cPanel Hosting Stuff

Making Sense of linux startup

Some tips for figuring out what all the startup messages flying by your screen actually mean.

Many modern operating systems are happy to display a “please wait” splash screen while booting–not so with Linux. Unlike other operating systems, Linux is incredibly chatty while it boots, and I’m often asked by new users to explain all the messages that appear during startup. There’s a raft of what appears to be random messages, followed by a collection of more ordered messages that appear as each of the operating system services start. If the install/boot went well, these ordered messages are accompanied by a brightly coloured (usually green) OK or DONE. If something goes wrong, the messages usually display FAILED in red. Unfortunately, both the random and the ordered messages disappear off the screen quickly, usually well before a new user has had a chance to read them.

It is possible to view the initial, random messages using the dmesg command. A quick read of the dmesg manpage states that dmesg is a utility that can “print or control the kernel ring buffer”. Among other things, the kernel ring buffer is the place where boot messages are logged. The following command line displays the ring buffer’s current contents; notice the piping to less, which displays the messages one screen at a time:

dmesg | less

By piping the dmesg command through grep, it is possible to extract some specific data. For instance, use this command line to learn about your system’s USB setup (note the -i argument to grep, which instructs the utility to ignore case, allowing USB as well as usb to match):

dmesg | grep -i ‘usb’

Replace the filter value to extract other useful information. For example, replacing usb with hd provides information on the hard-disks detected at boot-time. Equally, cpu extracts data on your computer’s chip, whereas net extracts data on your network setup. Using scsi displays data on any SCSI devices, including CD-ROMs.

As part of the Linux boot, the init process executes and the operating system enters one of a fixed number of runlevels. The list of runlevels are described at the start of the following configuration file, which is used by the init process:

/etc/inittab

Typically, as a result of a fresh install, your computer is configured to boot into one of two runlevels, either runlevel 3 or runlevel 5. The former starts Linux in full multiuser mode, presenting a text-based login screen after a successful boot. The latter also starts Linux in full multiuser mode, but a graphical, X11-based login screen is presented. Which option you choose is a personal preference, and your Linux installation program typically lets you choose either a text-based or graphical login to use as the default. The /etc/inittab file indicates on the id line which runlevel currently is the default on your system. As I tend to boot to a text-based login on all my systems, my id line within /etc/inittab looks like this:

id:3:initdefault:

If I change the 3 to a 5 and reboot, the graphical, X11-based login screen appears. In order to edit the /etc/inittab file, superuser privilege is required, so remember to log in as root when editing this file.

The purpose of the various runlevels is to arrange for a specific set of services to be started or stopped under certain circumstances. Runlevels exist to reboot and halt the system, in addition to starting services at boot-time. It is these services that relate to the more ordered OK messages displayed at boot-time, as mentioned at the start of this article.

A series of system service scripts exist in the /etc/init.d/ directory. Another collection of subdirectories located under the /etc/rc.d/ directory corresponds to each of the runlevels. Symbolic links within these subdirectories point to the service scripts. By adding/removing symbolic links from the appropriate subdirectory, it is possible to adjust which service scripts execute when Linux enters a specified runlevel. However, doing so manually is often too much work. In my view, it is much better to rely on a semi-automated tool, such as chkconfig, to do the bulk of this work for you.

The chkconfig utility allows you to update and query the runlevel information for your system services. Rather than fiddling with symbolic links, directory entries and service scripts, chkconfig does the fiddling for you. Scripts are added or removed from the appropriate rc subdirectory as needs be, allowing startup services to be controlled more easily.

chkconfig typically resides in the /sbin/ directory, so be sure to issue the following commands as root. To review the entire list of startup services, sorted alphabetically, use this command line:

chkconfig –list | sort | less

A listing of the services appears, each accompanied by an indication as to whether the service is enabled (on) when a particular runlevel is activated or disabled (off). As always, the output is piped to less to stop it scrolling off the screen. It often is useful to determine which of these services are enabled. To do this, filter the output through grep, as follows:

chkconfig –list | sort | grep ‘n’ | less

In addition to listing the current state of each of the startup services, ckconfig also can switch services on and off, with any changes taking effect after the next boot. This means that if a service is enabled and then is switched off with chkconfig, it remains running until the system reboots. To switch the service off immediately, simply execute the service script (as root), passing the word stop as a command-line parameter. For example, to arrange for the ISDN service to no longer start at boot-time, issue this command:

chkconfig isdn off

This line ensures that the ISDN service is disabled at the next reboot. To turn off the ISDN service without rebooting, use this command:

