How To Create OpenVZ Virtual Machines (VPS)

How do I create OpenVZ virtual machine (VPS) to run CentOS or Debian as VPS?

OpenVZ comes with a template for each VPS or virtual machine. OpenVZ provides templates for all leading Linux distributions. You need to download those templates in order to create a VPS. Visit this page to grab templates for vps.

Download Ubuntu Linux VPS

Type the following commands to download precreated Ubuntu Linux template:

# cd /vz/template/cache
# wget http://download.openvz.org/template/precreated/ubuntu-9.04-x86_64.tar.gz

Download CentOS 64 bit template:

# cd /vz/template/cache
# wget http://download.openvz.org/template/precreated/centos-5-x86_64.tar.gz

Create VPS

Now you’ve download the template for your virtual machine. You can just start a VPS based on the template you have just downloaded, by typing the following commands: [10 is VPS ID you can use as per your requirement]

vzctl create 10 –ostemplate ubuntu-9.04-x86_64
vzctl set 10 –onboot yes –save

*** Set IP for VPS ***
vzctl set 10 –ipadd 192.168.1.5 –save

*** Set Nameservers IP for VPS ***
vzctl set 10 –nameserver 192.168.1.111 –save
vzctl set 10 –nameserver 192.168.1.111 –save

*** Set Hostname IP for VPS ***
vzctl set 10 –hostname ourlinuxblog.wordpress.com –save

*** Set Disk quota for VPS (10G min [soft] and 11G max hard limit) ***
vzctl set 10 –diskspace 10G:11G –save

*** Okay lets the vps ***
vzctl start 10

*** Set root user password for VPS ***
vzctl exec 10 passwd

vzctl is used to create and set various vps properties such as memory, disk usage and much more. Where,

* create 10 : Your VPS ID.
* –ostemplate ubuntu-9.04-x86_64 : VPS template.
* –config vps.ubuntu: Save configuration.
* set 10 : Set various option for VPS ID # 10.
* –onboot yes : Make sure VPS boots automatically after a reboot.
* –save : Save changes to config file.

Common OpenVZ Admin Tasks

vzctl act as a master tool for various tasks:

How Do I Set VPS Name to ourlinuxblog.wordpress.com ?

# vzctl set 10 –hostname ourlinuxblog.wordpress.com –save

How Do I Set VPS IP Address?

# vzctl set 10 –ipadd 74.86.48.99 –save

How Do I Set VPS DNS Name Servers?

# vzctl set 10 –nameserver 10.0.1.11 –save

How Do I Set Disk Quota?

# vzctl set 10 –diskspace SoftLimitG:HardLimitG –save

# vzctl set 10 –diskspace 10G:12G –save

How Do I Stop / Start / Restart VPS Servers?

# vzctl start 10
# vzctl restart 10
# vzctl stop 10

How Do I Run a Command For VPS?

You can run command as follows

# vzctl exec 10 w
# vzctl exec 10 df
# vzctl exec 10 date
# vzctl exec 10 ps aux

How Do I Login Into VPS Server (container)?

# vzctl enter 10

How Do I Delete VPS?

Type the following command to delete VPS:

# vzctl destroy 10

How to check command history by date/time

If you want to check history of the command by date and time, you need to set following export path on the server

root@server [~]# export HISTTIMEFORMAT='%F %T '

then you will get the output of history command like given below:

root@layang [/tmp]# history | grep ls
31 2010-10-24 18:33:45 ls
33 2010-10-24 18:33:45 ls
36 2010-10-24 18:33:45 ls
64 2010-10-24 18:33:45 ls

Thats it :o)

cPanel :: Unable to locate clamd

If you are not able to restart clamd on cpanel server and getting following error:

root@hazel [~]# /scripts/restartsrv_clamd
Unable to locate clamd

Please follow the steps as given below:

# Red Hat Enterprise Linux 5 / i386:
rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
# Red Hat Enterprise Linux 5 / x86_64:
rpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm

Then install it through yum:

yum install clamd

And finally restart clamd service:

/scripts/restartsrv_clamd

That's it.

Install yum

This article is specific to CentOS, however the packages required for yum here are the same on other flavors

The scripts shown below install all the packages upon which yum depends for a 386 distro (Need separate 64 bit instructions)

Please note - that the version numbers of the packages WILL change as later releases come out, it is up to you to ensure that the packages used are the latest. If you find a package in this script has become deprecated, please update this page with the latest package so others do not have to search for it as well.

CentOS 4 i386

rpm -Uvh http://mirror.centos.org/centos-4/4/os/i386/CentOS/RPMS/gmp-4.1.4-3.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-4/4/os/i386/CentOS/RPMS/readline-4.3-13.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-4/4/os/i386/CentOS/RPMS/python-2.3.4-14.7.el4.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-4/4/os/i386/CentOS/RPMS/libxml2-2.6.16-12.6.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-4/4/os/i386/CentOS/RPMS/libxml2-python-2.6.16-12.6.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-4/4/os/i386/CentOS/RPMS/expat-1.95.7-4.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-4/4/os/i386/CentOS/RPMS/python-elementtree-1.2.6-5.el4.centos.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-4/4/os/i386/CentOS/RPMS/sqlite-3.3.6-2.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-4/4/os/i386/CentOS/RPMS/python-sqlite-1.1.7-1.2.1.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-4/4/os/i386/CentOS/RPMS/elfutils-libelf-0.97.1-5.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-4/4/os/i386/CentOS/RPMS/elfutils-0.97.1-5.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-4/4/os/i386/CentOS/RPMS/rpm-4.3.3-26_nonptl.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-4/4/os/i386/CentOS/RPMS/rpm-python-4.3.3-32_nonptl.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-4/4/os/i386/CentOS/RPMS/python-urlgrabber-2.9.8-2.noarch.rpm
rpm -Uvh ftp://ftp.pbone.net/mirror/ftp.centos.org/4.8/os/alpha/CentOS/RPMS/centos-yumconf-4-4.5.noarch.rpm
rpm -Uvh http://mirror.centos.org/centos-4/4/os/i386/CentOS/RPMS/yum-metadata-parser-1.0-8.el4.centos.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-4/4/os/i386/CentOS/RPMS/yum-2.4.3-4.el4.centos.noarch.rpm
yum -y update

Note: CentOS 4 i386 updated 20 September 2010
[edit] CentOS 4 X86_64

rpm -Uvh http://mirror.centos.org/centos/4/os/x86_64/CentOS/RPMS/gmp-4.1.4-3.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/4/os/x86_64/CentOS/RPMS/readline-4.3-13.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/4/os/x86_64/CentOS/RPMS/python-2.3.4-14.7.el4.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/4/os/x86_64/CentOS/RPMS/libxml2-2.6.16-12.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/4/os/x86_64/CentOS/RPMS/libxml2-python-2.6.16-12.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/4/os/x86_64/CentOS/RPMS/expat-1.95.7-4.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/4/os/x86_64/CentOS/RPMS/python-elementtree-1.2.6-5.el4.centos.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/4/os/x86_64/CentOS/RPMS/sqlite-3.3.6-2.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/4/os/x86_64/CentOS/RPMS/python-sqlite-1.1.7-1.2.1.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/4/os/x86_64/CentOS/RPMS/elfutils-libelf-0.97.1-5.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/4/os/x86_64/CentOS/RPMS/elfutils-0.97.1-5.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/4/os/x86_64/CentOS/RPMS/rpm-4.3.3-26_nonptl.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/4/os/x86_64/CentOS/RPMS/rpm-python-4.3.3-26_nonptl.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/4/os/x86_64/CentOS/RPMS/python-urlgrabber-2.9.8-2.noarch.rpm
rpm -Uvh ftp://ftp.pbone.net/mirror/ftp.centos.org/4.8/os/alpha/CentOS/RPMS/centos-yumconf-4-4.5.noarch.rpm
rpm -Uvh http://mirror.centos.org/centos/4/os/x86_64/CentOS/RPMS/yum-metadata-parser-1.0-8.el4.centos.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/4/os/x86_64/CentOS/RPMS/yum-2.4.3-4.el4.centos.noarch.rpm
yum -y update

Note: CentOS 4 X86_64 updated 20 September 2010
[edit] CentOS 5 i386

rpm -Uvh http://mirror.centos.org/centos-5/5/os/i386/CentOS/elfutils-libs-0.137-3.el5.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-5/5/os/i386/CentOS/gmp-4.1.4-10.el5.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-5/5/os/i386/CentOS/readline-5.1-3.el5.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-5/5/os/i386/CentOS/python-2.4.3-27.el5.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-5/5/os/i386/CentOS/python-iniparse-0.2.3-4.el5.noarch.rpm
rpm -Uvh http://mirror.centos.org/centos-5/5/os/i386/CentOS/libxml2-2.6.26-2.1.2.8.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-5/5/os/i386/CentOS/libxml2-python-2.6.26-2.1.2.8.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-5/5/os/i386/CentOS/expat-1.95.8-8.3.el5_4.2.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-5/5/os/i386/CentOS/python-elementtree-1.2.6-5.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-5/5/os/i386/CentOS/sqlite-3.3.6-5.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-5/5/os/i386/CentOS/python-sqlite-1.1.7-1.2.1.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-5/5/os/i386/CentOS/elfutils-0.137-3.el5.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-5/5/os/i386/CentOS/rpm-python-4.4.2.3-18.el5.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-5/5/os/i386/CentOS/m2crypto-0.16-6.el5.6.i386.rpm
rpm -Uvh http://mirror.centos.org/centos-5/5/os/i386/CentOS/python-urlgrabber-3.1.0-5.el5.noarch.rpm
rpm -Uvh http://mirror.centos.org/centos-5/5/os/i386/CentOS/yum-metadata-parser-1.1.2-3.el5.centos.i386.rpm
wget http://mirror.centos.org/centos-5/5/os/i386/CentOS/yum-fastestmirror-1.1.16-14.el5.centos.1.noarch.rpm
wget http://mirror.centos.org/centos-5/5/os/i386/CentOS/yum-3.2.22-26.el5.centos.noarch.rpm
rpm -Uvh yum-*.rpm
yum -y update

Note: Updated 3 September 2010 by David Rummel

* Changed to make it work as one big copy&paste command. (Hint: If it doesn't work later on, look for updated packages)

* If you get some complaints about rpm and maybe popt, you might need to use the --nodeps option to get the dependencies right.

