I have a problem about Plesk 7.5 Reloaded in Linux Redhat ES 4.

What error message that I got?
##############################################
Installing openssh-clients-3.9p1-8.RHEL4.4.i386.rpm
Installing openssh-3.9p1-8.RHEL4.4.i386.rpm
Installing openssh-server-3.9p1-8.RHEL4.4.i386.rpm
error: Failed dependencies:
openssh = 3.9p1-8.RHEL4.1 is needed by (installed) openssh-askpass-3.9p1-8.RHEL4.1.i386
openssh = 3.9p1-8.RHEL4.1 is needed by (installed) openssh-askpass-gnome-3.9p1-8.RHEL4.1.i386
##############################################

It will request me to press any keys and then will re-install again. However, I got the small problem.

I have tried to install openssh by myself and then install Plesk. But I still got this error message.

####################################
[root@ebig ~]# rpm -q openssh
openssh-3.9p1-8.RHEL4.1
####################################

Can anyone help me?

The version of Plesk Reloaded is

Plesk 7.5.4

**I'm not an expert. Follow any advice here at your own risk, especially if this is a production server with live sites on it.**

hi,

what rpm is telling you is that it has been asked to upgrade:

openssh
openssh-clients
openssh-server

to 3.9p1-8.RHEL4.4 but hasn't been asked to upgrade:

openssh-askpass
openssh-askpass-gnome

which are currently installed and are of the older version.

if this is a plesk upgrade doing this, then maybe plesk's upgrade script wasn't expecting people to have those installed. AFAIK, openssh-askpass is only if you are using X and openssh-askpass-gnome is specifically for gnome. your options seem to be either to:

1) remove openssh-askpass and openssh-askpass-gnome (rpm -e)

2) upgrade your openssh yourself before running the plesk installer/upgrader, that way you can be sure to upgrade all openssh packages. (e.g. up2date -u openssh)

are you doing a plesk upgrade through the upgrader in plesk or are you doing an upgrade/install at the command line?

My server is new. So, Plesk is "new install" and not "upgrade".

I have tried to install it first and then run the plesk installation again, but still fail.

This is the openssh in the RH ES4
########################################
[root@ebig yum-2.0.7]# rpm -qa | grep openssh
openssh-3.9p1-8.RHEL4.1
openssh-clients-3.9p1-8.RHEL4.1
openssh-server-3.9p1-8.RHEL4.1
openssh-askpass-gnome-3.9p1-8.RHEL4.1
openssh-askpass-3.9p1-8.RHEL4.1
########################################

i think the key here is that you need to either:

a) not have openssh-askpass and openssh-askpass-gnome installed (that is, uninstall them them), or

b) upgrade all of your openssh to 3.9p1-8.RHEL4.4 (the version plesk is trying to install) before you run the plesk installer.

so, until you can "rpm -qa | grep openssh" and either not see the openssh-askpass* packages or see that your openssh packages are 3.9p1-8.RHEL4.4 (rather than 3.9p1-8.RHEL4.1), then you will not be able to run the plesk installer successfully.

and i think you could solve this all just by running up2date. i believe that should get all of the openssh packages updated to 3.9p1-8.RHEL4.9, which i believe is the latest, and then plesk shouldn't try to be upgrading them when it installs.

so, either:

up2date -u

or

up2date -u openssh

(the latter if you only want to update openssh and nothing else)

Many thanks Revolution

I have tried to use "up2date -u openssh" but i got the following msg:

##################################################
[root@ip153251 etc]# up2date -u openssh

Error Message:
Service not enabled for system profile: "com2buy.co.uk"
Error Class Code: 31
Error Class Info:
This system does not have a valid entitlement for Red Hat Network.
Please visit https://rhn.redhat.com/network/systems/enti...ntitlements.pxt
or login at https://rhn.redhat.com, and from the "Systems" tab,
select "System Entitlements" to enable RHN service for this system.
Explanation:
An error has occurred while processing your request. If this problem
persists please enter a bug report at bugzilla.redhat.com.
If you choose to submit the bug report, please be sure to include
details of what you were trying to do when this error occurred and
details on how to reproduce this problem.
##################################################

I have activated my server, and I can find it at redhat homepage. But I don't know why I can't update.

