nobaloney
NoBaloney Internet Svcs - In Memoriam †
Generally a filesystem is mounted readonly because of a hardware problem.
Jeff
Jeff
ELS - Easy Linux Security script
- Thread starter smtalk
- Start date
globestern
New member
- Joined
- Dec 21, 2007
- Messages
- 4
very nice script... I love it 
thanks
thanks
TheBiaatch
Verified User
- Joined
- Jul 30, 2007
- Messages
- 8
I will wait for more replies and perhaps the stable version 3.0 because I can't afford that my box would be messed up, I just recently asked for a OS reload and it was free, but if I would ask again I'm sure I would have to pay...
Good work smtalk
Good work smtalk
Thanks for mentioning that, it's still corrupting fstab in version 3.0.0.3 unfortunately. After changing it over I was able to successfully remount the partition with the previous instructions of...
mount -o remount,rw /
mount -o remount,rw /tmp
Whereas before it was giving me an error (CentOS 4btw).
a few problems
a few problems
please help me
OS: CentOS 5 64BIT
I've installed all ELS but
:
1. Web mail can't login. (JUST GET BLANK SCREEN)
2. APF firewall start every day at 4am and block all trafic,
when I stop apf or iptables everything working until next day.
3. I Run a proxy site, and when you try to get a Site the server uses 100% of a HTTPD process and nothing comes up,
I'm thinking its something with "Disable dangerous PHP functions" so I tryed to remove it with "els --enablephpfunc" but I Get this:
Any IDEA?
Waiting for your help.
thanks ahead.
a few problems
please help me
OS: CentOS 5 64BIT
I've installed all ELS but
:1. Web mail can't login. (JUST GET BLANK SCREEN)
2. APF firewall start every day at 4am and block all trafic,
when I stop apf or iptables everything working until next day.
3. I Run a proxy site, and when you try to get a Site the server uses 100% of a HTTPD process and nothing comes up,
I'm thinking its something with "Disable dangerous PHP functions" so I tryed to remove it with "els --enablephpfunc" but I Get this:
Any IDEA?
Waiting for your help.
thanks ahead.
why my reply isn't showing here?
i was asking for help and my post removed.
1. apf is restarting every day 4AM bloking my server services.
2. some scripts like domain whois and php proxy are cousing high load to cpu and no result page.
i cant enable php func.
any Idea?
i was asking for help and my post removed.
1. apf is restarting every day 4AM bloking my server services.
2. some scripts like domain whois and php proxy are cousing high load to cpu and no result page.
i cant enable php func.
any Idea?
Last edited:
nobaloney
NoBaloney Internet Svcs - In Memoriam †
The DirectAdmin forum uses rather agressive spamblocking features so you won't be bothered with all those cute naked pictures of Brittany, et, al. The filters are very aggressive and do occasionally catch non-spam.
It appears that your apf restarts every day from cron.daily You can make changes to the appropriate script in /etc/cron.daily to keep that from happening but before you do that you should check to see what you've done wrong in your configurations; a simple restart in a properly configured apf firewall will not block your services.
This will probably require some forensic analysis if your server.
Is php turned on for the domain in question?
Jeff
I was trying enable: dangerous PHP functions
with :
els --enablephpfunc
but its show
Edit failed!
ahh...
and another thing,
the webmail dont work at all
when i try to log on i get blank page, I was thinking its somthing with the dangerous PHP functions disabled.
but i cant undo it,
please help...
with :
els --enablephpfunc
but its show
Edit failed!
ahh...
and another thing,
the webmail dont work at all
when i try to log on i get blank page, I was thinking its somthing with the dangerous PHP functions disabled.
but i cant undo it,
please help...
[root@tom ~]# mytop
Can't locate Term/ReadKey.pm in @INC (@INC contains: /usr/lib/perl5/5.8.5/i386-linux-thread-multi /usr/lib/perl5/5.8.5 /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.2/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.1/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.5 /usr/lib/perl5/site_perl/5.8.4 /usr/lib/perl5/site_perl/5.8.3 /usr/lib/perl5/site_perl/5.8.2 /usr/lib/perl5/site_perl/5.8.1 /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.2/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.1/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.5 /usr/lib/perl5/vendor_perl/5.8.4 /usr/lib/perl5/vendor_perl/5.8.3 /usr/lib/perl5/vendor_perl/5.8.2 /usr/lib/perl5/vendor_perl/5.8.1 /usr/lib/perl5/vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl .) at /usr/bin/mytop line 165.
