Linux General | Linux Systems and Network Administration

Archive for the ‘Linux General’ Category

Missing Dependency: perl(URI)

November 10, 2010

Solution with an example below
###########################################

-bash-3.2# yum install subversion
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: centos.mirror.netriplex.com
* base: mirror.sanctuaryhost.com
* extras: mirror.steadfast.net
* updates: mirrors.serveraxis.net
addons                                                                                                                                           | 951 B     00:00
base                                                                                                                                             | 2.1 kB     00:00
extras                                                                                                                                           | 2.1 kB     00:00
updates                                                                                                                                          | 1.9 kB     00:00
Excluding Packages in global exclude list
Finished
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package subversion.i386 0:1.4.2-4.el5_3.1 set to be updated
–> Processing Dependency: perl(URI) >= 1.17 for package: subversion
–> Processing Dependency: neon >= 0.25.5-6.el5 for package: subversion
–> Processing Dependency: libneon.so.25 for package: subversion
–> Running transaction check
—> Package neon.i386 0:0.25.5-10.el5_4.1 set to be updated
—> Package subversion.i386 0:1.4.2-4.el5_3.1 set to be updated
–> Processing Dependency: perl(URI) >= 1.17 for package: subversion
–> Finished Dependency Resolution
subversion-1.4.2-4.el5_3.1.i386 from base has depsolving problems
–> Missing Dependency: perl(URI) >= 1.17 is needed by package subversion-1.4.2-4.el5_3.1.i386 (base)
Error: Missing Dependency: perl(URI) >= 1.17 is needed by package subversion-1.4.2-4.el5_3.1.i386 (base)
You could try using –skip-broken to work around the problem
You could try running: package-cleanup –problems
package-cleanup –dupes
rpm -Va –nofiles –nodigest
The program package-cleanup is found in the yum-utils package.

Solution
#########################
Get the latest perl-URI rpm from http://packages.sw.be/perl-URI/ and install it:

-bash-3.2# wget http://packages.sw.be/perl-URI/perl-URI-1.17-1.el2.rf.noarch.rpm
–2010-11-09 19:43:20– http://packages.sw.be/perl-URI/perl-URI-1.17-1.el2.rf.noarch.rpm
Resolving packages.sw.be… 85.13.226.40
Connecting to packages.sw.be|85.13.226.40|:80… connected.
HTTP request sent, awaiting response… 302 Found
Location: http://rpmforge.sw.be/redhat/el2.1/en/i386/rpmforge/RPMS/perl-URI-1.17-1.el2.rf.noarch.rpm [following]
–2010-11-09 19:43:20– http://rpmforge.sw.be/redhat/el2.1/en/i386/rpmforge/RPMS/perl-URI-1.17-1.el2.rf.noarch.rpm
Resolving rpmforge.sw.be… 85.13.226.40
Reusing existing connection to packages.sw.be:80.
HTTP request sent, awaiting response… 200 OK
Length: 94140 (92K) [application/x-rpm]
Saving to: `perl-URI-1.17-1.el2.rf.noarch.rpm’

100%[==============================================================================================================================>] 94,140 193K/s in 0.5s

2010-11-09 19:43:21 (193 KB/s) – `perl-URI-1.17-1.el2.rf.noarch.rpm’ saved [94140/94140]

-bash-3.2# rpm -ivh perl-URI-1.17-1.el2.rf.noarch.rpm
Preparing… ########################################### [100%]
1:perl-URI ########################################### [100%]

Dependencies Resolved

========================================================================================================================================================================
Package                                  Arch                               Version                                           Repository                          Size
========================================================================================================================================================================
Installing:
subversion                               i386                               1.4.2-4.el5_3.1                                   base                               2.3 M
Installing for dependencies:
neon                                     i386                               0.25.5-10.el5_4.1                                 base                               101 k

Transaction Summary
========================================================================================================================================================================
Install 2 Package(s)
Upgrade 0 Package(s)

Total download size: 2.4 M
Is this ok [y/N]: y
Downloading Packages:
(1/2): neon-0.25.5-10.el5_4.1.i386.rpm                                                                                                           | 101 kB     00:00
(2/2): subversion-1.4.2-4.el5_3.1.i386.rpm                                                                                                       | 2.3 MB     00:01
————————————————————————————————————————————————————————
Total                                                                                                                                   1.2 MB/s | 2.4 MB     00:02
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing     : neon                                                                                                                                             1/2
Installing     : subversion                                                                                                                                       2/2

