RealTechTalk (RTT) - Linux/Server Administration/Related

We have years of knowledge with technology, especially in the IT (Information Technology) industry. 

realtechtalk.com will always have fresh and useful information on a variety of subjects from Graphic Design, Server Administration, Web  Hosting Industry and much more.

This site will specialize in unique topics and problems faced by web hosts, Unix/Linux administrators, web developers, computer technicians, hardware, networking, scripting, web design and much more. The aim of this site is to explain common problems and solutions in a simple way. Forums are ineffective because they have a lot of talk, but it's hard to find the answer you're looking for, and as we know, the answer is usually not there. No one has time to scour the net for forums and read pages of irrelevant information on different forums/threads. RTT just gives you what you're looking for.

Latest Articles

  • Why SMART is not smart at all and doesn't properly predict disk errors that cause a kernel panic or crash


    Before getting into the output here is my typical experience with SMART, there is what I call a "bad disk" with pending and uncorrectable sectors that cannot be reallocated.
    It has caused a kernel panic and system crash repeatedly as we can see from the logs.
    But SMART says it has "PASSED" its self assessment.  SMART is still useful to me but it is more about looking at Current_Pending_Sector.
    Any time I have had anything but 0 for that attribute it means the disk is bad and is unusable (eg. will cause kernel panics).
    In this case even RAID doesn't help when the bad disk taints the kernel.
    
    First let's check this disk and see what SMART thinks
    
    smartctl -a /dev/sda
    
    === START OF INFORMATION SECTION ===
    Model Family:     Seagate Barracuda ES
    Device Model:     ST3750640NS
    Serial Number:    ABCAEAAA
    LU WWN Device Id: 5 000c50 0083422e5
    Firmware Version: 3BKH
    User Capacity:    750,156,374,016 bytes [750 GB]
    Sector Size:      512 bytes logical/physical
    Device is:        In smartctl database [for details use: -P show]
    ATA Version is:   7
    ATA Standard is:  Exact ATA specification draft version not indicated
    Local Time is:    Thu Dec 13 12:43:37 2018 EST
    SMART support is: Available - device has SMART capability.
    SMART support is: Enabled
    
    === START OF READ SMART DATA SECTION ===
    SMART overall-health self-assessment test result: PASSED
    
    
    ID# ATTRIBUTE_NAME          FLAG     VALUE WORST THRESH TYPE      UPDATED  WHEN_FAILED RAW_VALUE
      1 Raw_Read_Error_Rate     0x000f   093   086   006    Pre-fail  Always       -       0
      3 Spin_Up_Time            0x0003   091   091   000    Pre-fail  Always       -       0
      4 Start_Stop_Count        0x0032   100   100   020    Old_age   Always       -       27
      5 Reallocated_Sector_Ct   0x0033   100   100   036    Pre-fail  Always       -       0
      7 Seek_Error_Rate         0x000f   090   060   030    Pre-fail  Always       -       951683243
      9 Power_On_Hours          0x0032   052   052   000    Old_age   Always       -       42128
     10 Spin_Retry_Count        0x0013   100   100   097    Pre-fail  Always       -       0
     12 Power_Cycle_Count       0x0032   100   100   020    Old_age   Always       -       27
    187 Reported_Uncorrect      0x0032   100   100   000    Old_age   Always       -       0
    189 High_Fly_Writes         0x003a   100   100   000    Old_age   Always       -       0
    190 Airflow_Temperature_Cel 0x0022   066   054   045    Old_age   Always       -       34 (Min/Max 28/36)
    194 Temperature_Celsius     0x0022   034   046   000    Old_age   Always       -       34 (0 17 0 0 0)
    195 Hardware_ECC_Recovered  0x001a   081   055   000    Old_age   Always       -       220199
    197 Current_Pending_Sector  0x0012   096   096   000    Old_age   Always       -       93
    198 Offline_Uncorrectable   0x0010   096   096   000    Old_age   Offline      -       93
    199 UDMA_CRC_Error_Count    0x003e   200   200   000    Old_age   Always       -       971
    200 Multi_Zone_Error_Rate   0x0000   100   253   000    Old_age   Offline      -       0
    202 Data_Address_Mark_Errs  0x0032   100   253   000    Old_age   Always       -       0
    
    Now let's see /var/log/messages
    
    Dec 12 05:29:46 somepoorbox kernel: [30883839.026190] sd 0:0:0:0: [sda]  Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE Dec 12 05:29:46 somepoorbox kernel: [30883839.026196] sd 0:0:0:0: [sda]  Sense Key : Medium Error [current] [descriptor] Dec 12 05:29:46 somepoorbox kernel: [30883839.026203] Descriptor sense data with sense descriptors (in hex): Dec 12 05:29:46 somepoorbox kernel: [30883839.026206]         72 03 11 04 00 00 00 0c 00 0a 80 00 00 00 00 00 Dec 12 05:29:46 somepoorbox kernel: [30883839.026215]         57 4f 86 7b Dec 12 05:29:46 somepoorbox kernel: [30883839.026219] sd 0:0:0:0: [sda]  Add. Sense: Unrecovered read error - auto reallocate failed Dec 12 05:29:46 somepoorbox kernel: [30883839.026225] sd 0:0:0:0: [sda] CDB: Read(10): 28 00 57 4f 8a 43 00 03 38 00 Dec 12 05:29:46 somepoorbox kernel: [30883839.026236] end_request: I/O error, dev sda, sector 1464830531 Dec 12 05:29:46 somepoorbox kernel: [30883839.026331] block drbd0: disk( UpToDate -> Failed ) Dec 12 05:29:46 somepoorbox kernel: [30883839.026345] block drbd0: Local IO failed in __req_mod. Detaching... Dec 12 05:29:46 somepoorbox kernel: [30883839.026365] block drbd0: helper command: /sbin/drbdadm pri-on-incon-degr minor-0 Dec 12 05:29:46 somepoorbox kernel: [30883839.026476] sd 0:0:0:0: [sda]  Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE Dec 12 05:29:46 somepoorbox kernel: [30883839.026480] sd 0:0:0:0: [sda]  Sense Key : Medium Error [current] [descriptor] Dec 12 05:29:46 somepoorbox kernel: [30883839.026485] Descriptor sense data with sense descriptors (in hex): Dec 12 05:29:46 somepoorbox kernel: [30883839.026488]         72 03 11 04 00 00 00 0c 00 0a 80 00 00 00 00 00 Dec 12 05:29:46 somepoorbox kernel: [30883839.026497]         57 4f 86 7b Dec 12 05:29:46 somepoorbox kernel: [30883839.026501] sd 0:0:0:0: [sda]  Add. Sense: Unrecovered read error - auto reallocate failed Dec 12 05:29:46 somepoorbox kernel: [30883839.026506] sd 0:0:0:0: [sda] CDB: Read(10): 28 00 57 4f 86 7b 00 03 c8 00 Dec 12 05:29:46 somepoorbox kernel: [30883839.026514] end_request: I/O error, dev sda, sector 1464829563 Dec 12 05:29:46 somepoorbox kernel: [30883839.026632] block drbd0: IO ERROR: neither local nor remote disk Dec 12 05:29:46 somepoorbox kernel: [30883839.026636] ata1: EH complete Dec 12 05:29:46 somepoorbox kernel: [30883839.026728] block drbd0: IO ERROR: neither local nor remote disk Dec 12 05:29:46 somepoorbox kernel: [30883839.026811] block drbd0: IO ERROR: neither local nor remote disk Dec 12 05:29:46 somepoorbox kernel: [30883839.162977] Buffer I/O error on device drbd0, logical block 53203520 Dec 12 05:29:46 somepoorbox kernel: [30883839.163110] lost page write due to I/O error on drbd0 Dec 12 05:29:46 somepoorbox kernel: [30883839.163117] Buffer I/O error on device drbd0, logical block 59744311 Dec 12 05:29:46 somepoorbox kernel: [30883839.163200] lost page write due to I/O error on drbd0 Dec 12 05:29:46 somepoorbox kernel: [30883839.163208] Buffer I/O error on device drbd0, logical block 59744312 Dec 12 05:29:46 somepoorbox kernel: [30883839.163289] lost page write due to I/O error on drbd0 Dec 12 05:29:46 somepoorbox kernel: [30883839.163299] Buffer I/O error on device drbd0, logical block 59746338 Dec 12 05:29:46 somepoorbox kernel: [30883839.163316] Buffer I/O error on device drbd0, logical block 59744312 Dec 12 05:29:46 somepoorbox kernel: [30883839.163320] lost page write due to I/O error on drbd0 Dec 12 05:29:46 somepoorbox kernel: [30883839.163328] EXT3-fs: ext3_journal_dirty_data: aborting transaction: IO failure in ext3_journal_dirty_data Dec 12 05:29:46 somepoorbox kernel: [30883839.163336] EXT3-fs (drbd0): error in ext3_orphan_add: Readonly filesystem Dec 12 05:29:46 somepoorbox kernel: [30883839.165257]  [] ? warn_slowpath_common+0x91/0xe0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165260] EXT3-fs (drbd0): I/O error while writing superblock Dec 12 05:29:46 somepoorbox kernel: [30883839.165280]  [] ? ext3_get_group_desc+0x51/0xa0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165285] JBD: Spotted dirty metadata buffer (dev = drbd0, blocknr = 0). There's a risk of filesystem corruption in case of system crash. Dec 12 05:29:46 somepoorbox kernel: [30883839.165292]  [] ? warn_slowpath_null+0x1a/0x20 Dec 12 05:29:46 somepoorbox kernel: [30883839.165297]  [] ? mark_buffer_dirty+0x82/0xa0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165316]  [] ? ext3_commit_super.clone.0+0x69/0x100 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165329]  [] ? ext3_handle_error+0x7f/0xe0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165343]  [] ? __ext3_std_error+0x5e/0xb0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165356]  [] ? ext3_orphan_add+0xbf/0x1a0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165360] EXT3-fs: ext3_journal_dirty_data: aborting transaction: IO failure in ext3_journal_dirty_data Dec 12 05:29:46 somepoorbox kernel: [30883839.165374]  [] ? journal_dirty_data_fn+0x0/0x30 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165378] EXT3-fs (drbd0): error in ext3_orphan_add: Readonly filesystem [] ? ext3_ordered_write_end+0x158/0x1c0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165395] Dec 12 05:29:46 somepoorbox kernel: [30883839.165400]  [] ? generic_file_buffered_write_iter+0x184/0x2b0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165407]  [] ? __generic_file_write_iter+0x225/0x420 Dec 12 05:29:46 somepoorbox kernel: [30883839.165412]  [] ? __generic_file_aio_write+0x85/0xa0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165417]  [] ? generic_file_aio_write+0x88/0x100 Dec 12 05:29:46 somepoorbox kernel: [30883839.165423]  [] ? do_sync_write+0xf2/0x140 Dec 12 05:29:46 somepoorbox kernel: [30883839.165432]  [] ? sys_getpeername+0xd4/0xf0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165436]  [] ? vfs_write+0xb8/0x1a0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165441]  [] ? fget_light_pos+0x16/0x50 Dec 12 05:29:46 somepoorbox kernel: [30883839.165445]  [] ? sys_write+0x51/0xb0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165450]  [] ? __audit_syscall_exit+0x25e/0x290 Dec 12 05:29:46 somepoorbox kernel: [30883839.165455]  [] ? system_call_fastpath+0x16/0x1b Dec 12 05:29:46 somepoorbox kernel: [30883839.165459] ---[ end trace 32aa3e2dc89d4c30 ]--- Dec 12 05:29:46 somepoorbox kernel: [30883839.165462] Tainting kernel with flag 0x9   

  • scp: ambiguous target error and solution


    scp -rp Week09 one@10.10.5.80:"/some/remote/path/with a space/"

    Gives me an error:

    scp: ambiguous target
     

    The issue is caused by the space in the remote path which needs to be escaped like this:

    scp -rp Week09 one@10.10.5.80:"/some/remote/path/with a space/"

    Basically you add a backslash in front of each space.


  • VirtualBox How To Add iSCSI Storage using VBoxManage


    #to show all
    VBoxManage list vms

    #show ONLY running vms

    VBoxManage list runningvms


    VBoxManage storageattach test --storagectl "SATA" --port 0 --device 0 --type hdd --medium iscsi --server 192.168.1.91 --target "iqn.2018-12.local.abcrandom.target:sdb" --initiator "iqn.1982-01.ca.bla.tld:abc123" --tport 3260 --lun 1
    iSCSI disk created. UUID: 3bbdd942-f3b0-4bc9-8f22-b0118f6f11ec

    --server = the IP address of the iSCSI target server

    --target = the target on the iSCSI srever

    --initiator = your initiator name (eg. the equivalent of /etc/iscsi/initiator.iscsi)

    --lun 1 (or whatever LUN number

    Troubleshooting

    If the disk creates successfully but VBox says it is inacessible it means you have probably specified something wrong in the flags above.  Eg. a typo in your target, initiator, forgetting your LUN

    UUID Already Exists

    VBoxManage storageattach test --storagectl "SATA" --port 0 --device 0 --type hdd --medium iscsi --server 192.168.1.91 --target "iqn.1982-01.ca.bla.tld:abc123"
    VBoxManage: error: Cannot register the hard disk '192.168.1.91|iqn.1982-01.ca.bla.tld:abc123' {16b201f8-da53-499c-86ec-753a8b940e58} because a hard disk '192.168.1.91|iqn.1982-01.ca.bla.tld:abc123' with UUID {8cd2dd6e-9b69-488c-81f6-22fa96da0a2f} already exists
    VBoxManage: error: Details: code NS_ERROR_INVALID_ARG (0x80070057), component VirtualBoxWrap, interface IVirtualBox, callee nsISupports
    VBoxManage: error: Context: "CreateMedium(Bstr("iSCSI").raw(), bstrISCSIMedium.raw(), AccessMode_ReadWrite, DeviceType_HardDisk, pMedium2Mount.asOutParam())" at line 608 of file VBoxManageStorageController.cpp

    #list all hdds

     

    vboxmanage list hdds

    UUID:           8cd2dd6e-9b69-488c-81f6-22fa96da0a2f
    Parent UUID:    base
    State:          inaccessible
    Type:           normal (base)
    Location:       192.168.1.91|iqn.1982-01.ca.bla.tld:abc123
    Storage format: iSCSI
    Capacity:       0 MBytes
    Encryption:     disabled



    #let's delete it

    vboxmanage closemedium disk 8cd2dd6e-9b69-488c-81f6-22fa96da0a2f --delete

    #uh oh iSCSI disks can't be deleted this way

    vboxmanage closemedium disk 8cd2dd6e-9b69-488c-81f6-22fa96da0a2f --delete
    VBoxManage: error: Medium format 'iSCSI' does not support storage deletion
    VBoxManage: error: Details: code VBOX_E_NOT_SUPPORTED (0x80bb0009), component MediumWrap, interface IMedium, callee nsISupports
    VBoxManage: error: Context: "DeleteStorage(pProgress.asOutParam())" at line 1603 of file VBoxManageDisk.cpp
    VBoxManage: error: Failed to delete medium. Error code Unknown Status -2135228407 (0x80bb0009)

    Sometimes just using closemedium before works:


    vboxmanage closemedium disk 8cd2dd6e-9b69-488c-81f6-22fa96da0a2f

    Either way after the above you should be able to retry to connect your iSCSI disk


  • iSCSI on Centos 7 Configuration and Setup Guide for Initiator and Target


    initiator = client

    target = server

    These are the first concepts you should understand which is that in iscsi essentially the "initiator" is the client and the "target" is the server.

    iSCSI is derived from the old fashioned SCSI that us oldtimers grew to love.  The "i" stands for Internet and the SCSI stands for "Small Computers Systems Interface" (SCSI).

    iSCSI Target (Server) Setup

    targetcli is the package that creates the iSCSI server and allows you to export your devices. 

    yum -y install targetcli

    Loaded plugins: fastestmirror, langpacks
    Loading mirror speeds from cached hostfile
     * base: centos.ca-west.mirror.fullhost.io
     * epel: mirrors.cat.pdx.edu
     * extras: centos.ca-west.mirror.fullhost.io
     * updates: centos.ca-west.mirror.fullhost.io
    Resolving Dependencies
    --> Running transaction check
    ---> Package targetcli.noarch 0:2.1.fb46-6.el7_5 will be updated
    ---> Package targetcli.noarch 0:2.1.fb46-7.el7 will be an update
    --> Finished Dependency Resolution

    Dependencies Resolved

    ================================================================================
     Package            Arch            Version                 Repository     Size
    ================================================================================
    Updating:
     targetcli          noarch          2.1.fb46-7.el7          base           67 k

    Transaction Summary
    ================================================================================
    Upgrade  1 Package

    Total download size: 67 k
    Downloading packages:
    No Presto metadata available for base
    targetcli-2.1.fb46-7.el7.noarch.rpm                        |  67 kB   00:00    
    Running transaction check
    Running transaction test
    Transaction test succeeded
    Running transaction
      Updating   : targetcli-2.1.fb46-7.el7.noarch                              1/2
      Cleanup    : targetcli-2.1.fb46-6.el7_5.noarch                            2/2
      Verifying  : targetcli-2.1.fb46-7.el7.noarch                              1/2
      Verifying  : targetcli-2.1.fb46-6.el7_5.noarch                            2/2

    Updated:
      targetcli.noarch 0:2.1.fb46-7.el7                                            

    Complete!

     

    systemctl enable target

    systemctl start target

    systemctl disable firewalld

    systemctl stop firewalld

    firewall-cmd --permanent --add-port=3260/tcp firewall-cmd --reload
    


     

    Launch targetcli to configure our iSCSI target

    targetcli
    Warning: Could not load preferences file /root/.targetcli/prefs.bin.
    targetcli shell version 2.1.fb46
    Copyright 2011-2013 by Datera, Inc and others.
    For help on commands, type 'help'.

    />

    Let's see what block storage/backing devices we have?

    /> cd backstores/block
    /backstores/block> ls
    o- block .................................................. [Storage Objects: 0]
    /backstores/block>

    Create our iSCSI disk

    /backstores/block> create areebsfault /dev/sdb
    Created block storage object areebsfault using /dev/sdb.

    Create our target

    The "iqn" must go first and then year-time and then local and finally the "host name" and after the colon the target name "sdb".  IQN= iSCSI Qualified Name

    • iqn
    • Date (1982-01)
    • Reversed domain name of the authority (eg. target.abcrandom.local) becomes local.abcrandom.target
    • Optional “:” that prefixes a storage target name specified by the naming authority

     

    cd /iscsi

    /iscsi> create iqn.2018-12.local.abcrandom.target:sdb
    Created target iqn.2018-12.local.abcrandom.target:sdb.
    Created TPG 1.
    Global pref auto_add_default_portal=true
    Created default portal listening on all IPs (0.0.0.0), port 3260.

    Do we have any LUN?

    /iscsi/iqn.20...sdb/tpg1/acls> cd /iscsi/iqn.2018-12.local.abcrandom.target:sdb/
    /iscsi/iqn.20...om.target:sdb> ls
    o- iqn.2018-12.local.abcrandom.target:sdb ............................ [TPGs: 1]
      o- tpg1 ............................................... [no-gen-acls, no-auth]
        o- acls .......................................................... [ACLs: 0]
        o- luns .......................................................... [LUNs: 0]
        o- portals .................................................... [Portals: 1]
          o- 0.0.0.0:3260 ..................................................... [OK]

    Create our LUN

    cd /iscsi/iqn.2018-12.local.abcrandom.target:sdb/tpg1/luns


    /iscsi/iqn.20...sdb/tpg1/luns> create /backstores/block/areebsfault lun1
    Created LUN 1.

    /iscsi/iqn.20...sdb/tpg1/luns> ls
    o- luns .............................................................. [LUNs: 1]
      o- lun1 .................... [block/areebsfault (/dev/sdb) (default_tg_pt_gp)]

    Create ACL so our initiator can connect


    cd /iscsi/iqn.2018-12.local.abcrandom.target:sdb/tpg1/acls


    /iscsi/iqn.20...sdb/tpg1/acls> create iqn.1982-01.ca.bla.tld:abc123
    Created Node ACL for iqn.1982-01.ca.bla.tld:abc123
    Created mapped LUN 1.

    *Note the iqn for this ACL as you will need to use it in the clientside (initiator setup).

     

    Client Side Setup

    systemctl disable firewalld

    systemctl stop firewalld

    firewall-cmd --permanent --add-port=3260/tcp firewall-cmd --reload
    

    yum -y install iscsi-initiator-utils
     

    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
     * base: mirror.its.sfu.ca
     * extras: mirror.its.sfu.ca
     * updates: mirror.its.sfu.ca
    Resolving Dependencies
    --> Running transaction check
    ---> Package iscsi-initiator-utils.x86_64 0:6.2.0.874-10.el7 will be installed
    --> Processing Dependency: iscsi-initiator-utils-iscsiuio >= 6.2.0.874-10.el7 for package: iscsi-initiator-utils-6.2.0.874-10.el7.x86_64
    --> Running transaction check
    ---> Package iscsi-initiator-utils-iscsiuio.x86_64 0:6.2.0.874-10.el7 will be installed
    --> Finished Dependency Resolution

    Dependencies Resolved

    ================================================================================
     Package                           Arch      Version              Repository
                                                                               Size
    ================================================================================
    Installing:
     iscsi-initiator-utils             x86_64    6.2.0.874-10.el7     base    421 k
    Installing for dependencies:
     iscsi-initiator-utils-iscsiuio    x86_64    6.2.0.874-10.el7     base     92 k

    Transaction Summary
    ================================================================================
    Install  1 Package (+1 Dependent package)

    Total download size: 513 k
    Installed size: 2.6 M
    Downloading packages:
    (1/2): iscsi-initiator-utils-6.2.0.874-10.el7.x86_64.rpm   | 421 kB   00:00    
    (2/2): iscsi-initiator-utils-iscsiuio-6.2.0.874-10.el7.x86 |  92 kB   00:00    
    --------------------------------------------------------------------------------
    Total                                              977 kB/s | 513 kB  00:00    
    Running transaction check
    Running transaction test
    Transaction test succeeded
    Running transaction
      Installing : iscsi-initiator-utils-6.2.0.874-10.el7.x86_64                1/2
      Installing : iscsi-initiator-utils-iscsiuio-6.2.0.874-10.el7.x86_64       2/2
      Verifying  : iscsi-initiator-utils-iscsiuio-6.2.0.874-10.el7.x86_64       1/2
      Verifying  : iscsi-initiator-utils-6.2.0.874-10.el7.x86_64                2/2

    Installed:
      iscsi-initiator-utils.x86_64 0:6.2.0.874-10.el7                              

    Dependency Installed:
      iscsi-initiator-utils-iscsiuio.x86_64 0:6.2.0.874-10.el7                     

    Complete!

    Edit initiatorname.iscsi

    vi /etc/iscsi/initiatorname.iscsi

    You can also use the echo command (make sure you use the correct iqn):

    echo "InitiatorName=iqn.1982-01.ca.bla.tld:abc123" > /etc/iscsi/initiatorname.iscsi

    Start and Enable iscsid

    [root@localhost ~]# systemctl start iscsid
    [root@localhost ~]# systemctl enable iscsid
    Created symlink from /etc/systemd/system/multi-user.target.wants/iscsid.service to /usr/lib/systemd/system/iscsid.service.

    Find Targets!

    iscsiadm -m discovery --type sendtargets -p 192.168.1.91
    192.168.1.91:3260,1 iqn.2018-12.local.abcrandom.target:sdb

    If all is well you should see this with ls

    ls /var/lib/iscsi/nodes
    iqn.2018-12.local.abcrandom.target:sdb
    [root@localhost ~]# ls /var/lib/iscsi/
    ifaces/       nodes/        slp/         
    isns/         send_targets/ static/      
    [root@localhost ~]# ls /var/lib/iscsi/send_targets/
    192.168.1.91,3260

    Mount all iscsi targets

    iscsiadm -m node -l
    Logging in to [iface: default, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] (multiple)
    Login to [iface: default, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] successful.

     

    You should now see a /dev/sdb available that you can format like a normal disk.
     

    cat /proc/partitions
    major minor  #blocks  name

      11        0    1048575 sr0
       8        0   15728640 sda
       8        1    1048576 sda1
       8        2   14679040 sda2
     253        0   13103104 dm-0
     253        1    1572864 dm-1
       8       16       4096 sdb

     

    Set it for onboot loading

     mkfs.ext4 /dev/sdb1
    mke2fs 1.42.9 (28-Dec-2013)
    Filesystem label=
    OS type: Linux
    Block size=1024 (log=0)
    Fragment size=1024 (log=0)
    Stride=0 blocks, Stripe width=32764 blocks
    1024 inodes, 4092 blocks
    204 blocks (4.99%) reserved for the super user
    First data block=1
    Maximum filesystem blocks=4194304
    1 block group
    8192 blocks per group, 8192 fragments per group
    1024 inodes per group

    Allocating group tables: done                           
    Writing inode tables: done                           
    Creating journal (1024 blocks): done
    Writing superblocks and filesystem accounting information: done

    [root@localhost ~]# blkid /dev/sdb1
    /dev/sdb1: UUID="7c1b6358-24b0-4296-b099-13eb1100f72e" TYPE="ext4"

    add something like this to /etcfstab

    UUID=7c1b6358-24b0-4296-b099-13eb1100f72e /mnt/iscsi ext4 _netdev 0 0

    Troubleshooting Common Issues

    1. Firewall Issues.  Make sure firewalls are disabled or port 3260 is enabled.
    2. Listening on the wrong IP or port in your portal.
    3. Specifying the target instead of the initiator name/ACL name.
    4. Not creating an LUN
    5. Mixing up different target names with the wrong initiator name.
    6. The client side is using the wrong initiator name (often a random generated one by the OS).

    How To

    Login To All Targets

    iscsiadm -m node -l

    Login To Specific Target

    iscsiadm -m node -l -T iqn.target.name:bla

    Delete your iscsi target

    /iscsi> cd /iscsi/
    /iscsi> delete iqn.2016-06.localb.a.bla:123
    Deleted Target iqn.2016-06.localb.a.bla:123.

    Disconnect your client from a target

    iscsiadm -m node --logout -T iqn.2018-12.local.abcrandom.target:sdb
    Logging out of session [sid: 1, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260]
    Logout of [sid: 1, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] successful.

     

    Disconnect from ALL targets

    iscsiadm -m node --logout all
    Logging out of session [sid: 2, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260]
    Logout of [sid: 2, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] successful.

     


  • Python and BeautifulSoup4's BS4's Decompose Method To Remove Unwanted Inner Tags


    <div class="c-shca-icon-item__body-name">

        < a href="/Products/MX72244">
            < span class="c-shca-icon-item__body-name-brand">

                ADATA
                < / span>
                    XPG SX8200 PCI - E 3.0 x4 M .2 NVMe SSD, 480 GB
                    < / a>


    The problem in the html above is that there is a "span" inside the "a" and this is unusual except for a few products with ADATA.
    Otherwise it would print out ADATA with the other product information "XPG SX8200 PCI - E 3.0 x4 M .2 NVMe SSD, 480 GB".  So we just want the product info and not the ADATA inside span.

