Step1: @Source Node


First of all login to the source Node.

Let you want to migrate the the VM, vm123.
Check the lvm partitions assigned for the VM, vm123. There will be a primary partitions, vm123_img and swap partition vm123_swap. You can check the details to these partitions using the following commands.

Note down the size of the VM and it's swap memory.


[root@source ~]# lvdisplay /dev/VolGroup00/vm123_img
--- Logical volume ---
LV Name /dev/VolGroup00/vm123_img
VG Name VolGroup00
LV UUID mmp1Jl-JhWN-FCzd-Gyqe-A8pF-LlvG-nfrpVx
LV Write Access read/write
LV Status available
# open 1
LV Size 20.00 GB
Current LE 640
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:10


[root@source ~]# lvdisplay /dev/VolGroup00/vm123_swap
--- Logical volume ---
LV Name /dev/VolGroup00/vm123_swap
VG Name VolGroup00
LV UUID hnZ0PL-k4y1-r3V3-2mVn-d8cK-gMGq-8JW3v1
LV Write Access read/write
LV Status available
# open 1
LV Size 512.00 MB
Current LE 16
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:11

Here vm123_img is a size of 20.00 GB and vm123_swap is a size of 512.00 MB.


Step2: @Source Node (Creating and mounting necessary LVs and creating Backup )

Create a logical volume to create and mount the backup. Give an additional 5GB space for the backup logical volume. Here in this case it is 25G after adding 5G space.

[root@source ~]# lvcreate -n vm123_backup --size 25G /dev/VolGroup00
[root@source ~]# mkfs.ext3 /dev/VolGroup00/vm123_backup
[root@source ~]# mkdir -p /home/xen/vm123_backup
[root@source ~]# mount /dev/VolGroup00/vm123_backup /home/xen/vm123_backup

It is need to shutdown the VM to create the backup.
[root@source ~]# xm shutdown vm123

Create backup of the logical voulume which mounted the vm123 using dd command.

[root@source ~]# dd if=/dev/VolGroup00/vm123_img of=/home/xen/vm123_backup/vm123_backup.img

Verify if the backup is in the location.

[root@source ~]# ls -lh /home/xen/vm123_backup


Step3: @Destination Node (Creating and Mounting necessary LVs)

In the destination it is needed to create 3 logical volumes. One for the backup, one for the vm itself and one for the swap memory. Here also backup LV is given additioanl 5G space. Compare the swap memory with the source server before creating swap memory.

[root@destination ~]# lvcreate -n vm123_backup --size 25G /dev/VolGroup00
[root@destination ~]# lvcreate -n vm123_img --size 20G /dev/VolGroup00
[root@destination ~]# lvcreate -n vm342_swap --size 512M /dev/VolGroup00

Make swap LV available for the swap space.

[root@destination ~]# mkswap /dev/VolGroup00/vm123_swap

Backup LV is creating and Mounting.

[root@destination ~]# mkfs.ext3 /dev/VolGroup00/vm123_backup
[root@destination ~]# mkdir -p /home/xen/vm123_backup
[root@destination ~]# mount /dev/VolGroup00/vm123_backup /home/xen/vm123_backup



Step4: @Source Node (Transferring backup)

[root@source ~]# scp -P 22 -C /home/xen/vm123_backup/vm123_backup.img root@<Destiantion server IP>:/home/xen/vm123_backup/


Step5: @Destination (Restoring)

[root@destination ~]# dd if=/home/xen/vm123_backup/vm123_backup.img of=/dev/VolGroup00/vm123_img


Now it is time to login to SolusVM Master Node.

Step 5: @SolusVM Master Node (To map the VM with new Hardware Node)

[root@SolusVM-Master ~]# /scripts/vm-migrate <VM ID> <New HN ID>


***Once you have done the above step, Reboot the VM via SolusVM cotrol panel. Just 'Boot' the server will not start the VM. You must click the 'Reboot' option.


Step6: @Destination node (new node). (Remove backups)

[root@destination ~]# umount /home/xen/vm179_backup
[root@destination ~]# lvremove /dev/VolGroup00/vm179_backup


Step7: @Source node (old node) Finally if migrated server is working fine, remove backups.

