RealTechTalk (RTT) - Linux/Server Administration/Related

We have years of knowledge with technology, especially in the IT (Information Technology) industry.

realtechtalk.com will always have fresh and useful information on a variety of subjects from Graphic Design, Server Administration, Web Hosting Industry and much more.

This site will specialize in unique topics and problems faced by web hosts, Unix/Linux administrators, web developers, computer technicians, hardware, networking, scripting, web design and much more. The aim of this site is to explain common problems and solutions in a simple way. Forums are ineffective because they have a lot of talk, but it's hard to find the answer you're looking for, and as we know, the answer is usually not there. No one has time to scour the net for forums and read pages of irrelevant information on different forums/threads. RTT just gives you what you're looking for.

Latest Articles

Why SMART is not smart at all and doesn't properly predict disk errors that cause a kernel panic or crash

Before getting into the output here is my typical experience with SMART, there is what I call a "bad disk" with pending and uncorrectable sectors that cannot be reallocated.
It has caused a kernel panic and system crash repeatedly as we can see from the logs.
But SMART says it has "PASSED" its self assessment.  SMART is still useful to me but it is more about looking at Current_Pending_Sector.
Any time I have had anything but 0 for that attribute it means the disk is bad and is unusable (eg. will cause kernel panics).
In this case even RAID doesn't help when the bad disk taints the kernel.

First let's check this disk and see what SMART thinks

smartctl -a /dev/sda

=== START OF INFORMATION SECTION ===
Model Family:     Seagate Barracuda ES
Device Model:     ST3750640NS
Serial Number:    ABCAEAAA
LU WWN Device Id: 5 000c50 0083422e5
Firmware Version: 3BKH
User Capacity:    750,156,374,016 bytes [750 GB]
Sector Size:      512 bytes logical/physical
Device is:        In smartctl database [for details use: -P show]
ATA Version is:   7
ATA Standard is:  Exact ATA specification draft version not indicated
Local Time is:    Thu Dec 13 12:43:37 2018 EST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled

=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED


ID# ATTRIBUTE_NAME          FLAG     VALUE WORST THRESH TYPE      UPDATED  WHEN_FAILED RAW_VALUE
  1 Raw_Read_Error_Rate     0x000f   093   086   006    Pre-fail  Always       -       0
  3 Spin_Up_Time            0x0003   091   091   000    Pre-fail  Always       -       0
  4 Start_Stop_Count        0x0032   100   100   020    Old_age   Always       -       27
  5 Reallocated_Sector_Ct   0x0033   100   100   036    Pre-fail  Always       -       0
  7 Seek_Error_Rate         0x000f   090   060   030    Pre-fail  Always       -       951683243
  9 Power_On_Hours          0x0032   052   052   000    Old_age   Always       -       42128
 10 Spin_Retry_Count        0x0013   100   100   097    Pre-fail  Always       -       0
 12 Power_Cycle_Count       0x0032   100   100   020    Old_age   Always       -       27
187 Reported_Uncorrect      0x0032   100   100   000    Old_age   Always       -       0
189 High_Fly_Writes         0x003a   100   100   000    Old_age   Always       -       0
190 Airflow_Temperature_Cel 0x0022   066   054   045    Old_age   Always       -       34 (Min/Max 28/36)
194 Temperature_Celsius     0x0022   034   046   000    Old_age   Always       -       34 (0 17 0 0 0)
195 Hardware_ECC_Recovered  0x001a   081   055   000    Old_age   Always       -       220199
197 Current_Pending_Sector  0x0012   096   096   000    Old_age   Always       -       93
198 Offline_Uncorrectable   0x0010   096   096   000    Old_age   Offline      -       93
199 UDMA_CRC_Error_Count    0x003e   200   200   000    Old_age   Always       -       971
200 Multi_Zone_Error_Rate   0x0000   100   253   000    Old_age   Offline      -       0
202 Data_Address_Mark_Errs  0x0032   100   253   000    Old_age   Always       -       0

Now let's see /var/log/messages

Dec 12 05:29:46 somepoorbox kernel: [30883839.026190] sd 0:0:0:0: [sda]  Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE Dec 12 05:29:46 somepoorbox kernel: [30883839.026196] sd 0:0:0:0: [sda]  Sense Key : Medium Error [current] [descriptor] Dec 12 05:29:46 somepoorbox kernel: [30883839.026203] Descriptor sense data with sense descriptors (in hex): Dec 12 05:29:46 somepoorbox kernel: [30883839.026206]         72 03 11 04 00 00 00 0c 00 0a 80 00 00 00 00 00 Dec 12 05:29:46 somepoorbox kernel: [30883839.026215]         57 4f 86 7b Dec 12 05:29:46 somepoorbox kernel: [30883839.026219] sd 0:0:0:0: [sda]  Add. Sense: Unrecovered read error - auto reallocate failed Dec 12 05:29:46 somepoorbox kernel: [30883839.026225] sd 0:0:0:0: [sda] CDB: Read(10): 28 00 57 4f 8a 43 00 03 38 00 Dec 12 05:29:46 somepoorbox kernel: [30883839.026236] end_request: I/O error, dev sda, sector 1464830531 Dec 12 05:29:46 somepoorbox kernel: [30883839.026331] block drbd0: disk( UpToDate -> Failed ) Dec 12 05:29:46 somepoorbox kernel: [30883839.026345] block drbd0: Local IO failed in __req_mod. Detaching... Dec 12 05:29:46 somepoorbox kernel: [30883839.026365] block drbd0: helper command: /sbin/drbdadm pri-on-incon-degr minor-0 Dec 12 05:29:46 somepoorbox kernel: [30883839.026476] sd 0:0:0:0: [sda]  Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE Dec 12 05:29:46 somepoorbox kernel: [30883839.026480] sd 0:0:0:0: [sda]  Sense Key : Medium Error [current] [descriptor] Dec 12 05:29:46 somepoorbox kernel: [30883839.026485] Descriptor sense data with sense descriptors (in hex): Dec 12 05:29:46 somepoorbox kernel: [30883839.026488]         72 03 11 04 00 00 00 0c 00 0a 80 00 00 00 00 00 Dec 12 05:29:46 somepoorbox kernel: [30883839.026497]         57 4f 86 7b Dec 12 05:29:46 somepoorbox kernel: [30883839.026501] sd 0:0:0:0: [sda]  Add. Sense: Unrecovered read error - auto reallocate failed Dec 12 05:29:46 somepoorbox kernel: [30883839.026506] sd 0:0:0:0: [sda] CDB: Read(10): 28 00 57 4f 86 7b 00 03 c8 00 Dec 12 05:29:46 somepoorbox kernel: [30883839.026514] end_request: I/O error, dev sda, sector 1464829563 Dec 12 05:29:46 somepoorbox kernel: [30883839.026632] block drbd0: IO ERROR: neither local nor remote disk Dec 12 05:29:46 somepoorbox kernel: [30883839.026636] ata1: EH complete Dec 12 05:29:46 somepoorbox kernel: [30883839.026728] block drbd0: IO ERROR: neither local nor remote disk Dec 12 05:29:46 somepoorbox kernel: [30883839.026811] block drbd0: IO ERROR: neither local nor remote disk Dec 12 05:29:46 somepoorbox kernel: [30883839.162977] Buffer I/O error on device drbd0, logical block 53203520 Dec 12 05:29:46 somepoorbox kernel: [30883839.163110] lost page write due to I/O error on drbd0 Dec 12 05:29:46 somepoorbox kernel: [30883839.163117] Buffer I/O error on device drbd0, logical block 59744311 Dec 12 05:29:46 somepoorbox kernel: [30883839.163200] lost page write due to I/O error on drbd0 Dec 12 05:29:46 somepoorbox kernel: [30883839.163208] Buffer I/O error on device drbd0, logical block 59744312 Dec 12 05:29:46 somepoorbox kernel: [30883839.163289] lost page write due to I/O error on drbd0 Dec 12 05:29:46 somepoorbox kernel: [30883839.163299] Buffer I/O error on device drbd0, logical block 59746338 Dec 12 05:29:46 somepoorbox kernel: [30883839.163316] Buffer I/O error on device drbd0, logical block 59744312 Dec 12 05:29:46 somepoorbox kernel: [30883839.163320] lost page write due to I/O error on drbd0 Dec 12 05:29:46 somepoorbox kernel: [30883839.163328] EXT3-fs: ext3_journal_dirty_data: aborting transaction: IO failure in ext3_journal_dirty_data Dec 12 05:29:46 somepoorbox kernel: [30883839.163336] EXT3-fs (drbd0): error in ext3_orphan_add: Readonly filesystem Dec 12 05:29:46 somepoorbox kernel: [30883839.165257]  [] ? warn_slowpath_common+0x91/0xe0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165260] EXT3-fs (drbd0): I/O error while writing superblock Dec 12 05:29:46 somepoorbox kernel: [30883839.165280]  [] ? ext3_get_group_desc+0x51/0xa0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165285] JBD: Spotted dirty metadata buffer (dev = drbd0, blocknr = 0). There's a risk of filesystem corruption in case of system crash. Dec 12 05:29:46 somepoorbox kernel: [30883839.165292]  [] ? warn_slowpath_null+0x1a/0x20 Dec 12 05:29:46 somepoorbox kernel: [30883839.165297]  [] ? mark_buffer_dirty+0x82/0xa0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165316]  [] ? ext3_commit_super.clone.0+0x69/0x100 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165329]  [] ? ext3_handle_error+0x7f/0xe0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165343]  [] ? __ext3_std_error+0x5e/0xb0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165356]  [] ? ext3_orphan_add+0xbf/0x1a0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165360] EXT3-fs: ext3_journal_dirty_data: aborting transaction: IO failure in ext3_journal_dirty_data Dec 12 05:29:46 somepoorbox kernel: [30883839.165374]  [] ? journal_dirty_data_fn+0x0/0x30 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165378] EXT3-fs (drbd0): error in ext3_orphan_add: Readonly filesystem [] ? ext3_ordered_write_end+0x158/0x1c0 [ext3] Dec 12 05:29:46 somepoorbox kernel: [30883839.165395] Dec 12 05:29:46 somepoorbox kernel: [30883839.165400]  [] ? generic_file_buffered_write_iter+0x184/0x2b0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165407]  [] ? __generic_file_write_iter+0x225/0x420 Dec 12 05:29:46 somepoorbox kernel: [30883839.165412]  [] ? __generic_file_aio_write+0x85/0xa0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165417]  [] ? generic_file_aio_write+0x88/0x100 Dec 12 05:29:46 somepoorbox kernel: [30883839.165423]  [] ? do_sync_write+0xf2/0x140 Dec 12 05:29:46 somepoorbox kernel: [30883839.165432]  [] ? sys_getpeername+0xd4/0xf0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165436]  [] ? vfs_write+0xb8/0x1a0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165441]  [] ? fget_light_pos+0x16/0x50 Dec 12 05:29:46 somepoorbox kernel: [30883839.165445]  [] ? sys_write+0x51/0xb0 Dec 12 05:29:46 somepoorbox kernel: [30883839.165450]  [] ? __audit_syscall_exit+0x25e/0x290 Dec 12 05:29:46 somepoorbox kernel: [30883839.165455]  [] ? system_call_fastpath+0x16/0x1b Dec 12 05:29:46 somepoorbox kernel: [30883839.165459] ---[ end trace 32aa3e2dc89d4c30 ]--- Dec 12 05:29:46 somepoorbox kernel: [30883839.165462] Tainting kernel with flag 0x9

scp: ambiguous target error and solution

scp -rp Week09 one@10.10.5.80:"/some/remote/path/with a space/"

Gives me an error:

scp: ambiguous target

The issue is caused by the space in the remote path which needs to be escaped like this:

scp -rp Week09 one@10.10.5.80:"/some/remote/path/with a space/"

Basically you add a backslash in front of each space.

