There could also be a problem with the server’s session.save_path

New joomla install would show following:

An error has occurred.:Cookies do not appear to be enabled on your browser client. You will not be able to install the application with this feature disabled. Alternatively, there could also be a problem with the server’s session.save_path. If this is the case, please consult your hosting provider if you don’t know how to check or fix this yourself.

and

existing admin login to  joomla installations were not authenticating.

Soln=====>

Compare the following in php.ini

Working configuration
#############################

[root@server  root]# grep session. /usr/local/lib/php.ini
session.save_handler = files
; variable in order to use PHP’s session functions.
;     session.save_path = “N;/path”
; where N is an integer.  Instead of storing all the session files in
; store the session data in those directories.  This is useful if you
; a more efficient layout for servers that handle lots of sessions.
;         You can use the script in the ext/session dir for that purpose.
;         use subdirectories for session storage
;session.save_path = /tmp
session.use_cookies = 1
; attacks which involve passing session ids in URLs; defaults to 0.
; session.use_only_cookies = 1
; Name of the session (used as cookie name).
session.name = PHPSESSID
; Initialize session on request startup.
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.serialize_handler = php
; on every session initialization.
session.gc_probability = 1
session.gc_divisor     = 100
session.gc_maxlifetime = 1440
; NOTE: If you are using the subdirectory option for storing session files
;       (see session.save_path above), then garbage collection does *not*
;       setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
;          cd /path/to/sessions; find -cmin +24 | xargs rm
; to initialize a session variable in the global scope, albeit register_globals
session.bug_compat_42 = 1
session.bug_compat_warn = 1
; HTTP_REFERER has to contain this substring for the session to be
session.referer_check =
session.entropy_length = 0
; Specified here to create the session id.
session.entropy_file =
;session.entropy_length = 16
;session.entropy_file = /dev/urandom
session.cache_limiter = nocache
session.cache_expire = 180
; – User may send URL contains active session ID
; – URL that contains active session ID may be stored
; – User may access your site with the same session ID
session.use_trans_sid = 0
[root@server root]#

Things to check for
##########################

1) check that the above are set and check that:

2) /tmp has permissions 1777

3) /dev/urandom exists, if not create it with following commands:
mknod -m 644 /dev/urandom c 1 9
chown root:root /dev/random /dev/urandom

4) uncomment
;session.save_path = /tmp
in php.ini , if the sessions folder is not /tmp ( by default for cpanel server installation it is /tmp , however if php/apache is installed on a plain server, the sessions folder is usually /var/lib/php/sessions or something)

Install Latest postgresql using yum from pgsqlrpms

##################################################

[root@server ~]# yum erase postgresql postgresql-server
[root@server ~]# wget http://yum.pgsqlrpms.org/reporpms/8.3/pgdg-centos-8.3-4.noarch.rpm
[root@server ~]# rpm -ivh pgdg-centos-8.3-4.noarch.rpm
[root@server ~]# yum install postgresql postgresql-server
[root@server ~]# chkconfig postgresql on
[root@server ~]# service postgresql initdb
[root@server ~]# chkconfig postgresql on && service postgresql start

[root@server ~]# /usr/bin/postgres –version
postgres (PostgreSQL) 8.3.4
[root@server ~]#

Set port and the interface to bind to

#########################################

vi /var/lib/pgsql/data/postgresql.conf

# – Connection Settings -

listen_addresses = ‘*’
port = 5432

NMAP

echo ” ========== Installing NMAP network Scanner ================= “
echo “…………………………………………………………………………………………………………………..”
echo “…………………………………………………………………………………………………………………..”

echo “Cleaning old nmap installation, if any “

yum -y remove nmap
echo “…………………………………………………………………………………………………………………..”
echo “Install beings “
yum -y install nmap

if [ -f /usr/bin/nmap ]
then

echo ” Nmap successfully installed”
sleep 2
echo ” Testing Nmap “
echo ” ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++”
sleep 3
/usr/bin/nmap localhost -v
sleep 5
else
echo ” Nmap faield to install”
fi

echo ” =========== Install NMAP network Scanner process completed  ===============”
echo “…………………………………………………………………………………………………………………..”
echo “…………………………………………………………………………………………………………………..”
echo “…………………………………………………………………………………………………………………..”