[root@toms ~]# cpan
Terminal does not support AddHistory.
cpan shell -- CPAN exploration and modules installation (v1.7602)
ReadLine support available (try 'install Bundle::CPAN')
cpan> install Term::ReadKey
CPAN: Storable loaded ok
Going to read /root/.cpan/Metadata
Database was generated on Sun, 20 Jan 2008 02:39:47 GMT
LWP not available
CPAN: Net::FTP loaded ok
Fetching with Net::FTP:
ftp://ftp.nl.uu.net/pub/CPAN/authors/01mailrc.txt.gz
Going to read /root/.cpan/sources/authors/01mailrc.txt.gz
LWP not available
Fetching with Net::FTP:
ftp://ftp.nl.uu.net/pub/CPAN/modules/0****kages.details.txt.gz
Going to read /root/.cpan/sources/modules/0****kages.details.txt.gz
Database was generated on Wed, 30 Jan 2008 02:31:35 GMT
HTTP:
ate not available
There's a new CPAN.pm version (v1.9205) available!
[Current version is v1.7602]
You might want to try
install Bundle::CPAN
reload cpan
without quitting the current session. It should be a seamless upgrade
while we are running...
LWP not available
Fetching with Net::FTP:
ftp://ftp.nl.uu.net/pub/CPAN/modules/03modlist.data.gz
Going to read /root/.cpan/sources/modules/03modlist.data.gz
Going to write /root/.cpan/Metadata
Term::ReadKey is up to date.
cpan> q
Terminal does not support GetHistory.
Lockfile removed.
[root@tom ~]# mytop
Can't locate Term/ReadKey.pm in @INC (@INC contains: /usr/lib/perl5/5.8.5/i386-linux-thread-multi /usr/lib/perl5/5.8.5 /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.2/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.1/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.5 /usr/lib/perl5/site_perl/5.8.4 /usr/lib/perl5/site_perl/5.8.3 /usr/lib/perl5/site_perl/5.8.2 /usr/lib/perl5/site_perl/5.8.1 /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.2/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.1/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.5 /usr/lib/perl5/vendor_perl/5.8.4 /usr/lib/perl5/vendor_perl/5.8.3 /usr/lib/perl5/vendor_perl/5.8.2 /usr/lib/perl5/vendor_perl/5.8.1 /usr/lib/perl5/vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl .) at /usr/bin/mytop line 165.
[root@tom ~]#
??????
CentOs 4.6
Any Ideas??
Can't locate Term/ReadKey.pm in @INC (@INC contains: /usr/lib/perl5/5.8.5/i386-linux-thread-multi /usr/lib/perl5/5.8.5 /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.2/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.1/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.5 /usr/lib/perl5/site_perl/5.8.4 /usr/lib/perl5/site_perl/5.8.3 /usr/lib/perl5/site_perl/5.8.2 /usr/lib/perl5/site_perl/5.8.1 /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.2/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.1/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.5 /usr/lib/perl5/vendor_perl/5.8.4 /usr/lib/perl5/vendor_perl/5.8.3 /usr/lib/perl5/vendor_perl/5.8.2 /usr/lib/perl5/vendor_perl/5.8.1 /usr/lib/perl5/vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl .) at /usr/bin/mytop line 165.
[root@toms ~]# cpan
Terminal does not support AddHistory.
cpan shell -- CPAN exploration and modules installation (v1.7602)
ReadLine support available (try 'install Bundle::CPAN')
cpan> install Term::ReadKey
CPAN: Storable loaded ok
Going to read /root/.cpan/Metadata
Database was generated on Sun, 20 Jan 2008 02:39:47 GMT
LWP not available
CPAN: Net::FTP loaded ok
Fetching with Net::FTP:
ftp://ftp.nl.uu.net/pub/CPAN/authors/01mailrc.txt.gz
Going to read /root/.cpan/sources/authors/01mailrc.txt.gz
LWP not available
Fetching with Net::FTP:
ftp://ftp.nl.uu.net/pub/CPAN/modules/0****kages.details.txt.gz
Going to read /root/.cpan/sources/modules/0****kages.details.txt.gz
Database was generated on Wed, 30 Jan 2008 02:31:35 GMT
HTTP:
ate not availableThere's a new CPAN.pm version (v1.9205) available!
[Current version is v1.7602]
You might want to try
install Bundle::CPAN
reload cpan
without quitting the current session. It should be a seamless upgrade
while we are running...
LWP not available
Fetching with Net::FTP:
ftp://ftp.nl.uu.net/pub/CPAN/modules/03modlist.data.gz
Going to read /root/.cpan/sources/modules/03modlist.data.gz
Going to write /root/.cpan/Metadata
Term::ReadKey is up to date.
cpan> q
Terminal does not support GetHistory.
