Category Archives: Uncategorized

PHP 5.2.17 Backports

If you handle support for a webhosting company you know that sometimes people need older versions of software, for example older shopping carts or zend optimizer. PHP 5.2.x many times is needed to run older software, but since it is not supported by PHP any more additional security patches are needed. There is a project http://code.google.com/p/php52-backports/ which has PHP 5.2. backports which I have been using. Recently I came across an error on compile.

/usr/src/redhat/BUILD/php-5.2.17/main/php_variables.c: In function ‘_php_import_environment_variables’:
/usr/src/redhat/BUILD/php-5.2.17/main/php_variables.c:457: error: too many arguments to function ‘zend_alter_ini_entry_ex’
/usr/src/redhat/BUILD/php-5.2.17/main/php_variables.c:479: error: too many arguments to function ‘zend_alter_ini_entry_ex’
/usr/src/redhat/BUILD/php-5.2.17/main/php_variables.c: In function ‘php_register_server_variables’:
/usr/src/redhat/BUILD/php-5.2.17/main/php_variables.c:605: error: too many arguments to function ‘zend_alter_ini_entry_ex’
/usr/src/redhat/BUILD/php-5.2.17/main/php_variables.c:632: error: too many arguments to function ‘zend_alter_ini_entry_ex’

To fix the error I have made the following patch:

--- main/php_variables.c.old    2012-08-02 21:06:35.000000000 +0400
+++ main/php_variables.c        2012-08-02 21:08:26.000000000 +0400
@@ -453,9 +453,7 @@
        /* turn off magic_quotes while importing environment variables */
        int magic_quotes_gpc = PG(magic_quotes_gpc);

-       if (magic_quotes_gpc) {
-               zend_alter_ini_entry_ex("magic_quotes_gpc", sizeof("magic_quotes_gpc"), "0", 1, ZEND_INI_SYSTEM, ZEND_INI_STAGE_ACTIVATE, 1 TSRMLS_CC);
-       }
+       PG(magic_quotes_gpc) = 0;

        for (env = environ; env != NULL && *env != NULL; env++) {
                p = strchr(*env, '=');
@@ -475,9 +473,7 @@
                efree(t);
        }

-       if (magic_quotes_gpc) {
-               zend_alter_ini_entry_ex("magic_quotes_gpc", sizeof("magic_quotes_gpc"), "1", 1, ZEND_INI_SYSTEM, ZEND_INI_STAGE_ACTIVATE, 1 TSRMLS_CC);
-       }
+       PG(magic_quotes_gpc) = magic_quotes_gpc;
 }

 zend_bool php_std_auto_global_callback(char *name, uint name_len TSRMLS_DC)
@@ -601,9 +597,7 @@
                zval_ptr_dtor(&PG(http_globals)[TRACK_VARS_SERVER]);
        }
        PG(http_globals)[TRACK_VARS_SERVER] = array_ptr;
-       if (magic_quotes_gpc) {
-               zend_alter_ini_entry_ex("magic_quotes_gpc", sizeof("magic_quotes_gpc"), "0", 1, ZEND_INI_SYSTEM, ZEND_INI_STAGE_ACTIVATE, 1 TSRMLS_CC);
-       }
+       PG(magic_quotes_gpc) = 0;

        /* Server variables */
        if (sapi_module.register_server_variables) {
@@ -628,9 +622,7 @@
                php_register_variable_ex("REQUEST_TIME", &new_entry, array_ptr TSRMLS_CC);
        }

-       if (magic_quotes_gpc) {
-               zend_alter_ini_entry_ex("magic_quotes_gpc", sizeof("magic_quotes_gpc"), "1", 1, ZEND_INI_SYSTEM, ZEND_INI_STAGE_ACTIVATE, 1 TSRMLS_CC);
-       }
+       PG(magic_quotes_gpc) = magic_quotes_gpc;
 }
 /* }}} */

This is applied after the security branch patch is applied.

RPM’s for the backports for centos 5.8 32 bit are at http://mirror.trouble-free.net/php-5.2.17/

The SRPM is at http://mirror.trouble-free.net/php-5.2.17/php-5.2.17-2.backports.src.rpm

Both are for 20120721 security branch patch (critical security bugfixes / FreeBSD port / stable).

upgrading centos4 to 5

Note: There is a risk the below can leave your server unbootable. I have personally used this method multiple times with out issues, but you may run into unexpected problems with RPM conflicts that are not covered here.

