Increasing cPanel /tmp size

 cPanel, Fixing Shit, Linux, Shell  No Responses »
May 072011
 

By default, cPanel sets up a paltry <512MB /tmp disk. This isn't nearly large enough for large file uploads or other disk-intensive purposes. While it's better to use RAM for temporary storage, sometimes you need a place to dump huge files (such as uploads). Luckily, raising the /tmp disk size has been fairly simple. cPanel's script to secure the /tmp partition against drop-in hacks by making it noexec can also resize the /tmp directory.

The file we'll be modifying is:


/scripts/securetmp

Until recently, modifying one variable was enough to change this, but it seems like there was a change recently that has caused that method to no longer remount /tmp properly. Luckily, the fix for this is two additional small changes to the file.

Let's open up /scripts/securetmp in your favorite editor:


nano /scripts/securetmp

First, we're going to modify line 49:


my $auto = 1

If this isn't already set to 1, set it. Just makes things easier. Next, let's set the /tmp size, line 148:


my $tmpdsksize = 2097152;

This size is in KB - 2GB aught to do it. Now, to fix the issue of mounting /tmp, line 289:


system 'mount', '-o', $mountkeyword . ',loop,noexec,nosuid', $tmpmnt, '/tmp';

We're adding "loop," to the options passed to the mount command to ensure that the system understands /tmp is a loopback device being created on /usr/tmpDSK. Save and exit your file.

Next, we need to shut off anything using /tmp:


/etc/init.d/mysql stop
/etc/init.d/httpd stop

And unmount it and /var/tmp:


umount /tmp
umount /var/tmp

If you get errors, retry a few times, it'll usually unmount after the 2nd or 3rd try. If you're still getting errors, make sure nothing is open in /tmp:


lsof | grep /tmp

Shut it down or delete it. Next, we need to remove the existing /tmp partition file:


rm -f /usr/tmpDSK

And finally, create the new device:


/scripts/securetmp

Depending on the size of your partition, this may take up to 15-20 minutes. After you're done, start everything back up and ensure /tmp is mounted and the right size with a simple:


df -h

 Posted by Jordan Cooks at 10:43 pm

Installing New Plesk Components on Linux

 Fixing Shit, Installing Shit, Plesk, Shell  No Responses »
Apr 092011
 

Installing New Components

Ever been in a Plesk box but can’t find certain components, like ASP support, or the backup manager? This is because Plesk installs whatever you tell it to at the initial install, and only whatever you tell it to. This leads to a lot of missing components that you might be used to having access to. Plesk won’t tell you anything in the GUI except that the component is not installed, so you must hunt down this binary:

/usr/local/psa/admin/bin/autoinstaller

This is the Plesk Autoinstaller, which will allow you, through its byzantine menu corridors, to find the gold that is the component you need. Navigating it is fairly simple, although you’ll probably want to read all of the text on the screen if this is your first time.

However, a more sinister condition awaits you – the fact that the Plesk autoinstaller apparently doesn’t know how to fucking resolve rpm dependencies. Why is it called an autoinstaller if it doesn’t automatically install anything extra? I don’t know.

Resolving Plesk Component Dependencies

Luckily, it’s not that difficult to resolve RPM dependency errors. Did you get an error message that looks something like this?


Retrieving information about the installed packages...
File downloading PSA_9.3.0/dist-rpm-CentOS-5-x86_64/build-9.3.0-cos5-x86_64.hdr.gz: 10%..20%..30%..40%..50%..60%..70%..80%..90%..100% was finished.
File downloading PSA_9.3.0/update-rpm-CentOS-5-x86_64/update-9.3.0-cos5-x86_64.hdr.gz: 10%..20%..30%..40%..50%..60%..70%..80%..90%..100% was finished.
File downloading PSA_9.3.0/thirdparty-rpm-CentOS-5-x86_64/thirdparty-9.3.0-cos5-x86_64.hdr.gz: 13%..25%..31%..40%..54%..60%..72%..83%..95%..100% was finished.
Determining the packages that need to be installed.
ERROR: Unable to install the "psa-backup-manager-9.3.0-cos5.build93091230.06.x86_64" package.
Not all packages were installed.
Please, contact product technical support.
[root@host2 plesk]#

