RealTechTalk (RTT) - Linux/Server Administration/Related

We have years of knowledge with technology, especially in the IT (Information Technology) industry. 

realtechtalk.com will always have fresh and useful information on a variety of subjects from Graphic Design, Server Administration, Web  Hosting Industry and much more.

This site will specialize in unique topics and problems faced by web hosts, Unix/Linux administrators, web developers, computer technicians, hardware, networking, scripting, web design and much more. The aim of this site is to explain common problems and solutions in a simple way. Forums are ineffective because they have a lot of talk, but it's hard to find the answer you're looking for, and as we know, the answer is usually not there. No one has time to scour the net for forums and read pages of irrelevant information on different forums/threads. RTT just gives you what you're looking for.

Latest Articles

  • Linux Mint 18.2 Create Config File To Start Application Upon Login


    This is not about systemd/systemctl and not about "onboot" so there's no rc.local trick here but it's the GUI/Gnome etc when a user logs in that a command is launched.

    Put this in your home dir
     

    The .config/autostart directory is where Linux Mint/Ubuntu checks for autostart application config files


    mkdir -p ~/.config/autostart

    Create a new entry/file that starts an application:


    vi realtechtalk.com.desktop

    The name can be anything but must have  ".desktop" as the extension.

    [Desktop Entry]
    Type=Application
    Exec=/usr/bin/firefox http://realtechtalk.com
    Hidden=false
    X-MATE-Autostart-enabled=true
    Name[en_US]=firefox
    Name=firefox
    Comment[en_US]=Visit realtechtalk.com!
    Comment=

     

    The key point from above is the "Exec" variable and Name variable.  Change exec to what you want to execute and change the name to something meaningful


  • Dell Wyse Thin Client BIOS Access Key


    For most of these machines you just have to power the unit on while holding the "Del" key and you'll enter the BIOS. 


  • sudoers fle in /etc warning about comments/includes!


    If you see this in /etc/sudoers it is NOT a comment but an include.

    #includedir /etc/sudoers.d
     

    For example in Linux mint sudoers.d contains the following files:

    casper  mintupdate  README
     

    casper for example contains the following sudoers line:

    mint  ALL=(ALL) NOPASSWD: ALL
     

    So if you are messing around with sudoers or creating a new file understand that #includedir is absolutely not a comment and may be critical to properly functioning sudo functionality for your machine or user.

    Of course this is contrary to most Unix based config files where often a pound # is a comment.


  • Centos 7 Reallocate logical volume space to another


    Do you hate how Centos 7 defaults to allocating most of your valuable space to /home even though it is a production server?

    Here is a quick guide on how to take back that space live, while online (of course make sure you have backups just in case something goes wrong!):

    First we will reduce our home dir by 100G:

    lvreduce -L -100G /dev/mapper/centos-home
      WARNING: Reducing active and open logical volume to <5.12 GiB.
      THIS MAY DESTROY YOUR DATA (filesystem etc.)
    Do you really want to reduce centos/home? [y/n]: y
      Size of logical volume centos/home changed from <105.12 GiB (26910 extents) to <5.12 GiB (1310 extents).
      Logical volume centos/home successfully resized.

     

    Now let's give it back to /root:


    lvextend -l 100%FREE /dev/centos/root
      Size of logical volume centos/root changed from 50.00 GiB (12800 extents) to 100.00 GiB (25601 extents).
      Logical volume centos/root successfully resized.

    OK but now what does our filesystem magically know what we did with the LV/logical volume?  No


    [root@disc livefilesystem]# df -h
    Filesystem               Size  Used Avail Use% Mounted on
    /dev/mapper/centos-root   50G   35G   16G  70% /

    devtmpfs                 1.9G     0  1.9G   0% /dev
    tmpfs                    1.9G     0  1.9G   0% /dev/shm
    tmpfs                    1.9G  8.7M  1.9G   1% /run
    tmpfs                    1.9G     0  1.9G   0% /sys/fs/cgroup
    /dev/mapper/centos-home  106G   33M  106G   1% /home
    /dev/sda1               1014M  176M  839M  18% /boot
    tmpfs                    379M     0  379M   0% /run/user/0

    Maybe we could just remount it? No



    [root@disc livefilesystem]# mount -o remount /
    [root@disc livefilesystem]# df -h
    Filesystem               Size  Used Avail Use% Mounted on
    /dev/mapper/centos-root   50G   35G   16G  70% /

    How do we resize the filesystem?  xfs_growfs of course!


    xfs_growfs /dev/mapper/centos-root
    meta-data=/dev/mapper/centos-root isize=512    agcount=4, agsize=3276800 blks
             =                       sectsz=512   attr=2, projid32bit=1
             =                       crc=1        finobt=0 spinodes=0
    data     =                       bsize=4096   blocks=13107200, imaxpct=25
             =                       sunit=0      swidth=0 blks
    naming   =version 2              bsize=4096   ascii-ci=0 ftype=1
    log      =internal               bsize=4096   blocks=6400, version=2
             =                       sectsz=512   sunit=0 blks, lazy-count=1
    realtime =none                   extsz=4096   blocks=0, rtextents=0
    data blocks changed from 13107200 to 26215424

    Now it's all good!


    [root@disc livefilesystem]# df -h
    Filesystem               Size  Used Avail Use% Mounted on
    /dev/mapper/centos-root  100G   35G   66G  35% /
    devtmpfs                 1.9G     0  1.9G   0% /dev
    tmpfs                    1.9G     0  1.9G   0% /dev/shm
    tmpfs                    1.9G  8.7M  1.9G   1% /run
    tmpfs                    1.9G     0  1.9G   0% /sys/fs/cgroup
    /dev/mapper/centos-home  106G   33M  106G   1% /home
    /dev/sda1               1014M  176M  839M  18% /boot
    tmpfs                    379M     0  379M   0% /run/user/0


  • lvm how to reduce volume size


    lvreduce -L -100G /dev/mapper/centos-home

    Do you really want to reduce centos/home? [y/n]: y
      Size of logical volume centos/home changed from <105.12 GiB (26910 extents) to <5.12 GiB (1310 extents).
      Logical volume centos/home successfully resized.


    Just modify the command above with the -100G to suite how much you want to reduce your volume by.


  • letsencrypt certbot error "Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80."


    ./certbot-auto --apache certonly
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator apache, Installer apache
    No names were found in your configuration files. Please enter in your domain
    name(s) (comma and/or space separated)  (Enter 'c' to cancel): yourdomain.com
    Obtaining a new certificate
    Performing the following challenges:
    http-01 challenge for yourdomain.com
    Cleaning up challenges
    Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.

     


  • SSH error cannot Forward or Listen "bind: Cannot assign requested address"


    debug1: Local connections to LOCALHOST:18006 forwarded to remote address 192.168.1.93:8006
    debug1: Local forwarding listening on 127.0.0.1 port 18006.
    debug1: channel 0: new [port listener]
    debug1: Local forwarding listening on ::1 port 18006.
    bind: Cannot assign requested address

    What we are seeing is that we can't listen on an IPV6 address of ::1.  We need to tell SSH to stop using IPV6 so we'll edit ssh_config to take care of this issue. 

    Solution:


    sudo vi /etc/ssh/ssh_config

     

    Set this:


    Host *
    AddressFamily inet

     

    Formerly the "inet" would say any which means it would be IPV6 too but we can't have that since it breaks out forwarding!

    The "inet" in address family disables IPV6 because we can see in the SSH verbose output earlier that it was trying to listen on ::1 (which is an IPV6 address).  This breaks if you don't have IPV6 enabled in your OS which is why we get the message from bind.


  • X11 SSH Linux Forwarding Error


    Jan 30 17:16:10 localhost sshd[25385]: error: Failed to allocate internet-domain X11 display socket.
     

    The solution for me on the server side was the following in sshd_config:

    AddressFamily inet

    *Remember to restart sshd and also reconnect from the client side.
     

    I had all the normal X11 settings on the server but it just stopped working for me randomly:

    X11Forwarding yes
    X11DisplayOffset 10

    I am thinking this is a client side error in the sense that perhaps newer SSH clients cause this bug because things were working fine for months and nothing changed on the server side.

    This happened on Linux Mint/Ubuntu/Debian based machines.


  • Using Microsoft's Group Policy Management Editor (GPME) To Change Default Permissions and Internet Explorer Security Settings


    The defaults in Windows 2016 server leave clients crippled so they can't even download basic files or software.  But Group Policy Management Editor comes to our rescue!

    Use cmd or Powershell and run:

    gpme.msc

    Choose your domain/computer and then navigate like below and create a new menu entry for IE11 or whatever your version is.  Don't be worried if the highest version is IE10 it means that it applies to IE10 AND above.

     

     

     

     

     

    Make your changes

    After that close the GPME and the settings will apply to users once they login again.

    Of course you can use GPME for other apps, settings etc.. so customize as you need.

     

    Don't forget to run "gpupdate" on existing clients or they may not get the GP changes you've made (eg. meaning what you did will have no effect on the user).


  • Thunderbird How To Disable An Email Account


    Navigate to  Tools -> Account Settings -> Server Settings

    Uncheck the following:

    • "Check for new messages on startup"
    • "Check for new messages every NN minutes"
    • "Automatically download new messages".

     

    Source: http://forums.mozillazine.org/viewtopic.php?t=635510


  • iptables linux firewall recommended rules for public computing


    Whether you are at work, at the coffee shop or on the public internet here are some basic but effective rules for iptables that lock things down (eg. no one can SMB or SSH to you or really anything):

     

    # Generated by iptables-save v1.4.21 on Fri Dec 14 14:00:08 2018
    *nat
    :PREROUTING ACCEPT [160:19844]
    :INPUT ACCEPT [4:357]
    :OUTPUT ACCEPT [2955:182236]
    :POSTROUTING ACCEPT [2955:182236]
    COMMIT
    # Completed on Fri Dec 14 14:00:08 2018
    # Generated by iptables-save v1.4.21 on Fri Dec 14 14:00:08 2018
    *filter
    :INPUT ACCEPT [0:0]
    :FORWARD ACCEPT [0:0]
    :OUTPUT ACCEPT [1284:148262]
    -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
    -A INPUT -i lo -j ACCEPT
    -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: "
    -A INPUT -j DROP

    COMMIT
    # Completed on Fri Dec 14 14:00:08 2018

     


  • LVM How To Create Pool (dynamically allocated and not fully allocated)


    The main use I have for this is virtual servers being able to use an LVM volume but not occupying all of the space.  It saves time in deploying machines and copying them so you are only copying the space they are using (eg. 5GB / 60GB vs the full 60GB).  There are some disadvantages which is mainly the fact that thin pools by their nature allow you to "overallocate" disk space which is that you could use more space than is available on the disk itself and corrupt your data.

    So in my opinion it is best to avoid thin pools EXCEPT if you have a testing environment you need to get up quickly or if you REALLY know what you are doing (eg. you are sure the disk space won't be overallocated or you have some other safeguards).

     

    How To Create An LVM Thin Pool

    -L = the size of the pool

    --thinpool = specifies we are creating a thin pool

    vmthinpool = the name of our thinpool

    vms = the name of the vg / volume group we are creating it on.

    lvcreate -L 500GB --thinpool vmthinpool vms
      Using default stripesize 64.00 KiB.
      Logical volume "vmthinpool" created.
     


  • VMWare Pro Workstation Nic Disconnected and No IP Using NAT


    By default VMWare Workstation often doesn't work as we would like.

    If you create a VM with a default NAT IP it won't work you will find the NIC is disconnected (even though on the VMWare side it says connected including at Power On).

    How To Solve It

    1.) Create New VMNet for NAT

    Click "Edit" -> "Virtual Network Editor"

    Click "Add Network"

    Select Network To Add "VMNet1" (or the next available name).

     

    Click on "NAT" under "Network Information"

    It should by default enable DHCP and a default range of 192.168.*.*

    and hit OK.

     

    2.) Edit your VM and assign it the VMNet you created above.

     

     

     


  • Linux How To Create A RamDisk


    size = the amount of RAM (m for megabytes)

    /mnt/ram = the mount location of the ram disk (change to the path you want it mounted to)

    mount -t tmpfs -o size=4096m tmpfs /mnt/ram/
     

    Example test in an old server:

    You can see that when reading if you don't specify bs1=M the read speeds are several times slower (eg. 450MB/s vs 2.1GB/s)

    mount -t tmpfs -o size=4096m tmpfs /mnt/ram/^C
    root@testserver:~# dd if=/dev/zero of=/mnt/ram/testhere bs=1M count=3000
    3000+0 records in
    3000+0 records out
    3145728000 bytes (3.1 GB, 2.9 GiB) copied, 2.51162 s, 1.3 GB/s
    root@testserver:~# dd if=/dev/mnt/ram^C
    root@testserver:~# dd if=/mnt/ram/testhere of=/dev/null
    6144000+0 records in
    6144000+0 records out
    3145728000 bytes (3.1 GB, 2.9 GiB) copied, 6.99788 s, 450 MB/s
    root@testserver:~# dd if=/mnt/ram/testfile of=/dev/null
    dd: failed to open '/mnt/ram/testfile': No such file or directory
    root@testserver:~# dd if=/mnt/ram/testhere
    testhere
    root@testserver:~# dd if=/mnt/ram/testhere of=/dev/null
    6144000+0 records in
    6144000+0 records out
    3145728000 bytes (3.1 GB, 2.9 GiB) copied, 6.94865 s, 453 MB/s
    root@testserver:~# dd if=/mnt/ram/testhere of=/dev/null bs=1M
    3000+0 records in
    3000+0 records out
    3145728000 bytes (3.1 GB, 2.9 GiB) copied, 1.49836 s, 2.1 GB/s


  • mdadm force resync when resync=PENDING solution


     cat /proc/mdstat
    Personalities : [linear] [multipath] [raid0] [raid1] [raid10] [raid6] [raid5] [raid4]
    md127 : active (auto-read-only) raid10 sdc1[0] sdb1[2]
          1953382400 blocks super 1.2 512K chunks 2 far-copies [2/1] [U_]
              resync=PENDING
          bitmap: 15/15 pages [60KB], 65536KB chunk

     

    Solution force repair/resync:

    echo "repair" > /sys/block/md127/md/sync_action
     


  • Proxmox Breaks Storage/LVM Backing If Killing QEMU-IMG


    I tried to stop a qemu-img copy or clone and it broke everything. It was fine to "stop" it from the GUI but a process still persisted so I killed the relevant qemu-img and the kernel went crazy. It also may not have helped that I tried to lvremove a different volume (an unused disk). But either way it breaks LVM (you cannot even run lvdisplay) so a reboot is necessary.

    Jan 17 06:45:21 testserver kernel: [ 5680.439337] systemd-udevd   D    0  9948    469 0x00000104
    Jan 17 06:45:21 testserver kernel: [ 5680.439341] Call Trace:
    Jan 17 06:45:21 testserver kernel: [ 5680.439356]  __schedule+0x3e3/0x880
    Jan 17 06:45:21 testserver kernel: [ 5680.439363]  schedule+0x36/0x80
    Jan 17 06:45:21 testserver kernel: [ 5680.439366]  schedule_preempt_disabled+0xe/0x10
    Jan 17 06:45:21 testserver kernel: [ 5680.439370]  __mutex_lock.isra.2+0x2b1/0x4e0
    Jan 17 06:45:21 testserver kernel: [ 5680.439374]  ? kobj_lookup+0x115/0x160
    Jan 17 06:45:21 testserver kernel: [ 5680.439377]  __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:45:21 testserver kernel: [ 5680.439379]  ? _cond_resched+0x1a/0x50
    Jan 17 06:45:21 testserver kernel: [ 5680.439382]  ? __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:45:21 testserver kernel: [ 5680.439384]  mutex_lock+0x2f/0x40
    Jan 17 06:45:21 testserver kernel: [ 5680.439389]  __blkdev_get+0x71/0x4d0
    Jan 17 06:45:21 testserver kernel: [ 5680.439391]  blkdev_get+0x125/0x310
    Jan 17 06:45:21 testserver kernel: [ 5680.439394]  blkdev_open+0x92/0x100
    Jan 17 06:45:21 testserver kernel: [ 5680.439397]  do_dentry_open+0x202/0x310
    Jan 17 06:45:21 testserver kernel: [ 5680.439399]  ? bd_acquire+0xd0/0xd0
    Jan 17 06:45:21 testserver kernel: [ 5680.439401]  vfs_open+0x4f/0x80
    Jan 17 06:45:21 testserver kernel: [ 5680.439403]  path_openat+0x617/0x14a0
    Jan 17 06:45:21 testserver kernel: [ 5680.439407]  ? page_add_file_rmap+0xf7/0x150
    Jan 17 06:45:21 testserver kernel: [ 5680.439411]  do_filp_open+0x99/0x110
    Jan 17 06:45:21 testserver kernel: [ 5680.439414]  ? __check_object_size+0xb3/0x190
    Jan 17 06:45:21 testserver kernel: [ 5680.439417]  ? __alloc_fd+0x46/0x170
    Jan 17 06:45:21 testserver kernel: [ 5680.439420]  do_sys_open+0x135/0x280
    Jan 17 06:45:21 testserver kernel: [ 5680.439421]  ? do_sys_open+0x135/0x280
    Jan 17 06:45:21 testserver kernel: [ 5680.439424]  SyS_open+0x1e/0x20
    Jan 17 06:45:21 testserver kernel: [ 5680.439428]  do_syscall_64+0x73/0x130
    Jan 17 06:45:21 testserver kernel: [ 5680.439432]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
    Jan 17 06:45:21 testserver kernel: [ 5680.439437] RIP: 0033:0x7f5864f81820
    Jan 17 06:45:21 testserver kernel: [ 5680.439439] RSP: 002b:00007ffc4632b0f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
    Jan 17 06:45:21 testserver kernel: [ 5680.439441] RAX: ffffffffffffffda RBX: 000056554f2b5cd0 RCX: 00007f5864f81820
    Jan 17 06:45:21 testserver kernel: [ 5680.439443] RDX: 000056554f14bda3 RSI: 0000000000080000 RDI: 000056554f29f370
    Jan 17 06:45:21 testserver kernel: [ 5680.439444] RBP: 0000000000000001 R08: 000056554f14bda3 R09: 0000000000000110
    Jan 17 06:45:21 testserver kernel: [ 5680.439445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
    Jan 17 06:45:21 testserver kernel: [ 5680.439446] R13: 0000000000000000 R14: 000056554f29eec0 R15: 00000000ffffffff
    Jan 17 06:45:21 testserver kernel: [ 5680.455730] vgs             D    0  9952   1777 0x00000000
    Jan 17 06:45:21 testserver kernel: [ 5680.455732] Call Trace:
    Jan 17 06:45:21 testserver kernel: [ 5680.455736]  __schedule+0x3e3/0x880
    Jan 17 06:45:21 testserver kernel: [ 5680.455739]  ? __switch_to_asm+0x40/0x70
    Jan 17 06:45:21 testserver kernel: [ 5680.455741]  ? __switch_to_asm+0x34/0x70
    Jan 17 06:45:21 testserver kernel: [ 5680.455743]  schedule+0x36/0x80
    Jan 17 06:45:21 testserver kernel: [ 5680.455746]  schedule_preempt_disabled+0xe/0x10
    Jan 17 06:45:21 testserver kernel: [ 5680.455751]  __mutex_lock.isra.2+0x2b1/0x4e0
    Jan 17 06:45:21 testserver kernel: [ 5680.455754]  ? kobj_lookup+0x115/0x160
    Jan 17 06:45:21 testserver kernel: [ 5680.455757]  __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:45:21 testserver kernel: [ 5680.455759]  ? _cond_resched+0x1a/0x50
    Jan 17 06:45:21 testserver kernel: [ 5680.455762]  ? __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:45:21 testserver kernel: [ 5680.455764]  mutex_lock+0x2f/0x40
    Jan 17 06:45:21 testserver kernel: [ 5680.455766]  __blkdev_get+0x71/0x4d0
    Jan 17 06:45:21 testserver kernel: [ 5680.455768]  blkdev_get+0x125/0x310
    Jan 17 06:45:21 testserver kernel: [ 5680.455771]  blkdev_open+0x92/0x100
    Jan 17 06:45:21 testserver kernel: [ 5680.455773]  do_dentry_open+0x202/0x310
    Jan 17 06:45:21 testserver kernel: [ 5680.455774]  ? bd_acquire+0xd0/0xd0
    Jan 17 06:45:21 testserver kernel: [ 5680.455777]  vfs_open+0x4f/0x80
    Jan 17 06:45:21 testserver kernel: [ 5680.455778]  path_openat+0x617/0x14a0
    Jan 17 06:45:21 testserver kernel: [ 5680.455780]  ? putname+0x54/0x60
    Jan 17 06:45:21 testserver kernel: [ 5680.455782]  ? filename_lookup+0xf8/0x1a0
    Jan 17 06:45:21 testserver kernel: [ 5680.455785]  do_filp_open+0x99/0x110
    Jan 17 06:45:21 testserver kernel: [ 5680.455787]  ? __check_object_size+0xb3/0x190
    Jan 17 06:45:21 testserver kernel: [ 5680.455790]  do_sys_open+0x135/0x280
    Jan 17 06:45:21 testserver kernel: [ 5680.455792]  ? do_sys_open+0x135/0x280
    Jan 17 06:45:21 testserver kernel: [ 5680.455794]  SyS_open+0x1e/0x20
    Jan 17 06:45:21 testserver kernel: [ 5680.455796]  do_syscall_64+0x73/0x130
    Jan 17 06:45:21 testserver kernel: [ 5680.455799]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
    Jan 17 06:45:21 testserver kernel: [ 5680.455800] RIP: 0033:0x7f09f35c44b0
    Jan 17 06:45:21 testserver kernel: [ 5680.455801] RSP: 002b:00007ffcaf62bd98 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
    Jan 17 06:45:21 testserver kernel: [ 5680.455803] RAX: ffffffffffffffda RBX: 0000000000044000 RCX: 00007f09f35c44b0
    Jan 17 06:45:21 testserver kernel: [ 5680.455805] RDX: 00000000000001ff RSI: 0000000000044000 RDI: 000056513f681440
    Jan 17 06:45:21 testserver kernel: [ 5680.455806] RBP: 0000000000000000 R08: 000056513f6d48a0 R09: 00007ffcaf62bd00
    Jan 17 06:45:21 testserver kernel: [ 5680.455807] R10: 00007f09f356a6a0 R11: 0000000000000246 R12: 0000000000000001
    Jan 17 06:45:21 testserver kernel: [ 5680.455808] R13: 000056513f681440 R14: 0000000000000000 R15: 000056513f681218
    Jan 17 06:45:21 testserver kernel: [ 5680.472311] lvremove        D    0  9963   3981 0x00000000
    Jan 17 06:45:21 testserver kernel: [ 5680.472313] Call Trace:
    Jan 17 06:45:21 testserver kernel: [ 5680.472317]  __schedule+0x3e3/0x880
    Jan 17 06:45:21 testserver kernel: [ 5680.472328]  ? __switch_to_asm+0x40/0x70
    Jan 17 06:45:21 testserver kernel: [ 5680.472332]  ? __switch_to_asm+0x34/0x70
    Jan 17 06:45:21 testserver kernel: [ 5680.472338]  schedule+0x36/0x80
    Jan 17 06:45:21 testserver kernel: [ 5680.472340]  schedule_preempt_disabled+0xe/0x10
    Jan 17 06:45:21 testserver kernel: [ 5680.472343]  __mutex_lock.isra.2+0x2b1/0x4e0
    Jan 17 06:45:21 testserver kernel: [ 5680.472346]  ? kobj_lookup+0x115/0x160
    Jan 17 06:45:21 testserver kernel: [ 5680.472349]  __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:45:21 testserver kernel: [ 5680.472351]  ? _cond_resched+0x1a/0x50
    Jan 17 06:45:21 testserver kernel: [ 5680.472353]  ? __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:45:21 testserver kernel: [ 5680.472355]  mutex_lock+0x2f/0x40
    Jan 17 06:45:21 testserver kernel: [ 5680.472358]  __blkdev_get+0x71/0x4d0
    Jan 17 06:45:21 testserver kernel: [ 5680.472360]  blkdev_get+0x125/0x310
    Jan 17 06:45:21 testserver kernel: [ 5680.472363]  blkdev_open+0x92/0x100
    Jan 17 06:45:21 testserver kernel: [ 5680.472364]  do_dentry_open+0x202/0x310
    Jan 17 06:45:21 testserver kernel: [ 5680.472366]  ? bd_acquire+0xd0/0xd0
    Jan 17 06:45:21 testserver kernel: [ 5680.472372]  vfs_open+0x4f/0x80
    Jan 17 06:45:21 testserver kernel: [ 5680.472379]  path_openat+0x617/0x14a0
    Jan 17 06:45:21 testserver kernel: [ 5680.472385]  ? putname+0x54/0x60
    Jan 17 06:45:21 testserver kernel: [ 5680.472392]  ? filename_lookup+0xf8/0x1a0
    Jan 17 06:45:21 testserver kernel: [ 5680.472399]  do_filp_open+0x99/0x110
    Jan 17 06:45:21 testserver kernel: [ 5680.472406]  ? __check_object_size+0xb3/0x190
    Jan 17 06:45:21 testserver kernel: [ 5680.472415]  do_sys_open+0x135/0x280
    Jan 17 06:45:21 testserver kernel: [ 5680.472417]  ? do_sys_open+0x135/0x280
    Jan 17 06:45:21 testserver kernel: [ 5680.472419]  SyS_open+0x1e/0x20
    Jan 17 06:45:21 testserver kernel: [ 5680.472421]  do_syscall_64+0x73/0x130
    Jan 17 06:45:21 testserver kernel: [ 5680.472423]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
    Jan 17 06:45:21 testserver kernel: [ 5680.472425] RIP: 0033:0x7f6d01eeb4b0
    Jan 17 06:45:21 testserver kernel: [ 5680.472426] RSP: 002b:00007fff72ab50a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
    Jan 17 06:45:21 testserver kernel: [ 5680.472428] RAX: ffffffffffffffda RBX: 0000000000044000 RCX: 00007f6d01eeb4b0
    Jan 17 06:45:21 testserver kernel: [ 5680.472429] RDX: 00000000000001ff RSI: 0000000000044000 RDI: 000055736d459640
    Jan 17 06:45:21 testserver kernel: [ 5680.472430] RBP: 0000000000000000 R08: 000055736d4863e0 R09: 00007fff72ab5000
    Jan 17 06:45:21 testserver kernel: [ 5680.472431] R10: 00007f6d01e916a0 R11: 0000000000000246 R12: 0000000000000001
    Jan 17 06:45:21 testserver kernel: [ 5680.472432] R13: 000055736d459640 R14: 0000000000000000 R15: 000055736d459418
    Jan 17 06:45:21 testserver kernel: [ 5680.488832] vgs             D    0  9977   9974 0x00000000
    Jan 17 06:45:21 testserver kernel: [ 5680.488834] Call Trace:
    Jan 17 06:45:21 testserver kernel: [ 5680.488837]  __schedule+0x3e3/0x880
    Jan 17 06:45:21 testserver kernel: [ 5680.488840]  ? __switch_to_asm+0x40/0x70
    Jan 17 06:45:21 testserver kernel: [ 5680.488842]  ? __switch_to_asm+0x34/0x70
    Jan 17 06:45:21 testserver kernel: [ 5680.488844]  schedule+0x36/0x80
    Jan 17 06:45:21 testserver kernel: [ 5680.488847]  schedule_preempt_disabled+0xe/0x10
    Jan 17 06:45:21 testserver kernel: [ 5680.488849]  __mutex_lock.isra.2+0x2b1/0x4e0
    Jan 17 06:45:21 testserver kernel: [ 5680.488856]  ? kobj_lookup+0x115/0x160
    Jan 17 06:45:21 testserver kernel: [ 5680.488858]  __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:45:21 testserver kernel: [ 5680.488861]  ? _cond_resched+0x1a/0x50
    Jan 17 06:45:21 testserver kernel: [ 5680.488863]  ? __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:45:21 testserver kernel: [ 5680.488865]  mutex_lock+0x2f/0x40
    Jan 17 06:45:21 testserver kernel: [ 5680.488867]  __blkdev_get+0x71/0x4d0
    Jan 17 06:45:21 testserver kernel: [ 5680.488870]  blkdev_get+0x125/0x310
    Jan 17 06:45:21 testserver kernel: [ 5680.488872]  blkdev_open+0x92/0x100
    Jan 17 06:45:21 testserver kernel: [ 5680.488874]  do_dentry_open+0x202/0x310
    Jan 17 06:45:21 testserver kernel: [ 5680.488876]  ? bd_acquire+0xd0/0xd0
    Jan 17 06:45:21 testserver kernel: [ 5680.488878]  vfs_open+0x4f/0x80
    Jan 17 06:45:21 testserver kernel: [ 5680.488879]  path_openat+0x617/0x14a0
    Jan 17 06:45:21 testserver kernel: [ 5680.488881]  ? putname+0x54/0x60
    Jan 17 06:45:21 testserver kernel: [ 5680.488883]  ? filename_lookup+0xf8/0x1a0
    Jan 17 06:45:21 testserver kernel: [ 5680.488885]  do_filp_open+0x99/0x110
    Jan 17 06:45:21 testserver kernel: [ 5680.488888]  ? __check_object_size+0xb3/0x190
    Jan 17 06:45:21 testserver kernel: [ 5680.488891]  do_sys_open+0x135/0x280
    Jan 17 06:45:21 testserver kernel: [ 5680.488893]  ? do_sys_open+0x135/0x280
    Jan 17 06:45:21 testserver kernel: [ 5680.488895]  SyS_open+0x1e/0x20
    Jan 17 06:45:21 testserver kernel: [ 5680.488897]  do_syscall_64+0x73/0x130
    Jan 17 06:45:21 testserver kernel: [ 5680.488899]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
    Jan 17 06:45:21 testserver kernel: [ 5680.488901] RIP: 0033:0x7f98ef2644b0
    Jan 17 06:45:21 testserver kernel: [ 5680.488902] RSP: 002b:00007ffc7ee8f7e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
    Jan 17 06:45:21 testserver kernel: [ 5680.488904] RAX: ffffffffffffffda RBX: 0000000000044000 RCX: 00007f98ef2644b0
    Jan 17 06:45:21 testserver kernel: [ 5680.488905] RDX: 00000000000001ff RSI: 0000000000044000 RDI: 000055e16b9ee440
    Jan 17 06:45:21 testserver kernel: [ 5680.488906] RBP: 0000000000000000 R08: 000055e16ba34d20 R09: 00007ffc7ee8f800
    Jan 17 06:45:21 testserver kernel: [ 5680.488907] R10: 00007f98ef20a6a0 R11: 0000000000000246 R12: 0000000000000001
    Jan 17 06:45:21 testserver kernel: [ 5680.488908] R13: 000055e16b9ee440 R14: 0000000000000000 R15: 000055e16b9ee218
    Jan 17 06:47:22 testserver kernel: [ 5801.279621] systemd-udevd   D    0  9948    469 0x00000104
    Jan 17 06:47:22 testserver kernel: [ 5801.279625] Call Trace:
    Jan 17 06:47:22 testserver kernel: [ 5801.279640]  __schedule+0x3e3/0x880
    Jan 17 06:47:22 testserver kernel: [ 5801.279647]  schedule+0x36/0x80
    Jan 17 06:47:22 testserver kernel: [ 5801.279650]  schedule_preempt_disabled+0xe/0x10
    Jan 17 06:47:22 testserver kernel: [ 5801.279654]  __mutex_lock.isra.2+0x2b1/0x4e0
    Jan 17 06:47:22 testserver kernel: [ 5801.279658]  ? kobj_lookup+0x115/0x160
    Jan 17 06:47:22 testserver kernel: [ 5801.279661]  __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:47:22 testserver kernel: [ 5801.279664]  ? _cond_resched+0x1a/0x50
    Jan 17 06:47:22 testserver kernel: [ 5801.279666]  ? __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:47:22 testserver kernel: [ 5801.279668]  mutex_lock+0x2f/0x40
    Jan 17 06:47:22 testserver kernel: [ 5801.279673]  __blkdev_get+0x71/0x4d0
    Jan 17 06:47:22 testserver kernel: [ 5801.279675]  blkdev_get+0x125/0x310
    Jan 17 06:47:22 testserver kernel: [ 5801.279678]  blkdev_open+0x92/0x100
    Jan 17 06:47:22 testserver kernel: [ 5801.279681]  do_dentry_open+0x202/0x310
    Jan 17 06:47:22 testserver kernel: [ 5801.279682]  ? bd_acquire+0xd0/0xd0
    Jan 17 06:47:22 testserver kernel: [ 5801.279685]  vfs_open+0x4f/0x80
    Jan 17 06:47:22 testserver kernel: [ 5801.279687]  path_openat+0x617/0x14a0
    Jan 17 06:47:22 testserver kernel: [ 5801.279691]  ? page_add_file_rmap+0xf7/0x150
    Jan 17 06:47:22 testserver kernel: [ 5801.279695]  do_filp_open+0x99/0x110
    Jan 17 06:47:22 testserver kernel: [ 5801.279698]  ? __check_object_size+0xb3/0x190
    Jan 17 06:47:22 testserver kernel: [ 5801.279701]  ? __alloc_fd+0x46/0x170
    Jan 17 06:47:22 testserver kernel: [ 5801.279703]  do_sys_open+0x135/0x280
    Jan 17 06:47:22 testserver kernel: [ 5801.279705]  ? do_sys_open+0x135/0x280
    Jan 17 06:47:22 testserver kernel: [ 5801.279708]  SyS_open+0x1e/0x20
    Jan 17 06:47:22 testserver kernel: [ 5801.279711]  do_syscall_64+0x73/0x130
    Jan 17 06:47:22 testserver kernel: [ 5801.279716]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
    Jan 17 06:47:22 testserver kernel: [ 5801.279721] RIP: 0033:0x7f5864f81820
    Jan 17 06:47:22 testserver kernel: [ 5801.279723] RSP: 002b:00007ffc4632b0f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
    Jan 17 06:47:22 testserver kernel: [ 5801.279725] RAX: ffffffffffffffda RBX: 000056554f2b5cd0 RCX: 00007f5864f81820
    Jan 17 06:47:22 testserver kernel: [ 5801.279727] RDX: 000056554f14bda3 RSI: 0000000000080000 RDI: 000056554f29f370
    Jan 17 06:47:22 testserver kernel: [ 5801.279728] RBP: 0000000000000001 R08: 000056554f14bda3 R09: 0000000000000110
    Jan 17 06:47:22 testserver kernel: [ 5801.279729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
    Jan 17 06:47:22 testserver kernel: [ 5801.279730] R13: 0000000000000000 R14: 000056554f29eec0 R15: 00000000ffffffff
    Jan 17 06:47:22 testserver kernel: [ 5801.297280] vgs             D    0  9952   1777 0x00000000
    Jan 17 06:47:22 testserver kernel: [ 5801.297283] Call Trace:
    Jan 17 06:47:22 testserver kernel: [ 5801.297286]  __schedule+0x3e3/0x880
    Jan 17 06:47:22 testserver kernel: [ 5801.297297]  ? __switch_to_asm+0x40/0x70
    Jan 17 06:47:22 testserver kernel: [ 5801.297303]  ? __switch_to_asm+0x34/0x70
    Jan 17 06:47:22 testserver kernel: [ 5801.297309]  schedule+0x36/0x80
    Jan 17 06:47:22 testserver kernel: [ 5801.297312]  schedule_preempt_disabled+0xe/0x10
    Jan 17 06:47:22 testserver kernel: [ 5801.297314]  __mutex_lock.isra.2+0x2b1/0x4e0
    Jan 17 06:47:22 testserver kernel: [ 5801.297317]  ? kobj_lookup+0x115/0x160
    Jan 17 06:47:22 testserver kernel: [ 5801.297320]  __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:47:22 testserver kernel: [ 5801.297322]  ? _cond_resched+0x1a/0x50
    Jan 17 06:47:22 testserver kernel: [ 5801.297324]  ? __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:47:22 testserver kernel: [ 5801.297327]  mutex_lock+0x2f/0x40
    Jan 17 06:47:22 testserver kernel: [ 5801.297329]  __blkdev_get+0x71/0x4d0
    Jan 17 06:47:22 testserver kernel: [ 5801.297336]  blkdev_get+0x125/0x310
    Jan 17 06:47:22 testserver kernel: [ 5801.297338]  blkdev_open+0x92/0x100
    Jan 17 06:47:22 testserver kernel: [ 5801.297340]  do_dentry_open+0x202/0x310
    Jan 17 06:47:22 testserver kernel: [ 5801.297342]  ? bd_acquire+0xd0/0xd0
    Jan 17 06:47:22 testserver kernel: [ 5801.297344]  vfs_open+0x4f/0x80
    Jan 17 06:47:22 testserver kernel: [ 5801.297348]  path_openat+0x617/0x14a0
    Jan 17 06:47:22 testserver kernel: [ 5801.297354]  ? putname+0x54/0x60
    Jan 17 06:47:22 testserver kernel: [ 5801.297361]  ? filename_lookup+0xf8/0x1a0
    Jan 17 06:47:22 testserver kernel: [ 5801.297368]  do_filp_open+0x99/0x110
    Jan 17 06:47:22 testserver kernel: [ 5801.297375]  ? __check_object_size+0xb3/0x190
    Jan 17 06:47:22 testserver kernel: [ 5801.297385]  do_sys_open+0x135/0x280
    Jan 17 06:47:22 testserver kernel: [ 5801.297392]  ? do_sys_open+0x135/0x280
    Jan 17 06:47:22 testserver kernel: [ 5801.297399]  SyS_open+0x1e/0x20
    Jan 17 06:47:22 testserver kernel: [ 5801.297404]  do_syscall_64+0x73/0x130
    Jan 17 06:47:22 testserver kernel: [ 5801.297406]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
    Jan 17 06:47:22 testserver kernel: [ 5801.297407] RIP: 0033:0x7f09f35c44b0
    Jan 17 06:47:22 testserver kernel: [ 5801.297409] RSP: 002b:00007ffcaf62bd98 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
    Jan 17 06:47:22 testserver kernel: [ 5801.297411] RAX: ffffffffffffffda RBX: 0000000000044000 RCX: 00007f09f35c44b0
    Jan 17 06:47:22 testserver kernel: [ 5801.297412] RDX: 00000000000001ff RSI: 0000000000044000 RDI: 000056513f681440
    Jan 17 06:47:22 testserver kernel: [ 5801.297413] RBP: 0000000000000000 R08: 000056513f6d48a0 R09: 00007ffcaf62bd00
    Jan 17 06:47:22 testserver kernel: [ 5801.297414] R10: 00007f09f356a6a0 R11: 0000000000000246 R12: 0000000000000001
    Jan 17 06:47:22 testserver kernel: [ 5801.297416] R13: 000056513f681440 R14: 0000000000000000 R15: 000056513f681218
    Jan 17 06:47:22 testserver kernel: [ 5801.315415] lvremove        D    0  9963   3981 0x00000000
    Jan 17 06:47:22 testserver kernel: [ 5801.315417] Call Trace:
    Jan 17 06:47:22 testserver kernel: [ 5801.315426]  __schedule+0x3e3/0x880
    Jan 17 06:47:22 testserver kernel: [ 5801.315431]  ? __switch_to_asm+0x40/0x70
    Jan 17 06:47:22 testserver kernel: [ 5801.315433]  ? __switch_to_asm+0x34/0x70
    Jan 17 06:47:22 testserver kernel: [ 5801.315438]  schedule+0x36/0x80
    Jan 17 06:47:22 testserver kernel: [ 5801.315441]  schedule_preempt_disabled+0xe/0x10
    Jan 17 06:47:22 testserver kernel: [ 5801.315443]  __mutex_lock.isra.2+0x2b1/0x4e0
    Jan 17 06:47:22 testserver kernel: [ 5801.315446]  ? kobj_lookup+0x115/0x160
    Jan 17 06:47:22 testserver kernel: [ 5801.315448]  __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:47:22 testserver kernel: [ 5801.315451]  ? _cond_resched+0x1a/0x50
    Jan 17 06:47:22 testserver kernel: [ 5801.315453]  ? __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:47:22 testserver kernel: [ 5801.315455]  mutex_lock+0x2f/0x40
    Jan 17 06:47:22 testserver kernel: [ 5801.315458]  __blkdev_get+0x71/0x4d0
    Jan 17 06:47:22 testserver kernel: [ 5801.315460]  blkdev_get+0x125/0x310
    Jan 17 06:47:22 testserver kernel: [ 5801.315462]  blkdev_open+0x92/0x100
    Jan 17 06:47:22 testserver kernel: [ 5801.315464]  do_dentry_open+0x202/0x310
    Jan 17 06:47:22 testserver kernel: [ 5801.315466]  ? bd_acquire+0xd0/0xd0
    Jan 17 06:47:22 testserver kernel: [ 5801.315468]  vfs_open+0x4f/0x80
    Jan 17 06:47:22 testserver kernel: [ 5801.315475]  path_openat+0x617/0x14a0
    Jan 17 06:47:22 testserver kernel: [ 5801.315481]  ? putname+0x54/0x60
    Jan 17 06:47:22 testserver kernel: [ 5801.315486]  ? filename_lookup+0xf8/0x1a0
    Jan 17 06:47:22 testserver kernel: [ 5801.315493]  do_filp_open+0x99/0x110
    Jan 17 06:47:22 testserver kernel: [ 5801.315499]  ? __check_object_size+0xb3/0x190
    Jan 17 06:47:22 testserver kernel: [ 5801.315510]  do_sys_open+0x135/0x280
    Jan 17 06:47:22 testserver kernel: [ 5801.315518]  ? do_sys_open+0x135/0x280
    Jan 17 06:47:22 testserver kernel: [ 5801.315525]  SyS_open+0x1e/0x20
    Jan 17 06:47:22 testserver kernel: [ 5801.315527]  do_syscall_64+0x73/0x130
    Jan 17 06:47:22 testserver kernel: [ 5801.315529]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
    Jan 17 06:47:22 testserver kernel: [ 5801.315530] RIP: 0033:0x7f6d01eeb4b0
    Jan 17 06:47:22 testserver kernel: [ 5801.315531] RSP: 002b:00007fff72ab50a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
    Jan 17 06:47:22 testserver kernel: [ 5801.315533] RAX: ffffffffffffffda RBX: 0000000000044000 RCX: 00007f6d01eeb4b0
    Jan 17 06:47:22 testserver kernel: [ 5801.315534] RDX: 00000000000001ff RSI: 0000000000044000 RDI: 000055736d459640
    Jan 17 06:47:22 testserver kernel: [ 5801.315535] RBP: 0000000000000000 R08: 000055736d4863e0 R09: 00007fff72ab5000
    Jan 17 06:47:22 testserver kernel: [ 5801.315536] R10: 00007f6d01e916a0 R11: 0000000000000246 R12: 0000000000000001
    Jan 17 06:47:22 testserver kernel: [ 5801.315538] R13: 000055736d459640 R14: 0000000000000000 R15: 000055736d459418
    Jan 17 06:47:22 testserver kernel: [ 5801.333864] vgs             D    0  9977   9974 0x00000000
    Jan 17 06:47:22 testserver kernel: [ 5801.333866] Call Trace:
    Jan 17 06:47:22 testserver kernel: [ 5801.333870]  __schedule+0x3e3/0x880
    Jan 17 06:47:22 testserver kernel: [ 5801.333880]  ? __switch_to_asm+0x40/0x70
    Jan 17 06:47:22 testserver kernel: [ 5801.333885]  ? __switch_to_asm+0x34/0x70
    Jan 17 06:47:22 testserver kernel: [ 5801.333887]  schedule+0x36/0x80
    Jan 17 06:47:22 testserver kernel: [ 5801.333893]  schedule_preempt_disabled+0xe/0x10
    Jan 17 06:47:22 testserver kernel: [ 5801.333895]  __mutex_lock.isra.2+0x2b1/0x4e0
    Jan 17 06:47:22 testserver kernel: [ 5801.333898]  ? kobj_lookup+0x115/0x160
    Jan 17 06:47:22 testserver kernel: [ 5801.333901]  __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:47:22 testserver kernel: [ 5801.333903]  ? _cond_resched+0x1a/0x50
    Jan 17 06:47:22 testserver kernel: [ 5801.333905]  ? __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:47:22 testserver kernel: [ 5801.333908]  mutex_lock+0x2f/0x40
    Jan 17 06:47:22 testserver kernel: [ 5801.333910]  __blkdev_get+0x71/0x4d0
    Jan 17 06:47:22 testserver kernel: [ 5801.333912]  blkdev_get+0x125/0x310
    Jan 17 06:47:22 testserver kernel: [ 5801.333914]  blkdev_open+0x92/0x100
    Jan 17 06:47:22 testserver kernel: [ 5801.333916]  do_dentry_open+0x202/0x310
    Jan 17 06:47:22 testserver kernel: [ 5801.333918]  ? bd_acquire+0xd0/0xd0
    Jan 17 06:47:22 testserver kernel: [ 5801.333920]  vfs_open+0x4f/0x80
    Jan 17 06:47:22 testserver kernel: [ 5801.333922]  path_openat+0x617/0x14a0
    Jan 17 06:47:22 testserver kernel: [ 5801.333929]  ? putname+0x54/0x60
    Jan 17 06:47:22 testserver kernel: [ 5801.333936]  ? filename_lookup+0xf8/0x1a0
    Jan 17 06:47:22 testserver kernel: [ 5801.333943]  do_filp_open+0x99/0x110
    Jan 17 06:47:22 testserver kernel: [ 5801.333950]  ? __check_object_size+0xb3/0x190
    Jan 17 06:47:22 testserver kernel: [ 5801.333959]  do_sys_open+0x135/0x280
    Jan 17 06:47:22 testserver kernel: [ 5801.333968]  ? do_sys_open+0x135/0x280
    Jan 17 06:47:22 testserver kernel: [ 5801.333975]  SyS_open+0x1e/0x20
    Jan 17 06:47:22 testserver kernel: [ 5801.333977]  do_syscall_64+0x73/0x130
    Jan 17 06:47:22 testserver kernel: [ 5801.333979]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
    Jan 17 06:47:22 testserver kernel: [ 5801.333980] RIP: 0033:0x7f98ef2644b0
    Jan 17 06:47:22 testserver kernel: [ 5801.333981] RSP: 002b:00007ffc7ee8f7e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
    Jan 17 06:47:22 testserver kernel: [ 5801.333983] RAX: ffffffffffffffda RBX: 0000000000044000 RCX: 00007f98ef2644b0
    Jan 17 06:47:22 testserver kernel: [ 5801.333984] RDX: 00000000000001ff RSI: 0000000000044000 RDI: 000055e16b9ee440
    Jan 17 06:47:22 testserver kernel: [ 5801.333985] RBP: 0000000000000000 R08: 000055e16ba34d20 R09: 00007ffc7ee8f800
    Jan 17 06:47:22 testserver kernel: [ 5801.333986] R10: 00007f98ef20a6a0 R11: 0000000000000246 R12: 0000000000000001
    Jan 17 06:47:22 testserver kernel: [ 5801.333988] R13: 000055e16b9ee440 R14: 0000000000000000 R15: 000055e16b9ee218
    Jan 17 06:47:22 testserver kernel: [ 5801.352691] vgs             D    0 10058      1 0x00000004
    Jan 17 06:47:22 testserver kernel: [ 5801.352693] Call Trace:
    Jan 17 06:47:22 testserver kernel: [ 5801.352704]  __schedule+0x3e3/0x880
    Jan 17 06:47:22 testserver kernel: [ 5801.352706]  ? __switch_to_asm+0x40/0x70
    Jan 17 06:47:22 testserver kernel: [ 5801.352707]  ? __switch_to_asm+0x34/0x70
    Jan 17 06:47:22 testserver kernel: [ 5801.352710]  schedule+0x36/0x80
    Jan 17 06:47:22 testserver kernel: [ 5801.352715]  schedule_preempt_disabled+0xe/0x10
    Jan 17 06:47:22 testserver kernel: [ 5801.352718]  __mutex_lock.isra.2+0x2b1/0x4e0
    Jan 17 06:47:22 testserver kernel: [ 5801.352720]  ? kobj_lookup+0x115/0x160
    Jan 17 06:47:22 testserver kernel: [ 5801.352723]  __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:47:22 testserver kernel: [ 5801.352725]  ? _cond_resched+0x1a/0x50
    Jan 17 06:47:22 testserver kernel: [ 5801.352727]  ? __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:47:22 testserver kernel: [ 5801.352730]  mutex_lock+0x2f/0x40
    Jan 17 06:47:22 testserver kernel: [ 5801.352738]  __blkdev_get+0x71/0x4d0
    Jan 17 06:47:22 testserver kernel: [ 5801.352744]  blkdev_get+0x125/0x310
    Jan 17 06:47:22 testserver kernel: [ 5801.352751]  blkdev_open+0x92/0x100
    Jan 17 06:47:22 testserver kernel: [ 5801.352756]  do_dentry_open+0x202/0x310
    Jan 17 06:47:22 testserver kernel: [ 5801.352762]  ? bd_acquire+0xd0/0xd0
    Jan 17 06:47:22 testserver kernel: [ 5801.352769]  vfs_open+0x4f/0x80
    Jan 17 06:47:22 testserver kernel: [ 5801.352774]  path_openat+0x617/0x14a0
    Jan 17 06:47:22 testserver kernel: [ 5801.352775]  ? putname+0x54/0x60
    Jan 17 06:47:22 testserver kernel: [ 5801.352777]  ? filename_lookup+0xf8/0x1a0
    Jan 17 06:47:22 testserver kernel: [ 5801.352780]  do_filp_open+0x99/0x110
    Jan 17 06:47:22 testserver kernel: [ 5801.352783]  ? __check_object_size+0xb3/0x190
    Jan 17 06:47:22 testserver kernel: [ 5801.352785]  do_sys_open+0x135/0x280
    Jan 17 06:47:22 testserver kernel: [ 5801.352788]  ? do_sys_open+0x135/0x280
    Jan 17 06:47:22 testserver kernel: [ 5801.352792]  SyS_open+0x1e/0x20
    Jan 17 06:47:22 testserver kernel: [ 5801.352794]  do_syscall_64+0x73/0x130
    Jan 17 06:47:22 testserver kernel: [ 5801.352796]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
    Jan 17 06:47:22 testserver kernel: [ 5801.352798] RIP: 0033:0x7f73752144b0
    Jan 17 06:47:22 testserver kernel: [ 5801.352799] RSP: 002b:00007ffe643df188 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
    Jan 17 06:47:22 testserver kernel: [ 5801.352801] RAX: ffffffffffffffda RBX: 0000000000044000 RCX: 00007f73752144b0
    Jan 17 06:47:22 testserver kernel: [ 5801.352802] RDX: 00000000000001ff RSI: 0000000000044000 RDI: 00005592cd22f440
    Jan 17 06:47:22 testserver kernel: [ 5801.352803] RBP: 0000000000000000 R08: 00005592cd27af20 R09: 00007ffe643df100
    Jan 17 06:47:22 testserver kernel: [ 5801.352804] R10: 00007f73751ba6a0 R11: 0000000000000246 R12: 0000000000000001
    Jan 17 06:47:22 testserver kernel: [ 5801.352805] R13: 00005592cd22f440 R14: 0000000000000000 R15: 00005592cd22f218
    Jan 17 06:48:27 testserver pvedaemon[7787]: <root@pam> starting task UPID:testserver:0000285C:0008F35F:5C3FB4BB:qmstart:102:root@pam:
    Jan 17 06:48:56 testserver pvedaemon[7128]: <root@pam> successful auth for user 'root@pam'
    Jan 17 06:49:23 testserver kernel: [ 5922.120683] systemd-udevd   D    0  9948    469 0x00000104
    Jan 17 06:49:23 testserver kernel: [ 5922.120690] Call Trace:
    Jan 17 06:49:23 testserver kernel: [ 5922.120709]  __schedule+0x3e3/0x880
    Jan 17 06:49:23 testserver kernel: [ 5922.120716]  schedule+0x36/0x80
    Jan 17 06:49:23 testserver kernel: [ 5922.120725]  schedule_preempt_disabled+0xe/0x10
    Jan 17 06:49:23 testserver kernel: [ 5922.120728]  __mutex_lock.isra.2+0x2b1/0x4e0
    Jan 17 06:49:23 testserver kernel: [ 5922.120733]  ? kobj_lookup+0x115/0x160
    Jan 17 06:49:23 testserver kernel: [ 5922.120741]  __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:49:23 testserver kernel: [ 5922.120748]  ? _cond_resched+0x1a/0x50
    Jan 17 06:49:23 testserver kernel: [ 5922.120753]  ? __mutex_lock_slowpath+0x13/0x20
    Jan 17 06:49:23 testserver kernel: [ 5922.120755]  mutex_lock+0x2f/0x40
    Jan 17 06:49:23 testserver kernel: [ 5922.120761]  __blkdev_get+0x71/0x4d0
    Jan 17 06:49:23 testserver kernel: [ 5922.120763]  blkdev_get+0x125/0x310
    Jan 17 06:49:23 testserver kernel: [ 5922.120765]  blkdev_open+0x92/0x100
    Jan 17 06:49:23 testserver kernel: [ 5922.120769]  do_dentry_open+0x202/0x310
    Jan 17 06:49:23 testserver kernel: [ 5922.120770]  ? bd_acquire+0xd0/0xd0
    Jan 17 06:49:23 testserver kernel: [ 5922.120772]  vfs_open+0x4f/0x80
    Jan 17 06:49:23 testserver kernel: [ 5922.120775]  path_openat+0x617/0x14a0
    Jan 17 06:49:23 testserver kernel: [ 5922.120779]  ? page_add_file_rmap+0xf7/0x150
    Jan 17 06:49:23 testserver kernel: [ 5922.120788]  do_filp_open+0x99/0x110
    Jan 17 06:49:23 testserver kernel: [ 5922.120795]  ? __check_object_size+0xb3/0x190
    Jan 17 06:49:23 testserver kernel: [ 5922.120802]  ? __alloc_fd+0x46/0x170
    Jan 17 06:49:23 testserver kernel: [ 5922.120810]  do_sys_open+0x135/0x280
    Jan 17 06:49:23 testserver kernel: [ 5922.120818]  ? do_sys_open+0x135/0x280
    Jan 17 06:49:23 testserver kernel: [ 5922.120821]  SyS_open+0x1e/0x20
    Jan 17 06:49:23 testserver kernel: [ 5922.120825]  do_syscall_64+0x73/0x130
    Jan 17 06:49:23 testserver kernel: [ 5922.120829]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
    Jan 17 06:49:23 testserver kernel: [ 5922.120832] RIP: 0033:0x7f5864f81820
    Jan 17 06:49:23 testserver kernel: [ 5922.120834] RSP: 002b:00007ffc4632b0f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
    Jan 17 06:49:23 testserver kernel: [ 5922.120837] RAX: ffffffffffffffda RBX: 000056554f2b5cd0 RCX: 00007f5864f81820
    Jan 17 06:49:23 testserver kernel: [ 5922.120838] RDX: 000056554f14bda3 RSI: 0000000000080000 RDI: 000056554f29f370
    Jan 17 06:49:23 testserver kernel: [ 5922.120839] RBP: 0000000000000001 R08: 000056554f14bda3 R09: 0000000000000110
    Jan 17 06:49:23 testserver kernel: [ 5922.120840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
    Jan 17 06:49:23 testserver kernel: [ 5922.120841] R13: 0000000000000000 R14: 000056554f29eec0 R15: 00000000ffffffff


  • Proxmox trying to acquire lock... TASK ERROR: can't lock file '/var/lock/qemu-server/lock-102.conf' - got timeout


    If Proxmox won't start aVM with an error like this:

    trying to acquire lock...
    TASK ERROR: can't lock file '/var/lock/qemu-server/lock-102.conf' - got timeout

    rm /var/lock/qemu-server/lock-102.conf

    Then try to restart the VM and it should be good.