This tutorial is for upgrading from centos 4 to centos 5. InterServer customers can contact support to have this done. For centos 3 to 4 see http://www.interserver.net/forum/threads/upgrading-centos-3-to-4.248/

cPanel Users: The exclude line in yum.conf needs to be commented out. When done add it back it. Make sure to reinstall perl from layer1.cpanel.net as well as rerun easyapache.

A custom kernel should be installed from source. This is not covered here.

The following RPM’s may need to be removed

jfsutils

bg5ps

VFlib2 ghostscript ghostscript-fonts hpijs gimp-print

netpbm-prog

xalan-j mx4j commons-modeler

On dag repo / rpmforge servers I found the following needed to be removed

lksctp-tools

imlib2-devel ffmpeg-devel

libsndfile twolame mencoder

Step 1: Remove conflicting rpm


rpm -e --justdb python-elementtree --nodeps

The upgrade will not work with the above RPM installed, but the contents is still needed so we call it with justdb because the file contents are needed. This will be reinstalled at a later time in one of the below steps.

Step 2:
Remove old kernels


for i in `rpm -qa | grep -i kernel-2.6.9`; do rpm -e $i --nodeps; done

for i in `rpm -qa | grep -i kernel-smp-2.6.9`; do rpm -e $i --nodeps; done

kernel-hugemem may be installed as well

Step 3: Update yum.conf (expects replace to be installed)


cd /etc/yum.repos.d

replace vault.centos.org/4.9 mirror.trouble-free.net/centos/\$releasever -- *

# rpm stuff

rpm --import http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5

cp -a /var/lib/rpm /var/lib/rpm.centos4


Step 4: Run yum


yum clean all

yum upgrade

Step 5: Add back in needed rpm’s. When we removed python-elementtree the following files were left behind