Installed:
subversion.i386 0:1.4.2-4.el5_3.1

Dependency Installed:
neon.i386 0:0.25.5-10.el5_4.1

Complete!
-bash-3.2#

Posted in Linux Administration, Linux General, Linux Installation, Linux:- Tips & Tricks | Leave a Comment »

Automated Process monitoring during high server load

August 26, 2010

root@myServer [/root]# cat load-process-monitor.sh
#!/bin/bash

# Define Variables
DT=`date +”%A %b %e %r”`
HOSTNAME=`hostname`

# Create dir to store data
mkdir -p /opt/loadcheck/

# Retrieve the load average of the past 1 minute
LAVG=`uptime | awk {‘print $10}’ | cut -d. -f1`
LCURRENT=`uptime | awk {‘print $10,$11,$12}’`

# Define Threshold. This value will be compared with the current load average. Set the value as per your wish.
LIMIT=-1

# Compare the current load average with Threshold and email the server administrator if threshold is greater.

if [ $LAVG -gt $LIMIT ]
then

#Save the current running processes in a file
/bin/ps -auxf >> /opt/ps_output

echo “Current Time :: $DT. >> /tmp/loadmon.txt
echo “Current Load Average :: $LCURRENT. >> /tmp/loadmon.txt
echo “current processes list attached with the email 1 instance. >> /tmp/loadmon.txt
echo “Also check loadps.txt :: loadtop.txt :: netstat_all.txt :: netstat_port80.txt inside /opt/loadcheck/ on the server” >> /tmp/loadmon.txt
# Send email to support
/usr/bin/mutt -s “Server Load ALERT!!! High 1 minute load average on ‘$HOSTNAME’” -a /opt/ps_output support@somedomain.com > /opt/ps_output

echo “Current Time :: $DT” >> /tmp/loadmon.txt
echo “Current Load Average :: $LCURRENT” >> /tmp/loadmon.txt
echo “current processes list attached with the email 1 instance” >> /tmp/loadmon.txt
echo “Also check loadps.txt :: loadtop.txt :: netstat_all.txt :: netstat_port80.txt inside /opt/loadcheck/ on the server” >> /tmp/loadmon.txt
# Send email to support
/usr/bin/mutt -s ” Server Load ALERT ::: High 1 minute load average on ‘$HOSTNAME’ ” -a /opt/ps_output support@integrityhost.com > /opt/loadcheck/loadps.txt
echo “#########################################################################################################################” >> /opt/loadcheck/loadps.txt
/bin/top -c -n1 >> /opt/loadcheck/loadtop.txt
echo “#########################################################################################################################” >> /opt/loadcheck/loadtop.txt
/bin/netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n >> /opt/loadcheck/netstat_all.txt
echo “#########################################################################################################################” >> /opt/loadcheck/netstat_all.txt
/bin/netstat -alntp | grep :80 | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n >> /opt/loadcheck/netstat_port80.txt
echo “#########################################################################################################################” >> /opt/loadcheck/netstat_port80.txt

/bin/ps -auxf >> /opt/loadcheck/loadps.txt
echo “#########################################################################################################################” >> /opt/loadcheck/loadps.txt
/bin/top -c -n1 >> /opt/loadcheck/loadtop.txt
echo “#########################################################################################################################” >> /opt/loadcheck/loadtop.txt
/bin/netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n >> /opt/loadcheck/netstat_all.txt
echo “#########################################################################################################################” >> /opt/loadcheck/netstat_all.txt
/bin/netstat -alntp | grep :80 | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n >> /opt/loadcheck/netstat_port80.txt
echo “#########################################################################################################################” >> /opt/loadcheck/netstat_port80.txt

/bin/ps -auxf >> /opt/loadcheck/loadps.txt
echo “#########################################################################################################################” >> /opt/loadcheck/loadps.txt
/bin/top -c -n1 >> /opt/loadcheck/loadtop.txt
echo “#########################################################################################################################” >> /opt/loadcheck/loadtop.txt
/bin/netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n >> /opt/loadcheck/netstat_all.txt
echo “#########################################################################################################################” >> /opt/loadcheck/netstat_all.txt
/bin/netstat -alntp | grep :80 | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n >> /opt/loadcheck/netstat_port80.txt
echo ” ######################################################################################################################### ” >> /opt/loadcheck/netstat_port80.txt

# Remove residue logs
/bin/rm -f /tmp/loadmon.txt
/bin/rm -f /opt/ps_output

root@myServer [/root]#

Add a cron to run load-process-monitor.sh ( * * * * * /bin/sh /path-to/load-process-monitor.sh ) every min and when server load goes beyond 4, it will send you email and log some important details, which can help to some extent to find some pointers to load issue from process and netstat listings.