  • Debian 9 SSH root password authentication failure password not working problem / solution


    In Debian a lot of times SSH disables the root user to login by password by default.  This means you will get an authentication failure as if you typed in the wrong password.

    The logs also indicate the password is wrong but what is often the case is in the config file

    Check /etc/ssh/sshd_config

    cat /etc/ssh/sshd_config|grep -i permitrootlogin

    Make sure it says:

    PermitRootLogin yes
     

    If not change it and restart SSH and it will work again.


  • QEMU / KVM How To Manually Create Basic Virtual Machine VM


    1.) Create Image using qemu-img

    qemu-img create -f qcow2 skype.img 40G

    2.) Start VM using flags

    -m = memory in MB

    -drive file=yourimagefile.img

    -cdrom /path/to/the.iso

    qemu-system-x86_64 -m 4096 -drive file=skype.img -cdrom ~/Downloads/SfB-E-9319.0-enUS.ISO
     


  • Linux wlan0 check all wireless clients


    iw dev wlan0 station dump 
    
    This is very useful because it is helpful if you are running something like hostapd and need to see the signal strength and negotiated connection speed.
    
    
    Station ff:ff:ff:ff:ff:ff (on wlan0)
        inactive time:    16309 ms
        rx bytes:    25451
        rx packets:    325
        tx bytes:    44381
        tx packets:    159
        tx retries:    0
        tx failed:    0
        signal:      -72 [-72] dBm
        signal avg:    -72 [-72] dBm
        tx bitrate:    150.0 MBit/s MCS 7 40MHz short GI
        rx bitrate:    1.0 MBit/s
        authorized:    yes
        authenticated:    yes
        preamble:    long
        WMM/WME:    yes
        MFP:        no
        TDLS peer:    no
    Station ff:ff:ff:ff:ff:ff (on wlan0)
        inactive time:    12223 ms
        rx bytes:    1206073
        rx packets:    8835
        tx bytes:    18597457
        tx packets:    14004
        tx retries:    0
        tx failed:    0
        signal:      -69 [-69] dBm
        signal avg:    -62 [-62] dBm
        tx bitrate:    150.0 MBit/s MCS 7 40MHz short GI
        rx bitrate:    6.0 MBit/s
        authorized:    yes
        authenticated:    yes
        preamble:    long
        WMM/WME:    yes
        MFP:        no
        TDLS peer:    no
    Station ff:ff:ff:ff:ff:ff (on wlan0)
        inactive time:    406 ms
        rx bytes:    297303650
        rx packets:    213207
        tx bytes:    72276773
        tx packets:    150172
        tx retries:    0
        tx failed:    0
        signal:      -79 [-79] dBm
        signal avg:    -78 [-78] dBm
        tx bitrate:    15.0 MBit/s MCS 0 40MHz short GI
        rx bitrate:    45.0 MBit/s MCS 2 40MHz short GI
        authorized:    yes
        authenticated:    yes
        preamble:    short
        WMM/WME:    yes
        MFP:        no
        TDLS peer:    no
    
    

  • PHP Issues With Decoding Strange Smart Quotes And Non-Standard ASCII Characters


    When using strip_tags and html_entity_decode with PHP it often breaks and produces annoying diamonds with question marks.

    It is probably because of characters like these:

    … (looks like 3 dots but it is a single weird character).

    ’ (looks like a normal apostraphe but it is not)

    ” (looks like a normal double quote but it is not).

    An easy way to sort this out is to copy the above and search in an ASCII table to extend the functionality below.

    Basically the first array has a list of "all the bad stuff" and the second array is what to replace it with.

    <?


    function CleanupSmartQuotes($text)
        {
            $badwordchars=array(
                                chr(145), // weird apostraphe
                                chr(146), // weird apostraphe
                                chr(147), // weird quote
                                chr(148), // weird quote
                                chr(151), // weird dash
                                chr(133), // three dots
                                '&nbsp;',
                                );
            $fixedwordchars=array(
                                "'",
                                "'",
                                '&quot;',
                                '&quot;',
                                '&mdash;',
                                '...',
                                '',
                                );
            return str_replace($badwordchars,$fixedwordchars,$text);
        }

    ?>


  • /etc/iproute2/rt_tables default settings file in Linux Centos 6,7 and most other NIX's


    This should apply to most Linux distributions just incase you get into trouble or wipe out the defaults by accident.

     

     /etc/iproute2/rt_tables
    #
    # reserved values
    #
    255    local
    254    main
    253    default
    0    unspec
    #
    # local
    #
    #1    inr.ruhep


  • bind named error solutions named[2169]: error (no valid DS) resolving / error (broken trust chain) resolving / : error (no valid RRSIG) resolving 'com/DS/IN':


    Below are the common errors you'll get with named AKA bind if your time is incorrect.

    The simplest solution is to install and run ntpd to correct your system's time (install ntpd if it is not installed)

    systemctl start ntpd

    systemctl enable ntpd

     

    Dec 20 13:36:16 hostingbox named[2169]: error (no valid DS) resolving 'develop.waxrain.com/A/IN': 14.215.150.17#53
    Dec 20 13:36:16 hostingbox named[2169]: error (no valid DS) resolving 'loc.map.baidu.com/A/IN': 202.108.22.220#53
    Dec 20 13:36:16 hostingbox named[2169]: validating @0x7fc6f802ad00: org DS: verify failed due to bad signature (keyid=2134): RRSIG validity period has not begun
    Dec 20 13:36:16 hostingbox named[2169]: validating @0x7fc6f802ad00: org DS: no valid signature found
    Dec 20 13:36:16 hostingbox named[2169]: error (no valid RRSIG) resolving 'org/DS/IN': 192.33.4.12#53
    Dec 20 13:36:16 hostingbox named[2169]: validating @0x7fc6fc4ba1e0: com DS: verify failed due to bad signature (keyid=2134): RRSIG validity period has not begun
    Dec 20 13:36:16 hostingbox named[2169]: validating @0x7fc6fc4ba1e0: com DS: no valid signature found
    Dec 20 13:36:16 hostingbox named[2169]: error (no valid RRSIG) resolving 'com/DS/IN': 199.7.91.13#53
    Dec 20 13:36:16 hostingbox named[2169]: validating @0x7fc6f4013c50: org DS: verify failed due to bad signature (keyid=2134): RRSIG validity period has not begun
    Dec 20 13:36:16 hostingbox named[2169]: validating @0x7fc6f4013c50: org DS: no valid signature found
    Dec 20 13:36:16 hostingbox named[2169]: error (no valid RRSIG) resolving 'org/DS/IN': 192.228.79.201#53
    Dec 20 13:36:16 hostingbox named[2169]: validating @0x7fc6fc4bb1f0: com DS: verify failed due to bad signature (keyid=2134): RRSIG validity period has not begun
    Dec 20 13:36:16 hostingbox named[2169]: validating @0x7fc6fc4bb1f0: com DS: no valid signature found
    Dec 20 13:36:16 hostingbox named[2169]: error (no valid RRSIG) resolving 'com/DS/IN': 192.5.5.241#53



    Dec 20 13:37:30 hostingbox named[2229]: validating @0x7fb260010c30: detectportal.firefox.com A: bad cache hit (com/DS)
    Dec 20 13:37:30 hostingbox named[2229]: error (broken trust chain) resolving 'detectportal.firefox.com/A/IN': 96.7.49.66#53
    Dec 20 13:37:30 hostingbox named[2229]: validating @0x7fb26848b0a0: detectportal.firefox.com A: bad cache hit (com/DS)
    Dec 20 13:37:30 hostingbox named[2229]: error (broken trust chain) resolving 'detectportal.firefox.com/A/IN': 96.7.49.66#53
    Dec 20 13:37:30 hostingbox named[2229]: validating @0x7fb2580068f0: detectportal.firefox.com A: bad cache hit (com/DS)
    Dec 20 13:37:30 hostingbox named[2229]: error (broken trust chain) resolving 'detectportal.firefox.com/A/IN': 96.7.49.66#53
    Dec 20 13:37:30 hostingbox named[2229]: validating @0x7fb2640028d0: detectportal.firefox.com A: bad cache hit (com/DS)
    Dec 20 13:37:30 hostingbox named[2229]: error (broken trust chain) resolving 'detectportal.firefox.com/A/IN': 96.7.49.66#53
    Dec 20 13:37:30 hostingbox named[2229]: validating @0x7fb260010c30: detectportal.firefox.com A: bad cache hit (com/DS)
    Dec 20 13:37:30 hostingbox named[2229]: error (broken trust chain) resolving 'detectportal.firefox.com/A/IN': 96.7.49.66#53


  • iptables how to log ALL dropped incoming packets


    A lot of people just have a -j DROP to drop all unwanted traffic or traffic not explicitly allowed but there is a better solution if you want real and proper logging:

    Take an example iptables rules file

    -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
    -A INPUT -i eth1 -p icmp -j ACCEPT
    -A INPUT -i lo -j ACCEPT
    -A INPUT -i eth1 -j ACCEPT
    -N LOGGING
    -A INPUT -j LOGGING
    -A LOGGING -j LOG --log-prefix  "ipt denied: " --log-level 4
    -A LOGGING -j DROP


    Add the above in bold below your last allowed incoming traffic rule and all dropped packets can be seen in dmesg or /var/log/messages

    1. We create a new chain called "LOGGING"  -N LOGGING
    2. We are then passing all of our packets to that chain. -A INPUT -j LOGGING
    3. Log all packets that are about to dropped with prefix "ipt denied:" (of course change it how you like) -A LOGGING -j LOG --log-prefix  "ipt denied: " --log-level 4
    4. Drop all packets in the LOGGING Chain -A LOGGING -j DROP

    So in essence we change the -j DROP to the 4 lines in bold so that we have logging.

     

    Checking dmesg or /var/log/messages should show similar to the following:

     

    ipt denied: IN=eth0 OUT= MAC= SRC=194.113.106.121 DST=192.198.5.8 LEN=40 TOS=0x08 PREC=0x20 TTL=246 ID=45694 PROTO=TCP SPT=43848 DPT=54270 WINDOW=1024 RES=0x00 SYN URGP=0
    ipt denied: IN=eth0 OUT= MAC= SRC=10.10.10.10 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 PROTO=2
    ipt denied: IN=eth0 OUT= MAC= SRC=45.227.254.18 DST=192.198.5.8 LEN=40 TOS=0x08 PREC=0x20 TTL=245 ID=4350 PROTO=TCP SPT=56638 DPT=30450 WINDOW=1024 RES=0x00 SYN URGP=0
    ipt denied: IN=eth0 OUT= MAC= SRC=176.119.7.50 DST=192.198.5.8 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=52004 PROTO=TCP SPT=54661 DPT=9153 WINDOW=1024 RES=0x00 SYN URGP=0
    ipt denied: IN=eth0 OUT= MAC= SRC=109.248.9.116 DST=192.198.5.8 LEN=40 TOS=0x08 PREC=0x20 TTL=243 ID=49390 PROTO=TCP SPT=42898 DPT=37318 WINDOW=1024 RES=0x00 SYN URGP=0
    ipt denied: IN=eth0 OUT= MAC= SRC=77.72.85.26 DST=192.198.5.8 LEN=40 TOS=0x08 PREC=0x20 TTL=243 ID=40508 PROTO=TCP SPT=49454 DPT=3978 WINDOW=1024 RES=0x00 SYN URGP=0
    ipt denied: IN=eth0 OUT= MAC= SRC=115.74.194.77 DST=192.198.5.8 LEN=44 TOS=0x00 PREC=0x00 TTL=53 ID=10246 PROTO=TCP SPT=13207 DPT=23 WINDOW=24567 RES=0x00 SYN URGP=0
    ipt denied: IN=eth0 OUT= MAC= SRC=10.10.10.10 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 PROTO=2
    ipt denied: IN=eth0 OUT= MAC= SRC=176.119.7.10 DST=192.198.5.8 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=36884 PROTO=TCP SPT=51349 DPT=3992 WINDOW=1024 RES=0x00 SYN URGP=0
    ipt denied: IN=eth0 OUT= MAC= SRC=87.27.61.197 DST=192.198.5.8 LEN=44 TOS=0x00 PREC=0x00 TTL=243 ID=44567 DF PROTO=TCP SPT=48364 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0
    ipt denied: IN=eth0 OUT= MAC= SRC=185.255.31.38 DST=192.198.5.8 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=11928 PROTO=TCP SPT=8080 DPT=1013 WINDOW=1024 RES=0x00 SYN URGP=0
    ipt denied: IN=eth0 OUT= MAC= SRC=185.255.31.38 DST=192.198.5.8 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=61268 PROTO=TCP SPT=8080 DPT=3303 WINDOW=1024 RES=0x00 SYN URGP=0
    ipt denied: IN=eth0 OUT= MAC= SRC=185.255.31.18 DST=192.198.5.8 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=17889 PROTO=TCP SPT=42264 DPT=7129 WINDOW=1024 RES=0x00 SYN URGP=0
    ipt denied: IN=eth0 OUT= MAC= SRC=194.113.106.121 DST=192.198.5.8 LEN=40 TOS=0x08 PREC=0x20 TTL=247 ID=64437 PROTO=TCP SPT=43848 DPT=58247 WINDOW=1024 RES=0x00 SYN URGP=0
    ipt denied: IN=eth0 OUT= MAC= SRC=10.10.10.10 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 PROTO=2
    ipt denied: IN=eth0 OUT= MAC= SRC=220.133.67.9 DST=192.198.5.8 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=64397 DF PROTO=TCP SPT=27852 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0
    ipt denied: IN=eth0 OUT= MAC= SRC=101.255.58.22 DST=192.198.5.8 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=4583 DF PROTO=TCP SPT=53537 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0

     

    How can I log the messages to a separate file eg. /var/log/iptables.log or /var/log/iptables-dropped.log?

    The file name below can be arbitrary but it should have meaning to you.

    Note that I am searching for the string "ipt denied: " this depends on what you have set as your log prefix in the example above.

    vi /etc/rsyslog.d/10-iptables.conf

    :msg, contains, "ipt denied: " -/var/log/iptables.log
    & ~


    #note we need the "& ~" below the first line otherwise it will still send the log to where ever it would have been (eg. often /var/log/messages).
    #the & ~ means to delete



    service rsyslog restart

     

    You should now notice that /var/log/messages has nothing for iptables and that you have /var/log/iptables.log


  • How To Edit Linux Based NM Network Manager Connection Settings Without GUI


    Just find the relevant file in /etc/NetworkManager/system-connections

    sudo vi /etc/NetworkManager/system-connections/Wired connection 1


    [802-3-ethernet]
    duplex=full
    mac-address=00:00:00:FE:FE:FE

    [connection]
    id=Wired connection 1
    type=802-3-ethernet
    timestamp=1532403341

    [ipv6]
    method=ignore

    [ipv4]
    method=manual
    dns=192.168.1.1;
    address1=192.168.1.89/24,192.168.1.1

     


  • Linux Disable IPV6 Centos / Debian / Mint Howto


    Set this in /etc/sysctl.conf

    net.ipv6.conf.all.disable_ipv6 = 1

    #apply the settings


    sudo sysctl -p

     


  • Linux use growisofs to burn a larger file on a BD-R / Bluray Disc


    growisofs -Z /dev/sr0 critical.tar.gz.gpg

    Executing 'genisoimage critical.tar.gz.gpg | builtin_dd of=/dev/sr0 obs=32k seek=0'
    I: -input-charset not specified, using utf-8 (detected in locale settings)
    File critical.tar.gz.gpg is larger than 4GiB-1.
    -allow-limited-size was not specified. There is no way do represent this file size. Aborting.
    :-( write failed: Input/output error


    #remember to use -allow-limited-size


    growisofs -allow-limited-size -Z /dev/sr0 critical.tar.gz.gpg

     finish Sat Dec 15 16:23:34 2018
     99.79% done, estimate finish Sat Dec 15 16:23:34 2018
     99.85% done, estimate finish Sat Dec 15 16:23:34 2018
     99.91% done, estimate finish Sat Dec 15 16:23:34 2018
     99.97% done, estimate finish Sat Dec 15 16:23:34 2018
    Total translation table size: 0
    Total rockridge attributes bytes: 0
    Total directory bytes: 0
    Path table size(bytes): 10
    Max brk space used 0
    8087219 extents written (15795 MB)
    builtin_dd: 8087232*2KB out @ average 2.6x4390KBps
    /dev/sr0: flushing cache
    /dev/sr0: closing track
    /dev/sr0: closing session
    :-[ CLOSE SESSION failed with SK=5h/INVALID FIELD IN CDB]: Input/output error
    /dev/sr0: reloading tray


  • Linux partprobe/partx cannot access last and 4th partition


    On a test machine I was never able to access to a newly created 4th partiton.  As we can see there are dev devices for everything but the 4th partition.

    The normal "partprobe" or "kpartx" or kernel being told to rescan the block device didn't help (only a reboot did).

    fdisk -l /dev/sda

    Disk /dev/sda: 750.2 GB, 750156374016 bytes
    255 heads, 63 sectors/track, 91201 cylinders
    Units = cylinders of 16065 * 512 = 8225280 bytes
    Sector size (logical/physical): 512 bytes / 512 bytes
    I/O size (minimum/optimal): 512 bytes / 512 bytes
    Disk identifier: 0x00000000

       Device Boot      Start         End      Blocks   Id  System
    /dev/sda1               1         123      987966   83  Linux
    /dev/sda2             124        3771    29302560   83  Linux
    /dev/sda3            3772       11067    58605120   83  Linux
    /dev/sda4           11068       91201   643676355   83  Linux


    #but where is sda4 why can't I see it but the other partitions are available in /dev
    ls /dev/sda*
    /dev/sda  /dev/sda1  /dev/sda2  /dev/sda3


    partprobe didn't help

     partprobe
    Warning: WARNING: the kernel failed to re-read the partition table on /dev/sda (Device or resource busy).  As a result, it may not reflect all of your changes until after reboot.
    Warning: WARNING: the kernel failed to re-read the partition table on /dev/sdb (Device or resource busy).  As a result, it may not reflect all of your changes until after reboot.
    Warning: WARNING: the kernel failed to re-read the partition table on /dev/sdc (Device or resource busy).  As a result, it may not reflect all of your changes until after reboot.
    Warning: /dev/sdd contains GPT signatures, indicating that it has a GPT table.  However, it does not have a valid fake msdos partition table, as it should.  Perhaps it was corrupted -- possibly by a program that doesn't understand GPT partition tables.  Or perhaps you deleted the GPT table, and are now using an msdos partition table.  Is this a GPT partition table?
    Warning: WARNING: the kernel failed to re-read the partition table on /dev/sdd (Device or resource busy).  As a result, it may not reflect all of your changes until after reboot.




    partx didn't help

    partx -a /dev/sda
    BLKPG: Device or resource busy
    error adding partition 1
    BLKPG: Device or resource busy
    error adding partition 2
    BLKPG: Device or resource busy
    error adding partition 3
    BLKPG: Device or resource busy
    error adding partition 4

    OK let's manually tell the kernel to rescan the relevant block device.


    echo 1 > /sys/block/sda/device/rescan
     


  • DRBD Errors Caused By Physical Corruption


    In a RAID array I had a have periodically lost a drive here and there over the past several months.  I was always able to readd and resync without losing data.  However at some point it looks like some minor corruption happened and this makes DRBD unhappy.

    Using fsck did not help either.

     


    Dec 19 06:01:45 storageboxtest4 kernel: [19005.945890] EXT3-fs error (device drbd0): ext3_get_inode_loc: unable to read inode block - inode=22184379, block=88735771
    Dec 19 06:01:45 storageboxtest4 kernel: [19005.946084] EXT3-fs error (device drbd0): ext3_get_inode_loc: unable to read inode block - inode=22184380, block=88735771
    Dec 19 06:01:45 storageboxtest4 kernel: [19005.946289] EXT3-fs error (device drbd0): ext3_get_inode_loc: unable to read inode block - inode=22184381, block=88735771
    Dec 19 06:01:46 storageboxtest4 kernel: [19006.903899] block drbd0: helper command: /sbin/drbdadm pri-on-incon-degr minor-0 exit code 0 (0x0)
    Dec 19 06:01:46 storageboxtest4 kernel: [19006.903918] block drbd0: helper command: /sbin/drbdadm local-io-error minor-0
    Dec 19 06:01:46 storageboxtest4 kernel: [19006.908202] Power Off
    Dec 19 06:01:46 storageboxtest4 kernel: [19006.910016] md: md125: recovery interrupted.
    Dec 19 06:01:47 storageboxtest4 kernel: [19007.715470] EXT3-fs error (device drbd0): ext3_get_inode_loc: unable to read inode block - inode=22840092, block=91357233
    Dec 19 06:01:47 storageboxtest4 kernel: [19007.715789] EXT3-fs error (device drbd0): ext3_get_inode_loc: unable to read inode block - inode=22840092, block=91357233
    Dec 19 06:01:47 storageboxtest4 kernel: [19007.785375] EXT3-fs error (device drbd0): ext3_get_inode_loc: unable to read inode block - inode=22840094, block=91357233
    Dec 19 06:01:47 storageboxtest4 kernel: [19007.785705] EXT3-fs error (device drbd0): ext3_get_inode_loc: unable to read inode block - inode=22840094, block=91357233
    Dec 19 13:35:55 storageboxtest4 kernel: imklog 5.8.10, log source = /proc/kmsg started.

    Just a simple dd test gives back an io error near the end of the array:

    dd: reading `/dev/drbd0': Input/output error


  • mdadm: add new device failed for /dev/sdb4 as 3: Invalid argument solution


    mdadm --manage /dev/md125 -a /dev/sdb4
    mdadm: add new device failed for /dev/sdb4 as 3: Invalid argument


    Dec 19 01:23:48 storageboxtest kernel: [ 2328.854491] md: sdb4 does not have a valid v1.2 superblock, not importing!
    Dec 19 01:23:48 storageboxtest kernel: [ 2328.854499] md: md_import_device returned -22


    #zero the superblock and try again!
    mdadm --zero-superblock /dev/sdb4
    mdadm --manage /dev/md125 -a /dev/sdb4


    mdadm: add new device failed for /dev/sdb4 as 3: Invalid argument



    Solution / this is the only thing that fixed it (basically do more than just zero-superblock)

    dd if=/dev/zero of=/dev/sdb4
    ^C77149+0 records in
    77149+0 records out
    39500288 bytes (40 MB) copied, 5.35553 s, 7.4 MB/s


    #success!

    mdadm --manage /dev/md125 -a /dev/sdb4
    mdadm: added /dev/sdb4
     

    The weird thing is that you can see zero-superblock was NOT enough to fix it and sometimes you have to wipe a little further than zero-superblock does and it will fix it.  I didn't find this solution anywhere so I thought I'd share it.


  • Linux named / bind how to dump, view and clear the cache!


    Do you hate it when your ISP has old cached records because of a high TTL on the DNS record of the relevant domain?  In plain English this means you often can't connect to a site or service because your ISP's DNS servers haven't gotten word of the new IP address (probably because they haven't checked).  There are also some that are notorious for ignoring TTL and not updating records for days!

    But if you are lucky and smart enough to have your own Linux based DNS server you can do the following:

    rndc dumpdb -cache

    This let's you see the cached entries by writing the bind cache to /var/named/data/cache_dump.db

    If you just want to clear your DNS cache:

    rndc flush

    The above flushes all of your DNS cache which is never a bad idea since it saves memory and increases the performance potentially.


  • Centos 6 / 7 / 8 How To Change Default nameservers in /etc/resolv.conf when using DHCP / dhclient


    First we need to create dhclient.conf if it doesn't exist or edit it:

    vi /etc/dhclient/dhclient.conf


    #add this line at the top add the IPs as commas they will be the highest priority nameservers and whatever your ISP gives you will be used after these one (good for DNS backup)

    prepend domain-name-servers 127.0.0.1,10.10.25.8;

    After you restart your network or run dhclient again you should see the contents of /etc/resolv.conf are as you expect.

    This is mainly when you are running a local router and local DNS (and usually your own local DNS is quicker and more reliable than your ISP in my experience).

     

     


  • Adobe Acrobat Reader for Linux to use and view XFA Fillable Forms


     

    The reason for not being able to read one of these dreaded/ fillable "XFA" forms is because no Linux PDF reader that I'm aware of supports them. Part of this reasoning is for security.  It is really silly, they should ban these XFA forms or at least replace the Please Wait with the non-fillable version. 

    Download Adobe Reader 9.5 for Linux from here:

    This is the solution but only so much, at least for me I was able to view the PDF and fill it but printing it produces a blank page (even print preview shows it as  blank).  I tried converting it to a normal pdf with print to file including postscript but none of that worked either.

    With that said you too can get this broken version of the Linux Adobe Acrobat version :)

    Perhaps a previous 9.5 (older version) even though the latest is from 2013 may work better?

    ftp://ftp.adobe.com/pub/adobe/reader/unix/9.x/9.5.5/enu/

    Sick of this error?

    Please wait...
    If this message is not eventually replaced by the proper contents of the document, your PDF
    viewer may not be able to display this type of document.
    You can upgrade to the latest version of Adobe Reader for Windows®, Mac, or Linux® by
    visiting http://www.adobe.com/go/reader_download.
    For more assistance with Adobe Reader visit http://www.adobe.com/go/acrreader.
    Windows is either a registered trademark or a trademark of Microsoft Corporation in the United States and/or other countries. Mac is a trademark
    of Apple Inc., registered in the United States and other countries. Linux is the registered trademark of Linus Torvalds in the U.S. and other countries

     
     

     


  • Debian Linux Mint Ubuntu iptables save and restore settings automatically onboot and reboot


    First you need the "iptables-persistent" package.  This gives you an init script that loads your settings from /etc/iptables/rules.v4 and rules.v6

    When you install it, it wll save your default setings in /etc/iptables.

    sudo apt-get install iptables-persistent


  • Why SMART is not smart at all and doesn't properly predict disk errors that cause a kernel panic or crash


    Before getting into the output here is my typical experience with SMART, there is what I call a "bad disk" with pending and uncorrectable sectors that cannot be reallocated.
    It has caused a kernel panic and system crash repeatedly as we can see from the logs.
    But SMART says it has "PASSED" its self assessment.  SMART is still useful to me but it is more about looking at Current_Pending_Sector.
    Any time I have had anything but 0 for that attribute it means the disk is bad and is unusable (eg. will cause kernel panics).
    In this case even RAID doesn't help when the bad disk taints the kernel.
    