/usr/lib/python2.3/site-packages/cElementTree.so

/usr/lib/python2.3/site-packages/elementtree

/usr/lib/python2.3/site-packages/elementtree/ElementInclude.py

/usr/lib/python2.3/site-packages/elementtree/ElementInclude.pyc

/usr/lib/python2.3/site-packages/elementtree/ElementInclude.pyo

/usr/lib/python2.3/site-packages/elementtree/ElementPath.py

/usr/lib/python2.3/site-packages/elementtree/ElementPath.pyc

/usr/lib/python2.3/site-packages/elementtree/ElementPath.pyo

/usr/lib/python2.3/site-packages/elementtree/ElementTree.py

/usr/lib/python2.3/site-packages/elementtree/ElementTree.pyc

/usr/lib/python2.3/site-packages/elementtree/ElementTree.pyo

/usr/lib/python2.3/site-packages/elementtree/HTMLTreeBuilder.py

/usr/lib/python2.3/site-packages/elementtree/HTMLTreeBuilder.pyc

/usr/lib/python2.3/site-packages/elementtree/HTMLTreeBuilder.pyo

/usr/lib/python2.3/site-packages/elementtree/SgmlopXMLTreeBuilder.py

/usr/lib/python2.3/site-packages/elementtree/SgmlopXMLTreeBuilder.pyc

/usr/lib/python2.3/site-packages/elementtree/SgmlopXMLTreeBuilder.pyo

/usr/lib/python2.3/site-packages/elementtree/SimpleXMLTreeBuilder.py

/usr/lib/python2.3/site-packages/elementtree/SimpleXMLTreeBuilder.pyc

/usr/lib/python2.3/site-packages/elementtree/SimpleXMLTreeBuilder.pyo

/usr/lib/python2.3/site-packages/elementtree/SimpleXMLWriter.py

/usr/lib/python2.3/site-packages/elementtree/SimpleXMLWriter.pyc

/usr/lib/python2.3/site-packages/elementtree/SimpleXMLWriter.pyo

/usr/lib/python2.3/site-packages/elementtree/TidyHTMLTreeBuilder.py

/usr/lib/python2.3/site-packages/elementtree/TidyHTMLTreeBuilder.pyc

/usr/lib/python2.3/site-packages/elementtree/TidyHTMLTreeBuilder.pyo

/usr/lib/python2.3/site-packages/elementtree/TidyTools.py

/usr/lib/python2.3/site-packages/elementtree/TidyTools.pyc

/usr/lib/python2.3/site-packages/elementtree/TidyTools.pyo

/usr/lib/python2.3/site-packages/elementtree/XMLTreeBuilder.py

/usr/lib/python2.3/site-packages/elementtree/XMLTreeBuilder.pyc

/usr/lib/python2.3/site-packages/elementtree/XMLTreeBuilder.pyo

/usr/lib/python2.3/site-packages/elementtree/__init__.py

/usr/lib/python2.3/site-packages/elementtree/__init__.pyc

/usr/lib/python2.3/site-packages/elementtree/__init__.pyo

/usr/share/doc/python-elementtree-1.2.6

/usr/share/doc/python-elementtree-1.2.6/CHANGES

/usr/share/doc/python-elementtree-1.2.6/CHANGES-cElementTree

/usr/share/doc/python-elementtree-1.2.6/README

/usr/share/doc/python-elementtree-1.2.6/README-cElementTree

/usr/share/doc/python-elementtree-1.2.6/benchmark.py

/usr/share/doc/python-elementtree-1.2.6/docs

/usr/share/doc/python-elementtree-1.2.6/docs/effbot.css

/usr/share/doc/python-elementtree-1.2.6/docs/index.html

/usr/share/doc/python-elementtree-1.2.6/docs/pythondoc-elementtree.ElementInclude.html

/usr/share/doc/python-elementtree-1.2.6/docs/pythondoc-elementtree.ElementPath.html

/usr/share/doc/python-elementtree-1.2.6/docs/pythondoc-elementtree.ElementTree.html

/usr/share/doc/python-elementtree-1.2.6/docs/pythondoc-elementtree.HTMLTreeBuilder.html

/usr/share/doc/python-elementtree-1.2.6/docs/pythondoc-elementtree.SgmlopXMLTreeBuilder.html

/usr/share/doc/python-elementtree-1.2.6/docs/pythondoc-elementtree.SimpleXMLTreeBuilder.html

/usr/share/doc/python-elementtree-1.2.6/docs/pythondoc-elementtree.SimpleXMLWriter.html

/usr/share/doc/python-elementtree-1.2.6/docs/pythondoc-elementtree.TidyTools.html

/usr/share/doc/python-elementtree-1.2.6/docs/pythondoc-elementtree.XMLTreeBuilder.html

/usr/share/doc/python-elementtree-1.2.6/samples

/usr/share/doc/python-elementtree-1.2.6/samples/simple-ns.xml

/usr/share/doc/python-elementtree-1.2.6/samples/simple.xml

Below we are reinstalling python-elementree but there is the possibility one of the above files is no longer provided by the new python-elementtree. You may want to clean up the above files. It is not required.


rpm -Uvh http://mirror.trouble-free.net/centos/5/os/i386/CentOS/python-sqlite-1.1.7-1.2.1.i386.rpm --force

rpm -Uvh http://mirror.trouble-free.net/centos/5/os/i386/CentOS/python-elementtree-1.2.6-5.i386.rpm --force

rpm -Uvh http://mirror.trouble-free.net/centos/5/os/i386/CentOS/sqlite-3.3.6-5.i386.rpm --force


Step 5: Dev entries (May not be required)


MAKEDEV urandom

MAKEDEV sda

MAKEDEV console

MAKEDEV null

MAKEDEV ptmx

MAKEDEV pty

mount /dev/pts


Step 6: Rerun yum


yum clean all

yum update

On cpanel servers at this point perlinstaller needs to be rerun as well as an apache/php rebuild, then an upcp.

Upgrading centos 3 to 4

Note: There is a risk the below can leave your server unbootable. I have personally used this method multiple times with out issues, but you may run into unexpected problems with RPM conflicts that are not covered here.

