Archive for September, 2007

Syncing cPanel scripts from

September 29, 2007

rsync -av rsync:// /scripts/


Attaching text file in mail from shell

September 25, 2007

(echo “$afilename is attached” ; cat $afilename | uuencode $afilename) | mail -s “`echo $afilename`”

Redirecting traffic coming to port 26 to port 25

September 25, 2007

# redirect traffic coming in on port 26 to port 25
/sbin/iptables -t nat -I PREROUTING -p tcp –dport 26 -j REDIRECT –to-port 25
# make it so that this command runs on server boot up.
if ! grep -qai 26 /etc/rc.local; then
echo ‘/sbin/iptables -t nat -I PREROUTING -p tcp –dport 26 -j REDIRECT –to-port 25’ >> /etc/rc.local

Get the OpenSolaris Starter Kit for free :)

September 24, 2007

You can order OpenSolaris Starter Kit for free at

How to check hard links

September 11, 2007

You can check whether two files are the same file with two hard links by:

$ ls -li file1 file2

Finding UUID of a drive …

September 10, 2007

I had waring messages poping up on rebooting Ubuntu after installing Debian. It was demanding an fsck on the drive I formated from debian during installation. The error message was something related to UUID.

I have fixed it by adding the new UUID of the formated drive in /etc/fstab
You can find uuid using

sudo vol_id -u device

Apache 1.3 + mod_ssl + PHP Complile from source – Howto

September 6, 2007

Note : This document comes without warranty of any kind!

Installing Apache web server (1.3.x) with mod_ssl and PHP enabled.

1 Get the Source

We need the following software: openssl, apache (1.3.x), mod_ssl and PHP. Down load them to /usr/src

cd /usr/src

Now go to and download the latest PHP version to the same loacation.

2 Install Openssl

tar xvfz openssl-0.9.7c.tar.gz
cd openssl-0.9.7c
make install

3 Configure and Install mod_ssl and apache

cd /usr/src
tar xvfz apache_1.3.29.tar.gz
tar xvfz mod_ssl-2.8.16-1.3.29.tar.gz
cd mod_ssl-2.8.16-1.3.29
./configure --with-apache=../apache_1.3.29 --with-ssl=/usr/local/ssl/ --prefix=/usr/local/apache --enable-module=most --enable-shared=max --logfiledir=/var/log/httpd --htdocsdir=/usr/local/httpd/htdocs --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc/httpd

(The option –htdocsdir=/usr/local/httpd/htdocs specifies the the default location for documents that will be delivered by this web server is in /usr/local/httpd/htdocs.

Note: You can change the configure command to suit to your needs. Type

./configure --help

to get a list of all configuration options available!)

cd ../apache_1.3.29
make certificate TYPE=custom

<- Signature Algorithm: R
<- Country Name: Type your country’s name (e.g DE for Germany)
<- State or Province Name: e.g. Lower Saxony, California, etc.
<- Locality Name: e.g. Lueneburg, Los Angeles, Paris, London, etc.
<- Organization Name: e.g. the name of your company
<- Organizational Unit Name: e.g. IT Department
<- Common Name: e.g. My Company CA
<- Email Address: e.g. info@mycompany.tld
<- Certificate Validity: e.g. 365 (one year)
<- Certificate Version: 3
<- Country Name: see above
<- State or Province Name: see above
<- Locality Name: see above
<- Organization Name: see above
<- Organizational Unit Name: see above
<- Common Name: the fully qualified domain name (FQDN) of your server, e.g.
<- Email Address: see above
<- Certificate Validity: see above
<- Certificate Version: 3
<- Encrypt the private key now? n
<- Encrypt the private key now? n

(Please note: It is safe to accept the default values for all the questions above because in either case you will receive a warning in your browser if you try to access an SSL site on your server:

If you do not want to get this warning you will have to get a “real” SSL certificate (but this is not for free!). Have a look at the following sites:

* (I would recommend this one.)
* )

make install

4 Install PHP

cd /usr/src
tar xvfz php-4.3.4.tar.gz
cd php-4.3.4
./configure --with-apxs=/usr/sbin/apxs --enable-track-vars --enable-sockets --with-config-file-path=/etc --enable-ftp --with-zlib --with-openssl=/usr/local/ssl --enable-force-cgi-redirect --enable-exif --with-gd

(Please note: You can change the configure command to suit to your needs. Type

./configure --help

to get a list of all configuration options available! If you do not specify the –with-mysql[=DIR] option, the bundled MySQL library will be used. This works in most cases.

If you use –with-gd, and you get an error message because of a missing libpng library, install it and then re-run the configure command. On Debian,

If you are on RHEL, uptodate –install libpng-dev libpng2 libpng2-dev libpng3

worked fine for me to install libpng.You can also use to find an rpm for you, or have a look at

make install

This will install a PHP binary (normally under /usr/local/bin/php) that can be run from the command line as well as an Apache module.