    First let's check this disk and see what SMART thinks
    
    smartctl -a /dev/sda
    
    === START OF INFORMATION SECTION ===
    Model Family:     Seagate Barracuda ES
    Device Model:     ST3750640NS
    Serial Number:    ABCAEAAA
    LU WWN Device Id: 5 000c50 0083422e5
    Firmware Version: 3BKH
    User Capacity:    750,156,374,016 bytes [750 GB]
    Sector Size:      512 bytes logical/physical
    Device is:        In smartctl database [for details use: -P show]
    ATA Version is:   7
    ATA Standard is:  Exact ATA specification draft version not indicated
    Local Time is:    Thu Dec 13 12:43:37 2018 EST
    SMART support is: Available - device has SMART capability.
    SMART support is: Enabled
    
    === START OF READ SMART DATA SECTION ===
    SMART overall-health self-assessment test result: PASSED
    
    
    ID# ATTRIBUTE_NAME          FLAG     VALUE WORST THRESH TYPE      UPDATED  WHEN_FAILED RAW_VALUE
      1 Raw_Read_Error_Rate     0x000f   093   086   006    Pre-fail  Always       -       0
      3 Spin_Up_Time            0x0003   091   091   000    Pre-fail  Always       -       0
      4 Start_Stop_Count        0x0032   100   100   020    Old_age   Always       -       27
      5 Reallocated_Sector_Ct   0x0033   100   100   036    Pre-fail  Always       -       0
      7 Seek_Error_Rate         0x000f   090   060   030    Pre-fail  Always       -       951683243
      9 Power_On_Hours          0x0032   052   052   000    Old_age   Always       -       42128
     10 Spin_Retry_Count        0x0013   100   100   097    Pre-fail  Always       -       0
     12 Power_Cycle_Count       0x0032   100   100   020    Old_age   Always       -       27
    187 Reported_Uncorrect      0x0032   100   100   000    Old_age   Always       -       0
    189 High_Fly_Writes         0x003a   100   100   000    Old_age   Always       -       0
    190 Airflow_Temperature_Cel 0x0022   066   054   045    Old_age   Always       -       34 (Min/Max 28/36)
    194 Temperature_Celsius     0x0022   034   046   000    Old_age   Always       -       34 (0 17 0 0 0)
    195 Hardware_ECC_Recovered  0x001a   081   055   000    Old_age   Always       -       220199
    197 Current_Pending_Sector  0x0012   096   096   000    Old_age   Always       -       93
    198 Offline_Uncorrectable   0x0010   096   096   000    Old_age   Offline      -       93
    199 UDMA_CRC_Error_Count    0x003e   200   200   000    Old_age   Always       -       971
    200 Multi_Zone_Error_Rate   0x0000   100   253   000    Old_age   Offline      -       0
    202 Data_Address_Mark_Errs  0x0032   100   253   000    Old_age   Always       -       0
    
    Now let's see /var/log/messages
    
    Dec 12 05:29:46 somepoorbox kernel: [30883839.026190] sd 0:0:0:0: [sda]  Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE Dec 12 05:29:46 somepoorbox kernel: [30883839.026196] sd 0:0:0:0: [sda]  Sense Key : Medium Error [current] [descriptor] Dec 12 05:29:46 somepoorbox kernel: [30883839.026203] Descriptor sense data with sense descriptors (in hex): Dec 12 05:29:46 somepoorbox kernel: [30883839.026206]         72 03 11 04 00 00 00 0c 00 0a 80 00 00 00 00 00 Dec 12 05:29:46 somepoorbox kernel: [30883839.026215]         57 4f 86 7b Dec 12 05:29:46 somepoorbox kernel: [30883839.026219] sd 0:0:0:0: [sda]  Add. Sense: Unrecovered read error - auto reallocate failed Dec 12 05:29:46 somepoorbox kernel: [30883839.026225] sd 0:0:0:0: [sda] CDB: Read(10): 28 00 57 4f 8a 43 00 03 38 00 Dec 12 05:29:46 somepoorbox kernel: [30883839.026236] end_request: I/O error, dev sda, sector 1464830531 Dec 12 05:29:46 somepoorbox kernel: [30883839.026331] block drbd0: disk( UpToDate -> Failed ) Dec 12 05:29:46 somepoorbox kernel: [30883839.026345] block drbd0: Local IO failed in __req_mod. Detaching... Dec 12 05:29:46 somepoorbox kernel: [30883839.026365] block drbd0: helper command: /sbin/drbdadm pri-on-incon-degr minor-0 Dec 12 05:29:46 somepoorbox kernel: [30883839.026476] sd 0:0:0:0: [sda]  Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE Dec 12 05:29:46 somepoorbox kernel: [30883839.026480] sd 0:0:0:0: [sda]  Sense Key : Medium Error [current] [descriptor] Dec 12 05:29:46 somepoorbox kernel: [30883839.026485] Descriptor sense data with sense descriptors (in hex): Dec 12 05:29:46 somepoorbox kernel: [30883839.026488]         72 03 11 04 00 00 00 0c 00 0a 80 00 00 00 00 00 Dec 12 05:29:46 somepoorbox kernel: [30883839.026497]         57 4f 86 7b Dec 12 05:29:46 somepoorbox kernel: [30883839.026501] sd 0:0:0:0: [sda]  Add. Sense: Unrecovered read error - auto reallocate failed Dec 12 05:29:46 somepoorbox kernel: [30883839.026506] sd 0:0:0:0: [sda] CDB: Read(10): 28 00 57 4f 86 7b 00 03 c8 00 Dec 12 05:29:46 somepoorbox kernel: [30883839.026514] end_request: I/O error, dev sda, sector 1464829563 Dec 12 05:29:46 somepoorbox kernel: [30883839.026632] block drbd0: IO ERROR: neither local nor remote disk Dec 12 05:29:46 somepoorbox kernel: [30883839.026636] ata1: EH complete Dec 12 05:29:46 somepoorbox kernel: [30883839.026728] block drbd0: IO ERROR: neither local nor remote disk Dec 12 05:29:46 somepoorbox kernel: [30883839.026811] block drbd0: IO ERROR: neither local nor remote disk Dec 12 05:29:46 somepoorbox kernel: [30883839.162977] Buffer I/O error on device drbd0, logical block 53203520 Dec 12 05:29:46 somepoorbox kernel: [30883839.163110] lost page write due to I/O error on drbd0 Dec 12 05:29:46 somepoorbox kernel: [30883839.163117] Buffer I/O error on device drbd0, logical block 59744311 Dec 12 05:29:46 somepoorbox kernel: [30883839.163200] lost page write due to I/O error on drbd0 Dec 12 05:29:46 somepoorbox kernel: [30883839.163208] Buffer I/O error on device drbd0, logical block 59744312 Dec 12 05:29:46 somepoorbox kernel: [30883839.163289] lost page write due to I/O error on drbd0 Dec 12 05:29:46 somepoorbox kernel: [30883839.163299] Buffer I/O error on device drbd0, logical block 59746338 Dec 12 05:29:46 somepoorbox kernel: [30883839.163316] Buffer I/O error on device drbd0, logical block 59744312 Dec 12 05:29:46 somepoorbox kernel: [30883839.163320] lost page write due to I/O error on drbd0 Dec 12 05:29:46 somepoorbox kernel: [30883839.163328] EXT3-fs: ext3_journal_dirty_data: aborting transaction: IO failure in ext3_journal_dirty_data Dec 12 05:29:46 somepoorbox kernel: [30883839.163336] EXT3-fs (drbd0): error in ext3_orphan_add: Readonly filesystem Dec 12 05:29:46 somepoorbox kernel: [30883839.165257]  [] ? warn_slowpath_common+0x91/0xe0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165260] EXT3-fs (drbd0): I/O error while writing superblock Dec 12 05:29:46 somepoorbox kernel: [30883839.165280]  [] ? ext3_get_group_desc+0x51/0xa0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165285] JBD: Spotted dirty metadata buffer (dev = drbd0, blocknr = 0). There's a risk of filesystem corruption in case of system crash. Dec 12 05:29:46 somepoorbox kernel: [30883839.165292]  [] ? warn_slowpath_null+0x1a/0x20 Dec 12 05:29:46 somepoorbox kernel: [30883839.165297]  [] ? mark_buffer_dirty+0x82/0xa0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165316]  [] ? ext3_commit_super.clone.0+0x69/0x100 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165329]  [] ? ext3_handle_error+0x7f/0xe0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165343]  [] ? __ext3_std_error+0x5e/0xb0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165356]  [] ? ext3_orphan_add+0xbf/0x1a0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165360] EXT3-fs: ext3_journal_dirty_data: aborting transaction: IO failure in ext3_journal_dirty_data Dec 12 05:29:46 somepoorbox kernel: [30883839.165374]  [] ? journal_dirty_data_fn+0x0/0x30 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165378] EXT3-fs (drbd0): error in ext3_orphan_add: Readonly filesystem [] ? ext3_ordered_write_end+0x158/0x1c0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165395] Dec 12 05:29:46 somepoorbox kernel: [30883839.165400]  [] ? generic_file_buffered_write_iter+0x184/0x2b0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165407]  [] ? __generic_file_write_iter+0x225/0x420 Dec 12 05:29:46 somepoorbox kernel: [30883839.165412]  [] ? __generic_file_aio_write+0x85/0xa0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165417]  [] ? generic_file_aio_write+0x88/0x100 Dec 12 05:29:46 somepoorbox kernel: [30883839.165423]  [] ? do_sync_write+0xf2/0x140 Dec 12 05:29:46 somepoorbox kernel: [30883839.165432]  [] ? sys_getpeername+0xd4/0xf0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165436]  [] ? vfs_write+0xb8/0x1a0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165441]  [] ? fget_light_pos+0x16/0x50 Dec 12 05:29:46 somepoorbox kernel: [30883839.165445]  [] ? sys_write+0x51/0xb0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165450]  [] ? __audit_syscall_exit+0x25e/0x290 Dec 12 05:29:46 somepoorbox kernel: [30883839.165455]  [] ? system_call_fastpath+0x16/0x1b Dec 12 05:29:46 somepoorbox kernel: [30883839.165459] ---[ end trace 32aa3e2dc89d4c30 ]--- Dec 12 05:29:46 somepoorbox kernel: [30883839.165462] Tainting kernel with flag 0x9   

  • scp: ambiguous target error and solution


    scp -rp Week09 one@10.10.5.80:"/some/remote/path/with a space/"

    Gives me an error:

    scp: ambiguous target
     

    The issue is caused by the space in the remote path which needs to be escaped like this:

    scp -rp Week09 one@10.10.5.80:"/some/remote/path/with a space/"

    Basically you add a backslash in front of each space.


  • VirtualBox How To Add iSCSI Storage using VBoxManage


    #to show all
    VBoxManage list vms

    #show ONLY running vms

    VBoxManage list runningvms


    VBoxManage storageattach test --storagectl "SATA" --port 0 --device 0 --type hdd --medium iscsi --server 192.168.1.91 --target "iqn.2018-12.local.abcrandom.target:sdb" --initiator "iqn.1982-01.ca.bla.tld:abc123" --tport 3260 --lun 1
    iSCSI disk created. UUID: 3bbdd942-f3b0-4bc9-8f22-b0118f6f11ec

    --server = the IP address of the iSCSI target server

    --target = the target on the iSCSI srever

    --initiator = your initiator name (eg. the equivalent of /etc/iscsi/initiator.iscsi)

    --lun 1 (or whatever LUN number

    Troubleshooting

    If the disk creates successfully but VBox says it is inacessible it means you have probably specified something wrong in the flags above.  Eg. a typo in your target, initiator, forgetting your LUN

    UUID Already Exists

    VBoxManage storageattach test --storagectl "SATA" --port 0 --device 0 --type hdd --medium iscsi --server 192.168.1.91 --target "iqn.1982-01.ca.bla.tld:abc123"
    VBoxManage: error: Cannot register the hard disk '192.168.1.91|iqn.1982-01.ca.bla.tld:abc123' {16b201f8-da53-499c-86ec-753a8b940e58} because a hard disk '192.168.1.91|iqn.1982-01.ca.bla.tld:abc123' with UUID {8cd2dd6e-9b69-488c-81f6-22fa96da0a2f} already exists
    VBoxManage: error: Details: code NS_ERROR_INVALID_ARG (0x80070057), component VirtualBoxWrap, interface IVirtualBox, callee nsISupports
    VBoxManage: error: Context: "CreateMedium(Bstr("iSCSI").raw(), bstrISCSIMedium.raw(), AccessMode_ReadWrite, DeviceType_HardDisk, pMedium2Mount.asOutParam())" at line 608 of file VBoxManageStorageController.cpp

    #list all hdds

     

    vboxmanage list hdds

    UUID:           8cd2dd6e-9b69-488c-81f6-22fa96da0a2f
    Parent UUID:    base
    State:          inaccessible
    Type:           normal (base)
    Location:       192.168.1.91|iqn.1982-01.ca.bla.tld:abc123
    Storage format: iSCSI
    Capacity:       0 MBytes
    Encryption:     disabled



    #let's delete it

    vboxmanage closemedium disk 8cd2dd6e-9b69-488c-81f6-22fa96da0a2f --delete

    #uh oh iSCSI disks can't be deleted this way

    vboxmanage closemedium disk 8cd2dd6e-9b69-488c-81f6-22fa96da0a2f --delete
    VBoxManage: error: Medium format 'iSCSI' does not support storage deletion
    VBoxManage: error: Details: code VBOX_E_NOT_SUPPORTED (0x80bb0009), component MediumWrap, interface IMedium, callee nsISupports
    VBoxManage: error: Context: "DeleteStorage(pProgress.asOutParam())" at line 1603 of file VBoxManageDisk.cpp
    VBoxManage: error: Failed to delete medium. Error code Unknown Status -2135228407 (0x80bb0009)

    Sometimes just using closemedium before works:


    vboxmanage closemedium disk 8cd2dd6e-9b69-488c-81f6-22fa96da0a2f

    Either way after the above you should be able to retry to connect your iSCSI disk


  • iSCSI on Centos 7 Configuration and Setup Guide for Initiator and Target


    initiator = client

    target = server

    These are the first concepts you should understand which is that in iscsi essentially the "initiator" is the client and the "target" is the server.

    iSCSI is derived from the old fashioned SCSI that us oldtimers grew to love.  The "i" stands for Internet and the SCSI stands for "Small Computers Systems Interface" (SCSI).

    iSCSI Target (Server) Setup

    targetcli is the package that creates the iSCSI server and allows you to export your devices. 

    yum -y install targetcli

    Loaded plugins: fastestmirror, langpacks
    Loading mirror speeds from cached hostfile
     * base: centos.ca-west.mirror.fullhost.io
     * epel: mirrors.cat.pdx.edu
     * extras: centos.ca-west.mirror.fullhost.io
     * updates: centos.ca-west.mirror.fullhost.io
    Resolving Dependencies
    --> Running transaction check
    ---> Package targetcli.noarch 0:2.1.fb46-6.el7_5 will be updated
    ---> Package targetcli.noarch 0:2.1.fb46-7.el7 will be an update
    --> Finished Dependency Resolution

    Dependencies Resolved

    ================================================================================
     Package            Arch            Version                 Repository     Size
    ================================================================================
    Updating:
     targetcli          noarch          2.1.fb46-7.el7          base           67 k

    Transaction Summary
    ================================================================================
    Upgrade  1 Package

    Total download size: 67 k
    Downloading packages:
    No Presto metadata available for base
    targetcli-2.1.fb46-7.el7.noarch.rpm                        |  67 kB   00:00    
    Running transaction check
    Running transaction test
    Transaction test succeeded
    Running transaction
      Updating   : targetcli-2.1.fb46-7.el7.noarch                              1/2
      Cleanup    : targetcli-2.1.fb46-6.el7_5.noarch                            2/2
      Verifying  : targetcli-2.1.fb46-7.el7.noarch                              1/2
      Verifying  : targetcli-2.1.fb46-6.el7_5.noarch                            2/2

    Updated:
      targetcli.noarch 0:2.1.fb46-7.el7                                            

    Complete!

     

    systemctl enable target

    systemctl start target

    systemctl disable firewalld

    systemctl stop firewalld

    firewall-cmd --permanent --add-port=3260/tcp firewall-cmd --reload
    


     

    Launch targetcli to configure our iSCSI target

    targetcli
    Warning: Could not load preferences file /root/.targetcli/prefs.bin.
    targetcli shell version 2.1.fb46
    Copyright 2011-2013 by Datera, Inc and others.
    For help on commands, type 'help'.

    />

    Let's see what block storage/backing devices we have?

    /> cd backstores/block
    /backstores/block> ls
    o- block .................................................. [Storage Objects: 0]
    /backstores/block>

    Create our iSCSI disk

    /backstores/block> create areebsfault /dev/sdb
    Created block storage object areebsfault using /dev/sdb.

    Create our target

    The "iqn" must go first and then year-time and then local and finally the "host name" and after the colon the target name "sdb".  IQN= iSCSI Qualified Name

    • iqn
    • Date (1982-01)
    • Reversed domain name of the authority (eg. target.abcrandom.local) becomes local.abcrandom.target
    • Optional “:” that prefixes a storage target name specified by the naming authority

     

    cd /iscsi

    /iscsi> create iqn.2018-12.local.abcrandom.target:sdb
    Created target iqn.2018-12.local.abcrandom.target:sdb.
    Created TPG 1.
    Global pref auto_add_default_portal=true
    Created default portal listening on all IPs (0.0.0.0), port 3260.

    Do we have any LUN?

    /iscsi/iqn.20...sdb/tpg1/acls> cd /iscsi/iqn.2018-12.local.abcrandom.target:sdb/
    /iscsi/iqn.20...om.target:sdb> ls
    o- iqn.2018-12.local.abcrandom.target:sdb ............................ [TPGs: 1]
      o- tpg1 ............................................... [no-gen-acls, no-auth]
        o- acls .......................................................... [ACLs: 0]
        o- luns .......................................................... [LUNs: 0]
        o- portals .................................................... [Portals: 1]
          o- 0.0.0.0:3260 ..................................................... [OK]

    Create our LUN

    cd /iscsi/iqn.2018-12.local.abcrandom.target:sdb/tpg1/luns


    /iscsi/iqn.20...sdb/tpg1/luns> create /backstores/block/areebsfault lun1
    Created LUN 1.

    /iscsi/iqn.20...sdb/tpg1/luns> ls
    o- luns .............................................................. [LUNs: 1]
      o- lun1 .................... [block/areebsfault (/dev/sdb) (default_tg_pt_gp)]

    Create ACL so our initiator can connect


    cd /iscsi/iqn.2018-12.local.abcrandom.target:sdb/tpg1/acls


    /iscsi/iqn.20...sdb/tpg1/acls> create iqn.1982-01.ca.bla.tld:abc123
    Created Node ACL for iqn.1982-01.ca.bla.tld:abc123
    Created mapped LUN 1.

    *Note the iqn for this ACL as you will need to use it in the clientside (initiator setup).

     

    Client Side Setup

    systemctl disable firewalld

    systemctl stop firewalld

    firewall-cmd --permanent --add-port=3260/tcp firewall-cmd --reload
    

    yum -y install iscsi-initiator-utils
     

    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
     * base: mirror.its.sfu.ca
     * extras: mirror.its.sfu.ca
     * updates: mirror.its.sfu.ca
    Resolving Dependencies
    --> Running transaction check
    ---> Package iscsi-initiator-utils.x86_64 0:6.2.0.874-10.el7 will be installed
    --> Processing Dependency: iscsi-initiator-utils-iscsiuio >= 6.2.0.874-10.el7 for package: iscsi-initiator-utils-6.2.0.874-10.el7.x86_64
    --> Running transaction check
    ---> Package iscsi-initiator-utils-iscsiuio.x86_64 0:6.2.0.874-10.el7 will be installed
    --> Finished Dependency Resolution

    Dependencies Resolved

    ================================================================================
     Package                           Arch      Version              Repository
                                                                               Size
    ================================================================================
    Installing:
     iscsi-initiator-utils             x86_64    6.2.0.874-10.el7     base    421 k
    Installing for dependencies:
     iscsi-initiator-utils-iscsiuio    x86_64    6.2.0.874-10.el7     base     92 k

    Transaction Summary
    ================================================================================
    Install  1 Package (+1 Dependent package)

    Total download size: 513 k
    Installed size: 2.6 M
    Downloading packages:
    (1/2): iscsi-initiator-utils-6.2.0.874-10.el7.x86_64.rpm   | 421 kB   00:00    
    (2/2): iscsi-initiator-utils-iscsiuio-6.2.0.874-10.el7.x86 |  92 kB   00:00    
    --------------------------------------------------------------------------------
    Total                                              977 kB/s | 513 kB  00:00    
    Running transaction check
    Running transaction test
    Transaction test succeeded
    Running transaction
      Installing : iscsi-initiator-utils-6.2.0.874-10.el7.x86_64                1/2
      Installing : iscsi-initiator-utils-iscsiuio-6.2.0.874-10.el7.x86_64       2/2
      Verifying  : iscsi-initiator-utils-iscsiuio-6.2.0.874-10.el7.x86_64       1/2
      Verifying  : iscsi-initiator-utils-6.2.0.874-10.el7.x86_64                2/2

    Installed:
      iscsi-initiator-utils.x86_64 0:6.2.0.874-10.el7                              

    Dependency Installed:
      iscsi-initiator-utils-iscsiuio.x86_64 0:6.2.0.874-10.el7                     

    Complete!

    Edit initiatorname.iscsi

    vi /etc/iscsi/initiatorname.iscsi

    You can also use the echo command (make sure you use the correct iqn):

    echo "InitiatorName=iqn.1982-01.ca.bla.tld:abc123" > /etc/iscsi/initiatorname.iscsi

    Start and Enable iscsid

    [root@localhost ~]# systemctl start iscsid
    [root@localhost ~]# systemctl enable iscsid
    Created symlink from /etc/systemd/system/multi-user.target.wants/iscsid.service to /usr/lib/systemd/system/iscsid.service.

    Find Targets!

    iscsiadm -m discovery --type sendtargets -p 192.168.1.91
    192.168.1.91:3260,1 iqn.2018-12.local.abcrandom.target:sdb

    If all is well you should see this with ls

    ls /var/lib/iscsi/nodes
    iqn.2018-12.local.abcrandom.target:sdb
    [root@localhost ~]# ls /var/lib/iscsi/
    ifaces/       nodes/        slp/         
    isns/         send_targets/ static/      
    [root@localhost ~]# ls /var/lib/iscsi/send_targets/
    192.168.1.91,3260

    Mount all iscsi targets

    iscsiadm -m node -l
    Logging in to [iface: default, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] (multiple)
    Login to [iface: default, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] successful.

     

    You should now see a /dev/sdb available that you can format like a normal disk.
     

    cat /proc/partitions
    major minor  #blocks  name

      11        0    1048575 sr0
       8        0   15728640 sda
       8        1    1048576 sda1
       8        2   14679040 sda2
     253        0   13103104 dm-0
     253        1    1572864 dm-1
       8       16       4096 sdb

     

    Set it for onboot loading

     mkfs.ext4 /dev/sdb1
    mke2fs 1.42.9 (28-Dec-2013)
    Filesystem label=
    OS type: Linux
    Block size=1024 (log=0)
    Fragment size=1024 (log=0)
    Stride=0 blocks, Stripe width=32764 blocks
    1024 inodes, 4092 blocks
    204 blocks (4.99%) reserved for the super user
    First data block=1
    Maximum filesystem blocks=4194304
    1 block group
    8192 blocks per group, 8192 fragments per group
    1024 inodes per group

    Allocating group tables: done                           
    Writing inode tables: done                           
    Creating journal (1024 blocks): done
    Writing superblocks and filesystem accounting information: done

    [root@localhost ~]# blkid /dev/sdb1
    /dev/sdb1: UUID="7c1b6358-24b0-4296-b099-13eb1100f72e" TYPE="ext4"

    add something like this to /etcfstab

    UUID=7c1b6358-24b0-4296-b099-13eb1100f72e /mnt/iscsi ext4 _netdev 0 0

    Troubleshooting Common Issues

    1. Firewall Issues.  Make sure firewalls are disabled or port 3260 is enabled.
    2. Listening on the wrong IP or port in your portal.
    3. Specifying the target instead of the initiator name/ACL name.
    4. Not creating an LUN
    5. Mixing up different target names with the wrong initiator name.
    6. The client side is using the wrong initiator name (often a random generated one by the OS).

    How To

    Login To All Targets

    iscsiadm -m node -l

    Login To Specific Target

    iscsiadm -m node -l -T iqn.target.name:bla

    Delete your iscsi target

    /iscsi> cd /iscsi/
    /iscsi> delete iqn.2016-06.localb.a.bla:123
    Deleted Target iqn.2016-06.localb.a.bla:123.

    Disconnect your client from a target

    iscsiadm -m node --logout -T iqn.2018-12.local.abcrandom.target:sdb
    Logging out of session [sid: 1, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260]
    Logout of [sid: 1, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] successful.

     

    Disconnect from ALL targets

    iscsiadm -m node --logout all
    Logging out of session [sid: 2, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260]
    Logout of [sid: 2, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] successful.

     


  • Python and BeautifulSoup4's BS4's Decompose Method To Remove Unwanted Inner Tags


    <div class="c-shca-icon-item__body-name">

        < a href="/Products/MX72244">
            < span class="c-shca-icon-item__body-name-brand">

                ADATA
                < / span>
                    XPG SX8200 PCI - E 3.0 x4 M .2 NVMe SSD, 480 GB
                    < / a>


    The problem in the html above is that there is a "span" inside the "a" and this is unusual except for a few products with ADATA.
    Otherwise it would print out ADATA with the other product information "XPG SX8200 PCI - E 3.0 x4 M .2 NVMe SSD, 480 GB".  So we just want the product info and not the ADATA inside span.

    The solution is to use beautifulsoup's "decompose method below".



        hddname = prices.find("div", {"class": "c-shca-icon-item__body-name"})
        hddname=hddname.find("a")
        hddname.span.decompose()
        hddname=hddname.get_text().strip()

     

    Once we have the "a" tag contents which contain a "span inside".  We just use the decompose() method.

    The format is as follows

    soupname.tagname.decompose()


  • httpd AH00534: httpd: Configuration error: No MPM loaded. solution


    httpd
    AH00534: httpd: Configuration error: No MPM loaded.

    Simple Solution (assuming you don't have this line in httpd.conf aleady:


    echo "Include conf.modules.d/*.conf" >>  /etc/httpd/conf/httpd.conf

     


  • bash script to remove modules from httpd.conf that are not actually installed


    confmodules=`cat /etc/httpd/conf/httpd.conf |grep -v ^#|grep  "modules/"|awk '{print $3}'|cut -d "/" -f 2`

    for module in $confmodules; do
      echo "module=$module"
      if [ ! -f /etc/httpd/modules/$module ]; then
        linenum=`awk /"$module/{ print NR; exit}" /etc/httpd/conf/httpd.conf`
        sed -i "$linenum"s/.*// /etc/httpd/conf/httpd.conf
        echo "hey we don't have this $module in /etc/httpd/modules"
      fi
    done

    Basically the script checks all of the modules your httpd.conf tries to load.  Then it checks if the file actually exists in /etc/httpd/modules/ and if it doesn't it edits httpd.conf by removing the relevant line for the module that doesn't exist.


  • bash scripting how to create a function


    function centos7 {
      release=`cat /etc/redhat-release|awk '{print $4}'|grep ^[7]`

      if [ "$release" != "" ]; then
         centos7='yes'
      fi

    }

    centos7

    echo "$centos7"

    We create a function called "centos7" and then call it by just typing "centos7"

    We then access a variable that may be set if we are running centos7 which is also called "$centos7".

    If the value is present it should be = "yes" which means we are running Centos 7.


  • Centos 7 PHP MySQL Not Working Solution


    PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/pdo_mysql.so' - /usr/lib64/php/modules/pdo_mysql.so: symbol mysql_options, version libmysqlclient_18 not defined in file libmysqlclient.so.18 with link time reference in Unknown on line 0

    #not sure what is wrong with php-mysql but I removed it and installed mysqlnd

    yum -y remove php-mysql
    yum -y install php-mysqlnd


  • Bash How To Cut or Split Natively And Get The LAST Field


    This takes "yourvariable" and splits it based on the last character in this case "-" and shows the last field of that split.
     

