Skip to content

Instantly share code, notes, and snippets.

@fliphess

fliphess/syntax_checks.md

Last active December 6, 2018 10:04
Show Gist options
  • Save fliphess/628e375618104332474eb75018a03cca to your computer and use it in GitHub Desktop.
Save fliphess/628e375618104332474eb75018a03cca to your computer and use it in GitHub Desktop.
Download ZIP
Syntax checks for several daemons
Raw
syntax_checks.md

Table of Contents

SSH

	sshd -t

Example:

    root@rockbox:/usr/share/nginx/html# sshd -t
    Could not load host key: /etc/ssh/ssh_host_ed25519_key

Notes:

  • -t indicates test which is a common options in servers to test configurations.
  • Most of these commands are run as root.

vsftpd

    vsftpd

Example:

    root@rockbox:/usr/share/nginx/html# vsftpd
    500 OOPS: could not bind listening IPv4 socket

ProFTPd

proftpd -t

or

proftpd -t -c /path/to/proftpd.conf

ISC dhcpd

    dhcpd -t -cf /path/to/dhcpd.conf

Notes:

  • -cf is a single options, it’s not -c and -f. And -cf stands for config-file

MySQL

    mysqld --help

Varnish

    varnishd -C -f /etc/varnish/default.vcl

Haproxy

    haproxy -c -V -f /etc/haproxy/haproxy.cfg

Notes:

  • To prevent errors, it's safer to check all config files rather than only the main config file: 
      haproxy -c $(for i in /etc/haproxy/*.cfg; do echo "-f $i"; done)

Apache

  • On RedHat Derived:

    httpd -t

  • On Debian Derived

    apache2ctl -t

Nginx

nginx -t

Or use:

    service nginx configcheck

Lighttpd

    lighttpd -t -f /etc/lighttpd/lighttpd.conf

PHP-FPM

  • For php5:

    php-fpm5 -t

  • For php7.0:

    php-fpm7.0 -t

  • For php7.1:

    php-fpm7.1 -t

  • For php7.2:

    php-fpm7.2 -t

Note:

To check a new configuration file, use:

    php-fpm7.0 -t -y /path/to/file.conf

Sudo

visudo -c

Or to verify a single sudoers.d file:

visudo -cf /etc/sudoers.d/webdev

Syslog

syslog-ng -F -s -f /path/to/config

Logrotate

logrotate -d /etc/logrotate.conf

Samba

    testparm

Example:

    root@rockbox:~$ testparm
    Load smb config files from /etc/samba/smb.conf
    Loaded services file OK.
    Server role: ROLE_STANDALONE

Postfix

    postfix check

Or use:

    postfix -vv

Exim

    exim -bV

Dovecot

    doveconf -c /etc/dovecot/dovecot.conf -n

Ldap - Slapd

    slaptest -f /etc/slapd.conf

Icinga / Nagios

  • Icinga:

    icinga -v /etc/icinga/icinga.cfg

  • Nagios:

    nagios3 -v /etc/nagios/nagios.cfg

Or alternatively use the init script:

/etc/init.d/icinga show-errors

Or

/etc/init.d/nagios3 show-errors

Squid

    squid -k check

Or use:

    squid -k parse

Bind

    named-checkconf /etc/bind/named.conf

Example:

    named-checkconf named.conf
    Syntax OK

Check syntax errors in zone files

    named-checkzone domain-name /var/cache/bind/some_zone.db

Example:

    named-checkzone example.com /var/named/chroot/var/named/exaple-zone.frd
    named-checkzone example.com /var/named/chroot/var/named/exaple-zone.rev

Unbound

unbound-checkconf /etc/unbound/unbound.conl

dnsmasq

    dnsmasq --test

TCP Wrappers

    tcpdchk -v

Filebeat

    /usr/bin/filebeat.sh -v -c /etc/filebeat/filebeat.yml -configtest -d "*"

Bacula

    /usr/sbin/bacula-dir -t -c /etc/bacula/bacula-dir.conf
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment