Here is a quick little one liner to check what the excludes policy on a CentOS cPanel server is:
#wget -q http://centos.karan.org/check_excludes.py -O - | python
Loaded plugins: priorities, protectbase, rhnplugin main: ['bind-chroot',
'courier*', 'dovecot*', 'exim*', 'filesystem', 'httpd*', 'mod_ssl*',
'mydns*', 'mysql*', 'nsd*', 'perl*', 'php*', 'proftpd*', 'pure-ftpd*',
'ruby*', 'spamassassin*', 'squirrelmail*']
epel - 
rpmforge - 
system-base - 
system-updates-released - 
This will output the policy in a clean format for each repository enabled on the server, along with the exclude setup for that repo.
Remember: the “main:” section in yum is the global system/repowide config settings and anything listed within there would be excluded from all repository updates.
UPDATE: This appears to be a bug according to MySQL – http://bugs.mysql.com/bug.php?id=69512
“This is indeed a bug, where the build system erroneously and silently started pulling in man pages with the wrong set of copyright headers.”
It has recently been brought to our attention that the MySQL man pages have been re-licensed. The change was made rather silently going from MySQL 5.5.30 to MySQL 5.5.31. This affects all pages in the man/ directory of the source code.
You can tell the changes have come during this short timeframe (5.5.30->5.5.31). The old manual pages were released under the following license:
This documentation is free software; you can redistribute it and/or modify it only under the terms of the GNU General Public License as published by the Free Software Foundation; version 2 of the License.
The new man pages (following 5.5.31 and greater – still valid for 5.5.32) are released under the following license:
This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.
This is clearly not very friendly of MySQL at Oracle. The new license has become a lot longer as well (to make it clear it is not released under the GPL). While the following was taken from the resolveip tool, the copyright notice is the same for all the man pages. You can compare the man page in 5.5.30 vs the man page in 5.5.31.
Original link: http://blog.mariadb.org/mysql-man-pages-silently-relicensed-away-from-gpl/
Unfortunately, this software has a severe root access vulnerability.
Zamfoo WHM Plugin – http://www.zamfoo.com/plugins – $Fee – Security Issues, DO NOT USE
Remove this plugin as quickly as possible unless re-imaging your server(s) is the favorite part of your day.
One of the great things about Linux is that you can do the same thing hundreds of different ways—even something as simple as generating a random password can be accomplished with dozens of different commands. Here’s 10 ways you can do it.
We gathered all of these commands from Command-Line Fu and tested them out on our own Linux PC to make sure they work. You should be able to use at least some of these on Windows with Cygwin installed, though we didn’t test all of them—the last one definitely works though.
Generate a Random Password
For any of these random password commands, you can either modify them to output a different password length, or you can just use the first x characters of the generated password if you don’t want such a long password. Hopefully you’re using a password manager like LastPass anyway so you don’t need to memorize them.
Continue reading “10 Ways to Generate a Random Password from the Command Line”
For Plesk 10.11
Basically Plesk updated and broke things. I imagine there could be some other cases when this breaks as well. For further details on the problem, see:
First locate the database tables that are missing.
Usually, it is something like:
/var/lib/mysql/phpmyadmin_$randomstringofchars/ and there would only be this file ‘db.opt‘.
If you login to phpmyadmin, the database name error will also be listed there.
Next, navigate to the Plesk phpmyadmin directory.
This can be found here:
Then go into the folder called examples/.
At this point you just need to recreate the tables. “Make sure you have the correct database before proceeding”.
mysql phpmyadmin_$randomstringofchars < tables.sql
Check the database to verify tables are there and check phpmyadmin to verify that error is gone.
With Plesk, symptoms can be similar and issues may vary. If you have further problems, troubleshooting a little more.
Recently there has been issues on some cPanel servers when attempting to obtain the disk quota for specific users. The problem is that it would return N/A in the cPanel account when looking at disk usage. Same result would appear when trying to get disk space for the user manually in the command line:
cPanel confirmed that the issue is a bug and they have created an internal report on it. For the time being, they are reporting that they were able to temporarily fix the issue by doing the following:
Continue reading “cPanel Quota Issue”
Parallels KB article:
“The exploit for this vulnerability uses a combination of the 2 issues:
– PHP vulnerability CVE-2012-1823 related to CGI mode used in older Plesks (http://kb.parallels.com/en/113818).
– Plesk phppath script alias usage in Plesk versions 9.0 – 9.2
Continue reading “Plesk Compromise”
For a very secure and convenient way to add two-factor ssh auth to your Linux server, you can use Google Authenticator. I’ll show you how to set this up!
1. In Ubuntu 13.04:
$ sudo apt-get install libpam-google-authenticator
2. Then, from an open bash shell with your user account on that server and run the following:
Scan the bar code with your Android phone or iPhone to add the key. (Or alternatively, open the URL provided on your phone to add the key.)
Note: save the emergency scratch codes in case you need to access the server without your phone!
Continue reading “Use Google Authenticator For Two-Factor SSH Authentication in Linux”