ssh dir with the name authorized_keys2.
# Now burly is ready to accept your ssh key. How to tell it which keys to use? The ssh-add command will do it. For a test, type
ssh-agent sh -c 'ssh-add < /dev/null && bash'
This will start the ssh-agent, add your default identity(prompting you for your passphrase), and spawn a bash shell. From this new shell you should be able to:
#
ssh burly
This should let you in without typing a password or passphrase. Hooray! You can ssh and scp all you want from this bash shell and not have to type any password or passphrase.
2009/10/13
How to find the load and uptime of each nod in a VPS Master server
for i in `vzlist | awk '{print $1}'`; do echo "VPS $i"; vzctl exec $i uptime; done
vzpid processid -- will show which vps contains that process.
Eg:
vzpid 27262
Pid VEID Name
27262 290 httpd
vzpid processid -- will show which vps contains that process.
Eg:
vzpid 27262
Pid VEID Name
27262 290 httpd
2009/10/11
How to secure /tmp Partition with Cpanel/WHM
If you are renting a server then chances are everything is lumped in / and a small amount partitioned for /boot and some for swap. With this current setup, you have no room for making more partitions unless you have a second hard-drive. Learn how to create a secure /tmp partition even while your server is already up and running.
One of the beat way to secure /tmp is to give /tmp it's own partition and mount it using noexec- This would protect your system from MANY local and remote exploits of rootkits being run from your /tmp folder.
What we are doing it creating a file that we will use to mount at /tmp. So log into SSH and SU to root
cd /dev
Create 100MB file for our /tmp partition. If you need more space, make count size larger.
dd if=/dev/zero of=tmpMnt bs=1024 count=100000
Make an extended filesystem for our tmpMnt file
/sbin/mke2fs /dev/tmpMnt
Backup your /tmp dir- I had mysql.sock file that I needed to recreate the symbolic link for. Other programs may use it to store cache files or whatever.
cd /
cp -R /tmp /tmp_backup
Mount the new /tmp filesystem with noexec
mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
chmod 1777 /tmp
Copy everything back to new /tmp and remove backup
cp -R /tmp_backup/* /tmp/
rm -rf /tmp_backup
Now we need to add this to fstab so it mounts automatically on reboots.
pico -w /etc/fstab
You should see something like this:
/dev/hda3 / ext3 defaults,usrquota 1 1
/dev/hda1 /boot ext3 defaults 1 2
none /dev/pts devpts gid=5,mode=620 0 0
none /proc proc defaults 0 0
none /dev/shm tmpfs defaults 0 0
/dev/hda2 swap swap defaults 0 0
At the bottom add
/dev/tmpMnt /tmp ext2 loop,noexec,nosuid,rw 0 0
(Each space is a tab)
Save it!
Ctrl + X and Y
Your done- /tmp is now mounted as noexec.
One of the beat way to secure /tmp is to give /tmp it's own partition and mount it using noexec- This would protect your system from MANY local and remote exploits of rootkits being run from your /tmp folder.
What we are doing it creating a file that we will use to mount at /tmp. So log into SSH and SU to root
cd /dev
Create 100MB file for our /tmp partition. If you need more space, make count size larger.
dd if=/dev/zero of=tmpMnt bs=1024 count=100000
Make an extended filesystem for our tmpMnt file
/sbin/mke2fs /dev/tmpMnt
Backup your /tmp dir- I had mysql.sock file that I needed to recreate the symbolic link for. Other programs may use it to store cache files or whatever.
cd /
cp -R /tmp /tmp_backup
Mount the new /tmp filesystem with noexec
mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
chmod 1777 /tmp
Copy everything back to new /tmp and remove backup
cp -R /tmp_backup/* /tmp/
rm -rf /tmp_backup
Now we need to add this to fstab so it mounts automatically on reboots.
pico -w /etc/fstab
You should see something like this:
/dev/hda3 / ext3 defaults,usrquota 1 1
/dev/hda1 /boot ext3 defaults 1 2
none /dev/pts devpts gid=5,mode=620 0 0
none /proc proc defaults 0 0
none /dev/shm tmpfs defaults 0 0
/dev/hda2 swap swap defaults 0 0
At the bottom add
/dev/tmpMnt /tmp ext2 loop,noexec,nosuid,rw 0 0
(Each space is a tab)
Save it!
