Issue caused because psa got corrupted, so try repair the psa.
Repair the psa by following command.
"/usr/local/psa/bootstrapper/pp10.10.1-bootstrapper/bootstrapper.sh repair".
Saturday, November 19, 2011
Change the location of MySQL , vhosts , qmail to /home in plesk
1) Stop Plesk and all services.
2) Change HTTPD_VHOSTS_D in psa.conf, for example /var/www/vhosts -> /home/httpd/vhosts.
3) Move vhosts to new location, for example /var/www/vhosts to /home/httpd/vhosts.
4) Create symlink:
ln -s /home/httpd/vhosts /var/www/vhosts
5. start httpd
6. Reconfigure Apache configuration with new path:
~# /usr/local/psa/admin/sbin/websrvmng -a -v
==================================================
2) Change HTTPD_VHOSTS_D in psa.conf, for example /var/www/vhosts -> /home/httpd/vhosts.
3) Move vhosts to new location, for example /var/www/vhosts to /home/httpd/vhosts.
4) Create symlink:
ln -s /home/httpd/vhosts /var/www/vhosts
5. start httpd
6. Reconfigure Apache configuration with new path:
~# /usr/local/psa/admin/sbin/websrvmng -a -v
==================================================
How to change location of mail maildirs
Friday, November 11, 2011
how to disable php safe mode
how to disable php safe mode
Solution: turn off safe mode by modifying your httpd.conf file:
1. find your vhost entry
2. add to that vhost entry: php_admin_flag safe_mode Off
Solution: turn off safe mode by modifying your httpd.conf file:
1. find your vhost entry
2. add to that vhost entry: php_admin_flag safe_mode Off
How to Disable Statistics for a Certain User via WHM
You can disable a stats program for a specific user by following the steps below via your WHM:
1. Login to WHM then go to Main >> Server Configuration >> Statistics Software Configuration
2. Under User Permissions click "Choose Users."
3. On the next page that loads, after "Choose Specific Stats Programs for" enter the desired username then click "Configure."
4. The following page will allow you to select the stats programs that the user may use; to finalize and submit changes click "Save."
1. Login to WHM then go to Main >> Server Configuration >> Statistics Software Configuration
2. Under User Permissions click "Choose Users."
3. On the next page that loads, after "Choose Specific Stats Programs for" enter the desired username then click "Configure."
4. The following page will allow you to select the stats programs that the user may use; to finalize and submit changes click "Save."
Monday, November 7, 2011
Add SPF records to all domains in Plesk
To add SPF records to every domain in Plesk, you can use this huge one-liner:
mysql -u admin -p`cat /etc/psa/.psa.shadow` psa -e "select dns_zone_id,displayHost from dns_recs GROUP BY dns_zone_id ORDER BY dns_zone_id ASC;" | awk '{print "INSERT INTO dns_recs (type,host,val,time_stamp,dns_zone_id,displayHost,displayVal) VALUES ('\''TXT'\'','\''"$2"'\'','\''v=spf1 a mx ~all'\'',NOW(),"$1",'\''"$2"'\'','\''v=spf1 a mx ~all'\'');"}' | mysql -u admin -p`cat /etc/psa/.psa.shadow` psa
Then you'll need to make Plesk write these changes to the zone files:
# mysql -Ns -uadmin -p`cat /etc/psa/.psa.shadow` -D psa -e 'select name from domains' | awk '{print "/usr/local/psa/admin/sbin/dnsmng update " $1 }' | sh
You can check your work by viewing the new entries you made:
mysql -u admin -p`cat /etc/psa/.psa.shadow` psa -e "SELECT * FROM dns_recs WHERE type='TXT';"
mysql -u admin -p`cat /etc/psa/.psa.shadow` psa -e "select dns_zone_id,displayHost from dns_recs GROUP BY dns_zone_id ORDER BY dns_zone_id ASC;" | awk '{print "INSERT INTO dns_recs (type,host,val,time_stamp,dns_zone_id,displayHost,displayVal) VALUES ('\''TXT'\'','\''"$2"'\'','\''v=spf1 a mx ~all'\'',NOW(),"$1",'\''"$2"'\'','\''v=spf1 a mx ~all'\'');"}' | mysql -u admin -p`cat /etc/psa/.psa.shadow` psa
Then you'll need to make Plesk write these changes to the zone files:
# mysql -Ns -uadmin -p`cat /etc/psa/.psa.shadow` -D psa -e 'select name from domains' | awk '{print "/usr/local/psa/admin/sbin/dnsmng update " $1 }' | sh
You can check your work by viewing the new entries you made:
mysql -u admin -p`cat /etc/psa/.psa.shadow` psa -e "SELECT * FROM dns_recs WHERE type='TXT';"
Saturday, October 29, 2011
webmail or whm redirecting to cpanel default page
Check apache conf and dns entry for the domain having issue.
