Exim4 Error : "Fatal: no entropy gathering module detected"
I just want to share with you all the error that I came across regarding exim and here I'm providing the fix for it as well which worked perfectly for me. I tried to send email using 'mail' command which returned me this error message "Fatal: no entropy gathering module detected".
Here is the fix for this that got it working for me!
SSH to your server and perform the following steps :
# cd /dev
Here you can find either URANDOM and/or RANDOM
Delete them.
# rm -rf urandom
# rm -rf random
Now we have to remake both of them and chmod it.
# /sbin/MAKEDEV urandom
# /sbin/MAKEDEV random
# chmod 777 /dev/urandom
# chmod 777 /dev/random
Thursday, April 25, 2013
Nagios Configuration
Nagios Configuration
Following steps will take place when Nagios (installed on Nagios server) monitors a service (eg: server load) on the remote host
1) Nagios will execute check_nrpe command on nagios-server and will request it to monitor disk usage on remote host using check_load command.
2) The check_nrpe on the nagios-server will contact the NRPE daemon on remote host and will request it to execute the check_load on remote host.
3) The results of the check_load command will be returned back by NRPE daemon to the check_nrpe on nagios-server.
Nagios Server (check_nrpe) ~~> Remote host (NRPE deamon) ~~> check_load
Nagios Server (check_nrpe) <~~ Remote host (NRPE deamon) <~~ check_load (returns the server load)
Before we begin, we need to install some packages on the remote host for Nagios to work fine.
# yum install elinks gcc make gcc-c++
# yum -y install openssl-devel
# useradd nagios
# passwd nagios
# cd /usr/src/
Then install Nagios plugin and NRPE on remote host.
Install Plug-in
# wget http://sourceforge.net/projects/nagiosplug/files/nagiosplug/1.4.15/nagios-plugins-1.4.15.tar.gz/download
# tar -zxvf nagios-plugins-1.4.15.tar.gz && cd nagios-plugins-1.4.15
# ./configure --with-nagios-user=nagios --with-nagios-group=nagios
# make
# make install
# chown nagios:nagios /usr/local/nagios
# chown -R nagios:nagios /usr/local/nagios/libexec
# cd ..
Install NRPE
#wget http://sourceforge.net/projects/nagios/files/nrpe-2.x/nrpe-2.12/nrpe-2.12.tar.gz/download
# tar -zxvf nrpe-2.12.tar.gz && cd nrpe-2.12
# ./configure
# make all
# make install-plugin
# make install-daemon
# make install-daemon-config
# make install-xinetd
Edit Xinetd NRPE entry
# vi /etc/xinetd.d/nrpe
only_from = 127.0.0.1 Server-IP (nagios monitoring server ip-address is: )
:wq (save and exit)
Edit services file entry
# vi /etc/services
nrpe 5666/tcp # Entry for NRPE daemon
:wq (save and exit)
Restart xinetd
# service xinetd restart
Verify whether NRPE is listening
# netstat -at |grep nrpe # output -: tcp 0 0 *:nrpe *.* LISTEN
Verify to make sure the NRPE is functioning properly
# /usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.12
Configuring Nagios monitoring server to monitor the remote host
# cd /usr/src
# wget http://sourceforge.net/projects/nagios/files/nrpe-2.x/nrpe-2.12/nrpe-2.12.tar.gz/download
# tar -zxvf nrpe-2.12.tar.gz && cd nrpe-2.12
# yum -y install openssl-devel
# yum install perl
# ./configure
# make all
# make install-plugin
Create a command definition
# vi /home/nagios/public_html/etc/objects/commands.cfg
Add the following:
# NRPE CHECK COMMAND
# Command to use NRPE to check remote host systems
define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
Create configuration file for remote host
# cp –prf /home/nagios/www/etc/objects/ localhost.cfg /home/nagios/www/etc/objects/remotehost.cfg
# vi /home/nagios/www/etc/objects/remotehost.cfg
Replace the values “host_name” “alias” “address” with the values that match your setup:
** The “host_name” you set for the “define_host” section must match the “host_name” in the “define_service” section **
# Define a host for the remote machine
define host{
use linux-server ; Name of host template to use
; This host definition will inherit all variables that are defined
; in (or inherited by) the linux-server host template definition.