Not to worry! First, try Google to find that RPM – Plesk allows their FTP server to be directory indexed, so it shouldn’t be hard to find the exact RPM it’s erroring out on. Try downloading the .rpm file and installing it manually using rpm -i:

wget http://autoinstall.swsoft.com.cn/PSA_9.3.0/dist-rpm-CentOS-5-x86_64/opt/backup/psa-backup-manager-9.3.0-cos5.build93091230.06.x86_64.rpm
rpm -i psa-backup-manager-9.3.0-cos5.build93091230.06.x86_64.rpm

If all goes well, you’ll get output messages listing the failed dependencies. Ignore any Plesk-looking dependencies, the auto-installer actually fixes these. Use yum to install any other system packages you may need.

 Posted by Jordan Cooks at 7:40 pm

cPanel’s Built-in php.ini File

 cPanel, Fixing Shit, Installing Shit, Linux, Shell  No Responses »
Apr 092011
 

Because I lose track of it all the time, this is the location to the php.ini file for cPanel’s built-in PHP installation.

/usr/local/cpanel/3rdparty/etc/php.ini

And, since it’s slightly relevant, you can rebuild the internal PHP installation with this script:

/scripts/makecppphp

 Posted by Jordan Cooks at 1:00 pm

Troubleshooting Slow mySQL Performance with mtop

 Fixing Shit, Linux, Shell  No Responses »
Apr 082011
 

mySQL is the database backbone behind a wide variety of software programs and scripts, but most people don’t know how to code for it properly. As such, mySQL-related overloads and optimization of sub-par mySQL databases can take a lot of time. The easiest way to track and troubleshoot troublesome threads is with mtop – live mySQL query querying.

Prerequisites

mtop requires curses. In CentOS, this is as simple as a few yum commands. There are a few extra steps for cPanel compatibility.

  1. Install curses and curses-devel:

    yum install curses curses-devel

  2. Install curses-Perl:

    yum install curses-Perl

    1. If you’re on cPanel, you’ll first need to remove the perl* exclude from yum.conf.

      nano /etc/yum.conf

      In the exclude= line, remove “perl*” – save (CTRL+O) and exit (CTRL+X). Be sure to add it back after installing curses-Perl as per the above command.

Install mtop

Now it’s time to fetch the latest version of mtop and compile it. The homepage is here if you wish to check for the latest version. As of this post, we will be using 0.6.6, the latest version.

  1. Grab the mtop source:

    wget http://softlayer.dl.sourceforge.net/project/mtop/mtop/v0.6.6/mtop-0.6.6.tar.gz

  2. Configure, make, and install:

    tar -zxf mtop-0.6.6.tar.gz
    cd mtop-0.6.6
    perl Makefile.PL
    make
    make install

Configure and run

By default, mtop doesn’t connect as the root user. For most server installations, we want to connect as root. Here’s the quickest and easiest way to run mtop.

  1. Find your current mySQL root password:

    cat /root/.my.cnf

  2. Copy the root password (and hostname, if different than localhost) and run the command as follows:

    mtop --host=YOURHOSTNAME --dbuser=root --password=YOURPASSWORD --seconds=1

 Posted by Jordan Cooks at 8:46 pm

Adding a New mySQL Access Host

 cPanel, Fixing Shit, Linux  No Responses »
Apr 082011
 

So you’ve migrated to a new database server, or a new web server, or you’ve added a new database server to your cluster. The problem is, all of your mySQL users only have grants on the old server. Luckily, the guys at cPanel know your pain and have added an easy way to make sure all of your users have access to their databases.

