error: stat of /var/log/cron failed: No such file or directory

Hi guys… Today I faced a issue with a new VPS installed with EZ template Centos 5.2. I was preparing the VPS with logwatch, apf and other security and got cron error under roots mail.

Cron errors shows log errors :

/etc/cron.daily/logrotate:

error: stat of /var/log/boot.log failed: No such file or directory
error: stat of /var/log/cron failed: No such file or directory

OR

You do not find log files updating

This was due to the syslog daemon not running. Check if the service is running and restart. Your server may have syslogd daemon on rsyslogd depending on your OS.

I had rsyslogd on Centos 5.2

# /etc/init.d/rsyslog status
rsyslogd is stopped
rklogd is stopped

# /etc/init.d/rsyslog start
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]

Check if the service is being started at the starup :

 

# chkconfig –list | grep rsyslog
rsyslog 0:off 1:off 2:off 3:off 4:off 5:off 6:off

Use Command to enable the daemon at startup

# chkconfig rsyslog on

The log files were not being created due to the daemons stopped, after restart all started generating.

Cheers!

🙂

cPanel / APF – Passive FTP issue

The following web site will redirect you to a very well written article, which will cover the basics of “Passive vs Active” mode functions.

Active FTP vs. Passive FTP, a Definitive Explanation

After FTP connection has been made, The FTP server will generally choose a random port within a certain range to use and tell the client to connect to, but when the firewall is setup to block this port, the connection can not be made and the client times out. Error example below :

[14:55:16] PASV
[14:55:16] 227 Entering Passive Mode (74,86,43,171,13,209)
[14:55:16] Opening data connection to 74.86.43.171 Port: 3537
[14:55:16] LIST -aL
[14:55:37] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

Opening the ports on APF

The first step was to tell APF to have a range of ports open for passive FTP connections. You can put in any range you want as long as it doesn’t conflict with another service. For this we’re going to use the range of 35000-35500.

Will be using vi in this How-To. Please see the Basic Guide to Vim

cd /etc/apf; vi conf.apf

Find IG_UDP_CPORTS   and add passive ports 35000-35500 to look like :

IG_TCP_CPORTS=”20,21,22,25,26,53,80,110,143,161,443,465,623,993,995,2082,2083,2086

,2087,2095,2096,3306,3389,6666,35000_35500

Save the file and restart APF with

/etc/init.d/apf restart

Setting up the FTP Server (Pure-FTPD):

Now you need to tell PureFTPd to use those ports for passive connections. Open up the file /etc/pure-ftpd.conf in your editor and look for the following.

# PassivePortRange 30000 50000

Two things to note. One, the setting is commented out and two the range doesn’t match what we opened in APF. So change it to the following.

PassivePortRange 35000 35500

Restart the PureFTP server with

/etc/init.d/pure-ftpd restart

Test the connections and your are done !

How to compile ‘QUOTA’ support for your FreeBSD server.

I need file system quota support for FreeBSD server.

Quick and Dirty How to compile ‘QUOTA’ support for your FreeBSD server.

Please see: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/quotas.html for more detailed instructions.

To complete the following you will need to have to ssh access to your host server along with full root access.

Login to the remote host via SSH and become root with ‘su -‘ then backup your current kernel and ‘/etc’ directory.

cp -Rp /boot/kernel /boot/kernel.good
cp -Rp /etc /etc.good

Now verify you have the correct source code for your server installed in ‘/usr/src’
cd /usr/src
ee UPDATING

Make sure the first displayed date matches your current ‘uname -a’ output.

Once you have confirmed you have the correct source code installed you can then create your custom kernel configuration file.

cd /usr/src/sys/i386/conf
cp GENERIC MYKERNELCONF
ee MYKERNELCONF

Add the line below to your kernel configuration file and then save the file.

## Example Entry for your Kernel Conf ##

options QUOTA # Provide Quota Support

##

Next you will need to build and install your custom kernel.( This step could take a few mins )

cd /usr/src/
make buildkernel KERNCONF=MYKERNELCONF
make installkernel KERNCONF=MYKERNELCONF

Now before you reboot you need to edit 2 files to enable QOUTA support for you file system.

The first is the ‘/etc/rc.conf’ which will we will edit to enable QUOTA support and to also check them on boot.

grep /etc/defaults/quota >> /etc/rc.conf
ee /etc/rc.conf

You will see the following entries at the bottom of the ‘/etc/rc.conf’ file.

enable_quotas=”NO” # turn on quotas on startup (or NO).
check_quotas=”YES” # Check quotas on startup (or NO).

Change both of the entries to “YES” and then save the file.

enable_quotas=”YES” # turn on quotas on startup (or NO).
check_quotas=”YES” # Check quotas on startup (or NO).

Now you need to modify your ‘/etc/fstab’ file to select which slices should have QUOTAS turned on.

Typical ‘/etc/fstab’ file with NO quota support enabled.