Now we have to create /etc/php.ini. The easiest way is to take the one that comes with the PHP sources:

cp /tmp/php-4.3.4/php.ini-dist /etc/php.ini

If you like you can now modify /etc/php.ini to suit to your needs.

5 Configure Apache

Now we have to add the following entry in /etc/httpd/httpd.conf (in the section where document types are handled; there should be entries like AddHandler or AddType):

AddType application/x-httpd-php .php .php4 .php3

Create /etc/init.d/httpd:


case "$1" in
/usr/sbin/apachectl startssl
/usr/sbin/apachectl stop
$0 stop && sleep 3
$0 start
$0 stop
$0 start
echo "Usage: $0 {start|stop|restart|reload}"
exit 1

chmod 755 /etc/init.d/httpd

Then start your Apache:

/etc/init.d/httpd start

6 Test your Configuration

netstat -tuap

should show you that Apache uses the ports 80 (http) and 443 (https).

Now go to /usr/local/httpd/htdocs and create a file called info.php with the following contents:

Try to access it with your browser (e.g. using the IP address of the server) via http (e.g. and https ( The output should look similar to this screenshot:



A very useful tutorial on “make”

September 6, 2007

A very useful tutorial on “make”

Installing monit

September 5, 2007

Monit is a utility for managing and monitoring processes, files, directories and devices on a Unix system. Monit conducts automatic maintenance and repair and can execute meaningful causal actions in error situations. E.g. monit can start a process if it does not run, restart a process if it does not respond and stop a process if it uses to much resources. You may use monit to monitor files, directories and devices for changes, such as timestamps changes, checksum changes or size changes.

Monit is controlled via an easy to configure control file based on a free-format, token-oriented syntax. Monit logs to syslog or to its own log file and notifies you about error conditions via customizable alert messages. Monit can perform various TCP/IP network checks, protocol checks and can utilize SSL for such checks. Monit provides a http(s) interface and you may use a browser to access the monit program.


tar -zxvf monit-4.9.tar.gz
cd monit-4.9


You will get something like …

monit has been configured with the following options:
Architecture: LINUX
SSL support: enabled
SSL include directory: /usr/include
SSL library directory: /usr/lib
resource monitoring: enabled
resource code: sysdep_LINUX.c
large files support: enabled
Compiler flags: -g -O2 -Wall -D _REENTRANT -I/usr/include
Linker flags: -lpthread -lcrypt -lresolv -lnsl -L/usr/lib -lssl -lcrypto
pid file location: /var/run

Now run make and make install

make install ]

If all goes well, you will see something like:

root@server [~/source/monit-4.9]# make install
/usr/bin/install -c -m 755 -d /usr/local/bin || exit 1
/usr/bin/install -c -m 755 -d /usr/local/share/man/man1 || exit 1
/usr/bin/install -c -m 555 -s monit /usr/local/bin || exit 1
/usr/bin/install -c -m 444 monit.1 /usr/local/share/man/man1/monit.1 || exit 1

Well that’s it .. 🙂
You just have to configure it using the sample file monitrc.something available in the installtion directory
Just comment out/add the services/filles/permissions you wish to monitor, add the email ID where yiu want the alerts to be sent. Once you are done with editing the file , run monit -t to test the syntax

to run monit just type monit -d5
where 5 seconds is set as the interval to check.

General Options and Arguments from the readme file.. If you really want to read 🙂

-c file
Use this control file

-d n
Run as a daemon once per n seconds

Set group name for start, stop, restart and status

-l logfile
Print log information to this file

-p pidfile
Use this lock file in daemon mode

-s statefile
Write state information to this file

Do not run in background (needed for run from init)

Run syntax check for the control file

Verbose mode, work noisy (diagnostic output)

-H [filename]
Print MD5 and SHA1 hashes of the file or of stdin if the
filename is omitted; monit will exit afterwards

Print version number and patch level

Print a help text

In addition to the options above, monit can be started with one of the following action arguments; monit will
then execute the action and exit without transforming itself to a daemon.

start all
Start all services listed in the control file and
enable monitoring for them. If the group option is
set, only start and enable monitoring of services in
the named group.

start name
Start the named service and enable monitoring for
it. The name is a service entry name from the
monitrc file.

stop all
Stop all services listed in the control file and
disable their monitoring. If the group option is
set, only stop and disable monitoring of the services
in the named group.

stop name
Stop the named service and disable its monitoring.
The name is a service entry name from the monitrc

restart all
Stop and start all services. If the group option
is set, only restart the services in the named group.

restart name
Restart the named service. The name is a service entry
name from the monitrc file.

monitor all
Enable monitoring of all services listed in the
control file. If the group option is set, only start
monitoring of services in the named group.

monitor name
Enable monitoring of the named service. The name is
a service entry name from the monitrc file. Monit will
also enable monitoring of all services this service
depends on.

unmonitor all
Disable monitoring of all services listed in the
control file. If the group option is set, only disable
monitoring of services in the named group.

unmonitor name
Disable monitoring of the named service. The name is
a service entry name from the monitrc file. Monit
will also disable monitoring of all services that
: status
Print full status information for each service.

