Sunday 31 March 2013

Restrict users access to only their home directory in vsftp

If you want to restrict FTP users to have access only their home directory but not outside of their own directory. You have to setup chroot.

1. open vsftpd configuration file
vi /etc/vsftpd/vsftpd.conf

2. Uncomment the below line
$ chroot_local_user=YES

3. Save and close the file. Restart vsftpd.
$ /etc/init.d/vsftpd restart

As a result FTP users can't access directories other than their home.

ftp> cd /home
550 Failed to change directory.

Thats it.

Friday 29 March 2013

copy/move/delete files using xargs


How to move/copy/delete largest 15 files to a particular directory

Go to the user directory
$ cd /home/user

If you want to move them, use this below command
$ ls -s|sort -n|tail -15|awk '{print $2}'|while read f;do mv "$f" /backup;done


Explanation:
ls -s - prints size of each file
sort -n - sort files
tail -15 - 15 largest files
awk '{print $2}' - cut the filename
while loop moves files to /backup directory




If you want to delete them, use this below command
$ ls -s|sort -n|tail -15|awk '{print $2}'|while read f;do rm "$f";done

If you want to copy them, use this below command
$ ls -s|sort -n|tail -15|awk '{print $2}'|while read f;do cp "$f" /backup;done


Fix files and folder permission on linux


For files:
find . -type f -exec chmod 644 {} \;

For dirs:

find . -type d -exec chmod 755 {} \;

Monday 25 March 2013

wget recursive download using ftp


wget recursive download using ftp 

$ wget -r ftp://username:password@ip.of.old.host

If you get error like:

$ wget -r ftp://ftp:M8cf#5GP@xx.xx.xx.xx
  ftp://ftp//:M8cf#5GP@xx.xx.xx.xx: Bad port number.

however if you remove special characters like #,$ and ? from the password than the same will work fine.


wget recursive ftp with mirroring option

wget -m ftp://username:Password@ftp.example.com


Saturday 23 March 2013

assign multiple shared IPs in WHM


You can add more shared IPs by following the steps shown below.
cd /var/cpanel/mainips

If there is no such directory, create it.

mkdir -p /var/cpanel/mainips

vi /var/cpanel/mainips/root

Add the current main shared IP and the secondary ip.


cat /var/cpanel/mainips/root
11.22.33.44
44.33.22.11

Go to WHM » IP Functions » Show/Edit Reserved IPs


You can see the status of new IPs as 'Main/shared IP for root'.

That's it :)

Friday 8 March 2013

stop and continue a linux process


In many occasion we may need to stop and start a process temporarily for some reasons(for example stopping rsync process for some time if the system loads goes up). This can be done using the KILL command with the -STOP option and the same process can be started again using -CONT option. For example :
   # kill -STOP 10007 (10007 is the pid)

The above command will sends a signal requesting to block/stop the pid 10007. And the below command will sends a signal request to continue/restart the suspended process.
   # kill -CONT 10007 (10007 is the pid)

Installing multiple python environments without breaking yum


Please use altinstall to have multiple python
# cd /usr/src/
# wget http://www.python.org/ftp/python/2.7.2/Python-2.7.2.tgz
# tar -xzvf Python-2.7.2.tgz
# cd Python-2.7.2
# ./configure
# make altinstall

To verify the newly installed python, run this below command.
# python2.7 -V
Python 2.7.2

Typically cpanel server server uses the Python 2.6.6 by default. But we can use newer version of python as well.

# which python2.7
/usr/local/bin/python2.7

That's it. We're done.

Use ethtool or mii-tool to detect problems with ethernet card


[root@s2 adserver]# ethtool eth0
Settings for eth0:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
                     100baseT/Half 100baseT/Full
                     1000baseT/Full
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Full
Advertised auto-negotiation: Yes
Speed: Unknown! (0)
Duplex: Half
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
Supports Wake-on: pumbg
Wake-on: g
Current message level: 0x00000033 (51)
Link detected: yes

You can also change the interface settings with ethtool.
[root@s2 adserver]# mii-tool
eth0: negotiated 10baseT-FD, link ok

Too many open files: /.htaccess


Forbidden You don’t have permission to access /vb/forumdisplay.php on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request i did tail -f /usr/local/apache/logs/error_log and find lot of lines like this:
[Fri May 9 17:13:33 2008] [crit] [client] (24)Too many open files: /.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable

Sol:
It seems the limit for open files is reaching. Type ulimit -a in shell. It should be 1024 by default.

You can add this limit for apache by adding this line to the apache init script and restarting apache.
# ulimit -n 4096

Wordpress version finder bash script


This script can be used on cpanel servers.

