Archive for the ‘Debian’ Category
How to update Spamassassin on ISPConfig 2
The spamassassin installation on a ISPConfig 2 server is normally updated together with ISPConfig. Here are the steps iIf you want to update spamassassin manually without updating ISPConfig 2:
Download the latest Spamassassin sources and unpack the tar.gz file
cd /tmp
wget http://ftp.fernuni-hagen.de/ftp-dir/pub/mirrors/\
www.apache.org/spamassassin/source/Mail-SpamAssassin-3.3.1.tar.gz
tar xfz Mail-SpamAssassin-3.3.1.tar.gz
Configure, make and install spamassassin
cd Mail-SpamAssassin-3.3.1
perl Makefile.PL PREFIX=/home/admispconfig/ispconfig/tools/\
spamassassin/usr SYSCONFDIR=/home/admispconfig/ispconfig/\
tools/spamassassin/etc
make
make install
Cleanup
cd ..
rm -f Mail-SpamAssassin-3.3.1.tar.gz
rm -rf Mail-SpamAssassin-3.3.1
How to enable port 587 (submission) in postfix
Some internet access providers have port 25 disabled in their routers to prevent spam. If you run your own mailserver in a datacenter, you might have to enable the submission port (587) in postfix to be able to send emails from your local email client to your own mailserver.
To enable port 587, edit the file /etc/postfix/master.cf
vi /etc/postfix/master.cf
and remove the # in front of the line:
#submission inet n – n – – smtpd
so that it looks like this:
submission inet n – n – – smtpd
and restart postfix:
/etc/init.d/postfix restart
NiceToHave tool for monitoring from the command line with Saidar
With Saidar you can display and view all your system statistics.
For an installation in Ubuntu or Debian you can install this with following command:
sudo apt-get install saidar
After having installed it, you can type in the command saidar:
saidar
Now you see in the following screen a complete view of your CPU, processes, load, memory, swap network I/O and disks I/O along with their free space.
The following options are supported:
-d (Wait DELAY seconds between updates (default 3))
-v (Prints the version number)
-h (Display help and exits)
That’s it! Thanks to Planetfox for this tipp.
How to solve the ClamAV error “This version of the ClamAV engine is outdated” on Debian 5.0 (Lenny)
As of today, all ClamAV 0.94 or older installs will stop working. The Debian project has not released updates for their current stable release (5.0) yet to solve this, but there is a workaround. The Debain volatile project provides newer clamav versions. The installation steps to install ClamAV 0.95.3 on Debian lenny are:
1) Add the debian volatile repository to the sources list:
echo “deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free” >> /etc/apt/sources.list
2) Update the sources and install the new clamav package:
apt-get update
apt-get install clamav
apt-get -u upgrade
3) If you use amavisd-new (e.g. if you use a ISPConfig 3 server) then restart amavisd:
/etc/init.d/amavis restart
Get a list of all virtual hosts which are defined in all apache configuration files
Have you ever searched where the virtual host of a website is defined in the apache config files? There is a handy option of the apache2ctl script which might help then. When you run the command:
apache2ctl -S
on the shell, you will get a list of all virtual hosts and default servers incl. the line number where it is defined. Example:
~# apache2ctl -S
VirtualHost configuration:
wildcard NameVirtualHosts and _default_ servers:
*:8080 is a NameVirtualHost
default server ispconfig.local (/etc/apache2/sites-enabled/000-ispconfig.vhost:10)
port 8080 namevhost ispconfig.local (/etc/apache2/sites-enabled/000-ispconfig.vhost:10)
*:8081 is a NameVirtualHost
default server ispconfig.local (/etc/apache2/sites-enabled/000-apps.vhost:10)
port 8081 namevhost ispconfig.local (/etc/apache2/sites-enabled/000-apps.vhost:10)
*:80 is a NameVirtualHost
default server ispconfig.local (/etc/apache2/sites-enabled/000-default:1)
port 80 namevhost ispconfig.local (/etc/apache2/sites-enabled/000-default:1)
port 80 namevhost example.com (/etc/apache2/sites-enabled/example.com.vhost:7)
Syntax OK
Thanks to Planetfox for this tipp.