    ${yourvariable##*-}

     


  • Bash Script How To Manipulate Text/Strings By Searchig and Replacing Natively


      # a single first slash means first occurrence
      # format=${haystack/needle/replacement}
      # if you use a double first slash it means ALL occurrences
      # format=${haystack//needle/replacement}


      email=${file/.txt-marked/}
     

    In the example above we are searching in the variable $file for ".txt-marked" and replacing with nothing (the empty part after the last / means we are replacing with nothing or actually removing it).  

    How to replace all occurrences?

      email=${file//.txt-marked/}

    The only difference is where the first slash goes.  If you use double slashes it means to replace ALL occurences.


  • How Does Cisco CUCM (Cisco Unified Communication Manager) Work?


    Cisco's CUCM (Cisco Unified Communication Manager) is a system that combines voice, video, data and mobile products into a single unified management suite.  At its core, the CUCM is like a "Super PBX" that controls the flow of all communications through an organization even single or multiple site deployments.

    Cisco's CUCM makes communication more effective and simple through centralized management and unification of communications resources.

    How Does CUCM Work?

    First of all the CUCM is a Linux based OS that is installed onto a server.  It is like the "Control Panel" or "PBX" for all of your communications in terms of voice and video. 

    CUCM consists of 4-layers or building blocks to function and create a cohesive communication solution for your enterprise.

    4-Layers of CUCM

     

    Layer 1.) Infrastructure

    Since CUCM is IP (Internet Protocol) based it uses traditional network infrastructure including switches, routers with the addition of voice specific gateway and switching (voice gateway and voice switch).  This layer is also where high availability, QoS (Quality of Service) and management.

    Layer 2.) Call Control

    The call control layer is actually where CUCM lives and is active.  It is the layer that handles and processes the calls, manages devices and where the PBX administrator can set dial plans and other features.

    Layer 3.) Application

     The applicaton layer processes things other than calls and is indepedent of the Call Control layer. 

    Examples of applications under this layer are the following:

    1. Cisco Unity - Voicemail, unified messaging and integrated messaging applications
    2. Cisco Unified Contact Center - Call Center Management
    3. Cisco Unified Meeting Place - Video Conferencing
    4. Cisco ER (Emergency Responder) - Identifies the caller location and maps that location to an emergency line identification number.
    5. Cisco Unified Presence Server - Collects and reports information on user devices and availability over what mediums (eg. voice, video etc..)
    6. Third Party App Support - Supports common standards such as TAPI (Telephone Application Programming Interface),  SIP (Session Initiation Protocol) (for VOIP), H.323 (an open standard that allows for unified video, audio and data collaboration), MGCP (Media Gateway Control Protocol)

    Layer 4.) Endpoints

    The end points layer should be described and thought of as the "user level" which is essentially the end-product for the end user.  This is because the Endpoints layer presents itself as a Cisco based IP phone, or other VOIP device/application, video terminal etc.

     

    How the Cisco Unified Communications Network Works

    The Cisco CUCM is like the "director" or "operator" of calls and helps initially connect or signal the parties involved in a phone conversation.  It refers to the complete process of originating, terminating and routing calls.  It also allows for stats to be collected for metrics and billing.

    The actual voice and data travels directly between the devices themselves over whatever network they are connected to and the failure or loss of connectivity to the CUCM does not impact current conversations (unless you try to use a feature that CUCM controls such as hold, transfer etc..)

    The CUCM also creates dialplans which control how and where a user can call.  

    CUCM also creates basic phone functionality such as the ability to hold, conference or transfer calls.

    CUCM also integrates with your existing Active Directory setup to help reduce the configuration and authentication of new users.

    How Do Calls Get Setup?

    Once the end-user picks up their phone, the phone signals the CUCM that it is "off hook" or "picked up" and will signal the device to play the dialtone.  Their device either sends each digit back to CUCM to be dialed (if it uses the SCCP protocol) or sends all digits at once, once the user has dialed (if using the SIP protocol).  If a match is found in their dialplan on their CUCM the call will be routed/go through, otherwise the user would receive the "reorder tone" or busy signal.

     

     

     

    Recommended Implementation - Campus Model

    In this call processing deployment model, the Unified Communications services and the endpoints are co-located in the campus, and the QoS-enabled network between the service nodes, the endpoints, and applications is considered highly available, offering virtually unlimited bandwidth with less than 15 ms of latency end-to-end. Likewise, the quality and availability of power are very high, and services are hosted in an appropriate data center environment. Communications between the endpoints traverses a LAN or a MAN, and communications outside the enterprise goes over an external network such as the PSTN. An enterprise would typically deploy the campus model over a single building or over a group of buildings connected by a LAN or MAN.

     The campus model typically has the following design characteristics:

    •Single Cisco Unified CM cluster. Some campus call processing deployments may require more than one Unified CM cluster, for instance, if scale calls for more endpoints than can be serviced by a single cluster or if a cluster needs to be dedicated to an application such as a call center.

    •Alternatively for smaller deployments, Cisco Business Edition 3000, 5000, or 6000 may be deployed in the campus.

    •Maximum of 40,000 configured and registered Skinny Client Control Protocol (SCCP) or Session Initiation Protocol (SIP) IP phones, Cisco Cius, video endpoints, mobile clients, and Cisco Virtualization Experience Clients (VXC) per Unified CM cluster.

    •Maximum of 2,100 gateways and trunks (that is, the total number of H.323 gateways, H.323 trunks, digital MGCP devices, and SIP trunks) per Unified CM cluster.

    •Trunks and/or gateways (IP or PSTN) for all calls to destinations outside the campus.

    •Co-located digital signal processor (DSP) resources for conferencing, transcoding, and media termination point (MTP).

    •Other Unified Communications services, such as messaging (voicemail), presence, and mobility are typically co-located.

    •Interfaces to legacy voice services such as PBXs and voicemail systems are connected within the campus, with no operational costs associated with bandwidth or connectivity.

    •Multipoint Control Unit (MCU) resources are required for multipoint video conferencing. Depending on conferencing requirements, these resources may be either SCCP or H.323, or both.

    •H.323 and H.320 video gateways are needed to communicate with H.320 videoconferencing devices on the public ISDN network.

    •High-bandwidth audio is available (for example, G.722 or Cisco Wideband Audio) between devices within the site.

    •High-bandwidth video (for example, 384 kbps or greater) is available between devices within the site. The Cisco Unified Video Advantage Wideband Codec, operating at 7 Mbps, is also supported.
    Best Practices for the Campus Model

    Follow these guidelines and best practices when implementing the single-site model:

    •Ensure that the infrastructure is highly available, enabled for QoS, and configured to offer resiliency, fast convergence, and inline power.

    •Know the calling patterns for your enterprise. Use the campus model if most of the calls from your enterprise are within the same site or to PSTN users outside your enterprise.

    •Use G.711 codecs for all endpoints. This practice eliminates the consumption of digital signal processor (DSP) resources for transcoding, and those resources can be allocated to other functions such as conferencing and media termination points (MTPs).

    •Implement the recommended network infrastructure for high availability, connectivity options for phones (in-line power), Quality of Service (QoS) mechanisms, and security. (See Network Infrastructure.)

    •Follow the provisioning recommendations listed in the chapter on Call Processing.


  • What DNS Options Does Active Directory Offer in Windows Server 2008,2012,2016 ?


    What Is Active Directory?

    Active Directory is essentially an enhanced, centralized database with a set of objects that make user management, authorization, and data management simpler.  Active Directory is synonymous with "Domain Controllers" where a single "domain" often consists of multiple sites and members of the domain.  Multiple domains can also be joined to belong to a tree ( a collection of domains).  And the highest layer is the forest which is created from multiple trees.

    Active Directory can help provide DNS service by enabling the "DNS Server Role" which will allow members of a Domain to process DNS requests and create a highly available,  fault-tolerant, redundant DNS design.

    The first step is to ensure all relevant servers have the "Active Directory" role added and including the DNS portion.

    The preferred method and setup is that the first DNS server should be set to the IP of another domain controller or DNS server that serves DNS and the secondary one should point to the localhost.  DNS forwarders should be configured on each server that is running DNS, as this allows DNS resolutons to the outside to continue working in the event that one server hosting DNS goes down.

     

    Best Practices According To Microsoft:

    Question

    What is Microsoft’s best practice for where and how many DNS servers exist? What about for configuring DNS client settings on DC’s and members?

    Answer

    It depends on who you ask. 🙂 We in MS have been arguing this amongst ourselves for 11 years now. Here are the general guidelines that the Microsoft AD and Networking Support teams give to customers, based on our not inconsiderable experience with customers and their CritSits:

    1. If a DC is hosting DNS, it should point to itself at least somewhere in the client list of DNS servers.

    2. If at all possible on a DC, client DNS should point to another DNS server as primary and itself as secondary or tertiary. It should not point to self as primary due to various DNS islanding and performance issues that can occur. (This is where the arguments usually start)

    3. When referencing a DNS server on itself, a DNS client should always use a loopback address and not a real IP address.

    4. Unless there is a valid reason not to that you can concretely explain with more pros than cons, all DC’s in a domain should be running DNS and hosting at least their own DNS zone; all DC’s in the forest should be hosting the _MSDCS zones. This is default when DNS is configured on a new Win2003 or later forest’s DC’s. (Lots more arguments here).

    5. DC’s should have at least two DNS client entries.

    6. Clients should have these DNS servers specified via DHCP or by deploying via group policy/group policy preferences, to avoid admin errors; both of those scenarios allow you to align your clients with subnets, and therefore specific DNS servers. Having all the clients & members point to the same one or two DNS servers will eventually lead to an outage and a conversation with us and your manager. If every DC is a DNS server, clients can be fine-tuned to keep their traffic as local as possible and DNS will be highly available with special work or maintenance. It also means that branch offices can survive WAN outages and keep working, if they have local DC’s running DNS.

    7. We don’t care if you use Windows or 3rd party DNS. It’s no skin off our nose: you already paid us for the DC’s and we certainly don’t need you to buy DNS-only Windows servers. But we won’t be able to assist you with your BIND server, and their free product’s support is not free.

    8. (Other things I didn’t say that are people’s pet peeves, leading to even more arguments).

     

    Other Options

    It should be noted that Active Directory Domain Controllers are not required to serve their own DNS and it is optional at the time of domain controller creation.

    Another option that exists are the integration of Linux's NAMED or BIND DNS Server which is known to scale well and be extremely reliable.

    Many cybersecurity experts believe this provides an enhanced level of performance and security, while still giving you the full features that Active Directory offers.

    In general having a non-Microsoft DNS can offer you better performance and security.  Securing your DNS servers is especially important, not only for DOS attacks but DNS poisoning especially due to privilege escalation or a compromise of a domain controller.  This would allow an attacker to trick users into believing they were visiting a site they are not (eg. accounting may login to their online banking but unknowingly pass their details off to the hackers who have poisoned the DNS and sent them to a spoof site).

    Here is a list of some of the value-added features offered by third-party DNS solutions available today:

    • Proactive automated adaptive behavior protection from DNS attacks, malware and data exfiltration through customized DNS firewall security
    • Utilize DNS and DHCP features that are unavailable from Microsoft in-box solutions such as Identity Mapping (linking IP addresses to users)
    • Intelligently resolve queries and direct traffic according to geographic location
    • Increased logging to help determine where issues and attacks are originating
    • Utilizing a single solution for external and internal DNS (aka "single view")
    • Operating system-agnostic way to manage DNS
    • Increased security by reducing admin privilege usage
    • Increased granularity for control of dynamic DNS updates via IP-based access-control, as opposed to the Microsoft's three-level approach of "none," "secure only" (i.e., AD-integrated clients (GSS-TSIG)) or "secure and insecure" (i.e., anyone, no TSIG or IP-based authentication required)

    A good example is if you have 10 servers:


    Server 1
    Primary DNS: 172.16.254.2
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 2
    Primary DNS: 172.16.254.3
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 3
    Primary DNS: 172.16.254.4
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 4
    Primary DNS: 172.16.254.5
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 5
    Primary DNS: 172.16.254.6
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 6
    Primary DNS: 172.16.254.7
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 7
    Primary DNS: 172.16.254.8
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 8
    Primary DNS: 172.16.254.9
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 9
    Primary DNS: 172.16.254.10
    Second DNS: 127.0.0.1
    ---------------------------------
    Server 10
    Primary DNS: 172.16.254.11
    Second DNS: 127.0.0.1
    ---------------------------------

     


    By setting up your DNS this way you are ensuring that should a domain member that provides DNS goes down that you have redundancy and the remaining servers will still function rather than if they were all relying on a single server as their secondary DNS source.


  • syntax error, unexpected T_SL in PHP Solution


    This happened in a PHP script with heredoc but it could really happen anywhere.  The issue was whitespace in code like this:

     

    $variable = <<< HTML
      some stuff here
      $othervar
    HTML;

     

    Notice on the first line that there is extra white space after the HTML.  Whitespace was a deadly killer since it isn't obvious in terms of syntax.


  • grep regular expression match number range between specific numbers


    grep -E servers1[2-6] somefile.txt

    The 1 before the [ bracket means that the number must start with one and can be between 1 and [2-6] or in plain English between 12-16.
     


  • bash how to print out lines of text within a range from the first occurrence


    #get line number of occurrence in text file and then print out x lines from that point

    #get the line number of the first occurrence of our search text
    linenumber=`grep -n "someuniqueitem" inventory.txt|head -n1|cut -d ":" -f 1`
    #linestop represents how many lines after the occurring line we want to print out in this case "20"
    linestop=$((linenumber+20))


    # sed prints out the line range we want for inventory.txt
    # note that the p after $linestop tells sed to print
    sed -n "$linenumber,$linestop p" inventory.txt

    Combing it into one line:

    linenumber=`grep -n "evodal07" inventory.txt|head -n1|cut -d ":" -f 1`&&sed -n "$linenumber,$((linenumber+20)) p" inventory.txt


  • bash script how to to check LAN computers for open ports


    In this case it just searches for port 80 it is fairly handy if you have some sort of appliance or something else you aren't sure of the IP of

    Of course change the port 80 port to whatever port(s) you want.

    for ip in `arp -n|arp -n|tail -n +2|head -n -1 |grep -v incomplete|awk '{print $1}'`; do

     echo "checking $ip:80"
     nc -w 1 -z $ip 80

     if [ "$?" == 0 ]; then
      echo "**Port 80 Open on $ip**"
     fi

    done


  • MySQL Using mytop Debug Source of High IO and Slow Performance


    mytop is one of my favorite tools and it is fairly simple aside from a few caveats and issues that persist to this day.

    To install it on Centos:

    yum -y install centos

    Configure ~/.mytop

    vi ~/.mytop

    user=root
    host=localhost
    db=test
    #port=3306
    socket=/var/lib/mysql/mysql.sock
    header=1
    color=1

    Try running it and see this error:

    mytop --prompt

    Error Fix:

    vi /usr/bin/mytop

    #comment this out:

        #"long|!"              => $config{long_nums},

     

     

    Once you do get it running it's very useful you can watch queries in real time and if there is a single database slowing you down it will become apparent by watching the queries.  Even using slow queries cannot always find the cause because sometimes the query isn't technically slow but it is the iowait that doesn't allow the query to even start executing for a long time.

     


  • How To Mathematically Convert and Calculate Binary Value To Decimal Value


    When converting binary the easiest way is to write out a vertical list in a format like below and follow the formula in the table.

    Example Convert 1101 1111 to decimal.

    Step 1.)

    Write out the binary below in vertical form (leave lots of space on the left side).

    Keep this in mind that the "previous sum" starts at 0 on your first line.

    Step 2.)

    Formula:

    2 * Previous Sum  + Binary Number = Current Total

    Write out each line in order from top to bottom of 1101 1111 in the same format and perform the calculations below.

     

    Note that we alway use 0 for the previous sum.

    2 * Previous Sum +
    Binary Value
    = Current Total
    2 * 0 + 1 = 1
    2 * 1 + 1 = 3
    2 * 3 + 0 = 6
    2 * 6 + 1 = 13
    2 * 13 + 1 = 27
    2 * 27 + 1 = 55
    2 * 55 + 1 = 111
    2 * 111 + 1 = 223

     


  • systemd management using systemctl and journalctl to check systemd logs


    systemd is like the service manager for your Centos and other modern Linux distributions (including Debian/Mint/Ubuntu) allows you to enable services, stop them, restart them, check their status and even reboot your system.

    The key commands or arguments you will use with systemctl are the following:

    Unit Commands:
      list-units [PATTERN...]         List loaded units
      list-sockets [PATTERN...]       List loaded sockets ordered by address
      list-timers [PATTERN...]        List loaded timers ordered by next elapse
      start NAME...                   Start (activate) one or more units
      stop NAME...                    Stop (deactivate) one or more units
      reload NAME...                  Reload one or more units
      restart NAME...                 Start or restart one or more units
      try-restart NAME...             Restart one or more units if active
      reload-or-restart NAME...       Reload one or more units if possible,
                                      otherwise start or restart
      reload-or-try-restart NAME...   Reload one or more units if possible,
                                      otherwise restart if active
      isolate NAME                    Start one unit and stop all others
      kill NAME...                    Send signal to processes of a unit
      is-active PATTERN...            Check whether units are active
      is-failed PATTERN...            Check whether units are failed
      status [PATTERN...|PID...]      Show runtime status of one or more units
      show [PATTERN...|JOB...]        Show properties of one or more
                                      units/jobs or the manager
      cat PATTERN...                  Show files and drop-ins of one or more units
      set-property NAME ASSIGNMENT... Sets one or more properties of a unit
      help PATTERN...|PID...          Show manual for one or more units
      reset-failed [PATTERN...]       Reset failed state for all, one, or more
                                      units
      list-dependencies [NAME]        Recursively show units which are required
                                      or wanted by this unit or by which this
                                      unit is required or wanted

     

    check the state of all running services

    systemctl list-units --type service --all --state failed

    systemctl list-units --type service --all --state running

    systemctl list-units --type service --all --state active



    How Do You Enable or Disable Services

    systemctl enable sshd

    systemctl disable crond

    Note that disabling does NOT stop them if they are currently running.

     systemctl disable crond
    Removed symlink /etc/systemd/system/multi-user.target.wants/crond.service.
    [root@bcitcourse ~]# systemctl status crond
    ● crond.service - Command Scheduler
       Loaded: loaded (/usr/lib/systemd/system/crond.service; disabled; vendor preset: enabled)
       Active: active (running) since Sat 2018-11-03 19:12:14 UTC; 2 days ago
     Main PID: 139 (crond)
       CGroup: /system.slice/crond.service
               └─139 /usr/sbin/crond -n

    Sep 18 07:19:54 bcitcourse systemd[1]: Starting Command Scheduler...
    Sep 18 07:19:54 bcitcourse crond[31554]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 34% if used.)
    Sep 18 07:19:54 bcitcourse crond[31554]: (CRON) INFO (running with inotify support)
    Sep 18 07:19:54 bcitcourse crond[31554]: (CRON) INFO (@reboot jobs will be run at computer's startup.)
    Sep 18 07:23:54 bcitcourse systemd[1]: Stopping Command Scheduler...
    Sep 18 07:23:54 bcitcourse systemd[1]: Started Command Scheduler.
    Sep 18 07:23:54 bcitcourse systemd[1]: Starting Command Scheduler...
    Sep 18 07:23:54 bcitcourse crond[32128]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 44% if used.)
    Sep 18 07:23:54 bcitcourse crond[32128]: (CRON) INFO (running with inotify support)
    Sep 18 07:23:54 bcitcourse crond[32128]: (CRON) INFO (@reboot jobs will be run at computer's startup.)
    Nov 01 18:20:58 bcitcourse systemd[1]: Stopping Command Scheduler...
    Nov 01 18:20:58 bcitcourse systemd[1]: Stopped Command Scheduler.
    Nov 01 18:21:26 bcitcourse systemd[1]: Started Command Scheduler.
    Nov 01 18:21:26 bcitcourse systemd[1]: Starting Command Scheduler...
    Nov 01 18:21:26 bcitcourse crond[156]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 72% if used.)
    Nov 01 18:21:26 bcitcourse crond[156]: (CRON) INFO (running with inotify support)
    Nov 02 17:24:11 bcitcourse systemd[1]: Stopping Command Scheduler...
    Nov 02 17:24:11 bcitcourse systemd[1]: Stopped Command Scheduler.
    Nov 02 17:25:08 bcitcourse systemd[1]: Started Command Scheduler.
    Nov 02 17:25:08 bcitcourse systemd[1]: Starting Command Scheduler...
    Nov 02 17:25:08 bcitcourse crond[135]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 37% if used.)
    Nov 02 17:25:08 bcitcourse crond[135]: (CRON) INFO (running with inotify support)
    Nov 02 19:26:01 bcitcourse crond[135]: (wwwmaster) BAD FILE MODE (/var/spool/cron/wwwmaster)
    Nov 02 19:56:01 bcitcourse crond[135]: (wwwmaster) BAD FILE MODE (/var/spool/cron/wwwmaster)
    Nov 03 19:11:56 bcitcourse systemd[1]: Stopping Command Scheduler...
    Nov 03 19:11:56 bcitcourse systemd[1]: Stopped Command Scheduler.
    Nov 03 19:12:14 bcitcourse systemd[1]: Started Command Scheduler.
    Nov 03 19:12:14 bcitcourse systemd[1]: Starting Command Scheduler...
    Nov 03 19:12:14 bcitcourse crond[139]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 66% if used.)
    Nov 03 19:12:14 bcitcourse crond[139]: (wwwmaster) BAD FILE MODE (/var/spool/cron/wwwmaster)
    Nov 03 19:12:14 bcitcourse crond[139]: (CRON) INFO (running with inotify support)
    [root@bcitcourse ~]# ps aux|grep crond
    root       139  0.0  0.0  22700  1496 ?        Ss   Nov03   0:00 /usr/sbin/crond -n
    root      5833  0.0  0.0 112660   952 pts/3    S+   19:11   0:00 grep --color=auto crond

     

    How do targets work and what are they?

     

    It is similar to the traditional runtimes where generally normal non GUI operation would be considered "runlevel 3" and the GUI would be "runlevel 5".

    Instead, with systemctl you have targets for these that are based on names.

    A good example is when installing your GNOME GUI:

    You can do that, type startx and get your GUI.  But upon reboot you'll still be at the CLI.  Why?

    You need to set your default target to the graphical target like below.

    systemctl set-default graphical.target

     

    What targets are available on my system?

    ls  /usr/lib/systemd/system
    arp-ethers.service                       finger@.service                    nfs-blkmap.service                 rhel-configure.service     sockets.target.wants                    systemd-poweroff.service
    auth-rpcgss-module.service               finger.socket                      nfs-client.target                  rhel-dmesg.service         sound.target                            systemd-quotacheck.service
    autovt@.service                          firewalld.service                  nfs-config.service                 rhel-domainname.service    sshd-keygen.service                     systemd-random-seed.service
    basic.target                             fstrim.service                     nfs-idmapd.service                 rhel-import-state.service  sshd.service                            systemd-readahead-collect.service
    basic.target.wants                       fstrim.timer                       nfs-idmap.service                  rhel-loadmodules.service   sshd@.service                           systemd-readahead-done.service
    blk-availability.service                 garbd.service                      nfs-lock.service                   rhel-readonly.service      sshd.socket                             systemd-readahead-done.timer
    bluetooth.target                         geoclue.service                    nfslock.service                    rpcbind.service            suspend.target                          systemd-readahead-drop.service
    brandbot.path                            getty-pre.target                   nfs-mountd.service                 rpcbind.socket             swap.target                             systemd-readahead-replay.service
    brandbot.service                         getty@.service                     nfs-rquotad.service                rpcbind.target             sys-fs-fuse-connections.mount           systemd-reboot.service
    canberra-system-bootup.service           getty.target                       nfs-secure.service                 rpc-gssd.service           sysinit.target                          systemd-remount-fs.service
    canberra-system-shutdown-reboot.service  graphical.target                   nfs-server.service                 rpcgssd.service            sysinit.target.wants                    systemd-rfkill@.service
    canberra-system-shutdown.service         graphical.target.wants             nfs.service                        rpcidmapd.service          sys-kernel-config.mount                 systemd-shutdownd.service
    console-getty.service                    gssproxy.service                   nfs-utils.service                  rpc_pipefs.target          sys-kernel-debug.mount                  systemd-shutdownd.socket
    console-shell.service                    halt-local.service                 nmb.service                        rpc-rquotad.service        syslog.socket                           systemd-suspend.service
    container-getty@.service                 halt.target                        nscd.service                       rpc-statd-notify.service   syslog.target.wants                     systemd-sysctl.service
    crond.service                            hibernate.target                   nscd.socket                        rpc-statd.service          systemd-ask-password-console.path       systemd-timedated.service
    cryptsetup-pre.target                    htcacheclean.service               nss-lookup.target                  rsyncd.service             systemd-ask-password-console.service    systemd-tmpfiles-clean.service
    cryptsetup.target                        httpd.service                      nss-user-lookup.target             rsyncd@.service            systemd-ask-password-wall.path          systemd-tmpfiles-clean.timer
    ctrl-alt-del.target                      hybrid-sleep.target                ntalk.service                      rsyncd.socket              systemd-ask-password-wall.service       systemd-tmpfiles-setup-dev.service
    dbus-org.freedesktop.hostname1.service   initrd-cleanup.service             ntalk.socket                       rsyslog.service            systemd-backlight@.service              systemd-tmpfiles-setup.service
    dbus-org.freedesktop.import1.service     initrd-fs.target                   paths.target                       runlevel0.target           systemd-binfmt.service                  systemd-udevd-control.socket
    dbus-org.freedesktop.locale1.service     initrd-parse-etc.service           polkit.service                     runlevel1.target           systemd-bootchart.service               systemd-udevd-kernel.socket
    dbus-org.freedesktop.login1.service      initrd-root-fs.target              poweroff.target                    runlevel1.target.wants     systemd-firstboot.service               systemd-udevd.service
    dbus-org.freedesktop.machine1.service    initrd-switch-root.service         poweroff.target.wants              runlevel2.target           systemd-fsck-root.service               systemd-udev-settle.service
    dbus-org.freedesktop.timedate1.service   initrd-switch-root.target          printer.target                     runlevel2.target.wants     systemd-fsck@.service                   systemd-udev-trigger.service
    dbus.service                             initrd.target                      proc-fs-nfsd.mount                 runlevel3.target           systemd-halt.service                    systemd-update-done.service
    dbus.socket                              initrd.target.wants                proc-sys-fs-binfmt_misc.automount  runlevel3.target.wants     systemd-hibernate-resume@.service       systemd-update-utmp-runlevel.service
    dbus.target.wants                        initrd-udevadm-cleanup-db.service  proc-sys-fs-binfmt_misc.mount      runlevel4.target           systemd-hibernate.service               systemd-update-utmp.service
    debug-shell.service                      ip6tables.service                  quotaon.service                    runlevel4.target.wants     systemd-hostnamed.service               systemd-user-sessions.service
    default.target                           iptables.service                   rc-local.service                   runlevel5.target           systemd-hwdb-update.service             systemd-vconsole-setup.service
    default.target.wants                     kexec.target                       rdisc.service                      runlevel5.target.wants     systemd-hybrid-sleep.service            system.slice
    dev-hugepages.mount                      kmod-static-nodes.service          rdma-hw.target                     runlevel6.target           systemd-importd.service                 system-update.target
    dev-mqueue.mount                         local-fs-pre.target                rdma-load-modules@.service         saslauthd.service          systemd-initctl.service                 tcsd.service
    dracut-cmdline.service                   local-fs.target                    rdma-ndd.service                   sendmail.service           systemd-initctl.socket                  timers.target
    dracut-initqueue.service                 local-fs.target.wants              rdma.service                       serial-getty@.service      systemd-journal-catalog-update.service  timers.target.wants
    dracut-mount.service                     machine.slice                      reboot.target                      shutdown.target            systemd-journald.service                time-sync.target
    dracut-pre-mount.service                 machines.target                    reboot.target.wants                shutdown.target.wants      systemd-journald.socket                 tmp.mount
    dracut-pre-pivot.service                 messagebus.service                 remote-cryptsetup.target           sigpwr.target              systemd-journal-flush.service           umount.target
    dracut-pre-trigger.service               multi-user.target                  remote-fs-pre.target               sleep.target               systemd-kexec.service                   user.slice
    dracut-pre-udev.service                  multi-user.target.wants            remote-fs.target                   -.slice                    systemd-localed.service                 var-lib-nfs-rpc_pipefs.mount
    dracut-shutdown.service                  named.service                      rescue.service                     slices.target              systemd-logind.service                  vzfifo.service
    ebtables.service                         named-setup-rndc.service           rescue.target                      smartcard.target           systemd-machined.service                vzreboot.service
    emergency.service                        network-online.target              rescue.target.wants                smb.service                systemd-machine-id-commit.service       xinetd.service
    emergency.target                         network-pre.target                 rhel-autorelabel-mark.service      sm-client.service          systemd-modules-load.service
    final.target                             network.target                     rhel-autorelabel.service           sockets.target             systemd-nspawn@.service

