How to install PAE kernel on CentOS

When you have 4GB or more memory and you have a 32-bit kernel running, your machine will be limited to use around 3GB of memory. All you have to do is install PAE kernel package.

1. Install the PAE kernel package:

# yum install kernel-PAE

2. Check your grub menu list, the ‘default’ value should be set to the PAE kernel.

3. Reboot:

# shutdown -r now

IIS: Cannot read configuration file due to insufficient permissions

Normally I don’t work with Windows Servers and/or IIS, but sometimes you don’t have any other option.
I couldn’t access the web files, it was displaying an ‘500 – Internal server error‘ error.
The more detailed error showed me the following:

Cannot read configuration file due to insufficient permissions

After Googling, searching, trying and again Googling I found a solution.
You have to grant read permissions to IIS_IUSRS on the ‘httpdocs‘ directory.

How to reset the MySQL root password

If you have forgotten the mysql root passwod, you can set a new password if you have root access to the server.
1. Stop MySQL server.

# /etc/init.d/mysql stop

2. Start MySQL with –skip-grant-tables option.

# mysqld_safe –skip-grant-tables &

3. Connect to MySQL as root.

# mysql -u root

4. Set new mysql root password.

mysql> USE mysql;
mysql> UPDATE user SET password=PASSWORD(“NEW-PASSWORD”) WHERE user=’root’;
mysql> FLUSH PRIVILEGES;
mysql> quit

5. Stop and restart MySQL server.

# /etc/init.d/mysql stop
# /etc/init.d/mysql start

6 System Monitoring tools for Linux

1. top – Display Linux tasks
The top program provides a system summary information as well as a list of tasks currently running.

2. free – Memory usage
The free program will display amount of free and used memory in the system.

Sample (the option ‘-m’ will show the results in megabytes):
# free -m
total       used       free     shared    buffers     cached
Mem:           504        487         16          0         63        200
-/+ buffers/cache:        223        280
Swap:          486          0        485

3. w – Who is currently logged in and what they are doing
The w program displays information about the users currently logged in and their processes.
Sample:

# w
07:24:32 up 50 days, 20:00,  2 users,  load average: 0.00, 0.00, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/0    ssh-server.evo.a 07:14    0.00s  0.00s  0.00s w
xaban    pts/2    support.leaseweb 07:23    8.00s  0.10s  0.00s nano -w /home/xaban/example
# w xaban
07:24:36 up 50 days, 20:00,  2 users,  load average: 0.00, 0.00, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
xaban    pts/2    support.leaseweb 07:23   12.00s  0.10s  0.00s nano -w /home/xaban/example

4. fuser – Identify which process is using a port
The fuser program displays the PID’s of processes using a the specified port
For example, you want to start a webserver on port 80, but you got a error message similiar to:

Can’t bind to port: 80. Address already in use.

With fuser you can find out which process is using port 80:

# fuser -n tcp 80
80/tcp:                600   601   602  2868  8362 12847 22598

5. iostat – Report CPU and I/O statistics
The iostat program is used for monitoring system I/O.

Sample:

# iostat
Linux 2.6.26-2-686 (how2forge.info)       04/25/2011      _i686_

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
0.29    0.85    0.12    1.29    0.00   97.45

Device:            tps   Blk_read/s   Blk_wrtn/s   Blk_read   Blk_wrtn
sda               1.43         0.76        38.39    3327210  168346707
sda1              0.00         0.00         0.00       2510        423
sda2              0.00         0.00         0.00        694       1160
sda3              0.02         0.01         1.64      26766    7210348
sda4              0.00         0.00         0.00          4          0
sda5              1.40         0.75        36.75    3296936  161134776

6. iptraf – Interactive traffic monitor
The iptraf program displays all TCP/UDP traffic information, very handy if you want to display network traffic statistics.
By default iptraf is not installed, please issue the following command to install iptraf:

# apt-get install iptraf
or
# yum install iptraf

Cannot access Plesk login page

After the installation / upgrade of Plesk you can access the Plesk Control Panel via URL:

https://your-domain.com:8443 or
https://your-servers-IP:8443

but probably you get redirected to

https://incorrect-url:8443/relay

This is caused by a misconfiguration of your hostname on your server.

You can solve this by running the following command as root:

# /usr/share/plesk-billing/update-hostname –new-hostname <Your server IP>

# example:
# /usr/share/plesk-billing/update-hostname –new-hostname 85.17.151.72

# restart plesk:
# /etc/init.d/psa restart

Starting Plesk failed after upgrade to Plesk 10.2.0

I have seen a lot of topics about failing Plesk to start after upgrading to 10.2.0.

I have got the same problem, the error message was:

Restarting SWsoft control panels server…Duplicate config variable in conditional 1 global/SERVERsocket==:8443: fastcgi.server
2011-04-17 17:44:02: (configfile.c.838) source: /usr/share/sw-cp-server/applications-conf.sh line: 103 pos: 14 parser failed somehow near here: (EOL)
2011-04-17 17:44:02: (configfile.c.838) source: /etc/sw-cp-server/config line: 13 pos: 1 parser failed somehow near here: (EOL)
failed

I found a temporary workaround (not a fix!). Do the following:

# cd /etc/sw-cp-server/applications.d
# mv 00-sso-cpserver.conf 00-sso-cpserver.conf.bak

And try to start Plesk:

# /etc/init.d/sw-cp-server restart

It should work!