[edit] CentOS 5 x86_64

rpm -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/gmp-4.1.4-10.el5.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/readline-5.1-3.el5.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/python-2.4.3-27.el5.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/libxml2-2.6.26-2.1.2.8.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/libxml2-python-2.6.26-2.1.2.8.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/expat-1.95.8-8.3.el5_4.2.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/python-elementtree-1.2.6-5.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/sqlite-3.3.6-5.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/python-sqlite-1.1.7-1.2.1.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/elfutils-libelf-0.137-3.el5.x86_64.rpm
rpm --nodeps -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/elfutils-0.137-3.el5.x86_64.rpm
rpm --nodeps -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/rpm-4.4.2.3-18.el5.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/rpm-python-4.4.2.3-18.el5.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/m2crypto-0.16-6.el5.6.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/python-urlgrabber-3.1.0-5.el5.noarch.rpm
rpm -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/yum-metadata-parser-1.1.2-3.el5.centos.x86_64.rpm
rpm -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/python-iniparse-0.2.3-4.el5.noarch.rpm
rpm --nodeps -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/yum-fastestmirror-1.1.16-14.el5.centos.1.noarch.rpm
rpm -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/yum-3.2.22-26.el5.centos.noarch.rpm
yum -y update


Please note that sometime you may get dependencies failed error that time just use rpm --nodeps.

For exa :: rpm --nodeps -Uvh http://mirror.centos.org/centos/5/os/x86_64/CentOS/rpm-python-4.4.2.3-18.el5.x86_64.rpm

(28)No space left on device: Couldn't create accept lock

On a cPanel dedicated server, apache server failed to start. So, while checking the apache logs found this:
==> /usr/local/apache/logs/error_log <==

[Sat Dec 20 01:12:27 2008]
[notice] suEXEC mechanism enabled (wrapper: /usr/local/apache/bin/suexec)

[Sat Dec 20 01:12:27 2008]
[warn] pid file /usr/local/apache/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run?

[Sat Dec 20 01:12:27 2008]
[emerg] (28)No space left on device: Couldn't create accept lock
Solution:
First of all make sure your server is not out of space. This can be checked with the command:
root# df –h
Now, to check how many semaphores are currently in use the command is:
root# ipcs -s
When the apache (httpd) is stopped, to kill the semaphores ID the command is:
root# ipcrm –s 
To kill all the semaphores ID , you can achieve this by doing it in a for loop, the command is:
root# for semid in `ipcs -s | grep nobody | cut -f2 -d" "`; do ipcrm -s $semid; done
Note: “nobody” is apache user.
Now start apache with the command:
root# service httpd restart
This has fixed the issue for us.

Setting up a new web site on centOS 5 box

Hey Guys, I am specifying this post for everyone who is going to use it as I searched number of pages but could not find all these information at a single page.

So basically there are three steps to get your website live on plain (No control panel) centos server.

1. Register your nameservers and domain at your registrar end.

2. Set up DNS including nameservers and DNS zones

3. Set up web user and apache entries.

I am considering that you already know about domain/nameservers registrationso I am moving ahead to 2nd step.

Nameservers setup


CentOS 4 : chroot DNS with BIND
February 4, 2007 - 23 comments

I won’t go into the details of what is DNS, or the difference between an A record and a CNAME record.. just a quick howto to set up a chrooted DNS server using Bind under CentOS in a mere 5 minutes..

Howto available for CentOS 5 : http://www.wains.be/index.php/2007/12/13/centos-5-chroot-dns-with-bind/

1. Install packages :

yum install bind bind-chroot bind-libs bind-utils

2. Configure rndc :

The rndc tool allow to get some useful info on your dns server (stats, status, etc.) so you better get it set up.

rndc.conf is staying out of the chroot cage, for clarity we’ll move it into the chroot cage
cp /etc/rndc.conf /var/named/chroot/etc

Let’s make a symbolic link back in /etc, so we get 3 symlinks pointing to files in the cage (rndc.conf, rndc.key, named.conf) :
cd /etc
ln -s /var/named/chroot/etc/rndc.conf -f

Create the rndc key, this command will create your key and store it under /etc/rndc.key :
rndc-confgen -a

/etc/rndc.key looks like this :
key "rndc-key" {
algorithm hmac-md5;
secret "ZK4g84WrfdfsTIQLVs59Eg==";
};

Pay close attention to the key name, rndc-confgen makes a “rndc-key” while /etc/named.conf calls “rndckey”, you’ll have to carefully edit your named.conf

Edit /etc/rndc.conf so it looks like this :

include "/etc/rndc.key";
options {
default-server localhost;
default-key "rndc-key";
};
server localhost {
key "rndc-key";
};

3. Set up BIND

Edit /etc/named.conf so it looks like this :

include "/etc/rndc.key";

// we assume our server has the IP 192.168.100.100 serving the 192.168.100.0/24 subnet
controls {
inet 127.0.0.1 allow { 127.0.0.1; } keys { "rndc-key"; };
inet 192.168.100.100 allow { 192.168.100.0/24; } keys { "rndc-key"; };
};

options {
directory "/var/named";
pid-file "/var/run/named/named.pid";

recursion yes;

allow-recursion {
127.0.0.1;
192.168.100.0/24;
};

// these are the opendns servers (optional)
forwarders {
208.67.222.222;
208.67.220.220;
};

listen-on {
127.0.0.1;
192.168.100.100;
};

/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
query-source address * port 53;

// so people can't try to guess what version you're running
version "REFUSED";

allow-query {
127.0.0.1;
192.168.100.0/24;
};
};

server 192.168.100.100 {
keys { rndc-key; };
};

zone "." IN {
type hint;
file "named.root";
};

// we assume we have a slave dns server with the IP 192.168.100.101
zone "test.be" IN {
type master;
file "data/test.be.zone";
allow-update { none; };
allow-transfer { 192.168.100.101; };
};

};

4. Your zones

Download named.root under /var/named/chroot/var/named :
wget http://www.internic.net/zones/named.root

Create your first zone under /var/named/chroot/var/named/data/test.be.zone (syntax may not be perfect but is working) :

$ttl 38400
test.be. IN SOA ns.test.be. admin.test.be. (
2007020400 ; Serial
10800 ; Refresh after 3 hours
3600 ; Retry after 1 hour
604800 ; Expire after 1 week
86400 ) ; Minimum TTL of 1 day
test.be. IN NS ns.test.be.

test.be. IN MX 1 mx.test.be.
test.be. IN MX 5 mx2.test.be.

ns.test.be. IN A 192.168.100.10
mx.test.be. IN A 192.168.100.20
mx2.test.be. IN A 192.168.100.21
mail.test.be. IN CNAME mx.test.be.

5. Set up your server to query its own dns server

Edit /etc/resolv.conf and add this line at the top of the file :
nameserver 127.0.0.1

6. Start the service

Start the DNS server :
service named start

Make sure the service will start at reboot :
chkconfig named on

Thats it, now move ahead to set 3.

The first step, but not always a necessary step is setting up a new user. This is the preferred way to start as the /etc/skel has been preloaded with all the necessary directories and files to get new users started. If you are going to be a system administrator and you are not familiar with the /etc/skel/, please take some time learn more information about placing files in the /etc/skel/ directory to save time setting up new users. You can put default web directory such as www or public_html plus any other files and or directories you want to give to all new users.

To setup a new user you can simply use the following command (replace username with the username you want to use)

adduser -m username

Now that you have created the account, it is best to setup a password for the account. You can assign a password to the account using the following command

passwd username

You should be prompted to enter in the new password and then confirm the password. Assume a new account needs to be setup with the username of ditto. When you run the passwd ditto command you should be prompted for the password as follows.

Changing password for user ditto.
New UNIX password:
Retype new UNIX password:

Your new account is almost ready to start putting files up for the web. One thing to pass along to new system administrators is that you have to make sure you setup the right permissions on this new account so it is strongly suggested that you do this now.

Now the path to the new account may differ depending on your server. Assume for now that new users are setup in the /home/ directory. Assuming your new user “ditto” was created successfully, the new account for ditto should be /home/ditto/. Any files in your /etc/skel/ directory would be there as well. You can check this by using the following command to change directories and list the contents of the directory

cd /home/ditto && ls

In this example we have two folders for our user ditto and they are the public_html and wwwconf directories.

To change the permissions on the users ditto directory so it can be viewed by visitors, the permissions on the ditto directory must be changed to something like 755. This can be done to just ditto directory using following command:

chmod 755 /home/ditto

If you don’t know what 755 is as far as permissions, pause this tutorial and take the time to learn about chmod and what the different permissions will do for you.

Now comes the part where many configurations likely differ depending on what you have installed to run on your server. This tutorial opts to save a core httpd related .conf file in one httpd directory (conf.d) and then from there look for more .conf files in the user directory called wwwconf/. This setup is not the only one possibility in the universe and if you have an older setup or wish to do it differently that is your choice.