if there is any missing entries in apache conf
Take a copy of the apache conf and rebuild the conf.
make the below changes on whm > tweak settings.
> Domains > Proxy subdomains [?] > on
Proxy subdomain creation [?] > on
Proxy subdomain override [?] > on
if there is any missing entries in apache conf
Take a copy of the apache conf and rebuild the conf.
make the below changes on whm > tweak settings.
> Domains > Proxy subdomains [?] > on
Proxy subdomain creation [?] > on
Proxy subdomain override [?] > on
link mysql to /home
How to Change the location of MySQL:
1) Stop MySQL using command: service mysql stop
2) cp /var/lib/mysql /home/mysql
3) vi /etc/my.cnf
change the below settings.
[mysqld]
set-variable = max_connections=500
datadir = /home/data/mysql
pid-file = /home/mysql/mysqld.pid
skip-locking
safe-show-database
skip-bdb
old_passwords=1
long_query_time=2
log-slow-queries=/var/log/mysql-slow-queries.log
query_cache_limit=1M
query_cache_size=32M
query_cache_type=1
max_user_connections=50
max_connections=500
thread_cache_size=256
table_cache=8192
key_buffer=64M
max_connect_errors=20
max_allowed_packet=128M
join_buffer=2M
record_buffer=1M
sort_buffer_size=2M
read_buffer_size=2M
read_rnd_buffer_size=1M
thread_concurrency=16
myisam_sort_buffer_size=64M
then save the file
4) chown -R mysql:mysql /home/mysql
5) rm /tmp/mysql.sock
6) ln -s ../../home/mysql/mysql.sock /tmp/mysql.sock
7) Run Command: service mysql restart
Now MySQL should be successfully started and operating from the location /home/mysql
You can remove the old mysql directory by using rm -rf /var/lib/mysql
1) Stop MySQL using command: service mysql stop
2) cp /var/lib/mysql /home/mysql
3) vi /etc/my.cnf
change the below settings.
[mysqld]
set-variable = max_connections=500
datadir = /home/data/mysql
pid-file = /home/mysql/mysqld.pid
skip-locking
safe-show-database
skip-bdb
old_passwords=1
long_query_time=2
log-slow-queries=/var/log/mysql-slow-queries.log
query_cache_limit=1M
query_cache_size=32M
query_cache_type=1
max_user_connections=50
max_connections=500
thread_cache_size=256
table_cache=8192
key_buffer=64M
max_connect_errors=20
max_allowed_packet=128M
join_buffer=2M
record_buffer=1M
sort_buffer_size=2M
read_buffer_size=2M
read_rnd_buffer_size=1M
thread_concurrency=16
myisam_sort_buffer_size=64M
then save the file
4) chown -R mysql:mysql /home/mysql
5) rm /tmp/mysql.sock
6) ln -s ../../home/mysql/mysql.sock /tmp/mysql.sock
7) Run Command: service mysql restart
Now MySQL should be successfully started and operating from the location /home/mysql
You can remove the old mysql directory by using rm -rf /var/lib/mysql
Thursday, January 20, 2011
Migration of accounts from cPanel to cPanel server
1, Security Hardening
-------------------
a, Compare the version of PHP,MySQL,Apache on both servers. Unless there is any special requirement from the client, keep the same version on both servers.Also verify php is running as apache or cgi on both servers
b, Install CSF and do the normal security hardening.
c, Make cpanel to a stable version and run forceful update.
