I just ran the script and I thought everything went fine until I restarted. Now my websites wont come up. If i try to do apachectl start I get the following error:
(98)Address already in use: make_sock: could not bind to address [::]:443
no listening sockets available, shutting down
Unable to open logs
How do I get apache running again? Please help!
Full Version: Linux Security Script
According to that, Apache, or something else using the same logs and ports as Apache, is already running. Check ps ax and see if there are any httpd processes. As for the sites not working, is there a server error or is it just timing out?
Also, does this server have a control panel? Can you give the versions of the software you have as well as the `php -v` output?
Also, does this server have a control panel? Can you give the versions of the software you have as well as the `php -v` output?
Thanks for responding. I checked ps ax and httpd is listed. Here is the output:
ps auxf | grep httpd
root 17643 0.0 0.0 4344 716 pts/0 S+ 09:00 0:00 | \_ grep httpd
root 8800 0.0 0.6 21652 6680 ? S 05:01 0:00 /usr/sbin/httpd
Here is output from netstat:
netstat -lnptu |grep -w 443
tcp 0 0 :::443 :::* LISTEN 8800/httpd
and
netstat -nalp | grep :80
tcp 0 0 :::80 :::* LISTEN 8800/httpd
tcp 354 0 ::ffff:[ip address] ::ffff:66.227.147.12:3475 ESTABLISHED -
Output from php -v:
php -v
PHP Fatal error: [Zend Optimizer] Zend Optimizer 3.2.0 is incompatible with eAccelerator 0.9.5 in Unknown on line 0
When you try to go to a site in the browser, it basically times out. I am running RHEL4 with Plesk 8.0.0.
Thanks for your help.
ps auxf | grep httpd
root 17643 0.0 0.0 4344 716 pts/0 S+ 09:00 0:00 | \_ grep httpd
root 8800 0.0 0.6 21652 6680 ? S 05:01 0:00 /usr/sbin/httpd
Here is output from netstat:
netstat -lnptu |grep -w 443
tcp 0 0 :::443 :::* LISTEN 8800/httpd
and
netstat -nalp | grep :80
tcp 0 0 :::80 :::* LISTEN 8800/httpd
tcp 354 0 ::ffff:[ip address] ::ffff:66.227.147.12:3475 ESTABLISHED -
Output from php -v:
php -v
PHP Fatal error: [Zend Optimizer] Zend Optimizer 3.2.0 is incompatible with eAccelerator 0.9.5 in Unknown on line 0
When you try to go to a site in the browser, it basically times out. I am running RHEL4 with Plesk 8.0.0.
Thanks for your help.
QUOTE (BlueFusion @ Feb 5 2007, 02:34 PM) 
According to that, Apache, or something else using the same logs and ports as Apache, is already running. Check ps ax and see if there are any httpd processes. As for the sites not working, is there a server error or is it just timing out?
Also, does this server have a control panel? Can you give the versions of the software you have as well as the `php -v` output?
Also, does this server have a control panel? Can you give the versions of the software you have as well as the `php -v` output?
Looks like you have zend and eAccelerator installed on the same server? I've heard that, it isn't a good combination....
BlueFusion helped me get it straightened out earlier today. Apparently eAccelerator doesn't like Zend so you have to configure Zend to load after eAccelerator in the php.ini.
QUOTE (mitch @ Feb 6 2007, 07:34 AM)
Looks like you have zend and eAccelerator installed on the same server? I've heard that, it isn't a good combination....
Isn't there an option to remove eAccelerator or Zend? ...
Or.. you can configure php.ini, like you sat..
Or.. you can configure php.ini, like you sat..
I updated to ELS 2.0 and when it tried to upgrade RKHunkter, it errored out
QUOTE
Proceed? (y/n): Please enter 'y' or 'n': y
Downloading RKHunter...
/usr/bin/md5sum: rkhunter-.tar.gz: No such file or directory
Download Successful!
MD5 matches.
Extracting...
tar (child): rkhunter-.tar.gz: Cannot open: No such file or directory
tar (child): Error is not recoverable: exiting now
/bin/tar: Child returned status 2
/bin/tar: Error exit delayed from previous errors
/usr/local/bin/els: line 967: cd: rkhunter-: No such file or directory
Extraction failed.
Aborting.
Downloading RKHunter...
/usr/bin/md5sum: rkhunter-.tar.gz: No such file or directory
Download Successful!