You can start your .conf file by copying a current one or creating a new one in your httpd/conf.d/ directory. This tutorial will assume that directory is located at /etc/httpd/conf.d/. Creat your new .conf file in vi or vim by using the following command.

sudo vim web.ditto.com.conf

This is going to be the core configuration file for your virtualhost. You will need to start the virtualhost using the tag:



The VirutalHost directive is used to enclose a group of directives which will apply only to a particular virtual host. Inside this directive you will put all the information pertaining to your site. You can put the email address to your ServerAdmin, the absolute path to the Document Root, the ServerName and any ServerAlias

ServerAdmin webmaster@localhost
Documentroot /home/ditto/public_html/
ServerName www.ditto.com
ServerAlias ditto.com

Now it is necessary to give Apache some directives that will apply to our public_html directory. To do this you will create another node inside the VirtualHost node named Directory. The Directory node here is used to enclose a group of directives which will apply only to the named directory and sub-directories of that directory (in this case the public_html directory).


Options ExecCGI FollowSymLinks +Includes


This tells Apache that the execution of CGI scripts is permitted, the server will follow symbolic links in this directory, and that server-side includes are permitted.

You will also like to have some type of error log as is very useful when troubleshooting an issue on the box, so be sure to include the following code for error logging. You can access the logs in your httpd/logs directory

ErrorLog logs/ditto.error
CustomLog logs/ditto.log combined

Now for the customized part. In order to let the user create their own Directory options another Directory directive is created that will point to a folder where other options/modifications can be made by the account user.


AllowOverride All


What this does is allows ditto to ftp or ssh into the box and create a .conf file with their own directives and options in the wwwconf/ directory. The directive inside the above tag says any directive which has the .htaccess context is allowed in .htaccess files. After this tag is closed, it can be followed up with

Include /home/ditto/wwwconf/*.conf

which tells Apache to grab any file with .conf in the wwwconf/ directory of ditto (if you didn’t know it already, the “*” is a wildcard here).

That should do it. You can now put an end to your VirtualHost node (if you have not already) and your end result should look something like


ServerAdmin webmaster@localhost
Documentroot /home/ditto/public_html/
ServerName www.ditto.com
ServerAlias ditto.com

Options ExecCGI FollowSymLinks +Includes

ErrorLog logs/ditto.error
CustomLog logs/ditto.log combined

AllowOverride All

Include /home/ditto/wwwconf/*.conf


You can now save this in the httpd/conf.d/ folder. Now if you want to add a mod re-wite or make a password protected directory in public_html, you can add a .conf file to the wwwconf directory and save my changes there. There is still one more command to use in order for all of this to work and that is the command to restart the httpd service. This can be done very easily using the following command.

service httpd restart

If you are running on an older system, this command may not be recognized. In those cases you should be able to use

/etc/init.d/httpd restart

Assuming you didn’t get any errors when you restarted the httpd service your web service should now be working. If you get an error, be sure to address it right away. Most common issues are invalid paths in the tags or missing directories that the tags are directed too.

Hopefully this tutorial was helpful to at least one user out there. This tutorial will be followed up next by a tutorial that will help you setup subdomains, create password protected directories and create mod rewrites.

Referred links ::
http://www.wains.be/index.php/2007/02/04/centos-chroot-dns-with-bind/
http://www.dingobytes.com/tutorial/web-site-on-centos-5-box

Installing VNC-Server - CentOS

1. Installing the required packages

The server package is called 'vnc-server'. Run the command rpm -q vnc-server.

The result will be either package vnc-server is not installed or something like vnc-server-4.0-11.el4.

If the server is not installed, install it with the command: yum install vnc-server.

The client program is 'vnc'. You can use the command yum install vnc to install the client if rpm -q vnc shows that it is not already installed.

Make sure to install a window manager in order to get a normal GUI desktop. You can use the command yum groupinstall "GNOME Desktop Environment" to install the Gnome Desktop and requirements, for example. Other popular desktop environments are "KDE" and "XFCE-4.4". XFCE is more light-weight than Gnome or KDE and available from the "extras" repository.

If you are running CentOS 5, yum groupinstall "GNOME Desktop Environment" may complain about a missing libgaim.so.0. This is a known bug. Please see CentOS-5 FAQ for details.

2. Configuring un-encrypted VNC

We will be setting up VNC for 3 users. These will be 'larry', 'moe', and 'curly'.

You will perform the following steps to configure your VNC server:

1. Create your VNC users.
2. Set your users' VNC passwords.
3. Edit the server configuration.
4. Create and customize xstartup scripts.
5. Start the VNC service.
6. Test each VNC user.
7. Setup the VNC service to start on reboot.
8. Additional optional enhancements

2.1. Create your VNC users
As root:
$ su -
# useradd larry
# useradd moe
# useradd curly
# passwd larry
# passwd moe
# passwd curly

2.2. Set your users' VNC passwords
Login to each user, and run vncpasswd. This will create a .vnc directory.
[~]$ cd .vnc
[.vnc]$ ls
passwd

2.3. Edit the server configuration
Edit /etc/sysconfig/vncservers, and add the following to the end of the file.

VNCSERVERS="1:larry 2:moe 3:curly"
VNCSERVERARGS[1]="-geometry 640x480"
VNCSERVERARGS[2]="-geometry 640x480"
VNCSERVERARGS[3]="-geometry 800x600"

Larry will have a 640 by 480 screen, as will Moe. Curly will have an 800 by 600 screen.

2.4. Create xstartup scripts

We will create the xstartup scripts by starting and stopping the vncserver as root.

# /sbin/service vncserver start
# /sbin/service vncserver stop

Login to each user and edit the xstartup script. To use Larry as an example, first login as larry

[~]$ cd .vnc
[.vnc] ls
mymachine.localnet:1.log passwd xstartup

Edit xstartup. The original should look like:

#!/bin/sh
# Uncomment the following two lines for normal desktop:
# unset SESSION_MANAGER
# exec /etc/X11/xinit/xinitrc
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
twm &

Add the line indicated below to assure that an xterm is always present, and uncomment the two lines as directed if you wish to run the user's normal desktop window manager in the VNC. Note that in the likely reduced resolution and color depth of a VNC window the full desktop will be rather cramped and a look bit odd. If you do not uncomment the two lines you will get a gray speckled background to the VNC window.

#!/bin/sh
# Add the following line to ensure you always have an xterm available.
( while true ; do xterm ; done ) &
# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
exec /etc/X11/xinit/xinitrc
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
twm &


2.5. Start the VNC server

Start the vncserver as root.

# /sbin/service vncserver start

2.6. Test each VNC user

Let us assume that mymachine has an IP address of 192.168.0.10. The URL to connect to each of the users will be:

Larry is http://192.168.0.10:5801
Moe is http://192.168.0.10:5802
Curly is http://192.168.0.10:5803

Connect to http://192.168.0.10:5801. A java applet window will pop-up showing a connection to your machine at port 1. Click the [ok] button. Enter larry's VNC password, and a 640x480 window should open using the default window manager selected for larry . The above ports 5801, 5802 and 5803 must be open in the firewall {iptables) for the source IP addresses or subnets of a given client.

2.6.2. Testing with a vnc client

For Larry: vncviewer 192.168.0.10:1
For Moe: vncviewer 192.168.0.10:2
For Curly: vncviewer 192.168.0.10:3

To test larry using vncviewer, vncviewer 192.168.0.10:1. Enter Larry's VNC password, and a 640x480 window should open using Larry's default window manager. The vncviewer client will connect to port 590X where X is an offset of 1,2,3 for Larry, Moe, and Curly respectively, so these ports must be open in the firewall for the IP addresses or subnets of the clients.

2.6.3. Starting vncserver at boot

To start vncserver at boot, enter the command /sbin/chkconfig vncserver on.

For basic VNC configuration the procedure is now complete. The following sections are optional refinements to enhance security and functionality.

3. VNC encrypted through an ssh tunnel

You will be connecting through an ssh tunnel. You will need to be able to ssh to a user on the machine. For this example, the user on the vncserver machine is Larry.

1. Edit /etc/sysconfig/vncservers, and add the option -localhost.

VNCSERVERS="1:larry 2:moe 3:curly"
VNCSERVERARGS[1]="-geometry 640x480 -localhost"
VNCSERVERARGS[2]="-geometry 640x480 -localhost"
VNCSERVERARGS[1]="-geometry 800x600 -localhost"

2.

/sbin/service vncserver restart
3. Go to another machine with vncserver and test the VNC.
1.

vncviewer -via larry@192.168.0.10 localhost:1
2.

vncviewer -via moe@192.168.0.10 localhost:2
3.

vncviewer -via curly@192.168.0.10 localhost:3

By default, many vncviewers will disable compression options for what it thinks is a "local" connection. Make sure to check with the vncviewer man page to enable/force compression. If not, performance may be very poor!

Reffered URL :: http://wiki.centos.org/HowTos/VNC-Server

Reinstalling the Boot Loader

In many cases, the GRUB boot loader can mistakenly be deleted, corrupted, or replaced by other operating systems.

The following steps detail the process on how GRUB is reinstalled on the master boot record:

*

Boot the system from an installation boot medium.
*

Type linux rescue at the installation boot prompt to enter the rescue environment.
*

Type chroot /mnt/sysimage to mount the root partition.
*

Type /sbin/grub-install /dev/hda to reinstall the GRUB boot loader, where /dev/hda is the boot partition.
*

Review the /boot/grub/grub.conf file, as additional entries may be needed for GRUB to control additional operating systems.
*

Reboot the system.

