hypervm errors. Zend error

Failed loading /usr/local/lxlabs/ext/lib/Zend/lib/Optimizer-2.5.7/php-5.2.x/ZendOptimizer.so: /usr/local/lxlabs/ext/lib/Zend/lib/Optimizer-2.5.7/php-5.2.x/ZendOptimizer.so: cannot restore segment prot after reloc: Permission denied

Okay that was the message which I got during the hypervm stop. And the solution..

Simplest solution was to disable selinux. But proper solution can be using chcon to change the context

chcon -t texrel_shlib_t /usr/local/lxlabs/ext/lib/Zend/lib/Optimizer-2.5.7/php-5.2.x/ZendOptimizer.so
chcon "user_u:object_r:httpd_sys_content_t" /usr/local/lxlabs/ext/lib/Zend/lib/Optimizer-2.5.7/php-5.2.x/ZendOptimizer.so

should fix it.. I havent confirmed but hopefully proper solution will work.

Technical Quiz a.k.a Cyber Quiz

I am hereby starting a series of Quizing sessions to test yours and improving my knowledge, which I left updating since the last 3 years. These quizzes are not compiled by me, instead took from various sources, online and print. At a time the number of questions, wont exceed a max of 20.

So there you go, hovering the mouse over the Answer will give you the answers

1. What is Google's open operating system for mobile phones called ?
   
   
   Answer
   
   
2. Which telecom major is the biggest stakeholder in Symbian Ltd?
   
   Answer
   
   
3. What is 'zoo' in context of security ?
   
   Answer
   
   
4. Nigel Clifford is the CEO of .... ?
   
   Answer
   
   
5. Who has Peter Dengate Thrush replaced as the Chairman of ICANN ?
   
   Answer
   
   
6. What was founded in July 1990 by Mitch Kapor, John Gilmore, and John Perry Barlow ?
   
   Answer
   
   
7. The graphics Processing Unit used in Nintendo's Wii video fame console is called ... ?
   
   Answer
   
   
8. What in the context of Linux is "bash"
   
   Answer
   
   
9. The maximum packet length of IP, including the IP header is ........................ bytes
   
   Answer
   
   
10. What is 'Wardriving' ?
    
    Answer
    

Multiline search and replace using sed

I had to code in to remove a host entry from hosts.cfg file of nagios. Here is a bit of superb code to do so..

sed '/#/{:a;N;/\}/!ba;/212.217.202.112/s/#.*\}//;}' hosts.cfg

That will remove the entire block starting with "# '212.217.202.112' host definition" and ending in "}"

Obfuscated code eh ? Not so..learn about registers in sed!!

How to remove the mails from exim mail queue based on certain keywords ( cPanel specific )

How to remove the mails from exim mail queue based on certain keywords, especially in a cPanel. Below command will help in that and is for cPanel server. Matter of seconds for a seasoned admin, but posting so that I can copy and paste in future.

find /var/spool/exim/input -type f | xargs grep -l 'search_keywords' | xargs rm -frv

mod_rewrite and REQUEST_URI

Yesterday I did a forum move , a SMF forum. We had to move the forum URL from http://www.domain.com/forum to http://www.domain.com along with moving the servers, but still not losing the links spidered by Google. So things had to be achieved by mod_rewrite and the below rewrite rule helped.

RewriteEngine on
RewriteCond %{REQUEST_URI} ^/forum/(.*)$ [NC]
RewriteRule ^forum/(.*)$ /$1 [R=301,L]

What this will do is redirect

http://www.domain.com/forum/index.php?PHPSESSID=0aj813j131434061699fb61eef295f
to
http://www.domain.com/index.php?PHPSESSID=0aj813j131434061699fb61eef295f

Praise the mod_rewrite authors !!!

Forcing the files to be downloaded

Many of us have had to face the issue of making an txt file or .php file downloaded instead of the webserver parsing it and the browser displaying it. A simple entry as below in .htaccess and sometimes in your virtualhost section of httpd.conf can get this done.


Header add Content-Disposition "Attachment"

semget: No space left on device

2 long months of no technical blogging..I have seen and gone through many issues , but hardly remembered about this blog :-(

Situation:

Restarting httpd works for port 80, but fails for 443 (SSL port). I confirmed it with a telnet localhost 443, which returned me connection refused error. Apache error log along with informational messages, was returning me,

semget: No space left on device

Solution :

To understand that is all because of semaphores getting build up and not being cleared properly. So we need to forcefully remove them.

