Only 2 of the 4 PHP versions show in Service Manager, but all 4 show running in ps -ax|grep php

IT_Architect

Verified User
Joined
Feb 27, 2006
Messages
1,091
Only 2 of the 4 PHP versions show in Service Manager but all 4 running, which I verified with ps -ax|grep php. All 4 are available for selection at the user level as well. Is this a deficiency or is something wrong with my fresh AlmaLinux 8.4 install?
 
If they are not showing up at all, check the /usr/local/directadmin/data/admin/services.status file. You should see some lines that look like this:

php-fpm73=ON
php-fpm74=ON
php-fpm80=ON

One for each version of PHP that your running.
 
It doesn't. It shows:

da-popb4smtp=ON
directadmin=ON
dovecot=ON
exim=ON
httpd=ON
mysqld=ON
named=ON
php-fpm56=ON
php-fpm72=ON
proftpd=ON
sshd=ON

5.6 and 7.2 are the only two showing in Service Monitor as well. Yet, PS -ax|grep php shows 7.4 and 8.0 running as well.
 
I have never had that happen myself, if it was updated from the custombuild plugin web ui (the build of php), maybe there is an indication in the saved log file of what happened.
 
I didn't see anything go bad but I will check again. The firewall doesn't open 2222 for the control panel and kills the PRIVATE NIC too.
 
If your using the CSF firewall plugin, you can edit the config file to open the ports.

/etc/csf/csf.conf

Edit the TCP_IN, TCP_OUT and add port 2222 to those lines. Then do a "csf -r" to reload/restart the rules. Normally it should be added during install.
 
No plugin was installed that I can determine, but I definitely have the firewall.
To fix 2222:
# firewall-cmd --permanent --zone=public --add-port=2222/tcp

I'm guessing I should be seeing something in Control Panel if I had the plugin. From my reading, I get that if I run setup.sh with auto, but I didn't want to do that because I wanted 4 PHP versions and I didn't want MariaDB. Thus, I'm guessing that's why I'm not seeing anything. I'm an expert with pf and UNIX, but Linux I haven't worked in in more than a decade and never with CSF.
 
CSF just controls the firewall, it monitors the system logs/processes, it can detect/block password brute force attempts. Can also cluster with other servers. https://www.configserver.com/cp/csf.html Currently all my installs are some version of Debian 9/10/11

You can always make changes after everything is installed. In general I have 4 versions of PHP installed on all servers. Some run Mysql others run MariaDB, just depends on what the users need and performance.
 
Got it! I thought CSF was the firewall, which shows better than anything what I know about this Linux firewall so far.

The install I ran was for AlmaLinux 8.4 (E.G. the Red Hat line) and these are the things I've run into. Debian looked good too and more like the FreeBSDs. The only reasons that I went with the Red Hat line was when I'm doing 66 to 120 PHP pages a second, and fetch from 1/2 a million small files it was slightly faster (according to benchmarks), I guessed CENTOS was DA's reference platform before it went Stream, AlmaLinux is the same bird with a longer support lifetime, and I'd be less likely to run into issues like these. That's what thinking got me, LOL!

The script puts in the firewall, SSH worked, but not the control panel or the PRIVATE NIC, so I'm guessing it was running on defaults. The plug-in looks good from what I see. It looks like I have some more reading to do for commands I can use to get done what I want. I'll likely move SSH to 44 so 22 can be used by proftpd and SFTP, plus I need to unblock the PRIVATE NIC.

I learned about the plug-in in DA Article: Detecting and preventing brute-force attacks with DirectAdmin's Brute Force Monitor (BFM) and it looks like I have some reading to do.

You are helping me a lot,
Thanks!
 
The PRIVATE NIC is getting deactivated every time I boot AFTER I installed DirectAdmin. I'll have to sleep on it and figure out what is going on there in the morning.
 
