RealTechTalk (RTT) - Linux/Server Administration/Related
We have years of knowledge with technology, especially in the IT (Information Technology) industry.
realtechtalk.com will always have fresh and useful information on a variety of subjects from Graphic Design, Server Administration, Web Hosting Industry and much more.
This site will specialize in unique topics and problems faced by web hosts, Unix/Linux administrators, web developers, computer technicians, hardware, networking, scripting, web design and much more. The aim of this site is to explain common problems and solutions in a simple way. Forums are ineffective because they have a lot of talk, but it's hard to find the answer you're looking for, and as we know, the answer is usually not there. No one has time to scour the net for forums and read pages of irrelevant information on different forums/threads. RTT just gives you what you're looking for.Cisco Switches How To Get Of Port Line Status Console Messages
00:55:07: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
00:55:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
Switch(config)#no logging console
Cisco DHCP Snooping Relay Setup Information
Switch#show ip dhcp snooping
Switch DHCP snooping is disabled
DHCP snooping is configured on following VLANs:
1
Insertion of option 82 is enabled
circuit-id format: vlan-mod-port
remote-id format: MAC
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Interface Trusted Rate limit (pps)
------------------------ ------- ----------------
FastEthernet0/1 yes unlimited
GigabitEthernet0/1 yes unlimited
To enable global "Switch DHCP Snooping":
Switch(config)#ip dhcp snooping
To enable DHCP snoop debugging
Note this only works IF the global dhcp snooping is enabled
debug ip dhcp snooping packet
To disable the DHCP debugging:
no debug ip dhcp snooping packet
Enable Port As Trusted:
You cannot broadcast DHCP unless the port is trusted so here's how you enable trust on a port (it does not work on a vlan I suppose for security reasons):
Switch(config-if)#int fa0/1
Switch(config-if)#ip dhcp snooping trust
Enable Snooping on VLAN:
Switch(config)#
Switch(config)#ip dhcp snooping vlan 1
Allow Untrusted Port:
int fa0/3
ip dhcp snooping information option allow-untrusted
Disable Option 82
If the relay or destination DHCP server doesn't support Option 82 Information it will break your DHCP and you will NOT get an IP/lease.
So disable Option 82 unless you are sure your network supports it:
Switch(config)#no ip dhcp snooping information option
Resources:
https://community.cisco.com/t5/switching/dhcp-snooping-not-working-dropping-packets/td-p/2076543
https://www.askitmen.com/network/ccna/configure-dhcp-snooping/
Cisco Switch Setup Guide Command List
Enter configuration console:
enable
configure terminal
This is important because if your console doesn't look like below none of the commands will work!
Switch(config)#
Show Switch Configuration:
show run
Show Port List/Status:
Switch#show interface status
Port Name Status Vlan Duplex Speed Type
Fa0/1 connected 1 a-full a-100 10/100BaseTX
Fa0/2 notconnect 1 auto auto 10/100BaseTX
Fa0/3 notconnect 1 auto auto 10/100BaseTX
Fa0/4 notconnect 1 auto auto 10/100BaseTX
Fa0/5 notconnect 1 auto auto 10/100BaseTX
Fa0/6 notconnect 1 auto auto 10/100BaseTX
Fa0/7 notconnect 1 auto auto 10/100BaseTX
Fa0/8 notconnect 1 auto auto 10/100BaseTX
Fa0/9 notconnect 1 auto auto 10/100BaseTX
Fa0/10 notconnect 1 auto auto 10/100BaseTX
Fa0/11 notconnect 1 auto auto 10/100BaseTX
Fa0/12 notconnect 1 auto auto 10/100BaseTX
Fa0/13 notconnect 1 auto auto 10/100BaseTX
Fa0/14 notconnect 1 auto auto 10/100BaseTX
Fa0/15 notconnect 1 auto auto 10/100BaseTX
Fa0/16 notconnect 1 auto auto 10/100BaseTX
Fa0/17 notconnect 1 auto auto 10/100BaseTX
Fa0/18 notconnect 1 auto auto 10/100BaseTX
Fa0/19 notconnect 1 auto auto 10/100BaseTX
Fa0/20 notconnect 1 auto auto 10/100BaseTX
Fa0/21 notconnect 1 auto auto 10/100BaseTX
Fa0/22 notconnect 1 auto auto 10/100BaseTX
Fa0/23 notconnect 1 auto auto 10/100BaseTX
Fa0/24 notconnect 1 auto auto 10/100BaseTX
Gi0/1 connected 1 a-full a-1000 10/100/1000BaseTX
Gi0/2 notconnect 1 auto auto Not Present
Show config of individual port or vlan
You could also have used "interface vlan 1" and you would get the config of the vlan.
Switch#show running-config interface gi0/1
Building configuration...
Current configuration : 36 bytes
!
interface GigabitEthernet0/1
end
Show all VLANs:
show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Show Specific VLAN
show vlan id 1
Configure interfaces
100M Ethernet is normally known as fa0
So for port 1 you would use fa0/1
int fa0/1
or
int fastethernet0/1
1Gig Ethernet known as gigabitethernet or gi0
int gigabitethernet0/1
or
int gi0/1
You can configure vlans in the same way:
int vlan 1
Working with a range of ports (example of ports 1-12)
int range fa0/1-12
Enable Port(s)
int fa0/1
no shutdown
The no in front of shutdown means turn on the port (the opposite or !)
How to Assign ports to vlan
#how to assign ports to vlan in this case it is ports 1-24 and they are being assigned to vlan 1
Switch(config)#int range fa0/1-24
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 1
Cisco 2960 Switch Reset To Factory Defaults
1.) Either power on the unit and hold the "mode" button or hold the "mode" button until you see the below:
00:04:08: %SYS-7-NV_BLOCK_INIT: Initalized the geometry of nvram
00:04:08: %EXPRESS_SETUP-6-CONFIG_IS_RESET: The configuration is reset and the system will now reboot
00:04:09: %SYS-5-RELOAD: Reload requested Reload Reason: power-on.
Base ethernet MAC Address: 00:1a:a2:4e:6a:00
Xmodem file system is available.
The password-recovery mechanism is enabled.
Initializing Flash...
flashfs[0]: filesystem check interrupted!
...done Initializing Flash.
Boot Sector Filesystem (bs) installed, fsid: 3
The system has been interrupted, or encountered an error
during initializion of the flash filesystem. The following
commands will initialize the flash filesystem, and finish
loading the operating system software:
flash_init
load_helper
boot
2.) Initialize the flash by typing "flash_init"
switch: flash_init
Initializing Flash...
flashfs[0]: 600 files, 19 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 32514048
flashfs[0]: Bytes used: 7713280
flashfs[0]: Bytes available: 24800768
flashfs[0]: flashfs fsck took 10 seconds.
...done Initializing Flash.
Setting console baud rate to 9600...
3.) Delete config files
del flash:config.text
Are you sure you want to delete "flash:config.text" (y/n)?y
File "flash:config.text" deleted
del flash:vlan.dat
Are you sure you want to delete "flash:vlan.dat" (y/n)?y
File "flash:vlan.dat" deleted
4.) boot!
boot
Cisco IOS Software, C2960 Software (C2960-LANBASE-M), Version 12.2(25)SEE2, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Fri 28-Jul-06 04:33 by yenanh
Image text-base: 0x00003000, data-base: 0x00AA2F34
Initializing flashfs...
flashfs[1]: 600 files, 19 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 32514048
flashfs[1]: Bytes used: 7713280
flashfs[1]: Bytes available: 24800768
flashfs[1]: flashfs fsck took 1 seconds.
flashfs[1]: Initialization complete....done Initializing flashfs.
POST: CPU MIC register Tests : Begin
POST: CPU MIC register Tests : End, Status Passed
POST: PortASIC Memory Tests : Begin
POST: PortASIC Memory Tests : End, Status Passed
POST: CPU MIC PortASIC interface Loopback Tests : Begin
POST: CPU MIC PortASIC interface Loopback Tests : End, Status Passed
POST: PortASIC RingLoopback Tests : Begin
POST: PortASIC RingLoopback Tests : End, Status Passed
How To Boot Cisco CUCM UCSInstall 8.6, 10, 11 and 12 on KVM/Proxmox
The key thing is that you must use a "machine" id of "pc-1.3" or it will say your hardware is not supported.
Additionally you MUST use a virtio disk or you will get a ks_pre.sh error as soon as the install starts (a look at logs will show it can't find a disk). This is funny because even though the OS finds the disk and an fdisk -l shows it, it looks like the script looks for a /dev/vda device (virtio) and nothing else, so if you didn't use Virtio as your disk and you have a /dev/sda it won't work.
In Promxox you will have to edit your config file like this:
bootdisk: sata0
cores: 12
ide2: local:iso/Bootable_UCSInstall_UCOS_12.iso,media=cdrom,size=3523684K
machine: pc-1.3
memory: 8096
name: ciscouc
net0: virtio=DE:C3:A0:F8:50:11,bridge=vmbr0
numa: 0
ostype: l26
scsihw: virtio-scsi-pci
smbios1: uuid=99bf1ee3-b527-4ea2-bf68-179bee9699b1
sockets: 1
unused0: thin:vm-124-disk-1
virtio0: thin:vm-124-disk-2,size=90G
Raw QEMU-KVM execution:
qemu-system-x86_64 -boot dc -smp 4 -machine pc-1.3 -vnc :1 -m 8096 -drive file=cucum86.img,if=virtio -cdrom Bootable_UCSInstall_UCOS_12.iso
How To Modify the ISO to enable KVM
Tested on UCS 8.6 and 12
mkdir mountcucm
mount -o loop Bootable_UCSInstall_UCOS_UNRST_8.6.2.10000-14.sgn.iso mountcucum/
mv cucm8.6kvm/Cisco/hssi/server_implementation/KVM/QEMU/shared/bin/api_implementation.sh.proposed cucm8.6kvm/Cisco/hssi/server_implementation/KVM/QEMU/shared/bin/api_implementation.sh
vi cucm8.6kvm/Cisco/base_scripts/ihardware.sh
#change this
function hasHwSnmpMonitoring()
{
local method="hasHwSnmpMonitoring"
_forwardToSAM $method $@
}
#to
function hasHwSnmpMonitoring()
{
return 1
}
cd cucm8.6kvm
#use mkisofs or genisoimage
genisoimage -o /var/lib/vz/template/iso/Bootable_UCSInstall_UCOS_UNRST_8.6.2.10000-14.sgn-KVMenabled-by-realtechtalk.com.iso -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -J -R -iso-level 4
cd cucm8.6kvm/Cisco/hssi/server_implementation
#delete everything other than KVM
total 40K
drwxrwxr-x 8 900711 floppy 4.0K Aug 22 2011 .
drwxrwxr-x 5 900711 floppy 4.0K Aug 22 2011 ..
drwxrwxr-x 5 900711 floppy 4.0K Aug 22 2011 HP
drwxrwxr-x 6 900711 floppy 4.0K Aug 22 2011 IBM
drwxrwxr-x 5 900711 floppy 4.0K Aug 22 2011 KVM
-r--r--r-- 1 900711 floppy 92 Dec 13 2008 README.TXT
drwxrwxr-x 4 900711 floppy 4.0K Aug 22 2011 shared
-r--r--r-- 1 900711 floppy 1.5K Aug 22 2011 TRANS.TBL
drwxrwxr-x 4 900711 floppy 4.0K Aug 22 2011 VMWARE
drwxrwxr-x 4 900711 floppy 4.0K Aug 22 2011 VOLARIS
#:/var/lib/vz/template/iso/cucm8.6kvm/Cisco/hssi/server_implementation# rm -rf HP/ IBM/ VMWARE/ VOLARIS/
#you may need to do this:
#fix this file
vi Cisco/hssi/server_implementation/KVM/shared/bin/KVM.data
#change
expected_manufacturer=QEMU|Bochs
#to
expected_manufacturer=QEMU|Bochs|Seabios
VBOX VirtualBox How To Import Raw .img Disk File
What you need to do if you have taken a dd or real raw image dump of a hard disk:
VBoxManage convertdd windows2019-eval-template.img windows2019.vdi --format VDI
The .img is the raw dd dump and the .vdi is the output file.
--format VDI specifies to output to .vdi format
If you are in a pinch you can always use qemu-kvm binary and manually specify the .img as your disk and it will just work.
*Even the above didn't work for some reason with VBOX
VBoxManage convertdd windows2019-eval-template.img windows2019.vdi --format VDI
Converting from raw image file="windows2019-eval-template.img" to file="windows2019.vdi"...
Creating dynamic image with size 21474836480 bytes (20480MB)...
*Note if you are mounting the .vdi over SMB or SSHFS you may still get the below error (sometimes it only works well locally)
VD: error
VERR_NET_OPERATION_NOT_SUPPORTED
What doesn't work if you have taken a raw image / dd of an LVM or Physical Hard Disk:
I tried the raw image and you get:
Could not get the storage format of the medium (VERR_NOT_SUPPORTED).
Then I converted it to qcow2:
qemu-img convert -f raw -O qcow2 windows2019-eval-template.img windows2019-eval-template.qcow2
But I still got the same error.
So then I tried to convert it to .vdi:
qemu-img convert -f raw -O vdi windows2019-eval-template.img windows2019-eval-template.vdi
VD: error
VERR_NET_OPERATION_NOT_SUPPORTED
The original partition of the .img looks like this:
fdisk -l windows2019-eval-template.img
Disk windows2019-eval-template.img: 21.5 GB, 21474836480 bytes
255 heads, 63 sectors/track, 2610 cylinders, total 41943040 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0xb5ad7258
Device Boot Start End Blocks Id System
windows2019-eval-template.img1 * 2048 1126399 562176 7 HPFS/NTFS/exFAT
windows2019-eval-template.img2 1126400 41940991 20407296 7 HPFS/NTFS/exFAT
Windows Server 2012, 2016, 2019 How To Install and Missing Disabled Telnet Client
By default telnet is not enabled or installed on the latest Windows servers so you'll get an error saying:
telnet is not recognized as an internal or external command
dism /online /Enable-Feature /FeatureName:TelnetClient
proxmox vm networking breaks when you restart your network on the hostnode
I did a systemctl restart networking and it broke Proxmox VM connectivity!
#proxmox is the problem after restarting the network the tap devices go to disabled state
[2230884.919905] vmbr0: port 7(tap118i0) entered disabled state
[2230884.948864] vmbr0: port 8(tap122i0) entered disabled state
[2230884.972748] vmbr0: port 6(tap119i0) entered disabled state
[2230885.004745] vmbr0: port 5(tap117i0) entered disabled state
[2230885.036736] vmbr0: port 4(tap112i0) entered disabled state
[2230885.060693] vmbr0: port 3(tap111i0) entered disabled state
[2230885.100729] vmbr0: port 2(tap110i0) entered disabled state
[2230885.227515] vmbr0: port 1(enp0s8) entered blocking state
[2230885.227518] vmbr0: port 1(enp0s8) entered disabled state
[2230885.228071] device enp0s8 entered promiscuous mode
As we can see the tap devices went disabled which makes sense BUT they didn't come back so all VMs now have no network connection (the equivalent of basically unplugging the cable from the server):
#use brctl to fix
brctl addif vmbr0 tap118i0
Feb 25 06:30:42 proxmoxdal01 kernel: [2231303.128510] vmbr0: port 2(tap118i0) entered blocking state
Feb 25 06:30:42 proxmoxdal01 kernel: [2231303.128513] vmbr0: port 2(tap118i0) entered disabled state
Feb 25 06:30:42 proxmoxdal01 kernel: [2231303.128754] vmbr0: port 2(tap118i0) entered blocking state
Feb 25 06:30:42 proxmoxdal01 kernel: [2231303.128756] vmbr0: port 2(tap118i0) entered forwarding state
Here is a handy bash script that will automatically readd all of your tap devices to vmbr0
for tapdev in `ip a|grep tap| awk '{print $2}'|sed s/://`; do
brctl addif vmbr0 $tapdev
done
And they all came back:
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.163869] vmbr0: port 3(tap110i0) entered blocking state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.163873] vmbr0: port 3(tap110i0) entered disabled state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.164059] vmbr0: port 3(tap110i0) entered blocking state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.164062] vmbr0: port 3(tap110i0) entered forwarding state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.165739] vmbr0: port 4(tap111i0) entered blocking state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.165742] vmbr0: port 4(tap111i0) entered disabled state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.165926] vmbr0: port 4(tap111i0) entered blocking state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.165928] vmbr0: port 4(tap111i0) entered forwarding state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.167515] vmbr0: port 5(tap112i0) entered blocking state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.167520] vmbr0: port 5(tap112i0) entered disabled state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.167717] vmbr0: port 5(tap112i0) entered blocking state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.167721] vmbr0: port 5(tap112i0) entered forwarding state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.169253] vmbr0: port 6(tap117i0) entered blocking state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.169260] vmbr0: port 6(tap117i0) entered disabled state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.169396] vmbr0: port 6(tap117i0) entered blocking state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.169398] vmbr0: port 6(tap117i0) entered forwarding state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.170867] vmbr0: port 7(tap119i0) entered blocking state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.170869] vmbr0: port 7(tap119i0) entered disabled state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.171023] vmbr0: port 7(tap119i0) entered blocking state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.171026] vmbr0: port 7(tap119i0) entered forwarding state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.172605] vmbr0: port 8(tap122i0) entered blocking state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.172608] vmbr0: port 8(tap122i0) entered disabled state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.172768] vmbr0: port 8(tap122i0) entered blocking state
Feb 25 06:31:52 proxmoxdal01 kernel: [2231373.172770] vmbr0: port 8(tap122i0) entered forwarding state
Linux ln symlink how to update existing symbolic link
ln -s --force newfile.jpg existingsymlink.jpg
All you do is use the --force flag to force/update the existing one.
The above modifies a symlink called "existingsymlink.jpg" and points it to "newfile.jpg" as the source.
Ubuntu 18.04 / Linux Mint 19.1 Cannot Type or Login - solution
It was broken because of this package for xorg I installed:
xserver-xorg-core-hwe-18.04
Just remove it even if you have to chroot from a live USB/CD:
sudo apt-get remove xserver-xorg-core-hwe-18.04
LUKS Hard Drive Encryption on Linux Mint Ubuntu Debian etc how to mount encrypted hard drive
The key thing here is to know the actual partition that is encrypted.
Often in Linux Mint's installer that ends up being partition 5 or /dev/sda5
sudo cryptsetup luksOpen /dev/sda5 anynamehere
You will then be prompted for your irrecoverable passphrase:
Enter passphrase for /dev/sda5:
If all goes well it won't say anything further. If it says ""No key available with this passphrase." it means you have entered the wrong password.
How to mount
The above command will create a device based on the third argument that you passed to cryptsetup (anynamehere) in the above example.
So you would see i/dev/mapper/anynamehere
From there just go ahead and mount it (assuming it is not using LVM-read on if you are).
mount /dev/mapper/anynamehere /mnt/crypteddisk
Chroot
To make it more practical perhaps you are trying to modify or fix your OS.
From here if we were using many OS's we would then do an "lvscan". It will then show us the LVM volumes and you can then mount the vg-root to /mnt
You can then do something like this:
mount /dev/vgname/vg-root /mnt
#use the bash script to mount /dev /proc and /sys to your /mnt (chroot) root dir so stuff works when you chroot
for mount in dev proc sys; do
mount -o bind /$mount /mnt/$mount
done
#now let's chroot in!
chroot /mnt
How to use nmap locate other machines/computers/servers on your network using nmap
A lot of people think arp wil do it but the arp table will only show devices you have communicated with.
Using nmap is a quick and simple way to scan a range to find a machine you may not know the IP for:
eg:
nmap -sP 10.1.5.0/24
Just change the above to your subnet
Linux Mint 18.2 Create Config File To Start Application Upon Login
This is not about systemd/systemctl and not about "onboot" so there's no rc.local trick here but it's the GUI/Gnome etc when a user logs in that a command is launched.
Put this in your home dir
The .config/autostart directory is where Linux Mint/Ubuntu checks for autostart application config files
mkdir -p ~/.config/autostart
Create a new entry/file that starts an application:
vi realtechtalk.com.desktop
The name can be anything but must have ".desktop" as the extension.
[Desktop Entry]
Type=Application
Exec=/usr/bin/firefox http://realtechtalk.com
Hidden=false
X-MATE-Autostart-enabled=true
Name[en_US]=firefox
Name=firefox
Comment[en_US]=Visit realtechtalk.com!
Comment=
The key point from above is the "Exec" variable and Name variable. Change exec to what you want to execute and change the name to something meaningful
Dell Wyse Thin Client BIOS Access Key
For most of these machines you just have to power the unit on while holding the "Del" key and you'll enter the BIOS.
sudoers file in /etc warning about comments/includes!
If you see this in /etc/sudoers it is NOT a comment but an include.
#includedir /etc/sudoers.d
For example in Linux mint sudoers.d contains the following files:
casper mintupdate README
casper for example contains the following sudoers line:
mint ALL=(ALL) NOPASSWD: ALL
So if you are messing around with sudoers or creating a new file understand that #includedir is absolutely not a comment and may be critical to properly functioning sudo functionality for your machine or user.
Of course this is contrary to most Unix based config files where often a pound # is a comment.
Centos 7 Reallocate logical volume space to another
Do you hate how Centos 7 defaults to allocating most of your valuable space to /home even though it is a production server?
Here is a quick guide on how to take back that space live, while online (of course make sure you have backups just in case something goes wrong!):
First we will reduce our home dir by 100G:
lvreduce -L -100G /dev/mapper/centos-home
WARNING: Reducing active and open logical volume to <5.12 GiB.
THIS MAY DESTROY YOUR DATA (filesystem etc.)
Do you really want to reduce centos/home? [y/n]: y
Size of logical volume centos/home changed from <105.12 GiB (26910 extents) to <5.12 GiB (1310 extents).
Logical volume centos/home successfully resized.
Now let's give it back to /root:
lvextend -l 100%FREE /dev/centos/root
Size of logical volume centos/root changed from 50.00 GiB (12800 extents) to 100.00 GiB (25601 extents).
Logical volume centos/root successfully resized.
OK but now what does our filesystem magically know what we did with the LV/logical volume? No
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/centos-root 50G 35G 16G 70% /
devtmpfs 1.9G 0 1.9G 0% /dev
tmpfs 1.9G 0 1.9G 0% /dev/shm
tmpfs 1.9G 8.7M 1.9G 1% /run
tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
/dev/mapper/centos-home 106G 33M 106G 1% /home
/dev/sda1 1014M 176M 839M 18% /boot
tmpfs 379M 0 379M 0% /run/user/0
Maybe we could just remount it? No
[root@disc livefilesystem]# mount -o remount /
[root@disc livefilesystem]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/centos-root 50G 35G 16G 70% /
How do we resize the filesystem? xfs_growfs of course!
xfs_growfs /dev/mapper/centos-root
meta-data=/dev/mapper/centos-root isize=512 agcount=4, agsize=3276800 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=0 spinodes=0
data = bsize=4096 blocks=13107200, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal bsize=4096 blocks=6400, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
data blocks changed from 13107200 to 26215424
Now it's all good!
[root@disc livefilesystem]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/centos-root 100G 35G 66G 35% /
devtmpfs 1.9G 0 1.9G 0% /dev
tmpfs 1.9G 0 1.9G 0% /dev/shm
tmpfs 1.9G 8.7M 1.9G 1% /run
tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
/dev/mapper/centos-home 106G 33M 106G 1% /home
/dev/sda1 1014M 176M 839M 18% /boot
tmpfs 379M 0 379M 0% /run/user/0
lvm how to reduce volume size
lvreduce -L -100G /dev/mapper/centos-home
Do you really want to reduce centos/home? [y/n]: y
Size of logical volume centos/home changed from <105.12 GiB (26910 extents) to <5.12 GiB (1310 extents).
Logical volume centos/home successfully resized.
Just modify the command above with the -100G to suite how much you want to reduce your volume by.
letsencrypt certbot error "Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80."
./certbot-auto --apache certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
No names were found in your configuration files. Please enter in your domain
name(s) (comma and/or space separated) (Enter 'c' to cancel): yourdomain.com
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for yourdomain.com
Cleaning up challenges
Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.
SSH error cannot Forward or Listen "bind: Cannot assign requested address"
debug1: Local connections to LOCALHOST:18006 forwarded to remote address 192.168.1.93:8006
debug1: Local forwarding listening on 127.0.0.1 port 18006.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on ::1 port 18006.
bind: Cannot assign requested address
What we are seeing is that we can't listen on an IPV6 address of ::1. We need to tell SSH to stop using IPV6 so we'll edit ssh_config to take care of this issue.
Solution:
sudo vi /etc/ssh/ssh_config
Set this:
Host *
AddressFamily inet
Formerly the "inet" would say any which means it would be IPV6 too but we can't have that since it breaks out forwarding!
The "inet" in address family disables IPV6 because we can see in the SSH verbose output earlier that it was trying to listen on ::1 (which is an IPV6 address). This breaks if you don't have IPV6 enabled in your OS which is why we get the message from bind.
