Category Archives: General

Installing a Perl module using CPAN

In this short post, we will discuss on how to install a perl module using CPAN.

First, login to the CPAN interactive shell using the command:

# cpan

Once, you are in, install a module using the syntax,

cpan> install package:function

eg, to install the module JSON::Parse, hit the following in the shell :

cpan> install JSON::Parse

The installation will check for certain test cases. If any of those tests fail, you wont be able to install the module. Analyse the result of the tests and if you feel you are good to go, even with the failed result, force install the module using :

cpan> force install JSON::Parse

Thats it !

 

Virtuozzo – Not able to start/stop a mounted VPS ?

There are many situations in which you may find a VPS in its mounted state. Usually a # vzctl start VEID, would attempt to start the container back. But there are situations in which this task would be hung in the system memory.

You may get something an error similar to this when attempting to start/stop the VE :

# vzctl stop VEID

Cannot lock container.

If you encounter this issue, check for the VE lock file, you can view the file and note the process which is being run :

# cat /vz/lock/VEID.lck

You can find a process id and the task name from the above command.  You can check what the process is by initiating :

# ps ax | grep PID

If this is some hung process waiting infinitely, try to kill the process, remove the lock file and attempt to start/stop the VE.

If the process is related to quota calculation, run the following command :

# veid=VE_ID; vzctl stop $veid; vzctl quotaoff $veid; vzctl quotainit $veid; vzctl start $veid; vzctl enter $veid

( just specify the VEID in the field VE_ID and run the above )

– Still, if you face this error, do the following on the mounted VE :

# vzctl --skiplock umount VEID

Now once the VE is unmounted, restart it.

 

Error – /bin/rm: Argument list too long !

When trying to delete the files of a folder ( using # rm ) with lots of contents in it , you might get this error :

/bin/rm : Argument list too long

The traditional # rm command will not be able to delete too many files in a directory.

To get around this, use the command given below. Please note that the below command will delete all the files in the current directory in which you are logged into.

# find . -name '*' | xargs rm

( Again, make sure your pwd is the directory which you want to delete the files from, else, i have no words to describe it 😀 )

 

Apache error_log for a domain filled with PHP errors ?

There are situations in which the error_log associated with a domain fills up a good part of the disk space consumed.

Lets find what are they logging ! Is it something like,

[Date America/New_York] PHP Strict Standards: Non-static method JDispatcher::getInstance() should not be called statically in /path-to/file.php

We can see that PHP Strict-Standards errors are being reported here. As each and every strict standard errors is being reported, error_log will consume huge amount of space.

This is a change which has been seen in the newer version of PHP, which now reports E_STRICT errors on default.

To get around this issue, disable error reporting for strict standards, by adding the below line to PHP configuration file.

error_reporting = E_ALL & ~E_NOTICE & ~E_STRICT

SymLinks Attacks and prevention !

The vulnerability with Symlinks and Apache is a known cause of attack.

Initially, the attacker will find a compromised ‘single’ website or domain which has got any vulnerable scripts or 3rd party applications or any themes used in it and try to get access to the files.

Once he get access to a single domain, he moves forward by creating the symlinks to other websites or even he can symlink to / (root).

For eg, if you have the following symlink set in any domain,

link -> /root , using the directory ‘link’ anyone can actually access /root and can access any sensitive file.

Rather than manually creating this sort of symlinks, the hacker can even use any perl/cgi script to create a symlink to other users of the server.

As a basic solution for this, you can ensure that Apache is configured in a way so as not to following symlinks (Options -FollowSymLinks)

— To disable the ability for Apache to allow users to follow symbolic links in their requests, remove the FollowSymLinks directive on your Directory commands.

For example, if the below was the configuration then,

<Directory "/usr/local/apache/htdocs">
Options Indexes FollowSymLinks
AllowOverrride None
Order allow,deny
Allow from all

Remove the FollowSymLinks reference so that this reads:

<Directory "/usr/local/apache/htdocs">
Options Indexes
AllowOverrride None
Order allow,deny
Allow from all

If you really need symlinks, you can use the“SymLinksIfOwnerMatch” option to only allow links from within the same user.

To prevent PHP from accessing any file outside of their directory, you need to specify the ‘open_basedir’ setting ( in PHP configuration file ) to only have access to their directory.

This option can be enabled from WHM. You might face the following error :

This security tweak uses Apache DSO style directives. If PHP is configured to run as a CGI, SuPHP or FastCGI process, the open_basedir setting must be manually specified in the relevant php.ini file. See the EasyApache documentation for more information.