Print short status information for each service.

Reinitialize a running monit daemon, the daemon will
reread its configuration, close and reopen log files.

Kill a monit daemon process

Check all services listed in the control file. This
action is also the default behavior when monit runs
in daemon mode.

You may use monit to monitor daemon processes or similar programs running on localhost. Monit is particular use-
ful for monitoring daemon processes, such as those started at system boot time from /etc/init.d/. For instance
sendmail, sshd, apache and mysql. In difference to many monitoring systems, monit can act if an error situation
should occur, e.g.; if sendmail is not running, monit can start sendmail or if apache is using to much system
resources (e.g. if a DoS attack is in progress) monit can stop or restart apache and send you an alert message.
Monit does also monitor process characteristics, such as; if a process has become a zombie and how much memory or
cpu cycles a process is using.

You may also use monit to monitor files, directories and devices on localhost. Monit can monitor these items for
changes, such as timestamps changes, checksum changes or size changes. This is also useful for security reasons –
you can monitor the md5 checksum of files that should not change.

You may even use monit to monitor remote hosts. First and foremost monit is a utility for monitoring and mending
services on localhost, but if a service depends on a remote service, e.g. a database server or an application
server, it might by useful to be able to test a remote host as well.

You may monitor the general system-wide resources such as cpu usage, memory and load average.

monit is configured and controlled via a control file called monitrc. The default location for this file is
~/.monitrc. If this file does not exist, monit will try /etc/monitrc, then /usr/local/etc/monitrc and finally

A monit control file consists of a series of service entries and global option statements in a free-format,
token-oriented syntax. Comments begin with a # and extend through the end of the line. There are three kinds of
tokens in the control file: grammar keywords, numbers and strings.

On a semantic level, the control file consists of three types of statements:

1. Global set-statements
A global set-statement starts with the keyword set and the item to configure.

2. Global include-statement
The include statement consists of the keyword include and a glob string.

3. One or more service entry statements.
A service entry starts with the keyword check followed by the service type.

This is the hello galaxy version of a monit control file:

# monit control file

set daemon 120 # Poll at 2-minute intervals
set logfile syslog facility log_daemon
set alert foo@bar.baz
set httpd port 2812 and use address localhost
allow localhost # Allow localhost to connect
allow admin:monit # Allow Basic Auth

check system myhost.mydomain.tld
if loadavg (1min) > 4 then alert
if loadavg (5min) > 2 then alert
if memory usage > 75% then alert
if cpu usage (user) > 70% then alert
if cpu usage (system) > 30% then alert
if cpu usage (wait) > 20% then alert
: check process apache
with pidfile “/usr/local/apache/logs/”
start program = “/etc/init.d/httpd start”
stop program = “/etc/init.d/httpd stop”
if 2 restarts within 3 cycles then timeout
if totalmem > 100 Mb then alert
if children > 255 for 5 cycles then stop
if cpu usage > 95% for 3 cycles then restart
if failed port 80 protocol http then restart
group server
depends on httpd.conf, httpd.bin

check file httpd.conf
with path /usr/local/apache/conf/httpd.conf
# Reload apache if the httpd.conf file was changed
if changed checksum
then exec “/usr/local/apache/bin/apachectl graceful”

check file httpd.bin
with path /usr/local/apache/bin/httpd
# Run /watch/dog in the case that the binary was changed
# and alert in the case that the checksum value recovered
# later
if failed checksum then exec “/watch/dog”
else if recovered then alert

include /etc/monit/mysql.monitrc
include /etc/monit/mail/*.monitrc

This example illustrate a service entry for monitoring the apache web server process as well as related files.
The meaning of the various statements will be explained in the following sections.

monit will log status and error messages to a log file. Use the set logfile statement in the monitrc control
file. To setup monit to log to its own logfile, use e.g. set logfile /var/log/monit.log. If syslog is given as a
value for the -l command-line switch (or the keyword set logfile syslog is found in the control file) monit will
use the syslog system daemon to log messages. The priority is assigned to each message based on the context. To
turn off logging, simply do not set the logfile in the control file (and of course, do not use the -l switch)

The -d interval command-line switch runs monit in daemon mode. You must specify a numeric argument which is a
polling interval in seconds.

In daemon mode, monit detaches from the console, puts itself in the background and runs continuously, monitoring
each specified service and then goes to sleep for the given poll interval.

Simply invoking

monit -d 300

will poll all services described in your ~/.monitrc file every 5 minutes.

It is strongly recommended to set the poll interval in your ~/.monitrc file instead, by using set daemon n, where
n is an integer number of seconds. If you do this, monit will always start in daemon mode (as long as no action
arguments are given).