Posted in Linux Administration, Linux General, Linux Security, Linux:- Tips & Tricks, Monitoring, Tuning Linux | 4 Comments »

Error: Missing Dependency: perl(Convert::ASN1) is needed by package samba

April 1, 2010

Error
root@server276 [~]# yum -y install samba samba-client samba-common
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: hpc.arc.georgetown.edu
* base: mirror.trouble-free.net
* extras: ftp.lug.udel.edu
* rpmforge: apt.sw.be
* updates: mirror.clarkson.edu
Excluding Packages in global exclude list
Finished
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package samba.x86_64 0:3.0.33-3.15.el5_4.1 set to be updated
–> Processing Dependency: perl(Convert::ASN1) for package: samba
—> Package samba-client.x86_64 0:3.0.33-3.15.el5_4.1 set to be updated
—> Package samba-common.i386 0:3.0.33-3.15.el5_4.1 set to be updated
—> Package samba-common.x86_64 0:3.0.33-3.15.el5_4.1 set to be updated
–> Finished Dependency Resolution
samba-3.0.33-3.15.el5_4.1.x86_64 from updates has depsolving problems
–> Missing Dependency: perl(Convert::ASN1) is needed by package samba-3.0.33-3.15.el5_4.1.x86_64 (updates)
Error: Missing Dependency: perl(Convert::ASN1) is needed by package samba-3.0.33-3.15.el5_4.1.x86_64 (updates)
You could try using –skip-broken to work around the problem
You could try running: package-cleanup –problems
package-cleanup –dupes
rpm -Va –nofiles –nodigest
The program package-cleanup is found in the yum-utils package.

Soln

root@server276 [~]# wget http://dag.wieers.com/rpm/packages/perl-Convert-ASN1/perl-Convert-ASN1-0.21-2.el5.rf.noarch.rpm
root@server276 [~]# rpm -Uvh perl-Convert-ASN1-0.21-2.el5.rf.noarch.rpm
Preparing… ########################################### [100%]
1:perl-Convert-ASN1 ########################################### [100%]
root@server276 [~]# yum -y install samba samba-client samba-common
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: hpc.arc.georgetown.edu
* base: mirror.trouble-free.net
* extras: ftp.lug.udel.edu
* rpmforge: apt.sw.be
* updates: mirror.clarkson.edu
Excluding Packages in global exclude list
Finished
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package samba.x86_64 0:3.0.33-3.15.el5_4.1 set to be updated
—> Package samba-client.x86_64 0:3.0.33-3.15.el5_4.1 set to be updated
—> Package samba-common.i386 0:3.0.33-3.15.el5_4.1 set to be updated
—> Package samba-common.x86_64 0:3.0.33-3.15.el5_4.1 set to be updated
–> Finished Dependency Resolution

Dependencies Resolved

Transaction Summary
==============================================================================================================================================================
Install 4 Package(s)
Update 0 Package(s)
Remove 0 Package(s)

Total download size: 40 M
Downloading Packages:
(1/4): samba-client-3.0.33-3.15.el5_4.1.x86_64.rpm | 5.7 MB 00:03
(2/4): samba-common-3.0.33-3.15.el5_4.1.i386.rpm | 8.7 MB 00:03
(3/4): samba-common-3.0.33-3.15.el5_4.1.x86_64.rpm | 8.8 MB 00:02
(4/4): samba-3.0.33-3.15.el5_4.1.x86_64.rpm | 16 MB 00:04
————————————————————————————————————————————————————–
Total 2.7 MB/s | 40 MB 00:14
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : samba-common 1/4
Installing : samba-common 2/4
Installing : samba-client 3/4
Installing : samba 4/4

Installed:
samba.x86_64 0:3.0.33-3.15.el5_4.1 samba-client.x86_64 0:3.0.33-3.15.el5_4.1 samba-common.i386 0:3.0.33-3.15.el5_4.1
samba-common.x86_64 0:3.0.33-3.15.el5_4.1

