Ever needed to add AHCI to a centos system after an install. A quick way to do it is just:
modprobe ahci cp /boot/initrd-`uname -r`.img /boot/initrd-`uname -r`.img.bak mkinitrd -f --with=ahci /boot/initrd-`uname -r`.img `uname -r`
Frequently I came across new cpanel installs not installing rrdtool correctly. The error would end at
Using catalogs: /etc/sgml/sgml-docbook-3.1-1.0-51.el6.cat Using stylesheet: /usr/share/sgml/docbook/utils-0.6.14/docbook-utils.dsl#print Working on: /usr/local/cpanel/src/3rdparty/gpl/fontconfig-2.6.0/doc/local-fontconfig-devel.sgml nsgmls:(invalid location):E: invalid filename "" rmdir: failed to remove `devel-man': Directory not empty gmake[2]: *** [func.refs] Error 1 gmake[2]: Leaving directory `/usr/local/cpanel/src/3rdparty/gpl/fontconfig-2.6.0/doc' gmake[1]: *** [all-recursive] Error 1 gmake[1]: Leaving directory `/usr/local/cpanel/src/3rdparty/gpl/fontconfig-2.6.0' gmake: *** [all] Error 2 child exited with value 2
To fix run
yum remove docbook-utils
/scripts/rrdtoolinstall
I’ve always had trouble getting into single mode in cloudlinux. Trying to type single would show up as gibberish. Looking at a server today, I accidentally came across a way around this, by hitting c (to go to the grub command line) and esc (to exit back). Once done I could use append (a). Previously append or edit did not work.
At the GRUB splash screen at boot time, press any key to enter the GRUB interactive menu.
type c (goes to grub command line) then hit esc
Select Cloud Linux with the version of the kernel that you wish to boot and type a to append the line.
type single and hit enter to boot
I was looking for a way to send mail to one domain on an IP, and all other mail on another domain on another IP. The basic exim remote SMTP set up is
remote_smtp:
driver=smtp
To switch the exim ip, the interface=IP.address configuration is used. But I wanted to have email to a particular domain go over another IP address. I came up with
interface = ${if eq {$domain}{REMOTE.DOMAIN.COM} {IP.TO.SEND.FROM}{DEFAULT.IP} }
Ran into an issue where an openvz container would start up, but the networking would not. Running in verbose mode I saw
ifup-venet WARNING: Device list is empty
After looking around, searching the web I could not come up with anything. Then I saw the container had an /etc/vz folder. Turned out vzctl had got installed by the user on the openvz container, breaking networking. Removing this and a restart fixed the problem.
I quickly wrote this script to easily run the backup process for all accounts of a reseller using WHM. This calls the backup process in cpanel for each account using the ftp/scp copy function. Once its done you need to manually restore accounts yourself in the folder you copied the accounts to.
An example to restore the account is something quick like
for i in *; do /scripts/restorepkg $i; done
Run the above command in the folder all the backup accounts were copied to.
The restore as well as the below script are best run in screen.
You need to manually create the domains file for the script below. You can do this by going to list accounts in WHM and at the bottom clicking the fetch csv option. Take all that data and create a file called domains on your server. Then run
cat domains | cut -d, -f1-3,10 | grep -v ^Domain, > domains2
This will format the file, calling in domains2 in a format the below script can use.
Script below, with instructions.
#!/bin/bash # Quick script to copy accounts from another cpanel server, with the reseller (not root password) # This is just logging into cpanel to run the generate a full cpmove backup function in WHM ## # Requires ## ## 1) logging into an account with the reseller password ## 2) the backup function working ## 3) getting the csv from list accounts and putting it in the right format ## # Getting the csv ## # Log into WHM as the reseller and go to list accounts. At the botton click 'Fetch CSV' # Save it on the server you are copying it to, and call it 'domains' # Run the below command #cat domains | cut -d, -f1-3,10 | grep -v ^Domain, > domains2 # This is the WHM Password (resller pass) HTTPPASS=whmpassword # This is the WHM IP (server with the accounts now) SERVER=IP.TRANSFERING.FROM # This is the Remote FTP Username (ftp username) FTPUSER=FTPUSERNAME # This is the remote FTP Password (ftp password) FTPPASS=ftppass # This is the remote FTP IP (ftp IP address where accounts are going to) FTPSERVER=ftp.server.ip # This is the email address that gets notifications when the full backup is complete (your email address, the @ is %40) MYEMAIL="email%40domain.com" # backup type, possibilities are # ftp # passiveftp # scp TYPE=ftp; # Port your ftp or scp port PORT=21 # remote dir, default is %2F which is blank # for scp follow format of %2Fhome%2Fusername for /home/username REMOTEDIR=%2F; # Sleep time in seconds (setting this too low could cause may backup processes to run at once) sleep=200; # you don't need to run this as root, but you may need to define a HOME export HOME=/root if [ ! -f domains2 ]; then echo 'Domains file missing'; exit; fi # there is no error checking, so double check the above for i in $(cat domains2 | cut -d\, -f3); do THEME=`cat domains2 | grep ,$i, | cut -d, -f4 | grep -v ^#`; curl -u $i:$HTTPPASS -k "https://$SERVER:2083/frontend/$THEME/backup/dofullbackup.html?dest=$TYPE&email=$MYEMAIL&server=$FTPSERVER&user=$FTPUSER&pass=$FTPPASS&port=$PORT&rdir=$REMOTEDIR" echo "Finished $i, Sleeping" sleep $sleep done
