wget http://pecl.php.net/get/APC-3.0.19.tgz
tar -xzvf APC-3.0.19.tgz
cd APC-3.0.19/
whereis phpize
whereis php-config
whereis apxs
whereis apxs
./configure --enable-apc --enable-apc-mmap --with-apxs=/usr/bin/apxs --with-php-config=/usr/local/bin/php-config
less INSTALL
/usr/bin/phpize
less install-sh
./configure --enable-apc-mmap --with-apxs --with-php-config=/usr/local/bin/php-config
make
make test
make install
Wednesday, December 9, 2009
Monday, November 23, 2009
c99shell Hacking Protection!
If the Hackers uploaded scripts to /tmp and executing them via perl even if /tmp is mounted nosuid,noexec,nodev,noatime so they can't run programs from this directory, but they can run perl from another location using the script (textfile) uploaded in /tmp.
apparently it's called c99shell
It doesn't root the server, but it allows a person to get a shell where he can delete/modify/move files from another account apparently.
It uses a simple PHP blog exploit apparently..
How does the speedy front end connect to the back end process?
Via a Unix socket in /tmp. A queue is kept in /tmp that holds an
entry for each process. In that queue are the pids of the perl
processes waiting for connections. The CGI-front end pulls a process
out of this queue, connects to its socket, sends over the
environment and argv, and then uses this socket for stdin/stdout to
the perl process.
Usefull Links:
==========
http://forum.parallels.com/showthread.php?t=67184
http://www.derekfountain.org/security_c99madshell.php
http://forums.theplanet.com/index.php?showtopic=90109
==========
Key Words:
========
function.fsockopen
opendir
eval()
passthru
backtick()
pipes
popen()
escapeshellcmd()
PHP.INI settings:
===========
allow_url_fopen = Off
disable_functions = dl,passthru,proc_open,proc_close,shell_exec,
system,popen,virtual,show_source,readfile,pclose,
posix_kill,proc_get_status,proc_nice,proc_terminate,
escapeshellarg,highlight_file,leak,diskfreespace,show_source,
php_uname,ini_alter,ini_restore,getrusage,get_current_user,
set_time_limit,getmyuid,getmypid,phpinfo,popen,
curl_multi_exec,parse_ini_file,show_source,backtic,
escapeshellcmd,move_uploaded_file,copy,ftp_chdir,
uploaddir,ini_get,ini_set,fputs,disk_free_space,
unlink,chdir,getcwd,
Disable Server Wide:
============
http://youropensource.com/projects/408-Disable-wget-on-a-cPanel-web-server
Wget --- which wget; chmod 0000 /usr/bin/wget; chattr +i /usr/bin/wget;
Curl ---- which curl; chmod 0000 /usr/bin/curl; chattr +i /usr/bin/curl;
GET ------ which get; chmod 0000 /usr/bin/get; chattr +i /usr/bin/get;
fetch -------- which fetch; chmod 0000 /usr/bin/fetch; chattr +i /usr/bin/fetch;
lynx ---------- which lynx ; chmod 0000 /usr/bin/lynx ; chattr +i /usr/bin/lynx ;
lwp-download ------- which lwp-download; chmod 0000 /usr/bin/lwp-download; chattr +i /usr/bin/lwp-download;
How to search:
=========
find / -name '*.php' | xargs grep 'eval(gzinflate(base64_decode('
find / -name '*.php' | xargs grep 'eval(gzinflate(base64_decode('HJ3Hkq...
Grep The Apache Log:
==========
grep 'move_uploaded_file' /usr/local/apache/domlogs/*
grep 'move_uploaded_file' /usr/local/apache/logs/errorlog
ps aux | grep nobody | grep -v http | grep -v ftp
lsof -p pid
cat /proc/pid/environ
=============================================
#!/bin/bash
# Find process-IDs (PID) for unwanted processes and kill them
# List unwanted processnames or some text that can uniquely identify the unwanted process. Separate the strings with a single space.
UNWANTED="httpssql DSSL httpdse"
for PROGRAM in $UNWANTED
do
for PID in `ps aux | awk '/^apache.+'"$PROGRAM"'/ {print $2}'`
do
#lsof -p $PID | mail -s "Files used by unwanted process" hostmaster@mydomain.com
kill -9 $PID
#echo $PID
done
done
=========================================
apparently it's called c99shell
It doesn't root the server, but it allows a person to get a shell where he can delete/modify/move files from another account apparently.
