I updated the Kernal on my server and in doing so - I somehow monkeyed up some DNS settings or something.

The server is unable to "see" anything on the internet. For example the main page of WHM is unable to connection to the web host manager news.

I can't update Apache as it can't connect... and no email is getting in and out.

If I login to the server I cannot ping another server.

I've checked the resolv.conf file - what else should I check?

Thanks. :)

what procedure did you use to upgrade the kernel? is it possible that you used the Ensim specific instructions on a cpanel machine?

At any rate, post the instructions or the url to the instructions here, I might be able to help you out.

And post the contents of you lilo.conf file as well. That'll make things more clear.

Thanks. :)

First I ran

rhn_register

Then I did

/usr/sbin/up2date --nox -f kernel

Then I rebooted the server.

I'm not sure what the lilo.conf is, I found lilo.conf.anaconda which had this:

prompt
timeout=50
default=linux
boot=/dev/hda
map=/boot/map
install=/boot/boot.b
message=/boot/message
linear

image=/boot/vmlinuz-2.4.18-27.7.x
label=linux
initrd=/boot/initrd-2.4.18-27.7.x.img
read-only
root=/dev/hda2



Thanks. :)

I talked to an online tech the other day, all server beach linux boxes come with grub, not lilo installed.

I personally never let anything do my kernel compiles for me. There are too many things that can go wrong.

Are you able to log into your server? If so, you may only need to modify /etc/resolv.conf to some working DNS server. If you have one pointing to yourself, then perhaps you need to check your named server and see that it is functioning and can contact the root DNS servers of the internet.

Thank you.

Yes, everything is functional. Web etc... except you can't get email in and out and can't ping from the server.

I opened a ticket and Server Beach fixed it. Then I updated apache to fix the Zombie Process warning - and it broke again.

resolv.conf seems fine.

I replied to my ticket and told them it was broke again. I've repeatedly asked what the issue was - as I'd like to know how to fix it after apache updates etc... :p but nobody has told me yet. :(

They fixed it again - and told me what it was.

Turns out it wasn't really related to the update at all... it was that the named service was not started after update. (or upon reboot). :p

But they were fast to fix it once I opened a ticket. :)

Thats exactly what I thought it was. Next time if you're having issues like that, try pinging an IP address instead of a hostname; then you'll be certain it's your DNS server.

fyi in the future to upgrade your kernel I recommend you let WHM do it via the GUI EasyApache. this will let you control the kernel and how it gets intergrated into your system rather than a direct update from RH I will NEVER run up2date on any of my servers. MUCH MUCH to risky

Thanks - but will that upgrade the kernel? Before when I did that I continued getting the warning that I was running an insecure kernel.

:confused:

Maybe my named services wern't running then and it wasn't updating correctly? <shrug>

easyapache will update the kernel for u for insecure kernels it will not update when their is just a new kernel out until it is tested by cpanel and they have a build for u to use on their layer2.cpanel.net site. At least thats what i assume

whenver we get insecure apache like on the new .28 easyapache upgraded it for us. on all of our servers

cpanel lets you know that there is an insecure kernel. we're talking OS kernel. cpanel does not upgrade that. the latest version of cpanel will however let you do a re-compile of apache, that's different from upgrading the kernel.

Thank you. So in those cases up2date is the only way, right?

never upgrade your kernel via up2date. actually I would recommend you never use up2date ever again :P I dont know anyone who uses up2date on a cpanel box.

he he
This is why I'm confused. I got the up2date instructions from the Cpanel message boards. :p

Although I now see conflicting stuff there now too.

So are you saying if you just wait - and do updates through WebHostManager it'll eventually take care of the OS kernel upgrade?

I dont believe WHM will update the OS Kernel just insecurities.

WHM will show when reaching kernel that it is ignored.


according to cpanel.net forums which I use a lot. most people dont use up2date they hate it.


I just stick with what 8.0 RH gives me and if their are any problems via server with security WHM will tell me and ill do an easyapache.


I personally see no reason to start messing witht he OS kernel because 1 if the system no longer boots ServerBeach will charge you to reinstall the OS.