VirtualBox How To Add iSCSI Storage using VBoxManage

#to show all
VBoxManage list vms

#show ONLY running vms
VBoxManage list runningvms

VBoxManage storageattach test --storagectl "SATA" --port 0 --device 0 --type hdd --medium iscsi --server 192.168.1.91 --target "iqn.2018-12.local.abcrandom.target:sdb" --initiator "iqn.1982-01.ca.bla.tld:abc123" --tport 3260 --lun 1 iSCSI disk created. UUID: 3bbdd942-f3b0-4bc9-8f22-b0118f6f11ec

--server = the IP address of the iSCSI target server

--target = the target on the iSCSI srever

--initiator = your initiator name (eg. the equivalent of /etc/iscsi/initiator.iscsi)

--lun 1 (or whatever LUN number

Troubleshooting

If the disk creates successfully but VBox says it is inacessible it means you have probably specified something wrong in the flags above. Eg. a typo in your target, initiator, forgetting your LUN

UUID Already Exists

VBoxManage storageattach test --storagectl "SATA" --port 0 --device 0 --type hdd --medium iscsi --server 192.168.1.91 --target "iqn.1982-01.ca.bla.tld:abc123" VBoxManage: error: Cannot register the hard disk '192.168.1.91|iqn.1982-01.ca.bla.tld:abc123' {16b201f8-da53-499c-86ec-753a8b940e58} because a hard disk '192.168.1.91|iqn.1982-01.ca.bla.tld:abc123' with UUID {8cd2dd6e-9b69-488c-81f6-22fa96da0a2f} already exists VBoxManage: error: Details: code NS_ERROR_INVALID_ARG (0x80070057), component VirtualBoxWrap, interface IVirtualBox, callee nsISupports VBoxManage: error: Context: "CreateMedium(Bstr("iSCSI").raw(), bstrISCSIMedium.raw(), AccessMode_ReadWrite, DeviceType_HardDisk, pMedium2Mount.asOutParam())" at line 608 of file VBoxManageStorageController.cpp

#list all hdds

vboxmanage list hddsUUID: 8cd2dd6e-9b69-488c-81f6-22fa96da0a2f Parent UUID: base State: inaccessible Type: normal (base) Location: 192.168.1.91|iqn.1982-01.ca.bla.tld:abc123 Storage format: iSCSI Capacity: 0 MBytes Encryption: disabled

#let's delete it

vboxmanage closemedium disk 8cd2dd6e-9b69-488c-81f6-22fa96da0a2f --delete #uh oh iSCSI disks can't be deleted this way vboxmanage closemedium disk 8cd2dd6e-9b69-488c-81f6-22fa96da0a2f --delete VBoxManage: error: Medium format 'iSCSI' does not support storage deletion VBoxManage: error: Details: code VBOX_E_NOT_SUPPORTED (0x80bb0009), component MediumWrap, interface IMedium, callee nsISupports VBoxManage: error: Context: "DeleteStorage(pProgress.asOutParam())" at line 1603 of file VBoxManageDisk.cpp VBoxManage: error: Failed to delete medium. Error code Unknown Status -2135228407 (0x80bb0009)

Sometimes just using closemedium before works:

vboxmanage closemedium disk 8cd2dd6e-9b69-488c-81f6-22fa96da0a2f

Either way after the above you should be able to retry to connect your iSCSI disk

iSCSI on Centos 7 Configuration and Setup Guide for Initiator and Target

initiator = client

target = server

These are the first concepts you should understand which is that in iscsi essentially the "initiator" is the client and the "target" is the server.

iSCSI is derived from the old fashioned SCSI that us oldtimers grew to love. The "i" stands for Internet and the SCSI stands for "Small Computers Systems Interface" (SCSI).

iSCSI Target (Server) Setup

targetcli is the package that creates the iSCSI server and allows you to export your devices.

yum -y install targetcli

Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: centos.ca-west.mirror.fullhost.io * epel: mirrors.cat.pdx.edu * extras: centos.ca-west.mirror.fullhost.io * updates: centos.ca-west.mirror.fullhost.io Resolving Dependencies --> Running transaction check ---> Package targetcli.noarch 0:2.1.fb46-6.el7_5 will be updated ---> Package targetcli.noarch 0:2.1.fb46-7.el7 will be an update --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Updating: targetcli noarch 2.1.fb46-7.el7 base 67 k Transaction Summary ================================================================================ Upgrade 1 Package Total download size: 67 k Downloading packages: No Presto metadata available for base targetcli-2.1.fb46-7.el7.noarch.rpm | 67 kB 00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Updating : targetcli-2.1.fb46-7.el7.noarch 1/2 Cleanup : targetcli-2.1.fb46-6.el7_5.noarch 2/2 Verifying : targetcli-2.1.fb46-7.el7.noarch 1/2 Verifying : targetcli-2.1.fb46-6.el7_5.noarch 2/2 Updated: targetcli.noarch 0:2.1.fb46-7.el7 Complete!

systemctl enable target

systemctl start target

systemctl disable firewalld

systemctl stop firewalld

firewall-cmd --permanent --add-port=3260/tcp firewall-cmd --reload

Launch targetcli to configure our iSCSI target

Let's see what block storage/backing devices we have?

/> cd backstores/block /backstores/block> ls o- block .................................................. [Storage Objects: 0] /backstores/block>

Create our iSCSI disk

/backstores/block> create areebsfault /dev/sdb Created block storage object areebsfault using /dev/sdb.

Create our target

The "iqn" must go first and then year-time and then local and finally the "host name" and after the colon the target name "sdb". IQN= iSCSI Qualified Name

iqn
Date (1982-01)
Reversed domain name of the authority (eg. target.abcrandom.local) becomes local.abcrandom.target
Optional “:” that prefixes a storage target name specified by the naming authority

cd /iscsi

/iscsi> create iqn.2018-12.local.abcrandom.target:sdb Created target iqn.2018-12.local.abcrandom.target:sdb. Created TPG 1. Global pref auto_add_default_portal=true Created default portal listening on all IPs (0.0.0.0), port 3260.

Do we have any LUN?

/iscsi/iqn.20...sdb/tpg1/acls> cd /iscsi/iqn.2018-12.local.abcrandom.target:sdb/ /iscsi/iqn.20...om.target:sdb> ls o- iqn.2018-12.local.abcrandom.target:sdb ............................ [TPGs: 1] o- tpg1 ............................................... [no-gen-acls, no-auth] o- acls .......................................................... [ACLs: 0] o- luns .......................................................... [LUNs: 0] o- portals .................................................... [Portals: 1] o- 0.0.0.0:3260 ..................................................... [OK]

Create our LUN

cd /iscsi/iqn.2018-12.local.abcrandom.target:sdb/tpg1/luns

/iscsi/iqn.20...sdb/tpg1/luns> create /backstores/block/areebsfault lun1 Created LUN 1. /iscsi/iqn.20...sdb/tpg1/luns> ls o- luns .............................................................. [LUNs: 1] o- lun1 .................... [block/areebsfault (/dev/sdb) (default_tg_pt_gp)]Create ACL so our initiator can connect

cd /iscsi/iqn.2018-12.local.abcrandom.target:sdb/tpg1/acls

/iscsi/iqn.20...sdb/tpg1/acls> create iqn.1982-01.ca.bla.tld:abc123 Created Node ACL for iqn.1982-01.ca.bla.tld:abc123 Created mapped LUN 1.

*Note the iqn for this ACL as you will need to use it in the clientside (initiator setup).

Client Side Setup

systemctl disable firewalld

systemctl stop firewalld

firewall-cmd --permanent --add-port=3260/tcp firewall-cmd --reload

yum -y install iscsi-initiator-utils

Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirror.its.sfu.ca * extras: mirror.its.sfu.ca * updates: mirror.its.sfu.ca Resolving Dependencies --> Running transaction check ---> Package iscsi-initiator-utils.x86_64 0:6.2.0.874-10.el7 will be installed --> Processing Dependency: iscsi-initiator-utils-iscsiuio >= 6.2.0.874-10.el7 for package: iscsi-initiator-utils-6.2.0.874-10.el7.x86_64 --> Running transaction check ---> Package iscsi-initiator-utils-iscsiuio.x86_64 0:6.2.0.874-10.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: iscsi-initiator-utils x86_64 6.2.0.874-10.el7 base 421 k Installing for dependencies: iscsi-initiator-utils-iscsiuio x86_64 6.2.0.874-10.el7 base 92 k Transaction Summary ================================================================================ Install 1 Package (+1 Dependent package) Total download size: 513 k Installed size: 2.6 M Downloading packages: (1/2): iscsi-initiator-utils-6.2.0.874-10.el7.x86_64.rpm | 421 kB 00:00 (2/2): iscsi-initiator-utils-iscsiuio-6.2.0.874-10.el7.x86 | 92 kB 00:00 -------------------------------------------------------------------------------- Total 977 kB/s | 513 kB 00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : iscsi-initiator-utils-6.2.0.874-10.el7.x86_64 1/2 Installing : iscsi-initiator-utils-iscsiuio-6.2.0.874-10.el7.x86_64 2/2 Verifying : iscsi-initiator-utils-iscsiuio-6.2.0.874-10.el7.x86_64 1/2 Verifying : iscsi-initiator-utils-6.2.0.874-10.el7.x86_64 2/2 Installed: iscsi-initiator-utils.x86_64 0:6.2.0.874-10.el7 Dependency Installed: iscsi-initiator-utils-iscsiuio.x86_64 0:6.2.0.874-10.el7 Complete!