After the centos 6.2 update I noticed libvirt was not running on some servers. Looking at the logs I found
Starting libvirtd daemon: 10:35:16.697: 6933: info : libvirt version: 0.9.4, package: 23.el6_2.1 (CentOS BuildSystem <http://bugs.centos.org>, 2011-12-17-16:39:59, c6b4.bsys.dev.centos.org)
10:35:16.697: 6933: error : virNetServerMDNSStart:460 : internal error Failed to create mDNS client: Daemon not running
Further investigation found avahi was needed for this to work. The final fix was running
yum -y install avahi /etc/init.d/messagebus restart /etc/init.d/avahi-daemon restart /etc/init.d/libvirtd restart /sbin/chkconfig messagebus on /sbin/chkconfig avahi-daemon on
In centos 6.2 restarting libvirt will not restart the vm’s. Once done libvirt was running again.
I have been testing openvz on centos6 today, and following my normal config I installed software raid1. Everything went fine until a reboot into the centos kernel. On a reboot, I got an error
dracut cannot find root, “sleeping forever”
As an old school sysadmin I hate change, what is dracut I’m thinking (not to mention fstab has UUID’s instead of LABELs, looking like ubuntu now). This replaces the old initrd system. Ok it has a shell you can boot into rdshell which seems kind of cool. On to the fix I found.
I noticed that on openvz dracut never assembled raid1. I ran
dracut -f –add-drivers raid1 –mdadmconf /boot/initramfs-2.6.32-042stab024.1.img 2.6.32-042stab024.1
Which at the time was the stable kernel and rebooted. System is back up with out errors.
You may need to run
mdadm –examine –scan
and update your /etc/mdadm.conf file
A new glibc exploit has been disclosed under CVE-2010-3856. Unlike the last glibc exploit a few days ago you do not get direct root access, but you can create files/dirs in root owned paths. I expect an update from RedHat with in the next 24 – 48 hours.
I released a glibc update for the last glibc update in a testing repo. It looks like I will be keeping the testing repo for some time. Here is how to get the latest glibc update (a copy of my previous post)
-
Run /admin/updatefromtesting and there are glibc updates for CentOS 5.
You can get this by running
/admin/upscripts
If you do not have the admin scripts run
rsync -a rsync://mirror.trouble-free.net/admin /admin
Before use, you will need to run either
ln -s /admin/testing.repo /etc/yum.repos.d/testing.repo
or
cp /admin/testing.repo /etc/yum.repos.d/testing.repo
Then run
/admin/updatefromtesting
This repo is not enabled by default. So what is really happening is yum is being called as yum –enablerepo=tf-testing update
–
The testing repo will stay around for a bit longer. If you are a current InterServer customer please contact support.
I have tested this update on multiple i386 and x86_64 systems and have seemed it stable. However, using the testing repo is not an official update from RedHat or CentOS.
The repo, including srpm, is at http://mirror.trouble-free.net/tf/testing/5.5/
There is a new linux root exploit through glibc CVE-2010-3847. This exploit can be used to gain root access by a “local user”. Of course, being in the web hosting industry a local user can be an exploitable script, a customer, a php or cgi shell and on and on. Affected are RHEL and CentOS 5.
No glibc update has been released yet by RedHat.
I have released a new admin script and a testing repo on the InterServer yum repo. The admin script is /admin/updatefromtesting and there are glibc updates for CentOS 5.
You can get this by running
/admin/upscripts
If you do not have the admin scripts run
rsync -a rsync://mirror.trouble-free.net/admin /admin
Before use, you will need to run either
ln -s /admin/testing.repo /etc/yum.repos.d/testing.repo
or
cp /admin/testing.repo /etc/yum.repos.d/testing.repo
Then run
/admin/updatefromtesting
This repo is not enabled by default. So what is really happening is yum is being called as yum –enablerepo=tf-testing update
Future updates will not use this repo. In fact, I do not have plans on keeping the testing repo – we will see.
I expect the glibc update from redhat to apply over the testing repo. However this is glibc, so use at your own risks. If you are an InterServer customer contact support for help with this update.
I have tested the update on multiple servers and have build for i386 and x86_64.
The repo, including srpm, is at http://mirror.trouble-free.net/tf/testing/5.5/
