Category: Linux

  • How to Upgrade Debian 10 to Debian 11

    How to Upgrade Debian 10 to Debian 11

    One of the advantages of the Debian operating system is easy to upgrade to the newer version.

    Login to your Debian 10 server using SSH or console. Install all available software updates with the command

    apt update && apt upgrade -y

    Remove any unused packages

    apt autoremove

    Change /etc/apt/sources.list

    Make a backup of the file

    cp /etc/apt/sources.list ~/

    Edit the file /etc/apt/sources.list

    In the file, change all “buster” entries to “bullseye”. You can do this manually or using sed command

    sed -i 's/buster/bullseye/g' /etc/apt/sources.list

    Update System

    Update repository cache with

    apt update

    Upgrade software with

    apt upgrade

    Do a full-upgrade with

    apt full-upgrade

    Now reboot system

    reboot

    After reboot, you need to make sure all services running properly, there is a chance some services won’t work as expected, in that case, you need to debug and fix i.

    See Debian

  • How to redirect traffic to another IP using iptables

    How to redirect traffic to another IP using iptables

    After migrating websites to a new server, you need to point domains to the new server by changing the name server or editing DNS. DNS propagation can take a few hours, during this time visitors to the website still see the website from the OLD server IP. If visitor signup or make a purchase on the OLD server after the migration, this data will be lost. To avoid this, you can use iptables to forward all traffic to the new server IP address.

    The following steps need to be done on the OLD server. First, enable IP forwarding

    vi /etc/sysctl.conf

    Add

    net.ipv4.ip_forward=1

    Make it active with command

    sysctl -p

    If you only needed for the current session, you can run the command

    echo 1 > /proc/sys/net/ipv4/ip_forward

    For forwarding all incoming traffic on Port 80 and 443 to the new server IP, use

    iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination NEW_SERVER_IP_HERE:80
iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination NEW_SERVER_IP_HERE:443
iptables -t nat -A POSTROUTING -j MASQUERADE

    NEW_SERVER_IP_HERE = replace with IP address of the new server.

    Now any traffic coming to the OLD server on ports 80 and 443 will be forwarded to the new server IP address. If you need to forward any port, just duplicate the command and change the port number as required.

    If you want to remove the rules, you can flush iptables NAT rules with

    iptables -t nat -F

    To View iptables NAT rules

    iptables -t nat -L

    To make the iptables rules permanent on RHEL based Linux, run

    iptables-save > /etc/sysconfig/iptables

    To restore iptabes

    iptables-restore < /etc/sysconfig/iptables

    See iptables

  • How to sort the result of du -h command

    How to sort the result of du -h command

    To sort the result of “du -h” command, you can use

    du -h --max-depth=1 | sort -h

    If you want to list files in current files also, you can use

    du -ah --max-depth=1 | sort -h

    If you want to display files in KB, you can use

    du -k --max-depth=1 | sort -n

    Back to Disk Usage

  • How to change the SSH Port in Linux

    How to change the SSH Port in Linux

    By default SSH service runs on port 22. Running SSH service on port 22 is not secure as it can become an easy target for attackers who are scanning the network for open ports. By changing the default port, you can make it more difficult for attackers to find and exploit the SSH service.

    To change SSH port, edit file

    vi /etc/ssh/sshd_config

    In the file, find the line

    Port 22

    Change 22 to whatever port number you want. It is better to use a higher port number so it will be difficult for hackers to find.

    Restart SSH service

    On Debian/Ubuntu

    systemctl restart ssh

    On RHEL-based Linux (AlmaLinux, RockeyLinux, Oracle Linux, CentOS)

    systemctl restart sshd

    If you have a firewall, make sure you open the new port in the firewall.

    See ssh

  • How to change IP address of VestaCP Server

    How to change IP address of VestaCP Server

    Recently I upgraded a VestaCP server running on an Amazon Lightsail server. Upgrade resulted in a change of the internal IP address of the server, this made site hosted on the server stop working. To fix the problem, I run the command

    /usr/local/vesta/bin/v-update-sys-ip NEW_IP_HERE

    NEW_IP_HERE – replace with actual IP. If your server is behind NAT like Amazon lighsail/ec2, use the internal IP address instead of the public IP address.

    Example

    /usr/local/vesta/bin/v-update-sys-ip 172.26.8.137

    Now you need to restart the web server

    systemctl restart apache2
systemctl restart nginx
systemctl restart vesta

    Back to VestaCP

  • How to change Port of Squid Proxy Server

    How to change Port of Squid Proxy Server

    Squid proxy server runs on port 3128 by default. Changing squid proxy server port to a non-standard port is a good idea as it will protect your proxy server from abusers and hackers.

    Method 1

    You can use the sed command to replace the port number

    sudo sed -i 's/^http_port.*$/http_port NEW_PORT_HERE/g'  /etc/squid/squid.conf

    In the above command, replace NEW_PORT_HERE with the port number you need.

    For example, to run squid proxy on port 5555, run

    sudo sed -i 's/^http_port.*$/http_port 5555/g'  /etc/squid/squid.conf

    Now restart Squid Proxy server

    sudo systemctl restart squid

    If you have a firewall, you will need to open the port in the firewall.

    Method 2: Manual Configuration Change

    Edit Squid configuration file with vi or nano editor.

    sudo vi /etc/squid/squid.conf

    In the file, find http_port, it should look like

    http_port 3128

    Change 3128 to whatever port number you like. Save and exit the editor.

    Restart the Squid Proxy server with the command

    sudo systemctl restart squid

    Open Port in firewall

    If you have a firewall, you need to open the port in the firewall.

    CentOS/AlmaLinux/RHEL

    If you are using firewalld, you can use the command

    sudo firewall-cmd --permanent --zone=public --add-port=8000/tcp
sudo firewall-cmd --reload

    Replace 8000 with your squid proxy port.

    Back to Squid Proxy Installer

  • configure: error: “mysql headers missing.”

    configure: error: “mysql headers missing.”

    When compiling a software from source I get error

    checking mysql/mysql.h usability... no
checking mysql/mysql.h presence... no
checking for mysql/mysql.h... no
configure: error: "mysql headers missing."

    On Debian 10, fixed it by installing package default-libmysqlclient-dev

    apt install -y default-libmysqlclient-dev

    See Errors

  • Vagrant private_network can’t ping

    Vagrant private_network can’t ping

    When I create Vagrant virtual machine with private networking, I can’t ping to IP address of the VM. The only way to connect the VM is by using the “vagrant ssh” command.

    In my Vagrantfile, I had

    Vagrant.configure("2") do |config|
  config.vm.box = "bento/ubuntu-20.04"
  config.vm.network "private_network", ip: "192.168.56.4"
end

    To fix the problem, first verify you have vboxnet0 network interface with the command

    ip link

    If the state of the vboxnet0 network interface is DOWN, make it UP with the command

    sudo ip link set vboxnet0 up

    Go to VirtualBox > File > Host Network Manager or press CTRL + H

    VirtualBox Host Network manager

    Verify vboxnet0 is set properly. You can delete it and create it again using “Host Network Manager”, which will fix any problem with the network.

    Make sure the IP you specify in Vagrantfile is in the same range set for the vboxnet0 interface in VirtualBox Host Network manager.

  • How to add a PPA repository using Ansible?

    How to add a PPA repository using Ansible?

    To add a PPA repository using Ansible, use

      - name: add ppa
    apt_repository:
      validate_certs: no
      repo: 'ppa:ondrej/php'
      state: present

    Example

    ---
  - hosts: web
    user: root
    tasks:
        - name: update system
          apt:
            update_cache: yes
            cache_valid_time: 3600
        - name: add ppa
          apt_repository:
            validate_certs: no
            repo: 'ppa:ondrej/php'
            state: present
        - name: inatall php
          apt:
            pkg:
            - php8.1-bcmath
            - php8.1-cli
            - php8.1-common
            - php8.1-curl
            - php8.1-gd
            - php8.1-imap
            - php8.1-intl
            - php8.1-mbstring
            - php8.1-mysql
            - php8.1-readline
            - php8.1-soap
            - php8.1-xml
            - php8.1-xmlrpc
            - php8.1-zip
            - php8.1-imagick
            - composer
            - ImageMagick
  • How to find all IP address of a Linux server

    How to find all IP address of a Linux server

    To list all configured IP addresses on a server, you can use the command

    hostname -I

    To find the main IP, use

    hostname -I | awk '{print $1}'

    You can also use the command “ip addr” to list all IP address.

    ip addr | grep "inet "

    Example

    root@server20 [~]# ip addr | grep "inet "
    inet 127.0.0.1/8 scope host lo
    inet 158.69.53.72/24 brd 158.69.53.255 scope global eth0
    inet 158.69.114.170/32 brd 158.69.114.170 scope global eth0:cp1
    inet 54.39.173.35/32 brd 54.39.173.35 scope global eth0:cp2
root@server20 [~]# 

    
Another command that lists IP address is ifconfig



    root@server20 [~]# ifconfig
eth0: flags=4163  mtu 1500
        inet 158.69.53.72  netmask 255.255.255.0  broadcast 158.69.53.255
        inet6 fe80::ec4:7aff:fe69:9342  prefixlen 64  scopeid 0x20
        inet6 2607:5300:60:8248::  prefixlen 64  scopeid 0x0
        ether 0c:c4:7a:69:93:42  txqueuelen 1000  (Ethernet)
        RX packets 3423724119  bytes 670412248418 (624.3 GiB)
        RX errors 0  dropped 0  overruns 18691  frame 0
        TX packets 3843828868  bytes 3897383743022 (3.5 TiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device memory 0xfb120000-fb13ffff  

eth0:cp1: flags=4163  mtu 1500
        inet 158.69.114.170  netmask 255.255.255.255  broadcast 158.69.114.170
        ether 0c:c4:7a:69:93:42  txqueuelen 1000  (Ethernet)
        device memory 0xfb120000-fb13ffff  

eth0:cp2: flags=4163  mtu 1500
        inet 54.39.173.35  netmask 255.255.255.255  broadcast 54.39.173.35
        ether 0c:c4:7a:69:93:42  txqueuelen 1000  (Ethernet)
        device memory 0xfb120000-fb13ffff  

lo: flags=73  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 3364258789  bytes 4360941211553 (3.9 TiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3364258789  bytes 4360941211553 (3.9 TiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

root@server20 [~]#
  • One of the configured repositories failed (MariaDB100)

    One of the configured repositories failed (MariaDB100)

    On a Cpanel server, when running “yum update”, I got the error message “One of the configured repositories failed (MariaDB100)”.

    [root@cp ~]# yum update
Loaded plugins: fastestmirror, universal-hooks
Loading mirror speeds from cached hostfile
 * EA4: 178.18.193.52
 * cpanel-addons-production-feed: 178.18.193.52
 * cpanel-plugins: 178.18.193.52
 * base: centos.uni-sofia.bg
 * extras: centos.uni-sofia.bg
 * updates: centos.uni-sofia.bg
http://yum.mariadb.org/10.0/centos7-amd64/repodata/repomd.xml: [Errno 14] HTTP Error 404 - Not Found
Trying other mirror.
To address this issue please refer to the below wiki article 

https://wiki.centos.org/yum-errors

If above article doesn't help to resolve this issue please use https://bugs.centos.org/.



 One of the configured repositories failed (MariaDB100),
 and yum doesn't have enough cached data to continue. At this point the only
 safe thing yum can do is fail. There are a few ways to work "fix" this:

     1. Contact the upstream for the repository and get them to fix the problem.

     2. Reconfigure the baseurl/etc. for the repository, to point to a working
        upstream. This is most often useful if you are using a newer
        distribution release than is supported by the repository (and the
        packages for the previous distribution release still work).

     3. Run the command with the repository temporarily disabled
            yum --disablerepo=MariaDB100 ...

     4. Disable the repository permanently, so yum won't use it by default. Yum
        will then just ignore the repository until you permanently enable it
        again or use --enablerepo for temporary usage:

            yum-config-manager --disable MariaDB100
        or
            subscription-manager repos --disable=MariaDB100

     5. Configure the failing repository to be skipped, if it is unavailable.
        Note that yum will try to contact the repo. when it runs most commands,
        so will have to try and fail each time (and thus. yum will be be much
        slower). If it is a very temporary problem though, this is often a nice
        compromise:

            yum-config-manager --save --setopt=MariaDB100.skip_if_unavailable=true

failure: repodata/repomd.xml from MariaDB100: [Errno 256] No more mirrors to try.
http://yum.mariadb.org/10.0/centos7-amd64/repodata/repomd.xml: [Errno 14] HTTP Error 404 - Not Found
[root@cp ~]#

    The error is because MariaDB 10.0 is the end of life.

    To fix the error message, remove the MairaDB repo file

    cd /etc/yum.repos.d/
mv MariaDB* ~/

    Now yum update will work.

    To update MairaDB from 10.0 to the supported 10.2 version, create a file

    vi /etc/yum.repos.d/MariaDB.repo

    with following content

    # MariaDB 10.2 CentOS repository list - created 2022-07-31 16:26 UTC
# https://mariadb.org/download/
[mariadb]
name = MariaDB
baseurl = https://mirror.rackspace.com/mariadb/yum/10.2/centos7-amd64
gpgkey=https://mirror.rackspace.com/mariadb/yum/RPM-GPG-KEY-MariaDB
gpgcheck=1

    This is for CentOS 7 + MariaDB 10.2, if you have different Linux distribution or MairaDB version, you can generate repository config at

    https://mariadb.org/download/?t=repo-config

    Take a backup of current MySQL databases with

    mysqldump --opt --triggers --routines --events --all-databases > all-db.sql

    Upgrade MariaDB with

    yum update

    After MariaDB packages are updated to the newer version, update Databases with

    mysql_upgrade

    See Errors

  • Out Of Memory (OOM) Error

    Out Of Memory (OOM) Error

    OOM (Out Of Memory) error happens when a server run out of Memory. When a server runs out of memory, processes get randomly killed to free up memory. This will result in the service that gets killed stop functioning.

    How to avoid OOM Error

    Here are a few things you can do to avoid server running out of memory.

    • Reduce memory usage by your application if possible. Poorly coded applications can use a lot of memory, and cause memory leaks.
    • Upgrade Memory (RAM). Adding more RAM to the server helps.
    • Add Virtual Memory. You can add swap, this will use your disk as memory, it is slower than RAM, but help to avoid OOM when the server runs out of memory.

    To see if your server had OOM error, run

    Debian/Ubuntu

    grep -i oom /var/log/syslog*

    RHEL/AlmaLinux

    grep -i oom /var/log/messages*
cat /var/log/messages* | grep 'Out of memory'

    Back to Errors