Monit makes a per-instance lock-file in daemon mode. If you need more monit instances, you will need more config-
uration files, each pointing to its own lock-file.

Calling monit with a monit daemon running in the background sends a wake-up signal to the daemon, forcing it to
check services immediately.

The quit argument will kill a running daemon process instead of waking it up.

Monit can run and be controlled from init. If monit should crash, init will re-spawn a new monit process. Using
init to start monit is probably the best way to run monit if you want to be certain that you always have a run-
ning monit daemon on your system. (It’s obvious, but never the less worth to stress; Make sure that the control
file does not have any syntax errors before you start monit from init. Also, make sure that if you run monit from
init, that you do not start monit from a startup scripts as well).

To setup monit to run from init, you can either use the ’set init’ statement in monit’s control file or use the
-I option from the command line and here is what you must add to /etc/inittab:

# Run monit in standard run-levels
mo:2345:respawn:/usr/local/bin/monit -Ic /etc/monitrc

After you have modified init’s configuration file, you can run the following command to re-examine /etc/inittab
and start monit:

telinit q

For systems without telinit:

kill -1 1

If monit is used to monitor services that are also started at boot time (e.g. services started via SYSV init rc
scripts or via inittab) then, in some cases, a race condition could occur. That is; if a service is slow to
start, monit can assume that the service is not running and possibly try to start it and raise an alert, while,
in fact the service is already about to start or already in its startup sequence. Please see the FAQ for solu-
tions to this problem.
The monit control file, monitrc, can include additional configuration files. This feature helps to maintain a
certain structure or to place repeating settings into one file. Include statements can be placed at virtually any
spot. The syntax is the following:

INCLUDE globstring

The globstring is any kind of string as defined in glob(7). Thus, you can refer to a single file or you can load
several files at once. In case you want to use whitespace in your string the globstring need to be embedded into
quotes (’) or double quotes (“). For example,

INCLUDE “/etc/monit/monit configuration files/printer.*.monitrc”

loads any file matching the single globstring. If the globstring matches a directory instead of a file, it is
silently ignored.

INCLUDE statements in included files are parsed as in the main control file.

If the globstring matches several results, the files are included in a non sorted manner. If you need to rely on
a certain order, you might need to use single include statements.

Service entries in the control file, monitrc, can be grouped together by the group statement. The syntax is sim-
ply (keyword in capital):

GROUP groupname

With this statement it is possible to group similar service entries together and manage them as a whole. Monit
provides functions to start, stop and restart a group of services, like so:

To start a group of services from the console:

monit -g start

To stop a group of services:

monit -g stop

To restart a group of services:

monit -g restart

Monit supports three monitoring modes per service: active, passive and manual. See also the example section below
for usage of the mode statement.

In active mode, monit will monitor a service and in case of problems monit will act and raise alerts, start, stop
or restart the service. Active mode is the default mode.

In passive mode, monit will passively monitor a service and specifically not try to fix a problem, but it will
still raise alerts in case of a problem.

For use in clustered environments there is also a manual mode. In this mode, monit will enter active mode only if
a service was brought under monit’s control, for example by executing the following command in the console:

monit start sybase
(monit will call sybase’s start method and enable monitoring)

If a service was not started by monit or was stopped or disabled for example by:

monit stop sybase
(monit will call sybase’s stop method and disable monitoring)

monit will not monitor the service. This allows for having services configured in monitrc and start it with monit
only if it should run. This feature can be used to build a simple failsafe cluster. To see how, read more about
how to setup a cluster with monit using the heartbeat system in the examples sections below.

Monit will raise an email alert in the following situations:

o A service timed out
o A service does not exist
o A service related data access problem
o A service related program execution problem
o A service is of invalid object type
o A icmp problem
o A port connection problem
o A resource statement match
o A file checksum problem
o A file size problem
o A file/directory timestamp problem
o A file/directory/device permission problem
o A file/directory/device uid problem
o A file/directory/device gid problem

Monit will send an alert each time a monitored object changed. This involves:

o Monit started, stopped or reloaded
o A file checksum changed
o A file size changed
o A file size changed
o A file content match
o A file/directory timestamp changed

You use the alert statement to notify monit that you want alert messages sent to an email address. If you do not
specify an alert statement, monit will not send alert messages.

There are two forms of alert statement:

o Global – common for all services
o Local – per service

In both cases you can use more than one alert statement. In other words, you can send many different emails to
many different addresses. (in case you now got a new business idea: monit is not really suitable for sending

Recipients in the global and in the local lists are alerted when a service failed, recovered or changed. If the
same email address is in the global and in the local list, monit will send only one alert. Local (per service)
defined alert email addresses override global addresses in case of a conflict. Finally, you may choose to only
use a global alert list (recommended), a local per service list or both.

It is also possible to disable the global alerts localy for particular service(s) and recipients.