Its possible to upgrade centos 3 -> 4 -> 5. This tutorial is for centos 3 to 4. For centos 4 to 5 see http://www.interserver.net/forum/threads/upgrading-centos-4-to-5.249/

For those hosted with interserver we do this migration included with our support. Contact support for this upgrade.

cPanel Server Notes: You will need to uncomment the exclude line in /etc/yum.conf. Make sure to re-exclude that when done and reinstall perl from layer1.cpanel.net as well as run easyapache.

Step 1: Compile a custom kernel. It is best to have a custom kernel ready. This is not covered in the tutorial.

Step 2: Remove RPM’s that conflict. There may be other but I have found issues with the following sets of rpms.

tkinter python-tools

cyrus-sasl-gssapi cyrus-sasl-plain

net-snmp hpoj

foomatic Omni-foomatic

newt-perl crypto-utils

clamav clamav-devel

intelcc

rhpl

net-snmp

for example run

yum remove net-snmp

Step 3: Start upgrade process install needed rpm’s


rpm -Uvh http://vault.centos.org/4.9/os/i386/CentOS/RPMS/yum-2.4.3-4.el4.centos.noarch.rpm http://vault.centos.org/4.9/os/i386/CentOS/RPMS/python-elementtree-1.2.6-5.el4.centos.i386.rpm http://vault.centos.org/4.9/os/i386/CentOS/RPMS/python-urlgrabber-2.9.8-2.noarch.rpm http://vault.centos.org/4.9/os/i386/CentOS/RPMS/yum-metadata-parser-1.0-8.el4.centos.i386.rpm http://vault.centos.org/4.9/os/i386/CentOS/RPMS/python-sqlite-1.1.7-1.2.1.i386.rpm http://vault.centos.org/4.9/updates/i386/RPMS/python-2.3.4-14.10.el4.i386.rpm http://vault.centos.org/4.9/os/i386/CentOS/RPMS/sqlite-3.3.6-2.i386.rpm http://vault.centos.org/4.9/os/i386/CentOS/RPMS/db4-4.2.52-7.3.el4.i386.rpm http://vault.centos.org/4.9/os/i386/CentOS/RPMS/db4-devel-4.2.52-7.3.el4.i386.rpm --force --nodeps

rpm -Uvh http://vault.centos.org/4.9/updates/i386/RPMS/centos-release-4-9.1.i386.rpm

rpm -Uvh http://vault.centos.org/4.9/updates/i386/RPMS/libxml2-2.6.16-12.9.i386.rpm http://vault.centos.org/4.9/updates/i386/RPMS/libxml2-devel-2.6.16-12.9.i386.rpm http://vault.centos.org/4.9/updates/i386/RPMS/libxml2-python-2.6.16-12.9.i386.rpm

rpm -Uvh http://vault.centos.org/4.9/os/i386/CentOS/RPMS/filesystem-2.3.0-1.i386.rpmtp://vault.centos.org/3.9/os/i386/RedHat/RPMS/elfutils-libelf-devel-0.94.1-2.i386.rpm

rpm -Uvh http://vault.centos.org/3.9/os/i386/RedHat/RPMS/beecrypt-devel-3.0.1-0.20030630.i386.rpm

rpm -Uvh http://vault.centos.org/3.9/os/i386/RedHat/RPMS/elfutils-libelf-devel-0.94.1-2.i386.rpm

# custom compiled RPM, not part of centos 3. Required for the upgrade.

rpm -Uvh http://mirror.trouble-free.net/tf/migrate/rpms/popt-1.9.1-32_nonptl.i386.rpm http://mirror.trouble-free.net/tf/migrate/rpms/rpm-4.3.3-32_nonptl.i386.rpm http://mirror.trouble-free.net/tf/migrate/rpms/rpm-build-4.3.3-32_nonptl.i386.rpm http://mirror.trouble-free.net/tf/migrate/rpms/rpm-devel-4.3.3-32_nonptl.i386.rpm http://mirror.trouble-free.net/tf/migrate/rpms/rpm-libs-4.3.3-32_nonptl.i386.rpm http://mirror.trouble-free.net/tf/migrate/rpms/rpm-python-4.3.3-32_nonptl.i386.rpm

The RPM rpms (for the rpm software) are custom compiled. They are centos 4 RPM’s built on a centos 3 server. These are no part of centos 3 or 4. After the yum upgrade the rpm’s from centos 4 will be used. This was a step I found that was required. There was a unresolvable conflict that stopped the upgrade otherwise.

