Surid – Mellowhost Blog

How to Reset root password in Proxmox VE 7

First, boot the system in the rescue kernel. I am assuming your boot partition is separated then the home partition, like in my case. Here are the list of commands I have used:

# mount /dev/md126 /mnt
# mount /dev/md127 /mnt/boot
# mount --bind /dev /mnt/dev
# mount --bind /dev/pts /mnt/dev/pts
# mount --bind /proc /mnt/proc
# mount --bind /sys /mnt/sys
# chroot /mnt
# passwd

Now, make sure to reset the password properly. Once done. Umount all the partition and boot in regular mode:

# umount /mnt/boot
# umount /mnt/sys
# umount /mnt/proc
# umount /mnt/dev/pts
# umount /mnt/dev
# umount /mnt
# reboot

It should be it.

How to Mount qcow2 KVM/Xen/VMware VM Image

Mounting a qcow2 Image as a Network Block Device (NBD)

Virtualization and cloud computing often require the manipulation of disk images. One common format used for these operations is the QCOW2 (QEMU Copy-On-Write version 2) format. This blog post will guide you through the process of mounting a QCOW2 image as a Network Block Device (NBD) to access its contents directly from the host system.

Prerequisites

Before you start, ensure you have the necessary tools installed on your system. The primary tools needed are:

modprobe (part of the module-init-tools or kmod package)
qemu-nbd (part of the qemu-utils package)
fdisk (part of the util-linux package)

Steps to Mount a QCOW2 Image

1. Enable the NBD Module

First, you need to enable the NBD module with support for up to 8 partitions. Execute the following command:

modprobe nbd max_part=8

2. Connect the QCOW2 Image to an NBD Device

Next, use the qemu-nbd tool to connect the QCOW2 image to an NBD device. Replace /vz/vmprivate/v1002/harddisk.hdd with the path to your QCOW2 image:

qemu-nbd --connect=/dev/nbd0 /vz/vmprivate/v1002/harddisk.hdd

3. Detect and Identify the Partitions

After connecting the image, you need to identify the partitions on the NBD device. Use the fdisk tool to list the partitions:

fdisk /dev/nbd0 -l

Note down the partition identifiers (e.g., /dev/nbd0p1).

4. Mount the Partition

With the partition identifier noted, you can now mount the partition to a mount point. Create a mount point if it does not exist:

mkdir -p /mnt
mount /dev/nbd0p1 /mnt

You can now access the contents of the QCOW2 image through the /mnt directory.

Cleanup

After you’re done with your operations, it’s important to clean up the environment to avoid any conflicts or resource leaks.

1. Unmount the Partition

umount /mnt

2. Disconnect the NBD Device

qemu-nbd --disconnect /dev/nbd0

3. Remove the NBD Module

rmmod nbd

Conclusion

Mounting a QCOW2 image as a Network Block Device (NBD) allows you to access its contents directly from the host system, making it a powerful tool for debugging, data recovery, or any situation where direct access to the image is necessary.

By following the steps outlined in this post, you can easily mount, work with, and then safely disconnect and remove the QCOW2 image from your system.

Keywords: QCOW2, Network Block Device, NBD, qemu-nbd, modprobe, mount, umount, fdisk, virtualization, cloud computing, disk image, partition, data recovery, debugging.

KVM VM Not starting – could not get access to acl tech driver ‘ebiptables’

Issue

KVM VM not starting with the following error when you try to start:

could not get access to acl tech driver 'ebiptables'

There is a nwfilter module for libvirt. If for some reason, it comes up with an issue, the above error would appear. To fix this, you need to update (If any update is available) / reinstall (If no update is available) the following module using Yum:

libvirt-daemon-config-nwfilter

The command would be like the following:

yum update libvirt-daemon-config-nwfilter

That shall fix the issue.