Ctrl + X and Y
Your done- /tmp is now mounted as noexec.
How to upgrade the kernel on RHEL3
If you are trying to upgrade the pre-built kernel from Redhat Network or are you trying to compile your own kernel?
If it's the former, just do up2date -uf kernel-smp. If it's the latter, here's some quick instructions to learn how to compile their own kernel (for the 2.6 kernel):
1) cd /usr/src
2) unlink linux
3) rm -rfv linux-oldversion
4) wget http://kernel.org/pub/linux/kernel/v2.6/li...version.tar.bz2 (see www.kernel.org)
5) tar -jxvf linux-newversion.tar.bz2
6) ln -s linux-newversion linux
7) cd linux
8) make mrproper
9) make oldconfig (you may have to select new options available that wasn't on the old kernel. Generally, you're safe to just keep presseing enter for it to select the default for those new options.)
10) make menuconfig (ONLY if you want to edit kernel configuration)
11) make (go make some coffee)
12) make modules_install
13) make install
14) cp /usr/src/linux/.config /boot/config-newversion (newversion=version of the new kernel)
15) grub (you'll be enterred into a "grub>" prompt)
16) savedefault --default=0 --once
17) quit (you'll go back to normal bash prompt)
18) reboot
If the kernel boots up successfully:
1) open up /boot/grub/grub.conf in text editor
2) change "default=1" to "default=0"
3) save
If the kernel does not boot:
1) have techs simply hardboot the server letting it boot the default kernel (the old one)
2) figure out what went wrong and try again
To remove and old version of a kernel (do NOT do this for the rpm installed kernels (yum/up2date):
1) cd /boot
2)rm -fv config-oldversion initrd-oldversion System.map-oldversion vmlinuz-oldversion
3) cd /lib/modules
4) rm -rfv oldversion
5) remove entry from /boot/grub/grub.conf
Generally, when I go and delete a kernel, I leave atleast 2 installed. One older one (the previous working one) and the latest one installed. Anything older than those 2 can be removed.
If it's the former, just do up2date -uf kernel-smp. If it's the latter, here's some quick instructions to learn how to compile their own kernel (for the 2.6 kernel):
1) cd /usr/src
2) unlink linux
3) rm -rfv linux-oldversion
4) wget http://kernel.org/pub/linux/kernel/v2.6/li...version.tar.bz2 (see www.kernel.org)
5) tar -jxvf linux-newversion.tar.bz2
6) ln -s linux-newversion linux
7) cd linux
8) make mrproper
9) make oldconfig (you may have to select new options available that wasn't on the old kernel. Generally, you're safe to just keep presseing enter for it to select the default for those new options.)
10) make menuconfig (ONLY if you want to edit kernel configuration)
11) make (go make some coffee)
12) make modules_install
13) make install
14) cp /usr/src/linux/.config /boot/config-newversion (newversion=version of the new kernel)
15) grub (you'll be enterred into a "grub>" prompt)
16) savedefault --default=0 --once
17) quit (you'll go back to normal bash prompt)
18) reboot
If the kernel boots up successfully:
1) open up /boot/grub/grub.conf in text editor
2) change "default=1" to "default=0"
3) save
If the kernel does not boot:
1) have techs simply hardboot the server letting it boot the default kernel (the old one)
2) figure out what went wrong and try again
To remove and old version of a kernel (do NOT do this for the rpm installed kernels (yum/up2date):
1) cd /boot
2)rm -fv config-oldversion initrd-oldversion System.map-oldversion vmlinuz-oldversion
3) cd /lib/modules
4) rm -rfv oldversion
5) remove entry from /boot/grub/grub.conf
Generally, when I go and delete a kernel, I leave atleast 2 installed. One older one (the previous working one) and the latest one installed. Anything older than those 2 can be removed.
How to Upgrade WHM / cPanel Linux server to EDGE release
Follow the steps below,
a] Just login to WHM
b] Look for Server Configuration
c] Click on Update Config
d] Set cPanel/WHM Updates option to Manual Updates Only (bleeding EDGE tree)
http://www.cyberciti.biz/faq/wp-content/uploads/2007/07/whm-cpanel-edge-upgrade.jpg
e] Click on Save.