     

    We can check by symlink to see what the default target is:

    lrwxrwxrwx 1 root root 16 Sep 18 07:18 /usr/lib/systemd/system/default.target -> graphical.target

    Checking to see what services start with a target

    systemctl list-dependencies default.target
    default.target
    ● ├─display-manager.service
    ● ├─mysqld.service
    ● ├─network.service
    ● ├─quotaon.service
    ● ├─systemd-readahead-collect.service
    ● ├─systemd-readahead-replay.service
    ● ├─systemd-update-utmp-runlevel.service
    ● ├─vzfifo.service
    ● └─multi-user.target
    ●   ├─brandbot.path
    ●   ├─dbus.service
    ●   ├─httpd.service
    ●   ├─mysqld.service
    ●   ├─network.service
    ●   ├─rhel-configure.service
    ●   ├─rsyslog.service
    ●   ├─saslauthd.service
    ●   ├─sendmail.service
    ●   ├─sm-client.service
    ●   ├─sshd.service
    ●   ├─systemd-ask-password-wall.path
    ●   ├─systemd-logind.service
    ●   ├─systemd-update-utmp-runlevel.service
    ●   ├─systemd-user-sessions.service
    ●   ├─xinetd.service
    ●   ├─basic.target
    ●   │ ├─iptables.service
    ●   │ ├─rhel-dmesg.service
    ●   │ ├─paths.target
    ●   │ ├─slices.target
    ●   │ │ ├─-.slice
    ●   │ │ └─system.slice
    ●   │ ├─sockets.target
    ●   │ │ ├─dbus.socket
    ●   │ │ ├─rpcbind.socket
    ●   │ │ ├─systemd-initctl.socket
    ●   │ │ ├─systemd-journald.socket
    ●   │ │ ├─systemd-shutdownd.socket
    ●   │ │ ├─systemd-udevd-control.socket
    ●   │ │ └─systemd-udevd-kernel.socket
    ●   │ ├─sysinit.target
    ●   │ │ ├─dev-hugepages.mount
    ●   │ │ ├─dev-mqueue.mount
    ●   │ │ ├─kmod-static-nodes.service
    ●   │ │ ├─proc-sys-fs-binfmt_misc.automount
    ●   │ │ ├─rhel-autorelabel-mark.service
    ●   │ │ ├─rhel-autorelabel.service
    ●   │ │ ├─rhel-domainname.service
    ●   │ │ ├─rhel-import-state.service
    ●   │ │ ├─rhel-loadmodules.service
    ●   │ │ ├─sys-fs-fuse-connections.mount
    ●   │ │ ├─sys-kernel-config.mount
    ●   │ │ ├─sys-kernel-debug.mount
    ●   │ │ ├─systemd-ask-password-console.path
    ●   │ │ ├─systemd-binfmt.service
    ●   │ │ ├─systemd-firstboot.service
    ●   │ │ ├─systemd-hwdb-update.service
    ●   │ │ ├─systemd-journal-catalog-update.service
    ●   │ │ ├─systemd-journal-flush.service
    ●   │ │ ├─systemd-journald.service
    ●   │ │ ├─systemd-machine-id-commit.service
    ●   │ │ ├─systemd-modules-load.service

     

    How can we see what switchable "isolate"able targets are available?

    ls -al /usr/lib/systemd/system/|grep ^d
    drwxr-xr-x 22 root root 16384 Nov  3 22:59 .
    drwxr-xr-x 13 root root  4096 Sep 18 07:18 ..
    drwxr-xr-x  2 root root  4096 Sep 18 07:23 basic.target.wants
    drwxr-xr-x  2 root root  4096 Aug 16 18:34 dbus.target.wants
    drwxr-xr-x  2 root root  4096 Aug 16 18:34 default.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 graphical.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 initrd.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:23 local-fs.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:23 multi-user.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 poweroff.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 reboot.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 rescue.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 runlevel1.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 runlevel2.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 runlevel3.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 runlevel4.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 runlevel5.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 shutdown.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 sockets.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 sysinit.target.wants
    drwxr-xr-x  2 root root  4096 Aug 16 18:34 syslog.target.wants
    drwxr-xr-x  2 root root  4096 Sep 18 07:18 timers.target.wants

    How do we switch targets without rebooting?

    systemctl isolate targetname

    systemctl isolate poweroff

    systemctl sockets

    systemctl list-sockets

    LISTEN                      UNIT                         ACTIVATES
    /dev/log                    systemd-journald.socket      systemd-journald.service
    /run/dbus/system_bus_socket dbus.socket                  dbus.service
    /run/systemd/initctl/fifo   systemd-initctl.socket       systemd-initctl.service
    /run/systemd/journal/socket systemd-journald.socket      systemd-journald.service
    /run/systemd/journal/stdout systemd-journald.socket      systemd-journald.service
    /run/systemd/shutdownd      systemd-shutdownd.socket     systemd-shutdownd.service
    /run/udev/control           systemd-udevd-control.socket systemd-udevd.service
    /var/run/rpcbind.sock       rpcbind.socket               rpcbind.service
    kobject-uevent 1            systemd-udevd-kernel.socket  systemd-udevd.service

    9 sockets listed.
    Pass --all to see loaded but inactive sockets, too.

    journalctl (systemd logging)

    journalctl -u sshd

    Aug 07 06:22:45 bcitcourse sshd[595]: Received disconnect from 59.63.188.32: 11:  [preauth]
    Aug 07 06:23:00 bcitcourse sshd[597]: Received disconnect from 221.194.47.221: 11:  [preauth]
    Aug 07 06:23:15 bcitcourse sshd[599]: Received disconnect from 59.63.188.32: 11:  [preauth]
    Aug 07 06:23:16 bcitcourse sshd[601]: Received disconnect from 221.194.44.232: 11:  [preauth]
    Aug 07 06:23:42 bcitcourse sshd[603]: Received disconnect from 59.63.188.32: 11:  [preauth]
    Aug 07 06:24:14 bcitcourse sshd[607]: Received disconnect from 59.63.188.32: 11:  [preauth]
    Aug 07 06:24:46 bcitcourse sshd[609]: Received disconnect from 59.63.188.32: 11:  [preauth]
    Jul 22 10:21:09 bcitcourse sshd[867]: reverse mapping checking getaddrinfo for 88.150-182-91.adsl-dyn.isp.belgacom.be [91.182.150.88] failed - POSSIBLE BREAK-IN ATTEMPT!
    Jul 22 10:21:09 bcitcourse sshd[867]: Invalid user pi from 91.182.150.88
    Jul 22 10:21:09 bcitcourse sshd[867]: input_userauth_request: invalid user pi [preauth]
    Jul 22 10:21:09 bcitcourse sshd[865]: reverse mapping checking getaddrinfo for 88.150-182-91.adsl-dyn.isp.belgacom.be [91.182.150.88] failed - POSSIBLE BREAK-IN ATTEMPT!
    Jul 22 10:21:09 bcitcourse sshd[865]: Invalid user pi from 91.182.150.88
    Jul 22 10:21:09 bcitcourse sshd[865]: input_userauth_request: invalid user pi [preauth]
    Jul 22 10:21:09 bcitcourse sshd[867]: pam_unix(sshd:auth): check pass; user unknown
    Jul 22 10:21:09 bcitcourse sshd[867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.182.150.88
    Jul 22 10:21:09 bcitcourse sshd[865]: pam_unix(sshd:auth): check pass; user unknown
    Jul 22 10:21:09 bcitcourse sshd[865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.182.150.88
    Jul 22 10:21:11 bcitcourse sshd[867]: Failed password for invalid user pi from 91.182.150.88 port 46846 ssh2
    Jul 22 10:21:11 bcitcourse sshd[865]: Failed password for invalid user pi from 91.182.150.88 port 46842 ssh2

    What's the difference?

    journalctl -b 2 and journalctl -b -2

    It is the fact the first "2" is a positive and the second "-2" is a negative.

    Thus, 1 means the first boot found in the
               journal in chronological order, 2 the second and so on; while -0 is
               the last boot, -1 the boot before last, and so on.

     


  • css how to format code in the code tag


    code {
        background: #f4f4f4;
        border: 1px solid #ddd;
        border-left: 3px solid #f36d33;
        color: #666;
        page-break-inside: avoid;
        font-family: monospace;
        font-size: 15px;
        line-height: 1.6;
        margin-bottom: 1.6em;
        max-width: 100%;
        overflow: auto;
        padding: 1em 1.5em;
        display: block;
        word-wrap: break-word;
    }

    The above has worked well for me.  You may also need the block below if your spacing is messed up (some css templates suffer from this).

     


  • css br with extra blank line


    The problem I was having is that a css template I was using was causing
    br's to have an empty line in between which is very undesirable especially when displaying code.

    br {

       display:none;
       margin: 0px;
       height: 0px;
    }

    Using CSS code like above will fix it.   You technically shouldn't need the margin or height either.


  • What is /dev/pts and why do we need it in Linux?


    A quick check in /dev/pts shows a lot of entries but what are they for?:

     ls /dev/pts
    0  10  12  14  16  18  2   21  23  25  27  29  30  32  4  6  8  ptmx
    1  11  13  15  17  19  20  22  24  26  28  3   31  33  5  7  9

    Basically they are pseudo-terminals, whereas a tty is a physical terminal (think of Ctrl + Alt + F1 being tty0 and F8 being tty7).

    An easy way to test this is to keep opening new terminal windows (Ctrl+Shift+t)

    Then type "tty" and you'll see each one has a higher /dev/pts number.

    Pretty much anything such like ssh, bash that uses terminal input or output will create it's own /dev/pts.


  • Linux What is umask (user mask) for file and directory creation permissions and how to calculate umask and change the defaults


    umask are the default permissions that are applied when a file or directory are created.  To see this in action simply just "touch filename" or "mkdir somedir" and you'll see what default permissions are applied.

    The first thing I always tell people you should know is to NEVER change the defaults unless you are making them more restrictive.  But they work well and if you change the defaults you could end up creating a file without permission to read or write it which could break some scripts.  If you made things less restrictive it is a security issue in my opinion.

    It is said umask is the reverse or opposite of standard permissions but before we explain how to calculate them let's see what happens with the default umask settings.

    As we can see the defaults as with most Unix systems are 022:

    [root@evohostingtor2017 umasktest]# umask
    0022

    Knowing this let's check the default creation permissions of a file and directory below:

    [root@evohostingtor2017 umasktest]# mkdir umaskdir
    [root@evohostingtor2017 umasktest]# touch umaskfile

     

    [root@evohostingtor2017 umasktest]# ls -alh
     


    drwxr-xr-x 3 root root 4.0K Oct 31 18:55 .
    drwxrwxrwt 5 root root 4.0K Oct 31 18:55 ..
    drwxr-xr-x 2 root root 4.0K Oct 31 18:54 umaskdir
    -rw-r--r-- 1 root root    0 Oct 31 18:55 umaskfile

    The results are the following:

    Directory permissions = 755

    File permissions = 644

    Why Doesn't Umask 0 or other modes with execute result in an executable file permission?

    Let's go back to the answer above and now explain how umask is calculated and files and directories.

    umask is about restricting permissions, in essence this means there are maximum permissions you can subtract from (not add to).   What umask is doing is subtracting the values from the maximum possible permissions (more on that below).

    umask like normal permissions still uses octal values:

    0=read, write, execute
    1=read, write
    2=read, execute
    3=read
    4=write, execute
    5=write
    6=execute
    7=no permissions

    How do we calculate umask values?

    The values are calculated different for files vs directories.

    Directories: Maximum possible permissions are 777 (read, write, execute)

    Files: Maximum possible permissions are 666 (read, write)

    *Note execute is NOT possible to set during file creation.

    How We Calculate umask

    Let's take our default of 022.

    Directories: ( 777 - 022 ) = 755

    Files: (777 - 022) = 644 (we always drop any 1's/execute bits because files cannot have execute permissions upon creation due to POSIX restrictions).

    More calculations (033):

    Directories: (777-033) = 744

    Files: (777-033) = 644 (oops remember to drop the 1 from the 7)

    (026)

    Directories: (777-026) = 751

    Files: (777-026) = 640

    Basically all we do is take the last 3 numbers and subtract them from the maximum possible permissions (aside from files where we drop a 1 for execute since it is not possible ).

     Useful Quiz Here: http://www.webune.com/forums/umask-calculator.html

    What about the leading 0 (something that I don't like to talk about and recommend almost never be used)

    It can have a maximum value of 7 like the rest of umask.

    SETUID=4 (allows the file to be executed as the owner even when another user or group accesses it)

    SETGID=2 (allows the file to be executed as the group even when another user or group accesses it)

    uid or gid being set represents itself as a small "s" and if you see it with a capital "S" it means it takes no effect (this means the user or group does not have execute permissions).

    Sticky Bit=1  (makes it so only the owner can delete or move it).

    sticky bit is represented by a small "t" if it takes effect where other has execute permissions (otherwise it takes no effect and will show as a capital "T").

     


  • Linux Permissions and Groups Real Usecase for Group Access


    I have a directory structure which the primary user needs full access on but wanted a user to access only a specific directory within the main directory (so they could write in there only and nowhere else).

    Here's what I did:

    [root@compevo8001 dllnow]# ls -alh

    drwxrwxr-x  2 someuser software  4.0K Oct 19  2017 ExpireYMD-2017-11-20
    drwxrwxr-x  2 someuser software  4.0K Nov 19  2017 ExpireYMD-2017-12-20
    drwxrwxr-x  2 someuser software  4.0K Dec 19  2017 ExpireYMD-2018-01-20
    drwxrwxr-x  2 someuser software  4.0K Jan 19  2018 ExpireYMD-2018-02-20
    drwxrwxr-x  2 someuser software  4.0K Feb 19  2018 ExpireYMD-2018-03-20
    drwxrwxr-x  2 someuser software  4.0K Mar 19  2018 ExpireYMD-2018-04-20
    drwxrwxr-x  2 someuser software  4.0K Apr 19  2018 ExpireYMD-2018-05-20
    drwxrwxr-x  2 someuser software  4.0K May 19 04:24 ExpireYMD-2018-06-20
    drwxrwxr-x  2 someuser software  4.0K Jun 19 03:49 ExpireYMD-2018-07-20
    -rwxr-xr-x  1 someuser software  688 Mar 18  2008 symlinkmodify.sh
    -rwxr-xr-x  1 someuser someuser  688 Mar 18  2008 symlinkmodify.sh

    [root@compevo8001 httpdocs]# groupadd software
    [root@compevo8001 httpdocs]# useradd softwareuser -g software

    [root@compevo8001 httpdocs]# chown -R someuser.software membersonly/dllnow/


    So basically "softwareuser" who is part of the "software" group can only write to "dllnow" and cannot write anywhere else based on their group permissions.


  • Centos 7 python34 how to install the gi library


    Getting an error about gi missing when running a .py python script?

    Just install EPEL and install the python3-gobject package:

     yum install python34-gobject


  • Centos 7 - Convert Minimal to Graphical GUI GNOME or KDE Desktop


    Did you just install the minimal version by accident or want to install the GUI?  No need to reinstall just tell yum to do the work for you!

    You could actually have both installed and choose one as your preference on demand (although many people prefer GNOME's simplicity).

    Step 1.)

    Install Gnome and/or KDE.

    To install the GNOME Desktop on Centos 7:

    yum -y groups install "GNOME Desktop"

    To install the KDE Desktop on Centos 7:

    yum -y groups install "KDE Plasma Workspaces"

     

    Step 2.)


    Type the following command (no need to reboot!):

    startx

     

    Now you'll be into your graphical session!

    Step 3.)

    Make it permanent otherwise you will start in run level 3 without any GUI after rebooting:

    systemctl set-default graphical.target
     


  • AMD Set Fan Speed and Other Powerplay Memory/CPU Timings with a Linux script


    You can do other things but this particular script is just to set all AMD cards to 80% fan speed (remember this script needs to applied everytime you reboot). You could set it is a cron or just throw it into /etc/rc.local

    basepath=/sys/class/drm
    for hwmon in `ls -1 /sys/class/drm|grep card[0-99]$`; do
    echo card=$hwmon;
    hwmonname=`ls $basepath/$hwmon/device/hwmon|grep hwmon[0-99]`
    hwmonpath=$basepath/$hwmon/device/hwmon/$hwmonname
    echo "echo 1 > $hwmonpath/pwm1_enable"
    echo "echo 205 > $hwmonpath/pwm1"
    echo 1 > $hwmonpath/pwm1_enable
    echo 205 > $hwmonpath/pwm1
    done

    The way it works is as follows:

    The card power play settings are located in:

    /sys/class/drm/cardNumber/device/hwmon/hwmonNumber

    The card number is also the same order that you'll find in say Claymore and the hwmon number is usually 1 less than your card number.  So as you can see below card4's hwmon path is hwmon3.

    In the script I account for that just in case it may be different though.

    cat /sys/class/drm/card4/device/hwmon/hwmon3/pwm1_enable
    2

    #enable pwm (if the value is not 1 it is not enabled so setting the fan speed would have no effect)
    echo 1 > /sys/class/drm/card4/device/hwmon/hwmon3/pwm1_enable

    The parameters for fan speed are a percentage or number out of max 255.  So 80% would be the number 205 (it also seems to round to the nearest 5% I believe)

     cat /sys/class/drm/card4/device/hwmon/hwmon3/pwm1_max
    255
    cat /sys/class/drm/card4/device/hwmon/hwmon3/pwm1_min
    0


    # 210/255 is about 82% fan speed (this still resulted in 80% actual fan speed)
    echo "210" > /sys/class/drm/card4/device/hwmon/hwmon3/pwm1

     

    The results of higher fan speeds

    In one of my test rigs see that on some cards the temperature reduced by about 14C degrees!

    Before:

    ETH: GPU0 t=72C fan=64%, GPU1 t=72C fan=63%, GPU2 t=69C fan=23%, GPU3 t=84C fan=0%, GPU4 t=69C fan=27%
     

    After:

    ETH: GPU0 30.457 Mh/s, GPU1 30.455 Mh/s, GPU2 29.473 Mh/s, GPU3 29.498 Mh/s, GPU4 29.484 Mh/s
    GPU0 t=65C fan=80%, GPU1 t=71C fan=80%, GPU2 t=55C fan=80%, GPU3 t=57C fan=80%, GPU4 t=55C fan=80%


  • Ethereum Mining Claymore Nanopool Error


    This happens if you don' have an updated version normally (eg. things were working fine and you suddenly get this error):

    Pool sent wrong data, cannot set epoch, disconnect
    ETH: Connection lost, retry in 20 sec...
    ETH: Connection lost, retry in 20 sec...

    Solution - Download an updated Claymore!

     


  • genisoimage errors with long filenames and deep directory structures


    You'll have to violate the iso9660 standards but it is necessary if you want to preserve your filesystem and filenames and shouldn't be an issue as long as you are using a modern OS like Linux.

    genisoimage -o Backup-Myfiles.iso -r -J -joliet-long  /some/path/

    You will get errors like below (even enabling joliet-long didn't help)

    genisoimage: Error: /some/filename.pdf have the same Joliet name
    Joliet tree sort failed. The -joliet-long switch may help you.

    #the best way

    genisoimage -o /tmp/Backup-Myfiles2.iso -U -iso-level 4 -R  /source/dir

    This was the only way I could get unmodified long file names and VERY deep directories onto the iso image as original otherwise they get renamed and truncated which breaks a lot of things and makes it confusing.  But be warned this breaks the iso9660 standard so many OS's especially Windows may not be able to read it.

    ==========

    #this fixes it

    -R is for Rock Ridge and allows for more than 8 deep folders
    -U allows for untranslated filenames


    genisoimage -o /tmp/Backup-Myfiles.iso -R -U  .

    #with an exclude

    genisoimage -o /tmp/Backup-Myfiles.iso -R -U -m WebSites/blabla .
    Warning: creating filesystem that does not conform to ISO-9660.
    I: -input-charset not specified, using utf-8 (detected in locale settings)


    #the -m causes a shrink error unless you put it earlier


    genisoimage: File 'blank.html' did shrink.
    Files must not be changed while genisoimage runs!

    genisoimage -m WebSites/blabla -o /tmp/Backup-Myfiles.iso -R -U  .


  • Linux Kernel USB Export Errors


        4.374647] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
    [    4.403334] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
    [    4.427736] xhci_hcd 0000:00:15.0: xHCI Host Controller
    [    4.427844] xhci_hcd 0000:00:15.0: new USB bus registered, assigned bus number 1
    [    4.429040] xhci_hcd 0000:00:15.0: hcc params 0x200077c1 hci version 0x100 quirks 0x01109810
    [    4.429141] xhci_hcd 0000:00:15.0: cache line size of 64 is not supported
    [    4.429290] usb usb1: New USB device found, idVendor=1d6b, idProduct=0002
    [    4.429371] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
    [    4.429464] usb usb1: Product: xHCI Host Controller
    [    4.429541] usb usb1: Manufacturer: Linux 4.4.98 xhci-hcd
    [    4.429619] usb usb1: SerialNumber: 0000:00:15.0
    [    4.429906] hub 1-0:1.0: USB hub found
    [    4.429999] hub 1-0:1.0: 8 ports detected
    [    4.430779] xhci_hcd 0000:00:15.0: xHCI Host Controller
    [    4.430865] xhci_hcd 0000:00:15.0: new USB bus registered, assigned bus number 2
    [    4.431011] usb usb2: New USB device found, idVendor=1d6b, idProduct=0003
    [    4.431092] usb usb2: New USB device strings: Mfr=3, Product=2, SerialNumber=1
    [    4.431186] usb usb2: Product: xHCI Host Controller
    [    4.431262] usb usb2: Manufacturer: Linux 4.4.98 xhci-hcd
    [    4.431339] usb usb2: SerialNumber: 0000:00:15.0
    [    4.431588] hub 2-0:1.0: USB hub found
    [    4.431682] hub 2-0:1.0: 7 ports detected
    [    4.439651] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
    [    4.467341] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
    [    4.498125] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
    [    4.519335] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
    [    4.542999] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
    [    4.543095] Warning! ehci_hcd should always be loaded before uhci_hcd and ohci_hcd, not after
    [    4.543348] ehci-pci: EHCI PCI platform driver
    [    4.550673] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
    [    4.579335] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
    [    4.610100] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
    [    4.631351] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
    [    4.658940] uhci_hcd: USB Universal Host Controller Interface driver
    [    4.666245] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
    [    4.699334] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
    [    4.742420] usb 1-3: new low-speed USB device number 2 using xhci_hcd
    [    4.930061] usb 1-3: New USB device found, idVendor=13ba, idProduct=0018
    [    4.930143] usb 1-3: New USB device strings: Mfr=0, Product=1, SerialNumber=0
    [    4.930223] usb 1-3: Product: Barcode Reader
    [    5.042408] usb 1-8: new full-speed USB device number 3 using xhci_hcd
    [    5.171384] usb 1-8: New USB device found, idVendor=8087, idProduct=0aa7
    [    5.171469] usb 1-8: New USB device strings: Mfr=0, Product=0, SerialNumber=0
    [    5.174480] clocksource: Switched to clocksource tsc
    [    5.209804] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
    [    5.235470] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
    [    5.259595] usbcore: registered new interface driver usb-storage
    [    5.267989] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
    [    5.295427] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
    
    

  • How to download gajim 0.16.9 XMPP/Jabber client so you can use OMEMO encryption


    #Linux Mint 18.2 how to install gajim .16.9 so you can use OMEMO encryption:
    sudo apt-get install python-axolotl python-nbxmpp
    wget https://gajim.org/downloads/0.16/gajim-0.16.9.tar.gz
    tar -zxvf gajim-0.16.9.tar.gz
    cd gajim-0.16.9
    ./autogen.sh ;make;sudo make install

    #if you get this error you need to get a newer python-nbxmpp from here:
    gajim
    Gajim needs python-nbxmpp >= 0.6.1 to run. Quiting...

    wget -q https://gajim.org/gajim.key -O - | apt-key add -
    #Add the repository:
    sh -c "echo deb ftp://ftp.gajim.org/debian unstable main > /etc/apt/sources.list.d/gajim.list"
    apt-get update
    sudo apt-get install python-nbxmpp


  • HP DL385 G7 Linux BIOS Update Flash


    wget https://downloads.linux.hpe.com/repo/spp/rhel/6/x86_64/current/CP017004.scexe
    --2018-08-16 05:11:16--  https://downloads.linux.hpe.com/repo/spp/rhel/6/x86_64/current/CP017004.scexe
    Resolving downloads.linux.hpe.com (downloads.linux.hpe.com)... 15.249.152.85
    Connecting to downloads.linux.hpe.com (downloads.linux.hpe.com)|15.249.152.85|:443... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 1525561 (1.5M) [text/plain]
    Saving to: ‘CP017004.scexe’

    100%[=====================================================================================>] 1,525,561   5.07MB/s   in 0.3s  

    2018-08-16 05:11:16 (5.07 MB/s) - ‘CP017004.scexe’ saved [1525561/1525561]

    [root@bx ~]# chmod +x CP017004.scexe
    [root@bx ~]# ./CP017004.scexe --unpack=/tmp/newbios



    mint@mint ~/2018-Linux-Update-BIOS $ ./cpqsetup
    You must be root to execute this utility!
    mint@mint ~/2018-Linux-Update-BIOS $ sudo ./cpqsetup
    Flash Engine Version: Linux-4.4.1-1

    Name: Online ROM Flash Component for Linux - HP ProLiant DL385 G7 (A18) Servers
    New Version: 03/19/2012

    Current Version: 12/20/2010

    The software is installed but is not up to date.

    Do you want to upgrade the software to a newer version (y/n) ?y

    Flash in progress do not interrupt or your system may become unusable.
    Working.........................................................
    The installation procedure completed successfully.

    A reboot is required to finish the installation completely.
    Do you want to reboot your system now?
     


    Once you have cpqsetup you can use the binary for other BIOS updates.  For example if you can only find the Windows .exe BIOS update you can extract the BIOS file and replace the original file above.