MD5 matches.
Extracting...
tar (child): rkhunter-.tar.gz: Cannot open: No such file or directory
tar (child): Error is not recoverable: exiting now
/bin/tar: Child returned status 2
/bin/tar: Error exit delayed from previous errors
/usr/local/bin/els: line 967: cd: rkhunter-: No such file or directory
Extraction failed.
Aborting.
And same with CHKrootkit
QUOTE
ELS can now update CHKROOTKIT.
Proceed? (y/n): y
Downloading CHKROOTKIT...
/usr/bin/md5sum: chkrootkit-.tar.gz: No such file or directory
/usr/local/bin/els: line 1044: [: : unary operator expected
Download Failed.
Invalid MD5.
Aborting.
Proceed? (y/n): y
Downloading CHKROOTKIT...
/usr/bin/md5sum: chkrootkit-.tar.gz: No such file or directory
/usr/local/bin/els: line 1044: [: : unary operator expected
Download Failed.
Invalid MD5.
Aborting.
We're currently in the process of getting ELS 2.0.0 going. We thought we got all of the bugs but there's still a few things we're working out now.
Alright, here we go. Please update the ELS script and try it now. ELS current version is 2.0.1. There are alot of improvements, so please check out the els --help option!
I just tried updating it and it wont update now
QUOTE
[root@server root]# els --update
Downloading...
Done.
MD5 valid.
Extracting...
Done.
Easy Linux Security successfully updated.
[root@server root]# els --version
ELS specific commands:
--checkall : Check that everything is okay
--help : Print this help screen
--update : Update the ELS (this) program to the latest
: version
ELS usage:
--all : Install/update all supported software, improve
: security and optimize some programs and
: configurations
--apf : Install/Update APF Firewall
--bfd : Install/Update BFD (Brute Force Detection)
--chkrootkit : Install/Update CHKROOTKIT
--chkrootkitcron : Install a CHKROOTKIT cronjob (to run nightly)
--cpvcheck : Check your control panel version
--disabletelnet : Disable telnet
--distrocheck : Check your OS version
--eaccelerator : Install/Update eAccelerator
--forcessh2 : Force SSH protocol 2
--hardensysctl : Hardening sysctl.conf
--imagemagick : Install/Update ImageMagick
--libsafe : Install/Update Libsafe
--mysqloptimizedb : Run a simple MySQL table optimization command
--mysqlrenice : Renice MySQL to -20 for highest priority
--mytop : Install/Update MyTOP
--optimizemysqlconf : Optimize MySQL configuration file (/etc/my.cnf)
--rkhunter : Install/Update RKHunter
--rkhuntercron : Install a RKHunter cronjob (to run nightly)
--rootloginemail : Add an alert for root login to
: /root/.bash_profile (email must be provided
: for this option)
--securepartitions : Secure /tmp, /var/tmp, and /dev/shm partitions
: (whether in /etc/fstab or not)
--setupcrons : Setup RKHunter and CHKROOTKIT cronjobs as well
: as Root Login Alert
--sshport : Change the port the SSH deamon is listening on
: (also modifies APF config to use new port)
--vps : Similiar to --all, but skips operations not
: compatable with Virtual Private Servers
--wheeluser : Add a wheel user and force no root login in the
: SSH deamon's configuration
--zendopt : Install/Update Zend Optimizer
Remove/Undo functions:
--removeapf : Remove APF firewall
--removebfd : Remove BFD (Brute Force Detection)
--rmchkrootkitcron : Remove a CHKROOTKIT cronjob
--rmrkhuntercron : Remove a RKHunter cronjob
--undomysqlrenice : Undo MySQL renice
DirectAdmin specific commands:
--doapache2 : Upgrade to Apache 2.0 on DirectAdmin server
--undodaap2 : Undo the upgrade to Apache 2.0 on DirectAdmin
: server
cPanel specific commands:
--cpanelmysqlup : Update MySQL on cPanel servers using the glibc
: 2.3 dynamically
: linked RPMs from http://dev.mysql.com
--cpanelupdate : Update cPanel to the latest version on
: cPanel/WHM servers
--eximdictatk : Install the Exim Dictionary Attack ACL for
: cPanel/WHM servers
--fantasticoinstall : Install the Fantastico files for cPanel/WHM
: servers
--fixrndc : Fix RNDC if not already configured on
: cPanel/WHM servers
--tweakcpsettings : Tweak cPanel's Tweak Settings file
You're running an old version of ELS. [ Version: 2.0.0 ]
The latest version is Version: 2.0.1.