I personally want to make sure my server is up 24/7 and not force something that "May" work and "may" not.


anyone else feel the same way hehe... Plus I get a little iffy about RH kernels because im not actually AT the computer its in their datacenter so its not like I can phsically fix it myself if the system doesn't boot hehe..

not using up2date is a personal preference. i actually got some guidance from the sb folks who forwarded me some instructs from rh on the updates.. i'll post those later when i get to my other computer.

there is definitely a danger of screwing up your server because of the kernel updates. i would recommend a full backup, of course before you start. remember that sb gives you a free remote reboot option but that won't do you much good if you can't get the telnet or ssh daemon to run.

just take the normal precautions. personally, i would rather risk a kernel update (why should you i be afraid of it? and this won't be the last time i face this problem, i should learn how to do it) than get the possibility of being hacked because of program flaws or because i'm afraid to update the kernel. besides RH has a policy of obselesence that they won't support a version for so many months after the newer version comes out, this includes fixes and updates from what i understand.

it's your server, so decide for yourself, just weigh your risk factors.

not to scare you, but standard disclaimer... use this information at your own risk. these are instructions from a forum that a tech forwarded to me. i haven't had the time to try it yet, but the instructions seem sound. so be forewarned... Any corrections or comments are welcomed.

~~~~~
HOWTO Kernel Upgrade using rpms and up2date
__________________________________________________ _

ALERT: Redhat has issued an updated kernel-2.4.20-18.7 that supposedly addresses SOME of the previously discovered quota issues discovered with kernel 2.4.20-13.7 https://rhn.redhat.com/errata/RHSA-2003-187.html

Redhat has issued ANOTHER kernel update 2.4.18-27.
The errata information is here: http://rhn.redhat.com/errata/RHSA-2003-098.html I have been successful upgrading the kernel to redhat 2.4.18-27 on a
Plain Redhat 2.0 GHZ P4 using up2date with the following procedure. The process is identical with an Ensim P4.

This HOWTO assumes that you have already registered your system with the Redhat Network. If not, STOP and do a search for rhn_register.

If you are running a kernel version OLDER than 2.4.18-26 please read the "Note:" messages carefully. To check the current version of kernel(s) you have installed ( the rpm version) type the following at a bash prompt when logged in as root:

rpm -q kernel

If this displays more than one version number, the largest number is most likely the version you are running. If in doubt compare with:

uname -r

Which shows the actual RUNNING kernel version.

Before you begin this procedure you should have applied ALL other patches and updates required for your system. Check the Ensim and other threads for details on what other patches are SAFE to install.

Make sure you do step (1) first to disable automatic installs by up2date before proceeding.

While this procedure worked perfectly for me and the others who
responded on this thread (and also should for you) it is posted without warranty! I won't be responsible if you need a restore

(1) "su -" to root.

type: up2date --configure

Make sure
item 8 (retrieve only) is set to yes
item 24 (pkgskiplist) is blank
Save changes and type

up2date --configure

again to confirm that the changes have taken place.

(2) Type:

up2date -u

This command will retrieve all required packages for the kernel update to /var/spool/up2date. You should see progress bar as files are downloaded from the Red Hat Network. DO NOT proceed if you get any error messages.

(3) Verify files have been downloaded

cd /var/spool/up2date
ls -la

and verify that following rpm files are there (Versions will differ if
you are not running RH 7.2):

kernel*.rpm (there may be several kernel files ending in .rpm)

Note: The following files will ONLY be present if you are upgrading from a Kernel version OLDER than 2.4.18-17
------------------------------------------
iptables-1.2.5-3.i386.rpm
modutils-2.4.18-3.7x.i386.rpm
MAKEDEV-3.3-4.i386.rpm
dev-3.3-4.i386.rpm
------------------------------------------


(4) Verify checksums on the kernel files by comparing the result of :

md5sum kernel*.rpm

with the values at this link:
[http://rhn.redhat.com/errata/RHSA-2003-098.html

The other files shown above (which are present ONLY if you are running kernel OLDER than 2.4.18-17 )should be checked with

md5sum *.rpm

and compared with the values at this link:
https://rhn.redhat.com/errata/RHSA-2002-205.html

Make sure you check the correct Redhat 7.1 or 7.2 md5 values next to each package name. Also make sure you are also looking at the proper i386 or i686 versions on the kernel packages based on the filename.

Do NOT proceed if you have a mismatch!

(5) IF you have a kernel OLDER than 2.4.18-17 you must update the previously listed packages before the kernel like this:

rpm -Fvh iptables*.rpm
rpm -Fvh modutils*.rpm
rpm -Fvh MAKEDEV*.rpm
rpm -Fvh dev*.rpm

AND

If up2date has downloaded an rpm file called kernel-headers in the /var/spool/up2date directory do this

rpm -Uvh kernel-headers*.rpm

