Category Archives: Linux

How to enable SMTP without SSL on port 25 in iRedMail / Postfix

To allow the sending of messages on the mail server without encryption via port 25, you need to open the Postfix configuration file, for example, in the nano editor (in which Ctrl+X to exit, y/n to save or cancel changes):

sudo nano /etc/postfix/main.cf

And uncomment two lines:

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous

And leave the commented line:

#smtpd_tls_auth_only=yes

Reload Postfix to apply the changes:

sudo service postfix restart

After that it will be possible to send messages via SMTP through port 25 without SSL, and as usual through 587 with SSL.

See also:
Allow insecure connections to POP3 / IMAP iRedMail

How to fix error “host NAME greeted me with my own hostname NAME”

I noticed once on one server that Postfix does not always send mail, the logs had the following error:

warning: host NAME[192.168.5.5]:25 greeted me with my own hostname NAME

After seeing the host name:

hostname -f

Found that it is not correct and coincides with that on which the mail is sent!

Changed the host name to the correct one in the following files (in the nano editor Ctrl+X to exit, y/n to save or cancel changes):

sudo nano /etc/hostname
sudo nano /etc/postfix/main.cf
sudo nano /etc/hosts

Done, after that the error did not appear and the mail was successfully delivered.

Redmine Backup

Create a script (in the text editor nano Ctrl+X to exit, y/n to save or cancel changes):

sudo nano /etc/cron.daily/redmine

Sample script content:

#!/bin/sh
/usr/bin/mysqldump -u root -p<password> redmine_default | gzip > /path/to/backups/redmine_db_`date +%y_%m_%d`.gz
rsync -a /var/lib/redmine/default/files /path/to/backups/files

Let’s make the script executable:

chmod +x /etc/cron.daily/redmine

In the script, you can also add the command to delete old files or directories so that the disk does not overflow, see my article – Script to delete old files

See also other my articles about backup – Backup

How to fix error “dhcpd self-test failed. Please fix the config file”

I noticed once in the syslog:

dhcpd self-test failed. Please fix the config file

Isc-dhcp-server was installed on the server.

To check the correctness of the configuration file, use the command:

dhcpd -t
dhcpd -t -cf /dir/dhcpd.conf
/usr/sbin/dhcpd -t

The command should tell which line the error is, but noted that if it is not critical, it may not.
The key “t” executes the configuration test, and “cf” allows you to specify the path to the configuration file if it is not standard.

In my case, in the configuration file /etc/dhcp/dhcpd.conf, someone made a typo, in the line below (there was an extra letter):

authorivtative;

Because of this, an error occurred, but despite the error dhcp worked.
Although there were also some critical errors, such as an incorrectly written mac address, DHCP did not start because of this error.

How to fix error Failed binding to authentication address * port 1812: Address already in use freeradius

I once ran FreeRADIUS in debug mode:

sudo radiusd -X

And I noticed the following error:

Failed binding to authentication address * port 1812: Address already in use freeradius
/usr/local/freeradius/etc/raddb/radiusd.conf[84]: Error binding to port for 0.0.0.0 port 1812

The error indicates that the address is already in use, so you need to stop the running FreeRADIUS process, look for it and see what’s running on the ports:

sudo ps ax | grep radius
sudo netstat -tulpn | grep :1812
sudo netstat -tulpn | grep :1813
sudo netstat -tulpn | grep :67

In my case, /usr/sbin/radiusd was already started, it can be terminated by PID:

sudo kill -9 PID

Or so:

sudo /etc/init.d/radiusd status
sudo /etc/init.d/radiusd stop
sudo /etc/init.d/freeradius stop

Installing and using dhcping

dhcping – a utility for checking DHCP-servers using unicast packages.

In Ubuntu, you can install dhcping with the command:

sudo apt-get install dhcping

First let’s see what IP-addresses are received and from which gateway:

ifconfig
route
netstat -rn | grep default

Also you can see the information received from DHCP in the directory /var/lib/dhcp/.

In my case, IP is received from the DHCP server 10.0.2.2.
Here’s an example of running dhcping:

dhcping -s 10.0.2.2

If the DHCP server responds, the following information will be displayed:

Got answer from: 10.0.2.2

If there is no answer:

no answer

I’ll describe the dhcping startup keys:
-v (detailed mode)
-V (very detailed mode)
-i (use DHCPINFORM packets)
-r (use DHCPREQUEST packets (standard))
-q (quiet mode)
-t maxwait (response timeout, standard 3 seconds)
-c IP (request the specified IP)
-s IP (send request to specified IP)
-h MAC (use the specified MAC address in the request)
-g IP (use the specified IP gateway in the packet)

Installing and Configuring HAProxy on Linux

HAProxy – proxy server for load balancing of TCP and HTTP applications, a method of distribution to multiple servers.

The Haproxy installation command in Ubuntu / Debian:

sudo apt-get install haproxy

For CentOS:

yum install haproxy

To view the installed version, you can use the command:

haproxy -v

We will check whether it will automatically start when the system is turned on, there should be ENABLED = 1 (in the nano editor CTRL+X to exit, y/n to save or cancel changes):

sudo nano /etc/default/haproxy

In CentOS, simply execute the command:

chkconfig haproxy on

Make a copy of the configuration file just in case:

sudo cp /etc/haproxy/haproxy.cfg{,.original}

Open the main configuration file in the editor:

sudo nano /etc/haproxy/haproxy.cfg

I will give an example of a configuration:

global
    log /dev/log    local0
    log /dev/log    local1 notice
    chroot /var/lib/haproxy
    user haproxy
    group haproxy
    daemon

defaults
    log     global
    mode    http
    option  httplog
    option  dontlognull
    contimeout     5000
    clitimeout     50000
    srvtimeout     50000
    errorfile 400 /etc/haproxy/errors/400.http
    errorfile 403 /etc/haproxy/errors/403.http
    errorfile 408 /etc/haproxy/errors/408.http
    errorfile 500 /etc/haproxy/errors/500.http
    errorfile 502 /etc/haproxy/errors/502.http
    errorfile 503 /etc/haproxy/errors/503.http
    errorfile 504 /etc/haproxy/errors/504.http
    retries 3
        
listen webfarm 0.0.0.0:80
    mode http
    stats enable
    stats uri /haproxy?stats
    stats auth user:password
    maxconn 5000
    balance roundrobin
    option httpclose
    option forwardfor
    server webserver01 192.168.88.50:80 check
    server webserver02 192.168.88.51:80 check

Parameter maxconn 5000 defines the maximum number of simultaneous connections, 0 is used to remove the limit, if not specified, it will be standard 2000.

For example, to use Apache2 on the same local machine, change its /etc/apache2/ports.conf and /etc/apache2/sites-enabled/ configuration files from 80 to 81 for example, and /etc/haproxy/haproxy. cfg we indicate:

server webserver01 0.0.0.0:81 check

Each time after a configuration change, you must restart:

sudo service apache2 restart
sudo service haproxy restart

This completes the installation and the basic configuration of HAProxy.