Racker Hacker

If you want to remove all of the open_basedir restrictions for all sites in Plesk, simply create a file called /etc/httpd/conf.d/zzz_openbasedir_removal.conf and add this text within it:

<DirectoryMatch /var/www/vhosts/(.*)/httpdocs/>
        php_admin_value open_basedir none
</DirectoryMatch>

Just a note, this isn’t a terribly great idea from a security standpoint.

If you want to get a really basic, wide-open for localhost setup for SNMP, just toss the following into /etc/snmp/snmpd.conf:

com2sec local     127.0.0.1/32    public

group MyROGroup v1         local
group MyROGroup v2c        local
group MyROGroup usm        local

view all    included  .1                               80

access MyROGroup ""      any       noauth    exact  all    none   none

syslocation MyLocation
syscontact Me <me@somewhere.org>

If you’re like me, you’re frustrated with DNSStuff’s actions lately. You only get 4 lookups without making a login, and even when you make a login, you have to log back in each time you access the site. Even a dim-witted web developer would know how to use cookies to automate this process and make things easier on the users.

Also, why should you pay for a web front-end for tools that people have on their servers already?

Check out Boxcheck.com and let me know what you think. I became so fed up, I decided to make my own site that is faster and guaranteed free forever. Period.

If you find that /dev/null is no longer a block device, and it causes issues during init on Red Hat boxes, you will need to follow these steps to return things to normal:

• Reboot the server
• When grub appears, edit your kernel line to include init=/bin/bash at the end
• Allow the server to boot into the emergency shell
• Run the following three commands

# rm -rf /dev/null
# mknod /dev/null c 1 3
# chmod 666 /dev/null

You should be back to normal. Make sure that the root users on your server don’t use cp or mv with /dev/null as this will cause some pretty ugly issues.

If you find yourself with the ever-so-peculiar 500 OOPS error from vsftpd when you attempt to login over SSH, there could be a few different things at play. Generally, this is the type of error you will get:

500 OOPS: cannot change directory:/home/someuser
500 OOPS: child died

You can search for a solution in this order

Home Directory
Does the user’s home directory even exist? Check /etc/passwd for the current home directory for the user and see what’s set:

# grep someuser /etc/passwd
someuser:x:10001:2524::/var/www/someuser:/bin/bash

In this case, does /var/www/someuser exist? If it doesn’t, fix that and then move onto the next solution if you’re still having problems.

File/Directory Permissions
Be sure that the user that you are logging in as actually has permissions to be in the directory. This affects users that have home directories of /var/www/html because the execute bit normally isn’t set for the world on /var/www or /var/www/html. Make sure that the appropriate permissions and ownerships are set, and this should help eliminate the issue.

SELINUX
If SELINUX is rearing its ugly head on the server, this can be a problem. Check your current SELINUX status and disable it if necessary:

# setenforce
Enforcing
# setenforce 0

Try to login over FTP again and you should have a success. If you want to turn off SELINUX entirely, adjust /etc/sysconfig/selinux (RHEL4) or /etc/selinux/config (RHEL5).

If you want to adjust how long e-mails will spend in the qmail queue before they’re bounced, simple set the queuelifetime:

# echo "432000" > /var/qmail/control/queuelifetime
# /etc/init.d/qmail restart

The above example is for 5 days (qmail needs the time length in seconds). Just take the days and multiply by 86,400 seconds to get your result.

By default, sendmail will keep items in the queue for up to 5 days. If you want to make this something shorter, like 3 days, you can adjust the following in /etc/mail/sendmail.mc:

define(`confTO_QUEUERETURN', `3d')dnl

If you want to get super fancy, you can adjust the queue lifetime for messages with certain priorities:

define(`confTO_QUEUERETURN_NORMAL', `3d')dnl
define(`confTO_QUEUERETURN_URGENT', `5d')dnl
define(`confTO_QUEUERETURN_NONURGENT', `1d')dnl

If you find that memory limits differ between root and other users when PHP scripts are run from the command line, there may be an issue with your php.ini or your script. To verify that it isn’t your script, try this:

$ echo "<? var_dump(ini_get('memory_limit')); ?>" >> memtest.php
$ php -f memtest.php
string(3) “8M”
$ su -
# php -f memtest.php
string(3) “64M”

If you get the same two values from both users, there’s probably a problem with your script. Make sure that there’s no ini_set() functions in your script that are overriding the php.ini file.

However, if you get results like the ones above, check the permissions on /etc/php.ini:

# ls -al /etc/php.ini
-rw------- 1 root root 27 Jun 6 18:39 /etc/php.ini

As you can see, php.ini is only readable to root, which prevents PHP’s command line parser from accessing your custom memory_limit directive in the php.ini. PHP’s general default is 8M for a memory limit if nothing is specified anywhere else, and that’s why normal users cannot get the higher memory limit that’s set in your php.ini file.

Simply set the permissions on the file to 644 and you should be set to go:

# chmod 644 /etc/php.ini
# ls -al /etc/php.ini
-rw-r--r-- 1 root root 45022 Jun 6 23:00 /etc/php.ini

Should you find yourself needing to send e-mail destined for a certain account to a blackhole or to /dev/null, you’ll find very little information from Google. The actual solution is not terribly intuitive, and not well documented:

• Click Domains
• Click the domain you want to modify
• Click Mail

If the account hasn’t been created, click “Add New Mail Name” and create the account as usual. Then simply uncheck the mailbox option near the bottom. This will create a mail account, but any inbound e-mail for the user is thrown out.

If the e-mail account has already been created, but you want to blackhole any future e-mails, just click the Mailbox icon and uncheck the Mailbox checkbox on the next page. Click OK and any future e-mails are thrown out.

If you find that someone has done a recursive chmod or chown on a server, don’t fret. You can set almost everything back to its original permissions and ownership by doing the following:

rpm -qa | xargs rpm --setperms --setugids

Depending on how many packages are installed as well as the speed of your disk I/O, this may take a while to complete.