i run one bad command :-(
chmod -R 644 /
and this command changes all permision in root server
have any away for fixed all permision in centos?
because all site take error
i use of cpanel
It there any good way to stop using from reading /etc/passwd?
I have suPHP enabled and open_basedir enabled by WHM too. But it seems susphp ignores open_basedir restrictions?
Here is virtual host config:
<VirtualHost x.x.x.x:80>
<IfModule concurrent_php.c>
php4_admin_value open_basedir "/home/xxx/:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/p$
php5_admin_value open_basedir "/home/xxx/:/usr/lib/php:/usr/local/lib/php:/tmp"
</IfModule>
<IfModule !concurrent_php.c>
<IfModule mod_php4.c>
php_admin_value open_basedir "/home/xxx/:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/li$
</IfModule>
<IfModule mod_php5.c>
php_admin_value open_basedir "/home/xxx/:/usr/lib/php:/usr/local/lib/php:/tmp"
</IfModule>
<IfModule sapi_apache2.c>
php_admin_value open_basedir "/home/xxx/:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/li$
</IfModule>
</IfModule>
ServerName xxx.com
ServerAlias www.xxx.com
DocumentRoot /home/xxx/public_html
ServerAdmin webmaster@xxx.com
UseCanonicalName Off
CustomLog /usr/local/apache/domlogs/xxx.com combined
CustomLog /usr/local/apache/domlogs/xxx.com-bytes_log "%{%s}t %I .
%{%s}t %O ."
## User xxx # Needed for Cpanel::ApacheConf
<IfModule mod_suphp.c>
suPHP_UserGroup xxx xxx
</IfModule>
<IfModule !mod_disable_suexec.c>
SuexecUserGroup xxx xxx
</IfModule>
ScriptAlias /cgi-bin/ /home/xxx/public_html/cgi-bin/
DocumentRoot /home/xxx/public_html
ServerAdmin webmaster@xxx.com
UseCanonicalName Off
CustomLog /usr/local/apache/domlogs/xxx.com combined
CustomLog /usr/local/apache/domlogs/xxx.com-bytes_log "%{%s}t %I .
%{%s}t %O ."
## User xxx # Needed for Cpanel::ApacheConf
<IfModule mod_suphp.c>
suPHP_UserGroup xxx xxx
</IfModule>
<IfModule !mod_disable_suexec.c>
SuexecUserGroup xxx xxx
</IfModule>
ScriptAlias /cgi-bin/ /home/xxx/public_html/cgi-bin/
# To customize this VirtualHost use an include file at the following location
# Include "/usr/local/apache/conf/userdata/std/2/xxx/xxx.com/*.conf"
</VirtualHost>
Scripts are running with user's UID, and that is fine, but it can still read /etc/passwd file for example.
How to fix that? Is it really open_basedir value is ignored by susphp? It works fine if I remove suphp and run scripts with nobody uid.
Permission denied: /home/airtrade/etc/airtrade.com.tw/passwd passwd this is the error message obtained upon trying to create email accounts in cpanel.
the present permissions of the passwd file is 644 and ownership is username nobody i tried changing it to username.mail but still the same error
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0ync:/sbin:/bin/sync
shutdown:x:6:0hutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0perator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81ystem message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32ortmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
htt:x:100:101:IIIMF Htt:/usr/lib/im:/sbin/nologin
canna:x:39:39:Canna Service User:/var/lib/canna:/sbin/nologin
wnn:x:49:49:Wnn Input Server:/var/lib/wnn:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
mysql:x:101:102:MySQL server:/var/lib/mysql:/bin/bash
mailman:x:32001:32001::/usr/local/cpanel/3rdparty/mailman:/bin/bash
cpanel:x:32002:32003::/usr/local/cpanel:/bin/bash
johnny:x:32003:32004::/home/dorn:/usr/local/cpanel/bin/noshell
angel:x:32004:32005::/home/angeliq:/bin/false
clamav:x:32015:32017:Clam AntiVirus:/home/clamav:/bin/false
I heard it may pose a security risk for those unneeded users. Which lines can I remove?
i been wonder today when i try to login my account @box by SSH 21
the password is changed i think!
and when i see the logs files there is no stranger ip!
and there is no email about changeing password for my mail!
i tried to log in by another account in my server and trying to su root permission by my password
but passwd incorect!
and i change the Mysql root passwd and same thing
my support they sleep before 3 days so i should to figure my problem alone...
how to reset my root ssh passwd?
am useing Plesk VPS ...