Edit initiatorname.iscsi

vi /etc/iscsi/initiatorname.iscsi

You can also use the echo command (make sure you use the correct iqn):

echo "InitiatorName=iqn.1982-01.ca.bla.tld:abc123" > /etc/iscsi/initiatorname.iscsi

Start and Enable iscsid

[root@localhost ~]# systemctl start iscsid [root@localhost ~]# systemctl enable iscsid Created symlink from /etc/systemd/system/multi-user.target.wants/iscsid.service to /usr/lib/systemd/system/iscsid.service.

Find Targets!

iscsiadm -m discovery --type sendtargets -p 192.168.1.91 192.168.1.91:3260,1 iqn.2018-12.local.abcrandom.target:sdb

If all is well you should see this with ls

ls /var/lib/iscsi/nodes iqn.2018-12.local.abcrandom.target:sdb [root@localhost ~]# ls /var/lib/iscsi/ ifaces/ nodes/ slp/ isns/ send_targets/ static/ [root@localhost ~]# ls /var/lib/iscsi/send_targets/ 192.168.1.91,3260Mount all iscsi targets

iscsiadm -m node -l Logging in to [iface: default, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] (multiple) Login to [iface: default, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] successful.

You should now see a /dev/sdb available that you can format like a normal disk.

cat /proc/partitions major minor #blocks name 11 0 1048575 sr0 8 0 15728640 sda 8 1 1048576 sda1 8 2 14679040 sda2 253 0 13103104 dm-0 253 1 1572864 dm-1 8 16 4096 sdb

Set it for onboot loading

mkfs.ext4 /dev/sdb1 mke2fs 1.42.9 (28-Dec-2013) Filesystem label= OS type: Linux Block size=1024 (log=0) Fragment size=1024 (log=0) Stride=0 blocks, Stripe width=32764 blocks 1024 inodes, 4092 blocks 204 blocks (4.99%) reserved for the super user First data block=1 Maximum filesystem blocks=4194304 1 block group 8192 blocks per group, 8192 fragments per group 1024 inodes per group Allocating group tables: done Writing inode tables: done Creating journal (1024 blocks): done Writing superblocks and filesystem accounting information: done [root@localhost ~]# blkid /dev/sdb1 /dev/sdb1: UUID="7c1b6358-24b0-4296-b099-13eb1100f72e" TYPE="ext4"

add something like this to /etcfstab

UUID=7c1b6358-24b0-4296-b099-13eb1100f72e /mnt/iscsi ext4 _netdev 0 0

Troubleshooting Common Issues

Firewall Issues. Make sure firewalls are disabled or port 3260 is enabled.
Listening on the wrong IP or port in your portal.
Specifying the target instead of the initiator name/ACL name.
Not creating an LUN
Mixing up different target names with the wrong initiator name.
The client side is using the wrong initiator name (often a random generated one by the OS).

How To

Login To All Targets

iscsiadm -m node -l

Login To Specific Target

iscsiadm -m node -l -T iqn.target.name:bla

Delete your iscsi target

/iscsi> cd /iscsi/ /iscsi> delete iqn.2016-06.localb.a.bla:123 Deleted Target iqn.2016-06.localb.a.bla:123.

Disconnect your client from a target

iscsiadm -m node --logout -T iqn.2018-12.local.abcrandom.target:sdb Logging out of session [sid: 1, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] Logout of [sid: 1, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] successful.

Disconnect from ALL targets

iscsiadm -m node --logout all Logging out of session [sid: 2, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] Logout of [sid: 2, target: iqn.2018-12.local.abcrandom.target:sdb, portal: 192.168.1.91,3260] successful.

Python and BeautifulSoup4's BS4's Decompose Method To Remove Unwanted Inner Tags

<div class="c-shca-icon-item__body-name"> < a href="/Products/MX72244"> < span class="c-shca-icon-item__body-name-brand"> ADATA < / span> XPG SX8200 PCI - E 3.0 x4 M .2 NVMe SSD, 480 GB < / a>

The problem in the html above is that there is a "span" inside the "a" and this is unusual except for a few products with ADATA.
Otherwise it would print out ADATA with the other product information "XPG SX8200 PCI - E 3.0 x4 M .2 NVMe SSD, 480 GB". So we just want the product info and not the ADATA inside span.

The solution is to use beautifulsoup's "decompose method below".

hddname = prices.find("div", {"class": "c-shca-icon-item__body-name"}) hddname=hddname.find("a") hddname.span.decompose() hddname=hddname.get_text().strip()

Once we have the "a" tag contents which contain a "span inside". We just use the decompose() method.

The format is as follows

soupname.tagname.decompose()

httpd AH00534: httpd: Configuration error: No MPM loaded. solution

httpd AH00534: httpd: Configuration error: No MPM loaded.

Simple Solution (assuming you don't have this line in httpd.conf aleady:

echo "Include conf.modules.d/*.conf" >> /etc/httpd/conf/httpd.conf

bash script to remove modules from httpd.conf that are not actually installed

confmodules=`cat /etc/httpd/conf/httpd.conf |grep -v ^#|grep "modules/"|awk '{print $3}'|cut -d "/" -f 2` for module in $confmodules; do echo "module=$module" if [ ! -f /etc/httpd/modules/$module ]; then linenum=`awk /"$module/{ print NR; exit}" /etc/httpd/conf/httpd.conf` sed -i "$linenum"s/.*// /etc/httpd/conf/httpd.conf echo "hey we don't have this $module in /etc/httpd/modules" fi done

Basically the script checks all of the modules your httpd.conf tries to load. Then it checks if the file actually exists in /etc/httpd/modules/ and if it doesn't it edits httpd.conf by removing the relevant line for the module that doesn't exist.

bash scripting how to create a function

function centos7 { release=`cat /etc/redhat-release|awk '{print $4}'|grep ^[7]` if [ "$release" != "" ]; then centos7='yes' fi } centos7 echo "$centos7"

We create a function called "centos7" and then call it by just typing "centos7"

We then access a variable that may be set if we are running centos7 which is also called "$centos7".

If the value is present it should be = "yes" which means we are running Centos 7.

Centos 7 PHP MySQL Not Working Solution

PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/pdo_mysql.so' - /usr/lib64/php/modules/pdo_mysql.so: symbol mysql_options, version libmysqlclient_18 not defined in file libmysqlclient.so.18 with link time reference in Unknown on line 0

#not sure what is wrong with php-mysql but I removed it and installed mysqlnd

yum -y remove php-mysql yum -y install php-mysqlnd

Bash How To Cut or Split Natively And Get The LAST Field

This takes "yourvariable" and splits it based on the last character in this case "-" and shows the last field of that split.

${yourvariable##*-}

Bash Script How To Manipulate Text/Strings By Searchig and Replacing Natively

# a single first slash means first occurrence
# format=${haystack/needle/replacement}
# if you use a double first slash it means ALL occurrences
# format=${haystack//needle/replacement}

email=${file/.txt-marked/}

In the example above we are searching in the variable $file for ".txt-marked" and replacing with nothing (the empty part after the last / means we are replacing with nothing or actually removing it).

How to replace all occurrences?

email=${file//.txt-marked/}

The only difference is where the first slash goes. If you use double slashes it means to replace ALL occurences.

How Does Cisco CUCM (Cisco Unified Communication Manager) Work?

Cisco's CUCM (Cisco Unified Communication Manager) is a system that combines voice, video, data and mobile products into a single unified management suite. At its core, the CUCM is like a "Super PBX" that controls the flow of all communications through an organization even single or multiple site deployments.

Cisco's CUCM makes communication more effective and simple through centralized management and unification of communications resources.

How Does CUCM Work?

First of all the CUCM is a Linux based OS that is installed onto a server. It is like the "Control Panel" or "PBX" for all of your communications in terms of voice and video.

CUCM consists of 4-layers or building blocks to function and create a cohesive communication solution for your enterprise.

4-Layers of CUCM

Layer 1.) Infrastructure

Since CUCM is IP (Internet Protocol) based it uses traditional network infrastructure including switches, routers with the addition of voice specific gateway and switching (voice gateway and voice switch). This layer is also where high availability, QoS (Quality of Service) and management.

Layer 2.) Call Control

The call control layer is actually where CUCM lives and is active. It is the layer that handles and processes the calls, manages devices and where the PBX administrator can set dial plans and other features.

Layer 3.) Application

The applicaton layer processes things other than calls and is indepedent of the Call Control layer.

Examples of applications under this layer are the following:

Cisco Unity - Voicemail, unified messaging and integrated messaging applications
Cisco Unified Contact Center - Call Center Management
Cisco Unified Meeting Place - Video Conferencing
Cisco ER (Emergency Responder) - Identifies the caller location and maps that location to an emergency line identification number.
Cisco Unified Presence Server - Collects and reports information on user devices and availability over what mediums (eg. voice, video etc..)
Third Party App Support - Supports common standards such as TAPI (Telephone Application Programming Interface), SIP (Session Initiation Protocol) (for VOIP), H.323 (an open standard that allows for unified video, audio and data collaboration), MGCP (Media Gateway Control Protocol)

Layer 4.) Endpoints

The end points layer should be described and thought of as the "user level" which is essentially the end-product for the end user. This is because the Endpoints layer presents itself as a Cisco based IP phone, or other VOIP device/application, video terminal etc.

How the Cisco Unified Communications Network Works

The Cisco CUCM is like the "director" or "operator" of calls and helps initially connect or signal the parties involved in a phone conversation. It refers to the complete process of originating, terminating and routing calls. It also allows for stats to be collected for metrics and billing.

The actual voice and data travels directly between the devices themselves over whatever network they are connected to and the failure or loss of connectivity to the CUCM does not impact current conversations (unless you try to use a feature that CUCM controls such as hold, transfer etc..)

The CUCM also creates dialplans which control how and where a user can call.

CUCM also creates basic phone functionality such as the ability to hold, conference or transfer calls.

CUCM also integrates with your existing Active Directory setup to help reduce the configuration and authentication of new users.

How Do Calls Get Setup?

Once the end-user picks up their phone, the phone signals the CUCM that it is "off hook" or "picked up" and will signal the device to play the dialtone. Their device either sends each digit back to CUCM to be dialed (if it uses the SCCP protocol) or sends all digits at once, once the user has dialed (if using the SIP protocol). If a match is found in their dialplan on their CUCM the call will be routed/go through, otherwise the user would receive the "reorder tone" or busy signal.

Recommended Implementation - Campus Model

In this call processing deployment model, the Unified Communications services and the endpoints are co-located in the campus, and the QoS-enabled network between the service nodes, the endpoints, and applications is considered highly available, offering virtually unlimited bandwidth with less than 15 ms of latency end-to-end. Likewise, the quality and availability of power are very high, and services are hosted in an appropriate data center environment. Communications between the endpoints traverses a LAN or a MAN, and communications outside the enterprise goes over an external network such as the PSTN. An enterprise would typically deploy the campus model over a single building or over a group of buildings connected by a LAN or MAN.