Server Error! (Ok) Roundcube Cpanel – Fix

When I tried to load my Roundcube today, found that it failed to load the inbox and instead had thrown the following error:

Server Error! (Ok)

Then, I tried searching the cpanel logs or the roundcube error log but found nothing. Then, I checked the Dovecot log located here:

/var/log/maillog

I found the following:

May  7 13:57:49 network2 dovecot: imap([email protected])<26343><cQG+qxX7MvdneMrv>: Error: Mailbox INBOX: mmap(size=351817308) failed with file /home/mellow/mail/mellowhost.com/shawon/dovecot.index.cache: Cannot allocate memory

This is happening because Dovecot caches the mail index in a file, once it tries to cache a lot of emails, it fails with a memory error. In those cases, you may remove the cache file and let Dovecot generate a new cache based on the latest mails. You may simply rm the file and see Roundcube is loading again:

rm -f /home/mellow/mail/mellowhost.com/shawon/dovecot.index.cache

How to see all the constraints in a Postgresql Database

To see/list the constraints, first, connect to the database using the following:

\c my_prod;

Here we are assuming the database name is my_prod. Please note, we are putting these commands in the psql client utility.

Now, use the following query to list all the constraints in the database:

select pgc.conname as constraint_name,
       ccu.table_schema as table_schema,
       ccu.table_name,
       ccu.column_name,
       contype,
        pg_get_constraintdef(pgc.oid)
from pg_constraint pgc
         join pg_namespace nsp on nsp.oid = pgc.connamespace
         join pg_class  cls on pgc.conrelid = cls.oid
         left join information_schema.constraint_column_usage ccu
                   on pgc.conname = ccu.constraint_name
                       and nsp.nspname = ccu.constraint_schema
order by pgc.conname;

Good luck

How to install SSL in Zimbra with Certificate and CA-bundle

There are 3 things you need:

Private key
Certificate
Ca-bundle

First, switch to the user zimbra:

su - zimbra

Let’s except your files are located here:

Private Key: /tmp/private.key
Certificate: /tmp/your.domain.com.crt
Ca-Bundle: /tmp/your.domain.com.ca-bundle

Now, copy your private key file to the following location:

cp /tmp/private.key /opt/zimbra/ssl/zimbra/commercial/commercial.key

Now, first, verify 3 things to make sure, they are correct:

/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /tmp/your.domain.com.crt /tmp/your.domain.com.ca-bundle

If it, says ok, now you may deploy the certificate like the following:

/opt/zimbra/bin/zmcertmgr deploycrt comm /tmp/your.domain.com.crt /tmp/your.domain.com.ca-bundle

Once done, now, exit from the user zimbra and restart zimbra:

exit
service zimbra restart

Your SSL should work now.

How to stop Postgresql when you have multiple versions of PGSQL Running on Ubuntu

Question: How to stop Postgresql when you have multiple versions of PGSQL Running on Ubuntu

You may run the following command to stop specific version of postgresql when using multiple versions of postgresql in a single system, under Ubuntu

systemctl stop postgresql[@version-main]

So, for example, if you have a system, with 3 postgresql server, 12, 14, 15, and would like to stop 14 and 15, then you can run the following:

systemctl stop postgresql@15-main
systemctl stop postgresql@14-main

To disable them from booting:

systemctl disable postgresql@15-main
systemctl disable postgresql@14-main

How to mount NTFS in Debian/Ubuntu

You need to first install NTFS-3G package to access NTFS on Debian. NTFS-3g depends on libntfs and fuse. Using the following shall install NTFS-3g on the system:

apt install ntfs-3g -y

Once done, now you can mount ntfs using the following command:

mount -t ntfs /dev/sdb2 /mnt

In this case, sdb2 is the ntfs partition, and we are mounting this to /mnt directory.