#!/bin/bash
email=user@gmail.com # email where the reports are sent
hostname=`/bin/hostname`
find /home/*/public_html -iname version.php > /root/version.txt
grep "wp-includes" /root/version.txt > /root/version.txt1
for i in `cat /root/version.txt1`; do echo "Installed path=`echo $i|dirname $i|awk -Fwp {'print $1'}`" ; echo "Latest version = 3.3.1" ;echo
"Installed version = `grep "wp_version =" $i |cut -d '=' -f2`"; echo " "; done > /root/out.txt
mail $email -s"Wp-version report - $hostname" < /root/out.txt
rm -f /root/version.txt*
rm -f /root/out.txt


Reset WP-admin password from shell


1. Open a bash shell on the linux box. Using SSH is advised.

2. Generate a password MD5 hash using php.
# php -r "print( md5('YourPassWordHere')); print(\"\r\n\");"

3. Copy the 32 bit string that is the result.

4. Connect to mysql
mysql

5. Connect to the correct database;
show databases;
use databasename;

6. make a copy/paste backup of the admin user data.
select * from wp_users where user_login = 'admin';

7. Update the table
update wp_users set user_pass='the_md5_hash_generated_in_step_2/3' where user_login = 'admin';

8. Log into wordpress using the username “admin” and the password you have used.

9. Reset you password using the “wordpress dashboard > Users > Your profile > Change password” option.

Script to change the passwords of all cPanel accounts


You may need to change passwords of all the cpanel accounts sometimes because of the security concerns. Following script will allow you to change the passwords of all the accounts.

1. Create and open a file “changepass.sh” in your favorite editor and add following details to it.
#! /bin/bash
ls -1 /var/cpanel/users | while read user; do
pass=`</dev/urandom tr -dc “A-Za-z0-9*-/+.*=_\|\\#” | head -c16
echo “$user $pass” >> new-pass.txt
/scripts/realchpass $user  $pass
/scripts/ftpupdate
done

2. Give executable permission to our script.
# chmod +x  changepass.sh

3. Execute the script.
# sh changepass.sh

The script will change all the passwords of cPanel and ftp accounts and create text file with the name ” new-pass.txt” which contains all the new passwords.

A note about dmesg command


What is dmesg?

 The main purpose of dmesg is to display kernel messages. dmesg can provide helpful information in case of hardware problems or problems with   loading a module into the kernel. In addition, with dmesg, you can determine what hardware is installed on your server. During every boot,

 Linux checks your hardware and logs information about it. You can view these logs using the command /bin/dmesg.

Clearing the kernel ring buffer
If you want you can backup the logs using dmesg > filename before clearing it. Just execute the following command to clear and frest start the ring buffer loggin (make sure you have logged in as root).

# dmesg -c

Execute the command dmesg to make sure the logs are cleared. Check man dmesg for more help.

Change /tmp file system from ext3 to ext4


Change /tmp file system from ext3 to ext4

# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/xvde1             48G  7.3G   38G  17% /
/securetmp            962M   18M  896M   2% /tmp

Check /securetmp file type to make sure whether its ext3 or not.
# file /securetmp
/securetmp: Linux rev 1.0 ext3 filesystem data (needs journal recovery) (large files)

Then unmount /tmp
# umount /tmp

Next format /securetmp to use ext4 file system
# mkfs.ext4 /securetmp

You can verify it by running file command.
# file /securetmp
/securetmp: Linux rev 1.0 ext4 filesystem data (extents) (large files) (huge files)

Edit ext3 to ext4 for /securetmp in /etc/fstab:
# /securetmp  /tmp ext3 loop,noexec,nosuid,rw 0 0 ====>  /securetmp  /tmp ext4 loop,noexec,nosuid,rw 0 0

Run mount -a to get fstab updated
# mount -a

Thats it. We're done.

Mount: /dev/sdb1 already mounted or /mnt busy


mount: /dev/sdb1 already mounted or /mnt busy

[root@]# mount -t ext3  /dev/sdb1 /mnt
mount: /dev/sdb1 already mounted or /mnt busy

lsof didn’t provide any open files that might be linked to this problem or there was any “famd” running. Finally doing the following steps to remove the logical devices from the device-mapper driver helped us fix the problem.
[root@]# dmsetup ls
ddf1_44656c6c202020201028001510281f033832b7a2f6678dab   (253, 0)
ddf1_44656c6c202020201028001510281f033832b7a2f6678dab1  (253, 1)

[root@]# dmsetup remove ddf1_44656c6c202020201028001510281f033832b7a2f6678dab1

[root@]# dmsetup ls
ddf1_44656c6c202020201028001510281f033832b7a2f6678dab   (253, 0)

[root@]# dmsetup remove ddf1_44656c6c202020201028001510281f033832b7a2f6678dab

[root@]# dmsetup ls
No devices found

Tracking the scripts that send mails on exim


currently running:
# ps -C exim -fH ewww|awk '{for(i=1;i<=40;i++){print $i}}'|sort|uniq -c|grep PWD|sort -n

Few times ago:
# grep "cwd=" /var/log/exim_mainlog|awk '{for(i=1;i<=10;i++){print $i}}'|sort|uniq -c|grep cwd|sort -n

Tracking direct Spammers.(apache):
# netstat -plan |grep :25 | awk '{print $5}' |cut -d: -f1 |sort |uniq -c |sort -n

See the IP addresses accessing php files. This will work only in servers running php as CGI.
# ps aeuxf | grep php|awk -F'REMOTE_ADDR=' '{ print $2 }' |cut -d\  -f 1 | uniq -c | sed 's/^[ ]*//'

To get the active php processes running on the server.
# ps aeuxf | grep php | awk -F'SCRIPT_FILENAME=' '{ print $2 }'  |cut -d\  -f 1 | uniq -c |  sed 's/^[ ]*//'

To list the php processes and the time they have been running on the server.
# ps -eo pid,cmd,etime,args --sort:etime | grep php


Kernel: Neighbour table overflow


Nearly any linux 2.6.* kernel. Typically occurs in situations where there are large, flat networks (e.g. when the subnet mask is /16 and there are more than 1000 active nodes). Solution

