Chroot Configuration In CentOS 5
Jan 6, 2009
I am trying to configure chroot for my Apache 2.2.8 + PHP 5.2.8 + MySQL 5.0.51 + CentOS 5.1 using the article at: [url]
I have moved most of the files that are required by Apache to run.
I want to move PHP, MySQL also into chroot jail along with Apache.
How can I know the list of files that are needed by my Apache? It is asking for some of the files in the /usr/bin, /lib, /usr/local/lib, /usr/lib folders.
Somehow, I moved most of the files that are required by Apache to the chroot jail and finally I got httpd: bad user name daemon error.
And in CentOS, I don't have the file /etc/passwords and the command pwd_mkdb.
View 0 Replies
ADVERTISEMENT
Jan 1, 2008
I've purchased a VPS with CentOS 5 on and am looking to get it all up and running myself (Never done anything Linux based before but don't mind learning). I've gotten as far as installing LAMP + Webmin on the server, outsourced my DNS to zoneedit and email to Google and am now trying to configure other parts. I'm currently stuck on two things.
1. I'm trying to configure my FTP server. I've installed and am able to run it and connect to it myself as root but I can't figure out how to get it my html folder. Its only got files like .bash_history and .bash_logout in view. Also trying to do this through Webmin cause I've got no idea where to find anything on the command line other then proftd.conf
2. I'm trying to add users to the server but again I'm unsure on how to set the permissions for it. I can create it but it comes up with the error /dev/null Permission Denied a couple of times when I log in.
View 3 Replies
View Related
Sep 24, 2007
Would this be a good setup for a VPS Serving system with 2x 500gb hard disks (up to) 8gb memory.... (Looking to use OpenVZ to create about 14-15 512mb VZ VPS's)?
Host machine to do nothing other than host the VPS's. Host O/S to be Centos 5 x64, guest O/S's to be the usual OpenVZ supported linuxes.
Make 2 software raid partitions 120mb, each
|
+- Make RAID 1, mounted at /boot
Make 2 s/w raid partitions Remainder of drive
|
+- Make 1 LVM Physical Drive, using RAID 1
|
+- Make Logical Partition, 20gb, mounted '/'
+- Make LP, Swap 16gb
+- Make LP. ext3 remainder, mounted as '/vz'
Is it important what order I should make the Logical Partitions? Should I create a /tmp partition? If so, how much?
View 1 Replies
View Related
Apr 12, 2015
OS CentOS 6.5
Panel version 11.5.30 Update #50
Tried migrating a site from a much older server. The migration never completed, so it was aborted and all the migration files deleted. Now, I'm getting the following error on the Plesk Home page:
=================
New configuration files for the Apache web server were not created due to the errors in configuration templates: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 7 of /etc/httpd/conf.d/zz010_psa_httpd.conf: Syntax error on line 319 of /etc/httpd/conf/plesk.conf.d/roundcube.conf: Could not open configuration file /etc/httpd/conf/plesk.conf.d/webmails/roundcube/xxxxxxxxxxx.com_webmail.conf: No such file or directory . The error message containing the detailed error descriptions was sent to you by e-mail. Please resolve the issues and click here to generate broken configuration files once again or here to generate all configuration files.
=================
Clicking either of the 2 available options (links) does not resolve the issue. How to clear this error?
View 2 Replies
View Related
Feb 25, 2015
I have a new CentOS 7, with Plesk 12, CentOS 7 by default has XFS filesystem.
I try migrate sites from another Plesk Server but Plesk agent say: "hard disk quota is not supported due to configuration of server file system" (my CentOS 7)
My CentOS7:
CentOS Linux 7.0.1406 64 bits
Plesk 12.0.36
My fstab
[root@ns ~]$ cat /etc/fstab
/dev/mapper/centos-root / xfs defaults,usrquota,grpquota 1 1
UUID=ba391bd5-786c-4ae7-8bbd-f36f831ae6eb /boot xfs defaults 1 2
/dev/mapper/centos-swap swap swap defaults 0 0
I added "usrquota,grpquota", then mount -o remount / ; but when I try quotacheck -fmv / I gest this:
[root@ns ~]$ quotacheck -fmv /
quotacheck: Skipping /dev/mapper/centos-root [/]
quotacheck: Cannot find filesystem to check or filesystem not mounted with quota option.
but quotaon command works:
[root@ns ~]$ quotaon /
quotaon: Enforcing group quota already on /dev/mapper/centos-root
quotaon: Enforcing user quota already on /dev/mapper/centos-root
The problem here is why Plesk does not recognize quotas as enabled on CentOS 7??