Lockfile removed.
[root@tom ~]# mytop
Can't locate Term/ReadKey.pm in @INC (@INC contains: /usr/lib/perl5/5.8.5/i386-linux-thread-multi /usr/lib/perl5/5.8.5 /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.2/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.1/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.5 /usr/lib/perl5/site_perl/5.8.4 /usr/lib/perl5/site_perl/5.8.3 /usr/lib/perl5/site_perl/5.8.2 /usr/lib/perl5/site_perl/5.8.1 /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.2/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.1/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.5 /usr/lib/perl5/vendor_perl/5.8.4 /usr/lib/perl5/vendor_perl/5.8.3 /usr/lib/perl5/vendor_perl/5.8.2 /usr/lib/perl5/vendor_perl/5.8.1 /usr/lib/perl5/vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl .) at /usr/bin/mytop line 165.
[root@tom ~]#
??????
CentOs 4.6
Any Ideas??
Try using "get Term::ReadKey" and then goto: /root/.cpan/build/ and manual install it.
Got also a problem:
Code:
server:~# els --optimizemysqlconf
/usr/local/bin/els: line 1856: /bin/rpm: No such file or directory
/bin/grep: /etc/my.cnf: No such file or directory
/bin/grep: /etc/my.cnf: No such file or directory
This feature can secure and optimize your MySQL configuration.
Proceed? (y/n): y
Checking MySQL version. This may take a few seconds...
MySQL was not detected.
Please ensure the MySQL-server RPM package is installed.
Code:
server:~# els --mysqloptimizedb
This feature can optimize and repair all the MySQL database tables.
Proceed? (y/n): y
/usr/local/bin/els: line 2050: mysqlcheck: command not found
Done.Running debian 4.0 ....
Last edited:
Code:
server:/etc/init.d# els --apf
ELS can now install APF.
Proceed? (y/n): y
Downloading APF...
Download Successful!
MD5 matches.
Extracting...
Extraction Successful!
Installing...
cp: cannot create regular file `/etc/rc.d/init.d/apf': No such file or directory
DirectAdmin installed. Using default configuration for DirectAdmin.
Downloading configuration tarball...
Download Successful!
MD5 matches.
Extracting...
Done.
Moving new configation to /etc/apf...
Default configuration saved as /etc/apf/conf.directadmin.default
DirectAdmin default config saved as /etc/apf/conf.apf.directadmin.default
and copied to /etc/conf.apf.
Default DirectAdmin configuration setup successfully.
APF Install Completed Successfully!also i can't run apf it wants to install to /etc/rc.d/init.d/apf but debian runs from /etc/init.d/
There are still all kinds of problems with securing tmp. This is CentOS 4.5
ELS can secure your /tmp, /var/tmp, and /dev/shm partitions.
Proceed? (y/n): y
No /tmp partition in /etc/fstab.
No /tmp partition mounted.
Backing up current fstab...
Successfully backed up as '/usr/local/els/bakfiles/fstab.bak'!
Making extended filesystem for /tmp... (this may take a few moments)
900000+0 records in
900000+0 records out
Please press "y" when prompted...
mke2fs 1.35 (28-Feb-2004)
/var/tmpFS is not a block special device.
Proceed anyway? (y,n) y
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
112672 inodes, 225000 blocks
11250 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=230686720
7 block groups
32768 blocks per group, 32768 fragments per group
16096 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840
Writing inode tables: done
Creating journal (4096 blocks): done
Writing superblocks and filesystem accounting information: done
This filesystem will be automatically checked every 35 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.
Shutting down MySQL. [ OK ]
mv: cannot overwrite directory `/tmp_backup/.'
mv: cannot remove `/tmp/..': Is a directory
Mounting /tmp...
mv: cannot overwrite directory `/tmp/.'
mv: cannot remove `/tmp_backup/..': Is a directory
Done.
Starting MySQL [ OK ]
Done. /tmp has been secured.
Found /var/tmp partition in /etc/fstab.
/etc/fstab already backed up as /usr/local/els/bakfiles/fstab.bak
Modifying /etc/fstab...
Done.
Remounting /var/tmp...
[mntent]: line 11 in /etc/fstab is bad
mount: can't find /var/tmp in /etc/fstab or /etc/mtab
Done.
You should check '/etc/fstab' before you reboot your system!!!
Found /dev/shm partition in /etc/fstab.
Backing up current configuration file...
/etc/fstab already backed up as /usr/local/els/bakfiles/fstab.bak
Modifying /etc/fstab...
