Script to Change cPanel password of all accounts

1. Create a file named chpass.sh with the following contents in it.

===================================================================

#!/bin/sh
cat /etc/trueuserdomains | awk '{print $2}' | while read user; do
pass=`echo "$user $pass" >> passwords.txt
/scripts/realchpass $user $pass
done
/scripts/ftpupdate

===================================================================

2. Give executable permission to the script.

# chmod +x chpass.sh

3. Run the script and you will get a file named passwords.txt with all cpanel users with their new passwords.

# sh chpass.sh


You can use random string generate scripts like the following generate passwords.


pass=`date | md5sum | head -c16 | xargs`
pass=`openssl rand -base64 128 | head -c16 | xargs`
pass=`strings /dev/urandom | tr -dc .~?_A-Z-a-z-0-9 | head -c16 | xargs`

Note:-

In some cases when executing /scripts/realchpass script will showing the following error.

ERROR: /usr/local/cpanel/scripts/realchpass
Invocation changes only the system
password and does not have any effect
on other services associated with your
cPanel account, including FTP, SSH,
WebDAV, and FrontPage.  It is strongly
encouraged for you to change the
password via the WHM & cPanel
interface. You can force a password
change through this script by setting
the environment variable
'ALLOW_PASSWORD_CHANGE=1'.

You can fix the above error by running the following command. After that execute the script again.

# export ALLOW_PASSWORD_CHANGE=1

Error:

I have a following PHP mail sending script which keeps getting 'FAILURE' when accessing via browser.

========================================================

<?php
$email = "mail@yourdomain.com";
$from = "admin@from.com";

if(!mail($email, 'Test subject', 'message', 'From: '. $from . "\r\n")) {
    echo "FAILURE";
}
else {
    echo "SUCCESS";
}
?>

========================================================

php mail function is not working in the server. There is no coding issues in the script file.


Solution:


In order to sort out this issue, please go through the following checks.


Check if php mail function is disabled in php.ini

root@server [~]# cat /usr/local/lib/php.ini | grep disable_functions
disable_functions = "mail"

If it is disabled, remove the entry of 'mail' from php.ini from the line, "disable_functions =". Then,

# /etc/init.d/httpd restart




If you are still having problem, try the following test. Let your mail script is mail.php. Then run the following command.

root@server [~]# php mail.php
sendmail: Not running with correct effective GID. Is sendmail binary setgid mailtrap?
sendmail: Not running with correct effective GID. Is sendmail binary setgid mailtrap?
root@server [~]#


If you are getting an error as like above, you can do the following commands to fix this error.

root@server [~]# which sendmail
/usr/sbin/sendmail

root@server [~]# chown root:mailtrap /usr/sbin/sendmail

root@server [~]# chmod 2755 /usr/sbin/sendmail

How to convert CentOS 5.x or 6.x to CloudLinux (without cPanel & WHM installed)


1. Purchase a CloudLinux license
2. Login as root user in the server and issue the following commands.

   # wget http://repo.cloudlinux.com/cloudlinux/sources/cln/cpanel2cl

   If you purchased an IP address-based CloudLinux license, run the command

   # sh cpanel2cl -i

   If you purchased a CloudLinux license key, run the command
 
   # sh cpanel2cl -k <key>

====================================================================================



How to convert CentOS 5.x to CloudLinux (with cPanel & WHM installed)


If you own an IP address-based CloudLinux license, run these commands:

# /usr/local/cpanel/cpkeyclt
# /usr/local/cpanel/bin/cloudlinux_system_install -k
# reboot
# /usr/local/cpanel/scripts/easyapache --build


If you own a CloudLinux license key, run these commands:

# wget http://repo.cloudlinux.com/cloudlinux/sources/cln/cpanel2cl
# sh cpanel2cl -k <key>
# reboot
# /scripts/easyapache --build


Reference:

http://docs.cpanel.net/twiki/bin/vief/AllDocumentation/InstallationGuide/InstallingOs
http://docs.cloudlinux.com/

Upgrade/Downgrade MySQL version

You can change mysql version in a cpanel server via WHM and terminal. Here is the steps which help you to Upgrade/Downgrade MySQL version.
In either case, you must login as root user.


via WHM:

You can Upgrade/Downgrade MySQL version via WHM by following the steps shown below.