/scripts/upcp --force
d, check the available IPs in the new server and domains having dedicated SSL certs.
Update the client for new additional IPs if required.
e, Check the PHP and Apache modules in the old server and enable them.
2, Migration
Once the configurations are identical, we can start the migration. Enable SSH key access to the new server from the old server so we can avoid prompting password each time.
copy the contents of /root/.ssh/id_dsa.pub and paste it on /root/.ssh/authorized_keys of the new server
If there is no /root/.ssh/id_dsa.pub, create a SSH Key
ssh-keygen -t dsa
Press enter for all options, so SSH key is created with default values. Copy the key and paste on file " /root/.ssh/authorized_keys " of the new server.This will create a passwordless key authentication between the the servers.
Make a list of all the accounts in the old server.
cat /etc/trueuserdomains | awk {'print $2'} > /root/transferlist
Take the backups of the accounts using cpanel's pkgacct method with skip home directory option and copy account to the new server.
for i in `cat /root/transferlist`
do
#echo $i
/scripts/pkgacct --skiphomedir $i >> /home/pkgfile
acc=$(ls /home/cpmove*$1*)
scp -P 2411 $acc root@65.98.85.226:/home
wait
ls -lh $acc
rm -rf $acc
done
Copy the domain list (/root/transferlist) to the new server and start restoring the accounts.
for i in `cat /root/transferlist`; do /scripts/restorepkg $i >> /home/restorefile; done
Rsync the home directories once the restore process is completed. Run the following from the old server,
rsync -avz -e "ssh -p 2411" /home/* root@65.98.85.226:/home/
Migrate all the packages (/var/cpanel/packages) from old server to the new one
3, Post Migration.
Compare whether all the accounts are restored in the new server.
-----------------------------------------------
1. Copy the file /etc/trueuserdomains from the old server to the new server. Eg copy to the location /backup/trueuserdomains.
2. Run this script from the new server to check the domains that are not found in the /etc/trueuserdomains file of the new server.
for i in `cat /backup/trueuserdomains | awk {'print $1'}| cut -d: -f 1`; do if grep -q $i /etc/trueuserdomains; then echo "FOUND $i"; else echo "$i NOT FOUND";fi; done | grep NOT > /root/missingtrueuserdomains
If the above result does not give any output, it means all accounts are copied over from old server to new server.
If we are using rsync of /home, to see if any home directory has failed to copy over to the new server, use the following steps.
1.Make a list of home directories from the OLD server.
ls -d /home/*/ | cut -d/ -f 3 > /root/olddirs
2. scp this to the /backup folder of the NEW server. So the file lies at /backup/olddirs
3. Make a list of current home directory in the NEW server.
ls -d /home/*/ | cut -d/ -f 3 > /root/newdirs
4. Compare from the NEW server
for i in `cat /backup/olddirs`; do if grep -q $i /root/newdirs ; then echo "FOUND $i"; else echo "$i NOT FOUND";fi; done | grep NOT > /root/missinghomedirs
This will give the list of those home directores that are present in the OLD server but absent in the NEW server.
Check if all accounts inside /etc/trueuserdomains are there in httpd.conf file
for i in `cat /etc/trueuserdomains | awk {'print $1'}| cut -d: -f 1`; do if grep -q $i /usr/local/apache/conf/httpd.conf; then echo "FOUND $i"; else echo "$i NOT FOUND";fi; done | grep NOT > /root/missingapacheentries
Check if all accounts inside /etc/trueuserdomains are there in /etc/named.conf file
for i in `cat /etc/trueuserdomains | awk {'print $1'}| cut -d: -f 1`; do if grep -q $i /etc/named.conf ; then echo "FOUND $i"; else echo "$i NOT FOUND";fi; done | grep NOT > /root/missingnamedentries
Assign dedicated IPs to domains that had on the old server and copy SSL cert from the old server.
To check domains have dedicated IPs -- cat /etc/domainips
To check domains have private SSL installed -- cat /etc/ssldomains
Categories for this entry
-------------------
a, Compare the version of PHP,MySQL,Apache on both servers. Unless there is any special requirement from the client, keep the same version on both servers.Also verify php is running as apache or cgi on both servers
b, Install CSF and do the normal security hardening.
c, Make cpanel to a stable version and run forceful update.