The campus model typically has the following design characteristics:

•Single Cisco Unified CM cluster. Some campus call processing deployments may require more than one Unified CM cluster, for instance, if scale calls for more endpoints than can be serviced by a single cluster or if a cluster needs to be dedicated to an application such as a call center.

•Alternatively for smaller deployments, Cisco Business Edition 3000, 5000, or 6000 may be deployed in the campus.

•Maximum of 40,000 configured and registered Skinny Client Control Protocol (SCCP) or Session Initiation Protocol (SIP) IP phones, Cisco Cius, video endpoints, mobile clients, and Cisco Virtualization Experience Clients (VXC) per Unified CM cluster.

•Maximum of 2,100 gateways and trunks (that is, the total number of H.323 gateways, H.323 trunks, digital MGCP devices, and SIP trunks) per Unified CM cluster.

•Trunks and/or gateways (IP or PSTN) for all calls to destinations outside the campus.

•Co-located digital signal processor (DSP) resources for conferencing, transcoding, and media termination point (MTP).

•Other Unified Communications services, such as messaging (voicemail), presence, and mobility are typically co-located.

•Interfaces to legacy voice services such as PBXs and voicemail systems are connected within the campus, with no operational costs associated with bandwidth or connectivity.

•Multipoint Control Unit (MCU) resources are required for multipoint video conferencing. Depending on conferencing requirements, these resources may be either SCCP or H.323, or both.

•H.323 and H.320 video gateways are needed to communicate with H.320 videoconferencing devices on the public ISDN network.

•High-bandwidth audio is available (for example, G.722 or Cisco Wideband Audio) between devices within the site.

•High-bandwidth video (for example, 384 kbps or greater) is available between devices within the site. The Cisco Unified Video Advantage Wideband Codec, operating at 7 Mbps, is also supported.
Best Practices for the Campus Model

Follow these guidelines and best practices when implementing the single-site model:

•Ensure that the infrastructure is highly available, enabled for QoS, and configured to offer resiliency, fast convergence, and inline power.

•Know the calling patterns for your enterprise. Use the campus model if most of the calls from your enterprise are within the same site or to PSTN users outside your enterprise.

•Use G.711 codecs for all endpoints. This practice eliminates the consumption of digital signal processor (DSP) resources for transcoding, and those resources can be allocated to other functions such as conferencing and media termination points (MTPs).

•Implement the recommended network infrastructure for high availability, connectivity options for phones (in-line power), Quality of Service (QoS) mechanisms, and security. (See Network Infrastructure.)

•Follow the provisioning recommendations listed in the chapter on Call Processing.

What DNS Options Does Active Directory Offer in Windows Server 2008,2012,2016 ?

What Is Active Directory?

Active Directory is essentially an enhanced, centralized database with a set of objects that make user management, authorization, and data management simpler. Active Directory is synonymous with "Domain Controllers" where a single "domain" often consists of multiple sites and members of the domain. Multiple domains can also be joined to belong to a tree ( a collection of domains). And the highest layer is the forest which is created from multiple trees.

Active Directory can help provide DNS service by enabling the "DNS Server Role" which will allow members of a Domain to process DNS requests and create a highly available, fault-tolerant, redundant DNS design.

The first step is to ensure all relevant servers have the "Active Directory" role added and including the DNS portion.

The preferred method and setup is that the first DNS server should be set to the IP of another domain controller or DNS server that serves DNS and the secondary one should point to the localhost. DNS forwarders should be configured on each server that is running DNS, as this allows DNS resolutons to the outside to continue working in the event that one server hosting DNS goes down.

Best Practices According To Microsoft:

Question

What is Microsoft’s best practice for where and how many DNS servers exist? What about for configuring DNS client settings on DC’s and members?

Answer

It depends on who you ask. 🙂 We in MS have been arguing this amongst ourselves for 11 years now. Here are the general guidelines that the Microsoft AD and Networking Support teams give to customers, based on our not inconsiderable experience with customers and their CritSits:

If a DC is hosting DNS, it should point to itself at least somewhere in the client list of DNS servers.
If at all possible on a DC, client DNS should point to another DNS server as primary and itself as secondary or tertiary. It should not point to self as primary due to various DNS islanding and performance issues that can occur. (This is where the arguments usually start)
When referencing a DNS server on itself, a DNS client should always use a loopback address and not a real IP address.
Unless there is a valid reason not to that you can concretely explain with more pros than cons, all DC’s in a domain should be running DNS and hosting at least their own DNS zone; all DC’s in the forest should be hosting the _MSDCS zones. This is default when DNS is configured on a new Win2003 or later forest’s DC’s. (Lots more arguments here).
DC’s should have at least two DNS client entries.
Clients should have these DNS servers specified via DHCP or by deploying via group policy/group policy preferences, to avoid admin errors; both of those scenarios allow you to align your clients with subnets, and therefore specific DNS servers. Having all the clients & members point to the same one or two DNS servers will eventually lead to an outage and a conversation with us and your manager. If every DC is a DNS server, clients can be fine-tuned to keep their traffic as local as possible and DNS will be highly available with special work or maintenance. It also means that branch offices can survive WAN outages and keep working, if they have local DC’s running DNS.
We don’t care if you use Windows or 3rd party DNS. It’s no skin off our nose: you already paid us for the DC’s and we certainly don’t need you to buy DNS-only Windows servers. But we won’t be able to assist you with your BIND server, and their free product’s support is not free.
(Other things I didn’t say that are people’s pet peeves, leading to even more arguments).

Other Options

It should be noted that Active Directory Domain Controllers are not required to serve their own DNS and it is optional at the time of domain controller creation.

Another option that exists are the integration of Linux's NAMED or BIND DNS Server which is known to scale well and be extremely reliable.

Many cybersecurity experts believe this provides an enhanced level of performance and security, while still giving you the full features that Active Directory offers.

In general having a non-Microsoft DNS can offer you better performance and security. Securing your DNS servers is especially important, not only for DOS attacks but DNS poisoning especially due to privilege escalation or a compromise of a domain controller. This would allow an attacker to trick users into believing they were visiting a site they are not (eg. accounting may login to their online banking but unknowingly pass their details off to the hackers who have poisoned the DNS and sent them to a spoof site).

Here is a list of some of the value-added features offered by third-party DNS solutions available today:

Proactive automated adaptive behavior protection from DNS attacks, malware and data exfiltration through customized DNS firewall security
Utilize DNS and DHCP features that are unavailable from Microsoft in-box solutions such as Identity Mapping (linking IP addresses to users)
Intelligently resolve queries and direct traffic according to geographic location
Increased logging to help determine where issues and attacks are originating
Utilizing a single solution for external and internal DNS (aka "single view")
Operating system-agnostic way to manage DNS
Increased security by reducing admin privilege usage
Increased granularity for control of dynamic DNS updates via IP-based access-control, as opposed to the Microsoft's three-level approach of "none," "secure only" (i.e., AD-integrated clients (GSS-TSIG)) or "secure and insecure" (i.e., anyone, no TSIG or IP-based authentication required)

A good example is if you have 10 servers:

Server 1
Primary DNS: 172.16.254.2
Second DNS: 127.0.0.1
---------------------------------
Server 2
Primary DNS: 172.16.254.3
Second DNS: 127.0.0.1
---------------------------------
Server 3
Primary DNS: 172.16.254.4
Second DNS: 127.0.0.1
---------------------------------
Server 4
Primary DNS: 172.16.254.5
Second DNS: 127.0.0.1
---------------------------------
Server 5
Primary DNS: 172.16.254.6
Second DNS: 127.0.0.1
---------------------------------
Server 6
Primary DNS: 172.16.254.7
Second DNS: 127.0.0.1
---------------------------------
Server 7
Primary DNS: 172.16.254.8
Second DNS: 127.0.0.1
---------------------------------
Server 8
Primary DNS: 172.16.254.9
Second DNS: 127.0.0.1
---------------------------------
Server 9
Primary DNS: 172.16.254.10
Second DNS: 127.0.0.1
---------------------------------
Server 10
Primary DNS: 172.16.254.11
Second DNS: 127.0.0.1
---------------------------------

By setting up your DNS this way you are ensuring that should a domain member that provides DNS goes down that you have redundancy and the remaining servers will still function rather than if they were all relying on a single server as their secondary DNS source.

syntax error, unexpected T_SL in PHP Solution

This happened in a PHP script with heredoc but it could really happen anywhere. The issue was whitespace in code like this:

$variable = <<< HTML some stuff here $othervar HTML;

Notice on the first line that there is extra white space after the HTML. Whitespace was a deadly killer since it isn't obvious in terms of syntax.

grep regular expression match number range between specific numbers

grep -E servers1[2-6] somefile.txt

The 1 before the [ bracket means that the number must start with one and can be between 1 and [2-6] or in plain English between 12-16.

bash how to print out lines of text within a range from the first occurrence

#get line number of occurrence in text file and then print out x lines from that point

#get the line number of the first occurrence of our search text linenumber=`grep -n "someuniqueitem" inventory.txt|head -n1|cut -d ":" -f 1` #linestop represents how many lines after the occurring line we want to print out in this case "20" linestop=$((linenumber+20))

# sed prints out the line range we want for inventory.txt # note that the p after $linestop tells sed to print sed -n "$linenumber,$linestop p" inventory.txt

Combing it into one line:

linenumber=`grep -n "evodal07" inventory.txt|head -n1|cut -d ":" -f 1`&&sed -n "$linenumber,$((linenumber+20)) p" inventory.txt

bash script how to to check LAN computers for open ports

In this case it just searches for port 80 it is fairly handy if you have some sort of appliance or something else you aren't sure of the IP of

Of course change the port 80 port to whatever port(s) you want.

for ip in `arp -n|arp -n|tail -n +2|head -n -1 |grep -v incomplete|awk '{print $1}'`; do echo "checking $ip:80" nc -w 1 -z $ip 80 if [ "$?" == 0 ]; then echo "**Port 80 Open on $ip**" fi done

MySQL Using mytop Debug Source of High IO and Slow Performance

mytop is one of my favorite tools and it is fairly simple aside from a few caveats and issues that persist to this day.

To install it on Centos:

yum -y install centos

Configure ~/.mytop

vi ~/.mytop

user=root host=localhost db=test #port=3306 socket=/var/lib/mysql/mysql.sock header=1 color=1

Try running it and see this error:

mytop --prompt

Error Fix:

vi /usr/bin/mytop #comment this out: #"long|!" => $config{long_nums},

Once you do get it running it's very useful you can watch queries in real time and if there is a single database slowing you down it will become apparent by watching the queries. Even using slow queries cannot always find the cause because sometimes the query isn't technically slow but it is the iowait that doesn't allow the query to even start executing for a long time.

