KMP http://www.net24.co.nz/kb/category/24 en-us KnowlageBase RSS Generator CentOS: Install Yum http://www.net24.co.nz/kb/article/AA-00253

Issue

Yum is not installed..


Cause

Parallels do not include it in the default packages for a CentOS container/VPS.


Solution

**NOTE** Content inside the grey boxes in the following sections can be copied and pasted to your command line.

1. Login to your container/VPS via ssh as the root user.

2. Determine which version of CentOS you are running.

cat /etc/redhat-release


The output will be either:

CentOS release 6.2 (Final)

or:

CentOS release 5.7 (Final)

or:

CentOS release 5.6 (Final)

or:

CentOS release 5.5 (Final)


3. Paste the commands for your CentOS version to your command line.

CentOS 6.2:

rpm -Uvh --nodeps http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/yum-metadata-parser-1.1.2-16.el6.$(uname -i).rpm http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/yum-plugin-fastestmirror-1.1.30-10.el6.noarch.rpm

rpm -Uvh http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/gpgme-1.1.8-3.el6.$(uname -i).rpm http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/pygpgme-0.1-18.20090824bzr68.el6.$(uname -i).rpm http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/python-iniparse-0.3.1-2.1.el6.noarch.rpm http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/python-urlgrabber-3.9.1-8.el6.noarch.rpm http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/python-pycurl-7.19.0-8.el6.$(uname -i).rpm http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/rpm-python-4.8.0-19.el6.$(uname -i).rpm http://mirror.ihug.co.nz/centos/6/os/$(uname -i)/Packages/yum-3.2.29-22.el6.centos.noarch.rpm

CentOS 5.7:

rpm -Uvh --nodeps http://vault.centos.org/5.7/os/$(uname -i)/CentOS/yum-fastestmirror-1.1.16-16.el5.centos.noarch.rpm http://vault.centos.org/5.7/os/$(uname -i)/CentOS/yum-metadata-parser-1.1.2-3.el5.centos.$(uname -i).rpm

rpm -Uvh http://vault.centos.org/5.7/os/$(uname -i)/CentOS/libxml2-2.6.26-2.1.12.$(uname -i).rpm http://vault.centos.org/5.7/os/$(uname -i)/CentOS/m2crypto-0.16-8.el5.$(uname -i).rpm http://vault.centos.org/5.7/os/$(uname -i)/CentOS/python-elementtree-1.2.6-5.$(uname -i).rpm http://vault.centos.org/5.7/os/$(uname -i)/CentOS/python-iniparse-0.2.3-4.el5.noarch.rpm http://vault.centos.org/5.7/os/$(uname -i)/CentOS/python-sqlite-1.1.7-1.2.1.$(uname -i).rpm http://vault.centos.org/5.7/os/$(uname -i)/CentOS/python-urlgrabber-3.1.0-6.el5.noarch.rpm http://vault.centos.org/5.7/updates/$(uname -i)/RPMS/rpm-python-4.4.2.3-22.el5_7.2.$(uname -i).rpm http://vault.centos.org/5.7/os/$(uname -i)/CentOS/yum-3.2.22-37.el5.centos.noarch.rpm

CentOS 5.6:

rpm -Uvh --nodeps http://vault.centos.org/5.6/os/$(uname -i)/CentOS/yum-fastestmirror-1.1.16-14.el5.centos.1.noarch.rpm http://vault.centos.org/5.6/os/$(uname -i)/CentOS/yum-metadata-parser-1.1.2-3.el5.centos.$(uname -i).rpm