    The solution is to use beautifulsoup's "decompose method below".



        hddname = prices.find("div", {"class": "c-shca-icon-item__body-name"})
        hddname=hddname.find("a")
        hddname.span.decompose()
        hddname=hddname.get_text().strip()

     

    Once we have the "a" tag contents which contain a "span inside".  We just use the decompose() method.

    The format is as follows

    soupname.tagname.decompose()


  • httpd AH00534: httpd: Configuration error: No MPM loaded. solution


    httpd
    AH00534: httpd: Configuration error: No MPM loaded.

    Simple Solution (assuming you don't have this line in httpd.conf aleady:


    echo "Include conf.modules.d/*.conf" >>  /etc/httpd/conf/httpd.conf

     


  • bash script to remove modules from httpd.conf that are not actually installed


    confmodules=`cat /etc/httpd/conf/httpd.conf |grep -v ^#|grep  "modules/"|awk '{print $3}'|cut -d "/" -f 2`

    for module in $confmodules; do
      echo "module=$module"
      if [ ! -f /etc/httpd/modules/$module ]; then
        linenum=`awk /"$module/{ print NR; exit}" /etc/httpd/conf/httpd.conf`
        sed -i "$linenum"s/.*// /etc/httpd/conf/httpd.conf
        echo "hey we don't have this $module in /etc/httpd/modules"
      fi
    done

    Basically the script checks all of the modules your httpd.conf tries to load.  Then it checks if the file actually exists in /etc/httpd/modules/ and if it doesn't it edits httpd.conf by removing the relevant line for the module that doesn't exist.


  • bash scripting how to create a function


    function centos7 {
      release=`cat /etc/redhat-release|awk '{print $4}'|grep ^[7]`

      if [ "$release" != "" ]; then
         centos7='yes'
      fi

    }

    centos7

    echo "$centos7"

    We create a function called "centos7" and then call it by just typing "centos7"

    We then access a variable that may be set if we are running centos7 which is also called "$centos7".

    If the value is present it should be = "yes" which means we are running Centos 7.


  • Centos 7 PHP MySQL Not Working Solution


    PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/pdo_mysql.so' - /usr/lib64/php/modules/pdo_mysql.so: symbol mysql_options, version libmysqlclient_18 not defined in file libmysqlclient.so.18 with link time reference in Unknown on line 0

    #not sure what is wrong with php-mysql but I removed it and installed mysqlnd

    yum -y remove php-mysql
    yum -y install php-mysqlnd


  • Bash How To Cut or Split Natively And Get The LAST Field


    This takes "yourvariable" and splits it based on the last character in this case "-" and shows the last field of that split.
     

    ${yourvariable##*-}

     


  • Bash Script How To Manipulate Text/Strings By Searchig and Replacing Natively


      # a single first slash means first occurrence
      # format=${haystack/needle/replacement}
      # if you use a double first slash it means ALL occurrences
      # format=${haystack//needle/replacement}


      email=${file/.txt-marked/}
     

    In the example above we are searching in the variable $file for ".txt-marked" and replacing with nothing (the empty part after the last / means we are replacing with nothing or actually removing it).  

    How to replace all occurrences?

      email=${file//.txt-marked/}

    The only difference is where the first slash goes.  If you use double slashes it means to replace ALL occurences.


  • How Does Cisco CUCM (Cisco Unified Communication Manager) Work?


    Cisco's CUCM (Cisco Unified Communication Manager) is a system that combines voice, video, data and mobile products into a single unified management suite.  At its core, the CUCM is like a "Super PBX" that controls the flow of all communications through an organization even single or multiple site deployments.

    Cisco's CUCM makes communication more effective and simple through centralized management and unification of communications resources.

    How Does CUCM Work?

    First of all the CUCM is a Linux based OS that is installed onto a server.  It is like the "Control Panel" or "PBX" for all of your communications in terms of voice and video. 

    CUCM consists of 4-layers or building blocks to function and create a cohesive communication solution for your enterprise.

    4-Layers of CUCM

     

    Layer 1.) Infrastructure

    Since CUCM is IP (Internet Protocol) based it uses traditional network infrastructure including switches, routers with the addition of voice specific gateway and switching (voice gateway and voice switch).  This layer is also where high availability, QoS (Quality of Service) and management.

    Layer 2.) Call Control

    The call control layer is actually where CUCM lives and is active.  It is the layer that handles and processes the calls, manages devices and where the PBX administrator can set dial plans and other features.

    Layer 3.) Application

     The applicaton layer processes things other than calls and is indepedent of the Call Control layer. 

    Examples of applications under this layer are the following:

    1. Cisco Unity - Voicemail, unified messaging and integrated messaging applications
    2. Cisco Unified Contact Center - Call Center Management
    3. Cisco Unified Meeting Place - Video Conferencing
    4. Cisco ER (Emergency Responder) - Identifies the caller location and maps that location to an emergency line identification number.
    5. Cisco Unified Presence Server - Collects and reports information on user devices and availability over what mediums (eg. voice, video etc..)
    6. Third Party App Support - Supports common standards such as TAPI (Telephone Application Programming Interface),  SIP (Session Initiation Protocol) (for VOIP), H.323 (an open standard that allows for unified video, audio and data collaboration), MGCP (Media Gateway Control Protocol)

    Layer 4.) Endpoints

    The end points layer should be described and thought of as the "user level" which is essentially the end-product for the end user.  This is because the Endpoints layer presents itself as a Cisco based IP phone, or other VOIP device/application, video terminal etc.

     

    How the Cisco Unified Communications Network Works

    The Cisco CUCM is like the "director" or "operator" of calls and helps initially connect or signal the parties involved in a phone conversation.  It refers to the complete process of originating, terminating and routing calls.  It also allows for stats to be collected for metrics and billing.

    The actual voice and data travels directly between the devices themselves over whatever network they are connected to and the failure or loss of connectivity to the CUCM does not impact current conversations (unless you try to use a feature that CUCM controls such as hold, transfer etc..)

    The CUCM also creates dialplans which control how and where a user can call.  

    CUCM also creates basic phone functionality such as the ability to hold, conference or transfer calls.

    CUCM also integrates with your existing Active Directory setup to help reduce the configuration and authentication of new users.

    How Do Calls Get Setup?

    Once the end-user picks up their phone, the phone signals the CUCM that it is "off hook" or "picked up" and will signal the device to play the dialtone.  Their device either sends each digit back to CUCM to be dialed (if it uses the SCCP protocol) or sends all digits at once, once the user has dialed (if using the SIP protocol).  If a match is found in their dialplan on their CUCM the call will be routed/go through, otherwise the user would receive the "reorder tone" or busy signal.

     

     

     

    Recommended Implementation - Campus Model

    In this call processing deployment model, the Unified Communications services and the endpoints are co-located in the campus, and the QoS-enabled network between the service nodes, the endpoints, and applications is considered highly available, offering virtually unlimited bandwidth with less than 15 ms of latency end-to-end. Likewise, the quality and availability of power are very high, and services are hosted in an appropriate data center environment. Communications between the endpoints traverses a LAN or a MAN, and communications outside the enterprise goes over an external network such as the PSTN. An enterprise would typically deploy the campus model over a single building or over a group of buildings connected by a LAN or MAN.

     The campus model typically has the following design characteristics:

    •Single Cisco Unified CM cluster. Some campus call processing deployments may require more than one Unified CM cluster, for instance, if scale calls for more endpoints than can be serviced by a single cluster or if a cluster needs to be dedicated to an application such as a call center.

    •Alternatively for smaller deployments, Cisco Business Edition 3000, 5000, or 6000 may be deployed in the campus.

    •Maximum of 40,000 configured and registered Skinny Client Control Protocol (SCCP) or Session Initiation Protocol (SIP) IP phones, Cisco Cius, video endpoints, mobile clients, and Cisco Virtualization Experience Clients (VXC) per Unified CM cluster.

    •Maximum of 2,100 gateways and trunks (that is, the total number of H.323 gateways, H.323 trunks, digital MGCP devices, and SIP trunks) per Unified CM cluster.

    •Trunks and/or gateways (IP or PSTN) for all calls to destinations outside the campus.

    •Co-located digital signal processor (DSP) resources for conferencing, transcoding, and media termination point (MTP).

    •Other Unified Communications services, such as messaging (voicemail), presence, and mobility are typically co-located.

    •Interfaces to legacy voice services such as PBXs and voicemail systems are connected within the campus, with no operational costs associated with bandwidth or connectivity.

    •Multipoint Control Unit (MCU) resources are required for multipoint video conferencing. Depending on conferencing requirements, these resources may be either SCCP or H.323, or both.

    •H.323 and H.320 video gateways are needed to communicate with H.320 videoconferencing devices on the public ISDN network.

    •High-bandwidth audio is available (for example, G.722 or Cisco Wideband Audio) between devices within the site.

    •High-bandwidth video (for example, 384 kbps or greater) is available between devices within the site. The Cisco Unified Video Advantage Wideband Codec, operating at 7 Mbps, is also supported.
    Best Practices for the Campus Model

    Follow these guidelines and best practices when implementing the single-site model:

    •Ensure that the infrastructure is highly available, enabled for QoS, and configured to offer resiliency, fast convergence, and inline power.

    •Know the calling patterns for your enterprise. Use the campus model if most of the calls from your enterprise are within the same site or to PSTN users outside your enterprise.

    •Use G.711 codecs for all endpoints. This practice eliminates the consumption of digital signal processor (DSP) resources for transcoding, and those resources can be allocated to other functions such as conferencing and media termination points (MTPs).

    •Implement the recommended network infrastructure for high availability, connectivity options for phones (in-line power), Quality of Service (QoS) mechanisms, and security. (See Network Infrastructure.)

    •Follow the provisioning recommendations listed in the chapter on Call Processing.


  • What DNS Options Does Active Directory Offer in Windows Server 2008,2012,2016 ?


    What Is Active Directory?

    Active Directory is essentially an enhanced, centralized database with a set of objects that make user management, authorization, and data management simpler.  Active Directory is synonymous with "Domain Controllers" where a single "domain" often consists of multiple sites and members of the domain.  Multiple domains can also be joined to belong to a tree ( a collection of domains).  And the highest layer is the forest which is created from multiple trees.

    Active Directory can help provide DNS service by enabling the "DNS Server Role" which will allow members of a Domain to process DNS requests and create a highly available,  fault-tolerant, redundant DNS design.

    The first step is to ensure all relevant servers have the "Active Directory" role added and including the DNS portion.

    The preferred method and setup is that the first DNS server should be set to the IP of another domain controller or DNS server that serves DNS and the secondary one should point to the localhost.  DNS forwarders should be configured on each server that is running DNS, as this allows DNS resolutons to the outside to continue working in the event that one server hosting DNS goes down.

     

    Best Practices According To Microsoft:

    Question

    What is Microsoft’s best practice for where and how many DNS servers exist? What about for configuring DNS client settings on DC’s and members?

    Answer

    It depends on who you ask. 🙂 We in MS have been arguing this amongst ourselves for 11 years now. Here are the general guidelines that the Microsoft AD and Networking Support teams give to customers, based on our not inconsiderable experience with customers and their CritSits:

    1. If a DC is hosting DNS, it should point to itself at least somewhere in the client list of DNS servers.

    2. If at all possible on a DC, client DNS should point to another DNS server as primary and itself as secondary or tertiary. It should not point to self as primary due to various DNS islanding and performance issues that can occur. (This is where the arguments usually start)

    3. When referencing a DNS server on itself, a DNS client should always use a loopback address and not a real IP address.

    4. Unless there is a valid reason not to that you can concretely explain with more pros than cons, all DC’s in a domain should be running DNS and hosting at least their own DNS zone; all DC’s in the forest should be hosting the _MSDCS zones. This is default when DNS is configured on a new Win2003 or later forest’s DC’s. (Lots more arguments here).

    5. DC’s should have at least two DNS client entries.

    6. Clients should have these DNS servers specified via DHCP or by deploying via group policy/group policy preferences, to avoid admin errors; both of those scenarios allow you to align your clients with subnets, and therefore specific DNS servers. Having all the clients & members point to the same one or two DNS servers will eventually lead to an outage and a conversation with us and your manager. If every DC is a DNS server, clients can be fine-tuned to keep their traffic as local as possible and DNS will be highly available with special work or maintenance. It also means that branch offices can survive WAN outages and keep working, if they have local DC’s running DNS.

    7. We don’t care if you use Windows or 3rd party DNS. It’s no skin off our nose: you already paid us for the DC’s and we certainly don’t need you to buy DNS-only Windows servers. But we won’t be able to assist you with your BIND server, and their free product’s support is not free.

    8. (Other things I didn’t say that are people’s pet peeves, leading to even more arguments).

     

    Other Options

    It should be noted that Active Directory Domain Controllers are not required to serve their own DNS and it is optional at the time of domain controller creation.

    Another option that exists are the integration of Linux's NAMED or BIND DNS Server which is known to scale well and be extremely reliable.

    Many cybersecurity experts believe this provides an enhanced level of performance and security, while still giving you the full features that Active Directory offers.

    In general having a non-Microsoft DNS can offer you better performance and security.  Securing your DNS servers is especially important, not only for DOS attacks but DNS poisoning especially due to privilege escalation or a compromise of a domain controller.  This would allow an attacker to trick users into believing they were visiting a site they are not (eg. accounting may login to their online banking but unknowingly pass their details off to the hackers who have poisoned the DNS and sent them to a spoof site).

    Here is a list of some of the value-added features offered by third-party DNS solutions available today:

    • Proactive automated adaptive behavior protection from DNS attacks, malware and data exfiltration through customized DNS firewall security
    • Utilize DNS and DHCP features that are unavailable from Microsoft in-box solutions such as Identity Mapping (linking IP addresses to users)
    • Intelligently resolve queries and direct traffic according to geographic location
    • Increased logging to help determine where issues and attacks are originating
    • Utilizing a single solution for external and internal DNS (aka "single view")
    • Operating system-agnostic way to manage DNS
    • Increased security by reducing admin privilege usage
    • Increased granularity for control of dynamic DNS updates via IP-based access-control, as opposed to the Microsoft's three-level approach of "none," "secure only" (i.e., AD-integrated clients (GSS-TSIG)) or "secure and insecure" (i.e., anyone, no TSIG or IP-based authentication required)

    A good example is if you have 10 servers:


    Server 1
    Primary DNS: 172.16.254.2
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 2
    Primary DNS: 172.16.254.3
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 3
    Primary DNS: 172.16.254.4
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 4
    Primary DNS: 172.16.254.5
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 5
    Primary DNS: 172.16.254.6
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 6
    Primary DNS: 172.16.254.7
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 7
    Primary DNS: 172.16.254.8
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 8
    Primary DNS: 172.16.254.9
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 9
    Primary DNS: 172.16.254.10
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 10
    Primary DNS: 172.16.254.11
    Second DNS: 127.0.0.1
    ---------------------------------

     


    By setting up your DNS this way you are ensuring that should a domain member that provides DNS goes down that you have redundancy and the remaining servers will still function rather than if they were all relying on a single server as their secondary DNS source.


  • syntax error, unexpected T_SL in PHP Solution


    This happened in a PHP script with heredoc but it could really happen anywhere.  The issue was whitespace in code like this:

     

    $variable = <<< HTML
      some stuff here
      $othervar
    HTML;

     

    Notice on the first line that there is extra white space after the HTML.  Whitespace was a deadly killer since it isn't obvious in terms of syntax.


  • grep regular expression match number range between specific numbers


    grep -E servers1[2-6] somefile.txt

    The 1 before the [ bracket means that the number must start with one and can be between 1 and [2-6] or in plain English between 12-16.
     


  • bash how to print out lines of text within a range from the first occurrence


    #get line number of occurrence in text file and then print out x lines from that point

    #get the line number of the first occurrence of our search text
    linenumber=`grep -n "someuniqueitem" inventory.txt|head -n1|cut -d ":" -f 1`
    #linestop represents how many lines after the occurring line we want to print out in this case "20"
    linestop=$((linenumber+20))


    # sed prints out the line range we want for inventory.txt
    # note that the p after $linestop tells sed to print
    sed -n "$linenumber,$linestop p" inventory.txt

    Combing it into one line:

    linenumber=`grep -n "evodal07" inventory.txt|head -n1|cut -d ":" -f 1`&&sed -n "$linenumber,$((linenumber+20)) p" inventory.txt


  • bash script how to to check LAN computers for open ports


    In this case it just searches for port 80 it is fairly handy if you have some sort of appliance or something else you aren't sure of the IP of

    Of course change the port 80 port to whatever port(s) you want.

    for ip in `arp -n|arp -n|tail -n +2|head -n -1 |grep -v incomplete|awk '{print $1}'`; do

     echo "checking $ip:80"
     nc -w 1 -z $ip 80

     if [ "$?" == 0 ]; then
      echo "**Port 80 Open on $ip**"
     fi

    done


  • MySQL Using mytop Debug Source of High IO and Slow Performance


    mytop is one of my favorite tools and it is fairly simple aside from a few caveats and issues that persist to this day.

    To install it on Centos:

    yum -y install centos

    Configure ~/.mytop

    vi ~/.mytop

    user=root
    host=localhost
    db=test
    #port=3306
    socket=/var/lib/mysql/mysql.sock
    header=1
    color=1

    Try running it and see this error:

    mytop --prompt

    Error Fix:

    vi /usr/bin/mytop

    #comment this out:

        #"long|!"              => $config{long_nums},

     

     

    Once you do get it running it's very useful you can watch queries in real time and if there is a single database slowing you down it will become apparent by watching the queries.  Even using slow queries cannot always find the cause because sometimes the query isn't technically slow but it is the iowait that doesn't allow the query to even start executing for a long time.

     


  • How To Mathematically Convert and Calculate Binary Value To Decimal Value


    When converting binary the easiest way is to write out a vertical list in a format like below and follow the formula in the table.

    Example Convert 1101 1111 to decimal.

    Step 1.)

    Write out the binary below in vertical form (leave lots of space on the left side).

    Keep this in mind that the "previous sum" starts at 0 on your first line.

    Step 2.)

    Formula:

    2 * Previous Sum  + Binary Number = Current Total

    Write out each line in order from top to bottom of 1101 1111 in the same format and perform the calculations below.

     

    Note that we alway use 0 for the previous sum.

    2 * Previous Sum +
    Binary Value
    = Current Total
    2 * 0 + 1 = 1
    2 * 1 + 1 = 3
    2 * 3 + 0 = 6
    2 * 6 + 1 = 13
    2 * 13 + 1 = 27
    2 * 27 + 1 = 55
    2 * 55 + 1 = 111
    2 * 111 + 1 = 223

     


  • systemd management using systemctl and journalctl to check systemd logs


    systemd is like the service manager for your Centos and other modern Linux distributions (including Debian/Mint/Ubuntu) allows you to enable services, stop them, restart them, check their status and even reboot your system.

    The key commands or arguments you will use with systemctl are the following:

    Unit Commands:
      list-units [PATTERN...]         List loaded units
      list-sockets [PATTERN...]       List loaded sockets ordered by address
      list-timers [PATTERN...]        List loaded timers ordered by next elapse
      start NAME...                   Start (activate) one or more units
      stop NAME...                    Stop (deactivate) one or more units
      reload NAME...                  Reload one or more units
      restart NAME...                 Start or restart one or more units
      try-restart NAME...             Restart one or more units if active
      reload-or-restart NAME...       Reload one or more units if possible,
                                      otherwise start or restart
      reload-or-try-restart NAME...   Reload one or more units if possible,
                                      otherwise restart if active
      isolate NAME                    Start one unit and stop all others
      kill NAME...                    Send signal to processes of a unit
      is-active PATTERN...            Check whether units are active
      is-failed PATTERN...            Check whether units are failed
      status [PATTERN...|PID...]      Show runtime status of one or more units
      show [PATTERN...|JOB...]        Show properties of one or more
                                      units/jobs or the manager
      cat PATTERN...                  Show files and drop-ins of one or more units
      set-property NAME ASSIGNMENT... Sets one or more properties of a unit
      help PATTERN...|PID...          Show manual for one or more units
      reset-failed [PATTERN...]       Reset failed state for all, one, or more
                                      units
      list-dependencies [NAME]        Recursively show units which are required
                                      or wanted by this unit or by which this
                                      unit is required or wanted

     

    check the state of all running services

    systemctl list-units --type service --all --state failed

    systemctl list-units --type service --all --state running

    systemctl list-units --type service --all --state active



    How Do You Enable or Disable Services

    systemctl enable sshd

    systemctl disable crond

    Note that disabling does NOT stop them if they are currently running.

     systemctl disable crond
    Removed symlink /etc/systemd/system/multi-user.target.wants/crond.service.
    [root@bcitcourse ~]# systemctl status crond
    ● crond.service - Command Scheduler
       Loaded: loaded (/usr/lib/systemd/system/crond.service; disabled; vendor preset: enabled)
       Active: active (running) since Sat 2018-11-03 19:12:14 UTC; 2 days ago
     Main PID: 139 (crond)
       CGroup: /system.slice/crond.service
               └─139 /usr/sbin/crond -n

    Sep 18 07:19:54 bcitcourse systemd[1]: Starting Command Scheduler...
    Sep 18 07:19:54 bcitcourse crond[31554]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 34% if used.)
    Sep 18 07:19:54 bcitcourse crond[31554]: (CRON) INFO (running with inotify support)
    Sep 18 07:19:54 bcitcourse crond[31554]: (CRON) INFO (@reboot jobs will be run at computer's startup.)
    Sep 18 07:23:54 bcitcourse systemd[1]: Stopping Command Scheduler...
    Sep 18 07:23:54 bcitcourse systemd[1]: Started Command Scheduler.
    Sep 18 07:23:54 bcitcourse systemd[1]: Starting Command Scheduler...
    Sep 18 07:23:54 bcitcourse crond[32128]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 44% if used.)
    Sep 18 07:23:54 bcitcourse crond[32128]: (CRON) INFO (running with inotify support)
    Sep 18 07:23:54 bcitcourse crond[32128]: (CRON) INFO (@reboot jobs will be run at computer's startup.)
    Nov 01 18:20:58 bcitcourse systemd[1]: Stopping Command Scheduler...
    Nov 01 18:20:58 bcitcourse systemd[1]: Stopped Command Scheduler.
    Nov 01 18:21:26 bcitcourse systemd[1]: Started Command Scheduler.
    Nov 01 18:21:26 bcitcourse systemd[1]: Starting Command Scheduler...
    Nov 01 18:21:26 bcitcourse crond[156]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 72% if used.)
    Nov 01 18:21:26 bcitcourse crond[156]: (CRON) INFO (running with inotify support)
    Nov 02 17:24:11 bcitcourse systemd[1]: Stopping Command Scheduler...
    Nov 02 17:24:11 bcitcourse systemd[1]: Stopped Command Scheduler.
    Nov 02 17:25:08 bcitcourse systemd[1]: Started Command Scheduler.
    Nov 02 17:25:08 bcitcourse systemd[1]: Starting Command Scheduler...
    Nov 02 17:25:08 bcitcourse crond[135]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 37% if used.)
    Nov 02 17:25:08 bcitcourse crond[135]: (CRON) INFO (running with inotify support)
    Nov 02 19:26:01 bcitcourse crond[135]: (wwwmaster) BAD FILE MODE (/var/spool/cron/wwwmaster)
    Nov 02 19:56:01 bcitcourse crond[135]: (wwwmaster) BAD FILE MODE (/var/spool/cron/wwwmaster)
    Nov 03 19:11:56 bcitcourse systemd[1]: Stopping Command Scheduler...
    Nov 03 19:11:56 bcitcourse systemd[1]: Stopped Command Scheduler.
    Nov 03 19:12:14 bcitcourse systemd[1]: Started Command Scheduler.
    Nov 03 19:12:14 bcitcourse systemd[1]: Starting Command Scheduler...
    Nov 03 19:12:14 bcitcourse crond[139]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 66% if used.)
    Nov 03 19:12:14 bcitcourse crond[139]: (wwwmaster) BAD FILE MODE (/var/spool/cron/wwwmaster)
    Nov 03 19:12:14 bcitcourse crond[139]: (CRON) INFO (running with inotify support)
    [root@bcitcourse ~]# ps aux|grep crond
    root       139  0.0  0.0  22700  1496 ?        Ss   Nov03   0:00 /usr/sbin/crond -n
    root      5833  0.0  0.0 112660   952 pts/3    S+   19:11   0:00 grep --color=auto crond

     

    How do targets work and what are they?

     

    It is similar to the traditional runtimes where generally normal non GUI operation would be considered "runlevel 3" and the GUI would be "runlevel 5".

    Instead, with systemctl you have targets for these that are based on names.

    A good example is when installing your GNOME GUI:

    You can do that, type startx and get your GUI.  But upon reboot you'll still be at the CLI.  Why?