Setting up a new web site on centOS 5 box

There are so many great tutorials on the web about setting up a Linux box for web hosting, but why not add one more… right? Actually this tutorial is written specifically for a co worker that is not familiar with Linux, so this tutorial is being offered to “assist” him with the migration process. His old hosting company provided him with CPanel and he is reluctant to change, but who in their right mind would pass up hosting at the price of “free ninty-nine”.

By no means is this a guide for all new linux user, but just a compilation of things learned while setting up web services on a Linux box in the past.

The first step, but not always a necessary step is setting up a new user. This is the preferred way to start as the /etc/skel has been preloaded with all the necessary directories and files to get new users started. If you are going to be a system administrator and you are not familiar with the /etc/skel/, please take some time learn more information about placing files in the /etc/skel/ directory to save time setting up new users. You can put default web directory such as www or public_html plus any other files and or directories you want to give to all new users.

To setup a new user you can simply use the following command (replace username with the username you want to use)

adduser -m username

Now that you have created the account, it is best to setup a password for the account. You can assign a password to the account using the following command

passwd username

You should be prompted to enter in the new password and then confirm the password. Assume a new account needs to be setup with the username of ditto. When you run the passwd ditto command you should be prompted for the password as follows.

Changing password for user ditto.
New UNIX password:
Retype new UNIX password:

Your new account is almost ready to start putting files up for the web. One thing to pass along to new system administrators is that you have to make sure you setup the right permissions on this new account so it is strongly suggested that you do this now.

Now the path to the new account may differ depending on your server. Assume for now that new users are setup in the /home/ directory. Assuming your new user “ditto” was created successfully, the new account for ditto should be /home/ditto/. Any files in your /etc/skel/ directory would be there as well. You can check this by using the following command to change directories and list the contents of the directory

cd /home/ditto && ls

In this example we have two folders for our user ditto and they are the public_html and wwwconf directories.

To change the permissions on the users ditto directory so it can be viewed by visitors, the permissions on the ditto directory must be changed to something like 755. This can be done to just ditto directory using following command:

chmod 755 /home/ditto

If you don’t know what 755 is as far as permissions, pause this tutorial and take the time to learn about chmod and what the different permissions will do for you.

Now comes the part where many configurations likely differ depending on what you have installed to run on your server. This tutorial opts to save a core httpd related .conf file in one httpd directory (conf.d) and then from there look for more .conf files in the user directory called wwwconf/. This setup is not the only one possibility in the universe and if you have an older setup or wish to do it differently that is your choice.

You can start your .conf file by copying a current one or creating a new one in your httpd/conf.d/ directory. This tutorial will assume that directory is located at /etc/httpd/conf.d/. Creat your new .conf file in vi or vim by using the following command.

sudo vim web.ditto.com.conf

This is going to be the core configuration file for your virtualhost. You will need to start the virtualhost using the tag:



The VirutalHost directive is used to enclose a group of directives which will apply only to a particular virtual host. Inside this directive you will put all the information pertaining to your site. You can put the email address to your ServerAdmin, the absolute path to the Document Root, the ServerName and any ServerAlias

ServerAdmin webmaster@localhost
Documentroot /home/ditto/public_html/
ServerName www.ditto.com
ServerAlias ditto.com

Now it is necessary to give Apache some directives that will apply to our public_html directory. To do this you will create another node inside the VirtualHost node named Directory. The Directory node here is used to enclose a group of directives which will apply only to the named directory and sub-directories of that directory (in this case the public_html directory).


Options ExecCGI FollowSymLinks +Includes


This tells Apache that the execution of CGI scripts is permitted, the server will follow symbolic links in this directory, and that server-side includes are permitted.

You will also like to have some type of error log as is very useful when troubleshooting an issue on the box, so be sure to include the following code for error logging. You can access the logs in your httpd/logs directory

ErrorLog logs/ditto.error
CustomLog logs/ditto.log combined

Now for the customized part. In order to let the user create their own Directory options another Directory directive is created that will point to a folder where other options/modifications can be made by the account user.


AllowOverride All


What this does is allows ditto to ftp or ssh into the box and create a .conf file with their own directives and options in the wwwconf/ directory. The directive inside the above tag says any directive which has the .htaccess context is allowed in .htaccess files. After this tag is closed, it can be followed up with

Include /home/ditto/wwwconf/*.conf

which tells Apache to grab any file with .conf in the wwwconf/ directory of ditto (if you didn’t know it already, the “*” is a wildcard here).

That should do it. You can now put an end to your VirtualHost node (if you have not already) and your end result should look something like


ServerAdmin webmaster@localhost
Documentroot /home/ditto/public_html/
ServerName www.ditto.com
ServerAlias ditto.com

Options ExecCGI FollowSymLinks +Includes

ErrorLog logs/ditto.error
CustomLog logs/ditto.log combined

AllowOverride All

Include /home/ditto/wwwconf/*.conf


You can now save this in the httpd/conf.d/ folder. Now if you want to add a mod re-wite or make a password protected directory in public_html, you can add a .conf file to the wwwconf directory and save my changes there. There is still one more command to use in order for all of this to work and that is the command to restart the httpd service. This can be done very easily using the following command.

service httpd restart

If you are running on an older system, this command may not be recognized. In those cases you should be able to use

/etc/init.d/httpd restart

Assuming you didn’t get any errors when you restarted the httpd service your web service should now be working. If you get an error, be sure to address it right away. Most common issues are invalid paths in the tags or missing directories that the tags are directed too.

Hopefully this tutorial was helpful to at least one user out there. This tutorial will be followed up next by a tutorial that will help you setup subdomains, create password protected directories and create mod rewrites.

Changing "A" record for all domains on cpanel server

If you have the scenario to point all your domains to another server then obviously you have to change the "A" record to the new server. Cpanel does not have such feature to do this in one command. But I found a way to do this and you will have to fire just following commands. You will need to login by root in order to execute them.

#cd /var/named/
#replace 1.1.1.1 2.2.2.2 -- *


Replace 1.1.1.1 with old ip
and 2.2.2.2 with new ip


This worked for me and hope this will work for you too :o)

Any suggestions or questions are welcome.
mayur.c24@gmail.com

Installing VNC Server on Centos

VNC ( Virtual Network Computing ) is used to display an X windows session running on another computer. Unlike a remote X connection, the xserver is running on the remote computer, not on your local workstation. Your workstation ( Linux or Windows ) is only displaying a copy of the display ( real or virtual ) that is running on the remote machine.

There are several ways to configure the vnc server. This HOWTO shows you how to configure VNC using the 'vncserver' service as supplied by CentOS.

1. Installing the required packages

The server package is called 'vnc-server'. Run the command rpm -q vnc-server.

The result will be either package vnc-server is not installed or something like vnc-server-4.0-11.el4.

If the server is not installed, install it with the command: yum install vnc-server.

The client program is 'vnc'. You can use the command yum install vnc to install the client if rpm -q vnc shows that it is not already installed.

Make sure to install a window manager in order to get a normal GUI desktop. You can use the command yum groupinstall "GNOME Desktop Environment" to install the Gnome Desktop and requirements, for example. Other popular desktop environments are "KDE" and "XFCE-4.4". XFCE is more light-weight than Gnome or KDE and available from the "extras" repository.

For my installation I used XFCE :: yum install XFCE

2. Configuring un-encrypted VNC
We will be setting up VNC for 3 users. These will be 'larry', 'moe', and 'curly'.

You will perform the following steps to configure your VNC server:

1. Create your VNC users.
2. Set your users' VNC passwords.
3. Edit the server configuration.
4. Create and customize xstartup scripts.
5. Start the VNC service.
6. Test each VNC user.
7. Setup the VNC service to start on reboot.
8. Additional optional enhancements

2.1. Create your VNC users

As root:
$ su -
# useradd larry
# useradd moe
# useradd curly
# passwd larry
# passwd moe
# passwd curly


2.2. Set your users' VNC passwords
Login to each user, and run vncpasswd. This will create a .vnc directory.
[~]$ cd .vnc
[.vnc]$ ls
passwd


2.3. Edit the server configuration
Edit /etc/sysconfig/vncservers, and add the following to the end of the file.

VNCSERVERS="1:larry 2:moe 3:curly"
VNCSERVERARGS[1]="-geometry 640x480"
VNCSERVERARGS[2]="-geometry 640x480"
VNCSERVERARGS[3]="-geometry 800x600"


Larry will have a 640 by 480 screen, as will Moe. Curly will have an 800 by 600 screen.

2.4. Create xstartup scripts

We will create the xstartup scripts by starting and stopping the vncserver as root.

# /sbin/service vncserver start
# /sbin/service vncserver stop


Login to each user and edit the xstartup script. To use Larry as an example, first login as larry

[~]$ cd .vnc
[.vnc] ls
mymachine.localnet:1.log passwd xstartup


Edit xstartup. The original should look like:

#!/bin/sh
# Uncomment the following two lines for normal desktop:
# unset SESSION_MANAGER
# exec /etc/X11/xinit/xinitrc
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
twm &


Add the line indicated below to assure that an xterm is always present, and uncomment the two lines as directed if you wish to run the user's normal desktop window manager in the VNC. Note that in the likely reduced resolution and color depth of a VNC window the full desktop will be rather cramped and a look bit odd. If you do not uncomment the two lines you will get a gray speckled background to the VNC window.