If I try this command it seems good:
[root@ns ~]$ /usr/local/psa/admin/sbin/usermng --isquotable
0
Also I do this:
- Disabled Selinux
- Check all packages as quota, etc.
I have been using some reference: [URL] ....
View 11 Replies
View Related
Apr 27, 2015
I have a Server with Centos7 + Plesk 12 and in the service configuration say that the Bind service is not installed, from command line i have install named services and make a manual configuration the first domain, but when I return to the service page in plesk... the problem is the same, the Bind Service is not installed; then the problem is when i want create a new hosting i need to go to the ssh to make the DNS configuration...
View 1 Replies
View Related
Oct 12, 2009
It has been a long time since I setup named, and I need some help as I'm just not getting it this time around. I'm running named on CentOS under Chroot
IP Space is; 216.201.80.96/28
Gateway is 216.201.80.97
Netmask is 255.255.255.240
Useable IP Space is 216.201.80.100 - 110
named.conf
---
key "rndckey" {
algorithm hmac-md5;
// secret is xx'ed out for this posting
secret "xxxxxxxxxxxxxx";
};
controls {
inet 127.0.0.1 allow { 127.0.0.1; } keys { "rndckey"; };
inet 216.201.80.101 allow { 216.201.80.101; } keys { "rndckey"; };
};
options {
directory "/var/named";
pid-file "/var/run/named/named.pid";
recursion yes;
allow-recursion {
127.0.0.1;
216.201.80.101;
};
listen-on {
127.0.0.1;
216.201.80.101;
};
query-source address * port 53;
version "REFUSED";
allow-query {
127.0.0.1;
216.201.80.101;
};
};
server 216.201.80.101 {
keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "cheapdatamining.com" IN {
type master;
file "data/cheapdatamining.com.zone";
allow-update { none; };
};
cheapdatamining.com.zone
--------------------------
$TTL 38400
@ IN SOA ns1.cheapdatamining.com. admin.cheapdatamining.com (
2008090335 ; Serial
10800 ; Refresh after 3 hours
3600 ; Retry after 1 hour
604800 ; Expire after 1 week
86400 ) ; Minimum TTL 1 day
cheapdatamining.com.INNS ns1.cheapdatamining.com.
cheapdatamining.com.INNSns2.cheapdatamining.com.
ns1.cheapdatamining.com.IN A 216.201.80.101
ns2.cheapdatamining.com. IN A 216.201.80.102
resolv.conf on server.
--------------
search cheapdatamining.com
nameserver 216.201.80.101
nameserver 216.201.80.102
Got the domain sitting at godaddy with ns1 and ns2 pointing to 216.201.80.101/102
Everything looks good as far as I can see, local nslookup on the loopback is fine, and iptables are good.
View 0 Replies
View Related
Apr 29, 2007
Is anyone using a chroot apache to offer shared hosting, with CGI, PHP etc... all working fine?
View 2 Replies
View Related
Jan 23, 2009
I'm using Plesk on my server and its a pain in the @** to create FTP users. So I found this article on adding chrooted FTP users. I successfully added a user, but would like to change the path now, how can I do this?
View 2 Replies
View Related
Sep 30, 2014
I have customers that want the git program to be able to pull/push their github repos. I've copied all of the files in the git rpm into the site's chroot but whenever they try to pull down their repo via ssl they get this message:
error: while accessing https://github.com/USERNAME/PROJECT.git/info/refs
fatal: HTTP request failed
We have gotten ssh to work with git but the ssl issue still isn't working.
