Hosting Quotas Gotcha

Tags: admin quotas

I am really liking Virtualmin, but just got bitten, hard, by an unexplained problem. Postfix started rejecting incoming mail, saying in the logfile (/var/log/maillog)

status=bounced (can't create user output file)

Well after much gnashing of teeth, it turns out that the user (me) was over quota. You can see this with:

# quota itsme.mydomain
Disk quotas for user itsme.mydomain (uid 536):
     Filesystem  blocks   quota   limit   grace   files   quota   limit   grace
      /dev/xvda   51200   51200   51200              73       0       0

Hmm... where are those extra files? Not anywhere in /home ... read on --Turns out, if you leave the "Scan for viruses?" checked (under "Enabled Features" on the "Edit Virtual Server" tab) then clamav will scan incoming email for viruses... and nearly instantly kill your default 50MB per-user quota... and this is nearly impossible to find, but go look in /tmp and you'll find /tmp/clamav-somebignumber as a directory with files (main.db, main.hdb, main.info, main.mdb, main.ndb) and they will be, oh, 15 megabytes in size. Ugh. Disable virus scanning and delete those files. Or else push your users' quotas up by maybe 100MB for the per-user virus databases.

Maybe there's a way to have clamav keep a system-wide virus database instead. That would be much more logical, it seems. Or how about leaving that up to users.

I still haven't found where to make "Scan for viruses" off by default for new domains.

You might also want to check the users' mail inboxes, which are located at:

/home/domain/homes/username/Maildir

where domain is the username for the domain, and username is the user's name inside the domain. You will recognize these because the POP or IMAP login for that user is domain.username.

Setting up Virtualmin on Centos with a Linode

Tags: apache centos clamd linode memory spamassassin tuning virtualmin

Once you know these few steps, setting up a LAMP (Linux/Apache/MySQL/Perl-PHP) server on a Linode (please use that link, as it includes my referral code) is insanely simple:

First, starting with a freshly provisioned CentOS install, ssh into the root account. First, update the base system --

yum update

`

I find it convenient to also install the console version of emacs:

yum install emacs-nox

`

Next, edit /etc/sysconfig/network and change the hostname. That file is read at boot, so you might also want to set the hostname for the current session:

hostname www.example.com

`

Download the install.sh script from http://www.virtualmin.com/download.html into /usr/src ... and then execute it:

cd /usr/src # wget http://software.virtualmin.com/gpl/scripts/install.sh

sh install.sh

`

Then login, as root, to your new virtualmin configuration at your linode's address: https://li99-999.members.linode.com:10000 where the 99-999 is replace with your linode's address (see the linode control panel).

Install problem: awstats

Ran into this error message after install, when clicking the "Check Your System" button --

The AWstats command /usr/share/awstats/wwwroot/cgi-bin/awstats.pl was not found on your system.

Complicated by the fact that "yum install awstats" said it was already installed. But where? "rpm -ql awstats" gives the answer... and then I just copied it as follows:

# mkdir -p /usr/share/awstats/wwwroot/cgi-bin
# cp -a /var/www/awstats/awstats.pl /usr/share/awstats/wwwroot/cgi-bin

Install problem: clamd (after update)

NOTE: After installing Virtualmin updates, I got an error:

ERROR: Command rejected by clamd (wrong clamd version?)

which I resolved with:

# /etc/rc.d/init.d/clamd-virtualmin restart

Default settings when you configure

Under System Settings / Server Templates and then Default Settings --

Mail for Domain / Mail alias mode for alias domains: * Copy aliases from target*. Catchall is the default! And you don't want that. See also "Postfix relaying" below.
Spam Filtering / Automatically delete old spam? Yes, if older than 7 days (or as you desire)
BIND DNS Domain / Hostname to your preferred world-visible hostname; SPF DNS disabled (until you configure each domain manually)

Upgrading PHP and MySQL

This is one place where Centos 5.3 lags behind the times. If you need PHP 5.2 or above, you will have to enable an alternate repository. As of this writing, the "Centos Testing" repository contains a pre-release version that does not include the mcrypt and memache modules -- a real problem. NOTE: Although I was able to upgrade a running server, I'd recommend doing this before loading any production domains. Follow the instructions at

http://www.virtualmin.com/documentation/system/bleed

Double-Check Postfix Relaying

Postfix was accepting email for anything@aliased-domain.com ... to solve this, open the aliased sub domain in Virtualmin, and under:

Server Configuration
  Email Settings

change:

Virtual server email-related settings
  Mail aliases mode

from Catchall forwarding to Copy aliases from target. You probably want to change this on the System Settings / Server Templates / Default Settings for Sub-Servers page as well. If you have already created several domains, you can adjust this all at once:

# virtualmin modify-mail --alias-copy --all-domains

NOTE: Is there a bug in Virtualmin 3.68.gpl? I had to manually:

# cd /etc/postfix
# postmap virtual
# postfix reload

to force that to refresh.

Tuning clamd

Rather than spend too much time tuning the memory, I simply killed clamd as it is a huge memory pig and leads to Out Of Memory webserver freezes.

Tuning Apache

With the default settings, Apache can veer out of control and eat all available memory. In /etc/httpd/conf/httpd.conf, change as follows in the section shown:

# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# ServerLimit: maximum value for MaxClients for the lifetime of the server
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
# was: MaxSpareServers 20 ServerLimit 256 MaxClients 256 MaxRequestsPerChild 400
0
<IfModule prefork.c>
StartServers       8
MinSpareServers    5
MaxSpareServers   10
ServerLimit      64
MaxClients       64
MaxRequestsPerChild  400
</IfModule>

Tuning Spamassassin

Dramatically reduce memory footprint by changing the number of threads that spamassassin will execute at once from 5 down to 1. In /etc/sysconfig/spamassassin (your location may vary) --

change:

SPAMDOPTIONS="-d -c -m<strong>5</strong> -H"

SPAMDOPTIONS="-d -c -m<strong>1</strong> -H"

-- William Lindley Automatically delete old spam?

Yes, if older than

daAutomatically delete old spam? No

Yes, if older than days

cPanel ports

Tags: cpanel

http://www.yourdomain.com:2082 cPanel
https://www.yourdomain.com:2083 cPanel ssl
http://www.yourdomain.com:2086 WHM
https://www.yourdomain.com:2087 WHM ssl
http://www.yourdomain.com:2095 webmail
https://www.yourdomain.com:2096 webmail ssl

Resolving missing packages on Ubuntu

Tags: libsdl packages sdl ubuntu

So I tried to install simutrans on Ubuntu 8.10 and get this error message:

./simutrans/simutrans: error while loading shared libraries:
<strong>libSDL_mixer-1.2.so.0</strong>: cannot open shared object file:
No such file or directory

Note the filename I put in bold -- apt-get rejects commands like:

# <strong>apt-get install libSDL_mixer</strong>
Reading package lists... Done
Building dependency tree      
Reading state information... Done
E: Couldn't find package libSDL_mixer

Well, that's not too helpful. Apparently the package name isn't the same as the file the loader is complaining about. How do we find it? Try this to search the package database:

# <strong>apt-get install apt-file</strong>
# <strong>apt-file update</strong>

and then you will be able to do a search which returns useful results:

# <strong>apt-file search  libSDL_mixer-1.2.so.0</strong>
<em>libsdl-mixer1.2</em>: /usr/lib/libSDL_mixer-1.2.so.0
<em>libsdl-mixer1.2</em>: /usr/lib/libSDL_mixer-1.2.so.0.2.6

Aha! What we want is libsdl-mixer1.2 (Different capitalization and a hyphen instead of an underline, with the "-1.2" replaced by just "1.2"... who thinks these things up?)

Finally we do:

# <strong>apt-get install libsdl-mixer1.2</strong>

and... success!

Installing VirtualBox on Centos 5.2

Tags: centos virtualbox

Full instructions, particularly for "headless" installation, are here.

First we download the RPM for RedHat Enterprise Linux 5 (RHEL 5) which is the equivalent to Centos from the virtualbox.org site

After downloading (and renaming the file to eliminate everything after the .rpm) we install as follows but get an error:

# rpm -ivh VirtualBox-2.1.0_(version).rpm
...
No precompiled module for this kernel found! ...
Compilation of kernel module FAILED! ...
Please consult
   /var/log/vbox-install.log
to find out why the kernel module does not compile.
Most probably the kernel sources are not found.
Install them and execute
   <strong>/etc/init.d/vboxdrv setup</strong>
as root.

To rectify this:

# yum install SDL kernel-devel kernel-headers
# KERN_DIR=/usr/src/kernels/2.6.18-whatever-your-current-kernel
# export KERN_DIR
# /etc/init.d/vboxdrv setup

Then add users to the vboxusers group:

# /usr/sbin/usermod -a -G vboxusers yourusername

and you should be able to launch VirtualBox from the Applications / System Tools menu.

Have fun!