Re-Installing Virtualmin Pro without using Script

29 posts / 0 new
Last post
#1 Mon, 02/27/2012 - 22:46
jflesher

Re-Installing Virtualmin Pro without using Script

I have a live system that had a failded install due to a problem with php53, and now I doubt the integrity of the system, even though it is working, I have had far to many issues, and would like to find a way or script, that will make sure everthing is installed right, without damaging the installation of a Live server.

I have two servers up at the moment, so I could change all the ip's over to the backup server, then move or copy home some where else, but its 160 GB and 50 Domains which is why I'd like to avoid this, but I don't think a new install will get past the php53 problem, so I kind of gave up on a clean install, but it should be possible just to make sure all the services are installed correctly, one in question is the Email SMTP server is not allowing me to send mail, which I could open a thread on that one item, but this is chasing a ghost, I don't even know if this is installled correctly, some times when I run Re-Check Configuration, I get this Error: Virtualmin is configured to setup DNS zones, but this system is not setup to use itself as a DNS server I can add in 127.0.0.1 and rerun the test and it will pass, but next reboot and I'm back in the same place, I don't think it installed correctly.

Thanks

Tue, 02/28/2012 - 06:29
andreychek

I have had far to many issues, and would like to find a way or script, that will make sure everthing is installed right, without damaging the installation of a Live server

There's not really a way to do that; but we can certainly look into the issues you're having, and see if they appear to be solvable issues, or larger installation issues (which may also be solvable).

but I don't think a new install will get past the php53 problem, so I kind of gave up on a clean install,

We've unfortunately still been unable to reproduce the problems you're seeing on a new installation of CentOs 6, and no one else has reported those issues when running the install.sh.

this system is not setup to use itself as a DNS server I can add in 127.0.0.1 and rerun the test and it will pass, but next reboot and I'm back in the same place, I don't think it installed correctly.

This is actually a fairly common issue, and isn't an installation problem. It just means you're likely using DHCP to obtain your IP address, and when that occurs, it's overwriting your current /etc/resolv.conf settings anytime a new IP is obtained.

There's details on resolving that here:

http://www.virtualmin.com/documentation/dns/faq

one in question is the Email SMTP server is not allowing me to send mail, which I could open a thread on that one item, but this is chasing a ghost,

I'd be happy to assist with that issue if you like, just let us know what error you're receiving, what port you're using to send mail (25, 465, or 587), and what, if any, errors you're seeing in /var/log/maillog.

-Eric

Tue, 02/28/2012 - 15:06 (Reply to #2)
jflesher

Just to set the record right: I'm using CentOS 5.7

Lets start with DNS, this is hosed, and its been a while since I had to deal with DNS, so here is how I have my system configured:

I'm using Godaddy as my Registrar
I'm hosting on myhosting.com VPS account with CentOS 5.7
I have 50 Domains with shared static IP, and one SSL site on its own IP

Not all my Domains are using the same DNS server, Should I change them to all be the same server?

Should I use Godaddy's DNS server, or setup pointers to the host server?

Is there a step by step guild on your web site for setting up DNS, I could not find one.

Jeffrey Scott Flesher
Medically Retired Gulf War Vet

Tue, 02/28/2012 - 20:39 (Reply to #3)
jflesher

Email error:

Feb 28 14:50:34 vps-XXXXXXX postfix/smtpd[13668]: connect from unknown[XXX.XXX.XXX.XXX]
Feb 28 14:50:36 vps-XXXXXXX postfix/smtpd[13668]: warning: SASL authentication failure: Password verification failed
Feb 28 14:50:36 vps-XXXXXXX postfix/smtpd[13668]: warning: unknown[XXX.XXX.XXX.XXX]: SASL PLAIN authentication failed: authentication failure

Jeffrey Scott Flesher
Medically Retired Gulf War Vet

Tue, 02/28/2012 - 16:37
andreychek

Sorry, I meant to say CentOS 5 -- that's the only distro that offers the php53 packages.

Not all my Domains are using the same DNS server, Should I change them to all be the same server? Should I use Godaddy's DNS server, or setup pointers to the host server?

That all comes down to personal preference.

You could host all your DNS at GoDaddy if you like. Then you don't have to setup your system as a nameserver, but you'd have to add the DNS entries for your domains into GoDaddy's DNS.