[root@source ~]# umount /home/vm179_backup
[root@source ~]# lvremove /dev/VolGroup00/vm179_backup
[root@source ~]# lvremove /dev/VolGroup00/vm179_img
[root@source ~]# lvremove /dev/VolGroup00/vm179_swap


That's it..

MDaemon has a 'Content Filtre' feature which will help you to filtre the emails sending/receinving through MDaemon server. The following screen shots will help you to find this feature.

1. Open MDaemon,
    Security >> Content Filtre

2. You can find a sectip to Add Rules in there. Click the option, 'New Rule'.

3. You can select the condition in the left column and select Approproate actions in the right column.

4. The selected rules and conditions will be shown in the bottom section. You an select the underlined blue line section in the bottom section to add the values to the rules.
Here i have selected the 'To Header' filter. The given screen shot will help you to find more options.

5. Once the values are given click 'Add' and then Ok. You can now verify the settings by sending test mails.

That's it....

Issue:

I have installed railo3.2 in a Apache/cPanel server. After i completed railo installation, i cannot access the railo administrator url as like follows.

http://<server IP>/railo-context/admin/server.cfm

But I can access the railo administrator url when i specify the port as like follows.

http://<server IP>:8888/railo-context/admin/server.cfm


Solution:

**This fix is only applicable for Railo 3.2

1. Add an additional conf for railo's mod_jk module in apache.
Open apache configuration file (httpd.conf) and add the following entry in it. Here in my case it is '/usr/local/apache/conf/httpd.conf'.

Include conf/mod_jk.conf

2. Add railo configuration entries.
Create a file, '/usr/local/apache/conf/mod_jk.conf' with the following contents in it.

#############################################################

<IfModule !mod_jk.c>
    LoadModule jk_module /usr/lib/httpd/modules/mod_jk.so
</IfModule>

<IfModule mod_jk.c>
    JkMount /*.cfm ajp13
    JkMount /*.cfc ajp13
    JkMount /*.do ajp13
    JkMount /*.jsp ajp13
    JkMount /*.cfchart ajp13
    JkMount /*.cfres ajp13
    JkMount /*.cfm/* ajp13
    JkMount /*.cfml/* ajp13
    # Flex Gateway Mappings
    # JkMount /flex2gateway/* ajp13
    # JkMount /flashservices/gateway/* ajp13
    # JkMount /messagebroker/* ajp13
    JkMountCopy all
    JkLogFile /var/log/httpd/mod_jk.log
</IfModule>

###############################################################

3. Restart Apache

root@railo [~]# /etc/init.d/httpd restart

4. If you are using cpanel server, You have to distill apache configuration.

root@railo [~]# /usr/local/cpanel/bin/apache_conf_distiller --update
root@railo [~]# /etc/init.d/httpd restart

Check if jk module is loaded with Apache. If it is enabled you will get a result like as follows.


root@railo [~]# httpd -M | grep  jk
 Syntax OK
 jk_module (shared)

Now try to access railo without giving port number...

Here i am showing you how to enable railo for the domain, 'sudosu.in'. Document root of sudosu.in is '/home/sudosu/public_html'.

Open /opt/railo/tomcat/conf/server.xml in your favourite editor like vim or nano and add the following code section in it.

You have to edit the following code by your domain name and it's document root.

<Host name="sudosu.in" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
   <Context path="" docBase="/home/sudosu/public_html" />
   <Alias>www.sudosu.in</Alias>
</Host>


Restart railo service once you have sone the above changes.


root@railo [~]# /etc/init.d/railo_ctl restart

Once you have restarted railo, check if the service is started or not. If there is any errors the service will ne be started and it will show 'No PID found' while checking the railo status.

root@railo [~]# /etc/init.d/railo_ctl status
 * Railo/Tomcat is running (PID: 1979)

If the PID of railo is not running even after restarting railo, you have to check railo log to sort out the issue.
The following log wil help to find the issue.

root@railo [~]# tail -f /opt/railo/tomcat/logs/catalina.out 


It will take time to completly UP the railo service, depending upon the number of sites added in server.xml it will vary.
Once you have done the above steps, the following url will be available for you.

http://www.sudosu.in/railo-context/admin/web.cfm

You can create a test cfm page using the following code. Save these contents in test.cfm file and copy it in the document root of the domain and access www.sudosu.in/test.cfm.