host_name alpha235
alias alpha235
address 62.75.215.12
}
# SERVICE DEFINITIONS
# Define a service to "ping" the local machine
define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description PING
check_command check_ping!100.0,20%!500.0,60%
}
# Define a service to check the disk space of the root partition.
define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description Root Partition
check_command check_nrpe!check_disk
}
# Define a service to check the number of currently logged in users on the remotehost.
define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description Current Users
check_command check_nrpe!check_users
}
# Define a service to check the number of currently running processes on the remote host.
define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description Total Processes
check_command check_nrpe!check_total_procs
}
# Define a service to check the load on the remote host.
define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description Current Load
check_command check_nrpe!check_load
}
# Define a service to check SSH on the remote host.
# Disable notifications for this service by default, as not all users may have SSH enabled.
define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description SSH
check_command check_nrpe!check_ssh
notifications_enabled 0
}
# Define a service to check HTTP on the remote host.
# Disable notifications for this service by default, as not all users may have HTTP enabled.
define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description HTTP
check_command check_nrpe!check_http
notifications_enabled 0
}
Activate the remotehost.cfg template
# vi /usr/local/nagios/etc/nagios.cfg
Definitions for monitoring remote Linux machine
cfg_file=/home/nagios/www/etc/objects/remotehost.cfg
Verify Nagios Configuration Files
# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
# /home/nagios/public_html/bin/nagios -v /home/nagios/public_html/etc/nagios.cfg (In our server)
Output : ...
...
Things look okay - No serious problems were detected during the pre-flight check
Verify whether nagios monitoring server can talk to the remote host
# /usr/local/nagios/libexec/check_nrpe -H 62.75.215.12
NRPE v2.12
Start nagios
# /home/nagios/www/bin/nagios -d /home/nagios/www/etc/nagios.cfg
Restart nagios (if already running)
# kill -HUP <nagios_pid>
# /usr/local/nagios/libexec/check_nrpe -H 62.75.215.12 -c check_load (To check the load of the remote server)
OK - load average: 0.35, 0.30, 0.23|load1=0.350;15.000;30.000;0; load5=0.300;10.000;25.000;0; load15=0.230;5.000;20.000;0;
(Usage: check_nrpe -H <host> [-n] [-u] [-p <port>] [-t <timeout>] [-c <command>] [-a <arglist...>])
Following steps will take place when Nagios (installed on Nagios server) monitors a service (eg: server load) on the remote host
1) Nagios will execute check_nrpe command on nagios-server and will request it to monitor disk usage on remote host using check_load command.
2) The check_nrpe on the nagios-server will contact the NRPE daemon on remote host and will request it to execute the check_load on remote host.
3) The results of the check_load command will be returned back by NRPE daemon to the check_nrpe on nagios-server.
Nagios Server (check_nrpe) ~~> Remote host (NRPE deamon) ~~> check_load
Nagios Server (check_nrpe) <~~ Remote host (NRPE deamon) <~~ check_load (returns the server load)
Before we begin, we need to install some packages on the remote host for Nagios to work fine.
# yum install elinks gcc make gcc-c++
# yum -y install openssl-devel
# useradd nagios
# passwd nagios
# cd /usr/src/
Then install Nagios plugin and NRPE on remote host.