Setting a global alert statement

If a change occurred on a monitored services, monit will send an alert to all recipients in the global list who
have registered interest for the event type. Here is the syntax for the global alert statement:

SET ALERT mail-address [ [NOT] {events}] [MAIL-FORMAT {mail-format}] [REMINDER number]

Simply using the following in the global section of monitrc:

set alert foo@bar

will send a default email to the address foo@bar whenever an event occurred on any service. Such an event may be
that a service timed out, a service was doesn’t exist or a service does exist (on recovery) and so on. If you
want to send alert messages to more email addresses, add a set alert ’email’ statement for each address.

For explanations of the events, MAIL-FORMAT and REMINDER keywords above, please see below.

When you want to enable global alert recipient which will receive all event alerts except some type, you can also
use the NOT negation option ahead of events list which allows you to set the recipient for “all but specified
events” (see bellow for more details).

Setting a local alert statement

Each service can also have its own recipient list.

ALERT mail-address [ [NOT] {events}] [MAIL-FORMAT {mail-format}] [REMINDER number]


NOALERT mail-address

If you only want an alert message sent for certain events for certain service(s), for example only for timeout
events or only if a service died, then postfix the alert-statement with a filter block:

check process myproc with pidfile /var/run/
alert foo@bar only on { timeout, nonexist }

(only and on are noise keywords, ignored by monit. As a side note; Noise keywords are used in the control file
grammar to make an entry resemble English and thus make it easier to read (or, so goes the philosophy). The full
set of available noise keywords are listed below in the Control File section).

You can also set the alert to send all events except specified using the list negation – the word not ahead of
the event list. For example when you want to receive alerts for all events except the monit instance related, you
can write (note that the noise words ’but’ and ’on’ are optional):

check system myserver
alert foo@bar but not on { instance }

instead of:

alert foo@bar on { change
timestamp }

This will enable all alerts for foo@bar, except the monit instance related alerts.

Event filtering can be used to send a mail to different email addresses depending on the events that occurred.
For instance:

alert foo@bar { nonexist, timeout, resource, icmp, connection }
alert security@bar on { checksum, permission, uid, gid }
alert manager@bar

This will send an alert message to foo@bar whenever a nonexist, timeout, resource or connection problem occurs
and a message to security@bar if a checksum, permission, uid or gid problem occurs. And finally, a message to
manager@bar whenever any error event occurs.

This will send an alert message to foo@bar whenever a nonexist, timeout, resource or connection problem occurs
and a message to security@bar if a checksum, permission, uid or gid problem occurs. And finally, a message to
manager@bar whenever any error event occurs.

This is the list of events you can use in a mail-filter: uid, gid, size, nonexist, data, icmp, instance, invalid,
exec, changed, timeout, resource, checksum, match, timestamp, connection, permission

You can also disable the alerts localy using the NOALERT statement. This is useful for example when you have lot
of services monitored, used the global alert statement, but don’t want to receive alerts for some minor subset
of services:

noalert appadmin@bar

For example when you will place the noalert statement to the ’check system’, the given user won’t receive the
system related alerts (such as monit instance started/stopped/reloaded alert, system overloaded alert, etc.) but
will receive the alerts for all other monitored services.

The following example will alert foo@bar on all events on all services by default, except the service mybar which
will send an alert only on timeout. The trick is based on the fact that local definition of the same recipient
overrides the global setting (including registered events and mail format):

set alert foo@bar

check process myfoo with pidfile /var/run/

check process mybar with pidfile /var/run/
alert foo@bar only on { timeout }

The ’instance’ alert type report events related to monit internals, such as when a monit instance was started,
stopped or reloaded.

If the MTA (mailserver) for sending alerts is not available, monit can queue events on the local file-system
until the MTA recover. Monit will then post queued events in order with their original timestamp so the events
are not lost. This feature is most useful if monit is used together with e.g. m/monit and when event history is

Alert message layout

monit provides a default mail message layout that is short and to the point. Here’s an example of a standard
alert mail sent by monit:

Subject: monit alert — Does not exist apache
Date: Thu, 04 Sep 2003 02:33:03 +0200

Does not exist Service apache

Date: Thu, 04 Sep 2003 02:33:03 +0200
Action: restart

Your faithful employee,

If you want to, you can change the format of this message with the optional mail-format statement. The syntax for
this statement is as follows:

mail-format {
from: monit@localhost
subject: $SERVICE $EVENT at $DATE
Yours sincerely,

Where the keyword from: is the email address monit should pretend it is sending from. It does not have to be a
real mail address, but it must be a proper formated mail address, on the form: name@domain. The keyword subject:
is for the email subject line. The subject must be on only one line. The message: keyword denotes the mail body.
If used, this keyword should always be the last in a mail-format statement. The mail body can be as long as you
want and must not contain the ’}’ character.