Test CFM Page


<cfset myVar="Hello World!">
<cfoutput>#myVar#</cfoutput>
<cfoutput>#Now()#</cfoutput>

Railo 4.0.4 32bit

root@railo [~]# wget http://www.getrailo.org/railo/remote/download/4.0.4.001/tomcat/linux/railo-4.0.4.001-pl2-linux-installer.run


Railo 4.0.4 64bit

root@railo [~]# wget http://www.getrailo.org/railo/remote/download/4.0.4.001/tomcat/linux/railo-4.0.4.001-pl2-linux-x64-installer.run


Railo 3.2 32bit

root@railo [~]# wget http://www.getrailo.org/down.cfm?item=/railo/remote/download/3.2.1.000/tomcat/linux/railo-3.2.1.000-pl0-linux-installer.run


Railo 3.2 64bit

root@railo [~]# wget http://www.getrailo.org/down.cfm?item=/railo/remote/download/3.2.1.000/tomcat/linux/railo-3.2.1.000-pl0-linux-x64-installer.run



Give executable permission to the bianry file.

root@railo [~]# chmod +x *.run

Execute the binary file to install railo

root@railo [~]# ./railo-*-installer.run


It is better to give the default settings while the installation.

Once the installation completed, you can access railo administrator control panel using the following url.

http://<server ip>/railo-context/admin/server.cfm

BCC to Boss Function - Postfix

Postfix provides three mechanisms:

    always_bcc = address
        Deliver a copy of all mail to the specified address.
    sender_bcc_maps = type:table
        Search the specified "type:table" lookup table with the envelope sender address for an automatic BCC address.
    recipient_bcc_maps = type:table
        Search the specified "type:table" lookup table with the envelope recipient address for an automatic BCC address.

These features are implemented in postfix 2.1 and later versions.

always_bcc

Add the following entry in /etc/postfix/main.cf to forward all mails in the server to administrator@example.com.

always_bcc = administrator@example.com



sender_bcc_maps and recipient_bcc_maps


You can setup these functions as follows.

[root@postfix ~]# touch /etc/postfix/sender_bcc
[root@postfix ~]# touch /etc/postfix/recipient_bcc

[root@postfix ~]# postmap sender_bcc
[root@postfix ~]# postmap recipient_bcc


Then, open /etc/postfix/main.cf and add the following lines in it.


sender_bcc_maps = hash:/etc/postfix/sender_bcc
recipient_bcc_maps = hash:/etc/postfix/recipient_bcc


verify the following files are generated once the above steps are finished.

/etc/postfix/recipient_bcc.db
/etc/postfix/sender_bcc.db

You can add entries as like follows in sender_bcc and recipient_bcc. This will forward mails from user@domain.com to other@example.com.

[root@postfix ~]# cat /etc/postfix/sender_bcc
user@domain.com other@example.com

[root@postfix ~]# cat /etc/postfix/recipient_bcc
user@domain.com other@example.com


Finally reload postfix,

[root@postfix ~]# postfix reload




Reference:
http://www.postfix.org/ADDRESS_REWRITING_README.html

Error:

When i tried to access ConfigServer Security & Firewall option in WHM i got the following error.

Internal Server Error

500

No response from subprocess (/usr/local/cpanel/whostmgr/docroot/cgi/addon_csf.cgi): subprocess exited with status 2

cpsrvd/11.38.0.18 Server at xxx.xxx.xxx.xxx


Solution:


root@server [~]# curl -s configserver.com/free/csupdate | perl


Try from your end... Update me if it helped..

BCC to Boss Function - Qmail

If you want to keep a copy of incoming and outgoing mail of an account in a qmail server, you can use the qmail-tap feature.

Qmail provides the ability to make a copy of each email that flows through the system. Qmail tap feature has the following functionalities.

**Specify which email addresses tap using a regex style control file. With the regex function, you can specify full domains or individual email addresses.
**Specify which email address to send the tapped email address.
**Qmail does not need to be restarted to change the above. Just update the taps control file.

The taps file is not included in the basic, default toaster install. You can configure it as follows.