    You need to set your default target to the graphical target like below.

    systemctl set-default graphical.target

     

    What targets are available on my system?

    ls  /usr/lib/systemd/system
    arp-ethers.service                       finger@.service                    nfs-blkmap.service                 rhel-configure.service     sockets.target.wants                    systemd-poweroff.service
    auth-rpcgss-module.service               finger.socket                      nfs-client.target                  rhel-dmesg.service         sound.target                            systemd-quotacheck.service
    autovt@.service                          firewalld.service                  nfs-config.service                 rhel-domainname.service    sshd-keygen.service                     systemd-random-seed.service
    basic.target                             fstrim.service                     nfs-idmapd.service                 rhel-import-state.service  sshd.service                            systemd-readahead-collect.service
    basic.target.wants                       fstrim.timer                       nfs-idmap.service                  rhel-loadmodules.service   sshd@.service                           systemd-readahead-done.service
    blk-availability.service                 garbd.service                      nfs-lock.service                   rhel-readonly.service      sshd.socket                             systemd-readahead-done.timer
    bluetooth.target                         geoclue.service                    nfslock.service                    rpcbind.service            suspend.target                          systemd-readahead-drop.service
    brandbot.path                            getty-pre.target                   nfs-mountd.service                 rpcbind.socket             swap.target                             systemd-readahead-replay.service
    brandbot.service                         getty@.service                     nfs-rquotad.service                rpcbind.target             sys-fs-fuse-connections.mount           systemd-reboot.service
    canberra-system-bootup.service           getty.target                       nfs-secure.service                 rpc-gssd.service           sysinit.target                          systemd-remount-fs.service
    canberra-system-shutdown-reboot.service  graphical.target                   nfs-server.service                 rpcgssd.service            sysinit.target.wants                    systemd-rfkill@.service
    canberra-system-shutdown.service         graphical.target.wants             nfs.service                        rpcidmapd.service          sys-kernel-config.mount                 systemd-shutdownd.service
    console-getty.service                    gssproxy.service                   nfs-utils.service                  rpc_pipefs.target          sys-kernel-debug.mount                  systemd-shutdownd.socket
    console-shell.service                    halt-local.service                 nmb.service                        rpc-rquotad.service        syslog.socket                           systemd-suspend.service
    container-getty@.service                 halt.target                        nscd.service                       rpc-statd-notify.service   syslog.target.wants                     systemd-sysctl.service
    crond.service                            hibernate.target                   nscd.socket                        rpc-statd.service          systemd-ask-password-console.path       systemd-timedated.service
    cryptsetup-pre.target                    htcacheclean.service               nss-lookup.target                  rsyncd.service             systemd-ask-password-console.service    systemd-tmpfiles-clean.service
    cryptsetup.target                        httpd.service                      nss-user-lookup.target             rsyncd@.service            systemd-ask-password-wall.path          systemd-tmpfiles-clean.timer
    ctrl-alt-del.target                      hybrid-sleep.target                ntalk.service                      rsyncd.socket              systemd-ask-password-wall.service       systemd-tmpfiles-setup-dev.service
    dbus-org.freedesktop.hostname1.service   initrd-cleanup.service             ntalk.socket                       rsyslog.service            systemd-backlight@.service              systemd-tmpfiles-setup.service
    dbus-org.freedesktop.import1.service     initrd-fs.target                   paths.target                       runlevel0.target           systemd-binfmt.service                  systemd-udevd-control.socket
    dbus-org.freedesktop.locale1.service     initrd-parse-etc.service           polkit.service                     runlevel1.target           systemd-bootchart.service               systemd-udevd-kernel.socket
    dbus-org.freedesktop.login1.service      initrd-root-fs.target              poweroff.target                    runlevel1.target.wants     systemd-firstboot.service               systemd-udevd.service
    dbus-org.freedesktop.machine1.service    initrd-switch-root.service         poweroff.target.wants              runlevel2.target           systemd-fsck-root.service               systemd-udev-settle.service
    dbus-org.freedesktop.timedate1.service   initrd-switch-root.target          printer.target                     runlevel2.target.wants     systemd-fsck@.service                   systemd-udev-trigger.service
    dbus.service                             initrd.target                      proc-fs-nfsd.mount                 runlevel3.target           systemd-halt.service                    systemd-update-done.service
    dbus.socket                              initrd.target.wants                proc-sys-fs-binfmt_misc.automount  runlevel3.target.wants     systemd-hibernate-resume@.service       systemd-update-utmp-runlevel.service
    dbus.target.wants                        initrd-udevadm-cleanup-db.service  proc-sys-fs-binfmt_misc.mount      runlevel4.target           systemd-hibernate.service               systemd-update-utmp.service
    debug-shell.service                      ip6tables.service                  quotaon.service                    runlevel4.target.wants     systemd-hostnamed.service               systemd-user-sessions.service
    default.target                           iptables.service                   rc-local.service                   runlevel5.target           systemd-hwdb-update.service             systemd-vconsole-setup.service
    default.target.wants                     kexec.target                       rdisc.service                      runlevel5.target.wants     systemd-hybrid-sleep.service            system.slice
    dev-hugepages.mount                      kmod-static-nodes.service          rdma-hw.target                     runlevel6.target           systemd-importd.service                 system-update.target
    dev-mqueue.mount                         local-fs-pre.target                rdma-load-modules@.service         saslauthd.service          systemd-initctl.service                 tcsd.service
    dracut-cmdline.service                   local-fs.target                    rdma-ndd.service                   sendmail.service           systemd-initctl.socket                  timers.target
    dracut-initqueue.service                 local-fs.target.wants              rdma.service                       serial-getty@.service      systemd-journal-catalog-update.service  timers.target.wants
    dracut-mount.service                     machine.slice                      reboot.target                      shutdown.target            systemd-journald.service                time-sync.target
    dracut-pre-mount.service                 machines.target                    reboot.target.wants                shutdown.target.wants      systemd-journald.socket                 tmp.mount
    dracut-pre-pivot.service                 messagebus.service                 remote-cryptsetup.target           sigpwr.target              systemd-journal-flush.service           umount.target
    dracut-pre-trigger.service               multi-user.target                  remote-fs-pre.target               sleep.target               systemd-kexec.service                   user.slice
    dracut-pre-udev.service                  multi-user.target.wants            remote-fs.target                   -.slice                    systemd-localed.service                 var-lib-nfs-rpc_pipefs.mount
    dracut-shutdown.service                  named.service                      rescue.service                     slices.target              systemd-logind.service                  vzfifo.service
    ebtables.service                         named-setup-rndc.service           rescue.target                      smartcard.target           systemd-machined.service                vzreboot.service
    emergency.service                        network-online.target              rescue.target.wants                smb.service                systemd-machine-id-commit.service       xinetd.service
    emergency.target                         network-pre.target                 rhel-autorelabel-mark.service      sm-client.service          systemd-modules-load.service
    final.target                             network.target                     rhel-autorelabel.service           sockets.target             systemd-nspawn@.service

     

    We can check by symlink to see what the default target is:

    lrwxrwxrwx 1 root root 16 Sep 18 07:18 /usr/lib/systemd/system/default.target -> graphical.target

    Checking to see what services start with a target

    systemctl list-dependencies default.target
    default.target
    ● ├─display-manager.service
    ● ├─mysqld.service
    ● ├─network.service
    ● ├─quotaon.service
    ● ├─systemd-readahead-collect.service
    ● ├─systemd-readahead-replay.service
    ● ├─systemd-update-utmp-runlevel.service
    ● ├─vzfifo.service
    ● └─multi-user.target
    ●   ├─brandbot.path
    ●   ├─dbus.service
    ●   ├─httpd.service
    ●   ├─mysqld.service
    ●   ├─network.service
    ●   ├─rhel-configure.service
    ●   ├─rsyslog.service
    ●   ├─saslauthd.service
    ●   ├─sendmail.service
    ●   ├─sm-client.service
    ●   ├─sshd.service
    ●   ├─systemd-ask-password-wall.path
    ●   ├─systemd-logind.service
    ●   ├─systemd-update-utmp-runlevel.service
    ●   ├─systemd-user-sessions.service
    ●   ├─xinetd.service
    ●   ├─basic.target
    ●   │ ├─iptables.service
    ●   │ ├─rhel-dmesg.service
    ●   │ ├─paths.target
    ●   │ ├─slices.target
    ●   │ │ ├─-.slice
    ●   │ │ └─system.slice
    ●   │ ├─sockets.target
    ●   │ │ ├─dbus.socket
    ●   │ │ ├─rpcbind.socket
    ●   │ │ ├─systemd-initctl.socket
    ●   │ │ ├─systemd-journald.socket
    ●   │ │ ├─systemd-shutdownd.socket
    ●   │ │ ├─systemd-udevd-control.socket
    ●   │ │ └─systemd-udevd-kernel.socket
    ●   │ ├─sysinit.target
    ●   │ │ ├─dev-hugepages.mount
    ●   │ │ ├─dev-mqueue.mount
    ●   │ │ ├─kmod-static-nodes.service
    ●   │ │ ├─proc-sys-fs-binfmt_misc.automount
    ●   │ │ ├─rhel-autorelabel-mark.service
    ●   │ │ ├─rhel-autorelabel.service
    ●   │ │ ├─rhel-domainname.service
    ●   │ │ ├─rhel-import-state.service
    ●   │ │ ├─rhel-loadmodules.service
    ●   │ │ ├─sys-fs-fuse-connections.mount
    ●   │ │ ├─sys-kernel-config.mount
    ●   │ │ ├─sys-kernel-debug.mount
    ●   │ │ ├─systemd-ask-password-console.path
    ●   │ │ ├─systemd-binfmt.service
    ●   │ │ ├─systemd-firstboot.service
    ●   │ │ ├─systemd-hwdb-update.service
    ●   │ │ ├─systemd-journal-catalog-update.service
    ●   │ │ ├─systemd-journal-flush.service
    ●   │ │ ├─systemd-journald.service
    ●   │ │ ├─systemd-machine-id-commit.service
    ●   │ │ ├─systemd-modules-load.service

     

    How can we see what switchable "isolate"able targets are available?

    ls -al /usr/lib/systemd/system/|grep ^d
    drwxr-xr-x 22 root root 16384 Nov  3 22:59 .
    drwxr-xr-x 13 root root  4096 Sep 18 07:18 ..
    drwxr-xr-x  2 root root  4096 Sep 18 07:23 basic.target.wants
    drwxr-xr-x  2 root root  4096 Aug 16 18:34 dbus.target.wants
    drwxr-xr-x  2 root root  4096 Aug 16 18:34 default.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 graphical.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 initrd.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:23 local-fs.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:23 multi-user.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 poweroff.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 reboot.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 rescue.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 runlevel1.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 runlevel2.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 runlevel3.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 runlevel4.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 runlevel5.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 shutdown.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 sockets.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 sysinit.target.wants
    drwxr-xr-x  2 root root  4096 Aug 16 18:34 syslog.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 timers.target.wants

    How do we switch targets without rebooting?

    systemctl isolate targetname

    systemctl isolate poweroff

    systemctl sockets

    systemctl list-sockets

    LISTEN                      UNIT                         ACTIVATES
    /dev/log                    systemd-journald.socket      systemd-journald.service
    /run/dbus/system_bus_socket dbus.socket                  dbus.service
    /run/systemd/initctl/fifo   systemd-initctl.socket       systemd-initctl.service
    /run/systemd/journal/socket systemd-journald.socket      systemd-journald.service
    /run/systemd/journal/stdout systemd-journald.socket      systemd-journald.service
    /run/systemd/shutdownd      systemd-shutdownd.socket     systemd-shutdownd.service
    /run/udev/control           systemd-udevd-control.socket systemd-udevd.service
    /var/run/rpcbind.sock       rpcbind.socket               rpcbind.service
    kobject-uevent 1            systemd-udevd-kernel.socket  systemd-udevd.service

    9 sockets listed.
    Pass --all to see loaded but inactive sockets, too.

    journalctl (systemd logging)

    journalctl -u sshd

    Aug 07 06:22:45 bcitcourse sshd[595]: Received disconnect from 59.63.188.32: 11:  [preauth]
    Aug 07 06:23:00 bcitcourse sshd[597]: Received disconnect from 221.194.47.221: 11:  [preauth]
    Aug 07 06:23:15 bcitcourse sshd[599]: Received disconnect from 59.63.188.32: 11:  [preauth]
    Aug 07 06:23:16 bcitcourse sshd[601]: Received disconnect from 221.194.44.232: 11:  [preauth]
    Aug 07 06:23:42 bcitcourse sshd[603]: Received disconnect from 59.63.188.32: 11:  [preauth]
    Aug 07 06:24:14 bcitcourse sshd[607]: Received disconnect from 59.63.188.32: 11:  [preauth]
    Aug 07 06:24:46 bcitcourse sshd[609]: Received disconnect from 59.63.188.32: 11:  [preauth]
    Jul 22 10:21:09 bcitcourse sshd[867]: reverse mapping checking getaddrinfo for 88.150-182-91.adsl-dyn.isp.belgacom.be [91.182.150.88] failed - POSSIBLE BREAK-IN ATTEMPT!
    Jul 22 10:21:09 bcitcourse sshd[867]: Invalid user pi from 91.182.150.88
    Jul 22 10:21:09 bcitcourse sshd[867]: input_userauth_request: invalid user pi [preauth]
    Jul 22 10:21:09 bcitcourse sshd[865]: reverse mapping checking getaddrinfo for 88.150-182-91.adsl-dyn.isp.belgacom.be [91.182.150.88] failed - POSSIBLE BREAK-IN ATTEMPT!
    Jul 22 10:21:09 bcitcourse sshd[865]: Invalid user pi from 91.182.150.88
    Jul 22 10:21:09 bcitcourse sshd[865]: input_userauth_request: invalid user pi [preauth]
    Jul 22 10:21:09 bcitcourse sshd[867]: pam_unix(sshd:auth): check pass; user unknown
    Jul 22 10:21:09 bcitcourse sshd[867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.182.150.88
    Jul 22 10:21:09 bcitcourse sshd[865]: pam_unix(sshd:auth): check pass; user unknown
    Jul 22 10:21:09 bcitcourse sshd[865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.182.150.88
    Jul 22 10:21:11 bcitcourse sshd[867]: Failed password for invalid user pi from 91.182.150.88 port 46846 ssh2
    Jul 22 10:21:11 bcitcourse sshd[865]: Failed password for invalid user pi from 91.182.150.88 port 46842 ssh2

    What's the difference?

    journalctl -b 2 and journalctl -b -2

    It is the fact the first "2" is a positive and the second "-2" is a negative.

    Thus, 1 means the first boot found in the
               journal in chronological order, 2 the second and so on; while -0 is
               the last boot, -1 the boot before last, and so on.

     


  • css how to format code in the code tag


    code {
        background: #f4f4f4;
        border: 1px solid #ddd;
        border-left: 3px solid #f36d33;
        color: #666;
        page-break-inside: avoid;
        font-family: monospace;
        font-size: 15px;
        line-height: 1.6;
        margin-bottom: 1.6em;
        max-width: 100%;
        overflow: auto;
        padding: 1em 1.5em;
        display: block;
        word-wrap: break-word;
    }

    The above has worked well for me.  You may also need the block below if your spacing is messed up (some css templates suffer from this).

     


  • css br with extra blank line


    The problem I was having is that a css template I was using was causing
    br's to have an empty line in between which is very undesirable especially when displaying code.

    br {

       display:none;
       margin: 0px;
       height: 0px;
    }

    Using CSS code like above will fix it.   You technically shouldn't need the margin or height either.


  • What is /dev/pts and why do we need it in Linux?


    A quick check in /dev/pts shows a lot of entries but what are they for?:

     ls /dev/pts
    0  10  12  14  16  18  2   21  23  25  27  29  30  32  4  6  8  ptmx
    1  11  13  15  17  19  20  22  24  26  28  3   31  33  5  7  9

    Basically they are pseudo-terminals, whereas a tty is a physical terminal (think of Ctrl + Alt + F1 being tty0 and F8 being tty7).

    An easy way to test this is to keep opening new terminal windows (Ctrl+Shift+t)

    Then type "tty" and you'll see each one has a higher /dev/pts number.

    Pretty much anything such like ssh, bash that uses terminal input or output will create it's own /dev/pts.


  • Linux What is umask (user mask) for file and directory creation permissions and how to calculate umask and change the defaults


    umask are the default permissions that are applied when a file or directory are created.  To see this in action simply just "touch filename" or "mkdir somedir" and you'll see what default permissions are applied.

    The first thing I always tell people you should know is to NEVER change the defaults unless you are making them more restrictive.  But they work well and if you change the defaults you could end up creating a file without permission to read or write it which could break some scripts.  If you made things less restrictive it is a security issue in my opinion.

    It is said umask is the reverse or opposite of standard permissions but before we explain how to calculate them let's see what happens with the default umask settings.

    As we can see the defaults as with most Unix systems are 022:

    [root@evohostingtor2017 umasktest]# umask
    0022

    Knowing this let's check the default creation permissions of a file and directory below:

    [root@evohostingtor2017 umasktest]# mkdir umaskdir
    [root@evohostingtor2017 umasktest]# touch umaskfile

     

    [root@evohostingtor2017 umasktest]# ls -alh
     


    drwxr-xr-x 3 root root 4.0K Oct 31 18:55 .
    drwxrwxrwt 5 root root 4.0K Oct 31 18:55 ..
    drwxr-xr-x 2 root root 4.0K Oct 31 18:54 umaskdir
    -rw-r--r-- 1 root root    0 Oct 31 18:55 umaskfile

    The results are the following:

    Directory permissions = 755

    File permissions = 644

    Why Doesn't Umask 0 or other modes with execute result in an executable file permission?

    Let's go back to the answer above and now explain how umask is calculated and files and directories.

    umask is about restricting permissions, in essence this means there are maximum permissions you can subtract from (not add to).   What umask is doing is subtracting the values from the maximum possible permissions (more on that below).

    umask like normal permissions still uses octal values:

    0=read, write, execute
    1=read, write
    2=read, execute
    3=read
    4=write, execute
    5=write
    6=execute
    7=no permissions

    How do we calculate umask values?

    The values are calculated different for files vs directories.

    Directories: Maximum possible permissions are 777 (read, write, execute)

    Files: Maximum possible permissions are 666 (read, write)

    *Note execute is NOT possible to set during file creation.

    How We Calculate umask

    Let's take our default of 022.

    Directories: ( 777 - 022 ) = 755

    Files: (777 - 022) = 644 (we always drop any 1's/execute bits because files cannot have execute permissions upon creation due to POSIX restrictions).

    More calculations (033):

    Directories: (777-033) = 744

    Files: (777-033) = 644 (oops remember to drop the 1 from the 7)

    (026)

    Directories: (777-026) = 751

    Files: (777-026) = 640

    Basically all we do is take the last 3 numbers and subtract them from the maximum possible permissions (aside from files where we drop a 1 for execute since it is not possible ).

     Useful Quiz Here: http://www.webune.com/forums/umask-calculator.html

    What about the leading 0 (something that I don't like to talk about and recommend almost never be used)

    It can have a maximum value of 7 like the rest of umask.

    SETUID=4 (allows the file to be executed as the owner even when another user or group accesses it)

    SETGID=2 (allows the file to be executed as the group even when another user or group accesses it)

    uid or gid being set represents itself as a small "s" and if you see it with a capital "S" it means it takes no effect (this means the user or group does not have execute permissions).

    Sticky Bit=1  (makes it so only the owner can delete or move it).

    sticky bit is represented by a small "t" if it takes effect where other has execute permissions (otherwise it takes no effect and will show as a capital "T").

     


  • Linux Permissions and Groups Real Usecase for Group Access


    I have a directory structure which the primary user needs full access on but wanted a user to access only a specific directory within the main directory (so they could write in there only and nowhere else).

    Here's what I did:

    [root@compevo8001 dllnow]# ls -alh

    drwxrwxr-x  2 someuser software  4.0K Oct 19  2017 ExpireYMD-2017-11-20
    drwxrwxr-x  2 someuser software  4.0K Nov 19  2017 ExpireYMD-2017-12-20
    drwxrwxr-x  2 someuser software  4.0K Dec 19  2017 ExpireYMD-2018-01-20
    drwxrwxr-x  2 someuser software  4.0K Jan 19  2018 ExpireYMD-2018-02-20
    drwxrwxr-x  2 someuser software  4.0K Feb 19  2018 ExpireYMD-2018-03-20
    drwxrwxr-x  2 someuser software  4.0K Mar 19  2018 ExpireYMD-2018-04-20
    drwxrwxr-x  2 someuser software  4.0K Apr 19  2018 ExpireYMD-2018-05-20
    drwxrwxr-x  2 someuser software  4.0K May 19 04:24 ExpireYMD-2018-06-20
    drwxrwxr-x  2 someuser software  4.0K Jun 19 03:49 ExpireYMD-2018-07-20
    -rwxr-xr-x  1 someuser software  688 Mar 18  2008 symlinkmodify.sh
    -rwxr-xr-x  1 someuser someuser  688 Mar 18  2008 symlinkmodify.sh

    [root@compevo8001 httpdocs]# groupadd software
    [root@compevo8001 httpdocs]# useradd softwareuser -g software

    [root@compevo8001 httpdocs]# chown -R someuser.software membersonly/dllnow/


    So basically "softwareuser" who is part of the "software" group can only write to "dllnow" and cannot write anywhere else based on their group permissions.


  • Centos 7 python34 how to install the gi library


    Getting an error about gi missing when running a .py python script?

    Just install EPEL and install the python3-gobject package:

     yum install python34-gobject


  • Centos 7 - Convert Minimal to Graphical GUI GNOME or KDE Desktop


    Did you just install the minimal version by accident or want to install the GUI?  No need to reinstall just tell yum to do the work for you!

    You could actually have both installed and choose one as your preference on demand (although many people prefer GNOME's simplicity).

    Step 1.)

    Install Gnome and/or KDE.

    To install the GNOME Desktop on Centos 7:

    yum -y groups install "GNOME Desktop"

    To install the KDE Desktop on Centos 7:

    yum -y groups install "KDE Plasma Workspaces"

     

    Step 2.)


    Type the following command (no need to reboot!):

    startx

     

    Now you'll be into your graphical session!

    Step 3.)

    Make it permanent otherwise you will start in run level 3 without any GUI after rebooting:

    systemctl set-default graphical.target
     


  • AMD Set Fan Speed and Other Powerplay Memory/CPU Timings with a Linux script


    You can do other things but this particular script is just to set all AMD cards to 80% fan speed (remember this script needs to applied everytime you reboot). You could set it is a cron or just throw it into /etc/rc.local

    basepath=/sys/class/drm
    for hwmon in `ls -1 /sys/class/drm|grep card[0-99]$`; do
    echo card=$hwmon;
    hwmonname=`ls $basepath/$hwmon/device/hwmon|grep hwmon[0-99]`
    hwmonpath=$basepath/$hwmon/device/hwmon/$hwmonname
    echo "echo 1 > $hwmonpath/pwm1_enable"
    echo "echo 205 > $hwmonpath/pwm1"
    echo 1 > $hwmonpath/pwm1_enable
    echo 205 > $hwmonpath/pwm1
    done

    The way it works is as follows:

    The card power play settings are located in:

    /sys/class/drm/cardNumber/device/hwmon/hwmonNumber

    The card number is also the same order that you'll find in say Claymore and the hwmon number is usually 1 less than your card number.  So as you can see below card4's hwmon path is hwmon3.

    In the script I account for that just in case it may be different though.

    cat /sys/class/drm/card4/device/hwmon/hwmon3/pwm1_enable
    2

    #enable pwm (if the value is not 1 it is not enabled so setting the fan speed would have no effect)
    echo 1 > /sys/class/drm/card4/device/hwmon/hwmon3/pwm1_enable

    The parameters for fan speed are a percentage or number out of max 255.  So 80% would be the number 205 (it also seems to round to the nearest 5% I believe)

     cat /sys/class/drm/card4/device/hwmon/hwmon3/pwm1_max
    255
    cat /sys/class/drm/card4/device/hwmon/hwmon3/pwm1_min
    0


    # 210/255 is about 82% fan speed (this still resulted in 80% actual fan speed)
    echo "210" > /sys/class/drm/card4/device/hwmon/hwmon3/pwm1

     

    The results of higher fan speeds

    In one of my test rigs see that on some cards the temperature reduced by about 14C degrees!

    Before:

    ETH: GPU0 t=72C fan=64%, GPU1 t=72C fan=63%, GPU2 t=69C fan=23%, GPU3 t=84C fan=0%, GPU4 t=69C fan=27%
     

    After:

    ETH: GPU0 30.457 Mh/s, GPU1 30.455 Mh/s, GPU2 29.473 Mh/s, GPU3 29.498 Mh/s, GPU4 29.484 Mh/s
    GPU0 t=65C fan=80%, GPU1 t=71C fan=80%, GPU2 t=55C fan=80%, GPU3 t=57C fan=80%, GPU4 t=55C fan=80%


  • Ethereum Mining Claymore Nanopool Error


    This happens if you don' have an updated version normally (eg. things were working fine and you suddenly get this error):

    Pool sent wrong data, cannot set epoch, disconnect
    ETH: Connection lost, retry in 20 sec...
    ETH: Connection lost, retry in 20 sec...

    Solution - Download an updated Claymore!

     


  • genisoimage errors with long filenames and deep directory structures


    You'll have to violate the iso9660 standards but it is necessary if you want to preserve your filesystem and filenames and shouldn't be an issue as long as you are using a modern OS like Linux.

    genisoimage -o Backup-Myfiles.iso -r -J -joliet-long  /some/path/

    You will get errors like below (even enabling joliet-long didn't help)

    genisoimage: Error: /some/filename.pdf have the same Joliet name
    Joliet tree sort failed. The -joliet-long switch may help you.

    #the best way

    genisoimage -o /tmp/Backup-Myfiles2.iso -U -iso-level 4 -R  /source/dir

    This was the only way I could get unmodified long file names and VERY deep directories onto the iso image as original otherwise they get renamed and truncated which breaks a lot of things and makes it confusing.  But be warned this breaks the iso9660 standard so many OS's especially Windows may not be able to read it.

    ==========

    #this fixes it

    -R is for Rock Ridge and allows for more than 8 deep folders
    -U allows for untranslated filenames


    genisoimage -o /tmp/Backup-Myfiles.iso -R -U  .

    #with an exclude

    genisoimage -o /tmp/Backup-Myfiles.iso -R -U -m WebSites/blabla .
    Warning: creating filesystem that does not conform to ISO-9660.
    I: -input-charset not specified, using utf-8 (detected in locale settings)


    #the -m causes a shrink error unless you put it earlier


    genisoimage: File 'blank.html' did shrink.
    Files must not be changed while genisoimage runs!

    genisoimage -m WebSites/blabla -o /tmp/Backup-Myfiles.iso -R -U  .