# Device Mountpoint FStype Options Dump Pass#
/dev/ad0s1b none swap sw 0 0
/dev/ad0s1a / ufs rw 1 1
/dev/ad0s1f /home ufs rw 2 2
/dev/ad0s1e /usr ufs rw 2 2
/dev/ad0s1d /var ufs rw 2 2

Typical ‘/etc/fstab’ with quota support enabled.

# Device Mountpoint FStype Options Dump Pass#
/dev/ad0s1b none swap sw 0 0
/dev/ad0s1a / ufs rw 1 1
/dev/ad0s1f /home ufs rw,userquota,groupquota 2 2
/dev/ad0s1e /usr ufs rw,userquota,groupquota 2 2
/dev/ad0s1d /var ufs rw 2 2

Now save the ‘/etc/fstab’ file and reboot the host to load the new kernel and remount your drives with full quota support enabled for your server.

reboot

If for some reason your server does not come back up after 2-10 mins from the reboot please contact your support team and let them know you just compiled a custom kernel and may need to have the server booted with the old backup kernel you made earlier. If the server reboots with no problems you should be all set and ready to go with full quota support for your control panel of choice.

How to bind a range of IP’s in Redhat based linux

How to bind a range of IP’s in Linux
This method is used by Redhat Linux based servers (Centos/RedhatEnterprise/FedoraCore).

Create a file called /etc/sysconfig/network-scripts/ifcfg-eth0-range0
And in the file place these 3 lines but change the IP’s to match YOUR assigned range.

## Start

IPADDR_START=67.18.xxx.xxx
IPADDR_END=67.18.xxx.xxx
CLONENUM_START=0

# Example | IPADDR_START=67.18.333.440
# Example | IPADDR_END=67.18.333.444
# Example | CLONENUM_START=0

## END

The CLONENUM_START should be the number at which the alias interfaces should start. If you add your 5 IP’s to this server and then want to bind a second set of IP’s you create a second file named ‘ifcfg-eth0-range1’ and change the CLONENUM_START to match the last interface alias. IE ‘eth0:5’ = CLONENUM_START=5

After you have created the above file execute the command ‘service network restart’ and your IP’s will be all setup.

*CPANEL NOTE*
Please do not use this method of binding additional IPs if you are using Cpanel. Bind the IPs through the Cpanel interface.

How to bind a range of IP’s in Debian based linux

Problem:

I would like to bind all 5 of my usable IP’s to the ‘eth0’ device


Solution:

Just define a new interface in /etc/network interfaces:

## Start
auto eth0
auto eth0:0
auto eth0:1
auto eth0:2
auto eth0:3

iface eth0 inet static
address 192.168.1.2
netmask 255.255.255.248
gateway 192.168.1.1

iface eth0:0 inet static
address 192.168.1.3
netmask 255.255.255.248
gateway 192.168.1.1

iface eth0:1 inet static
address 192.168.1.4
netmask 255.255.255.248

iface eth0:2 inet static
address 192.168.1.5
netmask 255.255.255.248

iface eth0:3 inet static
address 192.168.1.6
netmask 255.255.255.248
## End

Then you can reboot or use the commands below to bring the interfaces up without a reboot.

ifup eth0:0
ifup eth0:1
ifup eth0:2
ifup eth0:3
ifup eth0:4

On the next reboot they should automatically bind to the NIC.

How to bind a range of IP’s on BSD based hosts ( FreeBSD, OpenBSD )

First login to your FreeBSD host as a ‘non-root’ user. You should have an account in the ‘wheel’ group that you can do this with. Once you have logged in run the following commands to switch users to ‘root’

su –
Password:
server#

The prompt should have a # in it now meaning you are the ‘root’ user.

Now run these commands.

ee /etc/rc.conf

Using 192.168.1.3 – 192.168.1.6 as an example

ifconfig_fxp0=”inet 192.168.1.2 netmask 255.255.255.248″
ifconfig_fxp0_alias0=”inet 192.168.1.3 netmask 255.255.255.255″
ifconfig_fxp0_alias1=”inet 192.168.1.4 netmask 255.255.255.255″
ifconfig_fxp0_alias2=”inet 192.168.1.5 netmask 255.255.255.255″
ifconfig_fxp0_alias3=”inet 192.168.1.6 netmask 255.255.255.255″

Note that changes to the ‘_aliasNN’ and also the ‘netmask’ changes to ‘255.255.255.255’ from ‘255.255.255.248’. The IP’s will not work unless you use a ‘255.255.255.255’ netmask for the alias IP’s.

Once you have added the enteries to your file you need to press ‘ESC’ and then select the ‘Save File’ option. You can then reboot the server and the IP’s will be bound and ready to use.

You can also use ‘ifconfig’ on the command line to add them without a reboot.