Run with '--update' argument to update now.
[root@server root]#
Downloading...
Done.
MD5 valid.
Extracting...
Done.
Easy Linux Security successfully updated.
[root@server root]# els --version
ELS specific commands:
--checkall : Check that everything is okay
--help : Print this help screen
--update : Update the ELS (this) program to the latest
: version
ELS usage:
--all : Install/update all supported software, improve
: security and optimize some programs and
: configurations
--apf : Install/Update APF Firewall
--bfd : Install/Update BFD (Brute Force Detection)
--chkrootkit : Install/Update CHKROOTKIT
--chkrootkitcron : Install a CHKROOTKIT cronjob (to run nightly)
--cpvcheck : Check your control panel version
--disabletelnet : Disable telnet
--distrocheck : Check your OS version
--eaccelerator : Install/Update eAccelerator
--forcessh2 : Force SSH protocol 2
--hardensysctl : Hardening sysctl.conf
--imagemagick : Install/Update ImageMagick
--libsafe : Install/Update Libsafe
--mysqloptimizedb : Run a simple MySQL table optimization command
--mysqlrenice : Renice MySQL to -20 for highest priority
--mytop : Install/Update MyTOP
--optimizemysqlconf : Optimize MySQL configuration file (/etc/my.cnf)
--rkhunter : Install/Update RKHunter
--rkhuntercron : Install a RKHunter cronjob (to run nightly)
--rootloginemail : Add an alert for root login to
: /root/.bash_profile (email must be provided
: for this option)
--securepartitions : Secure /tmp, /var/tmp, and /dev/shm partitions
: (whether in /etc/fstab or not)
--setupcrons : Setup RKHunter and CHKROOTKIT cronjobs as well
: as Root Login Alert
--sshport : Change the port the SSH deamon is listening on
: (also modifies APF config to use new port)
--vps : Similiar to --all, but skips operations not
: compatable with Virtual Private Servers
--wheeluser : Add a wheel user and force no root login in the
: SSH deamon's configuration
--zendopt : Install/Update Zend Optimizer
Remove/Undo functions:
--removeapf : Remove APF firewall
--removebfd : Remove BFD (Brute Force Detection)
--rmchkrootkitcron : Remove a CHKROOTKIT cronjob
--rmrkhuntercron : Remove a RKHunter cronjob
--undomysqlrenice : Undo MySQL renice
DirectAdmin specific commands:
--doapache2 : Upgrade to Apache 2.0 on DirectAdmin server
--undodaap2 : Undo the upgrade to Apache 2.0 on DirectAdmin
: server
cPanel specific commands:
--cpanelmysqlup : Update MySQL on cPanel servers using the glibc
: 2.3 dynamically
: linked RPMs from http://dev.mysql.com
--cpanelupdate : Update cPanel to the latest version on
: cPanel/WHM servers
--eximdictatk : Install the Exim Dictionary Attack ACL for
: cPanel/WHM servers
--fantasticoinstall : Install the Fantastico files for cPanel/WHM
: servers
--fixrndc : Fix RNDC if not already configured on
: cPanel/WHM servers
--tweakcpsettings : Tweak cPanel's Tweak Settings file
You're running an old version of ELS. [ Version: 2.0.0 ]
The latest version is Version: 2.0.1.
Run with '--update' argument to update now.
[root@server root]#
Actually, I think it updated since I was able to upgrade Rkhunter. Did you forget to bump up the version number in the release?
Good work though, its definitely working other than that.
Good work though, its definitely working other than that.
I do believe I did forgot to up the script to 2.0.1. I've got to run to English class (I guess they don't think English as my first language is good enough?), but then me and the guy helping me now are working on even more advances in the art of scientifically increasing the productivity of this little program.
P.S. Still wish I could edit the first post of this topic :-) Where's Kevin...?
P.S. Still wish I could edit the first post of this topic :-) Where's Kevin...?
A couple things
Still doesnt detect Plesk 8.1.0
The chmod files to root works fine.
Looking good though Rich!
QUOTE
PLESK is installed. [ Version: ]
Still doesnt detect Plesk 8.1.0
QUOTE
This feature can disable dangerous PHP functions.
Proceed? (y/n): y
Backing up current configuration file...
