Debian 8 to 9 php 5 to 7

Discussion in 'Installation/Configuration' started by [email protected], Oct 6, 2017.

  1. stefan@martolvan.is

    [email protected] New Member

    Hi
    I have now had the worst of days. My server seems to have upgraded it self from Debian 8.x all the way to 10 unstable, in my ventures to get Lets Encrypt to work and upgrade SQL to accommodate Magento 2.x.
    System worked fine till I started upgrading SQL oblivious of the fact that my OS was not Debian 8 but Debian 10 unstable, so I must have done several things wrong however I spent about 2 days to clear out unstable packages and install stable versions an have now Debian 9 with Mariadb, most of the trouble came though when I in stalled MySQL on top of Mariadb an thus screwed up all my databases, but there are backups of most of them even though I found out that in som cases WP webs were backing up wrong database not the current one (APS worked poorly for an while, so installations were repeated an multiple DBs created).
    Next I ran perfect server Debian 9.1 setup and tried to full fill missing packages etc. along the way, so now I seem to be stuck between php versions, can not get ispConfig to start web interface got some webs working but most are down Mail service is down (I really avoid mail service so not important) etc. here is the result of the basic script:

    ##### SERVER #####
    IP-address (as per hostname): ***.***.***.***
    [WARN] could not determine server's ip address by ifconfig
    [INFO] ISPConfig is installed.

    ##### ISPCONFIG #####
    ISPConfig version is 3.1.2


    ##### VERSION CHECK #####

    [INFO] php (cli) version is 7.0.19-1
    [INFO] php-cgi (used for cgi php in default vhost!) is version 5.6.30-0+deb8u1

    ##### PORT CHECK #####

    [WARN] Port 8080 (ISPConfig) seems NOT to be listening
    [WARN] Port 143 (IMAP server) seems NOT to be listening
    [WARN] Port 993 (IMAP server SSL) seems NOT to be listening
    [WARN] Port 110 (POP3 server) seems NOT to be listening
    [WARN] Port 995 (POP3 server SSL) seems NOT to be listening
    [WARN] Port 21 (FTP server) seems NOT to be listening

    ##### MAIL SERVER CHECK #####


    ##### RUNNING SERVER PROCESSES #####

    [INFO] I found the following web server(s):
    Apache 2 (PID 4474)
    [INFO] I found the following mail server(s):
    Postfix (PID 23476)
    [WARN] I could not determine which pop3 server is running.
    [WARN] I could not determine which imap server is running.
    [WARN] I could not determine which ftp server is running.

    ##### LISTENING PORTS #####
    (only ()
    Local (Address)
    [localhost]:10024 (23612/amavisd-new)
    [localhost]:10025 (23476/master)
    [anywhere]:3306 (9356/mysqld)
    [localhost]:10026 (23612/amavisd-new)
    [localhost]:10027 (23476/master)
    [anywhere]:587 (23476/master)
    [localhost]:11211 (611/memcached)
    [anywhere]:23213 (25307/bash)
    [anywhere]:111 (454/rpcbind)
    [anywhere]:80 (4474/apache2)
    [anywhere]:8081 (4474/apache2)
    [anywhere]:465 (23476/master)
    ***.***.***.***:53 (23755/named)
    [localhost]:53 (23755/named)
    [anywhere]:22 (701/sshd)
    [localhost]:953 (23755/named)
    [anywhere]:25 (23476/master)
    [anywhere]:27450 (24950/bash)
    [anywhere]:443 (4474/apache2)
    [anywhere]:8000 (1139/webfsd)
    [localhost]:10023 (1274/postgrey)




    ##### IPTABLES #####
    Chain INPUT (policy ACCEPT)
    target prot opt source destination
    f2b-sasl tcp -- [anywhere]/0 [anywhere]/0 multiport dports 25
    f2b-dovecot-pop3imap tcp -- [anywhere]/0 [anywhere]/0 multiport dports 0:65535
    f2b-pureftpd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 21
    f2b-sshd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 22
    RETURN tcp -- [anywhere]/0 [anywhere]/0 tcp flags:0x17/0x02 limit: avg 1/sec burst 3

