store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Mon Sep 01, 2014 9:38 am

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 9 posts ] 
Author Message
 Post subject: MySQL server not starting after installing ASL
Unread postPosted: Mon Sep 12, 2011 2:03 pm 
Offline
Forum User
Forum User

Joined: Mon Sep 12, 2011 8:57 am
Posts: 6
Location: Herndon
Today I have signed up for 30-day free trial of ASL to try out in my dedicated server. My server runs on CentOS5 and Plesk control panel 10.

During the installation process it asked me:

skip networking is set in /etc/my.cnf
enable and re-run /var/asl/bin/database-setup

[root@u15426193 ~]# /var/asl/bin/database-setup
Testing login with defined credentials...failed.
This may be a first time install.
Attempting to create the user and database through Plesk
Configuring mysql user: tortix
Creating database: tortix
Loading OSSEC database schema: OK
/var/asl/bin/database-setup: line 152: /var/ossec/etc/mysql/mysql.schema: No such file or directory

Now, I am NOT able to start MySQL server

Starting psa... done
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)

[root@u15426193 tmp]# /etc/init.d/mysqld start
MySQL Daemon failed to start.
Starting mysqld: [FAILED]

I have tried setting "ln -s /var/lib/mysql/mysql.sock /tmp" but still no luck.

tail -f /var/log/mysqld.log
110912 11:01:18 mysqld started
110912 11:01:18 InnoDB: Started; log sequence number 0 221160096
110912 11:01:18 [Note] /usr/libexec/mysqld: ready for connections.
Version: '5.0.77-log' socket: '/var/lib/mysql/mysql.sock' port: 3306 Source distribution
110912 11:02:59 [Note] /usr/libexec/mysqld: Normal shutdown

110912 11:02:59 InnoDB: Starting shutdown...
110912 11:03:00 InnoDB: Shutdown completed; log sequence number 0 221160096
110912 11:03:00 [Note] /usr/libexec/mysqld: Shutdown complete


All my sites are down. :(

Please help.


Top
 Profile  
 
 Post subject: Re: MySQL server not starting after installing ASL
Unread postPosted: Mon Sep 12, 2011 6:42 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 3626
Location: Chantilly, VA
ASL wont (and cant) change anything in your mysql configuration. Do you change anything with your mysql configuration? Did you change anything else on your system?

_________________
Michael Shinn
Atomicorp - Security For Everyone

Co-Author of Troubleshooting Linux Firewalls.


Top
 Profile  
 
 Post subject: Re: MySQL server not starting after installing ASL
Unread postPosted: Mon Sep 12, 2011 6:53 pm 
Offline
Forum User
Forum User

Joined: Mon Sep 12, 2011 8:57 am
Posts: 6
Location: Herndon
Hi Mike,

I did not change anything. Actually, after some googling, i did the following and MySQL service started successfully.

ln -s /var/lib/mysql/mysql.sock /tmp

mysqld_safe --skip-grant-tables &

/etc/init.d/mysqld stop
/etc/init.d/mysqld start

Now, I can get to Plesk. But, most of my websites run PHP as FastCGI application. They are giving "500 - Internal Server Error" now. In Plesk logs, I see the following:

[Mon Sep 12 15:30:35 2011] [warn] [client x.x.x.x] (104)Connection reset by peer: mod_fcgid: error reading data from FastCGI server
[Mon Sep 12 15:30:35 2011] [error] [client x.x.x.x] Premature end of script headers: index.php

I think ASL's hardened security is causing this behaviour. Please help.

Thanks,
Yasin


Top
 Profile  
 
 Post subject: Re: MySQL server not starting after installing ASL
Unread postPosted: Mon Sep 12, 2011 6:57 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 3626
Location: Chantilly, VA
If the 500 error is what I think it is, its the buggy anti-debugging code in Plesk. Try this FAQ:

https://www.atomicorp.com/wiki/index.ph ... _ptrace_of

In short, add this to /etc/sysctl.conf:

kernel.grsecurity.harden_ptrace = 0

And reboot.

_________________
Michael Shinn
Atomicorp - Security For Everyone

Co-Author of Troubleshooting Linux Firewalls.


Top
 Profile  
 
 Post subject: Re: MySQL server not starting after installing ASL
Unread postPosted: Mon Sep 12, 2011 7:01 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7892
Location: earth
Answer is in the wiki:

https://www.atomicorp.com/wiki/index.php/Mysql


Top
 Profile  
 
 Post subject: Re: MySQL server not starting after installing ASL
Unread postPosted: Mon Sep 12, 2011 7:31 pm 
Offline
Forum User
Forum User

Joined: Mon Sep 12, 2011 8:57 am
Posts: 6
Location: Herndon
mikeshinn wrote:
If the 500 error is what I think it is, its the buggy anti-debugging code in Plesk. Try this FAQ:

https://www.atomicorp.com/wiki/index.ph ... _ptrace_of

In short, add this to /etc/sysctl.conf:

kernel.grsecurity.harden_ptrace = 0

And reboot.



Mike,

Thanks for your super fast response. I have tried the above but it didn't work. I still face the 500 Internal Server Error with FastCGI based websites.

MySQL server didn't start after the reboot. I have to run the following commands again to start it. I think it is running in safe mode.

ln -s /var/lib/mysql/mysql.sock /tmp
mysqld_safe --skip-grant-tables &
/etc/init.d/mysqld restart

Is there a way I can share my server details with you so you can quickly take a look?

