Quota showing “Unlimited ” in WHM or cPanel : Openvz vps

We need to enable 2 type of quota in Virtuozzo Virtual Private Server (VPS). The quota will show correctly only if both quotas are enabled.

1. Per-container, or first-level, quotas allow system administrators to control the sizes of VPS file systems by limiting the amount of disk space and the number of inodes a Virtual Server (also called a Container) can use.

To see whether first-level quotas have already been enabled, issue the following command:

#vzquota show Container_ID

2. Per-user and per-group, or second-level, quotas enable the Virtual Server administrator to limit the amount of disk space and the number of inodes that users and groups within the VPS can use.

Second-level disk quotas are controlled by the QUOTAUGIDLIMIT parameter in the Container configuration file.

By default, the value of this parameter is zero, which disables per-user/group quotas. To view the parameter, issue the command:

#grep -i QUOTAUGIDLIMIT /etc/sysconfig/vz-scripts/CT_ID.conf

If you get an empty result, or a result of zero, second-level quotas are not supported by this environment.

If you need to enable the secod level quoata, then you need to give non zero value to QUOTAUGIDLIMIT. This value must be greater than or equal to the number of entries in the Container /etc/passwd and /etc/group files.

#wc -l /vz/root/101/etc/{passwd,group}

Assume 101 is the container ID.

The above command will show the count of /etc/passwd and /etc/group. We need to give the value which is more than the sum of lines of both files.

#vzctl set 101 –quotaugidlimit 100 –save

Here 100 is the value. (For eg:  /etc/passwd has 50 lines and /etc/group has 40 lines)

Then restart the container and check whether the quotas are shown properly in the WHM. If it is not shown then proceed to next steps.

Inside VPS,

#cd /

#ll aquota.group
#ll aquota.user

The result will be somthing like this.

lrwxr-xr-x     1 root root    39 Jun  8 17:27 aquota.group -> /proc/vz/vzaquota/00000073/aquota.group
lrwxr-xr-x     1 root root    38 Jun  8 17:27 aquota.user -> /proc/vz/vzaquota/00000073/aquota.user

The result of these being overwritten will be WHM showing “unlimited” quota reports for all users in the system. An quick solution to this is to run these commands from within the VE as root:

#rm -f /aquota.user 2>/dev/null

#rm -f /aquota.group 2>/dev/null

#for x in `find /proc/vz/vzaquota/ | tail -2 `; do ln -s $x / ; done

Still the issue is not fixed,

Then issue below command in vps server.

#/scripts/fixquotas

Normally this will fix the issue. If you are getting below error while running the fixquota then proceed with next step.

“edquota: Quota write failed (id 502): Invalid argument”

#quotacheck -vagum

#/scripts/fixquotas

Still you are getting error in fixquota, then we can fix the issue by recreating  /dev/simfs

====

#rm -rf /dev/simfs

#_numero=$(stat / –format %d)

#mknod /dev/simfs b $((${_numero} / 256)) $((${_numero} % 256))

====

or

===

 

rm -f /dev/simfs

n=$(stat / --format %d)

mknod /dev/simfs b $((${n} / 256)) $((${n} % 256))
 ===
Hope this will fix the issue.
Advertisements

Internal server error : File size limit exceeded: cPanel server

Sometimes, it happens that when you try to access your domain  in a web browser you will  get a 500 Internal Server Error and after checking all  the permissions and ownerships for all  files and folders under that domain  you will find  that everything is correct but still  getting that error in  the browser.

But when you try  to manually execute the php file from  the server using the php command, you will get below error.

==

File size limit exceeded

==

The reason  for that error is that one of the file probably a log file under that domain exceeds to  2 GB and  by default Apache has setting enabled, to display 500 Internal  Server Error if  in case any file under a domain 

You can find the files that are having huge size by issuing below command.

==

find ./ -size +100M

==

The issue will be resolved by clearing the log file.

Thank you.

 

Mod Security whitelist issue

Mod_security issue.

I was able to whitelist the pattern match for a domain with a rule ID or whitelist the domain completely using either of the following added to /usr/local/apache/conf/whitelist.conf

SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,ctl:ruleRemoveById=600161

SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,ctl:ruleEngine=off

Nowadays, after adding it, when you restart httpd, if you are getting an error as follows,

Syntax error on line 12 of /usr/local/apache/conf/whitelist.conf:
ModSecurity: No action id present within the rule

You need to add something like this,

SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,id:445000,ctl:ruleEngine=off, —> This will whitelist the domain completely in Mod Security

or

SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,id:445000,ctl:ruleRemoveById=600161 —> This will whitelist the domain for a specific rule ID, say 600161.

instead of

SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,ctl:ruleEngine=off, or

SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,ctl:ruleRemoveById=600161

You can refer the details at http://cpanel.net/modsecurity-changes/

You can use the ID range, 440.000-599,999(which is unreserved)

You can get the details on ID’s athttp://docs.cpanel.net/twiki/bin/view/AllDocumentation/EasyapacheModsecurity

If the ID already exists for any other rule, you need to change it with a new unused one, otherwise the ModSecurity along with apache will not get start.

Thank you.