Troubleshooting /usr/sbin/ejabberdctl: line 428: 14615 Segmentation fault

I noticed once after installing EJabberd in Ubuntu Server 16.04 and adding the user from the root command:

ejabberdctl register USER localhost PASSWORD

The following error:

/usr/sbin/ejabberdctl: line 428: 14615 Segmentation fault $EXEC_CMD “$CMD”

The log file /var/log/syslog reported:

Sep 11 11:17:00 mail kernel: [4647543.535271] audit: type=1400 audit(1505117820.598:43): apparmor=”DENIED” operation=”file_mmap” profile=”/usr/sbin/ejabberdctl//su” name=”/bin/su” pid=14439 comm=”su” requested_mask=”m” denied_mask=”m” fsuid=0 ouid=0

To solve the error, I opened the apparmor configuration file:

nano /etc/apparmor.d/usr.sbin.ejabberdctl

Found the string:

/bin/su                                 r,

And changed it by adding m:

/bin/su                                 rm,

Restarted the apparmor:

sudo service apparmor restart

Done, the error no longer appears.

Eliminating duplicate headers on WordPress pages

Once asked to remove on the pages of one WordPress site repeated headlines.

After viewing the code, noticed that they are adding the plugin Yoast SEO, edited in its settings Titles & Metas – Yoast SEO line:

%%title%% %%page%% %%sep%% %%sitename%%

But it did not turn out very nicely, because the plugin sometimes missed the space after the hyphen, so I returned it as it was.

I fixed the error by commenting out the following line in the code of the active template (layout-head.php file):

// bloginfo( 'name' );

After that, the title of the pages was displayed correctly.

P.S. If you disable the Yoast SEO plugin, the above line will need to be uncommented back.
If the topic is not self-explanatory, then probably after the appearance and installation of its update, the layout-head.php file will return to the original state.

See also:
How to remove a repeating title in wordpress rss

Configuring the ircd-hybrid

Suppose we installed ircd-hybrid as I described in this article – Installing the IRC server – ircd-hybrid
Now proceed to setup.

Let’s edit the text of the welcome message:

sudo nano /etc/ircd-hybrid/ircd.motd

Make a copy of the configuration file just in case:

sudo cp /etc/ircd-hybrid/ircd.conf /etc/ircd-hybrid/ircd_original.conf

Open the main configuration file in the text editor, configure the parameters and comment out the unnecessary ones:

sudo nano /etc/ircd-hybrid/ircd.conf

In the configuration file, the standard serverinfo parameters are first followed, if desired, we change them:

serverinfo {
        name = "hybrid8.debian.local";
        description = "test";
        network_name = "debian";
        network_desc = "This is My Network";
        hub = no;
        default_max_clients = 512;
        max_nick_length = 15;
        max_topic_length = 300;
};

Further, contact the server administrator, if desired, change them:

admin {
        name = "SYSADMIN";
        description = "Main Server Administrator";
        email = "<admin@example.com>";
};

Network parameters (on which ports the ircd-hybrid will work, for example, you can change to 6667):

listen {
        port = 6665 .. 6669;
};

The first auth block that allows you to connect everything from the local address 127.0.0.1:

auth {
        user = "*@127.0.0.1";
        spoof = "i.love.debian.org";
        class = "opers";
        flags = need_password, spoof_notice, exceed_limit, kline_exempt,
                xline_exempt, resv_exempt, no_tilde, can_flood;
};

Another auth block allows you to connect to all (comment or change to your own needs):

auth {
        user = "*@*";
        class = "users";
        flags = need_ident;
};

For example, create a password for the user, copy the result of the command in an encrypted form:

mkpasswd PASSWORD

We add the possibility of authorization to any users only with a password and from the specified network:

auth {
        user = "*@192.168.3.0/24";
        class = "users";
        flags = need_password;
encrypted = yes;
password = "PASSWORD_FROM_mkpasswd";
};

In the auth block the password will be stored in encrypted form, in the IRC client it is specified as it is.
To specify the password in the auth block in the unencrypted form, you need to remove encrypted.

In the general section, disable the need_ident:

general {
...
disable_auth = yes;
...
};

Restart ircd-hybrid to apply the changes:

sudo /etc/init.d/ircd-hybrid restart
sudo service ircd-hybrid restart

We can also add an operator:

auth {
name = "admin";
user = "admin@192.168.3.254/32";
class = "opers";
flags = need_password, spoof_notice, exceed_limit, kline_exempt;
encrypted = yes;
password = "PASSWORD_FROM_mkpasswd";
};

You can block IP addresses as necessary in the following ways:

deny {
       ip = "192.168.4.4/32";
       reason = "Spam";
};

After the changes in the configuration file, you need to restart the ircd-hybrid.
As a customer you can use for example free AdiIRC.

Installing the IRC server – ircd-hybrid

Here is an example of installing an IRC server – ircd-hybrid.

To install ircd-hybrid in Ubuntu, run the following command:

sudo apt-get install ircd-hybrid

After installation, ircd-hybrid will use TCP ports 6665-6669.

If desired, to connect to the IRC from the terminal, you can set for example the IRC client epic4:

sudo apt-get install epic4

And connect:

irc 127.0.0.1

You can connect to the channel with the command:

/join CHANNEL

Go out:

/quit

Check whether the ircd-hybrid is running, for example:

netstat -a | grep irc
netstat -an | grep 6667

Restart ircd-hybrid as follows:

sudo /etc/init.d/ircd-hybrid restart

If iptables is used, before you need to write a rule:

sudo iptables -A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport 6667 -j ACCEPT

This completes the installation and you can proceed with the configuration.
See my article about setting up – Configuring the ircd-hybrid

I’ll also give an example of installing ircd-hybrid from the sources.
Download ircd-hybrid from the official site:

wget http://prdownloads.sourceforge.net/ircd-hybrid/ircd-hybrid-8.2.22.tgz
tar -xvf ircd-hybrid-8.2.22.tgz
cd ircd-hybrid-8.2.22

Install the necessary components:

sudo apt-get install build-essential unzip cmake

Configure and install ircd-hybrid:

./configure --prefix="/home/USER/ircd"
make
make install

You can also install Anope (to extend the functionality):

cd /tmp/
wget https://github.com/anope/anope/archive/2.0.zip
unzip 2.0.zip
cd anope-2.0
./Config
cd build
make
make install

Let’s install the right owner:

sudo chown -R USER: ~/services ~/ircd

How to install and enable mcrypt

To install mcrypt in Ubuntu/Debian, run the following command:

sudo apt-get install php-mcrypt

In CentOS like this:

sudo yum install php-mcrypt

After that, the mcrypt.ini file will appear in the PHP directory with the mcrypt.so extension, in my case it appeared /etc/php/7.0/mods-available/mcrypt.ini.

You can activate/deactivate the module like this:

sudo phpenmod mcrypt
sudo phpdismod mcrypt

Restart Apache2 to apply the changes:

sudo service apache2 restart

Let’s see if mcrypt is activated:

php -i | grep -i mcrypt

How to install and turn on soap

To install soap in Ubuntu/Debian, run the command:

sudo apt-get install php-soap

In CentOS like this:

sudo yum install php-soap

Look for the name of the package, if that’s possible:

apt-cache search php | grep -i soap
yum search php | grep -i soap

You can activate/deactivate the module like this:

sudo phpenmod soap
sudo phpdismod soap

Restart Apache2 to apply the changes:

sudo service apache2 restart

Let’s see if soap is activated:

php -i | grep -i soap

Setting up a backup space for Hetzner.de

On the test went into https://robot.your-server.de/, has opened Main functions – Servers, selected the server and in the tab Backup activated free 100GB, since for servers costing 39 € or more this place was allocated for free.
Activated WebDAV to test, samba was already activated, it is also possible to connect via FTP, FTPS, SFTP and SCP using a user name and password, via SFTP/SCP, you can also connect using the key.
The speed of data transfer to the backup server depends on the number of connected users and their traffic.
When connecting, use a domain name, for example USER.your-backup.de, because the IP address can change.
Also, you can not create the /etc and /lib directories in place for backups.

