Ensim’s (aka Parallels Pro Control Panel X for Linux) alternative ChangePasswdVirtUser

Ensim former Parallels Pro Control Panel X for Linux has a command line interface scripts as you SHOULD know 😉 which allows you to do several administrative tasks without login to the appliance. The other day I started to write an API in order to admin N Ensim servers with only 1 interface which is a lot of work/code but hell, I’ll post some screenshots later 🙂 … So one of the biggest problems I had was the script ChangePasswdVirtUser (located in /usr/local/bin), which allows you to change a virtual user’s password asking for the new password 2 times and I didn’t want to ruin my weekend and decided to hack that script and make it work like this: ChangePasswdVirtUser domain.com user newpassword

That’s so insecure! I know and I’ll come later with a more secure alternative don’t worry 😉 in the meantime you can play with it:

File: /usr/local/bin/ChangePasswdVirtUser1

#!/usr/bin/ensim-python
#
# Usage:
#
# ChangePasswdVirtUser   
#
# Example:
#
# AddVirtUser myco.com joe doe

import getopt
import getpass
import sys
import traceback
from vh3 import virthost
from vh3 import virtutil
from vh3.modules import users
import string
import be_vherrordisp

if (len(sys.argv) < 4) or (sys.argv[1] == "--help"):
    print "usage: ChangePasswdVirtUser1   "
    sys.exit(0)
else:
    # checks to see if we are in maintenance mode
    virthost.checkMaintenance()

    status = be_vherrordisp.CLIError.SUCCESS
    status_obj = be_vherrordisp.CLIError()
    options, args = getopt.getopt(sys.argv[1:],"")
    siteindex = virthost.get_site_from_anything(string.lower(args[0]))
    username = string.lower(args[1])
    passwd1 = args[2]
    if not siteindex:
        print "Domain %s does not exist on this server."% string.lower(args[0])
        sys.exit(1)
    ret = []
    try:
        virthost.edit_user(ret, siteindex, username, None, passwd1, None, None)
        status = virthost.cli_display_status_list(ret)
    except:
        status = be_vherrordisp.CLIError.ERROR
        print traceback.print_exc()
    sys.exit(status)

Quick Ensim Backup

Nothing but an easy to use backup script for Ensim (4.X-10.X) which uses vhexport, so yeah, it’s not fast, but I wrote it because sometimes you just need to backup 1 or a few sites and drop them somewhere 😛

You just need to type this:

./backupsingle.php /path/to/backup domain1.com domain2.com ...domainN.com

And you’ll see something like this:

Building site's structure... found NN sites
Building backup for N site(s)

Starting backup for domain domain1.com (site1)... [OK]
Starting backup for domain domain2.com (site2)... [OK]
Starting backup for domain domainN.com (siteN)... [OK]

Can’t be easier 😉 copy the code, save it and chmod +x that’s all 🙂

#!/usr/bin/php -q
<?
// dirty code, no comments ;)
$vhexport = '/usr/local/bin/vhexport';
$sitelookup = '/usr/local/bin/sitelookup';

if (count($argv) <= 2) die("Usage: $argv[0] /backup/path domain1 domain2 ...domainN\n");

$path = $argv[1]; $limit = (count($argv)-1);
if (!is_dir($path)) die("$path doesn't exist, creat it first!\n");
if (preg_match("/\/$/",$path)) $path = substr($path,0,-1);

echo "Building site's structure... "; sleep(1);
$ds = explode("\n",trim(`$sitelookup -a site_handle,domain`));
if (!is_array($ds)) die("Server is empty!\n");

foreach ($ds as $dlines) {
  $tmpparts = explode(",",trim($dlines));
  if (!is_array($tmpparts)) continue;
  $domains[$tmpparts[1]] = $tmpparts[0];
}

echo "found ".count($ds)." sites\n"; sleep(1);
echo "Building backup for ".($limit-1)." site(s)\n\n";

for ($i=2;$i<=$limit;$i++) {
  $bdomain = $argv[$i];
  $bsite = $domains[$bdomain];
  if (!$bsite) { echo "Looks like $bdomain has not a valid site_handle, aborting...\n"; continue; }
  echo "Starting backup for domain $bdomain ($bsite)... ";
  $cmd = $vhexport . ' -s ' . $bsite . ' -U "file://' . $path . '/%(type)-%(name)" -z';
  //echo "\n[debug] $cmd\n";
  `$cmd`;
  echo "[OK]\n";
}
?>

Duplicated uid’s causing quotas issues on Ensim

I’ve found some interesting error on some Ensim servers, some users having issues with their quotas and if you remove it and add it again you get the same quota issues. So, after a few minutes I noticed that the users UID’s with issues were duplicated on other sites and that’s a BIG problem.

Ensim uses a postgres database called “appldb” and a table inside “free_uids” (with fields ‘uid’, ‘site_id’) where it stores UID’s and their relation with site’s numbers, so when a user is deleted the field “site_id” is set to nothing and becomes available for the next user.

