24×7servermanagement.com

OpenVZ container error: Unable to open pty: No such file or directory

Today we can across one VPS having issues with pusedo terminal access. While entering into the vps from the openvz hardware node we received the following error.

enter into VE 701 failed
Unable to open pty: No such file or directory

Thanks for the openvz community who helped us to fix this problem with the following fix.

vzctl exec VEID /sbin/MAKEDEV pty
vzctl exec VEID /sbin/MAKEDEV tty
vzctl enter VEID

To Fix this issue permanently:

1. Edit the file /etc/rc.sysinit of the VPS server

2. Comment the line
#/sbin/start_udev

3. Add the following lines after /sbin/start_udev:

/sbin/MAKEDEV tty
/sbin/MAKEDEV pty

4. Reboot your VPS
vzctl restart VEID

OR

vzctl exec veid update-rc.d -f udev remove
vzctl restart veid

Hopefully the above commands should help you fix your issues as well.

Disable Recursion on the Microsoft DNS Server

By default, the DNS server performs recursive queries on behalf of its DNS clients and DNS servers that have forwarded DNS client queries to it. Recursion is a name-resolution technique in which a DNS server queries other DNS servers on behalf of the requesting client to fully resolve the name and then sends an answer back to the client.

Attackers can use recursion to deny the DNS Server service. Therefore, if a DNS server in your network is not intended to receive recursive queries, recursion should be disabled on that server.

To disable recursion on the DNS server using the Windows interface

1.Open DNS Manager.
2.In the console tree, right-click the applicable DNS server, then click Properties.
3.Click the Advanced tab.
4.In Server options, select the Disable recursion check box, and then click OK.

To disable recursion on the DNS server using a command line

1.Open a command prompt.
2.Type the following command, and then press ENTER:

dnscmd <ServerName> /Config /NoRecursion 1

Dundas ASPUpload error ‘Server.CreateObject Access Error’

When you instantiate a Visual Basic component from an Active Server Pages (ASP) page, you may receive the following error:

Server object error ‘ASP 0178 : 80070005′
Server.CreateObject Access Error

The call to Server.CreateObject failed while checking permissions. Access is denied to this object

To resolve this problem the authenticated user IUSR_computername account should be given read and execute permissions to the DSUpload.dll file. Simply assign the permission and that should resolve the issue. Similar thing needs to be checked for Dundas ASPMailer component.

Assign correct IP address on venet0:0

Today we had a issue on one our VPS having multiple IPs and one Cpanel licensed IP. Eventually Virtuozzo hardware node was assigning another IP to the venet0:0 thus causing issues with CPanel licensing — It basically happens when your server is routing traffic over another IP instead of your Licensed IP. This is because the first adapter in the list ( venet0:0) is set to that another IP.

Well if you rearrange the adapters so venet0:0 is actually set to the main license IP from /etc/sysconfig/network-scripts/ifcfg-venet0:0 that should be fine. OR you can do that from the main hardware node by arranging the ip list from the ve.conf

/vz/private/veid/conf/ve.conf

Finally you can figure out by the running the lynx –dump http://cpanel.net/myip to see the correct licensed IP.

Installing Yum on CentOS 5.3

Here are the simple steps to install yum on plain centos 5.3 x86_64 bit server.  login into the server with root user and execute the following commands.

rpm –import http://mirror.centos.org/centos-5/5.3/os/x86_64/RPM-GPG-KEY-CentOS-5

rpm -ihv http://mirror.centos.org/centos/5.3/os/x86_64/CentOS/libxml2-2.6.26-2.1.2.7.i386.rpm
rpm -ihv http://mirror.centos.org/centos/5.3/os/x86_64/CentOS/libxml2-python-2.6.26-2.1.2.7.x86_64.rpm
rpm -ihv http://mirror.centos.org/centos-5/5.3/os/x86_64/CentOS/python-elementtree-1.2.6-5.x86_64.rpm
rpm -ihv http://mirror.centos.org/centos-5/5.3/os/x86_64/CentOS/python-iniparse-0.2.3-4.el5.noarch.rpm
rpm -ihv http://mirror.centos.org/centos-5/5.3/os/x86_64/CentOS/python-sqlite-1.1.7-1.2.1.x86_64.rpm
rpm -ihv http://mirror.centos.org/centos-5/5.2/os/x86_64/CentOS/m2crypto-0.16-6.el5.2.x86_64.rpm
rpm -ihv http://mirror.centos.org/centos-5/5.2/os/x86_64/CentOS/python-urlgrabber-3.1.0-2.noarch.rpm
rpm -ihv http://mirror.centos.org/centos-5/5.2/os/x86_64/CentOS/sqlite-3.3.6-2.x86_64.rpm
rpm -ihv http://mirror.centos.org/centos-5/5.2/os/x86_64/CentOS/yum-metadata-parser-1.1.2-2.el5.x86_64.rpm
rpm -ihv http://mirror.centos.org/centos-5/5.2/os/x86_64/CentOS/yum-3.2.8-9.el5.centos.1.noarch.rpm

Then finally you can execute yum update command to update the rpms.

/tmp 100% full

Today eventually we came across this problem on one of our server. Interestingly there were no files in /tmp folder Even though we have cleard the unwanted files but still /tmp is 100% full.

Here is why it happens.