I think I need to upgrade openssh of this one, https://rhn.redhat.com/errata/RHSA-2005-527.html


For a) not have openssh-askpass and openssh-askpass-gnome installed (that is, uninstall them them),

In fact, when I want to install Plesk for the fresh Redhat ES4, it didn't have any openssh-askpass*. Do, do I need to uninstall it and try again?

MANY THANKS FOR YOUR HELP!

hi,

it doesn't sound like you have any need for X over ssh, so, yeah, just try just uninstalling these two packages then running the plesk installer.

to uninstall them:

rpm -e openssh-askpass openssh-askpass-gnome

as for the up2date error, put in a trouble ticket with ev1 about it and they should be able to get it fixed.

it is really frustrated.

when i solved the up2date and openssh's problem, i got another problem again and it is python. i am now trying to up2date -u python first and install it again.

############################################
Installing packages
Installing python-2.3.4-14.1.i386.rpm
error: Failed dependencies:
python = 2.3.4-14 is needed by python-devel-2.3.4-14.i386
python = 2.3.4-14 is needed by (installed) python-devel-2.3.4-14.i386
Suggested resolutions:
python-2.3.4-14.i386.rpm
Not all required packages were installed.
Press to continue...
############################################


anyway, thanks Revolution so much coz i have idea to solve the problem step by step by myself:)

hi,

it's saying here like what it said before, but with different packages. that is, it's saying that a newer version of:

python

was asked to be installed, but rpm is saying it can't just install a new version of python because the following package is installed and depends on it:

python-devel

the solution is the same as with the openssh-askpass* issue, which is either to:

1) manually upgrade both python and python-devel (easiest would be to do it through up2date), or

2) uninstall python-devel

if you have gotten up2date working and solved your openssh problem by running up2date -u openssh, then i suggest just updating all packages by running the following, which should update python and python-devel in the process, as well as anything else that needs to be updated:

up2date -u

this will make sure you have all of the latest redhat supplied packages, which is generally a good thing no matter what.

if running "up2date -u" doesn't get this resolved for you, or if you keep running into other problems after that, and if this is a brand new server with no live sites on it and that is not used for anything yet, then it might be a worthwhile to just have ev1 reimage it with rhel4+plesk so you don't have to bother with installing plesk.

good luck and i'll see how things turn out when i'm back online tomorrow.

finally, i installed plesk successfully. when i think i can solve the problem, i find that the nightmare is still following me. the new problem is that i can't access the admin page https://xxx.xxx.xxx.xxx:8443. i also try to access http://xxx.xxx.xxx.xxx, it also failed.