Install Plug-in
# wget http://sourceforge.net/projects/nagiosplug/files/nagiosplug/1.4.15/nagios-plugins-1.4.15.tar.gz/download
# tar -zxvf nagios-plugins-1.4.15.tar.gz && cd nagios-plugins-1.4.15
# ./configure --with-nagios-user=nagios --with-nagios-group=nagios
# make
# make install
# chown nagios:nagios /usr/local/nagios
# chown -R nagios:nagios /usr/local/nagios/libexec
# cd ..
Install NRPE
#wget http://sourceforge.net/projects/nagios/files/nrpe-2.x/nrpe-2.12/nrpe-2.12.tar.gz/download
# tar -zxvf nrpe-2.12.tar.gz && cd nrpe-2.12
# ./configure
# make all
# make install-plugin
# make install-daemon
# make install-daemon-config
# make install-xinetd
Edit Xinetd NRPE entry
# vi /etc/xinetd.d/nrpe
only_from = 127.0.0.1 Server-IP (nagios monitoring server ip-address is: )
:wq (save and exit)
Edit services file entry
# vi /etc/services
nrpe 5666/tcp # Entry for NRPE daemon
:wq (save and exit)
Restart xinetd
# service xinetd restart
Verify whether NRPE is listening
# netstat -at |grep nrpe # output -: tcp 0 0 *:nrpe *.* LISTEN
Verify to make sure the NRPE is functioning properly
# /usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.12
Configuring Nagios monitoring server to monitor the remote host
# cd /usr/src
# wget http://sourceforge.net/projects/nagios/files/nrpe-2.x/nrpe-2.12/nrpe-2.12.tar.gz/download
# tar -zxvf nrpe-2.12.tar.gz && cd nrpe-2.12
# yum -y install openssl-devel
# yum install perl
# ./configure
# make all
# make install-plugin
Create a command definition
# vi /home/nagios/public_html/etc/objects/commands.cfg
Add the following:
# NRPE CHECK COMMAND
# Command to use NRPE to check remote host systems
define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
Create configuration file for remote host
# cp –prf /home/nagios/www/etc/objects/ localhost.cfg /home/nagios/www/etc/objects/remotehost.cfg
# vi /home/nagios/www/etc/objects/remotehost.cfg
Replace the values “host_name” “alias” “address” with the values that match your setup:
** The “host_name” you set for the “define_host” section must match the “host_name” in the “define_service” section **
# Define a host for the remote machine
define host{
use linux-server ; Name of host template to use
; This host definition will inherit all variables that are defined
; in (or inherited by) the linux-server host template definition.
host_name alpha235
alias alpha235
address 62.75.215.12
}
# SERVICE DEFINITIONS
# Define a service to "ping" the local machine
define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description PING
check_command check_ping!100.0,20%!500.0,60%
}
# Define a service to check the disk space of the root partition.
define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description Root Partition
check_command check_nrpe!check_disk
}
# Define a service to check the number of currently logged in users on the remotehost.
define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description Current Users
check_command check_nrpe!check_users
}
# Define a service to check the number of currently running processes on the remote host.
define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description Total Processes
check_command check_nrpe!check_total_procs
}
# Define a service to check the load on the remote host.
define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description Current Load
check_command check_nrpe!check_load
}
# Define a service to check SSH on the remote host.
# Disable notifications for this service by default, as not all users may have SSH enabled.
define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description SSH
check_command check_nrpe!check_ssh
notifications_enabled 0
}
# Define a service to check HTTP on the remote host.
# Disable notifications for this service by default, as not all users may have HTTP enabled.
define service{
use generic-service ; Name of service template to use
host_name alpha235
service_description HTTP
check_command check_nrpe!check_http
notifications_enabled 0
}
Activate the remotehost.cfg template
# vi /usr/local/nagios/etc/nagios.cfg
Definitions for monitoring remote Linux machine
cfg_file=/home/nagios/www/etc/objects/remotehost.cfg
Verify Nagios Configuration Files
# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
# /home/nagios/public_html/bin/nagios -v /home/nagios/public_html/etc/nagios.cfg (In our server)
Output : ...
...
