search

devopera / puppet-docsf

ConfigServer-Firewall puppet config
Other
3 stars 4 forks source link

Setup for cpanel only? #2

Open MACscr opened 9 years ago

MACscr commented 9 years ago

Hmm, just noticed that when I restarted CSF that was installed on a system using docsf, it complained about:

Error: Could not open /etc/chkserv.d/chkservd.conf: No such file or directory, at line 2380 in /usr/sbin/csf

Is there something specific to this puppet module that configures it specifically for cpanel servers? Im just using it on a plain ubuntu system.

cleverlight commented 9 years ago

No, it doesn't require cPanel. I use it on a bunch of Ubuntu 12.04 and 14.04 servers without cPanel. I've never encountered the error you're describing. Might be worth uninstalling and reinstalling (re-puppetting):

cd /etc/csf sh uninstall.sh

MACscr commented 9 years ago

I did that and it didnt make a difference. I can see a few issues with your csf.conf.erb template that is causing some problems with non cpanel servers.

1) you remove the generic line. Its not in your template and gets removed from the stock conf file:

-# This configuration is for use with generic Linux servers, do not change the -# following setting: -GENERIC = "1"

2) You remove the stock log locations and replace them with cpanel ones

# -HTACCESS_LOG = "/var/log/apache2/error.log" -MODSEC_LOG = "/var/log/apache2/error.log" -SSHD_LOG = "/var/log/auth.log" -SU_LOG = "/var/log/messages" -FTPD_LOG = "/var/log/messages" -SMTPAUTH_LOG = "/var/log/secure" -POP3D_LOG = "/var/log/mail.log" -IMAPD_LOG = "/var/log/mail.log" -IPTABLES_LOG = "/var/log/messages" -SUHOSIN_LOG = "/var/log/messages" -BIND_LOG = "/var/log/messages" -SYSLOG_LOG = "/var/log/messages" -WEBMIN_LOG = "/var/log/auth.log" +HTACCESS_LOG = "/usr/local/apache/logs/error_log" +MODSEC_LOG = "/usr/local/apache/logs/error_log" +SSHD_LOG = "/var/log/secure" +SU_LOG = "/var/log/secure" +FTPD_LOG = "/var/log/syslog" +SMTPAUTH_LOG = "/var/log/exim_mainlog" +SMTPRELAY_LOG = "/var/log/exim_mainlog" +POP3D_LOG = "/var/log/maillog" +IMAPD_LOG = "/var/log/maillog"

3) The apache server status page is changed to the one that WHM provides:

This is the Apache Server Status URL used in the email alert. Requires the

Apache mod_status module to be installed and configured correctly

-PT_APACHESTATUS = "http://127.0.0.1/server-status" +PT_APACHESTATUS = "http://127.0.0.1/whm-server-status"

cleverlight commented 9 years ago

I derived the csf.conf.erb template from a basic CentOS install quite recently, though I use it quite happily on Ubuntu 12/14 as I've said. I think it came from CSF v7.57. Please could you tell me what you're diffing against?

  1. I didn't deliberately remove anything from it. I just found the references that I wanted to insert variables into and replaced for Ruby/Puppet DSL vars (<%= xxxx %>).
  2. I don't think they're the cPanel ones, I think they're the CentOS ones. I can see that I should probably create a dedicated csf.conf.centos.erb and a dedicated csf.conf.ubuntu.erb, but they've worked up to now with a single shared config, so it hasn't been high on my list.
  3. Good spot. That wmh default came from the Centos csf.conf. You're clearly right, I'm just not experiencing the same issues with it that you're reporting, which is why I'm questioning whether these config differences are the cause of the error you're reporting. I suspect there's something else afoot.