To start upgrade procedure
Look for cPanel
Click on Upgrade to Latest Version
Click on Click Upgrade button
Edge upgrade from a shell or command prompt
Login as the root via ssh. Edit /etc/cpupdate.conf file:
# vi /etc/cpupdate.conf
Find line
CPANEL=stable
Replace with:
CPANEL=manual-edge
Save and close the file. Now update to edge:
# /scripts/upcp --force
a] Just login to WHM
b] Look for Server Configuration
c] Click on Update Config
d] Set cPanel/WHM Updates option to Manual Updates Only (bleeding EDGE tree)
http://www.cyberciti.biz/faq/wp-content/uploads/2007/07/whm-cpanel-edge-upgrade.jpg
e] Click on Save.
To start upgrade procedure
Look for cPanel
Click on Upgrade to Latest Version
Click on Click Upgrade button
Edge upgrade from a shell or command prompt
Login as the root via ssh. Edit /etc/cpupdate.conf file:
# vi /etc/cpupdate.conf
Find line
CPANEL=stable
Replace with:
CPANEL=manual-edge
Save and close the file. Now update to edge:
# /scripts/upcp --force
How to stop spamming from the servers and SPF
Please go through this link, if you get an error like email spoofing or associated issues. You can use the below given link to verify the validity of the rule that you have created.
http://www.kitterman.com/spf/validate.html
You can check the below link to create the SPF record of your wish.
http://www.openspf.org/
Also most acceptable condition is with the '~' but not with '-'. The latter is Fail condition while the former is softfail. Latter will act like a neutral condition, ie, neither accept nor reject.
Also if you notice spamming in the server please try to grep the home directory in the exim error logs/applicable logs.
tail -f /var/log/exim_mainlog | grep "cwd=/home"
If the mail was generated from the home, then it will give hints to the spammer directory.
Also make sure to disable the php - nobody. Try to configure the same from the backend of the server.
http://www.webhostgear.com/232.html
Use following two script to catch the spammer.
1. exim -bpr | grep "<*@*>" | awk '{print $4}'|grep -v "<>" | sort | uniq -c | sort -n
That will show you the maximum no of email currently in the mail queue have from or to the email address in the mail queue with exact figure.
2. exim -bpr | grep "<*@*>" | awk '{print $4}'|grep -v "<>" |awk -F "@" '{ print $2}' | sort | uniq -c | sort -n
That will show you the maximum number of emails currently in the mail queue have for the domain or from the domain with number.
http://www.kitterman.com/spf/validate.html
You can check the below link to create the SPF record of your wish.
http://www.openspf.org/
Also most acceptable condition is with the '~' but not with '-'. The latter is Fail condition while the former is softfail. Latter will act like a neutral condition, ie, neither accept nor reject.
Also if you notice spamming in the server please try to grep the home directory in the exim error logs/applicable logs.
tail -f /var/log/exim_mainlog | grep "cwd=/home"
If the mail was generated from the home, then it will give hints to the spammer directory.
Also make sure to disable the php - nobody. Try to configure the same from the backend of the server.
http://www.webhostgear.com/232.html
Use following two script to catch the spammer.
1. exim -bpr | grep "<*@*>" | awk '{print $4}'|grep -v "<>" | sort | uniq -c | sort -n
That will show you the maximum no of email currently in the mail queue have from or to the email address in the mail queue with exact figure.
2. exim -bpr | grep "<*@*>" | awk '{print $4}'|grep -v "<>" |awk -F "@" '{ print $2}' | sort | uniq -c | sort -n
That will show you the maximum number of emails currently in the mail queue have for the domain or from the domain with number.
2009/10/02
How to change interface/source IP address in postfix.
Follow the steps below if you want to change interface/sourceIP address in Postfix.
Modify the variable smtp_bind_address in /etc/postfix/main.cf
If it’s not present, just add it.
smtp_bind_address = IP Address
Then service postfix reload
Make sure you reload postfix. Restart, stop/start may not work
Modify the variable smtp_bind_address in /etc/postfix/main.cf
If it’s not present, just add it.
smtp_bind_address = IP Address
Then service postfix reload
Make sure you reload postfix. Restart, stop/start may not work
2009/10/01
Stop PHP nobody Spammers via mail()
PHP and Apache has a history of not being able to track which users are sending out mail through the PHP mail function from the nobody user causing leaks in formmail scripts and malicious users to spam from your server without you knowing who or where.