Things look okay - No serious problems were detected during the pre-flight check
Verify whether nagios monitoring server can talk to the remote host
# /usr/local/nagios/libexec/check_nrpe -H 62.75.215.12
NRPE v2.12
Start nagios
# /home/nagios/www/bin/nagios -d /home/nagios/www/etc/nagios.cfg
Restart nagios (if already running)
# kill -HUP <nagios_pid>
# /usr/local/nagios/libexec/check_nrpe -H 62.75.215.12 -c check_load (To check the load of the remote server)
OK - load average: 0.35, 0.30, 0.23|load1=0.350;15.000;30.000;0; load5=0.300;10.000;25.000;0; load15=0.230;5.000;20.000;0;
(Usage: check_nrpe -H <host> [-n] [-u] [-p <port>] [-t <timeout>] [-c <command>] [-a <arglist...>])
Sunday, April 21, 2013
Turn OFF/ON "Spam Box" in WHM
Turn OFF "Spam Box" in WHM -> Tweak Settings -> Mail.
This just allows the user to control it, but I wanted it always on and I want to forward to the ".Junk" folder anyways.
WHM -> Tweak Settings -> Mail -> Enable SpamAssassin Spam Box: OFF
WHM -> Tweak Settings -> Mail -> Enable SpamAssassin spam filter: ON
WHM -> Exim Configuration Editor -> SpamAssassin Options -> SpamAssassin: Forced Global ON: ON
http://forums.cpanel.net/f43/can-you-change-spamassassin-spam-box-folder-223951.html
This just allows the user to control it, but I wanted it always on and I want to forward to the ".Junk" folder anyways.
WHM -> Tweak Settings -> Mail -> Enable SpamAssassin Spam Box: OFF
WHM -> Tweak Settings -> Mail -> Enable SpamAssassin spam filter: ON
WHM -> Exim Configuration Editor -> SpamAssassin Options -> SpamAssassin: Forced Global ON: ON
http://forums.cpanel.net/f43/can-you-change-spamassassin-spam-box-folder-223951.html
Security Update: Atomic Mod Security setup guide for cPanel
As to help our VPS and Dedicated Server customers who might also be effected by this we have designed the following guide to make installing Atmoic Mod Security into cPanel with little to no fuss.
Stage 1: Run the following commands at command line:
mkdir /var/asl
mkdir /var/asl/tmp
mkdir /var/asl/data
mkdir /var/asl/data/msa
mkdir /var/asl/data/audit
mkdir /var/asl/data/suspicious
chown nobody.nobody /var/asl/data/msa
chown nobody.nobody /var/asl/data/audit
chown nobody.nobody /var/asl/data/suspicious
chmod o-rx -R /var/asl/data/*
chmod ug+rwx -R /var/asl/data/*
mkdir /var/asl/updates
mkdir /var/asl/rules/
mkdir /var/asl/rules/clamav
mkdir /etc/asl/
touch /etc/asl/whitelist
cd /usr/local/src/
wget http://updates.atomicorp.com/channels/rules/delayed/modsec-2.7-free-latest.tar.gz
tar zxvf modsec-2.7-free-latest.tar.gz
mkdir /usr/local/apache/conf/modsec_rules/
cp modsec/* /usr/local/apache/conf/modsec_rules/
These command will create the required directory’s and download the latest free version of the Atomic Mod Security rules. It will also directly install them into the location of Apache designed for cPanel and configure the permission.
Stage 2: Configure cPanel to use the Mod Security Rules
In this stage, you can do everything from WHM as long as you have Mod Security already installed as part of your EasyApache build. If you do not, you will need to rebuild apache with Mod Security.