All of these format keywords are optional but you must provide at least one. Thus if you only want to change the
from address monit is using you can do:

set alert foo@bar with mail-format { from: bofh@bar.baz }

From the previous example you will notice that some special $XXX variables was used. If used, they will be sub-
stituted and expanded into the text with these values:

A string describing the event that occurred. The values are
fixed and are:

Event: | Failure state: | Recovery state:
: Event: | Failure state: | Recovery state:
CHANGED | “Changed” | “Changed back”
CHECKSUM | “Checksum failed” | “Checksum passed”
CONNECTION | “Connection failed” | “Connection passed”
DATA | “Data access error” | “Data access succeeded”
EXEC | “Execution failed” | “Execution succeeded”
GID | “GID failed” | “GID passed”
ICMP | “ICMP failed” | “ICMP passed”
INSTANCE | “Monit instance changed”| “Monit instance changed not”
INVALID | “Invalid type” | “Type passed”
MATCH | “Regex match” | “No regex match”
NONEXIST | “Does not exist” | “Exists”
PERMISSION| “Permission failed” | “Permission passed”
RESOURCE | “Resource limit matched”| “Resource limit passed”
SIZE | “Size failed” | “Size passed”
TIMEOUT | “Timeout” | “Timeout recovery”
TIMESTAMP | “Timestamp failed” | “Timestamp passed”
UID | “UID failed” | “UID passed”

The service entry name in monitrc

The current time and date (RFC 822 date style).

The name of the host monit is running on


The name of the action which was done. Action names are fixed
and are:

Action: | Name:
ALERT | “alert”
EXEC | “exec”
MONITOR | “monitor”
RESTART | “restart”
START | “start”
STOP | “stop”
UNMONITOR| “unmonitor”

The description of the error condition

Setting a global mail format

It is possible to set a standard mail format with the following global set-statement (keywords are in capital):

SET MAIL-FORMAT {mail-format}

Format set with this statement will apply to every alert statement that does not have its own specified mail-for-
mat. This statement is most useful for setting a default from address for messages sent by monit, like so:

set mail-format { from: }

Setting a error reminder

Monit by default sends just one error notification when the service failed and another one when it has recovered.
If you want to be notified more then once in the case that the service remains failed, you can use the reminder
option of alert statement (keywords are in capital):


For example if you want to be notified each tenth cycle when the service remains failed, you can use:

alert foo@bar with reminder on 10 cycles

If you want to be notified on each failed cycle, you can use:

alert foo@bar with reminder on 1 cycle

Setting a mail server for alert messages

The mail server monit should use to send alert messages is defined with a global set statement (keywords are in
capital and optional statements in [brackets]):

SET MAILSERVER {host name [PORT port]|ip-address [PORT port]}+

The port statement allows to use SMTP servers other then those listening on port 25. If omitted, port 25 is used
As you can see, it is possible to set several SMTP servers. If monit cannot connect to the first server in the
list it will try the second server and so on. Monit has a default 5 seconds connection timeout and if the SMTP
server is slow, monit could timeout when connecting or reading from the server. You can use the optional timeout
statement to explicit set the timeout to a higher value if needed. Here is an example for setting several mail

set mailserver, port 10025,
localhost with timeout 15 seconds

Here monit will first try to connect to the server “”, if this server is down monit will try
“” on port 10025 and finally “localhost”. We do also set an explicit connect and read timeout; If
monit cannot connect to the first SMTP server in the list within 15 seconds it will try the next server and so
on. The set mailserver .. statement is optional and if not defined monit defaults to use localhost as the SMTP

Event queue

Monit provide optionally queueing of event alerts that cannot be sent. For example, if no mail-server is avail-
able at the moment, monit can store events in a queue and try to reprocess them at the next cycle. As soon as the
mail-server recover, monit will post the queued events. The queue is persistent across monit restarts and pro-
vided that the back-end filesystem is persistent too, across system restart as well.

By default, the queue is disabled and if the alert handler fails, monit will simply drop the alert message. To
enable the event queue, add the following statement to the monit control file:


The is the path to the directory where events will be stored. Optionally if you want to limit the queue
size (maximum events count), use the slots option. If the slots option is not used, monit will store as many
events as the backend filesystem allows.


set eventqueue
basedir /var/monit
slots 5000

The events are stored in binary format, one file per event. The file size is ca. 130 bytes or a bit more (depend-
ing on the message length). The file name is composed of the unix timestamp, underscore and the service name, for


If you are running more then one monit instance on the same machine, you must use separated event queue directo-
ries to avoid sending wrong alerts to the wrong addresses.

If you want to purge the queue by hand (remove queued event-files), monit should be stopped before the removal.

monit provides a service timeout mechanism for situations where a service simply refuses to start or respond over
a longer period. In cases like this, and particularly if monit’s poll-cycle is low, monit will simply increase
the machine load by trying to restart the service.

