Archive for the ‘Uncategorized’ Category

h1

Virtuozo : Clone container Within Hardware Node

October 19, 2010

[root@vps001 ~]# vzmlocal -C 149:150
Moving/copying CT#149 -> CT#150, [], [] …
Check disk space
Tracker started
Syncing private area ‘/vz/private/149′->’/vz/private/150’
done
OfflineManagement CT#149 …
done
Stopping CT#149 …
done
Syncing tracked files from ‘/vz/private/149/fs’ to ‘/vz/private/150/fs’
done
Copying/modifying config scripts of CT#149 …
OfflineManagement CT#149 …
done
Starting CT#149 …
vzctl : Hostname for Container set: server1.SOMENAME.org
vzctl : File resolv.conf was modified
done
Successfully completed
[root@vps001 ~]#

However, before starting to use Container 150, you should set another IP address and another hostname for this Container which are currently identical to those of Container 149.

Ref: http://download.swsoft.com/virtuozzo/virtuozzo4.0/docs/en/lin/VzLinuxUG/16260.htm

h1

Updating OS EZ Template Caches

August 24, 2009

#####################################

[root@vps ~]# ls /vz/template/cache
centos-5-x86.tar.gz fedora-core-9-x86.tar.gz ubuntu-8.04-x86.tar.gz
[root@vps ~]#

[root@vps ~]# vzpkg update cache centos-5-x86
Update OS template cache for centos-5-x86 template

Loading “rpm2vzrpm” plugin
Cleaning up xml metadata
16 metadata files removed

Loading “rpm2vzrpm” plugin
Making cache files for all metadata files.
This may take a while depending on the speed of this computer
Setting up repositories
base0 100% |=========================| 1.1 kB 00:00
base1 100% |=========================| 951 B 00:00
base2 100% |=========================| 951 B 00:00
base3 100% |=========================| 951 B 00:00
primary.xml.gz 100% |=========================| 878 kB 00:00
primary.xml.gz 100% |=========================| 306 kB 00:00
base1 : ################################################## 465/465
Added 296 new packages, deleted 0 old in 4.80 seconds
primary.xml.gz 100% |=========================| 1.7 kB 00:00
primary.xml.gz 100% |=========================| 1.0 kB 00:00
filelists.xml.gz 100% |=========================| 2.8 MB 00:00
filelists.xml.gz 100% |=========================| 2.2 MB 00:00
base1 : 2/465
=== == == == ==
=== == == == ==
=== == == == ==
=== == == == ==
ev.i386 0:095-14.20.el5_3 usermode.i386 0:1.88-3.el5.2 util-linux.i386 0:2.13-0.50.el5 vim-common.i386 2:7.0.109-4.el5_2.4z zlib.i386 0:1.2.3-3
Complete!
grep: /tmp/pam/*: No such file or directory
OS template centos-5-x86 cache was updated
[root@vps ~]#

[root@vps ~]# ls /vz/template/cache
centos-5-x86.tar.gz centos-5-x86.tar.gz-old fedora-core-9-x86.tar.gz fedora-core-9-x86.tar.gz-old ubuntu-8.04-x86.tar.gz
[root@vps ~]#

[root@vps ~]# vzup2date

h1

CenOS 5.3 yum installation in VPS

August 21, 2009

-bash-3.2# cd /root/
-bash-3.2# mkdir yumfiles
-bash-3.2# cd yumfiles/
-bash-3.2# ls
-bash-3.2# vi yumdload.sh

wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/elfutils-libs-0.137-3.el5.i386.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/elfutils-libelf-0.137-3.el5.i386.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/expat-1.95.8-8.2.1.i386.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/gmp-4.1.4-10.el5.i386.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/libxml2-2.6.26-2.1.2.7.i386.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/libxml2-python-2.6.26-2.1.2.7.i386.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/m2crypto-0.16-6.el5.3.i386.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/python-elementtree-1.2.6-5.i386.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/python-iniparse-0.2.3-4.el5.noarch.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/python-sqlite-1.1.7-1.2.1.i386.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/python-urlgrabber-3.1.0-5.el5.noarch.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/readline-5.1-1.1.i386.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/rpm-4.4.2.3-9.el5.i386.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/rpm-libs-4.4.2.3-9.el5.i386.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/rpm-python-4.4.2.3-9.el5.i386.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/sqlite-3.3.6-2.i386.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/yum-3.2.19-18.el5.centos.noarch.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/yum-fastestmirror-1.1.16-13.el5.centos.noarch.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/yum-metadata-parser-1.1.2-2.el5.i386.rpm
wget http://mirror.centos.org/centos-5/5.3/os/i386/CentOS/popt-1.10.2.3-9.el5.i386.rpm

rpm -Uvh rpm-4.4.2.3-9.el5.i386.rpm rpm-libs-4.4.2.3-9.el5.i386.rpm popt-1.10.2.3-9.el5.i386.rpm –force
rpm -Uvh rpm-python-4.4.2.3-9.el5.i386.rpm
rpm -Uvh m2crypto-0.16-6.el5.3.i386.rpm python-*.rpm yum*.rpm

-bash-3.2# sh yumdload.sh
-bash-3.2#

h1

Installing PECL shared extensions

July 30, 2009

[root@server ]# ls -l `which curl` `which curl-config`
lrwxrwxrwx 1 root root 21 Mar 7 10:59 /usr/bin/curl -> /opt/curlssl/bin/curl
lrwxrwxrwx 1 root root 28 Mar 7 10:55 /usr/bin/curl-config -> /opt/curlssl/bin/curl-config

[root@server ]# cd /root/ ; wget http://pecl.php.net/get/pecl_http-1.6.3.tgz
[root@server ]# tar -zxvf pecl_http-1.6.3.tgz
[root@server ]# cd pecl_http-1.6.3
[root@server ]# phpize
[root@server ]# ./configure –with-http-curl-requests=/opt/curlssl
[root@server ]# make
[root@server ]# make test
[root@server ]# make install
[root@server ]# php -i | grep “Configuration File”
Configuration File (php.ini) Path => /usr/local/lib
Loaded Configuration File => /usr/local/lib/php.ini

[root@server ]# vi /usr/local/lib/php.ini , and add

extension=http.so ( below extension_dir line in php.ini , make sure extension_dir alredy points to the folder having http.so lib )

** curl / curl-config may depend on your system setup. you can also use –prefix=/usr/local/pecl_http or anything you want)

h1

htaccess 302 ( temporary ) and 301 ( primary) redirects

August 22, 2008

There are permanent are temporary redirect methods that can be applied to .htaccess.

A permanent redirect will notify the visitor’s browser to update any bookmarks that are linked to the page that is being redirected. Temporary redirects will not update the visitor’s bookmarks.

Temporary Redirect ( 302 redirect )
########################################
RewriteEngine on

RewriteCond %{HTTP_HOST} ^domain.com$
RewriteRule ^/?$ “http\:\/\/www\.domain\.com” [R=302,L]

###

Permanent Redirect ( 302 redirect )

##########################################

RewriteEngine on

RewriteCond %{HTTP_HOST} ^domain.com$
RewriteRule ^/?$ “http\:\/\/www\.domain\.com” [R=301,L]

###

The above example will redirect domain.com to http://www.domain.com in browser.

.

h1

/usr/sbin/named: symbol lookup error: /usr/sbin/named: undefined symbol: dns_dispatch_hash

July 9, 2008

up2date erased bind and bind-devel rpm and/ maybe also, removed user/group named

Note:- This was an issue on cpanel server, but same solution should work on other systems. ( on non cpanel systems, use  up2date -i  , instead of /scripts/ensurerpm

