search

littlebizzy / slickstack

Lightning-fast WordPress on Nginx
https://slickstack.io
GNU General Public License v3.0
629 stars 112 forks source link

ss-purge "invalid time" warning and /etc/default/ufw appears empty #98

Closed corzel closed 2 years ago

corzel commented 3 years ago

Hello! I have 2 issues in terminal.

  1. Can't use ss-purge 
    $>sudo bash /var/www/ss-purge
Running ss-purge: Clears all caches i.e. Nginx (FastCGI), PHP OPcache, Redis (object cache), etc...
sleep: invalid time interval ‘’
Try 'sleep --help' for more information.
  2. UFW isn't reloading. I check /etc/default/ufw and is empty 
    
$>sudo bash ss-restart-services
....
Reloading ufw configuration (via systemctl): ufw.service.
Restarting ufw (via systemctl): ufw.serviceJob for ufw.service failed because the control process exited with error code.
See "systemctl status ufw.service" and "journalctl -xe" for details.

$>sudo journalctl -xe May 08 22:13:56 server-one systemd[1]: Starting Uncomplicated firewall... -- Subject: A start job for unit ufw.service has begun execution -- Defined-By: systemd -- Support: http://www.ubuntu.com/support

-- A start job for unit ufw.service has begun execution.

-- The job identifier is 968. May 08 22:13:56 server-one ufw-init[23929]: Could not find /etc/default/ufw (aborting) May 08 22:13:56 server-one systemd[1]: ufw.service: Main process exited, code=exited, status=1/FAILURE -- Subject: Unit process exited -- Defined-By: systemd -- Support: http://www.ubuntu.com/support

-- An ExecStart= process belonging to unit ufw.service has exited.

-- The process' exit code is 'exited' and its exit status is 1. May 08 22:13:56 server-one systemd[1]: ufw.service: Failed with result 'exit-code'. -- Subject: Unit failed -- Support: http://www.ubuntu.com/support

-- The unit ufw.service has entered the 'failed' state with result 'exit-code'. May 08 22:13:56 server-one systemd[1]: Failed to start Uncomplicated firewall. -- Subject: A start job for unit ufw.service has failed -- Defined-By: systemd -- Support: http://www.ubuntu.com/support

-- A start job for unit ufw.service has finished with a failure.

-- The job identifier is 968 and the job result is failed. May 08 22:13:56 server-one sudo[23733]: pam_unix(sudo:session): session closed for user root May 08 22:14:01 server-one CRON[23937]: pam_unix(cron:session): session opened for user root by (uid=0) May 08 22:14:01 server-one CRON[23938]: (root) CMD (/usr/bin/flock -w 0 /tmp/02-cron-regular.lock /var/www/crons/02-cron-regular > /dev/null 2>&1) May 08 22:14:01 server-one CRON[23937]: pam_unix(cron:session): session closed for user root May 08 22:15:01 server-one CRON[23952]: pam_unix(cron:session): session opened for user root by (uid=0) May 08 22:15:01 server-one CRON[23953]: pam_unix(cron:session): session opened for user root by (uid=0) May 08 22:15:01 server-one CRON[23954]: (root) CMD (/usr/bin/flock -w 0 /tmp/01-cron-often.lock /var/www/crons/01-cron-often > /dev/null 2>&1) May 08 22:15:01 server-one CRON[23955]: (root) CMD (/usr/bin/flock -w 0 /tmp/03-cron-quarter-hourly.lock /var/www/crons/03-cron-quarter-hourly > /dev/null 2>&1) May 08 22:15:01 server-one CRON[23953]: pam_unix(cron:session): session closed for user root May 08 22:15:01 server-one CRON[23952]: pam_unix(cron:session): session closed for user root May 08 22:15:15 server-one sudo[23966]: master : TTY=pts/0 ; PWD=/var/www ; USER=root ; COMMAND=/usr/bin/journalctl -xe May 08 22:15:15 server-one sudo[23966]: pam_unix(sudo:session): session opened for user root by master(uid=0)

jessuppi commented 3 years ago

Hello thanks for the feedback @corzel

It sounds like perhaps your stack is outdated, because we no longer have the ss-purge parent script. Instead we now have only the child scripts, and the shortcut command ss purge instead. We've been doing some thinking on how best to organize the bash scripts so if you have feedback on this change please let us know here or in Discord.