X11 SSH Linux Forwarding Error
Jan 30 17:16:10 localhost sshd[25385]: error: Failed to allocate internet-domain X11 display socket.
The solution for me on the server side was the following in sshd_config:
AddressFamily inet
*Remember to restart sshd and also reconnect from the client side.
I had all the normal X11 settings on the server but it just stopped working for me randomly:
X11Forwarding yes
X11DisplayOffset 10
I am thinking this is a client side error in the sense that perhaps newer SSH clients cause this bug because things were working fine for months and nothing changed on the server side.
This happened on Linux Mint/Ubuntu/Debian based machines.
Using Microsoft's Group Policy Management Editor (GPME) To Change Default Permissions and Internet Explorer Security Settings
The defaults in Windows 2016 server leave clients crippled so they can't even download basic files or software. But Group Policy Management Editor comes to our rescue!
Use cmd or Powershell and run:
gpme.msc
Choose your domain/computer and then navigate like below and create a new menu entry for IE11 or whatever your version is. Don't be worried if the highest version is IE10 it means that it applies to IE10 AND above.
Make your changes
After that close the GPME and the settings will apply to users once they login again.
Of course you can use GPME for other apps, settings etc.. so customize as you need.
Don't forget to run "gpupdate" on existing clients or they may not get the GP changes you've made (eg. meaning what you did will have no effect on the user).
Thunderbird How To Disable An Email Account
Navigate to Tools -> Account Settings -> Server Settings
Uncheck the following:
- "Check for new messages on startup"
- "Check for new messages every NN minutes"
- "Automatically download new messages".
Source: http://forums.mozillazine.org/viewtopic.php?t=635510
iptables linux firewall recommended rules for public computing
Whether you are at work, at the coffee shop or on the public internet here are some basic but effective rules for iptables that lock things down (eg. no one can SMB or SSH to you or really anything):
# Generated by iptables-save v1.4.21 on Fri Dec 14 14:00:08 2018
*nat
:PREROUTING ACCEPT [160:19844]
:INPUT ACCEPT [4:357]
:OUTPUT ACCEPT [2955:182236]
:POSTROUTING ACCEPT [2955:182236]
COMMIT
# Completed on Fri Dec 14 14:00:08 2018
# Generated by iptables-save v1.4.21 on Fri Dec 14 14:00:08 2018
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1284:148262]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: "
-A INPUT -j DROP
COMMIT
# Completed on Fri Dec 14 14:00:08 2018
LVM How To Create Pool (dynamically allocated and not fully allocated)
The main use I have for this is virtual servers being able to use an LVM volume but not occupying all of the space. It saves time in deploying machines and copying them so you are only copying the space they are using (eg. 5GB / 60GB vs the full 60GB). There are some disadvantages which is mainly the fact that thin pools by their nature allow you to "overallocate" disk space which is that you could use more space than is available on the disk itself and corrupt your data.
So in my opinion it is best to avoid thin pools EXCEPT if you have a testing environment you need to get up quickly or if you REALLY know what you are doing (eg. you are sure the disk space won't be overallocated or you have some other safeguards).
How To Create An LVM Thin Pool
-L = the size of the pool
--thinpool = specifies we are creating a thin pool
vmthinpool = the name of our thinpool
vms = the name of the vg / volume group we are creating it on.
lvcreate -L 500GB --thinpool vmthinpool vms
Using default stripesize 64.00 KiB.
Logical volume "vmthinpool" created.
VMWare Pro Workstation Nic Disconnected and No IP Using NAT
By default VMWare Workstation often doesn't work as we would like.
If you create a VM with a default NAT IP it won't work you will find the NIC is disconnected (even though on the VMWare side it says connected including at Power On).
How To Solve It
1.) Create New VMNet for NAT
Click "Edit" -> "Virtual Network Editor"
Click "Add Network"
Select Network To Add "VMNet1" (or the next available name).
Click on "NAT" under "Network Information"
It should by default enable DHCP and a default range of 192.168.*.*
and hit OK.
2.) Edit your VM and assign it the VMNet you created above.
Linux How To Create A RamDisk
size = the amount of RAM (m for megabytes)
/mnt/ram = the mount location of the ram disk (change to the path you want it mounted to)
mount -t tmpfs -o size=4096m tmpfs /mnt/ram/
Example test in an old server:
You can see that when reading if you don't specify bs1=M the read speeds are several times slower (eg. 450MB/s vs 2.1GB/s)
mount -t tmpfs -o size=4096m tmpfs /mnt/ram/^C
root@testserver:~# dd if=/dev/zero of=/mnt/ram/testhere bs=1M count=3000
3000+0 records in
3000+0 records out
3145728000 bytes (3.1 GB, 2.9 GiB) copied, 2.51162 s, 1.3 GB/s
root@testserver:~# dd if=/dev/mnt/ram^C
root@testserver:~# dd if=/mnt/ram/testhere of=/dev/null
6144000+0 records in
6144000+0 records out
3145728000 bytes (3.1 GB, 2.9 GiB) copied, 6.99788 s, 450 MB/s
root@testserver:~# dd if=/mnt/ram/testfile of=/dev/null
dd: failed to open '/mnt/ram/testfile': No such file or directory
root@testserver:~# dd if=/mnt/ram/testhere
testhere
root@testserver:~# dd if=/mnt/ram/testhere of=/dev/null
6144000+0 records in
6144000+0 records out
3145728000 bytes (3.1 GB, 2.9 GiB) copied, 6.94865 s, 453 MB/s
root@testserver:~# dd if=/mnt/ram/testhere of=/dev/null bs=1M
3000+0 records in
3000+0 records out
3145728000 bytes (3.1 GB, 2.9 GiB) copied, 1.49836 s, 2.1 GB/s
mdadm force resync when resync=PENDING solution
cat /proc/mdstat
Personalities : [linear] [multipath] [raid0] [raid1] [raid10] [raid6] [raid5] [raid4]
md127 : active (auto-read-only) raid10 sdc1[0] sdb1[2]
1953382400 blocks super 1.2 512K chunks 2 far-copies [2/1] [U_]
resync=PENDING
bitmap: 15/15 pages [60KB], 65536KB chunk
Solution force repair/resync:
echo "repair" > /sys/block/md127/md/sync_action
Proxmox Breaks Storage/LVM Backing If Killing QEMU-IMG
I tried to stop a qemu-img copy or clone and it broke everything. It was fine to "stop" it from the GUI but a process still persisted so I killed the relevant qemu-img and the kernel went crazy. It also may not have helped that I tried to lvremove a different volume (an unused disk). But either way it breaks LVM (you cannot even run lvdisplay) so a reboot is necessary.
Jan 17 06:45:21 testserver kernel: [ 5680.439337] systemd-udevd D 0 9948 469 0x00000104
Jan 17 06:45:21 testserver kernel: [ 5680.439341] Call Trace:
Jan 17 06:45:21 testserver kernel: [ 5680.439356] __schedule+0x3e3/0x880
Jan 17 06:45:21 testserver kernel: [ 5680.439363] schedule+0x36/0x80
Jan 17 06:45:21 testserver kernel: [ 5680.439366] schedule_preempt_disabled+0xe/0x10
Jan 17 06:45:21 testserver kernel: [ 5680.439370] __mutex_lock.isra.2+0x2b1/0x4e0
Jan 17 06:45:21 testserver kernel: [ 5680.439374] ? kobj_lookup+0x115/0x160
Jan 17 06:45:21 testserver kernel: [ 5680.439377] __mutex_lock_slowpath+0x13/0x20
Jan 17 06:45:21 testserver kernel: [ 5680.439379] ? _cond_resched+0x1a/0x50
Jan 17 06:45:21 testserver kernel: [ 5680.439382] ? __mutex_lock_slowpath+0x13/0x20
Jan 17 06:45:21 testserver kernel: [ 5680.439384] mutex_lock+0x2f/0x40
Jan 17 06:45:21 testserver kernel: [ 5680.439389] __blkdev_get+0x71/0x4d0
Jan 17 06:45:21 testserver kernel: [ 5680.439391] blkdev_get+0x125/0x310
Jan 17 06:45:21 testserver kernel: [ 5680.439394] blkdev_open+0x92/0x100
Jan 17 06:45:21 testserver kernel: [ 5680.439397] do_dentry_open+0x202/0x310
Jan 17 06:45:21 testserver kernel: [ 5680.439399] ? bd_acquire+0xd0/0xd0
Jan 17 06:45:21 testserver kernel: [ 5680.439401] vfs_open+0x4f/0x80
Jan 17 06:45:21 testserver kernel: [ 5680.439403] path_openat+0x617/0x14a0
Jan 17 06:45:21 testserver kernel: [ 5680.439407] ? page_add_file_rmap+0xf7/0x150
Jan 17 06:45:21 testserver kernel: [ 5680.439411] do_filp_open+0x99/0x110
Jan 17 06:45:21 testserver kernel: [ 5680.439414] ? __check_object_size+0xb3/0x190
Jan 17 06:45:21 testserver kernel: [ 5680.439417] ? __alloc_fd+0x46/0x170
Jan 17 06:45:21 testserver kernel: [ 5680.439420] do_sys_open+0x135/0x280
Jan 17 06:45:21 testserver kernel: [ 5680.439421] ? do_sys_open+0x135/0x280
Jan 17 06:45:21 testserver kernel: [ 5680.439424] SyS_open+0x1e/0x20
Jan 17 06:45:21 testserver kernel: [ 5680.439428] do_syscall_64+0x73/0x130
Jan 17 06:45:21 testserver kernel: [ 5680.439432] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Jan 17 06:45:21 testserver kernel: [ 5680.439437] RIP: 0033:0x7f5864f81820
Jan 17 06:45:21 testserver kernel: [ 5680.439439] RSP: 002b:00007ffc4632b0f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
Jan 17 06:45:21 testserver kernel: [ 5680.439441] RAX: ffffffffffffffda RBX: 000056554f2b5cd0 RCX: 00007f5864f81820
Jan 17 06:45:21 testserver kernel: [ 5680.439443] RDX: 000056554f14bda3 RSI: 0000000000080000 RDI: 000056554f29f370
Jan 17 06:45:21 testserver kernel: [ 5680.439444] RBP: 0000000000000001 R08: 000056554f14bda3 R09: 0000000000000110
Jan 17 06:45:21 testserver kernel: [ 5680.439445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
Jan 17 06:45:21 testserver kernel: [ 5680.439446] R13: 0000000000000000 R14: 000056554f29eec0 R15: 00000000ffffffff
Jan 17 06:45:21 testserver kernel: [ 5680.455730] vgs D 0 9952 1777 0x00000000
Jan 17 06:45:21 testserver kernel: [ 5680.455732] Call Trace:
Jan 17 06:45:21 testserver kernel: [ 5680.455736] __schedule+0x3e3/0x880
Jan 17 06:45:21 testserver kernel: [ 5680.455739] ? __switch_to_asm+0x40/0x70
Jan 17 06:45:21 testserver kernel: [ 5680.455741] ? __switch_to_asm+0x34/0x70
Jan 17 06:45:21 testserver kernel: [ 5680.455743] schedule+0x36/0x80
Jan 17 06:45:21 testserver kernel: [ 5680.455746] schedule_preempt_disabled+0xe/0x10
Jan 17 06:45:21 testserver kernel: [ 5680.455751] __mutex_lock.isra.2+0x2b1/0x4e0
Jan 17 06:45:21 testserver kernel: [ 5680.455754] ? kobj_lookup+0x115/0x160
Jan 17 06:45:21 testserver kernel: [ 5680.455757] __mutex_lock_slowpath+0x13/0x20
Jan 17 06:45:21 testserver kernel: [ 5680.455759] ? _cond_resched+0x1a/0x50
Jan 17 06:45:21 testserver kernel: [ 5680.455762] ? __mutex_lock_slowpath+0x13/0x20
Jan 17 06:45:21 testserver kernel: [ 5680.455764] mutex_lock+0x2f/0x40
Jan 17 06:45:21 testserver kernel: [ 5680.455766] __blkdev_get+0x71/0x4d0
Jan 17 06:45:21 testserver kernel: [ 5680.455768] blkdev_get+0x125/0x310
Jan 17 06:45:21 testserver kernel: [ 5680.455771] blkdev_open+0x92/0x100
Jan 17 06:45:21 testserver kernel: [ 5680.455773] do_dentry_open+0x202/0x310
Jan 17 06:45:21 testserver kernel: [ 5680.455774] ? bd_acquire+0xd0/0xd0
Jan 17 06:45:21 testserver kernel: [ 5680.455777] vfs_open+0x4f/0x80
Jan 17 06:45:21 testserver kernel: [ 5680.455778] path_openat+0x617/0x14a0
Jan 17 06:45:21 testserver kernel: [ 5680.455780] ? putname+0x54/0x60
Jan 17 06:45:21 testserver kernel: [ 5680.455782] ? filename_lookup+0xf8/0x1a0
Jan 17 06:45:21 testserver kernel: [ 5680.455785] do_filp_open+0x99/0x110
Jan 17 06:45:21 testserver kernel: [ 5680.455787] ? __check_object_size+0xb3/0x190
Jan 17 06:45:21 testserver kernel: [ 5680.455790] do_sys_open+0x135/0x280
Jan 17 06:45:21 testserver kernel: [ 5680.455792] ? do_sys_open+0x135/0x280
Jan 17 06:45:21 testserver kernel: [ 5680.455794] SyS_open+0x1e/0x20
Jan 17 06:45:21 testserver kernel: [ 5680.455796] do_syscall_64+0x73/0x130
Jan 17 06:45:21 testserver kernel: [ 5680.455799] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Jan 17 06:45:21 testserver kernel: [ 5680.455800] RIP: 0033:0x7f09f35c44b0
Jan 17 06:45:21 testserver kernel: [ 5680.455801] RSP: 002b:00007ffcaf62bd98 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
Jan 17 06:45:21 testserver kernel: [ 5680.455803] RAX: ffffffffffffffda RBX: 0000000000044000 RCX: 00007f09f35c44b0
Jan 17 06:45:21 testserver kernel: [ 5680.455805] RDX: 00000000000001ff RSI: 0000000000044000 RDI: 000056513f681440
Jan 17 06:45:21 testserver kernel: [ 5680.455806] RBP: 0000000000000000 R08: 000056513f6d48a0 R09: 00007ffcaf62bd00
Jan 17 06:45:21 testserver kernel: [ 5680.455807] R10: 00007f09f356a6a0 R11: 0000000000000246 R12: 0000000000000001
Jan 17 06:45:21 testserver kernel: [ 5680.455808] R13: 000056513f681440 R14: 0000000000000000 R15: 000056513f681218
Jan 17 06:45:21 testserver kernel: [ 5680.472311] lvremove D 0 9963 3981 0x00000000
Jan 17 06:45:21 testserver kernel: [ 5680.472313] Call Trace:
Jan 17 06:45:21 testserver kernel: [ 5680.472317] __schedule+0x3e3/0x880
Jan 17 06:45:21 testserver kernel: [ 5680.472328] ? __switch_to_asm+0x40/0x70
Jan 17 06:45:21 testserver kernel: [ 5680.472332] ? __switch_to_asm+0x34/0x70
Jan 17 06:45:21 testserver kernel: [ 5680.472338] schedule+0x36/0x80
Jan 17 06:45:21 testserver kernel: [ 5680.472340] schedule_preempt_disabled+0xe/0x10
Jan 17 06:45:21 testserver kernel: [ 5680.472343] __mutex_lock.isra.2+0x2b1/0x4e0
Jan 17 06:45:21 testserver kernel: [ 5680.472346] ? kobj_lookup+0x115/0x160
Jan 17 06:45:21 testserver kernel: [ 5680.472349] __mutex_lock_slowpath+0x13/0x20
Jan 17 06:45:21 testserver kernel: [ 5680.472351] ? _cond_resched+0x1a/0x50
Jan 17 06:45:21 testserver kernel: [ 5680.472353] ? __mutex_lock_slowpath+0x13/0x20
Jan 17 06:45:21 testserver kernel: [ 5680.472355] mutex_lock+0x2f/0x40
Jan 17 06:45:21 testserver kernel: [ 5680.472358] __blkdev_get+0x71/0x4d0
Jan 17 06:45:21 testserver kernel: [ 5680.472360] blkdev_get+0x125/0x310
Jan 17 06:45:21 testserver kernel: [ 5680.472363] blkdev_open+0x92/0x100
Jan 17 06:45:21 testserver kernel: [ 5680.472364] do_dentry_open+0x202/0x310
Jan 17 06:45:21 testserver kernel: [ 5680.472366] ? bd_acquire+0xd0/0xd0
Jan 17 06:45:21 testserver kernel: [ 5680.472372] vfs_open+0x4f/0x80
Jan 17 06:45:21 testserver kernel: [ 5680.472379] path_openat+0x617/0x14a0
Jan 17 06:45:21 testserver kernel: [ 5680.472385] ? putname+0x54/0x60
Jan 17 06:45:21 testserver kernel: [ 5680.472392] ? filename_lookup+0xf8/0x1a0
Jan 17 06:45:21 testserver kernel: [ 5680.472399] do_filp_open+0x99/0x110
Jan 17 06:45:21 testserver kernel: [ 5680.472406] ? __check_object_size+0xb3/0x190
Jan 17 06:45:21 testserver kernel: [ 5680.472415] do_sys_open+0x135/0x280
Jan 17 06:45:21 testserver kernel: [ 5680.472417] ? do_sys_open+0x135/0x280
Jan 17 06:45:21 testserver kernel: [ 5680.472419] SyS_open+0x1e/0x20
Jan 17 06:45:21 testserver kernel: [ 5680.472421] do_syscall_64+0x73/0x130
Jan 17 06:45:21 testserver kernel: [ 5680.472423] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Jan 17 06:45:21 testserver kernel: [ 5680.472425] RIP: 0033:0x7f6d01eeb4b0
Jan 17 06:45:21 testserver kernel: [ 5680.472426] RSP: 002b:00007fff72ab50a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
Jan 17 06:45:21 testserver kernel: [ 5680.472428] RAX: ffffffffffffffda RBX: 0000000000044000 RCX: 00007f6d01eeb4b0
Jan 17 06:45:21 testserver kernel: [ 5680.472429] RDX: 00000000000001ff RSI: 0000000000044000 RDI: 000055736d459640
Jan 17 06:45:21 testserver kernel: [ 5680.472430] RBP: 0000000000000000 R08: 000055736d4863e0 R09: 00007fff72ab5000
Jan 17 06:45:21 testserver kernel: [ 5680.472431] R10: 00007f6d01e916a0 R11: 0000000000000246 R12: 0000000000000001
Jan 17 06:45:21 testserver kernel: [ 5680.472432] R13: 000055736d459640 R14: 0000000000000000 R15: 000055736d459418
Jan 17 06:45:21 testserver kernel: [ 5680.488832] vgs D 0 9977 9974 0x00000000
Jan 17 06:45:21 testserver kernel: [ 5680.488834] Call Trace:
Jan 17 06:45:21 testserver kernel: [ 5680.488837] __schedule+0x3e3/0x880
Jan 17 06:45:21 testserver kernel: [ 5680.488840] ? __switch_to_asm+0x40/0x70
Jan 17 06:45:21 testserver kernel: [ 5680.488842] ? __switch_to_asm+0x34/0x70
Jan 17 06:45:21 testserver kernel: [ 5680.488844] schedule+0x36/0x80
Jan 17 06:45:21 testserver kernel: [ 5680.488847] schedule_preempt_disabled+0xe/0x10
Jan 17 06:45:21 testserver kernel: [ 5680.488849] __mutex_lock.isra.2+0x2b1/0x4e0
Jan 17 06:45:21 testserver kernel: [ 5680.488856] ? kobj_lookup+0x115/0x160
Jan 17 06:45:21 testserver kernel: [ 5680.488858] __mutex_lock_slowpath+0x13/0x20
Jan 17 06:45:21 testserver kernel: [ 5680.488861] ? _cond_resched+0x1a/0x50
Jan 17 06:45:21 testserver kernel: [ 5680.488863] ? __mutex_lock_slowpath+0x13/0x20
Jan 17 06:45:21 testserver kernel: [ 5680.488865] mutex_lock+0x2f/0x40
Jan 17 06:45:21 testserver kernel: [ 5680.488867] __blkdev_get+0x71/0x4d0
Jan 17 06:45:21 testserver kernel: [ 5680.488870] blkdev_get+0x125/0x310
Jan 17 06:45:21 testserver kernel: [ 5680.488872] blkdev_open+0x92/0x100
Jan 17 06:45:21 testserver kernel: [ 5680.488874] do_dentry_open+0x202/0x310
Jan 17 06:45:21 testserver kernel: [ 5680.488876] ? bd_acquire+0xd0/0xd0
Jan 17 06:45:21 testserver kernel: [ 5680.488878] vfs_open+0x4f/0x80
Jan 17 06:45:21 testserver kernel: [ 5680.488879] path_openat+0x617/0x14a0
Jan 17 06:45:21 testserver kernel: [ 5680.488881] ? putname+0x54/0x60
Jan 17 06:45:21 testserver kernel: [ 5680.488883] ? filename_lookup+0xf8/0x1a0
Jan 17 06:45:21 testserver kernel: [ 5680.488885] do_filp_open+0x99/0x110
Jan 17 06:45:21 testserver kernel: [ 5680.488888] ? __check_object_size+0xb3/0x190
Jan 17 06:45:21 testserver kernel: [ 5680.488891] do_sys_open+0x135/0x280
Jan 17 06:45:21 testserver kernel: [ 5680.488893] ? do_sys_open+0x135/0x280
Jan 17 06:45:21 testserver kernel: [ 5680.488895] SyS_open+0x1e/0x20
Jan 17 06:45:21 testserver kernel: [ 5680.488897] do_syscall_64+0x73/0x130
Jan 17 06:45:21 testserver kernel: [ 5680.488899] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Jan 17 06:45:21 testserver kernel: [ 5680.488901] RIP: 0033:0x7f98ef2644b0
Jan 17 06:45:21 testserver kernel: [ 5680.488902] RSP: 002b:00007ffc7ee8f7e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
Jan 17 06:45:21 testserver kernel: [ 5680.488904] RAX: ffffffffffffffda RBX: 0000000000044000 RCX: 00007f98ef2644b0
Jan 17 06:45:21 testserver kernel: [ 5680.488905] RDX: 00000000000001ff RSI: 0000000000044000 RDI: 000055e16b9ee440
Jan 17 06:45:21 testserver kernel: [ 5680.488906] RBP: 0000000000000000 R08: 000055e16ba34d20 R09: 00007ffc7ee8f800
Jan 17 06:45:21 testserver kernel: [ 5680.488907] R10: 00007f98ef20a6a0 R11: 0000000000000246 R12: 0000000000000001
Jan 17 06:45:21 testserver kernel: [ 5680.488908] R13: 000055e16b9ee440 R14: 0000000000000000 R15: 000055e16b9ee218
Jan 17 06:47:22 testserver kernel: [ 5801.279621] systemd-udevd D 0 9948 469 0x00000104
Jan 17 06:47:22 testserver kernel: [ 5801.279625] Call Trace:
Jan 17 06:47:22 testserver kernel: [ 5801.279640] __schedule+0x3e3/0x880
Jan 17 06:47:22 testserver kernel: [ 5801.279647] schedule+0x36/0x80
Jan 17 06:47:22 testserver kernel: [ 5801.279650] schedule_preempt_disabled+0xe/0x10
Jan 17 06:47:22 testserver kernel: [ 5801.279654] __mutex_lock.isra.2+0x2b1/0x4e0
Jan 17 06:47:22 testserver kernel: [ 5801.279658] ? kobj_lookup+0x115/0x160
Jan 17 06:47:22 testserver kernel: [ 5801.279661] __mutex_lock_slowpath+0x13/0x20
Jan 17 06:47:22 testserver kernel: [ 5801.279664] ? _cond_resched+0x1a/0x50
Jan 17 06:47:22 testserver kernel: [ 5801.279666] ? __mutex_lock_slowpath+0x13/0x20
Jan 17 06:47:22 testserver kernel: [ 5801.279668] mutex_lock+0x2f/0x40
Jan 17 06:47:22 testserver kernel: [ 5801.279673] __blkdev_get+0x71/0x4d0
Jan 17 06:47:22 testserver kernel: [ 5801.279675] blkdev_get+0x125/0x310
Jan 17 06:47:22 testserver kernel: [ 5801.279678] blkdev_open+0x92/0x100
Jan 17 06:47:22 testserver kernel: [ 5801.279681] do_dentry_open+0x202/0x310