View 1 Replies
View Related
Sep 24, 2014
Where can I define the $PATH in chroot permanent ?
If i use "export PATH=$PATH:/usr/libexec" in the shell - its ok for this session, but in a new Session the modified $PATH-Variable ist reset to:
"echo $PATH"
"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games"
View 1 Replies
View Related
Apr 7, 2014
I've a problem with the chroot directories under /var/www/vhosts/domainxy.com. The options I've configured is "Access to the server over SSH -> Forbidden", After creating a webspace there are no chroot directories. But if I change the system user username under hosting settings, the directories will be created. But I don't want this, because the option I choosed is "Forbidden" and my customers are irritated about this directories. Can I prevent this behabiour?
View 1 Replies
View Related
Feb 23, 2015
Is there any way for a client to use command line mail in a script. Client has ssh access via chromed environment.
Wants their script to be able to send an email on completion.
plesk 12 on Centos6.6
View 6 Replies
View Related
Sep 30, 2014
After update of some system commands, there is now difference between the system-wide command and the equivalent that is located in the chroot template directory (and the command that is in the domain's bin dir).
Is there a command/utility that can update the commands (and all libraries that they depend on), that we have in our chroot template directory /var/www/vhosts/chroot?
View 2 Replies
View Related
Aug 27, 2014
I am testing out Plesk control panel 12 - looks promising, but the moment I hit chroot-ed environment, many things go wrong.
Set up:
Virutal server, running linux (64 bit Ubuntu 14.04 Server LTS);
Plesk Control Panel 12.0.18, Update #14;
Currently running on a trial license;
Brand new installation on a dedicated server;
I have two disks, one is for system stuff, plus plesk; second disk is supposed to be dedicated to /var and /home
root@testthing:/var/log# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/vda1 40G 8.7G 29G 24% /
....
/dev/vdb1 493G 2.9G 465G 1% /disk2
[Code] .....
(to save place, I've removed the regular stuff that is everywhere and makes not difference for this case ... I think)
The plesk installation went just fine; update ran fine; I can register customers, their websites run fine ... as long as they get no shell at all, or regular shell to the server.
BUT: we need to jail all our customers under chroot. If that is not possible, we can't use Plesk.
I created a Service plan cloned form the Default domain plan and changed only to give the users ssh access to the server with a chroot env.
When I try to register a new client with this new service plan, it fails with lots of error messages (one per directory it tries to make), like this:
chrootmng: cannot set permissions for "/var/www/vhosts/demowh1.blah.blah/lib":Too many levels of symbolic links
...
Dropping the GUI and xperimenting in a shell, as root: If I run:
root@testthing:/usr/local/psa/admin/sbin# ./chrootmng --create --source=/var/www/vhosts/chroot/ --target=/var/www/vhosts/demowh1.blah.blah
open_basedir_with_nofollow: opeat failed: `var', Too many levels of symbolic links
[Code] ....
But, if I run it like this:
root@testthing:/usr/local/psa/admin/sbin# ./chrootmng --create --source=/var/www/vhosts/chroot/ --target=/disk2/var/www/vhosts/demowh1.blah.blah
It proceeds to make a copy of all directories where it should.
So, at this point I am pretty sure that the problem is my link between /var and /disk2.
Still, I want to keep the user data on a separate disk from the system/plesk data.
View 4 Replies
View Related
Jul 31, 2008
As my clients' needs expand, they're asking for chroot ssh/sftp setup. I'm currently on a dedicated Linux setup but don't really have the time to set up a whole new box with full virtualization or investigate a full chroot solution (baby on the way), and to be honest it would be less hassle to move to a new provider than worry about down time with sites.
What I'm looking for:
- linux hosting
- hosting for 30+ accounts, some with several domains
- at least 6 IP addresses for SSL certs
- each account in a full chroot environment (ssh/sftp/ftp) so they can't poke around each others' files, or each account set up in a virtual machine setup (ie: openvz)
- maildir
- spamassassin
- php 5, mysql, perl 5.8.8
- suexec apache would be nice
View 3 Replies
View Related
Oct 1, 2007
What is the difference between CentOs 5.0 and Centos 4.5? (Both contains Plesk)
Would CentOS 5 contain more updates and fixes? CentOS 4.5 be more stable?