MySQL ERROR 1045 (28000): Access denied for user ‘root’@'localhost’ (using password: YES)

The other day I got this error on one of our servers. Fantastico module in cpanel was showing the error: Unable to connect to mysql database.  While mysql service was running fine, the root user was unable to login to mysql database. I initially tried to reset the mysql root password like http://rhcelinuxguide.wordpress.com/2008/08/08/reset-mysql-root-password/   but that did not help.  The real issue was permission on the folder /var/lib/mysql/mysql .  It is supposed to be 711 , while it was  751.  That fixed it.

==================================================================

root@server1 [~]# mysql
ERROR 1045 (28000): Access denied for user ‘root’@'localhost’ (using password: YES)
root@server1 [~]#

root@server1 [/var/lib/mysql/mysql]# ls -lhd /var/lib/mysql
drwxr-x–x 179 mysql mysql 12K Aug 25 01:44 /var/lib/mysql/

root@server1 [/var/lib/mysql/mysql]# chmod  711 /var/lib/mysql/mysql

root@server1 [/var/lib/mysql/mysql]# ls -lhd /var/lib/mysql/mysql
drwx–x–x 2 mysql mysql 4.0K Aug 25 01:32 /var/lib/mysql/mysql/

root@server1 [/var/lib/mysql/mysql]# service mysql restart
Shutting down MySQL..

[  OK  ]
Starting MySQL                                             [  OK  ]
root@server1 [/var/lib/mysql/mysql]# mysql
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.0.51a-community MySQL Community Edition (GPL)Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.

mysql> quit
Bye
root@server1 [/var/lib/mysql/mysql]#

==================================================================

Worked for me !

Virtuozzo Upgrade : Upgrading from Virtuozzo3 to Virtuozzo4

Upgrading from Virtuozzo 3 to Virtuozzo 4
================================

First of all refer to :  http://www.parallels.com/en/products/virtuozzo/easy-upgrade/ for detailed explanation. When I decided to upgrade, there was not much available except the above docs. I used the inbuilt vzup2date for the upgrade purpose.

First of all apply all updates on your current Virtuozzo 3 using vzup2date , by selecting udate for virtuozzo 3.0.x only. Once updates are applied, it also does a kernel upgrade. It will finally ask if you want to reboot. Just select finish, and dont reboot. It is better to reboot manually, so that you can swith back to old kernel, in case the new kernel panics or hang up during boot.

Step 1
===================================================

[root@vpsMainNode virtuozzo]# vzup2date

Apply all updates on your current Virtuozzo 3.
Select option reboot manually and dont hit the reboot option, just select finish.

Next,

Edit /etc/grub.conf  and change the option

default=0 to default=1 , so that the current kernel is selected in grub , instead of the new kernel , that was just installed.

Next we configure grub to boot the new kernel only for the next reboot. If the reboot does not go well and the system does not boot properly, do a hard reset ( ask your DC, if

reqd. ) and you will successfully boot into the last working kernel.

[root@vpsMainNode virtuozzo]# grub shell
Probing devices to guess BIOS drives. This may take a long time.

GNU GRUB  version 0.95  (640K lower / 3072K upper memory)

[ Minimal BASH-like line editing is supported.  For the first word, TAB
lists possible command completions.  Anywhere else TAB lists the possible
completions of a device/filename.]

grub> savedefault –default=0 –once
grub> quit

[root@vpsMainNode virtuozzo]#

Reboot the server. If all goes fine, and the server comes up with the new kernel, edit /etc/grub.conf  and change the option

default=1 to default=0

Next,

Run vzup2date again and select updates for Virtuozzo 3 , and go next , next to finish install ( select option manual reboot )
[root@vpsMainNode virtuozzo]# vzup2date

If all Virtuozzo 3 are already applied, you will see no more update available message.