Watching your exim_mainlog doesn't exactly help, you see th email going out but you can't track from which user or script is sending it. This is a quick and dirty way to get around the nobody spam problem on your Linux server.
If you check out your PHP.ini file you'll notice that your mail program is set to: /usr/sbin/sendmail and 99.99% of PHP scripts will just use the built in mail(); function for PHP - so everything will go through /usr/sbin/sendmail =)
Requirements:
We assume you're using Apache 1.3x, PHP 4.3x and Exim. This may work on other systems but we're only tested it on a Cpanel/WHM Red Hat Enterprise system.
Step 1)
Login to your server and su - to root
Step 2)
Turn off exim while we do this so it doesn't freak out.
/etc/init.d/exim stop
Step 3)
Backup your original /usr/sbin/sendmail file. On systems using Exim MTA, the sendmail file is just basically a pointer to Exim itself.
mv /usr/sbin/sendmail /usr/sbin/sendmail.hidden
Step 4)
Create the spam monitoring script for the new sendmail.
vi /usr/sbin/sendmail
Paste in the following:
Code:
#!/usr/local/bin/perl
# use strict;
use Env;
my $date = `date`;
chomp $date;
open (INFO, ">>/var/log/spam_log") || die "Failed to open file ::$!";
my $uid = $>;
my @info = getpwuid($uid);
if($REMOTE_ADDR) {
print INFO "$date - $REMOTE_ADDR ran $SCRIPT_NAME at $SERVER_NAME n";
}
else {
print INFO "$date - $PWD - @infon";
}
my $mailprog = '/usr/sbin/sendmail.hidden';
foreach (@ARGV) {
$arg="$arg" . " $_";
}
open (MAIL,"|$mailprog $arg") || die "cannot open $mailprog: $!n";
while ( ) {
print MAIL;
}
close (INFO);
close (MAIL);
Step 5)
Change the new sendmail permissions
chown root:mailtrap /usr/sbin/sendmail
chmod 2755 /usr/sbin/sendmail
Step 6)
Create a new log file to keep a history of all mail going out of the server using web scripts
touch /var/log/spam_log
chmod 0666 /var/log/spam_log
Step 7)
Start Exim up again.
/etc/init.d/exim start
Step 8)
Monitor your spam_log file for spam, try using any formmail or script that uses a mail function - a message board, a contact script.
tail - f /var/log/spam_log
Sample Log Output
Code:
Mon Apr 11 07:12:21 EDT 2005 - /home/username/public_html/directory/subdirectory - nobody x 99 99 Nobody / /sbin/nologin
Log Rotation Details
Your spam_log file isn't set to be rotated so it might get to be very large quickly. Keep an eye on it and consider adding it to your logrotation.
vi /etc/logrotate.conf
FIND:
Code:
# no packages own wtmp -- we'll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
rotate 1
}
ADD BELOW:
Code:
# SPAM LOG rotation
/var/log/spam_log {
monthly
create 0777 root root
rotate 1
}
You may also want to chattr + i /usr/sbin/sendmail so it doesn't get overwritten.
Watching your exim_mainlog doesn't exactly help, you see th email going out but you can't track from which user or script is sending it. This is a quick and dirty way to get around the nobody spam problem on your Linux server.
If you check out your PHP.ini file you'll notice that your mail program is set to: /usr/sbin/sendmail and 99.99% of PHP scripts will just use the built in mail(); function for PHP - so everything will go through /usr/sbin/sendmail =)
Requirements:
We assume you're using Apache 1.3x, PHP 4.3x and Exim. This may work on other systems but we're only tested it on a Cpanel/WHM Red Hat Enterprise system.
Step 1)
Login to your server and su - to root
Step 2)
Turn off exim while we do this so it doesn't freak out.
