Nagios INternal Server Error

Hi,

On Centos 7 I haven't been able to configure phpmyadmin. I've got Apache 2.4.6 and I've installed the latest phpmyadmin, both with yum.
I've changed all the 127.0.0.1 to my public ip and I've disabled the 'denied all' directives. This is how it looks:
Code:

Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin

<Directory /usr/share/phpMyAdmin/>
   AddDefaultCharset UTF-8

   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip X.X.X.X
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     #Deny from All
     Allow from X.X.X.X
     Allow from ::1
   </IfModule>
</Directory>

<Directory /usr/share/phpMyAdmin/setup/>
   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip X.X.X.X
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     #Deny from All
     Allow from X.X.X.X
     Allow from ::1
</IfModule>
</Directory>

# These directories do not require access over HTTP - taken from the original
# phpMyAdmin upstream tarball
#
<Directory /usr/share/phpMyAdmin/libraries/>
    Order Deny,Allow
    #Deny from All
    Allow from All
</Directory>

<Directory /usr/share/phpMyAdmin/setup/lib/>
    Order Deny,Allow
    #Deny from All
    Allow from All
</Directory>

<Directory /usr/share/phpMyAdmin/setup/frames/>
    Order Deny,Allow
    #Deny from All
    #Allow from None
    Allow from All 
</Directory>

on /var/log/httpd/error_log:
Code:

AH01630: client denied by server configuration: /usr/share/phpMyAdmin

The httpd.conf hasn't been changed except this:
Code:

<Directory />
    AllowOverride none
    #Require all denied
    Allow from all
</Directory>

Normal access to my apache works fine (a default test page shows up)

SELinux is disabled and I've also stopped iptables to test it.

how to add a new service in nagios

Hi,
I just upgraded my server from Debian 7 to Debian 8. Everything seemed to go fine. However, Apache doesn't seem to be able to see the web files. If I go to my server's IP, I get an empty directory listing, as if the document root was pointed to an empty directory. However, my apache.conf points to /var/www, and there are indeed files the
Code:

root@maples-server:~# ls -la /var/www/
total 624
drwxr-xr-x  5 www-data www-data   4096 Apr 28 19:35 .
drwxr-xr-x 13 root     root       4096 Mar 28 11:43 ..
lrwxrwxrwx  1 www-data www-data     18 Jan 10 20:47 anthony -> /home/anthony/web/
-rw-------  1 www-data www-data   1455 Apr 23 21:41 .bash_history
-rw-r--r--  1 www-data www-data   3388 Jan 21 19:34 .bashrc
drwxr-xr-x 11 www-data www-data   4096 Apr 23 21:41 chat
lrwxrwxrwx  1 www-data www-data     14 Mar 23 16:20 dad -> /home/dad/web/
drwxr-xr-x  2 root     root       4096 Mar 15 05:52 html
-rw-r--r--  1 www-data www-data    323 Mar 26 18:35 index.htm
drwx------  2 www-data www-data   4096 Jan 21 19:50 Mail
-rw-r--r--  1 anthony  anthony  592795 Apr 23 19:52 phpfreechat-1.7.tar.gz
-rw-r--r--  1 www-data www-data     41 Apr 15 21:52 robots.txt
-rw-------  1 www-data www-data   1541 Apr 23 21:41 .viminfo

Here's my apache.conf (with the comments stripped; there were no "end of line" comments):

Code:

root@maples-server:~# cat /etc/apache2/apache2.conf | grep -v "#"

Mutex file:${APACHE_LOCK_DIR} default

PidFile ${APACHE_PID_FILE}

Timeout 300

KeepAlive On

MaxKeepAliveRequests 100

KeepAliveTimeout 5


User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}

HostnameLookups Off

ErrorLog ${APACHE_LOG_DIR}/error.log

LogLevel warn

IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf

Include ports.conf


<Directory />
	Options FollowSymLinks
	AllowOverride None
	Require all denied
</Directory>

<Directory /usr/share>
	AllowOverride None
	Require all granted
</Directory>

<Directory /var/www/>
	Options Indexes FollowSymLinks
	AllowOverride None
	Require all granted
</Directory>