Complete!
root@server276 [~]#

Posted in Advanced Commands, Linux Administration, Linux General, Linux:- Tips & Tricks, yum | 3 Comments »

There could also be a problem with the server’s session.save_path

June 9, 2009

New joomla install would show following:

An error has occurred.:Cookies do not appear to be enabled on your browser client. You will not be able to install the application with this feature disabled. Alternatively, there could also be a problem with the server’s session.save_path. If this is the case, please consult your hosting provider if you don’t know how to check or fix this yourself.

and

existing admin login to joomla installations were not authenticating.

Soln=====>

Compare the following in php.ini

Working configuration
#############################

[root@server root]# grep session. /usr/local/lib/php.ini
session.save_handler = files
; variable in order to use PHP’s session functions.
;     session.save_path = “N;/path”
; where N is an integer. Instead of storing all the session files in
; store the session data in those directories. This is useful if you
; a more efficient layout for servers that handle lots of sessions.
;         You can use the script in the ext/session dir for that purpose.
;         use subdirectories for session storage
;session.save_path = /tmp
session.use_cookies = 1
; attacks which involve passing session ids in URLs; defaults to 0.
; session.use_only_cookies = 1
; Name of the session (used as cookie name).
session.name = PHPSESSID
; Initialize session on request startup.
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.serialize_handler = php
; on every session initialization.
session.gc_probability = 1
session.gc_divisor     = 100
session.gc_maxlifetime = 1440
; NOTE: If you are using the subdirectory option for storing session files
;       (see session.save_path above), then garbage collection does *not*
;       setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
;          cd /path/to/sessions; find -cmin +24 | xargs rm
; to initialize a session variable in the global scope, albeit register_globals
session.bug_compat_42 = 1
session.bug_compat_warn = 1
; HTTP_REFERER has to contain this substring for the session to be
session.referer_check =
session.entropy_length = 0
; Specified here to create the session id.
session.entropy_file =
;session.entropy_length = 16
;session.entropy_file = /dev/urandom
session.cache_limiter = nocache
session.cache_expire = 180
; – User may send URL contains active session ID
; – URL that contains active session ID may be stored
; – User may access your site with the same session ID
session.use_trans_sid = 0
[root@server root]#

Things to check for
##########################

1) check that the above are set and check that:

2) /tmp has permissions 1777

3) /dev/urandom exists, if not create it with following commands:
mknod -m 644 /dev/urandom c 1 9
chown root:root /dev/random /dev/urandom

4) uncomment
;session.save_path = /tmp
in php.ini , if the sessions folder is not /tmp ( by default for cpanel server installation it is /tmp , however if php/apache is installed on a plain server, the sessions folder is usually /var/lib/php/sessions or something)

Posted in Apache, Linux Administration, Linux General, Linux:- Tips & Tricks, php | 1 Comment »

Install Latest postgresql using yum from pgsqlrpms

September 29, 2008

##################################################

[root@server ~]# yum erase postgresql postgresql-server
[root@server ~]# wget http://yum.pgsqlrpms.org/reporpms/8.3/pgdg-centos-8.3-4.noarch.rpm
[root@server ~]# rpm -ivh pgdg-centos-8.3-4.noarch.rpm
[root@server ~]# yum install postgresql postgresql-server
[root@server ~]# chkconfig postgresql on
[root@server ~]# service postgresql initdb
[root@server ~]# chkconfig postgresql on && service postgresql start

[root@server ~]# /usr/bin/postgres –version
postgres (PostgreSQL) 8.3.4
[root@server ~]#

Set port and the interface to bind to

#########################################

vi /var/lib/pgsql/data/postgresql.conf

# – Connection Settings -

listen_addresses = ‘*’
port = 5432

Posted in Advanced Commands, Linux Administration, Linux General, Linux:- Tips & Tricks, postgres, postgresql, sql, yum | 2 Comments »

NMAP

September 23, 2008

echo ” ========== Installing NMAP network Scanner ================= “
echo “…………………………………………………………………………………………………………………..”
echo “…………………………………………………………………………………………………………………..”

echo “Cleaning old nmap installation, if any “

yum -y remove nmap
echo “…………………………………………………………………………………………………………………..”
echo “Install beings “
yum -y install nmap

if [ -f /usr/bin/nmap ]
then

echo ” Nmap successfully installed”
sleep 2
echo ” Testing Nmap “
echo ” ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++”
sleep 3
/usr/bin/nmap localhost -v
sleep 5
else
echo ” Nmap faield to install”
fi

echo ” =========== Install NMAP network Scanner process completed ===============”
echo “…………………………………………………………………………………………………………………..”
echo “…………………………………………………………………………………………………………………..”
echo “…………………………………………………………………………………………………………………..”