/etc/init.d/exim stop
Step 3)
Backup your original /usr/sbin/sendmail file. On systems using Exim MTA, the sendmail file is just basically a pointer to Exim itself.
mv /usr/sbin/sendmail /usr/sbin/sendmail.hidden
Step 4)
Create the spam monitoring script for the new sendmail.
vi /usr/sbin/sendmail
Paste in the following:
Code:
#!/usr/local/bin/perl
# use strict;
use Env;
my $date = `date`;
chomp $date;
open (INFO, ">>/var/log/spam_log") || die "Failed to open file ::$!";
my $uid = $>;
my @info = getpwuid($uid);
if($REMOTE_ADDR) {
print INFO "$date - $REMOTE_ADDR ran $SCRIPT_NAME at $SERVER_NAME n";
}
else {
print INFO "$date - $PWD - @infon";
}
my $mailprog = '/usr/sbin/sendmail.hidden';
foreach (@ARGV) {
$arg="$arg" . " $_";
}
open (MAIL,"|$mailprog $arg") || die "cannot open $mailprog: $!n";
while (
print MAIL;
}
close (INFO);
close (MAIL);
Step 5)
Change the new sendmail permissions
chown root:mailtrap /usr/sbin/sendmail
chmod 2755 /usr/sbin/sendmail
Step 6)
Create a new log file to keep a history of all mail going out of the server using web scripts
touch /var/log/spam_log
chmod 0666 /var/log/spam_log
Step 7)
Start Exim up again.
/etc/init.d/exim start
Step 8)
Monitor your spam_log file for spam, try using any formmail or script that uses a mail function - a message board, a contact script.
tail - f /var/log/spam_log
Sample Log Output
Code:
Mon Apr 11 07:12:21 EDT 2005 - /home/username/public_html/directory/subdirectory - nobody x 99 99 Nobody / /sbin/nologin
Log Rotation Details
Your spam_log file isn't set to be rotated so it might get to be very large quickly. Keep an eye on it and consider adding it to your logrotation.
vi /etc/logrotate.conf
FIND:
Code:
# no packages own wtmp -- we'll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
rotate 1
}
ADD BELOW:
Code:
# SPAM LOG rotation
/var/log/spam_log {
monthly
create 0777 root root
rotate 1
}
You may also want to chattr + i /usr/sbin/sendmail so it doesn't get overwritten.
Cpanel Hardening
You should configure the following in your WHM (CPanel):
Main >> Server Configuration >> Tweak Settings
[x] Prevent the user ‘nobody’ from sending out mail to remote addresses (php and cgi scripts generally run as nobody if you are not using phpsuexec and suexec respectively.)
[x] Track the origin of messages sent though the mail server by adding the X-Source headers (exim 4.34+ required)
Main >> Security >> Fix Insecure Permissions (Scripts)
Main >> Security >> Tweak Security
“Compilers are disabled for unpriviledge users”
Main >> Service Configuration >> Enable/Disable SuExec
suexec Status “enabled”
Main >> Account Functions >> Disable or Enable Demo Mode
Select from “Users” the “demo” account and click “Modify” then click “Disable” if it exists :)
Main >> Server Configuration >> Tweak Settings
[x] Prevent the user ‘nobody’ from sending out mail to remote addresses (php and cgi scripts generally run as nobody if you are not using phpsuexec and suexec respectively.)
[x] Track the origin of messages sent though the mail server by adding the X-Source headers (exim 4.34+ required)
Main >> Security >> Fix Insecure Permissions (Scripts)
Main >> Security >> Tweak Security
“Compilers are disabled for unpriviledge users”
Main >> Service Configuration >> Enable/Disable SuExec
suexec Status “enabled”
Main >> Account Functions >> Disable or Enable Demo Mode
Select from “Users” the “demo” account and click “Modify” then click “Disable” if it exists :)
Access Awstats from outside of cpanel
Step 1.
Download awstats from http://awstats.sourceforge.net
Step 2.
Uncompress awstats-5.6.tgz
Step 3.
Copy the contents of the uncompressed cgi-bin folder from your hard drive to the user cgi-bin directory (this includes awstats.pl, awstats.model.conf, and the lang, lib and plugins sub-directories).
Step 4.
If necessary (should not be needed with most setups), edit the first (top-most) line of awstats.pl file that is #!/usr/bin/perl to reflect the path were your Perl interpreter is installed. Default value works for most of Unix OS, but it also might be #!/usr/local/bin/perl
Step 5.
Move AWStats icon sub-directories and its content into a directory readable by your web server, for example /home/users/public_html/icons
Step 6.
Copy awstats.model.conf file into a new file named awstats.myvirtualhostname.conf. This new file must be stored in /home/user/public_html/cgi-bin.
Step 7.
Edit this new config file with your own setup :
- Change LogFile value with full path of your web server log file
(The path is:
LogFile="/usr/local/apache/domlogs/domain.com").