How To Mathematically Convert and Calculate Binary Value To Decimal Value

When converting binary the easiest way is to write out a vertical list in a format like below and follow the formula in the table.

Example Convert 1101 1111 to decimal.

Step 1.)

Write out the binary below in vertical form (leave lots of space on the left side).

Keep this in mind that the "previous sum" starts at 0 on your first line.

Step 2.)

Formula:

2 * Previous Sum + Binary Number = Current Total

Write out each line in order from top to bottom of 1101 1111 in the same format and perform the calculations below.

Note that we alway use 0 for the previous sum.

2	*	Previous Sum	+	Binary Value	=	Current Total
2	*	0	+	1	=	1
`2`	*	1	+	1	=	3
2	*	3	+	0	=	6
2	*	6	+	1	=	13
2	*	13	+	1	=	27
2	*	27	+	1	=	55
2	*	55	+	1	=	111
2	*	111	+	1	=	223

systemd management using systemctl and journalctl to check systemd logs

systemd is like the service manager for your Centos and other modern Linux distributions (including Debian/Mint/Ubuntu) allows you to enable services, stop them, restart them, check their status and even reboot your system.

The key commands or arguments you will use with systemctl are the following:

Unit Commands: list-units [PATTERN...] List loaded units list-sockets [PATTERN...] List loaded sockets ordered by address list-timers [PATTERN...] List loaded timers ordered by next elapse start NAME... Start (activate) one or more units stop NAME... Stop (deactivate) one or more units reload NAME... Reload one or more units restart NAME... Start or restart one or more units try-restart NAME... Restart one or more units if active reload-or-restart NAME... Reload one or more units if possible, otherwise start or restart reload-or-try-restart NAME... Reload one or more units if possible, otherwise restart if active isolate NAME Start one unit and stop all others kill NAME... Send signal to processes of a unit is-active PATTERN... Check whether units are active is-failed PATTERN... Check whether units are failed status [PATTERN...|PID...] Show runtime status of one or more units show [PATTERN...|JOB...] Show properties of one or more units/jobs or the manager cat PATTERN... Show files and drop-ins of one or more units set-property NAME ASSIGNMENT... Sets one or more properties of a unit help PATTERN...|PID... Show manual for one or more units reset-failed [PATTERN...] Reset failed state for all, one, or more units list-dependencies [NAME] Recursively show units which are required or wanted by this unit or by which this unit is required or wanted

check the state of all running services

systemctl list-units --type service --all --state failed

systemctl list-units --type service --all --state running

systemctl list-units --type service --all --state active

How Do You Enable or Disable Services

systemctl enable sshd

systemctl disable crond

Note that disabling does NOT stop them if they are currently running.

systemctl disable crond Removed symlink /etc/systemd/system/multi-user.target.wants/crond.service. [root@bcitcourse ~]# systemctl status crond ● crond.service - Command Scheduler Loaded: loaded (/usr/lib/systemd/system/crond.service; disabled; vendor preset: enabled) Active: active (running) since Sat 2018-11-03 19:12:14 UTC; 2 days ago Main PID: 139 (crond) CGroup: /system.slice/crond.service └─139 /usr/sbin/crond -n Sep 18 07:19:54 bcitcourse systemd[1]: Starting Command Scheduler... Sep 18 07:19:54 bcitcourse crond[31554]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 34% if used.) Sep 18 07:19:54 bcitcourse crond[31554]: (CRON) INFO (running with inotify support) Sep 18 07:19:54 bcitcourse crond[31554]: (CRON) INFO (@reboot jobs will be run at computer's startup.) Sep 18 07:23:54 bcitcourse systemd[1]: Stopping Command Scheduler... Sep 18 07:23:54 bcitcourse systemd[1]: Started Command Scheduler. Sep 18 07:23:54 bcitcourse systemd[1]: Starting Command Scheduler... Sep 18 07:23:54 bcitcourse crond[32128]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 44% if used.) Sep 18 07:23:54 bcitcourse crond[32128]: (CRON) INFO (running with inotify support) Sep 18 07:23:54 bcitcourse crond[32128]: (CRON) INFO (@reboot jobs will be run at computer's startup.) Nov 01 18:20:58 bcitcourse systemd[1]: Stopping Command Scheduler... Nov 01 18:20:58 bcitcourse systemd[1]: Stopped Command Scheduler. Nov 01 18:21:26 bcitcourse systemd[1]: Started Command Scheduler. Nov 01 18:21:26 bcitcourse systemd[1]: Starting Command Scheduler... Nov 01 18:21:26 bcitcourse crond[156]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 72% if used.) Nov 01 18:21:26 bcitcourse crond[156]: (CRON) INFO (running with inotify support) Nov 02 17:24:11 bcitcourse systemd[1]: Stopping Command Scheduler... Nov 02 17:24:11 bcitcourse systemd[1]: Stopped Command Scheduler. Nov 02 17:25:08 bcitcourse systemd[1]: Started Command Scheduler. Nov 02 17:25:08 bcitcourse systemd[1]: Starting Command Scheduler... Nov 02 17:25:08 bcitcourse crond[135]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 37% if used.) Nov 02 17:25:08 bcitcourse crond[135]: (CRON) INFO (running with inotify support) Nov 02 19:26:01 bcitcourse crond[135]: (wwwmaster) BAD FILE MODE (/var/spool/cron/wwwmaster) Nov 02 19:56:01 bcitcourse crond[135]: (wwwmaster) BAD FILE MODE (/var/spool/cron/wwwmaster) Nov 03 19:11:56 bcitcourse systemd[1]: Stopping Command Scheduler... Nov 03 19:11:56 bcitcourse systemd[1]: Stopped Command Scheduler. Nov 03 19:12:14 bcitcourse systemd[1]: Started Command Scheduler. Nov 03 19:12:14 bcitcourse systemd[1]: Starting Command Scheduler... Nov 03 19:12:14 bcitcourse crond[139]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 66% if used.) Nov 03 19:12:14 bcitcourse crond[139]: (wwwmaster) BAD FILE MODE (/var/spool/cron/wwwmaster) Nov 03 19:12:14 bcitcourse crond[139]: (CRON) INFO (running with inotify support) [root@bcitcourse ~]# ps aux|grep crond root 139 0.0 0.0 22700 1496 ? Ss Nov03 0:00 /usr/sbin/crond -n root 5833 0.0 0.0 112660 952 pts/3 S+ 19:11 0:00 grep --color=auto crond

How do targets work and what are they?

It is similar to the traditional runtimes where generally normal non GUI operation would be considered "runlevel 3" and the GUI would be "runlevel 5".

Instead, with systemctl you have targets for these that are based on names.

A good example is when installing your GNOME GUI:

You can do that, type startx and get your GUI. But upon reboot you'll still be at the CLI. Why?

You need to set your default target to the graphical target like below.

systemctl set-default graphical.target

What targets are available on my system?

ls /usr/lib/systemd/system arp-ethers.service finger@.service nfs-blkmap.service rhel-configure.service sockets.target.wants systemd-poweroff.service auth-rpcgss-module.service finger.socket nfs-client.target rhel-dmesg.service sound.target systemd-quotacheck.service autovt@.service firewalld.service nfs-config.service rhel-domainname.service sshd-keygen.service systemd-random-seed.service basic.target fstrim.service nfs-idmapd.service rhel-import-state.service sshd.service systemd-readahead-collect.service basic.target.wants fstrim.timer nfs-idmap.service rhel-loadmodules.service sshd@.service systemd-readahead-done.service blk-availability.service garbd.service nfs-lock.service rhel-readonly.service sshd.socket systemd-readahead-done.timer bluetooth.target geoclue.service nfslock.service rpcbind.service suspend.target systemd-readahead-drop.service brandbot.path getty-pre.target nfs-mountd.service rpcbind.socket swap.target systemd-readahead-replay.service brandbot.service getty@.service nfs-rquotad.service rpcbind.target sys-fs-fuse-connections.mount systemd-reboot.service canberra-system-bootup.service getty.target nfs-secure.service rpc-gssd.service sysinit.target systemd-remount-fs.service canberra-system-shutdown-reboot.service graphical.target nfs-server.service rpcgssd.service sysinit.target.wants systemd-rfkill@.service canberra-system-shutdown.service graphical.target.wants nfs.service rpcidmapd.service sys-kernel-config.mount systemd-shutdownd.service console-getty.service gssproxy.service nfs-utils.service rpc_pipefs.target sys-kernel-debug.mount systemd-shutdownd.socket console-shell.service halt-local.service nmb.service rpc-rquotad.service syslog.socket systemd-suspend.service container-getty@.service halt.target nscd.service rpc-statd-notify.service syslog.target.wants systemd-sysctl.service crond.service hibernate.target nscd.socket rpc-statd.service systemd-ask-password-console.path systemd-timedated.service cryptsetup-pre.target htcacheclean.service nss-lookup.target rsyncd.service systemd-ask-password-console.service systemd-tmpfiles-clean.service cryptsetup.target httpd.service nss-user-lookup.target rsyncd@.service systemd-ask-password-wall.path systemd-tmpfiles-clean.timer ctrl-alt-del.target hybrid-sleep.target ntalk.service rsyncd.socket systemd-ask-password-wall.service systemd-tmpfiles-setup-dev.service dbus-org.freedesktop.hostname1.service initrd-cleanup.service ntalk.socket rsyslog.service systemd-backlight@.service systemd-tmpfiles-setup.service dbus-org.freedesktop.import1.service initrd-fs.target paths.target runlevel0.target systemd-binfmt.service systemd-udevd-control.socket dbus-org.freedesktop.locale1.service initrd-parse-etc.service polkit.service runlevel1.target systemd-bootchart.service systemd-udevd-kernel.socket dbus-org.freedesktop.login1.service initrd-root-fs.target poweroff.target runlevel1.target.wants systemd-firstboot.service systemd-udevd.service dbus-org.freedesktop.machine1.service initrd-switch-root.service poweroff.target.wants runlevel2.target systemd-fsck-root.service systemd-udev-settle.service dbus-org.freedesktop.timedate1.service initrd-switch-root.target printer.target runlevel2.target.wants systemd-fsck@.service systemd-udev-trigger.service dbus.service initrd.target proc-fs-nfsd.mount runlevel3.target systemd-halt.service systemd-update-done.service dbus.socket initrd.target.wants proc-sys-fs-binfmt_misc.automount runlevel3.target.wants systemd-hibernate-resume@.service systemd-update-utmp-runlevel.service dbus.target.wants initrd-udevadm-cleanup-db.service proc-sys-fs-binfmt_misc.mount runlevel4.target systemd-hibernate.service systemd-update-utmp.service debug-shell.service ip6tables.service quotaon.service runlevel4.target.wants systemd-hostnamed.service systemd-user-sessions.service default.target iptables.service rc-local.service runlevel5.target systemd-hwdb-update.service systemd-vconsole-setup.service default.target.wants kexec.target rdisc.service runlevel5.target.wants systemd-hybrid-sleep.service system.slice dev-hugepages.mount kmod-static-nodes.service rdma-hw.target runlevel6.target systemd-importd.service system-update.target dev-mqueue.mount local-fs-pre.target rdma-load-modules@.service saslauthd.service systemd-initctl.service tcsd.service dracut-cmdline.service local-fs.target rdma-ndd.service sendmail.service systemd-initctl.socket timers.target dracut-initqueue.service local-fs.target.wants rdma.service serial-getty@.service systemd-journal-catalog-update.service timers.target.wants dracut-mount.service machine.slice reboot.target shutdown.target systemd-journald.service time-sync.target dracut-pre-mount.service machines.target reboot.target.wants shutdown.target.wants systemd-journald.socket tmp.mount dracut-pre-pivot.service messagebus.service remote-cryptsetup.target sigpwr.target systemd-journal-flush.service umount.target dracut-pre-trigger.service multi-user.target remote-fs-pre.target sleep.target systemd-kexec.service user.slice dracut-pre-udev.service multi-user.target.wants remote-fs.target -.slice systemd-localed.service var-lib-nfs-rpc_pipefs.mount dracut-shutdown.service named.service rescue.service slices.target systemd-logind.service vzfifo.service ebtables.service named-setup-rndc.service rescue.target smartcard.target systemd-machined.service vzreboot.service emergency.service network-online.target rescue.target.wants smb.service systemd-machine-id-commit.service xinetd.service emergency.target network-pre.target rhel-autorelabel-mark.service sm-client.service systemd-modules-load.service final.target network.target rhel-autorelabel.service sockets.target systemd-nspawn@.service

