Re-Installing Virtualmin Pro without using Script

Virtualmin
1

I have a live system that had a failded install due to a problem with php53, and now I doubt the integrity of the system, even though it is working, I have had far to many issues, and would like to find a way or script, that will make sure everthing is installed right, without damaging the installation of a Live server.

I have two servers up at the moment, so I could change all the ip’s over to the backup server, then move or copy home some where else, but its 160 GB and 50 Domains which is why I’d like to avoid this, but I don’t think a new install will get past the php53 problem, so I kind of gave up on a clean install, but it should be possible just to make sure all the services are installed correctly, one in question is the Email SMTP server is not allowing me to send mail, which I could open a thread on that one item, but this is chasing a ghost, I don’t even know if this is installled correctly, some times when I run Re-Check Configuration, I get this Error:
Virtualmin is configured to setup DNS zones, but this system is not setup to use itself as a DNS server
I can add in 127.0.0.1 and rerun the test and it will pass, but next reboot and I’m back in the same place, I don’t think it installed correctly.

Thanks

2

I have had far to many issues, and would like to find a way or script, that will make sure everthing is installed right, without damaging the installation of a Live server

There’s not really a way to do that; but we can certainly look into the issues you’re having, and see if they appear to be solvable issues, or larger installation issues (which may also be solvable).

but I don’t think a new install will get past the php53 problem, so I kind of gave up on a clean install,

We’ve unfortunately still been unable to reproduce the problems you’re seeing on a new installation of CentOs 6, and no one else has reported those issues when running the install.sh.

this system is not setup to use itself as a DNS server I can add in 127.0.0.1 and rerun the test and it will pass, but next reboot and I’m back in the same place, I don’t think it installed correctly.

This is actually a fairly common issue, and isn’t an installation problem. It just means you’re likely using DHCP to obtain your IP address, and when that occurs, it’s overwriting your current /etc/resolv.conf settings anytime a new IP is obtained.

There’s details on resolving that here:

http://www.virtualmin.com/documentation/dns/faq

one in question is the Email SMTP server is not allowing me to send mail, which I could open a thread on that one item, but this is chasing a ghost,

I’d be happy to assist with that issue if you like, just let us know what error you’re receiving, what port you’re using to send mail (25, 465, or 587), and what, if any, errors you’re seeing in /var/log/maillog.

-Eric

3

Just to set the record right: I’m using CentOS 5.7

Lets start with DNS, this is hosed, and its been a while since I had to deal with DNS, so here is how I have my system configured:

I’m using Godaddy as my Registrar
I’m hosting on myhosting.com VPS account with CentOS 5.7
I have 50 Domains with shared static IP, and one SSL site on its own IP

Not all my Domains are using the same DNS server, Should I change them to all be the same server?

Should I use Godaddy’s DNS server, or setup pointers to the host server?

Is there a step by step guild on your web site for setting up DNS, I could not find one.

4

Sorry, I meant to say CentOS 5 – that’s the only distro that offers the php53 packages.

Not all my Domains are using the same DNS server, Should I change them to all be the same server? Should I use Godaddy’s DNS server, or setup pointers to the host server?

That all comes down to personal preference.

You could host all your DNS at GoDaddy if you like. Then you don’t have to setup your system as a nameserver, but you’d have to add the DNS entries for your domains into GoDaddy’s DNS.

Or, you could use your own server as a nameserver. To configure that, you can use the information here in the section titled “How do I setup nameservers for my server”:

http://www.virtualmin.com/documentation/dns/faq

5

Email error:

Feb 28 14:50:34 vps-XXXXXXX postfix/smtpd[13668]: connect from unknown[XXX.XXX.XXX.XXX]
Feb 28 14:50:36 vps-XXXXXXX postfix/smtpd[13668]: warning: SASL authentication failure: Password verification failed
Feb 28 14:50:36 vps-XXXXXXX postfix/smtpd[13668]: warning: unknown[XXX.XXX.XXX.XXX]: SASL PLAIN authentication failed: authentication failure

6

My personal preference is to set it up so its easy to switch servers, and that the DNS records are updated the fastest, in the pass, that was with go daddy’s DNS, now it thats still true I don’t know, it was the way I set up the servers years ago when I first started using Virtualmin, and even at the time, it was because I found instructions on how to do it that way, not that it was the best way, its not the only way, but here are my issues:

If I use Go Daddy as my DNS server:

I have it set as default, which is use their DNS server:
Note:
If you use our nameservers, we update your domain name’s zone file to include the required subdomain A host records supporting the new domain hosts. If you use custom nameservers, your hosting provider must add these records for you.

Under the NS tab, I see the two records:

host -t NS mydomain.com

mydomain.com name server ns1.domaincontrol.com.
mydomain.com name server ns2.domaincontrol.com.

host mydomain.com

mydomain.com has address XXX.XXX.XXX.XXX
mydomain.com mail is handled by 0 mail.mydomain.com.

All looks fine to me, Name servers are right, IP address are right.

Now a question:
/etc/resolv.conf
Currently it is default, its using some DNS server (1), and an internal IP 127.0.0.1
Should it point to the same DNS servers as above?
if yes, it seems that all the domains should be using the same server, but I don’t know if it matters, but I do not want to have to make custom DNS changes to all the domains, so what is the best way to deal with this?

I see an issue, when I first set this install up, I used a URL as my host, I also have a website setup for it, which is not working, which is my clue that DNS is hosed, so I went into Server Configuration -> DNS Records and see the URL in the SOA and NS record, by URL I mean mydomain.com, not NS.mydomain.com, this seems to be the problem, is there a way to fix it globally, or do I need to fix each of the 50 domains to resolve this issue?

Update:
This is not set to DHCP, its Static
/etc/sysconfig/network-scripts/ifcfg-venet0

DEVICE=venet0
BOOTPROTO=static
ONBOOT=yes
IPADDR=127.0.0.1
NETMASK=255.255.255.255
BROADCAST=0.0.0.0
GATEWAYDEV=“venet0”
IPV6INIT=“yes”

/etc/hosts

127.0.0.1 localhost.localdomain localhost
XXX.XXX.XXX.XX1 mydoman.com # ssl
XXX.XXX.XXX.XX2 vps-xxx.manage.myhosting.com vps-xxx # shared IP
IPV6_DEFAULTDEV=“venet0”

DNS record:

$ttl 38400 @ IN SOA mydomain.com. root.mydomain.com. ( 1329685143 10800 3600 604800 38400 ) mydomain.com. IN A XXX.XXX.XXX.XXX www.mydomain.com. IN A XXX.XXX.XXX.XXX ftp.mydomain.com. IN A XXX.XXX.XXX.XXX m.mydomain.com. IN A XXX.XXX.XXX.XXX localhost.mydomain.com. IN A 127.0.0.1 webmail.mydomain.com. IN A XXX.XXX.XXX.XXX admin.mydomain.com. IN A XXX.XXX.XXX.XXX mail.mydomain.com. IN A XXX.XXX.XXX.XXX mydomain.com. IN MX 5 mail.mydomain.com. mydomain.com. IN TXT "v=spf1 a mx a:mydomain.com ip4:XXX.XXX.XXX.XXX ?all" mydomain.com. IN NS ns19.domaincontrol.com. ;NS1 mydomain.com. IN NS ns20.domaincontrol.com. ;NS2 NS1.mydomain.com. IN A XXX.XXX.XXX.XXX ;NS1 NS2.mydomain.com. IN A XXX.XXX.XXX.XXX ;NS2

I get this error running Check Connectivity:

Testing external connectivity …
… the following problems were found :

Problem type Error message Possible solution
Nameserver mismatch None of the nameservers match this system : ns20.domaincontrol.com. ns19.domaincontrol.com. Verify with your DNS registrar that nameservers for the domain are set correctly.