Stop httpd. and issue the following command,

ipcs | grep nobody | awk '{print $2}' > clear.txt
for i in `cat clear.txt`; do { ipcrm -s $i; }; done;

And finally restart httpd. Please note that in the above command I used nobody to grep in ipcs, but in your case it can be apache or www or even www-data. But you know the drill!!!

cPanel and XWindows

XWindows dont work once cPanel is installed. Reasons are many why they disabled XWindows on the easy one script installation of cPanel, primary reason being security.

However I needed Xwindows to be running on a cPanel installed machine. Here is what I did.

1. Edited /etc/rc.local and commented the line /scripts/securetmp
2. /etc/init.d/xfs start
3. chkconfig --add xfs
4. chkconfig --level 2345 xfs on

Rebooted the machine and when came up, mysql service didn't start. Easy guess was /tmp permissions. I checked the permissions and it was 755, changed to 2777 permissions
5. chmod 2777 /tmp
6. Login screen came in and I logged in :-)

lol. That was easy isn't it ? May not be. Sometimes you need to edit the file /etc/X11/xorg.conf as well and search & comment the lines "FontPath "unix/:7100" . Rare cases. But that is a chance.

If you are reading this blog and even after trying these you are not able to get the XWindows working after these work arounds, please comment. I also played around a few more settings before I could get it work. May be I can remember on seeing the error.

Saga of Kernel upgradation - No dep file found

Oh yeah..It was a 1 hour journey to fix the issue. Lovely because I could fix it :-P Day seems bright as well, because I fixed the XWindows in a cPanel installed machine as well, that will explained in the next blog.

Kernel upgradation was of 2.6.19.2 with grsec patch, after the grsec expand_stack vulnerability. Vulnerability was of high severity considering the purpose of grsec patch. So this time, I went for a rpm build. First build was successful, but I missed the elsa patch. Now ELSA , Enhance Linux System Accounting is included in the kernel itself. So built kernel rpm the second time and this time it was oops!!! :-D I love kernel panic oops. Fun begins here..

I realized I went for Uvh instead of ivh. This is the second time I go for Uvh and having kernel panics. Uvh removed all grub entries and old kernels from /boot directory. Gone.

Went to rescue mode, but when I tried to install the kernel it failed with post-scriptlet and pre-scriplet rpm script execution. So rpm installation on rescue mode failed (On a cPanel installed machine, I never was able to do it)

So extracted the rpms using the command rpm2cpio kernel.rpm | cpio -idv . Result was two dirs, boot and lib in my `pwd` .

Copied the files in boot and lib to appropriate directories. I now realize that initrd image is missing. Have to build it.

Normal mkinitrd /boot/initird-2.6.17.img 2.6.17 was erroring out No dep file found for kernel 2.6.17 Fun again. Let's create the dep file now. depmod is the command which will help you here. Command (after a few trial and error) which actually worked was

depmod -ae -F /boot/System.map-2.6.17 /lib/modules/2.6.17
and that worked.
And finally ran the mkinitrd, which did it's job calm and quiet. Kernel booted up in the older kernel and I am happy :-)

Godaddy coupon codes

I registered around 12 domains with godaddy a few days back. Total cost was around $80+ and when coupon code is entered, it saved me around $9. I wish I should have registered the domains only today :-P I received a email from Godaddy, saying that $15 discount for any order of $75 or more. I could have saved $6 more ..hehe..greedy me..

Here I like to share some coupon codes of godaddy, which can save you some money. All coupon codes can save you $5 atleast, but on calculated entry of right coupon code, you can save anywhere between 5% to 15%. See below

gdm0138f - Save $15 discount for any order of $75 or more - Offer expires on Feb 15th, 2007
gdm0125b - Get 10% off as well as get $5.99 .org domains with this coupon at GoDaddy. No maximum or minimum - Offer expires by 31st Jan 2007
gdm0118b - $6.95 on new .com ..expiry 31st Jan 2007
gdbb776 - ALL .com domains at $6.95 not sure whether expired or not
LOL45 SAVE 10% on any order of $50 or more! - Offer expires 02/28/07.
goox025agc $6.95 domains.. Never expires ?

Nameserver issues - Bind 9

Many times when a website is not resolving, the first thing you must do is to check it in the dnsstuff.com or issue the command 'dig @ns1.domain.com domain.com'. If you are able to understand the response, it is easy to figure out where the problem lies..