Jan 17 06:47:22 testserver kernel: [ 5801.279682] ? bd_acquire+0xd0/0xd0
Jan 17 06:47:22 testserver kernel: [ 5801.279685] vfs_open+0x4f/0x80
Jan 17 06:47:22 testserver kernel: [ 5801.279687] path_openat+0x617/0x14a0
Jan 17 06:47:22 testserver kernel: [ 5801.279691] ? page_add_file_rmap+0xf7/0x150
Jan 17 06:47:22 testserver kernel: [ 5801.279695] do_filp_open+0x99/0x110
Jan 17 06:47:22 testserver kernel: [ 5801.279698] ? __check_object_size+0xb3/0x190
Jan 17 06:47:22 testserver kernel: [ 5801.279701] ? __alloc_fd+0x46/0x170
Jan 17 06:47:22 testserver kernel: [ 5801.279703] do_sys_open+0x135/0x280
Jan 17 06:47:22 testserver kernel: [ 5801.279705] ? do_sys_open+0x135/0x280
Jan 17 06:47:22 testserver kernel: [ 5801.279708] SyS_open+0x1e/0x20
Jan 17 06:47:22 testserver kernel: [ 5801.279711] do_syscall_64+0x73/0x130
Jan 17 06:47:22 testserver kernel: [ 5801.279716] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Jan 17 06:47:22 testserver kernel: [ 5801.279721] RIP: 0033:0x7f5864f81820
Jan 17 06:47:22 testserver kernel: [ 5801.279723] RSP: 002b:00007ffc4632b0f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
Jan 17 06:47:22 testserver kernel: [ 5801.279725] RAX: ffffffffffffffda RBX: 000056554f2b5cd0 RCX: 00007f5864f81820
Jan 17 06:47:22 testserver kernel: [ 5801.279727] RDX: 000056554f14bda3 RSI: 0000000000080000 RDI: 000056554f29f370
Jan 17 06:47:22 testserver kernel: [ 5801.279728] RBP: 0000000000000001 R08: 000056554f14bda3 R09: 0000000000000110
Jan 17 06:47:22 testserver kernel: [ 5801.279729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
Jan 17 06:47:22 testserver kernel: [ 5801.279730] R13: 0000000000000000 R14: 000056554f29eec0 R15: 00000000ffffffff
Jan 17 06:47:22 testserver kernel: [ 5801.297280] vgs D 0 9952 1777 0x00000000
Jan 17 06:47:22 testserver kernel: [ 5801.297283] Call Trace:
Jan 17 06:47:22 testserver kernel: [ 5801.297286] __schedule+0x3e3/0x880
Jan 17 06:47:22 testserver kernel: [ 5801.297297] ? __switch_to_asm+0x40/0x70
Jan 17 06:47:22 testserver kernel: [ 5801.297303] ? __switch_to_asm+0x34/0x70
Jan 17 06:47:22 testserver kernel: [ 5801.297309] schedule+0x36/0x80
Jan 17 06:47:22 testserver kernel: [ 5801.297312] schedule_preempt_disabled+0xe/0x10
Jan 17 06:47:22 testserver kernel: [ 5801.297314] __mutex_lock.isra.2+0x2b1/0x4e0
Jan 17 06:47:22 testserver kernel: [ 5801.297317] ? kobj_lookup+0x115/0x160
Jan 17 06:47:22 testserver kernel: [ 5801.297320] __mutex_lock_slowpath+0x13/0x20
Jan 17 06:47:22 testserver kernel: [ 5801.297322] ? _cond_resched+0x1a/0x50
Jan 17 06:47:22 testserver kernel: [ 5801.297324] ? __mutex_lock_slowpath+0x13/0x20
Jan 17 06:47:22 testserver kernel: [ 5801.297327] mutex_lock+0x2f/0x40
Jan 17 06:47:22 testserver kernel: [ 5801.297329] __blkdev_get+0x71/0x4d0
Jan 17 06:47:22 testserver kernel: [ 5801.297336] blkdev_get+0x125/0x310
Jan 17 06:47:22 testserver kernel: [ 5801.297338] blkdev_open+0x92/0x100
Jan 17 06:47:22 testserver kernel: [ 5801.297340] do_dentry_open+0x202/0x310
Jan 17 06:47:22 testserver kernel: [ 5801.297342] ? bd_acquire+0xd0/0xd0
Jan 17 06:47:22 testserver kernel: [ 5801.297344] vfs_open+0x4f/0x80
Jan 17 06:47:22 testserver kernel: [ 5801.297348] path_openat+0x617/0x14a0
Jan 17 06:47:22 testserver kernel: [ 5801.297354] ? putname+0x54/0x60
Jan 17 06:47:22 testserver kernel: [ 5801.297361] ? filename_lookup+0xf8/0x1a0
Jan 17 06:47:22 testserver kernel: [ 5801.297368] do_filp_open+0x99/0x110
Jan 17 06:47:22 testserver kernel: [ 5801.297375] ? __check_object_size+0xb3/0x190
Jan 17 06:47:22 testserver kernel: [ 5801.297385] do_sys_open+0x135/0x280
Jan 17 06:47:22 testserver kernel: [ 5801.297392] ? do_sys_open+0x135/0x280
Jan 17 06:47:22 testserver kernel: [ 5801.297399] SyS_open+0x1e/0x20
Jan 17 06:47:22 testserver kernel: [ 5801.297404] do_syscall_64+0x73/0x130
Jan 17 06:47:22 testserver kernel: [ 5801.297406] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Jan 17 06:47:22 testserver kernel: [ 5801.297407] RIP: 0033:0x7f09f35c44b0
Jan 17 06:47:22 testserver kernel: [ 5801.297409] RSP: 002b:00007ffcaf62bd98 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
Jan 17 06:47:22 testserver kernel: [ 5801.297411] RAX: ffffffffffffffda RBX: 0000000000044000 RCX: 00007f09f35c44b0
Jan 17 06:47:22 testserver kernel: [ 5801.297412] RDX: 00000000000001ff RSI: 0000000000044000 RDI: 000056513f681440
Jan 17 06:47:22 testserver kernel: [ 5801.297413] RBP: 0000000000000000 R08: 000056513f6d48a0 R09: 00007ffcaf62bd00
Jan 17 06:47:22 testserver kernel: [ 5801.297414] R10: 00007f09f356a6a0 R11: 0000000000000246 R12: 0000000000000001
Jan 17 06:47:22 testserver kernel: [ 5801.297416] R13: 000056513f681440 R14: 0000000000000000 R15: 000056513f681218
Jan 17 06:47:22 testserver kernel: [ 5801.315415] lvremove D 0 9963 3981 0x00000000
Jan 17 06:47:22 testserver kernel: [ 5801.315417] Call Trace:
Jan 17 06:47:22 testserver kernel: [ 5801.315426] __schedule+0x3e3/0x880
Jan 17 06:47:22 testserver kernel: [ 5801.315431] ? __switch_to_asm+0x40/0x70
Jan 17 06:47:22 testserver kernel: [ 5801.315433] ? __switch_to_asm+0x34/0x70
Jan 17 06:47:22 testserver kernel: [ 5801.315438] schedule+0x36/0x80
Jan 17 06:47:22 testserver kernel: [ 5801.315441] schedule_preempt_disabled+0xe/0x10
Jan 17 06:47:22 testserver kernel: [ 5801.315443] __mutex_lock.isra.2+0x2b1/0x4e0
Jan 17 06:47:22 testserver kernel: [ 5801.315446] ? kobj_lookup+0x115/0x160
Jan 17 06:47:22 testserver kernel: [ 5801.315448] __mutex_lock_slowpath+0x13/0x20
Jan 17 06:47:22 testserver kernel: [ 5801.315451] ? _cond_resched+0x1a/0x50
Jan 17 06:47:22 testserver kernel: [ 5801.315453] ? __mutex_lock_slowpath+0x13/0x20
Jan 17 06:47:22 testserver kernel: [ 5801.315455] mutex_lock+0x2f/0x40
Jan 17 06:47:22 testserver kernel: [ 5801.315458] __blkdev_get+0x71/0x4d0
Jan 17 06:47:22 testserver kernel: [ 5801.315460] blkdev_get+0x125/0x310
Jan 17 06:47:22 testserver kernel: [ 5801.315462] blkdev_open+0x92/0x100
Jan 17 06:47:22 testserver kernel: [ 5801.315464] do_dentry_open+0x202/0x310
Jan 17 06:47:22 testserver kernel: [ 5801.315466] ? bd_acquire+0xd0/0xd0
Jan 17 06:47:22 testserver kernel: [ 5801.315468] vfs_open+0x4f/0x80
Jan 17 06:47:22 testserver kernel: [ 5801.315475] path_openat+0x617/0x14a0
Jan 17 06:47:22 testserver kernel: [ 5801.315481] ? putname+0x54/0x60
Jan 17 06:47:22 testserver kernel: [ 5801.315486] ? filename_lookup+0xf8/0x1a0
Jan 17 06:47:22 testserver kernel: [ 5801.315493] do_filp_open+0x99/0x110
Jan 17 06:47:22 testserver kernel: [ 5801.315499] ? __check_object_size+0xb3/0x190
Jan 17 06:47:22 testserver kernel: [ 5801.315510] do_sys_open+0x135/0x280
Jan 17 06:47:22 testserver kernel: [ 5801.315518] ? do_sys_open+0x135/0x280
Jan 17 06:47:22 testserver kernel: [ 5801.315525] SyS_open+0x1e/0x20
Jan 17 06:47:22 testserver kernel: [ 5801.315527] do_syscall_64+0x73/0x130
Jan 17 06:47:22 testserver kernel: [ 5801.315529] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Jan 17 06:47:22 testserver kernel: [ 5801.315530] RIP: 0033:0x7f6d01eeb4b0
Jan 17 06:47:22 testserver kernel: [ 5801.315531] RSP: 002b:00007fff72ab50a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
Jan 17 06:47:22 testserver kernel: [ 5801.315533] RAX: ffffffffffffffda RBX: 0000000000044000 RCX: 00007f6d01eeb4b0
Jan 17 06:47:22 testserver kernel: [ 5801.315534] RDX: 00000000000001ff RSI: 0000000000044000 RDI: 000055736d459640
Jan 17 06:47:22 testserver kernel: [ 5801.315535] RBP: 0000000000000000 R08: 000055736d4863e0 R09: 00007fff72ab5000
Jan 17 06:47:22 testserver kernel: [ 5801.315536] R10: 00007f6d01e916a0 R11: 0000000000000246 R12: 0000000000000001
Jan 17 06:47:22 testserver kernel: [ 5801.315538] R13: 000055736d459640 R14: 0000000000000000 R15: 000055736d459418
Jan 17 06:47:22 testserver kernel: [ 5801.333864] vgs D 0 9977 9974 0x00000000
Jan 17 06:47:22 testserver kernel: [ 5801.333866] Call Trace:
Jan 17 06:47:22 testserver kernel: [ 5801.333870] __schedule+0x3e3/0x880
Jan 17 06:47:22 testserver kernel: [ 5801.333880] ? __switch_to_asm+0x40/0x70
Jan 17 06:47:22 testserver kernel: [ 5801.333885] ? __switch_to_asm+0x34/0x70
Jan 17 06:47:22 testserver kernel: [ 5801.333887] schedule+0x36/0x80
Jan 17 06:47:22 testserver kernel: [ 5801.333893] schedule_preempt_disabled+0xe/0x10
Jan 17 06:47:22 testserver kernel: [ 5801.333895] __mutex_lock.isra.2+0x2b1/0x4e0
Jan 17 06:47:22 testserver kernel: [ 5801.333898] ? kobj_lookup+0x115/0x160
Jan 17 06:47:22 testserver kernel: [ 5801.333901] __mutex_lock_slowpath+0x13/0x20
Jan 17 06:47:22 testserver kernel: [ 5801.333903] ? _cond_resched+0x1a/0x50
Jan 17 06:47:22 testserver kernel: [ 5801.333905] ? __mutex_lock_slowpath+0x13/0x20
Jan 17 06:47:22 testserver kernel: [ 5801.333908] mutex_lock+0x2f/0x40
Jan 17 06:47:22 testserver kernel: [ 5801.333910] __blkdev_get+0x71/0x4d0
Jan 17 06:47:22 testserver kernel: [ 5801.333912] blkdev_get+0x125/0x310
Jan 17 06:47:22 testserver kernel: [ 5801.333914] blkdev_open+0x92/0x100
Jan 17 06:47:22 testserver kernel: [ 5801.333916] do_dentry_open+0x202/0x310
Jan 17 06:47:22 testserver kernel: [ 5801.333918] ? bd_acquire+0xd0/0xd0
Jan 17 06:47:22 testserver kernel: [ 5801.333920] vfs_open+0x4f/0x80
Jan 17 06:47:22 testserver kernel: [ 5801.333922] path_openat+0x617/0x14a0
Jan 17 06:47:22 testserver kernel: [ 5801.333929] ? putname+0x54/0x60
Jan 17 06:47:22 testserver kernel: [ 5801.333936] ? filename_lookup+0xf8/0x1a0
Jan 17 06:47:22 testserver kernel: [ 5801.333943] do_filp_open+0x99/0x110
Jan 17 06:47:22 testserver kernel: [ 5801.333950] ? __check_object_size+0xb3/0x190
Jan 17 06:47:22 testserver kernel: [ 5801.333959] do_sys_open+0x135/0x280
Jan 17 06:47:22 testserver kernel: [ 5801.333968] ? do_sys_open+0x135/0x280
Jan 17 06:47:22 testserver kernel: [ 5801.333975] SyS_open+0x1e/0x20
Jan 17 06:47:22 testserver kernel: [ 5801.333977] do_syscall_64+0x73/0x130
Jan 17 06:47:22 testserver kernel: [ 5801.333979] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Jan 17 06:47:22 testserver kernel: [ 5801.333980] RIP: 0033:0x7f98ef2644b0
Jan 17 06:47:22 testserver kernel: [ 5801.333981] RSP: 002b:00007ffc7ee8f7e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
Jan 17 06:47:22 testserver kernel: [ 5801.333983] RAX: ffffffffffffffda RBX: 0000000000044000 RCX: 00007f98ef2644b0
Jan 17 06:47:22 testserver kernel: [ 5801.333984] RDX: 00000000000001ff RSI: 0000000000044000 RDI: 000055e16b9ee440
Jan 17 06:47:22 testserver kernel: [ 5801.333985] RBP: 0000000000000000 R08: 000055e16ba34d20 R09: 00007ffc7ee8f800
Jan 17 06:47:22 testserver kernel: [ 5801.333986] R10: 00007f98ef20a6a0 R11: 0000000000000246 R12: 0000000000000001
Jan 17 06:47:22 testserver kernel: [ 5801.333988] R13: 000055e16b9ee440 R14: 0000000000000000 R15: 000055e16b9ee218
Jan 17 06:47:22 testserver kernel: [ 5801.352691] vgs D 0 10058 1 0x00000004
Jan 17 06:47:22 testserver kernel: [ 5801.352693] Call Trace:
Jan 17 06:47:22 testserver kernel: [ 5801.352704] __schedule+0x3e3/0x880
Jan 17 06:47:22 testserver kernel: [ 5801.352706] ? __switch_to_asm+0x40/0x70
Jan 17 06:47:22 testserver kernel: [ 5801.352707] ? __switch_to_asm+0x34/0x70
Jan 17 06:47:22 testserver kernel: [ 5801.352710] schedule+0x36/0x80
Jan 17 06:47:22 testserver kernel: [ 5801.352715] schedule_preempt_disabled+0xe/0x10
Jan 17 06:47:22 testserver kernel: [ 5801.352718] __mutex_lock.isra.2+0x2b1/0x4e0
Jan 17 06:47:22 testserver kernel: [ 5801.352720] ? kobj_lookup+0x115/0x160
Jan 17 06:47:22 testserver kernel: [ 5801.352723] __mutex_lock_slowpath+0x13/0x20
Jan 17 06:47:22 testserver kernel: [ 5801.352725] ? _cond_resched+0x1a/0x50
Jan 17 06:47:22 testserver kernel: [ 5801.352727] ? __mutex_lock_slowpath+0x13/0x20
Jan 17 06:47:22 testserver kernel: [ 5801.352730] mutex_lock+0x2f/0x40
Jan 17 06:47:22 testserver kernel: [ 5801.352738] __blkdev_get+0x71/0x4d0
Jan 17 06:47:22 testserver kernel: [ 5801.352744] blkdev_get+0x125/0x310
Jan 17 06:47:22 testserver kernel: [ 5801.352751] blkdev_open+0x92/0x100
Jan 17 06:47:22 testserver kernel: [ 5801.352756] do_dentry_open+0x202/0x310
Jan 17 06:47:22 testserver kernel: [ 5801.352762] ? bd_acquire+0xd0/0xd0
Jan 17 06:47:22 testserver kernel: [ 5801.352769] vfs_open+0x4f/0x80
Jan 17 06:47:22 testserver kernel: [ 5801.352774] path_openat+0x617/0x14a0
Jan 17 06:47:22 testserver kernel: [ 5801.352775] ? putname+0x54/0x60
Jan 17 06:47:22 testserver kernel: [ 5801.352777] ? filename_lookup+0xf8/0x1a0
Jan 17 06:47:22 testserver kernel: [ 5801.352780] do_filp_open+0x99/0x110
Jan 17 06:47:22 testserver kernel: [ 5801.352783] ? __check_object_size+0xb3/0x190
Jan 17 06:47:22 testserver kernel: [ 5801.352785] do_sys_open+0x135/0x280
Jan 17 06:47:22 testserver kernel: [ 5801.352788] ? do_sys_open+0x135/0x280
Jan 17 06:47:22 testserver kernel: [ 5801.352792] SyS_open+0x1e/0x20
Jan 17 06:47:22 testserver kernel: [ 5801.352794] do_syscall_64+0x73/0x130
Jan 17 06:47:22 testserver kernel: [ 5801.352796] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Jan 17 06:47:22 testserver kernel: [ 5801.352798] RIP: 0033:0x7f73752144b0
Jan 17 06:47:22 testserver kernel: [ 5801.352799] RSP: 002b:00007ffe643df188 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
Jan 17 06:47:22 testserver kernel: [ 5801.352801] RAX: ffffffffffffffda RBX: 0000000000044000 RCX: 00007f73752144b0
Jan 17 06:47:22 testserver kernel: [ 5801.352802] RDX: 00000000000001ff RSI: 0000000000044000 RDI: 00005592cd22f440
Jan 17 06:47:22 testserver kernel: [ 5801.352803] RBP: 0000000000000000 R08: 00005592cd27af20 R09: 00007ffe643df100
Jan 17 06:47:22 testserver kernel: [ 5801.352804] R10: 00007f73751ba6a0 R11: 0000000000000246 R12: 0000000000000001
Jan 17 06:47:22 testserver kernel: [ 5801.352805] R13: 00005592cd22f440 R14: 0000000000000000 R15: 00005592cd22f218
Jan 17 06:48:27 testserver pvedaemon[7787]: <root@pam> starting task UPID:testserver:0000285C:0008F35F:5C3FB4BB:qmstart:102:root@pam:
Jan 17 06:48:56 testserver pvedaemon[7128]: <root@pam> successful auth for user 'root@pam'
Jan 17 06:49:23 testserver kernel: [ 5922.120683] systemd-udevd D 0 9948 469 0x00000104
Jan 17 06:49:23 testserver kernel: [ 5922.120690] Call Trace:
Jan 17 06:49:23 testserver kernel: [ 5922.120709] __schedule+0x3e3/0x880
Jan 17 06:49:23 testserver kernel: [ 5922.120716] schedule+0x36/0x80
Jan 17 06:49:23 testserver kernel: [ 5922.120725] schedule_preempt_disabled+0xe/0x10
Jan 17 06:49:23 testserver kernel: [ 5922.120728] __mutex_lock.isra.2+0x2b1/0x4e0
Jan 17 06:49:23 testserver kernel: [ 5922.120733] ? kobj_lookup+0x115/0x160
Jan 17 06:49:23 testserver kernel: [ 5922.120741] __mutex_lock_slowpath+0x13/0x20
Jan 17 06:49:23 testserver kernel: [ 5922.120748] ? _cond_resched+0x1a/0x50
Jan 17 06:49:23 testserver kernel: [ 5922.120753] ? __mutex_lock_slowpath+0x13/0x20
Jan 17 06:49:23 testserver kernel: [ 5922.120755] mutex_lock+0x2f/0x40
Jan 17 06:49:23 testserver kernel: [ 5922.120761] __blkdev_get+0x71/0x4d0
Jan 17 06:49:23 testserver kernel: [ 5922.120763] blkdev_get+0x125/0x310
Jan 17 06:49:23 testserver kernel: [ 5922.120765] blkdev_open+0x92/0x100
Jan 17 06:49:23 testserver kernel: [ 5922.120769] do_dentry_open+0x202/0x310
Jan 17 06:49:23 testserver kernel: [ 5922.120770] ? bd_acquire+0xd0/0xd0
Jan 17 06:49:23 testserver kernel: [ 5922.120772] vfs_open+0x4f/0x80
Jan 17 06:49:23 testserver kernel: [ 5922.120775] path_openat+0x617/0x14a0
Jan 17 06:49:23 testserver kernel: [ 5922.120779] ? page_add_file_rmap+0xf7/0x150
Jan 17 06:49:23 testserver kernel: [ 5922.120788] do_filp_open+0x99/0x110
Jan 17 06:49:23 testserver kernel: [ 5922.120795] ? __check_object_size+0xb3/0x190
Jan 17 06:49:23 testserver kernel: [ 5922.120802] ? __alloc_fd+0x46/0x170
Jan 17 06:49:23 testserver kernel: [ 5922.120810] do_sys_open+0x135/0x280
Jan 17 06:49:23 testserver kernel: [ 5922.120818] ? do_sys_open+0x135/0x280
Jan 17 06:49:23 testserver kernel: [ 5922.120821] SyS_open+0x1e/0x20
Jan 17 06:49:23 testserver kernel: [ 5922.120825] do_syscall_64+0x73/0x130
Jan 17 06:49:23 testserver kernel: [ 5922.120829] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Jan 17 06:49:23 testserver kernel: [ 5922.120832] RIP: 0033:0x7f5864f81820
Jan 17 06:49:23 testserver kernel: [ 5922.120834] RSP: 002b:00007ffc4632b0f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
Jan 17 06:49:23 testserver kernel: [ 5922.120837] RAX: ffffffffffffffda RBX: 000056554f2b5cd0 RCX: 00007f5864f81820
Jan 17 06:49:23 testserver kernel: [ 5922.120838] RDX: 000056554f14bda3 RSI: 0000000000080000 RDI: 000056554f29f370
Jan 17 06:49:23 testserver kernel: [ 5922.120839] RBP: 0000000000000001 R08: 000056554f14bda3 R09: 0000000000000110
Jan 17 06:49:23 testserver kernel: [ 5922.120840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
Jan 17 06:49:23 testserver kernel: [ 5922.120841] R13: 0000000000000000 R14: 000056554f29eec0 R15: 00000000ffffffff
Proxmox trying to acquire lock... TASK ERROR: can't lock file '/var/lock/qemu-server/lock-102.conf' - got timeout
If Proxmox won't start aVM with an error like this:
trying to acquire lock...
TASK ERROR: can't lock file '/var/lock/qemu-server/lock-102.conf' - got timeout
rm /var/lock/qemu-server/lock-102.conf
Then try to restart the VM and it should be good.
Debian 9 SSH root password authentication failure password not working problem / solution
In Debian a lot of times SSH disables the root user to login by password by default. This means you will get an authentication failure as if you typed in the wrong password.
The logs also indicate the password is wrong but what is often the case is in the config file
Check /etc/ssh/sshd_config
cat /etc/ssh/sshd_config|grep -i permitrootlogin
Make sure it says:
PermitRootLogin yes
If not change it and restart SSH and it will work again.
QEMU / KVM How To Manually Create Basic Virtual Machine VM
1.) Create Image using qemu-img
qemu-img create -f qcow2 skype.img 40G
2.) Start VM using flags
-m = memory in MB
-drive file=yourimagefile.img
-cdrom /path/to/the.iso
qemu-system-x86_64 -m 4096 -drive file=skype.img -cdrom ~/Downloads/SfB-E-9319.0-enUS.ISO
Linux wlan0 check all wireless clients
iw dev wlan0 station dump
This is very useful because it is helpful if you are running something like hostapd and need to see the signal strength and negotiated connection speed.
Station ff:ff:ff:ff:ff:ff (on wlan0)
inactive time: 16309 ms
rx bytes: 25451
rx packets: 325
tx bytes: 44381
tx packets: 159
tx retries: 0
tx failed: 0
signal: -72 [-72] dBm
signal avg: -72 [-72] dBm
tx bitrate: 150.0 MBit/s MCS 7 40MHz short GI
rx bitrate: 1.0 MBit/s
authorized: yes
authenticated: yes
preamble: long
WMM/WME: yes
MFP: no
TDLS peer: no
Station ff:ff:ff:ff:ff:ff (on wlan0)
inactive time: 12223 ms
rx bytes: 1206073
rx packets: 8835
tx bytes: 18597457
tx packets: 14004
tx retries: 0
tx failed: 0
signal: -69 [-69] dBm
signal avg: -62 [-62] dBm
tx bitrate: 150.0 MBit/s MCS 7 40MHz short GI
rx bitrate: 6.0 MBit/s
authorized: yes
authenticated: yes
preamble: long
WMM/WME: yes
MFP: no
TDLS peer: no
Station ff:ff:ff:ff:ff:ff (on wlan0)
inactive time: 406 ms
rx bytes: 297303650
rx packets: 213207
tx bytes: 72276773
tx packets: 150172
tx retries: 0
tx failed: 0
signal: -79 [-79] dBm
signal avg: -78 [-78] dBm
tx bitrate: 15.0 MBit/s MCS 0 40MHz short GI
rx bitrate: 45.0 MBit/s MCS 2 40MHz short GI
authorized: yes
authenticated: yes
preamble: short
WMM/WME: yes
MFP: no
TDLS peer: no
PHP Issues With Decoding Strange Smart Quotes And Non-Standard ASCII Characters
When using strip_tags and html_entity_decode with PHP it often breaks and produces annoying diamonds with question marks.