How to block IP and Ports with IPtables

How to block IP and/or Ports with IPtables under Linux?

Blocking an incoming port

First you have to know the port number which you want to block, for a list of port numbers you can use /etc/services as a reference.

The syntax is as follow (make sure you are root or have root privileges):

# /sbin/iptables -A INPUT -p tcp –destination-port PORT-NUMBER -j DROP

Use the following rule to block incoming port 80 (HTTP) and port 22 (SSH):

# /sbin/iptables -A INPUT -p tcp –destination-port 80 -j DROP
# /sbin/iptables -A INPUT -p tcp –destination-port 22 -j DROP

Blocking an incoming connection from an IP address

The syntax is as follow (make sure you are root or have root privileges):

# /sbin/iptables -A INPUT -s IP-ADDRESS -j DROP

For example you want to block IP address 8.8.8.8 to make a connection to your system:

# /sbin/iptables -A INPUT -s 8.8.8.8 -j DROP

Upgrading Debian (Lenny) to Debian Squeeze

Debian Squeeze (stable) was released on February 6, 2011.

1. First update all packages which are currently installed

# apt-get update
# apt-get upgrade

2. Open /etc/apt/sources.list and replace all occurrences of lenny with squeeze

3. Update the apt repository

# apt-get update

4. Upgrade apt, dpkg and aptitude

# apt-get install apt dpkg aptitude

5. Upgrade the system

# apt-get dist-upgrade

It could be that grub is not being updated correctly, therefor do not forget to update grub.

Upgrading CentOS to CentOS 5.6

CentOS 5.6 has been released on April 8th, 2011.

If you are running CentOS 5.5 you can simply upgrade to CentOS 5.6 via yum by running:

# yum update

If upgrading from a version earlier than CentOS 5.5, it is advised to follow this procedure:

# yum clean all
# yum update glibc\*
# yum update yum\* rpm\* pyth\*
# yum clean all
# yum update mkinitrd nash
# yum update selinux\*
# yum update
# shutdown -r now

Installing / Enabling SpamAssassin on DirectAdmin

By default SpamAssassin is not enabled nor installed on a system with DirectAdmin.

I wrote a very simple How-To to install SpamAssassin.

Install SpamAssassin:

# cd /usr/local/directadmin/scripts
# ./spam.sh

Probably you will get some Perl error like:

REQUIRED module out of date: Archive::Tar
optional module missing: Digest::SHA
optional module missing: Mail::SPF
optional module missing: IP::Country
optional module missing: Razor2
optional module missing: Net::Ident
optional module missing: IO::Socket::INET6
optional module missing: Compress::Zlib
optional module missing: Mail::DKIM
optional module missing: LWP::UserAgent
optional module missing: HTTP::Date
optional module missing: Encode::Detect

warning: some functionality may not be available,
please read the above report before continuing!

make: *** No targets specified and no makefile found.  Stop.
make: *** No rule to make target `install’.  Stop.
Cannot find /usr/bin/sa-update after install. Check for errors above.

This means that there are missing Perl modules, those are very easy to install:

# PERL_MM_USE_DEFAULT=1 cpan -i Archive::Tar Digest::SHA Mail::SPF IP::Country Net::Ident IO::Socket::INET6 Compress::Zlib Mail::DKIM LWP::UserAgent HTTP::Date Encode::Detect

Then run spam.sh again.

If it is asking you the following questions, please answer with no:

Are you ready for manual configuration? [yes] no

SpamAssassin is now installed! Next we have to start it:

/usr/bin/spamd -d -c -m 15

If SpamAssassin is started without any problems we have to configure exim to work with SpamAssassin.
Open /etc/exim.conf, and remove the underlined #‘s.

# Spam Assassin
#spamcheck_director:
# driver = accept
# condition = “${if and { \
# {!def:h_X-Spam-Flag:} \
# {!eq {$received_protocol}{spam-scanned}} \
# {!eq {$received_protocol}{local}} \
# {exists{/home/${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}/.spamassassin/user_prefs}} \
# {<{$message_size}{100k}} \
# } {1}{0}}”
# retry_use_local_part
# transport = spamcheck
#  no_verify

Now it will look like:

# Spam Assassin
spamcheck_director:
driver = accept
condition = “${if and { \
{!def:h_X-Spam-Flag:} \
{!eq {$received_protocol}{spam-scanned}} \
{!eq {$received_protocol}{local}} \
{exists{/home/${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}/.spamassassin/user_prefs}} \
{<{$message_size}{100k}} \
} {1}{0}}”
retry_use_local_part
transport = spamcheck
no_verify

Save and exit. Last thing we have to do is restarting exim:

# service exim restart

Have fun!

Ads

Ads