/scripts/upcp --force
d, check the available IPs in the new server and domains having dedicated SSL certs.
Update the client for new additional IPs if required.
e, Check the PHP and Apache modules in the old server and enable them.
2, Migration
Once the configurations are identical, we can start the migration. Enable SSH key access to the new server from the old server so we can avoid prompting password each time.
copy the contents of /root/.ssh/id_dsa.pub and paste it on /root/.ssh/authorized_keys of the new server
If there is no /root/.ssh/id_dsa.pub, create a SSH Key
ssh-keygen -t dsa
Press enter for all options, so SSH key is created with default values. Copy the key and paste on file " /root/.ssh/authorized_keys " of the new server.This will create a passwordless key authentication between the the servers.
Make a list of all the accounts in the old server.
cat /etc/trueuserdomains | awk {'print $2'} > /root/transferlist
Take the backups of the accounts using cpanel's pkgacct method with skip home directory option and copy account to the new server.
for i in `cat /root/transferlist`
do
#echo $i
/scripts/pkgacct --skiphomedir $i >> /home/pkgfile
acc=$(ls /home/cpmove*$1*)
scp -P 2411 $acc root@65.98.85.226:/home
wait
ls -lh $acc
rm -rf $acc
done
Copy the domain list (/root/transferlist) to the new server and start restoring the accounts.
for i in `cat /root/transferlist`; do /scripts/restorepkg $i >> /home/restorefile; done
Rsync the home directories once the restore process is completed. Run the following from the old server,
rsync -avz -e "ssh -p 2411" /home/* root@65.98.85.226:/home/
Migrate all the packages (/var/cpanel/packages) from old server to the new one
3, Post Migration.
Compare whether all the accounts are restored in the new server.
-----------------------------------------------
1. Copy the file /etc/trueuserdomains from the old server to the new server. Eg copy to the location /backup/trueuserdomains.
2. Run this script from the new server to check the domains that are not found in the /etc/trueuserdomains file of the new server.
for i in `cat /backup/trueuserdomains | awk {'print $1'}| cut -d: -f 1`; do if grep -q $i /etc/trueuserdomains; then echo "FOUND $i"; else echo "$i NOT FOUND";fi; done | grep NOT > /root/missingtrueuserdomains
If the above result does not give any output, it means all accounts are copied over from old server to new server.
If we are using rsync of /home, to see if any home directory has failed to copy over to the new server, use the following steps.
1.Make a list of home directories from the OLD server.
ls -d /home/*/ | cut -d/ -f 3 > /root/olddirs
2. scp this to the /backup folder of the NEW server. So the file lies at /backup/olddirs
3. Make a list of current home directory in the NEW server.
ls -d /home/*/ | cut -d/ -f 3 > /root/newdirs
4. Compare from the NEW server
for i in `cat /backup/olddirs`; do if grep -q $i /root/newdirs ; then echo "FOUND $i"; else echo "$i NOT FOUND";fi; done | grep NOT > /root/missinghomedirs
This will give the list of those home directores that are present in the OLD server but absent in the NEW server.
Check if all accounts inside /etc/trueuserdomains are there in httpd.conf file
for i in `cat /etc/trueuserdomains | awk {'print $1'}| cut -d: -f 1`; do if grep -q $i /usr/local/apache/conf/httpd.conf; then echo "FOUND $i"; else echo "$i NOT FOUND";fi; done | grep NOT > /root/missingapacheentries
Check if all accounts inside /etc/trueuserdomains are there in /etc/named.conf file
for i in `cat /etc/trueuserdomains | awk {'print $1'}| cut -d: -f 1`; do if grep -q $i /etc/named.conf ; then echo "FOUND $i"; else echo "$i NOT FOUND";fi; done | grep NOT > /root/missingnamedentries
Assign dedicated IPs to domains that had on the old server and copy SSL cert from the old server.