If you are trying to mount a Windows 10/11 partition, you might end up having a read only NTFS file system. The reason is Windows 10/11 partition doesn’t fully shutdown on shutdown command, instead it hibernates the system. To properly shutdown the system, remember to shutdown the system with ‘SHIFT’ + SHUTDOWN.

ipset: error while loading shared libraries: libipset.so.13: cannot open shared object file: No such file or directory

Troubleshooting Imunify360 Installation on Linux: Resolving Missing Libraries

When installing security tools like Imunify360 on a Linux system, dependency issues can arise due to missing libraries or incompatible configurations. This guide walks you through resolving a common error encountered during installation:

—

The Problem

During installation, you might see an error similar to this:

[root@stack10 ~]# bash i360deploy.sh IPL  
...  
ipset: error while loading shared libraries: libipset.so.13: cannot open shared object file: No such file or directory  
[2022-12-21 04:44:14] Your OS virtualization technology kvm has limited support for ipset in containers. Please, contact Imunify360 Support Team.

The key issue here is the missing libipset.so.13 library, which is required by ipset, a tool used by Imunify360 for managing firewall rules.

—

Step-by-Step Solution

1. Install the `ipset-libs` Package

Run this command to install the missing library:


sudo yum install ipset-libs -y

—

2. Verify Library Installation

Confirm the library exists:


ls /usr/lib64/libipset.so.13

—

3. Update Dynamic Linker Cache

Update the system’s dynamic linker cache:


sudo ldconfig

—

4. Retry Imunify360 Installation

Re-run the installer:


bash i360deploy.sh IPL

—

5. Address KVM Virtualization Warning

If the error persists:

If using a container (e.g., LXC, Docker) or nested virtualization: Contact Imunify360 Support for guidance.
For critical systems: Install Imunify360 on a bare-metal or non-containerized environment.

—

Why Does This Happen?

Missing Dependencies: The ipset-libs package provides libipset.so.13, which Imunify360 requires.
Outdated Repositories: Unupdated package managers may lack the latest versions of required packages.

—

Additional Checks

1. Update Package Repositories


sudo yum clean all  
sudo yum makecache

2. Check `ipset` Version


ipset --version  
rpm -q ipset ipset-libs

If outdated, reinstall with:


sudo yum reinstall ipset ipset-libs -y

3. Check for Conflicting Packages


rpm -qa | grep ipset

Uninstall conflicting versions if found.

—

Final Notes

Documentation First: Always check the Imunify360 documentation for the latest steps.
Contact Support: If issues persist, provide:
- Full error logs.
- Output of uname -a (system details).
- Output of rpm -qa | grep ipset.

—

Stay Secure & Updated

By following these steps, you can resolve dependency issues and ensure a smooth Imunify360 installation. Keep your system’s packages updated and verify dependencies before deploying security tools!

Leave a comment below if you encountered other errors during installation—we’re here to help!

Keywords: Imunify360 installation error, libipset.so.13 missing, KVM virtualization limitation, ipset-libs CentOS.

Could not make the Query. Virtualizor Error

Today, when I opened a Virtualizor panel for a VM node, I found an issue like the following:

Could not make the Query.
SELECT tasks.actid, tasks.action, users.uid, users.email FROM `tasks` LEFT JOIN users on tasks.uid = users.uid WHERE action NOT IN ('vpsbackups_plan_email', 'send_background_mail', 'backuply_vpsbackups_plan_email') ORDER BY tasks.actid DESC LIMIT 10
Array
(
    [0] => HY000
    [1] => 144
    [2] => Table './virtualizor/tasks' is marked as crashed and last (automatic?) repair failed

Issue was the tasks table is marked as crashed. To solve this, we need to repair the table tasks.

First, find the password for database ‘virtualizor’ using the following command:

[root@sg40 ~]# grep dbpass /usr/local/virtualizor/universal.php
$globals['dbpass'] = 'gziqr4y989';

Now connect to the mysql using the password:

/usr/local/emps/bin/mysql -u root -p virtualizor

Now repair the table:

use virtualizor;
REPAIR TABLE tasks;

Now the virtualizor shall work.