Apache will not start

I started a post in the forum but now apache crashed and will not restart. ( i will close that thread) I get this error:

Failed to re-start service : Starting httpd: Syntax error on line 54 of /etc/httpd/conf.d/ssl.conf: SSLRandomSeed: source path '/dev/urandom' does not exist [FAILED]

In searching google i found this (below) for this error (from 2005) but do not know if this will fix. Any thoughts on what happened here?

CONFIGURING If your system does not have /dev/random and /dev/urandom created already, they can be created with the following commands:

mknod -m 644 /dev/random c 1 8 mknod -m 644 /dev/urandom c 1 9 chown root:root /dev/random /dev/urandom

Thank you.



What kind of system is this .. a virtual machine, or real hardware? VMs are sometimes missing these random device files.

Also, does creating /dev/random with that mknod command help?

This is a dedicated box, not a vps. I also just realized that SSH has stopped and i cannot ssh into it either...

Howdy -- I'm not sure why /dev/urandom would be removed, that's a device that should exist on Linux systems.

Are you on a VPS, or a dedicated server?

And what does this command output, do you receive an error:

ls -l /dev/urandom

However, if that one missing device the only thing wrong -- re-creating it should fix it, and the command you shared above should correctly re-create it.

I'd only re-create /dev/urandom though, unless /dev/random is missing too

Will the command shell in the UI be able to do that since i have no SSH access now?

OK through the command shell i believe i was able to recreate them. However, apache restarted but SSH is still not responsive.

Well, I'm not entirely certain what would work, as I'm not sure of the scope of the problem at the moment.

But if you can't access SSH, you could certainly try the command shell that you mentioned in Webmin -> Others -> Command Shell, and run the mknod command to create /dev/urandom.

Are you able to restart SSH using Virtualmin? If not, what error do you receive when you try?

OK, via Command Shell:

ls -l /dev/urandom crw-r--r-- 1 root root 1, 9 Feb 7 21:59 /dev/urandom ls -l /dev/random crw-r--r-- 1 root root 1, 8 Feb 7 22:01 /dev/random

--When i got to the system info page and click on the "start SSH" arrow the screen just seems to refresh - no error, but it still shows as stopped...

And via Command Shell:

service sshd start Starting sshd: [ OK ]

BUT is still isnt started even though it says OK...

It may be failing to start for the same reason (random device not working). Check the end of the log file /var/log/messages for any errors from sshd ..

Yeah, Jamie may be right on there -- and since SSH isn't working, you can view the log files by going into Webmin -> System -> System Logs.

Nothing in /var/log/messages except some resolution errors.. nothing from sshd at all

Also: if i run /usr/sbin/sshd there is no output at all....

> whereis sshd
sshd: /usr/sbin/sshd /usr/share/man/man8/sshd.8.gz
> /usr/sbin/sshd

Do you think doing a ssh re-install "yum openssh install" would help any?

Hold the phone:

I am almost positive there should be more files in /dev/ than this:

> ls /dev/

Wow, on my other server (same hardware and os, running vmin etc.) i have this:

[root@mail01 ~]# ls /dev/
block            loop5               ram3      tty10  tty38  tty8
bsg              loop6               ram4      tty11  tty39  tty9
bus              loop7               ram5      tty12  tty4   ttyS0
cdrom            lp0                 ram6      tty13  tty40  ttyS1
char             lp1                 ram7      tty14  tty41  ttyS2
console          lp2                 ram8      tty15  tty42  ttyS3
core             lp3                 ram9      tty16  tty43  urandom
cpu              MAKEDEV             random    tty17  tty44  usbmon0
cpu_dma_latency  mapper              raw       tty18  tty45  usbmon1
crash            mcelog              root      tty19  tty46  usbmon2
disk             mem                 rtc       tty2   tty47  usbmon3
dm-0             net                 rtc0      tty20  tty48  usbmon4
dm-1             network_latency     scd0      tty21  tty49  vcs
dm-2             network_throughput  sda       tty22  tty5   vcs1
dri              null                sda1      tty23  tty50  vcs2
fb               nvram               sda2      tty24  tty51  vcs3
fb0              oldmem              sg0       tty25  tty52  vcs4
fd               port                sg1       tty26  tty53  vcs5
full             ppp                 sg2       tty27  tty54  vcs6
fuse             ptmx                sg3       tty28  tty55  vcsa
hpet             pts                 shm       tty29  tty56  vcsa1
hvc0             ram0                snapshot  tty3   tty57  vcsa2
input            ram1                sr0       tty30  tty58  vcsa3
kmsg             ram10               stderr    tty31  tty59  vcsa4
log              ram11               stdin     tty32  tty6   vcsa5
loop0            ram12               stdout    tty33  tty60  vcsa6
loop1            ram13               systty    tty34  tty61  vga_arbiter
loop2            ram14               tty       tty35  tty62  vg_mail01
loop3            ram15               tty0      tty36  tty63  watchdog
loop4            ram2                tty1      tty37  tty7   zero
[root@mail01 ~]#

An sshd re-install probably wouldn't help. A reboot might, assuming you have access to the console in case remote access isn't possible after the reboot.

Do you think a reboot would rebuild the missing files per post #13? I have never seen this before..

I am remote so no console but it wont be the end of the world - my data center has remote hands if required. Thx

Well, we're not sure what the problem is or how this might have happened -- however, some systems will regenerate the device files upon reboot.

If a reboot doesn't fix it, it sounds like you're going to need someone with console access anyhow to resolve what's going on.

OK no problem.. this server has given me problems from day one - i am about to toss it in the dumpster. i will try a reboot and go from there. I appreciate it guys.

OK! Well the reboot did re-build the files and apache / sshd are both running.. BUT now i am back to BIND not running but it must be from the cpanel migrated servers... (all of them)

This is the error returned.. Could you assist me in troubleshooting this? Thx...

Failed to start service : Failed to start BIND : Starting named: Error in named configuration: zone localhost.localdomain/IN: loaded serial 0 zone localhost/IN: loaded serial 0 zone loaded serial 0 zone loaded serial 0 zone 0.in-addr.arpa/IN: loaded serial 0 zone neweffectit.net/IN: loaded serial 1328393968 /var/named/scottkappler.com.hosts:21: www.*.scottkappler.com: bad owner name (check-names) /var/named/scottkappler.com.hosts:22: ftp.*.scottkappler.com: bad owner name (check-names) /var/named/scottkappler.com.hosts:23: m.*.scottkappler.com: bad owner name (check-names) /var/named/scottkappler.com.hosts:24: localhost.*.scottkappler.com: bad owner name (check-names) /var/named/scottkappler.com.hosts:25: webmail.*.scottkappler.com: bad owner name (check-names) /var/named/scottkappler.com.hosts:26: admin.*.scottkappler.com: bad owner name (check-names) /var/named/scottkappler.com.hosts:27: mail.*.scottkappler.com: bad owner name (check-names) dns_rdata_fromtext: /var/named/scottkappler.com.hosts:28: near 'mail.*.scottkappler.com.': bad name (check-names) zone scottkappler.com/IN: loading from master file /var/named/scottkappler.com.hosts failed: bad owner name (check-names) zone scottkappler.com/IN: not loaded due to errors. _default/scottkappler.com/IN: bad owner name (check-names) zone whatacutiecuts.com/IN: loaded serial 1328595852 zone sillysnips.com/IN: loaded serial 1328595852 zone whatacutiecuts.us/IN: loaded serial 1328595852 zone chateauforest.com/IN: loaded serial 1328638811 zone cnetreport.com/IN: loaded serial 1328641169 zone kapplerholdings.com/IN: loaded serial 1328641241 zone neweffectit.com/IN: loaded serial 1328641432 zone conservativetarget.com/IN: loaded serial 1328641757 zone conservativetarget.org/IN: loaded serial 1328641757 zone conservativetarget.us/IN: loaded serial 1328641757 zone datacenterbrief.com/IN: loaded serial 1328641889 zone heavenlyaffaire.com/IN: loaded serial 1328641928 [FAILED]

Here is the hosts file but i dont see anything about the owner name?

[root@host01 ~]# cat /var/named/scottkappler.com.hosts
$ttl 38400
@       IN      SOA     ns1.neweffectit.net. root.ns1.neweffectit.net. (
                        38400 )
@       IN      NS      ns1.neweffectit.net.
@       IN      NS      ns2.neweffectit.net.
scottkappler.com.       IN      A
www.scottkappler.com.   IN      A
ftp.scottkappler.com.   IN      A
m.scottkappler.com.     IN      A
localhost.scottkappler.com.     IN      A
webmail.scottkappler.com.       IN      A
admin.scottkappler.com. IN      A
mail.scottkappler.com.  IN      A
scottkappler.com.       IN      MX      5 mail.scottkappler.com.
scottkappler.com.       IN      TXT     "v=spf1 a mx a:scottkappler.com ip4: ?all"
*.scottkappler.com.     IN      A
www.*.scottkappler.com. IN      A
ftp.*.scottkappler.com. IN      A
m.*.scottkappler.com.   IN      A
localhost.*.scottkappler.com.   IN      A
webmail.*.scottkappler.com.     IN      A
admin.*.scottkappler.com.       IN      A
mail.*.scottkappler.com.        IN      A
*.scottkappler.com.     IN      MX      5 mail.*.scottkappler.com.
cv.scottkappler.com.    IN      A
www.cv.scottkappler.com.        IN      A
ftp.cv.scottkappler.com.        IN      A
m.cv.scottkappler.com.  IN      A
localhost.cv.scottkappler.com.  IN      A
webmail.cv.scottkappler.com.    IN      A
admin.cv.scottkappler.com.      IN      A
mail.cv.scottkappler.com.       IN      A
cv.scottkappler.com.    IN      MX      5 mail.cv.scottkappler.com.
[root@host01 ~]#

To get BIND up and running, you may want to comment out or delete the line numbers in that file that it's showing you in the error message, and then restart BIND.

It looks like BIND doesn't like some of those wildcard DNS entries.

ahhh... that makes sense.. and you were correct - the wildcards carried over from the cpanel migration were the culprit.. The strange thing is i dont even know where those came from.. but oh well, now that this is up i am completely finished with cpanel..

Thanks again. By the way, my other server has been working fantastic and i am loving virtualmin overall. I will be getting one more license now too. Thanks again for all your help. It should be smooth sailing from here..

Jamie, I think what happened during his cPanel migration is that Virtualmin added the usual aliases (www, ftp, webmail, admin, etc) to a wildcard DNS entry, which doesn't appear to be valid. That is, he ended up with DNS records like "www.*.domain.tld", which BIND didn't like.

When importing a wildcard DNS entry, would it be possible to skip adding the additional DNS aliases to that?

Yeah, importing those wildcard domains as actual Virtualmin domains looks like a bug to me .. they should really be skipped. I'll fix this in the next Virtualmin release (3.91).