AccessFileName .htaccess

<FilesMatch "^\.ht">
	Require all denied
</FilesMatch>


LogFormat "v:p h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent


IncludeOptional conf-enabled/*.conf

IncludeOptional sites-enabled/*.conf

I also checked sites-enabled/000-default, and everything seems to be fine the
Code:

root@maples-server:~# cat /etc/apache2/sites-enabled/000-default 
<VirtualHost *:80>

	DocumentRoot /var/www
	<Directory />
		Options FollowSymLinks
		AllowOverride All
	</Directory>
	<Directory /var/www/>
		Options Indexes FollowSymLinks MultiViews
		AllowOverride All
		Order allow,deny
		allow from all
	</Directory>

	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
	<Directory "/usr/lib/cgi-bin">
		AllowOverride All
		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
		Order allow,deny
		Allow from all
	</Directory>

	ErrorLog ${APACHE_LOG_DIR}/error.log

	# Possible values include: debug, info, notice, warn, error, crit,
	# alert, emerg.
	LogLevel warn

	CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Additionally, the connections are no longer showing up in /var/log/apache2/access.log. The last access time in that file is from before the update. I don't know enough about systemd to know if it is responsible for redirecting the logs to somewhere else...

At this point, I have no idea why it's not working. If anyone could point me in the right direction, I would really appreciate it.
Thanks!

EDIT: After looking around some more, it seems that the output of "apachectl -S" is helpful. So here it is:
Code:

root@maples-server:~# apachectl -S
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/lock/apache2" mechanism=fcntl 
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
Define: ENABLE_USR_LIB_CGI_BIN
User: name="www-data" id=33
Group: name="www-data" id=33

It appears that it's looking in a subdirectory html, which was not the case previously (before the upgrade). I've currently got a (ugly but useable) work-around using a symlink:
Code:

root@maples-server:~# cd /var/www/
root@maples-server:/var/www# rm -r html/
root@maples-server:/var/www# ln -s /var/www/
root@maples-server:/var/www# mv www html
root@maples-server:/var/www# ls -l html
lrwxrwxrwx 1 root root 9 Apr 28 22:36 html -> /var/www/

While this does work, I'd like to find the proper way of doing it. Any ideas?

SIR

I HAVE RECENTLY INSTALLED CENTOS7 AND CONFIGURED SQUID ON IT . I AM FACING A TYPICAL PROBLEM I AM ABLE TO BROWSE THE NORMAL PAGES BUT WHEN ANY PAGE THAT STARTS WITH HTTPS:\\ IS NOT ALLOWED TO BROWSE.
I HAVE CHECKED MY SQUID.CONF FILE BUT AM UNABLE TO FIND THE PROBLEM.
I HAVE DISABLE SELINEX AND THERE ARE NO RULES IN IPTABLES ALSO.

KINDLY HELP

PASTING MY SQUID.CONF FILE

#
# Recommended minimum configuration:
#

# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
#acl all src all
#acl manager proto cache_object
#acl localhost 127.0.0.1/32
#acl to_localhost dst 127.0.0.0/8 0.0.0.0/32

acl localnet src 191.254.178.0/24 191.254.28.0/24 10.0.43.0/24 10.0.42.0/24
http_access allow localnet
icp_access allow all

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

#
# Recommended minimum Access Permission configuration:
#
# Deny requests to certain unsafe ports
http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports

# Only allow cachemgr access from localhost
#http_access allow localhost manager
http_access allow localnet manager
http_access deny manager

# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost

#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#

# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
#http_access allow localhost

# And finally deny all other access to this proxy
http_access deny all


# Squid normally listens to port 3128
http_port 8899

# Uncomment and adjust the following to add a disk cache directory.
#cache_dir ufs /var/spool/squid 100 16 256

# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid

cache_peer 191.254.178.76 parent 3128 0 no-query no-digest
#icp_access allow all

#
# Add any of your own refresh_pattern entries above these.
#
refresh_pattern ^ftp: 1440 20 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320

Hello.

I have such links in a web site

/post.php?id=14
/cat.php?t=y&cid=6666

and i create an .htaccess file with that content inside.

Code:

Options +FollowSymLinks 
RewriteEngine On 
RewriteRule ^([^/]*)$ /post.php?id=$1 [L] 
RewriteRule ^([^/]*)/([^/]*)$ /cat.php?t=$1&cid=$2 [L]

but on refresh, apache returns 500 Internal server error.

I looked on logs and found that :
Quote:
AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.
Why that happens ? Mod_rewrite is enabled in httpd.conf.

I have installed phpmyadmin , when access http://192.1010.118.0/phpmyadmin ,it pops the error

Code:

Forbidden

You don't have permission to access /phpmyadmin on this server.

I check the phpmyadmin.conf , I have released "allow all" to all directory .

I also check the /var/log/httpd/error_log, it have the following error , I tried change all files permission to 777 but still not work , would advise what is wrong in my server ? thanks

Code:

[authz_co error] [pid 2525] [client 192.1010.118.0:51878] AH01630: client denied by server configuration: /usr/share/phpMyAdmin

On a fresh install of Arch with little more than openbox installed when I try to startx as a regular user this is the feedback I get:
xauth: timout in locking authority file /home/tim/.Xauthority
xauth: timout in locking authority file /home/tim/.Xauthority
xauth: timout in locking authority file /home/tim/.Xauthority
xauth: timout in locking authority file /home/tim/.Xauthority
Fatal server error:
(EE) cannot open log file "/home/tim/.local/share/xorg/Xorg.0.log"
xinit: giving up
xinit: unable to connect to X server: Connection refused
xinit: server error
xauth: timeout in locking authority file /home/tim/.Xauthority

After looking into the error someone suggested to copy the file from root user. When I try to view, less, or open the file I get strange feedback "magic cookie" and then everything starts to trip out and I cant seem to reverse it without a reboot.

I am trying to login to my linux server. I was initially doing "ssh hostname". The login did not work, so I tried "ssh username@IP", which still prompted me with the yes/no prompt, but I received this error:

Code:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
XX:XX...:XX.
Please contact your system administrator.
Add correct host key in /Users/user/.ssh/known_hosts to get rid of this message.
Offending RSA key in /Users/user/.ssh/known_hosts:5
RSA host key for 192.168.1.3 has changed and you have requested strict checking.
Host key verification failed.

I have set up a SFTP which I can connect to, go to the right directory and read/write files to.

The full path is home/sftpuser/SFTP/Customer
The user "sftpuser" I am connecting with is in the group "ftpusers" which has read/write access.

That works fine.

Here is my sshd_config:
Code:

Match Group ftpusers ChrootDirectory /home/%u/
 ForceCommand internal-sftp
  AllowAgentForwarding no
  AllowTcpForwarding no
  X11Forwarding no

However, I made a samba share of the folder Customer, when I go to the IP adress on a Windows machine "\\10.0.0.1\" I can see the folder Customer, when entering it requests user/pass and afterwards gives an error: you have not the right permissions.

In Webmin:
Customer /home/sftpuser/SFTP/Customer Read/write to everyone

My smb.conf:
Code:

[global]
    syslog = 0
    log file = /var/log/samba/log.%m
    read raw = no
    write raw = no
    passdb backend = tdbsam
    workgroup = DOMAIN
    usershare allow guests = yes
    socket options = TCP_NODELAY
    pam password change = yes
    passwd program = /usr/bin/passwd %u
    unix password sync = yes
    obey pam restrictions = yes
    passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
    server role = standalone server
    server string = %h server (Samba, Ubuntu)
    max log size = 1000
    map to guest = bad user
    panic action = /usr/share/samba/panic-action %d
    dns proxy = no



[Customer]
    force create mode = 755
    browsable = yes
    public = yes
    path = /home/sftpuser/SFTP/Customer
    force directory mode = 755
    writeable = yes
    valid users = @ftpusers
    force group = ftpusers
    write list = @ftpusers

I have been struggling for 3 days and am totally out of ideas.

LS -L for the folder:
Code:

total 4
drwxrwx---+ 2 sftpuser ftpusers 4096 Apr  9 11:35 Customer

Dear All

I need your help.
I want to get a file from windows server using ftp.
Below is the script I have created but the connection is not established:

#!/bin/sh

lcd "directory in linux server"
USER="username of windows server"
PASS="password"

ftp -n "ip of windows server" <<EOF
user $USER $PASS

cd "C:\Users... directory in windows server where file is located"
bin
get test1234.txt

bye

EOF

I hope somebody can help me!
BR,