#!/bin/sh
# Add the following line to ensure you always have an xterm available.
( while true ; do xterm ; done ) &
# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
exec /etc/X11/xinit/xinitrc
[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
twm &


2.5. Start the VNC server

Start the vncserver as root

# /sbin/service vncserver start

2.6. Test each VNC user

Let us assume that mymachine has an IP address of 192.168.0.10. The URL to connect to each of the users will be:

Larry is http://192.168.0.10:5801
Moe is http://192.168.0.10:5802
Curly is http://192.168.0.10:5803


Connect to http://192.168.0.10:5801. A java applet window will pop-up showing a connection to your machine at port 1. Click the [ok] button. Enter larry's VNC password, and a 640x480 window should open using the default window manager selected for larry . The above ports 5801, 5802 and 5803 must be open in the firewall {iptables) for the source IP addresses or subnets of a given client.

2.6.2. Testing with a vnc client
For Larry: vncviewer 192.168.0.10:1
For Moe: vncviewer 192.168.0.10:2
For Curly: vncviewer 192.168.0.10:3


To test larry using vncviewer, vncviewer 192.168.0.10:1. Enter Larry's VNC password, and a 640x480 window should open using Larry's default window manager. The vncviewer client will connect to port 590X where X is an offset of 1,2,3 for Larry, Moe, and Curly respectively, so these ports must be open in the firewall for the IP addresses or subnets of the clients.

2.6.3. Starting vncserver at boot

To start vncserver at boot, enter the command /sbin/chkconfig vncserver on

That's it.

Regards,
Mayur C.
mayur.c24@gmail.com

Roundcube + Directadmin - DATABASE ERROR: CONNECTION FAILED!

The following is if you're using customapache. If you're using custombuild, see below.

If you cannot login to roundcube because you get this error:

DATABASE ERROR: CONNECTION FAILED!

Then do the following:

Type:

cat /usr/local/directamin/conf/mysql.conf
to get the login/password for mysql.

Type:

mysql -uda_admin -ppassword
where da_admin/password are the login/pass output from the mysql.conf.

Once in mysql, type:

DROP DATABASE da_roundcube;
quit

once the db is dropped and you're out of mysql, type:

cd /usr/local/directadmin/scripts
./roundcube.sh

to recreate the database and user/pass for roundcube.




The following is the fix if you're using custombuild:

cd /usr/local/directadmin/custombuild
./build roundcube


That's it. Any suggestion or questions are welcome.

Steps to Install Mod_Security on Direct Admin

What is mod_security or modsecurity?

ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding applications from attacks. ModSecurity supports both branches of the Apache web server.
This HOW-TO is for Apache 2.X only.

1.
cd /usr/local/src
2.
mkdir modsecurity2
3.
cd modsecurity2
4.
wget http://www.serverbuddies.com/files/modsecurity-apache_2.5.9.tar.gz
5.
perl -pi -e ’s/ServerTokens Major/ServerTokens Full/’ /etc/httpd/conf/extra/httpd-default.conf
6.
perl -pi -e ’s/ServerSignature Off/ServerSignature On/’ /etc/httpd/conf/extra/httpd-default.conf
7.
perl -pi -e ’s/ServerSignature EMail/ServerSignature On/’ /etc/httpd/conf/extra/httpd-default.conf
8.
tar xzf modsecurity-apache_2.5.9.tar.gz
9.
cd modsecurity-apache_2.5.9
10.
cd apache2
11.
./configure
12.
make
13.
make test
14.
make install

Now we download a pre-defined mod_sec ruleset,

1.
cd /etc/modsecurity2/
2.
wget http://www.serverbuddies.com/files/modsec.v2.rules.conf


Add the new compiled mod_security module into the apache configuration,

vi /etc/httpd/conf/httpd.conf


After:

LoadModule php5_module /usr/lib/apache/libphp5.so

Add:

For 32bit -

1.
LoadFile /usr/lib/libxml2.so
2.
LoadModule security2_module /usr/lib/apache/mod_security2.so

For 64bit -

1.
LoadFile /usr/lib64/libxml2.so
2.
LoadModule security2_module /usr/lib/apache/mod_security2.so

At the botton of the httpd.conf config file we add the following,

1.

2.
# ModSecurity2 config file.
3.
#
4.
Include /etc/modsecurity2/modsec.v2.rules.conf
5.


Restart the webserver.

1.
service httpd restart


Installation should be completed and mod_sec should be now loaded on your Apache webserver.

Any suggestion or questions are welcome.

How to set default crontab editor ?

The default crontab editor is nano on some systems. This is a pain. You can change this by setting the EDITOR environment variable. In BASH:

srv-4 / # set | grep EDITOR
EDITOR=/bin/nano
srv-4 / # which vi
/usr/bin/vi
srv-4 / # export EDITOR=/usr/bin/vi
srv-4 / # set | grep EDITOR
EDITOR=/usr/bin/vi
_=EDITOR
srv-4 / #

To make the change stick, you can add it to the profile script appropriate for your shell. We put it in /etc/profile.

Any suggestions or questions are welcome.

How to Install FFmpeg though YUM

Installing FFMpeg

yum install ffmpeg ffmpeg-devel

If you get package not found, then you will need to add few lines in the yum repository for dag packages installation. Create a file named dag.repo in /etc/yum.repos.d with the following contents on it

[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux

baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag
gpgcheck=1
enabled=1

then

yum install ffmpeg ffmpeg-devel

If everything is fine, then the installation should proceed smoothly. If not you will get something like warning GPG public key missing .
Common Errors

To fix rpmforge GPG key warning:

rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm

For more information refer to this faq depending on Centos version

Missing Dependency Error:

If you get missing dependency error like shown below, in the middle of ffmpeg installation

Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package ffmpeg
Error: Missing Dependency: libtheora.so.0(libtheora.so.1.0) is needed by package ffmpeg
Error: Missing Dependency: rtld(GNU_HASH) is needed by package ffmpeg
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package imlib2
Error: Missing Dependency: rtld(GNU_HASH) is needed by package a52dec
Error: Missing Dependency: rtld(GNU_HASH) is needed by package imlib2
Error: Missing Dependency: rtld(GNU_HASH) is needed by package gsm
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package x264
Error: Missing Dependency: rtld(GNU_HASH) is needed by package xvidcore
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package lame
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package a52dec
Error: Missing Dependency: rtld(GNU_HASH) is needed by package faad2
Error: Missing Dependency: rtld(GNU_HASH) is needed by package x264
Error: Missing Dependency: rtld(GNU_HASH) is needed by package lame
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package xvidcore
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package faac
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package faad2
Error: Missing Dependency: libgif.so.4 is needed by package imlib2
Error: Missing Dependency: rtld(GNU_HASH) is needed by package faac
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package gsm
Error: Missing Dependency: libpng12.so.0(PNG12_0) is needed by package imlib2
Error: Missing Dependency: rtld(GNU_HASH) is needed by package libmp4v2
Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package libmp4v2

then most commonly you have GLIB 2.3 installed instead of GLIB 2.4 version. To check the current GLIB version installed on your server. just use

yum list glib*

and it should list the latest GLIB package version.

The reason i was getting this error was my rpmforge packages was pointed to centos 5 versions instead of centos 4.6.

To fix dependency error:

To fix this error, you might need to check your rpmforge packages compatible to the release of your existing CentOS version.
Check the file /etc/yum.repos.d/rpmforge.repo and it should look like for Centos 4.6(Final). If you have lines like http://apt.sw.be/redhat/el5/en/mirrors-rpmforge you might need to make changes to the rpmforge.repos like shown below

Note: Backup the original rpmforge.repo file before you edit its content.

[rpmforge]
name = Red Hat Enterprise $releasever - RPMforge.net - dag
#baseurl = http://apt.sw.be/redhat/el4/en/$basearch/dag
mirrorlist = http://apt.sw.be/redhat/el4/en/mirrors-rpmforge
#mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge
enabled = 1
protect = 0
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
gpgcheck = 1

To know what linux type and version you are running

cat /etc/redhat-release

Once this is done, do again yum install ffmpeg.

This trick resolved the problem in my linux box running Centos 4.6 and this is the only way i found to install ffmpeg using yum.
To check the FFmpeg working:

Finally, check the ffmpeg whether it is working or not.

> ffmpeg
> ffmpeg -formats
> ffmpeg --help
// This lists path of mpeg, its modules and other path information


ffmpeg -i Input.file Output.file
To check what audi/video formats are supported

ffmpeg -formats > ffmpeg-format.txt

Open the ffmpeg-formats.txt to see the ooutput

D means decode
E means encode
V means video
A means audio
T = Truncated
Install FFMPEG-PHP Extension

FFmpeg-php is a very good extension and wrapper for PHP which can pull useful information about video through API interface. Inorder to install it you will need to download the source file and then compile and install extension in your server. You can download the source tarball : http://ffmpeg-php.sourceforge.net/

wget /path/to/this/file/ffmpeg-php-0.5.2.1.tbz2

tar -xjf ffmpeg-0.5.2.1.tbz2

phpize

./configure
make
make install
Common Errors

1. If you get command not found error for phpize, then you will need to do yum install php-devel

2. If you get error like "ffmpeg headers not found" while configuring the source.

configure: error: ffmpeg headers not found. Make sure ffmpeg is compiled as shared libraries using the --enable-shared option

then it means you have not installed ffmpeg-devel packages.