/etc/init.d/isdn stop

If you haven’t switched off the ISDN service with chkconfig, it will restart as part of the next reboot, even though you stopped it by executing the service script. So, to immediately and permanently stop the ISDN service, issue the above commands together:

chkconfig isdn off && /etc/init.d/isdn stop

To control which startup services are enabled at boot-time, work through the list of services identified by chkconfig, switching on those you want enabled and switching off those to be disabled. This is easy to do when using chkconfig, assuming you know what each of the startup services do. If you are unsure, two techniques can help you to learn. The first is straightforward: see if a manpage exists for the service in question. For example, to display the manpage associated with the crond service, issue this command line:

man crond

Assuming the manpage exists, it should provide plenty of information about what the service does. You then can decide if you want the service to start at boot-time and then use chkconfig to enable or disable the service as need be. If no manpage is available (there isn’t for the ISDN service on my Red Hat 9 system), a message similar to this appears:

By working through the set of startup service scripts in an ordered way, it is possible to configure services to suit your requirements. In doing so, you learn what it is Linux is doing during the boot process. Although GUI-based versions of chkconfig exist and often are convenient to use, they assume the administrator is located physically in front of the computer being managed. When accessing a system for essential maintenance over a slow dial-up or remote network connection, the command line based chkconfig is the only way to go.

For more information on chkconfig, be sure to read its manpage. To learn more about the boot process, start with the init manpage.

Cpanel/Linux Internals

Login to shell and type

last

or

last -30
to see the last 30 people

Cpanel/Linux Internals

ps -auxww

or

ps -cef

`man ps` for more information.

Cpanel/Linux Internals

Most of the services can be restarted from WebHostManager, however sometimes
you will need to restart them from the shell.

You must be logged in as root to do this.

All standard linux services, such as http, ftp, exim, cpanel/whm,
interchange, mysql etc, have init scripts in /etc/rc.d/init.d/

root@host [~]# ls /etc/rc.d/init.d/
./ atd* exim* httpd.tmpeditlib kdcrotate* named* nscd* rawdevices* snmpd* yppasswdd*
../ autofs* filelimits* identd* keytable* netfs* portmap* rstatd* sshd* ypserv*
anacron* bandmin* functions* ipaliases* killall* network* portsentry* rusersd* syslog* ypxfrd*
antirelayd* chkservd* gpm* ipchains* kudzu* nfs* proftpd* rwalld* xfs*
apmd* cpanel3* halt* iptables* lpd* nfslock* radvd* rwhod* xinetd*
arpwatch* crond* httpd@ isdn* mysql* nofsck* random* single* ypbind*

This is typical of what you will find in this directory.

The main ones you should be concerned with are :
cpanel3 - starts/stops cpanel and WHM.
This includes Interchange, cppop, and cluster management services as well.

exim - starts/stops the exim mail server

httpd - starts/stops the apache webserver

mysql - starts/stops the mySQL database server

named - starts/stops the BIND dns server

proftpd - starts/stop the ProFTPD (or pureftpd when that is enabled) ftp server

Using these scripts is very easy. Let’s say that named/bind is down and we need to restart it.

As root, simply type /etc/rc.d/init.d/named start

You should see it start up, with a green [OK] on the left side of the shell/terminal window.

It you see a red [FAILED], check the message log. tail /var/log/messages .

You should be able to see the error where things went wrong.

If you can not fix it yourself, contact shift Incharge.

Some of these services have more options than just start and stop, and other ways to do them.
Let’s say you have a lot of domains using your dns server and you don’t want to stop and restart named just because you edited one domain.

type “ndc reload”. ndc controls the named daemon.

If you make a minor change to the /usr/local/apache/conf/httpd.conf, but don’t want to restart it, type
“/etc/rc.d/init.d/httpd graceful” to do a graceful restart (finishes current requests before killing the child processes).

If you want to learn more about what commands each script offers, you can simply run the script without passing any arguments to it.
root@saturn [~]# /etc/rc.d/init.d/cpanel3
Usage: /etc/rc.d/init.d/cpanel3 {start|stop|status|restart}

This let’s us know we can start, stop, check the running status of the service(s), or restart it.