    Chain FORWARD (policy ACCEPT)
    target prot opt source destination

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    ispprotect-udp-flood udp -- [anywhere]/0 [anywhere]/0

    Chain f2b-dovecot-pop3imap (1 references)
    target prot opt source destination
    RETURN all -- [anywhere]/0 [anywhere]/0

    Chain f2b-pureftpd (1 references)
    target prot opt source destination
    RETURN all -- [anywhere]/0 [anywhere]/0

    Chain f2b-sasl (1 references)
    target prot opt source destination
    RETURN all -- [anywhere]/0 [anywhere]/0

    Chain f2b-sshd (1 references)
    target prot opt source destination
    RETURN all -- [anywhere]/0 [anywhere]/0

    Chain ispprotect-udp-flood (1 references)
    target prot opt source destination
    RETURN udp -- [anywhere]/0 [anywhere]/0 owner UID match 0
    RETURN udp -- [anywhere]/0 [anywhere]/0 udp dpt:53
    RETURN udp -- [anywhere]/0 [anywhere]/0 limit: avg 50/sec burst 5
    LOG all -- [anywhere]/0 [anywhere]/0 LOG flags 0 level 4 prefix "BanDaemon UDP-flood attempt: "
    DROP all -- [anywhere]/0 [anywhere]/0

    What would be the next step to take I´m at an total loss here, having hard time finding what is the reason for each failure.
    I would appreciate all pointers and offers for help.
     
  2. ztk.me

    ztk.me ISPConfig Developer ISPConfig Developer

    1. your php for cli and cgi seems to missmatch, you may want to fix that
    Code:
    update-alternatives --config php
    to help you with each service, we need proper log infos wh they fail,
    easiest thing might be
    Code:
    apache2ctl -t
    does it show something?

    log-info?
    Code:
    journalctl -u apache2
    journalctl -u postfix
    and so on
     
  3. stefan@martolvan.is

    [email protected] New Member

    Hi
    update-alternatives --config php
    update-alternatives --config php
    There are 2 choices for the alternative php (providing /usr/bin/php).

    Selection Path Priority Status
    ------------------------------------------------------------
    * 0 /usr/bin/php7.0 70 auto mode
    1 /usr/bin/php5 50 manual mode
    2 /usr/bin/php7.0 70 manual mode

    Press <enter> to keep the current choice[*], or type selection number:
    and
    apache2ctl -t
    Syntax OK

    journalctl -u apache2
    okt 06 12:56:00 host.mydomain.com postfix/sendmail[28983]: warning: inet_protocols: disabling IPv6 name/address support: Add
    okt 06 12:56:00 host.mydomain.com postfix/postdrop[28985]: warning: inet_protocols: disabling IPv6 name/address support: Add
    okt 06 13:19:37 host.mydomain.com postfix/sendmail[31124]: warning: inet_protocols: disabling IPv6 name/address support: Add
    .......

    journalctl -u postfix
    -- Logs begin at Fri 2017-10-06 11:15:02 GMT, end at Fri 2017-10-06 14:38:11 GMT. --
    -- No entries --

    I'm running through Debian 9.1 perfect server Apache .....
    but stuck in endless dependency conflicts uninstalling and reinstalling more or less all hard to get many packages uninstalled due to dependencies so it is an struggle.
     
  4. ztk.me

    ztk.me ISPConfig Developer ISPConfig Developer

    which php version you choose is up to you, for example if you have a lot of customers needing old php 5.6 ans they're using crontabs like /usr/bin/php .... you might default to php5 for their convenience or go to 7 and inform them.

    yes it's challenging, I once did a recent ubuntu version to debian stable conversion, it can be done but... yeah ;)

    hmm so I'm wondering why your log output for apache2 shows postfix logs, uhm maybe my fault.
    try (re)starting each service and then use $journal -xe to see any issues

    wouldn't it be easier to just backup data and reinstall anyway? given that you currently don't know what configuration is broken and whatnot else doesn't work. Depending on how much you changed from default of course. Just don't forget to backup current data aswell /etc - folder, /var/vmail /var/www /var/lib/mysql (maybe, or just dump each database )

    If you want to fix the issue by resolving conflicts ect. I can try to assist you aswell ofc, just mentioning
     
  5. stefan@martolvan.is

    [email protected] New Member

    Yes you are probably right that is the only right route to go most of my data bases are crapped up any way and unsure distro version all point to this conclusion, I just banging my head to the wall here.
    The only trouble is taht this is pimary [and secondary] dns for quite few domains so I need to be fast if I start this venture.
    DNS is the thing that has been working through out witch says more of how well Bind is made than my skills.
     