    You can use the Windows BIOS file by unzipping the .exe and then copying the actual firmware to the name of the old file from an older Linux flash download (it uses the new file that you give the old name):


     mv CPQA1802.873 CPQA1802.873-
    mint@mint ~/2018-Linux-Update-BIOS $ wget https://downloads.hpe.com/pub/softlib2/software1/sc-windows-fw-sys/p1709043947/v150899/cp036023.exe
    --2018-08-17 00:14:42--  https://downloads.hpe.com/pub/softlib2/software1/sc-windows-fw-sys/p1709043947/v150899/cp036023.exe
    Resolving downloads.hpe.com (downloads.hpe.com)... 15.241.20.93
    Connecting to downloads.hpe.com (downloads.hpe.com)|15.241.20.93|:443... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 1809864 (1.7M) [application/octet-stream]
    Saving to: ‘cp036023.exe’

    cp036023.exe        100%[===================>]   1.73M  1.16MB/s    in 1.5s   

    2018-08-17 00:14:44 (1.16 MB/s) - ‘cp036023.exe’ saved [1809864/1809864]

    mint@mint ~/2018-Linux-Update-BIOS $ unzip cp036023.exe
    Archive:  cp036023.exe
      inflating: CPQA1803.46E           
      inflating: SysRomInstaller.dll    
      inflating: cp036023.xml           
      inflating: cpqasmi.sys            
      inflating: cpqasmi64.sys          
      inflating: cpqftbl.sys            
      inflating: cpqftbl64.sys          
      inflating: cpqpsmi.sys            
      inflating: cpqpsmi64.sys          
      inflating: cpqsetup.exe           
    replace cpqsfa18.cfg? [y]es, [n]o, [A]ll, [N]one, [r]ename: a
    error:  invalid response [a]
    replace cpqsfa18.cfg? [y]es, [n]o, [A]ll, [N]one, [r]ename: A
      inflating: cpqsfa18.cfg           
      inflating: cpqsysio.sys           
      inflating: cpqsysio64.sys         
      inflating: readme.txt             

    mint@mint ~/2018-Linux-Update-BIOS $ cp CPQA1803.46E CPQA1802.873
    mint@mint ~/2018-Linux-Update-BIOS $ sudo ./cpqsetup
    Flash Engine Version: Linux-4.4.1-1

    Name: Online ROM Flash Component for Windows - HP ProLiant DL385 G7 (A18) Servers
    New Version: 03/14/2018

    Current Version: 03/19/2012

    The software is installed but is not up to date.

    Do you want to upgrade the software to a newer version (y/n) ?y

    Flash in progress do not interrupt or your system may become unusable.
    Working.........................................................
    The installation procedure completed successfully.

    A reboot is required to finish the installation completely.
    Do you want to reboot your system now? y
    Connection to 192.168.1.71 closed by remote host.
    Connection to 192.168.1.71 closed.

     


  • hwloc-nox set CPU affinity in Linux


    sudo apt-get install  hwloc-nox
    Reading package lists... Done
    Building dependency tree      
    Reading state information... Done
    The following NEW packages will be installed:
      hwloc-nox
    0 upgraded, 1 newly installed, 0 to remove and 530 not upgraded.
    Need to get 151 kB of archives.
    After this operation, 453 kB of additional disk space will be used.
    Get:1 http://archive.ubuntu.com/ubuntu xenial/universe amd64 hwloc-nox amd64 1.11.2-3 [151 kB]
    Fetched 151 kB in 0s (184 kB/s)   
    Selecting previously unselected package hwloc-nox.
    (Reading database ... 224148 files and directories currently installed.)
    Preparing to unpack .../hwloc-nox_1.11.2-3_amd64.deb ...
    Unpacking hwloc-nox (1.11.2-3) ...
    Processing triggers for man-db (2.7.5-1) ...
    Setting up hwloc-nox (1.11.2-3) ...
    mint@mint ~ $ apt-cache search lstopo^C
    mint@mint ~ $ lstopo
    lstopo              lstopo-no-graphics 
    mint@mint ~ $ lstopo-no-graphics
    Machine (16GB total)
      NUMANode L#0 (P#0 7962MB)
        Package L#0
          L3 L#0 (6144KB)
            L2 L#0 (2048KB) + L1i L#0 (64KB) + Core L#0
              L1d L#0 (16KB) + PU L#0 (P#0)
              L1d L#1 (16KB) + PU L#1 (P#2)
            L2 L#1 (2048KB) + L1i L#1 (64KB) + Core L#1
              L1d L#2 (16KB) + PU L#2 (P#4)
              L1d L#3 (16KB) + PU L#3 (P#6)
            L2 L#2 (2048KB) + L1i L#2 (64KB) + Core L#2
              L1d L#4 (16KB) + PU L#4 (P#8)
              L1d L#5 (16KB) + PU L#5 (P#10)
            L2 L#3 (2048KB) + L1i L#3 (64KB) + Core L#3
              L1d L#6 (16KB) + PU L#6 (P#12)
              L1d L#7 (16KB) + PU L#7 (P#14)
          L3 L#1 (6144KB)
            L2 L#4 (2048KB) + L1i L#4 (64KB) + Core L#4
              L1d L#8 (16KB) + PU L#8 (P#16)
              L1d L#9 (16KB) + PU L#9 (P#18)
            L2 L#5 (2048KB) + L1i L#5 (64KB) + Core L#5
              L1d L#10 (16KB) + PU L#10 (P#20)
              L1d L#11 (16KB) + PU L#11 (P#22)
            L2 L#6 (2048KB) + L1i L#6 (64KB) + Core L#6
              L1d L#12 (16KB) + PU L#12 (P#24)
              L1d L#13 (16KB) + PU L#13 (P#26)
            L2 L#7 (2048KB) + L1i L#7 (64KB) + Core L#7
              L1d L#14 (16KB) + PU L#14 (P#28)
              L1d L#15 (16KB) + PU L#15 (P#30)
        HostBridge L#0
          PCIBridge
            PCI 14e4:1639
              Net L#0 "enp4s0f0"
            PCI 14e4:1639
              Net L#1 "enp4s0f1"
          PCIBridge
            PCI 14e4:1639
              Net L#2 "enp5s0f0"
            PCI 14e4:1639
              Net L#3 "enp5s0f1"
          PCIBridge
            PCI 103c:323a
          PCI 1002:4390
          PCI 1002:439c
            Block(Removable Media Device) L#4 "sr0"
          PCIBridge
            PCI 1002:515e
              GPU L#5 "renderD128"
              GPU L#6 "card0"
              GPU L#7 "controlD64"
      NUMANode L#1 (P#2 8032MB) + Package L#1
        L3 L#2 (6144KB)
          L2 L#8 (2048KB) + L1i L#8 (64KB) + Core L#8
            L1d L#16 (16KB) + PU L#16 (P#1)
            L1d L#17 (16KB) + PU L#17 (P#3)
          L2 L#9 (2048KB) + L1i L#9 (64KB) + Core L#9
            L1d L#18 (16KB) + PU L#18 (P#5)
            L1d L#19 (16KB) + PU L#19 (P#7)
          L2 L#10 (2048KB) + L1i L#10 (64KB) + Core L#10
            L1d L#20 (16KB) + PU L#20 (P#9)
            L1d L#21 (16KB) + PU L#21 (P#11)
          L2 L#11 (2048KB) + L1i L#11 (64KB) + Core L#11
            L1d L#22 (16KB) + PU L#22 (P#13)
            L1d L#23 (16KB) + PU L#23 (P#15)
        L3 L#3 (6144KB)
          L2 L#12 (2048KB) + L1i L#12 (64KB) + Core L#12
            L1d L#24 (16KB) + PU L#24 (P#17)
            L1d L#25 (16KB) + PU L#25 (P#19)
          L2 L#13 (2048KB) + L1i L#13 (64KB) + Core L#13
            L1d L#26 (16KB) + PU L#26 (P#21)
            L1d L#27 (16KB) + PU L#27 (P#23)
          L2 L#14 (2048KB) + L1i L#14 (64KB) + Core L#14
            L1d L#28 (16KB) + PU L#28 (P#25)
            L1d L#29 (16KB) + PU L#29 (P#27)
          L2 L#15 (2048KB) + L1i L#15 (64KB) + Core L#15
            L1d L#30 (16KB) + PU L#30 (P#29)
            L1d L#31 (16KB) + PU L#31 (P#31)

    Set your affinity

     

    taskset -p ps aux^C
    mint mint # ps aux|grep kvm
    root      1306  0.0  0.0      0     0 ?        S<   Aug17   0:00 [kvm-irqfd-clean]
    root      3724  0.0  0.0  91656  5056 pts/3    S+   16:44   0:00 sudo qemu-system-x86_64 -m 11264 -smp 1 -net tap -net nic -enable-kvm -cpu host -drive file=/dev/sda
    root      3725  8.7 45.2 12405860 7413032 pts/3 Sl+ 16:44  11:34 qemu-system-x86_64 -m 11264 -smp 1 -net tap -net nic -enable-kvm -cpu host -drive file=/dev/sda
    root      3759  0.0  0.0      0     0 ?        S    16:44   0:00 [kvm-pit/3725]
    root      5234  0.0  0.0  14224   980 pts/6    S+   18:56   0:00 grep --color=auto kvm
    mint mint # taskset -pc 31 3725
    pid 3725's current affinity list: 0-31
    pid 3725's new affinity list: 31
    mint mint # taskset -pc 30,31 3725
    pid 3725's current affinity list: 31
    pid 3725's new affinity list: 30,31

     

    In the above command I set the affinity to core 31 and then changed it to cores 30 and 31.


  • Firefox An error occurred during a connection to some-ip-or-domain. SSL peer reports incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_ALERT Solution


    An error occurred during a connection to some-ip-or-domain. SSL peer reports incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_ALERT

        The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
        Please contact the website owners to inform them of this problem.


    **Solution**

    Go to about:config

    security.tls.insecure_fallback_hosts

    Set your hostname or IP that isn't work as the value.


  • Proxmox understanding the directory structure and why an NFS datastore appears to be missing files/isos


    Proxmox at the root of your storage creates and "images" and "templates/iso" folder for VM images and iso's respectively.  It ignores files in any other location.


  • pandoc convert markdown to html


    Where markdown=markdown language file and $output is your outputfile.html

    pandoc -f markdown $markdown -t html5 --toc --toc-depth=1 > $output
     


  • Proxmox error uploading an iso solution


    Error 0 occurred while receiving the document

    root@vh1:/var/tmp# wget http://mirror.compevo.com/proxmox/proxmox-ve_5.2-1.iso
    --2018-08-30 16:27:37--  http://mirror.compevo.com/proxmox/proxmox-ve_5.2-1.iso
    Resolving mirror.compevo.com (mirror.compevo.com)... 103.25.61.44
    Connecting to mirror.compevo.com (mirror.compevo.com)|103.25.61.44|:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 641517568 (612M) [application/octet-stream]
    Saving to: ‘proxmox-ve_5.2-1.iso’

    proxmox-ve_5.2-1.iso          80%[==================================>         ] 493.39M  2.38MB/s    in 45s    

    2018-08-30 16:28:22 (10.9 MB/s) - Connection closed at byte 517359784. Retrying.

    --2018-08-30 16:28:23--  (try: 2)  http://mirror.compevo.com/proxmox/proxmox-ve_5.2-1.iso
    Connecting to mirror.compevo.com (mirror.compevo.com)|103.25.61.44|:80... connected.
    HTTP request sent, awaiting response... 206 Partial Content
    Length: 641517568 (612M), 124157784 (118M) remaining [application/octet-stream]
    Saving to: ‘proxmox-ve_5.2-1.iso’



    var/tmp is out of space the same as tmpfs

     

    #this normally happens when Proxmox first uploads it to a place in /tmp on your / filesystem and if you have used a small HDD for testing it's easy for a simple ISO upload to fail for this reason. You'll have to wget directly to the main filesystem or datastore with more space.


  • Cannot install moodle


    After starting the install it stalls here:
    admin/index.php?cache=0&agreelicense=1&confirmrelease=1&lang=en

    If you manually refresh you get a Plugins check screen:

    Installation
    System

    Moodle second step fails just blank screen:

    https://domain.la/user/editadvanced.php?id=2

    Solution: give up and choose something else it shouldn't be this hard to just install this moodle software!


  • MySQL change for Antelope format to Barracuda error solution


    Your database uses Antelope as the file format. Full UTF-8 support in MySQL and MariaDB requires the Barracuda file format. Please switch to the Barracuda file format. See the documentation MySQL full unicode support for details.


    In /etc/my.cnf under [mysqld]

     



    180827 21:43:14 InnoDB: 5.5.59 started; log sequence number 1589339
    180827 21:43:14 [ERROR] /usr/libexec/mysqld: unknown variable 'db_file_format=Barracuda'



    #instead set this:
    innodb_file_format=Barracuda



      You will also need to run mysql_upgrade after changing the format and restarting mysql:

     mysql_upgrade -u root -p


  • vmkping -I vmk1 10.0.2.69 PING 10.0.2.69 (10.0.2.69): 56 data bytes sendto() failed (Host is down)


    [root@localhost:~] vmkping -I vmk1 10.0.2.69
    PING 10.0.2.69 (10.0.2.69): 56 data bytes
    sendto() failed (Host is down)


    vsphere distributed switch vmotion not working

    [root@localhost:~]  esxcfg-route -l
    VMkernel Routes:
    Network          Netmask          Gateway          Interface     
    10.0.2.0         255.255.255.0    Local Subnet     vmk1          
    192.168.1.0      255.255.255.0    Local Subnet     vmk0          
    default          0.0.0.0          192.168.1.1      vmk0 

     

    Have you set internal IPs in VMWare and cannot ping between them on servers?  It is probably because you are using an older than 6.5 version of VMWare's switch without MAC learning.  To fix it you'll need to enable Promiscuous mode on the port group or change the software version ot 6.5 which has MAC learning and will make things work fine again.


  • gvfs mount in /run/user cannot be accessed or displayed wrong permissions


    The folder contents could not be displayed
    Backend currently unmounting

    drwx------ 10 userhere group  260 Aug 23 19:40 ..
    ??????????  ? ?   ?      ?            ? sftp:host=192.168.8.80,user=adhoc
    ls: cannot access 'sftp:host=192.168.8.80,user=adoc': Input/output error


    $ ps aux|grep fuse
    one       2534  0.0  0.0 1071572 6472 ?        Sl   Jul13   1:19 /usr/lib/gvfs/gvfsd-fuse /run/user/1001/gvfs -f -o big_writes
    one      24028  0.0  0.0  14228   976 pts/22   S+   12:51   0:00 grep --color=auto fuse
    youruser@superuser-desktop ~ $ sudo killall -9 gvfsd-fuse


    youruser@superuser-desktop /run/user/1001 $ ls -alh
    ls: cannot access 'gvfs': Transport endpoint is not connected
    total 0
    drwx------ 10 myuser myuser  260 Aug 23 19:40 .
    drwxr-xr-x  3 root root  60 Jul 30 08:10 ..
    drwx------  2 myuser myuser   60 Aug 27 12:51 dconf
    d?????????  ? ?    ?      ?            ? gvfs


    sudo fuser -a -k /usr/lib/gvfs
    [sudo] password for youruser:
    Sorry, try again.
    [sudo] password for youruser:
    Sorry, try again.
    [sudo] password for youruser:
    Cannot stat file /proc/4748/fd/3: Permission denied
    Cannot stat file /proc/4748/fd/8: Permission denied
    Cannot stat file /proc/4748/fd/33: Permission denied
    Cannot stat file /proc/4748/fd/34: Permission denied




    ps aux|grep gvfs|awk '{print $11}'|sed s#/usr/lib/gvfs/##g
    gvfsd-sftp
    gvfsd-trash
    gvfs-udisks2-volume-monitor
    gvfs-mtp-volume-monitor
    gvfs-gphoto2-volume-monitor
    gvfs-afc-volume-monitor
    gvfs-goa-volume-monitor
    gvfsd-metadata
    gvfsd-network
    gvfsd-smb-browse
    gvfsd-smb
    gvfsd-dnssd
    gvfsd-http
    gvfsd-sftp
    gvfsd-sftp
    gvfsd-computer
    gvfsd-burn
    grep
    sed
    youruser@superuser-desktop /run/user/1001 $ for binary in `ps aux|grep gvfs|awk '{print $11}'|sed s#/usr/lib/gvfs/##g`; do
    > sudo killall -9 $binary
    > done


    #sftp from the ui works OK for other apps but the gvfs folder is messed up still

    ls: cannot access 'gvfs': Transport endpoint is not connected


  • VMWare vSphere 6.7 Errors Solution 503 Service Unavailable (Failed to connect to endpoint:


    503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http20NamedPipeServiceSpecE:0x00005556ba09c070] _serverNamespace = / action = Allow _pipeName =/var/run/vmware/vpxd-webserver-pipe)

    503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http16LocalServiceSpecE:0x00007fd26000b240] _serverNamespace = /ui action = Allow _port = 5090)

    Errors like the above are usually because there is an issue with your vSphere or more commonly it is just taking a very long time to start so check back in a number of minutes.


  • How To Enable Nested KVM so guests can virtualize with hardware extensions


    #check if nested KVM is enabled by doing a cat on nested inside sys

    root@s14:~# cat /sys/module/kvm_intel/parameters/nested 


    root@s14:~# echo "options kvm-intel nested=Y" > /etc/modprobe.d/kvm-intel.conf
    root@s14:~# echo "options kvm-amd nested=1" > /etc/modprobe.d/kvm-amd.conf
    root@s14:~# modprobe -r kvm_intel
    modprobe: FATAL: Module kvm_intel is in use.
    root@s14:~# modprobe kvm_intel

     

    To apply it properly you may need to reboot after the above


  • vi error solution E166: Can't open linked file for writing


    This is not so much of a vi error as it is a physical filesystem error in the sense that the file you are trying to write to is a symlink and the destination doesn't exist or for some other reason is inacessible.

    So vi is tellng you "you're writing to a symlinked file and the file the symlink points to cannot be written to".  This is especially highlighted byt he fact that if you are using wq! to write and you still get the error.


  • Supermicro IPMI / KVM / BMC Remote Console Screen Resizing Issue - Window Cut Off Solution


    It could just be my specific Java but other KVM/IP works ok on my machine but with Supermicro's IPMI for some reason the console window doesn't resize and even putting it in full screen leaves the window cut off as shown below:

    As you can see above the screen is cut off you can't see the "I agree" on the right side.

    The window resize option is on and it is clearly not working properly.  Even choosing full screen doesn't change anything.

    Solution - Here's how you can fix it with the Macro option:

    1. Macro Menu/Settings and click the option for "Hold Left Alt Key"
    2. Then click and hold and the mouse pointer becomes a hand.
    3. You can then drag to the right to expose what is cut off or whereever else you need to see.
    4. After you've moved the screen to where you need and want to click something make sure you disable the "Hold Left Alt Key" in macro or you won't be able to click or interact with anything.

    See the example below after using the process above:

    Supermicro IPMI Screen Cut Off


  • Linux bash shell doesn't show username, hostname or current path fix solution


    Usually this is because when you created your user you added a user but didn't create their home directory and/or for some reason your .bashrc and .bash_profile in ~ (home) is broken/missing.

    In your home just create the following files with the following content to solve it:

    .bashrc and .bash_profile.

    To apply it just relogin/start a new bash session

    # .bash_profile

    # Get the aliases and functions
    if [ -f ~/.bashrc ]; then
        . ~/.bashrc
    fi

    # User specific environment and startup programs

    PATH=$PATH:$HOME/bin

    export PATH

     


    # .bashrc

    # User specific aliases and functions

    alias rm='rm -i'
    alias cp='cp -i'
    alias mv='mv -i'

    # Source global definitions
    if [ -f /etc/bashrc ]; then
            . /etc/bashrc
    fi


  • zenity popup messages, windows, dialogs, error messages calendars and more howto on Gnome Linux including Ubuntu, Linux Mint, Centos and more


    zenity is a nice utility as part of the gnome window manager that allows you to script from bash and retrieve the input from the user.  It could also be helpful in just notifying a user when they login with a popup window.

    I'll give an overview of what's available with zenity:

     

    Application Options:
      --calendar                                        Display calendar dialog
      --entry                                           Display text entry dialog
      --error                                           Display error dialog
      --info                                            Display info dialog
      --file-selection                                  Display file selection dialog
      --list                                            Display list dialog
      --notification                                    Display notification
      --progress                                        Display progress indication dialog
      --question                                        Display question dialog
      --warning                                         Display warning dialog
      --scale                                           Display scale dialog
      --text-info                                       Display text information dialog
      --color-selection                                 Display color selection dialog
      --password                                        Display password dialog
      --forms                                           Display forms dialog
      --display=DISPLAY                                 X display to use
    
    

    A few quick examples:

    Note you can even use zenity remotely from an SSH session and make a zenity window popup.

    zenity --info  --text="hello" --title="hithere" --display=:0
    Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.

     


    As you can see below I've chosen the "info" dialog type and the text inside it will be "hello" and the title of the window is "hithere" and it is going to show on X Window Display ":0" (the default).  The --display portion is only necessary if you have multiple displays or if you are running from a remote SSH session.


  • Debian/Ubuntu/Mint Linux How To Set VLAN in /etc/network/interfaces


    You can find many ways to specify the VLAN in your network configuration but I find this is the simplest and quickest.

    In this case we are talking about a bridged adapter "vmbr0" but it works even if you just had a normal non-bridged interface.

    The key here is that in vmbr0 you'll notice there is no IP address.  We just specify "manual".

    Below it is a similar stanza for "vmbr0.58" in this case 58 represents the VLAN (change the 58 to the number of your desired VLAN).  Then below it we set the IP address or we could have used DHCP as well.


    auto lo
    iface lo inet loopback
    iface enp2s0 inet manual

    auto vmbr0
    iface vmbr0 inet manual
        bridge_ports enp2s0
        bridge_stp off
        bridge_fd 0

    auto vmbr0.58
    iface vmbr0.58 inet static
        address 172.16.58.14
        netmask 255.255.255.0
        gateway 172.16.58.254


  • moodle install error Error reading from database


    Error reading from database

    More information about this error

    It is usually not possible to recover from errors triggered during installation, you may need to create a new database or use a different database prefix if you want to retry the installation.


    Solution:

    This happened when I was running MySQL 5.1.  Assuming your database details are right and the DB is up then make sure you are using the correct and required MySQL 5.5

    After upgrading to MySQL 5.5 things were good.


  • PHP Displaying Blank Page on Apache


    Almost always the reason will be that the php.so file is missing but also that php.conf is misconfigured.

    In the problem machine it is actually PHP 7 installed so if you reference PHP 5 of course things wil be broken!

    Take for example here:

    cat /etc/httpd/conf.d/php.conf
    #
    # PHP is an HTML-embedded scripting language which attempts to make it
    # easy for developers to write dynamically generated webpages.
    #

    LoadModule php7_module modules/libphp7.so

    #
    # Cause the PHP interpreter to handle files with a .php extension.
    #
    AddHandler php7-script .php
    AddType text/html .php

    #
    # Add index.php to the list of files that will be served as directory
    # indexes.
    #
    DirectoryIndex index.php

    #
    # Uncomment the following line to allow PHP to pretty-print .phps
    # files as PHP source code:
    #
    #AddType application/x-httpd-php-source .phps

     

    moodle displays code instead of outputting HTML

    cat /etc/httpd/conf.d/php.conf|grep -i addhandler
    AddHandler php5-script .php
     

    Fix it and then restart Apache


    sed -i s/"php5-script"/"php7-script"/g /etc/httpd/conf.d/php.conf
    service httpd restart


     


     


  • PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/geoip.so' - /usr/lib64/php/modules/geoip.so: undefined symbol: GeoIP_country_code_by_name_v6 in Unknown on line 0


    PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/geoip.so' - /usr/lib64/php/modules/geoip.so: undefined symbol: GeoIP_country_code_by_name_v6 in Unknown on line 0

    Solution:

    Edit geoip.ini

    vi /etc/php.d/geoip.ini


    Comment out the .so like so:

    ;extension=geoip.so

    service httpd restart


  • Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/httpd/modules/libphp5.so: cannot open shared object file:


    Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/httpd/modules/libphp5.so: cannot open shared object file: No such file or directory

    This is basically caused by the PHP module specified in php.conf being non existent.  The error tells us it couldn't fnd /etc/httpd/modules/libphp5.so

    OK let's see what PHP module we do have:

    ls /etc/httpd/modules/libphp*
    /etc/httpd/modules/libphp7-zts.so  /etc/httpd/modules/
    libphp7.so

    If you have one there that works for you then just update php.conf to match.

    sed -i s/"libphp5.so"/"libphp7.so"/g /etc/httpd/conf.d/php.conf
    sed -i s/"php5_module"/"php7_module"/g /etc/httpd/conf.d/php.conf

     


  • prosody xmpp server "Failed in all attempts to connect to proxy.eu.jabber.org"


    Aug 13 13:46:33 s2sout2d45040    info    Failed in all attempts to connect to proxy.eu.jabber.org
    Aug 13 13:46:33 s2sout2d45040    info    Sending error replies for 1 queued stanzas because of failed outgoing connection to proxy.eu.jabber.org

    No clue why it tries to use a proxy not explicitly specified.  This could be because the proxy specified for the domain fails when someone is trying to send a file.  I wish this could be disabled for security reasons in prosody.