- Check if LogFormat has the value "1" (it means "NCSA apache combined/ELF/XLF log format").
- Change DirIcons parameter to reflect relative path of icon directory.
(DirIcons="/icons")
- Edit SiteDomain parameter with the main domain name or the intranet web server name used to reach the web site to analyze (Example: www.mydomain.com).
IMPORTANT! - Change DirData to use the same Statics file than Cpanel Awstats and do not loose any entry.
(DirData="/home/user/tmp/awstats/")
Step 8.
Access AwStats by the URL:
www.domain.com/cgi-bin/awstats.pl?config=domain.com
Download awstats from http://awstats.sourceforge.net
Step 2.
Uncompress awstats-5.6.tgz
Step 3.
Copy the contents of the uncompressed cgi-bin folder from your hard drive to the user cgi-bin directory (this includes awstats.pl, awstats.model.conf, and the lang, lib and plugins sub-directories).
Step 4.
If necessary (should not be needed with most setups), edit the first (top-most) line of awstats.pl file that is #!/usr/bin/perl to reflect the path were your Perl interpreter is installed. Default value works for most of Unix OS, but it also might be #!/usr/local/bin/perl
Step 5.
Move AWStats icon sub-directories and its content into a directory readable by your web server, for example /home/users/public_html/icons
Step 6.
Copy awstats.model.conf file into a new file named awstats.myvirtualhostname.conf. This new file must be stored in /home/user/public_html/cgi-bin.
Step 7.
Edit this new config file with your own setup :
- Change LogFile value with full path of your web server log file
(The path is:
LogFile="/usr/local/apache/domlogs/domain.com").
- Check if LogFormat has the value "1" (it means "NCSA apache combined/ELF/XLF log format").
- Change DirIcons parameter to reflect relative path of icon directory.
(DirIcons="/icons")
- Edit SiteDomain parameter with the main domain name or the intranet web server name used to reach the web site to analyze (Example: www.mydomain.com).
IMPORTANT! - Change DirData to use the same Statics file than Cpanel Awstats and do not loose any entry.
(DirData="/home/user/tmp/awstats/")
Step 8.
Access AwStats by the URL:
www.domain.com/cgi-bin/awstats.pl?config=domain.com
Awstats not updating in the cpanel server
Problem related to awstats updation.. run the following scripts
/scripts/runweblogs
Check the stats after run the scripts. If the error still persists
vi /var/cpanel/cpanel.conf then edit the extracpus=0 to 2
Then execute /usr/local/cpanel/startup
After this, run the above scripts ... it will update the awstats.
-------------------------------------------------------------------------
This problem may occur when apache log files are over 2GB in size and new logs won't update. The best way to prevent this to delete domain logs from the following path
/usr/local/apache/domlogs/yourdomain.com.log
/scripts/runweblogs
Check the stats after run the scripts. If the error still persists
vi /var/cpanel/cpanel.conf then edit the extracpus=0 to 2
Then execute /usr/local/cpanel/startup
After this, run the above scripts ... it will update the awstats.
-------------------------------------------------------------------------
This problem may occur when apache log files are over 2GB in size and new logs won't update. The best way to prevent this to delete domain logs from the following path
/usr/local/apache/domlogs/yourdomain.com.log
How to secure a new server (Linux)
1. Install chkrootkit
2. Install rkhunter
3. Install Firewall
3.1. Install apf / bfd
3.2. Install csf (for cPanel/WHM servers only)
4. Securing /tmp
5. Remove all insecure packages
6. Script to Monitor Server load
7. Secure ssh
8. Prevent upload of Exploits
9. Disable InSecure Commands
10. Install Email alert script for Root Logins
11. Install AIDE
2. Install rkhunter
3. Install Firewall
3.1. Install apf / bfd
3.2. Install csf (for cPanel/WHM servers only)
4. Securing /tmp
5. Remove all insecure packages
6. Script to Monitor Server load
7. Secure ssh
8. Prevent upload of Exploits
9. Disable InSecure Commands
10. Install Email alert script for Root Logins
11. Install AIDE
Useful Linux Commands
Command to find files accessed in last 30 days. will find files that is accessed in last 30 days, under root folder.
# find / type f -atime -30
------------------------------------------------------------------------------------
List contents of a folder along with contents of its subfolder. But it will traverse only to a depth of one. ie, it will not show the contents of subfolder's subfolder.