It is probably because of characters like these:
… (looks like 3 dots but it is a single weird character).
’ (looks like a normal apostraphe but it is not)
” (looks like a normal double quote but it is not).
An easy way to sort this out is to copy the above and search in an ASCII table to extend the functionality below.
Basically the first array has a list of "all the bad stuff" and the second array is what to replace it with.
<?
function CleanupSmartQuotes($text)
{
$badwordchars=array(
chr(145), // weird apostraphe
chr(146), // weird apostraphe
chr(147), // weird quote
chr(148), // weird quote
chr(151), // weird dash
chr(133), // three dots
' ',
);
$fixedwordchars=array(
"'",
"'",
'"',
'"',
'—',
'...',
'',
);
return str_replace($badwordchars,$fixedwordchars,$text);
}
?>
/etc/iproute2/rt_tables default settings file in Linux Centos 6,7 and most other NIX's
This should apply to most Linux distributions just incase you get into trouble or wipe out the defaults by accident.
/etc/iproute2/rt_tables
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep
bind named error solutions named[2169]: error (no valid DS) resolving / error (broken trust chain) resolving / : error (no valid RRSIG) resolving 'com/DS/IN':
Below are the common errors you'll get with named AKA bind if your time is incorrect.
The simplest solution is to install and run ntpd to correct your system's time (install ntpd if it is not installed)
systemctl start ntpd
systemctl enable ntpd
Dec 20 13:36:16 hostingbox named[2169]: error (no valid DS) resolving 'develop.waxrain.com/A/IN': 14.215.150.17#53
Dec 20 13:36:16 hostingbox named[2169]: error (no valid DS) resolving 'loc.map.baidu.com/A/IN': 202.108.22.220#53
Dec 20 13:36:16 hostingbox named[2169]: validating @0x7fc6f802ad00: org DS: verify failed due to bad signature (keyid=2134): RRSIG validity period has not begun
Dec 20 13:36:16 hostingbox named[2169]: validating @0x7fc6f802ad00: org DS: no valid signature found
Dec 20 13:36:16 hostingbox named[2169]: error (no valid RRSIG) resolving 'org/DS/IN': 192.33.4.12#53
Dec 20 13:36:16 hostingbox named[2169]: validating @0x7fc6fc4ba1e0: com DS: verify failed due to bad signature (keyid=2134): RRSIG validity period has not begun
Dec 20 13:36:16 hostingbox named[2169]: validating @0x7fc6fc4ba1e0: com DS: no valid signature found
Dec 20 13:36:16 hostingbox named[2169]: error (no valid RRSIG) resolving 'com/DS/IN': 199.7.91.13#53
Dec 20 13:36:16 hostingbox named[2169]: validating @0x7fc6f4013c50: org DS: verify failed due to bad signature (keyid=2134): RRSIG validity period has not begun
Dec 20 13:36:16 hostingbox named[2169]: validating @0x7fc6f4013c50: org DS: no valid signature found
Dec 20 13:36:16 hostingbox named[2169]: error (no valid RRSIG) resolving 'org/DS/IN': 192.228.79.201#53
Dec 20 13:36:16 hostingbox named[2169]: validating @0x7fc6fc4bb1f0: com DS: verify failed due to bad signature (keyid=2134): RRSIG validity period has not begun
Dec 20 13:36:16 hostingbox named[2169]: validating @0x7fc6fc4bb1f0: com DS: no valid signature found
Dec 20 13:36:16 hostingbox named[2169]: error (no valid RRSIG) resolving 'com/DS/IN': 192.5.5.241#53
Dec 20 13:37:30 hostingbox named[2229]: validating @0x7fb260010c30: detectportal.firefox.com A: bad cache hit (com/DS)
Dec 20 13:37:30 hostingbox named[2229]: error (broken trust chain) resolving 'detectportal.firefox.com/A/IN': 96.7.49.66#53
Dec 20 13:37:30 hostingbox named[2229]: validating @0x7fb26848b0a0: detectportal.firefox.com A: bad cache hit (com/DS)
Dec 20 13:37:30 hostingbox named[2229]: error (broken trust chain) resolving 'detectportal.firefox.com/A/IN': 96.7.49.66#53
Dec 20 13:37:30 hostingbox named[2229]: validating @0x7fb2580068f0: detectportal.firefox.com A: bad cache hit (com/DS)
Dec 20 13:37:30 hostingbox named[2229]: error (broken trust chain) resolving 'detectportal.firefox.com/A/IN': 96.7.49.66#53
Dec 20 13:37:30 hostingbox named[2229]: validating @0x7fb2640028d0: detectportal.firefox.com A: bad cache hit (com/DS)
Dec 20 13:37:30 hostingbox named[2229]: error (broken trust chain) resolving 'detectportal.firefox.com/A/IN': 96.7.49.66#53
Dec 20 13:37:30 hostingbox named[2229]: validating @0x7fb260010c30: detectportal.firefox.com A: bad cache hit (com/DS)
Dec 20 13:37:30 hostingbox named[2229]: error (broken trust chain) resolving 'detectportal.firefox.com/A/IN': 96.7.49.66#53
iptables how to log ALL dropped incoming packets
A lot of people just have a -j DROP to drop all unwanted traffic or traffic not explicitly allowed but there is a better solution if you want real and proper logging:
Take an example iptables rules file
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth1 -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth1 -j ACCEPT
-N LOGGING
-A INPUT -j LOGGING
-A LOGGING -j LOG --log-prefix "ipt denied: " --log-level 4
-A LOGGING -j DROP
Add the above in bold below your last allowed incoming traffic rule and all dropped packets can be seen in dmesg or /var/log/messages
- We create a new chain called "LOGGING"
-N LOGGING - We are then passing all of our packets to that chain.
-A INPUT -j LOGGING - Log all packets that are about to dropped with prefix "ipt denied:" (of course change it how you like)
-A LOGGING -j LOG --log-prefix "ipt denied: " --log-level 4 - Drop all packets in the LOGGING Chain
-A LOGGING -j DROP
So in essence we change the -j DROP to the 4 lines in bold so that we have logging.
Checking dmesg or /var/log/messages should show similar to the following:
ipt denied: IN=eth0 OUT= MAC= SRC=194.113.106.121 DST=192.198.5.8 LEN=40 TOS=0x08 PREC=0x20 TTL=246 ID=45694 PROTO=TCP SPT=43848 DPT=54270 WINDOW=1024 RES=0x00 SYN URGP=0
ipt denied: IN=eth0 OUT= MAC= SRC=10.10.10.10 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 PROTO=2
ipt denied: IN=eth0 OUT= MAC= SRC=45.227.254.18 DST=192.198.5.8 LEN=40 TOS=0x08 PREC=0x20 TTL=245 ID=4350 PROTO=TCP SPT=56638 DPT=30450 WINDOW=1024 RES=0x00 SYN URGP=0
ipt denied: IN=eth0 OUT= MAC= SRC=176.119.7.50 DST=192.198.5.8 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=52004 PROTO=TCP SPT=54661 DPT=9153 WINDOW=1024 RES=0x00 SYN URGP=0
ipt denied: IN=eth0 OUT= MAC= SRC=109.248.9.116 DST=192.198.5.8 LEN=40 TOS=0x08 PREC=0x20 TTL=243 ID=49390 PROTO=TCP SPT=42898 DPT=37318 WINDOW=1024 RES=0x00 SYN URGP=0
ipt denied: IN=eth0 OUT= MAC= SRC=77.72.85.26 DST=192.198.5.8 LEN=40 TOS=0x08 PREC=0x20 TTL=243 ID=40508 PROTO=TCP SPT=49454 DPT=3978 WINDOW=1024 RES=0x00 SYN URGP=0
ipt denied: IN=eth0 OUT= MAC= SRC=115.74.194.77 DST=192.198.5.8 LEN=44 TOS=0x00 PREC=0x00 TTL=53 ID=10246 PROTO=TCP SPT=13207 DPT=23 WINDOW=24567 RES=0x00 SYN URGP=0
ipt denied: IN=eth0 OUT= MAC= SRC=10.10.10.10 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 PROTO=2
ipt denied: IN=eth0 OUT= MAC= SRC=176.119.7.10 DST=192.198.5.8 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=36884 PROTO=TCP SPT=51349 DPT=3992 WINDOW=1024 RES=0x00 SYN URGP=0
ipt denied: IN=eth0 OUT= MAC= SRC=87.27.61.197 DST=192.198.5.8 LEN=44 TOS=0x00 PREC=0x00 TTL=243 ID=44567 DF PROTO=TCP SPT=48364 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0
ipt denied: IN=eth0 OUT= MAC= SRC=185.255.31.38 DST=192.198.5.8 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=11928 PROTO=TCP SPT=8080 DPT=1013 WINDOW=1024 RES=0x00 SYN URGP=0
ipt denied: IN=eth0 OUT= MAC= SRC=185.255.31.38 DST=192.198.5.8 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=61268 PROTO=TCP SPT=8080 DPT=3303 WINDOW=1024 RES=0x00 SYN URGP=0
ipt denied: IN=eth0 OUT= MAC= SRC=185.255.31.18 DST=192.198.5.8 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=17889 PROTO=TCP SPT=42264 DPT=7129 WINDOW=1024 RES=0x00 SYN URGP=0
ipt denied: IN=eth0 OUT= MAC= SRC=194.113.106.121 DST=192.198.5.8 LEN=40 TOS=0x08 PREC=0x20 TTL=247 ID=64437 PROTO=TCP SPT=43848 DPT=58247 WINDOW=1024 RES=0x00 SYN URGP=0
ipt denied: IN=eth0 OUT= MAC= SRC=10.10.10.10 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 PROTO=2
ipt denied: IN=eth0 OUT= MAC= SRC=220.133.67.9 DST=192.198.5.8 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=64397 DF PROTO=TCP SPT=27852 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0
ipt denied: IN=eth0 OUT= MAC= SRC=101.255.58.22 DST=192.198.5.8 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=4583 DF PROTO=TCP SPT=53537 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0
How can I log the messages to a separate file eg. /var/log/iptables.log or /var/log/iptables-dropped.log?
The file name below can be arbitrary but it should have meaning to you.
Note that I am searching for the string "ipt denied: " this depends on what you have set as your log prefix in the example above.
vi /etc/rsyslog.d/10-iptables.conf
:msg, contains, "ipt denied: " -/var/log/iptables.log
& ~
#note we need the "& ~" below the first line otherwise it will still send the log to where ever it would have been (eg. often /var/log/messages).
#the & ~ means to delete
service rsyslog restart
You should now notice that /var/log/messages has nothing for iptables and that you have /var/log/iptables.log
How To Edit Linux Based NM Network Manager Connection Settings Without GUI
Just find the relevant file in /etc/NetworkManager/system-connections
sudo vi /etc/NetworkManager/system-connections/Wired connection 1
[802-3-ethernet]
duplex=full
mac-address=00:00:00:FE:FE:FE
[connection]
id=Wired connection 1
type=802-3-ethernet
timestamp=1532403341
[ipv6]
method=ignore
[ipv4]
method=manual
dns=192.168.1.1;
address1=192.168.1.89/24,192.168.1.1
Linux Disable IPV6 Centos / Debian / Mint Howto
Set this in /etc/sysctl.conf
net.ipv6.conf.all.disable_ipv6 = 1
#apply the settings
sudo sysctl -p
Linux use growisofs to burn a larger file on a BD-R / Bluray Disc
growisofs -Z /dev/sr0 critical.tar.gz.gpg
Executing 'genisoimage critical.tar.gz.gpg | builtin_dd of=/dev/sr0 obs=32k seek=0'
I: -input-charset not specified, using utf-8 (detected in locale settings)
File critical.tar.gz.gpg is larger than 4GiB-1.
-allow-limited-size was not specified. There is no way do represent this file size. Aborting.
:-( write failed: Input/output error
#remember to use -allow-limited-size
growisofs -allow-limited-size -Z /dev/sr0 critical.tar.gz.gpg
finish Sat Dec 15 16:23:34 2018
99.79% done, estimate finish Sat Dec 15 16:23:34 2018
99.85% done, estimate finish Sat Dec 15 16:23:34 2018
99.91% done, estimate finish Sat Dec 15 16:23:34 2018
99.97% done, estimate finish Sat Dec 15 16:23:34 2018
Total translation table size: 0
Total rockridge attributes bytes: 0
Total directory bytes: 0
Path table size(bytes): 10
Max brk space used 0
8087219 extents written (15795 MB)
builtin_dd: 8087232*2KB out @ average 2.6x4390KBps
/dev/sr0: flushing cache
/dev/sr0: closing track
/dev/sr0: closing session
:-[ CLOSE SESSION failed with SK=5h/INVALID FIELD IN CDB]: Input/output error
/dev/sr0: reloading tray
Linux partprobe/partx cannot access last and 4th partition
On a test machine I was never able to access to a newly created 4th partiton. As we can see there are dev devices for everything but the 4th partition.
The normal "partprobe" or "kpartx" or kernel being told to rescan the block device didn't help (only a reboot did).
fdisk -l /dev/sda
Disk /dev/sda: 750.2 GB, 750156374016 bytes
255 heads, 63 sectors/track, 91201 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
Device Boot Start End Blocks Id System
/dev/sda1 1 123 987966 83 Linux
/dev/sda2 124 3771 29302560 83 Linux
/dev/sda3 3772 11067 58605120 83 Linux
/dev/sda4 11068 91201 643676355 83 Linux
#but where is sda4 why can't I see it but the other partitions are available in /dev
ls /dev/sda*
/dev/sda /dev/sda1 /dev/sda2 /dev/sda3
partprobe
Warning: WARNING: the kernel failed to re-read the partition table on /dev/sda (Device or resource busy). As a result, it may not reflect all of your changes until after reboot.
Warning: WARNING: the kernel failed to re-read the partition table on /dev/sdb (Device or resource busy). As a result, it may not reflect all of your changes until after reboot.
Warning: WARNING: the kernel failed to re-read the partition table on /dev/sdc (Device or resource busy). As a result, it may not reflect all of your changes until after reboot.
Warning: /dev/sdd contains GPT signatures, indicating that it has a GPT table. However, it does not have a valid fake msdos partition table, as it should. Perhaps it was corrupted -- possibly by a program that doesn't understand GPT partition tables. Or perhaps you deleted the GPT table, and are now using an msdos partition table. Is this a GPT partition table?
Warning: WARNING: the kernel failed to re-read the partition table on /dev/sdd (Device or resource busy). As a result, it may not reflect all of your changes until after reboot.
partx didn't help
partx -a /dev/sda
BLKPG: Device or resource busy
error adding partition 1
BLKPG: Device or resource busy
error adding partition 2
BLKPG: Device or resource busy
error adding partition 3
BLKPG: Device or resource busy
error adding partition 4
OK let's manually tell the kernel to rescan the relevant block device.
echo 1 > /sys/block/sda/device/rescan
DRBD Errors Caused By Physical Corruption
In a RAID array I had a have periodically lost a drive here and there over the past several months. I was always able to readd and resync without losing data. However at some point it looks like some minor corruption happened and this makes DRBD unhappy.
Using fsck did not help either.
Dec 19 06:01:45 storageboxtest4 kernel: [19005.945890] EXT3-fs error (device drbd0): ext3_get_inode_loc: unable to read inode block - inode=22184379, block=88735771
Dec 19 06:01:45 storageboxtest4 kernel: [19005.946084] EXT3-fs error (device drbd0): ext3_get_inode_loc: unable to read inode block - inode=22184380, block=88735771
Dec 19 06:01:45 storageboxtest4 kernel: [19005.946289] EXT3-fs error (device drbd0): ext3_get_inode_loc: unable to read inode block - inode=22184381, block=88735771
Dec 19 06:01:46 storageboxtest4 kernel: [19006.903899] block drbd0: helper command: /sbin/drbdadm pri-on-incon-degr minor-0 exit code 0 (0x0)
Dec 19 06:01:46 storageboxtest4 kernel: [19006.903918] block drbd0: helper command: /sbin/drbdadm local-io-error minor-0
Dec 19 06:01:46 storageboxtest4 kernel: [19006.908202] Power Off
Dec 19 06:01:46 storageboxtest4 kernel: [19006.910016] md: md125: recovery interrupted.
Dec 19 06:01:47 storageboxtest4 kernel: [19007.715470] EXT3-fs error (device drbd0): ext3_get_inode_loc: unable to read inode block - inode=22840092, block=91357233
Dec 19 06:01:47 storageboxtest4 kernel: [19007.715789] EXT3-fs error (device drbd0): ext3_get_inode_loc: unable to read inode block - inode=22840092, block=91357233
Dec 19 06:01:47 storageboxtest4 kernel: [19007.785375] EXT3-fs error (device drbd0): ext3_get_inode_loc: unable to read inode block - inode=22840094, block=91357233
Dec 19 06:01:47 storageboxtest4 kernel: [19007.785705] EXT3-fs error (device drbd0): ext3_get_inode_loc: unable to read inode block - inode=22840094, block=91357233
Dec 19 13:35:55 storageboxtest4 kernel: imklog 5.8.10, log source = /proc/kmsg started.
Just a simple dd test gives back an io error near the end of the array:
dd: reading `/dev/drbd0': Input/output error
mdadm: add new device failed for /dev/sdb4 as 3: Invalid argument solution
mdadm --manage /dev/md125 -a /dev/sdb4
mdadm: add new device failed for /dev/sdb4 as 3: Invalid argument
Dec 19 01:23:48 storageboxtest kernel: [ 2328.854491] md: sdb4 does not have a valid v1.2 superblock, not importing!
Dec 19 01:23:48 storageboxtest kernel: [ 2328.854499] md: md_import_device returned -22
#zero the superblock and try again!
mdadm --zero-superblock /dev/sdb4
mdadm --manage /dev/md125 -a /dev/sdb4
mdadm: add new device failed for /dev/sdb4 as 3: Invalid argument
Solution / this is the only thing that fixed it (basically do more than just zero-superblock)
dd if=/dev/zero of=/dev/sdb4
^C77149+0 records in
77149+0 records out
39500288 bytes (40 MB) copied, 5.35553 s, 7.4 MB/s
#success!
mdadm --manage /dev/md125 -a /dev/sdb4
mdadm: added /dev/sdb4
The weird thing is that you can see zero-superblock was NOT enough to fix it and sometimes you have to wipe a little further than zero-superblock does and it will fix it. I didn't find this solution anywhere so I thought I'd share it.
Linux named / bind how to dump, view and clear the cache!
Do you hate it when your ISP has old cached records because of a high TTL on the DNS record of the relevant domain? In plain English this means you often can't connect to a site or service because your ISP's DNS servers haven't gotten word of the new IP address (probably because they haven't checked). There are also some that are notorious for ignoring TTL and not updating records for days!
But if you are lucky and smart enough to have your own Linux based DNS server you can do the following:
rndc dumpdb -cache
This let's you see the cached entries by writing the bind cache to /var/named/data/cache_dump.db
If you just want to clear your DNS cache:
rndc flush
The above flushes all of your DNS cache which is never a bad idea since it saves memory and increases the performance potentially.
Centos 6 / 7 / 8 How To Change Default nameservers in /etc/resolv.conf when using DHCP / dhclient
First we need to create dhclient.conf if it doesn't exist or edit it:
vi /etc/dhclient/dhclient.conf
#add this line at the top add the IPs as commas they will be the highest priority nameservers and whatever your ISP gives you will be used after these one (good for DNS backup)
prepend domain-name-servers 127.0.0.1,10.10.25.8;
After you restart your network or run dhclient again you should see the contents of /etc/resolv.conf are as you expect.
This is mainly when you are running a local router and local DNS (and usually your own local DNS is quicker and more reliable than your ISP in my experience).
Adobe Acrobat Reader for Linux to use and view XFA Fillable Forms
The reason for not being able to read one of these dreaded/ fillable "XFA" forms is because no Linux PDF reader that I'm aware of supports them. Part of this reasoning is for security. It is really silly, they should ban these XFA forms or at least replace the Please Wait with the non-fillable version.
Download Adobe Reader 9.5 for Linux from here:
This is the solution but only so much, at least for me I was able to view the PDF and fill it but printing it produces a blank page (even print preview shows it as blank). I tried converting it to a normal pdf with print to file including postscript but none of that worked either.
With that said you too can get this broken version of the Linux Adobe Acrobat version :)
Perhaps a previous 9.5 (older version) even though the latest is from 2013 may work better?
ftp://ftp.adobe.com/pub/adobe/reader/unix/9.x/9.5.5/enu/
Sick of this error?
Please wait...
If this message is not eventually replaced by the proper contents of the document, your PDF
viewer may not be able to display this type of document.
You can upgrade to the latest version of Adobe Reader for Windows®, Mac, or Linux® by
visiting http://www.adobe.com/go/reader_download.
For more assistance with Adobe Reader visit http://www.adobe.com/go/acrreader.
