KVM *dump xml*

If you ever need to gain VNC access to a KVM virtual server and you are not sure what ip, port, or even password is needed to access VNC to a KVM VM, enter this from command line:

virsh dumpxml <kvm> –security-info

Replace <kvm> with the name of your virtual machine. You can get the names by running:

virsh list

Quickly (Un)Suspend Email in Cpanel

If you need to quickly suspend e-mail for an e-mail address in cPanel and do not want to do this via the GUI, issue the following from command line as root:

whmapi1 suspend_outgoing_email user=$cpuser

Of course you’ll want to replace $cpuser with the username of the cpanel account you’d like to suspend e-mail for. The same thing goes for un-suspending:

whmapi1 suspend_outgoing_email user=$cpuser

WHM (root) passwordless

If you ever need to login to WHM/cPanel and do not have the root password, there is a call to the API you can make from command line to temporarily give you access. Just issue the following from the command line as root:

whmapi1 create_user_session user=root service=whostmgrd locale=en

exim eXploit – cPanel

After some extensive reading and working through an older version of EXIM mail daemon which is commonly used in cPanel, it would appear there is a nasty bug in an older version of EXIM.


You will need to patch any older versions NOW or simply upgrade. There is a worm going around eXploiting the EXIM versions. If you have any issues or need help, I am here to assist. https://tickets.linuxgu.com/open.php – Submit a ticket and I get e-mailed directly.

btmp and you

There is a file in /var/log called btmp. If you notice this file is abnormally large *say 2GB* while it should be in the less than 10MB zone, you are or had gone through an SSH Brute Force attempt.

This file logs all the attempts to log-in to your server via SSH. If you have thousands of failed logins this file grows fast. You can remedy the problem my changing the SSH port number or allowing SSH access to limited IP’s per /etc/hosts.allow .

If this is taking up space, delete it. You can issue a bunch of commands, I like to zero it out with echo.

Re-nice everyone

Sometimes when someone wants to get past a throttle of some sort they place the niceness of a process in the negative stage. The higher the negative number the higher the more priority.. This is a burden on servers that meant to have shared allocated resources.

Well, the solution. If this is a VPS and they all of their processes are set to -15 but the default is 0, issue this command:

for i in `cat /etc/passwd | awk -F: {'print $1'}`; do renice -n 0 -u $i; done


Do you see a bunch of /home/virtfs mounts? Well there is a way to clear this from command line:

/scripts/clear_orphaned_virtfs_mounts --clearall

OpenVZ simfs to ploop

There are many advantages to using ploop rather than simfs. The advantage of course I choose is file security. While simfs places all the files directly on the hostname for ease of use and managing, ploop creates a virtual disk file and then put files inside this disk. When the virtual machine is started vzctl has to mount the ploop disk. Versus with simfs, there is no mount involved.

vzctl convert  [--layout ploop[:mode]] 
vzctl convert --layout ploop <CT_ID>