I tried Centos/RedHat/etc in the past and didn't really like how it was setup, it's just a preference thing. I started out with FreeBSD (so Debian just felt more comfortable to use), and well I still use it for my back end systems, for DNS cluster (nodes with multiple hosts vrrp) and backup/nfs/iscsi infrastructure primarily. I also don't run the default kernel of the distribution, normally the latest one (often better performance) that I can find as the default one is usually a bit older. It's strange that your having problems with the private nic, is it loosing it's ip address? Assigned by dhcp?
 
if you think it cause by csf firewall

try disable it.

Also stop lfd too
service lfd disable
and check if back to work, maybe you need to enable debug to find out problem

set DEBUG=1 in /etc/csf/csf.conf
and re-enable again
Code:
csf -e
service lfd start
log debug will output at /var/log/lfd.log

and csf firewall not use firewalld at all,
Please remove or stop and marks
 
>It's strange that your having problems with the private nic, is it loosing it's ip address? Assigned by dhcp?<
It was assigned STATIC. I found the problem this morning after Googling for a long time. It is an issue with the AlmaLinux 8.4 installer. When you are in the installer, and set up the network, and then forget to turn on one of the NICs before leaving, and then find out you cannot ping that NIC, and go back into Networking and turn it on and save it, you will be able to ping it fine. That is exactly what I did. Where it fails when you go in the second time is it does NOT change the ONBOOT setting from no to yes in the /etc/sysconfig/network-scripts/ifcfg-<nic>. Therefore, the next time you boot, and it reads those files, it sees it it set to no, so it doesn't activate the NIC. the command line tools to activate the NIC will work fine to activate it. The problem is none of them change ONBOOT setting in the file so the next time you boot, it will be no NIC again.

What threw me for so long is I've had things like this happen before with Windows. If it finds a loop, it shuts down a NIC. The way I traced it down to the OS install is in ESXi, I set snapshots along the way, so first I went back to the the Control Panel Installed snapshot, then OS Installed snapshot and I still had it. Then I found it online, so I rolled forward to my Configured snapshot so I didn't lose any work.
 
Last edited:
I tried Centos/RedHat/etc in the past and didn't really like how it was setup, it's just a preference thing. I started out with FreeBSD (so Debian just felt more comfortable to use), and well I still use it for my back end systems, for DNS cluster (nodes with multiple hosts vrrp) and backup/nfs/iscsi infrastructure primarily. I also don't run the default kernel of the distribution, normally the latest one (often better performance) that I can find as the default one is usually a bit older.
It was not an easy decision, and I agree with you that the Debian layout is more logical. Keeping databases off in /var in a shared hosting environment is nuts. You want that crap in /home where you can easily expand it if necessary and where you don't muck around in OS directories for user data.

I learned something else during my experimentation. There are 3 ISOs, boot, small, minimal, ~2GB, and normal, ~9GB. The one you want is normal, and select the minimal install. So why not just get the minimal? Because even when you select the same Minimal setting on the same interface, you get VERY different installs. The first thing I noticed about minimal, 2GB, is there was hardly any logging of any kind. The boot one expected you to know which repositories you want and where to find them. In the FreeBSD, they all come out the same with the same settings. The only difference is the smaller the install disk, the more it picks up from online, which is the most up-to-date.
 
Last edited:
Glad you git it worked out. All my installs run on Proxmox, slowly switching everything over to cloudinit and file systems setup for auto expand. I keep a Debian template updated and ready to go for cloning out more VM's, it's preinstalled with all my usual tools/ssh keys/etc so I can spin something up fast already to go (don't like having to reinvent the wheel for every new install, when cloning the template takes seconds and cloudinit changes hostname, ip and everything). I normally go with the minimal install and then configure it how I want it, don't want lots of extra junk. And I switch to the latest kernel (if one is available) as the newer kernels run better on KVM. I still really enjoy running FreeBSD where it's appropriate, it's good for some diversity in the infrastructure, if there is a critical CVE often doesn't relate to the other platform (for the base operating system that is).
 
Back
Top