Monthly Archives: May 2020

Load Average on Linux and Unix-like Systems Explained

Hello,

I know you are all familiar with load checking commands, we have many options to display the load average on the screen. I thought of explaining how the system calculates this load or load average. The logic is very simple and this is really good to know.

[google-translator]

We get load average in numbers and these numbers will give us information about how engaged our CPU, disks, Memory and other resources are. This might appear a little tough at first but believe me you can be a master once you try to familiar with them.

On a Unix platform, including Linux, computational work does by the system is always taken into account. So the system load is nothing but the computational work performed by the system. This value is displayed as number and we call it as load.

If a system is in its idle state, the load average becomes zero. All the processes which are running on the system will add 1 to the load average no matter whether they are waiting for the CPU or using the CPU. In Unix systems they just count the processes which are waiting for the CPU, but on Linux they count the other resources as well, for your information – they count the processes waiting to read from or write to disk.

The load value is not constant, as the processes request the CPU in a very random manner, load also changes in every seconds or in every splits of seconds. We cant actually say that load is this much or that much, it varies with time.
Even if you could check the load at any given specific time, that number would be basically meaningless and will not help you in anyway. That’s why Unix-like systems don’t display the current load. it displays the load average — an average of the system’s load over several periods of time. This helps us to see how much work the system has been performing.

How to find the load average?

The load average can be checked in many ways. There are commands which display this and also graphical utilities are also available, for example system monitoring tools available with GNOME systems. The below are the commands that are normally used to check the load average on a system.

w
top
uptime
You can use any of the three to get the load average, the output of the top command is given below:

Interpreting the Load Average Output

load average: 0.78, 1.90, 4.25

In the above example, the load average for a system is given, you may not get any idea when you see this for the first time.

IMPORTANT: From left to right the output gives the load average on the server for the last 1 minute, 5 minutes and 15 minutes. That is for more clarity, the load average is something as given below:

load average over the last 1 minute: 0.78 load average over the last 5 minutes: 1.90 load average over the last 15 minutes: 4.25

What information these numbers have?

The load average calculation varies when you have more CPU’s for your system, let’s assume that you have a single CPU, I am taking the above example itself to explain these numbers.

over the last 1 minute: The CPU was idled for 22% of the time (0.78). over the last 5 minutes: The CPU overloaded by 90%, On average .90 processes were waiting for the CPU. (1.90) over the last 15 minutes: The computer was overloaded by 325% on average. On average, 3.25 processes were waiting for the CPU. (4.25)

You can simply calculate these with the below formula:

CPU overload = Average load – 1

Example: Assume that the load is 4 on the system, then CPU overload = 4-1 which gives you 3, so 300% overload.

If you are getting a negative value for this, then the CPU has idle time (ex: .70-1= -0.30, which means 30% idle).

Load average on systems with multiple CPU’s:

In a system with multiple CPU’s, these math will not do the trick. For example if we have load average 2 on a single CPU system, the CPU overload is 2-1 = 100%. Assume that you have 2 CPU’s, then the load handled by the CPU is its complete usage, you have to calculate it as 2-2 = 0%. two different processes were using two different CPUs the entire time. On a system with four CPUs, this would be half usage — two processes were using two CPUs, while two CPUs were sitting idle.

So in general, we can say we need to know the number of CPU’s possessed by the system. Load average is very useful in the server environment, it helps in performance evaluation. If the load goes high, we may have to think about adding more resources to the system or optimize/terminate applications or processes that wasting the resources.

That’s all guys, thank you so much for reading!
Share this with friends, love to get comments from you! See you! 🙂

How to Install Webmin on CentOS/RHEL 7/6/5 – Linux

Hi all,

Installing Webmin on CentOS is very easy. We have already gone through the steps for installing Webmin control panel on Ubuntu servers. Webmin can be installed on a server having CentOS in two ways. Both methods are easy and will note take much time from your busy schedule. If you are so fast with commands this can be done in 5 minutes I believe.

As I said earlier, there are two ways we can install Webmin on a CentOS server, one is using RPM and other is using the yum repository. The first method is faster than the second so I will explain that first. In a faster world we will go for only faster methods, right? Please read through and try out the steps guys.

For demonstrating this, I use my test server and it’s OS version details are given below:
[root@test ~]# cat /etc/redhat-release CentOS release 6.7 (Final) [root@test ~]# uname -a Linux test.jishnu.com 2.6.32-042stab092.1 #1 SMP Tue Jun 24 09:10:28 MSK 2014 x86_64 x86_64 x86_64 GNU/Linux

How to install Webmin on CentOS?