In go to: WHM -> Plugins -> Mod Security and then click: Edit Config
In this section, delete all the current content and then paste in the following configuration:
SecRequestBodyAccess On
SecAuditLogType Concurrent
SecResponseBodyAccess On
SecResponseBodyMimeType (null) text/html text/plain text/xml
SecResponseBodyLimit 2621440
SecAuditLogRelevantStatus "^(?:5|4(?!04))"
SecServerSignature Apache
SecUploadDir /var/asl/data/suspicious
SecUploadKeepFiles Off
SecAuditLogParts ABIFHZ
SecArgumentSeparator "&"
SecCookieFormat 0
SecRequestBodyInMemoryLimit 131072
SecDataDir /var/asl/data/msa
SecTmpDir /tmp
SecAuditLogStorageDir /var/asl/data/audit
SecResponseBodyLimitAction ProcessPartial
Include /usr/local/apache/conf/modsec_rules/10_asl_antimalware.conf
Include /usr/local/apache/conf/modsec_rules/10_asl_rules.conf
Include /usr/local/apache/conf/modsec_rules/20_asl_useragents.conf
Include /usr/local/apache/conf/modsec_rules/30_asl_antispam.conf
Include /usr/local/apache/conf/modsec_rules/50_asl_rootkits.conf
Include /usr/local/apache/conf/modsec_rules/60_asl_recons.conf
Include /usr/local/apache/conf/modsec_rules/99_asl_jitp.conf
Include /usr/local/apache/conf/modsec2.whitelist.conf
Save this and restart Apache.
This should now have successfully installed the Atomic mod security rules into cPanel which are a much more secure rule base and include extra protection which is important for the latest hacks.
Stage 1: Run the following commands at command line:
mkdir /var/asl
mkdir /var/asl/tmp
mkdir /var/asl/data
mkdir /var/asl/data/msa
mkdir /var/asl/data/audit
mkdir /var/asl/data/suspicious
chown nobody.nobody /var/asl/data/msa
chown nobody.nobody /var/asl/data/audit
chown nobody.nobody /var/asl/data/suspicious
chmod o-rx -R /var/asl/data/*
chmod ug+rwx -R /var/asl/data/*
mkdir /var/asl/updates
mkdir /var/asl/rules/
mkdir /var/asl/rules/clamav
mkdir /etc/asl/
touch /etc/asl/whitelist
cd /usr/local/src/
wget http://updates.atomicorp.com/channels/rules/delayed/modsec-2.7-free-latest.tar.gz
tar zxvf modsec-2.7-free-latest.tar.gz
mkdir /usr/local/apache/conf/modsec_rules/
cp modsec/* /usr/local/apache/conf/modsec_rules/
These command will create the required directory’s and download the latest free version of the Atomic Mod Security rules. It will also directly install them into the location of Apache designed for cPanel and configure the permission.
Stage 2: Configure cPanel to use the Mod Security Rules
In this stage, you can do everything from WHM as long as you have Mod Security already installed as part of your EasyApache build. If you do not, you will need to rebuild apache with Mod Security.
In go to: WHM -> Plugins -> Mod Security and then click: Edit Config
In this section, delete all the current content and then paste in the following configuration:
SecRequestBodyAccess On
SecAuditLogType Concurrent
SecResponseBodyAccess On
SecResponseBodyMimeType (null) text/html text/plain text/xml
SecResponseBodyLimit 2621440
SecAuditLogRelevantStatus "^(?:5|4(?!04))"
SecServerSignature Apache
SecUploadDir /var/asl/data/suspicious
SecUploadKeepFiles Off
SecAuditLogParts ABIFHZ
SecArgumentSeparator "&"
SecCookieFormat 0
SecRequestBodyInMemoryLimit 131072
SecDataDir /var/asl/data/msa
SecTmpDir /tmp
SecAuditLogStorageDir /var/asl/data/audit
SecResponseBodyLimitAction ProcessPartial
Include /usr/local/apache/conf/modsec_rules/10_asl_antimalware.conf
Include /usr/local/apache/conf/modsec_rules/10_asl_rules.conf
Include /usr/local/apache/conf/modsec_rules/20_asl_useragents.conf
Include /usr/local/apache/conf/modsec_rules/30_asl_antispam.conf
Include /usr/local/apache/conf/modsec_rules/50_asl_rootkits.conf
Include /usr/local/apache/conf/modsec_rules/60_asl_recons.conf
Include /usr/local/apache/conf/modsec_rules/99_asl_jitp.conf
Include /usr/local/apache/conf/modsec2.whitelist.conf
Save this and restart Apache.