Posted in Advanced Commands, Linux Administration, Linux General, Linux Security, Linux:- Tips & Tricks | Leave a Comment »

htaccess 302 ( temporary ) and 301 ( primary) redirects

August 22, 2008

There are permanent are temporary redirect methods that can be applied to .htaccess.

A permanent redirect will notify the visitor’s browser to update any bookmarks that are linked to the page that is being redirected. Temporary redirects will not update the visitor’s bookmarks.

Temporary Redirect ( 302 redirect )
########################################
RewriteEngine on

RewriteCond %{HTTP_HOST} ^domain.com$
RewriteRule ^/?$ “http\:\/\/www\.domain\.com” [R=302,L]

###

Permanent Redirect ( 302 redirect )

##########################################

RewriteEngine on

RewriteCond %{HTTP_HOST} ^domain.com$
RewriteRule ^/?$ “http\:\/\/www\.domain\.com” [R=301,L]

###

The above example will redirect domain.com to http://www.domain.com in browser.

Posted in Linux General, Linux:- Tips & Tricks, Uncategorized | 3 Comments »

Virtuozzo Upgrade : Upgrading from Virtuozzo3 to Virtuozzo4

August 18, 2008

Upgrading from Virtuozzo 3 to Virtuozzo 4
================================

First of all refer to : http://www.parallels.com/en/products/virtuozzo/easy-upgrade/ for detailed explanation. When I decided to upgrade, there was not much available except the above docs. I used the inbuilt vzup2date for the upgrade purpose.

First of all apply all updates on your current Virtuozzo 3 using vzup2date , by selecting udate for virtuozzo 3.0.x only. Once updates are applied, it also does a kernel upgrade. It will finally ask if you want to reboot. Just select finish, and dont reboot. It is better to reboot manually, so that you can swith back to old kernel, in case the new kernel panics or hang up during boot.

Step 1
===================================================

[root@vpsMainNode virtuozzo]# vzup2date

Apply all updates on your current Virtuozzo 3.
Select option reboot manually and dont hit the reboot option, just select finish.

Next,

Edit /etc/grub.conf and change the option

default=0 to default=1 , so that the current kernel is selected in grub , instead of the new kernel , that was just installed.

Next we configure grub to boot the new kernel only for the next reboot. If the reboot does not go well and the system does not boot properly, do a hard reset ( ask your DC, if

reqd. ) and you will successfully boot into the last working kernel.

[root@vpsMainNode virtuozzo]# grub shell
Probing devices to guess BIOS drives. This may take a long time.

GNU GRUB version 0.95 (640K lower / 3072K upper memory)

[ Minimal BASH-like line editing is supported. For the first word, TAB
lists possible command completions. Anywhere else TAB lists the possible
completions of a device/filename.]

grub> savedefault –default=0 –once
grub> quit

[root@vpsMainNode virtuozzo]#

Reboot the server. If all goes fine, and the server comes up with the new kernel, edit /etc/grub.conf and change the option

default=1 to default=0

Next,

Run vzup2date again and select updates for Virtuozzo 3 , and go next , next to finish install ( select option manual reboot )
[root@vpsMainNode virtuozzo]# vzup2date

If all Virtuozzo 3 are already applied, you will see no more update available message.

Now that Virtuozzo 3 has all its latest stuff in its version, we will update Virtuozzo 3 to Virtuozzo 4.

Run vzup2date again,
[root@vpsMainNode virtuozzo]# vzup2date

This time, select Virtuozzo 4 for upgrades, do the usual next , next to apply updates. ( select option manual reboot )

This process will take some time depending on speed. Usually 20 to 60 minutes.

Again this will install a newer kernel, so

Next we configure grub to boot the new kernel only for the next reboot. If the reboot does not go well and the system does not boot properly, do a hard reset ( ask your DC, if

reqd. ) and you will successfully boot into the last working kernel.