Windows is either a registered trademark or a trademark of Microsoft Corporation in the United States and/or other countries. Mac is a trademark
of Apple Inc., registered in the United States and other countries. Linux is the registered trademark of Linus Torvalds in the U.S. and other countries
Debian Linux Mint Ubuntu iptables save and restore settings automatically onboot and reboot
First you need the "iptables-persistent" package. This gives you an init script that loads your settings from /etc/iptables/rules.v4 and rules.v6
When you install it, it wll save your default setings in /etc/iptables.
sudo apt-get install iptables-persistent
Why SMART is not smart at all and doesn't properly predict disk errors that cause a kernel panic or crash
Before getting into the output here is my typical experience with SMART, there is what I call a "bad disk" with pending and uncorrectable sectors that cannot be reallocated. It has caused a kernel panic and system crash repeatedly as we can see from the logs. But SMART says it has "PASSED" its self assessment. SMART is still useful to me but it is more about looking at Current_Pending_Sector. Any time I have had anything but 0 for that attribute it means the disk is bad and is unusable (eg. will cause kernel panics). In this case even RAID doesn't help when the bad disk taints the kernel. First let's check this disk and see what SMART thinkssmartctl -a /dev/sda=== START OF INFORMATION SECTION === Model Family: Seagate Barracuda ES Device Model: ST3750640NS Serial Number: ABCAEAAA LU WWN Device Id: 5 000c50 0083422e5 Firmware Version: 3BKH User Capacity: 750,156,374,016 bytes [750 GB] Sector Size: 512 bytes logical/physical Device is: In smartctl database [for details use: -P show] ATA Version is: 7 ATA Standard is: Exact ATA specification draft version not indicated Local Time is: Thu Dec 13 12:43:37 2018 EST SMART support is: Available - device has SMART capability. SMART support is: Enabled === START OF READ SMART DATA SECTION === SMART overall-health self-assessment test result: PASSED ID# ATTRIBUTE_NAME FLAG VALUE WORST THRESH TYPE UPDATED WHEN_FAILED RAW_VALUE 1 Raw_Read_Error_Rate 0x000f 093 086 006 Pre-fail Always - 0 3 Spin_Up_Time 0x0003 091 091 000 Pre-fail Always - 0 4 Start_Stop_Count 0x0032 100 100 020 Old_age Always - 27 5 Reallocated_Sector_Ct 0x0033 100 100 036 Pre-fail Always - 0 7 Seek_Error_Rate 0x000f 090 060 030 Pre-fail Always - 951683243 9 Power_On_Hours 0x0032 052 052 000 Old_age Always - 42128 10 Spin_Retry_Count 0x0013 100 100 097 Pre-fail Always - 0 12 Power_Cycle_Count 0x0032 100 100 020 Old_age Always - 27 187 Reported_Uncorrect 0x0032 100 100 000 Old_age Always - 0 189 High_Fly_Writes 0x003a 100 100 000 Old_age Always - 0 190 Airflow_Temperature_Cel 0x0022 066 054 045 Old_age Always - 34 (Min/Max 28/36) 194 Temperature_Celsius 0x0022 034 046 000 Old_age Always - 34 (0 17 0 0 0) 195 Hardware_ECC_Recovered 0x001a 081 055 000 Old_age Always - 220199 197 Current_Pending_Sector 0x0012 096 096 000 Old_age Always - 93 198 Offline_Uncorrectable 0x0010 096 096 000 Old_age Offline - 93 199 UDMA_CRC_Error_Count 0x003e 200 200 000 Old_age Always - 971 200 Multi_Zone_Error_Rate 0x0000 100 253 000 Old_age Offline - 0 202 Data_Address_Mark_Errs 0x0032 100 253 000 Old_age Always - 0 Now let's see /var/log/messagesDec 12 05:29:46 somepoorbox kernel: [30883839.026190] sd 0:0:0:0: [sda] Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE Dec 12 05:29:46 somepoorbox kernel: [30883839.026196] sd 0:0:0:0: [sda] Sense Key : Medium Error [current] [descriptor] Dec 12 05:29:46 somepoorbox kernel: [30883839.026203] Descriptor sense data with sense descriptors (in hex): Dec 12 05:29:46 somepoorbox kernel: [30883839.026206] 72 03 11 04 00 00 00 0c 00 0a 80 00 00 00 00 00 Dec 12 05:29:46 somepoorbox kernel: [30883839.026215] 57 4f 86 7b Dec 12 05:29:46 somepoorbox kernel: [30883839.026219] sd 0:0:0:0: [sda] Add. Sense: Unrecovered read error - auto reallocate failed Dec 12 05:29:46 somepoorbox kernel: [30883839.026225] sd 0:0:0:0: [sda] CDB: Read(10): 28 00 57 4f 8a 43 00 03 38 00 Dec 12 05:29:46 somepoorbox kernel: [30883839.026236] end_request: I/O error, dev sda, sector 1464830531 Dec 12 05:29:46 somepoorbox kernel: [30883839.026331] block drbd0: disk( UpToDate -> Failed ) Dec 12 05:29:46 somepoorbox kernel: [30883839.026345] block drbd0: Local IO failed in __req_mod. Detaching... Dec 12 05:29:46 somepoorbox kernel: [30883839.026365] block drbd0: helper command: /sbin/drbdadm pri-on-incon-degr minor-0 Dec 12 05:29:46 somepoorbox kernel: [30883839.026476] sd 0:0:0:0: [sda] Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE Dec 12 05:29:46 somepoorbox kernel: [30883839.026480] sd 0:0:0:0: [sda] Sense Key : Medium Error [current] [descriptor] Dec 12 05:29:46 somepoorbox kernel: [30883839.026485] Descriptor sense data with sense descriptors (in hex): Dec 12 05:29:46 somepoorbox kernel: [30883839.026488] 72 03 11 04 00 00 00 0c 00 0a 80 00 00 00 00 00 Dec 12 05:29:46 somepoorbox kernel: [30883839.026497] 57 4f 86 7b Dec 12 05:29:46 somepoorbox kernel: [30883839.026501] sd 0:0:0:0: [sda] Add. Sense: Unrecovered read error - auto reallocate failed Dec 12 05:29:46 somepoorbox kernel: [30883839.026506] sd 0:0:0:0: [sda] CDB: Read(10): 28 00 57 4f 86 7b 00 03 c8 00 Dec 12 05:29:46 somepoorbox kernel: [30883839.026514] end_request: I/O error, dev sda, sector 1464829563 Dec 12 05:29:46 somepoorbox kernel: [30883839.026632] block drbd0: IO ERROR: neither local nor remote disk Dec 12 05:29:46 somepoorbox kernel: [30883839.026636] ata1: EH complete Dec 12 05:29:46 somepoorbox kernel: [30883839.026728] block drbd0: IO ERROR: neither local nor remote disk Dec 12 05:29:46 somepoorbox kernel: [30883839.026811] block drbd0: IO ERROR: neither local nor remote disk Dec 12 05:29:46 somepoorbox kernel: [30883839.162977] Buffer I/O error on device drbd0, logical block 53203520 Dec 12 05:29:46 somepoorbox kernel: [30883839.163110] lost page write due to I/O error on drbd0 Dec 12 05:29:46 somepoorbox kernel: [30883839.163117] Buffer I/O error on device drbd0, logical block 59744311 Dec 12 05:29:46 somepoorbox kernel: [30883839.163200] lost page write due to I/O error on drbd0 Dec 12 05:29:46 somepoorbox kernel: [30883839.163208] Buffer I/O error on device drbd0, logical block 59744312 Dec 12 05:29:46 somepoorbox kernel: [30883839.163289] lost page write due to I/O error on drbd0 Dec 12 05:29:46 somepoorbox kernel: [30883839.163299] Buffer I/O error on device drbd0, logical block 59746338 Dec 12 05:29:46 somepoorbox kernel: [30883839.163316] Buffer I/O error on device drbd0, logical block 59744312 Dec 12 05:29:46 somepoorbox kernel: [30883839.163320] lost page write due to I/O error on drbd0 Dec 12 05:29:46 somepoorbox kernel: [30883839.163328] EXT3-fs: ext3_journal_dirty_data: aborting transaction: IO failure in ext3_journal_dirty_data Dec 12 05:29:46 somepoorbox kernel: [30883839.163336] EXT3-fs (drbd0): error in ext3_orphan_add: Readonly filesystem Dec 12 05:29:46 somepoorbox kernel: [30883839.165257] [] ? warn_slowpath_common+0x91/0xe0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165260] EXT3-fs (drbd0): I/O error while writing superblock Dec 12 05:29:46 somepoorbox kernel: [30883839.165280] [ ] ? ext3_get_group_desc+0x51/0xa0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165285] JBD: Spotted dirty metadata buffer (dev = drbd0, blocknr = 0). There's a risk of filesystem corruption in case of system crash. Dec 12 05:29:46 somepoorbox kernel: [30883839.165292] [ ] ? warn_slowpath_null+0x1a/0x20 Dec 12 05:29:46 somepoorbox kernel: [30883839.165297] [ ] ? mark_buffer_dirty+0x82/0xa0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165316] [ ] ? ext3_commit_super.clone.0+0x69/0x100 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165329] [ ] ? ext3_handle_error+0x7f/0xe0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165343] [ ] ? __ext3_std_error+0x5e/0xb0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165356] [ ] ? ext3_orphan_add+0xbf/0x1a0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165360] EXT3-fs: ext3_journal_dirty_data: aborting transaction: IO failure in ext3_journal_dirty_data Dec 12 05:29:46 somepoorbox kernel: [30883839.165374] [ ] ? journal_dirty_data_fn+0x0/0x30 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165378] EXT3-fs (drbd0): error in ext3_orphan_add: Readonly filesystem [ ] ? ext3_ordered_write_end+0x158/0x1c0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165395] Dec 12 05:29:46 somepoorbox kernel: [30883839.165400] [ ] ? generic_file_buffered_write_iter+0x184/0x2b0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165407] [ ] ? __generic_file_write_iter+0x225/0x420 Dec 12 05:29:46 somepoorbox kernel: [30883839.165412] [ ] ? __generic_file_aio_write+0x85/0xa0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165417] [ ] ? generic_file_aio_write+0x88/0x100 Dec 12 05:29:46 somepoorbox kernel: [30883839.165423] [ ] ? do_sync_write+0xf2/0x140 Dec 12 05:29:46 somepoorbox kernel: [30883839.165432] [ ] ? sys_getpeername+0xd4/0xf0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165436] [ ] ? vfs_write+0xb8/0x1a0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165441] [ ] ? fget_light_pos+0x16/0x50 Dec 12 05:29:46 somepoorbox kernel: [30883839.165445] [ ] ? sys_write+0x51/0xb0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165450] [ ] ? __audit_syscall_exit+0x25e/0x290 Dec 12 05:29:46 somepoorbox kernel: [30883839.165455] [ ] ? system_call_fastpath+0x16/0x1b Dec 12 05:29:46 somepoorbox kernel: [30883839.165459] ---[ end trace 32aa3e2dc89d4c30 ]--- Dec 12 05:29:46 somepoorbox kernel: [30883839.165462] Tainting kernel with flag 0x9
scp: ambiguous target error and solution
scp -rp Week09 one@10.10.5.80:"/some/remote/path/with a space/"
Gives me an error:
scp: ambiguous target
The issue is caused by the space in the remote path which needs to be escaped like this:
scp -rp Week09 one@10.10.5.80:"/some/remote/path/with a space/"
Basically you add a backslash in front of each space.
VirtualBox How To Add iSCSI Storage using VBoxManage
#to show all
VBoxManage list vms
#show ONLY running vms
VBoxManage list runningvms
VBoxManage storageattach test --storagectl "SATA" --port 0 --device 0 --type hdd --medium iscsi --server 192.168.1.91 --target "iqn.2018-12.local.abcrandom.target:sdb" --initiator "iqn.1982-01.ca.bla.tld:abc123" --tport 3260 --lun 1
iSCSI disk created. UUID: 3bbdd942-f3b0-4bc9-8f22-b0118f6f11ec
--server = the IP address of the iSCSI target server
--target = the target on the iSCSI srever
--initiator = your initiator name (eg. the equivalent of /etc/iscsi/initiator.iscsi)
--lun 1 (or whatever LUN number
Troubleshooting
If the disk creates successfully but VBox says it is inacessible it means you have probably specified something wrong in the flags above. Eg. a typo in your target, initiator, forgetting your LUN
UUID Already Exists
VBoxManage storageattach test --storagectl "SATA" --port 0 --device 0 --type hdd --medium iscsi --server 192.168.1.91 --target "iqn.1982-01.ca.bla.tld:abc123"
VBoxManage: error: Cannot register the hard disk '192.168.1.91|iqn.1982-01.ca.bla.tld:abc123' {16b201f8-da53-499c-86ec-753a8b940e58} because a hard disk '192.168.1.91|iqn.1982-01.ca.bla.tld:abc123' with UUID {8cd2dd6e-9b69-488c-81f6-22fa96da0a2f} already exists
VBoxManage: error: Details: code NS_ERROR_INVALID_ARG (0x80070057), component VirtualBoxWrap, interface IVirtualBox, callee nsISupports
VBoxManage: error: Context: "CreateMedium(Bstr("iSCSI").raw(), bstrISCSIMedium.raw(), AccessMode_ReadWrite, DeviceType_HardDisk, pMedium2Mount.asOutParam())" at line 608 of file VBoxManageStorageController.cpp
#list all hdds
vboxmanage list hdds
UUID: 8cd2dd6e-9b69-488c-81f6-22fa96da0a2f
Parent UUID: base
State: inaccessible
Type: normal (base)
Location: 192.168.1.91|iqn.1982-01.ca.bla.tld:abc123
Storage format: iSCSI
Capacity: 0 MBytes
Encryption: disabled
#let's delete it
vboxmanage closemedium disk 8cd2dd6e-9b69-488c-81f6-22fa96da0a2f --delete
#uh oh iSCSI disks can't be deleted this way
vboxmanage closemedium disk 8cd2dd6e-9b69-488c-81f6-22fa96da0a2f --delete
VBoxManage: error: Medium format 'iSCSI' does not support storage deletion
VBoxManage: error: Details: code VBOX_E_NOT_SUPPORTED (0x80bb0009), component MediumWrap, interface IMedium, callee nsISupports
VBoxManage: error: Context: "DeleteStorage(pProgress.asOutParam())" at line 1603 of file VBoxManageDisk.cpp
VBoxManage: error: Failed to delete medium. Error code Unknown Status -2135228407 (0x80bb0009)
Sometimes just using closemedium before works:
vboxmanage closemedium disk 8cd2dd6e-9b69-488c-81f6-22fa96da0a2f
Either way after the above you should be able to retry to connect your iSCSI disk
iSCSI on Centos 7 Configuration and Setup Guide for Initiator and Target
initiator = client
target = server
These are the first concepts you should understand which is that in iscsi essentially the "initiator" is the client and the "target" is the server.
iSCSI is derived from the old fashioned SCSI that us oldtimers grew to love. The "i" stands for Internet and the SCSI stands for "Small Computers Systems Interface" (SCSI).
iSCSI Target (Server) Setup
targetcli is the package that creates the iSCSI server and allows you to export your devices.
yum -y install targetcli
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: centos.ca-west.mirror.fullhost.io
* epel: mirrors.cat.pdx.edu
* extras: centos.ca-west.mirror.fullhost.io
* updates: centos.ca-west.mirror.fullhost.io
Resolving Dependencies
--> Running transaction check
---> Package targetcli.noarch 0:2.1.fb46-6.el7_5 will be updated
---> Package targetcli.noarch 0:2.1.fb46-7.el7 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Updating:
targetcli noarch 2.1.fb46-7.el7 base 67 k
Transaction Summary
================================================================================
Upgrade 1 Package
Total download size: 67 k
Downloading packages:
No Presto metadata available for base
targetcli-2.1.fb46-7.el7.noarch.rpm | 67 kB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : targetcli-2.1.fb46-7.el7.noarch 1/2
Cleanup : targetcli-2.1.fb46-6.el7_5.noarch 2/2
Verifying : targetcli-2.1.fb46-7.el7.noarch 1/2
Verifying : targetcli-2.1.fb46-6.el7_5.noarch 2/2
Updated:
targetcli.noarch 0:2.1.fb46-7.el7
Complete!
systemctl enable target
systemctl start target
systemctl disable firewalld
systemctl stop firewalld
firewall-cmd --permanent --add-port=3260/tcp firewall-cmd --reload
Launch targetcli to configure our iSCSI target
targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.fb46
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/>
Let's see what block storage/backing devices we have?
/> cd backstores/block
/backstores/block> ls
o- block .................................................. [Storage Objects: 0]
/backstores/block>
Create our iSCSI disk
/backstores/block> create areebsfault /dev/sdb
Created block storage object areebsfault using /dev/sdb.
Create our target
The "iqn" must go first and then year-time and then local and finally the "host name" and after the colon the target name "sdb". IQN= iSCSI Qualified Name
- iqn
- Date (1982-01)
- Reversed domain name of the authority (eg. target.abcrandom.local) becomes local.abcrandom.target
- Optional “:” that prefixes a storage target name specified by the naming authority
cd /iscsi
/iscsi> create iqn.2018-12.local.abcrandom.target:sdb
Created target iqn.2018-12.local.abcrandom.target:sdb.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
Do we have any LUN?
/iscsi/iqn.20...sdb/tpg1/acls> cd /iscsi/iqn.2018-12.local.abcrandom.target:sdb/
/iscsi/iqn.20...om.target:sdb> ls
o- iqn.2018-12.local.abcrandom.target:sdb ............................ [TPGs: 1]
o- tpg1 ............................................... [no-gen-acls, no-auth]
o- acls .......................................................... [ACLs: 0]
o- luns .......................................................... [LUNs: 0]
o- portals .................................................... [Portals: 1]
o- 0.0.0.0:3260 ..................................................... [OK]
Create our LUN
cd /iscsi/iqn.2018-12.local.abcrandom.target:sdb/tpg1/luns
/iscsi/iqn.20...sdb/tpg1/luns> create /backstores/block/areebsfault lun1
Created LUN 1.
/iscsi/iqn.20...sdb/tpg1/luns> ls
o- luns .............................................................. [LUNs: 1]
o- lun1 .................... [block/areebsfault (/dev/sdb) (default_tg_pt_gp)]
cd /iscsi/iqn.2018-12.local.abcrandom.target:sdb/tpg1/acls
/iscsi/iqn.20...sdb/tpg1/acls> create iqn.1982-01.ca.bla.tld:abc123
Created Node ACL for iqn.1982-01.ca.bla.tld:abc123
Created mapped LUN 1.
*Note the iqn for this ACL as you will need to use it in the clientside (initiator setup).
Client Side Setup
systemctl disable firewalld
systemctl stop firewalld
firewall-cmd --permanent --add-port=3260/tcp firewall-cmd --reload
yum -y install iscsi-initiator-utils
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.its.sfu.ca
* extras: mirror.its.sfu.ca
* updates: mirror.its.sfu.ca
Resolving Dependencies
--> Running transaction check
---> Package iscsi-initiator-utils.x86_64 0:6.2.0.874-10.el7 will be installed
--> Processing Dependency: iscsi-initiator-utils-iscsiuio >= 6.2.0.874-10.el7 for package: iscsi-initiator-utils-6.2.0.874-10.el7.x86_64
--> Running transaction check
---> Package iscsi-initiator-utils-iscsiuio.x86_64 0:6.2.0.874-10.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository
Size
================================================================================
Installing:
iscsi-initiator-utils x86_64 6.2.0.874-10.el7 base 421 k
Installing for dependencies:
iscsi-initiator-utils-iscsiuio x86_64 6.2.0.874-10.el7 base 92 k
Transaction Summary
================================================================================
Install 1 Package (+1 Dependent package)
Total download size: 513 k
Installed size: 2.6 M
Downloading packages:
(1/2): iscsi-initiator-utils-6.2.0.874-10.el7.x86_64.rpm | 421 kB 00:00
(2/2): iscsi-initiator-utils-iscsiuio-6.2.0.874-10.el7.x86 | 92 kB 00:00
--------------------------------------------------------------------------------
Total 977 kB/s | 513 kB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : iscsi-initiator-utils-6.2.0.874-10.el7.x86_64 1/2
Installing : iscsi-initiator-utils-iscsiuio-6.2.0.874-10.el7.x86_64 2/2
Verifying : iscsi-initiator-utils-iscsiuio-6.2.0.874-10.el7.x86_64 1/2
Verifying : iscsi-initiator-utils-6.2.0.874-10.el7.x86_64 2/2
Installed:
iscsi-initiator-utils.x86_64 0:6.2.0.874-10.el7
Dependency Installed:
iscsi-initiator-utils-iscsiuio.x86_64 0:6.2.0.874-10.el7
Complete!
Edit initiatorname.iscsi
vi /etc/iscsi/initiatorname.iscsi
You can also use the echo command (make sure you use the correct iqn):
echo "InitiatorName=iqn.1982-01.ca.bla.tld:abc123" > /etc/iscsi/initiatorname.iscsi
Start and Enable iscsid
[root@localhost ~]# systemctl start iscsid
[root@localhost ~]# systemctl enable iscsid
Created symlink from /etc/systemd/system/multi-user.target.wants/iscsid.service to /usr/lib/systemd/system/iscsid.service.
Find Targets!
iscsiadm -m discovery --type sendtargets -p 192.168.1.91
192.168.1.91:3260,1 iqn.2018-12.local.abcrandom.target:sdb
If all is well you should see this with ls
ls /var/lib/iscsi/nodesMount all iscsi targets
iqn.2018-12.local.abcrandom.target:sdb
[root@localhost ~]# ls /var/lib/iscsi/
ifaces/ nodes/ slp/
isns/ send_targets/ static/
[root@localhost ~]# ls /var/lib/iscsi/send_targets/
192.168.1.91,3260
iscsiadm -m node -l
Logging in to [iface: default, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] (multiple)
Login to [iface: default, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] successful.
You should now see a /dev/sdb available that you can format like a normal disk.
cat /proc/partitions
major minor #blocks name
11 0 1048575 sr0
8 0 15728640 sda
8 1 1048576 sda1
8 2 14679040 sda2
253 0 13103104 dm-0
253 1 1572864 dm-1
8 16 4096 sdb
Set it for onboot loading
mkfs.ext4 /dev/sdb1
mke2fs 1.42.9 (28-Dec-2013)
Filesystem label=
OS type: Linux
Block size=1024 (log=0)
Fragment size=1024 (log=0)
Stride=0 blocks, Stripe width=32764 blocks
1024 inodes, 4092 blocks
204 blocks (4.99%) reserved for the super user
First data block=1
Maximum filesystem blocks=4194304
1 block group
8192 blocks per group, 8192 fragments per group
1024 inodes per group
Allocating group tables: done
Writing inode tables: done
Creating journal (1024 blocks): done
Writing superblocks and filesystem accounting information: done
[root@localhost ~]# blkid /dev/sdb1
/dev/sdb1: UUID="7c1b6358-24b0-4296-b099-13eb1100f72e" TYPE="ext4"
add something like this to /etcfstab
UUID=7c1b6358-24b0-4296-b099-13eb1100f72e /mnt/iscsi ext4 _netdev 0 0
Troubleshooting Common Issues
- Firewall Issues. Make sure firewalls are disabled or port 3260 is enabled.
- Listening on the wrong IP or port in your portal.
- Specifying the target instead of the initiator name/ACL name.
- Not creating an LUN
- Mixing up different target names with the wrong initiator name.
- The client side is using the wrong initiator name (often a random generated one by the OS).
How To
Login To All Targets
iscsiadm -m node -l
Login To Specific Target
iscsiadm -m node -l -T iqn.target.name:bla
Delete your iscsi target
/iscsi> cd /iscsi/
/iscsi> delete iqn.2016-06.localb.a.bla:123
Deleted Target iqn.2016-06.localb.a.bla:123.
Disconnect your client from a target
iscsiadm -m node --logout -T iqn.2018-12.local.abcrandom.target:sdb
Logging out of session [sid: 1, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260]
Logout of [sid: 1, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] successful.
Disconnect from ALL targets
iscsiadm -m node --logout all
Logging out of session [sid: 2, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260]
Logout of [sid: 2, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] successful.
Python and BeautifulSoup4's BS4's Decompose Method To Remove Unwanted Inner Tags
<div class="c-shca-icon-item__body-name">
< a href="/Products/MX72244">
< span class="c-shca-icon-item__body-name-brand">
ADATA
< / span>
XPG SX8200 PCI - E 3.0 x4 M .2 NVMe SSD, 480 GB
< / a>
The problem in the html above is that there is a "span" inside the "a" and this is unusual except for a few products with ADATA.
Otherwise it would print out ADATA with the other product information "XPG SX8200 PCI - E 3.0 x4 M .2 NVMe SSD, 480 GB". So we just want the product info and not the ADATA inside span.
The solution is to use beautifulsoup's "decompose method below".
hddname = prices.find("div", {"class": "c-shca-icon-item__body-name"})
hddname=hddname.find("a")
hddname.span.decompose()
hddname=hddname.get_text().strip()
Once we have the "a" tag contents which contain a "span inside". We just use the decompose() method.
The format is as follows
soupname.tagname.decompose()
httpd AH00534: httpd: Configuration error: No MPM loaded. solution
httpd
AH00534: httpd: Configuration error: No MPM loaded.
Simple Solution (assuming you don't have this line in httpd.conf aleady:
echo "Include conf.modules.d/*.conf" >> /etc/httpd/conf/httpd.conf
bash script to remove modules from httpd.conf that are not actually installed
confmodules=`cat /etc/httpd/conf/httpd.conf |grep -v ^#|grep "modules/"|awk '{print $3}'|cut -d "/" -f 2`
for module in $confmodules; do
echo "module=$module"
if [ ! -f /etc/httpd/modules/$module ]; then
linenum=`awk /"$module/{ print NR; exit}" /etc/httpd/conf/httpd.conf`
sed -i "$linenum"s/.*// /etc/httpd/conf/httpd.conf
echo "hey we don't have this $module in /etc/httpd/modules"
fi
done
Basically the script checks all of the modules your httpd.conf tries to load. Then it checks if the file actually exists in /etc/httpd/modules/ and if it doesn't it edits httpd.conf by removing the relevant line for the module that doesn't exist.
bash scripting how to create a function
function centos7 {
release=`cat /etc/redhat-release|awk '{print $4}'|grep ^[7]`
if [ "$release" != "" ]; then
centos7='yes'
fi
}
centos7
echo "$centos7"
We create a function called "centos7" and then call it by just typing "centos7"
We then access a variable that may be set if we are running centos7 which is also called "$centos7".
If the value is present it should be = "yes" which means we are running Centos 7.
Centos 7 PHP MySQL Not Working Solution
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/pdo_mysql.so' - /usr/lib64/php/modules/pdo_mysql.so: symbol mysql_options, version libmysqlclient_18 not defined in file libmysqlclient.so.18 with link time reference in Unknown on line 0
#not sure what is wrong with php-mysql but I removed it and installed mysqlnd
yum -y remove php-mysql
yum -y install php-mysqlnd
Bash How To Cut or Split Natively And Get The LAST Field
This takes "yourvariable" and splits it based on the last character in this case "-" and shows the last field of that split.
${yourvariable##*-}
Bash Script How To Manipulate Text/Strings By Searchig and Replacing Natively
# a single first slash means first occurrence
# format=${haystack/needle/replacement}
# if you use a double first slash it means ALL occurrences
# format=${haystack//needle/replacement}
email=${file/.txt-marked/}
In the example above we are searching in the variable $file for ".txt-marked" and replacing with nothing (the empty part after the last / means we are replacing with nothing or actually removing it).
How to replace all occurrences?
email=${file//.txt-marked/}
The only difference is where the first slash goes. If you use double slashes it means to replace ALL occurences.
How Does Cisco CUCM (Cisco Unified Communication Manager) Work?
Cisco's CUCM (Cisco Unified Communication Manager) is a system that combines voice, video, data and mobile products into a single unified management suite. At its core, the CUCM is like a "Super PBX" that controls the flow of all communications through an organization even single or multiple site deployments.
Cisco's CUCM makes communication more effective and simple through centralized management and unification of communications resources.
How Does CUCM Work?
First of all the CUCM is a Linux based OS that is installed onto a server. It is like the "Control Panel" or "PBX" for all of your communications in terms of voice and video.
CUCM consists of 4-layers or building blocks to function and create a cohesive communication solution for your enterprise.
4-Layers of CUCM
Layer 1.) Infrastructure
Since CUCM is IP (Internet Protocol) based it uses traditional network infrastructure including switches, routers with the addition of voice specific gateway and switching (voice gateway and voice switch). This layer is also where high availability, QoS (Quality of Service) and management.
