Creating Backup of a Xen vm

Let the vm ID be vm378.

dd if=/dev/Xen/vm378_img of=/dev/Xen/vm378_img.img 

Checking and Reparing filesystem using with FSCK

fsck is a Unix utility for checking and repairing file system inconsistencies . File system can become inconsistent due to several reasons and the most common is abnormal shutdown due to hardware failure , power failure or switching off the system without proper shutdown. Due to these reasons the super-block in a file system is not updated and has mismatched information relating to system data blocks, free blocks and inodes .

fsck – Modes of operation :

Interactive :- fsck examines the file system and stops at each error it finds in the file system and gives the problem description and ask for user response whether to correct the problem or continue without making any change to the file system.

Non interactive :- fsck tries to repair all the problems it finds in a file system without stopping for user response useful in case of a large number of inconsistencies in a file system but has the disadvantage of removing some useful files which are detected to be corrupt .

If file system is found to have problem at the booting time non interactive fsck is run and all errors which are considered safe to correct are corrected. But if still file system has problems the system boots in single user mode asking for user to manually run the fsck to correct the problems in file system.

Running fsck :

         fsck should always be run in a single user mode which ensures proper repair of file system . If it is run in a busy system where the file system is changing constantly fsck may see the changes as inconsistencies and may corrupt the file system .

If the system can not be brought in a single user mode fsck should be run on the partitions ,other than root & user , after unmounting them . Root & user partitions can not be unmounted . If the system fails to come up due to root/user files system corruption the system can be booted with CD and root/user partitions can be repaired using fsck.

fsck phases

fsck checks the file system in a series of 5 pages and checks a specific functionality of file system in each phase.


** phase 1 – Check Blocks and Sizes
** phase 2 – Check Pathnames
** phase 3 – Check Connectivity
** phase 4 – Check Reference Counts
** phase 5 – Check Cylinder Groups

Procedure
=======
1) Take system down to runlevel one (make sure you run all command as root user):

# init 1

2)Unmount file system, for example if it is /home (/dev/sda3) file system then type command:

umount /home

3) Now run fsck on the partition:

# fsck -fyC /dev/sda3

y- Display completion/progress bars for those filesystem checkers (currently only for ext2 and ext3) which support them
C - to fix any detected filesystem corruption automatically

4) Once fsck finished, remount the file system:

# mount /home

5) Go to multiuser mode

# init 3

Resize Xen Lvm

Example : Inorder to extend 40 GB in the vm442

lvresize /dev/xen/vm442_img -L +40G
resize2fs /dev/xen/vm442_img

resize2fs will ask to run e2fsck first so run e2fsck first

e2fsck -f /dev/xen/vm442_img

Screen Commands

To install screen : #yum install screen

After installation if you see "/var/run/screen must have permissions 777" then change the permission to 777  :  #chmod 777 /var/run/screen

#screen -ls --  this will list screenname and state (attached or detached)

After typing screen -ls it will show whether screen is "detached" or "attached" state

To reattach "detached" screen --  #screen -r <screenname>

Leaving screen --  press down ctrl + A together and type D   (ctrl A + D)

When u type screen -ls if the screen is attached, then do the below

#screen -D <screenname>     then
#screen -r <screenname>

To enter a name for the screen :   #Screen -S test

Detecting common Zone file errors of Domains

The domain won't resove if the zone file of the domain have any syntax errors or configuration errors.

So better way to understand the syntax or normal errors in the zone file is by running the command

named-checkzone domain.com domain.com.db on the server
where domain.com is the domain name and domain.com.db is the zone file.

 named-checkzone weibo520.com weibo520.com.db
zone weibo520.com/IN: loaded serial 2013011601
OK

If the zone file is correct then it will show the result as ok as above. If it has errors it will list the errors as well, so that it will be easier for us to investigate.

Login Problem in horide,squirrel mail and round cube in Cpanel

If you are facing login issue with horde,squirrel mail and roundcube after login to the webmail for an account.

At first run the following commands.
/usr/local/cpanel/bin/updatehorde --force
/usr/local/cpanel/bin/updatesquirrelmail --force
/usr/local/cpanel/bin/updateroundcube --force

 Normally it will fix those issues. but still there is login problems, then it might be with some configuration issues on the Cpanel acount.