  • Linux Kernel USB Export Errors


        4.374647] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
    [    4.403334] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
    [    4.427736] xhci_hcd 0000:00:15.0: xHCI Host Controller
    [    4.427844] xhci_hcd 0000:00:15.0: new USB bus registered, assigned bus number 1
    [    4.429040] xhci_hcd 0000:00:15.0: hcc params 0x200077c1 hci version 0x100 quirks 0x01109810
    [    4.429141] xhci_hcd 0000:00:15.0: cache line size of 64 is not supported
    [    4.429290] usb usb1: New USB device found, idVendor=1d6b, idProduct=0002
    [    4.429371] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
    [    4.429464] usb usb1: Product: xHCI Host Controller
    [    4.429541] usb usb1: Manufacturer: Linux 4.4.98 xhci-hcd
    [    4.429619] usb usb1: SerialNumber: 0000:00:15.0
    [    4.429906] hub 1-0:1.0: USB hub found
    [    4.429999] hub 1-0:1.0: 8 ports detected
    [    4.430779] xhci_hcd 0000:00:15.0: xHCI Host Controller
    [    4.430865] xhci_hcd 0000:00:15.0: new USB bus registered, assigned bus number 2
    [    4.431011] usb usb2: New USB device found, idVendor=1d6b, idProduct=0003
    [    4.431092] usb usb2: New USB device strings: Mfr=3, Product=2, SerialNumber=1
    [    4.431186] usb usb2: Product: xHCI Host Controller
    [    4.431262] usb usb2: Manufacturer: Linux 4.4.98 xhci-hcd
    [    4.431339] usb usb2: SerialNumber: 0000:00:15.0
    [    4.431588] hub 2-0:1.0: USB hub found
    [    4.431682] hub 2-0:1.0: 7 ports detected
    [    4.439651] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
    [    4.467341] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
    [    4.498125] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
    [    4.519335] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
    [    4.542999] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
    [    4.543095] Warning! ehci_hcd should always be loaded before uhci_hcd and ohci_hcd, not after
    [    4.543348] ehci-pci: EHCI PCI platform driver
    [    4.550673] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
    [    4.579335] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
    [    4.610100] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
    [    4.631351] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
    [    4.658940] uhci_hcd: USB Universal Host Controller Interface driver
    [    4.666245] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
    [    4.699334] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
    [    4.742420] usb 1-3: new low-speed USB device number 2 using xhci_hcd
    [    4.930061] usb 1-3: New USB device found, idVendor=13ba, idProduct=0018
    [    4.930143] usb 1-3: New USB device strings: Mfr=0, Product=1, SerialNumber=0
    [    4.930223] usb 1-3: Product: Barcode Reader
    [    5.042408] usb 1-8: new full-speed USB device number 3 using xhci_hcd
    [    5.171384] usb 1-8: New USB device found, idVendor=8087, idProduct=0aa7
    [    5.171469] usb 1-8: New USB device strings: Mfr=0, Product=0, SerialNumber=0
    [    5.174480] clocksource: Switched to clocksource tsc
    [    5.209804] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
    [    5.235470] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
    [    5.259595] usbcore: registered new interface driver usb-storage
    [    5.267989] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
    [    5.295427] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
    
    

  • How to download gajim 0.16.9 XMPP/Jabber client so you can use OMEMO encryption


    #Linux Mint 18.2 how to install gajim .16.9 so you can use OMEMO encryption:
    sudo apt-get install python-axolotl python-nbxmpp
    wget https://gajim.org/downloads/0.16/gajim-0.16.9.tar.gz
    tar -zxvf gajim-0.16.9.tar.gz
    cd gajim-0.16.9
    ./autogen.sh ;make;sudo make install

    #if you get this error you need to get a newer python-nbxmpp from here:
    gajim
    Gajim needs python-nbxmpp >= 0.6.1 to run. Quiting...

    wget -q https://gajim.org/gajim.key -O - | apt-key add -
    #Add the repository:
    sh -c "echo deb ftp://ftp.gajim.org/debian unstable main > /etc/apt/sources.list.d/gajim.list"
    apt-get update
    sudo apt-get install python-nbxmpp


  • HP DL385 G7 Linux BIOS Update Flash


    wget https://downloads.linux.hpe.com/repo/spp/rhel/6/x86_64/current/CP017004.scexe
    --2018-08-16 05:11:16--  https://downloads.linux.hpe.com/repo/spp/rhel/6/x86_64/current/CP017004.scexe
    Resolving downloads.linux.hpe.com (downloads.linux.hpe.com)... 15.249.152.85
    Connecting to downloads.linux.hpe.com (downloads.linux.hpe.com)|15.249.152.85|:443... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 1525561 (1.5M) [text/plain]
    Saving to: ‘CP017004.scexe’

    100%[=====================================================================================>] 1,525,561   5.07MB/s   in 0.3s  

    2018-08-16 05:11:16 (5.07 MB/s) - ‘CP017004.scexe’ saved [1525561/1525561]

    [root@bx ~]# chmod +x CP017004.scexe
    [root@bx ~]# ./CP017004.scexe --unpack=/tmp/newbios



    mint@mint ~/2018-Linux-Update-BIOS $ ./cpqsetup
    You must be root to execute this utility!
    mint@mint ~/2018-Linux-Update-BIOS $ sudo ./cpqsetup
    Flash Engine Version: Linux-4.4.1-1

    Name: Online ROM Flash Component for Linux - HP ProLiant DL385 G7 (A18) Servers
    New Version: 03/19/2012

    Current Version: 12/20/2010

    The software is installed but is not up to date.

    Do you want to upgrade the software to a newer version (y/n) ?y

    Flash in progress do not interrupt or your system may become unusable.
    Working.........................................................
    The installation procedure completed successfully.

    A reboot is required to finish the installation completely.
    Do you want to reboot your system now?
     


    Once you have cpqsetup you can use the binary for other BIOS updates.  For example if you can only find the Windows .exe BIOS update you can extract the BIOS file and replace the original file above.


    You can use the Windows BIOS file by unzipping the .exe and then copying the actual firmware to the name of the old file from an older Linux flash download (it uses the new file that you give the old name):


     mv CPQA1802.873 CPQA1802.873-
    mint@mint ~/2018-Linux-Update-BIOS $ wget https://downloads.hpe.com/pub/softlib2/software1/sc-windows-fw-sys/p1709043947/v150899/cp036023.exe
    --2018-08-17 00:14:42--  https://downloads.hpe.com/pub/softlib2/software1/sc-windows-fw-sys/p1709043947/v150899/cp036023.exe
    Resolving downloads.hpe.com (downloads.hpe.com)... 15.241.20.93
    Connecting to downloads.hpe.com (downloads.hpe.com)|15.241.20.93|:443... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 1809864 (1.7M) [application/octet-stream]
    Saving to: ‘cp036023.exe’

    cp036023.exe        100%[===================>]   1.73M  1.16MB/s    in 1.5s   

    2018-08-17 00:14:44 (1.16 MB/s) - ‘cp036023.exe’ saved [1809864/1809864]

    mint@mint ~/2018-Linux-Update-BIOS $ unzip cp036023.exe
    Archive:  cp036023.exe
      inflating: CPQA1803.46E           
      inflating: SysRomInstaller.dll    
      inflating: cp036023.xml           
      inflating: cpqasmi.sys            
      inflating: cpqasmi64.sys          
      inflating: cpqftbl.sys            
      inflating: cpqftbl64.sys          
      inflating: cpqpsmi.sys            
      inflating: cpqpsmi64.sys          
      inflating: cpqsetup.exe           
    replace cpqsfa18.cfg? [y]es, [n]o, [A]ll, [N]one, [r]ename: a
    error:  invalid response [a]
    replace cpqsfa18.cfg? [y]es, [n]o, [A]ll, [N]one, [r]ename: A
      inflating: cpqsfa18.cfg           
      inflating: cpqsysio.sys           
      inflating: cpqsysio64.sys         
      inflating: readme.txt             

    mint@mint ~/2018-Linux-Update-BIOS $ cp CPQA1803.46E CPQA1802.873
    mint@mint ~/2018-Linux-Update-BIOS $ sudo ./cpqsetup
    Flash Engine Version: Linux-4.4.1-1

    Name: Online ROM Flash Component for Windows - HP ProLiant DL385 G7 (A18) Servers
    New Version: 03/14/2018

    Current Version: 03/19/2012

    The software is installed but is not up to date.

    Do you want to upgrade the software to a newer version (y/n) ?y

    Flash in progress do not interrupt or your system may become unusable.
    Working.........................................................
    The installation procedure completed successfully.

    A reboot is required to finish the installation completely.
    Do you want to reboot your system now? y
    Connection to 192.168.1.71 closed by remote host.
    Connection to 192.168.1.71 closed.

     


  • hwloc-nox set CPU affinity in Linux


    sudo apt-get install  hwloc-nox
    Reading package lists... Done
    Building dependency tree      
    Reading state information... Done
    The following NEW packages will be installed:
      hwloc-nox
    0 upgraded, 1 newly installed, 0 to remove and 530 not upgraded.
    Need to get 151 kB of archives.
    After this operation, 453 kB of additional disk space will be used.
    Get:1 http://archive.ubuntu.com/ubuntu xenial/universe amd64 hwloc-nox amd64 1.11.2-3 [151 kB]
    Fetched 151 kB in 0s (184 kB/s)   
    Selecting previously unselected package hwloc-nox.
    (Reading database ... 224148 files and directories currently installed.)
    Preparing to unpack .../hwloc-nox_1.11.2-3_amd64.deb ...
    Unpacking hwloc-nox (1.11.2-3) ...
    Processing triggers for man-db (2.7.5-1) ...
    Setting up hwloc-nox (1.11.2-3) ...
    mint@mint ~ $ apt-cache search lstopo^C
    mint@mint ~ $ lstopo
    lstopo              lstopo-no-graphics 
    mint@mint ~ $ lstopo-no-graphics
    Machine (16GB total)
      NUMANode L#0 (P#0 7962MB)
        Package L#0
          L3 L#0 (6144KB)
            L2 L#0 (2048KB) + L1i L#0 (64KB) + Core L#0
              L1d L#0 (16KB) + PU L#0 (P#0)
              L1d L#1 (16KB) + PU L#1 (P#2)
            L2 L#1 (2048KB) + L1i L#1 (64KB) + Core L#1
              L1d L#2 (16KB) + PU L#2 (P#4)
              L1d L#3 (16KB) + PU L#3 (P#6)
            L2 L#2 (2048KB) + L1i L#2 (64KB) + Core L#2
              L1d L#4 (16KB) + PU L#4 (P#8)
              L1d L#5 (16KB) + PU L#5 (P#10)
            L2 L#3 (2048KB) + L1i L#3 (64KB) + Core L#3
              L1d L#6 (16KB) + PU L#6 (P#12)
              L1d L#7 (16KB) + PU L#7 (P#14)
          L3 L#1 (6144KB)
            L2 L#4 (2048KB) + L1i L#4 (64KB) + Core L#4
              L1d L#8 (16KB) + PU L#8 (P#16)
              L1d L#9 (16KB) + PU L#9 (P#18)
            L2 L#5 (2048KB) + L1i L#5 (64KB) + Core L#5
              L1d L#10 (16KB) + PU L#10 (P#20)
              L1d L#11 (16KB) + PU L#11 (P#22)
            L2 L#6 (2048KB) + L1i L#6 (64KB) + Core L#6
              L1d L#12 (16KB) + PU L#12 (P#24)
              L1d L#13 (16KB) + PU L#13 (P#26)
            L2 L#7 (2048KB) + L1i L#7 (64KB) + Core L#7
              L1d L#14 (16KB) + PU L#14 (P#28)
              L1d L#15 (16KB) + PU L#15 (P#30)
        HostBridge L#0
          PCIBridge
            PCI 14e4:1639
              Net L#0 "enp4s0f0"
            PCI 14e4:1639
              Net L#1 "enp4s0f1"
          PCIBridge
            PCI 14e4:1639
              Net L#2 "enp5s0f0"
            PCI 14e4:1639
              Net L#3 "enp5s0f1"
          PCIBridge
            PCI 103c:323a
          PCI 1002:4390
          PCI 1002:439c
            Block(Removable Media Device) L#4 "sr0"
          PCIBridge
            PCI 1002:515e
              GPU L#5 "renderD128"
              GPU L#6 "card0"
              GPU L#7 "controlD64"
      NUMANode L#1 (P#2 8032MB) + Package L#1
        L3 L#2 (6144KB)
          L2 L#8 (2048KB) + L1i L#8 (64KB) + Core L#8
            L1d L#16 (16KB) + PU L#16 (P#1)
            L1d L#17 (16KB) + PU L#17 (P#3)
          L2 L#9 (2048KB) + L1i L#9 (64KB) + Core L#9
            L1d L#18 (16KB) + PU L#18 (P#5)
            L1d L#19 (16KB) + PU L#19 (P#7)
          L2 L#10 (2048KB) + L1i L#10 (64KB) + Core L#10
            L1d L#20 (16KB) + PU L#20 (P#9)
            L1d L#21 (16KB) + PU L#21 (P#11)
          L2 L#11 (2048KB) + L1i L#11 (64KB) + Core L#11
            L1d L#22 (16KB) + PU L#22 (P#13)
            L1d L#23 (16KB) + PU L#23 (P#15)
        L3 L#3 (6144KB)
          L2 L#12 (2048KB) + L1i L#12 (64KB) + Core L#12
            L1d L#24 (16KB) + PU L#24 (P#17)
            L1d L#25 (16KB) + PU L#25 (P#19)
          L2 L#13 (2048KB) + L1i L#13 (64KB) + Core L#13
            L1d L#26 (16KB) + PU L#26 (P#21)
            L1d L#27 (16KB) + PU L#27 (P#23)
          L2 L#14 (2048KB) + L1i L#14 (64KB) + Core L#14
            L1d L#28 (16KB) + PU L#28 (P#25)
            L1d L#29 (16KB) + PU L#29 (P#27)
          L2 L#15 (2048KB) + L1i L#15 (64KB) + Core L#15
            L1d L#30 (16KB) + PU L#30 (P#29)
            L1d L#31 (16KB) + PU L#31 (P#31)

    Set your affinity

     

    taskset -p ps aux^C
    mint mint # ps aux|grep kvm
    root      1306  0.0  0.0      0     0 ?        S<   Aug17   0:00 [kvm-irqfd-clean]
    root      3724  0.0  0.0  91656  5056 pts/3    S+   16:44   0:00 sudo qemu-system-x86_64 -m 11264 -smp 1 -net tap -net nic -enable-kvm -cpu host -drive file=/dev/sda
    root      3725  8.7 45.2 12405860 7413032 pts/3 Sl+ 16:44  11:34 qemu-system-x86_64 -m 11264 -smp 1 -net tap -net nic -enable-kvm -cpu host -drive file=/dev/sda
    root      3759  0.0  0.0      0     0 ?        S    16:44   0:00 [kvm-pit/3725]
    root      5234  0.0  0.0  14224   980 pts/6    S+   18:56   0:00 grep --color=auto kvm
    mint mint # taskset -pc 31 3725
    pid 3725's current affinity list: 0-31
    pid 3725's new affinity list: 31
    mint mint # taskset -pc 30,31 3725
    pid 3725's current affinity list: 31
    pid 3725's new affinity list: 30,31

     

    In the above command I set the affinity to core 31 and then changed it to cores 30 and 31.


  • Firefox An error occurred during a connection to some-ip-or-domain. SSL peer reports incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_ALERT Solution


    An error occurred during a connection to some-ip-or-domain. SSL peer reports incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_ALERT

        The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
        Please contact the website owners to inform them of this problem.


    **Solution**

    Go to about:config

    security.tls.insecure_fallback_hosts

    Set your hostname or IP that isn't work as the value.


  • Proxmox understanding the directory structure and why an NFS datastore appears to be missing files/isos


    Proxmox at the root of your storage creates and "images" and "templates/iso" folder for VM images and iso's respectively.  It ignores files in any other location.


  • pandoc convert markdown to html


    Where markdown=markdown language file and $output is your outputfile.html

    pandoc -f markdown $markdown -t html5 --toc --toc-depth=1 > $output
     


  • Proxmox error uploading an iso solution


    Error 0 occurred while receiving the document

    root@vh1:/var/tmp# wget http://mirror.compevo.com/proxmox/proxmox-ve_5.2-1.iso
    --2018-08-30 16:27:37--  http://mirror.compevo.com/proxmox/proxmox-ve_5.2-1.iso
    Resolving mirror.compevo.com (mirror.compevo.com)... 103.25.61.44
    Connecting to mirror.compevo.com (mirror.compevo.com)|103.25.61.44|:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 641517568 (612M) [application/octet-stream]
    Saving to: ‘proxmox-ve_5.2-1.iso’

    proxmox-ve_5.2-1.iso          80%[==================================>         ] 493.39M  2.38MB/s    in 45s    

    2018-08-30 16:28:22 (10.9 MB/s) - Connection closed at byte 517359784. Retrying.

    --2018-08-30 16:28:23--  (try: 2)  http://mirror.compevo.com/proxmox/proxmox-ve_5.2-1.iso
    Connecting to mirror.compevo.com (mirror.compevo.com)|103.25.61.44|:80... connected.
    HTTP request sent, awaiting response... 206 Partial Content
    Length: 641517568 (612M), 124157784 (118M) remaining [application/octet-stream]
    Saving to: ‘proxmox-ve_5.2-1.iso’



    var/tmp is out of space the same as tmpfs

     

    #this normally happens when Proxmox first uploads it to a place in /tmp on your / filesystem and if you have used a small HDD for testing it's easy for a simple ISO upload to fail for this reason. You'll have to wget directly to the main filesystem or datastore with more space.


  • Cannot install moodle


    After starting the install it stalls here:
    admin/index.php?cache=0&agreelicense=1&confirmrelease=1&lang=en

    If you manually refresh you get a Plugins check screen:

    Installation
    System

    Moodle second step fails just blank screen:

    https://domain.la/user/editadvanced.php?id=2

    Solution: give up and choose something else it shouldn't be this hard to just install this moodle software!


  • MySQL change for Antelope format to Barracuda error solution


    Your database uses Antelope as the file format. Full UTF-8 support in MySQL and MariaDB requires the Barracuda file format. Please switch to the Barracuda file format. See the documentation MySQL full unicode support for details.


    In /etc/my.cnf under [mysqld]

     



    180827 21:43:14 InnoDB: 5.5.59 started; log sequence number 1589339
    180827 21:43:14 [ERROR] /usr/libexec/mysqld: unknown variable 'db_file_format=Barracuda'



    #instead set this:
    innodb_file_format=Barracuda



      You will also need to run mysql_upgrade after changing the format and restarting mysql:

     mysql_upgrade -u root -p


  • vmkping -I vmk1 10.0.2.69 PING 10.0.2.69 (10.0.2.69): 56 data bytes sendto() failed (Host is down)


    [root@localhost:~] vmkping -I vmk1 10.0.2.69
    PING 10.0.2.69 (10.0.2.69): 56 data bytes
    sendto() failed (Host is down)


    vsphere distributed switch vmotion not working

    [root@localhost:~]  esxcfg-route -l
    VMkernel Routes:
    Network          Netmask          Gateway          Interface     
    10.0.2.0         255.255.255.0    Local Subnet     vmk1          
    192.168.1.0      255.255.255.0    Local Subnet     vmk0          
    default          0.0.0.0          192.168.1.1      vmk0 

     

    Have you set internal IPs in VMWare and cannot ping between them on servers?  It is probably because you are using an older than 6.5 version of VMWare's switch without MAC learning.  To fix it you'll need to enable Promiscuous mode on the port group or change the software version ot 6.5 which has MAC learning and will make things work fine again.


  • gvfs mount in /run/user cannot be accessed or displayed wrong permissions


    The folder contents could not be displayed
    Backend currently unmounting

    drwx------ 10 userhere group  260 Aug 23 19:40 ..
    ??????????  ? ?   ?      ?            ? sftp:host=192.168.8.80,user=adhoc
    ls: cannot access 'sftp:host=192.168.8.80,user=adoc': Input/output error


    $ ps aux|grep fuse
    one       2534  0.0  0.0 1071572 6472 ?        Sl   Jul13   1:19 /usr/lib/gvfs/gvfsd-fuse /run/user/1001/gvfs -f -o big_writes
    one      24028  0.0  0.0  14228   976 pts/22   S+   12:51   0:00 grep --color=auto fuse
    youruser@superuser-desktop ~ $ sudo killall -9 gvfsd-fuse


    youruser@superuser-desktop /run/user/1001 $ ls -alh
    ls: cannot access 'gvfs': Transport endpoint is not connected
    total 0
    drwx------ 10 myuser myuser  260 Aug 23 19:40 .
    drwxr-xr-x  3 root root  60 Jul 30 08:10 ..
    drwx------  2 myuser myuser   60 Aug 27 12:51 dconf
    d?????????  ? ?    ?      ?            ? gvfs


    sudo fuser -a -k /usr/lib/gvfs
    [sudo] password for youruser:
    Sorry, try again.
    [sudo] password for youruser:
    Sorry, try again.
    [sudo] password for youruser:
    Cannot stat file /proc/4748/fd/3: Permission denied
    Cannot stat file /proc/4748/fd/8: Permission denied
    Cannot stat file /proc/4748/fd/33: Permission denied
    Cannot stat file /proc/4748/fd/34: Permission denied




    ps aux|grep gvfs|awk '{print $11}'|sed s#/usr/lib/gvfs/##g
    gvfsd-sftp
    gvfsd-trash
    gvfs-udisks2-volume-monitor
    gvfs-mtp-volume-monitor
    gvfs-gphoto2-volume-monitor
    gvfs-afc-volume-monitor
    gvfs-goa-volume-monitor
    gvfsd-metadata
    gvfsd-network
    gvfsd-smb-browse
    gvfsd-smb
    gvfsd-dnssd
    gvfsd-http
    gvfsd-sftp
    gvfsd-sftp
    gvfsd-computer
    gvfsd-burn
    grep
    sed
    youruser@superuser-desktop /run/user/1001 $ for binary in `ps aux|grep gvfs|awk '{print $11}'|sed s#/usr/lib/gvfs/##g`; do
    > sudo killall -9 $binary
    > done


    #sftp from the ui works OK for other apps but the gvfs folder is messed up still

    ls: cannot access 'gvfs': Transport endpoint is not connected


  • VMWare vSphere 6.7 Errors Solution 503 Service Unavailable (Failed to connect to endpoint:


    503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http20NamedPipeServiceSpecE:0x00005556ba09c070] _serverNamespace = / action = Allow _pipeName =/var/run/vmware/vpxd-webserver-pipe)

    503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http16LocalServiceSpecE:0x00007fd26000b240] _serverNamespace = /ui action = Allow _port = 5090)

    Errors like the above are usually because there is an issue with your vSphere or more commonly it is just taking a very long time to start so check back in a number of minutes.


  • How To Enable Nested KVM so guests can virtualize with hardware extensions


    #check if nested KVM is enabled by doing a cat on nested inside sys

    root@s14:~# cat /sys/module/kvm_intel/parameters/nested 


    root@s14:~# echo "options kvm-intel nested=Y" > /etc/modprobe.d/kvm-intel.conf
    root@s14:~# echo "options kvm-amd nested=1" > /etc/modprobe.d/kvm-amd.conf
    root@s14:~# modprobe -r kvm_intel
    modprobe: FATAL: Module kvm_intel is in use.
    root@s14:~# modprobe kvm_intel

     

    To apply it properly you may need to reboot after the above


  • vi error solution E166: Can't open linked file for writing


    This is not so much of a vi error as it is a physical filesystem error in the sense that the file you are trying to write to is a symlink and the destination doesn't exist or for some other reason is inacessible.

    So vi is tellng you "you're writing to a symlinked file and the file the symlink points to cannot be written to".  This is especially highlighted byt he fact that if you are using wq! to write and you still get the error.


  • Supermicro IPMI / KVM / BMC Remote Console Screen Resizing Issue - Window Cut Off Solution


    It could just be my specific Java but other KVM/IP works ok on my machine but with Supermicro's IPMI for some reason the console window doesn't resize and even putting it in full screen leaves the window cut off as shown below:

    As you can see above the screen is cut off you can't see the "I agree" on the right side.

    The window resize option is on and it is clearly not working properly.  Even choosing full screen doesn't change anything.

    Solution - Here's how you can fix it with the Macro option:

    1. Macro Menu/Settings and click the option for "Hold Left Alt Key"
    2. Then click and hold and the mouse pointer becomes a hand.
    3. You can then drag to the right to expose what is cut off or whereever else you need to see.
    4. After you've moved the screen to where you need and want to click something make sure you disable the "Hold Left Alt Key" in macro or you won't be able to click or interact with anything.

    See the example below after using the process above:

    Supermicro IPMI Screen Cut Off


  • Linux bash shell doesn't show username, hostname or current path fix solution


    Usually this is because when you created your user you added a user but didn't create their home directory and/or for some reason your .bashrc and .bash_profile in ~ (home) is broken/missing.

    In your home just create the following files with the following content to solve it:

    .bashrc and .bash_profile.

    To apply it just relogin/start a new bash session

    # .bash_profile

    # Get the aliases and functions
    if [ -f ~/.bashrc ]; then
        . ~/.bashrc
    fi

    # User specific environment and startup programs

    PATH=$PATH:$HOME/bin

    export PATH

     


    # .bashrc

    # User specific aliases and functions

    alias rm='rm -i'
    alias cp='cp -i'
    alias mv='mv -i'

    # Source global definitions
    if [ -f /etc/bashrc ]; then
            . /etc/bashrc
    fi


  • zenity popup messages, windows, dialogs, error messages calendars and more howto on Gnome Linux including Ubuntu, Linux Mint, Centos and more


    zenity is a nice utility as part of the gnome window manager that allows you to script from bash and retrieve the input from the user.  It could also be helpful in just notifying a user when they login with a popup window.

    I'll give an overview of what's available with zenity:

     

    Application Options:
      --calendar                                        Display calendar dialog
      --entry                                           Display text entry dialog
      --error                                           Display error dialog
      --info                                            Display info dialog
      --file-selection                                  Display file selection dialog
      --list                                            Display list dialog
      --notification                                    Display notification
      --progress                                        Display progress indication dialog
      --question                                        Display question dialog
      --warning                                         Display warning dialog
      --scale                                           Display scale dialog
      --text-info                                       Display text information dialog
      --color-selection                                 Display color selection dialog
      --password                                        Display password dialog
      --forms                                           Display forms dialog
      --display=DISPLAY                                 X display to use
    
    

    A few quick examples:

    Note you can even use zenity remotely from an SSH session and make a zenity window popup.

    zenity --info  --text="hello" --title="hithere" --display=:0
    Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.

     


    As you can see below I've chosen the "info" dialog type and the text inside it will be "hello" and the title of the window is "hithere" and it is going to show on X Window Display ":0" (the default).  The --display portion is only necessary if you have multiple displays or if you are running from a remote SSH session.


  • Debian/Ubuntu/Mint Linux How To Set VLAN in /etc/network/interfaces


    You can find many ways to specify the VLAN in your network configuration but I find this is the simplest and quickest.

    In this case we are talking about a bridged adapter "vmbr0" but it works even if you just had a normal non-bridged interface.

    The key here is that in vmbr0 you'll notice there is no IP address.  We just specify "manual".

    Below it is a similar stanza for "vmbr0.58" in this case 58 represents the VLAN (change the 58 to the number of your desired VLAN).  Then below it we set the IP address or we could have used DHCP as well.


    auto lo
    iface lo inet loopback
    iface enp2s0 inet manual

    auto vmbr0
    iface vmbr0 inet manual
        bridge_ports enp2s0
        bridge_stp off
        bridge_fd 0

    auto vmbr0.58
    iface vmbr0.58 inet static
        address 172.16.58.14
        netmask 255.255.255.0
        gateway 172.16.58.254


  • moodle install error Error reading from database


    Error reading from database

    More information about this error

    It is usually not possible to recover from errors triggered during installation, you may need to create a new database or use a different database prefix if you want to retry the installation.


    Solution:

    This happened when I was running MySQL 5.1.  Assuming your database details are right and the DB is up then make sure you are using the correct and required MySQL 5.5

    After upgrading to MySQL 5.5 things were good.


  • PHP Displaying Blank Page on Apache


    Almost always the reason will be that the php.so file is missing but also that php.conf is misconfigured.

    In the problem machine it is actually PHP 7 installed so if you reference PHP 5 of course things wil be broken!