Layer 2.) Call Control
The call control layer is actually where CUCM lives and is active. It is the layer that handles and processes the calls, manages devices and where the PBX administrator can set dial plans and other features.
Layer 3.) Application
The applicaton layer processes things other than calls and is indepedent of the Call Control layer.
Examples of applications under this layer are the following:
- Cisco Unity - Voicemail, unified messaging and integrated messaging applications
- Cisco Unified Contact Center - Call Center Management
- Cisco Unified Meeting Place - Video Conferencing
- Cisco ER (Emergency Responder) - Identifies the caller location and maps that location to an emergency line identification number.
- Cisco Unified Presence Server - Collects and reports information on user devices and availability over what mediums (eg. voice, video etc..)
- Third Party App Support - Supports common standards such as TAPI (Telephone Application Programming Interface), SIP (Session Initiation Protocol) (for VOIP), H.323 (an open standard that allows for unified video, audio and data collaboration), MGCP (Media Gateway Control Protocol)
Layer 4.) Endpoints
The end points layer should be described and thought of as the "user level" which is essentially the end-product for the end user. This is because the Endpoints layer presents itself as a Cisco based IP phone, or other VOIP device/application, video terminal etc.
How the Cisco Unified Communications Network Works
The Cisco CUCM is like the "director" or "operator" of calls and helps initially connect or signal the parties involved in a phone conversation. It refers to the complete process of originating, terminating and routing calls. It also allows for stats to be collected for metrics and billing.
The actual voice and data travels directly between the devices themselves over whatever network they are connected to and the failure or loss of connectivity to the CUCM does not impact current conversations (unless you try to use a feature that CUCM controls such as hold, transfer etc..)
The CUCM also creates dialplans which control how and where a user can call.
CUCM also creates basic phone functionality such as the ability to hold, conference or transfer calls.
CUCM also integrates with your existing Active Directory setup to help reduce the configuration and authentication of new users.
How Do Calls Get Setup?
Once the end-user picks up their phone, the phone signals the CUCM that it is "off hook" or "picked up" and will signal the device to play the dialtone. Their device either sends each digit back to CUCM to be dialed (if it uses the SCCP protocol) or sends all digits at once, once the user has dialed (if using the SIP protocol). If a match is found in their dialplan on their CUCM the call will be routed/go through, otherwise the user would receive the "reorder tone" or busy signal.
Recommended Implementation - Campus Model
In this call processing deployment model, the Unified Communications services and the endpoints are co-located in the campus, and the QoS-enabled network between the service nodes, the endpoints, and applications is considered highly available, offering virtually unlimited bandwidth with less than 15 ms of latency end-to-end. Likewise, the quality and availability of power are very high, and services are hosted in an appropriate data center environment. Communications between the endpoints traverses a LAN or a MAN, and communications outside the enterprise goes over an external network such as the PSTN. An enterprise would typically deploy the campus model over a single building or over a group of buildings connected by a LAN or MAN.
The campus model typically has the following design characteristics:
•Single Cisco Unified CM cluster. Some campus call processing deployments may require more than one Unified CM cluster, for instance, if scale calls for more endpoints than can be serviced by a single cluster or if a cluster needs to be dedicated to an application such as a call center.
•Alternatively for smaller deployments, Cisco Business Edition 3000, 5000, or 6000 may be deployed in the campus.
•Maximum of 40,000 configured and registered Skinny Client Control Protocol (SCCP) or Session Initiation Protocol (SIP) IP phones, Cisco Cius, video endpoints, mobile clients, and Cisco Virtualization Experience Clients (VXC) per Unified CM cluster.
•Maximum of 2,100 gateways and trunks (that is, the total number of H.323 gateways, H.323 trunks, digital MGCP devices, and SIP trunks) per Unified CM cluster.
•Trunks and/or gateways (IP or PSTN) for all calls to destinations outside the campus.
•Co-located digital signal processor (DSP) resources for conferencing, transcoding, and media termination point (MTP).
•Other Unified Communications services, such as messaging (voicemail), presence, and mobility are typically co-located.
•Interfaces to legacy voice services such as PBXs and voicemail systems are connected within the campus, with no operational costs associated with bandwidth or connectivity.
•Multipoint Control Unit (MCU) resources are required for multipoint video conferencing. Depending on conferencing requirements, these resources may be either SCCP or H.323, or both.
•H.323 and H.320 video gateways are needed to communicate with H.320 videoconferencing devices on the public ISDN network.
•High-bandwidth audio is available (for example, G.722 or Cisco Wideband Audio) between devices within the site.
•High-bandwidth video (for example, 384 kbps or greater) is available between devices within the site. The Cisco Unified Video Advantage Wideband Codec, operating at 7 Mbps, is also supported.
Best Practices for the Campus Model
Follow these guidelines and best practices when implementing the single-site model:
•Ensure that the infrastructure is highly available, enabled for QoS, and configured to offer resiliency, fast convergence, and inline power.
•Know the calling patterns for your enterprise. Use the campus model if most of the calls from your enterprise are within the same site or to PSTN users outside your enterprise.
•Use G.711 codecs for all endpoints. This practice eliminates the consumption of digital signal processor (DSP) resources for transcoding, and those resources can be allocated to other functions such as conferencing and media termination points (MTPs).
•Implement the recommended network infrastructure for high availability, connectivity options for phones (in-line power), Quality of Service (QoS) mechanisms, and security. (See Network Infrastructure.)
•Follow the provisioning recommendations listed in the chapter on Call Processing.
What DNS Options Does Active Directory Offer in Windows Server 2008,2012,2016 ?
What Is Active Directory?
Active Directory is essentially an enhanced, centralized database with a set of objects that make user management, authorization, and data management simpler. Active Directory is synonymous with "Domain Controllers" where a single "domain" often consists of multiple sites and members of the domain. Multiple domains can also be joined to belong to a tree ( a collection of domains). And the highest layer is the forest which is created from multiple trees.
Active Directory can help provide DNS service by enabling the "DNS Server Role" which will allow members of a Domain to process DNS requests and create a highly available, fault-tolerant, redundant DNS design.
The first step is to ensure all relevant servers have the "Active Directory" role added and including the DNS portion.
The preferred method and setup is that the first DNS server should be set to the IP of another domain controller or DNS server that serves DNS and the secondary one should point to the localhost. DNS forwarders should be configured on each server that is running DNS, as this allows DNS resolutons to the outside to continue working in the event that one server hosting DNS goes down.
Best Practices According To Microsoft:
Question
What is Microsoft’s best practice for where and how many DNS servers exist? What about for configuring DNS client settings on DC’s and members?
Answer
It depends on who you ask. 🙂 We in MS have been arguing this amongst ourselves for 11 years now. Here are the general guidelines that the Microsoft AD and Networking Support teams give to customers, based on our not inconsiderable experience with customers and their CritSits:
-
If a DC is hosting DNS, it should point to itself at least somewhere in the client list of DNS servers.
-
If at all possible on a DC, client DNS should point to another DNS server as primary and itself as secondary or tertiary. It should not point to self as primary due to various DNS islanding and performance issues that can occur. (This is where the arguments usually start)
-
When referencing a DNS server on itself, a DNS client should always use a loopback address and not a real IP address.
-
Unless there is a valid reason not to that you can concretely explain with more pros than cons, all DC’s in a domain should be running DNS and hosting at least their own DNS zone; all DC’s in the forest should be hosting the _MSDCS zones. This is default when DNS is configured on a new Win2003 or later forest’s DC’s. (Lots more arguments here).
-
DC’s should have at least two DNS client entries.
-
Clients should have these DNS servers specified via DHCP or by deploying via group policy/group policy preferences, to avoid admin errors; both of those scenarios allow you to align your clients with subnets, and therefore specific DNS servers. Having all the clients & members point to the same one or two DNS servers will eventually lead to an outage and a conversation with us and your manager. If every DC is a DNS server, clients can be fine-tuned to keep their traffic as local as possible and DNS will be highly available with special work or maintenance. It also means that branch offices can survive WAN outages and keep working, if they have local DC’s running DNS.
-
We don’t care if you use Windows or 3rd party DNS. It’s no skin off our nose: you already paid us for the DC’s and we certainly don’t need you to buy DNS-only Windows servers. But we won’t be able to assist you with your BIND server, and their free product’s support is not free.
-
(Other things I didn’t say that are people’s pet peeves, leading to even more arguments).
Other Options
It should be noted that Active Directory Domain Controllers are not required to serve their own DNS and it is optional at the time of domain controller creation.
Another option that exists are the integration of Linux's NAMED or BIND DNS Server which is known to scale well and be extremely reliable.
Many cybersecurity experts believe this provides an enhanced level of performance and security, while still giving you the full features that Active Directory offers.
In general having a non-Microsoft DNS can offer you better performance and security. Securing your DNS servers is especially important, not only for DOS attacks but DNS poisoning especially due to privilege escalation or a compromise of a domain controller. This would allow an attacker to trick users into believing they were visiting a site they are not (eg. accounting may login to their online banking but unknowingly pass their details off to the hackers who have poisoned the DNS and sent them to a spoof site).
Here is a list of some of the value-added features offered by third-party DNS solutions available today:
- Proactive automated adaptive behavior protection from DNS attacks, malware and data exfiltration through customized DNS firewall security
- Utilize DNS and DHCP features that are unavailable from Microsoft in-box solutions such as Identity Mapping (linking IP addresses to users)
- Intelligently resolve queries and direct traffic according to geographic location
- Increased logging to help determine where issues and attacks are originating
- Utilizing a single solution for external and internal DNS (aka "single view")
- Operating system-agnostic way to manage DNS
- Increased security by reducing admin privilege usage
- Increased granularity for control of dynamic DNS updates via IP-based access-control, as opposed to the Microsoft's three-level approach of "none," "secure only" (i.e., AD-integrated clients (GSS-TSIG)) or "secure and insecure" (i.e., anyone, no TSIG or IP-based authentication required)
A good example is if you have 10 servers:
Server 1
Primary DNS: 172.16.254.2
Second DNS: 127.0.0.1
---------------------------------
Server 2
Primary DNS: 172.16.254.3
Second DNS: 127.0.0.1
---------------------------------
Server 3
Primary DNS: 172.16.254.4
Second DNS: 127.0.0.1
---------------------------------
Server 4
Primary DNS: 172.16.254.5
Second DNS: 127.0.0.1
---------------------------------
Server 5
Primary DNS: 172.16.254.6
Second DNS: 127.0.0.1
---------------------------------
Server 6
Primary DNS: 172.16.254.7
Second DNS: 127.0.0.1
---------------------------------
Server 7
Primary DNS: 172.16.254.8
Second DNS: 127.0.0.1
---------------------------------
Server 8
Primary DNS: 172.16.254.9
Second DNS: 127.0.0.1
---------------------------------
Server 9
Primary DNS: 172.16.254.10
Second DNS: 127.0.0.1
---------------------------------
Server 10
Primary DNS: 172.16.254.11
Second DNS: 127.0.0.1
---------------------------------
By setting up your DNS this way you are ensuring that should a domain member that provides DNS goes down that you have redundancy and the remaining servers will still function rather than if they were all relying on a single server as their secondary DNS source.
syntax error, unexpected T_SL in PHP Solution
This happened in a PHP script with heredoc but it could really happen anywhere. The issue was whitespace in code like this:
$variable = <<< HTML
some stuff here
$othervar
HTML;
Notice on the first line that there is extra white space after the HTML. Whitespace was a deadly killer since it isn't obvious in terms of syntax.
grep regular expression match number range between specific numbers
grep -E servers1[2-6] somefile.txt
The 1 before the [ bracket means that the number must start with one and can be between 1 and [2-6] or in plain English between 12-16.
bash how to print out lines of text within a range from the first occurrence
#get line number of occurrence in text file and then print out x lines from that point
#get the line number of the first occurrence of our search text
linenumber=`grep -n "someuniqueitem" inventory.txt|head -n1|cut -d ":" -f 1`
#linestop represents how many lines after the occurring line we want to print out in this case "20"
linestop=$((linenumber+20))
# sed prints out the line range we want for inventory.txt
# note that the p after $linestop tells sed to print
sed -n "$linenumber,$linestop p" inventory.txt
Combing it into one line:
linenumber=`grep -n "evodal07" inventory.txt|head -n1|cut -d ":" -f 1`&&sed -n "$linenumber,$((linenumber+20)) p" inventory.txt
bash script how to to check LAN computers for open ports
In this case it just searches for port 80 it is fairly handy if you have some sort of appliance or something else you aren't sure of the IP of
Of course change the port 80 port to whatever port(s) you want.
for ip in `arp -n|arp -n|tail -n +2|head -n -1 |grep -v incomplete|awk '{print $1}'`; do
echo "checking $ip:80"
nc -w 1 -z $ip 80
if [ "$?" == 0 ]; then
echo "**Port 80 Open on $ip**"
fi
done
MySQL Using mytop Debug Source of High IO and Slow Performance
mytop is one of my favorite tools and it is fairly simple aside from a few caveats and issues that persist to this day.
To install it on Centos:
yum -y install centos
Configure ~/.mytop
vi ~/.mytop
user=root
host=localhost
db=test
#port=3306
socket=/var/lib/mysql/mysql.sock
header=1
color=1
Try running it and see this error:
mytop --prompt
Error Fix:
vi /usr/bin/mytop
#comment this out:
#"long|!" => $config{long_nums},
Once you do get it running it's very useful you can watch queries in real time and if there is a single database slowing you down it will become apparent by watching the queries. Even using slow queries cannot always find the cause because sometimes the query isn't technically slow but it is the iowait that doesn't allow the query to even start executing for a long time.
How To Mathematically Convert and Calculate Binary Value To Decimal Value
When converting binary the easiest way is to write out a vertical list in a format like below and follow the formula in the table.
Example Convert 1101 1111 to decimal.
Step 1.)
Write out the binary below in vertical form (leave lots of space on the left side).
Keep this in mind that the "previous sum" starts at 0 on your first line.
Step 2.)
Formula:
2 * Previous Sum + Binary Number = Current Total
Write out each line in order from top to bottom of 1101 1111 in the same format and perform the calculations below.
Note that we alway use 0 for the previous sum.
| 2 | * | Previous Sum | + |
Binary Value |
= | Current Total |
| 2 | * | 0 | + | 1 | = | 1 |
2 |
* | 1 | + | 1 | = | 3 |
| 2 | * | 3 | + | 0 | = | 6 |
| 2 | * | 6 | + | 1 | = | 13 |
| 2 | * | 13 | + | 1 | = | 27 |
| 2 | * | 27 | + | 1 | = | 55 |
| 2 | * | 55 | + | 1 | = | 111 |
| 2 | * | 111 | + | 1 | = | 223 |
systemd management using systemctl and journalctl to check systemd logs
systemd is like the service manager for your Centos and other modern Linux distributions (including Debian/Mint/Ubuntu) allows you to enable services, stop them, restart them, check their status and even reboot your system.
The key commands or arguments you will use with systemctl are the following:
Unit Commands:
list-units [PATTERN...] List loaded units
list-sockets [PATTERN...] List loaded sockets ordered by address
list-timers [PATTERN...] List loaded timers ordered by next elapse
start NAME... Start (activate) one or more units
stop NAME... Stop (deactivate) one or more units
reload NAME... Reload one or more units
restart NAME... Start or restart one or more units
try-restart NAME... Restart one or more units if active
reload-or-restart NAME... Reload one or more units if possible,
otherwise start or restart
reload-or-try-restart NAME... Reload one or more units if possible,
otherwise restart if active
isolate NAME Start one unit and stop all others
kill NAME... Send signal to processes of a unit
is-active PATTERN... Check whether units are active
is-failed PATTERN... Check whether units are failed
status [PATTERN...|PID...] Show runtime status of one or more units
show [PATTERN...|JOB...] Show properties of one or more
units/jobs or the manager
cat PATTERN... Show files and drop-ins of one or more units
set-property NAME ASSIGNMENT... Sets one or more properties of a unit
help PATTERN...|PID... Show manual for one or more units
reset-failed [PATTERN...] Reset failed state for all, one, or more
units
list-dependencies [NAME] Recursively show units which are required
or wanted by this unit or by which this
unit is required or wanted
check the state of all running services
systemctl list-units --type service --all --state failed
systemctl list-units --type service --all --state running
systemctl list-units --type service --all --state active
systemctl enable sshd
systemctl disable crond
Note that disabling does NOT stop them if they are currently running.
systemctl disable crond
Removed symlink /etc/systemd/system/multi-user.target.wants/crond.service.
[root@bcitcourse ~]# systemctl status crond
● crond.service - Command Scheduler
Loaded: loaded (/usr/lib/systemd/system/crond.service; disabled; vendor preset: enabled)
Active: active (running) since Sat 2018-11-03 19:12:14 UTC; 2 days ago
Main PID: 139 (crond)
CGroup: /system.slice/crond.service
└─139 /usr/sbin/crond -n
Sep 18 07:19:54 bcitcourse systemd[1]: Starting Command Scheduler...
Sep 18 07:19:54 bcitcourse crond[31554]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 34% if used.)
Sep 18 07:19:54 bcitcourse crond[31554]: (CRON) INFO (running with inotify support)
Sep 18 07:19:54 bcitcourse crond[31554]: (CRON) INFO (@reboot jobs will be run at computer's startup.)
Sep 18 07:23:54 bcitcourse systemd[1]: Stopping Command Scheduler...
Sep 18 07:23:54 bcitcourse systemd[1]: Started Command Scheduler.
Sep 18 07:23:54 bcitcourse systemd[1]: Starting Command Scheduler...
Sep 18 07:23:54 bcitcourse crond[32128]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 44% if used.)
Sep 18 07:23:54 bcitcourse crond[32128]: (CRON) INFO (running with inotify support)
Sep 18 07:23:54 bcitcourse crond[32128]: (CRON) INFO (@reboot jobs will be run at computer's startup.)
Nov 01 18:20:58 bcitcourse systemd[1]: Stopping Command Scheduler...
Nov 01 18:20:58 bcitcourse systemd[1]: Stopped Command Scheduler.
Nov 01 18:21:26 bcitcourse systemd[1]: Started Command Scheduler.
Nov 01 18:21:26 bcitcourse systemd[1]: Starting Command Scheduler...
Nov 01 18:21:26 bcitcourse crond[156]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 72% if used.)
Nov 01 18:21:26 bcitcourse crond[156]: (CRON) INFO (running with inotify support)
Nov 02 17:24:11 bcitcourse systemd[1]: Stopping Command Scheduler...
Nov 02 17:24:11 bcitcourse systemd[1]: Stopped Command Scheduler.
Nov 02 17:25:08 bcitcourse systemd[1]: Started Command Scheduler.
Nov 02 17:25:08 bcitcourse systemd[1]: Starting Command Scheduler...
Nov 02 17:25:08 bcitcourse crond[135]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 37% if used.)
Nov 02 17:25:08 bcitcourse crond[135]: (CRON) INFO (running with inotify support)
Nov 02 19:26:01 bcitcourse crond[135]: (wwwmaster) BAD FILE MODE (/var/spool/cron/wwwmaster)
Nov 02 19:56:01 bcitcourse crond[135]: (wwwmaster) BAD FILE MODE (/var/spool/cron/wwwmaster)
Nov 03 19:11:56 bcitcourse systemd[1]: Stopping Command Scheduler...
Nov 03 19:11:56 bcitcourse systemd[1]: Stopped Command Scheduler.
Nov 03 19:12:14 bcitcourse systemd[1]: Started Command Scheduler.
Nov 03 19:12:14 bcitcourse systemd[1]: Starting Command Scheduler...
Nov 03 19:12:14 bcitcourse crond[139]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 66% if used.)
Nov 03 19:12:14 bcitcourse crond[139]: (wwwmaster) BAD FILE MODE (/var/spool/cron/wwwmaster)
Nov 03 19:12:14 bcitcourse crond[139]: (CRON) INFO (running with inotify support)
[root@bcitcourse ~]# ps aux|grep crond
root 139 0.0 0.0 22700 1496 ? Ss Nov03 0:00 /usr/sbin/crond -n
root 5833 0.0 0.0 112660 952 pts/3 S+ 19:11 0:00 grep --color=auto crond
How do targets work and what are they?
It is similar to the traditional runtimes where generally normal non GUI operation would be considered "runlevel 3" and the GUI would be "runlevel 5".
Instead, with systemctl you have targets for these that are based on names.
A good example is when installing your GNOME GUI:
You can do that, type startx and get your GUI. But upon reboot you'll still be at the CLI. Why?
You need to set your default target to the graphical target like below.
systemctl set-default graphical.target
What targets are available on my system?
ls /usr/lib/systemd/system
arp-ethers.service finger@.service nfs-blkmap.service rhel-configure.service sockets.target.wants systemd-poweroff.service
auth-rpcgss-module.service finger.socket nfs-client.target rhel-dmesg.service sound.target systemd-quotacheck.service
autovt@.service firewalld.service nfs-config.service rhel-domainname.service sshd-keygen.service systemd-random-seed.service
basic.target fstrim.service nfs-idmapd.service rhel-import-state.service sshd.service systemd-readahead-collect.service
basic.target.wants fstrim.timer nfs-idmap.service rhel-loadmodules.service sshd@.service systemd-readahead-done.service
blk-availability.service garbd.service nfs-lock.service rhel-readonly.service sshd.socket systemd-readahead-done.timer
bluetooth.target geoclue.service nfslock.service rpcbind.service suspend.target systemd-readahead-drop.service
brandbot.path getty-pre.target nfs-mountd.service rpcbind.socket swap.target systemd-readahead-replay.service
brandbot.service getty@.service nfs-rquotad.service rpcbind.target sys-fs-fuse-connections.mount systemd-reboot.service
canberra-system-bootup.service getty.target nfs-secure.service rpc-gssd.service sysinit.target systemd-remount-fs.service
canberra-system-shutdown-reboot.service graphical.target nfs-server.service rpcgssd.service sysinit.target.wants systemd-rfkill@.service
canberra-system-shutdown.service graphical.target.wants nfs.service rpcidmapd.service sys-kernel-config.mount systemd-shutdownd.service
console-getty.service gssproxy.service nfs-utils.service rpc_pipefs.target sys-kernel-debug.mount systemd-shutdownd.socket
console-shell.service halt-local.service nmb.service rpc-rquotad.service syslog.socket systemd-suspend.service
container-getty@.service halt.target nscd.service rpc-statd-notify.service syslog.target.wants systemd-sysctl.service
crond.service hibernate.target nscd.socket rpc-statd.service systemd-ask-password-console.path systemd-timedated.service
cryptsetup-pre.target htcacheclean.service nss-lookup.target rsyncd.service systemd-ask-password-console.service systemd-tmpfiles-clean.service
cryptsetup.target httpd.service nss-user-lookup.target rsyncd@.service systemd-ask-password-wall.path systemd-tmpfiles-clean.timer
ctrl-alt-del.target hybrid-sleep.target ntalk.service rsyncd.socket systemd-ask-password-wall.service systemd-tmpfiles-setup-dev.service
dbus-org.freedesktop.hostname1.service initrd-cleanup.service ntalk.socket rsyslog.service systemd-backlight@.service systemd-tmpfiles-setup.service
dbus-org.freedesktop.import1.service initrd-fs.target paths.target runlevel0.target systemd-binfmt.service systemd-udevd-control.socket
dbus-org.freedesktop.locale1.service initrd-parse-etc.service polkit.service runlevel1.target systemd-bootchart.service systemd-udevd-kernel.socket
dbus-org.freedesktop.login1.service initrd-root-fs.target poweroff.target runlevel1.target.wants systemd-firstboot.service systemd-udevd.service
dbus-org.freedesktop.machine1.service initrd-switch-root.service poweroff.target.wants runlevel2.target systemd-fsck-root.service systemd-udev-settle.service
dbus-org.freedesktop.timedate1.service initrd-switch-root.target printer.target runlevel2.target.wants systemd-fsck@.service systemd-udev-trigger.service
dbus.service initrd.target proc-fs-nfsd.mount runlevel3.target systemd-halt.service systemd-update-done.service
dbus.socket initrd.target.wants proc-sys-fs-binfmt_misc.automount runlevel3.target.wants systemd-hibernate-resume@.service systemd-update-utmp-runlevel.service
dbus.target.wants initrd-udevadm-cleanup-db.service proc-sys-fs-binfmt_misc.mount runlevel4.target systemd-hibernate.service systemd-update-utmp.service
debug-shell.service ip6tables.service quotaon.service runlevel4.target.wants systemd-hostnamed.service systemd-user-sessions.service
default.target iptables.service rc-local.service runlevel5.target systemd-hwdb-update.service systemd-vconsole-setup.service
default.target.wants kexec.target rdisc.service runlevel5.target.wants systemd-hybrid-sleep.service system.slice
dev-hugepages.mount kmod-static-nodes.service rdma-hw.target runlevel6.target systemd-importd.service system-update.target
dev-mqueue.mount local-fs-pre.target rdma-load-modules@.service saslauthd.service systemd-initctl.service tcsd.service
dracut-cmdline.service local-fs.target rdma-ndd.service sendmail.service systemd-initctl.socket timers.target
dracut-initqueue.service local-fs.target.wants rdma.service serial-getty@.service systemd-journal-catalog-update.service timers.target.wants
dracut-mount.service machine.slice reboot.target shutdown.target systemd-journald.service time-sync.target
dracut-pre-mount.service machines.target reboot.target.wants shutdown.target.wants systemd-journald.socket tmp.mount
dracut-pre-pivot.service messagebus.service remote-cryptsetup.target sigpwr.target systemd-journal-flush.service umount.target
dracut-pre-trigger.service multi-user.target remote-fs-pre.target sleep.target systemd-kexec.service user.slice
dracut-pre-udev.service multi-user.target.wants remote-fs.target -.slice systemd-localed.service var-lib-nfs-rpc_pipefs.mount
dracut-shutdown.service named.service rescue.service slices.target systemd-logind.service vzfifo.service
ebtables.service named-setup-rndc.service rescue.target smartcard.target systemd-machined.service vzreboot.service
emergency.service network-online.target rescue.target.wants smb.service systemd-machine-id-commit.service xinetd.service
emergency.target network-pre.target rhel-autorelabel-mark.service sm-client.service systemd-modules-load.service
final.target network.target rhel-autorelabel.service sockets.target systemd-nspawn@.service
We can check by symlink to see what the default target is:
lrwxrwxrwx 1 root root 16 Sep 18 07:18 /usr/lib/systemd/system/default.target -> graphical.target
Checking to see what services start with a target
systemctl list-dependencies default.target
default.target
● ├─display-manager.service
● ├─mysqld.service
● ├─network.service
● ├─quotaon.service
● ├─systemd-readahead-collect.service
● ├─systemd-readahead-replay.service
● ├─systemd-update-utmp-runlevel.service
● ├─vzfifo.service
● └─multi-user.target
● ├─brandbot.path
● ├─dbus.service
● ├─httpd.service
● ├─mysqld.service
● ├─network.service
● ├─rhel-configure.service
● ├─rsyslog.service
● ├─saslauthd.service
● ├─sendmail.service
● ├─sm-client.service
● ├─sshd.service
● ├─systemd-ask-password-wall.path
● ├─systemd-logind.service
● ├─systemd-update-utmp-runlevel.service
● ├─systemd-user-sessions.service
● ├─xinetd.service
● ├─basic.target
● │ ├─iptables.service
● │ ├─rhel-dmesg.service
● │ ├─paths.target
● │ ├─slices.target
● │ │ ├─-.slice
● │ │ └─system.slice
● │ ├─sockets.target
● │ │ ├─dbus.socket
● │ │ ├─rpcbind.socket
● │ │ ├─systemd-initctl.socket
● │ │ ├─systemd-journald.socket
● │ │ ├─systemd-shutdownd.socket
● │ │ ├─systemd-udevd-control.socket
● │ │ └─systemd-udevd-kernel.socket
● │ ├─sysinit.target
● │ │ ├─dev-hugepages.mount
● │ │ ├─dev-mqueue.mount
● │ │ ├─kmod-static-nodes.service
● │ │ ├─proc-sys-fs-binfmt_misc.automount
● │ │ ├─rhel-autorelabel-mark.service
● │ │ ├─rhel-autorelabel.service
● │ │ ├─rhel-domainname.service
● │ │ ├─rhel-import-state.service
● │ │ ├─rhel-loadmodules.service
● │ │ ├─sys-fs-fuse-connections.mount
● │ │ ├─sys-kernel-config.mount
● │ │ ├─sys-kernel-debug.mount
● │ │ ├─systemd-ask-password-console.path
● │ │ ├─systemd-binfmt.service
● │ │ ├─systemd-firstboot.service
● │ │ ├─systemd-hwdb-update.service
● │ │ ├─systemd-journal-catalog-update.service
● │ │ ├─systemd-journal-flush.service
● │ │ ├─systemd-journald.service
● │ │ ├─systemd-machine-id-commit.service
● │ │ ├─systemd-modules-load.service
How can we see what switchable "isolate"able targets are available?