How to convert RPM software packages to Debian (.deb)
Maybe you had this problem already: you use Debian or Ubuntu Linux and a software package that you like to install is only available in RPM format. The solution is a handy tool called alien, which converts .rpm files to .deb. Installing alien:
apt-get install alien
Converting a rpm package to debian format:
alien –to-deb /tmp/mysoftwarefile.rpm
Conversions from .deb to rpm are also possible:
alien –to-rpm /tmp/mysoftwarefile.deb
How to Update ISPConfig 3
The ISPConfig update script is a easy way to update a ISPConfig 3 installation. If you want to create a manual backup of ISPConfig, take a look at the instructions at the end of the article.
To update ISPConfig 3, login as root user on the shell of your server and run the command:
ispconfig_update.sh
>> Update
Please choose the update method. For production systems select ‘stable’.
The update from svn is only for development systems and may break your current setup.
Select update method (stable,svn) [stable]:
You should always select “stable” on a production system. The “svn” version is only suitable for ISPConfig 3 development.
The updater will then check the version of your system, download the latest update and starts the update process.
This application will update ISPConfig 3 on your server.
Shall the script create a ISPConfig backup in /var/backup/ now? (yes,no) [yes]:
You should choose “yes” here. This will create a backup of the ISPConfig scripts (/usr/local/ispconfig), the /etc directory and the ISPC0nfig MySQL database in the directory /var/backup/
Creating backup of “/usr/local/ispconfig” directory…
Creating backup of “/etc” directory…
Checking ISPConfig database .. OK
Starting incremental database update.
The update script will then start to install incremental database updates for ISPConfig, if required.
Reconfigure Permissions in master database? (yes,no) [no]:
If this is a slave server in a multiserver setup, then choose “yes” here on at least one of the slave servers. For single server installations, choose ‘no’. Then you were asked if the services shall be reconfigured:
Reconfigure Services? (yes,no) [yes]:
You should choose “yes” here, only if you modified your system configuration manually, it might be better to choose no. But in this case, new features in ISPConfig might not work or functions might stop working until you adjusted the config files manually. So its always a good choice to select ‘yes’ here. In the next step, select the ispconfig port:
ISPConfig Port [8080]:
Port 8080 is the default, if you have not changed it, press enter. Otherwise enter the port number and then press enter. As the last step, you wre asked if the crontab shall get reconfigured, you can select yes here by just pressing return.
Create new ISPConfig SSL certificate (yes,no) [no]:
If your SSL certificate for the ISPConfig interface has been expired and you want to renew it or if you want to enable SSL encryption for the ISPConfig interface, then choose “yes”. If you dont need a new SSL certificate, take the default (no).
Reconfigure Crontab? (yes,no) [yes]:
The ISPConfig updater will then update the ispconfig files and restart services, if the configuration has been changed.
Backup before updates
(This backup procedure is now integrated into the ISPConfig updater and gets executed automatically when you choose to create a backup during update)
Before you update a software, it is always a good idea to backup all relevant data. This enables you to restore the software version that you had before in case of an error. The steps to create a backup of the ispconfig software and settings are:
Create a backup folder:
mkdir /home/backup
chmod 700 /home/backup
cd /home/backup
Backup the database
mysqldump -u root -p dbispconfig > dbispconfig.sql
Backup the ISPConfig software
tar pcfz ispconfig_software.tar.gz /usr/local/ispconfig
Backup the configuration files in /etc
tar pcfz etc.tar.gz /etc
This backup does not include the emails and website data.
Keep the spamassassin filter rules up to date in ISPConfig 3
To update the spamassassin rules regularily on your ISPConfig 3 server, add the following line to the root crontab by running:
crontab -e
then insert the following line:
23 4 */2 * * /usr/bin/sa-update –no-gpg &> /dev/null
and save the file. The path to the sa-update script is /usr/bin/sa-update on Ubuntu and Debian Linux, if you use a different linux distrubution, run the command:
which sa-update
to find the location of the sa-update script and adjust the path in the crontab line above so that it matches the path on your system.
How to use apt-file to find which .deb package contains a specific file
Sometimes you need to know which debian package contains a specific file e.g. because you deleted a system file accidently or you try to install a new software that requires this file. The apt package management utility which is used in Debian and Ubuntu comes with a handy tool called apt-file which allows a saerch for filenames in the package database.
Install apt-file
apt-get install apt-file
Update the apt-file database
apt-file update
Search for a specific file name, e.g. “lcrypto”
apt-file search /bin/bash
apt-file search /bin/bash
bash: /bin/bash
bash: /usr/bin/bashbug
bash-minimal: /bin/bash-minimal
bash-static: /bin/bash-static
bashdb: /usr/bin/bashdb
mybashburn: /usr/bin/bashburn
Optimize MySQL performance with mysqltuner
The following tutorial describes the steps to optimize the performance of a MySQL database with the mysqltuner script.