Or, you could use your own server as a nameserver. To configure that, you can use the information here in the section titled "How do I setup nameservers for my server":

http://www.virtualmin.com/documentation/dns/faq

Tue, 02/28/2012 - 20:42 (Reply to #5)
jflesher

My personal preference is to set it up so its easy to switch servers, and that the DNS records are updated the fastest, in the pass, that was with go daddy's DNS, now it thats still true I don't know, it was the way I set up the servers years ago when I first started using Virtualmin, and even at the time, it was because I found instructions on how to do it that way, not that it was the best way, its not the only way, but here are my issues:

If I use Go Daddy as my DNS server:

I have it set as default, which is use their DNS server:
Note:
If you use our nameservers, we update your domain name's zone file to include the required subdomain A host records supporting the new domain hosts. If you use custom nameservers, your hosting provider must add these records for you.

Under the NS tab, I see the two records:

host -t NS mydomain.com

mydomain.com name server ns1.domaincontrol.com.
mydomain.com name server ns2.domaincontrol.com.

host mydomain.com

mydomain.com has address XXX.XXX.XXX.XXX
mydomain.com mail is handled by 0 mail.mydomain.com.

All looks fine to me, Name servers are right, IP address are right.

Now a question:
/etc/resolv.conf
Currently it is default, its using some DNS server (1), and an internal IP 127.0.0.1
Should it point to the same DNS servers as above?
if yes, it seems that all the domains should be using the same server, but I don't know if it matters, but I do not want to have to make custom DNS changes to all the domains, so what is the best way to deal with this?

I see an issue, when I first set this install up, I used a URL as my host, I also have a website setup for it, which is not working, which is my clue that DNS is hosed, so I went into Server Configuration -> DNS Records and see the URL in the SOA and NS record, by URL I mean mydomain.com, not NS.mydomain.com, this seems to be the problem, is there a way to fix it globally, or do I need to fix each of the 50 domains to resolve this issue?

Update:
This is not set to DHCP, its Static
/etc/sysconfig/network-scripts/ifcfg-venet0

DEVICE=venet0
BOOTPROTO=static
ONBOOT=yes
IPADDR=127.0.0.1
NETMASK=255.255.255.255
BROADCAST=0.0.0.0
GATEWAYDEV="venet0"
IPV6INIT="yes"

/etc/hosts

127.0.0.1 localhost.localdomain localhost
XXX.XXX.XXX.XX1 mydoman.com # ssl
XXX.XXX.XXX.XX2 vps-xxx.manage.myhosting.com vps-xxx # shared IP
IPV6_DEFAULTDEV="venet0"

DNS record:


$ttl 38400
@ IN SOA mydomain.com. root.mydomain.com. (
1329685143
10800
3600
604800
38400 )
mydomain.com. IN A XXX.XXX.XXX.XXX
www.mydomain.com. IN A XXX.XXX.XXX.XXX
ftp.mydomain.com. IN A XXX.XXX.XXX.XXX
m.mydomain.com. IN A XXX.XXX.XXX.XXX
localhost.mydomain.com. IN A 127.0.0.1
webmail.mydomain.com. IN A XXX.XXX.XXX.XXX
admin.mydomain.com. IN A XXX.XXX.XXX.XXX
mail.mydomain.com. IN A XXX.XXX.XXX.XXX
mydomain.com. IN MX 5 mail.mydomain.com.
mydomain.com. IN TXT "v=spf1 a mx a:mydomain.com ip4:XXX.XXX.XXX.XXX ?all"
mydomain.com. IN NS ns19.domaincontrol.com. ;NS1
mydomain.com. IN NS ns20.domaincontrol.com. ;NS2
NS1.mydomain.com. IN A XXX.XXX.XXX.XXX ;NS1
NS2.mydomain.com. IN A XXX.XXX.XXX.XXX ;NS2

I get this error running Check Connectivity:

Testing external connectivity ..
.. the following problems were found :

Problem type Error message Possible solution
Nameserver mismatch None of the nameservers match this system : ns20.domaincontrol.com. ns19.domaincontrol.com. Verify with your DNS registrar that nameservers for the domain are set correctly.

Email client is set to no encryption on port 25; and I know the user name and password is right.
Email error:

Feb 28 14:50:34 vps-XXXXXXX postfix/smtpd[13668]: connect from unknown[XXX.XXX.XXX.XXX]
Feb 28 14:50:36 vps-XXXXXXX postfix/smtpd[13668]: warning: SASL authentication failure: Password verification failed
Feb 28 14:50:36 vps-XXXXXXX postfix/smtpd[13668]: warning: unknown[XXX.XXX.XXX.XXX]: SASL PLAIN authentication failed: authentication failure

Do I need to set Master DNS server hostname?
if so, what do I set it to?

Is there any step by step instructions on how to set this up?

Thanks

Jeffrey Scott Flesher
Medically Retired Gulf War Vet

Tue, 02/28/2012 - 21:23
andreychek

I'll respond more fully to your post soon, but I wanted to get in a few quick answers:

Update: This is not set to DHCP, its Static /etc/sysconfig/network-scripts/ifcfg-venet0

While DHCP is the most common cause of having the resolv.conf file overwritten, using OpenVZ is the second most common cause :-)

It looks like you're using an OpenVZ-based VPS there, and we've seen a few cases at least where the resolv.conf file was overwritten automatically each time the system was rebooted. The DNS FAQ entry I linked to above mentions how to handle that though (which is to make it so that file can't be overwritten).

DNS record:

You're quite welcome to use GoDaddy for your DNS, that works just fine... but if you do that, you'd want to go into System Settings -> Features and Plugins, and disable the BIND DNS Domain plugin. You'd only want BIND enabled if your Virtualmin server is acting as your primary nameserver. If GoDaddy is your nameserver, you don't need (or want) that feature enabled.

Email client is set to no encryption on port 25; and I know the user name and password is right.

Are you by chance able to send email using SSL/TLS on port 587 or 465? What about when logging into Usermin on port 20000?

-Eric

Tue, 02/28/2012 - 21:43 (Reply to #7)
jflesher

I get this error trying to disable Bind in Features The feature BIND DNS domain cannot be disabled, as it is used by the following virtual servers then it list all the servers, do I have to individual turn these off first?

In your Option, what is the best way to setup DNS, its the Method I would prefer to use, since I have no reason to really pick one over the other.

Jeffrey Scott Flesher
Medically Retired Gulf War Vet

Tue, 02/28/2012 - 21:24
andreychek

Oh, also, you may want to try giving saslauthd a restart before attempting to login to your email. You can do that with this command:

/etc/init.d/saslauthd restart

Wed, 02/29/2012 - 01:08 (Reply to #9)
jflesher

Didn't help; still can not send email, but I can send it using squirrel mail, and I have other users that use Outlook, but in Evolution, I just can not get it to work.

Update: I just found it works on some accounts, have not figure out why that is.

Jeffrey Scott Flesher
Medically Retired Gulf War Vet

Tue, 02/28/2012 - 21:27
andreychek

Actually, this all got me thinking about one other thing.

What is the output of these two commands on your system:

  1. free -m

  2. cat /proc/user_beancounters

Wed, 02/29/2012 - 00:34 (Reply to #11)
jflesher

free -m

total used free shared buffers cached
Mem: 7680 1037 6642 0 0 0
-/+ buffers/cache: 1037 6642
Swap: 0 0 0

cat /proc/user_beancounters

Version: 2.5
uid resource held maxheld barrier limit failcnt
8642: kmemsize 42863857 73184138 9223372036854775807 9223372036854775807 0
lockedpages 0 8 9223372036854775807 9223372036854775807 0
privvmpages 387638 723909 9223372036854775807 9223372036854775807 0
shmpages 882 4260 9223372036854775807 9223372036854775807 0
dummy 0 0 9223372036854775807 9223372036854775807 0
numproc 116 190 9223372036854775807 9223372036854775807 0
physpages 254087 595757 9223372036854775807 9223372036854775807 0
vmguarpages 0 0 9223372036854775807 9223372036854775807 0
oomguarpages 254088 595758 9223372036854775807 9223372036854775807 0
numtcpsock 26 188 9223372036854775807 9223372036854775807 0
numflock 18 35 9223372036854775807 9223372036854775807 0
numpty 1 2 9223372036854775807 9223372036854775807 0
numsiginfo 0 81 9223372036854775807 9223372036854775807 0
tcpsndbuf 1209976 9839856 9223372036854775807 9223372036854775807 0
tcprcvbuf 425984 19363712 9223372036854775807 9223372036854775807 0
othersockbuf 320472 1880088 9223372036854775807 9223372036854775807 0
dgramrcvbuf 9128 174864 9223372036854775807 9223372036854775807 0
numothersock 213 388 9223372036854775807 9223372036854775807 0
dcachesize 3758619 4368969 9223372036854775807 9223372036854775807 0
numfile 12717 21968 9223372036854775807 9223372036854775807 0
dummy 0 0 0 0 0
dummy 0 0 0 0 0
dummy 0 0 0 0 0
numiptent 30 30 9223372036854775807 9223372036854775807 0

Do you think it would be better to open a new account and do a fresh install?