    Take for example here:

    cat /etc/httpd/conf.d/php.conf
    #
    # PHP is an HTML-embedded scripting language which attempts to make it
    # easy for developers to write dynamically generated webpages.
    #

    LoadModule php7_module modules/libphp7.so

    #
    # Cause the PHP interpreter to handle files with a .php extension.
    #
    AddHandler php7-script .php
    AddType text/html .php

    #
    # Add index.php to the list of files that will be served as directory
    # indexes.
    #
    DirectoryIndex index.php

    #
    # Uncomment the following line to allow PHP to pretty-print .phps
    # files as PHP source code:
    #
    #AddType application/x-httpd-php-source .phps

     

    moodle displays code instead of outputting HTML

    cat /etc/httpd/conf.d/php.conf|grep -i addhandler
    AddHandler php5-script .php
     

    Fix it and then restart Apache


    sed -i s/"php5-script"/"php7-script"/g /etc/httpd/conf.d/php.conf
    service httpd restart


     


     


  • PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/geoip.so' - /usr/lib64/php/modules/geoip.so: undefined symbol: GeoIP_country_code_by_name_v6 in Unknown on line 0


    PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/geoip.so' - /usr/lib64/php/modules/geoip.so: undefined symbol: GeoIP_country_code_by_name_v6 in Unknown on line 0

    Solution:

    Edit geoip.ini

    vi /etc/php.d/geoip.ini


    Comment out the .so like so:

    ;extension=geoip.so

    service httpd restart


  • Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/httpd/modules/libphp5.so: cannot open shared object file:


    Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/httpd/modules/libphp5.so: cannot open shared object file: No such file or directory

    This is basically caused by the PHP module specified in php.conf being non existent.  The error tells us it couldn't fnd /etc/httpd/modules/libphp5.so

    OK let's see what PHP module we do have:

    ls /etc/httpd/modules/libphp*
    /etc/httpd/modules/libphp7-zts.so  /etc/httpd/modules/
    libphp7.so

    If you have one there that works for you then just update php.conf to match.

    sed -i s/"libphp5.so"/"libphp7.so"/g /etc/httpd/conf.d/php.conf
    sed -i s/"php5_module"/"php7_module"/g /etc/httpd/conf.d/php.conf

     


  • prosody xmpp server "Failed in all attempts to connect to proxy.eu.jabber.org"


    Aug 13 13:46:33 s2sout2d45040    info    Failed in all attempts to connect to proxy.eu.jabber.org
    Aug 13 13:46:33 s2sout2d45040    info    Sending error replies for 1 queued stanzas because of failed outgoing connection to proxy.eu.jabber.org

    No clue why it tries to use a proxy not explicitly specified.  This could be because the proxy specified for the domain fails when someone is trying to send a file.  I wish this could be disabled for security reasons in prosody.


  • VMWare ESXi 6.7 SSH/PowerShell CLI Commands


    [root@localhost:~]
    BootModuleConfig.sh          echo                         host-ind                     nfcd                         seq                          vim-cmd
    InstallHelper.sh             egrep                        host_reboot.sh               nohup                        services.sh                  vm-support
    Xorg                         eject                        host_shutdown.sh             nologin                      setsid                       vmcp
    [                            enum_instances               hostd                        nslookup                     sfcbd                        vmdumper
    [[                           env                          hostd-probe                  ntfscat                      sh                           vmfs-support
    amldump                      esxcfg-advcfg                hostd-probe.sh               ntp-keygen                   sha1sum                      vmfsfilelockinfo
    apply-host-profiles          esxcfg-dumppart              hostdCgiServer               ntpd                         sha256sum                    vmkbacktrace
    applyHostProfile             esxcfg-fcoe                  hostname                     ntpq                         sha512sum                    vmkchdev
    applyHostProfileWrapper      esxcfg-hwiscsi               hwclock                      nvidiaStats                  sharedStorageHostProfile.sh  vmkdevmgr
    ash                          esxcfg-info                  indcfg                       od                           shutdown.sh                  vmkdump_extract
    authd                        esxcfg-init                  inetd                        openssl                      sleep                        vmkerrcode
    auto-backup.sh               esxcfg-ipsec                 init                         openwsmand                   slpd                         vmkfstools
    awk                          esxcfg-module                init-launcher                pam_tally2                   smartd                       vmkiscsi-tool
    backup.sh                    esxcfg-mpath                 initterm.sh                  partedUtil                   smbiosDump                   vmkiscsid
    basename                     esxcfg-nas                   install                      passwd                       snmpd                        vmkload_mod
    bootOption                   esxcfg-nics                  irqinfo                      pcscd                        sntp                         vmkmkdev
    bunzip2                      esxcfg-rescan                isoinfo                      pgrep                        sort                         vmkperf
    bzip2                        esxcfg-resgrp                jumpstart                    pidof                        ssh                          vmkping
    cat                          esxcfg-route                 kdestroy                     pigz                         stat                         vmkramdisk
    chardevlogger                esxcfg-scsidevs              kill                         ping                         storageRM                    vmkvsitools
    check_serial                 esxcfg-swiscsi               kinit                        ping6                        strace                       vmtar
    chgrp                        esxcfg-vmknic                klist                        pkill                        stty                         vmtoolsd
    chkconfig                    esxcfg-volume                less                         pktcap-uw                    sum                          vmware
    chmod                        esxcfg-vswitch               lldpnetmap                   powerOffVms                  summarize-dvfilter           vmware-autostart.sh
    chown                        esxcli                       ln                           poweroff                     sync                         vmware-toolbox-cmd
    chvt                         esxcli.cgi                   localcli                     printf                       tail                         vmware-usbarbitrator
    cim-diagnostic.sh            esxcli.py                    lockfile                     prop_of_instances            tar                          vmware-vimdump
    cim_host_powerops            esxhpcli                     logchannellogger             ps                           taskset                      vmx
    cksum                        esxhpedit                    logger                       pwqcheck                     tcpdump-uw                   vmx-buildtype
    clear                        esxtop                       login                        python                       techsupport.sh               vmx-debug
    cmmds-tool                   esxupdate                    ls                           python3                      tee                          vmx-stats
    cp                           ethtool                      lsof                         python3.5                    test                         voma
    cpio                         expr                         lspci                        python3.5m                   time                         vprobe
    crond                        false                        lsusb                        randomSeed                   timeout                      vscsiStats
    crypto-util                  fdisk                        lzop                         readlink                     tmpwatch.py                  vsi_traverse
    cut                          fgrep                        lzopcat                      reboot                       touch                        vsish
    date                         find                         mcopy                        remoteDeviceConnect          tracenet                     vvold
    dcbd                         firmwareConfig.sh            md5sum                       reset                        traceroute                   watch
    dcui                         gdbserver                    memstats                     resize                       true                         watchdog.sh
    dcuiweasel                   generate-certificates        mkdir                        rhttpproxy                   tune2fs                      wc
    dd                           genisoimage                  mkfifo                       rm                           uname                        wget
    debugfs                      getty                        mknod                        rmdir                        uniq                         which
    df                           gpuvm                        mktemp                       runInRP                      unlzop                       who
    dhclient-uw                  grabCIMData                  more                         scantools                    unzip                        xargs
    diff                         grep                         mv                           sched-stats                  uptime                       xkbcomp
    dirname                      gunzip                       nc                           schedsnapshot                usleep                       xz
    dmesg                        gzip                         net-cdp                      scp                          uwstats                      zcat
    dnsdomainname                halt                         net-dvs                      sdrsInjector                 vdf
    doat                         hbrfilterctl                 net-lacp                     secpolicytools               vdq
    dosfsck                      head                         net-lbt                      sed                          vdu
    du                           hexdump                      net-stats                    sensord                      vi
     


  • VMWare Vsphere VCSA Graphical Install Creates json


    yes it does create its own json
    ============================================
    cat /tmp/vcsaUiInstaller/ovftool-20180809-175238948-20180809-175603497.log |grep -i json
    2018-08-09T17:56:04.238-07:00 verbose OVFTool[30966] [Originator@6876 sub=Default] Manifest file entry: SHA1(VMware-vCenter-Server-Appliance-6.7.0.12000-8832884_OVF10-file1.json) = 1deb658c724767697587d5909c4051c01813e6a1
    -->     <ovf:File ovf:href="VMware-vCenter-Server-Appliance-6.7.0.12000-8832884_OVF10-file1.json" ovf:id="layout.json_id" ovf:size="25562"/>
    -->         <Description>A string encoding a JSON object mapping port names to port numbers.</Description>
    -->         <Description>Advanced upgrade settings specified in json format. Optional. Set only for upgrade</Description>
    -->                      description = "A string encoding a JSON object mapping port names to port numbers."
    -->                      description = "Advanced upgrade settings specified in json format. Optional. Set only for upgrade"


    ============================================================
    ps aux|grep -i vcsa
    one      30656  3.2  0.5 1301368 93476 ?       Sl   17:52   0:09 /media/one/VMware VCSA/vcsa-ui-installer/lin64/installer
    one      30660  0.0  0.1 321468 27316 ?        S    17:52   0:00 /media/one/VMware VCSA/vcsa-ui-installer/lin64/installer --type=zygote --no-sandbox
    one      30686  9.5  0.9 1203472 155008 ?      Sl   17:52   0:26 /media/one/VMware VCSA/vcsa-ui-installer/lin64/installer --type=renderer --no-sandbox --primordial-pipe-token=AA8FF400C3DED10AF8B8A9961BBF72D7 --lang=en-US --node-integration=true --enable-pinch --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=AA8FF400C3DED10AF8B8A9961BBF72D7 --renderer-client-id=4 --v8-natives-passed-by-fd --v8-snapshot-passed-by-fd
    one      30734  0.4  0.5 1072436 91628 ?       Sl   17:52   0:01 /media/one/VMware VCSA/vcsa-ui-installer/lin64/installer --type=renderer --no-sandbox --primordial-pipe-token=758945DCC6827E2BF8399B10D8557D01 --lang=en-US --node-integration=false --guest-instance-id=1 --enable-blink-features --disable-blink-features --enable-pinch --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=758945DCC6827E2BF8399B10D8557D01 --renderer-client-id=6 --v8-natives-passed-by-fd --v8-snapshot-passed-by-fd
    one      30966 13.1  0.3 1268676 62372 ?       Sl   17:56   0:09 /media/one/VMware VCSA/vcsa/ovftool/lin64/ovftool.bin --X:logFile=/tmp/vcsaUiInstaller/ovftool-20180809-175238948-20180809-175603497.log --X:logLevel=trivia --machineOutput --I:morefArgs --targetSSLThumbprint=F9:93:44:4C:6F:07:E5:32:36:0D:D9:99:88:71:D1:4A:6E:35:ED:DA --acceptAllEulas --powerOn --X:enableHiddenProperties --allowExtraConfig --X:injectOvfEnv --sourceType=OVA --name=UserVMware vCenter Server Appliance --deploymentOption=tiny --prop:guestinfo.cis.deployment.node.type=embedded --prop:guestinfo.cis.deployment.autoconfig=False --prop:guestinfo.cis.clientlocale=en --datastore=vim.Datastore:192.168.1.125:/nfs/nfstestshare --net:Network 1=vim.Network:HaNetwork-VM Network --prop:guestinfo.cis.appliance.net.addr.family=ipv4 --prop:guestinfo.cis.appliance.net.mode=static --diskMode=thin --prop:guestinfo.cis.appliance.net.pnid=areeb.vcenter.lab --prop:guestinfo.cis.appliance.net.addr=192.168.1.68 --prop:guestinfo.cis.appliance.net.prefix=24 --prop:guestinfo.cis.appliance.net.dns.servers=192.168.1.1 --prop:guestinfo.cis.appliance.net.gateway=192.168.1.1 --prop:guestinfo.cis.appliance.net.ports={"rhttpproxy.ext.port1":"80","rhttpproxy.ext.port2":"443"} --prop:guestinfo.cis.appliance.root.passwd=insecurepassword* /media/one/VMware VCSA/vcsa/VMware-vCenter-Server-Appliance-6.7.0.12000-8832884_OVF10.ova vi://root:insecurepassword@192.168.1.67:443
    one      31060  0.0  0.0  14228   944 pts/40   S+   17:57   0:00 grep --color=auto -i vcsa


  • error while loading shared libraries: libasound.so.2: cannot open shared object file: No such file or directory


    ./tronwatch: error while loading shared libraries: libasound.so.2: cannot open shared object file: No such file or directory
    [root@testing linux-unpacked-1.0.7]#
     

    Solution:

    yum -y install alsa-lib-devel


  • ./xmr-stak: error while loading shared libraries: libmicrohttpd.so.10: cannot open shared object file: No such file or directory


    The solution is just to install libmicrohttpd-dev

    ./xmr-stak
    ./xmr-stak: error while loading shared libraries: libmicrohttpd.so.10: cannot open shared object file: No such file or directory
    libmicrohttpd
    libmicrohttpd10 - library embedding HTTP server functionality
    libmicrohttpd-dbg - library embedding HTTP server functionality (debug)
    libmicrohttpd-dev - library embedding HTTP server functionality (development)
    $ sudo apt-get install libmicrohttpd-dev
    [sudo] password for one:
    Reading package lists... Done
    Building dependency tree       
    Reading state information... Done
    The following extra packages will be installed:
      libmicrohttpd10
    The following NEW packages will be installed:
      libmicrohttpd-dev libmicrohttpd10
    0 upgraded, 2 newly installed, 0 to remove and 305 not upgraded.
    Need to get 190 kB of archives.
    After this operation, 499 kB of additional disk space will be used.
    Do you want to continue? [Y/n] y
    Get:1 http://archive.ubuntu.com/ubuntu/ trusty/universe libmicrohttpd10 amd64 0.9.33-1 [41.0 kB]
    Get:2 http://archive.ubuntu.com/ubuntu/ trusty/universe libmicrohttpd-dev amd64 0.9.33-1 [149 kB]
    Fetched 190 kB in 0s (192 kB/s)           

     


  • qemu-img resize howto


    The Correct Way To Resize In Place

    qemu-img resize kvmuserwindows2008dcetest.img +1G
    Image resized.

     

     

    Below is a common mistake that some users make they are trying to specify a new image name but it can be resized in place (just make sure the VM is NOT running and you've backed up the data in case something goes wrong).

    qemu-img resize kvmuser453111.img kvmuser453111-larger.img +5G
    New image size must be positive

     

     


  • gmail.com address failing in Postfix


    Aug 10 01:11:54 mailserver postfix/smtp[6180]: 020AE17C2BD1: to=<theuserperson@gmail.con>, relay=none, delay=0.29, delays=0.28/0/0/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=gmail.con type=A: Host not found)

    A user complained that their e-mails weren't being delivered but they actually made a small typo and used gmail.con so it wasn't working as expected of course!

     


  • VMWare Hardware virtualization is selected and cannot be deselected due to selection of VBS Insufficient resources to satisfy configured failover level for vSphere HA.


    There is no such option as "VBS" that I can see in vSphere 6.7 I believe this is actually an issue because of using old hardware in this case L5420 doesn't support Nested Virtualization I believe.

     

    Hardware virtualization is selected and cannot be deselected due to selection of VBS

    Insufficient resources to satisfy configured failover level for vSphere HA.


  • Debian Mint Ubuntu compiling xmr-stak


    sudo apt-get install libcurl4-openssl-dev git build-essential autotools-dev autoconf libcurl3
    sudo apt-get install libcurl4-gnutls-dev


    git clone https://github.com/wolf9466/cpuminer-multi



    sudo apt-get install cmake  libpthread-* libmicrohttpd-dev libssl-dev libhwloc-dev
    git clone https://github.com/fireice-uk/xmr-stak-cpu.git
    make install
    cd bin
    chmod +x xmr-stak-cpu

    ./xmr-stak -O xmr-eu1.nanopool.org:14433 -u --currency monero7 -i 0 -p "" -r ""


    for i in {0..31}; do echo { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : $i },; done
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 0 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 1 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 2 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 3 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 4 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 5 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 6 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 7 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 8 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 9 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 10 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 11 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 12 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 13 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 14 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 15 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 16 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 17 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 18 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 19 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 20 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 21 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 22 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 23 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 24 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 25 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 26 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 27 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 28 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 29 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 30 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 31 },

    #use 28 cores or you will not 1005 h/s you'll get 865 h/s or so


    https://github.com/fireice-uk/xmr-stak
    wget https://github.com/fireice-uk/xmr-stak/archive/master.zip


    mint@mint ~ $ cd xmr-stak-master/
    mint@mint ~/xmr-stak-master $ ls
    CI  CMakeLists.txt  CONTRIBUTING.md  doc  Dockerfile  LICENSE  README.md  scripts  THIRD-PARTY-LICENSES  xmrstak
    mint@mint ~/xmr-stak-master $ cd xmrstak/
    mint@mint ~/xmr-stak-master/xmrstak $ ls
    backend  cli  config.tpl  cpputil  donate-level.hpp  http  jconf.cpp  jconf.hpp  misc  net  params.hpp  picosha2  pools.tpl  rapidjson  version.cpp  version.hpp
    mint@mint ~/xmr-stak-master/xmrstak $ cd ..
    mint@mint ~/xmr-stak-master $ ls
    CI  CMakeLists.txt  CONTRIBUTING.md  doc  Dockerfile  LICENSE  README.md  scripts  THIRD-PARTY-LICENSES  xmrstak
    mint@mint ~/xmr-stak-master $ cd scripts/
    mint@mint ~/xmr-stak-master/scripts $ ls
    build_xmr-stak_docker
    mint@mint ~/xmr-stak-master/scripts $ cd build_xmr-stak_docker/
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ ls
    build_xmr-stak_docker.sh
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ sudo ^C
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ ./build_xmr-stak_docker.sh
    + [[ 999 -ne 0 ]]
    + echo 'This script must be run as root'
    This script must be run as root
    + exit 1
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ sudo ./build_xmr-stak_docker.sh
    + [[ 0 -ne 0 ]]
    + '[' -d xmr-stak ']'
    + git clone https://github.com/fireice-uk/xmr-stak.git
    Cloning into 'xmr-stak'...
    remote: Counting objects: 5108, done.
    remote: Compressing objects: 100% (6/6), done.
    remote: Total 5108 (delta 1), reused 0 (delta 0), pack-reused 5102
    Receiving objects: 100% (5108/5108), 1.49 MiB | 0 bytes/s, done.
    Resolving deltas: 100% (3642/3642), done.
    Checking connectivity... done.
    + wget -c https://developer.nvidia.com/compute/cuda/9.0/Prod/local_installers/cuda_9.0.176_384.81_linux-run
    --2018-08-04 18:34:23--  https://developer.nvidia.com/compute/cuda/9.0/Prod/local_installers/cuda_9.0.176_384.81_linux-run
    Resolving developer.nvidia.com (developer.nvidia.com)... 192.229.162.216
    Connecting to developer.nvidia.com (developer.nvidia.com)|192.229.162.216|:443... connected.
    HTTP request sent, awaiting response... 302 Found
    Location: https://developer.download.nvidia.com/compute/cuda/9.0/secure/Prod/local_installers/cuda_9.0.176_384.81_linux.run?ZX7wuQ4plyyj4R-GNCbYZsePieK4HW5E0zO3qXB-1feswNzXmUm7yNO2iSgtHK73v2OgUn2hxP4HNsAdLKS3WAkvjiiZZGEijzlt2Ve6Eili6Qvjl71_QQZorpl2WlnBwvEN7jRxmJnFhX_Jwzu0BGApoZ7j1Kpnnx15uMfuiMvhv8HzQl39L-Gt [following]
    --2018-08-04 18:34:24--  https://developer.download.nvidia.com/compute/cuda/9.0/secure/Prod/local_installers/cuda_9.0.176_384.81_linux.run?ZX7wuQ4plyyj4R-GNCbYZsePieK4HW5E0zO3qXB-1feswNzXmUm7yNO2iSgtHK73v2OgUn2hxP4HNsAdLKS3WAkvjiiZZGEijzlt2Ve6Eili6Qvjl71_QQZorpl2WlnBwvEN7jRxmJnFhX_Jwzu0BGApoZ7j1Kpnnx15uMfuiMvhv8HzQl39L-Gt
    Resolving developer.download.nvidia.com (developer.download.nvidia.com)... 192.229.211.70, 2606:2800:21f:3aa:dcf:37b:1ed6:1fb
    Connecting to developer.download.nvidia.com (developer.download.nvidia.com)|192.229.211.70|:443... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 1643293725 (1.5G) [application/octet-stream]
    Saving to: ‘cuda_9.0.176_384.81_linux-run’

    cuda_9.0.176_384.81_linux-run                     100%[===========================================================================================================>]   1.53G  20.9MB/s    in 77s    

    2018-08-04 18:35:41 (20.4 MB/s) - ‘cuda_9.0.176_384.81_linux-run’ saved [1643293725/1643293725]

    + chmod a+x cuda_9.0.176_384.81_linux-run
    + docker run --rm -it -v /home/mint/xmr-stak-master/scripts/build_xmr-stak_docker:/mnt fedora:27 /bin/bash -c '
    set -x ;
    dnf install -y -q cmake gcc-c++ hwloc-devel libmicrohttpd-devel libstdc++-static make openssl-devel;
    cd /mnt/xmr-stak ;
    cmake -DCUDA_ENABLE=OFF -DOpenCL_ENABLE=OFF . ;
    make ;
    '
    ./build_xmr-stak_docker.sh: line 22: docker: command not found
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ sudo apt-get install docker
    Reading package lists... Done
    Building dependency tree      
    Reading state information... Done
    The following NEW packages will be installed:
      docker
    0 upgraded, 1 newly installed, 0 to remove and 525 not upgraded.
    Need to get 12.2 kB of archives.
    After this operation, 65.5 kB of additional disk space will be used.
    Get:1 http://archive.ubuntu.com/ubuntu xenial/universe amd64 docker amd64 1.5-1 [12.2 kB]
    Fetched 12.2 kB in 0s (40.1 kB/s) 
    Selecting previously unselected package docker.
    (Reading database ... 224040 files and directories currently installed.)
    Preparing to unpack .../docker_1.5-1_amd64.deb ...
    Unpacking docker (1.5-1) ...
    Processing triggers for man-db (2.7.5-1) ...
    Setting up docker (1.5-1) ...
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ sudo ./build_xmr-stak_docker.sh
    + [[ 0 -ne 0 ]]
    + '[' -d xmr-stak ']'
    + git -C xmr-stak clean -fd
    + wget -c https://developer.nvidia.com/compute/cuda/9.0/Prod/local_installers/cuda_9.0.176_384.81_linux-run
    --2018-08-04 18:36:03--  https://developer.nvidia.com/compute/cuda/9.0/Prod/local_installers/cuda_9.0.176_384.81_linux-run
    Resolving developer.nvidia.com (developer.nvidia.com)... 192.229.162.216
    Connecting to developer.nvidia.com (developer.nvidia.com)|192.229.162.216|:443... connected.
    HTTP request sent, awaiting response... 302 Found
    Location: https://developer.download.nvidia.com/compute/cuda/9.0/secure/Prod/local_installers/cuda_9.0.176_384.81_linux.run?hEToY5LvMogLvVQXRAaUxyQIifpZ2UTHTq95b2roNjuBoyhMdJaorG2jYri3qMoxTUyfTdKaOh1n1aZrZCX3gRytNMyhIysa3EAldjZ-gu6FqzKfqsbcauJReZ5dNaJqfNGordQB21H4J28vRpa16iHzzxIl7qk9Mm0oiDQitXEQHjNXwu-xjLdM [following]
    --2018-08-04 18:36:03--  https://developer.download.nvidia.com/compute/cuda/9.0/secure/Prod/local_installers/cuda_9.0.176_384.81_linux.run?hEToY5LvMogLvVQXRAaUxyQIifpZ2UTHTq95b2roNjuBoyhMdJaorG2jYri3qMoxTUyfTdKaOh1n1aZrZCX3gRytNMyhIysa3EAldjZ-gu6FqzKfqsbcauJReZ5dNaJqfNGordQB21H4J28vRpa16iHzzxIl7qk9Mm0oiDQitXEQHjNXwu-xjLdM
    Resolving developer.download.nvidia.com (developer.download.nvidia.com)... 192.229.211.70, 2606:2800:21f:3aa:dcf:37b:1ed6:1fb
    Connecting to developer.download.nvidia.com (developer.download.nvidia.com)|192.229.211.70|:443... connected.
    HTTP request sent, awaiting response... 416 Requested Range Not Satisfiable

        The file is already fully retrieved; nothing to do.

    + chmod a+x cuda_9.0.176_384.81_linux-run
    + docker run --rm -it -v /home/mint/xmr-stak-master/scripts/build_xmr-stak_docker:/mnt fedora:27 /bin/bash -c '
    set -x ;
    dnf install -y -q cmake gcc-c++ hwloc-devel libmicrohttpd-devel libstdc++-static make openssl-devel;
    cd /mnt/xmr-stak ;
    cmake -DCUDA_ENABLE=OFF -DOpenCL_ENABLE=OFF . ;
    make ;
    '
    ./build_xmr-stak_docker.sh: line 22: docker: command not found
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ docker
    The program 'docker' is currently not installed. You can install it by typing:
    sudo apt install docker.io
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ sudo ./build_xmr-stak_docker.sh ^C
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ apt-cache search docker


    sudo apt-get install docker.io

    ./build_xmr-stak_docker.sh


    cd ./xmrstak/donate-level.hpp
    constexpr double fDevDonationLevel = 0.0 / 100.0;


    cmake -DCMAKE_CXX_COMPILER=/usr/bin/g++-5 -DCMAKE_CC_COMPILER=/usr/bin/gcc5 -DCUDA_ENABLE=OFF
    #some say adding -DCMAKE_CXX_FLAGS=-march=native adds more hashing but I didn't see this I saw about 4 h/s less!
    # also if you added a bad -DCMAKE_CXX_FLAGS you can just set it to  -DCMAKE_CXX_FLAGS=""

    make install

    #considering I have 32 total cores (16 per CPU Opteron 6276)
    #remember to put the affine settings in cpu.txt anywhere else is ignored!
    #in this new XMR stack 29 cores gets you in 886 h/s so I have moved to 27 but that gets lower.
    31 got me about 925 h/s
    30 got me about 945.4 h/s
    29 got me about 890 h/s

    cd bin/
    mint@mint ~/xmr-stak-master/bin $ ls
    libxmr-stak-backend.a  libxmr-stak-c.a  libxmrstak_opencl_backend.so  xmr-stak
    mint@mint ~/xmr-stak-master/bin $ ./xmr-stak
    sudo sysctl -w vm.nr_hugepages=128
    Please enter:
    - Do you want to use the HTTP interface?
    Unlike the screen display, browser interface is not affected by the GPU lag.
    If you don't want to use it, please enter 0, otherwise enter port number that the miner should listen on

    0
    Configuration stored in file 'config.txt'
    Please enter:
    - Please enter the currency that you want to mine:
        - aeon7
        - bbscoin
        - bittube
        - cryptonight
        - cryptonight_bittube2
        - cryptonight_masari
        - cryptonight_haven
        - cryptonight_heavy
        - cryptonight_lite
        - cryptonight_lite_v7
        - cryptonight_lite_v7_xor
        - cryptonight_v7
        - cryptonight_v7_stellite
        - graft
        - haven
        - intense
        - masari
        - monero7
        - ryo
        - stellite
        - turtlecoin

    monero7
    - Pool address: e.g. pool.usxmrpool.com:3333




    ./xmr-stak
    Please enter:
    - Do you want to use the HTTP interface?
    Unlike the screen display, browser interface is not affected by the GPU lag.
    If you don't want to use it, please enter 0, otherwise enter port number that the miner should listen on

    0
    Configuration stored in file 'config.txt'
    Please enter:
    - Please enter the currency that you want to mine:
        - aeon7
        - bbscoin
        - bittube
        - cryptonight
        - cryptonight_bittube2
        - cryptonight_masari
        - cryptonight_haven
        - cryptonight_heavy
        - cryptonight_lite
        - cryptonight_lite_v7
        - cryptonight_lite_v7_xor
        - cryptonight_v7
        - cryptonight_v7_stellite
        - graft
        - haven
        - intense
        - masari
        - monero7
        - ryo
        - stellite
        - turtlecoin

    monero7
    - Pool address: e.g. pool.usxmrpool.com:3333
    xmr-eu1.nanopool.org:14433
    - Username (wallet address or pool login):
    yourmonerwalletaddress.1/youremail@domain.com
    - Password (mostly empty or x):

    - Rig identifier for pool-side statistics (needs pool support). Can be empty:

    - Does this pool port support TLS/SSL? Use no if unknown. (y/N)
    y
    - Do you want to use nicehash on this pool? (y/n)
    n
    - Do you want to use multiple pools? (y/n)
    n
    Pool configuration stored in file 'pools.txt'
    [2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
    [2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
    [2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
    [2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
    [2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
    -------------------------------------------------------------------
    xmr-stak 2.4.7 c5f0505d

    Brought to you by fireice_uk and psychocrypt under GPLv3.
    Based on CPU mining code by wolf9466 (heavily optimized by fireice_uk).
    Based on OpenCL mining code by wolf9466.

    Configurable dev donation level is set to 2.0%

    You can use following keys to display reports:
    'h' - hashrate
    'r' - results
    'c' - connection
    -------------------------------------------------------------------
    [2018-08-04 18:49:59] : Mining coin: monero7
    [2018-08-04 18:49:59] : WARNING: UNKNOWN_ERROR when calling clGetPlatformIDs for number of platforms.
    [2018-08-04 18:49:59] : WARNING: No OpenCL platform found.
    [2018-08-04 18:49:59] : WARNING: No AMD OpenCL platform found. Possible driver issues or wrong vendor driver.
    [2018-08-04 18:49:59] : WARNING: backend AMD (OpenCL) disabled.
    [2018-08-04 18:49:59] : Autoconf FAILED: Failed to allocate a PU.. Create config for a single thread.
    [2018-08-04 18:49:59] : CPU configuration stored in file 'cpu.txt'
    [2018-08-04 18:49:59] : Starting 1x thread, no affinity.
    [2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
    [2018-08-04 18:49:59] : Fast-connecting to xmr-eu1.nanopool.org:14433 pool ...
    [2018-08-04 18:49:59] : Pool xmr-eu1.nanopool.org:14433 connected. Logging in...
    [2018-08-04 18:50:00] : SOCKET ERROR - [xmr-eu1.nanopool.org:14433] RECEIVE error: socket closed
    HASHRATE REPORT - CPU
    | ID |    10s |    60s |    15m |
    |  0 |   (na) |   (na) |   (na) |
    Totals (CPU):     0.0    0.0    0.0 H/s
    -----------------------------------------------------------------
    Totals (ALL):      0.0    0.0    0.0 H/s
    Highest:     0.0 H/s
    -----------------------------------------------------------------
    HASHRATE REPORT - CPU
    | ID |    10s |    60s |    15m |
    |  0 |   (na) |   (na) |   (na) |
    Totals (CPU):     0.0    0.0    0.0 H/s
    -----------------------------------------------------------------
    Totals (ALL):      0.0    0.0    0.0 H/s
    Highest:     0.0 H/s
    -----------------------------------------------------------------

     


  • ./nsgpucnminer: error while loading shared libraries: libOpenCL.so.1w: cannot open shared object file: No such file or directory


    ./nsgpucnminer: error while loading shared libraries: libOpenCL.so.1w: cannot open shared object file: No such file or directory
     


  • *** These critical programs are missing or too old: gawk


    checking whether autoconf works... ../configure: line 5377:  7325 Segmentation fault      $AUTOCONF $ACFLAGS configure.in > /dev/null 2>&1
    no
    configure: error:
    *** These critical programs are missing or too old: gawk
    *** Check the INSTALL file for required versions.

     


  • migration/4 migration 4 is using too much CPU


    top - 13:02:52 up 603 days, 19:19,  2 users,  load average: 5.01, 4.15, 3.44
    Tasks: 604 total,   5 running, 599 sleeping,   0 stopped,   0 zombie
    Cpu(s): 17.7%us, 36.1%sy,  0.0%ni, 42.0%id,  4.1%wa,  0.0%hi,  0.2%si,  0.0%st
    Mem:  16278908k total,  4269684k used, 12009224k free,   119672k buffers
    Swap:        8k total,        8k used,        0k free,  1802992k cached

        PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND                                            
     273765 root      20   0  102m  680  572 R 36.1  0.0   7:23.08 swapoff                                            
     410417 501       20   0  229m  53m 1784 S 26.1  0.3   0:13.60 imap                                               
         19 root      RT   0     0    0    0 S 37.9  0.0 217:19.08 migration/4  



    migration/4   migration 4 is using too much CPU but not sure why.  I think it was due to heavy IO or swapping at the time possibly.


  • convert.im6: Unknown field with tag 317 (0x13d) encountered. `TIFFReadDirectory' @ warning/tiff.c/TIFFWarnings/788.


    convert "file.TIF" "resize.jpg"
    convert.im6: Unknown field with tag 317 (0x13d) encountered. `TIFFReadDirectory' @ warning/tiff.c/TIFFWarnings/788.

    I've been getting this error in ImageMagick on some .tif files even though it seems to actually convert properly.


  • Python SyntaxError: Missing parentheses in call to 'print'


    SyntaxError: Missing parentheses in call to 'print'
     

    This is an annoying issue where the syntax between Python 2 and 3 changed which breaks old scripts.

    print "hello"
    #change to
    print("Hello, World!")


  • Linux How To Rename Files


    To remove all spaces from all files in the current directory

    linux rename remove spaces

    rename "s/ //g" *

    The above won't work in Centos but in Debian based distros as rename in Centos doesn't work that way.

    See this more comprehensive article.


  • OpenVZ container will not stop Child 546246 exited with status 1


    vzctl stop 4096
    Removing stale lock file /vz/lock/4096.lck
    Stopping container ...
    Child 546213 exited with status 1
    ^Z
    [1]+  Stopped                 vzctl stop 4096
     ~]# rm /vz/lock/4096.lck
    rm: remove regular file `/vz/lock/4096.lck'? y
     ~]# vzctl stop 4096
    Stopping container ...
    Child 546246 exited with status 1

    vzctl chkpnt 4096 --kill
    Removing stale lock file /vz/lock/4096.lck
    Can not join cpt context 4096: No such file or directory


  • [warn] VirtualHost 10.2.5.101:443 overlaps with VirtualHost 10.2.5.101:443, the first has precedence, perhaps you need a NameVirtualHost directive


    [root@thetor2017 conf]# service httpd restart
    Stopping httpd:                                            [  OK  ]
    Starting httpd: WARNING: MaxClients of 3000 exceeds ServerLimit value of 300 servers,
     lowering MaxClients to 300.  To increase, please see the ServerLimit
     directive.
    Warning: DocumentRoot [/www/vhosts/seconddomain.com/httpdocs] does not exist
    Warning: DocumentRoot [/www/vhosts/seconddomain.com/httpdocs] does not exist
    httpd: Could not reliably determine the server's fully qualified domain name, using 10.2.5.69 for ServerName
    [Sat Jul 21 19:17:31 2018] [warn] VirtualHost 10.2.5.101:443 overlaps with VirtualHost 10.2.5.101:443, the first has precedence, perhaps you need a NameVirtualHost directive
    [Sat Jul 21 19:17:31 2018] [warn] NameVirtualHost *:9343 has no VirtualHosts
                                                       [  OK  ]
    =======

    The Solution

    Edit the vhosts that are having the trouble they probably have a hardcoded IP.

    Change it like so:

    <VirtualHost some-ip.here:443>

    To

    <VirtualHost *:443>
     

    ================


    [root@thetor2017 conf]# grep 10.2.5.101 *
    hostdomain.com.conf:
    hostdomain.com.conf-orig:



    ========

    apache shared ssl returns wrong certificate vhost
    I believe it has to do with the IP they are hitting:

    [root@thetor2017 conf]# host seconddomain.com
    seconddomain.com has address 10.2.5.55
    seconddomain.com mail is handled by 10 mail.seconddomain.com.
    [root@thetor2017 conf]# host realtechtalk.com
    realtechtalk.com has address 10.2.5.55
    realtechtalk.com mail is handled by 10 mail.realtechtalk.com.
    [root@thetor2017 conf]# host thirddomain.com.com
    thirddomain.com.com has address 10.2.5.102
    thirddomain.com.com mail is handled by 10 mail.thirddomain.com.com.
    [root@thetor2017 conf]# host onedomain.com
    onedomain.com has address 10.2.5.102



    the IPs with .55 work fine with SSL

    The IPs with .102 serve domain.cn because I believe it is the first vhost and cert by alphabet on that IP

    the problem is in this vhost# domain.cn.conf:
    it applies to onedomain.com and thirddomain.com.com because they use the same IP as domain.cn 10.2.5.102


    Normally when using .55 the first domain it would find and search is the default 00-defaultsite.conf which points to the generic cert
    On top of that domain.cn.conf has the IP as the vhost "" so it is the first match for SSL.


    So it defaults to the first IP and cert it finds which is domain.cn rather than sending the default 10.2.5.55 generic cert


  • Ethereum Client Errors


    INFO [07-19|12:11:51] Imported new block receipts              count=590  elapsed=8.440s     bytes=74117699  number=4870906 hash=6bc60b…934753 ignored=0
    INFO [07-19|12:11:57] Imported new state entries               count=499  elapsed=9.963ms    processed=71076 pending=1526  retry=2   duplicate=0 unexpected=384
    WARN [07-19|12:12:05] Stalling state sync, dropping peer       peer=ce5db7601fa43fe0
    WARN [07-19|12:12:06] Stalling state sync, dropping peer       peer=aa7f4024eb42bd70
    WARN [07-19|12:12:09] Stalling state sync, dropping peer       peer=868d7f91fb0463d1
    WARN [07-19|12:12:10] Stalling state sync, dropping peer       peer=b6490529f4b4848d
    WARN [07-19|12:12:11] Stalling state sync, dropping peer       peer=146c324e5559b344
    WARN [07-19|12:12:11] Node data write error                    err="state node eb281e…3b0157 failed with all peers (2 tries, 2 peers)"

    The solution is to update to the latest Ethereum client and wipeout your "chaindata" if that doesn't work.  Ethereum is a work in progress and unlike stable currencies like Bitcoin and Litecoin it must be updated to the latest version or things won't work (which means almost weekly updates!).


  • PayPal IPN Failed "result: IPN Handshake Invalid"


    This is often the result of PayPal's "item name" or another name having invalid characters or not supporting Unicode.

     

    173.0.81.1 - - [17/Jul/2018:13:39:45 -0400] "POST //modules/gateways/callback/paypal.php HTTP/1.1" 406 - "-" "PayPal IPN ( https://www.paypal.com/ipn )"

    A good clue is if you check the debug output of the IPN and find a mandatory column empty.

     

    item_name =>

    Obviously item_name has to be populated or things will usually break.  Login to your PayPal settings and update your character encoding settings:

    See how to do this in PayPal below:

     

     

     

     

     

     

     


     

     

     

     


  • Linux Centos 7 HowTo Install Yarn


    https://yarnpkg.com/lang/en/docs/install/#centos-stable

     

    curl --silent --location https://dl.yarnpkg.com/rpm/yarn.repo | tee /etc/yum.repos.d/yarn.repo

    If you need node.js:

    curl --silent --location https://rpm.nodesource.com/setup_6.x | bash -  yum install nodejs yarn
    

  • HP DL385 G7 BIOS Key Enter


    Just Press F9.

    F11 gets you the boot Menu.


  • Centos 7 - How To Install NFS and Mount Remotely


    Server Side Config

    1.) First install nfs-utils

    yum -y install nfs-utils

    2.) Configure nfs share

    Create a directory for your NFS share

    mkdir /datastore

    Create your NFS share in /etc/exports

    echo "/datastore 10.220.101.0/24(rw,sync,no_root_squash)" >> /etc/exports
    systemctl restart nfs

    /etc/exports is where all NFS shares are defined

    Allowed Client IP Range = 10.220.101.0/24

    Read and Writing Allowed = rw

    no_root_squash = makes it so the default of nobody is not used on the NFS share as a user (not secure in normal environments with user access but it makes sense for our situation)

    sync = a good idea because otherwise the nfs server will reply to requests for unwritten/unstable data which can lead to corruption and data loss potentially.

    Client Side

    yum -y install nfs-utils

    mount 10.10.2.20:/tmp/nfsmount /mnt/nfs/

    IP of NFS Server = 10.10.2.20

    NFS Share = /tmp/nfsmount

    Local Mount Path = /mnt/nfs

    Make it permanent with fstab

    10.10.2.20:/tmp/nfsmount /mnt/nfs nfs defaults 0 0

    Troubleshooting

    Most issues are a result of a few things.

    1. You can't mount because nfs-utils was not installed on the client side.
    2. The IP range you specified is incorrect or invalid (if you are using NAT absolutely verify what the source IP from your client looks like to the server).
    3. Insecure ports issue if you are using NAT (you should set the "insecure" option
     rpc.mountd: refused mount request from somehostname.com for /some/path (/a/path/): illegal port 59201

    If you get the above error you are probably using NAT somewhere between the client and server.  NAT mapping ends up resulting in high and so-called "insecure" ports to be used (I guess the fact that they are unprivileged and a non-root user could easly sniff or intercept on those ports). However if that's not a concern you modify your exports line like this:

    /datastore 10.220.101.0/24(insecure,rw,sync,no_root_squash)


  • wodim / cdrecord error cannot burn DVD or BDR .iso Errno: 5 (Input/output error), write_g1 scsi sendcmd: no error


     dvd+rw-mediainfo /dev/sr0
    INQUIRY:                [ASUS    ][BW-16D1HT       ][3.00]
    GET [CURRENT] CONFIGURATION:
     Mounted Media:         11h, DVD-R Sequential
     Media ID:              RITEKF1    
     Current Write Speed:   16.0x1385=22160KB/s
     Write Speed #0:        16.0x1385=22160KB/s
     Write Speed #1:        8.0x1385=11080KB/s
     Speed Descriptor#0:    08/2297887 R@16.0x1385=22160KB/s W@16.0x1385=22160KB/s
     Speed Descriptor#1:    08/2297887 R@16.0x1385=22160KB/s W@8.0x1385=11080KB/s
    READ DVD STRUCTURE[#10h]:
     Media Book Type:       00h, DVD-ROM book [revision 0]
     Legacy lead-out at:    2298496*2KB=4707319808
    READ DVD STRUCTURE[#0h]:
     Media Book Type:       25h, DVD-R book [revision 5]
     Last border-out at:    2045*2KB=4188160
    READ DISC INFORMATION:
     Disc status:           blank
     Number of Sessions:    1
     State of Last Session: empty
     "Next" Track:          1
     Number of Tracks:      1
    READ TRACK INFORMATION[#1]:
     Track State:           blank
     Track Start Address:   0*2KB
     Next Writable Address: 0*2KB
     Free Blocks:           2298496*2KB
     Track Size:            2298496*2KB
    READ CAPACITY:          0*2048=0

     

    The problem with cdrecord / wodim when burning a DVD


    :~/00-ISO$ sudo cdrecord linuxmint-18.2-mate-64bit.iso

    wodim: No write mode specified.
    wodim: Assuming -tao mode.
    wodim: Future versions of wodim may have different drive dependent defaults.
    Device was not specified. Trying to find an appropriate drive...
    Looking for a DVD-R drive to store 1659.12 MiB...
    Detected DVD-R drive: /dev/sr0
    Using /dev/cdrom of unknown capabilities
    Device type    : Removable CD-ROM
    Version        : 5
    Response Format: 2
    Capabilities   :
    Vendor_info    : 'ASUS    '
    Identification : 'BW-16D1HT       '
    Revision       : '3.00'
    Device seems to be: Generic mmc2 DVD-R/DVD-RW.
    Using generic SCSI-3/mmc DVD-R(W) driver (mmc_mdvd).
    Driver flags   : SWABAUDIO BURNFREE
    Supported modes: PACKET SAO
    Speed set to 22160 KB/s
    Starting to write CD/DVD at speed  17.0 in real unknown mode for single session.
    Last chance to quit, starting real write in    0 seconds. Operation starts.
    Errno: 5 (Input/output error), write_g1 scsi sendcmd: no error
    CDB:  2A 00 00 00 00 1F 00 00 1F 00
    status: 0x2 (CHECK CONDITION)
    Sense Bytes: 72 06 28 00 00 00 00 0E 09 0C 00 20 00 03 00 00
    Sense Key: 0x8 Blank Check, Segment 6
    Sense Code: 0x00 Qual 0x03 (setmark detected) Fru 0x0
    Sense flags: Blk 0 (not valid) illegal block length
    cmd finished after 0.000s timeout 40s
    write track data: error after 63488 bytes
    wodim: A write error occured.
    wodim: Please properly read the error message above.
    Errno: 5 (Input/output error), test unit ready scsi sendcmd: no error
    CDB:  00 00 00 00 00 00
    status: 0x2 (CHECK CONDITION)
    Sense Bytes: 70 00 02 00 00 00 00 0A 00 00 00 00 04 08 00 00
    Sense Key: 0x2 Not Ready, Segment 0
    Sense Code: 0x04 Qual 0x08 (logical unit not ready, long write in progress) Fru 0x0
    Sense flags: Blk 0 (not valid)
    cmd finished after 0.007s timeout 40s
    ^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^Cc

     

     

    The error even happens if you lower the speed:

     

     

    sudo wodim speed=8 driveropts=burnfree linuxmint-18.2-mate-64bit.iso
    wodim: No write mode specified.
    wodim: Assuming -tao mode.
    wodim: Future versions of wodim may have different drive dependent defaults.
    Device was not specified. Trying to find an appropriate drive...
    Looking for a DVD-R drive to store 1659.12 MiB...
    Detected DVD-R drive: /dev/sr0
    Using /dev/cdrom of unknown capabilities
    Device type    : Removable CD-ROM
    Version        : 5
    Response Format: 2
    Capabilities   :
    Vendor_info    : 'ASUS    '
    Identification : 'BW-16D1HT       '
    Revision       : '3.00'
    Device seems to be: Generic mmc2 DVD-R/DVD-RW.
    Using generic SCSI-3/mmc DVD-R(W) driver (mmc_mdvd).
    Driver flags   : SWABAUDIO BURNFREE
    Supported modes: PACKET SAO
    Speed set to 11080 KB/s
    Starting to write CD/DVD at speed   8.0 in real unknown mode for single session.
    Last chance to quit, starting real write in    0 seconds. Operation starts.
    Errno: 5 (Input/output error), write_g1 scsi sendcmd: no error
    CDB:  2A 00 00 00 00 1F 00 00 1F 00
    status: 0x2 (CHECK CONDITION)
    Sense Bytes: 72 06 28 00 00 00 00 0E 09 0C 00 20 00 03 00 00
    Sense Key: 0x8 Blank Check, Segment 6
    Sense Code: 0x00 Qual 0x03 (setmark detected) Fru 0x0
    Sense flags: Blk 0 (not valid) illegal block length
    cmd finished after 0.000s timeout 40s
    write track data: error after 63488 bytes
    wodim: A write error occured.
    wodim: Please properly read the error message above.
    Errno: 5 (Input/output error), test unit ready scsi sendcmd: no error
    CDB:  00 00 00 00 00 00
    status: 0x2 (CHECK CONDITION)
    Sense Bytes: 70 00 02 00 00 00 00 0A 00 00 00 00 04 08 00 00
    Sense Key: 0x2 Not Ready, Segment 0
    Sense Code: 0x04 Qual 0x08 (logical unit not ready, long write in progress) Fru 0x0
    Sense flags: Blk 0 (not valid)
    cmd finished after 0.007s timeout 40s


  • linux mint image convert menu option missing solution


    I already have the caja-image-converter option installed but it shows nothing.

    Weirdly enough if you install nemo and nautilus converter it does show and work inside caja:

    The solution is to install *-image-converter

    sudo apt-get install *-image-converter
    Reading package lists... Done
    Building dependency tree      
    Reading state information... Done
    Note, selecting 'nemo-image-converter' for glob '*-image-converter'
    Note, selecting 'caja-image-converter' for glob '*-image-converter'
    Note, selecting 'nautilus-image-converter' for glob '*-image-converter'
    caja-image-converter is already the newest version (1.16.0-1+serena).
    The following packages were automatically installed and are no longer required:
      gyp libgoocanvas-common libgoocanvas3 libjs-inherits libjs-node-uuid
      libkf5plotting5 libssl-dev libuv1 libuv1-dev python-pygoocanvas
    Use 'sudo apt autoremove' to remove them.
    Recommended packages:
      nautilus nemo
    The following NEW packages will be installed:
      nautilus-image-converter nemo-image-converter
    0 upgraded, 2 newly installed, 0 to remove and 459 not upgraded.
    Need to get 42.5 kB of archives.
    After this operation, 328 kB of additional disk space will be used.
    Do you want to continue? [Y/n] y
    Get:1 http://packages.linuxmint.com serena/backport amd64 nemo-image-converter amd64 3.2.0+serena [19.8 kB]
    Get:2 http://archive.ubuntu.com/ubuntu xenial-updates/universe amd64 nautilus-image-converter amd64 0.3.1~git20110416-1ubuntu1.16.04.1 [22.7 kB]
    Fetched 42.5 kB in 0s (97.7 kB/s)                  
    Selecting previously unselected package nautilus-image-converter.
    (Reading database ... 364378 files and directories currently installed.)
    Preparing to unpack .../nautilus-image-converter_0.3.1~git20110416-1ubuntu1.16.04.1_amd64.deb ...
    Unpacking nautilus-image-converter (0.3.1~git20110416-1ubuntu1.16.04.1) ...
    Selecting previously unselected package nemo-image-converter.
    Preparing to unpack .../nemo-image-converter_3.2.0+serena_amd64.deb ...
    Unpacking nemo-image-converter (3.2.0+serena) ...
    Setting up nautilus-image-converter (0.3.1~git20110416-1ubuntu1.16.04.1) ...
    Setting up nemo-image-converter (3.2.0+serena) ...


  • ImageMagick How To Convert Specific PDF Pages or a Range


    A very handy feature of ImageMagick's convert command is that it can convert PDF's to other image formats like jpg but did you know you can even manually select a range or specific pages from the PDF? 

    Here is an example of converting a range of pages from a PDF in this case pages 25 to 36:

    convert -density 300 "vSphere 6.5-1.pdf[25-36]"  vsphere.jpg
     

    Here is an example of converting a list of specific pages from a PDF in this case pages 45,54,69:


    convert -density 300 "vSphere 6.5-1.pdf[45,54,69]"  vsphere.jpg
     

     

     


  • Linux How To Free Wasted Memory RAM in Buffers


    We all know Linux is known for good memory management but is it really?  It seems all on its own with hardly anything running that you can come back in days or weeks and find that almost all of your RAM is used!

    And many will say "no don't worry it's buffers for optimization" but it doesn't seem to help because what is in buffers is not available to use for new programs running or ones that allocate more RAM as far as I can tell.

    The reason I know this is because you can see that SWAP will get used so if there was enough RAM not eaten by buffers it should be freed for new or growing memory allocations but it is not.

    So how do we fix this or clear out Linux's memory buffers to free RAM?

    [root@realtechtalk.com ~]# free -m
                 total       used       free     shared    buffers     cached
    Mem:          3851       3738        113          0       3269        222
    -/+ buffers/cache:        246       3605
    Swap:         2999          0       2999
    
     [root@realtechtalk.com ~]# echo 3 > /proc/sys/vm/drop_caches
    
    [root@realtechtalk.com ~]#
    [root@realtechtalk.com ~]#
    [root@realtechtalk.com ~]# free -m
                 total       used       free     shared    buffers     cached
    Mem:          3851        146       3705          0          0          9
    -/+ buffers/cache:        137       3714
    Swap:         2999          0       2999
    
    

    Now we can see that we have our RAM back!


  • Linux How To Eject and Insert a CD-R/DVD-R/BD-R Disc


    Many people are aware of the "eject command" which works as you would expect.

    To eject the disc:

    sudo eject /dev/sr0

    To insert the disc again you still use the same command but with the "-t" close try toggle:

    sudo eject -t /dev/sr0
     


  • Linux Mint 18 Screen Goes Dark or Black After Screensaver or even when using the Desktop Solution


    You can search for this bug and it seems like it may be related to ecryptfs and is many years old.

    The symptoms are that you return to the computer and the screensaver was active or the screen was asleep/black and it doesn't seem to come back.  But you check by SSH the computer is running fine and are frustrated you'll lose your running programs and have to reboot.

    There is a simple solution:

    Ctrl + Alt + F1

    Ctrl + Alt + F8

    Basically you are switching to another virtual console/screen and then back to screen 8 which is your Desktop.  This removes the black screen and presents the login prompt and doesn't cause any loss of data or interruption to your session.

    This also works if you are using your computer normally and the screen becomes partially dark or very dark.  It seems related to the above bug.

    It may also be related to a bug in the Intel i915 driver but this issue seems to plague Nvidia and AMD users too.

     

    Some related syslog or dmesg errors you may see:

    mate-screensaver-dialog: pam_ecryptfs: seteuid error
    [    4.825400] [drm] RC6 on
    [15732.058803] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=172171 end=172172) time 100 us, min 894, max 899, scanline start 893, end 900
    [24966.142220] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=54325 end=54326) time 101 us, min 894, max 899, scanline start 893, end 900
    [252173.205297] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=33067 end=33068) time 102 us, min 894, max 899, scanline start 893, end 900
    [266867.040745] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=19806 end=19807) time 102 us, min 894, max 899, scanline start 893, end 900
    [266872.190787] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=20115 end=20116) time 102 us, min 894, max 899, scanline start 893, end 899
    [266873.174149] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=20174 end=20175) time 100 us, min 894, max 899, scanline start 893, end 900
    [370925.989870] [drm] stuck on render ring
    [370925.995049] [drm] GPU HANG: ecode 9:0:0x85dffffd, in Xorg [1562], reason: Engine(s) hung, action: reset
    [370925.995054] [drm] GPU hangs can indicate a bug anywhere in the entire gfx stack, including userspace.
    [370925.995056] [drm] Please file a _new_ bug report on bugs.freedesktop.org against DRI -> DRM/Intel
    [370925.995057] [drm] drm/i915 developers can then reassign to the right component if it's not a kernel issue.
    [370925.995059] [drm] The gpu crash dump is required to analyze gpu hangs, so please always attach it.
    [370925.995061] [drm] GPU crash dump saved to /sys/class/drm/card0/error
    [370925.998026] drm/i915: Resetting chip after gpu hang
    [370928.001884] [drm] RC6 on

     

    Other errors when the screen goes dark (sometimes Alt F1 + Alt F8 will not fix it)

    This behavior was seen on kernel 4.4.0-116-generic

    Sep 24 07:09:36 queenlazina-desktop console-kit-daemon[1768]: (process:6292): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
    Sep 24 07:09:38 queenlazina-desktop console-kit-daemon[1768]: (process:6294): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
    Sep 24 07:09:43 queenlazina-desktop console-kit-daemon[1768]: (process:6297): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
    Sep 24 07:09:49 queenlazina-desktop console-kit-daemon[1768]: (process:6299): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
    Sep 24 07:10:00 queenlazina-desktop console-kit-daemon[1768]: (process:6301): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
    Sep 24 07:10:01 queenlazina-desktop console-kit-daemon[1768]: (process:6303): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
    Sep 24 07:10:08 queenlazina-desktop console-kit-daemon[1768]: (process:6305): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed

     


  • iptables guide and examples and howto


    iptables allow port 22 example


    Of course change --dport and -s to suit your needs


    #allow certain IP to access port 22
     iptables -A INPUT -p tcp -m tcp --dport 22 -s 192.168.1.0/24 -j ACCEPT


    # block others
    iptables -A INPUT -p tcp --dport 22 -j DROP


  • Postfix How To Change Sending IP Address To Specific IP Binding or Interface


    I thought I'd post this becuase there is some bad information out there.  Some guides tell you to edit /etc/postfix/master.cf (-o smtp_bind_address=) but this doesn't work.  The same guide also says if you don't change it there you end up changing the listening IP/bind interface which is also not true.