after checking the log file, i got the following messages:
####################################################
[Tue Feb 28 04:04:30 2006] [notice] caught SIGTERM, shutting down
[Tue Feb 28 04:04:31 2006] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue Feb 28 04:04:31 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 04:04:31 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 04:04:31 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 04:04:31 2006] [notice] Digest: generating secret for digest authentication ...
[Tue Feb 28 04:04:31 2006] [notice] Digest: done
[Tue Feb 28 04:04:31 2006] [notice] LDAP: Built with OpenLDAP LDAP SDK
[Tue Feb 28 04:04:31 2006] [notice] LDAP: SSL support unavailable
Error, do this: mount -t proc none /proc
Error, do this: mount -t proc none /proc
[Tue Feb 28 04:04:31 2006] [error] (13)Permission denied: Could not create key file "/usr/local/frontpage/version5.0/apache-fp/suidkey.17547" in FrontPageInit(). Until this problem is fixed, the FrontPage security patch is disabled and the FrontPage extensions may not work correctly.
[Tue Feb 28 04:04:31 2006] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Tue Feb 28 04:04:31 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 04:04:31 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 04:04:31 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 04:04:31 2006] [notice] Apache/2.0.52 (Red Hat) configured -- resuming normal operations
[Tue Feb 28 04:07:12 2006] [notice] caught SIGTERM, shutting down
[Tue Feb 28 04:09:49 2006] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue Feb 28 04:09:49 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 04:09:49 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 04:09:49 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 04:09:49 2006] [notice] Digest: generating secret for digest authentication ...
[Tue Feb 28 04:09:49 2006] [notice] Digest: done
[Tue Feb 28 04:09:49 2006] [notice] LDAP: Built with OpenLDAP LDAP SDK
[Tue Feb 28 04:09:49 2006] [notice] LDAP: SSL support unavailable
Error, do this: mount -t proc none /proc
Error, do this: mount -t proc none /proc
[Tue Feb 28 04:09:50 2006] [error] (13)Permission denied: Could not create key file "/usr/local/frontpage/version5.0/apache-fp/suidkey.2516" in FrontPageInit(). Until this problem is fixed, the FrontPage security patch is disabled and the FrontPage extensions may not work correctly.
[Tue Feb 28 04:09:50 2006] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Tue Feb 28 04:09:51 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 04:09:51 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 04:09:51 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 04:09:51 2006] [notice] Apache/2.0.52 (Red Hat) configured -- resuming normal operations
####################################################

i guess it is the problem of apache coz i can't load any pages. however, i use another pc with different network, i can telnet xxx.xxx.xxx.xxx 80
what's wrong????

thanks!

hi,

glad you were able to get plesk installed.

for finding the problem here, you should check other logfiles, too, such as /var/log/messages and /var/log/security, they might provide more information.

also, check if selinux is enabled and is running in enforcing mode (if selinux is the problem you should see messages related to apache/httpd being restricted in /var/log/messages, i believe). if selinux is running in enforcing mode, try turning off selinux or setting it to permissive mode. if it does turn out selinux is turned on and is the source of the problems but you do want to run it, then you'll need to make some changes to the selinux policy (see my posts here: http://forum.plesk.com/showthread.php?s=&t...&threadid=28084 )

to check if selinux is on, run:

selinuxenabled
echo $?

if the second command outputs 0, then it's on. if -256, it's off. if it's on, check if it's in enforcing mode which is set in /etc/selinux/config. if you want to chage it to permissive mode, run:

setenforce 0

if you have a firewall configured, make sure you have the proper ports opened up so that you can access ports 80 and 8443 (and any others you need, of course).

hope that helps.

thanks!

i think i really need to find out the problems step-by-step.

first, i try to telnet both port 80 and 8443 and i find that i can't connect to 8443.
then i check the /var/log/httpd/ssl_error_log
###############################################
[Tue Feb 28 20:30:51 2006] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
###############################################
p/s: my ip is 202.67.153.251

Although I can start httpd successfully, i can't visit any pages. I find some suggestions in the following link:
http://forum.plesk.com/showthread.php?threadid=20941

Is it related to nameserver?


Second, this is /var/log/httpd/error_log
##################################################
[Tue Feb 28 20:19:01 2006] [notice] caught SIGTERM, shutting down
[Tue Feb 28 20:19:02 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 20:19:02 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 20:19:02 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 20:19:02 2006] [notice] Digest: generating secret for digest authentication ...
[Tue Feb 28 20:19:02 2006] [notice] Digest: done
[Tue Feb 28 20:19:02 2006] [notice] LDAP: Built with OpenLDAP LDAP SDK
[Tue Feb 28 20:19:02 2006] [notice] LDAP: SSL support unavailable
[Tue Feb 28 20:19:03 2006] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Tue Feb 28 20:19:03 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 20:19:03 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 20:19:03 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 20:19:03 2006] [notice] Apache/2.0.52 (Red Hat) configured -- resuming normal operations
[Tue Feb 28 20:28:11 2006] [notice] caught SIGTERM, shutting down
[Tue Feb 28 20:30:50 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 20:30:50 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 20:30:50 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 20:30:50 2006] [notice] Digest: generating secret for digest authentication ...
[Tue Feb 28 20:30:50 2006] [notice] Digest: done
[Tue Feb 28 20:30:50 2006] [notice] LDAP: Built with OpenLDAP LDAP SDK
[Tue Feb 28 20:30:50 2006] [notice] LDAP: SSL support unavailable
[Tue Feb 28 20:30:51 2006] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Tue Feb 28 20:30:51 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 20:30:51 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 20:30:51 2006] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
[Tue Feb 28 20:30:51 2006] [notice] Apache/2.0.52 (Red Hat) configured -- resuming normal operations
##################################################