This should now have successfully installed the Atomic mod security rules into cPanel which are a much more secure rule base and include extra protection which is important for the latest hacks.
Saturday, April 20, 2013
Fixing su: cannot set user id: Resources temporarily
#su -
su: cannot set user id: Resource temporarily unavailable
#
After searching and googling few minutes, i found a quick resolution to fixing this issue.
This is all about VPS limit.
Edit limit.conf below or change if needed.
#vi /etc/security/limit.conf
#### add/change on these line below:
* soft nproc 2047
* hard nproc 16384
* soft nofile 2048
* hard nofile 65536
After that try to relogin using a normal access user and then try to get su -
this should fixed your issue.
su: cannot set user id: Resource temporarily unavailable
#
After searching and googling few minutes, i found a quick resolution to fixing this issue.
This is all about VPS limit.
Edit limit.conf below or change if needed.
#vi /etc/security/limit.conf
#### add/change on these line below:
* soft nproc 2047
* hard nproc 16384
* soft nofile 2048
* hard nofile 65536
After that try to relogin using a normal access user and then try to get su -
this should fixed your issue.
Friday, April 19, 2013
Conver Putty ppk key to SSH key
In many occasions I needed to convert a Putty ppk private key nack to open ssh key to be able to use it directly from a linux box command line. It is fairly simple to do but I always need to look it up so here it is for easy reference :
Install putty using yum in Fedora.
If you are using Ubuntu you need to install putty-tools as well
From the command line give
puttygen xxxxx2.ppk -O private-openssh -o key.ssh
Enter passphrase to load key:
Then log onto your system using
ssh root@84.200.82.6 -p 8057 -i key.ssh
Install putty using yum in Fedora.
If you are using Ubuntu you need to install putty-tools as well
From the command line give
puttygen xxxxx2.ppk -O private-openssh -o key.ssh
Enter passphrase to load key:
Then log onto your system using
ssh root@84.200.82.6 -p 8057 -i key.ssh
Tuesday, April 16, 2013
Troubleshooting apache
check httpd service is running or not
• if its not starting the check the syntax of the config file
#httpd -S (display the all files and its location )
#httpd -t or apachectl configtest
if syntax is ok the config file is correct
• check the error logs of apache
/var/log/httpd/error_log
• apache also requires working dsn client support via /etc/resolv.conf and make sure dns is working fine
• check httpd.conf file there is correct entry of server name is there or not and check the port no
• check the size of the log file if it is full then it ll cause error 500 so make sure that log files are under limit and we can us e tool called logrotate in /etc/logrorate.d/httpd create configuration file for httpd log files
• It is possible that some other process may be using port 80 or 443. Use netstat command to list open port and their owners:
#nestat -tulpn
#netstat -tulpn |grep ‘:80′
If other process using port 80 / 443, you need to stop them or assign another port to Apache
• if its not starting the check the syntax of the config file
#httpd -S (display the all files and its location )
#httpd -t or apachectl configtest
if syntax is ok the config file is correct
• check the error logs of apache
/var/log/httpd/error_log
• apache also requires working dsn client support via /etc/resolv.conf and make sure dns is working fine
• check httpd.conf file there is correct entry of server name is there or not and check the port no
• check the size of the log file if it is full then it ll cause error 500 so make sure that log files are under limit and we can us e tool called logrotate in /etc/logrorate.d/httpd create configuration file for httpd log files
• It is possible that some other process may be using port 80 or 443. Use netstat command to list open port and their owners:
#nestat -tulpn
#netstat -tulpn |grep ‘:80′
If other process using port 80 / 443, you need to stop them or assign another port to Apache
Subscribe to:
Posts (Atom)