ls -al /usr/lib/systemd/system/|grep ^d
drwxr-xr-x 22 root root 16384 Nov 3 22:59 .
drwxr-xr-x 13 root root 4096 Sep 18 07:18 ..
drwxr-xr-x 2 root root 4096 Sep 18 07:23 basic.target.wants
drwxr-xr-x 2 root root 4096 Aug 16 18:34 dbus.target.wants
drwxr-xr-x 2 root root 4096 Aug 16 18:34 default.target.wants
drwxr-xr-x 2 root root 4096 Sep 18 07:18 graphical.target.wants
drwxr-xr-x 2 root root 4096 Sep 18 07:18 initrd.target.wants
drwxr-xr-x 2 root root 4096 Sep 18 07:23 local-fs.target.wants
drwxr-xr-x 2 root root 4096 Sep 18 07:23 multi-user.target.wants
drwxr-xr-x 2 root root 4096 Sep 18 07:18 poweroff.target.wants
drwxr-xr-x 2 root root 4096 Sep 18 07:18 reboot.target.wants
drwxr-xr-x 2 root root 4096 Sep 18 07:18 rescue.target.wants
drwxr-xr-x 2 root root 4096 Sep 18 07:18 runlevel1.target.wants
drwxr-xr-x 2 root root 4096 Sep 18 07:18 runlevel2.target.wants
drwxr-xr-x 2 root root 4096 Sep 18 07:18 runlevel3.target.wants
drwxr-xr-x 2 root root 4096 Sep 18 07:18 runlevel4.target.wants
drwxr-xr-x 2 root root 4096 Sep 18 07:18 runlevel5.target.wants
drwxr-xr-x 2 root root 4096 Sep 18 07:18 shutdown.target.wants
drwxr-xr-x 2 root root 4096 Sep 18 07:18 sockets.target.wants
drwxr-xr-x 2 root root 4096 Sep 18 07:18 sysinit.target.wants
drwxr-xr-x 2 root root 4096 Aug 16 18:34 syslog.target.wants
drwxr-xr-x 2 root root 4096 Sep 18 07:18 timers.target.wants
How do we switch targets without rebooting?
systemctl isolate targetname
systemctl isolate poweroff
systemctl sockets
systemctl list-sockets
LISTEN UNIT ACTIVATES
/dev/log systemd-journald.socket systemd-journald.service
/run/dbus/system_bus_socket dbus.socket dbus.service
/run/systemd/initctl/fifo systemd-initctl.socket systemd-initctl.service
/run/systemd/journal/socket systemd-journald.socket systemd-journald.service
/run/systemd/journal/stdout systemd-journald.socket systemd-journald.service
/run/systemd/shutdownd systemd-shutdownd.socket systemd-shutdownd.service
/run/udev/control systemd-udevd-control.socket systemd-udevd.service
/var/run/rpcbind.sock rpcbind.socket rpcbind.service
kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service
9 sockets listed.
Pass --all to see loaded but inactive sockets, too.
journalctl (systemd logging)
journalctl -u sshd
Aug 07 06:22:45 bcitcourse sshd[595]: Received disconnect from 59.63.188.32: 11: [preauth]
Aug 07 06:23:00 bcitcourse sshd[597]: Received disconnect from 221.194.47.221: 11: [preauth]
Aug 07 06:23:15 bcitcourse sshd[599]: Received disconnect from 59.63.188.32: 11: [preauth]
Aug 07 06:23:16 bcitcourse sshd[601]: Received disconnect from 221.194.44.232: 11: [preauth]
Aug 07 06:23:42 bcitcourse sshd[603]: Received disconnect from 59.63.188.32: 11: [preauth]
Aug 07 06:24:14 bcitcourse sshd[607]: Received disconnect from 59.63.188.32: 11: [preauth]
Aug 07 06:24:46 bcitcourse sshd[609]: Received disconnect from 59.63.188.32: 11: [preauth]
Jul 22 10:21:09 bcitcourse sshd[867]: reverse mapping checking getaddrinfo for 88.150-182-91.adsl-dyn.isp.belgacom.be [91.182.150.88] failed - POSSIBLE BREAK-IN ATTEMPT!
Jul 22 10:21:09 bcitcourse sshd[867]: Invalid user pi from 91.182.150.88
Jul 22 10:21:09 bcitcourse sshd[867]: input_userauth_request: invalid user pi [preauth]
Jul 22 10:21:09 bcitcourse sshd[865]: reverse mapping checking getaddrinfo for 88.150-182-91.adsl-dyn.isp.belgacom.be [91.182.150.88] failed - POSSIBLE BREAK-IN ATTEMPT!
Jul 22 10:21:09 bcitcourse sshd[865]: Invalid user pi from 91.182.150.88
Jul 22 10:21:09 bcitcourse sshd[865]: input_userauth_request: invalid user pi [preauth]
Jul 22 10:21:09 bcitcourse sshd[867]: pam_unix(sshd:auth): check pass; user unknown
Jul 22 10:21:09 bcitcourse sshd[867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.182.150.88
Jul 22 10:21:09 bcitcourse sshd[865]: pam_unix(sshd:auth): check pass; user unknown
Jul 22 10:21:09 bcitcourse sshd[865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.182.150.88
Jul 22 10:21:11 bcitcourse sshd[867]: Failed password for invalid user pi from 91.182.150.88 port 46846 ssh2
Jul 22 10:21:11 bcitcourse sshd[865]: Failed password for invalid user pi from 91.182.150.88 port 46842 ssh2
What's the difference?
journalctl -b 2 and journalctl -b -2
It is the fact the first "2" is a positive and the second "-2" is a negative.
Thus, 1 means the first boot found in the
journal in chronological order, 2 the second and so on; while -0 is
the last boot, -1 the boot before last, and so on.
css how to format code in the code tag
code {
background: #f4f4f4;
border: 1px solid #ddd;
border-left: 3px solid #f36d33;
color: #666;
page-break-inside: avoid;
font-family: monospace;
font-size: 15px;
line-height: 1.6;
margin-bottom: 1.6em;
max-width: 100%;
overflow: auto;
padding: 1em 1.5em;
display: block;
word-wrap: break-word;
}
The above has worked well for me. You may also need the block below if your spacing is messed up (some css templates suffer from this).
css br with extra blank line
The problem I was having is that a css template I was using was causing
br's to have an empty line in between which is very undesirable especially when displaying code.
br {
display:none;
margin: 0px;
height: 0px;
}
Using CSS code like above will fix it. You technically shouldn't need the margin or height either.
What is /dev/pts and why do we need it in Linux?
A quick check in /dev/pts shows a lot of entries but what are they for?:
ls /dev/pts
0 10 12 14 16 18 2 21 23 25 27 29 30 32 4 6 8 ptmx
1 11 13 15 17 19 20 22 24 26 28 3 31 33 5 7 9
Basically they are pseudo-terminals, whereas a tty is a physical terminal (think of Ctrl + Alt + F1 being tty0 and F8 being tty7).
An easy way to test this is to keep opening new terminal windows (Ctrl+Shift+t)
Then type "tty" and you'll see each one has a higher /dev/pts number.
Pretty much anything such like ssh, bash that uses terminal input or output will create it's own /dev/pts.
Linux What is umask (user mask) for file and directory creation permissions and how to calculate umask and change the defaults
umask are the default permissions that are applied when a file or directory are created. To see this in action simply just "touch filename" or "mkdir somedir" and you'll see what default permissions are applied.
The first thing I always tell people you should know is to NEVER change the defaults unless you are making them more restrictive. But they work well and if you change the defaults you could end up creating a file without permission to read or write it which could break some scripts. If you made things less restrictive it is a security issue in my opinion.
It is said umask is the reverse or opposite of standard permissions but before we explain how to calculate them let's see what happens with the default umask settings.
As we can see the defaults as with most Unix systems are 022:
[root@evohostingtor2017 umasktest]# umask
0022
Knowing this let's check the default creation permissions of a file and directory below:
[root@evohostingtor2017 umasktest]# mkdir umaskdir
[root@evohostingtor2017 umasktest]# touch umaskfile
[root@evohostingtor2017 umasktest]# ls -alh
drwxr-xr-x 3 root root 4.0K Oct 31 18:55 .
drwxrwxrwt 5 root root 4.0K Oct 31 18:55 ..
drwxr-xr-x 2 root root 4.0K Oct 31 18:54 umaskdir
-rw-r--r-- 1 root root 0 Oct 31 18:55 umaskfile
The results are the following:
Directory permissions = 755
File permissions = 644
Why Doesn't Umask 0 or other modes with execute result in an executable file permission?
Let's go back to the answer above and now explain how umask is calculated and files and directories.
umask is about restricting permissions, in essence this means there are maximum permissions you can subtract from (not add to). What umask is doing is subtracting the values from the maximum possible permissions (more on that below).
umask like normal permissions still uses octal values:
0=read, write, execute
1=read, write
2=read, execute
3=read
4=write, execute
5=write
6=execute
7=no permissions
How do we calculate umask values?
The values are calculated different for files vs directories.
Directories: Maximum possible permissions are 777 (read, write, execute)
Files: Maximum possible permissions are 666 (read, write)
*Note execute is NOT possible to set during file creation.
How We Calculate umask
Let's take our default of 022.
Directories: ( 777 - 022 ) = 755
Files: (777 - 022) = 644 (we always drop any 1's/execute bits because files cannot have execute permissions upon creation due to POSIX restrictions).
More calculations (033):
Directories: (777-033) = 744
Files: (777-033) = 644 (oops remember to drop the 1 from the 7)
(026)
Directories: (777-026) = 751
Files: (777-026) = 640
Basically all we do is take the last 3 numbers and subtract them from the maximum possible permissions (aside from files where we drop a 1 for execute since it is not possible ).
Useful Quiz Here: http://www.webune.com/forums/umask-calculator.html
What about the leading 0 (something that I don't like to talk about and recommend almost never be used)
It can have a maximum value of 7 like the rest of umask.
SETUID=4 (allows the file to be executed as the owner even when another user or group accesses it)
SETGID=2 (allows the file to be executed as the group even when another user or group accesses it)
uid or gid being set represents itself as a small "s" and if you see it with a capital "S" it means it takes no effect (this means the user or group does not have execute permissions).
Sticky Bit=1 (makes it so only the owner can delete or move it).
sticky bit is represented by a small "t" if it takes effect where other has execute permissions (otherwise it takes no effect and will show as a capital "T").
Linux Permissions and Groups Real Usecase for Group Access
I have a directory structure which the primary user needs full access on but wanted a user to access only a specific directory within the main directory (so they could write in there only and nowhere else).
Here's what I did:
[root@compevo8001 dllnow]# ls -alh
drwxrwxr-x 2 someuser software 4.0K Oct 19 2017 ExpireYMD-2017-11-20
drwxrwxr-x 2 someuser software 4.0K Nov 19 2017 ExpireYMD-2017-12-20
drwxrwxr-x 2 someuser software 4.0K Dec 19 2017 ExpireYMD-2018-01-20
drwxrwxr-x 2 someuser software 4.0K Jan 19 2018 ExpireYMD-2018-02-20
drwxrwxr-x 2 someuser software 4.0K Feb 19 2018 ExpireYMD-2018-03-20
drwxrwxr-x 2 someuser software 4.0K Mar 19 2018 ExpireYMD-2018-04-20
drwxrwxr-x 2 someuser software 4.0K Apr 19 2018 ExpireYMD-2018-05-20
drwxrwxr-x 2 someuser software 4.0K May 19 04:24 ExpireYMD-2018-06-20
drwxrwxr-x 2 someuser software 4.0K Jun 19 03:49 ExpireYMD-2018-07-20
-rwxr-xr-x 1 someuser software 688 Mar 18 2008 symlinkmodify.sh
-rwxr-xr-x 1 someuser someuser 688 Mar 18 2008 symlinkmodify.sh
[root@compevo8001 httpdocs]# groupadd software
[root@compevo8001 httpdocs]# useradd softwareuser -g software
[root@compevo8001 httpdocs]# chown -R someuser.software membersonly/dllnow/
So basically "softwareuser" who is part of the "software" group can only write to "dllnow" and cannot write anywhere else based on their group permissions.
Centos 7 python34 how to install the gi library
Getting an error about gi missing when running a .py python script?
Just install EPEL and install the python3-gobject package:
yum install python34-gobject
Centos 7 - Convert Minimal to Graphical GUI GNOME or KDE Desktop
Did you just install the minimal version by accident or want to install the GUI? No need to reinstall just tell yum to do the work for you!
You could actually have both installed and choose one as your preference on demand (although many people prefer GNOME's simplicity).
Step 1.)
Install Gnome and/or KDE.
To install the GNOME Desktop on Centos 7:
yum -y groups install "GNOME Desktop"
To install the KDE Desktop on Centos 7:
yum -y groups install "KDE Plasma Workspaces"
Step 2.)
startx
Now you'll be into your graphical session!
Step 3.)
Make it permanent otherwise you will start in run level 3 without any GUI after rebooting:
systemctl set-default graphical.target
AMD Set Fan Speed and Other Powerplay Memory/CPU Timings with a Linux script
You can do other things but this particular script is just to set all AMD cards to 80% fan speed (remember this script needs to applied everytime you reboot). You could set it is a cron or just throw it into /etc/rc.local
basepath=/sys/class/drm
for hwmon in `ls -1 /sys/class/drm|grep card[0-99]$`; do
echo card=$hwmon;
hwmonname=`ls $basepath/$hwmon/device/hwmon|grep hwmon[0-99]`
hwmonpath=$basepath/$hwmon/device/hwmon/$hwmonname
echo "echo 1 > $hwmonpath/pwm1_enable"
echo "echo 205 > $hwmonpath/pwm1"
echo 1 > $hwmonpath/pwm1_enable
echo 205 > $hwmonpath/pwm1
done
The way it works is as follows:
The card power play settings are located in:
/sys/class/drm/cardNumber/device/hwmon/hwmonNumber
The card number is also the same order that you'll find in say Claymore and the hwmon number is usually 1 less than your card number. So as you can see below card4's hwmon path is hwmon3.
In the script I account for that just in case it may be different though.
cat /sys/class/drm/card4/device/hwmon/hwmon3/pwm1_enable
2
#enable pwm (if the value is not 1 it is not enabled so setting the fan speed would have no effect)
echo 1 > /sys/class/drm/card4/device/hwmon/hwmon3/pwm1_enable
The parameters for fan speed are a percentage or number out of max 255. So 80% would be the number 205 (it also seems to round to the nearest 5% I believe)
cat /sys/class/drm/card4/device/hwmon/hwmon3/pwm1_max
255
cat /sys/class/drm/card4/device/hwmon/hwmon3/pwm1_min
0
# 210/255 is about 82% fan speed (this still resulted in 80% actual fan speed)
echo "210" > /sys/class/drm/card4/device/hwmon/hwmon3/pwm1
The results of higher fan speeds
In one of my test rigs see that on some cards the temperature reduced by about 14C degrees!
Before:
ETH: GPU0 t=72C fan=64%, GPU1 t=72C fan=63%, GPU2 t=69C fan=23%, GPU3 t=84C fan=0%, GPU4 t=69C fan=27%
After:
ETH: GPU0 30.457 Mh/s, GPU1 30.455 Mh/s, GPU2 29.473 Mh/s, GPU3 29.498 Mh/s, GPU4 29.484 Mh/s
GPU0 t=65C fan=80%, GPU1 t=71C fan=80%, GPU2 t=55C fan=80%, GPU3 t=57C fan=80%, GPU4 t=55C fan=80%
Ethereum Mining Claymore Nanopool Error
This happens if you don' have an updated version normally (eg. things were working fine and you suddenly get this error):
Pool sent wrong data, cannot set epoch, disconnect
ETH: Connection lost, retry in 20 sec...
ETH: Connection lost, retry in 20 sec...
Solution - Download an updated Claymore!
genisoimage errors with long filenames and deep directory structures
You'll have to violate the iso9660 standards but it is necessary if you want to preserve your filesystem and filenames and shouldn't be an issue as long as you are using a modern OS like Linux.
genisoimage -o Backup-Myfiles.iso -r -J -joliet-long /some/path/
You will get errors like below (even enabling joliet-long didn't help)
genisoimage: Error: /some/filename.pdf have the same Joliet name
Joliet tree sort failed. The -joliet-long switch may help you.
#the best way
genisoimage -o /tmp/Backup-Myfiles2.iso -U -iso-level 4 -R /source/dir
This was the only way I could get unmodified long file names and VERY deep directories onto the iso image as original otherwise they get renamed and truncated which breaks a lot of things and makes it confusing. But be warned this breaks the iso9660 standard so many OS's especially Windows may not be able to read it.
==========
#this fixes it
-R is for Rock Ridge and allows for more than 8 deep folders
-U allows for untranslated filenames
genisoimage -o /tmp/Backup-Myfiles.iso -R -U .
#with an exclude
genisoimage -o /tmp/Backup-Myfiles.iso -R -U -m WebSites/blabla .
Warning: creating filesystem that does not conform to ISO-9660.
I: -input-charset not specified, using utf-8 (detected in locale settings)
#the -m causes a shrink error unless you put it earlier
genisoimage: File 'blank.html' did shrink.
Files must not be changed while genisoimage runs!
genisoimage -m WebSites/blabla -o /tmp/Backup-Myfiles.iso -R -U .
Linux Kernel USB Export Errors
4.374647] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[ 4.403334] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
[ 4.427736] xhci_hcd 0000:00:15.0: xHCI Host Controller
[ 4.427844] xhci_hcd 0000:00:15.0: new USB bus registered, assigned bus number 1
[ 4.429040] xhci_hcd 0000:00:15.0: hcc params 0x200077c1 hci version 0x100 quirks 0x01109810
[ 4.429141] xhci_hcd 0000:00:15.0: cache line size of 64 is not supported
[ 4.429290] usb usb1: New USB device found, idVendor=1d6b, idProduct=0002
[ 4.429371] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[ 4.429464] usb usb1: Product: xHCI Host Controller
[ 4.429541] usb usb1: Manufacturer: Linux 4.4.98 xhci-hcd
[ 4.429619] usb usb1: SerialNumber: 0000:00:15.0
[ 4.429906] hub 1-0:1.0: USB hub found
[ 4.429999] hub 1-0:1.0: 8 ports detected
[ 4.430779] xhci_hcd 0000:00:15.0: xHCI Host Controller
[ 4.430865] xhci_hcd 0000:00:15.0: new USB bus registered, assigned bus number 2
[ 4.431011] usb usb2: New USB device found, idVendor=1d6b, idProduct=0003
[ 4.431092] usb usb2: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[ 4.431186] usb usb2: Product: xHCI Host Controller
[ 4.431262] usb usb2: Manufacturer: Linux 4.4.98 xhci-hcd
[ 4.431339] usb usb2: SerialNumber: 0000:00:15.0
[ 4.431588] hub 2-0:1.0: USB hub found
[ 4.431682] hub 2-0:1.0: 7 ports detected
[ 4.439651] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[ 4.467341] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
[ 4.498125] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[ 4.519335] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
[ 4.542999] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[ 4.543095] Warning! ehci_hcd should always be loaded before uhci_hcd and ohci_hcd, not after
[ 4.543348] ehci-pci: EHCI PCI platform driver
[ 4.550673] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[ 4.579335] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
[ 4.610100] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[ 4.631351] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
[ 4.658940] uhci_hcd: USB Universal Host Controller Interface driver
[ 4.666245] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[ 4.699334] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
[ 4.742420] usb 1-3: new low-speed USB device number 2 using xhci_hcd
[ 4.930061] usb 1-3: New USB device found, idVendor=13ba, idProduct=0018
[ 4.930143] usb 1-3: New USB device strings: Mfr=0, Product=1, SerialNumber=0
[ 4.930223] usb 1-3: Product: Barcode Reader
[ 5.042408] usb 1-8: new full-speed USB device number 3 using xhci_hcd
[ 5.171384] usb 1-8: New USB device found, idVendor=8087, idProduct=0aa7
[ 5.171469] usb 1-8: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 5.174480] clocksource: Switched to clocksource tsc
[ 5.209804] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[ 5.235470] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
[ 5.259595] usbcore: registered new interface driver usb-storage
[ 5.267989] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[ 5.295427] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
How to download gajim 0.16.9 XMPP/Jabber client so you can use OMEMO encryption
#Linux Mint 18.2 how to install gajim .16.9 so you can use OMEMO encryption:
sudo apt-get install python-axolotl python-nbxmpp
wget https://gajim.org/downloads/0.16/gajim-0.16.9.tar.gz
tar -zxvf gajim-0.16.9.tar.gz
cd gajim-0.16.9
./autogen.sh ;make;sudo make install
#if you get this error you need to get a newer python-nbxmpp from here:
gajim
Gajim needs python-nbxmpp >= 0.6.1 to run. Quiting...
wget -q https://gajim.org/gajim.key -O - | apt-key add -
#Add the repository:
sh -c "echo deb ftp://ftp.gajim.org/debian unstable main > /etc/apt/sources.list.d/gajim.list"
apt-get update
sudo apt-get install python-nbxmpp
HP DL385 G7 Linux BIOS Update Flash
wget https://downloads.linux.hpe.com/repo/spp/rhel/6/x86_64/current/CP017004.scexe
--2018-08-16 05:11:16-- https://downloads.linux.hpe.com/repo/spp/rhel/6/x86_64/current/CP017004.scexe
Resolving downloads.linux.hpe.com (downloads.linux.hpe.com)... 15.249.152.85
Connecting to downloads.linux.hpe.com (downloads.linux.hpe.com)|15.249.152.85|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1525561 (1.5M) [text/plain]
Saving to: ‘CP017004.scexe’
100%[=====================================================================================>] 1,525,561 5.07MB/s in 0.3s
2018-08-16 05:11:16 (5.07 MB/s) - ‘CP017004.scexe’ saved [1525561/1525561]
[root@bx ~]# chmod +x CP017004.scexe
[root@bx ~]# ./CP017004.scexe --unpack=/tmp/newbios
mint@mint ~/2018-Linux-Update-BIOS $ ./cpqsetup
You must be root to execute this utility!
mint@mint ~/2018-Linux-Update-BIOS $ sudo ./cpqsetup
Flash Engine Version: Linux-4.4.1-1
Name: Online ROM Flash Component for Linux - HP ProLiant DL385 G7 (A18) Servers
New Version: 03/19/2012
Current Version: 12/20/2010
The software is installed but is not up to date.