To Fix: Just install ffmpeg-devel using

yum install ffmpeg-devel

3. If you get an error like shared libraries not found problem and the program halts in the middle, then you must specify the ffmpeg installed path explicitly to the ./configure.

configure: error: ffmpeg shared libraries not found. Make sure ffmpeg is compiled as shared libraries using the --enable-shared option

To Fix:

1. First find out the ffmpeg path with ffmpeg --help command. The prefix default path should be like /usr/local/cpffmpeg
2. Configure the FFmpeg-php with --with-ffmpeg option

./configure --with-ffmpeg=/usr/local/cpffmpeg

That should resolve the problem!
Editing PHP.INI

Once you have done that without any problems then you will see the php extension file /usr/local/lib/php/extensions/no-debug-non-zts-20060613/ffmpeg.so and you will need mention that extension in php.ini file

nano /usr/local/lib/php.ini

Put the below two lines at the end of the php.ini file

[ffmpeg]
extension=ffmpeg.so

Then restart the server service httpd restart

To check whether ffmpeg enabled with php, point your browser to test.php file. It should show the confirmation of installed ffmpeg php extension

// #test.php


phpinfo()

?>

If any case the ffmpeg does not show in the phpinfo() test make sure that php.ini path to ffmpeg.so is correct. Still the problem occurs, the reason could be you might be using older versions of ffmpeg-php which is buggy. Just download the latest version of ffmpeg-php source then compile it.
Installing Mplayer + Mencoder

Just issue the following yum commands to install the rest of the packages.

yum install mplayer mencoder
Installing FlvTool2

Flvtool2 is a flash video file manipulation tool. It can calculate metadata and can cut and edit cue points for flv files.

If you are on Centos 5 try yum install flvtool2 with dag repository and if you get package not found you will need to manually download and compile the flvtool2. You can download latest version of flvtool2 here: http://rubyforge.org/projects/flvtool2/

wget

ruby setup.rb config
ruby setup.rb setup
sudo ruby setup.rb install

If you get command not found error, it probably means that you dont have ruby installed.

yum install ruby

Thats it! Once ffmpeg works fine with php extension, download a sample video, convert to .flv format in the command line and plug it to flowplayer to see it work on your web browser. Try also to download the video file offline and see whether the converted flv file works well with both audio and video.
Useful Links

FFmpeg (http://ffmpeg.mplayerhq.hu)
Mplayer + Mencoder (http://www.mplayerhq.hu/design7/dload.html)
Flv2tool (http://inlet-media.de/flvtool2)
Libogg + Libvorbis (http://www.xiph.org/downloads)
LAME MP3 Encoder (http://lame.sourceforge.net)
FlowPlayer - A Free Flash Video Player - http://flowplayer.org/

Install FFmpeg from Compiling Source (Tutorial Link)
Nice FFmpeg Installation Tutorial (click here)
Important Audio Codecs
(http://www.mplayerhq.hu/DOCS/HTML/en/audio-codecs.html)
Common Errors & Fixes while Installing FFmpeg (click here)

You can also post comments in my blog.

Back to home

For more information please take a look at:
http://www.mysql-apache-php.com/ffmpeg-install.htm

Any suggestion or questions are welcome.

Downgrade MySQL 5 to MySQL 4.1 on cPanel dedicated server

For some reason you need to downgrade MySQL 5 to MySQL 4.1 to achieve this you will have to do the following:

To check the which all mysql rpm’s are available use the command:

rpm -qa | grep -i mysql-

First of all take a backup of /var/lib/mysql, and also ask the other users to keep a backup it with them. This can also be a .sql file. The command to take a backup is:

cp /var/lib/mysql /var/lib/mysql.bk

Now, you will have to edit the cPanel config file and make manual changes under this, so edit it with the command:

nano /var/cpanel/cpanel.config

And here, find for the line “mysql-version=5.0” and change it to “mysql-version=4.1”

Now, we will forcefully install mysql by the following command:

/scripts/mysqlup --force

You can now check again with the command:

rpm -qa | grep -i mysql-

This is done and worked for me.

Any suggestions or questions are welcome.

update python

if there’s some problems with mail or anything u can go and update python on ur cpanel server

download the least version here : http://www.python.org/download/

the build it and edit cpanel config to match the new version

cd /usr/local/src/
wget http://www.python.org/ftp/python/2.6.4/Python-2.6.4.tgz
tar -xvzf Python-2.4.6.tgz
cd Python-2.4.6/
./configure –prefix=/usr/local/python.2.4.6/
make
make install

now u have install python on ur system as slave version u can edit cpanel config now
vi /var/cpanel/cpanel.config then find python and comment that line # and enter line blow
python=/usr/local/python.2.4.6/bin/python2.4
do force update to ur cpanel

everything is ok

Daily Process Logs are not working in WHM

"Daily Process Log" page in WHM, Where it's exactly coming from?

the same information may be accessed via command-line (SSH access) using the following script:

# /usr/local/cpanel/bin/dcpumonview

Simply run this script to update the stats also make sure cron is properly set to update the stats. The information is updated every 5 minutes by an entry in the root crontab, like the following:

# crontab -l -u root | grep dcpumon
*/5 * * * * /usr/local/cpanel/bin/dcpumon >/dev/null 2>&1

That's it.

How to Get Linux Server Sends Email Alert on Root Login

1. Login to the server via SSH using as root ID.
2. Ensure that you’re at home directory of root. The open up the .bash_profile for editing using pico or vi by typing one of the following commands at command shell line:

pico .bash_profile
vi .bash_profile
3. Scroll down to the end of the file and add the following line:


echo 'ALERT - Root Shell Access on:' `date` `who` | mail -s "Alert: Root Access
from `who | cut -d"(" -f2 | cut -d")" -f1`" user@example.com

Replace user@email.com with the actual email account
address that you want to the root access alert notification been sent to. Note that you can change the text contains in the email alert too. The text starting with first ALERT is written as email body, and you can add in other info such as host name or change the wordings. The second Alert is the email title which you can change to your own too.

Now logout and login again as root, you should receive an email alert at your inbox. The security trick should works on most popular flavor of Linux such as RedHat, CentOS, Ubuntu, FreeBSD and etc.

Disable eAccelerator for one domain

I had an issue where I had to disable eAccelerator for a single domain on my VPS.

I've seen instructions that say to put following lines .htaccess file in the site's root directory,

php_flag eaccelerator.enable 0
php_flag eaccelerator.optimizer 0



but when I did that trying to access any pages on that site resulted in a 500 error.

I found that the only way to make this work is to locate the VirtualHost section for the domain in question in /etc/httpd/conf/httpd.conf. Within that VirtualHost section, there should be a section that looks similar to this:



php_admin_value open_basedir "/home/site-name/:/usr/lib/php:/usr/local/lib/php:/tmp"



Add the following lines to this section, before the ""


php_flag eaccelerator.enable 0
php_flag eaccelerator.optimizer 0


Any suggestions or questions are welcome.

FTP hangs when CSF is on

This is very known issue between CSF and ftp and it hangs while we change directory through ftp so this is what I tried to get this fixed.

Server the follwoing line in /etc/pure-ftpd.conf

Port range for passive connections replies. - for firewalling.

and simply comment it.

Then restart FTP and CSF and FTP should be working fine now.

Upgrade CentOS 4.8 to 5.3

Traditionally, the dist upgrade path that many were familiar with from the RH8/9->Fedora or similarly Fedora dist upgrades, have applied more or less to RHEL/CentOS but with the release of 4.5 and early releases of 5.0 the actual dist upgrade path was messy or nearly impossible. The early versions of 5.0 (up to 5.2) had excessive dependency issues with versions later than 4.4 for straight dist upgrades that would often result in a box blowing up on you or forcing a messy downgrade attempt of 4.5+ to 4.4 to try get things to dist upgrade. With more recent release updates the gap has closed and now dist upgrades on are far more reasonable to complete with little in the way of problems.

If you are currently running a version of RHEL/CentOS earlier than 4.8 (cat /etc/redhat-release) then please do a proper ‘yum update’ and get yourself on 4.8. Although this is intended for CentOS it “should” (read: at own risk) work on RHEL systems as well, in the unfortunate situation that something does blow up please post a comment and I will try to assist.

The first thing we must do is make sure none of our core binaries, libraries or other content is set immutable as this will cause a package to fail on installation. If you are running an earlier version of LES or you use immutable bits on system paths (sbin/bin/share/include/libexec/etc) then you should run the following:

wget http://www.rfxn.com/downloads/disable.les.rpmpkg
sh disable.les.rpmpkg


Once that is done we should go ahead and have a quick run through of cleaning up yum cache, double check that any pending updates are installed and rebuild the rpmdb:

rpm --rebuilddb
yum clean all
yum update


If for some reason the rpm rebuild hangs for more than a few minutes then you may need to manually clear the rpmdb files:

rm -f /var/lib/rpm/__db.00*
rpm --rebuilddb


If you run into any minor dependency issues for packages that are not essential, such as syslinux and lftp then you can either exclude them or better yet remove them. If you are not sure what a package does, then you should query it for description details and make an educated choice (rpm -qi PACKAGE):

rpm -e lftp syslinux mkboot

OR (but not recommended)

yum update --exclude=syslinux --exclude=lftp --exclude=mkboot

At this point you should be able to run a ‘yum update’ command with optional exclude and receive no errors (again, I recommend you remove conflicts items instead of using exclusions).