[root@vpsMainNode virtuozzo]# grub shell
Probing devices to guess BIOS drives. This may take a long time.

GNU GRUB version 0.95 (640K lower / 3072K upper memory)

[ Minimal BASH-like line editing is supported. For the first word, TAB
lists possible command completions. Anywhere else TAB lists the possible
completions of a device/filename.]

grub> savedefault –default=0 –once
grub> quit

[root@vpsMainNode virtuozzo]#

Reboot the server. If all goes fine, and the server comes up with the new kernel, edit /etc/grub.conf and change the option

default=1 to default=0

Voila ! you have upgraded your server from Virtuozzo 3 to Virtuozzo 4. You will see that all nodes will work properly, start the nodes, if any active node is down in the usual

way.

[root@vpsMainNode virtuozzo]# vzctl start VE_ID

Note VE_ID is now also called as CT_ID ( container ID )

You will find that the Service VE ( now called as Service Container ) will fail to start. If not, then fine. You have nothing left to do , except running a vzup2date again and

apply any newer updates for one more time. If any new kernel is installed , then modify grub.conf as already discussed, while rebooting.

In case Service VE ( now called as Service Container ) fails to start or does not start, you will be unable to access your virtuozzo control panel.

Note , I destroyed old Service VE and recreated it, if for any reason, you want backup of old service , you might chose to make a backup of it.

Here is what I did to install the service CT
###############################################
[root@vpsMainNode virtuozzo]# vzctl destroy 1
[root@vpsMainNode virtuozzo]# cd /root/
[root@vpsMainNode virtuozzo]# wget http://download.parallels.com/virtuozzo/virtuozzo4.0/linux/iso/lin-i386.iso
[root@vpsMainNode virtuozzo]# mkdir /mnt/iso
[root@vpsMainNode virtuozzo]# mount -o loop lin-i386.iso /mnt/iso
[root@vpsMainNode virtuozzo]# vzsveinstall -D /mnt/iso -s xx.yy.zz.IP

[root@vpsMainNode virtuozzo]# vzlist -a | grep CT
CTID NPROC STATUS IP_ADDR HOSTNAME
1 77 running xx.yy.zz.IP ServiceCT
[root@vpsMainNode virtuozzo]#

[root@vpsMainNode virtuozzo]# lsof -i :4643
COMMAND   PID   USER   FD   TYPE   DEVICE SIZE NODE NAME
vzaproxy 531   root    4u IPv4 10286471       TCP *:4643 (LISTEN)
vzcp      591   root    4u IPv4 10286403       TCP *:4643 (LISTEN)
vzcp      595 apache    4u IPv4 10286403       TCP *:4643 (LISTEN)
vzcp      596 apache    4u IPv4 10286403       TCP *:4643 (LISTEN)
vzcp     3004 apache    4u IPv4 10286403       TCP *:4643 (LISTEN)
[root@vpsMainNode virtuozzo]#

[root@vpsMainNode virtuozzo]# vzctl restart 1
Restart Container
Stopping Container …
Container was stopped
[ OK ] down vzagent: [ OK ]
[ OK ] vzagent: [ OK ]
Container is unmounted
Starting Container …
Starting vzagent: [ OK ]
Starting vzagent: [ OK ]
Container is mounted
Setting devperms 20006 dev 0x7d00
Adding IP address(es): xx.yy.zz.IP
Hostname for Container set: ServiceCT
File resolv.conf was modified
Container start in progress…

[root@vpsMainNode virtuozzo]# vzlist -a | grep CT
CTID NPROC STATUS IP_ADDR HOSTNAME
1 77 running xx.yy.zz.IP ServiceCT
[root@vpsMainNode virtuozzo]#

[root@vpsMainNode log]# cd /root/
[root@vpsMainNode ~]# df -h
Filesystem            Size Used Avail Use% Mounted on
/dev/sda2             9.9G 4.1G 5.3G 44% /
/dev/sda1             494M   81M 388M 18% /boot
none                  4.0G     0 4.0G   0% /dev/shm
/dev/sda3             448G 267G 158G 63% /vz
/dev/sdb1             459G 123G 313G 29% /backup
/root/lin-i386.iso    582M 582M     0 100% /mnt/iso