Method 1: Installing using the RPM

In this method, let’s download the RPM files required for the installation first. For that please follow below steps.
You can run the below command on the terminal to download the RPM file.
# wget http://prdownloads.sourceforge.net/webadmin/webmin-1.791-1.noarch.rpm

Then install optional dependencies with :
yum -y install perl perl-Net-SSLeay openssl perl-IO-Tty

And now we install the Webmin using the below command:
rpm -U webmin-1.791-1.noarch.rpm

Expected output:

If you found success with this method, you will be able to access the Webmin control panel using the below link:
http://your_IP_address:10000/

The administration username is root and the password is your current root password for the server.

Method 2: Using the Webmin YUM repository

In this method we will first create/add the repo file to the server under /etc/yum.repos.d/. Please use your favorite text editor to create this file and add the repo information. I use vi editor here as it’s my favorite.
# vi /etc/yum.repos.d/webmin.repo [Webmin] name=Webmin Distribution Neutral #baseurl=http://download.webmin.com/download/yum mirrorlist=http://download.webmin.com/download/yum/mirrorlist ~ ~ ~ :wq!

Sample screenshot:

We may have to fetch and install my GPG key with which the packages are signed, for that do the below steps:

# wget http://www.webmin.com/jcameron-key.asc # rpm --import jcameron-key.asc

We are almost done, you will now be able to install with the command :

# yum install webmin

All dependencies should be resolved automatically.
Output:

IMPORTANT: If you get errors!

If you are getting the above error when accessing the control panel please do not worry, its because the Webmin is in the SSL mode, you can try accessing control panel using secured port, https.

The web-interface login will look like below:

You can give the user name as root and give the root password of your server to get into the control panel.

The final window is given below:

That’s all guys! Thanks a lot for visiting the site! See you!

List addon domains, parked domains and sub domains via command line – cPanel

Hello all,

I was struggling to get the details of a domain from my WHM control panel as it did not list the domain name I searched under the “list accounts” option. In the dig result I found the account hosted on the same server. Situations like this can come and using the web interface can make us mad at times. We are lucky as there are ways to check all these from command line.

In the WHM control panel under the “list accounts” option, it will not list parked and addon domains so it’s tough to get details of a user or his accounts. We can get the help of grep command and list the these accounts easily. The methods are given below, please read through.

In cPanel, there is a file called main associated with all user accounts created on the server, this file contains the info about main domain, sub domains and addon domains. We can view this file using the cat command, see how it displays its contents:

Path of the “main” file: /var/cpanel/userdata/$username

example:
root@nixlinux [~]# cat /var/cpanel/userdata/football/main --- addon_domains: {} cp_php_magic_include_path.conf: 1 main_domain: footballforlife.com parked_domains: [] sub_domains: - store.footballforlife.com - tickets.footballforlife.com root@nixlinux [~]#
In the above footballforlife.com is the domain name and football is the username.

A screenshot of a real server output is also given below for helping you to a little more extend:

How to search for an addon/sub/parked domain on the entire server using command?

You can go for the below command to do this, please replace the string mentioned in the quotes with the domain name you need to search for:
# root@nixlinux [~]# grep -R "domain_name" /var/cpanel/userdata/*/main

Please check the below example to have a clear idea:

I am here searching for “webcrase” to see if something similar to it present on the server as an addon/park/sub domain on the server, below is the result I got:

How to list parked/sub/addon domain details from WHM?

As you know you can also do it from the WHM but the advanced searching might not be possible, do the steps below to do it.

Log into WHM control panel.
Search for “list parked domains” in the search bar at the left top corner.
Check the below screenshot for more info:

4. You can also search for “list sub domains” in the search and you will get something like below.

In the columns you will be able to see a domain and it’s associated domains details.

That’s all guys, thanks a lot for reading!!! 🙂

How To Fix CVE-2016-1531Vulnerability – cPanel Server

Hello all,

Please do read the article and save your server from the latest known CVE-2016-1531 exim vulnerability.

Overview

CVE-2016-1531 is most recent vulnerability reported by Exim on March 2, 2016. It affects all versions of the mail transfer agent. We all know that exim is the default MTA (Mail Transfer Agent) provided by the cPanel. It’s very easy to use so it became the most user friendly one.

There is no need to worry about this vulnerability as the latest version patches the vulnerability and the latest cPanel update resolves the issue.

Impact

The vulnerability has got serious impacts on the server. Exim reports that all the installations of the MTA were vulnerable to a state in which the attacker can gain root privileges no matter what level of privileges he has with the server or system. You may please check the cPanel/WHM versions listed below and cross check it with your server. If you found a version below the mentioned ones, please do the resolution steps now itself.