# yum update –exclude=nagios-plugins
Setting up Update Process
Setting up repositories
Reading repository metadata in from local files
Excluding Packages in global exclude list
Finished
No Packages marked for Update/Obsoletion


Now we are ready to get going, I have put together a small package that contains the needed packages for this upgrade in addition to a few that you might require to resolve dependency conflicts:

wget http://www.rfxn.com/downloads/CentOS-5up.tar.gz
tar xvfz CentOS-5up.tar.gz
cd CentOS-5up


We need to go ahead and setup the centos-release package as follows:

rpm -Uhv centos-release-*

If you see that CentOS-Base.repo was created as /etc/yum.repos.d/CentOS-Base.repo.rpmnew then go ahead and move it into the proper place:

mv /etc/yum.repos.d/CentOS-Base.repo.rpmnew /etc/yum.repos.d/CentOS-Base.repo

Now we are ready to go with kernel changes, this is an important part so pay attention. The key to successful upgrade is that you remove ALL OLD KERNELS as many packages will fail to install during the upgrade if they detect a release 4.x kernel due to minimum kernel version dependency checks. We will start with first installing the new kernel so it preserves grub templating:

rpm -ivh kernel-2.6.18-164.el5.i686.rpm kernel-devel-2.6.18-164.el5.i686.rpm --nodeps

NOTE: release 5.x has smp support integrated into the standard kernel, so no -smp version is required for mp systems

If you are running an older system the chances are you got allot of older kernel packages installed so make sure you get them all out of the way:

rpm -e $(rpm -qa | grep kernel | grep -v 2.6.18 | tr '\n' ' ')

You may end up with a few dependencies coming up such as lm_sensors and net-snmp if the list is fairly small and packages you do not recognize as critical (if unsure always query the package for info ‘rpm -qi PACKAGE’, remember you can reinstall them later):

# rpm -e $(rpm -qa | grep kernel | grep -v 2.6.18)
error: Failed dependencies:
kernel-utils is needed by (installed) lm_sensors-2.8.7-2.40.5.i386


The command the ended up being required on most of my servers to get the kernel packages and related dependencies came out to the following:

rpm -e $(rpm -qa | grep kernel | grep -v 2.6.18 | tr '\n' ' ') lm_sensors net-snmp net-snmp-devel net-snmp-utils

That said and done you should now only have 2 kernel packages installed which are the 2.6.18 release 5.x kernels, DO NOT under any circumstance continue if you still got 2.6.9 release 4.x kernels packages still installed, remove them!

# rpm -qa | grep -i kernel
kernel-2.6.18-164.el5
kernel-devel-2.6.18-164.el5


A cleanup of /etc/grub.conf may be required, though if all went as planned then the rpm command should have done this up for us but review it anyways for good measure. You should find that 2.6.18-164.el5 is the only kernel in the file, if it is not go ahead and clean it by removing all older entries for 2.6.9 kernels.

There is a known bug with python-elementtree package versions which cause yum/rpm to think the release 4.x version is newer than the 5.x version, to get around this without blowing up the entire python installation we need to remove the package from just the rpmdb as follows:

rpm -e --justdb python-elementtree --nodeps


We can now go ahead and use yum to start the upgrade process, this is a dry run and will take a few minutes to compile list of available packages and associated dependency checks. You should carry the exclude options, if any, that you used during the ‘yum update’ process as so to avoid unresolvable dependencies:

yum clean all
yum upgrade --exclude=nagios-plugins


You will end up with a small list of dependency errors, these should be resolved by again evaluating a packages need as a critical system component and either removing it with ‘rpm -e’ or excluding it with ‘–exclude’ (remember to query description with ‘rpm -qi PACKAGE’ if you are unsure what something does). In my case the packages that threw up red flags were stuff I had manually installed over time such as iftop and mrtg in addition to default installed samba, these can all safely be removed or excluded as you prefer (removal always safest to prevent dependency chain issues).

Error: Missing Dependency: libpcap.so.0.8.3 is needed by package iftop
Error: Missing Dependency: perl(Convert::ASN1) is needed by package samba
Error: Missing Dependency: libevent-1.1a.so.1 is needed bypackage nfs-utils
Error: Missing Dependency: perl-Socket6 is needed by package mrtg
Error: Missing Dependency: perl-IO-Socket-INET6 is needed by package mrtg


rpm -e iftop samba nfs-utils mrtg system-config-samba

At this point we should be ready to do a final dry run of with yum and see where we stand on dependencies, rerun the earlier ‘yum upgrade’ while making sure to carry over any exclude options you are using.

yum upgrade --exclude=nagios-plugins

You should now end up with a summary of actions that yum needs to perform, go ahead and kick it off… this will take a bit to complete so go grab some coffee/jolt/redbull and maybe a small snack cause it could be a long night if this blows up on you.

Transaction Summary
=============================================================================
Install 183 Package(s)
Update 327 Package(s)
Remove 0 Package(s)
Total download size: 299 M
Is this ok [y/N]:

Once yum has completed (hopefully without major errors) we need to fix a few things, the first is the rpmdb needs a rebuild due to version changes that will cause any rpm commands to fail:

# rpm -qa
rpmdb: Program version 4.3 doesn’t match environment version
error: db4 error(-30974) from dbenv->open: DB_VERSION_MISMATCH: Database environment version mismatch
error: cannot open Packages index using db3 – (-30974)
error: cannot open Packages database in /var/lib/rpm

This can be fixed by running the following to manually rebuild the rpmdb:

rm -f /var/lib/rpm/__db.00*
rpm --rebuilddb
yum clean all


The next issue on the list is python-elementtree and python-sqlite, one or both of these may have ended up in a broken state that will cause all yum commands to break, so we will go ahead and reinstall both of these for good measure:

rpm -e --justdb python-elementtree --nodeps
rpm -ivh python-elementtree-1.2.6-5.el5.i386.rpm
rpm -ivh python-sqlite-1.1.7-1.2.1.i386.rpm --nodeps --force


The yum command should now work, go ahead and run it with no options, if you do not get any errors you are all sorted.

Hopefully the install went well for you, the only thing left to do is go ahead and reboot the system; this is the last point at which you have to make backups (but we all maintain backups right?). For the sake of avoiding a heart attack if the system goes into an fsck, we will reboot with the -f option to skip fsck:

shutdown -rf now


That’s a wrap, I hope you found this HowTo useful, if you did run into any issues then go ahead and post them into the comments field and I will try to assist but when in doubt typically google is the fastest alternative.

Limit IP downloads in Apache, Save bandwidth by installing LimitIPConn

About LimitIPConn
This is the distribution page for the Apache module mod_limitipconn.c, which allows web server administrators to limit the number of simultaneous downloads permitted from a single IP address

Official site: http://dominia.org/djao/limitipconn.html

well does this thing work with Cpanel ?
Answer :: Yes, it does.

Installing mod_limitipconn.c

Installing this was quick and easy. Login to your server through shell as the root user.

# wget http://dominia.org/djao/limit/mod_limitipconn-0.22.tar.gz
# tar -xzvf mod_limitipconn-0.22.tar.gz
# cd mod_limitipconn-0.22
# nano Makefile
Find
APXS = apxs
CHANGE TO:
APXS = /usr/local/apache/bin/apxs
Save

#make
#make install

This adds the module to httpd.conf and backs up the old configuration from httpd.conf.new

# vi /usr/local/apache/conf/httpd.conf
It should have added the following:

LoadModule limitipconn_module libexec/mod_limitipconn.so
and
AddModule mod_limitipconn.c


Now we need to setup the configuration for the site you want to add the limits to. Search the domain you want and go to the configuration for it in httpd.conf

You should be at the part like this:


ServerAlias www.domain.com domain.com

Add the following configuration that you want, this restricts 2 directories I have on my site to prevent users from downloading more than 1 video at a time, I have 2 separate rules.



MaxConnPerIP 1
# In this case, all MIME types other than audio/mpeg and video*
# are exempt from the limit check
OnlyIPLimit audio/mpeg video



MaxConnPerIP 1
# In this case, all MIME types other than audio/mpeg and video*
# are exempt from the limit check
OnlyIPLimit audio/mpeg video





So my whole entry for the domain looks like this:


ServerAlias www.domain.com domain.com
ServerAdmin webmaster@domain.com
DocumentRoot /home/domain/public_html
BytesLog domlogs/domain.com-bytes_log
ServerName www.domain.com

php_admin_value open_basedir "/home/domain:/usr/lib/php:/usr/local/lib/php:/tmp"



MaxConnPerIP 1
# In this case, all MIME types other than audio/mpeg and video*
# are exempt from the limit check
OnlyIPLimit audio/mpeg video



MaxConnPerIP 1
# In this case, all MIME types other than audio/mpeg and video*
# are exempt from the limit check
OnlyIPLimit audio/mpeg video



User domain
Group domain
CustomLog domlogs/domain.com combined
ScriptAlias /cgi-bin/ /home/domain/public_html/cgi-bin/



Save httpd.conf


Test Apache Configuration
# apachectl configtest start
Make sure it comes back ok without errors

# /scripts/restartsrv_httpd

Apache will restart. Try it out. Go to your limited directory and try to download 2 things (2 depends on your IP limit you set). You should get forwarded to a 503 Temporary Service page. We can customize that as well.

Any suggestions or questions are welcome.

Install SIM (System Integrity Monitor)

Many of us use online services to monitor web server status, if it goes down, if all services are up and running fine, which send back notification by sms, email or others... Such tools help making server administrator's life easier, but what about taking an action even before that your service goes down ? To be able to take such actions you will need to be informed in-time about your services status, actual server load, ... etc. A solution is System Integrity Monitor (SIM), a system and services monitor for 'SysVinit' systems.

