Archive for the tag 'Account'

SBDavid
May 22nd, 2010

How can I change/repair my Admin account if the password in Plesk?

How can I change/repair my Admin account if the password in Plesk?

Unable to connect to database
login.php3: Unable to connect to database: Permission denied
ERROR 1045: Access denied for user: ‘admin@localhost’ (Using password: YES)

First try to restart Parallels Plesk Panel:

# /etc/init.d/psa restart

Check that the /etc/psa/.psa.shadow file has valid permissions. The right permissions would be

# ls -la /etc/psa/.psa.shadow
-rw——- 1 psaadm psaadm 5 Feb 26 11:22 /etc/psa/.psa.shadow

In case you have any other permission, you should change it using the following command:

# chown psaadm:psaadm /etc/psa/.psa.shadow
# chmod 600 /etc/psa/.psa.shadow

Check that Mysql server is running and working properly using the “ps ax | grep mysql” command. For example:

# ps ax | grep mysql

To check that Mysql server is running fine, try to access to the mysql console. For example:

# mysql -uadmin -p`cat /etc/psa/.psa.shadow` -D psa

In the newest versions of Parallels Plesk Panel, the password can be restored using the “ch_admin_passwd” utility.

# /usr/local/psa/admin/sbin/ch_admin_passwd –help

To change the password, use a command like the following one:

# export PSA_PASSWORD=’NEW_PASSWORD’ ; /usr/local/psa/admin/sbin/ch_admin_passwd; unset PSA_PASSWORD

Load MySQL with ’skip-grant-tables’ option, adding skip-grant-tables to the [mysqld] section of /etc/my.cnf file

Restart MySQL with the following command prompt:

# /etc/init.d/mysqld restart

Add the new password to the /etc/psa/.psa.shadow file.

Repair the password using the following command prompt:

# /usr/bin/mysql -D mysql -e”update user set password=PASSWORD(’`cat /etc/psa/.psa.shadow`’) where User=’admin’;”

Delete skip-grant-tables option from /etc/my.cnf

Restart MySQL.

Reference: http://parallels.com/

SBDavid
Feb 2nd, 2010

How to check privileges for an mysql account

How to check privileges for an mysql account.

To check the privileges for an account, use SHOW GRANTS:

mysql> SHOW GRANTS FOR ‘root’@'localhost’;
+—————————————————-+
| Grants for root@localhost
+—————————————————-+
| GRANT ALL PRIVILEGES ON *.* TO ‘root’@'localhost’ IDENTIFIED BY PASSWORD ‘*C406D12D7025EFA560629ABD992F09C9E28002C6′ WITH GRANT OPTION |
+—————————————————-+
1 row in set (0.00 sec)
mysql>
SBDavid
Sep 27th, 2009

Methods of Disabling the Root Account.

Methods of Disabling the Root Account.

Changing the root shell.

To prevent users from logging in directly as root, the system administrator can set the root ac-count’s shell to /sbin/nologin in the /etc/passwd file.

Edit the /etc/passwd file and change the shell from /bin/bash to /sbin/nologin.

The following programs are prevented from ac-cessing the root account:

· login
· gdm
· kdm
· xdm
· su
· ssh
· scp
· sftp

Programs that do not re-quire a shell, such as FTP clients, mail clients, and many setuid programs. The following programs are not prevented from accessing the root ac-count:

· sudo
· FTP clients
· Email clients

Disabling root ac-cess via any con-sole device (tty).

An empty /etc/securetty file prevents root login on any devices attached to the computer.

echo > /etc/securetty

Disabling root SSH Login.

Edit the /etc/ssh/sshd_config file, and set the PermitRootLo-gin parameter to no.

# PermitRootLogin yes

to

#PermitRootLogin no

Use PAM to limit root access to services.

Edit the file for the target service in the /etc/pam.d/ directory. Make sure the pam_listfile.so is re-quired for authentication.

SBDavid
Jun 19th, 2009

Account Creation Failed

Account Creation Failed

While creating an account via WHM, you may get an error stating that, cannot create new user.

You can check the cPanel logs for the error.

tail -f /usr/local/cpanel/logs/error_log

Sometimes, you may get the following error.

vipw lockfile (/etc/ptmp) is present!

This means that the “useradd” is locked. You will not be able to add new users unless you remove the following file.

You can also confirm it by executing the useradd command in the konsole. You will receive an error message stating the above.

useradd user1

Check if this file is present.

ls -l /etc/ptmp

/etc/ptmp >> This has a temporary copy of the password file. This file can be removed.

rm -f /etc/ptmp

« Prev