[root@qmail ~]# touch /var/qmail/control/taps 
[root@qmail ~]# vi /var/qmail/control/taps

insert the tap information and save

Examples:

a) To tap a whole domain add a line like:

.*@domain.com:bcc@example.com

'bcc@example.com' gets a copy of all incoming and outgoing mail for the domain, 'domain.com'

b) To tap an individual email address add a line like:

user@domain.com:other@example.com 

'other@domain.com' gets a copy of all incoming and outgoing mail for 'user@domain.com'





Reference:
http://wiki.qmailtoaster.com/index.php/Taps
http://www.qmail.org/qmail-manual-html/

Here in the following telnet sessions i am using the following details to demonstrate the dovecot verification. You have to replace with your login details.

server: mail.example.com
username: test@example.com
password: testpassword


Verify IMAP using Telnet

imap port:143
imaps port:993

The following telnet session will help you to use imap telnet session.

Type 1:

arun@loccalhost:~$ telnet mail.example.com 143
Trying xx.xx.xx.xx...
Connected to xx.xx.xx.xx.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES AUTH=CRAM-MD5 SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2008 Double Precision, Inc.  See COPYING for distribution information.
a login test@example.com testpassword    
a OK LOGIN Ok.
b logout
* BYE Courier-IMAP server shutting down
b OK LOGOUT completed
Connection closed by foreign host.



arun@localhost:~$ telnet mail.example.com 143
Trying xx.xx.xx.xx...
Connected to xx.xx.xx.xx.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS LOGINDISABLED] Dovecot ready.
a login test@example.com testpassword                        
* BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but your client did it anyway. If anyone was listening, the password was exposed.
a NO [PRIVACYREQUIRED] Plaintext authentication disallowed on non-secure (SSL/TLS) connections.


Here in the above case Plaintext authentication not allowed without SSL/TLS. In that case, we can use the following two options to verify IMAP.

Type 2:

arun@localhost:~$ openssl s_client -connect mail.example.com:143 -starttls imap
.
.
.
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: 2D47CDB0983B7AC6BF0DD2DBF308D75C05AE139542D9A5EBC4D80031897E5274
    Session-ID-ctx:
    Master-Key: FDF973D885685105FC9CEDBAEC12F022FEE4CAE2BA4327B6C26731C401CD7CC2D15447244B253D70136F44D563E8DE9B
    Key-Arg   : None
    Start Time: 1372191497
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---
. OK Capability completed.
a login test@example.com testpassword
* CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS
a OK Logged in
b logout
* BYE Logging out
b OK Logout completed.
closed


Type 3:

arun@localhost:~$ openssl s_client -connect mail.example.com:993
.
.
.
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: E1A100FC4B56AEEDE96CBD7586C9F3390066AA2FC5F0117B9BD8D53EC5F399E6
    Session-ID-ctx:
    Master-Key: 628A0E2F3F9EF2DA9C9A64C1365D07407D4DCC2F86B297D04AD361325533E9D57DA49ADAC17DE80700F576408ED2EDCD
    Key-Arg   : None
    Start Time: 1372189555
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
a login test@example.com testpassword
a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS] Logged in
b logout
* BYE Logging out
b OK Logout completed.
closed


=================================================================

Verify POP3 using Telnet

pop3 port:110
pop3s port:995

Type 1:

arun@localhost:~$ telnet mail.example.com 110
Trying xx.xx.xx.xx...
Connected to xx.xx.xx.xx.
Escape character is '^]'.
+OK <23600.1372186718@mail.example.com>
user test@example.com                      
+OK
pass testpassword      
+OK
quit
+OK
Connection closed by foreign host.


arun@localhost:~$ telnet mail.example.com 110
Trying xx.xx.xx.xx...
Connected to xx.xx.xx.xx.
Escape character is '^]'.
+OK Dovecot ready.
user test@example.com
-ERR Plaintext authentication disallowed on non-secure (SSL/TLS) connections.


Here in the above case Plaintext authentication not allowed without SSL/TLS. In that case, we can use the following two options to verify POP3.


