Hi, Happy new year I’m not a server administration but I rent mid-december a dedicated server in France at OVH with debian 6 with ispconfig 3.0.4.1 (EG SSD). thanks for your work. First question, I think the distribution I received has some modifications. Please, could you confirm that this message is not important: Error: (CLI:003) Specified controller does not exist. PHP Warning: Invalid argument supplied for foreach() in /usr/local/ispconfig/server/lib/classes/monitor_tools.inc.php on line 1072 FATAL: Could not load /lib/modules/2.6.38.2-grsec-xxxx-grs-ipv6-64/modules.dep: No such file or directory Failed to load mptctl Second question last week there were some attacks (especially in the mailing system), but I didn’t pay attention because we don’t use too much and everything seems to work. The 22th December, according logwatch, everything was ok Amavisd-new Begin: 13 messages checked and passed. 4 spam messages were found. 1 messages with bad headers were found. The 23th December, Amavisd-new Begin: 20 messages checked and passed. 2 spam messages were found. **Unmatched Entries** NOTICE: reconnecting in response to: err=2006, HY000, DBD::mysql::st execute failed: MySQL server has gone away at (eval 103) line 166, <GEN147> line 4.: 1 Time(s) And worst and worst …… And now in the mail warn log, I have: an 1 06:26:12 nsxxx amavis[2866]: (02866-02) (!)ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: Aucun fichier ou dossier de ce type, retrying (2) Jan 1 06:26:12 nsxxxx amavis[9430]: (09430-20) (!)ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: Aucun fichier ou dossier de ce type, retrying (2) Jan 1 06:26:18 nsxxx amavis[2866]: (02866-02) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: Aucun fichier ou dossier de ce type) at (eval 105) line 373.\n Jan 1 06:26:18 nsxxx amavis[2866]: (02866-02) (!!)WARN: all primary virus scanners failed, considering backups Please, could you confirm me Clamav didn’t work any more and tell me how to fix that without disturbing ispconfig / which package version (server is working full) Third, I saw there are firewall and iptable inside ispconfig, but the manual is not too much verbose. Does it work like shorewall? If not, can I install shorewall without disturbing ISPCONFIG3? I would like to ban manually some ip. Is this possible to perform with ISPCONFIG? Is the a tuto specifically to ispconfig? thanks for your answers. regards
None of the above is a real security problem, the things you posted above is the normal "noise" that you find in the log files and no attacks on your server. 1) Thats ok. There is some driver software installed on your server but the hardware is not installed. Thats normal on OVH servers as they use the same server image for different servers. This can be ignored. 2) Restart clamd 3) ISPConfig uses the Bastille firewall script which is based on iptables. You can use any firewall on a ispconfig server, just ensure that you do not enable the ispconfig firewall when you have already a different firewall installed.
Thanks for the answer. Unfortunately, clamAV does not work any more Tried to reastall the whole thing according the tuto. Get some error message. Get: dpkg -l | grep clamav ii clamav 0.97.2+dfsg-1~squeeze1 anti-virus utility for Unix command-line interface ii clamav-base 0.97.3+dfsg-1~lenny1 anti-virus utility for Unix - base package rc clamav-daemon 0.97.2+dfsg-1~squeeze1 anti-virus utility for Unix - scanner daemon ii clamav-docs 0.97.3+dfsg-1~lenny1 anti-virus utility for Unix - documentation ii clamav-freshclam 0.97.2+dfsg-1~squeeze1 anti-virus utility for Unix - virus database update utility ii libclamav6 0.97.2+dfsg-1~squeeze1 anti-virus utility for Unix - library Is it the source of the problem and how to fix that? What is the command related? Logwatch: **Unmatched Entries** (!!)WARN: all primary virus scanners failed, considering backups: 4 Time(s) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: Aucun fichier ou dossier de ce type) at (eval 105) line 373.\n: 4 Time(s) (!)ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: Aucun fichier ou dossier de ce type, retrying (2): 4 Time(s) NOTICE: reconnecting in response to: err=2006, HY000, DBD::mysql::st execute failed: MySQL server has gone away at (eval 103) line 166, <GEN72> line 4.: 1 Time(s) NOTICE: reconnecting in response to: err=2006, HY000, DBD::mysql::st execute failed: MySQL server has gone away at (eval 103) line 166, <GEN91> line 5.: 1 Time(s) NOTICE: reconnecting in response to: err=2006, HY000, DBD::mysql::st execute failed: MySQL server has gone away at (eval 103) line 166, <GEN122> line 4.: 1 Time(s) Thanks
Please restart MySQL. Please check your clamd configuration to find out where the socket is located and then adjust the socket location in your amavisd configuration. Restart amavisd afterwards.
Hi, I get some error message. At the begining, the passord root and the mysql were the same. Then I change the root password (not the mysql)- i don't remember when. Could be at the origin of the problem? What should I do to fix that? Should I change the word 'root' by the "new password root" in /usr/local/ispconfig/server/lib/mysql_clientdb.conf (even if it works well for all the website and forum and i believe (wrong?) rootsw mean the same value than there is in the system) regards
The things get worst and worst... Mail-Error - Log Code: Jan 1 06:26:18 xxxxx amavis[2866]: (02866-02) (!!)WARN: all primary virus scanners failed, considering backups ………………………………… Jan 4 10:12:48 xxxxx amavis[2912]: (02912-06) (!!)TROUBLE in process_request: connect_to_sql: unable to connect to any dataset at (eval 103) line 241, line 4. at (eval 104) line 280, line 4. …………………………………… Jan 4 20:12:40 xxxxx postfix/smtp[30172]: fatal: mysql:/etc/postfix/mysql-virtual_relaydomains.cf(0,lock|fold_fix): table lookup problem Jan 4 20:12:41 xxxxxxx postfix/error[30175]: fatal: mysql:/etc/postfix/mysql-virtual_relaydomains.cf(0,lock|fold_fix): table lookup problem Jan 4 20:12:42 xxxxxx postfix/qmgr[9610]: fatal: mysql:/etc/postfix/mysql-virtual_relaydomains.cf(0,lock|fold_fix): table lookup problem Mail-Warn - Log Code: Jan 4 20:39:02 xxxx amavis[8868]: (08868-05) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: Aucun fichier ou dossier de ce type) at (eval 105) line 373.\n Jan 4 20:39:02 xxxx amavis[8868]: (08868-05) (!!)WARN: all primary virus scanners failed, considering backups Jan 4 20:39:02 xxxxx amavis[30174]: (30174-02) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: Aucun fichier ou dossier de ce type) at (eval 105) line 373.\n Jan 4 20:39:02 xxxxx amavis[30174]: (30174-02) (!!)WARN: all primary virus scanners failed, considering backups …………………………………………………….. Jan 4 20:12:40 xxxxx amavis[8869]: (08869-04) (!)Requesting process rundown after fatal error Jan 4 20:12:40 xxxxx postfix/smtp[30172]: warning: connect to mysql server 127.0.0.1: Can't connect to MySQL server on '127.0.0.1' (111) Jan 4 20:12:40 xxxxx postfix/smtp[30172]: fatal: mysql:/etc/postfix/mysql-virtual_relaydomains.cf(0,lock|fold_fix): table lookup problem Jan 4 20:12:41 xxxxx postfix/qmgr[9610]: warning: private/amavis socket: malformed response Jan 4 20:12:41 xxxxx postfix/qmgr[9610]: warning: transport amavis failure -- see a previous warning/fatal/panic logfile record for the problem description Jan 4 20:12:41 xxxxx postfix/master[10836]: warning: process /usr/lib/postfix/smtp pid 30172 exit status 1 Jan 4 20:12:41 xxxxx postfix/master[10836]: warning: /usr/lib/postfix/smtp: bad command startup -- throttling Jan 4 20:12:41 xxxxx postfix/error[30175]: warning: connect to mysql server 127.0.0.1: Can't connect to MySQL server on '127.0.0.1' (111) Jan 4 20:12:41 xxxxx postfix/error[30175]: fatal: mysql:/etc/postfix/mysql-virtual_relaydomains.cf(0,lock|fold_fix): table lookup problem Jan 4 20:12:42 xxxxx postfix/qmgr[9610]: warning: private/retry socket: malformed response Jan 4 20:12:42 xxxxx postfix/qmgr[9610]: warning: transport retry failure -- see a previous warning/fatal/panic logfile record for the problem description Jan 4 20:12:42 xxxxx postfix/master[10836]: warning: process /usr/lib/postfix/error pid 30175 exit status 1 Jan 4 20:12:42 xxxxx postfix/master[10836]: warning: /usr/lib/postfix/error: bad command startup -- throttling Jan 4 20:12:42 xxxxx postfix/qmgr[9610]: warning: connect to mysql server 127.0.0.1: Can't connect to MySQL server on '127.0.0.1' (111) Jan 4 20:12:42 xxxxx postfix/qmgr[9610]: fatal: mysql:/etc/postfix/mysql-virtual_relaydomains.cf(0,lock|fold_fix): table lookup problem Jan 4 20:12:43 xxxxx postfix/master[10836]: warning: process /usr/lib/postfix/qmgr pid 9610 exit status 1 Jan 4 20:16:44 xxxxx amavis[8868]: (08868-04) (!)ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: Aucun fichier ou dossier de ce type, retrying (2) I tried to install again: Code: apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl restart mysql and get this message Code: /etc/init.d/mysql restart Stopping MySQL database server: mysqld. Starting MySQL database server: mysqld. Checking for corrupt, not cleanly closed and upgrade needing tables.. Then I got panic and restart apache 2 (dont't ask why) Code: Restarting web server: apache2[Wed Jan 04 21:17:09 2012] [warn] NameVirtualHost xxxxx:80 has no VirtualHosts [Wed Jan 04 21:17:09 2012] [warn] NameVirtualHost xxxxx:443 has no VirtualHosts ... waiting [Wed Jan 04 21:17:10 2012] [warn] NameVirtualHost xxxxx:80 has no VirtualHosts [Wed Jan 04 21:17:10 2012] [warn] NameVirtualHost xxxxx:443 has no VirtualHosts root@nsxxxxx:/etc/apache2# grep -i "NameVirtualHost" * ports.conf:NameVirtualHost *:80 ports.conf: # If you add NameVirtualHost *:443 here, you will also have to change I had a look at # netstat -tap | grep mysql Code: tcp 0 0 *:mysql *:* LISTEN 5869/mysqld tcp 1 0 localhost.localdo:41473 localhost.localdo:mysql CLOSE_WAIT 8868/amavisd (ch5-a tcp 1 0 localhost.localdo:59140 localhost.localdo:mysql CLOSE_WAIT 30174/amavisd (ch3- tcp 1 0 localhost.localdo:59140 localhost.localdo:mysql CLOSE_WAIT 30174/amavisd (ch3 By now I'm taking some Valium to be quiet for the rest of the week. Is there a way to fix this mess? thanks regards
1) apache is fine. What you posted above are no errors. 2) Your email problems are most likely related to mysql problems. Try to login to mysql with the username and password that you find in the files /etc/postfix/mysql-virtual_forwardings.cf o check if the login works. 3) restart dovecot.
Hi, you're absolutely right. I open the file and try to connect with the username and password (original/never changed) Code: root@xxxxx:~# mysql --user=xxxxx--password=xxxxxxx ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) So that what I should do? thanks best regards
Please post the mysql my.cnf configuration file. The path is either in /etc/my.cnf or /etc/mysql/my.cnf Additionally post the output of: ls -la /var/run/mysqld/
mysql my.cnf configuration file Code: # # The MySQL database server configuration file. # # You can copy this to one of: # - "/etc/mysql/my.cnf" to set global options, # - "~/.my.cnf" to set user-specific options. # # One can use all long options that the program supports. # Run program with --help to get a list of available options and with # --print-defaults to see which it would actually understand and use. # # For explanations see # http://dev.mysql.com/doc/mysql/en/server-system-variables.html # This will be passed to all mysql clients # It has been reported that passwords should be enclosed with ticks/quotes # escpecially if they contain "#" chars... # Remember to edit /etc/mysql/debian.cnf when changing the socket location. [client] port = 3306 socket = /var/run/mysqld/mysqld.sock # Here is entries for some specific programs # The following values assume you have at least 32M ram # This was formally known as [safe_mysqld]. Both versions are currently parsed. [mysqld_safe] socket = /var/run/mysqld/mysqld.sock nice = 0 [mysqld] # # * Basic Settings # user = mysql pid-file = /var/run/mysqld/mysqld.pid socket = /var/run/mysqld/mysqld.sock port = 3306 basedir = /usr datadir = /var/lib/mysql tmpdir = /tmp language = /usr/share/mysql/english skip-external-locking # # Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. #bind-address = 127.0.0.1 # # * Fine Tuning # key_buffer = 16M max_allowed_packet = 16M thread_stack = 192K thread_cache_size = 8 # This replaces the startup script and checks MyISAM tables if needed # the first time they are touched myisam-recover = BACKUP #max_connections = 100 #table_cache = 64 #thread_concurrency = 10 # # * Query Cache Configuration query_cache_limit = 1M query_cache_size = 16M # # * Logging and Replication # # Both location gets rotated by the cronjob. # Be aware that this log type is a performance killer. # As of 5.1 you can enable the log at runtime! #general_log_file = /var/log/mysql/mysql.log #general_log = 1 # # Error logging goes to syslog due to /etc/mysql/conf.d/mysqld_safe_syslog.cnf. # # Here you can see queries with especially long duration #log_slow_queries = /var/log/mysql/mysql-slow.log #long_query_time = 2 #log-queries-not-using-indexes # # The following can be used as easy to replay backup logs or for replication. # note: if you are setting up a replication slave, see README.Debian about # other settings you may need to change. #server-id = 1 #log_bin = /var/log/mysql/mysql-bin.log expire_logs_days = 10 max_binlog_size = 100M #binlog_do_db = include_database_name #binlog_ignore_db = include_database_name # # * InnoDB # # InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/. # Read the manual for more InnoDB related options. There are many! # # * Security Features # # Read the manual, too, if you want chroot! # chroot = /var/lib/mysql/ # # For generating SSL certificates I recommend the OpenSSL GUI "tinyca". # # ssl-ca=/etc/mysql/cacert.pem # ssl-cert=/etc/mysql/server-cert.pem # ssl-key=/etc/mysql/server-key.pem [mysqldump] quick quote-names max_allowed_packet = 16M [mysql] #no-auto-rehash # faster start of mysql but no tab completition [isamchk] key_buffer = 16M # # * IMPORTANT: Additional settings that can override those from this file! # The files must end with '.cnf', otherwise they'll be ignored. # !includedir /etc/mysql/conf.d/ ls -la /var/run/mysqld/ Code: root@xxxx:~# ls -la /var/run/mysqld/ total 12 drwxr-xr-x 2 mysql root 4096 5 janv. 10:06 . drwxr-xr-x 15 root root 4096 4 janv. 21:17 .. -rw-rw---- 1 mysql mysql 6 5 janv. 10:06 mysqld.pid srwxrwxrwx 1 mysql mysql 0 5 janv. 10:06 mysqld.sock thanks regards