For an example in Ubuntu Server, I will mount a backup location using SAMBA/CIFS.
Install the necessary utilities and create a directory in which we will mount:

sudo apt-get install cifs-utils
sudo mkdir /backup

Temporarily mount the place with the command:

sudo mount.cifs -o user=USER,pass=PASSWORD //USER.your-backup.de/backup /backup

To automatically mount after rebooting the system, add the following line to the / etc / fstab file:

//USER.your-backup.de/backup /backup   cifs  iocharset=utf8,rw,credentials=/etc/backup-credentials.txt,uid=SYSTEM_USER,gid=SYSTEM_GROUP,file_mode=0660,dir_mode=0770 0 0

To open a file it is possible for example with the text editor nano (CTRL+X for an output, y/n for saving or canceling changes):

sudo nano /etc/fstab

And add the following lines to the file /etc/backup-credentials.txt:

username=USER
password=PASSWORD

We will only set permissions for the file owner for security reasons:

sudo chmod 600 /etc/backup-credentials.txt

If you use the Windows operating system, you need to create a system user with the same login and password as the backup location.

Now I will connect to the test via WebDAV.
Install the necessary utilities and create a directory in which we will mount:

sudo apt-get install davfs2
sudo mkdir /backup

In CentOS:

yum install davfs2
mkdir /backup

Temporarily to mount through WebDAV a place it is possible a command:

sudo mount -t davfs https://USER.your-backup.de /backup

To automatically mount after rebooting the system, add the following line to the /etc/fstab file:

https://USER.your-backup.de /backup davfs rw,uid=SYSTEM_USER,gid=SYSTEM_GROUP,file_mode=0660,dir_mode=0770 0 0

And in the file /etc/davfs2/secrets the following line:

https://USER.your-backup.de USER PASSWORD

That’s all, in my case, you can save backups to the /backup directory.

Redirecting requests to SSL

I will describe several options for redirecting requests from HTTP to HTTPS, the first and second methods are the most reliable:

1) Across virtual hosts.
In the site configuration, add the line “Redirect”, for example, when an SSL certificate was installed on the site and you need to redirect all requests to HTTPS:

NameVirtualHost *:80
<VirtualHost *:80>
   ServerName ixnfo.com
   ServerAlias www.ixnfo.com
   Redirect / https://ixnfo.com/
</VirtualHost>

<VirtualHost *:443>
   ServerName ixnfo.com
   ServerAlias www.ixnfo.com
   DocumentRoot /var/www/html
   SSLEngine On
   ...
</VirtualHost>

If you want to redirect only some requests:

NameVirtualHost *:80
<VirtualHost *:80>
   ServerName ixnfo.com
   ServerAlias www.ixnfo.com
   Redirect /forum https://forum.ixnfo.com/
</VirtualHost>

<VirtualHost *:443>
   ServerName ixnfo.com
   ServerAlias www.ixnfo.com
   DocumentRoot /var/www/html
   SSLEngine On
   ...
</VirtualHost>

2) Redirecting using .htaccess.
Similarly, as in the first version, put the .htaccess file in the desired directory of the site and add a line to it (so that the web server takes into account the .htaccess file, you need to specify the option AllowOverride All in the site configuration above):

Redirect /forum https://forum.ixnfo.com/

3) And not the recommended way, using mod_rewrite, the content should be added to the .htaccess file:

# Enabling the Rewrite function
RewriteEngine On
# Verify that the connection is not HTTPS
RewriteCond %{HTTPS} !=on
# We are sending to the same place, but already HTTPS:
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

Another example:

<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_USER_AGENT} ^(.+)$
RewriteCond %{SERVER_NAME} ^ixnfo\.com$ [OR]
RewriteCond %{SERVER_NAME} ^www\.ixnfo\.com$
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
Header add Strict-Transport-Security "max-age=300"
</IfModule>

To allow some pages to open via http and https, add the following in the top example:

RewriteCond %{REQUEST_URI} !^/dir/
RewriteCond %{REQUEST_URI} !^/dir/file.php

See also:
Using .htaccess
How to configure SSL and HTTPS for WordPress
Installing Certbot in Ubuntu