1. Check current values:
# grep . /proc/sys/net/ipv4/neigh/default/gc_thresh*

2. Echo new (higher) values into each of the above /proc entries:
# echo 512 > /proc/sys/net/ipv4/neigh/default/gc_thresh1
# echo 2048 > /proc/sys/net/ipv4/neigh/default/gc_thresh2
# echo 4096 > /proc/sys/net/ipv4/neigh/default/gc_thresh3

3. Add the same values to /etc/sysctl.conf:
# net.ipv4.neigh.default.gc_thresh1 = 512
# net.ipv4.neigh.default.gc_thresh2 = 2048
# net.ipv4.neigh.default.gc_thresh3 = 4096

Refer this link - https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk43772

Linux Drop Cache


The biggest advantage of Linux OS is maintaining cache for file-systems, memory pages etc to speedup the cpu process reducing the hard disk i/o. From 2.6.16 kernel a new mechanism has been introduced to have the kernel drop the pagecache, dentries or inodes cache which helps the administrator to throw away that script that allocated a ton of memory just to get rid of the cache.

NOTE : Its a good practice to run ” sync ” command before using the below options which will sync the
RAM cache back to the hard drives.

To free pagecache
# echo 1 > /proc/sys/vm/drop_caches

To free dentries and inodes
# echo 2 > /proc/sys/vm/drop_caches

To free pagecache, dentries and inodes
# echo 3 > /proc/sys/vm/drop_caches

You will see a sudden drop in the ram memory usage after running this commands. Use either top or free -m command to check the memory usage.

Install ProFTPD on CentOS 6


Before we do anything else, we need to download the EPEL repository which will allow us to install ProFTPD on our virtual private server with yum.

# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm



# yum install proftpd

Once ProFTPD is installed, you can make the needed adjustments in the configuration. Unlike some other ftp configurations, ProFTPD disables anonymous login from the outset and we only need to address a small change in the config file. Open up the file:
# vi /etc/proftpd.conf

Go ahead and change the Server Name to your host name.
ServerName                      "example.com"

Save and Exit from that file.

Then, to prevent any issues, add your droplet name and IP address to the hosts file:
# vi /etc/hosts

The line can look something like this:
12.34.56.789 servername

Restart after you have made all of your changes:
# service proftpd restart

That's it.

Install ImageMagick and Imagick on Cpanel Server


ImageMagick

Check first if it’s installed:
# /scripts/checkimagemagick

Proceed with Installation:
# /scripts/installimagemagick

Installation will take a couple minutes as it will install other packages needed by ImageMagick. After the installation, you can check your ImageMagick version:
# /usr/bin/convert --version

It will give you something like:
Version: ImageMagick 6.4.8 2009-05-11 Q16 OpenMP http://www.imagemagick.org Copyright: Copyright (C) 1999-2009 ImageMagick Studio LLC

Imagick

WHM -> Software -> Module Installers -> PHP Pecl (manage). On the box below Install a PHP Pecl enter imagick and click Install Now button

Restart Apache and check your phpinfo page to see the details of Imagick and ImageMagick as well.

Uninstall

ImageMagick:
# /scripts/cleanimagemagick

Imagick:
WHM -> Software -> Module Installers -> PHP Pecl (manage). Click on Uninstall button for Imagick.

That's all

Increasing the number of filelistings in pureftpd


Following are the steps for the same.
1) Login to the server as root.

2) Open the configuration file for pure-ftpd.
 # vi /etc/pure-ftpd.conf

3) Locate the line which says :
LimitRecursion 2000 8

This is ‘ls’ recursion limits. The first argument is the maximum number of files to be displayed and the second one is the max subdirectories depth.

4) Edit the mentioned line to the limits as needed. For Eg I would like to list 3000 files to a subdirectory depth of 6 the setting will be as follows:
LimitRecursion 3000 6

5) Now just restart the pure-ftpd service on the server.
# /etc/init.d/pure-ftpd restart

Now you can view the difference in listing.

Bash Tips


SHELL CONTROLS

Ctrl l Clear screen
Ctrl a Beginning of command line.
Ctrl e End of command line.
Ctrl r Reverse search history.
Ctrl k Delete to the end of the line.
Ctrl u Delete to the beginning of the line.
Ctrl y Insert the deleted.
Ctrl _ Undo command line edit.
Ctrl p Previous command.
Ctrl n Next command.
Alt t Switches first and second word.
Alt f Forward one word.
Alt b Backward one word.
Alt d Delete forward one word.
Alt Last Argument.
!X Execute last command started with X.
!4 Repeat the 4th command in history.
!$ Last argument.

pageup First command in history
^word1^word2 Substitute word1 with word2 in previous command

COMMANDS
ls -ld */ Lists all the directories.
mv /home/user/public_html/directory1/directory2/badscript.php{,.old}

VARIABLES
echo $RANDOM gives a random number.
echo $? gives the exit status of last process executed.
echo $_ echo the last argument.

ESC . last argument

Enable php fileinfo() on server


If we have the pecl binary installed then from the command line, we can run pecl, it will give a list of options that can be used to compile your extensions. Also we can install fileinfo with the following command:
# pecl install fileinfo

This will download the fileinfo source files, phpize the source, and then compile and install the extension. But we need to add "extension=fileinfo.so" in php.ini file and restart apache. Restarting apache will help PHP starting with the fileinfo extension active and ready for use.