Cpanel/Linux Internals

Single cPanel Account Backup through SSH

If you need to backup a single cPanel account, and don’t want to do it through the web interface of cPanel you can do it through SSH. There is a script in the /scripts directory on cPanel webservers called “pkgacct”

1 ) Login to your server as root via SSH.
2) Type: cd /scripts
3) Type: ./pkgacct username (replace username with the acount username you wish to backup)
4) You will not see something along the lines of this:
Copying Reseller Config…Done
Copying Mail files….Done
Copying proftpd file….Done
Copying www logs…Done
Grabbing mysql dbs…Done
Grabbing mysql privs…Done
Copying mailman lists….Done
Copying mailman archives….Done
Copying homedir….Done

5)There will be a file now in /home called cpmove-username.tar.gz where username is the username specified in step #4.
Download the cpmove-username.tar.gz and save it.

6) Download the cpmove-username.tar.gz and save it.

To restore a cpmove-username.tar.gz

1) Upload cpmove-username.tar.gz to the webserver’s /home directory.
2) Type: /scripts/restorepkg username (replace username with the account username)
3) This will restore the site, and also create the cPanel account.

Cpanel/Linux Internals

1. Apache:

======

Services Apchae

Version /usr/local/apache/bin/httpd -v Server version: Apache/1.3.37 (Unix)
Server built: Sep 15 2006 07:11:04

PortNumbers Unsecured http:// 80,
Secured https:// 443,

Paths /home/username/public_html

Configurationfiles /etc/httpd/conf/httpd.conf

Logfiles accessing logs ==> /usr/local/apache/logs/access_log
site logs ==> /usr/local/apache/logs/audit_log
error logs ==> /usr/local/apache/logs/error_log
We disabled ==> /usr/local/apache/logs/modsec_debug_log
domianlogs ==> /usr/local/apache/domlogs/domainname
bytes logs ==> /usr/local/apache/domlogs/domainname-bytes_log

Daemon httpd

Stoping service killall -9 httpd
service httpd stop
/etc/init.d/httpd stop

Restarting services service httpd start
service httpd restart
/etc/init.d/httpd start
/etc/init.d/httpd restart
/scripts/restartsrv_httpd
service httpd startssl

********************************************************************************************
Installing

Exim
====

Services Exim

Version

Paths mail path ==> /home/username/mail
mail account path ==> /home/username/mail/domain.com/username/
forwarders ==> /etc/valiases/domain.com
filters ==> /etc/vfilters/domain.com
filters ==> /home/username/.filter
sendmail ==> /usr/sbin/sendmail
Mail Quota ==> /home/username/etc/domain.com/quota

Configurationfiles /etc/exim.conf

Logfiles mail logs ==> /var/log/exim_mainlog
pop logs ==> /var/log/maillog
To check exim.conf logs ==> /var/log/paniclog
reject logs ==> /var/log/rejectlog
spamassasin ==> /etc/mail/spamassassin/local.cf

Daemons exim

Stoping service killall -9 exim

Restarting services service exim stop
service exim start
service exim restart
/etc/init.d/exim stop
/etc/init.d/exim start
/etc/init.d/exim restart
/scripts/restartsrv_exim

PortNumbers smtp 25
pop 110

Mail queue path /var/spool/exim/input

exim -bp ==> Shows all the messages in the queue

exim -bpc ==> Show the count of messages in the queue

exim -M < Message Id > ==> Delivers the mail from the queue with the given message id

exim -Mvl < Message Id > ==> Lists the log info for the given message id

exim -Mvh < Message Id > ==> Will show the headers of the message id

exim -Mvb < Message Id > ==> Will show the complete body of the message id

exim -Mrm ==> Will remove the mail from the queue with the given message id

exim -bp | exiqsumm ==> Will give complete summary of the queue

As grep is used to grep for a word in the file similarly exigrep is used to grep the mail logs

exigrep “string” /var/log/exim_mainlog

In the same way exiqgrep is used to from the queue

exiqgrep -z ==> Shows all the messages that are frozen in the queue

exiqgrep -zc ==> Shows the count of frozen messages in the queue

exiqgrep -zi ==> Gives the message ids of the frozen mails in the queue

exiqgrep -zi | xargs exim -Mrm ==> Will remove all the frozen mails in the queue

exinext mail|domain ==> Will show when the mail has tried to deliver to that domain and when is the next time to try

exigrep “YYYY-MM-DD” /var/log/exim_mainlog | eximstats -txt=testing.txt # Will give complete mail stats for that date

exiqgrep -f domain.com ==> Will show the mails for that domain

exiqgrep -r domain.com ==> Will show the mails for the receipent domain

exiqgrep -f domain.com -[c|i] ==> Will show count for the sending domain if c is used and will show messg ids if i is used

exiqgrep -r domain.com -[c|i] ==>Will show count for the receiving domain if c is used and will show messg ids if i is used

FTP:

FTP - File Transfer Protocol. A protocol that allows clients to connect to FTP servers and download and upload files.