It uses a simple PHP blog exploit apparently..
How does the speedy front end connect to the back end process?
Via a Unix socket in /tmp. A queue is kept in /tmp that holds an
entry for each process. In that queue are the pids of the perl
processes waiting for connections. The CGI-front end pulls a process
out of this queue, connects to its socket, sends over the
environment and argv, and then uses this socket for stdin/stdout to
the perl process.
Usefull Links:
==========
http://forum.parallels.com/showthread.php?t=67184
http://www.derekfountain.org/security_c99madshell.php
http://forums.theplanet.com/index.php?showtopic=90109
==========
Key Words:
========
function.fsockopen
opendir
eval()
passthru
backtick()
pipes
popen()
escapeshellcmd()
PHP.INI settings:
===========
allow_url_fopen = Off
disable_functions = dl,passthru,proc_open,proc_close,shell_exec,
system,popen,virtual,show_source,readfile,pclose,
posix_kill,proc_get_status,proc_nice,proc_terminate,
escapeshellarg,highlight_file,leak,diskfreespace,show_source,
php_uname,ini_alter,ini_restore,getrusage,get_current_user,
set_time_limit,getmyuid,getmypid,phpinfo,popen,
curl_multi_exec,parse_ini_file,show_source,backtic,
escapeshellcmd,move_uploaded_file,copy,ftp_chdir,
uploaddir,ini_get,ini_set,fputs,disk_free_space,
unlink,chdir,getcwd,
Disable Server Wide:
============
http://youropensource.com/projects/408-Disable-wget-on-a-cPanel-web-server
Wget --- which wget; chmod 0000 /usr/bin/wget; chattr +i /usr/bin/wget;
Curl ---- which curl; chmod 0000 /usr/bin/curl; chattr +i /usr/bin/curl;
GET ------ which get; chmod 0000 /usr/bin/get; chattr +i /usr/bin/get;
fetch -------- which fetch; chmod 0000 /usr/bin/fetch; chattr +i /usr/bin/fetch;
lynx ---------- which lynx ; chmod 0000 /usr/bin/lynx ; chattr +i /usr/bin/lynx ;
lwp-download ------- which lwp-download; chmod 0000 /usr/bin/lwp-download; chattr +i /usr/bin/lwp-download;
How to search:
=========
find / -name '*.php' | xargs grep 'eval(gzinflate(base64_decode('
find / -name '*.php' | xargs grep 'eval(gzinflate(base64_decode('HJ3Hkq...
Grep The Apache Log:
==========
grep 'move_uploaded_file' /usr/local/apache/domlogs/*
grep 'move_uploaded_file' /usr/local/apache/logs/errorlog
ps aux | grep nobody | grep -v http | grep -v ftp
lsof -p pid
cat /proc/pid/environ
=============================================
#!/bin/bash
# Find process-IDs (PID) for unwanted processes and kill them
# List unwanted processnames or some text that can uniquely identify the unwanted process. Separate the strings with a single space.
UNWANTED="httpssql DSSL httpdse"
for PROGRAM in $UNWANTED
do
for PID in `ps aux | awk '/^apache.+'"$PROGRAM"'/ {print $2}'`
do
#lsof -p $PID | mail -s "Files used by unwanted process" hostmaster@mydomain.com
kill -9 $PID
#echo $PID
done
done
=========================================
Wednesday, October 14, 2009
Important Links
http://rackerhacker.com/
http://www.ibm.com/developerworks/aix/library/au-unixprocess.html
http://www.cyberciti.biz/tips/my-10-unix-command-line-mistakes.html
http://www.cyberciti.biz/tips/top-linux-monitoring-tools.html
http://www.cyberciti.biz/tips/linux-strace-command-examples.html
http://www.ibm.com/developerworks/aix/library/au-unixprocess.html
http://www.cyberciti.biz/tips/my-10-unix-command-line-mistakes.html
http://www.cyberciti.biz/tips/top-linux-monitoring-tools.html
http://www.cyberciti.biz/tips/linux-strace-command-examples.html
Tuesday, August 11, 2009
How you replace your php fopen function with curl?
Now a days the fopen() function is disabled by almost all of the web hosting companies for security vulnerability.