Successfully backed up as /usr/local/els/bakfiles/php.ini-disable-functions.bak!
Modifying configuration file...
/usr/bin/replace: No to-string for last from-string
Edit failed!
Restoring backup...
Backup restored.
PHP is NOT disabling dangerous PHP functions.
Proceed? (y/n): y
Backing up current configuration file...
Successfully backed up as /usr/local/els/bakfiles/php.ini-disable-functions.bak!
Modifying configuration file...
/usr/bin/replace: No to-string for last from-string
Edit failed!
Restoring backup...
Backup restored.
PHP is NOT disabling dangerous PHP functions.
The chmod files to root works fine.
Looking good though Rich!
Jester, can you tell me the file or a command to get te Plek version from in Plesk 8? Is it the same file, but maybe a different format? If so, can you please copy the whole contents of the file?
As for the PHP part, my other coder put that part in and I will have a look-see at that error there. Expect more features in the near future!
As for the PHP part, my other coder put that part in and I will have a look-see at that error there. Expect more features in the near future!
2.0.3.1 released. How's she work now?
disable dangerous PHP functions works fine now!
So its basically working...
QUOTE
[root@server root]# els --version
/usr/bin/tail: PRODUCT_ROOT_D: No such file or directory
PLESK is installed. [ Version: ==> /usr/local/psa/version <==
8.1.0 RedHat el3 81070201.15 ]
ELS version is: 2.0.3.1
[root@server root]#
/usr/bin/tail: PRODUCT_ROOT_D: No such file or directory
PLESK is installed. [ Version: ==> /usr/local/psa/version <==
8.1.0 RedHat el3 81070201.15 ]
ELS version is: 2.0.3.1
[root@server root]#
QUOTE
[root@server root]# els --all
/usr/bin/tail: PRODUCT_ROOT_D: No such file or directory
PLESK is installed. [ Version: ==> /usr/local/psa/version <==
8.1.0 RedHat el3 81070201.15 ]
Admin (your) E-Mail Address (this should NOT be on this server):
/usr/bin/tail: PRODUCT_ROOT_D: No such file or directory
PLESK is installed. [ Version: ==> /usr/local/psa/version <==
8.1.0 RedHat el3 81070201.15 ]
Admin (your) E-Mail Address (this should NOT be on this server):
So its basically working...
As always, great script!
What is included in disable dangerous PHP functions?
What is included in disable dangerous PHP functions?
QUOTE (gertiebeth @ Feb 16 2007, 02:53 AM)
As always, great script!
What is included in disable dangerous PHP functions?
What is included in disable dangerous PHP functions?
disable_functions = symlink,shell_exec,exec,proc_close,proc_open,popen,system,dl,passthru,escapeshel
larg,escapeshellcmd
Some scripts may use these functions, so use with discretion.
QUOTE
[root@server root]# els --update
Updating ELS 2.0.3.9 to 2.0.3.12...
Downloading ELS 2.0.3.12...
Done.
MD5 valid.
Extracting...
Done.
Easy Linux Security successfully updated to 2.0.3.12.
[root@server root]# els --all
/usr/local/bin/els: line 1304: syntax error near unexpected token `else'
/usr/local/bin/els: line 1304: ` else'
Updating ELS 2.0.3.9 to 2.0.3.12...
Downloading ELS 2.0.3.12...
Done.
MD5 valid.
Extracting...
Done.
Easy Linux Security successfully updated to 2.0.3.12.
[root@server root]# els --all
/usr/local/bin/els: line 1304: syntax error near unexpected token `else'
/usr/local/bin/els: line 1304: ` else'
A little error...
Yeah...there's a guy helping me with the updates lately, and he's been making changes and just putting them live. I'm going to try to get it back to a thorough test and then release stage.
Thanks for the report, though.
Thanks for the report, though.
QUOTE (JesterX @ Feb 19 2007, 03:11 AM)
[root@server root]# els --update
Updating ELS 2.0.3.9 to 2.0.3.12...
Downloading ELS 2.0.3.12...
Done.
MD5 valid.
Extracting...
Done.
Easy Linux Security successfully updated to 2.0.3.12.
[root@server root]# els --all
/usr/local/bin/els: line 1304: syntax error near unexpected token `else'
/usr/local/bin/els: line 1304: ` else'
Updating ELS 2.0.3.9 to 2.0.3.12...
Downloading ELS 2.0.3.12...
Done.
MD5 valid.
Extracting...
Done.
Easy Linux Security successfully updated to 2.0.3.12.
[root@server root]# els --all
/usr/local/bin/els: line 1304: syntax error near unexpected token `else'
/usr/local/bin/els: line 1304: ` else'
Yes, I am getting this error as well.
You'll need to re-do the ELS install to get the latest version
Its at version 2.0.3.16 already.
QUOTE
wget --output-document=installer.sh http://servermonkeys.com/projects/els/installer.sh; chmod +x installer.sh; sh installer.sh
Its at version 2.0.3.16 already.
A typo in the previous version caused that error you posted above. It has been resolved, but if you upgraded to the non-functioning version, you will need to run the updater script outside of ELS -> /usr/local/els/updater.sh
A few things.
1.
Is eAccelerator being replaced with APC? Suhosin is the php security "patch" right?
Thanks, and I think its great that more and more features are being added.
1.
QUOTE
[root@server root]# els --update
/usr/local/bin/els: line 1: /usr/local/bin/php: No such file or directory
ELS 2.0.5.0 is the latest release, there is no need to update.
[root@server root]#
/usr/local/bin/els: line 1: /usr/local/bin/php: No such file or directory
ELS 2.0.5.0 is the latest release, there is no need to update.
[root@server root]#
QUOTE
/usr/local/bin/els: line 1: /usr/local/bin/php: No such file or directory
ELS can now install APC.
Proceed? (y/n): n
Not installing/updating APC.
ELS can now install suhosin.
Proceed? (y/n): n
Not installing/updating suhosin.
ELS can now install APC.
Proceed? (y/n): n
Not installing/updating APC.
ELS can now install suhosin.
Proceed? (y/n): n
Not installing/updating suhosin.
Is eAccelerator being replaced with APC? Suhosin is the php security "patch" right?
Thanks, and I think its great that more and more features are being added.
*BUMP* - Sorry, I lost this post in the new site style - hasn't someone stickied this yet 
Oops, seems I missed a post or two.
APC is taking the place of eAccelerator. APC does the same function, but supposedly does it at the PHP engine level making it the "preferred choice." Personally, I still use eAccelerator which can still be installed with `els --eaccelerator`. And yes, suhosin is a PHP security program.
APC is taking the place of eAccelerator. APC does the same function, but supposedly does it at the PHP engine level making it the "preferred choice." Personally, I still use eAccelerator which can still be installed with `els --eaccelerator`. And yes, suhosin is a PHP security program.
Hey BlueFusion:
I'm having a problem getting the script to finish.
It hangs right after:
Then it just sits there and does not finish.
System:
Can you suggest anything I can try???
Thanks
I'm having a problem getting the script to finish.
It hangs right after:
CODE
----------------------------------------------------------------------
Libraries have been installed in:
/usr/local/els/src/suhosin-0.9.18/modules
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,--rpath -Wl,LIBDIR' linker flag
- have your system administrator add LIBDIR to `/etc/ld.so.conf'
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
Build complete.
(It is safe to ignore warnings about tempnam and tmpnam).
/usr/local/lib/php.ini backed up as /usr/local/els/bakfiles/php.ini-suhosin-install.bak.
Libraries have been installed in:
/usr/local/els/src/suhosin-0.9.18/modules
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,--rpath -Wl,LIBDIR' linker flag
- have your system administrator add LIBDIR to `/etc/ld.so.conf'
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
Build complete.
(It is safe to ignore warnings about tempnam and tmpnam).
/usr/local/lib/php.ini backed up as /usr/local/els/bakfiles/php.ini-suhosin-install.bak.
Then it just sits there and does not finish.
System:
CODE
Pentium D 950 - 3.4GHz
Ram: 1 GB
Disk System: 2 x 250GB SATA II
Operating System: Red Hat Enterprise Linux - ES 4 (32 bit)
Control Panel Software: cPanel/WHM with Fantastico
Ram: 1 GB
Disk System: 2 x 250GB SATA II
Operating System: Red Hat Enterprise Linux - ES 4 (32 bit)
Control Panel Software: cPanel/WHM with Fantastico
Can you suggest anything I can try???
Thanks
Never mind.....
I skipped APC install and it got past the hang.
Thanks for the great script Rich
I skipped APC install and it got past the hang.
Thanks for the great script Rich
Hey. I cant install apc too.
It hangs:
Is there any way to solve it.
Also when i use any of els command i get:
On CentOS 4.2 + Plesk
It hangs:
QUOTE
configure.in:9: warning: underquoted definition of PHP_WITH_PHP_CONFIG
run info '(automake)Extending aclocal'
or see http://sources.redhat.com/automake/automak...tending-aclocal
configure.in:32: warning: underquoted definition of PHP_EXT_BUILDDIR
configure.in:33: warning: underquoted definition of PHP_EXT_DIR
configure.in:34: warning: underquoted definition of PHP_EXT_SRCDIR
configure.in:35: warning: underquoted definition of PHP_ALWAYS_SHARED
acinclude.m4:19: warning: underquoted definition of PHP_PROG_RE2C
configure.in:65: error: possibly undefined macro: AC_PROG_LIBTOOL
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
configure: error: cannot run /bin/sh ./config.sub
make: *** No targets specified and no makefile found. Stop.
mv: cannot stat `./modules/apc.so': No such file or directory
grep: /etc/php.d/apc.ini: No such file or directory
cp: cannot stat `/etc/php.d/apc.ini': No such file or directory
/etc/php.d/apc.ini backed up as /usr/local/els/bakfiles/php.ini-apc-install.bak.
sdsd\
run info '(automake)Extending aclocal'
or see http://sources.redhat.com/automake/automak...tending-aclocal
configure.in:32: warning: underquoted definition of PHP_EXT_BUILDDIR
configure.in:33: warning: underquoted definition of PHP_EXT_DIR
configure.in:34: warning: underquoted definition of PHP_EXT_SRCDIR
configure.in:35: warning: underquoted definition of PHP_ALWAYS_SHARED
acinclude.m4:19: warning: underquoted definition of PHP_PROG_RE2C
configure.in:65: error: possibly undefined macro: AC_PROG_LIBTOOL
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
configure: error: cannot run /bin/sh ./config.sub
make: *** No targets specified and no makefile found. Stop.
mv: cannot stat `./modules/apc.so': No such file or directory
grep: /etc/php.d/apc.ini: No such file or directory
cp: cannot stat `/etc/php.d/apc.ini': No such file or directory
/etc/php.d/apc.ini backed up as /usr/local/els/bakfiles/php.ini-apc-install.bak.
sdsd\
Is there any way to solve it.
Also when i use any of els command i get:
QUOTE
PHP Warning: Unknown(): Unable to load dynamic library '/usr/lib/php4/apc/apc.so' - /usr
/lib/php4/apc/apc.so: cannot open shared object file: No such file or directory in Unknow
n on line 0
/lib/php4/apc/apc.so: cannot open shared object file: No such file or directory in Unknow
n on line 0
On CentOS 4.2 + Plesk
I think that the problem is that the a program called to compile is not in the $PATH. I've ran it on servers without error, but others like yourself reported differently. I'm going to make it use full links to the binaries and see if that works.
posted twice by mistake, see below
Heres how to fix the following errors when running phpize...
configure.in:9: warning: underquoted definition of PHP_WITH_PHP_CONFIG
run info '(automake)Extending aclocal'
or see http://sources.redhat.com/automake/automak...tending-aclocal
configure.in:32: warning: underquoted definition of PHP_EXT_BUILDDIR
configure.in:33: warning: underquoted definition of PHP_EXT_DIR
configure.in:34: warning: underquoted definition of PHP_EXT_SRCDIR
configure.in:35: warning: underquoted definition of PHP_ALWAYS_SHARED
acinclude.m4:19: warning: underquoted definition of PHP_PROG_RE2C
> nano /usr/lib/php/build/phpize.m4
change lines 9, 32, 33, 34 and 35 so that the constants listed are surrounded by square brackets
ie,
AC_DEFUN(PHP_WITH_PHP_CONFIG,[
becomes
AC_DEFUN([PHP_WITH_PHP_CONFIG],[
> nano /usr/lib/php/build/acinclude.m4
change line 19 in the same way as above
Thanks to bizzar for this tip
http://www.ifoth.com/viewtopic.php?t=47&am...3efcb92815cb021
Carpii
configure.in:9: warning: underquoted definition of PHP_WITH_PHP_CONFIG
run info '(automake)Extending aclocal'
or see http://sources.redhat.com/automake/automak...tending-aclocal
configure.in:32: warning: underquoted definition of PHP_EXT_BUILDDIR
configure.in:33: warning: underquoted definition of PHP_EXT_DIR
configure.in:34: warning: underquoted definition of PHP_EXT_SRCDIR
configure.in:35: warning: underquoted definition of PHP_ALWAYS_SHARED
acinclude.m4:19: warning: underquoted definition of PHP_PROG_RE2C
> nano /usr/lib/php/build/phpize.m4
change lines 9, 32, 33, 34 and 35 so that the constants listed are surrounded by square brackets
ie,
AC_DEFUN(PHP_WITH_PHP_CONFIG,[
becomes
AC_DEFUN([PHP_WITH_PHP_CONFIG],[
> nano /usr/lib/php/build/acinclude.m4
change line 19 in the same way as above
Thanks to bizzar for this tip
http://www.ifoth.com/viewtopic.php?t=47&am...3efcb92815cb021
Carpii
QUOTE (Blue|Fusion @ May 22 2005, 11:58 PM)
A few of you may remember a few months back I started to learn Shell and Bash and made a script to automatically do some basic security things. Well lately, I have been puting some more time into it and here's what I came up with so far, although I usually add/edit a little something every once in a while to make it better (like all developers...except for Microsoft ).
<span style='color:orange'>Update April 14, 2006:
You can now call upon ELS with els --option OR /usr/local/els/els.sh --option.</span>
<span style='color:red'>Updated: December 21st, 2006
Current Version: 1.6.1-2</span>
Anyway, here's what it does:
-Install RKHunter
-Install RKHunter Cronjob which emails a user-set email address nightly
-Install/update APF
-Import old APF rules in an upgrade
-Add SM/TP monitoring IPs (view information on these in Orbit)
-Install/update BFD
-Install CHKROOTKIT
-Install CHKROOTKIT Cronjob which emails a user-set email address nightly
-Disable Telnet
-Force SSH Protocol 2
-Secure /tmp
-Secure /var/tmp
-Secure /dev/shm
-Install/update Zend Optimizer
-Install/update eAccelerator
-MySQL 4.0 4.1, 5.0 Configuration Optimization (cPanel only)
-Upgrade MySQL to 4.1 or 5.0 (cPanel only)
-Tweak WHM Settings for security and stability
-Configure RNDC if not already done (cPanel only)
-Change SSH port (also configure APF as necessary)
-Add wheel user and disable direct root login over SSH
-Optimize MySQL tables
-Install/update Libsafe
-Install/update ImageMagick (from latest source)
-Uninstall LAuS
-Harden sysctl.conf
-Install Chirpy's Free Exim Dictionary Attack ACL
-Dsable SELinux on cPanel servers
-Install mytop
-Renice MySQL
-Install Fantastico (cPanel and Fantastico license required)
And more!
You can also run it with the --updatesoftware option and it will automatically upgrade RKHunter, APF, and BFD to the latest version.
The downloaded tarballs of RKHunter, BFD, APF, and CHKROOTKIT are from my own repository, however they are unchanged from the original sites. You can confirm this with the MD5s if you wish.
RKHunter, APF, BFD, CHKROOTKIT, and other tarballs are checked for MD5 mismatches before extracting to ensure the downloads are not corrupted.
Better OS/binary checks are performed before any installing. If a necessary binary isn't present, it will stop before making any changes.
Backups of changed files are kept in /usr/local/els/bakfiles and all source files are are worked with in /usr/local/els/src to keep things more organized.
This script works best with Red Hat Enterprise Linux version 3 (Taroon Update 4 and 5) and with cPanel 10.x installed.
Please let me know if you have any problems with this script, or any additions you would like to see. I'm also not the best at coding so if you know how to code and you see a problem with it, please let me know.
You can download and execute this script by copying the following command:
The installer script will automatically download and check the md5sum of the tarball (which is only another 2 scripts), as well as make the /usr/local/els directory and subdirectories.
Please tell me what you think!
).<span style='color:orange'>Update April 14, 2006:
You can now call upon ELS with els --option OR /usr/local/els/els.sh --option.</span>
<span style='color:red'>Updated: December 21st, 2006
Current Version: 1.6.1-2</span>
Anyway, here's what it does:
-Install RKHunter
-Install RKHunter Cronjob which emails a user-set email address nightly
-Install/update APF
-Import old APF rules in an upgrade
-Add SM/TP monitoring IPs (view information on these in Orbit)
-Install/update BFD
-Install CHKROOTKIT
-Install CHKROOTKIT Cronjob which emails a user-set email address nightly
-Disable Telnet
-Force SSH Protocol 2
-Secure /tmp
-Secure /var/tmp
-Secure /dev/shm
-Install/update Zend Optimizer
-Install/update eAccelerator
-MySQL 4.0 4.1, 5.0 Configuration Optimization (cPanel only)
-Upgrade MySQL to 4.1 or 5.0 (cPanel only)
-Tweak WHM Settings for security and stability
-Configure RNDC if not already done (cPanel only)
-Change SSH port (also configure APF as necessary)
-Add wheel user and disable direct root login over SSH
-Optimize MySQL tables
-Install/update Libsafe
-Install/update ImageMagick (from latest source)
-Uninstall LAuS
-Harden sysctl.conf
-Install Chirpy's Free Exim Dictionary Attack ACL
-Dsable SELinux on cPanel servers
-Install mytop
-Renice MySQL
-Install Fantastico (cPanel and Fantastico license required)
And more!
You can also run it with the --updatesoftware option and it will automatically upgrade RKHunter, APF, and BFD to the latest version.
The downloaded tarballs of RKHunter, BFD, APF, and CHKROOTKIT are from my own repository, however they are unchanged from the original sites. You can confirm this with the MD5s if you wish.
RKHunter, APF, BFD, CHKROOTKIT, and other tarballs are checked for MD5 mismatches before extracting to ensure the downloads are not corrupted.
Better OS/binary checks are performed before any installing. If a necessary binary isn't present, it will stop before making any changes.
Backups of changed files are kept in /usr/local/els/bakfiles and all source files are are worked with in /usr/local/els/src to keep things more organized.
This script works best with Red Hat Enterprise Linux version 3 (Taroon Update 4 and 5) and with cPanel 10.x installed.
Please let me know if you have any problems with this script, or any additions you would like to see. I'm also not the best at coding so if you know how to code and you see a problem with it, please let me know.
You can download and execute this script by copying the following command:
CODE
wget --output-document=installer.sh http://servermonkeys.com/projects/els/installer.sh; chmod +x installer.sh; sh installer.sh
The installer script will automatically download and check the md5sum of the tarball (which is only another 2 scripts), as well as make the /usr/local/els directory and subdirectories.
Please tell me what you think!
ABSOLUTLY FANTASTIC.. I have had servers with (old) ev1 for 5 years and had to perform each step one at a time.. works great.. I am amazed! Rock Scarfone:biggrin:
Could anybody help. After i install ELS i have some problems with mysql on my CentOS + Plesk 8.1
I am reciving this error
ERROR: PleskFatalException
Unable to connect to database: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (111)
0: /usr/local/psa/admin/plib/common_func.php3:151
psaerror(string 'Unable to connect to database: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (111)')
1: /usr/local/psa/admin/auto_prepend/auth.php3:90
I am reciving this error
ERROR: PleskFatalException
Unable to connect to database: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (111)
0: /usr/local/psa/admin/plib/common_func.php3:151
psaerror(string 'Unable to connect to database: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (111)')
1: /usr/local/psa/admin/auto_prepend/auth.php3:90
Try moving /usr/local/bakfiles/my.cnf.bak to /etc/my.cnf and restart MySQL. See if that fixes the problem.
It looks like there is no my.cnf.bak in /usr/local/els/bakfiles/
OK, then the file should be named my.cnf in that same directory.
No my.cnf there 
I recive response from my support:
"
There isn't, checking into the other things that were changed. Likely the script errored on making the my.cnf backup but ran anyways. Not entirely sure this is even fixable atm. But working on it.
"
I recive response from my support:
"
There isn't, checking into the other things that were changed. Likely the script errored on making the my.cnf backup but ran anyways. Not entirely sure this is even fixable atm. But working on it.
"
Wanted to ask, is there any way this script would work on Freebsd? or if there is already a similar script out there?
Thanks.
Thanks.
This script does not support FreeBSD and I don't know of any FreeBSD ports or like scripts.
Will this script work with centos 5?
Script still works great for the most part. I got RHE5 and ran into some issues with the mysql optimization as well as the Chirrpy Dictionary Attack Script.
has anyone else used this on RHE5?
Z
p.s. Still saved me tons of time!
has anyone else used this on RHE5?
Z
p.s. Still saved me tons of time!
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.