Any version older to the current versions listed below are vulnerable:

11.50.5.0 11.52.4.0 54.0.18 55.9999.106 (EDGE tier only)

How to check if Exim is Vulnerable on Your Server?

You can check this easily, it just a matter of checking the current version of the cPanel/WHM that you have, if you have enables automatic updates with WHM, then you are safe as the patch will already have been applied.

To check the version of WHM, please access the server via browser (http://ip-address:2086) and check the version at the top right corner of the control panel as shown in the below image.

Important Note: The “build” listed after the version represents the final digits in the release version. In the example above, WHM 54.0 (build 18) indicates that the version is 54.0.18.

How to check version from command line?

You can also check the cPanel/WHM version from the command line, please use the following command for the same:

# /usr/local/cpanel/cpanel -V 54.0 (build 18)

You may refer the below screenshot, its output for the above command:

Resolution

As you all know resolution is to update the cPanel to it’s latest version, for that you can run the below command on the server as root user(recommend to run it on screen):
# /scripts/upcp

You may also enable auto-update on the server if that’s not done yet, for that you can follow the below steps.

Login to the WHM control panel
Search for Update Preferences in the search option
Locate the Daily Updates section, select radio button prior to Automatic to allow cPanel to install updates automatically.
Under Operating System Package Updates section, select Automatic to enable automatic updates of RPMs.
Finally, click the blue Save button at the bottom of the page to save your settings.

That’ all guys, thanks. Share and spread and save servers!!!
Bye!

How To Install ImageMagick on a cPanel server

Hello everyone,

If you are not having more idea about “ImageMagick” I will tell you something really basic about it. We will take the installation steps after that. ImageMagick is nothing but a software suite or package that can be used to manipulate bitmap images. The image manipulation can be performed in a variety of formats (over 200) including PNG, JPEG, JPEG-2000, GIF, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. ImageMagick is typically used by PHP or Perl CGI scripts. It’s also called imagic.

The advantage using it is, it allows us to dynamically create and edit images on the server. The usage of it is mainly from the command line. It’s actually a command line utility which helps in the modification of images or making the task easy for users to work with images.

Speed is the another advantage with ImageMagic, it does not come up with an API as mentioned earlier, we need to go for the command line option to play with it. Batch processing of images can be done with this little tool and also it can be integrated into a Bash script depends on our need.

The ImageMagick installation steps on a server which uses cPanel are shown below, its very easy.
ImageMagick installation can be done in two ways on a cPanel server as you can guess.

From the WHM control panel
From the command line

I will tell you how it can be installed from WHM first.
Using WHM control panel

Login to the WHM control panel.
In the search box type-in “module installers” then you will find that option listing under the box, click on it.
Select the “manage” option from the “PHP Pecl” you find as shown below.

4. In the search box you get, type in “imagic” and then click the go button. Check the below image for help.

That’s all!

Installing via Commandline (cPanel)
The method is very easy, you can done it using the below script available with cPanel.
/scripts/installimagemagick
After installation you can check the version by executing the command, /usr/bin/convert –version
output

root@server [~]# /usr/bin/convert --version Version: ImageMagick 6.5.4-7 2014-02-10 Q16 OpenMP http://www.imagemagick.org Copyright: Copyright (C) 1999-2009 ImageMagick Studio LLC
Un-installation steps via WHM control panel
WHM -> Software -> Module Installers -> PHP Pecl (manage). Click on Uninstall button for Imagick
Then restart apache.
Ubuntu Installation
ImageMagick isn’t included in the default installations of Ubuntu and many other Linux distributions. To install it on Ubuntu, use the following command:
sudo apt-get install imagemagick
Converting Between Formats example:
convert howtogeek.png howtogeek.jpg

That’s all guys! Thank you for reading! 🙂

How To Install PHP Soap on CentOS 6 VPS

Hello folks,
I am not going to write a lot in this article, I will just explain how can we install PHP-Soap on a CentOS installed VPS (Virtual Private Server) or any server that you have with CentOS as the operating system. Let’s just check what is actually SOAP, definitely not the one that we use to bath. 😀

What is SOAP?
SOAP stands for Simple Object Access Protocol, it can be defined as a simple lightweight, XML-based protocol for exchanging structured information between distributed applications over native web protocols, such as HTTP. SOAP is widely used by web-applications such as Magento and SalesForce to allow integration and exchange of information with other external services.

How do I install SOAP on my VPS?
Installing SOAP on a VPS is very easy, it will not take a lot from your valuable time, we just need to add the latest EPEL repo to our VPS and ask yum to do the rest. The steps are shown below.