If you delete files and they don’t go from df -h disk status then you’ve deleted files that are open by processes. You will have to restart whichever processes had those files were open in the first place, typically httpd or mysql.

lsof | grep /tmp

you will get the result as below

httpd 30070 nobody 1975u REG 7,0 0 11 /tmp/ZCUDMmgQDr (deleted)
httpd 30100 nobody 1975u REG 7,0 0 11 /tmp/ZCUDMmgQDr (deleted)
mysqld 7290 mysql 5u REG 7,0 1089 29 /tmp/ibYfnGNC (deleted)
mysqld 7290 mysql 6u REG 7,0 0 30 /tmp/ibgA9zfB (deleted)

kill httpd and mysql or whaterver process it shows that will fix the problem. I hope you all know the command to kill httpd or mysql.

Killall -e -9 httpd or service httpd stop

______________________________________________________________________________
Still having issues with the server ? Please contact us we are 24×7 online to assist you.

Regards,
Admin
http://24×7servermanagement.com/
Email: sales@24×7servermanagement.com
______________________________________________________________________________

Switch BIND DNS Server 9.4.2-P1 to Microsoft DNS - Plesk

Recently we had an issue with Plesk Windows 08 running Bind as DNS service. The problem appears to be failed DNS service every 5 /10 mins on the server thus causing downtime.  With no clue in the event viewer and after doing a lot of research we decided to switch the DNS to microsoft DNS server to avoid this issue happening again. Here are the steps to switch the DNS.

Login into Plesk Panel as admin user.

Plesk >> Server >> Components Management >> (Click on the link “DNS Server”) >> (Select the ‘Microsoft DNS Server’ and click ‘Ok’).

The switching will be done automatically and the Plesk will create the necessary files almost instantaneously. So there won’t be any associated down time.

The above process automatically disables Plesk Bind from services and enabled Microsoft DNS server. However you can restart the DNS service from plesk and check.

WHM locked out - cphulkd

Today we were locked out on one of our server by cphulkd. When trying to access the server from WHM we were getting the following message. Thus not allowing us to login into WHM also we were not able to access shell.

—————————————————————————————
This account is currently locked out because a brute force attempt was detected. Please wait 10 minutes and try again. Attempting to login again will only increase this delay. If you frequently experience this problem, we recommend having your username changed to something less generic.
—————————————————————————————

This is done by ‘cphulkd’ - Cpanel Brute Force Protection service.

cphulkd: Cpanel Brute Force Protection service. This service monitors failed authentication attempts and locks out accounts after the threshold is met.

To re-enable your account, login via ssh and disable cphulkd using the command below.

# /usr/local/cpanel/bin/cphulk_pam_ctl –disable

This should allow you to login to WHM and double check your cphulk settings.

You can view IP addresses that have been blocked via the WHM interface: WHM -> Security -> Security Center -> cPHulk Brute Force Protection in the Brutes table. On that screen, you can also customize brute force protection settings.

Flush DB will remove all blocked IPs:

WHM -> Security Center -> cPHulk Brute Force Protection -> Click on Flush DB

Well the other way to this is given below.

ssh to the server login as root and type the following at the prompt

[root@server:] mysql

mysql> use cphulkd;

mysql>BACKUP TABLE  brutes TO ‘/path/to/backup/directory’;

mysql> SELECT * FROM brutes WHERE `IP`=’xxx.xxx.xxx.xxx’;

mysql> DELETE FROM brutes WHERE `IP`=’xxx.xxx.xxx.xxx’;

mysql>quit

Hopefully this helps you as well. You can contact us anytime if you have any problems. Just click on live chat and we are here to assist you.

Install grsecurity kernel on CentOS 64 bit

Before installing we should know what Grsecurity is and what is it used for.

grsecurity is an innovative approach to security utilizing a multi-layered detection, prevention, and containment model. It offers among many other features:

* An intelligent and robust Role-Based Access Control (RBAC) system that can generate least privilege policies for your entire system with no configuration
* Change root (chroot) hardening
* /tmp race prevention
* Extensive auditing
* Prevention of arbitrary code execution, regardless of the technique used (stack smashing, heap corruption, etc)
* Prevention of arbitrary code execution in the kernel
* Randomization of the stack, library, and heap bases
* Kernel stack base randomization
* Protection against exploitable null-pointer dereference bugs in the kernel
* Reduction of the risk of sensitive information being leaked by arbitrary-read kernel bugs
* A restriction that allows a user to only view his/her processes
* Security alerts and audits that contain the IP address of the person causing the alert

Perhaps the easiest way i install Grsec kernel on CentOS 64 bit arch machine is with the following steps.

cd /etc/yum.repos.d
wget http://rpm.cormander.com/repo/grsec/grsecurity.repo
yum install kernel-grsec

Then reboot your server to check if the new kernel is applied.  Please note we do not gaurantee this will workon your systems as well, Try at your own risk.

rvsitebuilder error: Install RVSeagullMod Pear Lib [Failed]

While installing rvsitebuilder on CentOS 64 Bit Cpanel server from the shell using

perl /usr/local/cpanel/whostmgr/docroot/cgi/rvsitebuilderinstaller/autoinstaller.cgi

we got the following error and the installation simply does not proceed further.

######################################################################
Install RVSeagullMod Pear Lib                 [ Failed ]
Install pear for /usr/local/lib/php      [ File /usr/lib/php/RVSeagullMod/modules/user/classes/UserDAO.php does not exist or zero byte. ]
######################################################################

Solution

cp -auv /usr/local/cpanel/3rdparty/lib/php/* /usr/local/lib/php

OR

Try recompiling EasyApache hopefully that should resolve the issue

Just copying the files from cpanels php should be enough if the problem still persists you can give a try to the second option.