View 0 Replies
View Related
Aug 19, 2008
Does it worth to upgrade cent os to latest version on server where is installed whm/cpanel?Could i request upgrade from cpanel support ?
View 3 Replies
View Related
Aug 7, 2007
which one do i have to choose?? and why?
my server is P4 3.6GHz HTT with 2GB RAM
View 6 Replies
View Related
May 18, 2007
I've made a how to, based on my personal knowledge about upgrading a CentOS 3, RedHat 9, or 8?, Fedora Core, and maybe others, to the new CentOS 4.5 OS. (or CentOS 4.x)
[url]
Please post, comments, questions, etc. here.
I've myself upgraded many servers this way, (even, tonight, I upgraded another, so I finally decided to do this with all my notes)
View 3 Replies
View Related
Oct 6, 2008
I was looking into setting up a new VPS server, without Parallels.
I have a dedicated server running centos. I was thinking about putting Xen on it and the use lxadmin instead of cpanel.
Any thoughts or experience with that setup.
View 4 Replies
View Related
Dec 30, 2007
I just found about about csf so I uninstall afp, bfd and install csf. spend time setting it up but still not getting lik what i want can some one post their csf so i can take a look.
I want to received e-mail at least for the following:
1. someone login ssh
2. someone using su (fail and pass)
3. someone try to brutal force (notify like bfd)
4. possible break in attemp like bfd
5. when ip got ban from brutal force
6. .... and all that good stuff that keep u alert.
it's possible to notify when someone try to login whm and cpanel?
View 1 Replies
View Related
Jun 14, 2008
Hello All,
I have almost everything setup for my VPS except for the firewall.
Someone told me that you can screw up your VPS if you configure your firewall incorrectly.
Can someone please guide me through? Which firewall should I use? and what all configurations should I make?
My VPS is on Debian 4 and I already have webmin configured on it. It does shows me an option to install a firewall but I just dont have enough courage to do so.
Thanks in advance,
Imoracle
View 3 Replies
View Related
Jul 24, 2009
I installed Mod_Security on my Cent OS server today and having some problem in configurating it.
Problem -
I have added this module in 'httpd.conf' file
Code:
<IfModule mod_security.c>
SecFilterEngine On
SecServerSignature "Apache"
SecFilterCheckUnicodeEncoding Off
SecAuditEngine RelevantOnly
SecAuditLog logs/audit_log
SecFilterScanPOST On
SecFilterDefaultAction "deny,log,status:403"
SecFilterSelective REQUEST_METHOD "^POST$" chain
SecFilterSelective HTTP_Content-Length "^$"
SecFilterSelective HTTP_Transfer-Encoding "!^$"
SecFilterSelective ARG_PHPSESSID "!^[0-9a-z]*$"
SecFilterSelective COOKIE_PHPSESSID "!^[0-9a-z]*$"
SecFilter "../"
SecFilter "viewtopic.php?" chain
SecFilter "chr(([0-9]{1,3}))" "deny,log"
SecFilterSelective THE_REQUEST "wget "
SecFilterSelective THE_REQUEST "lynx "
SecFilterSelective THE_REQUEST "scp "
SecFilterSelective THE_REQUEST "ftp "
SecFilterSelective THE_REQUEST "cvs "
SecFilterSelective THE_REQUEST "rcp "
SecFilterSelective THE_REQUEST "curl "
SecFilterSelective THE_REQUEST "telnet "
SecFilterSelective THE_REQUEST "ssh "
SecFilterSelective THE_REQUEST "echo "
SecFilterSelective THE_REQUEST "links -dump "
SecFilterSelective THE_REQUEST "links -dump-charset "
SecFilterSelective THE_REQUEST "links -dump-width "
SecFilterSelective THE_REQUEST "links http:// "
SecFilterSelective THE_REQUEST "links ftp:// "
SecFilterSelective THE_REQUEST "links -source "
SecFilterSelective THE_REQUEST "mkdir "
SecFilterSelective THE_REQUEST "cd /tmp "
SecFilterSelective THE_REQUEST "cd /var/tmp "
SecFilterSelective THE_REQUEST "cd /etc/httpd/proxy "
SecFilterSelective THE_REQUEST "/config.php?v=1&DIR "
SecFilterSelective THE_REQUEST "/../../ "
SecFilterSelective THE_REQUEST "&highlight=%2527%252E "
SecFilterSelective THE_REQUEST "changedir=%2Ftmp%2F.php "
# Very crude filters to prevent SQL injection attacks
SecFilter "delete[[:space:]]+from"
SecFilter "insert[[:space:]]+into"
SecFilter "select.+from"
# Weaker XSS protection but allows common HTML tags
SecFilter "<[[:space:]]*script"
# Prevent XSS atacks (HTML/Javascript injection)
SecFilter "<(.|n)+>"
</IfModule>
But my website is multi forum hosting and requires 'index.php' file to pass parameter to make it work.
Example -
[url]
[url]
[url]
So i had to delete below mention code from above module.
Code:
SecFilterSelective REQUEST_METHOD "^POST$" chain
SecFilterSelective HTTP_Content-Length "^$"
SecFilterSelective HTTP_Transfer-Encoding "!^$"
SecFilterSelective ARG_PHPSESSID "!^[0-9a-z]*$"
SecFilterSelective COOKIE_PHPSESSID "!^[0-9a-z]*$"
SecFilter "../"
View 0 Replies
View Related
Jan 28, 2009
Do you think this configuration is doable?
Dual Core/Core2Duo
2GB Ram
500GB HDD
100mbps port
Win 2003/2008 Web Edition
~2000-3000GB bandwidth
~$100/month?
View 8 Replies
View Related
Oct 23, 2009
I need your opinion on the best drive configuration for my Dell poweredge 2850 dual 3.0.
I have 6 x 72gb scsi 10k hds, and perc4 raid in server. My os will be Cent os with 4 gigs of ram installed. I want to try to make this server as redundant as possible.
Offsite backup is also in plans. I’m going to use this server for a few sites (5 - 10) that are db driven, and host small video clips as Dolphin Smart Community. Server will be colocated. Please let me know if missed something .
View 6 Replies
View Related
Feb 8, 2009
serverlof but dedicadet bought and set up on my vmserver not connect to the internet vps.
Companies can connect to the internet with NAT, but only with my NAT can not connect to the internet with the other global ip.
Information about how to do VMServer settings may wonder Do you have friends?
View 0 Replies
View Related
Apr 14, 2009
i have node 16 cpu AMD 64 gb ram HDD sas 15 with raid 10 /hypervm + openvz i host 10 vps
my problem when any vps load go over 2 the Node load go to 30 - 40 some time 100 i set CPU UNITS , Number Of CPUS and Cpu Usage for every vps but the load in node is go up
how i can set limit in vps and prevent from effect on load Node?
View 2 Replies
View Related
Apr 9, 2009
I Want to use ASSP for a large number of server with different IP,
ASSP is use as SMTP proxy for the outbound traffic,
In Relaying > AcceptAllMail in put my network,
the question is : does the network will be scanned by assp, i have see that the network contribute to the whitelist?
View 4 Replies
View Related
Jul 14, 2008
My VPS mostly have problem of over load and its beacuse of lot of mails in Mail Queue,
Can any one recommend me best best Exim Configuration in cpanel.
I think no mail stay in Queue more then 2 hours. It delete autometically or any other thing you recommend. It help me for less load.
View 3 Replies
View Related
Aug 29, 2008
Can not connect to remote socket.
IO:ocket::INET configuration failederror:00000000:lib(0):func(0):reason(0)
This can caused by a few things:
The cPGSD server is not running on 127.0.0.1:2082
There is a firewall blocking access to 127.0.0.1:2082
127.0.0.1 is not the right IP and/or 2082 is not the right port
Solar Flares (Please contact support to investigate)
I used Cpanel 11 dont known where turn off firewall T-T
View 0 Replies
View Related