We can check by symlink to see what the default target is:

lrwxrwxrwx 1 root root 16 Sep 18 07:18 /usr/lib/systemd/system/default.target -> graphical.target

Checking to see what services start with a target

systemctl list-dependencies default.target default.target ● ├─display-manager.service ● ├─mysqld.service ● ├─network.service ● ├─quotaon.service ● ├─systemd-readahead-collect.service ● ├─systemd-readahead-replay.service ● ├─systemd-update-utmp-runlevel.service ● ├─vzfifo.service ● └─multi-user.target ● ├─brandbot.path ● ├─dbus.service ● ├─httpd.service ● ├─mysqld.service ● ├─network.service ● ├─rhel-configure.service ● ├─rsyslog.service ● ├─saslauthd.service ● ├─sendmail.service ● ├─sm-client.service ● ├─sshd.service ● ├─systemd-ask-password-wall.path ● ├─systemd-logind.service ● ├─systemd-update-utmp-runlevel.service ● ├─systemd-user-sessions.service ● ├─xinetd.service ● ├─basic.target ● │ ├─iptables.service ● │ ├─rhel-dmesg.service ● │ ├─paths.target ● │ ├─slices.target ● │ │ ├─-.slice ● │ │ └─system.slice ● │ ├─sockets.target ● │ │ ├─dbus.socket ● │ │ ├─rpcbind.socket ● │ │ ├─systemd-initctl.socket ● │ │ ├─systemd-journald.socket ● │ │ ├─systemd-shutdownd.socket ● │ │ ├─systemd-udevd-control.socket ● │ │ └─systemd-udevd-kernel.socket ● │ ├─sysinit.target ● │ │ ├─dev-hugepages.mount ● │ │ ├─dev-mqueue.mount ● │ │ ├─kmod-static-nodes.service ● │ │ ├─proc-sys-fs-binfmt_misc.automount ● │ │ ├─rhel-autorelabel-mark.service ● │ │ ├─rhel-autorelabel.service ● │ │ ├─rhel-domainname.service ● │ │ ├─rhel-import-state.service ● │ │ ├─rhel-loadmodules.service ● │ │ ├─sys-fs-fuse-connections.mount ● │ │ ├─sys-kernel-config.mount ● │ │ ├─sys-kernel-debug.mount ● │ │ ├─systemd-ask-password-console.path ● │ │ ├─systemd-binfmt.service ● │ │ ├─systemd-firstboot.service ● │ │ ├─systemd-hwdb-update.service ● │ │ ├─systemd-journal-catalog-update.service ● │ │ ├─systemd-journal-flush.service ● │ │ ├─systemd-journald.service ● │ │ ├─systemd-machine-id-commit.service ● │ │ ├─systemd-modules-load.service

How can we see what switchable "isolate"able targets are available?

ls -al /usr/lib/systemd/system/|grep ^ddrwxr-xr-x 22 root root 16384 Nov 3 22:59 . drwxr-xr-x 13 root root 4096 Sep 18 07:18 .. drwxr-xr-x 2 root root 4096 Sep 18 07:23 basic.target.wants drwxr-xr-x 2 root root 4096 Aug 16 18:34 dbus.target.wants drwxr-xr-x 2 root root 4096 Aug 16 18:34 default.target.wants drwxr-xr-x 2 root root 4096 Sep 18 07:18 graphical.target.wants drwxr-xr-x 2 root root 4096 Sep 18 07:18 initrd.target.wants drwxr-xr-x 2 root root 4096 Sep 18 07:23 local-fs.target.wants drwxr-xr-x 2 root root 4096 Sep 18 07:23 multi-user.target.wants drwxr-xr-x 2 root root 4096 Sep 18 07:18 poweroff.target.wants drwxr-xr-x 2 root root 4096 Sep 18 07:18 reboot.target.wants drwxr-xr-x 2 root root 4096 Sep 18 07:18 rescue.target.wants drwxr-xr-x 2 root root 4096 Sep 18 07:18 runlevel1.target.wants drwxr-xr-x 2 root root 4096 Sep 18 07:18 runlevel2.target.wants drwxr-xr-x 2 root root 4096 Sep 18 07:18 runlevel3.target.wants drwxr-xr-x 2 root root 4096 Sep 18 07:18 runlevel4.target.wants drwxr-xr-x 2 root root 4096 Sep 18 07:18 runlevel5.target.wants drwxr-xr-x 2 root root 4096 Sep 18 07:18 shutdown.target.wants drwxr-xr-x 2 root root 4096 Sep 18 07:18 sockets.target.wants drwxr-xr-x 2 root root 4096 Sep 18 07:18 sysinit.target.wants drwxr-xr-x 2 root root 4096 Aug 16 18:34 syslog.target.wants drwxr-xr-x 2 root root 4096 Sep 18 07:18 timers.target.wants

How do we switch targets without rebooting?

systemctl isolate targetname

systemctl isolate poweroff

systemctl sockets

systemctl list-sockets

LISTEN UNIT ACTIVATES /dev/log systemd-journald.socket systemd-journald.service /run/dbus/system_bus_socket dbus.socket dbus.service /run/systemd/initctl/fifo systemd-initctl.socket systemd-initctl.service /run/systemd/journal/socket systemd-journald.socket systemd-journald.service /run/systemd/journal/stdout systemd-journald.socket systemd-journald.service /run/systemd/shutdownd systemd-shutdownd.socket systemd-shutdownd.service /run/udev/control systemd-udevd-control.socket systemd-udevd.service /var/run/rpcbind.sock rpcbind.socket rpcbind.service kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service 9 sockets listed. Pass --all to see loaded but inactive sockets, too.

journalctl (systemd logging)

journalctl -u sshd

Aug 07 06:22:45 bcitcourse sshd[595]: Received disconnect from 59.63.188.32: 11: [preauth] Aug 07 06:23:00 bcitcourse sshd[597]: Received disconnect from 221.194.47.221: 11: [preauth] Aug 07 06:23:15 bcitcourse sshd[599]: Received disconnect from 59.63.188.32: 11: [preauth] Aug 07 06:23:16 bcitcourse sshd[601]: Received disconnect from 221.194.44.232: 11: [preauth] Aug 07 06:23:42 bcitcourse sshd[603]: Received disconnect from 59.63.188.32: 11: [preauth] Aug 07 06:24:14 bcitcourse sshd[607]: Received disconnect from 59.63.188.32: 11: [preauth] Aug 07 06:24:46 bcitcourse sshd[609]: Received disconnect from 59.63.188.32: 11: [preauth] Jul 22 10:21:09 bcitcourse sshd[867]: reverse mapping checking getaddrinfo for 88.150-182-91.adsl-dyn.isp.belgacom.be [91.182.150.88] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 22 10:21:09 bcitcourse sshd[867]: Invalid user pi from 91.182.150.88 Jul 22 10:21:09 bcitcourse sshd[867]: input_userauth_request: invalid user pi [preauth] Jul 22 10:21:09 bcitcourse sshd[865]: reverse mapping checking getaddrinfo for 88.150-182-91.adsl-dyn.isp.belgacom.be [91.182.150.88] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 22 10:21:09 bcitcourse sshd[865]: Invalid user pi from 91.182.150.88 Jul 22 10:21:09 bcitcourse sshd[865]: input_userauth_request: invalid user pi [preauth] Jul 22 10:21:09 bcitcourse sshd[867]: pam_unix(sshd:auth): check pass; user unknown Jul 22 10:21:09 bcitcourse sshd[867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.182.150.88 Jul 22 10:21:09 bcitcourse sshd[865]: pam_unix(sshd:auth): check pass; user unknown Jul 22 10:21:09 bcitcourse sshd[865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.182.150.88 Jul 22 10:21:11 bcitcourse sshd[867]: Failed password for invalid user pi from 91.182.150.88 port 46846 ssh2 Jul 22 10:21:11 bcitcourse sshd[865]: Failed password for invalid user pi from 91.182.150.88 port 46842 ssh2

What's the difference?

journalctl -b 2 and journalctl -b -2

It is the fact the first "2" is a positive and the second "-2" is a negative.

Thus, 1 means the first boot found in the journal in chronological order, 2 the second and so on; while -0 is the last boot, -1 the boot before last, and so on.

css how to format code in the code tag

code { background: #f4f4f4; border: 1px solid #ddd; border-left: 3px solid #f36d33; color: #666; page-break-inside: avoid; font-family: monospace; font-size: 15px; line-height: 1.6; margin-bottom: 1.6em; max-width: 100%; overflow: auto; padding: 1em 1.5em; display: block; word-wrap: break-word; }
The above has worked well for me. You may also need the block below if your spacing is messed up (some css templates suffer from this).

css br with extra blank line

The problem I was having is that a css template I was using was causing
br's to have an empty line in between which is very undesirable especially when displaying code.

br { display:none; margin: 0px; height: 0px; }

Using CSS code like above will fix it. You technically shouldn't need the margin or height either.

What is /dev/pts and why do we need it in Linux?

