Chapter 25. Troubleshooting Symbiosis

Table of Contents

25.1. Database problems?
25.2. Firewall problems?
25.3. Package problems?
25.4. Permission problems?
25.5. SSL problems?

We’re happy to accept bug reports via our usual support system. But you can make it easier for us to assist you if you check the common things first.

We have produced an FAQ which might answer the questions you’re asking.

If none of the suggestions on this help it would aid us if you were very specific about the problem you’re experiencing.

25.1. Database problems?

If you already had a password configured for the MySQL database prior to installing our packages it will be unchanged. The password for the root user is only changed if it is unset when the packages are installed or updated for the first time.

The Debian MySQL packages create a local user for automated use, so if you’re unsure of your MySQL password you may use this login to reset it. You may find details of the Debian login contained in the file /etc/mysql/debian.cnf.

25.2. Firewall problems?

You, or a customer with FTP or SFTP/SSH access, may become locked out of the machine if repeated attempts are made to access the machine incorrectly

If you believe you’ve become locked out, via the firewall, it is possible to fix this if you have another means of connecting to your server.

Note

Users who have their hosting with Bytemark will be able to use the Console Shell to gain access to their machine, even if the network is disabled, or the firewall is refusing direct connections.

  1. Using your fall-back connection method connect to your server.

  2. Navigate to the /etc/symbiosis/firewall/blacklist.d directory with the command cd /etc/symbiosis/firewall/blacklist.d

  3. Check the contents of the directory with the command ls /etc/symbiosis/firewall/blacklist.d; the presence of the file <ip address>.auto confirms the problem.

  4. remove the file, rm /etc/symbiosis/firewall/blacklist.d/<ip address>.auto and restart the firewall with the command firewall

Tip

You can whitelist an IP address to ensure it is never blocked by the Symbiosis firewall. Create the directory /etc/symbiosis/firewall/whitelist.d/ and the file /etc/symbiosis/firewall/whitelist.d/<ip address>. Note that you do not add ".auto" to that filename.

25.3. Package problems?

Every evening your system will be configured to update itself. This ensures that you’ll have any Debian-provided security updates applied to your system. It will also update your system to the latest available collection of the Bytemark Symbiosis packages.

If your system fails to update you may correct this by running, as root:

apt-get update
apt-get dist-upgrade
apt-get -f install

25.4. Permission problems?

The mail-server and FTP-server we’re running will refuse to work with directories which are owned by the root user.

If you find that you’ve added a new site/mailbox to your system and it doesn’t work but existing ones do then this is most likely the source of the problem.

Unless you’re handling ownership in a special way you may reset the permissions to avoid this problem by running the following command:

chown -R admin.admin /srv/

25.5. SSL problems?

If you run into problems with the configuration of SSL-based sites please get in touch, this support is still very new and there might be a couple of kinks to work out of the process.

The most common problem is that you need to install a "bundle" or keychain file.

If the missing keychain/bundle is the problem you’ll see this logged in the Apache SSL error file beneath /var/log/apache2. Each generated SSL-site will use its own logfile - rather than the global access.log and error.log file. So taking a look at that could be useful with the shell command:

tail /var/log/apache2/*ssl*.log

You should be able to validate the combined SSL private key and certificate via the use of the openssl tool; run the shell command:

openssl verify /srv/my-brilliant-site.com/config/ssl.key
..
error 18 at 0 depth lookup:self signed certificate
OK

You’re looking for the "OK" at the end, rather than the error message which is harmless.