Please see the following man pages for more information.

man ifconfig
man rc.conf
man netstat

MySQL Optimization / Repair Information

How MySQL Uses Memory
This page lists some of the ways that the mysqld server uses memory, and associated mysqld variable names
Memory Use MySQL 5.0
Memory Use MySQL 4.1

MySQL Optimization which covers:
– Optimization Overview
– Optimizing SELECT and Other Statements
– Locking Issues
– Optimizing Database Structure
– Optimizing the MySQL Server
– Disk Issues
Optimization MySQL 5.0
Optimization MySQL 4.1

MySQL Server Variables – SQL layer or Storage Engine specific.
List some of the more common variables as well as a brief description
Go to article 1
Go to article 2

Optimizing the mysqld variables by Ian Gilfillan
Great article on MySQL optimization, including some guidelines on what you should set mysqld server variable too.
(key_buffer_size, Query cache variables, table_cache, sort_buffer, etc..)
Go to article

Repairing Database Corruption in MySQL by Ian Gilfillan
Table corruption should be rare when using MySQL, however it helps to know how to fix the problem when it does occur.
Go to article

Optimizing MySQL: Queries and Indexes by Ian Gilfillan
The database is just too slow. Queries are queuing up, backlogs growing, users being refused connection. Management is ready to spend millions on “upgrading” to some other system, when the problem is really that MySQL is simply not being used properly. Badly defined or non-existent indexes are one of the primary reasons for poor performance, and fixing these can often lead to phenomenal improvements.
Go to article

Other MySQL Articles by Ian Gilfillan

Securing MySQL.

Due to differing needs and requirements this is difficult to answer except on a case by case basis. The MySQL website has a section regarding general security of a MySQL database available here: http://dev.mysql.com/doc/refman/5.0/en/security.html

Additionally some good practices are:

  1. Verify your root MySQL account password is set
  2. the test account and database that were created during the initial installation
    • Login to mysql as root, from the command prompt “shell> mysql –u root –p mysql” and enter the password when prompted
    • mysql> drop database test;
    • mysql> use mysql;
    • mysql> delete from user where user=’test’;
    • mysql> delete from user where user=”;
    • mysql> flush privileges;
  3. Make sure that each account has a password set
  4. Do not grant global privileges unnecessarily
  5. Avoid using wildcards in the hostname value associated with accounts
  6. Periodically review users and databases that are setup in MySQL
  7. Do not use passwords on the command line. From the command line you can login to MySQL using “shell> mysql –u root –password=somepassword mysql” the problem with this is anyone on the server could view your password with a simple process list command “shell> ps”. The correct usage would be: “shell> mysql –u root –p mysql”, from this MySQL will prompt your for your password and it will not show up in the process list as plain text.

Note: There are many excellent articles available on the web for MySQL security. Go to your search engine of choice and search “securing mysql” and you should have reading for weeks.

How do I backup MySQL in Linux?

1. Copying from the mysql directory

By default, MySQL databases on servers that use Linux are stored in the following directory:

/var/lib/mysql/

If you shut down the mysqld service first, you can copy your databases to an example /backup directory using the following command:

cpRp /var/lib/mysql/*.* /backup

The –R switch for the cp command means recursive, which you want to use because each database is in a separate directory. The –p switch is for permissions, which will maintain the permissions of what is copied.

You generally want to shutdown the mysqld service before using the above method because if a database is copied while it is actively being used, the resulting backup will be corrupt and therefore worthless. If you are certain none of the databases are not being used at the time, you can use the above command.

2. The mysqldump command

The mysqldump command lets you back up both individual databases and all databases on a server without having to shutdown the mysqld service. Because of this ability to make backups while still keeping databases online, this method is preferred.

Individual databases

An example command that would let you back up a database named example to the directory /backup while logged in as root is as follows:

mysqldump example > /backup/example_backup.sql

Unless it is a small database, it is recommended that you then compress the resulting database backup in order to reduce the amount of time necessary to transfer the backup. The following command would compress the backup of the example database:

tar czvf /backup/example_backup.tar.gz /backup./example_backup.sql

All databases

If you have numerous databases and backing all of them up individually would be too time consuming, the following command will backup all MySQL databases on your server to the /backup directory:

mysqldump -A > /backup/databases.sql(or –all-databases)

The –A switch (“-all-databases” performs the same function) will dump any and all databases on the server.

Linux Memory Management

Scenario: Customer is concerned that only 100MB of their 2GB of memory is as unused or free when running the free command. However, no processes appear to be consuming large amounts of memory, and the server is not running slow.

Cause: This is not a problem, but rather a result of the way linux manages its memory. On boot linux will typically display a large amount of free memory, as no processes have started to address it yet. Once processes run, Linux will cache that memory so it is quickly addressed for the next session. What this means is that on *most* linux distros, you’ll notice that a very small amount of memory is free, even though the machine is having no problems processing data (unlike, for instance a Windows server that would be quite slow with 150K of “free” memory). The best way to judge if the server is running low on memory, is if the swap space is being addressed. If the swap is occasionally hit, using a very small amount of memory, there is no cause for concern as that space will still be addressed. However, if a large amount of swap space is being used (50% or more) then the client may want to consider a memory upgrade.

Basically, the free memory isn’t the amount of memory that is not doing something, it’s the sum total of LowMem and HiMem that he kernel has left to address.