If that above doesn't work then go for source install
# wget http://pecl.php.net/get/Fileinfo-1.0.4.tgz
# tar -zxf Fileinfo-1.0.4.tgz
# cd Fileinfo-1.0.4
# phpize
# ./configure
# make
# make install

After running the above commands you need to edit php.ini and add the following line.
extension=fileinfo.so

Restart apache service.
# /etc/init.d/httpd restart

We can verify the installation by phpinfo page.

load alert and monitor apache connections bash script


#! /bin/bash
if [ `uptime | awk '{ print$11 }' | cut -d. -f1` -gt 0 ];
then
netstat -plan |grep :80 | awk '{print $5}' |cut -d: -f1 |sort |uniq -c |sort -n > /tmp/conn.txt
echo " " > /root/mail_list
exec < /tmp/conn.txt
while read line
do
  con=$(echo $line | awk '{print $1}')
   if [ "$con" -gt "8" ];
      then
IP=$(echo $line | awk '{print $2}')
echo "Load Average:" > /root/mail_list
echo "=============" >> /root/mail_list
echo "Current Load:`cat /proc/loadavg | awk '{print $1}'`" >> /root/mail_list
echo "5 mins Before:`cat /proc/loadavg | awk '{print $2}'`" >> /root/mail_list
echo "15 mins before:`cat /proc/loadavg | awk '{print $3}'`" >> /root/mail_list
echo "The ip $IP has $con connections" >> /root/mail_list
else
continue;
fi
done
echo "`cat /root/mail_list`" |mail -s "Load and IP connections at `date`" user@gmail.com -v
#exit
else
echo "The server load is normal now `uptime | awk '{ print$10 }'`" >/dev/null 2>&1
fi

Vps server : Connection to the server closed after providing password


When trying to ssh to a server, it asked for the password and upon providing the password we got the message “Connection to the server closed”. The password provided is correct. If this error occurs, make sure that it is a VPS by accessing the WHM and checking the Disk usage. If it shows the device as “/dev/simfs”, then you can confirm that it is a VPS. Locate the hardware node of the VPS and login to the node. Try logging into the VPS by executing the command
# vzctl enter VEID

Then you will receive the error
Unable to open pty: No such file or directory In such case, run the following commands to fix it:
# vzctl exec VEID /sbin/MAKEDEV pty
# vzctl exec VEID /sbin/MAKEDEV tty
# vzctl enter VEID

To fix the issue permanently,
1. Edit the file /etc/rc.sysinit of the VPS server

2. Comment the line
/sbin/start_udev

3. Add the following lines after /sbin/start_udev:
/sbin/MAKEDEV tty
/sbin/MAKEDEV pty

4. Reboot your VPS
vzctl restart VEID

Thats All!

Unable to include potential exec


If you use Server Side Includes,
you may receive 500 error or "[Thu Jul 30 00:04:46 2009] [error] [client 10.10.215.101] unable to include potential exec "/cgi-bin/randhtml.cgi" in parsed file /home/username/public_html/index.html referer: http://www.westnic.net/about/index.html

Including executables are no longer allowed by default apache configuration. IncludesNOEXEC is now the default, SSI includes are now disabled by default. This is done to prevent server abuse / insure server security. We recommend using PHP coding wherever possible. If using cgi includes is ABSOLUTELY necessary you may enable the includes via :

Create/edit the .htaccess file (you may find it within public_html folder) to permit the execution of CGI programs with the following options: NOTE: backup file prior modification!!!

Enter the following:
Options +Includes +ExecCGI
AddHandler cgi-script .cgi .pl

Save .htaccess file.

You may also try this code inside .htaccess:
Options +Includes
AddHandler server-parsed .shtml

That's it. You're done.

Add multiple ip ranges on centOS server


If you are using CPanel, you should add the IP addresses through WHM. Do not follow these instructions if you are using CPanel.

If you want to assign the addresses 3.2.1.1 – 3.2.1.20 to your server, you will need to create a RANGE file.
# cd /etc/sysconfig/network-scripts
# ls ifcfg-eth1-range*

If you already have a range file, you will need to create a new one for the new range of IPs you are adding, eg ‘nano ifcfg-eth1-range1` . If you have one named range1, name the next range2 and so on.
# nano ifcfg-eth1-range1
Place the following text in the file:
IPADDR_START=192.168.0.10
IPADDR_END=192.168.0.110
CLONENUM_START=0

Note: CLONENUM_START defines where the alias will start. If this is the second range file, you will need to set CLONENUM_START to a value higher than the number of IP addresses assigned.

To check what you currently have used, you can run ‘
# ifconfig -a | grep eth1

This will list devices such as eth1:0, eth1:1, eth1:2, and so on. If you are currently using upto eth1:16, you will need to set CLONENUM_START to 17 to assign the IPs correctly.

No space left on device: Couldn’t create accept lock


Apache was not starting in the server and the error logs shows the following.
[emerg] (28)No space left on device: Couldn’t create accept lock (/usr/local/apache/logs/accept.lock.