If you want to use the remote file inclusion in your web page you have to replace the fopen() function code with curl. Here is the procedure.
Suppose here is an sample code using fopen. It will include the remote file content of the url http://www.someurl.com.
=============
if ($fp = fopen('http://www.someurl.com/', 'r')) {
$content = '';
// keep reading until there's nothing left
while ($line = fread($fp, 1024)) {
$content .= $line;
}
echo $content;
} else {
echo "error";
}
?>
=============
Now here is the replacement of the above code with curl.
=============
$url = "http://www.someurl.com/"
// initialize a new curl resource
$ch = curl_init();
// set the url to fetch
curl_setopt($ch, CURLOPT_URL, $url);
//excluding the headers
curl_setopt($ch, CURLOPT_HEADER, 0);
// return the value instead of printing the response to browser
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//take the content as a instance
$file = curl_exec($ch);
//close the session and free all resources
curl_close($ch);
?>
=============
That's all.
Monday, July 6, 2009
Mcrypt Installation!
Mcrypt is a simple crypting program, a replacement for the old unix crypt. The companion to MCrypt is Libmcrypt, which contains the actual encryption functions themselves, and provides a standardized mechanism for accessing them.
Mcrypt can be used with PHP program, also it it's available for the command line.
You need to compile PHP with the --with-mcrypt[=DIR] parameter to enable this extension. DIR is the mcrypt install directory. Make sure you compile libmcrypt with the option --disable-posix-threads.
=================================
For Ubuntu Linux add a line:
extension=php_mcrypt.so
to the file /etc/php5/apache2/php.ini
and restart network:
sudo /etc/init.d/networking restart
=================================
For recent versions of mcrypt, you must also use the compile option "--enable-dynamic-loading", so you need both of these:
--disable-posix-threads --enable-dynamic-loading
For details please visit the following links.
=============================
http://in.php.net/mcrypt
http://mcrypt.sourceforge.net/
=============================
Here is an sample use of Mcrypt with PHP coding.
=========================================
// a new proCrypt instance
$crypt = new proCrypt;
// encrypt the string
$encoded = $crypt->encrypt( 'your message');
echo $encoded."\n";
// decrypt the string
echo $crypt->decrypt( $encoded );
?>
=========================================
Here is the the procedure to install Mcrypt to use it at the command line option.
Download the source file using the following command.
--------------------------------------------------------------------
wget http://www.ottolander.nl/opensource/mcrypt/mcrypt-2.6.4.tar.bz2
--------------------------------------------------------------------
Unzip and extract it.
--------------------------------------------------------------------
bunzip2 mcrypt-2.6.4.tar.bz2
tax -xvf mcrypt-2.6.4.tar
--------------------------------------------------------------------
Here you have to remember that for mcrypt-2.6.4 you need to install libmhash 0.8.15 otherwise you will get such type of error below.
----------------------------------------------------------------------------------
"You need at least libmhash 0.8.15 to compile this program. http://mhash.sf.net/"
----------------------------------------------------------------------------------
In that case you can install libmhash using the following command or you can install libmhash through source or rpm.
=======================
yum install mhash*
=======================
For mcrypt-2.8.* does not have such type of libmhash dependency.
Now configure and install it through the following way.
======================
cd mcrypt-2.6.4/
./configure
make clean
make test
make
make install
======================
Here the use of Mcrypt through command line is given below.
When encrypting or decrypting a file, a new file is created with the extension .nc and mode 0600. The new file keeps the
modification date of the original. The original file may be deleted by specifying the -u parameter.
Examples
Encrypt test.txt file:
$ mcrypt test.txt
Output:
Enter the passphrase (maximum of 512 characters)
Please use a combination of upper and lower case letters and numbers.
Enter passphrase:
Enter passphrase:
A new file is created with the extension .nc i.e. data.txt.nc:
=================
$ ls test.txt.nc
$ cat test.txt.nc
=================
Decrypt the test.txt.nc file:
=================
$ mcrypt -d test.txt.nc
Output:
Enter passphrase:
File test.txt.nc was decrypted.
=================
Verify that file was decrypted:
=================
$ ls test.txt
$ cat test.txt
=================
Delete the input file if the whole process of encryption/decryption succeeds (pass -u option):
=================
$ mcrypt -u test.txt
OR
$ mcrypt -u -d test.txt.nc
=================
That's all.
