sandip's blog

Mirroring sites with lftp

The "mirror" command is all you need to copy/mirror a site with lftp:

$ lftp
lftp :~> connect ftp.domain.tld
lftp ftp.domain.tld:~> login <username>
lftp ftp.domain.tld:~> mirror

Here's a one liner:

$ lftp -e mirror -u <username>,<password&gt; <host>

Playing VCD with mplayer

I tried:

$ mplayer vcd://

It would come up with:

Playing vcd://.
track 01:  adr=1  ctrl=4  format=2  00:02:00  mode: 1
track 02:  adr=1  ctrl=4  format=2  00:08:72  mode: 1
...

but exit without playing the tracks.

Track 1 also failed to play, however track 2 did playback the video.

$ mplayer vcd://2

Auto restart apache on segmentation fault error

Recently a particular folder in a site started coming up with blank php pages and the root cause being Segmentation fault after memory exhaustion. The subfolder contents would only come up after doing a restart of apache.

So something tried to access a region of memory that it did not have rights to. May be due to either bad RAM, or a code problem.

My first instinct was eAccelerator as I had done a recent php update and had not re-compiled it.

I still had the same issue the next day and bumped up the memory_limit from 16M to 32M in php.ini and from 32M to 64M in eaccelerator.ini .

Migrating ISPConfig CentOS server

Recently did a full server migration with ISPConfig installed. Luckily it was within the same distro but an updated version of CentOS-4.5, had to add centos-4.5 support to ispconfig conf file prior to the install. I also made sure that I was installing the same version of ISPConfig on the new server, and upgrading to the latest once the migration was complete and the server stable.

These are just notes I took down for later reference, just in case it happens again!!

Preparation:

In preparation for the migration, create A records to point to the new server IP, for all domains to do temporary redirection:

{newhost.domain.tld} : xx.xx.xx.xx
www1.{domain.tld}  ;  : xx.xx.xx.xx

Deleting \t\t\t\t folder left after a compromise

I'm not sure if was related to a hacking attempt. I came across a folder in the root directory / that I could not open or delete, with just tabs for the name which even the `find -inum` command was transparent to.

I did finally get rid of it by using zsh for shell and tabbing through all the files in the root directory.

STARTTLS: CRLFile missing (RESOLVED)

When starting sendmail, I would get the below messgage:

Oct 18 23:59:01 srv02 sendmail[20857]: alias database /etc/aliases rebuilt by root
Oct 18 23:59:01 srv02 sendmail[20857]: /etc/aliases: 79 aliases, longest 22 bytes, 860 bytes total
Oct 18 23:59:01 srv02 sendmail[20862]: starting daemon (8.13.1): SMTP+queueing@01:00:00
Oct 18 23:59:01 srv02 sendmail[20862]: STARTTLS: CRLFile missing
Oct 18 23:59:01 srv02 sendmail[20862]: STARTTLS=server, Diffie-Hellman init, key=512 bit (1)
Oct 18 23:59:01 srv02 sendmail[20862]: STARTTLS=server, init=1
Oct 18 23:59:01 srv02 sendmail[20862]: started as: /usr/sbin/sendmail -bd -q1h
Oct 18 23:59:01 srv02 sm-msp-queue[20872]: starting daemon (8.13.1): queueing@01:00:00

Although, sendmail would still run without the CRL File and just complain about it missing. A quick way to include it in the sendmail configuration is to download revoke.crl from cacert.org, add the below option in sendmail.mc and rebuild the sendmail conf file as below.

Download revoke.crl:

# cd /usr/share/ssl/certs
# wget http://www.cacert.org/revoke.crl

Add the below line to "/etc/mail/sendmail.mc" just below the "confSERVER_KEY":

define(`confCRL', `/usr/share/ssl/certs/revoke.crl')

Rebuild sendmail conf by running make:

# cd /etc/mail
# make

Check sendmail.cf with the revoke.crl listed as below:

O CRLFile=/usr/share/ssl/certs/revoke.crl

Now restarting sendmail should not complain about the missing Certificate Revocation List (CRL) File.

Convert root filesystem to LVM

I converted root filesystem to lvm since the root partition was huge and I needed more flexibility in managing the partitions. Besides, lvm would also enable for easy backups with lvm snapshots.

I had a sizable swap partition of 2GB which I used to transfer my root files to and rebooted to it, prior to the conversion.

Please know what you are doing prior and make sure to create backups.

Piping all mail to file in plesk 8.2

  1. Edit "/var/qmail/mailnames/{domain.tld}/.qmail-default"
  2. Remove any lines in the file and add the pipe to file:
    | /var/www/vhosts/{domain.tld}/file.php
  3. Change the file permission to be executable and owned by the correct user/group of the site, specially if you are executing under safe_mode.
    $ chmod 755 /var/www/vhosts/{domain.tld}/file.php
  4. Check to make sure that "/var/qmail/control/rejectnonexist" does not have the corresponding domain listed there.
  5. Restart qmail.

nsis rpm for redhat 4 (update 5)

Recently built an rpm for a client that needed to install nsis-2.29 on several redhat boxes. nsis-2.28 for centos/fedora is readily available at repo.calcforge.org .

I downloaded the centos source rpm and rebuilt it for redhat4 as described below:

PHP4 (dso) and PHP5 (fcgi) with apache2 on CentOS-4.5

I've had php4 running with apache2 for a while now and wanted to get php5 also simultaneously running. There are other ways to do this, but I opted with getting php5 to run as fastcgi and keep php4 as apache2 module so they can co-exist together.

This was done on CentOS release 4.5 with ISPConfig Control Panel on a dedicated hosting scenario. If you're looking to share the server with others then you might want to set up with suphp/SuExec for security purposes.

Comment