Type 2:

arun@localhost:~$ openssl s_client -connect mail.example.com:110 -starttls pop3
.
.
.
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: 089C8CD4E6D5BAE1501530918F82F6435F506F7AE3B87E6D49165F00C37DE7AE
    Session-ID-ctx:
    Master-Key: E993A3252EB7CC2D0B611FB9CB92136BC9142B6BB7CE7F9AE75600E48DCB11AB5666EA02439FA64C62F21D50982AD1C8
    Key-Arg   : None
    Start Time: 1372191620
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---
+OK Dovecot ready.
user test@example.com
+OK
pass testpassword
+OK Logged in.
quit
+OK Logging out.
closed


Type 3:

arun@localhost:~$ openssl s_client -connect mail.example.com:995
.
.
.

Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: D3E8D8E1ED81F3233E79DC07B3574AB5E0D0E576BE392042119E1FE327940358
    Session-ID-ctx:
    Master-Key: 6C2F619A712727A9833E9DB1CB8E53E5482D0C99E085A65C30F3610085A3D07C74053D1EE949B6909196A12A64E931A6
    Key-Arg   : None
    Start Time: 1372189468
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---
+OK Dovecot ready.
user test@example.com              
+OK
pass testpassword          
+OK Logged in.
quit
+OK Logging out.
closed




Reference:
http://wiki.dovecot.org/TestPop3Installation
http://wiki.dovecot.org/TestInstallation

If you, or your clients, are unable to login to your/their email accounts and the system shows this error message:

Plaintext authentication disallowed on non-secure (SSL/TLS) connections

You can verify this error using telnet as follows.

arun@localhost:~$ telnet mail.yourdomain.com 110
Trying xx.xx.xx.xx...
Connected to xx.xx.xx.xx.
Escape character is '^]'.
+OK Dovecot ready.
user test@yourdomain.com                                                              
-ERR Plaintext authentication disallowed on non-secure (SSL/TLS) connections.


If you do not want to use SSL/TLS connection to get your email, and to disable SSL/TLS secure connection, do the following:

1. locate dovecot configuration file, dovecot.conf. You can use the following command to locate loaded dovecot.conf.

[root@postfix ~]# doveconf -n | head -n 1
# 2.0.9: /etc/dovecot/dovecot.conf

2. Change the value for this directive from:

disable_plaintext_auth = yes

TO:

disable_plaintext_auth = no

If there is no such entry, you have to add it.

3. Restart dovecot service and verify the settings using telnet.

# /etc/init.d/dovecot restart


arun@localhost:~$ telnet mail.yourdomain.com 110
Trying xx.xx.xx.xx...
Connected to xx.xx.xx.xx.
Escape character is '^]'.
+OK Dovecot ready.
user test@yourdomain.com                    
+OK
pass testpassword
+OK Logged in.
quit
+OK Logging out.
Connection closed by foreign host.


That's it...

It is needed to get a base64 encoding of your username and password to test SMTP AUTH. You can use the following perl command to do it.

arun@localhost [~]# perl -MMIME::Base64 -e 'print encode_base64("username");'

Eg: perl -MMIME::Base64 -e 'print encode_base64("arun\@sudosu.in");'

arun@localhost [~]# perl -MMIME::Base64 -e 'print encode_base64("password");'

Or

you can use single base64 code by using the following format.

# perl -MMIME::Base64 -e 'print encode_base64("username\0username\0password");'
dGVzdEBzdW5ueXZpc2lvbgB0ZXN0QHN1

In that case you have to use AUTH PLAIN command in telnet session instead of AUTH LOGIN as follows.

AUTH PLAIN dGVzdEBzdW5ueXZpc2lvbgB0ZXN0QHN1


The above commmands will return a base64 encoding of the username and password. You have to keep this code and use it while using telnet.

connect to the mail server using Telnet:

telnet mailserver.com 25

Then Greet the mail server:

EHLO mailserver.com

Tell the server you want to authenticate with it:

AUTH LOGIN

The server should have returned 334 VXNlcm5hbWU6; this is a base64 encoded string asking you for your username, paste the base64 encoded username you created earlier, example:

HPxcqYBx7TpirE4

Now the server should have returned 334 UGFzc3dvcmQ6;. Again this is a base64 encoded string now asking for your password, paste the base64 encoded password you created, example:

LOMjmzLk3fjrvZP

Now you should have received a message telling you that you successfully authenticated. Once the authntication is successful, you can send mail using the smtp server.