A quick check in /dev/pts shows a lot of entries but what are they for?:

ls /dev/pts 0 10 12 14 16 18 2 21 23 25 27 29 30 32 4 6 8 ptmx 1 11 13 15 17 19 20 22 24 26 28 3 31 33 5 7 9

Basically they are pseudo-terminals, whereas a tty is a physical terminal (think of Ctrl + Alt + F1 being tty0 and F8 being tty7).

An easy way to test this is to keep opening new terminal windows (Ctrl+Shift+t)

Then type "tty" and you'll see each one has a higher /dev/pts number.

Pretty much anything such like ssh, bash that uses terminal input or output will create it's own /dev/pts.

Linux What is umask (user mask) for file and directory creation permissions and how to calculate umask and change the defaults

umask are the default permissions that are applied when a file or directory are created. To see this in action simply just "touch filename" or "mkdir somedir" and you'll see what default permissions are applied.

The first thing I always tell people you should know is to NEVER change the defaults unless you are making them more restrictive. But they work well and if you change the defaults you could end up creating a file without permission to read or write it which could break some scripts. If you made things less restrictive it is a security issue in my opinion.

It is said umask is the reverse or opposite of standard permissions but before we explain how to calculate them let's see what happens with the default umask settings.

As we can see the defaults as with most Unix systems are 022:

[root@evohostingtor2017 umasktest]# umask0022

Knowing this let's check the default creation permissions of a file and directory below:

[root@evohostingtor2017 umasktest]# mkdir umaskdir [root@evohostingtor2017 umasktest]# touch umaskfile

[root@evohostingtor2017 umasktest]# ls -alh

drwxr-xr-x 3 root root 4.0K Oct 31 18:55 . drwxrwxrwt 5 root root 4.0K Oct 31 18:55 .. drwxr-xr-x 2 root root 4.0K Oct 31 18:54 umaskdir -rw-r--r-- 1 root root 0 Oct 31 18:55 umaskfile

The results are the following:

Directory permissions = 755

File permissions = 644

Why Doesn't Umask 0 or other modes with execute result in an executable file permission?

Let's go back to the answer above and now explain how umask is calculated and files and directories.

umask is about restricting permissions, in essence this means there are maximum permissions you can subtract from (not add to). What umask is doing is subtracting the values from the maximum possible permissions (more on that below).

umask like normal permissions still uses octal values:

0=read, write, execute
1=read, write
2=read, execute
3=read
4=write, execute
5=write
6=execute
7=no permissions

How do we calculate umask values?

The values are calculated different for files vs directories.

Directories: Maximum possible permissions are 777 (read, write, execute)

Files: Maximum possible permissions are 666 (read, write)

*Note execute is NOT possible to set during file creation.

How We Calculate umask

Let's take our default of 022.

Directories: ( 777 - 022 ) = 755

Files: (777 - 022) = 644 (we always drop any 1's/execute bits because files cannot have execute permissions upon creation due to POSIX restrictions).

More calculations (033):

Directories: (777-033) = 744

Files: (777-033) = 644 (oops remember to drop the 1 from the 7)

(026)

Directories: (777-026) = 751

Files: (777-026) = 640

Basically all we do is take the last 3 numbers and subtract them from the maximum possible permissions (aside from files where we drop a 1 for execute since it is not possible ).

Useful Quiz Here: http://www.webune.com/forums/umask-calculator.html

What about the leading 0 (something that I don't like to talk about and recommend almost never be used)

It can have a maximum value of 7 like the rest of umask.

SETUID=4 (allows the file to be executed as the owner even when another user or group accesses it)

SETGID=2 (allows the file to be executed as the group even when another user or group accesses it)

uid or gid being set represents itself as a small "s" and if you see it with a capital "S" it means it takes no effect (this means the user or group does not have execute permissions).

Sticky Bit=1 (makes it so only the owner can delete or move it).

sticky bit is represented by a small "t" if it takes effect where other has execute permissions (otherwise it takes no effect and will show as a capital "T").

Linux Permissions and Groups Real Usecase for Group Access

I have a directory structure which the primary user needs full access on but wanted a user to access only a specific directory within the main directory (so they could write in there only and nowhere else).

Here's what I did:

[root@compevo8001 dllnow]# ls -alh drwxrwxr-x 2 someuser software 4.0K Oct 19 2017 ExpireYMD-2017-11-20 drwxrwxr-x 2 someuser software 4.0K Nov 19 2017 ExpireYMD-2017-12-20 drwxrwxr-x 2 someuser software 4.0K Dec 19 2017 ExpireYMD-2018-01-20 drwxrwxr-x 2 someuser software 4.0K Jan 19 2018 ExpireYMD-2018-02-20 drwxrwxr-x 2 someuser software 4.0K Feb 19 2018 ExpireYMD-2018-03-20 drwxrwxr-x 2 someuser software 4.0K Mar 19 2018 ExpireYMD-2018-04-20 drwxrwxr-x 2 someuser software 4.0K Apr 19 2018 ExpireYMD-2018-05-20 drwxrwxr-x 2 someuser software 4.0K May 19 04:24 ExpireYMD-2018-06-20 drwxrwxr-x 2 someuser software 4.0K Jun 19 03:49 ExpireYMD-2018-07-20 -rwxr-xr-x 1 someuser software 688 Mar 18 2008 symlinkmodify.sh -rwxr-xr-x 1 someuser someuser 688 Mar 18 2008 symlinkmodify.sh
[root@compevo8001 httpdocs]# groupadd software [root@compevo8001 httpdocs]# useradd softwareuser -g software

[root@compevo8001 httpdocs]# chown -R someuser.software membersonly/dllnow/

So basically "softwareuser" who is part of the "software" group can only write to "dllnow" and cannot write anywhere else based on their group permissions.

Centos 7 python34 how to install the gi library

Getting an error about gi missing when running a .py python script?

Just install EPEL and install the python3-gobject package:

yum install python34-gobject

Centos 7 - Convert Minimal to Graphical GUI GNOME or KDE Desktop

Did you just install the minimal version by accident or want to install the GUI? No need to reinstall just tell yum to do the work for you!

You could actually have both installed and choose one as your preference on demand (although many people prefer GNOME's simplicity).

Step 1.)

Install Gnome and/or KDE.

To install the GNOME Desktop on Centos 7:

yum -y groups install "GNOME Desktop"

To install the KDE Desktop on Centos 7:

yum -y groups install "KDE Plasma Workspaces"

Step 2.)

Type the following command (no need to reboot!):

startx

Now you'll be into your graphical session!

Step 3.)

Make it permanent otherwise you will start in run level 3 without any GUI after rebooting:

systemctl set-default graphical.target

AMD Set Fan Speed and Other Powerplay Memory/CPU Timings with a Linux script

You can do other things but this particular script is just to set all AMD cards to 80% fan speed (remember this script needs to applied everytime you reboot). You could set it is a cron or just throw it into /etc/rc.local

basepath=/sys/class/drm for hwmon in `ls -1 /sys/class/drm|grep card[0-99]$`; do echo card=$hwmon; hwmonname=`ls $basepath/$hwmon/device/hwmon|grep hwmon[0-99]` hwmonpath=$basepath/$hwmon/device/hwmon/$hwmonname echo "echo 1 > $hwmonpath/pwm1_enable" echo "echo 205 > $hwmonpath/pwm1" echo 1 > $hwmonpath/pwm1_enable echo 205 > $hwmonpath/pwm1 done

The way it works is as follows:

The card power play settings are located in:

/sys/class/drm/cardNumber/device/hwmon/hwmonNumber

The card number is also the same order that you'll find in say Claymore and the hwmon number is usually 1 less than your card number. So as you can see below card4's hwmon path is hwmon3.

In the script I account for that just in case it may be different though.

cat /sys/class/drm/card4/device/hwmon/hwmon3/pwm1_enable 2

#enable pwm (if the value is not 1 it is not enabled so setting the fan speed would have no effect)
echo 1 > /sys/class/drm/card4/device/hwmon/hwmon3/pwm1_enable

The parameters for fan speed are a percentage or number out of max 255. So 80% would be the number 205 (it also seems to round to the nearest 5% I believe)

cat /sys/class/drm/card4/device/hwmon/hwmon3/pwm1_max
255
cat /sys/class/drm/card4/device/hwmon/hwmon3/pwm1_min
0

# 210/255 is about 82% fan speed (this still resulted in 80% actual fan speed)
echo "210" > /sys/class/drm/card4/device/hwmon/hwmon3/pwm1

The results of higher fan speeds

In one of my test rigs see that on some cards the temperature reduced by about 14C degrees!

Before:

ETH: GPU0 t=72C fan=64%, GPU1 t=72C fan=63%, GPU2 t=69C fan=23%, GPU3 t=84C fan=0%, GPU4 t=69C fan=27%

After:

ETH: GPU0 30.457 Mh/s, GPU1 30.455 Mh/s, GPU2 29.473 Mh/s, GPU3 29.498 Mh/s, GPU4 29.484 Mh/s
GPU0 t=65C fan=80%, GPU1 t=71C fan=80%, GPU2 t=55C fan=80%, GPU3 t=57C fan=80%, GPU4 t=55C fan=80%

Ethereum Mining Claymore Nanopool Error

This happens if you don' have an updated version normally (eg. things were working fine and you suddenly get this error):

Pool sent wrong data, cannot set epoch, disconnect ETH: Connection lost, retry in 20 sec... ETH: Connection lost, retry in 20 sec...

Solution - Download an updated Claymore!

genisoimage errors with long filenames and deep directory structures

You'll have to violate the iso9660 standards but it is necessary if you want to preserve your filesystem and filenames and shouldn't be an issue as long as you are using a modern OS like Linux.

genisoimage -o Backup-Myfiles.iso -r -J -joliet-long /some/path/

You will get errors like below (even enabling joliet-long didn't help)

genisoimage: Error: /some/filename.pdf have the same Joliet name Joliet tree sort failed. The -joliet-long switch may help you.

#the best way

genisoimage -o /tmp/Backup-Myfiles2.iso -U -iso-level 4 -R /source/dir

This was the only way I could get unmodified long file names and VERY deep directories onto the iso image as original otherwise they get renamed and truncated which breaks a lot of things and makes it confusing. But be warned this breaks the iso9660 standard so many OS's especially Windows may not be able to read it.

==========

#this fixes it
-R is for Rock Ridge and allows for more than 8 deep folders
-U allows for untranslated filenames

genisoimage -o /tmp/Backup-Myfiles.iso -R -U .
#with an exclude

genisoimage -o /tmp/Backup-Myfiles.iso -R -U -m WebSites/blabla .
Warning: creating filesystem that does not conform to ISO-9660.
I: -input-charset not specified, using utf-8 (detected in locale settings)

#the -m causes a shrink error unless you put it earlier

genisoimage: File 'blank.html' did shrink. Files must not be changed while genisoimage runs!

genisoimage -m WebSites/blabla -o /tmp/Backup-Myfiles.iso -R -U .

