APF installation error on VPS : unable to load iptables module (ip_tables), aborting.

While installing APF on your VPS you get the following error :

# apf -r
apf(28442): {glob} status log not found, created
apf(28463): {glob} flushing & zeroing chain policies
apf(28463): {glob} firewall offline
apf(28500): {glob} activating firewall
apf(28551): {glob} unable to load iptables module (ip_tables), aborting.
apf(28500): {glob} firewall initalized
apf(28500): {glob} !!DEVELOPMENT MODE ENABLED!! – firewall will flush every 5 minutes.

You need to configure the APF for your VPS.

nano -w /etc/apf/conf.apf

modify
SET_MONOKERN=”0″

to
SET_MONOKERN=”1″

Restart APF

apf -r

Now you will be able to complete apf installation fine 🙂

error: stat of /var/log/cron failed: No such file or directory

Hi guys… Today I faced a issue with a new VPS installed with EZ template Centos 5.2. I was preparing the VPS with logwatch, apf and other security and got cron error under roots mail.

Cron errors shows log errors :

/etc/cron.daily/logrotate:

error: stat of /var/log/boot.log failed: No such file or directory
error: stat of /var/log/cron failed: No such file or directory

OR

You do not find log files updating

This was due to the syslog daemon not running. Check if the service is running and restart. Your server may have syslogd daemon on rsyslogd depending on your OS.

I had rsyslogd on Centos 5.2

# /etc/init.d/rsyslog status
rsyslogd is stopped
rklogd is stopped

# /etc/init.d/rsyslog start
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]

Check if the service is being started at the starup :

 

# chkconfig –list | grep rsyslog
rsyslog 0:off 1:off 2:off 3:off 4:off 5:off 6:off

Use Command to enable the daemon at startup

# chkconfig rsyslog on

The log files were not being created due to the daemons stopped, after restart all started generating.

Cheers!

🙂

cPanel FAQ for VPS

From: http://www.cpanel.net/docs/whm/FAQ.htm

Q: I’m having server problems but the problem is not listed below. What should I do?

A: There are two options:

  1. You can search the Knowledgebase in WebHost Manager. The is explained in the support part of this manual.
  2. You can search the CPanel forums – http://support.cpanel.net/

Q: How do I login to Cpanel from a non-GUI?

A: Do the following:

  1. /usr/local/cpanel startup
  2. /etc/rc.d/init.d/cpanel3 restart – This will restart CPanel.

Q: I just got another server, what do I do?

A: If you would like to make your two servers work together, you will need to establish a trust relationship with your primary nameserver – refer to Establishing a trust relationship for more information. You can also transfer your old server’s files to your new server – refer to Transfers for more information.

Q: Proftp will not start it says, ‘unable to determine the ip address of mydomainhere.com’. What do I do?

A: You need to change your hostname to a FQDN (Fully Qualified Domain Name ). A FQDN has a host name, and a domain name which includes a top-level domain, e.g. www.sub.domain.com.

  1. #pico /etc/sysconfig/network
  2. Type hostname www.sub.domain.com
  3. Save changes and quit pico.
  4. Now, add a DNS Zone for yourdomain.com in WebHost Manager.
  5. Add an entry to /etc/hosts for your hostname.

Q: I have a CPanel license but when I login it says ‘Invalid Lisc File’. What’s wrong?

A: There are a couple of possibilities. The date on your server could be improperly synced, your main IP could have changed, or your files could have been corrupted.

  1. First, try to resync your server’s date:

    #rdate -s rdate.darkorb.net

  2. If that does not work, try to update your CPanel license file:

    #/usr/local/cpanel/cpkeyclt

  3. If these do not work contact your distributor so they can update your license

Q: My install keeps saying “waiting for updated to finish”. What should I do?

A: Do the following:

  1. Open another Terminal window and run as root:

    #rsync -av rsync://ftp.cpanel.net/scripts /scripts

  2. /etc/rc.d/init.d/cpanel3 restart – This will restart CPanel.

Q: What types of traffic does the Bandwidth monitor show?

A: The bandwidth monitor watches http, ftp, and pop traffic.

Q: I’ve added accounts in WebHost Manager that aren’t showing up. What’s wrong?

A: Your domain database has not been updated, you need to run:

#/scripts/updateuserdomains

Q: What does Initial Nameserver Setup do?

A: This starts the name and adds it to the list of daemons to be checked.

Q: What should I do about partitioning my drive? What sizes do I need?

A: Refer to Installation for more information.

Q: How do I upgrade using buildapache.sea?

A: Do the following:

  1. SSH into your server.
  2. SU and log in as root.
  3. #wget http://layer1.cpanel.net/buildapache.sea
  4. #chmod 755 buildapache.sea
  5. #./buildapache.sea
  6. Wait for the installer to complete.
  7. Cleanup after the install with:

    #rm -Rf buildapache/

    #rm buildapache.sea

Q: How can I use Cpanel in a non-graphical environment?