    Here is a simple and effective way to change Postfix's sending/binding/outgoing IP address (very important for reverse DNS and so mail servers don't block you):

    vi /etc/postfix/main.cf

    #add this option

    smtp_bind_address=192.168.5.80

    *Obviously change the 192.168.5.80 to the outgoing address you want to use for Postfix


  • How to qemu-kvm enable bridged networking in Debian Ubuntu Linux Mint on KVM containers


    I've read a few guides about this but they didn't work for me.


    sudo apt-get install bridge-utils

    #don't think the above is enough it won't work still even though you have by default an /etc/qemu-ifup that handles it if you have the right tools and setup
    sudo qemu-system-x86_64 -net tap -net nic -enable-kvm -cpu host,vmx=on ~/VirtualBox VMs/vsphere-vcenter/vsphere-vcenter.vdi
    W: /etc/qemu-ifup: no bridge for guest interface found


    vi /etc/networking/interfaces

    Add the following br0 adapter and make sure you replace eth0 with your network adapter name such as "enp3s0"


    auto br0
    iface br0 inet dhcp
    bridge_ports eth0
    bridge_stp off
    bridge_maxwait 0
    bridge_fd 0

     

    #restart your network/networking

    sudo service networking restart


    sudo qemu-system-x86_64 -m 11G -net tap -net nic -enable-kvm -cpu host,vmx=on ~/VirtualBox VMs/vsphere-vcenter/vsphere-vcenter.vdi

    There is no more error or complaint about no bridge interface being found not that we've installed bridge utils and created a br0 bridge.


  • VirtualBox Nested Virtual Machine Containers with KVM Not Working no SVM or VMX module in the guest


    I can't get vmx cpu extensions to show up in Virtualbox guests despite enabling nested paging and

    enable vmx in virtualbox guest but this doesn't help that you check VT-X or the AMD Virtualization SVM it enables it for the guest to use BUT does not pass it through.  This means if you check cat /proc/cpuinfo in the guest you will see the CPU doesn't support virtualization.  It looks like VirtualBox still hasn't implemented this!

    But there is good news I was able to install qemu-kvm and run straight from the VirtualBox .vdi directly and also enable the nested virtualization no problem.

    #it looks like it is just not supported it's just easier to use KVM directly on the .vdi file!

    qemu-system-x86_64 -enable-kvm -cpu host,vmx=on ~/VirtualBox VMs/test/test.vdi

    Virtualbox is a great project and way for virtualizing but it is disappointing that they don't just pass through the virtualization CPU flags for nesting.


  • VSphere InternalServerError - Error When Adding Permissions


    InternalServerError (com.vmware.vapi.std.errors.internal_server_error) => {
    messages = [LocalizableMessage (com.vmware.vapi.std.localizable_message) => {
    id = vapi.bindings.method.impl.unexpected,
    defaultMessage = Provider method implementation threw unexpected exception: com.vmware.vapi.std.errors.InternalServerError,
    args = [com.vmware.vapi.std.errors.InternalServerError]
    }],
    data = <null>
    }

    I was getting the error but it almost seemed delayed as if it were from the previous operation a minute before and not the current.  You can just refresh and try again but it seems like a bug.  The permissions show they have applied but hopefully they really have and nothing is broken!


  • NFS Share Won't Mount Solution - mount: wrong fs type, bad option, bad superblock on 10.10.2.20:/tmp/nfsmount


    nfs mount failed:

    mount 10.10.2.20:/tmp/nfsmount /mnt/nfs/
    mount: wrong fs type, bad option, bad superblock on 10.10.2.20:/tmp/nfsmount,
           missing codepage or helper program, or other error
           (for several filesystems (e.g. nfs, cifs) you might
           need a /sbin/mount.<type> helper program)
           In some cases useful info is found in syslog - try
           dmesg | tail  or so

    In this case the client machine didn't have nfs-utils installed!  You would think that when trying to mount that the error would indicate this!


    yum -y install nfs-utils

    So make sure you have nfs client utilities installed on the machine you are trying to mount the nfs share from!


  • OVF Tool: Error: Task failed on server: This host does not support Intel VT-x. VMWare VCenter install On ESXi ERror


    Intel VT-X is enabled in Virtualbox but it doesn't seem to pass through the needed vmx extension despite the following variables on the host confirming it is enabled:

    cat /sys/module/kvm_intel/parameters/nested
    Y
    cat /sys/module/kvm_intel/parameters/ept
    Y

     

     

    OVF Tool: Disk progress: 99%
    OVF Tool: Transfer Completed
    OVF Tool: Powering on VM: Embedded-vCenter-Server-Appliance-
    OVF Tool: Task progress: 0%
    OVF Tool: Task Failed
    OVF Tool: Error: Task failed on server: This host does not support Intel VT-x.
    OVF Tool: Error: Fault cause: vim.fault.InvalidState
    OVF Tool: Completed with errors
    Deployment failed. OVF Tool return error code: 1
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.54' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Failed to collect support bundle from appliance because: Cannot gather support logs because the appliance was not power on.
    =========================================================================== [FAILED] Task: Deploying vCenter Server Appliance execution failed at 19:34:28
    ===========================================================================
    ======================================================================================================================================================================================================
    Error message: com.vmware.vcsa.installer.ovf.deploy_appliance: ApplianceDeploymentTask: Caught an exception Deployment failed. O

    VF Tool return error code: 1
    ============================================================================================== 19:34:29 ==============================================================================================
    Result and Log File Information...


  • Install NFS (Network File System) On Debian Linux Ubuntu Mint Howto


    sudo apt-get install nfs-kernel-server  #oops there are no exports so it won't startsudo /etc/init.d/nfs-kernel-server start
     * Not starting NFS kernel daemon: no exports.
    #we will use the /tmp/nfstestshare directory for our NFS share
    

    mkdir /tmp/nfstestshare

    #add it to /etc/exports (basically what NFS checks to determine what to make an NFS share)

    /tmp/nfstestshare 192.168.1.5(rw,sync,no_root_squash)

    As you can see the brackets take 3 variables as follows:

    1. ro (readonly) or rw (readwrite)
    2. sync means no changes to the directory until changes are committed
    3. no_root_squash allows root to access the directory
    sudo /etc/init.d/nfs-kernel-server start

  • Relocating modules and starting up the kernel - VMWare ESXi 6.7 Error and Solution


    I had this error in an unsupported CPU on VMWare 6.7 and apparently this sometimes works especially on older VMWare versions like 6.5 5.5 etc (but in my case it did not).

    1. To make sure it proceed when you see "Loading VMWare"
    2. Hit "Shift+O"
    3. Then add "ignoreHeadless=TRUE"

    See an example below:

    Usually it will get you past the mentioned screen but may fail with other errors such as an Unsupported CPU.

    In the case your computer/server/CPU is supported and this is just a bug you will be able to complete the install.  But you'll want to make the boot option above permanent as each time you'll need to manually specify ignoreHeadless=TRUE or you won't be able to boot.

    Enable SSH on the ESXi host, login and type the following command to make it permanent:

    [root@localhost:~] esxcfg-advcfg -k TRUE ignoreHeadless
     


  • VMWare 6.7 VCSA VSphere ESXi Management SSO Install Guide on Linux using the CLI


    #mount the VCSA DVD
    mount /dev/sr0 /mnt/cd
    #alternatively you could mount the iso directly
    mount -o loop vcsa.iso /your/mount/path

    #for this purpose we are using the CLI installer on Linux
    cd /mnt/cd/vcsa-cli-installer/lin64

    #no it's not going to be that easy you can't just run vcsa-deploy like that you need to use a template or configured .json file
    ./vcsa-deploy
    Usage: vcsa-deploy [-h] [--version] [--supported-deployment-sizes]
                       {install,upgrade,migrate} ...
    For descriptions of valid options, use:
        $ vcsa-deploy --help

    vcsa-deploy: error: Too few arguments. The required arguments are not provided. Retry the command following the usage instructions.

    #seriously just telling it to install is not enough

    ./vcsa-deploy install
    Previous versions of this script defaulted to 'install' when no subcommand was specified. Running without a subcommand is no longer allowed. Specify 'install' as a subcommand if you want to run installation. Usage: vcsa-deploy install [-h] [--template-help] [--log-dir LOG_DIR]
                               [--skip-ovftool-verification] [--accept-eula]
                               [--acknowledge-ceip] [--pause-on-warnings]
                               [--operation-id OPERATION_ID] [-v | -t]
                               [--no-esx-ssl-verify | --no-ssl-certificate-verification]
                               [--verify-template-only | --precheck-only]
                               template [template ...]
    For descriptions of valid options, use:
        $ vcsa-deploy install --help

    vcsa-deploy install: error: the following arguments are required: template



    ./vcsa-deploy install --accept-eula --no-esx-ssl-verify /path/to/yourconfig.json

    #there are preconfigured .json templates here:

    ls /mnt/cd/vcsa-cli-installer/templates/install

    embedded_vCSA_on_ESXi.json              PSC_first_instance_on_VC.json
    embedded_vCSA_on_VC.json                PSC_replication_on_ESXi.json
    embedded_vCSA_replication_on_ESXi.json  PSC_replication_on_VC.json
    embedded_vCSA_replication_on_VC.json    vCSA_on_ESXi.json
    PSC_first_instance_on_ESXi.json         vCSA_on_VC.json

    Before getting started make sure your ESXi 6.7 Host Meets The Requirements for RAM, CPU and Storage

    source credit: http://vcdx56.com/2018/04/vmware-vcenter-server-6-7-resource-requirements/

    http://vcdx56.com/2016/12/vmware-vsphere-vcenter-server-6-5-appliance-deployment-using-cli/

    Deployment Size vCPUs RAM (GB)
    Tiny 2 10
    Small 4 16
    Medium 8 24
    Large 16 32
    X-Large 24 48

    Compute requirements per Deployment Size

    The below table lists the ESXi host and VM capacity per vCSA 6.5 deployment size

    Deployment Size ESXi Hosts VMs
    Tiny 10 100
    Small 100 1 000
    Medium 400 4 000
    Large 1 000 10 000
    X-Large 2 000 35 000

    Storage requirements per Deployment Size

    The below table lists the storage requirements per deployment size

    Deployment Size Storage Size Default (GB) Storage Size Large (GB) Storage Size Large (GB)
    Tiny 250 775 1 650
    Small 290 820 1 700
    Medium 425 925 1 805
    Large 640 990 1 870
    X-Large 980 1030 1 910

     

    Here is a description from the VMWare site of what they do:

     

     

    Deployment JSON Templates Included in the vCenter Server Appliance Installer

    Location

    Template

    Description

    vcsa-cli-installertemplatesinstall

    embedded_vCSA_on_ESXi.json

    Contains the minimum configuration parameters that are required for deployment of a vCenter Server Appliance with an embedded Platform Services Controller on an ESXi host.

    embedded_vCSA_on_VC.json

    Contains the minimum configuration parameters that are required for deployment of a vCenter Server Appliance with an embedded Platform Services Controller on a vCenter Server instance.

    embedded_vCSA_replication_on_ESXi.json

    Contains the minimum configuration parameters that are required for deployment of a vCenter Server Appliance with an embedded Platform Services Controller as a replication partner to another embedded vCenter Server Appliance on an ESXi host.

    embedded_vCSA_replication_on_VC.json

    Contains the minimum configuration parameters that are required for deployment of a vCenter Server Appliance with an embedded Platform Services Controller as a replication partner to another embedded vCenter Server Appliance on a vCenter Server instance.

    PSC_first_instance_on_ESXi.json

    Contains the minimum configuration parameters that are required for deployment of a Platform Services Controller appliance as the first instance in a new vCenter Single Sign-On domain on an ESXi host.

    PSC_first_instance_on_VC.json

    Contains the minimum configuration parameters that are required for deployment of a Platform Services Controller appliance as the first instance in a new vCenter Single Sign-On domain on a vCenter Server instance.

    PSC_replication_on_ESXi.json

    Contains the minimum configuration parameters that are required for deployment of a Platform Services Controller appliance joining an existing vCenter Single Sign-On domain on an ESXi host.

    PSC_replication_on_VC.json

    Contains the minimum configuration parameters that are required for deployment of a Platform Services Controller appliance joining an existing vCenter Single Sign-On domain on a vCenter Server instance.

    vCSA_on_ESXi.json

    Contains the minimum configuration parameters that are required for deployment of a vCenter Server Appliance with an external Platform Services Controller on an ESXi host.

    vCSA_on_VC.json

    Contains the minimum configuration parameters that are required for deployment of a vCenter Server Appliance with an external Platform Services Controller on a vCenter Server instance.


     

    For most people they will probably choose the smartly placed #1 .json option on VMWare's list as it applies to the most use cases I would think:

     

    embedded_vCSA_on_ESXi.json

    Contains the minimum configuration parameters that are required for deployment of a vCenter Server Appliance with an embedded Platform Services Controller on an ESXi host.

    In plain English you have an ESXi host and want to setup the vSphere/vCenter management off the same server.

    OK think you're ready now?

     

    ./vcsa-deploy install --accept-eula --no-esx-ssl-verify /mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json


    Run the installer with "-v" or "--verbose" to log detailed information
    Updating log file location, copying '/tmp/vcsaCliInstaller-2018-07-12-06-10-od3jvta8/vcsa-cli-installer.log' to desired location as a backup: '/tmp/vcsaCliInstaller-2018-07-12-06-10-od3jvta8/workflow_1531375823977/vcsa-cli-installer.log.bak'
    Workflow log-dir
    /tmp/vcsaCliInstaller-2018-07-12-06-10-od3jvta8/workflow_1531375823977
    ====== [START] Start executing Task: To validate CLI options at 06:10:24 ======
    Deprecation Warning: The command parameter '--no-esx-ssl-verify' is deprecated.
    You must use the new parameter '--no-ssl-certificate-verification' in the next
    deployment.
    template
    '/mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json' has
    ceip_enabled set to True, but the command line doesn't have --acknowledge-ceip.
    You must pass in the --acknowledge-ceip command line option to confirm your
    acknowledgement about your VMware Customer Experience Improvement Program (CEIP)
    participation.
    ================ [FAILED] Task: CLIOptionsValidationTask: Executing CLI
    optionsValidation task execution failed at 06:10:24 ================
    ================================================================================
    Error message: com.vmware.vcsa.installer.template.cli_argument_validation:
    template
    '/mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json' has
    ceip_enabled set to True, but the command line doesn't have --acknowledge-ceip.
    You must pass in the --acknowledge-ceip command line option to confirm your
    acknowledgement about your VMware Customer Experience Improvement Program (CEIP)
    participation.
    =================================== 06:10:24 ===================================
    Result and Log File Information...
    WorkFlow log directory:
    /tmp/vcsaCliInstaller-2018-07-12-06-10-od3jvta8/workflow_1531375823977
     

    Let's try it again oops we have used some deprecated stuff since VMWare 6.7 is a new beast!


    ./vcsa-deploy install --no-ssl-certificate-verification --acknowledge-ceip --accept-eula /mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json 

     

    What went wrong?

     

    ./vcsa-deploy install --no-ssl-certificate-verification --acknowledge-ceip --accept-eula /mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json
    Run the installer with "-v" or "--verbose" to log detailed information
    Updating log file location, copying '/tmp/vcsaCliInstaller-2018-07-12-06-12-7_cs0okb/vcsa-cli-installer.log' to desired location as a backup: '/tmp/vcsaCliInstaller-2018-07-12-06-12-7_cs0okb/workflow_1531375934346/vcsa-cli-installer.log.bak'
    Workflow log-dir /tmp/vcsaCliInstaller-2018-07-12-06-12-7_cs0okb/workflow_1531375934346
    ================================================================= [START] Start executing Task: To validate CLI options at 06:12:14 =================================================================
    Command line arguments verfied.
    ======================= [SUCCEEDED] Successfully executed Task 'CLIOptionsValidationTask: Executing CLI optionsValidation task' in TaskFlow 'template_validation' at 06:12:14 =======================
    ========================================================= [START] Start executing Task: To validate the syntax of the template. at 06:12:14 =========================================================
    Template syntax validation for template '/mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json' succeeded.
    Syntax validation for all templates succeeded.
    ======================= [SUCCEEDED] Successfully executed Task 'SyntaxValidationTask: Executing Template Syntax Validation task' in TaskFlow 'template_validation' at 06:12:14 =======================
     [START] Start executing Task: To check the version of each template, and for each older template that supports CEIP, convert it to the latest template format, and save it to the Template Blackboard
    at 06:12:15
    Template version processing for template '/mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json' succeeded.
    Version processing for all templates succeeded.
    ====================== [SUCCEEDED] Successfully executed Task 'VersionProcessingTask: Executing Template Version Processing task' in TaskFlow 'template_validation' at 06:12:15 ======================
    ============================ [START] Start executing Task: To validate the template structure against the rules specified by a corresponding template schema. at 06:12:15 ============================
    The entered password for new_vcsa sso password does not meet the requirements. The password must be between 8 characters and 20 characters long. It must also contain at least one uppercase and
    lowercase letter, one number, and one character from '!"#$%&'()*+,-./:;<=>?@[]^_`{|}~' and all characters must be ASCII. Space is not allowed in password.
    Section 'new_vcsa', subsection 'network', property 'ip' validation failed: Expected 4 octets in ''
    Section 'new_vcsa', subsection 'network', property 'system_name' validation failed: Given hostname '' is neither IPv4, IPv6 nor an
    FQDN
    Section 'new_vcsa', subsection 'network', property 'dns_servers' validations failed: Expected 4 octets in ''
    Section 'new_vcsa', subsection 'network', property 'gateway' validation failed: Expected 4 octets in ''
    An invalid value was encountered in section 'new_vcsa', subsection 'network', property 'prefix'. The network prefix must be a positive integer
    Cannot obtain a valid ESXi/vCenter hostname from the template. Make sure a valid hostname is provided for the key 'hostname' under the section 'new_vcsa', section 'esxi' or 'vc'.
    Section 'new_vcsa', subsection 'esxi', field 'hostname' validation failed: Given hostname '' is neither IPv4, IPv6 nor an
    FQDN
    The entered password for new_vcsa os password does not meet the requirements. The password must be between 8 characters and 20 characters long. It must also contain at least one uppercase and
    lowercase letter, one number, and one character from '!"#$%&'()*+,-./:;<=>?@[]^_`{|}~' and all characters must be ASCII. Space is not allowed in password.
    Template structure validation failed for template /mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json.
    The value '******' of the key 'password' in section 'new_vcsa', subsection 'sso' is invalid. Correct the value and rerun the script.
    The value '' of the key 'ip' in section 'new_vcsa', subsection 'network' is invalid. Correct the value and rerun the script.
    The value '' of the key 'system_name' in section 'new_vcsa', subsection 'network' is invalid. Correct the value and rerun the
    script.
    The value '' of the key 'dns_servers' in section 'new_vcsa', subsection 'network' is invalid. Correct the value and rerun the script.
    The value '' of the key 'gateway' in section 'new_vcsa', subsection 'network' is invalid. Correct the value and rerun the script.
    The value ' 255.255.255.0, there are 24 bits in the binary version of the subnet mask, so the prefix length is 24. if used, the values must be in the inclusive range of 0 to 32 for ipv4 and 0 to 128 for ipv6.>'
    of the key 'prefix' in section 'new_vcsa', subsection 'network' is invalid. Correct the value and rerun the script.
    The value 'ipv4' of the key 'ip_family' in section 'new_vcsa', subsection 'network' is invalid. Correct the value and rerun the script.
    The value '' of the key 'hostname' in section 'new_vcsa', subsection 'esxi' is invalid. Correct the value and rerun the
    script.
    The value '******' of the key 'password' in section 'new_vcsa', subsection 'os' is invalid. Correct the value and rerun the script.
    =========================================================================== [FAILED] Task: StructureValidationTask: Executing Template Structure Validation task execution failed at 06:12:15
    ===========================================================================
    ======================================================================================================================================================================================================
    Error message: com.vmware.vcsa.installer.template.structure_validation: Template structure validation failed for template /mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json.
    ============================================================================================== 06:12:15 ==============================================================================================
    Result and Log File Information...
    WorkFlow log directory: /tmp/vcsaCliInstaller-2018-07-12-06-12-7_cs0okb/workflow_1531375934346
     

    We have to edit our .json template first

    cp /mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json /tmp/


    {
        "__version": "2.13.0",
        "__comments": "Sample template to deploy a vCenter Server Appliance with an embedded Platform Services Controller on an ESXi host.",
        "new_vcsa": {
            "esxi": {
                "hostname": "",
                "username": "root",
                "password": " ",
                "deployment_network": "VM Network",
                "datastore": ""
            },
            "appliance": {
                "__comments": [
                    "You must provide the 'deployment_option' key with a value, which will affect the VCSA's configuration parameters, such as the VCSA's number of vCPUs, the memory size, the storage size, and the maximum numbers of ESXi hosts and VMs which can be managed. For a list of acceptable values, run the supported deployment sizes help, i.e. vcsa-deploy --supported-deployment-sizes"
                ],
                "thin_disk_mode": true,
                "deployment_option": "small",
                "name": "Embedded-vCenter-Server-Appliance"
            },
            "network": {
                "ip_family": "ipv4",
                "mode": "static",
                "ip": "",
                "dns_servers": [
                    ""
                ],
                "prefix": "",
                "gateway": "",
                "system_name": ""
            },
            "os": {
                "password": "",
                "ntp_servers": "time.nist.gov",
                "ssh_enable": false
            },
            "sso": {
                "password": "",
                "domain_name": "vsphere.local"
            }
        },
        "ceip": {
            "description": {
                "__comments": [
                    "++++VMware Customer Experience Improvement Program (CEIP)++++",
                    "VMware's Customer Experience Improvement Program (CEIP) ",
                    "provides VMware with information that enables VMware to ",
                    "improve its products and services, to fix problems, ",
                    "and to advise you on how best to deploy and use our ",
                    "products. As part of CEIP, VMware collects technical ",
                    "information about your organization's use of VMware ",
                    "products and services on a regular basis in association ",
                    "with your organization's VMware license key(s). This ",
                    "information does not personally identify any individual. ",
                    "Additional information regarding the data collected ",
                    "through CEIP and the purposes for which it is used by ",
                    "VMware is set forth in the Trust & Assurance Center at ",
                    "http://www.vmware.com/trustvmware/ceip.html . If you ",
                    "prefer not to participate in VMware's CEIP for this ",
                    "product, you should disable CEIP by setting ",
                    "'ceip_enabled': false. You may join or leave VMware's ",
                    "CEIP for this product at any time. Please confirm your ",
                    "acknowledgement by passing in the parameter ",
                    "--acknowledge-ceip in the command line.",
                    "++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
                ]
            },
            "settings": {
                "ceip_enabled": true
            }
        }
    }

    #after editing the above make sure you run the install again but point to the /tmp .json file:

     

    ./vcsa-deploy install --no-ssl-certificate-verification --acknowledge-ceip --accept-eula /tmp/embedded_vCSA_on_ESXi.json
     

     

     

     

     

    Run the installer with "-v" or "--verbose" to log detailed information
    Updating log file location, copying '/tmp/vcsaCliInstaller-2018-07-12-06-37-r4wnppls/vcsa-cli-installer.log' to desired location as a backup: '/tmp/vcsaCliInstaller-2018-07-12-06-37-r4wnppls/workflow_1531377437847/vcsa-cli-installer.log.bak'
    Workflow log-dir /tmp/vcsaCliInstaller-2018-07-12-06-37-r4wnppls/workflow_1531377437847
    ================================================================= [START] Start executing Task: To validate CLI options at 06:37:18 =================================================================
    Command line arguments verfied.
    ======================= [SUCCEEDED] Successfully executed Task 'CLIOptionsValidationTask: Executing CLI optionsValidation task' in TaskFlow 'template_validation' at 06:37:18 =======================
    ========================================================= [START] Start executing Task: To validate the syntax of the template. at 06:37:18 =========================================================
    Template syntax validation for template '/tmp/embedded_vCSA_on_ESXi.json' succeeded.
    Syntax validation for all templates succeeded.
    ======================= [SUCCEEDED] Successfully executed Task 'SyntaxValidationTask: Executing Template Syntax Validation task' in TaskFlow 'template_validation' at 06:37:18 =======================
     [START] Start executing Task: To check the version of each template, and for each older template that supports CEIP, convert it to the latest template format, and save it to the Template Blackboard
    at 06:37:18
    Template version processing for template '/tmp/embedded_vCSA_on_ESXi.json' succeeded.
    Version processing for all templates succeeded.
    ====================== [SUCCEEDED] Successfully executed Task 'VersionProcessingTask: Executing Template Version Processing task' in TaskFlow 'template_validation' at 06:37:18 ======================
    ============================ [START] Start executing Task: To validate the template structure against the rules specified by a corresponding template schema. at 06:37:18 ============================
    The entered password for new_vcsa sso password does not meet the requirements. The password must be between 8 characters and 20 characters long. It must also contain at least one uppercase and
    lowercase letter, one number, and one character from '!"#$%&'()*+,-./:;<=>?@[]^_`{|}~' and all characters must be ASCII. Space is not allowed in password.
    The entered password for new_vcsa os password does not meet the requirements. The password must be between 8 characters and 20 characters long. It must also contain at least one uppercase and
    lowercase letter, one number, and one character from '!"#$%&'()*+,-./:;<=>?@[]^_`{|}~' and all characters must be ASCII. Space is not allowed in password.
    Template structure validation failed for template /tmp/embedded_vCSA_on_ESXi.json.
    The value '******' of the key 'password' in section 'new_vcsa', subsection 'sso' is invalid. Correct the value and rerun the script.
    The value '******' of the key 'password' in section 'new_vcsa', subsection 'os' is invalid. Correct the value and rerun the script.
    The key 'system_name' in section 'new_vcsa' subsection 'network' is required. Its value cannot be null or empty.
    The key 'dns_servers' in section 'new_vcsa' subsection 'network' is required. Its value cannot be null or empty.
    The key 'gateway' in section 'new_vcsa' subsection 'network' is required. Its value cannot be null or empty.
    The key 'prefix' in section 'new_vcsa' subsection 'network' is required. Its value cannot be null or empty.
    The key 'ip' in section 'new_vcsa' subsection 'network' is required. Its value cannot be null or empty.