Third, in /var/log/secure log message, i find that there are so many testing sshd messages.
##################################################
Feb 28 14:26:25 com2buy sshd[7211]: Invalid user testing from ::ffff:212.17.0.98
Feb 28 14:26:27 com2buy sshd[7211]: Failed password for invalid user testing from ::ffff:212.17.0.98 port 48339 ssh2
Feb 28 14:26:34 com2buy sshd[7213]: Invalid user greg from ::ffff:212.17.0.98
Feb 28 14:26:37 com2buy sshd[7213]: Failed password for invalid user greg from ::ffff:212.17.0.98 port 48624 ssh2
Feb 28 14:26:41 com2buy sshd[7215]: Invalid user cs from ::ffff:212.17.0.98
Feb 28 14:26:43 com2buy sshd[7215]: Failed password for invalid user cs from ::ffff:212.17.0.98 port 49034 ssh2
Feb 28 14:26:47 com2buy sshd[7217]: Invalid user david from ::ffff:212.17.0.98
Feb 28 14:26:49 com2buy sshd[7217]: Failed password for invalid user david from ::ffff:212.17.0.98 port 49314 ssh2
Feb 28 14:26:53 com2buy sshd[7219]: Invalid user sales from ::ffff:212.17.0.98
Feb 28 14:26:55 com2buy sshd[7219]: Failed password for invalid user sales from ::ffff:212.17.0.98 port 49590 ssh2
Feb 28 14:26:59 com2buy sshd[7221]: Invalid user andrew from ::ffff:212.17.0.98
Feb 28 14:27:01 com2buy sshd[7221]: Failed password for invalid user andrew from ::ffff:212.17.0.98 port 49864 ssh2
Feb 28 14:27:07 com2buy sshd[7223]: Failed password for root from ::ffff:212.17.0.98 port 50154 ssh2
Feb 28 14:27:15 com2buy sshd[7225]: Invalid user fred from ::ffff:212.17.0.98
Feb 28 14:27:17 com2buy sshd[7225]: Failed password for invalid user fred from ::ffff:212.17.0.98 port 50423 ssh2
Feb 28 16:13:46 com2buy sshd[7317]: Did not receive identification string from ::ffff:69.56.219.202
Feb 28 16:13:46 com2buy sshd[7318]: Did not receive identification string from ::ffff:69.56.219.202
Feb 28 20:28:12 com2buy sshd[2249]: Received signal 15; terminating.
#################################################

Last, i also changed SELINUX to permissive mode. but it also didn't work.

Now, I focus on the the apache and firewall. hope it can be solved!

