Submitted by kappler0 on Tue, 02/07/2012 - 20:42 Pro Licensee
I started a post in the forum but now apache crashed and will not restart. ( i will close that thread) I get this error:
Failed to re-start service : Starting httpd: Syntax error on line 54 of /etc/httpd/conf.d/ssl.conf: SSLRandomSeed: source path '/dev/urandom' does not exist [FAILED]
In searching google i found this (below) for this error (from 2005) but do not know if this will fix. Any thoughts on what happened here?
CONFIGURING If your system does not have /dev/random and /dev/urandom created already, they can be created with the following commands:
mknod -m 644 /dev/random c 1 8 mknod -m 644 /dev/urandom c 1 9 chown root:root /dev/random /dev/urandom
Thank you.
Status:
Active
Comments
Submitted by JamieCameron on Tue, 02/07/2012 - 20:52 Comment #1
What kind of system is this .. a virtual machine, or real hardware? VMs are sometimes missing these random device files.
Also, does creating
/dev/randomwith thatmknodcommand help?Submitted by kappler0 on Tue, 02/07/2012 - 20:55 Pro Licensee Comment #2
This is a dedicated box, not a vps. I also just realized that SSH has stopped and i cannot ssh into it either...
Submitted by andreychek on Tue, 02/07/2012 - 20:56 Comment #3
Howdy -- I'm not sure why /dev/urandom would be removed, that's a device that should exist on Linux systems.
Are you on a VPS, or a dedicated server?
And what does this command output, do you receive an error:
ls -l /dev/urandomHowever, if that one missing device the only thing wrong -- re-creating it should fix it, and the command you shared above should correctly re-create it.
I'd only re-create /dev/urandom though, unless /dev/random is missing too
Submitted by kappler0 on Tue, 02/07/2012 - 20:57 Pro Licensee Comment #4
Will the command shell in the UI be able to do that since i have no SSH access now?
Submitted by kappler0 on Tue, 02/07/2012 - 21:02 Pro Licensee Comment #5
OK through the command shell i believe i was able to recreate them. However, apache restarted but SSH is still not responsive.
Submitted by andreychek on Tue, 02/07/2012 - 21:03 Comment #6
Well, I'm not entirely certain what would work, as I'm not sure of the scope of the problem at the moment.
But if you can't access SSH, you could certainly try the command shell that you mentioned in Webmin -> Others -> Command Shell, and run the mknod command to create /dev/urandom.
Submitted by andreychek on Tue, 02/07/2012 - 21:06 Comment #7
Are you able to restart SSH using Virtualmin? If not, what error do you receive when you try?
Submitted by kappler0 on Tue, 02/07/2012 - 21:09 Pro Licensee Comment #8
OK, via Command Shell:
--When i got to the system info page and click on the "start SSH" arrow the screen just seems to refresh - no error, but it still shows as stopped...
And via Command Shell:
BUT is still isnt started even though it says OK...
Submitted by JamieCameron on Tue, 02/07/2012 - 21:26 Comment #9
It may be failing to start for the same reason (random device not working). Check the end of the log file
/var/log/messagesfor any errors from sshd ..Submitted by andreychek on Tue, 02/07/2012 - 21:31 Comment #10
Yeah, Jamie may be right on there -- and since SSH isn't working, you can view the log files by going into Webmin -> System -> System Logs.
Submitted by kappler0 on Tue, 02/07/2012 - 21:31 Pro Licensee Comment #11
Nothing in /var/log/messages except some resolution errors.. nothing from sshd at all
Also: if i run /usr/sbin/sshd there is no output at all....
> whereis sshdsshd: /usr/sbin/sshd /usr/share/man/man8/sshd.8.gz
> /usr/sbin/sshd
Submitted by kappler0 on Tue, 02/07/2012 - 21:42 Pro Licensee Comment #12
Do you think doing a ssh re-install "yum openssh install" would help any?