Now that Virtuozzo 3 has all its latest stuff in its version, we will update Virtuozzo 3 to Virtuozzo 4.

Run vzup2date again,
[root@vpsMainNode virtuozzo]# vzup2date

This time, select Virtuozzo 4 for upgrades, do the usual next , next to apply updates. ( select option manual reboot )

This process will take some time depending on speed. Usually 20 to 60 minutes.

Again this will install a newer kernel, so

Next we configure grub to boot the new kernel only for the next reboot. If the reboot does not go well and the system does not boot properly, do a hard reset ( ask your DC, if

reqd. ) and you will successfully boot into the last working kernel.

[root@vpsMainNode virtuozzo]# grub shell
Probing devices to guess BIOS drives. This may take a long time.

GNU GRUB  version 0.95  (640K lower / 3072K upper memory)

[ Minimal BASH-like line editing is supported.  For the first word, TAB
lists possible command completions.  Anywhere else TAB lists the possible
completions of a device/filename.]

grub> savedefault –default=0 –once
grub> quit

[root@vpsMainNode virtuozzo]#

Reboot the server. If all goes fine, and the server comes up with the new kernel, edit /etc/grub.conf  and change the option

default=1 to default=0

Voila !   you have upgraded your server from Virtuozzo 3 to Virtuozzo 4. You will see that all nodes will work properly, start the nodes, if any active node is down in the usual

way.

[root@vpsMainNode virtuozzo]# vzctl start VE_ID

Note VE_ID is now also called as CT_ID ( container ID )

You will find that the Service VE ( now called as Service Container )  will fail to start. If not, then fine. You have nothing left to do , except running a vzup2date again and

apply any newer updates for one more time. If any new kernel is installed , then modify grub.conf as already discussed, while rebooting.

In case Service VE ( now called as Service Container )  fails to start or does not start, you will be unable to access your virtuozzo control panel.

Note , I destroyed old Service VE and recreated it, if for any reason, you want backup of old service , you might chose to make a backup of it.

Here is what I did to install the service CT
###############################################
[root@vpsMainNode virtuozzo]# vzctl destroy 1
[root@vpsMainNode virtuozzo]# cd /root/
[root@vpsMainNode virtuozzo]# wget http://download.parallels.com/virtuozzo/virtuozzo4.0/linux/iso/lin-i386.iso
[root@vpsMainNode virtuozzo]# mkdir /mnt/iso
[root@vpsMainNode virtuozzo]# mount -o loop lin-i386.iso /mnt/iso
[root@vpsMainNode virtuozzo]# vzsveinstall -D /mnt/iso -s xx.yy.zz.IP

[root@vpsMainNode virtuozzo]# vzlist -a | grep CT
CTID      NPROC STATUS    IP_ADDR         HOSTNAME
1         77 running   xx.yy.zz.IP  ServiceCT
[root@vpsMainNode virtuozzo]#

[root@vpsMainNode virtuozzo]# lsof  -i :4643
COMMAND   PID   USER   FD   TYPE   DEVICE SIZE NODE NAME
vzaproxy  531   root    4u  IPv4 10286471       TCP *:4643 (LISTEN)
vzcp      591   root    4u  IPv4 10286403       TCP *:4643 (LISTEN)
vzcp      595 apache    4u  IPv4 10286403       TCP *:4643 (LISTEN)
vzcp      596 apache    4u  IPv4 10286403       TCP *:4643 (LISTEN)
vzcp     3004 apache    4u  IPv4 10286403       TCP *:4643 (LISTEN)
[root@vpsMainNode virtuozzo]#