Wednesday, June 24, 2009
How to convert mbox to maildir for a single domain on a cpanel server?
Suppose we are performing the conversion for the user@domainname.com user.
Take the backup of “/home/username/mail/domain.com/user/” before doing this.
Run this command as the user of the mailboxes.
================================================
/usr/local/cpanel/3rdparty/mb2md/mb2md -s /home/username/mail/domain.com/user/inbox -d /home/username/mail/domain.com/user/
================================================
Source Mbox is /home/username/mail/domain.com/user/inbox
The main Maildir directory will be created if it does not exist. It has the following subdirectories:
/home/username/mail/domain.com/user/tmp/
/home/username/mail/domain.com/user/new/
/home/username/mail/domain.com/user/cur/
Usage:
mb2md -h
mb2md -m [-d destdir]
mb2md -s sourcedir [-R|-f somefolder] [-d destdir] [-r strip_extension]
For further details please view the following link.
http://www.akadia.com/services/converting_mbox_mdir.html
Take the backup of “/home/username/mail/domain.com/user/” before doing this.
Run this command as the user of the mailboxes.
================================================
/usr/local/cpanel/3rdparty/mb2md/mb2md -s /home/username/mail/domain.com/user/inbox -d /home/username/mail/domain.com/user/
================================================
Source Mbox is /home/username/mail/domain.com/user/inbox
The main Maildir directory will be created if it does not exist. It has the following subdirectories:
/home/username/mail/domain.com/user/tmp/
/home/username/mail/domain.com/user/new/
/home/username/mail/domain.com/user/cur/
Usage:
mb2md -h
mb2md -m [-d destdir]
mb2md -s sourcedir [-R|-f somefolder] [-d destdir] [-r strip_extension]
For further details please view the following link.
http://www.akadia.com/services/converting_mbox_mdir.html
Useful Exim Commands.
1. How to remove How to remove all mails from exim queue?
==================
rm -rf /var/spool/exim/input/*
2. Deleting Frozen Mails:
==================
To remove all frozen mails from the exim queue, use the following command -
exiqgrep -zi -o 86400 | xargs exim -Mrm
exim -bpr | grep frozen | awk {'print $3'} | xargs exim -Mrm
exiqgrep -z -i | xargs exim -Mrm
exiqgrep frozen | awk '{print $3}' | xargs exim -Mrm
3. If you want to only delete frozen messages older than a day:
=============================================
exiqgrep -zi -o 86400 | xargs exim -Mrm
where you can change 86400 depending on the time frame you want to keep.( 1 day = 86400 seconds. ).
4. To forcefully deliver mails in queue, use the following exim command:
=====================================================
exim -bpru |awk '{print $3}' | xargs -n 1 -P 40 exim -v -M
To flush the mail queue:
======================
exim -qff
/usr/sbin/exim -qff
To clear spam mails from Exim Queue:
==============================
grep -R -l [SPAM] /var/spool/exim/msglog/*|cut -b26-|xargs exim -Mrm
To clear frozen mails from Exim Queue.
==============================
grep -R -l '*** Frozen' /var/spool/exim/msglog/*|cut -b26-|xargs exim -Mrm
To clear mails from Exim Queue for which recipient cannot not be verified.
=====================================================================
grep -R -l 'The recipient cannot be verified' /var/spool/exim/msglog/*|cut -b26-|xargs exim -Mrm
To find exim queue details. It will show ( Count Volume Oldest Newest Domain ) details.
=====================================================================
exim -bp |exiqsumm
How to remove root mails from exim queue ?
==================================
When mail queue is high due to root mails, and you only need to remove the root mails and not any other valid mails.
exim -bp |grep ""|awk '{print $3}'|xargs exim -Mrm
Replace "HOSTNAME" with server hostname
How to remove nobody mails from exim queue ?
==================================
When you need to clear nobody mails, you can use the following command.
exiqgrep -i -f nobody@HOSTNAME | xargs exim -Mrm (Use -f to search the queue for messages from a specific sender)
exiqgrep -i -r nobody@HOSTNAME | xargs exim -Mrm (Use -r to search the queue for messages for a specific recipient/domain)
Replace "HOSTNAME" with server hostname
Run a pretend SMTP transaction from the command line, as if it were coming from the given IP address. This will display Exim's checks, ACLs, and filters as they are applied. The message will NOT actually be delivered.
===========================
# exim -bh
For details please view the following link.
http://bradthemad.org/tech/notes/exim_cheatsheet.php
===========================
==================
rm -rf /var/spool/exim/input/*
2. Deleting Frozen Mails:
==================
To remove all frozen mails from the exim queue, use the following command -
exiqgrep -zi -o 86400 | xargs exim -Mrm
exim -bpr | grep frozen | awk {'print $3'} | xargs exim -Mrm
exiqgrep -z -i | xargs exim -Mrm
exiqgrep frozen | awk '{print $3}' | xargs exim -Mrm
3. If you want to only delete frozen messages older than a day:
=============================================
exiqgrep -zi -o 86400 | xargs exim -Mrm
where you can change 86400 depending on the time frame you want to keep.( 1 day = 86400 seconds. ).
4. To forcefully deliver mails in queue, use the following exim command:
=====================================================
exim -bpru |awk '{print $3}' | xargs -n 1 -P 40 exim -v -M
To flush the mail queue:
======================
exim -qff
/usr/sbin/exim -qff
To clear spam mails from Exim Queue:
==============================
grep -R -l [SPAM] /var/spool/exim/msglog/*|cut -b26-|xargs exim -Mrm
To clear frozen mails from Exim Queue.
==============================
grep -R -l '*** Frozen' /var/spool/exim/msglog/*|cut -b26-|xargs exim -Mrm
To clear mails from Exim Queue for which recipient cannot not be verified.
=====================================================================
grep -R -l 'The recipient cannot be verified' /var/spool/exim/msglog/*|cut -b26-|xargs exim -Mrm
To find exim queue details. It will show ( Count Volume Oldest Newest Domain ) details.
=====================================================================
exim -bp |exiqsumm
How to remove root mails from exim queue ?
==================================
When mail queue is high due to root mails, and you only need to remove the root mails and not any other valid mails.
exim -bp |grep "
Replace "HOSTNAME" with server hostname
How to remove nobody mails from exim queue ?
==================================
When you need to clear nobody mails, you can use the following command.
exiqgrep -i -f nobody@HOSTNAME | xargs exim -Mrm (Use -f to search the queue for messages from a specific sender)
exiqgrep -i -r nobody@HOSTNAME | xargs exim -Mrm (Use -r to search the queue for messages for a specific recipient/domain)
Replace "HOSTNAME" with server hostname
Run a pretend SMTP transaction from the command line, as if it were coming from the given IP address. This will display Exim's checks, ACLs, and filters as they are applied. The message will NOT actually be delivered.
===========================
# exim -bh
For details please view the following link.
http://bradthemad.org/tech/notes/exim_cheatsheet.php
===========================
How to read exim main log?
Suppose here are two sample mail server logs.
**************************************************************
1995-10-31 08:59:13 0tACW1-0005MB-00 => marv
D=localuser T=local_delivery
1995-10-31 09:00:10 0tACW1-0005MB-00 => monk@holistic.fict.book
R=lookuphost T=smtp H=holistic.fict.book [234.234.234.234]
**************************************************************
Here I am giving the view how to read the different fields.
1) The H and U fields identify the remote host and record the RFC 1413 identity of the user that sent the message, if one was received.
2) The number given in square brackets is the IP address of the sending host.
3) Misconfigured hosts (and mail forgers) sometimes put an IP address. Only the final address in square brackets can be relied on. U field contains the login name of the caller of Exim.
***************************
H=(10.21.32.43) [123.99.8.34]
H=([10.21.32.43]) [123.99.8.34]
***************************
4) P field specifies the protocol used to receive the message. This is set to `asmtp' for messages received from hosts which have authenticated themselves using the SMTP AUTH command.
5) A= followed by the name of the authenticator that was used. If an authenticated identification was set up by the authenticator's server_set_id option, this is logged too, separated by a colon from the authenticator name.
6) The size of the received message is given by the S field.When the message is delivered, headers may get removed or added, so that the size of delivered copies of the message may not correspond with this value (and indeed may be different to each other).
7) If the log_subject option is on, the subject of the message is added to the log line, preceded by `T=' (T for `topic', since S is already used for `size').
8) A delivery error message is shown with the sender address `<>', and if it is a locally-generated error message, this is normally followed by an item of the form
R=
which is a reference to the local identification of the message that caused the error message to be sent.
9) If a shadow transport was run after a successful local delivery, the log line for the successful delivery has an item added on the end, of the form
ST=
10) '>' FIELD: The generation of a reply message by a filter file gets logged as a `delivery' to the addressee, preceded by `>'. The D and T items record the director and transport. For remote deliveries, the router, transport, and host are recorded.
11) CC FIELD: When more than one address is included in a single delivery (for example, two SMTP RCPT commands in one transaction) then the second and subsequent addresses are flagged with `->' instead of `=>'. When two or more messages are delivered down a single SMTP connection, an asterisk follows the IP address in the log lines for the second and subsequent messages.
12) '*>' FIELD: When the -N debugging option is used to prevent delivery from actually occurring, log entries are flagged with `*>' instead of `=>'.
13) '**' FIELD: If a delivery fails, a line of the following form is logged:
-----------------------------------------------------------------------------------
1995-12-19 16:20:23 0tRiQz-0002Q5-00 ** jim@trek99.film
: unknown mail domain
-----------------------------------------------------------------------------------
This is followed (eventually) by a line giving the address to which the delivery error has been sent.
14) -N FIELD: -N options has been used to suppress the delivery faliure report.
14) `*>' FIELD: If a delivery does not actually take place because the -N options has been used to suppress it, an apparently normal delivery line is written to the log, except that `=>' is replaced by `*>'.
15) Completed FIELD:
A line of the form
-------------------------------------------------------------------------
1995-10-31 09:00:11 0tACW1-0005MB-00 Completed
--------------------------------------------------------------------------
is written to the main log when a message is about to be removed from the spool at the end of its processing.
That's all.
For further details please view the following link.
http://www.exim.org/exim-html-3.20/doc/html/spec_51.html
**************************************************************
1995-10-31 08:59:13 0tACW1-0005MB-00 => marv
D=localuser T=local_delivery
1995-10-31 09:00:10 0tACW1-0005MB-00 => monk@holistic.fict.book
R=lookuphost T=smtp H=holistic.fict.book [234.234.234.234]
**************************************************************
Here I am giving the view how to read the different fields.
1) The H and U fields identify the remote host and record the RFC 1413 identity of the user that sent the message, if one was received.
2) The number given in square brackets is the IP address of the sending host.
3) Misconfigured hosts (and mail forgers) sometimes put an IP address. Only the final address in square brackets can be relied on. U field contains the login name of the caller of Exim.
***************************
H=(10.21.32.43) [123.99.8.34]
H=([10.21.32.43]) [123.99.8.34]
***************************
4) P field specifies the protocol used to receive the message. This is set to `asmtp' for messages received from hosts which have authenticated themselves using the SMTP AUTH command.
5) A= followed by the name of the authenticator that was used. If an authenticated identification was set up by the authenticator's server_set_id option, this is logged too, separated by a colon from the authenticator name.
6) The size of the received message is given by the S field.When the message is delivered, headers may get removed or added, so that the size of delivered copies of the message may not correspond with this value (and indeed may be different to each other).
7) If the log_subject option is on, the subject of the message is added to the log line, preceded by `T=' (T for `topic', since S is already used for `size').
8) A delivery error message is shown with the sender address `<>', and if it is a locally-generated error message, this is normally followed by an item of the form
R=
which is a reference to the local identification of the message that caused the error message to be sent.
9) If a shadow transport was run after a successful local delivery, the log line for the successful delivery has an item added on the end, of the form
ST=
10) '>' FIELD: The generation of a reply message by a filter file gets logged as a `delivery' to the addressee, preceded by `>'. The D and T items record the director and transport. For remote deliveries, the router, transport, and host are recorded.
11) CC FIELD: When more than one address is included in a single delivery (for example, two SMTP RCPT commands in one transaction) then the second and subsequent addresses are flagged with `->' instead of `=>'. When two or more messages are delivered down a single SMTP connection, an asterisk follows the IP address in the log lines for the second and subsequent messages.
12) '*>' FIELD: When the -N debugging option is used to prevent delivery from actually occurring, log entries are flagged with `*>' instead of `=>'.
13) '**' FIELD: If a delivery fails, a line of the following form is logged:
-----------------------------------------------------------------------------------
1995-12-19 16:20:23 0tRiQz-0002Q5-00 ** jim@trek99.film
-----------------------------------------------------------------------------------
This is followed (eventually) by a line giving the address to which the delivery error has been sent.
14) -N FIELD: -N options has been used to suppress the delivery faliure report.
14) `*>' FIELD: If a delivery does not actually take place because the -N options has been used to suppress it, an apparently normal delivery line is written to the log, except that `=>' is replaced by `*>'.
15) Completed FIELD:
A line of the form
-------------------------------------------------------------------------
1995-10-31 09:00:11 0tACW1-0005MB-00 Completed
--------------------------------------------------------------------------
is written to the main log when a message is about to be removed from the spool at the end of its processing.
That's all.
For further details please view the following link.
http://www.exim.org/exim-html-3.20/doc/html/spec_51.html
Tuesday, June 23, 2009
How to Upgrade Wordpress Manually?
There are two different procedure to Upgrade Wordpress. One is manually and the other is automatically. To upgrade Wordpress automatically, just download wpau plugin, upload and activate the plugin.
Here are the steps to Upgrade it manually.
Step A
1. Download to your hard drive the latest Wordpress http://wordpress.org/latest.zip
2. Now create an test directory and extract the zip file in that folder.
3. There are three folder such as: wp-admin, wp-content and wp-includes
Step B
1. Backup your website’s data or folder such as wp-admin, wp-content and wp-includes, you can use Wordpress database backup plugin.
2. Create a backup of wordpress database using the following commands.
You can use Cpanel to take this backup. Here is the video tutorial to do it.
==================================================================================
http://www.gotmyidea.com/70116-cpanel-tutorial-taking-site-or-database-backup.php
http://matthewhelmke.net/2008/01/30/making-automatic-backups-for-your-website/
http://matthewhelmke.net/2008/02/01/automatic-mysql-backups-using-php/
==================================================================================
Step C
1. Now just copy the following files from your old wordpress folder to new test directory.
===================================================================
* wp-content (Here is an sample location of thet file: /home/username/public_html/wordpress/wp-content )
** wp-config.php (Here is an sample location of thet file: /home/username/public_html/wordpress/wp-config.php )
***/home/username/public_html/wordpress/wp-includes/languages ( If you are using a custom language file.
===================================================================
2. Now move the /test/wordpress directory to your original wordpress directory i.e /home/username/public_html/
3. Access the following link from browser.
http://www.yoursite.com/wp-admin/upgrade.php
Here is the detailed exact syntactical description of the total procedure.
======================================================================
*Take the database backup using the following command.
# mysqldump databasename > databasename.sql
**Suppose your wordpress directory location is /home/username/public_html/wordpress.
Take a backup of your wordpress directory using the following command.
.
#cp -rp /home/username/public_html/wordpress /home/username/public_html/wordpress.bak
***Suppose you are using the following test directory to download the new WordPress.
/home/username/public_html/test
#cd /home/username/public_html/test
#wget http://wordpress.org/latest.tar.gz
#tar -xvzf latest.tar.gz
#cd wordpress
#rm -rf wp-content wp-config.php
#cp -rp /home/username/public_html/wordpress/wp-content wp-content
#cp -rp /home/username/public_html/wordpress/wp-config.php wp-config.php
#cp -rp /home/username/public_html/wordpress/wp-includes/languages /wp-includes/languages (if you are using a custom language file.)
****Now remove the directory /home/username/public_html/wordpress/ completely.
#rm -rf /home/username/public_html/wordpress/
move the /home/username/public_html/test/wordpress directory to /home/username/public_html/wordpress using the following command.
#mv /home/username/public_html/test/wordpress /home/username/public_html
*****Now access the following link from browser.
http://www.yoursite.com/wp-admin/upgrade.php
Wait for 40sec. You have finished the upgrade process.
For further details please view the following links.
http://kipram.com/how-to-upgrade-wordpress-manually/
http://www.kimwoodbridge.com/upgrading-wordpress-manually/
Tuesday, June 16, 2009
How to configure services to run at different runlevels?
Once the kernel has been loaded and has started to run, it calls the /sbin/init program. This program runs as root and sets the "run level" to that requested at initial boot time.