To check domains have dedicated IPs -- cat /etc/domainips
To check domains have private SSL installed -- cat /etc/ssldomains
Categories for this entry
Nagios Installation
Nagios Installation
What You'll End Up With
If you follow these instructions, here's what you'll end up with:
* Nagios and the plugins will be installed underneath /usr/local/nagios
* Nagios will be configured to monitor a few aspects of your local system (CPU load, disk usage, etc.)
* The Nagios web interface will be accessible at http://localhost/nagios/
Prerequisites
During portions of the installation you'll need to have root access to your machine.
Make sure you've installed the following packages on your Fedora installation before continuing.
* Apache
* PHP
* GCC compiler
* GD development libraries
You can use yum to install these packages by running the following commands (as root):
yum install httpd php
yum install gcc glibc glibc-common
yum install gd gd-devel
1) Create Account Information
Become the root user.
su -l
Create a new nagios user account and give it a password.
/usr/sbin/useradd -m nagios
passwd nagios
Create a new nagcmd group for allowing external commands to be submitted through the web interface. Add both the nagios user and the apache user to the group.
/usr/sbin/groupadd nagcmd
/usr/sbin/usermod -a -G nagcmd nagios
/usr/sbin/usermod -a -G nagcmd apache
2) Download Nagios and the Plugins
Create a directory for storing the downloads.
cd /usr/src
Download the source code tarballs of both Nagios and the Nagios plugins (visit http://www.nagios.org/download/ for links to the latest versions). These directions were tested with Nagios 3.1.1 and Nagios Plugins 1.4.11.
wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-3.2.1.tar.gz
wget http://prdownloads.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.11.tar.gz
3) Compile and Install Nagios
Extract the Nagios source code tarball.
cd /usr/src
tar xzf nagios-3.2.1.tar.gz
cd nagios-3.2.1
Run the Nagios configure script, passing the name of the group you created earlier like so:
./configure --with-command-group=nagcmd
Compile the Nagios source code.
make all
Install binaries, init script, sample config files and set permissions on the external command directory.
make install
make install-init
make install-config
make install-commandmode
Don't start Nagios yet - there's still more that needs to be done...
4) Customize Configuration
Sample configuration files have now been installed in the /usr/local/nagios/etc directory. These sample files should work fine for getting started with Nagios. You'll need to make just one change before you proceed...
Edit the /usr/local/nagios/etc/objects/contacts.cfg config file with your favorite editor and change the email address associated with the nagiosadmin contact definition to the address you'd like to use for receiving alerts.
vi /usr/local/nagios/etc/objects/contacts.cfg
5) Configure the Web Interface
Install the Nagios web config file in the Apache conf.d directory.
make install-webconf
Create a nagiosadmin account for logging into the Nagios web interface. Remember the password you assign to this account - you'll need it later.
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
Restart Apache to make the new settings take effect.
service httpd restart
Note Note: Consider implementing the ehanced CGI security measures described here to ensure that your web authentication credentials are not compromised.
6) Compile and Install the Nagios Plugins
Extract the Nagios plugins source code tarball.
cd /usr/src
tar xzf nagios-plugins-1.4.11.tar.gz
cd nagios-plugins-1.4.11
Compile and install the plugins.
./configure --with-nagios-user=nagios --with-nagios-group=nagios
make
make install
7) Start Nagios
Add Nagios to the list of system services and have it automatically start when the system boots.
chkconfig --add nagios
chkconfig nagios on
Verify the sample Nagios configuration files.
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
If there are no errors, start Nagios.
service nagios start
8) Modify SELinux Settings
Fedora ships with SELinux (Security Enhanced Linux) installed and in Enforcing mode by default. This can result in "Internal Server Error" messages when you attempt to access the Nagios CGIs.
See if SELinux is in Enforcing mode.
getenforce
Put SELinux into Permissive mode.
setenforce 0
To make this change permanent, you'll have to modify the settings in /etc/selinux/config and reboot.
For information on running the Nagios CGIs under Enforcing mode with a targeted policy, visit the Nagios Support Portal or Nagios Community Wiki.
9) Login to the Web Interface
You should now be able to access the Nagios web interface at the URL below. You'll be prompted for the username (nagiosadmin) and password you specified earlier.
http://server_IP/nagios/
Configure nagios.