[root@vpsMainNode virtuozzo]# vzctl  restart 1
Restart Container
Stopping Container …
Container was stopped
[  OK  ] down vzagent: [  OK  ]
[  OK  ] vzagent: [  OK  ]
Container is unmounted
Starting Container …
Starting vzagent: [  OK  ]
Starting vzagent: [  OK  ]
Container is mounted
Setting devperms 20006 dev 0×7d00
Adding IP address(es): xx.yy.zz.IP
Hostname for Container set: ServiceCT
File resolv.conf was modified
Container start in progress…

[root@vpsMainNode virtuozzo]# vzlist  -a | grep CT
CTID      NPROC STATUS    IP_ADDR         HOSTNAME
1         77 running   xx.yy.zz.IP  ServiceCT
[root@vpsMainNode virtuozzo]#

[root@vpsMainNode log]# cd /root/
[root@vpsMainNode ~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda2             9.9G  4.1G  5.3G  44% /
/dev/sda1             494M   81M  388M  18% /boot
none                  4.0G     0  4.0G   0% /dev/shm
/dev/sda3             448G  267G  158G  63% /vz
/dev/sdb1             459G  123G  313G  29% /backup
/root/lin-i386.iso    582M  582M     0 100% /mnt/iso

[root@vpsMainNode ~]# mkdir /root/virt4_source
[root@vpsMainNode ~]# cp -r /mnt/iso/* /root/virt4_source/
[root@vpsMainNode ~]# umount /mnt/iso

[root@vpsMainNode ~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda2             9.9G  4.7G  4.8G  50% /
/dev/sda1             494M   81M  388M  18% /boot
none                  4.0G     0  4.0G   0% /dev/shm
/dev/sda3             448G  267G  158G  63% /vz
/dev/sdb1             459G  123G  313G  29% /backup
[root@vpsMainNode ~]#

Congrats !!! , now that you have got the Service Container Up and Running, time to explore/enjoy the new looks in Virtuozzo 4 control panel.

Reset MySQL Root Password

[root@dedicated08 ~]# lsof -i :3306
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
mysqld 31792 mysql 3u IPv4 434089 TCP *:mysql (LISTEN)
[root@dedicated08 ~]# kill -9 31792
[root@dedicated08 ~]# /etc/init.d/mysql start
Mysql Started

[root@dedicated08 ~]# mysql
Access denied for user ‘root’@'localhost’ (using password: NO)

[root@dedicated08 ~]# /etc/init.d/mysql stop

[root@dedicated08 ~]# mysqld_safe –skip-grant-tables &

[root@dedicated08 ~]#
[root@dedicated08 ~]# mysql -u root
mysql>
mysql> use mysql;
mysql> update user set password=PASSWORD(“NEW-ROOT-PASSWORD”) where
User=’root’;
mysql> flush privileges;
mysql> quit

NEW-ROOT-PASSWORD above is whatever password you want to set.

[root@dedicated08 ~]# # /etc/init.d/mysql stop
[root@dedicated08 ~]# lsof -i :3306
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
mysqld 31792 mysql 3u IPv4 434089 TCP *:mysql (LISTEN)
[root@dedicated08 ~]# kill -9 31792
[root@dedicated08 ~]# fuser -k /usr/bin/mysqld_safe ( in
case you see mysql process is still running )

[root@dedicated08 ~]# vi /root/.my.cnf
[root@dedicated08 ~]# cat /root/.my.cnf
[client]
user=”root”
pass=”NEW-ROOT-PASSWORD”
[root@dedicated08 ~]#

[root@dedicated08 ~]# service mysql restart

[root@dedicated08 ~]# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1 to server version: 4.1.21-standard-log

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.

mysql> quit
Bye
[root@dedicated08 ~]#

hwclock – query and set the hardware clock

set the system time from the hardware clock

============================================

root@s1 [~]# /sbin/hwclock –hctosys
root@s1 [~]#

set the hardware clock to the current system time

============================================

root@s1 [~]# /sbin/hwclock –systohc
root@s1 [~]#

root@s1 [~]# /sbin/hwclock –help
hwclock – query and set the hardware clock (RTC)

Usage: hwclock [function] [options...]