Home » Software » MySQL Upgrade

Select the mysql version and then click Next.


via Terminal:

You can find the MySql Version with the help of following commands :

============================
root@server[~]# mysql  --version
root@server[~]# mysql -V
root@server[~]# mysql -e status | grep "Server version"
============================

You can change mysql version via terminal in a cpanel server by following these steps,

Open the file, /var/cpanel/cpanel.config using vi or nano editor.

# vi /var/cpanel/cpanel.config

find the line, mysql-version=x.x
give the desired mysql version number in place of x.x

Then run the following commmand to install and load new mysql version,

# /scripts/mysqlup --force

Now re-run apache build (easyapache) - so it can build php-mysql connector

# /scripts/easyapache


Note:

The method described would be performed at one's own risk. A manual downgrade is not recommended and can incur significant risk when attempted on an existing system. A full backup of the MySQL data directory is advised, and for a proper downgrade one should consider using mysqldump to create an SQL dump before downgrading.

http://www.thecpaneladmin.com/upgrading-downgrading-mysql/

Change umask of Directories/Files Created via FTP 

As per the default umask settings all the directories created have 755 permission, umask:022.
As per the default umask settings all the files created have 644 permission, umask:133.


If you really want to change the umask of Directories/Files Created via FTP, you have to follow the steps shown below.

By default Kloxo is using pureftp as ftp  server and xinetd as daemon to start the ftp  service.

In kloxo pureftp service configuration file is located in /etc/xinetd.d/

==============================================================================================
# cat /etc/xinetd.d/pureftp

service ftp                                                                        
{                                                                                  
disable = no                                                                
socket_type     = stream                                                    
wait            = no                                                        
user            = root                                                      
server          = /usr/sbin/pure-ftpd                                
server_args     = -A -c5000 -C8 -D -fftp  -H -I15 -lpuredb:/etc/pure-ftpd/pureftpd.pdb -lunix -L2000:8 -m4 -s -p30000:50000 -U133:022 -u100 -Oclf:/var/log/kloxo/pureftpd.log -g/var/run/pure-ftpd.pid -k99 -Z -Y 1
groups          = yes                                                      
flags           = REUSE                                                    
}                                    

==============================================================================================

You have to change the values in the following line of the configuration.

server_args     = -A -c5000 -C8 -D -fftp  -H -I15 -lpuredb:/etc/pure-ftpd/pureftpd.pdb -lunix -L2000:8 -m4 -s -p30000:50000 -U133:022 -u100 -Oclf:/var/log/kloxo/pureftpd.log -g/var/run/pure-ftpd.pid -k99 -Z -Y 1

UMASK ---> -U133:022
              |   |
              |   |---->Directory's UMASK
              |--------> Files's UMASK


If you want to set direcory's permission to 777 and files's permssion to 666, the chnages will be as like follows.

server_args     = -A -c5000 -C8 -D -fftp  -H -I15 -lpuredb:/etc/pure-ftpd/pureftpd.pdb -lunix -L2000:8 -m4 -s -p30000:50000 -U111:000 -u100 -Oclf:/var/log/kloxo/pureftpd.log -g/var/run/pure-ftpd.pid -k99 -Z -Y 1


Verify the result by creating a directory using FTP.

Note:

If there isn't any changes in permissions after you doing the above steps, you may need the following too.

Change the following line in /etc/pure-ftpd/pure-ftpd.conf file.


Umask                       133:022

That's it...

OpenOffice Service Script:

After the OpenOffice instalation, if there is no startup script for OpenOffice you can follow the steps shown below to make a startup script.


First of all you have to locate the soffice binary file.