The timeout mechanism monit provides is based on two variables, i.e. the number the service has been started and
the number of poll-cycles. For example, if a service had x restarts within y poll-cycles (where x <= y) then
monit will timeout and not (re)start the service on the next cycle. If a timeout occurs monit will send you an
alert message if you have register interest for this event.

The syntax for the timeout statement is as follows (keywords are in capital):


Where the first number is the number of service restarts and the second, the number of poll-cycles. If the number
of cycles was reached without a timeout, the service start-counter is reset to zero. This provides some granular-
ity to catch exceptional cases and do a service timeout, but let occasional service start and restarts happen
without having an accumulated timeout.

Here is an example where monit will timeout (not check the service) if the service was restarted 2 times within 3

if 2 restarts within 3 cycles then timeout

To have monit check the service again after a timeout, run ’monit monitor service’ from the command line. This
will remove the timeout lock in the daemon and make the daemon start and check the service again.

Monit provides several tests you may utilize in a service entry to test a service. Basically here are two classes
of tests: variable and constant object tests.

Constant object tests are related to failed/passed state. In the case of error, monit will watch whether the
failed parameter will recover – in such case it will handle recovery related action. General format:


For constant object tests if the should validate to true, then the selected action is executed each cycle
the condition remains true. The value for comparison is constant. Recovery action is evaluated only once (on
failed->passed state change only). The ’ELSE IF PASSED’ part is optional – if omitted, monit will do alert action
on recovery by default. The alert is delivered only once on each state change unless overridden by ’reminder’
alert option.

Variable object tests begins with ’IF CHANGED’ statement and serves for monitoring of object, which property can
change legally – monit watches whether the value will change again. You can use it just for alert or to involve
some automatic action, as for example to reload monitored process after its configuration file was changed.
Variable tests are supported for ’checksum’, ’size’, ’pid, ’ppid’ and ’timestamp’ tests only, if you consider
that other tests can be useful in variable form too, please let us know.


For variable object tests if the should validate to true, then the selected action is executed once and
monit will watch for another change. The value for comparison is a variable where the last result becomes the
actual value, which is compared in future cycles. The alert is delivered each time the condition becomes true.

You can restrict the event ratio needed to change the state:


This part is optional and is supported by all testing rules. It defines how many event occurrences during how
many cycles are needed to trigger the following action. You can use it in several ways – the core syntax is:


It is possible to use filling words which give the rule better first-sight sense. You can use any filling words
such as: FOR, TIMES, WITHIN, thus for example:

if failed port 80 for 3 times within 5 cycles then alert


if failed port 80 for 10 cycles then unmonitor
When you don’t specify the , it equals to by default, thus the rule applies when consecutive cycles of
inverse event occurred (relatively to the current service state).

When you omit it at all, monit will by default change state on first inverse event, which is equivalent to this

1 times within 1 cycles

It is possible to use this option for failed, passed/recovered or changed rules. More complex examples:

check device rootfs with path /dev/hda1
if space usage > 80% 5 times within 15 cycles
then alert
else if passed for 10 cycles then alert
if space usage > 90% for 5 cycles then
exec ’/try/to/free/the/space’
if space usage > 99% then exec ’/stop/processess’

Note that the maximal cycles count which can be used in the rule is limited by the size of ’long long’ data type
on your platform. This provides 64 cycles on usual platforms currently. In the case that you use unsupported
value, the configuration parser will tell you the limits during monit startup.

You must select an action to be executed from this list:

· ALERT sends the user an alert event on each state change (for constant object tests) or on each change (for
variable object tests).
RESTART restarts the service and sends an alert. Restart is conducted by first calling the service’s regis-
tered stop method and then the service’s start method.

· START starts the service by calling the service’s registered start method and send an alert.

· STOP stops the service by calling the service’s registered stop method and send an alert. If monit stops a
service it will not be checked by monit anymore nor restarted again later. To reactivate monitoring of the
service again you must explicitly enable monitoring from the web interface or from the console, e.g. ’monit
monitor apache’.

· EXEC may be used to execute an arbitrary program and send an alert. If you choose this action you must state
the program to be executed and if the program require arguments you must enclose the program and its argu-
ments in a quoted string. You may optionally specify the uid and gid the executed program should switch to
upon start. For instance:

exec “/usr/local/tomcat/bin/”
as uid nobody and gid nobody

This may be useful if the program to be started cannot change to a lesser privileged user and group. This is
typically needed for Java Servers. Remember, if monit is run by the superuser, then all programs executed by
monit will be started with superuser privileges unless the uid and gid extension was used.

· MONITOR will enable monitoring of the service and send an alert.

· UNMONITOR will disable monitoring of the service and send an alert. The service will not be checked by monit
anymore nor restarted again later. To reactivate monitoring of the service you must explicitly enable moni-
toring from monit’s web interface or from the console using the monitor argument.


Monit can examine how much system resources a services are using. This test may only be used within a system or
process service entry in the monit control file.