Functions:
–help        show this help
–show        read hardware clock and print result
–set         set the rtc to the time given with –date
–hctosys     set the system time from the hardware clock
–systohc     set the hardware clock to the current system time
–adjust      adjust the rtc to account for systematic drift since
the clock was last set or adjusted
–getepoch    print out the kernel’s hardware clock epoch value
–setepoch    set the kernel’s hardware clock epoch value to the
value given with –epoch
–version     print out the version of hwclock to stdout

Options:
–utc         the hardware clock is kept in coordinated universal time
–localtime   the hardware clock is kept in local time
–directisa   access the ISA bus directly instead of /dev/rtc
–badyear     ignore rtc’s year because the bios is broken
–date        specifies the time to which to set the hardware clock
–epoch=year  specifies the year which is the beginning of the
hardware clock’s epoch value
–noadjfile   do not access /etc/adjtime. Requires the use of
either –utc or –localtime

iptables string match to drop malicious urls

iptables string match to drop malicious urls

==================================

Usually modsecurity rules can help filter many malicious url attack patterns combined with apache on apache port (http|https).  But what if a malicious attack using a vulnerable url pattern, that exposes or tries to break into your system is coming onto another port?

This is where iptables string match comes in handy.

/usr/local/sbin/iptables -I INPUT -p tcp -s 0.0.0.0/0 -m string –string “download?file=%2e%2e” –algo bm -j DROP

[root@server ~]# iptables -L -v | grep STR
73 49908 DROP       tcp  –  any    any     anywhere             anywhere            STRING match “download?file=%2e%2e” ALGO name bm TO 65535

[root@server ~]#

The above iptable rule will block any url  that has the string “download?file=%2e%2e” on any port on your server.

Note: your iptables binary path may be /sbin/iptables

Say http://yourserverIP:9132/blah/download?file=%2e%2e

Rename a username , groupname and its homedirectory with usermod

Rename user 7777777 ’s name, groupname and homedir to 88888888 with usermod

root@server1 [/home]# useradd 7777777
root@server1 [/home]#
root@server1 [/home]# grep 7777777 /etc/passwd
7777777:x:32147:32148::/home/

7777777:/bin/bash
root@server1 [/home]#
root@server1 [/home]# grep 7777777 /etc/group
7777777:x:32148:
root@server1 [/home]#
root@server1 [/home]# usermod -d /home/88888888 7777777
root@server1 [/home]#
root@server1 [/home]# grep 7777777 /etc/passwd
7777777:x:32147:32148::/home/88888888:/bin/bash
root@server1 [/home]#

************************************************************************************************************
root@server1 [/home]# rm -fr /home/7777777/        OR  you can mv /home/7777777 /home/88888888, if you want
************************************************************************************************************

root@server1 [/home]# usermod -l 88888888 7777777
failed to rename mailbox: File exists
root@server1 [/home]#

root@server1 [/home]# grep 7777777 /etc/passwd

root@server1 [/home]# grep 88888888 /etc/passwd
88888888:x:32147:32148::/home/88888888:/bin/bash
root@server1 [/home]#

root@server1 [/home]# groupmod -n 88888888 7777777
root@server1 [/home]#

root@server1 [/home]# grep 7777777 /etc/group

root@server1 [/home]#
root@server1 [/home]# grep 88888888 /etc/group
88888888:x:32148:
root@server1 [/home]#

create a directory with different permission mode

—————————————————————
[root@server ~]# mkdir /root/test1 -v -m 1777
mkdir: created directory `/root/test1′
[root@server ~]# ls -lhd /root/test1
drwxrwxrwt  2 root root 4.0K Jul 29 01:42 /root/test1
[root@server ~]#

v = verbose, is not mandatory though

—————————————————————