Logs:-

###############

ul  9 01:18:46 server userhelper[18586]: running ‘/usr/sbin/up2date –nox -i bind bind-devel bind-libs bind-utils bzip2 crontabs expect freetype freetype-devel gcc gcc-c++ gd gd-devel gd-progs gd-utils glibc-devel gnupg libgcc libgd1 libgd1-devel libmysqlclient10-dev libxml libxml-devel libstdc++ libstdc++-devel which lsof sysstat libxml2 libxml2-devel gamin gamin-devel lynx openssh openssh-clients openssh-server openssl openssl-devel openssl-misc perl-CPAN sharutils ucd-snmp ucd-snmp-devel ucd-snmp-utils wget XFree86-devel XFree86-libs vixie-cron’ with root privileges on behalf of ‘root’
Jul  9 01:19:14 server userdel[18593]: delete user `named’
Jul  9 01:19:14 server userdel[18593]: remove group `named’
The problem is similar:  http://bugs.centos.org/print_bug_page.php?bug_id=2247

Reason:-

============

some binaries like   dig,host,cpio etc have immutable attributes

Solution:-

###########

quick solution:-

========================

[root@server var]# cp /etc/named.conf /root/
[root@server var]# cp -apfr /var/named/ /root/
[root@server var]# /scripts/ensurerpm bind-*

Full steps I used to fix

======================

[root@server var]# cp /etc/named.conf /root/
[root@server var]# cp -apfr /var/named/ /root/
[root@server var]# /scripts/ensurerpm bind-*

Fetching Obsoletes list for channel: rhel-i386-es-4…

Fetching rpm headers…
########################################

Name                                    Version        Rel
———————————————————-
bind-chroot                             9.2.4          28.0.1.el4        i386
bind-devel                              9.2.4          28.0.1.el4        i386
bind-utils                              9.2.4          28.0.1.el4        i386

Testing package set / solving RPM inter-dependencies…
########################################
bind-chroot-9.2.4-28.0.1.el ########################## Done.
bind-devel-9.2.4-28.0.1.el4 ########################## Done.
bind-utils-9.2.4-28.0.1.el4 ########################## Done.
bind-9.2.4-28.0.1.el4.i386. ########################## Done.
Preparing              ########################################### [100%]

Installing…
1:bind-utils             ########################################### [100%]
error: unpacking of archive failed on file /usr/bin/dig: cpio: rename
There was a fatal RPM install error. The message was:
There was a rpm unpack error installing the package: bind-utils-9.2.4-28.0.1.el4
Need to create rndc.conf
Creating rndc.conf
Creating /etc/rndc.key …
Adding controls clause …
[root@server var]# service named restart
Stopping named:                                            [FAILED]
Starting named: /usr/sbin/named: symbol lookup error: /usr/sbin/named: undefined symbol: dns_dispatch_hash
[FAILED]

[root@server var]# rpm -e bind-chroot
error: package bind-chroot is not installed
[root@server var]# cd /var/named/
[root@server var]# rpm -qa | grep bind
bind-libs-9.2.4-28.0.1.el4
ypbind-1.17.2-13
[root@server var]# /scripts/ensurerpm bind

Fetching Obsoletes list for channel: rhel-i386-es-4…

Fetching rpm headers…
########################################

Name                                    Version        Rel
———————————————————-
bind                                    9.2.4          28.0.1.el4        i386

Testing package set / solving RPM inter-dependencies…
########################################
bind-9.2.4-28.0.1.el4.i386. ########################## Done.
bind-utils-9.2.4-28.0.1.el4 ########################## Done.
Preparing              ########################################### [100%]

Installing…
1:bind-utils             ########################################### [100%]
error: unpacking of archive failed on file /usr/bin/dig: cpio: rename
There was a fatal RPM install error. The message was:
There was a rpm unpack error installing the package: bind-utils-9.2.4-28.0.1.el4
[root@server var]# cd
[root@server var]# lsattr /usr/bin/dig
—-i——– /usr/bin/dig
[root@server var]# cd /usr/bin/
[root@server bin]# chattr  -ai *
[root@server bin]# cd /usr/sbin/
[root@server sbin]# chattr  -ai *
[root@server sbin]# cd /bin/
[root@server bin]# chattr  -ai *
[root@server bin]# chattr  -ai *
[root@server bin]# /scripts/ensurerpm bind bind-devel

