Quota showing “Unlimited ” in WHM or cPanel : Openvz vps

We need to enable 2 type of quota in Virtuozzo Virtual Private Server (VPS). The quota will show correctly only if both quotas are enabled.

1. Per-container, or first-level, quotas allow system administrators to control the sizes of VPS file systems by limiting the amount of disk space and the number of inodes a Virtual Server (also called a Container) can use.

To see whether first-level quotas have already been enabled, issue the following command:

#vzquota show Container_ID

2. Per-user and per-group, or second-level, quotas enable the Virtual Server administrator to limit the amount of disk space and the number of inodes that users and groups within the VPS can use.

Second-level disk quotas are controlled by the QUOTAUGIDLIMIT parameter in the Container configuration file.

By default, the value of this parameter is zero, which disables per-user/group quotas. To view the parameter, issue the command:

#grep -i QUOTAUGIDLIMIT /etc/sysconfig/vz-scripts/CT_ID.conf

If you get an empty result, or a result of zero, second-level quotas are not supported by this environment.

If you need to enable the secod level quoata, then you need to give non zero value to QUOTAUGIDLIMIT. This value must be greater than or equal to the number of entries in the Container /etc/passwd and /etc/group files.

#wc -l /vz/root/101/etc/{passwd,group}

Assume 101 is the container ID.

The above command will show the count of /etc/passwd and /etc/group. We need to give the value which is more than the sum of lines of both files.

#vzctl set 101 –quotaugidlimit 100 –save

Here 100 is the value. (For eg:  /etc/passwd has 50 lines and /etc/group has 40 lines)

Then restart the container and check whether the quotas are shown properly in the WHM. If it is not shown then proceed to next steps.

Inside VPS,

#cd /

#ll aquota.group
#ll aquota.user

The result will be somthing like this.

lrwxr-xr-x     1 root root    39 Jun  8 17:27 aquota.group -> /proc/vz/vzaquota/00000073/aquota.group
lrwxr-xr-x     1 root root    38 Jun  8 17:27 aquota.user -> /proc/vz/vzaquota/00000073/aquota.user

The result of these being overwritten will be WHM showing “unlimited” quota reports for all users in the system. An quick solution to this is to run these commands from within the VE as root:

#rm -f /aquota.user 2>/dev/null

#rm -f /aquota.group 2>/dev/null

#for x in `find /proc/vz/vzaquota/ | tail -2 `; do ln -s $x / ; done

Still the issue is not fixed,

Then issue below command in vps server.

#/scripts/fixquotas

Normally this will fix the issue. If you are getting below error while running the fixquota then proceed with next step.

“edquota: Quota write failed (id 502): Invalid argument”

#quotacheck -vagum

#/scripts/fixquotas

Still you are getting error in fixquota, then we can fix the issue by recreating  /dev/simfs

====

#rm -rf /dev/simfs

#_numero=$(stat / –format %d)

#mknod /dev/simfs b $((${_numero} / 256)) $((${_numero} % 256))

====

or

===

 

rm -f /dev/simfs

n=$(stat / --format %d)

mknod /dev/simfs b $((${n} / 256)) $((${n} % 256))
 ===
Hope this will fix the issue.

Internal server error : File size limit exceeded: cPanel server

Sometimes, it happens that when you try to access your domain  in a web browser you will  get a 500 Internal Server Error and after checking all  the permissions and ownerships for all  files and folders under that domain  you will find  that everything is correct but still  getting that error in  the browser.

But when you try  to manually execute the php file from  the server using the php command, you will get below error.

==

File size limit exceeded

==

The reason  for that error is that one of the file probably a log file under that domain exceeds to  2 GB and  by default Apache has setting enabled, to display 500 Internal  Server Error if  in case any file under a domain 

You can find the files that are having huge size by issuing below command.

==

find ./ -size +100M

==

The issue will be resolved by clearing the log file.

Thank you.

 

Repair, Restore, or Reinstall Grub 2 with a Ubuntu Live CD or USB

We can easily reinstall grub using live cd.

Mount the partition your Ubuntu Installation is on. If you are not sure which it is, launch GParted (included in the Live CD) and find out. It is usually a EXT4 Partition. Replace the XY with the drive letter, and partition number, for example: sudo mount /dev/sda7 /mnt.

#sudo mount /dev/sdXY /mnt

Now bind the directories that grub needs access to to detect other operating systems, like so:

#sudo mount –bind /dev /mnt/dev && sudo mount –bind /dev/pts /mnt/dev/pts && sudo mount –bind /proc /mnt/proc && sudo mount –bind /sys /mnt/sys

Now we jump into that using chroot.

#sudo chroot /mnt

Now install, check, and update grub.

This time you only need to add the drive letter (usually a) to replace X, for example: grub-install /dev/sda, grub-install –recheck /dev/sda

#grub-install /dev/sdX

#grub-install --recheck /dev/sdX

#update-grub

Now grub is back, all that is left is to exit the chrooted system and unmount everything.

#exit && sudo umount /mnt/dev && sudo umount /mnt/dev/pts && sudo umount /mnt/proc && sudo umount /mnt/sys && sudo umount /mnt

Now reboot the system from live cd and remove live cd or usb. This will restore your grub.

Mod Security whitelist issue

Mod_security issue.

I was able to whitelist the pattern match for a domain with a rule ID or whitelist the domain completely using either of the following added to /usr/local/apache/conf/whitelist.conf

SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,ctl:ruleRemoveById=600161

SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,ctl:ruleEngine=off

Nowadays, after adding it, when you restart httpd, if you are getting an error as follows,

Syntax error on line 12 of /usr/local/apache/conf/whitelist.conf:
ModSecurity: No action id present within the rule

You need to add something like this,

SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,id:445000,ctl:ruleEngine=off, —> This will whitelist the domain completely in Mod Security

or

SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,id:445000,ctl:ruleRemoveById=600161 —> This will whitelist the domain for a specific rule ID, say 600161.

instead of

SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,ctl:ruleEngine=off, or

SecRule SERVER_NAME “domain.com” phase:1,nolog,allow,ctl:ruleRemoveById=600161

You can refer the details at http://cpanel.net/modsecurity-changes/

You can use the ID range, 440.000-599,999(which is unreserved)

You can get the details on ID’s athttp://docs.cpanel.net/twiki/bin/view/AllDocumentation/EasyapacheModsecurity

If the ID already exists for any other rule, you need to change it with a new unused one, otherwise the ModSecurity along with apache will not get start.

Thank you.