[root@server ~]# locate soffice.bin
/usr/lib/openoffice.org3/program/soffice.bin

Create a file with the following contents in /etc/init.d/ directory. Here i am creating a file named 'soffice'.

# vim /etc/init.d/soffice

==================================================================================================================
#!/bin/bash
# chkconfig: 345 20 80
# description: init.d script for headless openoffice.org (2.3+ for RHEL5 64bit)
#
# processname: soffice
#
# source function library
. /etc/rc.d/init.d/functions

RETVAL=0
SOFFICE_PATH='/usr/lib/openoffice.org3/program'
SOFFICE_ARGS='-accept=socket,host=localhost,port=8100;urp;StarOffice.ServiceManager -headless -nofirststartwizard -nologo'
SOFFICE_PIDFILE=/var/run/soffice.bin.pid

start_soffice() {
       echo -n $"Starting OpenOffice.org"
       $SOFFICE_PATH/soffice.bin $SOFFICE_ARGS >/dev/null 2>&1 &
       [ $? -eq 0 ] && echo_success || echo_failure
       pidof soffice.bin > $SOFFICE_PIDFILE
       echo
}
start() {
       start_soffice
}
stop() {
       echo -n $"Stopping OpenOffice"
       killproc soffice.bin
       echo
}
case "$1" in
       start)
               start
               ;;
       stop)
               stop
               ;;
       restart)
               stop
               start
               ;;
       *)
               echo $"Usage: $0 {start|stop|restart}"
esac

==================================================================================================================

To give executable permission to the script.

# chmod +x /etc/init.d/soffice

To add the script 'soffice' to runlevel programs.

# chkconfig --add soffice

To start the 'soffice' service in startup.

# chkconfig soffice on


[root@server ~]# /etc/init.d/soffice restart
Stopping OpenOffice                                       [  OK  ]
Starting OpenOffice.org                                   [  OK  ]



You can verify whether the service is running or not by using the following command.

root@server ~$ ps aux | grep office

root      3529  0.0  0.0   4140   640 pts/4    S    01:28   0:00 /bin/sh /usr/bin/soffice -accept=socket,host=localhost,port=8100;urp;StarOffice.ServiceManager -headless -nofirststartwizard -nologo
root      3546  0.5  3.2 580584 65116 pts/4    Sl   01:28   0:00 /usr/lib/openoffice/program/soffice.bin -accept=socket,host=localhost,port=8100;urp;StarOffice.ServiceManager -headless -nofirststartwizard -nologo
root      3584  0.0  0.0   7668   820 pts/5    S+   01:29   0:00 grep --color=auto office

Scripts To Check Spammer and Spam mails in cPanel Server - Exim:

To get a sorted list of email sender in exim mail queue. It will show the number of mails send by each one.

# exim -bpr | grep "<" | awk {'print $4'} | cut -d "<" -f 2 | cut -d ">" -f 1 | sort -n | uniq -c | sort -n

You will get a result as like follows,

      1  arun@testdomain.com
      2  sales@test1domain.com
      3  sandy@test123.com
      4  root@testdomain.co.in
    29  admin@testdomain.in
  124  arun@test123domain.com

=============================================================================================

The following scripts will check the script that will originate spam mails:

# grep "cwd=/home" /var/log/exim_mainlog | awk '{for(i=1;i<=10;i++){print $i}}' | sort | uniq -c | grep cwd | sort -n

# awk '{ if ($0 ~ "cwd" && $0 ~ "home") {print $3} }' /var/log/exim_mainlog | sort | uniq -c | sort -nk 1

# grep 'cwd=/home' /var/log/exim_mainlog | awk '{print $3}' | cut -d / -f 3 | sort -bg | uniq -c | sort -bg

You will get a result as like follows for the first two scripts. The third script is just a sub of the first two scripts.

