Yum Memory Error !!!!

If you are getting  "MemoryError" while doing yum update or yum install ,follow the steps shown below:

Solution

# ulimit -a

The output for this will be obtained as :

root@server1 [~]# ulimit -a

core file size          (blocks, -c) 0

data seg size           (kbytes, -d) unlimited

scheduling priority             (-e) 19

file size               (blocks, -f) unlimited

pending signals                 (-i) 139264

max locked memory       (kbytes, -l) 32

max memory size         (kbytes, -m) 10000

open files                      (-n) 1024

pipe size            (512 bytes, -p) 8

POSIX message queues     (bytes, -q) 819200

real-time priority              (-r) 0

stack size              (kbytes, -s) 10240

cpu time               (seconds, -t) unlimited

max user processes              (-u) 15

virtual memory          (kbytes, -v) 262144

file locks                      (-x) unlimited

The reason for such memory error  is because of virtual memory and max. memory size. It should be unlimited, otherwise it will show memory error.

# ulimit -m unlimited 

#ulimit -v unlimited

  Then run yum again........

Installing LAMP on Linux

Please refer these links to get more information on installing LAMP on linux servers.

http://www.lamphowto.com/
http://www.howtoforge.com/quick-n-easy-lamp-server-centos-rhel

http://www.lifelinux.com/how-to-setup-a-lamp-server-on-centos-6-0/

Configuring Apache server to listen to Multiple Ports

By default Apache server listens on TCP port 80 but I’d like an Apache Web Server to listen on port 80 and port 8080.But we can also configure apache to listen on multiple ports.It is shown below.


edit file /etc/httpd.conf.httpd.conf
 and search the line Listen 80
Add one more line like it and change the port to one we want
Listen 8080
And find the VirtualHost portion for your website config and add *:8080 as shown below:

<Virtual Host *:80 *:8080 >

.................

<Virtual Host>

Ready to go ......!!!!

Changing the login details of Light speed webserver

Light speed webserver user details can be changed by using a script /usr/local/lsws/admin/misc/admpass.sh.

Light speed server port number is 7080.So can acces the login page via http://servernae:7080.

Images not loading in wordpress site

Images may not load on wordpress site if the permission of files are incorrect.To understand the file permissions of the wordpress contents,Please refer the link http://wordcastnet.com/2011/managing-file-permissions-in-wordpress/.

How to change time-zone in Linux servers

For this example, assume that your current timezone is UTC as shown below. You would like to change this to Pacific Time.

# date

Mon Sep 17 22:59:24 UTC 2010

 On some distributions (for example, CentOS), the timezone is controlled by /etc/localtime file.

Delete the current localtime file under /etc/ directory

# cd /etc

# rm localtime

All US timezones are located under under the /usr/share/zoneinfo/US directory as shown below.

# ls /usr/share/zoneinfo/US/

Alaska          Arizona         Eastern         Hawaii          Michigan        Pacific

Aleutian        Central         East-Indiana    Indiana-Starke  Mountain        Samoa

Note: For other country timezones, browse the /usr/share/zoneinfo directory

Link the Pacific file from the above US directory to the /etc/localtime directory as shown below.



# cd /etc

# ln -s /usr/share/zoneinfo/US/Pacific localtime

Now the timezone on your Linux system is changed to US Pacific time as shown below.

# date

Mon Sep 17 23:10:14 PDT 2010

Mysql.sock error in Cpanel

Cd /var/lib/mysql

touch mysql.sock

Chown mysql:mysql mysql.sock

Chmod 1777 mysql.sock

Making a sym link into /tmp

ln –s /var/lib/mysql/mysql.sock /tmp

then

Chmod 1777 /tmp

/scripts/mysqlup –force

Now just restart mysql

/etc/rc.d/init.d/mysql restart

Ready to go ……..!!!!!

OpenVz commands

Following are some important commands which are normally used while working on a Hardware Node.

1) vzlist -a : Shows list of all the VPS’s hosted on the Node.

2) vzctl start VPS_ID: To start the VPS.