rpm -Uvh http://vault.centos.org/5.6/os/$(uname -i)/CentOS/libxml2-2.6.26-2.1.2.8.el5_5.1.$(uname -i).rpm http://vault.centos.org/5.6/os/$(uname -i)/CentOS/python-elementtree-1.2.6-5.$(uname -i).rpm http://vault.centos.org/5.6/os/$(uname -i)/CentOS/python-iniparse-0.2.3-4.el5.noarch.rpm http://vault.centos.org/5.6/os/$(uname -i)/CentOS/python-sqlite-1.1.7-1.2.1.$(uname -i).rpm http://vault.centos.org/5.6/os/$(uname -i)/CentOS/rpm-python-4.4.2.3-22.el5.$(uname -i).rpm http://vault.centos.org/5.6/os/$(uname -i)/CentOS/m2crypto-0.16-6.el5.8.$(uname -i).rpm http://vault.centos.org/5.6/os/$(uname -i)/CentOS/python-urlgrabber-3.1.0-6.el5.noarch.rpm http://vault.centos.org/5.6/os/$(uname -i)/CentOS/yum-3.2.22-33.el5.centos.noarch.rpm

CentOS 5.5:

rpm -Uvh --nodeps http://vault.centos.org/5.5/os/$(uname -i)/CentOS/yum-fastestmirror-1.1.16-14.el5.centos.1.noarch.rpm http://vault.centos.org/5.5/os/$(uname -i)/CentOS/yum-metadata-parser-1.1.2-3.el5.centos.$(uname -i).rpm

rpm -Uvh http://vault.centos.org/5.5/updates/$(uname -i)/RPMS/libxml2-2.6.26-2.1.2.8.el5_5.1.$(uname -i).rpm http://vault.centos.org/5.5/os/$(uname -i)/CentOS/m2crypto-0.16-6.el5.6.$(uname -i).rpm http://vault.centos.org/5.5/os/$(uname -i)/CentOS/python-elementtree-1.2.6-5.$(uname -i).rpm http://vault.centos.org/5.5/os/$(uname -i)/CentOS/python-iniparse-0.2.3-4.el5.noarch.rpm http://vault.centos.org/5.5/os/$(uname -i)/CentOS/python-sqlite-1.1.7-1.2.1.$(uname -i).rpm http://vault.centos.org/5.5/os/$(uname -i)/CentOS/python-urlgrabber-3.1.0-5.el5.noarch.rpm http://vault.centos.org/5.5/updates/$(uname -i)/RPMS/rpm-python-4.4.2.3-20.el5_5.1.$(uname -i).rpm http://vault.centos.org/5.5/os/$(uname -i)/CentOS/yum-3.2.22-26.el5.centos.noarch.rpm
]]> Tue, 21 Jun 2011 02:49:56 +1200 Debian/Ubuntu IPTables Firewall Configuration http://www.net24.co.nz/kb/article/AA-00227

Issue

The firewall does not automatically load when the server starts.

Cause

Debian/Ubuntu servers do not have any default IPTables configuration files or /etc/init.d scripts.

Solution

Create /etc/iptables.up.rules. Example below to allow SSH (22), SMTP (25), HTTP (80), HTTPS (443), POP3 (110) and MySQL (3306)

First create your /etc/iptables.up.rules file by running this command:

iptables-save > /etc/iptables.up.rules

Then edit that file and use the example content below to create your rules.

*filter

# Drop any traffic not explicitly allowed in the rules below.
:INPUT DROP
:FORWARD DROP
:OUTPUT DROP

# Accept inbound traffic for already established connections.
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

# Allow connection to the services running on this server.
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT

# Effectively allow all outbound traffic.
-A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT

COMMIT

## If the firewall needs to be disabled, run the following command:
##
## iptables-save | sed "/-/d;/^#/d;s/DROP/ACCEPT/" | iptables-restore


Create /etc/network/if-pre-up.d/iptables with the following content:.

#!/bin/bash

/sbin/iptables-restore < /etc/iptables.up.rules


Make /etc/network/if-pre-up.d/iptables executable.

chmod +x /etc/network/if-pre-up.d/iptables




]]> Wed, 15 Sep 2010 04:17:25 +1200 Problem with /tmp directory mounted with 'NOEXEC' http://www.net24.co.nz/kb/article/AA-00220
Issue

You have encountered an issue installing an application or PHP Module that is attempting to execute files that have been copied into the /tmp directory.