Q: How do I find the nameservers of a domain, again use dig.

A : 'dig domain.com NS' will show a raw output of the output.

Now there are different responses one will get for a dig query. Here, I am talking about Redhat based OSes. Other OSes may slightly vary in the config locations. Currently I am telling about the response which has the key word, Server Failure in it's response. Here are a few checks which may help you in figuring out the issue, yourself.


Check #1

It means, the nameserver on which you are querying for the domain don't hold the domain zone. Create an entry in /etc/named.conf and put the zone file somewhere in /var/named, and do a 'rndc reload'. And then do a 'dig @127.0.0.1 domain.com' . Check the answer section, does it respond something along the lines,

;; ANSWER SECTION:
domain.com 86400 IN A 192.168.1.12

Then it is all good and locally it is working fine. If it didn't work, then read on..

Check #2

In Redhat based OSes the named config options are stored at /etc/sysconfig/named , by default. If all the lines there are commented with # or there is no line at all, we can proceed. Otherwise , check for this setting in particular,

ROOTDIR="/var/named/run-root"

Value of ROOTDIR can be anything, another most commonly found value is /var/named/chroot. Once set, that value means the root (it's new home) directory for the named user is /var/named/run-root and it can't see /bin or /usr or not even /tmp. Poor named..isn't it..Well that is called chrooted environment for better security. More about that later..

Usually in such cases, /etc/named.conf will be a symbolic link to ROOTDIR_value/etc/named.conf (in this case it will be symlink to /var/named/run-root/etc/named.conf). And the domain.com zone file would need to be copied to /var/named/run-root/var or even in /var/named/run-root/var/named instead of /var/named and finally do a rndc reload

Check #3

Okay all done. Still not working ? Did you check the log messages. By default the log messages appears in /var/log/messages, unless mentioned otherwise in the file parameter of the logging directive. Open two ssh sessions, reload rndc in one shell, and do a tail -f /var/log/messages on the other and watch for any warning or errors. Correct them accordingly. There are two tools which can help in the process.

named-checkconf and named-checkzone

named-checkconf will parse /etc/named.conf and checks the file syntax. Nothing else. In case of servers where ROOTDIR is set use 'named-checkconf -t /var/named/run-root'.

named-checkzone is what is most handy for me. Command to be issued is

named-checkzone domainname.com /var/named/run-root/var/named/domainname.com

It will print out the errors, if there are any. Or else say loaded okay. See o/p below.

Bad Zone

[root@hackcity var]#named-checkzone domainname.com /var/named/run-root/var/named/domainname.com
dns_master_load: domainname.com:24: domainname.com: CNAME and other data 
dns_master_load: domainname.com:26: domainname.com: CNAME and other data
zone domainname.com/IN: loading master file domainname.com: CNAME and other data

Good Zone

[root@hackcity var]#named-checkzone domainname.com /var/named/run-root/var/named/domainname.com
zone domainname.com/IN: loaded serial 1178542138
OK

Any idea on what was the error with the Bad Zone ?

It was CNAME entries like, in the lines 24-26. Removed them and they were all fine.

domainname.com. IN CNAME domainname.com
domainname.com. IN CNAME domainname.com
domainname.com. IN CNAME domainname.com

Check #4

Last but very important, do you know which is the most important character in a DNS zone file ? It is the period "." :-) If you miss one, none of the above steps will help you. If you forget that the comments in DNS are not marked using # and instead ; , it will remind you. But if you forget the period -> . <- then you have to figure it out yourself. It is something every newbie admins miss.

DBI connect('mysql:localhost','root',...) failed: Access denied for user 'root'@'localhost' (using password: NO) at /usr/local/cpanel/Cpanel/Mysql.pm

Another cPanel issue. A customer was moved the servers, but he was not able to create any databases from cPanel in the new server, but works from phpmyadmin. So issue is isolated with cPanel, when checking the cPanel error logs at /usr/local/cpanel/logs/error_log , saw the follow error

DBI connect('mysql:localhost','root',...) failed: Access denied for user 'root'@'localhost' (using password: NO) at /usr/local/cpanel/Cpanel/Mysql.pm line 42

which kept on repeating each time we take the cPanel page. I tried re-installing DBD::mysql, DBI..but it didn't work. Finally forced the DBI installation with the below command and it fixed :-)

/scripts/perlinstaller --force Bundle::DBI