I did a small/dirty php script in 10 minutes, it’s very simple but effective. It checks if some UID is duplicated. Check the source:

* Create a file somewhere called “check_uids.php”
* Open it and paste the following code:

#!/usr/bin/php -q
<?
echo "Checking your system for duplicated id's...n";
$lines = explode("n",`/bin/cat /home/virtual/site*/fst/etc/passwd`);
if (!is_array($lines)) die("No duplicated UID's found!");
foreach($lines as $k =--> $v) {
        $parts = explode(":",$v);
        if ($parts[2] < 22000) continue;
        if ($uids[$parts[2]]) { $uids[$parts[2]] .= ",$parts[3]"; $winners[$parts[2]] = true; }
        else $uids[$parts[2]] = $parts[3];
}
if (!is_array($winners)) { echo "Your system has no duplicated entries :)n"; exit; }
foreach ($winners as $k => $v) echo "Duplicated UID : $k on GID's: ".$uids[$k]."n";
?>

* chmod +x check_uids.php
* execute it: ./check_uids.php

If you see a “Duplicated UID…..” then that means you have the same issue I had.

How can I solve that issue?
I’ve found a primitive way to do it, if you have a better one let me know 🙂

* Case: UID 220001 is in group 503 (site1) and 504 (site2)
* BACKUP ALL YOUR INFORMATION!
* Go to site2 and remove the user with the UID (normally you can find the username at /home/virtual/site1/fst/etc/passwd)
* Browse your pgsql, appldb -> free_uids and search for the UID at the field “uid” (if you are not a pgsql geek get the latest webmin, install it and have fun)
* Edit the pgsql “site_id” field (which should be empty) and put the value “1” (which corresponds to the site1)
* Add the user from the site2 again
* Run the script again, if you are lucky you are out of danger 😉

NOTE: In the worse scenario I’ve seen the same UID on 5 different groups… that’d need an extra coffee 😉

Add/Remove multiple DNS zones for Ensim 4.x

I wrote this small script a few years ago (2005). This script allows you to add/delete 1 or more DNS zones and trust me, when you need to add 300 domains to your Ensim box you’ll come back to thank me 😛

Basicly, the script asks you for 2 options:

What do you want to do?
[1] Add zone(s)
[2] Delete zone(s)

Then, you’ll need to write the domain(s) separated by spaces and also the IP address and that’s all. By default it uses Ensim’s DNS zone template but you can change it to whatever you want.

File: mdns.php

#!/usr/bin/php -q
<?
// This settings should be OK!
// Add more if you need ;)
define('DEBUG',true); // make it 'false' if you want to see it work
define('DPATH','/usr/lib/opcenter/bind/');
define('ADD',DPATH.'add_zone');
define('REM',DPATH.'remove_zone');
define('AA',DPATH.'add_a');
define('AMX',DPATH.'add_mx');

main_menu();

function main_menu() {
?-->
What do you want to do?
[1] Add zone(s)
[2] Delete zone(s)
Option: \n");
		get_line();
		main_menu();
		return;
	}
	foreach ($domains as $k => $v) {
		print_out("\nAdding Zone $v ...\n");
		ecmd(ADD." -f ".$v);
		print_out("\nAdding A (www,ftp,mail) and MX records ...\n");
		ecmd(AA." -u $v $ip");
		ecmd(AA." -z $v www $ip");
		ecmd(AA." -z $v ftp $ip");
		ecmd(AA." -z $v mail $ip");
		ecmd(AMX." $v mail.".$v." 10");
	}
}

function rem_domains($domains=array()) {
	if (!$domains[0]) {
		print_out("\nThere are no domain(s), please start again \n");
		get_line();
		main_menu();
		return;
	}
	foreach ($domains as $k => $v) {
		print_out("\nRemoving Zone $v ...\n");
		ecmd(REM." ".$v);
	}
}

function ecmd($cmd="") {
	if (!$cmd) {
		echo "Nothing to execute!\n";
		return;
	}
	$cmd = escapeshellcmd($cmd);
	print_out("\t$cmd\n");
	if (!DEBUG) {
		$out = `$cmd 2>&1`;
	}
}

function option_domains() {
	print_out("\nEnter domain or domains separated by spaces or comas:\n");
	$line = get_line();
	$domains = preg_split('/\s+|,/',$line,-1,PREG_SPLIT_NO_EMPTY);
	if (!$domains[0]) {
		print_out("\nYou need to enter at least one domain name, press any key to continue...");
		get_line();
		main_menu();
	}
	print_out("\nCheck your information submitted: ");
	$i = 1;
	foreach ($domains as $k => $v) {
		echo "($i)$v ";
		$i++;
	}
	print_out("\n");
	return $domains;
}

function option_ip() {
	print_out("\nEnter the IP: ");
	$line = get_line();
	if (!$line) {
		print_out("\nYou need to enter an IP, press any key to continue...");
		get_line();
		main_menu();
	}
	print_out("\nCheck your information submitted: $line\n");
	return $line;
}

function option_confirm($info="") {
	print_out("\nIs this information correct?\n$info\n");
	print_out("Type 'return' to start over again, 'exit' to quit this application or any other key to continue...");
	$line = get_line();
	if (preg_match('/return/i',$line)) main_menu();
	elseif (preg_match('/exit|quit|bye/i',$line)) exit;
	else return;
}

function print_out($line="") {
	if (!$line) return;
	echo "$line";
}

function get_line() {
	$fh = fopen("php://stdin","r");
	$stdin = trim(fgets($fh));
	fclose($fh);
	return $stdin;
}
?>