Configuration syntax checking and/or testing is a key step to perform after making changes to an application’s or service’s configuration file or even after running updates. This helps to reduce the chances of the service failing to restart due to configuration errors.
Several applications/programs or service daemons ship with commands to check configuration files for syntax correctness. We have put together a list of common applications and services on Linux systems and how to test or validate their configuration files.
Note: Use if you are not logged on a server as the root user, remember to use the sudo command where necessary while invoking a command because some services run with root privileges, and checking their configuration files requires root user permissions.
1. Sudo Command
You can check the sudo configuration file syntax using the visudo command, which supports a --check or -c command line option to only validate a file without an edit. The -f option displays the error message and opens the file for editing:
# visudo -c /etc/sudoers OR # visudo -c /etc/sudoers.d/my_config OR # visudo -f /etc/sudoers.d/my_config
2. Bash Script
You can check Bash scripts for syntax errors as follows:
# bash -n /path/to/scriptname.sh
3. Perl Scripts
To check Perl scripts for syntax errors, use the following command:
# perl -c /path/to/scriptname
4. Systemd Unit Files
The “systemd-analyze verify” command allows for testing the systemd unit file for syntax errors. It loads unit files and prints warnings if any errors are detected.
By default, it loads files specified on the command line as an argument, and any other units referenced by them:
# systemd-analyze verify /etc/systemd/system/test.service
5. OpenSSH Server
To check the validity of the sshd configuration file and the sanity of the keys, issue the following command. To check a particular configuration file, specify it using the -f flag:
# sshd -t
6. NGINX Web Server
To check the NGINX configuration file, run the nginx command with the -t flag. To specify a different configuration file, use the -c flag:
# nginx -t OR # nginx -t -c /etc/nginx/conf.d/example.com.conf
7. PHP-FPM
To check the php-fpm configuration file, run the following command. Note that calling the -t flag twice (-tt) causes the configuration to be dumped before exiting:
# php-fpm -t OR # php-fpm -tt
8. Apache Web Server
You can then check the Apache web server configuration file using the following command:
# apachectl configtest
Alternatively, you can use the following commands on RedHat-based distributions:
# httpd -t
On Debian-based distributions, run:
# apache2ctl -t
9. HAProxy TCP/HTTP Load Balancer
HAProxy’s configuration can be tested using the following command where the -f option specifies the file and -c enables test mode:
# haproxy -f /etc/haproxy/haproxy.cfg -c
10. Lighttpd HTTP Server
Run the following command to test Lighttpd’s configuration file syntax. The -t command line option enables Lighttpd to test the default configuration file for syntax errors and exit. Use the -f flag to specify a custom configuration file:
# lighttpd -t OR # lighttpd -t -f /path/to/config/file
11. Apache Tomcat
Tomcat web server allows for basic configuration syntax check. First, move into your tomcat installation directory and issue the following command:
# ./bin/catalina.sh configtest OR # $TOMCAT_HOME/bin/catalina.sh configtest
12. Pound Reverse Proxy
You can parse the Pound server configuration file before starting the server. Run the pound command with the -c flag without any other argument to check the default configuration file. You can specify a different configuration file using the -f command line option:
# pound -c OR # pound -f /path/to/config/file -c
13. Varnishd HTTP Accelerator
To check the varnishd VCL (Varnish Configuration Language) file syntax for any errors, use the following command. If all is OK, the varnish will dump out the generated configuration, otherwise, it will display a specific line number in the file which has an error:
# varnishd -C OR # varnishd -f /etc/varnish/default.vcl -C
14. Squid Proxy Caching Server
To pass the squid configuration file for the Squid proxy caching server, issue the following command. The -k option together with the parse or debug subcommands, tell the squid daemon to parse the configuration file or enable debugging mode respectively:
# squid -k parse # squid -k debug
15. Caddy Web Server
To expose any errors in the Caddy web server configuration, issue the following command. The first one checks the default configuration, alternatively, use the --config command line option to specify a configuration file:
# caddy validate OR # caddy validate --config /path/to/config/file
16. vsftpd FTP Server
Run the following command to test the configuration file for the vsftpd FTP server:
# vsftpd OR # vsftpd -olisten=NO /path/to/vsftpd.testing.conf
17. DHCPD Server
Run the dhcpd command with the -t flag to check the configuration syntax of the dhcpd server:
# dhcpd -t OR # dhcpd -t -cf /path/to/dhcpd.conf
18. MySQL Database Server
Use the following command to test the MySQL database server configuration file syntax. After running the command, if there are no errors, the server terminates with an exit code of 0, otherwise, it displays a diagnostic message and terminates with an exit code of 1:
# mysqld --validate-config
19. MariaDB Database Server
The same command used for the MariaDB database server also works for checking the Mariadb database server configuration file syntax:
# mysqld --validate-config
20. PostgreSQL Server
The following screenshot shows an error in the PostgreSQL configuration file.
To detect such an error, switch to the postgres database user account and access the psql shell. Then run the command to identify errors in your configuration file:
postgres=# select sourcefile, name,sourceline,error from pg_file_settings where error is not null;
21. Nagios Monitoring Tool
To verify your Nagios configuration, run the nagios command with the -v flag.
# nagios -v /usr/local/nagios/etc/nagios.cfg
22. Monit Monitoring Tool
Run the monit command with the -t flag to perform a syntax check for the default Monit control file. You can specify a particular control file, use the -c flag:
# monit -t OR # monit -t -c path/to/control/file
23. Postfix Mail Server
The following command will help you check Postfix’s configuration files for syntax errors.
# postfix check
This second command is more verbose than the first:
# postfix -vvv
24. Dovecot IMAP Server
Check the Dovecot IMAP server configuration syntax using the doveconf command. It will exit with a zero error code if all is OK, otherwise, it exits with a non-zero error code and displays the error message:
# doveconf 1>/dev/null # echo $?
25. Samba File Server
You can check the Samba file server configuration file using the following command:
# testparm -v
26. Syslogd/Rsyslogd
When you invoke the rsyslod command with the -N1 option, it will enable debug mode and also checks the default configuration file for syntax errors. Use the -f flag to read a custom configuration file:
# rsyslogd -N1
27. DNS (BIND) Server
You can check the DNS named configuration file as follows:
# named-checkconf /etc/named.conf
28. NTP – Network Time Protocol
The ntpd configuration syntax can be tested using the following command, where the -d flag enables verbose debug mode, -f specifies the frequency drift filename, and -n implies no fork:
# ntpd -d -f /etc/ntp.conf -n
29. OpenStack-Ansible
Run the following command to check the syntax of an OpenStack-ansible configuration file:
# openstack-ansible setup-infrastructure.yml --syntax-check
30. Logrotate
To debug a logroate (log rotation facility) configuration file, run the logrotate command with the -d option and specify the configuration file:
# logrotate -d /etc/logrotate.d/nginx
That’s all we had for you in this guide. Share your thoughts with us or ask questions via the feedback form below. You can as well share more examples of how to check the configuration syntax of any applications or services not listed here. We shall gladly add your examples to the guide.