Add the new hostname

  1. Back up the “mysql” database before making ANY changes.

  2. Log in to WHM as root
  3. Navigate to SQL Services->Additional SQL Access Hosts
  4. Put the new IP address that you’ll be accessing FROM in the box

If you’ve got a deadline, you can add the host % here – this will allow access to mySQL from all hosts. SQL authentication is still required, so you’re not exposing any passwords, but if your clients use insecure mySQL usernames, passwords, and database prefixes, this could still leave you open to a huge SQL injection vulnerability risk, so it is highly not recommended.

Add the grants

  1. Navigate back to the Additional SQL Access Hosts page, and at the bottom of the page, click the link labeled “click here.”
  2. Wait for the process to finish and confirm access.

This quick-and-dirty method will ensure your users will still be able to authenticate using their same passwords, and saves a lot of nasty mySQL batch work.

 Posted by Jordan Cooks at 12:30 pm

Setting up password protection in IIS 7

 GUI, Windows  No Responses »
Apr 072011
 

So you’ve got a client that wants to password protect their sites. Easy-peasy! But wait, they’re running IIS without any sort of control panel? The horrors! Luckily, IIS makes this fairly simple, as long as you’re okay with using Windows user accounts.

Prerequisites

There are a few prerequisites set up for this. If you installed IIS 7 and you know all of the available Security modules are installed, you may skip this step. Otherwise, we need to install the Windows Authentication and URL Authorization modules.

  1. Open Server Manager – Start->Administrative Tools->Server Manager
  2. Navigate Roles->Web Server (IIS).
  3. Click “Add Features”
  4. Ensure that “Windows Authentication” and “URL Authorization” are checked off under the “Security” options.

Creating the User Accounts

  1. Open Computer Management – Start->Administrative Tools->Computer Management.
  2. Expand Local Users and Groups, select Users
  3. Right-click, select New User…
  4. Fill in an appropriate username and password – and I recommend putting the domain name in the Full Name field, for record-keeping. Make sure to uncheck “user must change password at next logon,” and check “Password never expires” to prevent issues down the road.
  5. Repeat as needed.

Set up the IIS site

  1. Open Internet Information Services (IIS) Manager – Start->Administrative Tools->Internet Information Services (IIS) Manager.
  2. Expand the Sites tab and select your domain name
  3. Click Authentication
  4. Right-click Anonymous Authentication, click Disable
  5. Right-click Windows Authentication, click Enable

That’s put IIS out of pass-through anonymous authentication mode using the IUSR and has set it to require a Windows authentication pop-up box. That’s half the battle – now to make sure the site only loads when our specific user inputs their username and password.

  1. Go back to the domain name in IIS and click Authorization Rules.
  2. Right-click on the default rule and click Edit.
  3. Click the radio next to Specified Users and type your username into the box

For more background information on these commands, check out these IIS help pages: Windows Authentication, Security Authorization.

 Posted by Jordan Cooks at 10:46 pm

cPanel ffmpeg install

 cPanel, Installing Shit, Linux, Shell  1 Response »
Apr 012011
 

There are many tutorials on how to install ffmpeg for cPanel. I will be combining one with my own modifications. Please submit modifications or corrections when necessary and I will update this post. The last update to this post was January 20, 2012.

Some Prerequisites

There are a few things you’ll need to prepare if you’re on a fresh installation.

  1. Subversion

    2. Subversion is required to download and install ffmpeg and mplayer. First, you need to allow yum to install Perl packages.

    nano -w /etc/yum.conf

    In the exclude= line, remove “perl*” – save (CTRL+O) and exit (CTRL+X).

    yum install subversion

    Be sure to add the perl* line back to /etc/yum.conf after you install subversion! This is to prevent yum from accidentally overwriting cPanel’s Perl modules.

  2. Git

    3. Git is required because for some reason, when you install mplayer, it forces you to download a Git repository of ffmpeg. Don’t use this repository for installing ffmpeg – it breaks with a strange error message. How you install Git will vary across OSes. On CentOS 5.5 x64, there are several dependencies as well.

    yum install gettext-devel expat-devel curl-devel zlib-devel openssl-devel
    cd /usr/local/src
    wget http://git-core.googlecode.com/files/git-1.7.7.tar.gz
    tar -zxf git-1.7.7.tar.gz
    cd git-1.7.7
    make prefix=/usr/local all
    make prefix=/usr/local install

  3. Ruby

    4. Ruby is required for flvtool. You can install this using the cPanel script:

    /scripts/installruby

    If you’re not using cPanel, you can probably install this using your package manager.