The main conf file for nagios is /usr/local/nagios/etc/nagios.cfg
When you take nagios in the browser after this freshinstall, you can see localhost added. The conf fle for this is /usr/local/nagios/etc/objects/localhost.cfg
This has been added to the file usr/local/nagios/etc/nagios.cfg as follows.
[root@localhost objects]# grep localhost.cfg /usr/local/nagios/etc/nagios.cfg
cfg_file=/usr/local/nagios/etc/objects/localhost.cfg
If you need to add another host copy this file in the another name and change the IP, hostname accordingly.
cp
/usr/local/nagios/etc/objects/localhost.cfg /usr/local/nagios/etc/objects/newserver.cfg
Include this cfg file to the nagios.cfg as follows.
cfg_file=/usr/local/nagios/etc/objects/newserver.cfg
Check nagios for errors.
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
If no error restart nagios
service nagios restart
Check in browser, if you can see the new server.
What You'll End Up With
If you follow these instructions, here's what you'll end up with:
* Nagios and the plugins will be installed underneath /usr/local/nagios
* Nagios will be configured to monitor a few aspects of your local system (CPU load, disk usage, etc.)
* The Nagios web interface will be accessible at http://localhost/nagios/
Prerequisites
During portions of the installation you'll need to have root access to your machine.
Make sure you've installed the following packages on your Fedora installation before continuing.
* Apache
* PHP
* GCC compiler
* GD development libraries
You can use yum to install these packages by running the following commands (as root):
yum install httpd php
yum install gcc glibc glibc-common
yum install gd gd-devel
1) Create Account Information
Become the root user.
su -l
Create a new nagios user account and give it a password.
/usr/sbin/useradd -m nagios
passwd nagios
Create a new nagcmd group for allowing external commands to be submitted through the web interface. Add both the nagios user and the apache user to the group.
/usr/sbin/groupadd nagcmd
/usr/sbin/usermod -a -G nagcmd nagios
/usr/sbin/usermod -a -G nagcmd apache
2) Download Nagios and the Plugins
Create a directory for storing the downloads.
cd /usr/src
Download the source code tarballs of both Nagios and the Nagios plugins (visit http://www.nagios.org/download/ for links to the latest versions). These directions were tested with Nagios 3.1.1 and Nagios Plugins 1.4.11.
wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-3.2.1.tar.gz
wget http://prdownloads.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.11.tar.gz
3) Compile and Install Nagios
Extract the Nagios source code tarball.
cd /usr/src
tar xzf nagios-3.2.1.tar.gz
cd nagios-3.2.1
Run the Nagios configure script, passing the name of the group you created earlier like so:
./configure --with-command-group=nagcmd
Compile the Nagios source code.
make all
Install binaries, init script, sample config files and set permissions on the external command directory.
make install
make install-init
make install-config
make install-commandmode
Don't start Nagios yet - there's still more that needs to be done...
4) Customize Configuration
Sample configuration files have now been installed in the /usr/local/nagios/etc directory. These sample files should work fine for getting started with Nagios. You'll need to make just one change before you proceed...
Edit the /usr/local/nagios/etc/objects/contacts.cfg config file with your favorite editor and change the email address associated with the nagiosadmin contact definition to the address you'd like to use for receiving alerts.
vi /usr/local/nagios/etc/objects/contacts.cfg
5) Configure the Web Interface
Install the Nagios web config file in the Apache conf.d directory.
make install-webconf
Create a nagiosadmin account for logging into the Nagios web interface. Remember the password you assign to this account - you'll need it later.
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
Restart Apache to make the new settings take effect.
service httpd restart
Note Note: Consider implementing the ehanced CGI security measures described here to ensure that your web authentication credentials are not compromised.
6) Compile and Install the Nagios Plugins
Extract the Nagios plugins source code tarball.
cd /usr/src
tar xzf nagios-plugins-1.4.11.tar.gz
cd nagios-plugins-1.4.11
Compile and install the plugins.
./configure --with-nagios-user=nagios --with-nagios-group=nagios
make
make install
7) Start Nagios
Add Nagios to the list of system services and have it automatically start when the system boots.
chkconfig --add nagios
chkconfig nagios on
Verify the sample Nagios configuration files.
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
If there are no errors, start Nagios.
service nagios start
8) Modify SELinux Settings
Fedora ships with SELinux (Security Enhanced Linux) installed and in Enforcing mode by default. This can result in "Internal Server Error" messages when you attempt to access the Nagios CGIs.
See if SELinux is in Enforcing mode.
getenforce
Put SELinux into Permissive mode.
setenforce 0
To make this change permanent, you'll have to modify the settings in /etc/selinux/config and reboot.
For information on running the Nagios CGIs under Enforcing mode with a targeted policy, visit the Nagios Support Portal or Nagios Community Wiki.
9) Login to the Web Interface
You should now be able to access the Nagios web interface at the URL below. You'll be prompted for the username (nagiosadmin) and password you specified earlier.
http://server_IP/nagios/
Configure nagios.
The main conf file for nagios is /usr/local/nagios/etc/nagios.cfg
When you take nagios in the browser after this freshinstall, you can see localhost added. The conf fle for this is /usr/local/nagios/etc/objects/localhost.cfg
This has been added to the file usr/local/nagios/etc/nagios.cfg as follows.
[root@localhost objects]# grep localhost.cfg /usr/local/nagios/etc/nagios.cfg
cfg_file=/usr/local/nagios/etc/objects/localhost.cfg
If you need to add another host copy this file in the another name and change the IP, hostname accordingly.
cp
/usr/local/nagios/etc/objects/localhost.cfg /usr/local/nagios/etc/objects/newserver.cfg
Include this cfg file to the nagios.cfg as follows.
cfg_file=/usr/local/nagios/etc/objects/newserver.cfg
Check nagios for errors.
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
If no error restart nagios
service nagios restart
Check in browser, if you can see the new server.
Friday, January 14, 2011
*WARNING* Since the Virtuozzo VPS iptables ip_conntrack_ftp kernel module + csf
Getting the following error while trying to restart csf in my VPS .
root@a24uall [/etc/csf]# csf -r
*WARNING* Since the Virtuozzo VPS iptables ip_conntrack_ftp kernel module is currently broken you have to open a PASV port hole in iptables for incoming FTP connections to work correctly. See the csf readme.txt under ‘A note about FTP Connection Issues’ on how to do this if you have not already done so.
root@a24uall [/etc/csf]#
Solution : IF we dont have node access we need to change the settings in VPS itself
Check if its Pure FTP or Pro FTP and add the following line in the conf file.
vi /etc/pure-ftpd.conf
PassivePortRange 30000 35000
vi /etc/proftpd.conf
PassivePortRange 30000 35000
vi /etc/csf/csf.conf
# Allow incoming TCP ports
TCP_IN = “20,21,22,25,53,80,110,30000:35000″
If you see this error while restarting iptables then in place of csf step use :
iptables -A INPUT -p tcp –dport 30000:35000 -j ACCEPT
============
enable module
modprobe ip_conntrack_ftp
root@a24uall [/etc/csf]# csf -r
*WARNING* Since the Virtuozzo VPS iptables ip_conntrack_ftp kernel module is currently broken you have to open a PASV port hole in iptables for incoming FTP connections to work correctly. See the csf readme.txt under ‘A note about FTP Connection Issues’ on how to do this if you have not already done so.
root@a24uall [/etc/csf]#
Solution : IF we dont have node access we need to change the settings in VPS itself
Check if its Pure FTP or Pro FTP and add the following line in the conf file.
vi /etc/pure-ftpd.conf
PassivePortRange 30000 35000
vi /etc/proftpd.conf
PassivePortRange 30000 35000
vi /etc/csf/csf.conf
# Allow incoming TCP ports
TCP_IN = “20,21,22,25,53,80,110,30000:35000″
If you see this error while restarting iptables then in place of csf step use :
iptables -A INPUT -p tcp –dport 30000:35000 -j ACCEPT
============
enable module
modprobe ip_conntrack_ftp
Subscribe to:
Posts (Atom)