Step 4: Set yum config files (this expects replace to be available)


cp -a /etc/yum.repos.d /root/tmp/yum.repos.d.centos3

cd /etc/yum.repos.d

replace mirror.centos.org/centos/ vault.centos.org/ -- *

replace mirror.trouble-free.net/centos vault.centos.org -- *

replace mirrorlist \#mirrorlist -- *

replace \#baseurl baseurl -- *

replace \$releasever 4.9 -- *

# need gpg key

rpm --import http://vault.centos.org/4.9/os/i386/RPM-GPG-KEY

Step 5: remove old kernels (you compiled a custom kernel right?)


for i in `rpm -qa | grep -i kernel | grep 2.4`; do rpm -e $i --nodeps; done

Step 6: Yum upgrade


yum upgrade

yum clean all

yum update

If you get a conflict above you then some RPM’s are incompatible with centos 4.

Step 7: dev entries (may not be needed)


MAKEDEV null

MAKEDEV console

MAKEDEV ptmx

MAKEDEV pty

mount /dev/pts

That is it. At this point it would be safe to reboot, or continue to upgrade to centos 5 from centos4. You should ensure a kernel RPM has been installed as well.

Centos 6.3 KVM start up error

On a recent kvm upgrade to centos 6.3 I came across this error

virsh start linux6244
error: Failed to start domain linux6244
error: unsupported configuration: virtio only support device address type ‘PCI’

The error was from the virtio / disk section. The XML file had

<disk type='block' device='disk'>
<driver name='qemu' type='raw' cache='none'/>
<source dev='/dev/vz/linux6244'/>
<target dev='vda' bus='virtio'/>
<address type='drive' controller='0' bus='0' target='0' unit='0'/>
</disk>

to fix the error the address type needed to be removed – specifically <address type=’drive’ controller=’0′ bus=’0′ target=’0′ unit=’0’/>

Once removed the vm started up with out problems.

Update

On a test of a centos 6.2 system I removed the

line and redefined the XML. On the redefine the line gets added again. It appears centos 6.2 requires the address type for virtio disks, but centos 6.3 actually fails with it.

Adding AHCI to centos initrd

Ever needed to add AHCI to a centos system after an install. A quick way to do it is just:

modprobe ahci
cp /boot/initrd-`uname -r`.img /boot/initrd-`uname -r`.img.bak
mkinitrd -f --with=ahci /boot/initrd-`uname -r`.img `uname -r`

UPDATE: on centos6 its now

modprobe ahci
cp /boot/initramfs-`uname -r`.img /boot/initramfs-`uname -r`.img.bak
mkinitrd -f --with=ahci /boot/initramfs-`uname -r`.img `uname -r`

cpanel + rrdtool not installing (new install)

Frequently I came across new cpanel installs not installing rrdtool correctly. The error would end at

Using catalogs: /etc/sgml/sgml-docbook-3.1-1.0-51.el6.cat
Using stylesheet: /usr/share/sgml/docbook/utils-0.6.14/docbook-utils.dsl#print
Working on: /usr/local/cpanel/src/3rdparty/gpl/fontconfig-2.6.0/doc/local-fontconfig-devel.sgml
nsgmls:(invalid location):E: invalid filename ""
rmdir: failed to remove `devel-man': Directory not empty
gmake[2]: *** [func.refs] Error 1
gmake[2]: Leaving directory `/usr/local/cpanel/src/3rdparty/gpl/fontconfig-2.6.0/doc'
gmake[1]: *** [all-recursive] Error 1
gmake[1]: Leaving directory `/usr/local/cpanel/src/3rdparty/gpl/fontconfig-2.6.0'
gmake: *** [all] Error 2
child exited with value 2

To fix run
yum remove docbook-utils
/scripts/rrdtoolinstall

CloudLinux Single mode

I’ve always had trouble getting into single mode in cloudlinux. Trying to type single would show up as gibberish. Looking at a server today, I accidentally came across a way around this, by hitting c (to go to the grub command line) and esc (to exit back). Once done I could use append (a). Previously append or edit did not work.