Paths                                    /home/username/public_html

configuration Files      Proftp      ==> /etc/proftpd.conf
Pureftp     ==> /etc/pure-ftpd.conf

Log Files                                /var/log/messages

Daemons                  Proftp      ==> proftpd
Pureftpd    ==> pure-ftpd
If you use pure-ftpd

Stoping service          killall -9 pure-ftpd

If you use pure-ftpd
Restarting services      service pure-ftpd  stop
service pure-ftpd  start
service pure-fptd  restart
/etc/init.d/pure-ftpd stop
/etc/init.d/pure-ftpd start
/etc/init.d/pure-ftpd  restart
/scripts/restartsrv_pureftpd

PortNumbers              21,20

=========================================================================================
Mysql

Version                  mysql -v

Configuration            /etc/my.cnf

Paths                    database ==> /var/lib/mysql/username_database

Log Files                /var/log/mysqld.log

Stoping service          killall -9 mysql
If you use pure-ftpd
Restarting services      service mysql start
service mysql stop
service mysql restart
/etc/init.d/mysql stop
/etc/init.d/mysql start
/etc/init.d/mysql  restart
/scripts/restartsrv_mysql
===========================================================================================

php                  : /usr/bin/php

Perl                 : /usr/bin/perl

Cpanel user deatils  : /var/cpanel/users/username

php.ini              : /usr/local/Zend/etc/php.ini or /usr/local/lib

===========================================================================================
Cron:

Paths           server             ==> /etc/cron
usercron           ==> /var/spool/cron/username

Log file        tail -f /var/log/cron

Restarting services      service crond  stop
service crond  start
service crond  restart
/etc/init.d/crond stop
/etc/init.d/crond start
/etc/init.d/crond  restart
/scripts/restartsrv_crond

crontab -l [ List the crons set in the server ]

crontab -e [ To edit the cron for system wide ] control X to save and quit

crontab -e -u <username> [ To check the user crontab file ]

crontab -r      Remove your crontab file.

1. crontab -v      Display the last time you edited your crontab file. (This option is only available on a few systems.)

Cpanel/Linux Internals

Linux, also known as GNU/Linux, is a free, UNIX-like operating system runs on a variety of platforms including x86, PowerPC, DEC Alpha, Sun Sparc, and many others.
Linux aims for POSIX compliancy to maintain maximum compatibility with other UNIX-like systems. With millions of users worldwide, Linux is probably the most popular UNIX-like OS in the world.

Linux is the brainchild of hacker extraordinaire Linus Torvalds. It began as a project while Linus was a 21-year-old student at the University of Helsinki. He had wanted to implement an improved (free) Minix for his x86 PC.

Today, with 10 million users worldwide, Linux is growing exponentially as programmers, enthusiasts, and end-users exchange thoughts, implement ideas, contribute code, and cooperate in the phenomenon known as Open Source to produce the operating system known as Linux.

Cpanel/Linux Internals

You can use watch utility to monitor the server load on the problematic servers.

For eg :

watch uptime

By default this refreshes every two seconds i.e executes the command every two seconds. It resembles a top like utility which also refreshes continuously but here we can have only look on the server load rather than the processes and other things.

You need to press ctrl+c to stop the watch process.

This watch utility can be used with other commands also say if you want to check the last mail logs every 5 seconds.

The you can give

watch -n 5 tail /var/log/exim_mainlog

Cpanel/Linux Internals

For almost all the servers there is time difference between the sofware clock and the hardware clock. This you can check with the following commands from the shell

root@svr83 [~]# date
Sun Jan 1 22:56:06 CST 2006
root@svr83 [~]# hwclock
Sun 01 Jan 2006 11:57:41 PM CST -0.166899 seconds

For syncing hardware clock to the software clock we can give the following command at the shell

root@svr83 [~]# hwclock -w

After giving the above command we can see

root@svr83 [~]# hwclock
Sun 01 Jan 2006 10:59:09 PM CST -0.828116 seconds
root@svr83 [~]# date
Sun Jan 1 22:59:16 CST 2006

After giving the above command please don’t forget to restart the crond service.

Cpanel/Linux Internals

If sometimes you need to know what process is using which port. This capability is especially useful if you have several processes with the same name, but a different PID.

A handy utility is lsof, that gets the job done. If you wanted to know what process is using port 1226, or port 80, etc, just use the following:

lsof -i :portnumber
Example: lsof -i :80

We can use:
watch lsof -i :80

Or we can use:
lsof | grep [process name]

Cpanel/Linux Internals