3) vzctl stop VPS_ID : To stop (Shut Down) the VPS

4) vzctl status VPS_ID : To view the status of the particular VPS

5) vzctl stop VPS_ID –fast : to stop the VPS quickly and forcefully

6) vzctl enter VPS_ID : To enter in a particular VPS

Configuration Commands :

1) vzctl set VPS_ID –hostname vps.domain.com –save: To set the Hostname of a VPS.

2) vzctl set VPS_ID –ipadd 1.2.3.4 –save : To add a new IP to the hosting VPS.

3) vzctl set VPS_ID –ipdel 1.2.3.4 –save : To delete the IP from VPS.

4) vzctl set VPS_ID –userpasswd root:new_password –save : to reset root password of a VPS.

5) vzctl set VPS_ID –nameserver 1.2.3.4 –save : To add the nameserver IP’s to the VPS.

6) vzctl exec VPS_ID command : To run any command on a VPS from Node.

7) vzyum VPS_ID install package_name : To install any package/Software on a VPS from Node.
Here VPS_ID refers to the ID of the Particular VPS.

 8)vzctl destroy VPS_ID-To destroy particular vps

 9)vzcalc -v VPS_ID-To show resources used by a VPS

 10)vzcpucheck-To check CPU usage by OpenVZ

 11)vzcpucheck -v-To get CPU usage per VPS

 12)vzctl exec 103 df-to Execute commands inside particular vps container.

  

Monitoring Commands

To determine the top 5 load taking VPS in a Hardware node

vzlist -o veid,laverage|sort -nrk 2|head -5

To determine the top memory consuming process in the Hardware node

top -c (Press shift +m)

To determine the top memory cpu consuming process in the Hardware node

top -c (Press shift +p)

Cpanel Installation in Linux

Firstly we have to get cpanel license for the dedicated ip of your server.

We can check the license in the cpanel main website verify.cpanel.net.Once it shows the license is ok Then do the steps given below

1.     cd /home — Opens the /home directory.

2.     wget -N http://httpupdate.cpanel.net/latest — Fetches the latest installation files from cPanel's servers.

3.     sh latest — Opens and executes the installation files.

If licensing fails (due to a strict firewall or modified IP), run the command /usr/local/cpanel/cpkeyclt to activate your cPanel & WHM license.

Cpanel Error Logs

cat  /var/log/messages | more

It will give you the server wide error messages.

Cd  /usr/local/apache/domlogs

Cat domainname

It will give you the logs for a particular domain

Cpanel logs : /usr/local/cpanel/logs

Apache logs : /usr/local/apache/logs

Enabling PPTP Vpn in OpenVz vps

Firstly enable tun/tap module :-

Using the following command make sure that the tun/tap module is loaded in the Hardware node :

(HN) #  lsmod | grep tun

If it doesn’t returns any value, it is sure that the tun/tap module is not loaded in the hardware node. Then, load tun/tap module in hardware node.

 (HN) #  modprobe tun

Note: To make sure that tun module loads automatically on every Hardware node reboot , add it to /etc/modules.conf (on  RHEL see /etc/sysconfig/modules )

Granting tun/tap access to container ( VPS)

Assuming the container OpenVZ_ID is 200

# vzctl set 200 --devnodes net/tun:rw --save

Secondly , enabling pppd daemon in the container

HN # modprobe ppp_async

HN # modprobe ppp_deflate



HN # lsmod | grep ppp

ppp_deflate             9793  2

zlib_deflate           21977  1 ppp_deflate

ppp_async              15169  1

crc_ccitt               6337  1 ppp_async

ppp_generic            30165  6 ppp_deflate,ppp_async

slhc                   10561  1 ppp_generic

Then,stop the container

 # vzctl stop 200   (Assuming that VZ_ID is 200)

(HN)  #  vzctl set <VZ_ID> --features ppp:on --save

(HN)  # vzctl start <VZ_ID>

(HN)  # vzctl set <VZ_ID> --devices c:108:0:rw --save

(HN)  # vzctl exec <VZ_ID> mknod /dev/ppp c 108 0

(HN)  # vzctl exec <VZ_ID> chmod 600 /dev/ppp



Enter the container

# vzctl enter <VZ_ID>



Check whether pppd is enabled by using the following command

(VE) # /usr/sbin/pppd  (VE refers to virtual environment)



The output for the command will looks like as the follows:

~�}#�!}!}!} }4}"}&} } } } }%}&)Q�}4}'}"}(}"p})



PPP starts working..!!!!!