Submitted by kappler0 on Tue, 02/07/2012 - 21:50 Pro Licensee Comment #13
Hold the phone:
I am almost positive there should be more files in /dev/ than this:
> ls /dev/null
pts
random
shm
tty
urandom
Wow, on my other server (same hardware and os, running vmin etc.) i have this:
[root@mail01 ~]# ls /dev/block loop5 ram3 tty10 tty38 tty8
bsg loop6 ram4 tty11 tty39 tty9
bus loop7 ram5 tty12 tty4 ttyS0
cdrom lp0 ram6 tty13 tty40 ttyS1
char lp1 ram7 tty14 tty41 ttyS2
console lp2 ram8 tty15 tty42 ttyS3
core lp3 ram9 tty16 tty43 urandom
cpu MAKEDEV random tty17 tty44 usbmon0
cpu_dma_latency mapper raw tty18 tty45 usbmon1
crash mcelog root tty19 tty46 usbmon2
disk mem rtc tty2 tty47 usbmon3
dm-0 net rtc0 tty20 tty48 usbmon4
dm-1 network_latency scd0 tty21 tty49 vcs
dm-2 network_throughput sda tty22 tty5 vcs1
dri null sda1 tty23 tty50 vcs2
fb nvram sda2 tty24 tty51 vcs3
fb0 oldmem sg0 tty25 tty52 vcs4
fd port sg1 tty26 tty53 vcs5
full ppp sg2 tty27 tty54 vcs6
fuse ptmx sg3 tty28 tty55 vcsa
hpet pts shm tty29 tty56 vcsa1
hvc0 ram0 snapshot tty3 tty57 vcsa2
input ram1 sr0 tty30 tty58 vcsa3
kmsg ram10 stderr tty31 tty59 vcsa4
log ram11 stdin tty32 tty6 vcsa5
loop0 ram12 stdout tty33 tty60 vcsa6
loop1 ram13 systty tty34 tty61 vga_arbiter
loop2 ram14 tty tty35 tty62 vg_mail01
loop3 ram15 tty0 tty36 tty63 watchdog
loop4 ram2 tty1 tty37 tty7 zero
[root@mail01 ~]#
Submitted by JamieCameron on Tue, 02/07/2012 - 21:49 Comment #14
An sshd re-install probably wouldn't help. A reboot might, assuming you have access to the console in case remote access isn't possible after the reboot.
Submitted by kappler0 on Tue, 02/07/2012 - 22:02 Pro Licensee Comment #15
Do you think a reboot would rebuild the missing files per post #13? I have never seen this before..
I am remote so no console but it wont be the end of the world - my data center has remote hands if required. Thx
Submitted by andreychek on Tue, 02/07/2012 - 22:14 Comment #16
Well, we're not sure what the problem is or how this might have happened -- however, some systems will regenerate the device files upon reboot.
If a reboot doesn't fix it, it sounds like you're going to need someone with console access anyhow to resolve what's going on.
Submitted by kappler0 on Tue, 02/07/2012 - 22:18 Pro Licensee Comment #17
OK no problem.. this server has given me problems from day one - i am about to toss it in the dumpster. i will try a reboot and go from there. I appreciate it guys.
Submitted by kappler0 on Tue, 02/07/2012 - 22:48 Pro Licensee Comment #18
OK! Well the reboot did re-build the files and apache / sshd are both running.. BUT now i am back to BIND not running but it must be from the cpanel migrated servers... (all of them)
This is the error returned.. Could you assist me in troubleshooting this? Thx...
Failed to start service : Failed to start BIND : Starting named: Error in named configuration: zone localhost.localdomain/IN: loaded serial 0 zone localhost/IN: loaded serial 0 zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0 zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0 zone 0.in-addr.arpa/IN: loaded serial 0 zone neweffectit.net/IN: loaded serial 1328393968 /var/named/scottkappler.com.hosts:21: www.*.scottkappler.com: bad owner name (check-names) /var/named/scottkappler.com.hosts:22: ftp.*.scottkappler.com: bad owner name (check-names) /var/named/scottkappler.com.hosts:23: m.*.scottkappler.com: bad owner name (check-names) /var/named/scottkappler.com.hosts:24: localhost.*.scottkappler.com: bad owner name (check-names) /var/named/scottkappler.com.hosts:25: webmail.*.scottkappler.com: bad owner name (check-names) /var/named/scottkappler.com.hosts:26: admin.*.scottkappler.com: bad owner name (check-names) /var/named/scottkappler.com.hosts:27: mail.*.scottkappler.com: bad owner name (check-names) dns_rdata_fromtext: /var/named/scottkappler.com.hosts:28: near 'mail.*.scottkappler.com.': bad name (check-names) zone scottkappler.com/IN: loading from master file /var/named/scottkappler.com.hosts failed: bad owner name (check-names) zone scottkappler.com/IN: not loaded due to errors. _default/scottkappler.com/IN: bad owner name (check-names) zone whatacutiecuts.com/IN: loaded serial 1328595852 zone sillysnips.com/IN: loaded serial 1328595852 zone whatacutiecuts.us/IN: loaded serial 1328595852 zone chateauforest.com/IN: loaded serial 1328638811 zone cnetreport.com/IN: loaded serial 1328641169 zone kapplerholdings.com/IN: loaded serial 1328641241 zone neweffectit.com/IN: loaded serial 1328641432 zone conservativetarget.com/IN: loaded serial 1328641757 zone conservativetarget.org/IN: loaded serial 1328641757 zone conservativetarget.us/IN: loaded serial 1328641757 zone datacenterbrief.com/IN: loaded serial 1328641889 zone heavenlyaffaire.com/IN: loaded serial 1328641928 [FAILED]Here is the hosts file but i dont see anything about the owner name?