SIM is designed to be intuitive and modular in nature, and to provide a clean and informative status system. It does this by consistently verifying that services are online, load averages are in check, and log files are at reasonable sizes. Many other SIM modules sport different and in-depth features to bring a well rounded tool to your disposal to stop otherwise common issues daunting internet hosts.
SIM Features include :

* Service monitoring of HTTP, FTP, DNS, SSH, MYSQL & more
* Event tracking and alert system
* Auto restart ability for downed services
* Checks against network sockets & process list to ensure services are online
* Advanced HTTP service monitoring, to prevent commonly encountered issues
* System load monitor with customizable warnings & actions
* Ability to auto restart system with definable critical load level
* Priority change configurable for services, at warning or critical load level
* Informative command line status display
* Easily customizable configuration file
* Auto configuration script
* Auto cronjob setup feature
* Simple & Informative installation script
* Integrated auto-update feature

Install SIM :

$wget http://www.rfxn.com/downloads/sim-current.tar.gz
$tar xvfz sim-current.tar.gz
$cd sim*
$sudo ./setup -i

Configuration :

After installation, setup will run a configuration script which will guide through features that you would like to enable or disable. The configuration script should be located in /usr/local/sim/autoconf

Most interesting to configure is http, mysql, and server load. You can configure more monitor according to your needs such as FTP, ENSIM, SMTP ... etc.

SIM 2.5-4 Auto-Config Script

All questions default to value in brackets if no answer is given. If you
make a typo during the autoconf process, hit CTRL+C (^C) to abort and
rerun the autoconf script (/usr/local/sim/autoconf).

The below are general configuration options for SIM:
press return to continue...

Where is SIM installed ?
[/usr/local/sim]:

Where should the sim.log file be created ?
[/usr/local/sim/sim.log]:

Max size of sim.log before rotated ? (value in KB)
[128]:

What is the location of your kernel log ?
Found kernel log at /var/log/messages

Where should alerts be emailed to ? (e.g: root, user@domain)
[root]:

Disable alert emails after how many events, to avoid email flood ?
(Note: events stats are cleared daily)
[8]:

The below are configuration options for Service modules:
press return to continue...

Auto-restart services found to be offline ? (true=enable, false=disable)
[true]:

Enforce laxed service checking ? (true=enable, false=disable)
[true]:

Disable auto-restart after how many downed service events ?
(Note: events stats are cleared daily)
[10]:

Enable FTP service monitoring ? (true=enable, false=disable)
[false]:

Enable HTTP service monitoring ? (true=enable, false=disable)
[false]:true

Name of the HTTP service as appears in 'ps' ?
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.3/FAQ
Found service name as httpd

TCP/IP port that HTTP operates on ?
Found service port as 80

Path to HTTP service init script ?
Found service init script at /etc/init.d/httpd

Enable DNS service monitoring ? (true=enable, false=disable)
[false]:

Enable SSH service monitoring ? (true=enable, false=disable)
[false]:

Enable MYSQL service monitoring ? (true=enable, false=disable)
[false]:true

Name of the MYSQL service as appears in 'ps' ?
[mysqld]:

TCP/IP port that MYSQL operates on ?
[3306]:

Path to MYSQL service init script ?
Found service init script at /etc/init.d/mysql

Enable SMTP service monitoring ? (true=enable, false=disable)
[false]:

Enable XINET service monitoring ? (true=enable, false=disable)
[false]:

Enable ENSIM service monitoring ? (true=enable, false=disable)
[false]:

Enable NETWORK monitoring ? (true=enable, false=disable)
[false]:true

interface to monitor ?
[eth0]:

Path to NETWORK init script ?
[/etc/init.d/network]:

Enable LOAD monitor ? (true=enable, false=disable)
[false]:true

Load level before status condition 'warning' ?
[25]:

Load level before status condition 'critical' ?
[45]:

Enable a global (wall) message at status condition 'warning' & 'critical' ?
[false]:

Renice services at status condition 'warning' or 'critical' ?
(3 values - warn, crit, false - false=disabled)
[false]:

Stop nonessential services at status condition 'warning' or 'critical' ?
(3 values - warn, crit, false - false=disabled)
[false]:

Reboot system on status condition 'warning' or 'critical' ?
(3 values - warn, crit, false - false=disabled)
[false]:

Configuration completed, saving conf.sim...
Done, conf.sim saved to /usr/local/sim.

And you are done ! You can already have a look at /usr/local/sim/sim.log to see how your services are actually acting.

Suggestions and questions are welcome.

How to Clear Your /tmp Folder Automatically?

Is your /tmp directory simply getting overrun with SESS files? If so, try this:

make a file in scripts called cleantmp, put the following in it:

************
# This script cleans out /tmp of empty, root, cpanel
# and nobody session files in /tmp
# rev 2.0b by Darren - 8.19.07

# if --test is passed, we just show the results
if [ "$1" == "--test" ]
then
CMD="-exec ls -la"
echo "$0: test mode"
else
CMD="-exec rm -rf"
fi

if [ "$1" == "--help" ]
then
echo ""
echo "cleantmp will clean out your tmp directory for you"
echo ""
echo "Parameters:"
echo "--test to run in test mode"
echo "--help display this file"
echo "-a accountname to remove all files owned by account name"
echo "-e cleans out all empty (zero length) files"
echo ""
exit 0
fi

if [ "$1" == "-a" ]
then
echo ""
echo "Removing session file for account $2"
find /tmp -name "sess*" -user $2 -maxdepth 1 $CMD {} \;
echo "completed"
echo ""
exit 0
fi

if [ "$1" == "-e" ]
then
echo ""
echo "Cleaning out empty files from /tmp"
find /tmp -name "sess*" -empty -maxdepth 1 $CMD {} \;
echo "completed"
echo ""
exit 0
fi


# remove empty session files that are over 2 hours old
find /tmp -name "sess*" -empty -mmin +120 -maxdepth 1 $CMD {} \;

# remove root owned session files
find /tmp -name "sess*" -user root -maxdepth 1 $CMD {} \;

# remove nobody session files
find /tmp -name "*sess*" -user nobody -maxdepth 1 $CMD {} \;

# remove cpanel owned session files
find /tmp -name "sess*" -user cpanel -maxdepth 1 $CMD {} \;

# remove any session file over 5 hours old
find /tmp -name "sess*" -mmin +300 -maxdepth 1 $CMD {} \;

# remove any spamassassin file over 4 hours old
find /tmp -name ".spamassassin*" -mmin +240 -maxdepth 1 $CMD {} \;
************

Now save, and chmod it so it can be run (use your discretion for perm level):
chmod 755 /scripts/cleantmp

Run it as /scripts/cleantmp --test to view which files will be removed or /scripts/cleantmp -a accountname to remove all files owned by account name. And running it with "-e" will remove all empty session files.

What we do on most boxes is have it run in cron.hourly so that it purges session files. It cleans empties that are over 2 hours old, and normal ones that are over 5 hours old. Keep in mind, this may break software that uses "Keep Me Logged In Indefinitely" option for users. But the script could be easily modified to skip some session files if needed.

So, go to /etc/cron.hourly and create a file called cleantmp. Put this into it:

****************
#!/bin/bash

/scripts/cleantmp -e >/dev/null 2>&1
/scripts/cleantmp >/dev/null 2>&1
****************

and save it, then do the same permissions procedure as above. Now every hour, the script wil clean out empty and older SESS files and keep your sites up. Modify this and the other script as needed.

Hope this helps! Suggestions, questions are welcome.

Upload (mput) and Download (mget) Multiple Files Automatically in FTP Transfer

To avoid the situation and automatically transfer the files so that the FTP session can process unattended, use the prompt command before using the mput or mget commands. The prompt command toggles between prompting on, where ftp will prompt you to choose yes or no before each file is transfered, and prompting off, which will copy all files without prompting. By default, prompting is on. So to continue to FTP transfer all files without asking, remember to issue prompt command before starting the transfer process. Ask it do not prompt before putting or getting the files, make sure that your existing files do have have the same file name as FTP will overwrite the existing files that exists on the destination directory automatically too. The command is simple, just a single word “prompt”:

ftp> prompt

Interactive mode off.

FTP command line utility should return Interactive mode off.

Thanks.

Excessive mail sent by an user alert for cPanel

If you need a simple script to alert you by mail when a user exceeds a predefined mail rate limit, then check this out.

========================================================================

1# mailflag=0
2# limit=5
3# mailid=mailaddresshere
4# chkdate=`date -d “60 minute ago” +%Y-%m-%d\ %k`
5# #chkdate=2009-11-10
6# mailfile=$(mktemp)
7# for i in `mysql –batch –skip-column-names -e ” use eximstats; select user,email,msgid from sends where \
8# mailtime like ‘$chkdate%’;” | awk ‘{print $1}’ | sort | uniq -c | sort -n | sed ’s/^ *//’| sed ’s/ /:/’`
9# do
10# k=`echo $i | cut -d ‘:’ -f1`
11# username=`echo $i | cut -d ‘:’ -f2`
12i# f [ "$k" -gt "$limit" ]
13# then
14# mailflag=1
15# echo -e “\n\n\n Excessive mail sent by user : $username \n\n” >> $mailfile
16# echo -e “==============================================================
===========” >> $mailfile
17# echo “ mailtime msgid email processed user size ip auth” >> $mailfile
18# mysql –batch –skip-column-names -e ” use eximstats; select * from sends where mailtime like ‘$chkdate%’ and \
19# user like ‘$username’;” >> $mailfile
20# echo -e “===============================================================
========” >> $mailfile
21# fi
21# done
22# if [ "$mailflag" == 1 ]
23# then
24# cat $mailfile | mail -s “Excessive mail sent by user” $mailid
25# fi
26# rm -rf $mailfile
==========================================================================

You need to edit the limit and mailid variables according to your requirement.
eg:
limit=300
mailid=test@live.com

Suggestions, questions are welcome.