  6. ztk.me

    ztk.me ISPConfig Developer ISPConfig Developer

    if the sites are not reachable anyway ... dns shouldn't matter much ;)
    I'd suggest to use external DNS-service anyway, not only as backup but so you can shut your own down in case of any unpleasent event it may encounter.

    But usually following the howto is pretty straight forward. Though I have a neat little script for all the packages I preferably use ( see my post at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877081 )

    Maybe it can help you the next time ;) It just doesn't do reconfigure ofc.
     
  7. ztk.me

    ztk.me ISPConfig Developer ISPConfig Developer

    for an example I attached my list.
    I didn't exactly follow perfect isp setup, but maybe it can fix your setup a little since it's explicitly telling apt which repo to use? just make sure you remove dnsmasq from my list to not make it replace bind9

    or setup your own perfect setup and create a list the way I described in the mentioned bug report

    /etc/apt/sources.list
    Code:
    deb http://ftp.de.debian.org/debian/ stretch main contrib non-free
    deb-src http://ftp.de.debian.org/debian/ stretch main contrib non-free
    
    deb http://ftp.de.debian.org/debian/ buster main contrib non-free
    deb-src http://ftp.de.debian.org/debian/ buster main contrib non-free
    
    deb http://security.debian.org/ stretch/updates main contrib non-free
    deb-src http://security.debian.org/ stretch/updates main contrib non-free
    
    # stretch-updates, previously known as 'volatile'
    deb http://ftp.de.debian.org/debian/ stretch-updates main contrib non-free
    deb-src http://ftp.de.debian.org/debian/ stretch-updates main contrib non-free
    
    /etc/apt/sources.list.d/php.list
    Code:
    deb https://packages.sury.org/php/ stretch main
    /etc/apt/preferences
    Code:
    Package: *
    Pin: release a=stable
    Pin-Priority: 700
    
    Package: *
    Pin: release a=testing
    Pin-Priority: 499
    
    Package: *
    Pin: origin packages.sury.org
    Pin-Priority: 498
    
     

    Attached Files:

    Last edited: Oct 6, 2017
  8. stefan@martolvan.is

    [email protected] New Member

    Hi and thanks for the help, It seems that I got the server up again with few minor non trivial errors, the two left are mailman is stuck with to new language file and recommendation to use journal-ed quota user and group quota, I can find little to nothing how to do that.
    So here is how things came finally back together (databases more or less screwed up restored from various backups)
    Fixed "/etc/apt/sources.list" to the same as Debian 9 Stretch
    User sudo aptitude to clear/purge out all non installed packages and uninstall all unstable versions.
    ran "aptitude update" followed by "aptitude upgrade -f"
    Installed "The Perfect Server - Debian 9 (Stretch) with Apache, BIND, Dovecot, PureFTPD and ISPConfig 3.1" supplementing "sudo aptitude -f" instead of "apt-get" this enabled me to choose how to resolve dependencies that mostly used second choice uninstalling newer packages an installing the Debian 9.1 version.
    Ran ispconfig update instead of install "php q update.php" from with in the extracted install folder.
    Took out ipV6 from the "/etc/dovecot/dovecot.config" on top there is "listen = * [::]" should read "listen = *" this is always nedde after running ispconfig update an most of the time if dovecot updates.
    Most stuff is up now oly few WP webs to solve from backups everything else seems fine, and syslog is relatively calm and error free.

    Thank you all for the help, I hope my MFU and recovery from that can help some one else.
     
    ztk.me likes this.

Share This Page