  4. libXext

    5. libXext is required for MP4Box. It’s in the yum repositories.

    yum install libXext libXext-devel

  5. Remove any other installations

    6. You might already have ffmpeg installed. If it was compiled in, that’s fine, this will overwrite it. But if you have RPM binaries installed, this will cause issues. Run the following:

    rpm -qa | grep ffmpeg
    rpm -qa | grep mplayer
    rpm -qa | grep mencoder
    rpm -qa | grep 264

    Remove with rpm -e any libraries, common files, or binary installations of these packages to prevent conflicts.

Download All The Things

One note; the official distribution release of ffmpeg-php no longer compiles. The SVN version available here works, but the SVN tarball link here can’t easily be downloaded in a terminal session, so I’ve rehosted the file here on this server. This is not my file, I haven’t modified it, and I take no responsibility for it – it’s merely a copy of the file available from the above link.

  1. Let’s get started! This step can and probably should be copy/pasted into your terminal all in one block.


    2. cd /usr/local/src
    wget http://rubyforge.org/frs/download.php/17497/flvtool2-1.0.6.tgz
    tar zxf flvtool2-1.0.6.tgz
    wget http://switch.dl.sourceforge.net/sourceforge/lame/lame-398-2.tar.gz
    tar zxf lame-398-2.tar.gz
    wget http://hasaninter.net/ffmpeg-php.tar.gz
    tar xzf ffmpeg-php.tar.gz
    wget http://downloads.xiph.org/releases/vorbis/libvorbis-1.2.3.tar.bz2
    tar xjf libvorbis-1.2.3.tar.bz2
    wget http://downloads.xiph.org/releases/ogg/libogg-1.1.4.tar.gz
    tar xzf libogg-1.1.4.tar.gz
    wget http://sourceforge.net/projects/opencore-amr/files/opencore-amr/0.1.2/opencore-amr-0.1.2.tar.gz/download
    tar xzf opencore-amr-0.1.2.tar.gz
    wget http://downloads.xiph.org/releases/theora/libtheora-1.1.1.tar.bz2
    tar xjf libtheora-1.1.1.tar.bz2
    wget http://downloads.xvid.org/downloads/xvidcore-1.3.2.tar.gz
    tar zxf xvidcore-1.3.2.tar.gz
    wget http://downloads.sourceforge.net/faac/faad2-2.7.tar.gz
    tar zxf faad2-2.7.tar.gz
    wget http://downloads.sourceforge.net/faac/faac-1.28.tar.gz
    tar zxf faac-1.28.tar.gz
    mkdir /usr/local/lib/codecs
    wget ftp://ftp.mplayerhq.hu/MPlayer/releases/codecs/essential-20071007.tar.bz2
    tar xjf essential-20071007.tar.bz2
    wget http://www.tortall.net/projects/yasm/releases/yasm-1.2.0.tar.gz
    tar zxf yasm-1.2.0.tar.gz
    cp /usr/local/src/essential-20071007/* /usr/local/lib/codecs/
    chmod -R 755 /usr/local/lib/codecs/
    mkdir /usr/local/src/tmp
    chmod 777 /usr/local/src/tmp
    export TMPDIR=/usr/local/src/tmp
    svn co https://gpac.svn.sourceforge.net/svnroot/gpac/trunk/gpac gpac
    git clone git://git.videolan.org/x264.git

  2. Now it’s time to grab mplayer and ffmpeg, the latest versions possible.


    3. git clone git://git.videolan.org/ffmpeg.git ffmpeg
    svn checkout svn://svn.mplayerhq.hu/mplayer/trunk mplayer

Let’s Compile This Shit!

Alright, now we’re down to the good stuff – compilation! Hopefully if the above steps went correctly this will just fly by. However I do not recommend that you copy and paste the entire command tree into the terminal at this point. Run everything one step at a time to catch any errors if they do occur. Google is your friend, but feel free to leave a comment here if you run in to any problems.

  1. Lame


    2. cd /usr/local/src/lame-398-2/
    ./configure
    make
    make install

  2. Libogg


    3. cd /usr/local/src/libogg-1.1.4
    ./configure
    make
    make install

  3. Libvorbis


    4. cd /usr/local/src/libvorbis-1.2.3
    ./configure
    make
    make install

  4. yasm


    5. cd /usr/local/src/yasm-1.2.0
    ./configure
    make
    make install

  5. Libxvid


    6. cd /usr/local/src/xvidcore/build/generic
    ./configure
    make
    make install

  6. Libx264


    7. cd /usr/local/src/x264
    ./configure --enable-shared
    make
    make install

  7. Flvtool


    8. cd /usr/local/src/flvtool2-1.0.6
    ruby setup.rb config
    ruby setup.rb setup
    ruby setup.rb install

  8. Opencore-amr


    9. cd /usr/local/src/opencore-amr-0.1.2
    ./configure
    make
    make install

  9. Libtheora


    10. cd /usr/local/src/libtheora-1.1.1
    ./configure
    make
    make install

  10. faad2


    11. cd /usr/local/src/faad2-2.7
    ./configure
    make
    make install

  11. faac


    12. cd /usr/local/src/faac-1.28
    ./configure
    make
    make install

  12. MP4Box


    13. cd /usr/local/src/gpac
    ./configure
    make
    make install

  13. ldconfig

    14. To make sure mplayer and ffmpeg install using the correct libs, we need to make sure ld knows where to find our libraries. First, check:

    nano /etc/ld.so.conf

    Make sure that this file contains the line:

    /usr/local/lib

    If you’re on a 64-bit system you should also add:

    /usr/local/lib64

    Save (CTRL+O), exit (CTRL+W), and then update:

    ldconfig

    If you run in to any “file not found” errors, it’s probably ldconfig.

  14. Mplayer – remember, this will download a new version of ffmpeg for some crazy reason. When it asks, just hit enter and allow it to download. It’s only used for compiling mplayer. We must use –yasm=” because we’ve switched from yasm to nasm and mplayer can’t deal with that.


    15. cd /usr/local/src/mplayer/
    ./configure --enable-jpeg
    make
    make install

  15. FFMpeg


    16. cd /usr/local/src/ffmpeg
    ./configure --enable-libmp3lame --enable-libvorbis --enable-shared --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-nonfree --enable-libtheora --enable-version3
    make
    make install

  16. FFMpeg-PHP – at this point you may receive an error message. To fix this error refer to the second code block.


    17. cd /usr/local/src/ffmpeg-php
    phpize
    ./configure
    make
    make install


    nano -w ffmpeg_frame.c
    CTRL+W CTRL+R PIX_FMT_RGBA32 [enter] PIX_FMT_RGB32
    A
    CTRL+O CTRL+X

    What this does is replaces all instances of PIX_FMT_RGBA32 with PIX_FMT_RGB32, saves, and exits. This will happen after the “make” step – you will need to run “make” again, then “make install.”

  17. php.ini – All that’s left is to modify your php.ini file! Add the following near the top of the file /usr/local/lib/php.ini (to avoid conflicts)


    18. extension=ffmpeg.so

  18. Restart Apache

    19. /etc/init.d/httpd restart

That’s It!

At this point you should have a fully functional ffmpeg installation compiled in to PHP. You can test this with the following:


php -m | grep ffmpeg
You should get the output:

ffmpeg

Thank you very much to serverhostingsecrets.com for providing a very stable base for me to build this tutorial on!

 Posted by Jordan Cooks at 10:38 pm
© 2012 has an internet? Suffusion theme by Sayontan Sinha