About UFW we had updated some of the configuration a few months back and it caused some issues for some, you can simply reinstall that module again to fix it e.g. ss install ufw should do the trick.

corzel commented 3 years ago

Hi! I run ss install ufw but there is a problem, it seems that the script does not install ufw correctly.

Running ss-install-ufw: Reinstalls the entire UFW firewall module for SlickStack servers (idempotent)...
ERROR: Missing policy for 'input'
Reading package lists...
Building dependency tree...
Reading state information...
The following packages will be REMOVED:
  ufw*
0 upgraded, 0 newly installed, 1 to remove and 1 not upgraded.
After this operation, 846 kB disk space will be freed.
(Reading database ... 129625 files and directories currently installed.)
Removing ufw (0.36-6) ...
Could not find /etc/default/ufw (aborting)
Processing triggers for man-db (2.9.1-1) ...
(Reading database ... 129534 files and directories currently installed.)
Purging configuration files for ufw (0.36-6) ...
Processing triggers for systemd (245.4-4ubuntu3.6) ...
Processing triggers for rsyslog (8.2001.0-1ubuntu1.1) ...
Get:1 http://security.ubuntu.com/ubuntu focal-security InRelease [109 kB]
Hit:2 http://us-central-1a.clouds.archive.ubuntu.com/ubuntu focal InRelease
Get:3 http://us-central-1a.clouds.archive.ubuntu.com/ubuntu focal-updates InRelease [114 kB]
Get:4 http://us-central-1a.clouds.archive.ubuntu.com/ubuntu focal-backports InRelease [101 kB]
Get:5 http://us-central-1a.clouds.archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages [956 kB]
Get:6 http://us-central-1a.clouds.archive.ubuntu.com/ubuntu focal-updates/universe amd64 Packages [772 kB]
Fetched 2051 kB in 1s (2719 kB/s)
Reading package lists...
Building dependency tree...
Reading state information...
1 package can be upgraded. Run 'apt list --upgradable' to see it.
Reading package lists...
Building dependency tree...
Reading state information...
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
Reading package lists...
Building dependency tree...
Reading state information...
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
Reading package lists...
Building dependency tree...
Reading state information...
sudo: ufw: command not found
Running ss-perms-ufw: Resets all file and user permissions across the entire UFW module...
sudo: ufw: command not found
jessuppi commented 3 years ago

Hmm I ran a test on an SS machine and could repeat your error, I'm not sure why but seems that the Ubuntu version is not being properly detected in ss-install-ufw-core via the ss-functions file for some reason.

For now I've commented out that version detection.

Ref: https://github.com/littlebizzy/slickstack/commit/fdbdeb144cdc5024f1438fa721072a4e0f42bcfd

I've also added a new script ss-restart-ufw which didn't exist before, and fixed the reference to ss-perms-ufw-core (but that shouldn't be causing any of the issues that you mention on this thread):

Ref: https://github.com/littlebizzy/slickstack/commit/60331fd44f5a731ca174518465553218a654c6d5

jessuppi commented 2 years ago

An update on the UFW situation:

Over the last several months we had some detailed discussions on Discord about UFW configuration, and it lead us to create better UFW boilerplates for each LTS version of Ubuntu (now on GitHub).

Ref: https://github.com/littlebizzy/slickstack/tree/master/modules/ufw-firewall

Long story short... there have been multiple Issues opened about UFW the past few years, and many different discussions about configuration, but I think it's in a much more stable place now.... and since there are way too many commits to reference on the topic, I'm going to close this for now.

For any future UFW problems please open a new Issue on GitHub... minor comments are fine below. Thanks!