Do you want to upgrade the software to a newer version (y/n) ?y
Flash in progress do not interrupt or your system may become unusable.
Working.........................................................
The installation procedure completed successfully.
A reboot is required to finish the installation completely.
Do you want to reboot your system now?
Once you have cpqsetup you can use the binary for other BIOS updates. For example if you can only find the Windows .exe BIOS update you can extract the BIOS file and replace the original file above.
You can use the Windows BIOS file by unzipping the .exe and then copying the actual firmware to the name of the old file from an older Linux flash download (it uses the new file that you give the old name):
mv CPQA1802.873 CPQA1802.873-
mint@mint ~/2018-Linux-Update-BIOS $ wget https://downloads.hpe.com/pub/softlib2/software1/sc-windows-fw-sys/p1709043947/v150899/cp036023.exe
--2018-08-17 00:14:42-- https://downloads.hpe.com/pub/softlib2/software1/sc-windows-fw-sys/p1709043947/v150899/cp036023.exe
Resolving downloads.hpe.com (downloads.hpe.com)... 15.241.20.93
Connecting to downloads.hpe.com (downloads.hpe.com)|15.241.20.93|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1809864 (1.7M) [application/octet-stream]
Saving to: ‘cp036023.exe’
cp036023.exe 100%[===================>] 1.73M 1.16MB/s in 1.5s
2018-08-17 00:14:44 (1.16 MB/s) - ‘cp036023.exe’ saved [1809864/1809864]
mint@mint ~/2018-Linux-Update-BIOS $ unzip cp036023.exe
Archive: cp036023.exe
inflating: CPQA1803.46E
inflating: SysRomInstaller.dll
inflating: cp036023.xml
inflating: cpqasmi.sys
inflating: cpqasmi64.sys
inflating: cpqftbl.sys
inflating: cpqftbl64.sys
inflating: cpqpsmi.sys
inflating: cpqpsmi64.sys
inflating: cpqsetup.exe
replace cpqsfa18.cfg? [y]es, [n]o, [A]ll, [N]one, [r]ename: a
error: invalid response [a]
replace cpqsfa18.cfg? [y]es, [n]o, [A]ll, [N]one, [r]ename: A
inflating: cpqsfa18.cfg
inflating: cpqsysio.sys
inflating: cpqsysio64.sys
inflating: readme.txt
mint@mint ~/2018-Linux-Update-BIOS $ cp CPQA1803.46E CPQA1802.873
mint@mint ~/2018-Linux-Update-BIOS $ sudo ./cpqsetup
Flash Engine Version: Linux-4.4.1-1
Name: Online ROM Flash Component for Windows - HP ProLiant DL385 G7 (A18) Servers
New Version: 03/14/2018
Current Version: 03/19/2012
The software is installed but is not up to date.
Do you want to upgrade the software to a newer version (y/n) ?y
Flash in progress do not interrupt or your system may become unusable.
Working.........................................................
The installation procedure completed successfully.
A reboot is required to finish the installation completely.
Do you want to reboot your system now? y
Connection to 192.168.1.71 closed by remote host.
Connection to 192.168.1.71 closed.
hwloc-nox set CPU affinity in Linux
sudo apt-get install hwloc-nox
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
hwloc-nox
0 upgraded, 1 newly installed, 0 to remove and 530 not upgraded.
Need to get 151 kB of archives.
After this operation, 453 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu xenial/universe amd64 hwloc-nox amd64 1.11.2-3 [151 kB]
Fetched 151 kB in 0s (184 kB/s)
Selecting previously unselected package hwloc-nox.
(Reading database ... 224148 files and directories currently installed.)
Preparing to unpack .../hwloc-nox_1.11.2-3_amd64.deb ...
Unpacking hwloc-nox (1.11.2-3) ...
Processing triggers for man-db (2.7.5-1) ...
Setting up hwloc-nox (1.11.2-3) ...
mint@mint ~ $ apt-cache search lstopo^C
mint@mint ~ $ lstopo
lstopo lstopo-no-graphics
mint@mint ~ $ lstopo-no-graphics
Machine (16GB total)
NUMANode L#0 (P#0 7962MB)
Package L#0
L3 L#0 (6144KB)
L2 L#0 (2048KB) + L1i L#0 (64KB) + Core L#0
L1d L#0 (16KB) + PU L#0 (P#0)
L1d L#1 (16KB) + PU L#1 (P#2)
L2 L#1 (2048KB) + L1i L#1 (64KB) + Core L#1
L1d L#2 (16KB) + PU L#2 (P#4)
L1d L#3 (16KB) + PU L#3 (P#6)
L2 L#2 (2048KB) + L1i L#2 (64KB) + Core L#2
L1d L#4 (16KB) + PU L#4 (P#8)
L1d L#5 (16KB) + PU L#5 (P#10)
L2 L#3 (2048KB) + L1i L#3 (64KB) + Core L#3
L1d L#6 (16KB) + PU L#6 (P#12)
L1d L#7 (16KB) + PU L#7 (P#14)
L3 L#1 (6144KB)
L2 L#4 (2048KB) + L1i L#4 (64KB) + Core L#4
L1d L#8 (16KB) + PU L#8 (P#16)
L1d L#9 (16KB) + PU L#9 (P#18)
L2 L#5 (2048KB) + L1i L#5 (64KB) + Core L#5
L1d L#10 (16KB) + PU L#10 (P#20)
L1d L#11 (16KB) + PU L#11 (P#22)
L2 L#6 (2048KB) + L1i L#6 (64KB) + Core L#6
L1d L#12 (16KB) + PU L#12 (P#24)
L1d L#13 (16KB) + PU L#13 (P#26)
L2 L#7 (2048KB) + L1i L#7 (64KB) + Core L#7
L1d L#14 (16KB) + PU L#14 (P#28)
L1d L#15 (16KB) + PU L#15 (P#30)
HostBridge L#0
PCIBridge
PCI 14e4:1639
Net L#0 "enp4s0f0"
PCI 14e4:1639
Net L#1 "enp4s0f1"
PCIBridge
PCI 14e4:1639
Net L#2 "enp5s0f0"
PCI 14e4:1639
Net L#3 "enp5s0f1"
PCIBridge
PCI 103c:323a
PCI 1002:4390
PCI 1002:439c
Block(Removable Media Device) L#4 "sr0"
PCIBridge
PCI 1002:515e
GPU L#5 "renderD128"
GPU L#6 "card0"
GPU L#7 "controlD64"
NUMANode L#1 (P#2 8032MB) + Package L#1
L3 L#2 (6144KB)
L2 L#8 (2048KB) + L1i L#8 (64KB) + Core L#8
L1d L#16 (16KB) + PU L#16 (P#1)
L1d L#17 (16KB) + PU L#17 (P#3)
L2 L#9 (2048KB) + L1i L#9 (64KB) + Core L#9
L1d L#18 (16KB) + PU L#18 (P#5)
L1d L#19 (16KB) + PU L#19 (P#7)
L2 L#10 (2048KB) + L1i L#10 (64KB) + Core L#10
L1d L#20 (16KB) + PU L#20 (P#9)
L1d L#21 (16KB) + PU L#21 (P#11)
L2 L#11 (2048KB) + L1i L#11 (64KB) + Core L#11
L1d L#22 (16KB) + PU L#22 (P#13)
L1d L#23 (16KB) + PU L#23 (P#15)
L3 L#3 (6144KB)
L2 L#12 (2048KB) + L1i L#12 (64KB) + Core L#12
L1d L#24 (16KB) + PU L#24 (P#17)
L1d L#25 (16KB) + PU L#25 (P#19)
L2 L#13 (2048KB) + L1i L#13 (64KB) + Core L#13
L1d L#26 (16KB) + PU L#26 (P#21)
L1d L#27 (16KB) + PU L#27 (P#23)
L2 L#14 (2048KB) + L1i L#14 (64KB) + Core L#14
L1d L#28 (16KB) + PU L#28 (P#25)
L1d L#29 (16KB) + PU L#29 (P#27)
L2 L#15 (2048KB) + L1i L#15 (64KB) + Core L#15
L1d L#30 (16KB) + PU L#30 (P#29)
L1d L#31 (16KB) + PU L#31 (P#31)
Set your affinity
taskset -p ps aux^C
mint mint # ps aux|grep kvm
root 1306 0.0 0.0 0 0 ? S< Aug17 0:00 [kvm-irqfd-clean]
root 3724 0.0 0.0 91656 5056 pts/3 S+ 16:44 0:00 sudo qemu-system-x86_64 -m 11264 -smp 1 -net tap -net nic -enable-kvm -cpu host -drive file=/dev/sda
root 3725 8.7 45.2 12405860 7413032 pts/3 Sl+ 16:44 11:34 qemu-system-x86_64 -m 11264 -smp 1 -net tap -net nic -enable-kvm -cpu host -drive file=/dev/sda
root 3759 0.0 0.0 0 0 ? S 16:44 0:00 [kvm-pit/3725]
root 5234 0.0 0.0 14224 980 pts/6 S+ 18:56 0:00 grep --color=auto kvm
mint mint # taskset -pc 31 3725
pid 3725's current affinity list: 0-31
pid 3725's new affinity list: 31
mint mint # taskset -pc 30,31 3725
pid 3725's current affinity list: 31
pid 3725's new affinity list: 30,31
In the above command I set the affinity to core 31 and then changed it to cores 30 and 31.
Firefox An error occurred during a connection to some-ip-or-domain. SSL peer reports incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_ALERT Solution
An error occurred during a connection to some-ip-or-domain. SSL peer reports incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_ALERT
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
**Solution**
Go to about:config
security.tls.insecure_fallback_hosts
Set your hostname or IP that isn't work as the value.
Proxmox understanding the directory structure and why an NFS datastore appears to be missing files/isos
Proxmox at the root of your storage creates and "images" and "templates/iso" folder for VM images and iso's respectively. It ignores files in any other location.
pandoc convert markdown to html
Where markdown=markdown language file and $output is your outputfile.html
pandoc -f markdown $markdown -t html5 --toc --toc-depth=1 > $output
Proxmox error uploading an iso solution
Error 0 occurred while receiving the document
root@vh1:/var/tmp# wget http://mirror.compevo.com/proxmox/proxmox-ve_5.2-1.iso
--2018-08-30 16:27:37-- http://mirror.compevo.com/proxmox/proxmox-ve_5.2-1.iso
Resolving mirror.compevo.com (mirror.compevo.com)... 103.25.61.44
Connecting to mirror.compevo.com (mirror.compevo.com)|103.25.61.44|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 641517568 (612M) [application/octet-stream]
Saving to: ‘proxmox-ve_5.2-1.iso’
proxmox-ve_5.2-1.iso 80%[==================================> ] 493.39M 2.38MB/s in 45s
2018-08-30 16:28:22 (10.9 MB/s) - Connection closed at byte 517359784. Retrying.
--2018-08-30 16:28:23-- (try: 2) http://mirror.compevo.com/proxmox/proxmox-ve_5.2-1.iso
Connecting to mirror.compevo.com (mirror.compevo.com)|103.25.61.44|:80... connected.
HTTP request sent, awaiting response... 206 Partial Content
Length: 641517568 (612M), 124157784 (118M) remaining [application/octet-stream]
Saving to: ‘proxmox-ve_5.2-1.iso’
var/tmp is out of space the same as tmpfs
#this normally happens when Proxmox first uploads it to a place in /tmp on your / filesystem and if you have used a small HDD for testing it's easy for a simple ISO upload to fail for this reason. You'll have to wget directly to the main filesystem or datastore with more space.
Cannot install moodle
After starting the install it stalls here:
admin/index.php?cache=0&agreelicense=1&confirmrelease=1&lang=en
If you manually refresh you get a Plugins check screen:
Installation
System
Moodle second step fails just blank screen:
https://domain.la/user/editadvanced.php?id=2
Solution: give up and choose something else it shouldn't be this hard to just install this moodle software!
MySQL change for Antelope format to Barracuda error solution
Your database uses Antelope as the file format. Full UTF-8 support in MySQL and MariaDB requires the Barracuda file format. Please switch to the Barracuda file format. See the documentation MySQL full unicode support for details.
In /etc/my.cnf under [mysqld]
180827 21:43:14 InnoDB: 5.5.59 started; log sequence number 1589339
180827 21:43:14 [ERROR] /usr/libexec/mysqld: unknown variable 'db_file_format=Barracuda'
#instead set this:
innodb_file_format=Barracuda
You will also need to run mysql_upgrade after changing the format and restarting mysql:
mysql_upgrade -u root -p
vmkping -I vmk1 10.0.2.69 PING 10.0.2.69 (10.0.2.69): 56 data bytes sendto() failed (Host is down)
[root@localhost:~] vmkping -I vmk1 10.0.2.69
PING 10.0.2.69 (10.0.2.69): 56 data bytes
sendto() failed (Host is down)
vsphere distributed switch vmotion not working
[root@localhost:~] esxcfg-route -l
VMkernel Routes:
Network Netmask Gateway Interface
10.0.2.0 255.255.255.0 Local Subnet vmk1
192.168.1.0 255.255.255.0 Local Subnet vmk0
default 0.0.0.0 192.168.1.1 vmk0
Have you set internal IPs in VMWare and cannot ping between them on servers? It is probably because you are using an older than 6.5 version of VMWare's switch without MAC learning. To fix it you'll need to enable Promiscuous mode on the port group or change the software version ot 6.5 which has MAC learning and will make things work fine again.
gvfs mount in /run/user cannot be accessed or displayed wrong permissions
The folder contents could not be displayed
Backend currently unmounting
drwx------ 10 userhere group 260 Aug 23 19:40 ..
?????????? ? ? ? ? ? sftp:host=192.168.8.80,user=adhoc
ls: cannot access 'sftp:host=192.168.8.80,user=adoc': Input/output error
$ ps aux|grep fuse
one 2534 0.0 0.0 1071572 6472 ? Sl Jul13 1:19 /usr/lib/gvfs/gvfsd-fuse /run/user/1001/gvfs -f -o big_writes
one 24028 0.0 0.0 14228 976 pts/22 S+ 12:51 0:00 grep --color=auto fuse
youruser@superuser-desktop ~ $ sudo killall -9 gvfsd-fuse
youruser@superuser-desktop /run/user/1001 $ ls -alh
ls: cannot access 'gvfs': Transport endpoint is not connected
total 0
drwx------ 10 myuser myuser 260 Aug 23 19:40 .
drwxr-xr-x 3 root root 60 Jul 30 08:10 ..
drwx------ 2 myuser myuser 60 Aug 27 12:51 dconf
d????????? ? ? ? ? ? gvfs
sudo fuser -a -k /usr/lib/gvfs
[sudo] password for youruser:
Sorry, try again.
[sudo] password for youruser:
Sorry, try again.
[sudo] password for youruser:
Cannot stat file /proc/4748/fd/3: Permission denied
Cannot stat file /proc/4748/fd/8: Permission denied
Cannot stat file /proc/4748/fd/33: Permission denied
Cannot stat file /proc/4748/fd/34: Permission denied
ps aux|grep gvfs|awk '{print $11}'|sed s#/usr/lib/gvfs/##g
gvfsd-sftp
gvfsd-trash
gvfs-udisks2-volume-monitor
gvfs-mtp-volume-monitor
gvfs-gphoto2-volume-monitor
gvfs-afc-volume-monitor
gvfs-goa-volume-monitor
gvfsd-metadata
gvfsd-network
gvfsd-smb-browse
gvfsd-smb
gvfsd-dnssd
gvfsd-http
gvfsd-sftp
gvfsd-sftp
gvfsd-computer
gvfsd-burn
grep
sed
youruser@superuser-desktop /run/user/1001 $ for binary in `ps aux|grep gvfs|awk '{print $11}'|sed s#/usr/lib/gvfs/##g`; do
> sudo killall -9 $binary
> done
#sftp from the ui works OK for other apps but the gvfs folder is messed up still
ls: cannot access 'gvfs': Transport endpoint is not connected
VMWare vSphere 6.7 Errors Solution 503 Service Unavailable (Failed to connect to endpoint:
503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http20NamedPipeServiceSpecE:0x00005556ba09c070] _serverNamespace = / action = Allow _pipeName =/var/run/vmware/vpxd-webserver-pipe)
503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http16LocalServiceSpecE:0x00007fd26000b240] _serverNamespace = /ui action = Allow _port = 5090)
Errors like the above are usually because there is an issue with your vSphere or more commonly it is just taking a very long time to start so check back in a number of minutes.
How To Enable Nested KVM so guests can virtualize with hardware extensions
#check if nested KVM is enabled by doing a cat on nested inside sys
root@s14:~# cat /sys/module/kvm_intel/parameters/nested
root@s14:~# echo "options kvm-intel nested=Y" > /etc/modprobe.d/kvm-intel.conf
root@s14:~# echo "options kvm-amd nested=1" > /etc/modprobe.d/kvm-amd.conf
root@s14:~# modprobe -r kvm_intel
modprobe: FATAL: Module kvm_intel is in use.
root@s14:~# modprobe kvm_intel
To apply it properly you may need to reboot after the above
vi error solution E166: Can't open linked file for writing
This is not so much of a vi error as it is a physical filesystem error in the sense that the file you are trying to write to is a symlink and the destination doesn't exist or for some other reason is inacessible.
So vi is tellng you "you're writing to a symlinked file and the file the symlink points to cannot be written to". This is especially highlighted byt he fact that if you are using wq! to write and you still get the error.
Supermicro IPMI / KVM / BMC Remote Console Screen Resizing Issue - Window Cut Off Solution
It could just be my specific Java but other KVM/IP works ok on my machine but with Supermicro's IPMI for some reason the console window doesn't resize and even putting it in full screen leaves the window cut off as shown below:
As you can see above the screen is cut off you can't see the "I agree" on the right side.
The window resize option is on and it is clearly not working properly. Even choosing full screen doesn't change anything.
Solution - Here's how you can fix it with the Macro option:
- Macro Menu/Settings and click the option for "Hold Left Alt Key"
- Then click and hold and the mouse pointer becomes a hand.
- You can then drag to the right to expose what is cut off or whereever else you need to see.
- After you've moved the screen to where you need and want to click something make sure you disable the "Hold Left Alt Key" in macro or you won't be able to click or interact with anything.
See the example below after using the process above:
Linux bash shell doesn't show username, hostname or current path fix solution
Usually this is because when you created your user you added a user but didn't create their home directory and/or for some reason your .bashrc and .bash_profile in ~ (home) is broken/missing.
In your home just create the following files with the following content to solve it:
.bashrc and .bash_profile.
To apply it just relogin/start a new bash session
# .bash_profile
# Get the aliases and functions
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
# User specific environment and startup programs
PATH=$PATH:$HOME/bin
export PATH
# .bashrc
# User specific aliases and functions
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
zenity popup messages, windows, dialogs, error messages calendars and more howto on Gnome Linux including Ubuntu, Linux Mint, Centos and more
zenity is a nice utility as part of the gnome window manager that allows you to script from bash and retrieve the input from the user. It could also be helpful in just notifying a user when they login with a popup window.
I'll give an overview of what's available with zenity:
Application Options: --calendar Display calendar dialog --entry Display text entry dialog --error Display error dialog --info Display info dialog --file-selection Display file selection dialog --list Display list dialog --notification Display notification --progress Display progress indication dialog --question Display question dialog --warning Display warning dialog --scale Display scale dialog --text-info Display text information dialog --color-selection Display color selection dialog --password Display password dialog --forms Display forms dialog --display=DISPLAY X display to use
A few quick examples:
Note you can even use zenity remotely from an SSH session and make a zenity window popup.
zenity --info --text="hello" --title="hithere" --display=:0
Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.
As you can see below I've chosen the "info" dialog type and the text inside it will be "hello" and the title of the window is "hithere" and it is going to show on X Window Display ":0" (the default). The --display portion is only necessary if you have multiple displays or if you are running from a remote SSH session.
Debian/Ubuntu/Mint Linux How To Set VLAN in /etc/network/interfaces
You can find many ways to specify the VLAN in your network configuration but I find this is the simplest and quickest.
In this case we are talking about a bridged adapter "vmbr0" but it works even if you just had a normal non-bridged interface.
The key here is that in vmbr0 you'll notice there is no IP address. We just specify "manual".
Below it is a similar stanza for "vmbr0.58" in this case 58 represents the VLAN (change the 58 to the number of your desired VLAN). Then below it we set the IP address or we could have used DHCP as well.
auto lo
iface lo inet loopback
iface enp2s0 inet manual
auto vmbr0
iface vmbr0 inet manual
bridge_ports enp2s0
bridge_stp off
bridge_fd 0
auto vmbr0.58
iface vmbr0.58 inet static
address 172.16.58.14
netmask 255.255.255.0
gateway 172.16.58.254
moodle install error Error reading from database
Error reading from database
More information about this error
It is usually not possible to recover from errors triggered during installation, you may need to create a new database or use a different database prefix if you want to retry the installation.
Solution:
This happened when I was running MySQL 5.1. Assuming your database details are right and the DB is up then make sure you are using the correct and required MySQL 5.5
After upgrading to MySQL 5.5 things were good.
PHP Displaying Blank Page on Apache
Almost always the reason will be that the php.so file is missing but also that php.conf is misconfigured.
In the problem machine it is actually PHP 7 installed so if you reference PHP 5 of course things wil be broken!
Take for example here:
cat /etc/httpd/conf.d/php.conf
#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamically generated webpages.
#
LoadModule php7_module modules/libphp7.so
#
# Cause the PHP interpreter to handle files with a .php extension.
#
AddHandler php7-script .php
AddType text/html .php
#
# Add index.php to the list of files that will be served as directory
# indexes.
#
DirectoryIndex index.php
#
# Uncomment the following line to allow PHP to pretty-print .phps
# files as PHP source code:
#
#AddType application/x-httpd-php-source .phps
moodle displays code instead of outputting HTML
cat /etc/httpd/conf.d/php.conf|grep -i addhandler
AddHandler php5-script .php
Fix it and then restart Apache
sed -i s/"php5-script"/"php7-script"/g /etc/httpd/conf.d/php.conf
service httpd restart
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/geoip.so' - /usr/lib64/php/modules/geoip.so: undefined symbol: GeoIP_country_code_by_name_v6 in Unknown on line 0
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/geoip.so' - /usr/lib64/php/modules/geoip.so: undefined symbol: GeoIP_country_code_by_name_v6 in Unknown on line 0
Solution:
Edit geoip.ini
vi /etc/php.d/geoip.ini
Comment out the .so like so:
;extension=geoip.so
service httpd restart
Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/httpd/modules/libphp5.so: cannot open shared object file:
Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/httpd/modules/libphp5.so: cannot open shared object file: No such file or directory
This is basically caused by the PHP module specified in php.conf being non existent. The error tells us it couldn't fnd /etc/httpd/modules/libphp5.so
OK let's see what PHP module we do have:
ls /etc/httpd/modules/libphp*
/etc/httpd/modules/libphp7-zts.so /etc/httpd/modules/libphp7.so
If you have one there that works for you then just update php.conf to match.
sed -i s/"libphp5.so"/"libphp7.so"/g /etc/httpd/conf.d/php.conf
sed -i s/"php5_module"/"php7_module"/g /etc/httpd/conf.d/php.conf
prosody xmpp server "Failed in all attempts to connect to proxy.eu.jabber.org"
Aug 13 13:46:33 s2sout2d45040 info Failed in all attempts to connect to proxy.eu.jabber.org
Aug 13 13:46:33 s2sout2d45040 info Sending error replies for 1 queued stanzas because of failed outgoing connection to proxy.eu.jabber.org
No clue why it tries to use a proxy not explicitly specified. This could be because the proxy specified for the domain fails when someone is trying to send a file. I wish this could be disabled for security reasons in prosody.