[root@vpsMainNode ~]# mkdir /root/virt4_source
[root@vpsMainNode ~]# cp -r /mnt/iso/* /root/virt4_source/
[root@vpsMainNode ~]# umount /mnt/iso

[root@vpsMainNode ~]# df -h
Filesystem            Size Used Avail Use% Mounted on
/dev/sda2             9.9G 4.7G 4.8G 50% /
/dev/sda1             494M   81M 388M 18% /boot
none                  4.0G     0 4.0G   0% /dev/shm
/dev/sda3             448G 267G 158G 63% /vz
/dev/sdb1             459G 123G 313G 29% /backup
[root@vpsMainNode ~]#

Congrats !!! , now that you have got the Service Container Up and Running, time to explore/enjoy the new looks in Virtuozzo 4 control panel.

Posted in Advanced Commands, Linux Administration, Linux General, Linux Installation, Linux:- Tips & Tricks, Tuning Linux, upgrade virtuozzo, Virtuozzo, virtuozzo 3 to 4, virtuozzo 3 to virtuozzo 4, virtuozzo 3 upgrade, virtuozzo upgrade, virtuozzo version upgrade | Leave a Comment »

hwclock – query and set the hardware clock

August 5, 2008

set the system time from the hardware clock

============================================

root@s1 [~]# /sbin/hwclock –hctosys
root@s1 [~]#

set the hardware clock to the current system time

============================================

root@s1 [~]# /sbin/hwclock –systohc
root@s1 [~]#

root@s1 [~]# /sbin/hwclock –help
hwclock – query and set the hardware clock (RTC)

Usage: hwclock [function] [options...]

Functions:
–help        show this help
–show        read hardware clock and print result
–set         set the rtc to the time given with –date
–hctosys     set the system time from the hardware clock
–systohc     set the hardware clock to the current system time
–adjust      adjust the rtc to account for systematic drift since
the clock was last set or adjusted
–getepoch    print out the kernel’s hardware clock epoch value
–setepoch    set the kernel’s hardware clock epoch value to the
value given with –epoch
–version     print out the version of hwclock to stdout

Options:
–utc         the hardware clock is kept in coordinated universal time
–localtime   the hardware clock is kept in local time
–directisa   access the ISA bus directly instead of /dev/rtc
–badyear     ignore rtc’s year because the bios is broken
–date        specifies the time to which to set the hardware clock
–epoch=year specifies the year which is the beginning of the
hardware clock’s epoch value
–noadjfile   do not access /etc/adjtime. Requires the use of
either –utc or –localtime

Posted in Advanced Commands, Linux Administration, Linux General, Linux:- Tips & Tricks | Leave a Comment »

iptables string match to drop malicious urls

August 5, 2008

iptables string match to drop malicious urls

==================================

Usually modsecurity rules can help filter many malicious url attack patterns combined with apache on apache port (http|https). But what if a malicious attack using a vulnerable url pattern, that exposes or tries to break into your system is coming onto another port?

This is where iptables string match comes in handy.

/usr/local/sbin/iptables -I INPUT -p tcp -s 0.0.0.0/0 -m string –string “download?file=%2e%2e” –algo bm -j DROP

[root@server ~]# iptables -L -v | grep STR
73 49908 DROP tcp – any any anywhere anywhere STRING match “download?file=%2e%2e” ALGO name bm TO 65535

[root@server ~]#

The above iptable rule will block any url that has the string “download?file=%2e%2e” on any port on your server.

Note: your iptables binary path may be /sbin/iptables

Say http://yourserverIP:9132/blah/download?file=%2e%2e

Posted in Advanced Commands, iptables, Linux Administration, Linux General, Linux Security, Linux:- Tips & Tricks, Tuning Linux | 3 Comments »

Linux Systems and Network Administration

Archive for the ‘Linux General’ Category

Missing Dependency: perl(URI)

Automated Process monitoring during high server load

Error: Missing Dependency: perl(Convert::ASN1) is needed by package samba

There could also be a problem with the server’s session.save_path

Install Latest postgresql using yum from pgsqlrpms

NMAP

htaccess 302 ( temporary ) and 301 ( primary) redirects

Virtuozzo Upgrade : Upgrading from Virtuozzo3 to Virtuozzo4

hwclock – query and set the hardware clock

iptables string match to drop malicious urls

Pages

Categories

Archives

Bookmarks

Meta

Follow “Linux Systems and Network Administration”