Archive for the ‘CentOS’ Category
Debugging of ISPConfig 3 server actions in case of a failure
The follwing article describes the steps that can be taken to debug the ISPConfig 3 server scripts.
Enable the debug Loglevel in ISPConfig
Login to the ISPConfig intterface and set the log level to Debug under System > System > Server Config (see also chapter 4.9.2.2 of the ISPConfig 3 manual) for the affected server. After one or two minutes, there should be more detailed messages in ISPConfig’s system log (Monitor > System State (All Servers) > Show System-Log).
Disable the server.sh cronjob
Go to the command line of the server on which the error happens (on multiserver systems, it is often the slave and not the master) and run (as root):
crontab -e
Comment out the server.sh cron job:
#* * * * * /usr/local/ispconfig/server/server.sh > /dev/null >> /var/log/ispconfig/cron.log
Run the server script manually to get detailed debug output
Then run the command:
/usr/local/ispconfig/server/server.sh
This will display any errors directly on the command line which should help you to fix the error. If you have fixed
the error, please don’t forget to uncomment the server.sh cron job again.
Enhanced e-mail SPAM protection in ISPConfig 3
The command below enables a stricter SPAM handling for postfix on ISPConfig 3 servers.
In Detail:
- Reject sender hostnames with invalid syntax
- Reject sender hostnames that are no fully qualified domains (e.g. reject “server1″ but allow server1.domain.tld)
- Reject sender domains that have no DNS records
- Check sender IP addresses against realtime blacklists.
First make a backup of the postfix main.cf file in case that you want to reverse the changes later:
cp -pf /etc/postfix/main.cf /etc/postfix/main.cf.bak
Then execute this command to enable the additional spam protection functions (the command is one line!).
postconf -e ‘smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_hostname, reject_non_fqdn_hostname, reject_unknown_recipient_domain, reject_non_fqdn_recipient, reject_unauth_destination, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_rbl_client cbl.abuseat.org,reject_rbl_client dul.dnsbl.sorbs.net,reject_rbl_client ix.dnsbl.manitu.net, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination’
Then restart postfix:
/etc/init.d/postfix restart
Send all outgoing email trough one IP address in postfix
When a server has more then one IP address, then postfix will use all IP addresses randomly to send out emails. This can cause your emails to be listed as SPAM on other servers because the sending IP does not match the reverse IP of the server hostname. The solution is to bind postfix to the primary IP address of the server.
Edit the postfix main.cf file:
vi /etc/postfix/main.cf
and add the line:
smtp_bind_address = 192.168.0.1
were 192.168.0.1 has to be replaced with the primary IP address of the server. Then restart postfix:
/etc/init.d/postfix restart
Get the name of the newest file in a directory on the linux shell
If you have a directory with many files (a few thousand in my case) and need to know which one is the newest, then the following command might be useful. It returns the name and details of the newest file in a directory where it is executed:
ls -tl | sed -n 2p
Reduce load of backup scripts with nice and ionice
Runing a nightly backup script on a server system like a webhosting server can produce high load and longer latencys for other processes, e.g. HTML or .php pages load slow during backup because the backup script takes too much I/O or CPU resources.
On Linux systems there are two shell utilitys available to set the I/O and CPU Scheduling for a appliaction or script. The utilitys are named nice and ionice.
Reduce the I/O priority of the script “/usr/local/bin/backup.sh” so that it does not disrupt other processes:
/usr/bin/ionice -c2 -n7 /usr/local/bin/backup.sh
The -n parameter must be between 0 and 7, where lower numbers mean higher priority.
To reduce the CPU priority, use the command nice:
/usr/bin/nice -n 19 /usr/local/bin/backup.sh
The -n parameter can range from -20 to 19, where lower numbers mean higher priority
Nice and ionice can also be combined, to run a script at low I/O and CPU priority:
/usr/bin/nice -n 19 /usr/bin/ionice -c2 -n7 /usr/local/bin/backup.sh
Disable quota for a Linux user or group on the shell
Linux user quotas can be edited with the commands edquota or setquota on the shell. While edquota opens the quota settings in a editor like vim, setquota allows you to specify the quota settings on the commandline.
Example for disabling the quota for the user “testuser”:
setquota -u testuser 0 0 0 0 -a
Example for disabling quota for the group “testgroup”:
setquota -g testgroup 0 0 0 0 -a
Updating Samba on CentOS 5
wrote by Rafael Marangoni, from Servidor Linux team.
This article explains howto update the Samba packages on CentOS 5 to version 3.5.
First, we need to add a new repository:
cd /etc/yum.repos.d/
wget http://ftp.sernet.de/pub/samba/3.5/centos/5/sernet-samba.repo
Then, update samba:
yum update samba
Probably, you will need winbind too:
yum install samba3-winbind samba3-utils
Check the rpm version:
rpm -qa | grep samba
Restarting Samba:
/etc/init.d/smb restart