It’s because the sempahore arrays in system memory is full. Check if there’re any processes in semaphore that are owned nobody in semaphores (or the user which apache is being run):
# ipcs -s|grep nobody

If you can see the semaphore processes for nobody, eventhough no apache processes are running, you can remove them safely. It happens when Apache dies without clearing the Semaphore arrays. Run the following command:
# for semid in `ipcs -s | grep nobody | cut -f2 -d" "`; do ipcrm -s $semid; done

Now restart apache
# service apache restart

Now, in almost all cases, Apache should start properly. If it doesn’t, you may just be completely out of available semaphores. You may want to increase your available semaphores, and you’ll need to tickle your kernel to do so. Add this to /etc/sysctl.conf:
kernel.msgmni = 1024
kernel.sem = 250 256000 32 1024

And then run sysctl -p to pick up the new changes.

Deleting folders with false ownership


The following one liner script will list all those backups in /backup/serverbackup/home/ with false ownership.

for i in $(find /backup/serverbackup/home/* -maxdepth 0 -nouser); \
do \
grep ^$(basename $i): /etc/passwd &>/dev/null || echo $i; \
done

The following one liner script will list all those backups in /backup/serverbackup/home/ with false ownership and disk space used information of the same.

for i in $(find /backup/serverbackup/home/* -maxdepth 0 -nouser); \
do \
grep ^$(basename $i): /etc/passwd &>/dev/null || du -sh $i; \
done

The following one liner script will delete all those backups in /backup/serverbackup/home/ with false ownership.

for i in $(find /backup/serverbackup/home/* -maxdepth 0 -nouser); \
do \
grep ^$(basename $i): /etc/passwd &>/dev/null || rm -rvf $i ; \
done

Resetting Linux root password from single user mode


You should have console access to your physical machine such KVM,IPMI..etc.,

At the grub prompt press e to enter edit mode.

Select the second line press e again.

At the end of a similar entry, Your Grub entry will probablly not look the same as this.
kernel /vmlinuz-2.6.18-308.4.1.el5 ro root=/dev/sda3

Add init=/bin/sh (The steps so far should work on Debian/Ubuntu servers although with Ubuntu you might need to use /bin/bash instead of /bin/sh)
kernel /vmlinuz-2.6.18-308.4.1.el5 ro root=/dev/sda3 init=/bin/sh

Now press the enter key and then b to boot.

This will take you into single user mode.

Now mount the root partition in read and write mode so that the changes can be commited.
# mount -o remount,rw /

Once the file system is mounted type the following.
# passwd root
You will prompted for the new password and then to confirm.

Job done reboot.

Query package owning FILE rpm


sometimes when you try to install a linux command which gives you the below. For instance lets install replace command.
# yum install replace
No package replace available.

It means that there is no such a package is available. But it belongs to software package. To know about which software is owning that command, please login to a server which has replace command installed and run this below.
# rpm -qif /usr/bin/replace
Name        : MySQL-server                 Relocations: (not relocatable)
Version     : 5.0.96                            Vendor: MySQL AB

So all we need to do is.
# yum install mysql-server

Now you should be ready to use replace command on your server.

How to create a Linux Swap Partition


Creating swap file
A swap file can be created and mounted using the dd command. Say for example you need are planning to add 1 GB extra space for your swap memory.
   # dd if=/dev/zero of=/usr/local/extraswap bs=1M count=1024

After that you need to use the mkswap to format the file to swap file sytem.
   # mkswap /usr/local/extraswap

Then use the swapon command to enable the new swap file.
   # swapon /usr/local/extraswap

Check the swap memory using free -m command and confirm it with
   # swapon -s

To load the swap file on the next boot. Just edit the /etc/fstab and add the following lines.
   /usr/local/extraswap none   swap   defaults  0   0

Save and exit, make sure you have made the backup of /etc/fstab before adding the lines.

Cron: pam unix (cron:session): session opened/closed for user root by (uid=0)


Go to the /etc/pam.d directory.

Open the file common-session-noninteractive in an editor.

Look for the following line:
   session required pam_unix.so

Above this line, add the following:
   session [success=1 default=ignore] pam_succeed_if.so service in cron quiet use_uid
   Save the file and exit.

and that should do it!

Hope this helps :)

Linux runlevels


Linux has 6 different runlevels all which have there seperate configuration.

Runlevel – System State
0 – Halt the system
1 – Single-user mode
2 – Multi-user mode (without NFS)
3 – Multi-user mode (cli)
4 – unused/reserved
5 – Multi-user mode, graphical login
6 – Reboot the system

runlevels may vary from distro to distro but this is usually only levels 2 and 4 which are usually reserved.

To change the current runlevel from command line
# init runlevel

Examples
reboot the system.
#  init 6

Start a gui when booted into terminal (switching from runlevel 3 to runlevel 5).
#   init 5

Shutdown the system.
#  init 0

Contolling startup scripts using chkconfig


chkconfig examples Linux a guide to controlling which services start during boot.