    =========================================================================== [FAILED] Task: StructureValidationTask: Executing Template Structure Validation task execution failed at 06:37:19
    ===========================================================================
    ======================================================================================================================================================================================================
    Error message: com.vmware.vcsa.installer.template.structure_validation: Template structure validation failed for template /tmp/embedded_vCSA_on_ESXi.json.
    ============================================================================================== 06:37:19 ==============================================================================================
    Result and Log File Information...
    WorkFlow log directory: /tmp/vcsaCliInstaller-2018-07-12-06-37-r4wnppls/workflow_1531377437847
     

    #no luck so far

     

    ./vcsa-deploy install --no-ssl-certificate-verification --acknowledge-ceip --accept-eula /tmp/embedded_vCSA_on_ESXi.json
    Run the installer with "-v" or "--verbose" to log detailed information
    Updating log file location, copying '/tmp/vcsaCliInstaller-2018-07-12-06-45-f3v4sgw5/vcsa-cli-installer.log' to desired location as a backup: '/tmp/vcsaCliInstaller-2018-07-12-06-45-f3v4sgw5/workflow_1531377957356/vcsa-cli-installer.log.bak'
    Workflow log-dir /tmp/vcsaCliInstaller-2018-07-12-06-45-f3v4sgw5/workflow_1531377957356
    ================================================================= [START] Start executing Task: To validate CLI options at 06:45:57 =================================================================
    Command line arguments verfied.
    ======================= [SUCCEEDED] Successfully executed Task 'CLIOptionsValidationTask: Executing CLI optionsValidation task' in TaskFlow 'template_validation' at 06:45:57 =======================
    ========================================================= [START] Start executing Task: To validate the syntax of the template. at 06:45:57 =========================================================
    Template syntax validation for template '/tmp/embedded_vCSA_on_ESXi.json' succeeded.
    Syntax validation for all templates succeeded.
    ======================= [SUCCEEDED] Successfully executed Task 'SyntaxValidationTask: Executing Template Syntax Validation task' in TaskFlow 'template_validation' at 06:45:57 =======================
     [START] Start executing Task: To check the version of each template, and for each older template that supports CEIP, convert it to the latest template format, and save it to the Template Blackboard
    at 06:45:58
    Template version processing for template '/tmp/embedded_vCSA_on_ESXi.json' succeeded.
    Version processing for all templates succeeded.
    ====================== [SUCCEEDED] Successfully executed Task 'VersionProcessingTask: Executing Template Version Processing task' in TaskFlow 'template_validation' at 06:45:58 ======================
    ============================ [START] Start executing Task: To validate the template structure against the rules specified by a corresponding template schema. at 06:45:58 ============================
    The entered password for new_vcsa sso password does not meet the requirements. The password must be between 8 characters and 20 characters long. It must also contain at least one uppercase and
    lowercase letter, one number, and one character from '!"#$%&'()*+,-./:;<=>?@[]^_`{|}~' and all characters must be ASCII. Space is not allowed in password.
    Template structure validation failed for template /tmp/embedded_vCSA_on_ESXi.json.
    The value '******' of the key 'password' in section 'new_vcsa', subsection 'sso' is invalid. Correct the value and rerun the script.
    =========================================================================== [FAILED] Task: StructureValidationTask: Executing Template Structure Validation task execution failed at 06:45:58
    ===========================================================================
    ======================================================================================================================================================================================================
    Error message: com.vmware.vcsa.installer.template.structure_validation: Template structure validation failed for template /tmp/embedded_vCSA_on_ESXi.json.
    ============================================================================================== 06:45:58 ==============================================================================================
    Result and Log File Information...
    WorkFlow log directory: /tmp/vcsaCliInstaller-2018-07-12-06-45-f3v4sgw5/workflow_1531377957356
    [root@vsphere-center lin64]# vi /tmp/embedded_vCSA_on_ESXi.json
    [root@vsphere-center lin64]# ./vcsa-deploy install --no-ssl-certificate-verification --acknowledge-ceip --accept-eula /tmp/embedded_vCSA_on_ESXi.json
    Run the installer with "-v" or "--verbose" to log detailed information
    Updating log file location, copying '/tmp/vcsaCliInstaller-2018-07-12-06-46-8qv_x80w/vcsa-cli-installer.log' to desired location as a backup: '/tmp/vcsaCliInstaller-2018-07-12-06-46-8qv_x80w/workflow_1531377985688/vcsa-cli-installer.log.bak'
    Workflow log-dir /tmp/vcsaCliInstaller-2018-07-12-06-46-8qv_x80w/workflow_1531377985688
    ================================================================= [START] Start executing Task: To validate CLI options at 06:46:25 =================================================================
    Command line arguments verfied.
    ======================= [SUCCEEDED] Successfully executed Task 'CLIOptionsValidationTask: Executing CLI optionsValidation task' in TaskFlow 'template_validation' at 06:46:25 =======================
    ========================================================= [START] Start executing Task: To validate the syntax of the template. at 06:46:26 =========================================================
    Template syntax validation for template '/tmp/embedded_vCSA_on_ESXi.json' succeeded.
    Syntax validation for all templates succeeded.
    ======================= [SUCCEEDED] Successfully executed Task 'SyntaxValidationTask: Executing Template Syntax Validation task' in TaskFlow 'template_validation' at 06:46:26 =======================
     [START] Start executing Task: To check the version of each template, and for each older template that supports CEIP, convert it to the latest template format, and save it to the Template Blackboard
    at 06:46:26
    Template version processing for template '/tmp/embedded_vCSA_on_ESXi.json' succeeded.
    Version processing for all templates succeeded.
    ====================== [SUCCEEDED] Successfully executed Task 'VersionProcessingTask: Executing Template Version Processing task' in TaskFlow 'template_validation' at 06:46:26 ======================
    ============================ [START] Start executing Task: To validate the template structure against the rules specified by a corresponding template schema. at 06:46:26 ============================
    Template structure validation for template '/tmp/embedded_vCSA_on_ESXi.json' succeeded.
    Structure validation for all templates succeeded.
    ==================== [SUCCEEDED] Successfully executed Task 'StructureValidationTask: Executing Template Structure Validation task' in TaskFlow 'template_validation' at 06:46:27 ====================
     [START] Start executing Task: To create a dependency graph for the provided templates, with an edge pairing two templates that are dependent on each other. Such graph relationships will affect
    whether certain templates can be deployed in parallel, or must be deployed sequentially. at 06:46:27
    Dependency processing for all templates succeeded.
    =================== [SUCCEEDED] Successfully executed Task 'DependencyProcessingTask: Executing Template Dependency Processing task' in TaskFlow 'template_validation' at 06:46:27 ===================
    ================================================== [START] Start executing Task: Validate that requirements are met in the source VCSA. at 06:46:29 ==================================================
    InstallRequirementCollector: Reached gathering requirement
    ============================== [SUCCEEDED] Successfully executed Task 'SrcRequirementTask: Running SrcRequirementTask' in TaskFlow 'embedded_vCSA_on_ESXi' at 06:46:29 ==============================
    ================================================================= [START] Start executing Task: Perform precheck tasks. at 06:46:30 =================================================================
    ========================================== [START] Start executing Task: Verify that the provided credentials for the target ESXi/VC are valid at 06:46:30 ==========================================
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.54' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    =========================================== [SUCCEEDED] Successfully executed Task 'Running precheck: TargetCredentials' in TaskFlow 'install' at 06:46:31 ===========================================
    ============================================= [START] Start executing Task: Precheck CPU, memory and datastore size requirements for a host. at 06:46:31 =============================================
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.54' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    The VCSA 'Embedded-vCenter-Server-Appliance' requires hardware virtualization support from the ESXi host 'localhost.localdomain'. You are recommended to check the BIOS settings of the ESXi host for
    hardware virtualization support before proceeding.
    =========================================================================== [FAILED] Task: Running precheck: HostConfigs execution failed at 06:46:37
    ===========================================================================
    ======================================================================================================================================================================================================
    =========================================================================== [FAILED] Task: PrecheckTask: Running prechecks. execution failed at 06:46:37
    ===========================================================================
    ======================================================================================================================================================================================================
    Error message: com.vmware.vcsa.installer.prechecks: com.vmware.vcsa.installer.prechecks.host_configs: The deployment size selected by user's template for the VCSA 'Embedded-vCenter-Server-Appliance'
    is 'small', which requires 4 CPUs while the ESXi host 'localhost.localdomain' has 2 physical CPUs (cores) available. Choose a different deployment option for the VCSA, or use a different ESXi host,
    or provide more CPUs for the ESXi. Deployment size selected by user's template for the VCSA 'Embedded-vCenter-Server-Appliance' is 'small', which requires 16 GB of memory. That exceeds the total
    memory of 4 GB of the ESXi host 'localhost.localdomain'. Choose a different deployment option for the VCSA. The capacity of datastore 'datastore1' (3.0 GB) in host 'localhost.localdomain' is less
    than the minimum size required (25 GB). Use a different datastore, or increase the datastore size above the required minimum.
    ============================================================================================== 06:46:38 ==============================================================================================
    Result and Log File Information...
    WorkFlow log directory: /tmp/vcsaCliInstaller-2018-07-12-06-46-8qv_x80w/workflow_1531377985688
     

     #now the server seems to die or at least the NIC during the install process

     

    OVF Tool: Opening OVA source:
    /mnt/cd/vcsa-cli-installer/lin64/../../vcsa/VMware-vCenter-Server-Appliance-6.7.0.12000-8832884_OVF10.ova
    OVF Tool: Opening VI target: vi://root@192.168.1.54:443/
    OVF Tool: Deploying to VI: vi://root@192.168.1.54:443/
    OVF Tool: Disk progress: 99%
    OVF Tool: Transfer Completed
    OVF Tool: Powering on VM: Embedded-vCenter-Server-Appliance-
    OVF Tool: Task progress: 58%
    OVF Tool: Task Completed
    OVF Tool: Waiting for IP address...Error: Operation was canceled
    OVF Tool: Error: No route to host
    Deployment failed. OVF Tool return error code: 1
     


    It's not so much that it fails to install but rather that once the vcenter appliance starts for some reason the network stops working.  Restarting the network does not help either.

    When starting the Virtual Appliance the last thing on the console I can see is:

    Started Network Time Servce:
    [ *** ] (2 of 2) A start job is running for Initial c...metadata service crawler) (21s /no limit)

     

    A successful install will look like this:

     

     

    ========================================= [START] Start executing Task: Invoke OVF Tool to deploy VCSA for installation, upgrade, and migration at 05:58:58 =========================================
    Deployment failed. OVF Tool return error code: 255
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Failed to collect support bundle from appliance because: Cannot gather support bundle because the vm 'Embedded-vCenter-Server-Appliance' was not found on ESX 192.168.1.60. Underlying error details:
    Failed to find VM Embedded-vCenter-Server-Appliance
    =========================================================================== [FAILED] Task: Deploying vCenter Server Appliance execution failed at 05:58:59
    ===========================================================================
    ======================================================================================================================================================================================================
    Error message: com.vmware.vcsa.installer.ovf.deploy_appliance: ApplianceDeploymentTask: Caught an exception Deployment failed. OVF Tool return error code: 255
    ============================================================================================== 05:59:00 ==============================================================================================
    Result and Log File Information...
    WorkFlow log directory: /var/tmp/vcsaCliInstaller-2018-07-20-05-58-0vi0n75f/workflow_1532066319919
    [root@vsphere-center lin64]#



    (RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running


    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running


    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Found IP address of target appliance: 192.168.1.61
    Proceed with certificate thumbprint check...
    Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment'
    ==========VCSA Deployment Progress Report==========         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.         Task: Run firstboot
    scripts.(RUNNING 60/100)    - Starting VMware vCenter Server...
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Failed to query appliance API against VM 'Embedded-vCenter-Server-Appliance' on '192.168.1.60' for the deployment status because 'Unable to obtain IP address of the target appliance, it might still
    be powering up or during IP transfer.', retrying and will timeout in '3570 seconds
    traceback: Traceback (most recent call last):   File "/build/mts/release/bora-7892267/bora/install/vcsa-installer/vcsaCliInstaller/cli_tasks/monitor/monitor_vcenter_deployment_task.py", line 402, in
    execute ValueError: Unable to obtain IP address of the target appliance, it might still be powering up or during IP transfer.
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
    verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
    Failed to query appliance API against VM 'Embedded-vCenter-Server-Appliance' on '192.168.1.60' for the deployment status because 'Unable to obtain IP address of the target appliance, it might still
    be powering up or during IP transfer.', retrying and will timeout in '3540 seconds
    traceback: Traceback (most recent call last):   File "/build/mts/release/bora-7892267/bora/install/vcsa-installer/vcsaCliInstaller/cli_tasks/monitor/monitor_vcenter_deployment_task.py", line 402, in
    execute ValueError: Unable to obtain IP address of the target appliance, it might still be powering up or during IP transfer.



    ####################fixed it by changing password

    Do not use ( & or # or you will have bizarre issues like above

            "os": {
                "password": "8#Klaasyeasy",
                "ntp_servers": "time.nist.gov",
                "ssh_enable": false
            },
            "sso": {
                "password": "DkUOI98(&*93",
                "domain_name": "vsphere.local"
            }

    Change to passwords like this:


            "os": {
                "password": "8^Klaasyeasy",
                "ntp_servers": "time.nist.gov",
                "ssh_enable": false
            },
            "sso": {
                "password": "DkUOI98*93",
                "domain_name": "vsphere.local"
            }




    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 63/100)    - Starting VMware Content
    Library Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 63/100)    - Starting VMware Content
    Library Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 63/100)    - Starting VMware Content
    Library Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 63/100)    - Starting VMware Content
    Library Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 63/100)    - Starting VMware Content
    Library Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 63/100)    - Starting VMware Content
    Library Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 63/100)    - Starting VMware Content
    Library Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 63/100)    - Starting VMware Content
    Library Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 63/100)    - Starting VMware Content
    Library Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 63/100)    - Starting VMware Content
    Library Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 63/100)    - Starting VMware Content
    Library Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 63/100)    - Starting VMware Content
    Library Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 65/100)    - Starting VMware ESX Agent
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 65/100)    - Starting VMware ESX Agent
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 65/100)    - Starting VMware ESX Agent
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 68/100)    - Starting VMware Message
    Bus Configuration Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed
    successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 71/100)    - Starting VMware vSphere
    Profile-Driven Storage Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed
    successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 71/100)    - Starting VMware vSphere
    Profile-Driven Storage Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed
    successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 71/100)    - Starting VMware vSphere
    Profile-Driven Storage Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed
    successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 73/100)    - Starting VMware Update
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 73/100)    - Starting VMware Update
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 73/100)    - Starting VMware Update
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 73/100)    - Starting VMware Update
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 73/100)    - Starting VMware Update
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 73/100)    - Starting VMware Update
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 73/100)    - Starting VMware Update
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 73/100)    - Starting VMware Update
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 73/100)    - Starting VMware Update
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 73/100)    - Starting VMware Update
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 73/100)    - Starting VMware Update
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 73/100)    - Starting VMware Update
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 73/100)    - Starting VMware Update
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 76/100)    - Starting VMware vCenter
    High Availability...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 78/100)    - Starting VMware vSphere
    Authentication Proxy...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed
    successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 78/100)    - Starting VMware vSphere
    Authentication Proxy...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed
    successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 81/100)    - Starting VMware VSAN Data
    Protection Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed
    successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 84/100)    - Starting VMware VSAN
    Health Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 84/100)    - Starting VMware VSAN
    Health Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 84/100)    - Starting VMware VSAN
    Health Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 84/100)    - Starting VMware VSAN
    Health Service...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 86/100)    - Starting VMware vService
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 86/100)    - Starting VMware vService
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 86/100)    - Starting VMware vService
    Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 89/100)    - Starting VMware Image
    Builder Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 89/100)    - Starting VMware Image
    Builder Manager...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 92/100)    - Starting VMware vSphere
    Auto Deploy Waiter...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed
    successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 92/100)    - Starting VMware vSphere
    Auto Deploy Waiter...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed
    successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 92/100)    - Starting VMware vSphere
    Auto Deploy Waiter...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed
    successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 92/100)    - Starting VMware vSphere
    Auto Deploy Waiter...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed
    successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 97/100)    - Starting VMware
    Performance Charts...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed
    successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 97/100)    - Starting VMware
    Performance Charts...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed
    successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(RUNNING 97/100)    - Starting VMware
    Performance Charts...         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed
    successfully.
    VCSA Deployment is still running
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    ==========VCSA Deployment Progress Report==========         Task: Run firstboot scripts.(SUCCEEDED 100/100) - Task has completed
    successfully.         Task: Install required RPMs for the appliance.(SUCCEEDED 100/100)       - Task has completed successfully.
    Successfully completed VCSA deployment.  VCSA Deployment Start Time: 2018-07-20T10:25:37.358Z VCSA Deployment End Time:
    2018-07-20T12:10:05.023Z
     [SUCCEEDED] Successfully executed Task 'MonitorDeploymentTask: Monitoring Deployment' in TaskFlow 'embedded_vCSA_on_ESXi' at 12:10:34
    Monitoring VCSA Deploy task completed
    ==================== [START] Start executing Task: Provide the login information about new appliance. at 12:10:36 ====================
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
    Proceed with certificate thumbprint check...
    The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification'
    or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command
    line if you want server certificates to be verified.
        Appliance Name: Embedded-vCenter-Server-Appliance
        System Name: 192.168.1.61
        System IP: 192.168.1.61
        Log in as: Administrator@vsphere.local
     [SUCCEEDED] Successfully executed Task 'ApplianceLoginSummaryTask: Provide appliance login information.' in TaskFlow
    'embedded_vCSA_on_ESXi' at 12:10:39
    ============================================================== 12:10:40 ==============================================================
    Result and Log File Information...
    WorkFlow log directory: /tmp/vcsaCliInstaller-2018-07-20-09-36-n9d4w4qp/workflow_1532079398332

     


  • Hard Drive Serial Number Examples


    The reason for this article is because a lot of us don't physically see our hard drives they are often remote in a datacenter etc and the actual serial number we see in SMART is not enough to check for some manufacturers.

    A good example is our first one the Toshiba

    === START OF INFORMATION SECTION ===
    Device Model:     TOSHIBA DT01ACA200
    Serial Number:    33FMDW4AS

    If you enter the serial in Toshiba's site above: https://myapps.taec.toshiba.com/myapps/admin/jsp/webrma/addRequest1NoLogin.jsp

    You will get the following result:

      33FMDW4AS     Warranty could not be determined for this Non-HDD serial number. If you have any questions you may contact Toshiba at 1-855-898-1905.

    That is  because you are missing the "TZ5" at the end.  See when you add the TZ5.

    33FMDW4ASTZ5 HDKPC09A0A01S Out Of Warranty Out of warranty. Exp Date: 2015/03/26

    Hard Drive Full Serial List Examples

    The format will be that the extra characters before or after the serial number are what you have to add on your own.

    Device Model:     TOSHIBA DT01ACA200
    Serial Number:    33FMDW4AS
    TZ5

    Device Model:     TOSHIBA MG03ACA200
    Serial Number:    Z4JAK5C8FVD2
     



  • vino server error cannot login


    10/07/2018 03:05:14 PM [IPv4] Got connection from client10.10.25.1
    10/07/2018 03:05:14 PM   other clients:
    10/07/2018 03:05:14 PM Client Protocol Version 3.7
    10/07/2018 03:05:14 PM Advertising security type 18
    10/07/2018 03:05:14 PM Client returned security type 18
    10/07/2018 03:05:14 PM TLS Handshake failed: Could not negotiate a supported cipher suite.
    10/07/2018 03:05:14 PM Client10.10.25.1 gone
    10/07/2018 03:05:14 PM Statistics:
    10/07/2018 03:05:14 PM   framebuffer updates 0, rectangles 0, bytes 0
    10/07/2018 03:05:16 PM [IPv4] Got connection from client10.10.25.1
    10/07/2018 03:05:16 PM   other clients:
    10/07/2018 03:05:17 PM rfbProcessClientProtocolVersion: not a valid RFB client
    10/07/2018 03:05:17 PM Client10.10.25.1 gone
    10/07/2018 03:05:17 PM Statistics:
    10/07/2018 03:05:17 PM   framebuffer updates 0, rectangles 0, bytes 0

     


  • OpenVPN auth-user-pass-verify ENV script error


    Starting with newer versions of OpenVPN I believe 2.2+ you need to have "script-security 3" set or you can't execute a third party script.

    Prior to that you could also use the auth-user-pass-verify like this:

    auth-user-pass-verify ./validate.pl "$username $password $ip" via-env

    Options error: the --auth-user-pass-verify directive should have at most 2 parameters.  To pass a list of arguments as one of the parameters, try enclosing them in double quotes ("").

    However this no longer works.  The way env works no longer gives you the variables as variables that you can pass as arguments.

    It now works as normal so for example in a shell script you call from OpenVPN.

    Just referencing $username and $password gives you the login information the user sent.  This seems to have taken effect in version 2.3 or 2.4 or possibly even 2.2


  • OpenVPN error ERROR: Cannot ioctl TUNSETIFF tun: Operation not permitted (errno=1)


    This basically means that you are running as non-root and you need to be root to create the tun0 or tap0 device on OpenVPN.  You could try sudo or adding the openvpn binary to the list of sudoers.


  • Howto install ioncube loader to PHP by Zend


    First of all download the raw .so file from zend:

    Copy the one relevant to your PHP version to  /usr/lib64/php/modules/

    eg.: cp ioncube_loader_lin_5.3.so /usr/lib64/php/modules/

    Then in your /etc/php.d/ directory create the file:

    vi /etc/php.d/zend.ini

    zend_extension = /usr/lib64/php/modules/ioncube_loader_lin_5.3.so

    After that restart apache/httpd and you'll be good to go!


  • Cannot create gradle for conversations


    The main issue is it looks like Java is not configured to accept the invalid ssl cert that is coming from the download location.

    Exception in thread "main" java.lang.RuntimeException: javax.net.ssl.SSLException: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error

     export ANDROID_HOME=/home/user/Downloads/tools/
    Conversations-master$ ./gradlew
    Downloading https://services.gradle.org/distributions/gradle-4.4-all.zip

    Exception in thread "main" java.lang.RuntimeException: javax.net.ssl.SSLException: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error
        at org.gradle.wrapper.ExclusiveFileAccessManager.access(ExclusiveFileAccessManager.java:78)
        at org.gradle.wrapper.Install.createDist(Install.java:47)
        at org.gradle.wrapper.WrapperExecutor.execute(WrapperExecutor.java:129)
        at org.gradle.wrapper.GradleWrapperMain.main(GradleWrapperMain.java:48)
    Caused by: javax.net.ssl.SSLException: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
        at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1914)
        at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1872)
        at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1855)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1376)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1353)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1366)
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263)
        at org.gradle.wrapper.Download.downloadInternal(Download.java:59)
        at org.gradle.wrapper.Download.download(Download.java:45)
        at org.gradle.wrapper.Install$1.call(Install.java:60)
        at org.gradle.wrapper.Install$1.call(Install.java:47)
        at org.gradle.wrapper.ExclusiveFileAccessManager.access(ExclusiveFileAccessManager.java:65)
        ... 3 more
    Caused by: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error
        at sun.security.pkcs11.P11Key$P11ECPublicKey.getEncodedInternal(P11Key.java:1024)
        at sun.security.pkcs11.P11Key.equals(P11Key.java:158)
        at java.util.ArrayList.indexOf(ArrayList.java:302)
        at java.util.ArrayList.contains(ArrayList.java:285)
        at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:239)
        at sun.security.validator.Validator.validate(Validator.java:260)
        at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
        at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
        at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1459)
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:213)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:961)
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:897)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1033)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1342)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1369)
        ... 13 more
    Caused by: java.security.InvalidKeyException: EC parameters error
        at sun.security.ec.ECParameters.getAlgorithmParameters(ECParameters.java:284)
        at sun.security.ec.ECPublicKeyImpl.<init>(ECPublicKeyImpl.java:59)
        at sun.security.pkcs11.P11Key$P11ECPublicKey.getEncodedInternal(P11Key.java:1021)
        ... 28 more
    Caused by: java.security.NoSuchProviderException: no such provider: SunEC
        at sun.security.jca.GetInstance.getService(GetInstance.java:83)
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:206)
        at java.security.Security.getImpl(Security.java:697)
        at java.security.AlgorithmParameters.getInstance(AlgorithmParameters.java:199)
        at sun.security.ec.ECParameters.getAlgorithmParameters(ECParameters.java:279)
        ... 30 more
     


  • not allowed to execute '/usr/bin/apt-get install eclipse' as root linux sudo user permisson issue and solution


    This is most likely to happen on a normal GUI system like Ubuntu or Linux Mint.  If you or the user is meant to have sudo / root privileges it is as simple as editing the following files:

    Now assume your username is "iamtheuser"

    vi /etc/group

    adm:x:4:syslog,iamtheuser
    sudo:x:27:anotheruser,iamtheuser


    Find the above lines and add a comma and "iamtheuser" right after as shown in the example above.  You'll have to log out and login and things will be fine after that.  If you want to stay logged into the GUI you could always just ssh in to localhost and that ssh connection would give you the new privileges.


  • Database Error One or more of the WHMCS database tables appear to be either missing or corrupted. Please check and repair. - WHMCS Solution


    Database Error
    One or more of the WHMCS database tables appear to be either missing or corrupted. Please check and repair.

    This error can be misleading especially if you know you are using a known good backup or restoration of the WHMCS database.  The error can also be that the user lacks permissions to read and write to the database.

    To check to this in MySQL shell:

    GRANT read,write to dbusername@localhost on dbname;

    After that things should work again.


  • postfix errors fatal: no SASL authentication mechanisms /usr/libexec/postfix/smtpd: bad command startup -- throttling solution


    Jul  3 22:12:17mailserver postfix/smtpd[6195]: fatal: no SASL authentication mechanisms
    Jul  3 22:12:18mailserver postfix/master[4881]: warning: process /usr/libexec/postfix/smtpd pid 6195 exit status 1
    Jul  3 22:12:18mailserver postfix/master[4881]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

    This only ever happens in my experience when the authentication method is actually Dovecot.  Usually the problem will be that Dovecot cannot start due to a misconfiguration and or permissions issue. 

    The solution is to try to trace through /var/log/maillog and find out what is wrong with Dovecot (assuming it cannot start).

    After this postfix should work fine.

    You should also enable debug info in dovecot.conf like this:

    auth_debug = yes
    auth_debug_passwords = yes
    auth_verbose = yes

    To give you an idea of what commonly goes wrong after a new Dovecot migration or install:

    dovecot: auth: Error: passwd-file /etc/dovecot.passwd: open(/etc/dovecot.passwd) failed: Permission denied (euid=97(dovecot) egid=97(dovecot) missing +r perm: /etc/dovecot.passwd, euid is not dir owner)

    Solution:

    chmod +x /etc/dovecot.passwd

    Another error:

    dovecot: lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Connection refused

    In this case you need to make sure /var/run/dovecot/auth-userdb and also /var/mail is set to the correct user id and group id or username/groupname as in your /etc/dovecot/dovecot.conf

    first_valid_gid = 502
    first_valid_uid = 501
    last_valid_gid = 502
    last_valid_uid = 501