Updating Ubuntu LTS

I have a small site that was running Ubuntu 16.04 LTS and upgraded it to 18.04 with no issues. I have a couple of customizations in my php.ini and the location where I store my email and because I accepted the maintainer’s version of the PHP and Exim4 files, I had to update a few files to get everything working as before. Not a big deal and the whole process took about a half hour.

On my main site, I was running Ubuntu 14.04 LTS and it was a major project to update. There were times that I considered reverting to the snapshot I took just before I started the update process, but I got everything working about the same as it was before.

The first issue I encountered was with the update to the Linux kernal. The instructions recommended that I go to the Linode control panel and change the Boot Settings Kernel to Grub. When I did that, the server wouldn’t reboot. So I picked the Latest 64 bit version instead and rebooted fine.

Because I was on an older version I had to update in stages. Somewhere along the line it messed up my MySQL install. So I removed MySQL and installed MariaDB. That ended up causing a lot of work which I’ll get to later.

Restoring mail service was pretty straightforward—just changing the location of the virtuals files.

After working through the install process I loaded all of my sites and some displayed properly, some displayed without most of the formatting and some displayed a blank page. It took a while to figure out what was going on. WordPress sites weren’t displaying because of database access issues. There was lots of really weird behaviour on the other sites that I eventually tracked down to permissions problems on a shared styles folder. For example, if I accessed a site with sitename.com things looked fine. But if I accessed it with www.sitename.com, I got no formatting. And in one case it redirected to the default site for the server. It took quite a while to figure out what was happening but eventually I tracked it down to a permissions problem. I keep styles that I use on all my sites in a sim-linked folder in /www/common/Styles. After I changed all of the file permissions to -rw-rw-r– and the directory permissions to dr-xr-xr-x, the sites started behaving normally.

The MySQL issues were much more difficult to resolve and took the better part of two days. There were enough changes to the users file that I couldn’t just copy it into /var/lib/mysql. I went with the default install and then took then loaded users (and their database permissions) from my mysqldump from the night before. I took the opportunity to delete users who no longer needed access to the system and clean up some of the permissions on those who remained.

Copying the sql files from a backup copy worked for most tables, however there were some that only had a .frm file and no MYD and MYI file. PhpMyAdmin showed them as being “in use” and would not display their contents. I reloaded their contents from the mysqldump. That solved most of my website display problems, but I couldn’t log into any WordPress installations. That turned out to be a permissions problem. I changed the user and group of all the sql files to mysql and then changed all of the permissions on the files to -rw-rw-r– and folders to drwxr-xr-x. Now all of my sites were displaying properly.

The only problem was with the order confirmation page. I got an error Cannot start session when headers already sent error. I had a redirect on one page that was in fact trying to redirect after some html had already been sent. Not sure why it worked before, but putting in a conditional to not load the html if the page was going to be redirected fixed it.

The order page still didn’t work and the reason was that it used mc_encrypt which is no longer supported in PHP 7.2. I updated the files to use openssl_encrypt and everything works as before. I didn’t write the original order form code so it took a while to understand how the encryption works. There are lots of examples out there, including on the PHP.net site, so I won’t go into detail about what I did. Understanding and implementing the new encryption method probably took around three hours.

An older set of pages that used mysql_real_escape_string also failed to load because mysql_real_escape_string was no longer supported. In this case, replacing it with htmlspecialchars solved the problem and should have been what I used to begin with. This section of the site also had some date returns that did not correctly use the date function. I replaced $thisMonth = date(F); with $thisMonth = date(‘F’); and did the dame thing with $thisDay = date(d);

For some reason, aptitude wasn’t upgraded so I had to install it when I did the first update of the site.

Server Unavailable error

A PHP-based web site on a server that I manage was failing to load. It worked a few months ago when I set it up and the owner didn’t notice that it was failing. When I looked at the error log I got these messages.

[Wed Aug 08 07:45:21.627045 2018] [proxy:error] [pid 32113:tid 139735343294208] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /run/php/php7.2-fpm.sock (*) failed
[Wed Aug 08 07:45:21.627334 2018] [proxy_fcgi:error] [pid 32113:tid 139735343294208] [client] AH01079: failed to make connection to backend: httpd-UDS

Since it said that fpm.sock failed, I thought that maybe the mod was no longer enabled so I tried a2enmod proxy_fcgi but it said that it was already enabled.

There was some info on dependencies on various help sites, so I figured that at some point an aptitude safe-upgrade command might have messed things up. So I figured that running these commands might help, and it did.

sudo apt-get update
sudo apt-get upgrade

Reading through the install messages I noticed this:

Setting up php7.2-fpm (7.2.7-0ubuntu0.18.04.2) ...
Package apache2 is not configured yet. Will defer actions by package php7.2-fpm.
Replacing config file /etc/php/7.2/fpm/php.ini with new version
NOTICE: Not enabling PHP 7.2 FPM by default.
NOTICE: To enable PHP 7.2 FPM in Apache2 do:
NOTICE: a2enmod proxy_fcgi setenvif
NOTICE: a2enconf php7.2-fpm

So it looks like proxy_fcgi somehow got enabled and was causing problems. It is a small site with little traffic, so I decided to leave well enough alone and not enable the mod.

Banner day for scamming.

Two scams that are in the news hit our household today.

The first was a sextortion email. This one was a copycat though, since it had an an email address that was obviously found through a hack (vendorname@wellgolly.com), but they didn’t have the password to prove that they’d been monitoring the webcam.

And then I got to talk to a “Microsoft Security Team” member that was informing me that the internet on my computer was illegal. I tried to get him to clarify what he meant by expressing confusion about how the internet was on my computer, since as far as I know, it is outside my house, but I wasn’t able to string him along. And just for a point of reference, we only use Macs, iPads, and iPhones here, so there was no way that they detected “Illegal internet activity on my Windows”.