Fetching Obsoletes list for channel: rhel-i386-es-4…

Fetching rpm headers…
########################################

Name                                    Version        Rel
———————————————————-
bind                                    9.2.4          28.0.1.el4        i386
bind-devel                              9.2.4          28.0.1.el4        i386

Testing package set / solving RPM inter-dependencies…
########################################
bind-9.2.4-28.0.1.el4.i386. ########################## Done.
bind-devel-9.2.4-28.0.1.el4 ########################## Done.
bind-utils-9.2.4-28.0.1.el4 ########################## Done.
Preparing              ########################################### [100%]

Installing…
1:bind-utils             ########################################### [100%]
2:bind                   warning: /etc/logrotate.d/named created as /etc/logrotate.d/named.rpmnew
warning: /etc/rc.d/init.d/named saved as /etc/rc.d/init.d/named.rpmorig
warning: /etc/rndc.conf created as /etc/rndc.conf.rpmnew
warning: /etc/rndc.key created as /etc/rndc.key.rpmnew
warning: /etc/sysconfig/named created as /etc/sysconfig/named.rpmnew
########################################### [100%]
3:bind-devel             ########################################### [100%]
The following packages were added to your selection to satisfy dependencies:

Name                                    Version        Release
————————————————————–
bind-utils                              9.2.4          28.0.1.el4

[root@server bin]# service named restart
Stopping named:                                            [  OK  ]
Starting named:                                            [  OK  ]
[root@server bin]#

To prevent from auto-update, add “bind*” in /etc/sysconfig/rhn/up2date

[root@ns2 ~]# grep bind  /etc/sysconfig/rhn/up2date
pkgSkipList= bind*;courier*;spamassassin*;httpd*;perl;mysql*;php*;mod_ssl*;kernel*;exim*;proftpd*;pure-ftpd*;squirrelmail*;dovecot*;nsd*;
[root@ns2 ~]#

h1

Linux or UNIX disable null passwords

July 4, 2006

Q. How do I disabling logins for user with null passwords?

A. PAM (pluggable authentication modules) is used by both Unixish (Solaris/BSD/AIX/HP-UX) oses and Linux for configuring authentication related services.

A null password allows users to log onto a system without having to supply a valid password. This is a security risk to the system. In case if you are wondering how to setup null password, try command usermod as follows:

# usermod -p “” username

The PAM configuration option that enables null passwords is the nullok module argument passed to pam_unix.so PAM module. You’ll want to remove this argument from any modules of auth type for services that allow login.

Debian Linux

Debian Linux use following two files:

  • /etc/pam/common-auth: authentication settings common to all services
  • /etc/pam.d/common-password: password-related modules common to all services

Caution: before modifying below mentioned PAM config files, make the backup of files using cp command.

a) Open /etc/pam/common-auth:

# cp /etc/pam/common-auth /etc/pam/common-auth.ORI
# vi /etc/pam/common-auth

Find out line that read as follows:

password required pam_unix.so nullok obscure min=4 max=8 md5

Remove nullok from above line so that it read as follows:

password required pam_unix.so obscure min=4 max=8 md5

b) Save the file and exit to shell prompt. Open file /etc/pam.d/common-password:

# cp /etc/pam.d/common-password /etc/pam.d/common-password.ORI
# vi /etc/pam.d/common-password

Find out line that read as follows:

auth required pam_unix.so nullok_secure

Remove nullok_secure from above line so that it read as follows:

auth required pam_unix.so

Save the file and exit to shell prompt. Now no one be able to login using null password.

Red Hat / Fedora Linux

You need to modify single file /etc/pam.d/system-auth:

# cp /etc/pam.d/system-auth /etc/pam.d/system-auth.ORI
# vi /etc/pam.d/system-auth

Find out line that read as follows:

auth sufficient /lib/security/pam_unix.so likeauth nullok

Remove nullok from above line so that it read as follows:

auth sufficient /lib/security/pam_unix.so likeauth

Save the file.