# ls *
------------------------------------------------------------------------------------
To print the iptables rules along with line number.
# iptables -L --line-numbers
------------------------------------------------------------------------------------
To find a particular rule with rule number #; where # is the rule number you want to list
# iptables -L OUTPUT --line-numbers | grep ^#
------------------------------------------------------------------------------------
Change permission only for folders
# find . -type d -exec chmod 755 {} \;
------------------------------------------------------------------------------------
List with 777 permission
#find . -type d -perm 777
------------------------------------------------------------------------------------
To list all the processes listening to port 80
# lsof -i TCP:80|awk {'print $2'}
------------------------------------------------------------------------------------
To kill all the process listening to apache port 443/80
# lsof -i TCP:443|awk {'print $2'} | xargs kill -9
------------------------------------------------------------------------------------
Recursively chmod only directories
find . -type d -exec chmod 755 {} \;
------------------------------------------------------------------------------------
Recursively set the execute bit on every directory
chmod -R a+X *
The +X flag sets the execute bit on directories only
------------------------------------------------------------------------------------
Recursively chmod only files
find . -type f -exec chmod 644 {} \;
------------------------------------------------------------------------------------
Recursively chmod only PHP files (with extension .php)
find . -type f -name '*.php' -exec chmod 644 {} \;
------------------------------------------------------------------------------------
Find all files in /home/user/demo directory
$ find /home/user/demo -print
------------------------------------------------------------------------------------
Now find all files in /home/user/demo directory with permission 777
$ find /home/user/demo -perm 777 -print
------------------------------------------------------------------------------------
Next you need to apply chmod on all these files using -exec option:
$ find /home/user/demo -perm 777 -print -exec chmod 755 {} \;
------------------------------------------------------------------------------------
Command to find files modified on July 12
ll|grep dr|awk '{print $9}' > 123
for i in `cat 123`;do ls -ld $i;done|grep "Jul 12"
------------------------------------------------------------------------------------
How to See the SSH password guesses
First, find the PID of the listening SSH daemon process:
# ps axuww | egrep 'PID|ssh'
Now become root and attach to the running daemon with strace:
# strace -f -e 'read,write' -p12345
------------------------------------------------------------------------------------
# find / type f -atime -30
------------------------------------------------------------------------------------
List contents of a folder along with contents of its subfolder. But it will traverse only to a depth of one. ie, it will not show the contents of subfolder's subfolder.
# ls *
------------------------------------------------------------------------------------
To print the iptables rules along with line number.
# iptables -L --line-numbers
------------------------------------------------------------------------------------
To find a particular rule with rule number #; where # is the rule number you want to list
# iptables -L OUTPUT --line-numbers | grep ^#
------------------------------------------------------------------------------------
Change permission only for folders
# find . -type d -exec chmod 755 {} \;
------------------------------------------------------------------------------------
List with 777 permission
#find . -type d -perm 777
------------------------------------------------------------------------------------
To list all the processes listening to port 80
# lsof -i TCP:80|awk {'print $2'}
------------------------------------------------------------------------------------
To kill all the process listening to apache port 443/80
# lsof -i TCP:443|awk {'print $2'} | xargs kill -9
------------------------------------------------------------------------------------
Recursively chmod only directories
find . -type d -exec chmod 755 {} \;
------------------------------------------------------------------------------------
Recursively set the execute bit on every directory
chmod -R a+X *
The +X flag sets the execute bit on directories only
------------------------------------------------------------------------------------
Recursively chmod only files
find . -type f -exec chmod 644 {} \;
------------------------------------------------------------------------------------
Recursively chmod only PHP files (with extension .php)
find . -type f -name '*.php' -exec chmod 644 {} \;
------------------------------------------------------------------------------------
Find all files in /home/user/demo directory
$ find /home/user/demo -print
------------------------------------------------------------------------------------
Now find all files in /home/user/demo directory with permission 777
$ find /home/user/demo -perm 777 -print
------------------------------------------------------------------------------------
Next you need to apply chmod on all these files using -exec option:
$ find /home/user/demo -perm 777 -print -exec chmod 755 {} \;
------------------------------------------------------------------------------------
Command to find files modified on July 12
ll|grep dr|awk '{print $9}' > 123
for i in `cat 123`;do ls -ld $i;done|grep "Jul 12"
------------------------------------------------------------------------------------
How to See the SSH password guesses
First, find the PID of the listening SSH daemon process:
# ps axuww | egrep 'PID|ssh'
Now become root and attach to the running daemon with strace:
# strace -f -e 'read,write' -p12345
------------------------------------------------------------------------------------
Yum issues. TypeError: rpmdb open failed
Yum issues.