Reason

As a security precaution, /tmp and /var/tmp are mounted with noexec, nsuid and nodev to prevent the many simple exploits uploaded via vulnerable PHP applications from being able to execute commands in /tmp and/or /var/tmp.

Solution

In some cases you may need to have /tmp executable. Depending on what function you are using, there are a few options to bypass this restriction.

If you are using apt-get/aptitude, you can run a simple one-liner command to use /var/local/tmp instead of /tmp:

echo "APT::ExtractTemplates::TempDir \"/var/local/tmp\";" | tee /etc/apt/apt.conf.d/50extracttemplates && mkdir /var/local/tmp/


If you are attempting to install PECL extensions, setup a new temporary directory where the extensions are compiled by running the following commands:

mkdir -p ~/tmp/pear/cache

mkdir -p ~/tmp/pear/temp

pear config-set download_dir ~/tmp/pear/cache

pear config-set temp_dir ~/tmp/pear/temp

If you're simply running ./configure to compile something, most Linux utilities will honor the TMPDIR option. TMPDIR is the canonical Unix environment variable that points to user scratch space. This will denote the scratch area for temporary files instead of the common default of /tmp. Other forms sometimes accepted are TEMP, TEMPDIR, and TMP but these are used more commonly by non-POSIX operating systems

Finally, if you are still having trouble you can bind /tmp and /var/tmp to another directory with executable permissions using the following example :

Do the substitute directories exist? If not then create them:

mkdir ~/tmp
mkdir ~/var/local/tmp

Then bind /tmp and /var/tmp to these new directories:

mount --bind ~/tmp /tmp

mount --bind ~/var/tmp /var/local/tmp


Keep in mind that if you reboot your VPS after you have done this, /tmp and var/tmp will return to 'noexec'

When you are finished, umount the new ~/tmp directory with the following command:

umount /tmp
unmount /var/tmp



 

]]> Tue, 10 Aug 2010 23:52:16 +1200 Ubuntu VPS server does not have a sources.list file http://www.net24.co.nz/kb/article/AA-00196

Issue

Some Ubuntu VPS servers do not come with an /etc/sources.list file.
(Version 8.04 includes this in the /etc/apt directory)

Solution.

A generic template file is used for creating VPS servers and as such, the sources.list file is left for customers to create as they wish.

You may use any valid repository server in this file.

Important Note

If you create your own sources.list file it is important that you exclude kernel and/or kernel module updates as these updates are performed by Net24 and will affect the stability of your VPS should you install updates yourself.


]]> Tue, 03 Aug 2010 04:14:02 +1200 I can't find particular Iptables modules http://www.net24.co.nz/kb/article/AA-00195

Issue

Some iptables modules are missing and are not defined in the modules.dep file

Cause

We have a default set of iptables modules defined as not every user needs the full list.
This saves VPS memory for those users who only need basic firewalling functionality.

Solution

Email service@net24.co.nz with your VPS number and details of which iptables modules you require to be enabled.

The additional modules are listed here :

  • ip_conntrack
  • ip_conntrack_ftp
  • ipt_conntrack
  • ipt_helper
  • ipt_LOG
  • ipt_state
  • ipt_TOS
  • iptable_nat
  • ip_nat_ftp

]]> Tue, 03 Aug 2010 04:12:51 +1200 Cannot manage firewall or services in Virtuozzo Control Panel http://www.net24.co.nz/kb/article/AA-00106 The Virtuozzo Control Panel firewall and service features do not work, however the firewall and services can be managed from the ssh command line.

Cause

The Virtuozzo Control Panel firewall and service features are based on the CentOS 5 template and as a result do not work correctly in other VPS Linux distributions such as Debian or Ubuntu..

Solution

There is no solution to this as these Control Panel tools will not work in non CentOS VPSs. You will need to use the command line tools to manage these components of your VPS. See this article for more information: Debian/Ubuntu IPTables Firewall Configuration

]]> Sun, 06 Jun 2010 00:29:31 +1200