Category Archives: CentOS

Sometimes it’s the simple things

Have you ever wrestled with a problem for far too long, before realizing that the solution was actually really simple?  I love to point and laugh when this happens to other people, but yesterday it happened to me.

A long time ago (on a server far, far away), I installed Lighttpd, and set up a very simple site.  The config file was only a few lines long – it pointed at the index page, and had the required mime-types for PHP and HTML.  For what I wanted at the time, that was fine.

I left the server for a long time, and completely forgot about how it was set up.

I decided to change the page that was on the server to a more useful wiki.  I installed MediaWiki, and everything looked OK until the installer completed, and I was greeted with an un-styled front page.

My first thought was that the paths were wrong.  I checked to make sure that there were no .htaccess rules that would affect how the page looked.  Lighttpd stores URL rewriting rules in config files (lighttpd.conf, or a mysite.conf file for each site), rather than in .htaccess, so checking that you’ve converted all the rules over to Lighttpd’s syntax is a good first step.

As far as I could see, everything was correct.  So, to me, the next obvious issue was folder permissions.  Everything in the /www folder should, in theory be owned by the wwwdata group and www user.  However, in this case I had used wget to download MediaWiki while logged in as an unrelated user, and I had chgrp / chown-ed the folders afterwards.  I thought that I may have made a mistake with the file permissions.

That turned out not to be the case.  After that, my troubleshooting skills failed me.  I tried re-installing Media Wiki, I even re-set up the site in Lighttpd – basically anything but checking that one darn config file.

Of course, after wasting far too much time on the problem, I went back to basics, and guess what – adding the mime information for .css files fixed the problem.  Yes, you can point and laugh now!

So, the moral of today’s story is – sometimes the most obvious things are worth looking at.


VPS Optimization for High Traffic Sites

I have a VPS with 384MB RAM available as standard, and the option to burst up to 1GB.

This is enough to run some fairly high traffic sites if you’re careful with the setup, but with the default setups and fancy control panels, you’ll exceed the memory limit quite quickly.

I use Citadel as the email client, but I’ve disabled Webcit.  I also removed Spam Assassin, and just use the Realtime Blackhole List to prevent spam.  Those simple changes have shaved over 100MB off my normal usage, but there’s still a lot to go.

top shows that memory usage is leaking up into the burst limit over time – even with some basic optimizations of httpd.conf and MySQL.  I’m considering trying lighttpd instead of Apache2 – I really don’t NEED Apache2, and it seems to be quiet a hog.

The other possible optimization would be to use something lightweight in place of named – which is currently sat at 180m memory usage!

If anyone has any favourite lightweight alternatives to named, I’d love to hear about them.


If you’re using VSFTP as your FTP server, and would like to have Virtual Users who are restricted to using their ‘home’ directory when they log in, then probably the easiest way to achieve that is with PAM.

I’ve just set up something similar on my VPS – working through this very useful VSFTPD and PAM tutorial.  I’m using CentoOS on the VPS, but it should work for most other distros too, although you may need to change some of the paths to work with your installation.

I ran into a couple of issues with the tutorial.  First, I was getting 530 Login-Errors.  A look at the log file from:

tail -f /var/log/secure

Brought up this error:

vsftpd: PAM [error: /lib/security/ wrong ELF class: ELFCLASS32]

This is a simple fix – there’s a 64 bit version of, which you need to point to in your /etc/pam.d/vsftpd file.  Change the part that says /lib/security/ to reference /lib64/security/ instead – there should be two instances to change.

Restarting VSFTP with:

service vsftp restart

Showed that there were still more problems.  I was still getting 530 errors, and tailing the logs again I found a whole catalogue of errors:

vsftpd: PAM (vsftpd) no module name supplied
vsftpd: PAM (vsftpd) illegal module type: file=/etc/vsftpd/vsftpd_users
vsftpd: PAM pam_parse: expecting return value; […onerr=succeed]
vsftpd: PAM (vsftpd) no module name supplied
vsftpd: pam_userdb(vsftpd:auth): can not get the database name
vsftpd: pam_userdb(vsftpd:auth): user_lookup: could not open database `/etc/vsftpd/vsftpd_users.db’: No such file or directory
vsftpd: pam_userdb(vsftpd:auth): user_lookup: could not open database `/etc/vsftpd/vsftpd_users.db’: No such file or directory

Desperate, I double checked every step, everything had been done correctly.

So, I re-created my user file and DB, thinking that it may have been corrupted somehow (I’m using db4, not db3, by the way) – and it worked fine.

The difference, the second time I made the file?  The second time, I used vi to make my users.txt file, which was then converted into the DB.   The first time, I had used nano.

So, if you’re running into problems with VSFTPD, and you’re convinced you’ve done everything correctly, try using a different text editor.  Vi may not be the prettiest editor in the world, but it gets the job done 🙂

vsftpd: PAM (vsftpd) no module name supplied
Jun 10 17:38:58 mythgames vsftpd: PAM (vsftpd) illegal module type: file=/etc/vsftpd/vsftpd_users
Jun 10 17:38:58 mythgames vsftpd: PAM pam_parse: expecting return value; […onerr=succeed]
Jun 10 17:38:58 mythgames vsftpd: PAM (vsftpd) no module name supplied
Jun 10 17:38:58 mythgames vsftpd: pam_userdb(vsftpd:auth): can not get the database name
Jun 10 17:40:29 mythgames vsftpd: pam_userdb(vsftpd:auth): user_lookup: could not open database `/etc/vsftpd/vsftpd_users.db’: No such file or directory
Jun 10 17:44:10 mythgames sshd[7470]: pam_unix(sshd:session): session closed for user root
Jun 10 17:44:31 mythgames sshd[24274]: Accepted password for root from port 52023 ssh2
Jun 10 17:44:31 mythgames sshd[24274]: pam_unix(sshd:session): session opened for user root by (uid=0)
Jun 10 17:46:06 mythgames vsftpd: pam_userdb(vsftpd:auth): user_lookup: could not open database `/etc/vsftpd/vsftpd_users.db’: No such file or directory

Testing Citadel server

I’ve had a VPS for a couple of months now, and I hate to admit it, but I’ve only moved over three of my domains.  My main business domain is still on a shared hosting account, because I want to make sure that the VPS is running smoothly, and can cope with the bandwidth and load demands that the business domain will create.

One of the last things I wanted to set up was a good groupware server.  After a little research, I decided to try out Citadel.

The VPS was originally running Ubuntu 6.06, which is LTS, so is still getting security updates, but is otherwise pretty out of date, and I ended up in dependency hell trying to install Citadel.  I upgraded to Intrepid.   To Ubuntu’s credit, the upgrade was fast and easy.  Citadel installed, but wouldn’t start as a service.

After a few support requests on the Citadel and Ubuntu community boards – which recieved some helpful suggestions, but in the end didn’t resolve the problem, I ended up trying Citadel in a CentOS VM.  It proved to be exactly what I was looking for.  So, I asked my host to re-image the VPS to CentOS.  That’s not a reflection on Ubuntu as a sever, just that there was something about the VPS’s configuration that Citadel didn’t like, and at such an early stage, with a deadline looming, it was easier to start from scratch with something that was known to work.

So far, CentOS is running well.  It’s taking a while to get used to where it puts all the config files, but Apache and PHP are up and running, as is an FTP server.  I still need to sort out phpMyAdmin though.

Citadel is up and running, accepting mail for two domains.  I’m liking the Jabber feature, and looking in to setting up Funambol for push email.  The only thing I need now is to find a good email client for Windows that can understand GroupDAV.