A: Do the following:

  1. #/sbin/chkconfig –add xfs
  2. #/sbin/service xfs start

Q: Neomail keeps returning no MD5.so in @INC. What do I do?

A: #/scripts/cleanmd5

Q: How can I fix problems with mail that result from incorrect permissions?

A: #/scripts/mailperm

Q: I’m trying to add FrontPage extensions, or a new account, and I get sd(8,10) write failure, user limit block reached. What do I do?

A: #/scripts/fixquotas

Q: What can fix many common problems?

A: #/scripts/fixcommonproblems

Q: I keep getting a 500 error when trying to use Mailman. What is wrong?

A: Your hostname is not being sent with your e-mail. Do the following:

  1. #/scripts/fixoldlistswithsuexec
  2. If that doesn’t work, try:

    #/scripts/fixmailmanwithsuexec

    #pico /usr/local/apache/conf/httpd.conf – move the last vhost to the first vhost in the file.

Q: What do I do when Mailman wants UID 99 but is getting -1?

A: #/scripts/upcp

Q: My subdomain logs are not being processed. What do I do?

A: Do the following:

  1. #rm -f ~username/tmp/lastrun
  2. #killall -9 cpanellogd
  3. #/usr/local/cpanel/cpanellogd

Q: How do I enable FrontPage on port 443 with ssl?

A: Do the following:

  1. /usr/local/frontpage/version5.0/bin/owsadm.exe -o install -p 443 -m
  2. $domain -t apache-fp -xuser $user -xgroup $group -servconf
  3. “/etc/httpd/conf/httpd.conf”

Q: Neomail complains of no MD5.so in @INC – what do I do?

A: Do the following:

  1. Rebuild Perl using installer from http://cpanel.net/
  2. Just running /scripst/cleanmd5 should do it.

Q: When adding FrontPage, I get sd(8,10) write failure, user limit block reached. What do I do?

A: Run /scripts/fixquotas

Q: How do I fix general mail problems related to permissions?

A: /scripts/mailperm

Q: How do I fix the most common problems?

A: /scripts/fixcommonproblems

Q: How do I fix cgi scripts that are returning a 500 error because of permissions?

A: Do the following:

  1. /scripts/fixsuexeccgiscripts
  2. Read /usr/local/apache/logs/suexec_log for Mailman 500 Error.
  3. /scripts/fixmailmanwithsuexec
  4. Edit /usr/local/apache/conf/htpd.conf and move the vhost it creates (almost always the last one in the file) to be the first vhost.
  5. Restart Apache: /etc/rc.d/init.d/httpd restart
  6. Run /scripts/fixoldlistswithsuexec

Q: What do I do when Mailman wants UID 99 when getting -1?

A: Do the following:

  1. Edit httpd.conf
  2. Make sure Group is set to nobody.
  3. Run /scripts/upcp – that should rebuild mailman with the correct UID/GID.

/scripts/upcp should now detect this and fix it for you automatically.

  1. Turn on SYN Cookies if built into the kernel.
  2. echo 1 >/proc/sys/net/ipv4/tcp_syncookies – at boot time after the /proc file system has been mounted.

Q: How do I troubleshoot Perl scripts?

A: Do the following:

  1. Edit Perl / cgi script – at top of file #!/usr/bin/perl
  2. Use CGI::Carp qw(fatalsToBrowser); – errors should be redirected to browser rather then getting a 500 error.
  3. Also, check if the script runs on the command line – perl -w ./scriptname.cgi – and see if it gives you errors.

Q: What do I do if subdomain logs are not getting processed?

A: Do the following:

  1. rm -f ~username/tmp/lastrun
  2. killall -9 cpanellogd
  3. /usr/local/cpanel/cpanellogd

Q: How do I stop a crontab?

A: Add – >/dev/null 2>&1 – after the entry in the crontab.

Q: What do I do when MySQL gives error of access denied for root@localhost?

A: Make sure root pass is in /root/.my.cnf, this is usually the first root password the box was given when CPanel was installed.

Q: How do I set the /etc/my.cnf file for sites with vbb forums that don’t close connections, thus spawning 500 mysqld’s and hogging all the RAM?

A: Do the following to mysqld:

  • set-variable = max_connections=1500
  • set-variable = max_user_connections=200
  • set-variable = wait_timeout=200
  • set-variable = interactive_timeout=800

Q: What do I do if SpamAssassin is taking up a lot of memory and CPU?

A: The chances are the dbm database has gotten corrupted. Try this:

  1. Find out what user it’s running as with ‘top’.
  2. cd /home/user/
  3. rm -rf .spamassasin
  4. Then mail them a couple of times to see if it fixes the problem.