Jeffrey Scott Flesher
Medically Retired Gulf War Vet

Wed, 02/29/2012 - 08:46
andreychek

Do you think it would be better to open a new account and do a fresh install?

We've often seen problems with OpenVZ-based systems running into resource limits... but the data you pasted in shows that you're not hitting any limits.

However, with the errors you're receiving during the installation -- that's showing a problem of some sort with the OpenVZ image you're using. That is, something about that image is different from a standard installation, in a way that's causing problems.

I know this isn't your first choice, but if it happens to be an option to try a different distro or version... perhaps using CentOS 6 would get around the issues you're running into there.

-Eric

Wed, 02/29/2012 - 10:40 (Reply to #13)
jflesher

Can you recommend a good Host?

I have burned through many in the last month trying to find a host till I can get a glass connection, and I'm having nothing but problems.

Update:
They are user Linux Virtuozzo http://www.parallels.com/products/pvc/

Jeffrey Scott Flesher
Medically Retired Gulf War Vet

Wed, 02/29/2012 - 11:09
andreychek

Yeah, Virtuozzo runs on top of OpenVZ.

You might simply try their CentOS 6 image, and see if Virtualmin installs cleanly for you there.

We don't have any specific provider recommendations (though others here may), but I would suggest that if you were going to look for a new VPS provider, you find one that provides Xen or KVM based VPS's.

-Eric

Wed, 02/29/2012 - 12:01 (Reply to #15)
jflesher

They only offer CentOS --> 5.7 Debian --> 5 lenny

Is there any way I can correct this, it appears its just a DNS issue, and I just need to know the best way to setup DNS, with some kind of instructions, a link or something to go off of.

Jeffrey Scott Flesher
Medically Retired Gulf War Vet

Wed, 02/29/2012 - 13:15
andreychek

It looks like they're offering fairly old Linux distributions... Debian 5 reached it's end of life several weeks ago, there won't be any additional security updates for it. And CentOS 5 is considered fairly old now, though it'll still be supported for a few more years.

However, CentOS 5 should work fine for you.

You don't appear to just be dealing with a DNS issue, however, the issues you're having are solvable.

There's no more DNS instructions available than I've offered already... it comes down to one of two choices:

  1. Use GoDaddy for your DNS

If you opt for this, you have to disable the DNS feature in all your Virtual Servers, then globally disable DNS in Virtualmin. You'd then log into GoDaddy, and setup the DNS records for all your domains to point to the IP of your server.

It's more work to have to add an IP for each of your domains into GoDaddy, but you don't have to deal with the setup of making your server a nameserver.

  1. Use your own server for DNS

If you opt for this, you'd have to setup your server to act as a nameserver. You can do that with the instructions here in the section named "How do I setup nameservers for my server":

https://virtualmin.com/node/21372

This option is more work to setup initially, but is simpler after that, since it automatically adds DNS entries for you each time a domain is added.

When you use option #2, you'd then have to setup the nameservers for each of your domains to point to your server.

Which option you use comes down to personal preference, and either option should work fine. People who are comfortable with DNS, or want less work over the long run, tend to use option #2. People who don't want to deal with the initial nameserver setup, or folks without many domains, often opt for option #1.

-Eric

Wed, 02/29/2012 - 13:25 (Reply to #17)
jflesher

Thanks, that actually cleared up my confusion about which option to use, and I think I'll go with number #2.

Jeffrey Scott Flesher
Medically Retired Gulf War Vet

Wed, 02/29/2012 - 14:55 (Reply to #18)
jflesher

Under Edit Server Template -> Master DNS server hostname
Should I select Hostname, or use Automatic (from system's hostname), which is how its set now.

Or should I edit each DNS record and use its own domain name?

Thanks

Jeffrey Scott Flesher
Medically Retired Gulf War Vet

Wed, 02/29/2012 - 17:43
andreychek

Well, the documentation would have you creating two nameserver names, ns1.domain.com and ns2.domain.com.

Although it will work either either setting, it would be more ideal to set "Master DNS server hsotname" to ns1.domain.com.

-Eric

Wed, 02/29/2012 - 23:49 (Reply to #20)
jflesher

This would only effect new domains, is that right? or does the Template changes effect all Site?

If it only effects new DNS records are create time, I guess it really doesn't answer my question; since it created the DNS record with the hostname originally, in this line

@ IN SOA hostname.com. root.hostname.com. (

I thought it best to change it to:

@ IN SOA mydomain.com. root.mydomain.com. (

just a guess mind you, I do not know what the SOA really does for me, and why I'd tie it to one URL, vs using its own URL, it seems to work both ways, let me know if it should reflect another URL, in which case, it would seem I need to have one just for Virtualmin, because I do not see another reason to have this option, which is where I get confused, and no amount of reading about DNS, has every gotten me closer to understanding, although I've been using it for years, I only have to deal with it when I'm installing a new server, and I do not do that often.

Then I added the below records to my registrar at Go Daddy, and also duplicated them in the Virtualmin DNS as well

NS1.mydomain.com. IN A 216.224.182.124 ;NS1
NS2.mydomain.com. IN A 216.224.182.124 ;NS2

mydomain.com. IN NS ns1.mydomain.com. ;NS1
mydomain.com. IN NS ns2.mydomain.com. ;NS2

I just want to make sure I'm doing this right; because my guess is that its best just to fix the DNS records so each is using its own URL for the DNS server.

I must have done something right, because now the Check Connectivity test works, I'll reboot tonight and see if it stays that way.

Thanks for all the help.

Jeffrey Scott Flesher
Medically Retired Gulf War Vet

Thu, 03/01/2012 - 10:44
andreychek

This would only effect new domains, is that right? or does the Template changes effect all Site?

Correct, changes to the Server templates only affect new sites.

If it only effects new DNS records are create time, I guess it really doesn't answer my question; since it created the DNS record with the hostname originally, in this line

Well, I wouldn't worry about all this too much... it's not going to make or break whether it works.

So long as the IP's resolve to your own server, you'll be fine.

I'd recommend setting "Master DNS server hostname" to ns1.domain.com, and I'd just ignore stuff like those SOA records for the moment, there's plenty of other things to get up and running :-)

Once everything else is working, if you really want, you can then tweak the specific names that show up for your SOA records.

-Eric

Fri, 03/16/2012 - 14:56
jflesher

I still have to add in 127.0.0.1 into the DNS record after every reboot, how can I fix this?

Jeffrey Scott Flesher
Medically Retired Gulf War Vet

Fri, 03/16/2012 - 15:30
andreychek

Howdy,

There's a few solutions for that issue here in the article titled "Received Virtualmin error that 127.0.0.1 isn't listed in /etc/resolv.conf":

https://www.virtualmin.com/documentation/dns/faq

Fri, 03/16/2012 - 21:00
Locutus

What usually works in this case is making the resolv config file "immutable", so no service nor root can change it anymore: chattr +i /etc/resolv.conf

If you need to edit the file, revert the change with the same command and -i

Also, if you're still looking for a hosting provider, I have room on my servers for another customer. :-) I use VMWare; no trouble with the usual OpenVZ stuff here.

Sat, 03/17/2012 - 00:47
jflesher

I tried chattr +i /etc/resolv.conf

Hostname for Container set: vps-123.manage.myhosting.com
mv: cannot move /etc/resolv.conf.15740 to /etc/resolv.conf:
Operation not permitted ERROR: Can't change file /etc/resolv.conf File resolv.conf was modified Container unmounted Container start failed .

Now the server is hosed, I hope they can run chattr -i /etc/resolv.conf to bring the server back up, I can not SSH in, the VPS is down.

Jeffrey Scott Flesher
Medically Retired Gulf War Vet

Sat, 03/17/2012 - 05:10
Locutus

Okay, it would seem you should really look for an alternative to this OpenVZ crap. How can they make it so that the thing won't start if it can't overwrite the resolv.conf. :|

Sat, 03/17/2012 - 14:00
jflesher

I am going to let them fix this issue, its clear that its OpenVZ that has to overwrite this file and I asked myhosting.com to fix it so the DNS record contains 127.0.0.1, we'll see what they say, if they can't, then I'll have to remove the DNS server bind and thats fine, it will work at least.

I'm waiting on a Glass Connections to my servers, I server about 150 GB of video, we have 50 web sites, not a lot, but, its hard to find a host that allows this, and I have gone thru many in the last few years, since my internet connection died here and I had to host else where.

Jeffrey Scott Flesher
Medically Retired Gulf War Vet

Sat, 03/17/2012 - 16:52
jflesher

They fixed it, now it doesn't overwrite the file, I have no idea how they fixed it, no details.

Thanks for all the help; looks like this install is rock soild now.

Jeffrey Scott Flesher
Medically Retired Gulf War Vet