Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
DNS / Re: Permission problem when restarting BIND DNS Server
« on: July 26, 2024, 11:45:27 AM »
Thank you I have no idea how that happened.
Migration burp?
Had I looked that would have stuck out like a sore thumb. I just never thought that could have been an issue.
Migration burp?
Had I looked that would have stuck out like a sore thumb. I just never thought that could have been an issue.
2
DNS / Re: Permission problem when restarting BIND DNS Server
« on: July 26, 2024, 02:03:58 AM »
File permissions
Quote
ls -l /etc/named*
-rw-r----- 1 root named 2754 Jul 25 18:21 /etc/named.conf
-rw-r----- 1 root named 1029 May 23 06:35 /etc/named.rfc1912.zones
-rw-r--r-- 1 root named 1070 May 23 06:35 /etc/named.root.key
Quote
[root@hostnames etc]# ls -l /var/named/*
-rw-r--r-- 1 root root 1296 Jul 25 17:30 /var/named/myurl4here.org.db
-rw-r--r-- 1 root root 1296 Jul 25 17:30 /var/named/hostnames.myurl4here.org
-rw-r----- 1 root named 2112 May 23 06:35 /var/named/named.ca
-rw-r----- 1 root named 152 May 23 06:35 /var/named/named.empty
-rw-r----- 1 root named 152 May 23 06:35 /var/named/named.localhost
-rw-r----- 1 root named 168 May 23 06:35 /var/named/named.loopback
-rw-r--r-- 1 root root 530 Jul 25 17:30 /var/named/ns1.myurl4here.org.db
-rw-r--r-- 1 root root 530 Jul 25 17:30 /var/named/ns2.myurl4here.org.db
-rw-r--r-- 1 root root 1065 May 23 07:03 /var/named/myotherurl.org.db
/var/named/data:
total 708
-rw-r--r-- 1 named named 272120 Jul 25 14:12 named.run
-rw-r--r-- 1 named named 208430 Jun 30 03:10 named.run-20240630
-rw-r--r-- 1 named named 41028 Jul 7 03:48 named.run-20240707
-rw-r--r-- 1 named named 127862 Jul 14 03:19 named.run-20240714
-rw-r--r-- 1 named named 47067 Jul 21 03:29 named.run-20240721
/var/named/dynamic:
total 8
-rw-r--r-- 1 named named 821 Jul 25 03:30 managed-keys.bind
-rw-r--r-- 1 named named 1180 Jul 25 11:17 managed-keys.bind.jnl
/var/named/slaves:
total 0
/var/named/tmp:
total 0
3
DNS / Re: Permission problem when restarting BIND DNS Server
« on: July 26, 2024, 01:57:31 AM »
If I run status here is the response
named-checkconfig doesn't see an error
Quote
[root@hostnames etc]# systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Thu 2024-07-25 18:48:28 PDT; 22s ago
Process: 29276 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=1/FAILURE)
Process: 29273 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo>
Jul 25 18:48:28 myurl4here.org named[29277]: using 15 UDP listeners per interface
Jul 25 18:48:28 myurl4here.org named[29277]: using up to 21000 sockets
Jul 25 18:48:28 myurl4here.org named[29277]: loading configuration from '/etc/named.conf'
Jul 25 18:48:28 myurl4here.org named[29277]: /etc/named.conf:13: change directory to '/var/named' failed: permission denied
Jul 25 18:48:28 myurl4here.org named[29277]: /etc/named.conf:13: parsing failed: permission denied
Jul 25 18:48:28 myurl4here.org named[29277]: loading configuration: permission denied
Jul 25 18:48:28 myurl4here.org named[29277]: exiting (due to fatal error)
Jul 25 18:48:28 myurl4here.org systemd[1]: named.service: Control process exited, code=exited status=1
Jul 25 18:48:28 myurl4here.org systemd[1]: named.service: Failed with result 'exit-code'.
Jul 25 18:48:28 myurl4here.org systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
named-checkconfig doesn't see an error
Quote
[root@hostnames etc]# named-checkconf -z /etc/named.conf
zone localhost.localdomain/IN: loaded serial 0
zone localhost/IN: loaded serial 0
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone 0.in-addr.arpa/IN: loaded serial 0
zone ns1.myurl4here.org/IN: loaded serial 2013071600
zone ns2.myurl4here.org/IN: loaded serial 2013071600
zone hostnames.myurl4here.org/IN: loaded serial 2024042563
zone myurl4here.org /IN: loaded serial 2024052362
zone myotherurl.org/IN: loaded serial 2024052362
4
DNS / Permission problem when restarting BIND DNS Server
« on: July 25, 2024, 11:39:40 PM »
I have a server that is running with 5 accounts that were manually added. Today I had to add the last 2 accounts to it. For those accounts I used the cpanel to CWP migration method. The account imported fine but the dns records in one of them were botched. They referenced the old nameservers.
I used the rebuild zone button and that looked like it should have fixed the issue but the one zone still would not get an IP Address.
So I did the dumb thing and restarted BIND DNS Server from the Dashboard. It stopped it fine but when it tries to start it there is a permission issue.
I am not sure what I broke or how to fix it.
I used the rebuild zone button and that looked like it should have fixed the issue but the one zone still would not get an IP Address.
So I did the dumb thing and restarted BIND DNS Server from the Dashboard. It stopped it fine but when it tries to start it there is a permission issue.
I am not sure what I broke or how to fix it.
Quote
Jul 25 16:30:58 myurl4here.org named[9558]: loading configuration from '/etc/named.conf'
Jul 25 16:30:58 myurl4here.org named[9558]: /etc/named.conf:13: change directory to '/var/named' failed: permission denied
Jul 25 16:30:58 myurl4here.org named[9558]: /etc/named.conf:13: parsing failed: permission denied
Jul 25 16:30:58 myurl4here.org named[9558]: loading configuration: permission denied
Jul 25 16:30:58 myurl4here.org named[9558]: exiting (due to fatal error)
Jul 25 16:30:58 myurl4here.org systemd[1]: named.service: Control process exited, code=exited status=1
Jul 25 16:30:58 myurl4here.org systemd[1]: named.service: Failed with result 'exit-code'.
5
CSF Firewall / Re: Suspicious File Alert
« on: April 23, 2024, 06:28:10 PM »
In the end I just backed up the contents of the .root_0f8430_salt folder and then deleted it off the server.
I have yet to have anything complain about that action.
I have yet to have anything complain about that action.
6
CSF Firewall / Re: Suspicious File Alert
« on: April 19, 2024, 11:39:26 AM »
Looks like everything related to these tmp files was written on April 5th. 4 days before I got the server.
This is the logs
This is the logs
Code: [Select]
2024-04-05 02:45:24,425 [salt.loaded.int.module.pkg_resource:133 ][WARNING ][2158] 'version' argument will be ignored for multipl$
2024-04-05 02:45:27,521 [salt.loaded.int.module.pkg_resource:133 ][WARNING ][2158] 'version' argument will be ignored for multipl$
Code: [Select]
root 133 0.0 0.0 0 0 ? I< Apr10 0:00 [crypto]
7
CSF Firewall / Re: Suspicious File Alert
« on: April 19, 2024, 11:17:44 AM »
2 process that might have created the file. Both appear to be related to my host. I even opened a ticket with them to ask about this file alert and they said it was not theirs.
Code: [Select]
root 1357 0.0 0.0 346844 30000 ? Ss Apr10 0:00 /opt/saltstack/salt/bin/python3.10 /usr/bin/salt-minion -c /opt/imh-salt/ --pid-file=/var/run/inmotion-minion.pid
root 1826 0.0 0.0 969960 71564 ? Sl Apr10 6:50 /opt/saltstack/salt/bin/python3.10 /usr/bin/salt-minion -c /opt/imh-salt/ --pid-file=/var/run/inmotion-minion.pid MultiMinionProcessMa
9
CSF Firewall / Suspicious File Alert
« on: April 18, 2024, 03:32:40 PM »
I setup a new server last week and since I got the DNS to resolve correct (allowing it to send emails) I keep getting these 2 messages.
Note that I do not have this issue with my other install of CWP.
Time: Thu Apr 18 08:05:23 2024 -0700
File: /var/tmp/.root_0f8430_salt/pyall/certifi/core.py
Reason: Script, file extension
Owner: root:root (0:0)
Action: No action taken
Time: Thu Apr 18 08:05:23 2024 -0700
File: /var/tmp/.root_0f8430_salt/pyall/salt/grains/core.py
Reason: Script, file extension
Owner: root:root (0:0)
Action: No action taken
I scanned that directory with CalmAV and it found nothing.
Here is the file structure of the .root_0f8430_salt directory.
[root@ .root_0f8430_salt]# ls -l
total 52
-rw-r--r-- 1 root root 65 Apr 5 02:45 code-checksum
-rw-r--r-- 1 salt salt 40 Apr 1 20:23 ext_version
-rw-r--r-- 1 root root 13 Apr 5 02:45 grains
-rw-r--r-- 1 root root 158 Apr 5 02:45 minion
drwx------ 9 root root 4096 Apr 5 02:45 py3
drwx------ 6 root root 4096 Apr 5 02:45 pyall
drwx------ 3 root root 4096 Apr 5 02:45 running_data
-rw-r--r-- 1 root root 757 Apr 5 02:45 salt-call
-rw------- 1 root root 8629 Apr 5 02:45 salt_state.tgz
-rw-r--r-- 1 root root 8 Apr 5 02:45 supported-versions
-rw-r--r-- 1 root root 6 Apr 5 02:45 version
[root@ .root_0f8430_salt]#
Note that I do not have this issue with my other install of CWP.
Time: Thu Apr 18 08:05:23 2024 -0700
File: /var/tmp/.root_0f8430_salt/pyall/certifi/core.py
Reason: Script, file extension
Owner: root:root (0:0)
Action: No action taken
Time: Thu Apr 18 08:05:23 2024 -0700
File: /var/tmp/.root_0f8430_salt/pyall/salt/grains/core.py
Reason: Script, file extension
Owner: root:root (0:0)
Action: No action taken
I scanned that directory with CalmAV and it found nothing.
Here is the file structure of the .root_0f8430_salt directory.
[root@ .root_0f8430_salt]# ls -l
total 52
-rw-r--r-- 1 root root 65 Apr 5 02:45 code-checksum
-rw-r--r-- 1 salt salt 40 Apr 1 20:23 ext_version
-rw-r--r-- 1 root root 13 Apr 5 02:45 grains
-rw-r--r-- 1 root root 158 Apr 5 02:45 minion
drwx------ 9 root root 4096 Apr 5 02:45 py3
drwx------ 6 root root 4096 Apr 5 02:45 pyall
drwx------ 3 root root 4096 Apr 5 02:45 running_data
-rw-r--r-- 1 root root 757 Apr 5 02:45 salt-call
-rw------- 1 root root 8629 Apr 5 02:45 salt_state.tgz
-rw-r--r-- 1 root root 8 Apr 5 02:45 supported-versions
-rw-r--r-- 1 root root 6 Apr 5 02:45 version
[root@ .root_0f8430_salt]#
Pages: [1]
