system administration

November 6, 2024November 8, 2024

Removing Perfctl From My Linux Server

If you’ve been around a while, you’d remember there was a time when you can rest quietly assured that your Linux box is safe from viruses and other malware. Or rather, few bad actors bother to target Linux. Most target Windows. That was then. But today, with the increase in the popularity of Linux not just on servers but even on desktops, Linux is no longer under the radar of bad actors.

So a few days ago, I was alerted to abnormal CPU utilization on one of my servers. I logged in to check and saw that there’s a process called perfctl that was using up CPU time. I killed it but it respawned after a while. It looked like my Linux server had malware.

January 31, 2023January 31, 2023

PostfixAdmin Blank Page Error

Postfix is a free and open-source mail transfer agent (MTA) that routes and delivers electronic mail. PostfixAdmin is a web-based management tool created for Postfix. It is a PHP based application that handles Postfix Style Virtual Domains and Users that are stored in a database.

I have this PostFixAdmin install that leads to a blank page after login. A peek at the web server error log identified the problem:

Got error 'PHP message: Invalid query: SQLSTATE[42S22]: Column not found: 1054 Unknown column 'superadmin' in...

I fixed it. Then I encountered another blank page. Another peek at the web server:

Got error 'PHP message: Invalid query: SQLSTATE[42S22]: Column not found: 1054 Unknown column 'password_expiry' in...

It appears that during an upgrade from an older version, the database portion of the upgrade got botched somehow. So the fix was to get into the SQL console and manually run the following updates:

ALTER TABLE admin ADD COLUMN superadmin bool after password; ALTER TABLE mailbox ADD COLUMN password_expiry TIMESTAMP DEFAULT now() not null; ALTER TABLE domain ADD COLUMN password_expiry int DEFAULT 0;

And that was it. Simple but might help someone.

August 6, 2022August 8, 2022

AirPrint With A Raspberry Pi Print Server

Setting up a print server allows you to share your regular USB printer as a network printer. We can set it up to allow printing using AirPrint from iOS and MacOS devices. We can even set it up to allow printing from Windows devices. Let’s set up one with a basic Raspberry Pi W. Of course, the higher Pis would do as well.

Continue reading “AirPrint With A Raspberry Pi Print Server”

May 7, 2021May 7, 2021

Dovecot: Missing dh.pem

Yesterday, I upgraded my mail server’s operating system. After upgrading, I encountered the following error in dovecot:

config: Warning: please set ssl_dh=</etc/dovecot/dh.pem

What’s dh.pem? I found the answer in the Dovecot 2.3 upgrade documentation. Apparently, the ssl-parameters.dat file is now obsolete. You should use ssl_dh setting instead by adding: ssl_dh=</etc/dovecot/dh.pem to the configuration.

But how do you get dh.pem?

One way is to can convert an existing/old ssl-parameters.dat to dh.pem:

dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam -inform der > /etc/dovecot/dh.pem

Another way, which I found here, is to generate a new dh.pem:

openssl dhparam -out /etc/dovecot/dh.pem 4096 -days 3650

It takes a LOOONG time. But once the file is ready, just add it to /etc/dovecot/conf.d/10-ssl.conf

ssl_cert = </etc/letsencrypt/live/myserver.xyz/fullchain.pem
ssl_key = </etc/letsencrypt/live/myserver.xyz/privkey.pem
ssl_dh = </etc/dovecot/dh.pem

Restart dovecot and you’re back in business.

March 13, 2021December 1, 2023

Enabling HTTPS On Tomcat Using Let’s Encrypt

I’ve previously written on enabling HTTPS on your website using Let’s Encrypt. I showed that, with Let’s Encrypt, it’s quite easy to secure your Apache web server and, as a bonus, also showed how to secure your Dovecot mail server. But what if you are using Apache Tomcat? That’s quite easy, too!

Continue reading “Enabling HTTPS On Tomcat Using Let’s Encrypt”