Login to your server on the shell, then execute the following commands:
Download the mysqltuner script:
cd /usr/local/bin
wget http://mysqltuner.pl/mysqltuner.pl
chmod +x mysqltuner.pl
Run mysqltuner
/usr/local/bin/mysqltuner.pl
Then enter root as username and the mysql root password.
You will get a output similar to this:
root@v221:/usr/local/bin# /usr/local/bin/mysqltuner.pl
>> MySQLTuner 1.0.1 – Major Hayden <major@mhtx.net>
>> Bug reports, feature requests, and downloads at http://mysqltuner.com/
>> Run with ‘–help’ for additional options and output filtering
Please enter your MySQL administrative login: root
Please enter your MySQL administrative password:
——– General Statistics ————————————————–
[--] Skipped version check for MySQLTuner script
[OK] Currently running supported MySQL version 5.0.51a-24+lenny2
[!!] Switch to 64-bit OS – MySQL cannot currently use all of your RAM
——– Storage Engine Statistics ——————————————-
[--] Status: +Archive -BDB -Federated +InnoDB -ISAM -NDBCluster
[--] Data in MyISAM tables: 26M (Tables: 215)
[!!] InnoDB is enabled but isn’t being used
[!!] Total fragmented tables: 33
——– Performance Metrics ————————————————-
[--] Up for: 96d 23h 3m 41s (10M q [1.239 qps], 686K conn, TX: 701M, RX: 1B)
[--] Reads / Writes: 44% / 56%
[--] Total buffers: 58.0M global + 2.6M per thread (100 max threads)
[OK] Maximum possible memory usage: 320.5M (12% of installed RAM)
[OK] Slow queries: 0% (20/10M)
[OK] Highest usage of available connections: 33% (33/100)
[OK] Key buffer size / total MyISAM indexes: 16.0M/8.5M
[OK] Key buffer hit rate: 99.9% (57M cached / 30K reads)
[OK] Query cache efficiency: 78.6% (5M cached / 6M selects)
[!!] Query cache prunes per day: 483
[OK] Sorts requiring temporary tables: 0% (0 temp sorts / 408K sorts)
[!!] Temporary tables created on disk: 36% (269K on disk / 745K total)
[OK] Thread cache hit rate: 99% (427 created / 686K connections)
[!!] Table cache hit rate: 2% (64 open / 3K opened)
[OK] Open file limit used: 11% (120/1K)
[OK] Table locks acquired immediately: 99% (3M immediate / 3M locks)
——– Recommendations —————————————————–
General recommendations:
Add skip-innodb to MySQL configuration to disable InnoDB
Run OPTIMIZE TABLE to defragment tables for better performance
Enable the slow query log to troubleshoot bad queries
When making adjustments, make tmp_table_size/max_heap_table_size equal
Reduce your SELECT DISTINCT queries without LIMIT clauses
Increase table_cache gradually to avoid file descriptor limits
Variables to adjust:
query_cache_size (> 16M)
tmp_table_size (> 32M)
max_heap_table_size (> 16M)
table_cache (> 64)
The script recommends to adjust or add the following variables in the mysql my.cnf file. The location of my.cnf is normally /etc/my.cnf or /etc/mysql/my.cnf depending on the Linux distribution that is installed on your server.
Open the my.cnf file:
vi /etc/mysql/my.cnf
and increase or set the variables in the [mysqld] section of the file. Mine looks now like this:
[mysqld]
#
# * Basic Settings
#
user = mysql
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
language = /usr/share/mysql/english
skip-external-locking
#
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
bind-address = 127.0.0.1
#
# * Fine Tuning
#
key_buffer = 16M
max_allowed_packet = 16M
thread_stack = 128K
thread_cache_size = 8
# This replaces the startup script and checks MyISAM tables if needed
# the first time they are touched
myisam-recover = BACKUP
#max_connections = 100
table_cache = 128
#thread_concurrency = 10
#
# * Query Cache Configuration
#
query_cache_limit = 1M
query_cache_size = 32M
tmp_table_sizee = 64M
max_heap_table_sizee = 32M
Then save the file and restart mysql. After a few hours, rerun mysqltuner and check again if the values are fine now or if the have to be increased to a higher value.