Here is my my.cnf file config (for dedicated server with 8GB RAM):

[mysqld]
set-variable=local-infile=0
local-infile=0
socket=/var/lib/mysql/mysql.sock
datadir=/var/lib/mysql
#skip-innodb
skip-locking
#skip-bdb
safe-show-database
query_cache_limit=1M
query_cache_size=128M ## 32MB for every 1GB of RAM
query_cache_type=1
max_user_connections=200
max_connections=500
interactive_timeout=28800
wait_timeout=28800
#connect_timeout=20
thread_cache_size=128
key_buffer=128M ## 128MB for every 1GB of RAM
join_buffer=1M
max_connect_errors=20
max_allowed_packet=16M
table_cache=1024
#record_buffer=1M
sort_buffer_size=2M ## 1MB for every 1GB of RAM
read_buffer_size=2M ## 1MB for every 1GB of RAM
read_rnd_buffer_size=1M ## 1MB for every 1GB of RAM
thread_concurrency=2 ## Number of CPUs x 2
myisam_sort_buffer_size=64M
server-id=1
slow_query_log = /var/log/mysql_slow_queries.log
# this can be used on your own wish.
#collation-server=latin1_general_ci

[mysql.server]
user=mysql

[safe_mysqld]
err-log=/var/log/mysqld.log
pid-file=/var/lib/mysql/mysql.pid
open_files_limit=8192

[mysqldump]
quick
max_allowed_packet=16M

[mysql]
no-auto-rehash
#safe-updates


[isamchk]
key_buffer=64M
sort_buffer=64M
read_buffer=16M
write_buffer=16M

[myisamchk]
key_buffer=64M
sort_buffer=64M
read_buffer=16M
write_buffer=16M

[mysqlhotcopy]
interactive-timeout


Thanks,
Yasin


Top
 Profile  
 
 Post subject: Re: MySQL server not starting after installing ASL
Unread postPosted: Tue Sep 13, 2011 9:30 am 
Offline
Forum User
Forum User

Joined: Mon Sep 12, 2011 8:57 am
Posts: 6
Location: Herndon
I have fixed the MySQL issue. But, FastCGI is still not working. It gives 500 Internal Server Error.

I see the following errors in /var/log/sw-cp-server/error_log

2011-09-13 02:49:15: (mod_fastcgi.c.2582) FastCGI-stderr: PHP Fatal error: Uncaught exception 'Zend_Exception' with message 'No entry is registered for key 'config'' in /usr/local/psa/admin/plib/Zend/Registry.php:145
Stack trace:
#0 /usr/local/psa/admin/plib/CommonPanel/Exception.php(84): Zend_Registry::get('config')
#1 /usr/local/psa/admin/plib/CommonPanel/Exception.php(36): CommonPanel_Exception::_sendRuntimeReportXML(Object(PleskFatalException))
#2 /usr/local/psa/admin/plib/PleskException.php(49): CommonPanel_Exception::sendNotification(Object(PleskFatalException))
#3 /usr/local/psa/admin/plib/PleskException.php(10): report_crash('Unable to conne...', Array, 'PleskFatalExcep...', 500, Object(PleskFatalException))
#4 [internal function]: plesk_exception_handler(Object(PleskFatalException))
#5 {main}
thrown in /usr/local/psa/admin/plib/Zend/Registry.php on line 145

2011-09-13 02:50:18: (log.c.135) server stopped
all children busy, launch additional (total 2, limit 30


Also, I got the following error in my email from ASA:

Received From: u15422->/var/log/messages
Rule: 60026 fired (level 7) -> "Trusted Patch Execution policy violation. An untrusted user attempted to execute an untrusted application."
Portion of the log(s):

Sep 12 23:54:47 u15422 kernel: grsec: denied untrusted exec of /usr/sbin/suexec by /usr/sbin/httpd[httpd:4837] uid/euid:502/502 gid/egid:503/503, parent /usr/sbin/httpd[httpd:4125] uid/euid:0/502 gid/egid:503/503

UPDATE:
-------
Now I am getting 500 Internal server error when accessing plesk, and all my websites are back to Apache 2 Test Page.

When i try to run, it gives strange errors. Some issue with suexec I think.

/usr/local/psa/admin/bin/httpdmng --reconfigure-all
httpdmng: execve failed for /usr/local/psa/admin/sbin/httpdmng: Exec format error

System error 8: Exec format error
httpdmng: execve failed for /usr/local/psa/admin/sbin/httpdmng: Exec format error

System error 8: Exec format error

Please help, very urgent.

Thanks.


Top
 Profile  
 
 Post subject: Re: MySQL server not starting after installing ASL
Unread postPosted: Tue Sep 13, 2011 6:44 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 3626
Location: Chantilly, VA
So the untrusted application message is discussed here:

https://www.atomicorp.com/wiki/index.ph ... pplication

Pretty much any message ASL generates is in the FAQ along with the solution. If you can't find it in the FAQ (check the FAQ first) you can find it in the wiki if its something ASL causes.

Looks like you just have an untrusted app. Multiple solutions are provided in the FAQ for that issue. So I'd address that first, it may be the cause of your fastcgi issue.

_________________
Michael Shinn
Atomicorp - Security For Everyone

Co-Author of Troubleshooting Linux Firewalls.


Top
 Profile  
 
 Post subject: Re: MySQL server not starting after installing ASL
Unread postPosted: Wed Sep 14, 2011 1:32 am 
Offline
Forum User
Forum User

Joined: Mon Sep 12, 2011 8:57 am
Posts: 6
Location: Herndon
Hi Mike,

Thanks for your inputs. I see the Plesk user psaadm is under "untrusted /etc/group". Some of the plesk commands run as psaadm:psaadm, so think ASL is causing issues with that. Should I remove the user psaadm from "untrusted /etc/group" to fix my current issue and then put it back? If I remove, what commands to activate the changes please?

Thanks.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 9 posts ] 

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: Yahoo [Bot] and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group