Now what is run level?
A run level is simply a number that Linux uses to distinguish different types of high-level configurations that the machine should be booted into.
For Red Hat Linux system here are the different run levels described below.
Typical Linux run levels:
===========================================================================
ID Name Description
0 Halt the system
1 Single-User Mode Does not: configure network interfaces, start
daemons, or allow non-root logins.(generally
only used for administration purposes)
2 Multi-user mode with networking disabled Does not: configure network interfaces or start
daemons.
3 Multi-User Mode with Networking Starts the system normally.
4 Unused run level
5 Multi-user mode with networking Enabled Multi-User mode with network and
running the X Window System, and/or to start X
6 Reboot
===========================================================================
How init initializes the system?
INIT uses an ASCII configuration file (/etc/inittab) to tell it how to change the runlevel. Usually, this configuration file instructs init to run the script /etc/rc.d/rcRunLevelNumber
Suppose you have to configure your newly installed service to run it at RunLevel-5. Here is the procedure how to access it.
Primarily all your service starter demon resides into the following path.
----------------
/etc/rc.d/init.d/servicename
----------------
But when Linux startup on a specific run level suppose (n) it will find the find the service starter script at the following location.
------------
/etc/rc.d/rcRunLevelNumber/servicename
------------
But how the system will know if the process will start or stop at the booting time. Also how to decide the sequence of starting the process.
Here is the description how it solves the problem.
The link described above is suffixed with the name of the service it is linked to.
The prefix is made up of two parts: a single uppercase character followed by a two-digit decimal number. The single uppercase character is either a "S" (meaning "start") or a "K" (meaning "kill," or stop). The two-digit number can range from 00 to 99. This number signifies the priority of process started in order. Lesser in value denotes higher priority.
Here is an example of the structure.
==========================
lrwxrwxrwx 1 root root 16 Jun 29 2008 K03smartd -> ../init.d/smartd
lrwxrwxrwx 1 root root 21 Jun 29 2008 S01tog-pegasus -> ../init.d/tog-pegasus
lrwxrwxrwx 1 root root 22 Jun 29 2008 K02avahi-daemon -> ../init.d/avahi-daemon
lrwxrwxrwx 1 root root 24 Jun 29 2008 K02avahi-dnsconfd -> ../init.d/avahi-dnsconfd
lrwxrwxrwx 1 root root 16 Jun 29 2008 K02dhcdbd -> ../init.d/dhcdbd
==========================
---------------------------
/sbin/chkconfig (For details man chkconfig)
---------------------------
After running the service if you want to check the service is running or not, this command below will help you a lot to understand.
================
/sbin/chkconfig --list
===============
For details please view the following links.
http://www.ibm.com/developerworks/linux/library/l-boot.html
http://en.wikipedia.org/wiki/Runlevel
That's all.
Now what is run level?
A run level is simply a number that Linux uses to distinguish different types of high-level configurations that the machine should be booted into.
For Red Hat Linux system here are the different run levels described below.
Typical Linux run levels:
===========================================================================
ID Name Description
0 Halt the system
1 Single-User Mode Does not: configure network interfaces, start
daemons, or allow non-root logins.(generally
only used for administration purposes)
2 Multi-user mode with networking disabled Does not: configure network interfaces or start
daemons.
3 Multi-User Mode with Networking Starts the system normally.
4 Unused run level
5 Multi-user mode with networking Enabled Multi-User mode with network and
running the X Window System, and/or to start X
6 Reboot
===========================================================================
How init initializes the system?
INIT uses an ASCII configuration file (/etc/inittab) to tell it how to change the runlevel. Usually, this configuration file instructs init to run the script /etc/rc.d/rcRunLevelNumber
Suppose you have to configure your newly installed service to run it at RunLevel-5. Here is the procedure how to access it.
Primarily all your service starter demon resides into the following path.
----------------
/etc/rc.d/init.d/servicename
----------------
But when Linux startup on a specific run level suppose (n) it will find the find the service starter script at the following location.
------------
/etc/rc.d/rcRunLevelNumber
So you have to create a soft link with /etc/rc.d/rcRunLevelNumber.d/ servicename to /etc/rc.d/init.d/servicename
---------------------------
/sbin/chkconfig (For details man chkconfig)
---------------------------
Subscribe to:
Posts (Atom)