Listing current chkconfig settings.
# chkconfig --list

Add a service to the startup list if not already there. In this example vsftpd.
# chkconfig --add vsftpd

To set the service to start during boot (Will add to runlevels 2,3,4 and 5).
# chkconfig vsftpd on

To add to a specific runlevel 3 in this example.
# chkconfig --level 3 vsftpd on

To disable a service on boot will turn to off for all runlevels.
# chkconfig vsftpd off

To disable at a specific runlevel.
# chkconfig --level 3 vsftpd off

To remove a service from the chkconfig setup.
# chkconfig  --del vsftpd


CPanel Backup via remote FTP bash script


 cPanel Backup via remote FTP -- This script will generate full cpbackup and then copy it to the remote ftp server. You can also use SCP as an alternate backup transfer method. Simply made the changes in transfer mode and the port no(i.e, MODE and PORT)

 #!/bin/bash
 #cPanel info -- host that is being backed up
 CP_USERNAME=username
 CP_PASSWORD=password
 CP_DOMAIN=domainname or ip
 CP_SKIN=x3 # plain "x" is probably the most common one
 #FTP info -- host to receive the backup file
 CP_FTP_USER=username
 CP_FTP_PASS=password
 CP_FTP_HOST=domainname or ip
 PORT=port
 # backup transfer mode
 MODE=ftp
 # email address for sending notification after backup is completed
 CP_EMAIL=webmaster@example.com
 # target directory on remote host; do not include domain names in this one
 CP_FTP_BACKUP_ROOT=/home/$CP_FTP_USER
 # initiate backup (the following command should be on one line)
 curl --silent --insecure --user $CP_USERNAME:$CP_PASSWORD -d
 "dest=$MODE&email;=$CP_EMAIL&server;=$CP_FTP_HOST&user;=$CP_FTP_USER&pass;=$CP_FTP_PASS&port;=$PORT&rdir;=$CP_FTP_BACKUP_ROOT"
 https://$CP_DOMAIN:2083/frontend/$CP_SKIN/backup/dofullbackup.html > /dev/null
 # gets curl return code
 CURL_EXIT=$?
 # curl encountered an error
 if [ $CURL_EXIT -gt 0 ]; then
 echo curl returned exit status $CURL_EXIT - see curl manual pages for more details
 exit 69
 fi
 # everything ok
 exit 0

Ionice command


CFQ I/O disk elevator includes a tool called ionice which helps the administrator to assign priorities on a process level to speed up or to restrict the disk subsystem utilization of a specific process. For example if you want to run a rsync command or script to backup your files either locally or remotely just use ionice alone with the rsync syntax to speed up or restrict the rsync process.

Note : ionice is packed with util-linux rpm.

Ionice priorities

IDLE : A process with the assigned I/O priority idle will only be granted access to the disk subsystems if no other processes with a priority of best-effort or higher request access to data. Very useful to run tasks suck as updatedb.

BEST-EFFORT: As a default all processes that do not request a specific I/O priority are assigned to this class. Processes will inherit 8  levels of the priority of their respective CPU nice level to the I/O priority class.

REAL TIME: The highest available I/O priority is real time meaning that the respective process will always be given priority access to the  disk subsystem. The real time priority setting can also accept 8 priority levels.

The ionice tool accepts the following options:
-c  I/O priority1 for real time, 2 for best-effort, 3 for idle
-n  I/O priority class data 0 to 7
-p process id of a running task, use without -p to start a task with the respective I/O priority

Ionice examples
To assign an idle I/O priority to the running process with the PID for example 2939.
# ionice -c3 -p2939

To start an command/process with idle I/O priority (for example updatedb)
# ionice -c3 updatedb &

Speeding up the disk dumps using best effort scheduling (2) and 7 priority
 # ionice -c2 -n7 PID (or) /path/backupscript.sh

Once you have scheduled the I/O priority you can check it using (for example PID 2939)
# ionice -p 2939

Thursday 7 March 2013

Install webpay module for WHMCS


Steps:
Prepare the server with all the bits we need, most should already be installed if not all!
# yum install swig
# yum install gcc gcc-c++ autoconf automake
# yum install sed

Download your SDK to say the /root directory then decompress the taball
# wget http://www.ipg.stgeorge.com.au/downloads/StGeorgeLinuxAPI-3.3.tar.gz
# tar -xzvf StGeorgeLinuxAPI-3.3.tar.gz
# cd webpaySWIG-3.3

Edit the config within the makefilePhp5 file as follows:
# vi makefilePhp5

Now edit the values as below but NOTE: your directory location can be different from what I’ve used, using phpinfo() should reveal the correct extension directory.
PHP_EXTENSIONS  = /usr/local/lib/php/extensions/no-debug-non-zts-20090626/ - Line 33
PHP_INCLUDE_DIR = /usr/include/php/ – Line 37
LIB_LOCATION should be the same at PHP_EXTENSIONS and the makefile is scoped this way, if it’s not then change it.
Run the below command:
# make -f makefilePhp5

This will build the API for php on your server
Then add the library extension to your servers php.ini file.
extension=webpay_php.so
Note: phpinfo page should shows the webpay module information.
Alternatively try running this below command from shell to make sure we are good.
root@server[~]# php -i | grep webpay_php
Webpay PHP Library => webpay_php.so

That's all :)
For more info check this below links:
http://www.bradward.com.au/how-to-installing-webpay-st-george-ipg-on-a-cpanel-server/50
https://www.ipg.stgeorge.com.au/downloads/Linux_API_Developer_Guide_v3.3.pdf

Finding Load causing connections and users


Following are some useful script you can use for finding the user that is causing the load and for finding the procees,ip which has high cpu usage.