Add one more thing, when i restart the httpd, i got the following msg:
#################################################
Feb 28 22:09:54 com2buy kernel: audit(1141186194.445:0): avc: denied { write } for pid=3866 exe=/usr/sbin/httpd name=apache-fp dev=dm-3 ino=689536 scontext=root:system_r:httpd_t tcontext=system_u:object_r:usr_t tclass=dir
Feb 28 22:09:54 com2buy kernel: audit(1141186194.449:0): avc: denied { read } for pid=3870 exe=/bin/ps name=stat dev=proc ino=253624333 scontext=root:system_r:httpd_sys_script_t tcontext=root:system_r:httpd_sys_script_t tclass=file
Feb 28 22:09:54 com2buy kernel: audit(1141186194.451:0): avc: denied { read } for pid=3872 exe=/bin/ps name=stat dev=proc ino=253755405 scontext=root:system_r:httpd_sys_script_t tcontext=root:system_r:httpd_sys_script_t tclass=file
Feb 28 22:09:54 com2buy kernel: audit(1141186194.451:0): avc: denied { write } for pid=3866 exe=/usr/sbin/httpd name=apache-fp dev=dm-3 ino=689536 scontext=root:system_r:httpd_t tcontext=system_u:object_r:usr_t tclass=dir
Feb 28 22:09:54 com2buy kernel: audit(1141186194.452:0): avc: denied { read } for pid=3866 exe=/usr/sbin/httpd name=php.ini dev=dm-0 ino=50678 scontext=root:system_r:httpd_t tcontext=root:object_r:tmp_t tclass=file
Feb 28 22:09:54 com2buy kernel: audit(1141186194.452:0): avc: denied { getattr } for pid=3866 exe=/usr/sbin/httpd path=/etc/php.d/domxml.ini dev=dm-0 ino=53024 scontext=root:system_r:httpd_t tcontext=root:object_r:tmp_t tclass=file
Feb 28 22:09:54 com2buy kernel: audit(1141186194.452:0): avc: denied { getattr } for pid=3866 exe=/usr/sbin/httpd path=/etc/php.d/gd.ini dev=dm-0 ino=50665 scontext=root:system_r:httpd_t tcontext=root:object_r:tmp_t tclass=file
Feb 28 22:09:54 com2buy kernel: audit(1141186194.452:0): avc: denied { getattr } for pid=3866 exe=/usr/sbin/httpd path=/etc/php.d/imap.ini dev=dm-0 ino=53076 scontext=root:system_r:httpd_t tcontext=root:object_r:tmp_t tclass=file
Feb 28 22:09:54 com2buy kernel: audit(1141186194.452:0): avc: denied { getattr } for pid=3866 exe=/usr/sbin/httpd path=/etc/php.d/ldap.ini dev=dm-0 ino=53074 scontext=root:system_r:httpd_t tcontext=root:object_r:tmp_t tclass=file
Feb 28 22:09:54 com2buy kernel: audit(1141186194.452:0): avc: denied { getattr } for pid=3866 exe=/usr/sbin/httpd path=/etc/php.d/mysql.ini dev=dm-0 ino=53075 scontext=root:system_r:httpd_t tcontext=root:object_r:tmp_t tclass=file
Feb 28 22:09:54 com2buy kernel: audit(1141186194.452:0): avc: denied { getattr } for pid=3866 exe=/usr/sbin/httpd path=/etc/php.d/pgsql.ini dev=dm-0 ino=50680 scontext=root:system_r:httpd_t tcontext=root:object_r:tmp_t tclass=file
##################################################
what does it mean?

hi,

you may need someone to help you out more than just through the forums; that is, someone to log into your server and get things working for you. unfortunately i can't help with that. if you look around the forums you may be able to find some people who have been here a long time and who are trustworthy who can do that for you.

one thing i did notice is that the ip you mention is not an ev1 ip address. it's allocated to APNIC (Asia Pacific Network Information Centre). of course, maybe you've gotten them to delegate it to ev1 in some way.

this:

is not a problem. it just means your ssl certificate is generic/default but it's not going to cause any problems with apache running.

these:

are normal attempts by crackers/infected computers trying to get into your server. the odds of one being successful if your system is properly configured is low. when you are done getting everything else working, you can look into using APF with BFD to stop this. (search the forums here for more info on those).

these:

are a problem if you have selinux in enforcing mode. you want to make absolutely sure you have selinux off or in permissive mode. if you are having problems getting things working, try just turning selinux off entirely to be safe (set to disabled in /etc/selinux/config and reboot). you can always turn it on again later when you have things working and that way it will be clear which problems, if any, are caused by selinux.