– If the PHP handler is set as CGI or SuPHP, then tweak settings seen in WHM cannot be used to set the openbase_dir option.

– You need to manually specify the openbase_dir option in the global
PHP configuration file ( use php -i |grep php.ini to find the php.ini location )

Keep in mind, the root cause for this attack or vulnerability is due any unsecured scripts/plugins/applications which might be employed in any of the domains. So, keep you server free from it, in the first place 😀

Out of memory during PHP scripts run-time ?

Facing the following error when running any PHP scripts ?

PHP Fatal error: Out of memory (allocated xxxxx, tried to allocate xxxx bytes)

Tried increasing the memory limit from php.ini file and still getting the above error ?

Initially, we might think this issue is with the memory limit factor
seen in php.ini file. But if we analyze the error we get we can see that the issue is not directly related with the PHP configuration settings.

Usually, when a PHP script does not have enough memory to execute itself, the error message seen would indicate the amount of memory exhausted, something like :

=========
Fatal error: Allowed memory size of xxxx bytes exhausted (tried to allocate xxxxxx bytes)
=========

When we analyse things further, we can see that the real issue lies within the Apache configuration. Apache have memory limits of its own set in the configuration files. This value is referred to as ‘RLimitMEM’

Explanation of RLimitMEM from the official documentation of Apache :

RLimitMEM Directive

It sets the soft resource limit for all processes and the second parameter sets the maximum resource limit. It indicate to the server that the limit should be set to the maximum allowed by the operating system configuration. Raising the maximum resource limit requires that the server is running as root, or in the initial startup phase.

This applies to processes forked off from Apache children servicing requests, not the Apache children themselves. This includes CGI scripts and SSI exec commands, but not any processes forked off from the Apache parent such as piped logs. Memory resource limits are expressed in bytes per process.

-> So, increase this value/limit from your httpd configuration file, to get around the issue.

Fed up with adwares ?

When we install some free programs we may also get some new toolbars and adwares. Some of them can access your browser settings and can change them. They contain malicious codes. In most of the cases the home page of the browser that we had set is changed to some other websites. And there is a chance of getting fake pop-ups such as “You have won a Samsung Galaxy S5. Click accept to get your prize” etc… Don’t click on any anonymous messages like this. They are doing this because they are getting ad-revenue. So the best thing we can do is to read the terms and conditions before downloading and installing a new free program. If third-party programs are available in the package, uncheck all the checkboxes related to that. Also make sure that you are downloading the program from official developer’s site or any other trusted site. babylon   If the damage is already done, then the next step we can do is to remove that program. Most of the adwares and toolbars are difficult to uninstall. Some of them will be there even after the removal. Removing each one separately is a tough task. Here is a simple tool every one can make a try. Adware Cleaner. You can download it from http://www.bleepingcomputer.com/download/adwcleaner/ Just run the file and click on the scan button. Then the application starts to check the files, folders and registry for unwanted harmful files and list them. ad   When the scan is completed, click on the clean button. Then you will get a warning message that “Adware cleaner must restart the computer to complete the removal process. The report will be opened on the next reboot”. Click on the OK button. 2 When the system is restarted, a .txt file containing the removed unwanted programs will be shown. You can close that text file and now your system is free from all unwanted programs. 🙂 (N.B: This tool cannot be used as a substitute for any anti-virus program. It won’t detect viruses).

How Do I get the functionality of CTRL+ALT+DELETE shortcut to a guest OS

When dealing with Microsoft Virtual Server, there might be situations in which you would need to pass CTRL+ALT+DELETE to the underlying VM.

However, pressing them do not work within a virtual machine because of the interaction between the host operating system and the guest operating system and you will be taken to the output related to the host machine.

To get over this and other special keys, you can use the Remote control menu of the VMRC ( Virtual Machine Remote Control ) as shown in the image below :

vmrc-client

 

As simple as a mouse click 🙂

Is your PC starting up slowly ?

No one of us likes to use a slow PC. We really get frustrated when we have to wait for a long time sitting idle in front of the PC waiting for it to start up, whether be it at home or at office.

Here are some simple ways to make your system faster. Open the start button and click on the Run button.

You can also get this run box by a keyboard shortcut. Win key + R.

image01

When the run box is displayed type “msconfig” in that and press enter ( ignore quotes) .

Then a System Configuration Utility box will pop-up. In that, select the startup tab and uncheck the items that you don’t want during the system startup.

Too much of startup items slows down your system. After disabling unwanted startup items click on Apply button and confirm the changes.

alan1

Once that is done, Restart the machine for the changes to take place, and notice the difference in speed  🙂