Category Archives: server management

postfix: redirect emails to script

In this example, we will configure postfix to redirect any email sent to *@script.mydomain.com to a php script Update /etc/postfix/main.cf (don’t forget to create a backup copy) to create a new transport instruction:/etc/postfix/main.cf: transport_maps = hash:/etc/postfix/<mytransport> Note: replace <mytransport> with any name you want. Create corresponding transport file:/etc/postfix/<mytransport>: script.mydomain.com myPipeName: Note: don’t forget to change ‘script.mydomain.com’ to match your own config, and replace ‘myPipeName’ with any string you want (ensure it is not defined elsewhere) Update master.cf (don’t forget to create a backup copy before) to pipe email through your script: myPipeName unix – n n – – pipe flags=O […]

Disable clamav and amavis due to postfix email problems

On my installation, from time to time clamav goes down and mails send via postfix no longer get out and are queued in the server. I don’t know the reason for such behavior and after searching the internet and my logs, I still have no concrete explanation on why this happens. I know, still, that it’s extremely annoying. Here is a sample of what I found under /var/log/mail.err: Apr 23 11:25:08 r12925 amavis[6531]: (06531-08) (!!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (Can’t connect to UNIX socket /var/run/clamav/clamd.ctl: Connection refused) at (eval 88) line 309. Apr […]

mail function no longer working

All of a sudden, mail function stopped working on my server. After investigating the logs, I found the following entry: amavisd-new: Fails to responde to connection to port 10024 I also found messages like this one: ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl Problem was not related to postfix server, but rather to the antivirus|antispam amavis deamon. The solution, once you know it, is pretty simple. It consists in restarting amavis & clamav daemon so that connection to port 10024 will be answered again. Just in case, we will restart clamav-freshclam as well (only one […]

Bind is not logging

When I tried to debug bind (secondary dns no longer got updated), I noticed that my log file defined in /etc/bind/named.conf.local (within ‘logging’ section) was not found where it was supposed to be. Basically my named.conf.local file was like this: logging{ channel simple_log { file “/var/log/bind/bind9.log” versions 3 size 5m; severity debug; print-time yes; print-severity yes; print-category yes; }; category default{ simple_log; }; and no corresponding physical file was found, not even  /var/log/bind folder. Looking at /var/log/syslog.conf, I found the following two lines: Jul 27 19:30:34 stock named[12988]: logging channel ‘simple_log’ file ‘/var/log/bind/bind9.log’: file not found Jul 27 19:30:34 stock […]

how to use zonecheck to check your DNS

When you handle a domain name in .fr, AFNIC first check the domain name with zonecheck and if this test fails, then dns is not updated. As such it’s better to check your target dns first with zonecheck and then ask for the transfer. Let’s say I want to redirect domain name mydomain.com to two new dns servers: dns1.com & dns2.com. Here are the steps: before all, install zonecheck: apt-get install zonecheck perform your test: zonecheck –ns “dns1.com;dns2.com” mydomain.com if you have a success, then it’s great. Otherwise you can perform the test with additional debugging using appropriate verbose option: […]

script in /etc/cron.daily/ does not run

I created a shell script to be run daily, and as such I placed it into /etc/cron.daily, made it executable and even restarted cron daemon, but it was still not working. After investigating cron manual, the reason was simply because the name of the script contained a dot in it! (it ended with .sh)!!! To make sure your script gets executed, do the following: move your script into /etc/cron.daily|weekly|monthly folder make your script executable (chmod a+x /etc/cron.xxx/<my_script_name>) rename your script so that its name contains only lower|upper case letters, digits, underscore and hyphens (=> NO DOT => no .sh or […]

add new partition to your server

Below are the steps I performed to add a new partition to my server. Initial state My initial partitioning is as follow: remy@r12925:~$ sudo fdisk -l Disk /dev/sda: 21.4 GB, 21474836480 bytes 255 heads, 63 sectors/track, 2610 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sda1 * 1 392 3148708+ 83 Linux /dev/sda2 393 1305 7333672+ 83 Linux remy@r12925:~$ df -h Filesystem Size Used Avail Use% Mounted on /dev/sda1 3.0G 1.8G 1.1G 62% / tmpfs 228M 8.0K 228M 1% /lib/init/rw udev 10M 32K 10M 1% /dev tmpfs 228M 0 228M […]

server hacked

Recently my server was hacked, looking at apache logs, I found weird entries close to hack date (determined through creation date of /var/www/.bash_history file which contained bash-history of nobody user with corresponding hack instructions): 194.2.70.187 – – [17/May/2010:21:26:33 +0200] “GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1” 400 511 “-” “-” 194.2.70.187 – – [17/May/2010:21:31:21 +0200] “GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1” 400 511 “-” “-“ Such entries appeared many times, with different ip-address. What’s strange it’s that it looks like hacker was looking for a flaw in phpmyadmin, with many attempts to access it: 91.121.9.105 – – [17/May/2010:18:17:24 +0200] “GET /phpmyadmin/config.inc.php?w=uname HTTP/1.1” 200 182 “-” “curl/7.18.2 (i486-pc-linux-gnu) […]

backup-manager no longer verbose

With a recent upgrade to version 0.7.9, I found that backup-manager was no longer properly verbose. It looks like being due to a bug in the code, corrected by provided patch file. For more info, see bug report #248: http://bugzilla.backup-manager.org/show_bug.cgi?id=248 To patch backup-manager, proceed as follow: copy, paste & save below patch-content into ‘/usr/share/backup-manager/logger.diff’ file patch logger.sh file by running: patch /usr/share/backup-manager/logger.sh /usr/share/backup-manager/logger.diff That’s it! Verbose option should work properly by now. sources http://bugzilla.backup-manager.org/show_bug.cgi?id=248 Patch (.diff file content) 55a56,58 > #when true, send stuff to syslog, otherwise simply print it if necessary > bm_via_syslog=”false” > 60c63 < — > 64a68,70 […]

set php include_path variable directly from apache

This tip is useful when you have several projects on the same server. To set a php ‘include_path’ customized to each project, in your <VirtualHost *:80> (or equivalent) definition, simply add: php_value include_path “.:/path/to/site:/another/path” save your changes, check your config (sudo apache2ctl configtest) and restart apache (sudo /etc/init.d/apache2 restart). That’s it. sources http://lists.apple.com/archives/web-dev/2004/Jun/msg00052.html