While giving the command "yum list " getting the error
==========================================================
Loaded plugins: fastestmirror
error: no dbpath has been set
error: cannot open Packages database in /%{_dbpath}
Traceback (most recent call last):
File "/usr/bin/yum", line 29, in ?
yummain.user_main(sys.argv[1:], exit_code=True)
File "/usr/share/yum-cli/yummain.py", line 229, in user_main
errcode = main(args)
File "/usr/share/yum-cli/yummain.py", line 84, in main
base.getOptionsConfig(args)
File "/usr/share/yum-cli/cli.py", line 184, in getOptionsConfig
enabled_plugins=self.optparser._splitArg(opts.enableplugins))
File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 191, in _getConfig
self._conf = config.readMainConfig(startupconf)
File "/usr/lib/python2.4/site-packages/yum/config.py", line 754, in readMainConfig
yumvars['releasever'] = _getsysver(startupconf.installroot, startupconf.distroverpkg)
File "/usr/lib/python2.4/site-packages/yum/config.py", line 824, in _getsysver
idx = ts.dbMatch('provides', distroverpkg)
TypeError: rpmdb open failed
==========================================
Solution
#rm /dev/urandom
#mknod -m 644 /dev/urandom c 1 9
that should solve problem
until second VPS reboot...
----
stop VPS
mknod --mode 644 /vz/private/100/lib/udev/devices/urandom c 1 9
start VPS
Your issue should fix your issue
For more reference you can use the link http://forum.openvz.org
While giving the command "yum list " getting the error
==========================================================
Loaded plugins: fastestmirror
error: no dbpath has been set
error: cannot open Packages database in /%{_dbpath}
Traceback (most recent call last):
File "/usr/bin/yum", line 29, in ?
yummain.user_main(sys.argv[1:], exit_code=True)
File "/usr/share/yum-cli/yummain.py", line 229, in user_main
errcode = main(args)
File "/usr/share/yum-cli/yummain.py", line 84, in main
base.getOptionsConfig(args)
File "/usr/share/yum-cli/cli.py", line 184, in getOptionsConfig
enabled_plugins=self.optparser._splitArg(opts.enableplugins))
File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 191, in _getConfig
self._conf = config.readMainConfig(startupconf)
File "/usr/lib/python2.4/site-packages/yum/config.py", line 754, in readMainConfig
yumvars['releasever'] = _getsysver(startupconf.installroot, startupconf.distroverpkg)
File "/usr/lib/python2.4/site-packages/yum/config.py", line 824, in _getsysver
idx = ts.dbMatch('provides', distroverpkg)
TypeError: rpmdb open failed
==========================================
Solution
#rm /dev/urandom
#mknod -m 644 /dev/urandom c 1 9
that should solve problem
until second VPS reboot...
----
stop VPS
mknod --mode 644 /vz/private/100/lib/udev/devices/urandom c 1 9
start VPS
Your issue should fix your issue
For more reference you can use the link http://forum.openvz.org
How to take mysql backup and restore
To take the backup
---------------
mysqldump database > databasebackup.sql
To restore the mysql backup
---------------------------
mysql database < databasebackup.sql
To unzip database.sql.gz
------------------------
gunzip database.sql.gz
---------------
mysqldump database > databasebackup.sql
To restore the mysql backup
---------------------------
mysql database < databasebackup.sql
To unzip database.sql.gz
------------------------
gunzip database.sql.gz
Unable to open pty: No such file or directory
While trying to login to the VPS , if you are getting the error
Unable to open pty: No such file or directory
Please try the commands in the main node VPS.
vzctl exec VEID /sbin/MAKEDEV pty
vzctl exec VEID /sbin/MAKEDEV tty
This will fix your issue.
Unable to open pty: No such file or directory
Please try the commands in the main node VPS.
vzctl exec VEID /sbin/MAKEDEV pty
vzctl exec VEID /sbin/MAKEDEV tty
This will fix your issue.
Subscribe to:
Posts (Atom)