To check number of IPs connected to port 80
# netstat -tn 2>/dev/null | grep ':80 ' | awk '{print $5}' |sed -e 's/::ffff://' | cut -f1 -d: | sort | uniq -c | sort -rn | head

To list number of connections to domains in the server
# /usr/bin/lynx -dump -width 500 http://127.0.0.1/whm-server-status | awk  'BEGIN { FS = ” ” } ; { print $12 }' | sed '/^$/d' | sort | uniq -c | sort -n

To list the Busiest Site in the server
# /usr/bin/lynx -dump -width 500 http://127.0.0.1/whm-server-status | grep GET | awk '{print $12}' | sort | uniq -c | sort -rn | head

To list the Busiest Script running on the server
# /usr/bin/lynx -dump -width 500 http://127.0.0.1/whm-server-status | grep GET | awk '{print $14}' | sort | uniq -c | sort -rn | head

To list the most running process in the server
# ps aux | awk '{print $1}' | sort | uniq -c | sort -nk1 | tail -n5

To list the total process running by the users
# ps aux | awk '{print $1}' | sort | uniq -c | sort -nk1

When we see the process in the top result with “php” or “/usr/bin/php”, we can find the directory it is working with. You can use,
# for i in `ps -ef | awk '/php/{print $2}'`; do ls -l /proc/${i}/cwd; done

We can even check this dynamically with in a particular time limit, say 5 sec. We can use it as below.
# while true; do clear; for i in `ps -ef | awk '/php/{print $2}'`;do ls -l /proc/${i}/cwd; done; sleep 5; done

Restrict SSH access based on time


Restricting access to services is a common task that most system administrators need to do in the course of their work. There is more than one way to do this with Linux (see man motd and man issue), but it just so happens that PAM (Pluggable Authentication Modules) will let you do both of the tasks you are trying to accomplish. PAM is a powerful and versatile system that allows any program compiled with it to use its modules for authentication, accounting, etc. Each program has its own configuration file in /etc/pam.d. This is what /etc/pam.d/sshd looks like by default:
vi  /etc/pam.d/sshd
#%PAM-1.0
auth      required pam_stack.so
service=system-auth
auth      required pam_nologin.so
account required pam_stack.so
service=system-auth
password required pam_stack.so
service=system-auth
session required pam_stack.so
service=system-auth
session required pam_loginuid.so

Add pam_time.so module at the top as like below:

#%PAM-1.0
account required pam_time.so
auth      required pam_stack.so
service=system-auth
auth      required pam_nologin.so
account required pam_stack.so
service=system-auth
password required pam_stack.so
service=system-auth
session required pam_stack.so
service=system-auth
session required pam_loginuid.so
session required pam_motd.so
motd=/etc/sshmotd

Now all you need to do is put the message of the day in /etc/sshmotd and add the following to /etc/security/time.conf:
sshd;*;*;!Al0200-0400

You should be very careful with PAM, as it is a very powerful authentication mechanism that can lock even root out of the system. I recommend that you first try any changes in a testing environment.
Reference link : http://www.tuxradar.com/answers/283

delist a domain which is blackisted by google


When searching some domains in google we get an alert as “This site may harm your computer” in the search results. This shows that the domain is blacklisted by google. Another way to check whether the site is blacklisted is using the free site : sitecheck.sucuri.net Search the domain in question in this site and get the results of whether the site is listed or not.
Steps to request google to review the domain in question :

1. This can be done using google webmaster tool. For that visit the link : https://www.google.com/webmasters/tools . Login using the username and password of the google account you have.

2. After login, you can find an “Add a site” option in that page. Click that and enter the domain which is blacklisted. Hit continue.

3. Now we must follow some verification steps to confirm that we are the actual owners/admins of that website. For that, you need to first download/copy a code that is generated. Click on the link “Download this HTML verification file” and open the download file in text pad. You will see a code of the following format:
google-site-verification: google960dbe738c464611.html

4. Create a file named google960dbe738c464611.html in the public_html of the blacklisted domain and copy the above code into that file. Save contents of file. Change the ownership of that file to that particular user.

5. Then in webmaster tool, hit the “Verify” button. This will make a successful verification of the site.

6. After the verification process is complete on the left side of the webmaster tool window, select the option “Health” and then the option “Malware”. Clicking that will display the reason why google blocked that site. Try to clear the malware alerts in that page. After that on top there is an option “Request a Review”. Hit that for google to review the site again. Usually google bots does the review in a day and if the site contents are free from malware it will be white-listed.

Using parted


How to create a disk partition on a disk greater than 2TB in size.

Fdisk command does not supports partitioning of disk that has greater than 2 TB size. The parted tool supports GPT disk labels which can be used on disks larger than 2TB.
The example below demonstrates how to create a 5TB partition:

1. Use the parted tool to access the partition table of the device:

# parted /dev/sda
Using /dev/sda
Welcome to GNU Parted! Type ‘help’ to view a list of commands.
(parted)

2. Once at the parted prompt, create a GPT label on the disk:
(parted) mklabel
Warning: The existing disk label on /dev/sdj will be destroyed and all data on this disk will be lost. Do you want to continue?
Yes/No? Yes
New disk label type?  [gpt]? gpt
(parted)

Note: This will remove any existing partition table and partitions on the device.