  • VMWare ESXi 6.7 SSH/PowerShell CLI Commands


    [root@localhost:~]
    BootModuleConfig.sh          echo                         host-ind                     nfcd                         seq                          vim-cmd
    InstallHelper.sh             egrep                        host_reboot.sh               nohup                        services.sh                  vm-support
    Xorg                         eject                        host_shutdown.sh             nologin                      setsid                       vmcp
    [                            enum_instances               hostd                        nslookup                     sfcbd                        vmdumper
    [[                           env                          hostd-probe                  ntfscat                      sh                           vmfs-support
    amldump                      esxcfg-advcfg                hostd-probe.sh               ntp-keygen                   sha1sum                      vmfsfilelockinfo
    apply-host-profiles          esxcfg-dumppart              hostdCgiServer               ntpd                         sha256sum                    vmkbacktrace
    applyHostProfile             esxcfg-fcoe                  hostname                     ntpq                         sha512sum                    vmkchdev
    applyHostProfileWrapper      esxcfg-hwiscsi               hwclock                      nvidiaStats                  sharedStorageHostProfile.sh  vmkdevmgr
    ash                          esxcfg-info                  indcfg                       od                           shutdown.sh                  vmkdump_extract
    authd                        esxcfg-init                  inetd                        openssl                      sleep                        vmkerrcode
    auto-backup.sh               esxcfg-ipsec                 init                         openwsmand                   slpd                         vmkfstools
    awk                          esxcfg-module                init-launcher                pam_tally2                   smartd                       vmkiscsi-tool
    backup.sh                    esxcfg-mpath                 initterm.sh                  partedUtil                   smbiosDump                   vmkiscsid
    basename                     esxcfg-nas                   install                      passwd                       snmpd                        vmkload_mod
    bootOption                   esxcfg-nics                  irqinfo                      pcscd                        sntp                         vmkmkdev
    bunzip2                      esxcfg-rescan                isoinfo                      pgrep                        sort                         vmkperf
    bzip2                        esxcfg-resgrp                jumpstart                    pidof                        ssh                          vmkping
    cat                          esxcfg-route                 kdestroy                     pigz                         stat                         vmkramdisk
    chardevlogger                esxcfg-scsidevs              kill                         ping                         storageRM                    vmkvsitools
    check_serial                 esxcfg-swiscsi               kinit                        ping6                        strace                       vmtar
    chgrp                        esxcfg-vmknic                klist                        pkill                        stty                         vmtoolsd
    chkconfig                    esxcfg-volume                less                         pktcap-uw                    sum                          vmware
    chmod                        esxcfg-vswitch               lldpnetmap                   powerOffVms                  summarize-dvfilter           vmware-autostart.sh
    chown                        esxcli                       ln                           poweroff                     sync                         vmware-toolbox-cmd
    chvt                         esxcli.cgi                   localcli                     printf                       tail                         vmware-usbarbitrator
    cim-diagnostic.sh            esxcli.py                    lockfile                     prop_of_instances            tar                          vmware-vimdump
    cim_host_powerops            esxhpcli                     logchannellogger             ps                           taskset                      vmx
    cksum                        esxhpedit                    logger                       pwqcheck                     tcpdump-uw                   vmx-buildtype
    clear                        esxtop                       login                        python                       techsupport.sh               vmx-debug
    cmmds-tool                   esxupdate                    ls                           python3                      tee                          vmx-stats
    cp                           ethtool                      lsof                         python3.5                    test                         voma
    cpio                         expr                         lspci                        python3.5m                   time                         vprobe
    crond                        false                        lsusb                        randomSeed                   timeout                      vscsiStats
    crypto-util                  fdisk                        lzop                         readlink                     tmpwatch.py                  vsi_traverse
    cut                          fgrep                        lzopcat                      reboot                       touch                        vsish
    date                         find                         mcopy                        remoteDeviceConnect          tracenet                     vvold
    dcbd                         firmwareConfig.sh            md5sum                       reset                        traceroute                   watch
    dcui                         gdbserver                    memstats                     resize                       true                         watchdog.sh
    dcuiweasel                   generate-certificates        mkdir                        rhttpproxy                   tune2fs                      wc
    dd                           genisoimage                  mkfifo                       rm                           uname                        wget
    debugfs                      getty                        mknod                        rmdir                        uniq                         which
    df                           gpuvm                        mktemp                       runInRP                      unlzop                       who
    dhclient-uw                  grabCIMData                  more                         scantools                    unzip                        xargs
    diff                         grep                         mv                           sched-stats                  uptime                       xkbcomp
    dirname                      gunzip                       nc                           schedsnapshot                usleep                       xz
    dmesg                        gzip                         net-cdp                      scp                          uwstats                      zcat
    dnsdomainname                halt                         net-dvs                      sdrsInjector                 vdf
    doat                         hbrfilterctl                 net-lacp                     secpolicytools               vdq
    dosfsck                      head                         net-lbt                      sed                          vdu
    du                           hexdump                      net-stats                    sensord                      vi
     


  • VMWare Vsphere VCSA Graphical Install Creates json


    yes it does create its own json
    ============================================
    cat /tmp/vcsaUiInstaller/ovftool-20180809-175238948-20180809-175603497.log |grep -i json
    2018-08-09T17:56:04.238-07:00 verbose OVFTool[30966] [Originator@6876 sub=Default] Manifest file entry: SHA1(VMware-vCenter-Server-Appliance-6.7.0.12000-8832884_OVF10-file1.json) = 1deb658c724767697587d5909c4051c01813e6a1
    -->     <ovf:File ovf:href="VMware-vCenter-Server-Appliance-6.7.0.12000-8832884_OVF10-file1.json" ovf:id="layout.json_id" ovf:size="25562"/>
    -->         <Description>A string encoding a JSON object mapping port names to port numbers.</Description>
    -->         <Description>Advanced upgrade settings specified in json format. Optional. Set only for upgrade</Description>
    -->                      description = "A string encoding a JSON object mapping port names to port numbers."
    -->                      description = "Advanced upgrade settings specified in json format. Optional. Set only for upgrade"


    ============================================================
    ps aux|grep -i vcsa
    one      30656  3.2  0.5 1301368 93476 ?       Sl   17:52   0:09 /media/one/VMware VCSA/vcsa-ui-installer/lin64/installer
    one      30660  0.0  0.1 321468 27316 ?        S    17:52   0:00 /media/one/VMware VCSA/vcsa-ui-installer/lin64/installer --type=zygote --no-sandbox
    one      30686  9.5  0.9 1203472 155008 ?      Sl   17:52   0:26 /media/one/VMware VCSA/vcsa-ui-installer/lin64/installer --type=renderer --no-sandbox --primordial-pipe-token=AA8FF400C3DED10AF8B8A9961BBF72D7 --lang=en-US --node-integration=true --enable-pinch --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=AA8FF400C3DED10AF8B8A9961BBF72D7 --renderer-client-id=4 --v8-natives-passed-by-fd --v8-snapshot-passed-by-fd
    one      30734  0.4  0.5 1072436 91628 ?       Sl   17:52   0:01 /media/one/VMware VCSA/vcsa-ui-installer/lin64/installer --type=renderer --no-sandbox --primordial-pipe-token=758945DCC6827E2BF8399B10D8557D01 --lang=en-US --node-integration=false --guest-instance-id=1 --enable-blink-features --disable-blink-features --enable-pinch --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=758945DCC6827E2BF8399B10D8557D01 --renderer-client-id=6 --v8-natives-passed-by-fd --v8-snapshot-passed-by-fd
    one      30966 13.1  0.3 1268676 62372 ?       Sl   17:56   0:09 /media/one/VMware VCSA/vcsa/ovftool/lin64/ovftool.bin --X:logFile=/tmp/vcsaUiInstaller/ovftool-20180809-175238948-20180809-175603497.log --X:logLevel=trivia --machineOutput --I:morefArgs --targetSSLThumbprint=F9:93:44:4C:6F:07:E5:32:36:0D:D9:99:88:71:D1:4A:6E:35:ED:DA --acceptAllEulas --powerOn --X:enableHiddenProperties --allowExtraConfig --X:injectOvfEnv --sourceType=OVA --name=UserVMware vCenter Server Appliance --deploymentOption=tiny --prop:guestinfo.cis.deployment.node.type=embedded --prop:guestinfo.cis.deployment.autoconfig=False --prop:guestinfo.cis.clientlocale=en --datastore=vim.Datastore:192.168.1.125:/nfs/nfstestshare --net:Network 1=vim.Network:HaNetwork-VM Network --prop:guestinfo.cis.appliance.net.addr.family=ipv4 --prop:guestinfo.cis.appliance.net.mode=static --diskMode=thin --prop:guestinfo.cis.appliance.net.pnid=areeb.vcenter.lab --prop:guestinfo.cis.appliance.net.addr=192.168.1.68 --prop:guestinfo.cis.appliance.net.prefix=24 --prop:guestinfo.cis.appliance.net.dns.servers=192.168.1.1 --prop:guestinfo.cis.appliance.net.gateway=192.168.1.1 --prop:guestinfo.cis.appliance.net.ports={"rhttpproxy.ext.port1":"80","rhttpproxy.ext.port2":"443"} --prop:guestinfo.cis.appliance.root.passwd=insecurepassword* /media/one/VMware VCSA/vcsa/VMware-vCenter-Server-Appliance-6.7.0.12000-8832884_OVF10.ova vi://root:insecurepassword@192.168.1.67:443
    one      31060  0.0  0.0  14228   944 pts/40   S+   17:57   0:00 grep --color=auto -i vcsa


  • error while loading shared libraries: libasound.so.2: cannot open shared object file: No such file or directory


    ./tronwatch: error while loading shared libraries: libasound.so.2: cannot open shared object file: No such file or directory
    [root@testing linux-unpacked-1.0.7]#
     

    Solution:

    yum -y install alsa-lib-devel


  • ./xmr-stak: error while loading shared libraries: libmicrohttpd.so.10: cannot open shared object file: No such file or directory


    The solution is just to install libmicrohttpd-dev

    ./xmr-stak
    ./xmr-stak: error while loading shared libraries: libmicrohttpd.so.10: cannot open shared object file: No such file or directory
    libmicrohttpd
    libmicrohttpd10 - library embedding HTTP server functionality
    libmicrohttpd-dbg - library embedding HTTP server functionality (debug)
    libmicrohttpd-dev - library embedding HTTP server functionality (development)
    $ sudo apt-get install libmicrohttpd-dev
    [sudo] password for one:
    Reading package lists... Done
    Building dependency tree       
    Reading state information... Done
    The following extra packages will be installed:
      libmicrohttpd10
    The following NEW packages will be installed:
      libmicrohttpd-dev libmicrohttpd10
    0 upgraded, 2 newly installed, 0 to remove and 305 not upgraded.
    Need to get 190 kB of archives.
    After this operation, 499 kB of additional disk space will be used.
    Do you want to continue? [Y/n] y
    Get:1 http://archive.ubuntu.com/ubuntu/ trusty/universe libmicrohttpd10 amd64 0.9.33-1 [41.0 kB]
    Get:2 http://archive.ubuntu.com/ubuntu/ trusty/universe libmicrohttpd-dev amd64 0.9.33-1 [149 kB]
    Fetched 190 kB in 0s (192 kB/s)           

     


  • qemu-img resize howto


    The Correct Way To Resize In Place

    qemu-img resize kvmuserwindows2008dcetest.img +1G
    Image resized.

     

     

    Below is a common mistake that some users make they are trying to specify a new image name but it can be resized in place (just make sure the VM is NOT running and you've backed up the data in case something goes wrong).

    qemu-img resize kvmuser453111.img kvmuser453111-larger.img +5G
    New image size must be positive

     

     


  • gmail.com address failing in Postfix


    Aug 10 01:11:54 mailserver postfix/smtp[6180]: 020AE17C2BD1: to=<theuserperson@gmail.con>, relay=none, delay=0.29, delays=0.28/0/0/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=gmail.con type=A: Host not found)

    A user complained that their e-mails weren't being delivered but they actually made a small typo and used gmail.con so it wasn't working as expected of course!

     


  • VMWare Hardware virtualization is selected and cannot be deselected due to selection of VBS Insufficient resources to satisfy configured failover level for vSphere HA.


    There is no such option as "VBS" that I can see in vSphere 6.7 I believe this is actually an issue because of using old hardware in this case L5420 doesn't support Nested Virtualization I believe.

     

    Hardware virtualization is selected and cannot be deselected due to selection of VBS

    Insufficient resources to satisfy configured failover level for vSphere HA.


  • Debian Mint Ubuntu compiling xmr-stak


    sudo apt-get install libcurl4-openssl-dev git build-essential autotools-dev autoconf libcurl3
    sudo apt-get install libcurl4-gnutls-dev


    git clone https://github.com/wolf9466/cpuminer-multi



    sudo apt-get install cmake  libpthread-* libmicrohttpd-dev libssl-dev libhwloc-dev
    git clone https://github.com/fireice-uk/xmr-stak-cpu.git
    make install
    cd bin
    chmod +x xmr-stak-cpu

    ./xmr-stak -O xmr-eu1.nanopool.org:14433 -u --currency monero7 -i 0 -p "" -r ""


    for i in {0..31}; do echo { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : $i },; done
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 0 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 1 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 2 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 3 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 4 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 5 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 6 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 7 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 8 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 9 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 10 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 11 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 12 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 13 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 14 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 15 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 16 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 17 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 18 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 19 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 20 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 21 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 22 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 23 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 24 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 25 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 26 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 27 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 28 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 29 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 30 },
    { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 31 },

    #use 28 cores or you will not 1005 h/s you'll get 865 h/s or so


    https://github.com/fireice-uk/xmr-stak
    wget https://github.com/fireice-uk/xmr-stak/archive/master.zip


    mint@mint ~ $ cd xmr-stak-master/
    mint@mint ~/xmr-stak-master $ ls
    CI  CMakeLists.txt  CONTRIBUTING.md  doc  Dockerfile  LICENSE  README.md  scripts  THIRD-PARTY-LICENSES  xmrstak
    mint@mint ~/xmr-stak-master $ cd xmrstak/
    mint@mint ~/xmr-stak-master/xmrstak $ ls
    backend  cli  config.tpl  cpputil  donate-level.hpp  http  jconf.cpp  jconf.hpp  misc  net  params.hpp  picosha2  pools.tpl  rapidjson  version.cpp  version.hpp
    mint@mint ~/xmr-stak-master/xmrstak $ cd ..
    mint@mint ~/xmr-stak-master $ ls
    CI  CMakeLists.txt  CONTRIBUTING.md  doc  Dockerfile  LICENSE  README.md  scripts  THIRD-PARTY-LICENSES  xmrstak
    mint@mint ~/xmr-stak-master $ cd scripts/
    mint@mint ~/xmr-stak-master/scripts $ ls
    build_xmr-stak_docker
    mint@mint ~/xmr-stak-master/scripts $ cd build_xmr-stak_docker/
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ ls
    build_xmr-stak_docker.sh
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ sudo ^C
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ ./build_xmr-stak_docker.sh
    + [[ 999 -ne 0 ]]
    + echo 'This script must be run as root'
    This script must be run as root
    + exit 1
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ sudo ./build_xmr-stak_docker.sh
    + [[ 0 -ne 0 ]]
    + '[' -d xmr-stak ']'
    + git clone https://github.com/fireice-uk/xmr-stak.git
    Cloning into 'xmr-stak'...
    remote: Counting objects: 5108, done.
    remote: Compressing objects: 100% (6/6), done.
    remote: Total 5108 (delta 1), reused 0 (delta 0), pack-reused 5102
    Receiving objects: 100% (5108/5108), 1.49 MiB | 0 bytes/s, done.
    Resolving deltas: 100% (3642/3642), done.
    Checking connectivity... done.
    + wget -c https://developer.nvidia.com/compute/cuda/9.0/Prod/local_installers/cuda_9.0.176_384.81_linux-run
    --2018-08-04 18:34:23--  https://developer.nvidia.com/compute/cuda/9.0/Prod/local_installers/cuda_9.0.176_384.81_linux-run
    Resolving developer.nvidia.com (developer.nvidia.com)... 192.229.162.216
    Connecting to developer.nvidia.com (developer.nvidia.com)|192.229.162.216|:443... connected.
    HTTP request sent, awaiting response... 302 Found
    Location: https://developer.download.nvidia.com/compute/cuda/9.0/secure/Prod/local_installers/cuda_9.0.176_384.81_linux.run?ZX7wuQ4plyyj4R-GNCbYZsePieK4HW5E0zO3qXB-1feswNzXmUm7yNO2iSgtHK73v2OgUn2hxP4HNsAdLKS3WAkvjiiZZGEijzlt2Ve6Eili6Qvjl71_QQZorpl2WlnBwvEN7jRxmJnFhX_Jwzu0BGApoZ7j1Kpnnx15uMfuiMvhv8HzQl39L-Gt [following]
    --2018-08-04 18:34:24--  https://developer.download.nvidia.com/compute/cuda/9.0/secure/Prod/local_installers/cuda_9.0.176_384.81_linux.run?ZX7wuQ4plyyj4R-GNCbYZsePieK4HW5E0zO3qXB-1feswNzXmUm7yNO2iSgtHK73v2OgUn2hxP4HNsAdLKS3WAkvjiiZZGEijzlt2Ve6Eili6Qvjl71_QQZorpl2WlnBwvEN7jRxmJnFhX_Jwzu0BGApoZ7j1Kpnnx15uMfuiMvhv8HzQl39L-Gt
    Resolving developer.download.nvidia.com (developer.download.nvidia.com)... 192.229.211.70, 2606:2800:21f:3aa:dcf:37b:1ed6:1fb
    Connecting to developer.download.nvidia.com (developer.download.nvidia.com)|192.229.211.70|:443... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 1643293725 (1.5G) [application/octet-stream]
    Saving to: ‘cuda_9.0.176_384.81_linux-run’

    cuda_9.0.176_384.81_linux-run                     100%[===========================================================================================================>]   1.53G  20.9MB/s    in 77s    

    2018-08-04 18:35:41 (20.4 MB/s) - ‘cuda_9.0.176_384.81_linux-run’ saved [1643293725/1643293725]

    + chmod a+x cuda_9.0.176_384.81_linux-run
    + docker run --rm -it -v /home/mint/xmr-stak-master/scripts/build_xmr-stak_docker:/mnt fedora:27 /bin/bash -c '
    set -x ;
    dnf install -y -q cmake gcc-c++ hwloc-devel libmicrohttpd-devel libstdc++-static make openssl-devel;
    cd /mnt/xmr-stak ;
    cmake -DCUDA_ENABLE=OFF -DOpenCL_ENABLE=OFF . ;
    make ;
    '
    ./build_xmr-stak_docker.sh: line 22: docker: command not found
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ sudo apt-get install docker
    Reading package lists... Done
    Building dependency tree      
    Reading state information... Done
    The following NEW packages will be installed:
      docker
    0 upgraded, 1 newly installed, 0 to remove and 525 not upgraded.
    Need to get 12.2 kB of archives.
    After this operation, 65.5 kB of additional disk space will be used.
    Get:1 http://archive.ubuntu.com/ubuntu xenial/universe amd64 docker amd64 1.5-1 [12.2 kB]
    Fetched 12.2 kB in 0s (40.1 kB/s) 
    Selecting previously unselected package docker.
    (Reading database ... 224040 files and directories currently installed.)
    Preparing to unpack .../docker_1.5-1_amd64.deb ...
    Unpacking docker (1.5-1) ...
    Processing triggers for man-db (2.7.5-1) ...
    Setting up docker (1.5-1) ...
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ sudo ./build_xmr-stak_docker.sh
    + [[ 0 -ne 0 ]]
    + '[' -d xmr-stak ']'
    + git -C xmr-stak clean -fd
    + wget -c https://developer.nvidia.com/compute/cuda/9.0/Prod/local_installers/cuda_9.0.176_384.81_linux-run
    --2018-08-04 18:36:03--  https://developer.nvidia.com/compute/cuda/9.0/Prod/local_installers/cuda_9.0.176_384.81_linux-run
    Resolving developer.nvidia.com (developer.nvidia.com)... 192.229.162.216
    Connecting to developer.nvidia.com (developer.nvidia.com)|192.229.162.216|:443... connected.
    HTTP request sent, awaiting response... 302 Found
    Location: https://developer.download.nvidia.com/compute/cuda/9.0/secure/Prod/local_installers/cuda_9.0.176_384.81_linux.run?hEToY5LvMogLvVQXRAaUxyQIifpZ2UTHTq95b2roNjuBoyhMdJaorG2jYri3qMoxTUyfTdKaOh1n1aZrZCX3gRytNMyhIysa3EAldjZ-gu6FqzKfqsbcauJReZ5dNaJqfNGordQB21H4J28vRpa16iHzzxIl7qk9Mm0oiDQitXEQHjNXwu-xjLdM [following]
    --2018-08-04 18:36:03--  https://developer.download.nvidia.com/compute/cuda/9.0/secure/Prod/local_installers/cuda_9.0.176_384.81_linux.run?hEToY5LvMogLvVQXRAaUxyQIifpZ2UTHTq95b2roNjuBoyhMdJaorG2jYri3qMoxTUyfTdKaOh1n1aZrZCX3gRytNMyhIysa3EAldjZ-gu6FqzKfqsbcauJReZ5dNaJqfNGordQB21H4J28vRpa16iHzzxIl7qk9Mm0oiDQitXEQHjNXwu-xjLdM
    Resolving developer.download.nvidia.com (developer.download.nvidia.com)... 192.229.211.70, 2606:2800:21f:3aa:dcf:37b:1ed6:1fb
    Connecting to developer.download.nvidia.com (developer.download.nvidia.com)|192.229.211.70|:443... connected.
    HTTP request sent, awaiting response... 416 Requested Range Not Satisfiable

        The file is already fully retrieved; nothing to do.

    + chmod a+x cuda_9.0.176_384.81_linux-run
    + docker run --rm -it -v /home/mint/xmr-stak-master/scripts/build_xmr-stak_docker:/mnt fedora:27 /bin/bash -c '
    set -x ;
    dnf install -y -q cmake gcc-c++ hwloc-devel libmicrohttpd-devel libstdc++-static make openssl-devel;
    cd /mnt/xmr-stak ;
    cmake -DCUDA_ENABLE=OFF -DOpenCL_ENABLE=OFF . ;
    make ;
    '
    ./build_xmr-stak_docker.sh: line 22: docker: command not found
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ docker
    The program 'docker' is currently not installed. You can install it by typing:
    sudo apt install docker.io
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ sudo ./build_xmr-stak_docker.sh ^C
    mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ apt-cache search docker


    sudo apt-get install docker.io

    ./build_xmr-stak_docker.sh


    cd ./xmrstak/donate-level.hpp
    constexpr double fDevDonationLevel = 0.0 / 100.0;


    cmake -DCMAKE_CXX_COMPILER=/usr/bin/g++-5 -DCMAKE_CC_COMPILER=/usr/bin/gcc5 -DCUDA_ENABLE=OFF
    #some say adding -DCMAKE_CXX_FLAGS=-march=native adds more hashing but I didn't see this I saw about 4 h/s less!
    # also if you added a bad -DCMAKE_CXX_FLAGS you can just set it to  -DCMAKE_CXX_FLAGS=""

    make install

    #considering I have 32 total cores (16 per CPU Opteron 6276)
    #remember to put the affine settings in cpu.txt anywhere else is ignored!
    #in this new XMR stack 29 cores gets you in 886 h/s so I have moved to 27 but that gets lower.
    31 got me about 925 h/s
    30 got me about 945.4 h/s
    29 got me about 890 h/s

    cd bin/
    mint@mint ~/xmr-stak-master/bin $ ls
    libxmr-stak-backend.a  libxmr-stak-c.a  libxmrstak_opencl_backend.so  xmr-stak
    mint@mint ~/xmr-stak-master/bin $ ./xmr-stak
    sudo sysctl -w vm.nr_hugepages=128
    Please enter:
    - Do you want to use the HTTP interface?
    Unlike the screen display, browser interface is not affected by the GPU lag.
    If you don't want to use it, please enter 0, otherwise enter port number that the miner should listen on

    0
    Configuration stored in file 'config.txt'
    Please enter:
    - Please enter the currency that you want to mine:
        - aeon7
        - bbscoin
        - bittube
        - cryptonight
        - cryptonight_bittube2
        - cryptonight_masari
        - cryptonight_haven
        - cryptonight_heavy
        - cryptonight_lite
        - cryptonight_lite_v7
        - cryptonight_lite_v7_xor
        - cryptonight_v7
        - cryptonight_v7_stellite
        - graft
        - haven
        - intense
        - masari
        - monero7
        - ryo
        - stellite
        - turtlecoin

    monero7
    - Pool address: e.g. pool.usxmrpool.com:3333




    ./xmr-stak
    Please enter:
    - Do you want to use the HTTP interface?
    Unlike the screen display, browser interface is not affected by the GPU lag.
    If you don't want to use it, please enter 0, otherwise enter port number that the miner should listen on

    0
    Configuration stored in file 'config.txt'
    Please enter:
    - Please enter the currency that you want to mine:
        - aeon7
        - bbscoin
        - bittube
        - cryptonight
        - cryptonight_bittube2
        - cryptonight_masari
        - cryptonight_haven
        - cryptonight_heavy
        - cryptonight_lite
        - cryptonight_lite_v7
        - cryptonight_lite_v7_xor
        - cryptonight_v7
        - cryptonight_v7_stellite
        - graft
        - haven
        - intense
        - masari
        - monero7
        - ryo
        - stellite
        - turtlecoin

    monero7
    - Pool address: e.g. pool.usxmrpool.com:3333
    xmr-eu1.nanopool.org:14433
    - Username (wallet address or pool login):
    yourmonerwalletaddress.1/youremail@domain.com
    - Password (mostly empty or x):

    - Rig identifier for pool-side statistics (needs pool support). Can be empty:

    - Does this pool port support TLS/SSL? Use no if unknown. (y/N)
    y
    - Do you want to use nicehash on this pool? (y/n)
    n
    - Do you want to use multiple pools? (y/n)
    n
    Pool configuration stored in file 'pools.txt'
    [2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
    [2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
    [2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
    [2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
    [2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
    -------------------------------------------------------------------
    xmr-stak 2.4.7 c5f0505d

    Brought to you by fireice_uk and psychocrypt under GPLv3.
    Based on CPU mining code by wolf9466 (heavily optimized by fireice_uk).
    Based on OpenCL mining code by wolf9466.

    Configurable dev donation level is set to 2.0%

    You can use following keys to display reports:
    'h' - hashrate
    'r' - results
    'c' - connection
    -------------------------------------------------------------------
    [2018-08-04 18:49:59] : Mining coin: monero7
    [2018-08-04 18:49:59] : WARNING: UNKNOWN_ERROR when calling clGetPlatformIDs for number of platforms.
    [2018-08-04 18:49:59] : WARNING: No OpenCL platform found.
    [2018-08-04 18:49:59] : WARNING: No AMD OpenCL platform found. Possible driver issues or wrong vendor driver.
    [2018-08-04 18:49:59] : WARNING: backend AMD (OpenCL) disabled.
    [2018-08-04 18:49:59] : Autoconf FAILED: Failed to allocate a PU.. Create config for a single thread.
    [2018-08-04 18:49:59] : CPU configuration stored in file 'cpu.txt'
    [2018-08-04 18:49:59] : Starting 1x thread, no affinity.
    [2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
    [2018-08-04 18:49:59] : Fast-connecting to xmr-eu1.nanopool.org:14433 pool ...
    [2018-08-04 18:49:59] : Pool xmr-eu1.nanopool.org:14433 connected. Logging in...
    [2018-08-04 18:50:00] : SOCKET ERROR - [xmr-eu1.nanopool.org:14433] RECEIVE error: socket closed
    HASHRATE REPORT - CPU
    | ID |    10s |    60s |    15m |
    |  0 |   (na) |   (na) |   (na) |
    Totals (CPU):     0.0    0.0    0.0 H/s
    -----------------------------------------------------------------
    Totals (ALL):      0.0    0.0    0.0 H/s
    Highest:     0.0 H/s
    -----------------------------------------------------------------
    HASHRATE REPORT - CPU
    | ID |    10s |    60s |    15m |
    |  0 |   (na) |   (na) |   (na) |
    Totals (CPU):     0.0    0.0    0.0 H/s
    -----------------------------------------------------------------
    Totals (ALL):      0.0    0.0    0.0 H/s
    Highest:     0.0 H/s
    -----------------------------------------------------------------

     


  • ./nsgpucnminer: error while loading shared libraries: libOpenCL.so.1w: cannot open shared object file: No such file or directory


    ./nsgpucnminer: error while loading shared libraries: libOpenCL.so.1w: cannot open shared object file: No such file or directory
     


  • *** These critical programs are missing or too old: gawk


    checking whether autoconf works... ../configure: line 5377:  7325 Segmentation fault      $AUTOCONF $ACFLAGS configure.in > /dev/null 2>&1
    no
    configure: error:
    *** These critical programs are missing or too old: gawk
    *** Check the INSTALL file for required versions.

     


  • migration/4 migration 4 is using too much CPU


    top - 13:02:52 up 603 days, 19:19,  2 users,  load average: 5.01, 4.15, 3.44
    Tasks: 604 total,   5 running, 599 sleeping,   0 stopped,   0 zombie
    Cpu(s): 17.7%us, 36.1%sy,  0.0%ni, 42.0%id,  4.1%wa,  0.0%hi,  0.2%si,  0.0%st
    Mem:  16278908k total,  4269684k used, 12009224k free,   119672k buffers
    Swap:        8k total,        8k used,        0k free,  1802992k cached

        PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND                                            
     273765 root      20   0  102m  680  572 R 36.1  0.0   7:23.08 swapoff                                            
     410417 501       20   0  229m  53m 1784 S 26.1  0.3   0:13.60 imap                                               
         19 root      RT   0     0    0    0 S 37.9  0.0 217:19.08 migration/4  



    migration/4   migration 4 is using too much CPU but not sure why.  I think it was due to heavy IO or swapping at the time possibly.


  • convert.im6: Unknown field with tag 317 (0x13d) encountered. `TIFFReadDirectory' @ warning/tiff.c/TIFFWarnings/788.


    convert "file.TIF" "resize.jpg"
    convert.im6: Unknown field with tag 317 (0x13d) encountered. `TIFFReadDirectory' @ warning/tiff.c/TIFFWarnings/788.

    I've been getting this error in ImageMagick on some .tif files even though it seems to actually convert properly.