www.data-blogger.com's questions

We are trying to install and use Certbot. We have installed it and we tried to install one certificate (for https://www.tuxx.cn/), but this gives the following error when using Mozilla Firefox: SSL_ERROR_RX_RECORD_TOO_LONG

Using Curl, we also get an error (but a different one): curl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol

This is our Apache configuration:

irtualHost *:443>
  ServerName www.tuxx.cn
  DocumentRoot /var/www/current/httpdocs

    SSLEngine on

    # Intermediate configuration, tweak to your needs
    SSLProtocol             all -SSLv2 -SSLv3
    SSLCipherSuite          ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES12$
    SSLHonorCipherOrder     on
    SSLCompression          off

    SSLOptions +StrictRequire

    SSLCertificateFile /etc/letsencrypt/live/www.tuxx.cn/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/www.tuxx.cn/privkey.pem
 <Directory "/var/www/current/httpdocs">
    AllowOverride All
    Options -Indexes +FollowSymLinks
    Require all granted
  </Directory>
</VirtualHost>

What are we doing wrong here?

P.S. We tried to find out what the difference was between the default certbot Apache configuration and our Apache configuration. It turned out that we had to split our configuration into subconfigurations per domain in order for certbot to detect the configuration files.

Why is dovecot removing my mails? I have setup an SQL database according to the Dovecot information, but I get this in my logs:

May 14 14:23:53 alpha postfix/smtpd[16436]: Anonymous TLS connection established from mail-ie0-f174.google.com[209.85.223.174]: TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)
May 14 14:23:53 alpha postfix/smtpd[16436]: B2FD382E07: client=mail-ie0-f174.google.com[209.85.223.174]
May 14 14:23:53 alpha postfix/cleanup[16441]: B2FD382E07: message-id=<CAN-5czEh3pcyfw-eZT3m-rfyxrOXRaSpt-76uJ++H57jy=46wg@mail.gmail.com>
May 14 14:23:54 alpha postfix/qmgr[16274]: B2FD382E07: from=<[email protected]>, size=1770, nrcpt=1 (queue active)
May 14 14:23:54 alpha postfix/smtpd[16436]: disconnect from mail-ie0-f174.google.com[209.85.223.174]
May 14 14:23:54 alpha dovecot: lda(kevin): msgid=<CAN-5czEh3pcyfw-eZT3m-rfyxrOXRaSpt-76uJ++H57jy=46wg@mail.gmail.com>: saved mail to INBOX
May 14 14:23:54 alpha postfix/local[16442]: B2FD382E07: to=<[email protected]>, relay=local, delay=1.2, delays=0.69/0.01/0/0.53, dsn=2.0.0, status=sent (delivered to command: /usr/lib/dovecot/deliver -c /etc/dovecot/conf.d/01-mail-stack-delivery.conf -m "${EXTENSION}")
May 14 14:23:54 alpha postfix/qmgr[16274]: B2FD382E07: removed

There are already a bunch of rules in my Apache configuration. What I want to add is the following. There are some shared folders (.shared): /var/www/.shared/ and /var/www/.include/.shared/ and /var/www/.include/(.*)/.shared/. Now when someone visits http://domain.com/test.png it first executes the existing apache rules and will (when the file/folder was not found) look in those .shared folders.

So suppose I've got this filesystem: /var/www/.shared/dog.png /var/www/.shared/test.gif and /var/www/domain.com/dog.png. Now when someone visits http://domain.com/test.gif, it must load the test.gif from the .shared folder. Now when someone visits http://domain.com/dog.png it must load the dog.png from the domain.com folder (because the existing apache rules will be executed first).

I have a Subversion system running. It always does an post-commit update on /var/www by the following code: /usr/bin/svn update /var/www/. But, this is OK when I am working on an other server. I do a commit, and it updates the /var/www/ directory on the main server. But, when I am working on the main server, the post-commit hook will fail, because I am modifying files in /var/www/. How can I prevent this?

Regards, Kevin

My server is telling my that binary logging is disabled. When I do a mysqladmin variables, I see this: log_bin | OFF. This is my configuration file:

[mysqld]
# These are some standard (Plesk) options needed:
datadir             = /var/lib/mysql
socket              = /var/lib/mysql/mysql.sock
user                = mysql
old_passwords           = 1

# Some general options:
default_storage_engine      = MyISAM
#   We want to make sure eventual data loss is handled correctly:
myisam_recover          = FORCE,BACKUP

# Some security things, to avoid overloading:
max_allowed_packet      = 16M
max_connect_errors      = 1000000

# The important stuff, caching and performance tweaks:
max_connections         = 100
key_buffer_size         = 50M
read_buffer_size        = 2M
sort_buffer_size        = 5M
myisam_use_mmap         = 1
tmp_table_size          = 16M
max_heap_table_size     = 16M
query_cache_type        = 1
query_cache_size        = 64M
thread_cache_size       = 25
open_files_limit        = 65535
table_definition_cache      = 1024
table_open_cache        = 1024

# Although InnoDB is not used, some default optimization options:
innodb_buffer_pool_size     = 32M
innodb_data_file_path       = ibdata1:10M:autoextend
innodb_flush_log_at_trx_commit  = 2

# And finally some logging:
log_error           = /var/lib/mysql/mysql-error.log
log_queries_not_using_indexes   = 0
slow_query_log          = 1
slow_query_log_file     = /var/lib/mysql/mysql-slow.log

# Master
log-bin=/var/lib/mysql/mysql-bin 
server-id = 1
innodb_flush_log_at_trx_commit=1
sync_binlog=1

So, I did mysqladmin shutdown and then a service mysqld start and after that mysqladmin variables. But it says log-bin | OFF? What am I doing wrong? We are using MySQL 5.5.18-ccl by the way.

I'm trying to start httpd, but it only gives me '[FAILED]'. Now, I installed exim, but that didn't worked, so I uninstalled it. But then the web server didn't worked any more! I tried to /etc/init.d/httpd start, but that gives '[FAILED]' without a reason. What can I do to get it started?

httpd -e debug gives:

    [Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module auth_basic_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module auth_digest_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module authn_file_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module authn_alias_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module authn_anon_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module authn_dbm_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module authn_default_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module authz_host_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module authz_user_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module authz_owner_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module authz_groupfile_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module authz_dbm_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module authz_default_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module ldap_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module authnz_ldap_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module include_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module log_config_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module logio_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module env_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module ext_filter_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module mime_magic_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module expires_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module deflate_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module headers_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module usertrack_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module setenvif_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module mime_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module dav_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module status_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module autoindex_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module info_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module dav_fs_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module vhost_alias_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module negotiation_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module dir_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module actions_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module speling_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module userdir_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module alias_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module rewrite_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module proxy_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module proxy_balancer_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module proxy_ftp_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module proxy_http_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module proxy_connect_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module cache_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module suexec_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module disk_cache_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module file_cache_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module mem_cache_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module cgi_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module version_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module ssl_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module fcgid_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module perl_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module php5_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module proxy_ajp_module
[Wed Nov 23 11:47:25 2011] [debug] mod_so.c(246): loaded module python_module

Regards, Kevin

We need to send mails from our domain (assume this is example.com) to our self. Now, the 'incoming' mails are handled by another server (from Google). We can send mails through sendmail to external e-mail addresses, but when we tried to send to ourselves, nothing happens! What can we do to enable this feature?

We are running CentOS with Sendmail/Apache2/PHP, mails are sent by PHP.

We are using PHP 5.3.6 here, but we used the --without-sqlite3 command when compiling PHP. (It stands in the 'Configure Command' column). But, it is very risky to recompile PHP on that server; there are many visitors. How can we install/use sqlite3?

Regards, Kevin

[EDIT]

yum repolist gives:

Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.nl.leaseweb.net
 * extras: mirror.nl.leaseweb.net
 * updates: mirror.nl.leaseweb.net
repo id                        repo name                                  status
base                           CentOS-5 - Base                            3,566
extras                         CentOS-5 - Extras                            237
updates                        CentOS-5 - Updates                           376
repolist: 4,179

rpm -qa | grep php gives:

php-pdo-5.3.6-1.w5
php-mysql-5.3.6-1.w5
psa-php5-configurator-1.5.3-cos5.build95101022.10
php-mbstring-5.3.6-1.w5
php-imap-5.3.6-1.w5
php-cli-5.3.6-1.w5
php-gd-5.3.6-1.w5
php-5.3.6-1.w5
php-common-5.3.6-1.w5
php-xml-5.3.6-1.w5

php -i | grep sqlite gives:

PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/sqlite3.so' - /usr/lib64/php/modules/sqlite3.so: cannot open shared object file: No such file or directory in Unknown on line 0
Configure Command =>  './configure'  '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--sharedstatedir=/usr/com' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--cache-file=../config.cache' '--with-libdir=lib64' '--with-config-file-path=/etc' '--with-config-file-scan-dir=/etc/php.d' '--disable-debug' '--with-pic' '--disable-rpath' '--without-pear' '--with-bz2' '--with-exec-dir=/usr/bin' '--with-freetype-dir=/usr' '--with-png-dir=/usr' '--with-xpm-dir=/usr' '--enable-gd-native-ttf' '--without-gdbm' '--with-gettext' '--with-gmp' '--with-iconv' '--with-jpeg-dir=/usr' '--with-openssl' '--with-pcre-regex=/usr' '--with-zlib' '--with-layout=GNU' '--enable-exif' '--enable-ftp' '--enable-magic-quotes' '--enable-sockets' '--enable-sysvsem' '--enable-sysvshm' '--enable-sysvmsg' '--with-kerberos' '--enable-ucd-snmp-hack' '--enable-shmop' '--enable-calendar' '--without-mime-magic' '--without-sqlite' '--without-sqlite3' '--with-libxml-dir=/usr' '--enable-xml' '--with-system-tzdata' '--enable-force-cgi-redirect' '--enable-pcntl' '--with-imap=shared' '--with-imap-ssl' '--enable-mbstring=shared' '--enable-mbregex' '--with-gd=shared' '--enable-bcmath=shared' '--enable-dba=shared' '--with-db4=/usr' '--with-xmlrpc=shared' '--with-ldap=shared' '--with-ldap-sasl' '--with-mysql=shared,/usr' '--with-mysqli=shared,/usr/bin/mysql_config' '--enable-dom=shared' '--with-pgsql=shared' '--enable-wddx=shared' '--with-snmp=shared,/usr' '--enable-soap=shared' '--with-xsl=shared,/usr' '--enable-xmlreader=shared' '--enable-xmlwriter=shared' '--with-curl=shared,/usr' '--enable-fastcgi' '--enable-pdo=shared' '--with-pdo-odbc=shared,unixODBC,/usr' '--with-pdo-mysql=shared,/usr' '--with-pdo-pgsql=shared,/usr' '--with-pdo-sqlite=shared,/usr' '--with-pdo-dblib=shared,/usr' '--enable-json=shared' '--enable-zip=shared' '--with-readline' '--with-pspell=shared' '--enable-phar=shared' '--with-mcrypt=shared,/usr' '--with-tidy=shared,/usr' '--with-mssql=shared,/usr' '--enable-sysvmsg=shared' '--enable-sysvshm=shared' '--enable-sysvsem=shared' '--enable-posix=shared' '--with-unixODBC=shared,/usr' '--enable-fileinfo=shared' '--enable-intl=shared' '--with-icu-dir=/usr' '--with-recode=shared,/usr'
/etc/php.d/pdo_sqlite.ini,
/etc/php.d/sqlite3.ini,
PHP Warning:  Unknown: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Berlin' for 'CET/1.0/no DST' instead in Unknown on line 0
PDO drivers => mysql, sqlite
pdo_sqlite
PWD => /root/sqlite
_SERVER["PWD"] => /root/sqlite
_ENV["PWD"] => /root/sqlite

I have some common configuration for both port 443 and port 80. But I want for port 443 some specific configuration (like turning SSLEngine On). How can I get this working?

I had two MySQL servers running (127.0.0.1:3306 and 127.0.0.1:3307). Now I get this strange error: mysql_connect(): Lost connection to MySQL server at 'reading initial communication packet' I can connect with localhost:3307, but there aren't any tables/databases. I'm sure /etc/my.cnf is right:

[mysqld_multi]
mysqld     = /usr/bin/mysqld_safe
mysqladmin = /usr/bin/mysqladmin
user       = root
password   = ***

[mysqld]
port       = 3306
socket   = /var/run/mysql/mysql.sock

[mysqld2]
port       = 3307
socket   = /var/run/mysql/mysql2.sock

What can I do now? How can I restart the MySQL server? How can I make sure all tables still exists?

I want a mailserver on Ubuntu that saves e-mail in the database and uses users in the database to let them login into the POP server and SMTP server. There are also different domains. How can I do this?

Regards, Kevin