Plesk

Plesk configuration file monitor (cfgmon)

cfgmon (Configuration file monitor) is a tool that lets you control changes in configuration files of Parallels Plesk Panel.
This tool is pretty like a simplistic revision control system.

What Problems Does This Tool Solve?

First, it’s troubleshooting issues with functioning of Panel and related services. Additionally, the history of changes in configuration files can help with finding local problems, performance regression, and so on.

How It Works

The working principle of the cfgmon tool is pretty simple. It has a list of files that it should monitor. Every time the Daily Maintenance script is executed, it runs cfgmon –save-all. This call compares each file from the list with its stored version and, if differences are found, saves the current version in the storage as well.

This lets you track configuration file changes that led to service malfunctioning no matter how they have been made: by server administrators, third-party scripts, package manager, or the Control Panel itself. You can find the changes by viewing the date of the latest modification or by comparing several revisions if the files were changed regularly.

An Example

Suppose that the FTP service on your server has suddenly stopped working.

$ telnet 10.52.45.180 21
Trying 10.52.45.180...
telnet: Unable to connect to remote
host: Connection refused

Probably, no services are listening on the port 21. However, this port can be served not only by *ftpd, but also by xinetd (default in plesk).
However, xinetd is working:

root@a10-52-45-180:~# ps ax | grep xinetd
 29975 ?        Ss     0:00 /usr/sbin/xinetd -pidfile /var/run/xinetd.pid -stayalive
 30075 pts/1    R+     0:00 grep xinetd

Let’s use the configuration files monitor:

root@a10-52-45-180:~# plesk bin cfgmon --save-all
File "/etc/xinetd.d/ftp_psa" was stored successfully.
root@a10-52-45-180:~# plesk bin cfgmon --list-all
 TimeStamp              File path
 2013-05-23 06:09:59    /opt/psa/admin/conf/site_isolation_settings.ini
 ...
 2013-05-23 06:09:59    /etc/xinetd.d/chargen
 2013-05-23 06:09:59    /etc/xinetd.d/time
 2013-05-23 06:09:59    /etc/xinetd.d/echo
 2013-05-23 06:09:59    /etc/xinetd.d/discard
 2013-05-23 06:09:59    /etc/xinetd.d/daytime
 2013-05-24 01:25:38    /etc/xinetd.d/ftp_psa

First, we’re calling the tool with the –save-all key (as Panel itself does it) so that all changes in the configuration files are saved in the storage.

Now, we’re calling the tool with the –list-all option and see the time of the latest modification and path to each configuration file. The list is sorted by the modification date and the files modified most recently are at the end of the list.

Looking at the example, we can guess that the problem is in /etc/xinetd.d/ftp_psa:  Yesterday (2013-05-23) the FTP service worked and now it doesn’t; the file was modified 2013-05-24 – last night.

Now we will use the tool to see the history of the file modifications.

root@a10-52-45-180:~# plesk bin cfgmon -s /etc/xinetd.d/ftp_psa
Rev.    TimeStamp        File path                In Storage
 55    2013-05-23 06:09:59    /etc/xinetd.d/ftp_psa                /var/lib/plesk/cfgmon/ftp_psa_2013_05_23_13_09_59_368687
 57    2013-05-24 01:25:38    /etc/xinetd.d/ftp_psa                /var/lib/plesk/cfgmon/ftp_psa_2013_05_24_08_25_37_983646

We can see that this file was modified twice. Let’s compare the current revision with the previous one. There is a number of ways to do this; we will use the standard UNIX utility diff.

root@a10-52-45-180:~# diff -u /var/lib/plesk/cfgmon/ftp_psa_2013_05_23_13_09_59_368687 /var/lib/plesk/cfgmon/ftp_psa_2013_05_24_08_25_37_983646
--- /var/lib/plesk/cfgmon/ftp_psa_2013_05_23_13_09_59_368687    2013-05-23 13:09:59.000000000 +0700
+++ /var/lib/plesk/cfgmon/ftp_psa_2013_05_24_08_25_37_983646    2013-05-24 08:25:38.000000000 +0700
@@ -6,7 +6,7 @@
 service ftp
 {
    flags       = IPv6
-        disable        = no
+        disable        = yes
         socket_type     = stream
         protocol        = tcp
         wait            = no

It seems that one of server administrators wanted to play a joke on us or mixed up the production server with a testing one: The FTP service is disabled.

Let’s open the file in a text editor and change the parameter disable = yes to disable = no.

root@a10-52-45-180:~# vim /etc/xinetd.d/ftp_psa 
root@a10-52-45-180:~# cat /etc/xinetd.d/ftp_psa 
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST AFTER YOU UPGRADE PARALLELS PLESK PANEL.

service ftp
{
        flags           = IPv6
        disable         = no
        socket_type     = stream
        protocol        = tcp
        wait            = no
        user            = root
        instances       = UNLIMITED
        server          = /usr/sbin/in.proftpd
        server_args     = -c /etc/proftpd.conf
}

Now, let’s restart xinetd and check whether FTP is working.

root@a10-52-45-180:~# /etc/init.d/xinetd restart
Stopping internet superserver: xinetd.
Starting internet superserver: xinetd.
root@a10-52-45-180:~# logout
Connection to 10.52.45.180 closed.
[user@user] $ telnet 10.52.45.180 21
Trying 10.52.45.180...
Connected to 10.52.45.180.
Escape character is '^]'.
^]
telnet> Connection closed.

Although this example is artificial, we hope that it explains well the capabilities of the cfgmon tool. Software developers use revision control systems for viewing the history of changes in the code, searching for error causes, rolling back to the latest working revision, and so on. Now Plesk users have a similar tool too. The tool is shipped as a part of the Panel core and you can use it any time.

Exit mobile version