Email client is set to no encryption on port 25; and I know the user name and password is right.
Email error:

Feb 28 14:50:34 vps-XXXXXXX postfix/smtpd[13668]: connect from unknown[XXX.XXX.XXX.XXX]
Feb 28 14:50:36 vps-XXXXXXX postfix/smtpd[13668]: warning: SASL authentication failure: Password verification failed
Feb 28 14:50:36 vps-XXXXXXX postfix/smtpd[13668]: warning: unknown[XXX.XXX.XXX.XXX]: SASL PLAIN authentication failed: authentication failure

Do I need to set Master DNS server hostname?
if so, what do I set it to?

Is there any step by step instructions on how to set this up?

Thanks

7

I’ll respond more fully to your post soon, but I wanted to get in a few quick answers:

Update:
This is not set to DHCP, its Static
/etc/sysconfig/network-scripts/ifcfg-venet0

While DHCP is the most common cause of having the resolv.conf file overwritten, using OpenVZ is the second most common cause :slight_smile:

It looks like you’re using an OpenVZ-based VPS there, and we’ve seen a few cases at least where the resolv.conf file was overwritten automatically each time the system was rebooted. The DNS FAQ entry I linked to above mentions how to handle that though (which is to make it so that file can’t be overwritten).

DNS record:

You’re quite welcome to use GoDaddy for your DNS, that works just fine… but if you do that, you’d want to go into System Settings -> Features and Plugins, and disable the BIND DNS Domain plugin. You’d only want BIND enabled if your Virtualmin server is acting as your primary nameserver. If GoDaddy is your nameserver, you don’t need (or want) that feature enabled.

Email client is set to no encryption on port 25; and I know the user name and password is right.

Are you by chance able to send email using SSL/TLS on port 587 or 465? What about when logging into Usermin on port 20000?

-Eric

8

Oh, also, you may want to try giving saslauthd a restart before attempting to login to your email. You can do that with this command:

/etc/init.d/saslauthd restart

9

Actually, this all got me thinking about one other thing.

What is the output of these two commands on your system:

  1. free -m

  2. cat /proc/user_beancounters

10

I get this error trying to disable Bind in Features
The feature BIND DNS domain cannot be disabled, as it is used by the following virtual servers
then it list all the servers, do I have to individual turn these off first?

In your Option, what is the best way to setup DNS, its the Method I would prefer to use, since I have no reason to really pick one over the other.

11

free -m

total used free shared buffers cached
Mem: 7680 1037 6642 0 0 0
-/+ buffers/cache: 1037 6642
Swap: 0 0 0

cat /proc/user_beancounters

Version: 2.5
uid resource held maxheld barrier limit failcnt
8642: kmemsize 42863857 73184138 9223372036854775807 9223372036854775807 0
lockedpages 0 8 9223372036854775807 9223372036854775807 0
privvmpages 387638 723909 9223372036854775807 9223372036854775807 0
shmpages 882 4260 9223372036854775807 9223372036854775807 0
dummy 0 0 9223372036854775807 9223372036854775807 0
numproc 116 190 9223372036854775807 9223372036854775807 0
physpages 254087 595757 9223372036854775807 9223372036854775807 0
vmguarpages 0 0 9223372036854775807 9223372036854775807 0
oomguarpages 254088 595758 9223372036854775807 9223372036854775807 0
numtcpsock 26 188 9223372036854775807 9223372036854775807 0
numflock 18 35 9223372036854775807 9223372036854775807 0
numpty 1 2 9223372036854775807 9223372036854775807 0
numsiginfo 0 81 9223372036854775807 9223372036854775807 0
tcpsndbuf 1209976 9839856 9223372036854775807 9223372036854775807 0
tcprcvbuf 425984 19363712 9223372036854775807 9223372036854775807 0
othersockbuf 320472 1880088 9223372036854775807 9223372036854775807 0
dgramrcvbuf 9128 174864 9223372036854775807 9223372036854775807 0
numothersock 213 388 9223372036854775807 9223372036854775807 0
dcachesize 3758619 4368969 9223372036854775807 9223372036854775807 0
numfile 12717 21968 9223372036854775807 9223372036854775807 0
dummy 0 0 0 0 0
dummy 0 0 0 0 0
dummy 0 0 0 0 0
numiptent 30 30 9223372036854775807 9223372036854775807 0

Do you think it would be better to open a new account and do a fresh install?

12

Didn’t help; still can not send email, but I can send it using squirrel mail, and I have other users that use Outlook, but in Evolution, I just can not get it to work.

Update: I just found it works on some accounts, have not figure out why that is.

13

Do you think it would be better to open a new account and do a fresh install?

We’ve often seen problems with OpenVZ-based systems running into resource limits… but the data you pasted in shows that you’re not hitting any limits.

However, with the errors you’re receiving during the installation – that’s showing a problem of some sort with the OpenVZ image you’re using. That is, something about that image is different from a standard installation, in a way that’s causing problems.

I know this isn’t your first choice, but if it happens to be an option to try a different distro or version… perhaps using CentOS 6 would get around the issues you’re running into there.

-Eric

14

Can you recommend a good Host?

I have burned through many in the last month trying to find a host till I can get a glass connection, and I’m having nothing but problems.

Update:
They are user Linux Virtuozzo http://www.parallels.com/products/pvc/

15

Yeah, Virtuozzo runs on top of OpenVZ.

You might simply try their CentOS 6 image, and see if Virtualmin installs cleanly for you there.

We don’t have any specific provider recommendations (though others here may), but I would suggest that if you were going to look for a new VPS provider, you find one that provides Xen or KVM based VPS’s.

-Eric

16

They only offer
CentOS --> 5.7
Debian --> 5 lenny

Is there any way I can correct this, it appears its just a DNS issue, and I just need to know the best way to setup DNS, with some kind of instructions, a link or something to go off of.

17

It looks like they’re offering fairly old Linux distributions… Debian 5 reached it’s end of life several weeks ago, there won’t be any additional security updates for it. And CentOS 5 is considered fairly old now, though it’ll still be supported for a few more years.

However, CentOS 5 should work fine for you.

You don’t appear to just be dealing with a DNS issue, however, the issues you’re having are solvable.

There’s no more DNS instructions available than I’ve offered already… it comes down to one of two choices:

  1. Use GoDaddy for your DNS

If you opt for this, you have to disable the DNS feature in all your Virtual Servers, then globally disable DNS in Virtualmin. You’d then log into GoDaddy, and setup the DNS records for all your domains to point to the IP of your server.

It’s more work to have to add an IP for each of your domains into GoDaddy, but you don’t have to deal with the setup of making your server a nameserver.

  1. Use your own server for DNS

If you opt for this, you’d have to setup your server to act as a nameserver. You can do that with the instructions here in the section named “How do I setup nameservers for my server”:

https://virtualmin.com/node/21372

This option is more work to setup initially, but is simpler after that, since it automatically adds DNS entries for you each time a domain is added.

When you use option #2, you’d then have to setup the nameservers for each of your domains to point to your server.

Which option you use comes down to personal preference, and either option should work fine. People who are comfortable with DNS, or want less work over the long run, tend to use option #2. People who don’t want to deal with the initial nameserver setup, or folks without many domains, often opt for option #1.

-Eric

18

Thanks, that actually cleared up my confusion about which option to use, and I think I’ll go with number #2.

19

Under Edit Server Template -> Master DNS server hostname
Should I select Hostname, or use Automatic (from system’s hostname), which is how its set now.

Or should I edit each DNS record and use its own domain name?

Thanks

20

Well, the documentation would have you creating two nameserver names, ns1.domain.com and ns2.domain.com.

Although it will work either either setting, it would be more ideal to set “Master DNS server hsotname” to ns1.domain.com.

-Eric