3. Use the print command to show the size of the disk as reported by parted.  We need this later:
(parted) print
Model: Linux device-mapper (dm)
Disk /dev/sda: 5000GB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Number  Start  End  Size  File system  Name  Flags

4. Create a primary partition on the device.  In this example, the partition will encompass the entire disk (using size from the step above):
(parted) mkpart primary 0 5000GB

5. Unlike fdisk, you do not have to write out the partition table changes with parted.  Display your new partition and quit.
(parted) print
Model: Linux device-mapper (dm)
Disk /dev/mapper/VolGroup00-gpttest: 5000GB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Number  Start   End          Size         File system  Name     Flags
1      17.4kB  5000GB  5000GB               primary
(parted) quit

Information: Don’t forget to update /etc/fstab, if necessary.

6. You can now create a filesystem on the device /dev/sda1

7. Use mkfs.ext3 to make ext3 partition.

 mkfs.ext3 /dev/sda1

Autoftpbackup configuration on openvz


A complete details about autoftpbackup can be found from -- http://wiki.solusvm.com/Automated_Backups
Steps:

Admincp >> Nodes > List > Manage Node (On the Node you wish to backup) > Auto FTP Backup.

Under FTP Server Settings
Profile         --> make it default
IP or Hostname  --> FTP server ip
Username        --> FTP user name
Password        --> FTP user password
Port            --> FTP server port, usually port 21
Passive         --> leave it as it is.
Directory       --> / is default

Under Backup Settings
Enabled                      --> Turn backup ON or OFF
Frequency                    --> Run the backup every day, week or month
Run Time                     --> 00-23 hours, 00-59 mins
Day                          --> Only required for weekly
Day of Month                 --> Only required for monthly
Rotation                     --> How many backups per vps you want to keep
Ionice Priority              --> 0: High - 7: Low. Default is 4
Ionice Class                 --> 1: realtime, 2: best-effort, 3: idle. Default is 2
Nice                         --> Niceness range from -20 to 19 (least favorable). Default is 19
Xen HVM/KVM Compression Type --> bzip2 or pbzip2  
pbzip2 Threads (Xen/KVM)     --> 1
OpenVZ Backup Type           --> Online
KVM/Xen Backup Type          --> Online
OpenVZ Temp Directory        --> Default: /vz/dump
KVM/Xen Temp Directory       --> Default: /tmp
Exclude VPS                  --> CTRL + Click to select multiple

Then click "update"

If you want to run this now, Login into main node and then run
# /usr/bin/php /usr/local/solusvm/includes/autoftpbackup.php

This will take backup of your vps and stored to the FTP server.
Restoring backups can be done via CLI on the node in question. To start a restore, do the following in SSH:
# /scripts/ftp-restore

When asked, enter the vserver id of the vps you want to restore as shown in SolusVM.
Please note: If the VPS has been removed from SolusVM then you will need to create a New VPS for the client and run the following command:
# /usr/sbin/vzdump --restore /path/to/backup/file NEW-CONTAINER-ID

That's all :)

How to clear Semaphore queues in server


1) Check ipcs
# ipcs

2) Use the following script to clear Semaphore queue
# for i in `ipcs -s | awk '{print $2}'`; do (ipcrm -s $i); done

3) Check ipcs again
# ipcs

apche variables: optimize and speed up your server by more than 20%


The Apache’s configuration file is located at “/usr/local/apache/conf/httpd.conf” in a cPanel server

Timeout
This directive “Timeout” is used to define the amount of time Apache will wait for a GET, POST, PUT request and ACKs on transmissions before automatically disconnect when idle time exceeds this value. The ideal value will be 120 in heavily loaded servers. It is recommended to set this value lower if your clients have low latencies. Some time, setting this directive to a low value may pause problem, this highly depend on your network and server setup. The best is to experiment with different values to find the one that fit your need.

KeepAlive
This directive “KeepAlive” if set to “On”, enables persistent connections on the web server. For better performance, it’s recommended to set this option to “On” and allow more than one request per connection.

MaxKeepAliveRequests
This directive is used to define the number of requests allowed per connection when the KeepAlive option above is set to “On”. When the value of this option is set to “0″ then unlimited requests are allowed on the server. For server performance, it’s recommended to allow unlimited requests.

KeepAliveTimeout
This directive is used to define how much time, in seconds, Apache will wait for a subsequent request before closing the connection. Once a request has been received, the timeout value specified by the “Timeout” directive applies. The value of “10″ seconds is a good average for server performance. This value should be kept low as the socket will be idle for extended periods otherwise.

MaxClients
This directive is used to define the limit on the number of child processes that will be created to serve requests. The default means that up to 512 HTTP requests can be handled concurrently. This is an important tuning parameter regarding the performance of the Apache web server. For high load operation, a value of “512″ is recommended. For standard use, you can set the value to “256″.

MinSpareServers
This directive is used to define the minimum number of idle child server processes that should be created. An idle process is one which is not handling a request. If there are fewer than “MinSpareServers” idle, then the parent process creates new children at a maximum rate of 1 per second. The idle value is 10
MaxSpareServer
This directive is used to define the maximum number of idle child server processes that should be created. If there are more than “MaxSpareServers” idle child processes, then the parent process will kill off the excess processes and these extra processes will be terminated.The idle value is 15.

MaxRequestsPerChild
This option “MaxRequestsPerChild” is used to define the number of requests that an individual child server process will handle. Set this directive to “0″ to get the maximum performance and scalability for the server.

HostnameLookups
This directive if set to “Off”, specifies to disable DNS lookups. It’s recommended to set this option to “Off” in order to avoid latency to every request, to save the network traffic time, and to improve the performance of your Apache web server.