-------------------------------



Note: If you are getting an error while running the command /usr/sbin/pppd as

 -bash:/usr/sbin/pppd: No such file or directory

 Solution:- yum install -y ppp

How to unlock a container in openvz

If you are getting a message as "container already locked", while you try to STOP the VPS :

[root@server ~]# vzctl stop 104
Container already locked

SOLUTION:

 Remove the lock :

 # [root@server ~]#  rm /vz/lock/104.lck
rm: remove regular file `/vz/lock/104.lck'? y

 Kill the checkpoint :

  [root@server ~]#  vzctl chkpnt 104 --kill
Killing...

ENJOY.......!!!!!

Zpanel installation

There are some primary steps to be done before installing Zpanel.

1.SELINUX should be in disabled mode.

# vi /etc/selinux/config

------------------------------

SELINUX=disabled

 save and quit, reboot

------------------------------

2. Remove sendmail



# chkconfig  --levels  235 sendmail off

# /etc/init.d/sendmail stop

# yum remove sendmail



3. Remove vsftpd



# yum remove vsftpd



4. Disabling IPtables



# service iptables save

#service iptables stop

# chkconfig iptables off



5. Installing the necessary packages:



# yum update



# yum install make



#yum install wget



# yum install zip



# yum install httpd php php-devel php-gd php-mbstring php-imap php-mysql php-xml php-xmlrpc curl curl-devel perl-libwww-perl



# yum install libxml2 libxml2-devel mysql-server zip webalizer gcc gcc-c++ httpd-devel at make mysql-devel bzip2-devel



#yum install proftpd proftpd-mysql



       # yum install postfix dovecot dovecot-mysql



# yum install bind bind-utils bind-libs



6. Downloading the latest tagged release :



https://github.com/Caffe1neAdd1ct/zpanelx-installers/tags



Then, follow  the below steps for installing Zpanel:



    # yum install dos2unix



   #  dos2unix centos-6-2-1.00.sh



  # chmod +x centos-6-2-1.00.sh



  # ./centos-6-2-1.00.sh

DDOS ATTACKS !!!!!!!!

DDOS – Distributed Denial of service attack

DDOS or DOS (Denial of service ) is an attack in the server , where the server  resources  become unavailable to the users. It can be typically defined as the loss of network connectivity and services by consuming the bandwidth and resources of the victim network or overloading the victim server. Attempts to “flood” a network with bogus packets , there by preventing legitimate traffic is the common form of attack.

Beyond this, there are 2 types of  attacks:

1.Smurf attack  :-  ICMP requests are sent to the broadcast address of misconfigured  network with a faked or spoofed source IP address , set to one of the target.


2.Syn flood attack :-  Bogus SYN requests to a service ( eg: HTTP) cause the server to be overloaded.

    Command to check whether the server is under tcp/udp denial of service  attack

# netstat -ntu | grep tcp/udp |  awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n|wc –l

If the output of the command is 2000 or 3000 it is  sure that the server is under DDOS attack.


Also:



netstat –alpn | grep :80 | awk ‘{print $4}’ |awk –F : ‘{print $ (NF -1) }’ | sort | uniq –c | sort -n



    Command to check the IP addresses currently connected to the server

#  netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort –n


When we get a lot of httpd process by running the command top –d2 , then we have to check whether it is a DOS attack and to realize whether the server is flooded with SYN packets.

    Command to check the SYN packet flood

                                                                                                                                                                               

#  netstat -nap | grep SYN | wc –l

If  the output of the command is an abnormal ( large, say 2000 or 30000) number, then it is sure that the server is under attack.