      9      cwd=/home/test1/public_html
     10     cwd=/home/test2/public_html/a1/www
     15     cwd=/home/test3/public_html
     91     cwd=/home/test4/public_html
    178    cwd=/home/test5/public_html/web
    770    cwd=/home/test6/public_html/foro
    803    cwd=/home/test7/public_html/web
 124348 cwd=/home/test8/public_html/wp/wp-content/themes/twentyeleven

=============================================================================================

If we need to find out exact spamming script. The following script will shows the current spamming script running now. The following script will help you in all time of mail servers. It will help you to find the exact script which sending mails.

# ps auxwwwe | grep <user> | grep --color=always "<location of script>" | head

The usage of the above script is as shown below.

# ps auxwwwe | grep test8 | grep --color=always "/home/test8/public_html/wp/wp-content/themes/twentyeleven" | head

Once you find the exact script, the following script will help you to find the IP address which is responsible for spamming. You will get a list of IPs from the following script. The IPs address which has high number of access is most probably causing spamming. You can block the IP address in csf or apf firewall.

# grep "<script_name>" /home/user/access-logs/testdomain.com | awk '{print $1}' | sort -n | uniq -c | sort -n


=============================================================================================

Following command that will show you the script which is using script to send the email. If it is from php then use


# egrep -R "X-PHP-Script"  /var/spool/exim/input/*

=============================================================================================

It shows top 50 domains using mail server with options.

# eximstats -ne -nr /var/log/exim_mainlog

=============================================================================================

It shows from which user’s home the mail is going, so that you can easily trace it and block it if needed.it shows the mails going from the server.

# ps -C exim -fH ewww | grep home
=============================================================================================

It shows the IPs which are connected to server through port number 25. It one particular Ip is using more than 10 connection you can block it in the server firewall.

# netstat -plan | grep :25 | awk {'print $5'} | cut -d: -f 1 | sort | uniq -c | sort -nk 1
==============================================================================================

In order to find “nobody” spamming, issue the following command

# ps -C exim -fH ewww | awk '{for(i=1;i<=40;i++){print $i}}' | sort | uniq -c | grep PWD | sort -n

 It will give some result like:
Example :
6 PWD=/
347 PWD=/home/sample/public_html/test
Count the PWD and if it is a large value check the files in the directory listed in PWD
(Ignore if it is / or /var/spool/mail /var/spool/exim)

The above command is valid only if the spamming is currently in progress. If the spamming has happened some hours before, use the following command.


# grep "cwd=" /var/log/exim_mainlog | awk '{for(i=1;i<=10;i++){print $i}}' | sort | uniq -c | grep cwd | sort -n

==============================================================================================

The following script will give the summary of mails in the mail queue.

exim -bpr | exiqsumm -c | head


You will get a result as like follows,


Count  Volume  Oldest  Newest  Domain
 -----      ------      ------     ------       ------

  114   171KB     24h     28m  testdomain.com
   15    28KB       36h     7m    gmail.com
    5     10KB       34h     10h   test2domain.com
    4     8192        27h     4h     yourdomain.com
    4     75KB       7m      7m    server.domain.com
    3     6041        23h     42m  test123.com

==============================================================================================


You can find useful commands/scripts used in exim in the following link,
http://linuxadmintips4u.blogspot.in/2012/11/most-frequently-used-commands-in-exim.html


More Reference:

https://github.com/Exim/exim/wiki

http://www.exim.org/exim-html-current/doc/html/spec_html/ch-log_files.html

http://www.exim.org/exim-html-4.20/doc/html/spec_13.html#IX1148


http://www.grscripts.com/tweaking.html   ---> Tweakings for ASSP

In order to install Virtualmin in Linux, a fully qualified domain name must be assigned to the System.

You can check the fully qualified domain using the following command.

# hostname -f

Install Virtualmin:

Download the installation script.

# wget http://software.virtualmin.com/gpl/scripts/install.sh


Give execute permission to the install script.

# chmod +x install.sh


Run the installation using the following command.

# ./install.sh


After the installation, you can access the control panel using the following details.

https://<hostname or IP>:10000

username: root
Password: root password of the server


Reference:

http://www.virtualmin.com/documentation/installation
http://www.virtualmin.com/download.html#pro