SSH to VPS as the root user.
Now we need to install the the latest “EPEL” repo on the server. For that follow the below commands:
CentOS 6 32 Bit
# wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm # rpm -ivh epel-release-6-8.noarch.rpm
CentOS 6 64 Bit
# wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm # rpm -ivh epel-release-6-8.noarch.rpm
Install the EPEL repo using the below command:
[root@nix ~]# rpm -ivh epel-release-6-8.noarch.rpm Preparing... ############################# [100%] 1:epel-release ############################# [100%]
4. Install “php-soap”:
In this step we will use yum to install the SOAP on the server:
[root@nix ~]# yum install php-soap
OUTPUT:
Loaded plugin fastestmirror Loading mirror speeds from cached hostfile epel/metalink | 3.0 kB 00:00 * base: mirror.overthewire.com.au * epel: mirror.overthewire.com.au * extras: mirror.overthewire.com.au * updates: mirror.aarnet.edu.au epel | 4.4 kB 00:00 epel/primary_db | 6.3 MB 00:00 Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package php-soap.x86_64 0:5.3.3-27.el6_5.2 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================== Package Arch Version Repository Size ================================================================== Installing: php-soap x86_64 5.3.3-27.el6_5.2 updates 142 k Transaction Summary ================================================================== Install 1 Package(s) Total download size: 142 k Installed size: 324 k Is this ok [y/N]: y Downloading Packages: php-soap-5.3.3-27.el6_5.2.x86_64.rpm | 142 kB 00:00 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Warning: RPMDB altered outside of yum. Installing : php-soap-5.3.3-27.el6_5.2.x86_64 1/1 Verifying : php-soap-5.3.3-27.el6_5.2.x86_64 1/1 Installed: php-soap.x86_64 0:5.3.3-27.el6_5.2 Complete!
Restart Apache to get the changes on the server:
[root@nix ~]# service httpd restart Stopping httpd: [ OK ] Starting httpd: [ OK ]
Now you can check to confirm that soap has been installed on the server:
TEST SOAP:
[root@nix ~]# php -m | grep -i soap soap
That’s all about SOAP installation, please do comment your thoughts! Thank you all!

Shell Script To Prevent Symlink Attack on cPanel Servers

Greeting from Nixlinux,

I really need to share this information with you guys as I got scared last week about an issue reported by my close friend, he was working on a shared server and he was actually studying about symlinks, just for a fun he thought to run a command on the server to list the symlinks on it. The result he got was suspicious. There were thousands of symlinks found under many accounts, it was a cPanel server having about 800 websites running on it.

If you do not have much idea about what is a symbolic link, I will try to shed some light on it. Pardon my ignorance, I am also a linux kid. 🙂

A symbolic link is also known as softlink which is actually a special file that refers to another file by name. It doesn’t contain any data on it but points to a real fine that has data. You can compare it with a shortcut you find in Windows or a Macintosh machine. When you clink on a shortcut it opens the contents in the real file.
When you delete a target file, symbolic links to that file become unusable or the symlinks became broken.
To create a symbolic link in Unix/Linux, at the prompt, enter:
ln -s source_file myfile
In the above command replace source_file with the name of the existing file for which you want to create the symbolic link (this file can be any existing file or directory across the file systems). Replace myfile with the name of the symbolic link.

How do I delete a symbolic link?
rm {link-name}

Let’s come to the topic, the symlink attack normally done by creating symlinks to the secured files or important files of the system.

For example, if the server security is low or if it allows symlink on the system a user can create a symlink that points to the /etc/passwd file or /etc/shadow file. This helps the attacker to steal data and user info from the server, this is very very dangerous as the attacker will bruteforce to the server as he got all the usernames, especially you have a cPanel server.

Checking for symlinks and delete them one by is not all an easy method for admins, but we can set alerts using a small shell script. Please find it below, the script will check for symlinks and will send alerts to your mail the account names under which symlinks are present.
SHELL SCRIPT TO PREVENT SYMLINK ATTACK:
I named the script as “symlnk_police.sh” 😉
#!/bin/bash find /home/*/public_html/* -type l >> /root/symlinks.txt cat /root/symlinks.txt | cut -d"/" -f3 | uniq >> out.txt echo "ATTENTION:"|mail -s "symlinks found in $(hostname)" user@domain.com < /root/out.txt > /root/symlinks.txt > /root/out.txt

You can modify the script with the below line if you want to delete the symlinks at the time when you found it.
# find -L /path/to/check -type l -delete

You can enable the script on the server with the help of a cronjob, I run it every morning at 8.30 AM. The cronjob for it is shown below.
30 08 * * * sh /root/symlnk_police.sh

That’s all guys, thank you! 🙂
Please post your views in the comment section, I would be happy to check it! 🙂