I have been googling this for a while but am not getting anywhere. Curiosity has gotten the best of me, what are the passwd- and shadow- files used for? The date and time stamps for both the passwd- and passwd files are exactly the same, as are the shadow- and shadow files.
Are they automatically-created backups of the passwd and shadow files?
how can i save /etc/passwd there is many linux order which show my users on server
such as :
cat /etc/passwd
cat /var/cpanel/acounting.log
ls -la /etc/valiases
ls /var/named
-----------------
and how can i disable the geting orders
such as :
wget
curl -o
lynx
We have CentOS and WHM 11 on the server. Also we have PHP 4.4.4 and open base dir enabled on the server . We have a shared server with many website configured on it.
Now The user uses the following PHP code and can see the /etc/passwd file
=============================================
<?
echo ini_get("safe_mode");
echo ini_get("open_basedir");
include("/etc/passwd");
ini_restore("safe_mode");
ini_restore("open_basedir");
echo ini_get("safe_mode");
echo ini_get("open_basedir");
include("/etc/passwd");
?>
============================================
Now how to stop this. This is a security hole. how to stop this.
I set up a new account for a client using my reseller. He went to change the password and he is getting this error
There was an error manipulating the password file. This generally means you entered your old password incorrectly.
Changing password for user xxxxx.
Changing password for xxxxx
(current) UNIX password:
passwd: Authentication token manipulation error
The thing is, he is putting the password in correct. I made sure of that
I am able to change it in whm and i am able to log in to the account, i just cant change the password from cpanel
We've had a customer do something strange to their server. They were playing with /etc/passwd or /etc/shadow or similar (not quite sure of the details) but the upshot is booting the server into single user and trying to reset the password via passwd gives
passwd root (and any user)
passwd: Authentication token manipulation error
So far I've
Replaced /etc/passwd* and /etc/shadow* with a copy from another server
Turned off SeLinux
/etc/pam.d/passwd is fine
Root file system is r/w
Apache error log for a subdomain
[Thu Apr 17 00:02:24 2008] [crit] [client 69.113.17.156] (13)Permission denied: /home/user/public_html/subdir/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
However, there is no htaccess file in that directory anyway
/home/user/public_html/subdir
Server is Centos 5 / Cpanel
I were seeing c99.php source code to know how it gets /etc/passwd file. it simply uses fopen() for this goal but I think fopen() is needed and I don't like it to be disabled in disabled_functions. I wonder how can I disable just fopen("/etc/passwd","r"); without doing any restriction to fopen function at all
View 8 Replies View Related12.0.18 update #39
Server 2012r2
Logged into my panel today to run a database backup on a site I'm working on to be confronted with the following:
Unable to backup database 'XXXXXXXXXX'
Cannot open backup device 'C:Program Files (x86)ParallelsPleskBackupXXXXXXXXX.co.nzdatabasesXXXXXXXXX-29 est'. Operating system error 5(Access is denied.).
BACKUP DATABASE is terminating abnormally.
(Error code 21)
I'm not sure why permissions would change on their own, I'm also not sure how to fix the permissions error. I get the same error on all databases.
PrivateTemp folder appears to have write permissions for Group MSSQLSERVER
i have a dedicated server with cpanel and when trying to addd any accounts i get the message dns zone already exists but when i go to edit a dns zone to check i am getting the message below
Unable to read data from /dev/urandom (No such file or directory).
Every out bound email message fails and stays in the queue. The mail log shows this error.
qmail: 1432283802.380653 delivery 27: deferral: Unable_to_read_control_files._(#4.3.0)/
A second problem, also qmail is that I can't send to the server using TLS on the submission port, only if I do plain text. But the first problem is bigger because we can't send at all.
This is a new plesk installation and it has never worked.
I can not log into to plesk right now. It's display message " Unable to read Control Panel configuration file: date_default_timezone_get() [function.date-default-timezone-get]: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_ timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier.We selected 'Asia/Krasnoyarsk' for '7.0/no DST' instead".
View 1 Replies View RelatedI'm unable to access my plesk control panel .its giving this error "Unable to read Control Panel configuration file";tried all available solution for permissions but the problem remains.
View 3 Replies View RelatedI created a FTP account with vsftp and files uploaded are not readable via www-data
View 1 Replies View RelatedThere's bloody heaps of them. Which one do I go for on my two new file servers? Which operating system out of these is the most common, has the most support, is most compatible? The server will be used to host videos and will run c-panel. A light weight OS is probably preferred but I really have no idea. And incase it helps, the servers have 512mb of ram, about 30 - 40GB of hDD (not actually sure) and an old AMD Duron.
CentOS
Debian
Direct Admin
Fedora
FreeBSD
Gentoo LiveCD
Redhat
Slackware
i want to limit all of the world to access my server for example port 80 25 22 an .... instead of two ip.
View 9 Replies View RelatedIM about tired of spam and hackers putting phishing items on my server.
My question is.
How can I block the whole world expect for US, CA and UK?
I've added several countrys to csf's csf.deny list but half of them keep disappearing.
I tried installing CentOS 64bit using windows image and vnc that comes with HyperVM and it says (your cpu does not support long mode. use a 32 bit distribution), and if I try to install Windows Server 2008 I get blue screen with a stop and error.
View 5 Replies View RelatedI have always used debian on my virtual machine but was just curious as to what OS people use for their hosting?
The company I am looking at moving to for hosting offer the following options:
* Debian
* Ubuntu Server
* Open Suse
* Free BSD
* Fedora Core
* CentOS
* Gentoo
* Slackware
* Windows 2003 Basic
* Windows 2003 Pro
I have heard from a lot of people that Freebsd is good for hosting but just wondering what your views are
Just moved to a 1and1 managed server in which FastCGI is enabled.
But I'm having problems getting Movable Type to run under fastcgi - which has never been a problem before, even on shared hosts.
Is there a 'hello world'-type test for fastcgi - so I can check if it is enabled?
As you all know about hostingspeeds.com, offering you a list of world's fastest host. Is there any other sites doing such things?
And, be helpful to say me the hosting company whith PHP, MySQL support, that offer fastest speed on page load, accepting LibertyReserve as way of payment for their services.
I have a website that can be seen in a part of the world but not on the other. How can I troubleshoot this issue. Is there a web utility that can help me figure out what is the problem?
View 1 Replies View RelatedI have been running a dedicated server for years, first with Carolina Online, who then sold it to HostOnce.
Today at around 6PM my server, that was working fine and I was actively working on all day, suddenly disappears off the Internet.
I go to Host Once's ticket system, and they have a message up that they moved their servers from NC to NJ, that all the servers were upgraded to Windows 2003, and that they would be very busy with the migration, don't submit multiple tickets. (Host Once seems to mostly have reseller hosting accounts, not many dedicated servers.)
I start pinging IP addresses and everything in my server's IP block is gone (the furthest a tracert goes is 64.70.48.3 - everything under that is gone.)
This is bad.
I'm worried that they may have bought new boxes in NJ for their reseller accounts, transferred up the data, and abandoned the old boxes in NC ... is this something they might do?
Also worried that the block of IPs their old servers were on may have somehow been reassigned... can this happen?
In any case, waiting to hear back on my ticket but looking for advice. Does anyone know the datacenter Carolina Online / Host Once used in Lumberton, NC? Want to start tracking it down if my box may have been left behind.... Any other insight on what in the world they might be doing / what happenned here?
I am trying to debug a dns problem.
What I need is for you to do a dns lookup and report:
1) the address that was returned, the last octect will do.
2) the area of the world you queried from
The answers *will* vary because the dns server is geolocation enabled. Or, at least they *should* vary. But, someone claims its buggered.
The host name to lookup is:
ssl.dnsmasq.com
Does anyone have any idea or estimation about cPanel Licences all over the world? How many servers are licenced and running cPanel at the moment? Has cPanel ever had any official word regarding this?
View 3 Replies View RelatedI remember using a few years ago a site where you could plugin a domain name and a report will run showing if the site was vieable or accessible from all different parts of the worls, I forgot the URL does anyone know abou something like this?
View 8 Replies View Related