At the GRUB splash screen at boot time, press any key to enter the GRUB interactive menu.

type c (goes to grub command line) then hit esc

Select Cloud Linux with the version of the kernel that you wish to boot and type a to append the line.

type single and hit enter to boot

Send exim on another IP address, for a specific domain

I was looking for a way to send mail to one domain on an IP, and all other mail on another domain on another IP. The basic exim remote SMTP set up is


remote_smtp:
driver=smtp

To switch the exim ip, the interface=IP.address configuration is used. But I wanted to have email to a particular domain go over another IP address. I came up with

interface = ${if eq {$domain}{REMOTE.DOMAIN.COM} {IP.TO.SEND.FROM}{DEFAULT.IP} }

OpenVZ Container Error

Ran into an issue where an openvz container would start up, but the networking would not. Running in verbose mode I saw

ifup-venet WARNING: Device list is empty

After looking around, searching the web I could not come up with anything. Then I saw the container had an /etc/vz folder. Turned out vzctl had got installed by the user on the openvz container, breaking networking. Removing this and a restart fixed the problem.

Copy accounts from a reseller WHM with out the root password (automatically)

I quickly wrote this script to easily run the backup process for all accounts of a reseller using WHM. This calls the backup process in cpanel for each account using the ftp/scp copy function. Once its done you need to manually restore accounts yourself in the folder you copied the accounts to.

An example to restore the account is something quick like

for i in *; do /scripts/restorepkg $i; done

Run the above command in the folder all the backup accounts were copied to.

The restore as well as the below script are best run in screen.

You need to manually create the domains file for the script below. You can do this by going to list accounts in WHM and at the bottom clicking the fetch csv option. Take all that data and create a file called domains on your server. Then run

cat domains | cut -d, -f1-3,10 | grep -v ^Domain, > domains2

This will format the file, calling in domains2 in a format the below script can use.

Script below, with instructions.

#!/bin/bash

# Quick script to copy accounts from another cpanel server, with the reseller (not root password)
# This is just logging into cpanel to run the generate a full cpmove backup function in WHM


##
# Requires
##

## 1) logging into an account with the reseller password
## 2) the backup function working
## 3) getting the csv from list accounts and putting it in the right format


##
# Getting the csv
##

# Log into WHM as the reseller and go to list accounts. At the botton click 'Fetch CSV'
# Save it on the server you are copying it to, and call it 'domains'
# Run the below command
#cat domains | cut -d, -f1-3,10 | grep -v ^Domain, > domains2

# This is the WHM Password (resller pass)
HTTPPASS=whmpassword

# This is the WHM IP (server with the accounts now)
SERVER=IP.TRANSFERING.FROM

# This is the Remote FTP Username (ftp username)
FTPUSER=FTPUSERNAME

# This is the remote FTP Password (ftp password)
FTPPASS=ftppass

# This is the remote FTP IP (ftp IP address where accounts are going to)
FTPSERVER=ftp.server.ip

# This is the email address that gets notifications when the full backup is complete (your email address, the @ is %40)
MYEMAIL="email%40domain.com"

# backup type, possibilities are
# ftp
# passiveftp
# scp
TYPE=ftp;

# Port your ftp or scp port
PORT=21

# remote dir, default is %2F which is blank
# for scp follow format of %2Fhome%2Fusername for /home/username
REMOTEDIR=%2F;

# Sleep time in seconds (setting this too low could cause may backup processes to run at once)
sleep=200;

# you don't need to run this as root, but you may need to define a HOME
export HOME=/root

if [ ! -f domains2 ]; then
 echo 'Domains file missing';
 exit;
fi
# there is no error checking, so double check the above

for i in $(cat domains2 | cut -d\, -f3); do
 THEME=`cat domains2 | grep ,$i, | cut -d, -f4 | grep -v ^#`;
 curl -u $i:$HTTPPASS -k "https://$SERVER:2083/frontend/$THEME/backup/dofullbackup.html?dest=$TYPE&email=$MYEMAIL&server=$FTPSERVER&user=$FTPUSER&pass=$FTPPASS&port=$PORT&rdir=$REMOTEDIR"
 echo "Finished $i, Sleeping"
 sleep $sleep
done