    Command to check ,from which IP Addresses the packet arise

#  netstat –nap | less  

If the attack is coming from a particular IP address ,  we can block the IP address in the server using the following command:

    Command used to block an IP address in the server

#  route add  <IP address>   reject

    Command used to check whether the IP address is blocked

# route  -n | grep <IP address>

We can also use iptables to block an IP address in the server

#  iptables –A INPUT 1 –s <IPADDRESS> –j DROP/REJECT

# service iptables save

# service iptables restart

Then kill all httpd connection and then restart the service

# killall  –KILL  httpd

# service  httpd  startssl

    Checking DDOS in VPS hardware node using tcpdump

# tcpdump -c 100 -i eth0

Changing the Nameserver IP address in WHM

If the client gets  the Nameserver IP addresses  from the Main >> DNS Functions >> Nameserver IPs as
For  Example:
Nameserver    IP         No. Zones
ns1.localhost.com    64.99.64.32    80
ns2.localhost.com    64.99.64.32    80

From WHM to change them you can it from

Main >> Server Configuration >> Basic cPanel & WHM Setup >> Nameservers

 From the shell you can change it with the below mentioned process

#vi /etc/nameserverips
64.99.64.32=ns1.localhost.com
64.99.64.32=ns2.localhost.com
change it to the appropriate IP address and Local host.
:wq!

 Then access the file /var/cpanel/nameserverips.yaml

#vi /var/cpanel/nameserverips.yaml
Replace the appropriate nameservers and the IP address.

After that restart the service
#service named restart OR #/etc/init.d/named restart
#service cpanel restart OR #/etc/init.d/cpanel restart

Check for the changes in the Nameserver IPs of the WHM.

How to enable SSHFS on openvz

• SSHFS ( SSH filesystem)  is a filesystem client to mount and interact with files and directories, located in remote server .

• The client interact with the remote filesytem  via SSH File transfer protocol for file access, file transfer and file management.

Here are the steps on how to enable SSHFS in VPS

First of all , download and install fuse from http://fuse.sourceforge.net/

#  wget http://nchc.dl.sourceforge.net/project/fuse/fuse-2.X/2.8.7/fuse-2.8.7.tar.gz

#  tar –xzvf  fuse-2.8.7.tar.gz

#  cd fuse-2.8.7

# ./configure

#  make

#  make install

# echo '/usr/local/lib' > /etc/ld.so.conf.d/fuse.conf

#  ldconfig

Grab SSHFS from http://fuse.sourceforge.net/sshfs.html and wget the stable latest version:

# wget http://sourceforge.net/projects/fuse/files/sshfs-fuse/2.4/sshfs-fuse-2.4.tar.gz

# tar –xvzf sshfs-fuse-2.4.tar.gz

# cd sshfs-fuse-2.4

# yum install glib2-devel

# ./configure

#  make

# make install

This is how the fuse and SSHFS are installed in the container. After finishing this, enable fuse access to the container from the Hardware node.

Note : HN refers to the hardware node and $VEID refers to corresponding container ID

Do the steps in the Hardware node:

( HN )  #   vzctl set $VEID --devices c:10:229:rw –save

( HN )  #    vzctl exec $ VEID  mknod /dev/fuse c 10 229

Creating custom Php.ini file in Litespeed webserver

Select Litespeed Web Server  >  Litespeed Configuration > Admin Console > Configuration > Server > External App > lsphp5

Click on Edit . In the  “Environment “ section,  add

 “ PHPRC=$VH_ROOT ”

In the “suEXEC User “  section , add the account username for which custom php.ini has to be enabled and for  “suEXEC Group “ section , add the group name of the account.

Then, save the changes.

Main > Litespeed Web server > Quick Configuration of PHP suEXEC settings

Enable PHP suExec should be ‘yes.”

Then, Restart litespeed webserver from back end:

# /etc/init.d/lsws restart

Then, put custom php.ini file in the user’s home directory.

Put info.php page in public_html  to test whether it is loading fine.