Here i am giving you a test telnet session.

arun@localhost [~]# telnet mailserver.com 25
Trying 1.1.1.1...
Connected to mailserver.com (1.1.1.1).
Escape character is '^]'.
220-server1.exampledomain.com ESMTP Exim 4.66 #1 Wed, 09 May 2007 23:55:12 +0200
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
EHLO mailserver.com
250-server1.mailserver.com Hello  [1.1.1.2]
250-SIZE 52428800
250-PIPELINING
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
AUTH LOGIN
334 VXNlcm5hbWU6
dXNlcm5hbWUuY29t
334 UGFzc3dvcmQ6
bXlwYXNzd29yZA==

235 Authentication succeeded

MAIL FROM: test@test.com
250 ok
RCPT TO: test@otherdomain.com
250 ok
DATA

Subject: My Telnet Test Email

Hello,

This is an email sent by using the telnet command.

Your friend,
Me

.

Install YAZ PHP extension

You can cry install yaz using the following command. But you may encounter an erro while the installation.

# pecl install yaz

.
.
.
configure: error: YAZ not found (missing NONE)
ERROR: `/tmp/pear/temp/yaz/configure --with-yaz' failed.


You can install YAZ from source. You can follow the steps shown below to install it.

root@server [~]# cd /usr/local/src/
root@server [/usr/local/src]# wget http://ftp.indexdata.dk/pub/yaz/yaz-3.0.45.tar.gz
root@server [/usr/local/src]# tar xzf yaz-3.0.45.tar.gz
root@server [/usr/local/src]# cd yaz-3.0.45
root@server [/usr/local/src/yaz-3.0.45]# ./configure
root@server [/usr/local/src/yaz-3.0.45]# make
root@server [/usr/local/src/yaz-3.0.45]# make install

root@server [/usr/local/src/yaz-3.0.45]# cd ztest/
root@server [/usr/local/src/yaz-3.0.45/ztest]# ./yaz-ztest&
root@server [/usr/local/src/yaz-3.0.45/ztest]# ps aux | grep yaz
root     23922  0.0  0.0  21804  1540 pts/0    S    17:23   0:00 /usr/local/src/yaz-3.0.45/ztest/.libs/lt-yaz-ztest
root     24890  0.0  0.0   7216   816 pts/0    S+   17:27   0:00 grep yaz


You can verify whether it is working by running telnet on port 9999, from your local machine.

# telnet xx.xx.xx.xx 9999
Trying xx.xx.xx.xx...
Connected to xx.xx.xx.xx.
Escape character is '^]'

While running the above telnet command, you can find the following result in the terminal of server.

root@server [~]#
root@server [~#
root@server [~]# 17:27:49-15/06 lt-yaz-ztest(2) [session] Session - OK 2 tcp:::ffff:122.166.115.191 24977
17:28:12-15/06 lt-yaz-ztest(2) [warn] ODR error on incoming PDU: Required data element missing [element ] [near byte 0] 
17:28:12-15/06 lt-yaz-ztest(2) [warn] PDU dump:
    0: [UNIV 13] len=10       tl=1, ll=1 cons=0


That's it...

PHP/PHP-CGI on Windows Server 2003

If you want to setup php-cgi instead of php, you can modify the steps shown below to 'php-cgi' instead of 'php'.

You can give php-cgi.exe instead of php.exe. All other remains the same.

Here i am using windows server 2003 and IIS6.0. PHP zip file is extracted in  C:\PHP directory. It is assumed default ACLs/Permissions.


1. Unzip the latest PHP ZIP file to C:\PHP, and copy php.ini-recommended from that folder to C:\windows\php.ini, then copy php5ts.dll to C:\Windows\System32. Also Rename C:\php\php.ini-recommended to C:\php\php.ini and then COPY it to C:\Windows

2. Load IIS from the Administrative tools in the Control Panel by clicking Start -> Administrative Tools -> IIS Manager.

3. Click the name of your computer then click "Web Service Extensions", on the left side of the main frame you can find a green arrow pointing to a link that says "Add a new Web service extension...", click that link.

4. Set the extension name to anything you'd like. Here i created in name, 'PHP' put C:\PHP\php.exe as the Required file, also check "Set status to allowed"

5. Go to the directory you'd like to configure PHP for in the IIS Manager(Here the name of the directory is 'phpscript'), right click it, and select properties.
I have created the directory by running, 'md c:\inetpub\wwwroot\phpscript' in cmd.

6. Click the Create button, set the Execute permissions to "Scripts only", then click the Configuration button.

7. Click Add.  For the Executable put - C:\PHP\php.exe for the Extension put ".php", set the verbs to all, and make sure the bottom check boxes are checked. Then Click OK and OK.








8. Create a phpinfo page in the directory,c:\inetpub\wwwroot\phpscript. Here i have created info.php and verified the result, by loading the following url from the server.
http://127.0.0.1/phpscript/info.php



That's it..

PHP-ISAPI on Windows Server 2003

Here i am using windows server 2003 and IIS6.0. PHP zip file is extracted in  C:\PHP directory. It is assumed default ACLs/Permissions.


1. Unzip the latest PHP ZIP file to C:\PHP, and copy php.ini-recommended from that folder to C:\windows\php.ini, then copy php5ts.dll to C:\Windows\System32. Also Rename C:\php\php.ini-recommended to C:\php\php.ini and then COPY it to C:\Windows

2. Load IIS from the Administrative tools in the Control Panel by clicking Start -> Administrative Tools -> IIS Manager.

3. Click the name of your computer then click "Web Service Extensions", on the left side of the main frame you can find a green arrow pointing to a link that says "Add a new Web service extension...", click that link.

Add caption

4. Set the extension name to anything you'd like. Here i created in name, 'PHP-SAPI' put C:\PHP\php5isapi.dll as the Required file, also check "Set status to allowed"

5. Go to the directory you'd like to configure PHP for in the IIS Manager(Here the name of the directory is 'phpscript'), right click it, and select properties.
I have created the directory by running, 'md c:\inetpub\wwwroot\phpscript' in cmd.





6. Click the Create button, set the Execute permissions to "Scripts only", then click the Configuration button.

7. Click Add.  For the Executable put - C:\PHP\php5isapi.dll for the Extension put ".php", set the verbs to all, and make sure the bottom check boxes are checked. Then Click OK and OK.








8. Create a phpinfo page in the directory,c:\inetpub\wwwroot\phpscript. Here i have created info.php and verified the result, by loading the following url from the server.
http://127.0.0.1/phpscript/info.php



That's it..

Custom php.ini not loading in suPHP|SuExec server

I have followed the following steps to create custom php.ini for a user in cpanel server. There is suphp enabled in the server.

# cp /usr/local/lib/php.ini /home/<user>/public_html/php.ini

I have created a phpinfo page and accessed in browser and it is found that it still loading server's default(/usr/local/lib/php.ini) php.ini

Later it is found that there is SuExec Enabled Server.

root@server [~]# httpd -M | grep su
 suexec_module (static)
 suphp_module (shared)
Syntax OK


The configuration changes given below will help you to enable Custom php.ini on SuExec and suphp Enabled Server.

Open /opt/suphp/etc/suphp.conf in yourfavourate editor and search for the following lines.

[phprc_paths]
;Uncommenting these will force all requests to that handler to use the php.ini
;in the specified directory regardless of suPHP_ConfigPath settings.
application/x-httpd-php=/usr/local/lib/
application/x-httpd-php4=/usr/local/php4/lib/
application/x-httpd-php5=/usr/local/lib/


The above suphp configuration forces suphp to use the php.ini from /usr/local/lib/. You can comment those line to resolve the loading issue of custom php.ini file. So the configuation will look like as follows after the change.

[phprc_paths]
;Uncommenting these will force all requests to that handler to use the php.ini
;in the specified directory regardless of suPHP_ConfigPath settings.
;application/x-httpd-php=/usr/local/lib/
;application/x-httpd-php4=/usr/local/php4/lib/
;application/x-httpd-php5=/usr/local/lib/


Once you made the changes, restart apache to make changes in effective.

# /etc/init.d/httpd restart


Try to load phpinfo page again and verify the result.


Reference:


http://blog.philipbrown.id.au/2009/08/php-suexec-and-custom-php-ini-files/
http://www.askapache.com/php/custom-phpini-tips-and-tricks.html
http://forums.cpanel.net/f185/methods-increase-security-suphp-restricting-who-can-use-php-ini-files-167186.html