[root@host01 ~]# cat /var/named/scottkappler.com.hosts$ttl 38400
@ IN SOA ns1.neweffectit.net. root.ns1.neweffectit.net. (
1328594935
10800
3600
604800
38400 )
@ IN NS ns1.neweffectit.net.
@ IN NS ns2.neweffectit.net.
scottkappler.com. IN A 98.142.218.15
www.scottkappler.com. IN A 98.142.218.15
ftp.scottkappler.com. IN A 98.142.218.15
m.scottkappler.com. IN A 98.142.218.15
localhost.scottkappler.com. IN A 127.0.0.1
webmail.scottkappler.com. IN A 98.142.218.15
admin.scottkappler.com. IN A 98.142.218.15
mail.scottkappler.com. IN A 98.142.218.15
scottkappler.com. IN MX 5 mail.scottkappler.com.
scottkappler.com. IN TXT "v=spf1 a mx a:scottkappler.com ip4:98.142.218.15 ?all"
*.scottkappler.com. IN A 98.142.218.15
www.*.scottkappler.com. IN A 98.142.218.15
ftp.*.scottkappler.com. IN A 98.142.218.15
m.*.scottkappler.com. IN A 98.142.218.15
localhost.*.scottkappler.com. IN A 127.0.0.1
webmail.*.scottkappler.com. IN A 98.142.218.15
admin.*.scottkappler.com. IN A 98.142.218.15
mail.*.scottkappler.com. IN A 98.142.218.15
*.scottkappler.com. IN MX 5 mail.*.scottkappler.com.
cv.scottkappler.com. IN A 98.142.218.15
www.cv.scottkappler.com. IN A 98.142.218.15
ftp.cv.scottkappler.com. IN A 98.142.218.15
m.cv.scottkappler.com. IN A 98.142.218.15
localhost.cv.scottkappler.com. IN A 127.0.0.1
webmail.cv.scottkappler.com. IN A 98.142.218.15
admin.cv.scottkappler.com. IN A 98.142.218.15
mail.cv.scottkappler.com. IN A 98.142.218.15
cv.scottkappler.com. IN MX 5 mail.cv.scottkappler.com.
[root@host01 ~]#
Submitted by andreychek on Tue, 02/07/2012 - 22:59 Comment #19
To get BIND up and running, you may want to comment out or delete the line numbers in that file that it's showing you in the error message, and then restart BIND.
It looks like BIND doesn't like some of those wildcard DNS entries.
Submitted by kappler0 on Tue, 02/07/2012 - 23:11 Pro Licensee Comment #20
ahhh... that makes sense.. and you were correct - the wildcards carried over from the cpanel migration were the culprit.. The strange thing is i dont even know where those came from.. but oh well, now that this is up i am completely finished with cpanel..
Thanks again. By the way, my other server has been working fantastic and i am loving virtualmin overall. I will be getting one more license now too. Thanks again for all your help. It should be smooth sailing from here..
Submitted by andreychek on Tue, 02/07/2012 - 23:29 Comment #21
Jamie, I think what happened during his cPanel migration is that Virtualmin added the usual aliases (www, ftp, webmail, admin, etc) to a wildcard DNS entry, which doesn't appear to be valid. That is, he ended up with DNS records like "www.*.domain.tld", which BIND didn't like.
When importing a wildcard DNS entry, would it be possible to skip adding the additional DNS aliases to that?
Submitted by JamieCameron on Wed, 02/08/2012 - 00:28 Comment #22
Yeah, importing those wildcard domains as actual Virtualmin domains looks like a bug to me .. they should really be skipped. I'll fix this in the next Virtualmin release (3.91).