Depending on the system or process characteristics, services can be stopped or restarted and alerts can be gener-
ated. Thus it is possible to utilize systems which are idle and to spare system under high load.

The full syntax for the resource-statements used for resource testing is as follows (keywords are in capital and
optional statements in [brackets]),

IF resource operator value [[] CYCLES] THEN action [ELSE IF PASSED [[] CYCLES] THEN action]

resource is a choice of “CPU”, “CPU([user|system|wait])”, “MEMORY”, “CHILDREN”, “TOTALMEMORY”, “LOAD-
AVG([1min|5min|15min])”. Some resources can be used inside of system service container, some in process service
container and some in both:

System only resource tests:

CPU([user|system|wait]) is the percent of time that the system spend in user or system/kernel space. Some sys-
tems such as linux 2.6 supports ’wait’ indicator as well.

Process only resource tests:

CPU is the CPU usage of the process and its children in parts of hundred (percent).

CHILDREN is the number of child processes of the process.

TOTALMEMORY is the memory usage of the process and its child processes in either percent or as an amount (Byte,
kB, MB, GB).
: System and process resource tests:

MEMORY is the memory usage of the system or in the process context of the process without its child processes in
either percent (of the systems total) or as an amount (Byte, kB, MB, GB).

LOADAVG([1min|5min|15min]) refers to the system’s load average. The load average is the number of processes in
the system run queue, averaged over the specified time period.

operator is a choice of “”, “!=”, “==” in C notation, “gt”, “lt”, “eq”, “ne” in shell sh notation and
“greater”, “less”, “equal”, “notequal” in human readable form (if not specified, default is EQUAL).

value is either an integer or a real number (except for CHILDREN). For CPU, MEMORY and TOTALMEMORY you need to
specify a unit. This could be “%” or if applicable “B” (Byte), “kB” (1024 Byte), “MB” (1024 KiloByte) or “GB”
(1024 MegaByte).

action is a choice of “ALERT”, “RESTART”, “START”, “STOP”, “EXEC”, “MONITOR” or “UNMONITOR”.

To calculate the cycles, a counter is raised whenever the expression above is true and it is lowered whenever it
is false (but not below 0). All counters are reset in case of a restart.

The following is an example to check that the CPU usage of a service is not going beyond 50% during five poll
cycles. If it does, monit will restart the service:

if cpu is greater than 50% for 5 cycles then restart

See also the example section below.






Run Control Syntax

Comments begin with a ’#’ and extend through the end of the line. Otherwise the file consists of a series of
service entries or global option statements in a free-format, token-oriented syntax.

There are three kinds of tokens: grammar keywords, numbers (i.e. decimal digit sequences) and strings. Strings
can be either quoted or unquoted. A quoted string is bounded by double quotes and may contain whitespace (and
quoted digits are treated as a string). An unquoted string is any whitespace-delimited token, containing charac-
ters and/or numbers.

On a semantic level, the control file consists of two types of entries:

1. Global set-statements
A global set-statement starts with the keyword set and the item to configure.

2. One or more service entry statements.
Each service entry consists of the keywords ‘check’, followed by the service type. Each entry requires a
descriptive name, which may be freely chosen. This name is used by monit to refer to the service
internally and in all interactions with the user.

Currently, six types of check statements are supported:

is the absolute path to the program’s pidfile. If the pidfile does not exist or does not contain the
pid number of a running process, monit will call the entry’s start method if defined, If monit runs in pas-
sive mode or the start methods is not defined, monit will just send alerts on errors.

is the absolute path to the file. If the file does not exist or disappeared, monit will call the

I got reaaly bored reading this documentation and started straightway by editing the monitrc file.. It’s working great… 🙂

Why doesn’t SpamAssassin work in cPanel 11?

September 4, 2007

Source: cPAnel FAQ.

Make sure that you are using Perl 5.8.8 which is recommended with cPanel 11.

Prior to upgrading Perl, it is a good idea to ensure that each module gets carried over to the update Perl version using the “autobundle” CPAN feature. You will need to execute this command via root in SSH:

perl -MCPAN -e ‘autobundle’

Once this is complete, you should have the the following outputted before returning to the shell:

‘Wrote bundle file /home/.cpan/Bundle/’

Make a note of the filename before proceeding with the update.

– To update to Perl 5.8.8 on Linux based servers:

cd /root
tar -zxf perl588installer.tar.gz
cd perl588installer

– To update to Perl 5.8.8 on FreeBSD based servers:

cd /usr/ports/lang/perl5
make && make install

Once the update is complete, you can restore all the previously installed modules from the CPAN bundle that was created by executing:

perl -MCPAN -e ‘install Bundle::Snapshot_2007_08_16_00’

Make sure that you replace the bundle name with the one that was generated earlier.

We should now make sure that all modules required by cPanel 11 are installed and restart cPanel: