Exim Error: Failed to create directory “/var/spool/exim/db”: Permission denied

We came across an issue where emails were not coming to server

on checking logs we saw below error

failed to open DB file /var/spool/exim/db/ratelimit: Permission denied (euid=47 egid=12)

We executed below steps to fix the error


1003 2020-05-20 11:38:14 rm -fv /var/spool/exim/db/*
1004 2020-05-20 11:38:30 service exim restart
1005 2020-05-20 11:39:22 chown -R mailnull.mail /var/spool/exim
1006 2020-05-20 11:40:19 chmod 0750 /var/spool/exim
1007 2020-05-20 11:40:25 /scripts/upcp –force

Change SSH port on Centos 7

Open file using command

vi /etc/ssh/sshd_config

#Port 22

remove the # symbol and change the default port 22 and change it accordingly to your preference

save the file and exit

semanage port -a -t ssh_port_t -p tcp 2244 where 1234 is my ssh port

firewall-cmd --permanent --zone=public --add-port=1234/tcp

firewall-cmd --reload

systemctl restart sshd.service

Now telnet <server IP > port to make sure the ssh port is working before logging off from server

named.service failed. Centos Web Panel

Named on Centos webpanel was not starting on server

On checking logs only below information were displayed

named.service – Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Fri 2020-03-13 07:30:38 EDT; 5min ago
Process: 24466 ExecStartPre=/bin/bash -c if [ ! “$DISABLE_ZONE_CHECKING” == “yes” ]; then /usr/sbin/named-checkconf -z “$NAMEDCONF”; else echo “Checking of zone files is disabled”; fi (code=exited, status=1/FAILURE)


Mar 13 07:30:38 OK1129.test.com systemd[1]: named.service: control process exited, code=exited status=1
Mar 13 07:30:38 OK1129.test.com systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
Mar 13 07:30:38 OK1129.test.com systemd[1]: Unit named.service entered failed state.
Mar 13 07:30:38 OK1129.test.com systemd[1]: named.service failed.

To find errors you need to use below command and fix the displayed error to get DNS online

named-checkconf -z /etc/named.conf

Invalid command ‘SetEnv’, perhaps misspelled or defined by a module not included in the server configuration,

While working on server

We saw one website giving 500 error

On checking I see error was coming on .htaccess rules

/docs/subdomains/my/public_html/.htaccess: Invalid command ‘SetEnv’, perhaps misspelled or defined by a module not included in the server configuration

To resolve this problem, we need to install the module ‘mod_env’ manually.

For easyapache4 users,

#yum install ea-apache24-mod_env.x86_64

“No route to host” fix for Centos 7

After changing SSH port, If I try to SSH using new port number

I was getting error “no route to host”

The issue was due to IPtables

I have to flush all firewall rules using

IPtables -f

serveice iptables restart

This fixed the ssh port issue

error: db3 error(-30974) from dbenv->failchk: DB_RUNRECOVERY: Fatal error, run database recovery

root@support [/home/tin/public_html]# yum update
rpmdb: Thread/process 15537/139860640372640 failed: Thread died in Berkeley DB library
error: db3 error(-30974) from dbenv->failchk: DB_RUNRECOVERY: Fatal error, run database recovery
error: cannot open Packages index using db3 – (-30974)
error: cannot open Packages database in /var/lib/rpm
CRITICAL:yum.main:

Error: rpmdb open failed

mv /var/lib/rpm/__db* /tmp


root@support [/home/tin/public_html]# yum clean all
Loaded plugins: fastestmirror, universal-hooks
Cleaning repos: EA4 cpanel-addons-production-feed cpanel-plugins base epel extras nginx remi-php56 remi-safe updates
Cleaning up Everything
Cleaning up list of fastest mirrors


root@support [/home/tin/public_html]# yum update
Loaded plugins: fastestmirror, universal-hooks
Setting up Update Process

Error:The system experienced the following error when it attempted to install the “OWASP ModSecurity Core Rule Set V3.0”


Error:
The system experienced the following error when it attempted to install the “OWASP ModSecurity Core Rule Set V3.0” vendor: API failure: The system could not validate the new Apache configuration because httpd exited with a nonzero value. Apache produced the following error: httpd: Syntax error on line 224 of /etc/apache2/conf/httpd.conf: Syntax error on line 32 of /etc/apache2/conf.d/modsec2.conf: Syntax error on line 28 of /etc/apache2/conf.d/modsec/modsec2.cpanel.conf: Could not open configuration file /etc/apache2/conf.d/modsec_vendor_configs/OWASP/modsecurity_crs_10_setup.conf: No such file or directory

1. Manually edit /var/cpanel/modsec_cpanel_conf_datastore file with your favorite editor. 2. Removed all active configs, active vendors, disabled rules, and updates. 3. Just keep disabled rule. 4. Save the file. 5. Login to WHM >> Home >> Security Center >> Modsecurity Vendors >> Manage Vendors >> OWASP ModSecurity Core Rule Set >> click +install. 6. Modsecurity rules will be installed without any issue.