Q: What do I do if buildapache.sea bombs out with a lot of nasty looking errors?

A: Do the following:

  1. Find out the version (cat /etc/redhat-release).
  2. Find a server running the same version that works.
  3. tar xzvf bits.tgz /usr/include/bits
  4. Copy that to the broken server.
  5. Backup /usr/include/bits somewhere.
  6. tar xzvf bits.tgz from /

Q: What do I do when a Guestbook is not showing anything, I get a blank page when trying to view, and no errors when submitting?

A: Do the following:

chown nobody /home/username/.guestbook

Make sure ‘nobody’ can write to it.

Q: What do I do when all the Perl/CGI scripts that are not running as root (including Interchange) get the error “getgrgid: invalid groupid XXXXX”? From Apache’s error_log …

[Tue Mar 26 09:13:16 2002] [error] [client x.x.x.x] (2)No such file or directory: getgrgid: invalid groupid 32015

[Tue Mar 26 09:13:16 2002] [error] (2)No such file or directory: exec of /home/username/public_html/utility.cgi failed

[Tue Mar 26 09:13:16 2002] [error] [client x.x.x.x] Premature end of script headers: /home/username/public_html/script.cgi

A: Do the following:

chmod 644 /etc/group

If that doesn’t fix it, check permissions on the passwd file and shadow file as well just for good measure.

Q: What are the default locations for Mailman, exim config, exim log, or the exim reject log?

A: The locations are:

  • Mailman lists = /usr/local/cpanel/3rdparty/mailman/lists/
  • Exim Config = /etc/exim.conf
  • Exim Log = /var/log/exim_mainlog
  • Exim Reject Log = /var/log/exim_rejectlog

Q: What do I do when setting up a trust relationship and I get errors about possible security threats and stuff about SSH/known_hosts?

A: Most likely the master server has changed it’s ssl info. The easiest way to remedy this is:

  1. cd /etc/
  2. rm -rf .ssh

Then try setting up the trust relationship again.

Cpanel disk used incorrect showing unlimited or 0MB

You can fix this by running the script  /scripts/fixquotas

is this doesn’t work and you are using Virtuozzo or OpenVZ you will need to set the QUOTAUGIDLIMIT perimeter – this allows the system to allocate user IDs (UID)

e.g (openvz)

vzctl set 101 –quotaugidlimit 1000 –save

then run the scrip “/scripts/fixquotas”

and it should all work.

Troubleshooting

If you’ve done the above and it still doesn’t work (or the value still says 0MB) this may be due to cPanel caching the disk usage results. to disable this:

Select the following in your WHM.

WHM >> Tweak Settings >> System >> “Disable Disk Quota display caching (WHM will cache disk usage which may result in the display of disk quotas being up to 15 minutes behind the actual disk usage. Disabling this may result in a large performance degradation.)”

Easy apache error on a VPS – !! Warning (VZ): You are only only guaranteed xx Megabytes of ram! xxx Megabytes is recommended. !!


Easy::Apache v3.2.0 Build 4310

!! Warning (VZ): You are only only guaranteed 224 Megabytes of ram! 512 Megabytes is recommended. !!

If you get above memory error on VPS while running easy apache,  You can fix by using following steps. Login in to main VPS and edit the variable OOMGUARPAGES accordingly.

OR

OpenVZ Users :
You can also modify the
OOMGUARPAGES values from shell as required.  :

vzctl set 101 –OOMGUARPAGES 561120:2147483647 –save

Need Assistance with nominal fee contact admin@linuxbabu.net

Any operation on a VE gives me “Cannot lock VE”.

Any operation on a VE gives me “Cannot lock VE“.

VE is locked when some operation (backup, migration, start / stop, etc.) with this VE is in progress. You can determine which process is holding VE #111 using the following command on the hardware node:

# cat /vz/lock/111.lck

16824
backing-up

You can kill that process if needed. Make sure that the process is really killed. If there is no process with that PID on the node, just remove the lockfile.

# kill 16824

# vzctl start 111

Easy apache error on a VPS – You are only only allowed to use xx Megabytes of ram! xxx Megabytes is required

Sometimes, you can get the following error on VPS while running easy apache. You can fix by simple following steps.

Login in to main VPS and edit the variable PRIVVMPAGES accordingly

/scripts/easyapache
Use of uninitialized value in pattern match (m//) at /var/cpanel/perl/easy/Cpanel/Easy/Utils.pm line 436.
!! Critical Error (VZ): You are only only allowed to use 90 Megabytes of ram! 512 Megabytes is required. !!

You can also modify the privvmpages values from shell as required. (For OpenVZ users) :

vzctl set 101 --privvmpages 850M:900M --save