to update your kernel header file BEFORE actually installing the new kernel.

NOTE: There may be other files in the directory not listed here. DO NOT install them unless you know their exact purpose and compatibility with your installation.

(6) Save the existing lilo.conf

cp /etc/lilo.conf /etc/lilo.conf.old


(7) Install kernel

cd /var/spool/up2date

rpm -ivh the-actual-kernel-rpm-file-name

Replace "the-actual-kernel-rpm-file-name" in the command above with the full name of the kernel rpm that was downloaded into /var/spool/up2date. For example, the full name might be kernel-2.4.18-27.7.x.i686.rpm if you have an Intel system.

(Note use of -ivh to leave existing kernel as backup)
You should see a progress bar as packages are installed.
DO NOT proceed if you get any error messages you don't understand.

(8) Edit /etc/lilo.conf so it reads as follows:

Note: Before editing see note below if your current kernel version is NOT 2.4.18-26.7.x

Note: If you have a very old system your existing lilo.conf may not
contain lines beginning with "initrd". If that is the case, check
messages later in this thread for further instructions.

Note: If you are running an AMD machine or have one of the newer machines, your boot partition (root=/dev/hda2) may be different. If this is the case, use the partition shown in your EXISTING /etc/lilo.conf NOT the one shown here. Check the messages later in this thread for details.

--------begin -----
prompt
timeout=50
default=linuxnew
boot=/dev/hda
map=/boot/map
install=/boot/boot.b
message=/boot/message
linear

image=/boot/vmlinuz-2.4.18-26.7.x
label=linux
root=/dev/hda2
read-only
initrd=/boot/initrd-2.4.18-26.7.x.img

image=/boot/vmlinuz-2.4.18-27.7.x
label=linuxnew
root=/dev/hda2
read-only
initrd=/boot/initrd-2.4.18-27.7.x.img

----end -----

The new kernel is labelled linuxnew and will boot by default. Your
original kernel is labelled linux and can still be booted as a backup.

Note: If you are currently running a kernel version other than
2.4.18-26.7.x you MUST replace the first block of text with the
information appropriate for your system. For example if you are
currently running 2.4.9-34 replace:
------ begin -----
image=/boot/vmlinuz-2.4.18-26.7.x
label=linux
initrd=/boot/initrd-2.4.18-26.7.x.img
read-only
root=/dev/hda2
------------- end ------------

with

----------- begin ----------
image=/boot/vmlinuz-2.4.9-34
label=linux
initrd=/boot/initrd-2.4.9-34.img
read-only
root=/dev/hda2
----------- end -------------------

Double check the file names you should use by typing

ls -la /boot


(9) Execute lilo by typing

lilo -v -v

results should be:


[root@yoursystem root]# lilo -v -v
LILO version 21.4-4, Copyright (C) 1992-1998 Werner Almesberger 'lba32' extensions Copyright (C) 1999,2000 John Coffman

Reading boot sector from /dev/hda
Merging with /boot/boot.b
Secondary loader: 11 sectors.
Mapping message file /boot/message
Message: 46 sectors.
Boot image: /boot/vmlinuz-2.4.18-26.7.x
Setup length is 10 sectors.
Mapped 2082 sectors.
Mapping RAM disk /boot/initrd-2.4.18-26.7.x.img
RAM disk: 228 sectors.
Added linux
Boot image: /boot/vmlinuz-2.4.18-27.7.x
Setup length is 10 sectors.
Mapped 2083 sectors.
Mapping RAM disk /boot/initrd-2.4.18-27.7.x.img
RAM disk: 228 sectors.
Added linuxnew *
/boot/boot.0300 exists - no backup copy made.
Map file size: 29696 bytes.
Writing boot sector.

---------------------------------
Note: If you are currently running a kernel version other than
2.4.18-26.7.x the coressponding lines above will differ.

Look carefully for any errors before going on to step 10! DO NOT reboot if you get errors or don't understand any differences you see!

(10) Reboot with

reboot

(11) After the machine reboots you can update your package list on the Red Hat network by typing:

up2date -p

This will clear the errata list for your system on the Redhat Network.
-----------------------------------------------------------
Note: I know some of you up2date fans will say that this is way too LONG and could be shortened. Yes it could, but I have chosen to follow the path of safety over brevity when updating something as critical as the kernel.
~~~~~

<EOM>

Originally posted by icanectc
I dont believe WHM will update the OS Kernel just insecurities.

WHM will show when reaching kernel that it is ignored.


according to cpanel.net forums which I use a lot. most people dont use up2date they hate it.


I just stick with what 8.0 RH gives me and if their are any problems via server with security WHM will tell me and ill do an easyapache.


I personally see no reason to start messing witht he OS kernel because 1 if the system no longer boots ServerBeach will charge you to reinstall the OS.


I personally want to make sure my server is up 24/7 and not force something that "May" work and "may" not.


anyone else feel the same way hehe... Plus I get a little iffy about RH kernels because im not actually AT the computer its in their datacenter so its not like I can phsically fix it myself if the system doesn't boot hehe..

Do you know grub? that's the bootloader on the machine's at SB, you can make a bootmenu with the new kernel and the old one, if he can't boot in the new one you ask SB to reboot the server into the old kernel and your server is up and running again without any problems. You can even maybe ask SB what the error msg was on the screen when booting into the new kernel.