Pages

Tuesday, March 26, 2013

NTPD Not Starting? Here's a Simple Fix

Many users running NTPD (Network Time Protocol Daemon) on a virtual machine have encountered an issue where the service fails to start, even though a PID file exists. When checking the status, you might see "ntpd dead but pid file exists." Attempting to restart often shows a "FAILED" shutdown followed by an "OK" start, but the problem persists.

WHAT THE LOGS SAY

A quick look at /var/log/messages reveals a cryptic error: "cap_set_proc() failed to drop root privileges: Operation not permitted." This message indicates that NTPD, for security reasons, is trying to reduce its power (drop root privileges) but is being prevented from doing so. This often happens in virtualized environments where certain security capabilities are restricted.

THE FIX: EDITING NTPD CONFIGURATION

The solution is surprisingly straightforward and involves a minor adjustment to NTPD's configuration file.

  1. OPEN THE CONFIGURATION FILE: Use a text editor like vi to open the NTPD configuration file: vi /etc/sysconfig/ntpd

  2. LOCATE AND COMMENT OUT THE OPTIONS LINE: Find the line that looks like this: OPTIONS="-u ntp:ntp -p /var/run/ntpd.pid -g" This line tells NTPD to run as a non-root user (ntp:ntp), specify its process ID file, and not run in the foreground. The -g option, in particular, can sometimes cause issues in virtualized setups by preventing the graceful dropping of root privileges.

    To comment it out, simply add a # at the beginning of the line: # OPTIONS="-u ntp:ntp -p /var/run/ntpd.pid -g"

  3. SAVE AND EXIT: Save the changes and exit your text editor. In vi, you would typically press Esc then type :wq and press Enter.

RESTART NTPD

After making this change, NTPD should now start without issues:

service ntpd start

You should see a successful "Starting ntpd: [ OK ]" message, and the service will run as expected, synchronizing your system's time.

Posted by at No comments:
Labels:

Monday, March 25, 2013

Cpanel : JailShell : Virtfs Unmount

Cpanel : JailShell : Virtfs Unmount




If you’re a sysadmin of Cpanel server, you might be aware of the JailShell. Its nothing but a User Shell with limited privileges. Users requesting for shell access to the webhosting server are provided with such shell instead of bash (Which provides root level privileges to users) .

Jailshell limits the users access to their home directory and keeps rest of the file system safe. Still there are chances of such users breaking into your system, so be sure of providing shell access to your servers. Jailshell mounts the filesystems of the users, who login via SSH under a directory called /home/virtfs. This contains users home directory and a false file system which links back to system directories like /bin, /usr etc.

NOTE: Be careful! Don’t remove any folder which is inside /home/virtfs,NEVER. As I said earlier, this folder links back to your systems root file system. You might end up screwing up your server if you attempt it.

So, we got to know that the Jailshell provides a restricted shell access to users and mounts the home directory temporarily at /home/virtfs.

Now, what if you still see the directories of different users mounted under /home/virtfs?

Right, this normally happens when users forget to logout properly from their SSH sessions. As a system admin, you’re responsible to unmount these directories safely.

How do I do that?

You can find all the virtfs mounts in /proc/mounts. Run cat /proc/mounts.

Now, its time to unmount them one by one. For that you have to take the second column of the output. Or write a simple for loop as follows.
for i in `cat /proc/mounts | grep /home/virtfs | cut -d ‘ ‘ -f 2 ` ; do umount $i ; done

If you want to unmount the virtfs of a perticular user, you can simply add an another pipe to for condition with grep username.

Now, you’re done with cleaning of your virtfs.

Posted by at 3 comments:
Labels: ,

Installing Google apps, configserver,whmphp,cloudflare,attractaseo,cagefs,config server mail queue ,file explorer

http://gaw.gk-root.com/
http://configserver.com/cp/cse.html
http://www.whmphp.com/installation.php
http://www.cloudflare.com/resources-downloads
http://www.attractaseo.com/partner_kit/plugin.html
http://docs.cloudlinux.com/index.html?installation2.html
http://configserver.com/cp/cmq.html

1003 cd /usr/local/src/
1004 ls
1005 wget http://www.configserver.com/free/cse.tgz
1006 ls
1007 tar -xzf cse.tgz
1008 ls
1009 cd cse
1010 sh install.sh
1011 cd ..
1012 rm -Rfv cse/ cse.tgz
1013 ls
1014 locate config server
1015 ls

================

1016 yum install cagefs
1017 /usr/sbin/cagefsctl --init
1018 ls
1019 mkdir /home/cagefs-skeleton
1020 ln -s /home/cagefs-skeleton /usr/share/cagefs-skeleton
1022 cd /home/
1023 ls
1024 cd cagefs-skeleton/
1025 ls

=================
1026 cd /usr/local/src/
1027 wget http://whmphp.com/download/install.sh;
1028 ls
1029 sh install.sh

=================
1030 cd /usr/local/cpanel
1031 curl -k -L https://github.com/cloudflare/CloudFlare-CPanel/tarball/master > cloudflare.tar.gz
1032 LS
1033 ls
1034 tar -zxvf cloudflare.tar.gz
1035 ls
1036 cd cloudflare-CloudFlare-CPanel-UNIQUE ID/cloudflare/
1037 cd cloudflare-CloudFlare-CPanel-1a7b202/
1038 ls
1039 cd cloudflare/
1040 ls

================
1041 cd /usr/local/src/
1042 ls
1043 wget http://google-apps-wizard-cpanel-plugin.googlecode.com/files/gaw-2.0.tar
1044 ls
1045 tar -xf gaw-2.0.tar
1046 cd gaw-2.0
1047 ./gawupdate.sh

================
1048 cd ..
1011 ll
1012 wget http://configserver.com/free/cmq.tgz
1013 ll
1014 tar -xzf cmq.tgz
1015 cd cmq
1016 ll
1017 sh install.sh
Posted by at No comments:
Labels: ,

Increase Size of /tmp (/usr/tmpDSK) Partition in Linux

Service httpd stop

service mysql stop
pstree -p | grep tailwatchd
umount /var/tmp
umount -l /tmp
dd if=/dev/zero of=/usr/tmpDSK bs=1024k count=2048
du -sch /usr/tmpDSK
mkfs -t ext3 /usr/tmpDSK
file /usr/tmpDSK
mount -o loop,noexec,nosuid,rw /usr/tmpDSK /tmp
install -d –mode=1777 /tmp
mount -o bind,rw,noexec,nosuid /tmp /var/tmp
service httpd start
service mysql start

 

532 rm -f /usr/tmpDSK
533 dd if=/dev/zero of=/home/tmpDSK bs=1024 count=8192000
535 mkfs.ext3 /home/tmpDSK
536 mount -o loop,rw,noexec,nosuid /home/tmpDSK /tmp
537 mount -o bind,rw,noexec,nosuid /tmp /var/tmp
538 chmod 1777 /tmp
539 cp -Rp /tmp_backup/* /tmp/
540 rm -rf /tmp_backup

 
Posted by at No comments:
Labels:

Moving Accounts in cPanel: A Simple Guide

Sometimes, you might need to move a cPanel account from one part of your server's storage to another. This is often done to balance disk space usage or improve performance. cPanel provides a straightforward tool called "Rearrange an Account" to help you do this.

HOW TO MOVE AN ACCOUNT

Moving an account is a simple process within your cPanel/WHM interface.

  1. Log in to WHM: Access your WebHost Manager (WHM) panel.

  2. Navigate to Account Functions: In the WHM menu, find and click on "Account Functions."

  3. Select "Rearrange an Account": Within "Account Functions," choose the "Rearrange an Account" option.

STEPS FOR REARRANGING AN ACCOUNT

Once you are on the "Rearrange an Account" page, follow these steps:

  1. Select the Account: You'll see a list of all your cPanel accounts. Find the one you want to move. You can also use the "Account Search" feature to quickly locate an account by its domain name or username.

  2. Initiate Rearrangement: After selecting the account, click the "Rearrange" button.

  3. Choose the New Drive: A menu will appear, showing the available hard drives or partitions on your server. Select the drive where you want to move the account.

    Important Note: For this feature to work, the destination hard drive must be set up correctly in your cPanel/WHM configuration. Specifically, it needs to match the /home setting in the "Basic cPanel & WHM Setup" configuration. For example, if your primary home directory is /home, then other valid locations like /home2 or /newhome can also be used if they are configured similarly. If the hard drive you want to move to doesn't match this configuration, you won't be able to move the account to it, and the feature might even be disabled.

  4. Confirm Move: After selecting the new drive, click the "Move Account" button to start the transfer.

WHAT HAPPENS NEXT?

cPanel will then handle the process of moving all the account's files, databases, and configurations to the new location. The time it takes will depend on the size of the account and your server's speed.

WHY MOVE AN ACCOUNT?

  • Disk Space Management: Distribute accounts more evenly across multiple hard drives to prevent one drive from filling up.

  • Performance Improvement: Move busy accounts to faster drives (e.g., SSDs) if available.

  • Organization: Group accounts logically based on their usage or type.

Posted by at No comments:
Labels:

Saturday, March 23, 2013

How to Install Softaculous on VPS or Dedicated Server with cPanel/WHM? 

Step one: cd /usr/local/cpanel/whostmgr/docroot/cgi
Step two: wget -N http://www.softaculous.com/ins/addon_softaculous.php

Step three: chmod 755 addon_softaculous.php
Now go to : WHM > Plugins > Softaculous - Instant Installs and there you go
Posted by at 1 comment:
Labels: ,

Friday, March 22, 2013

T=remote_smtp defer (-53): retry time not reached for any host

chech your logs

cd /var/logs

then  more exim_mailing / grep email

you will get the error ,,,,,,,,,,,,,

then try to use the code below to fix the problem

This can be caused by multiple things, however if it happens for each email, it’s likely your exim databases are corrupt; to resolve this you should:

/usr/sbin/exim_tidydb -t 1d /var/spool/exim retry > /dev/null
/usr/sbin/exim_tidydb -t 1d /var/spool/exim reject > /dev/null
/usr/sbin/exim_tidydb -t 1d /var/spool/exim wait-remote_smtp > /dev/null

/scripts/courierup — force
/scripts/eximup –force

If you did that, yet the problem persists, you can either seek professional help, or contact the cPanel support.

References

http://forums.cpanel.net/f43/t-remote_smtp-defer-53-retry-time-not-reached-any-host-72383.html

OR  use below solutions

To solve this issue, you need to

  1. Login to http://gmail.com with the account you use with exim4. It will ask you to login a second time with a captcha… do so

  2. login on all of your machine that use this technique and issue the following command :sudo exim -qff


References

http://blog.mansonthomas.com/2009/04/send-mail-through-gmail-smtp-server.html

 

our ISP is likely blocking your connection via port 25:

[19:25:19 ns313489 root@4396451 ~]cPs# telnet mx1.cpanel.net 25
Trying 208.74.121.68...
telnet: connect to address 208.74.121.68: Connection timed out
[19:34:17 ns313489 root@4396451 ~]cPs# telnet mx2.cpanel.net 25
Trying 208.74.125.122...

[19:40:18 ns313489 root@4396451 ~]cPs# telnet mx1.hotmail.com 25
Trying 65.55.37.120...
telnet: connect to address 65.55.37.120: Connection timed out
Trying 65.55.92.152...
telnet: connect to address 65.55.92.152: Connection timed out


Whereas, it would normally work as such:

~ » telnet mx1.cpanel.net 25
Trying 208.74.121.68...
Connected to mx1.cpanel.net.
Escape character is '^]'.
220-mx1.cpanel.net ESMTP Exim 4.82 #2 Fri, 15 Nov 2013 12:33:33 -0600
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
^]
telnet> quit
Connection closed.

~ » telnet mx1.hotmail.com 25
Trying 65.54.188.94...
Connected to mx1.hotmail.com.
Escape character is '^]'.
220 BAY0-MC2-F9.Bay0.hotmail.com Sending unsolicited commercial or bulk e-mail to Microsoft's computer network is prohibited. Other restrictions are found athttp://privacy.microsoft.com/en-us/anti-spam.mspx. Fri, 15 Nov 2013 10:47:53 -0800
^]
telnet> quit
Connection closed.

I would suggest contacting your provider to see if they have any restrictions on port 25.
Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)