Please run the following command in root SSH:
/scripts/whoowns domain.com
Where domain.com is the domain name in question. If it doesn't show any ownership, then move the following files:

cd /etc
mv userdomains userdomains.bak
mv trueuserdomains trueuserdomains.bak

At that point, run the following script and recheck ownership for the domain:

/scripts/updateuserdomains
/scripts/whoowns domain.com

If instead of showing no ownership, the domain showed the wrong ownership, you'd have to edit the /var/cpanel/users/username file that is improperly owning the domain to remove the DNS line that it has for that domain, then run the above move and updateuserdomains commands.



If the ownership is correct, then at that point, try instead checking the Roundcube logs as it has the most accurate logging of the 3 webmail programs. Try to log into the account in Roundcube, and then go to /var/cpanel/roundcube and tail the log:

After this issue will be fixed.

Error while uploading files to Cpanel accounts

If you are getting the following error while uploading files to the Cpanel accounts :

------------------------------------------------------
unknown bytes complete FAILED! :Upload
canceled: VIRUS DETECTED! ( Access denied. ERROR )
------------------------------------------------------

Go to WHM >> Manage Plugins.

There you can see the different add-ons. Check for clamavconnector.
If it is not installed, install it. If it is there, uninstall and install again.

Warning while restarting the CSF service

--------------------------------------------------------------------------------------------------------
*WARNING* Since the Virtuozzo VPS iptables ip_conntrack_ftp kernel module is currently broken you have to open a PASV port hole in iptables for incoming FTP connections to work correctly. See the csf readme.txt under 'A note about FTP Conne ction Issues' on how to do this if you have not already done so.
---------------------------------------------------------------------------------------------------------

It is important when using an SPI firewall to ensure FTP client applications
are configured to use Passive (PASV) mode connections to the server.

On servers running Monolithic kernels (e.g. VPS Virtuozzo/OpenVZ and custom
built kernels) ip_conntrack and ip_conntrack_ftp iptables kernel modules may
not be available or fully functional. If this happens, FTP passive mode (PASV)
won't work. In such circumstances you will have to open a hole in your firewall
and configure the FTP server to use that same hole.

For example, with pure-ftpd you could add the port range 30000:35000 to TCP_IN
and add the following line to /etc/pure-ftpd.conf and then restart pure-ftpd:
PassivePortRange        30000 35000

For example, with proftpd you could add the port range 30000:35000 to TCP_IN
and add the following line to /etc/proftpd.conf and then restart proftpd:
PassivePorts    30000 35000

FTP over SSL/TLS will usually fail when using an SPI firewall. This is because
of the way the FTP protocol established a connection between client and server.
iptables fails to establish a related connection when using FTP over SSL
because the FTP control connection is encrypted and so cannot track the
relationship between the connection and the allocation of an ephemeral port.

Named dead but Pid file exists

root@server# /etc/init.d/named status
WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf)
rndc: connect failed: 127.0.0.1#953: connection refused
named dead but pid file exists

If you are receiving the above mentioned error while restarting named, Please execute the following script in Cpanel servers :

/scripts/fixrndc and restart the nameserver (service named restart)

Temporarily rejected RCPT lowest numbered MX points to local host

When MTA (Mail Transport Agent) such as Sendmail and Exim attemps to relay and transmits email through the mail server while receiving mail from external address to local account, the mail will not get delivered and been rejected with the one or all of following errors in the maillog log file.

----------------------------------------------------------------------------------------------------------
2007-08-05 08:08:88 H=(example.com) [196.172.0.188] sender verify defer for : lowest numbered MX record points to local host
2007-08-05 08:08:88 H=(example.com) [196.172.0.188] F= temporarily rejected RCPT user@example.com: Could not complete sender verify
2007-08-05 08:08:88 H=mail.example.com [196.172.0.188] F= rejected RCPT : relay not permitted

The reason for the error message is the domain “example.com” is missing from the /etc/localdomains file of your server.
The difference between the /etc/localdomains and /etc/remotedomains files is that, they decide whether the email has to be delivered locally OR to a remote server respectively and is checked by the exim mail server.
------------------------------------------------------------------------------------------------------------
To fix the issue, edit the file:

# vim /etc/localdomains

and place the domain name entry there. There is no need to restart the ‘exim’