Done.
Remounting /dev/shm...
[mntent]: line 2 in /etc/fstab is bad
[mntent]: line 3 in /etc/fstab is bad
[mntent]: line 5 in /etc/fstab is bad
[mntent]: line 6 in /etc/fstab is bad
[mntent]: line 7 in /etc/fstab is bad; rest of file ignored
mount: can't find /dev/shm in /etc/fstab or /etc/mtab
Done.
You should check '/etc/fstab' before you reboot your system!!!
All in all it makes a huge mess out of fstab so i restored fstab. Same issue as with CentOS 5 this version being 4.5 Final. I guess this has not been fixed yet
ELS can secure your /tmp, /var/tmp, and /dev/shm partitions.
Proceed? (y/n): y
No /tmp partition in /etc/fstab.
No /tmp partition mounted.
Backing up current fstab...
Successfully backed up as '/usr/local/els/bakfiles/fstab.bak'!
Making extended filesystem for /tmp... (this may take a few moments)
900000+0 records in
900000+0 records out
Please press "y" when prompted...
mke2fs 1.35 (28-Feb-2004)
/var/tmpFS is not a block special device.
Proceed anyway? (y,n) y
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
112672 inodes, 225000 blocks
11250 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=230686720
7 block groups
32768 blocks per group, 32768 fragments per group
16096 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840
Writing inode tables: done
Creating journal (4096 blocks): done
Writing superblocks and filesystem accounting information: done
This filesystem will be automatically checked every 35 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.
Shutting down MySQL. [ OK ]
mv: cannot overwrite directory `/tmp_backup/.'
mv: cannot remove `/tmp/..': Is a directory
Mounting /tmp...
mv: cannot overwrite directory `/tmp/.'
mv: cannot remove `/tmp_backup/..': Is a directory
Done.
Starting MySQL [ OK ]
Done. /tmp has been secured.
Found /var/tmp partition in /etc/fstab.
/etc/fstab already backed up as /usr/local/els/bakfiles/fstab.bak
Modifying /etc/fstab...
Done.
Remounting /var/tmp...
[mntent]: line 11 in /etc/fstab is bad
mount: can't find /var/tmp in /etc/fstab or /etc/mtab
Done.
You should check '/etc/fstab' before you reboot your system!!!
Found /dev/shm partition in /etc/fstab.
Backing up current configuration file...
/etc/fstab already backed up as /usr/local/els/bakfiles/fstab.bak
Modifying /etc/fstab...
Done.
Remounting /dev/shm...
[mntent]: line 2 in /etc/fstab is bad
[mntent]: line 3 in /etc/fstab is bad
[mntent]: line 5 in /etc/fstab is bad
[mntent]: line 6 in /etc/fstab is bad
[mntent]: line 7 in /etc/fstab is bad; rest of file ignored
mount: can't find /dev/shm in /etc/fstab or /etc/mtab
Done.
You should check '/etc/fstab' before you reboot your system!!!
All in all it makes a huge mess out of fstab so i restored fstab. Same issue as with CentOS 5 this version being 4.5 Final. I guess this has not been fixed yet
Last edited:
Installing Rkhunter cron does not produce a report at 3am. Instead the message body is completely blank and the subject says Rkhunter Scan Details.
#!/bin/bash
(/usr/local/bin/rkhunter --update && /usr/local/bin/rkhunter -c --cronjob 2>&1 | mail -s "RKhunter Scan Details" email@address)
#!/bin/bash
(/usr/local/bin/rkhunter --update && /usr/local/bin/rkhunter -c --cronjob 2>&1 | mail -s "RKhunter Scan Details" email@address)
mattb
Verified User
Geez pucky you really are an uptight user.Interesting, he posts on the forums all day but doesnt bother to update this thread with those who are finding tons of bugs and screwups in his scripts.
I've read many of your posts, and most of them shows your lack of 'community' and more a sense of 'one-up-manship'.
Dude, you have some serious angst towards, smtalk, and to be honest, I don't really care why.
Give it a break, and just get on with it. If ELS really worries you that much, why not make the mods your self and Email through the changes. I'm sure they would be appreciated by smtalk and the wider community.
I expect smtalk finds all his time is going to the custombuild script these days. Which I personally am happy for him to look at. In any event, it's DA's call of where he uses his time.
You talk of having a superior AntiSpam solution then that of SpamBlocker, yet have failed to provide any details of what you use.
Remember, the forums are all about community, and not competition.
I hope you read this message for what it is... a gentle push in the right direction.
Its called Total Control and thats all i can say for now.
Last edited: