inside the mind of a linux admin

imapd: Error: Input/output error

So your IMAP mail is failing. Your e-mail client disconnects with an error related to bad authentication or simply “connection closed by remote server”. Check your mail logs, and you find: May 25 17:52:43 vps imapd: Failed to create cache file: maildirwatch (someone@somewhere.com) May 25 17:52:43 vps imapd: Error: Input/output error May 25 17:52:43 vps […]

Read More

when apache simply won’t start, check the semaphores!

I came across this strange issue from a Tier II escalation today. A Virtuozzo based virtual server had a problem with the apache web server refusing to start: # service httpd restart [Sat May 15 16:41:13 2010] [warn] NameVirtualHost x.x.x.x:80 has no VirtualHosts httpd not running, trying to start Lets see if it’s actually started: […]

Read More

Open Source Tripwire Intrusion Detection for Linux

“Open Source Tripwire® software is a security and data integrity tool useful for monitoring and alerting on specific file change(s) on a range of systems. The project is based on code originally contributed by Tripwire, Inc. in 2000.” A crude yet effective intrusion detection system such as Tripwire can alert systems administrators to possible intrusion […]

Read More

How To Upgrade From Ext3 To Ext4 Without Formatting The Hard Disk

Disclaimer: ALWAYS BACKUP YOUR DATA WHEN MAKING ANY CHANGES TO ANY FILE SYSTEMS. I will not be held responsible for any damage that you may incur as a result of following these instructions, and this should be used for informational purposes only, and as an outline of a process that worked for me on my […]

Read More

now beta testing Ubuntu 10.04 (lucid lynx)

I’ve started testing Ubuntu 10.04 beta 1, the server edition on an older model Dell Poweredge, as well as the desktop edition on my Dell Inspiron laptop. So far, so good. The fresh install onto an ext4 file system was simple and efficient. For those of you who aren’t willing to “fresh” install it, I’d […]

Read More

adding custom flags to easyapache compile

Easyapache accepts custom flags in compiling, all of which can be added globally or using the following files supporting various environments: * Apache 1.3.x – /var/cpanel/easy/apache/rawopts/Apache1 * Apache 2.0.x – /var/cpanel/easy/apache/rawopts/Apache2 * Apache 2.2.x – /var/cpanel/easy/apache/rawopts/Apache2_2 * All PHP 4.x versions – /var/cpanel/easy/apache/rawopts/all_php4 * All PHP 5.x versions – /var/cpanel/easy/apache/rawopts/all_php5 * Mod_suPHP – /var/cpanel/easy/apache/rawopts/all_suphp * […]

Read More

MySQL: got a packet bigger than ‘max_allowed_packet’ bytes

Came across this rather annoying error when importing a rather large database into mySQL. Here’s an easy fix: Open mySQL console as root: mysql> set global max_allowed_packet=1000000000; mysql> set global net_buffer_length=1000000; Then import your database: # mysql db_name < sqldump.sql Done. Share on FacebookTweet

Read More

how to force SSL without .htaccess redirects

There are instances where a full htaccess redirect rule is not the best solution, specifically to enforce only a single page to be encrypted. This may occur during PCI compliance scans which report an insecure login page. In this example, simply adding the following code to the header of the SSL-desired page will force it […]

Read More

how to disable recursive queries in bind

By default, bind will allow recursive queries for lookups on other domains that are not master zones on the name server. This presents some PCI compliance issues and some informational vulnerabilities (allowing third parties to query the nameserver). It is important to restrict who can perform DNS queries, in addition to what is allowed to […]

Read More

DNS Zones and Serial Numbers 101

Recently, there’s been a few instances I’ve come across where DNS updates have been “stuck” or broken due to people screwing up the zone serial numbers. The fields of the zone’s SOA resource record, in particular the “serial number”, determines whether an actual data transfer need occur at all. The name servers compare the serial […]

Read More

Twitter: kireguy

Tweeter button Facebook button Myspace button