Linux Kernel USB Export Errors

    4.374647] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[    4.403334] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
[    4.427736] xhci_hcd 0000:00:15.0: xHCI Host Controller
[    4.427844] xhci_hcd 0000:00:15.0: new USB bus registered, assigned bus number 1
[    4.429040] xhci_hcd 0000:00:15.0: hcc params 0x200077c1 hci version 0x100 quirks 0x01109810
[    4.429141] xhci_hcd 0000:00:15.0: cache line size of 64 is not supported
[    4.429290] usb usb1: New USB device found, idVendor=1d6b, idProduct=0002
[    4.429371] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[    4.429464] usb usb1: Product: xHCI Host Controller
[    4.429541] usb usb1: Manufacturer: Linux 4.4.98 xhci-hcd
[    4.429619] usb usb1: SerialNumber: 0000:00:15.0
[    4.429906] hub 1-0:1.0: USB hub found
[    4.429999] hub 1-0:1.0: 8 ports detected
[    4.430779] xhci_hcd 0000:00:15.0: xHCI Host Controller
[    4.430865] xhci_hcd 0000:00:15.0: new USB bus registered, assigned bus number 2
[    4.431011] usb usb2: New USB device found, idVendor=1d6b, idProduct=0003
[    4.431092] usb usb2: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[    4.431186] usb usb2: Product: xHCI Host Controller
[    4.431262] usb usb2: Manufacturer: Linux 4.4.98 xhci-hcd
[    4.431339] usb usb2: SerialNumber: 0000:00:15.0
[    4.431588] hub 2-0:1.0: USB hub found
[    4.431682] hub 2-0:1.0: 7 ports detected
[    4.439651] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[    4.467341] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
[    4.498125] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[    4.519335] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
[    4.542999] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[    4.543095] Warning! ehci_hcd should always be loaded before uhci_hcd and ohci_hcd, not after
[    4.543348] ehci-pci: EHCI PCI platform driver
[    4.550673] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[    4.579335] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
[    4.610100] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[    4.631351] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
[    4.658940] uhci_hcd: USB Universal Host Controller Interface driver
[    4.666245] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[    4.699334] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
[    4.742420] usb 1-3: new low-speed USB device number 2 using xhci_hcd
[    4.930061] usb 1-3: New USB device found, idVendor=13ba, idProduct=0018
[    4.930143] usb 1-3: New USB device strings: Mfr=0, Product=1, SerialNumber=0
[    4.930223] usb 1-3: Product: Barcode Reader
[    5.042408] usb 1-8: new full-speed USB device number 3 using xhci_hcd
[    5.171384] usb 1-8: New USB device found, idVendor=8087, idProduct=0aa7
[    5.171469] usb 1-8: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[    5.174480] clocksource: Switched to clocksource tsc
[    5.209804] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[    5.235470] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
[    5.259595] usbcore: registered new interface driver usb-storage
[    5.267989] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[    5.295427] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)

How to download gajim 0.16.9 XMPP/Jabber client so you can use OMEMO encryption

#Linux Mint 18.2 how to install gajim .16.9 so you can use OMEMO encryption: sudo apt-get install python-axolotl python-nbxmpp wget https://gajim.org/downloads/0.16/gajim-0.16.9.tar.gz tar -zxvf gajim-0.16.9.tar.gz cd gajim-0.16.9 ./autogen.sh ;make;sudo make install

#if you get this error you need to get a newer python-nbxmpp from here: gajim Gajim needs python-nbxmpp >= 0.6.1 to run. Quiting... wget -q https://gajim.org/gajim.key -O - | apt-key add - #Add the repository: sh -c "echo deb ftp://ftp.gajim.org/debian unstable main > /etc/apt/sources.list.d/gajim.list" apt-get update sudo apt-get install python-nbxmpp

HP DL385 G7 Linux BIOS Update Flash

wget https://downloads.linux.hpe.com/repo/spp/rhel/6/x86_64/current/CP017004.scexe
--2018-08-16 05:11:16-- https://downloads.linux.hpe.com/repo/spp/rhel/6/x86_64/current/CP017004.scexe
Resolving downloads.linux.hpe.com (downloads.linux.hpe.com)... 15.249.152.85
Connecting to downloads.linux.hpe.com (downloads.linux.hpe.com)|15.249.152.85|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1525561 (1.5M) [text/plain]
Saving to: ‘CP017004.scexe’

100%[=====================================================================================>] 1,525,561 5.07MB/s in 0.3s

2018-08-16 05:11:16 (5.07 MB/s) - ‘CP017004.scexe’ saved [1525561/1525561]

[root@bx ~]# chmod +x CP017004.scexe
[root@bx ~]# ./CP017004.scexe --unpack=/tmp/newbios

mint@mint ~/2018-Linux-Update-BIOS $ ./cpqsetup
You must be root to execute this utility!
mint@mint ~/2018-Linux-Update-BIOS $ sudo ./cpqsetup
Flash Engine Version: Linux-4.4.1-1

Name: Online ROM Flash Component for Linux - HP ProLiant DL385 G7 (A18) Servers
New Version: 03/19/2012

Current Version: 12/20/2010

The software is installed but is not up to date.

Do you want to upgrade the software to a newer version (y/n) ?y

Flash in progress do not interrupt or your system may become unusable.
Working.........................................................
The installation procedure completed successfully.

A reboot is required to finish the installation completely.
Do you want to reboot your system now?

Once you have cpqsetup you can use the binary for other BIOS updates. For example if you can only find the Windows .exe BIOS update you can extract the BIOS file and replace the original file above.

You can use the Windows BIOS file by unzipping the .exe and then copying the actual firmware to the name of the old file from an older Linux flash download (it uses the new file that you give the old name):

mv CPQA1802.873 CPQA1802.873-
mint@mint ~/2018-Linux-Update-BIOS $ wget https://downloads.hpe.com/pub/softlib2/software1/sc-windows-fw-sys/p1709043947/v150899/cp036023.exe
--2018-08-17 00:14:42-- https://downloads.hpe.com/pub/softlib2/software1/sc-windows-fw-sys/p1709043947/v150899/cp036023.exe
Resolving downloads.hpe.com (downloads.hpe.com)... 15.241.20.93
Connecting to downloads.hpe.com (downloads.hpe.com)|15.241.20.93|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1809864 (1.7M) [application/octet-stream]
Saving to: ‘cp036023.exe’

cp036023.exe        100%[===================>]   1.73M 1.16MB/s    in 1.5s

2018-08-17 00:14:44 (1.16 MB/s) - ‘cp036023.exe’ saved [1809864/1809864]

mint@mint ~/2018-Linux-Update-BIOS $ unzip cp036023.exe
Archive: cp036023.exe
inflating: CPQA1803.46E
inflating: SysRomInstaller.dll
inflating: cp036023.xml
inflating: cpqasmi.sys
inflating: cpqasmi64.sys
inflating: cpqftbl.sys
inflating: cpqftbl64.sys
inflating: cpqpsmi.sys
inflating: cpqpsmi64.sys
inflating: cpqsetup.exe
replace cpqsfa18.cfg? [y]es, [n]o, [A]ll, [N]one, [r]ename: a
error: invalid response [a]
replace cpqsfa18.cfg? [y]es, [n]o, [A]ll, [N]one, [r]ename: A
inflating: cpqsfa18.cfg
inflating: cpqsysio.sys
inflating: cpqsysio64.sys
inflating: readme.txt

mint@mint ~/2018-Linux-Update-BIOS $ cp CPQA1803.46E CPQA1802.873
mint@mint ~/2018-Linux-Update-BIOS $ sudo ./cpqsetup
Flash Engine Version: Linux-4.4.1-1

Name: Online ROM Flash Component for Windows - HP ProLiant DL385 G7 (A18) Servers
New Version: 03/14/2018

Current Version: 03/19/2012

The software is installed but is not up to date.

Do you want to upgrade the software to a newer version (y/n) ?y

Flash in progress do not interrupt or your system may become unusable.
Working.........................................................
The installation procedure completed successfully.

A reboot is required to finish the installation completely.
Do you want to reboot your system now? y
Connection to 192.168.1.71 closed by remote host.
Connection to 192.168.1.71 closed.

hwloc-nox set CPU affinity in Linux

sudo apt-get install hwloc-nox Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: hwloc-nox 0 upgraded, 1 newly installed, 0 to remove and 530 not upgraded. Need to get 151 kB of archives. After this operation, 453 kB of additional disk space will be used. Get:1 http://archive.ubuntu.com/ubuntu xenial/universe amd64 hwloc-nox amd64 1.11.2-3 [151 kB] Fetched 151 kB in 0s (184 kB/s) Selecting previously unselected package hwloc-nox. (Reading database ... 224148 files and directories currently installed.) Preparing to unpack .../hwloc-nox_1.11.2-3_amd64.deb ... Unpacking hwloc-nox (1.11.2-3) ... Processing triggers for man-db (2.7.5-1) ... Setting up hwloc-nox (1.11.2-3) ... mint@mint ~ $ apt-cache search lstopo^C mint@mint ~ $ lstopo lstopo lstopo-no-graphics mint@mint ~ $ lstopo-no-graphics Machine (16GB total) NUMANode L#0 (P#0 7962MB) Package L#0 L3 L#0 (6144KB) L2 L#0 (2048KB) + L1i L#0 (64KB) + Core L#0 L1d L#0 (16KB) + PU L#0 (P#0) L1d L#1 (16KB) + PU L#1 (P#2) L2 L#1 (2048KB) + L1i L#1 (64KB) + Core L#1 L1d L#2 (16KB) + PU L#2 (P#4) L1d L#3 (16KB) + PU L#3 (P#6) L2 L#2 (2048KB) + L1i L#2 (64KB) + Core L#2 L1d L#4 (16KB) + PU L#4 (P#8) L1d L#5 (16KB) + PU L#5 (P#10) L2 L#3 (2048KB) + L1i L#3 (64KB) + Core L#3 L1d L#6 (16KB) + PU L#6 (P#12) L1d L#7 (16KB) + PU L#7 (P#14) L3 L#1 (6144KB) L2 L#4 (2048KB) + L1i L#4 (64KB) + Core L#4 L1d L#8 (16KB) + PU L#8 (P#16) L1d L#9 (16KB) + PU L#9 (P#18) L2 L#5 (2048KB) + L1i L#5 (64KB) + Core L#5 L1d L#10 (16KB) + PU L#10 (P#20) L1d L#11 (16KB) + PU L#11 (P#22) L2 L#6 (2048KB) + L1i L#6 (64KB) + Core L#6 L1d L#12 (16KB) + PU L#12 (P#24) L1d L#13 (16KB) + PU L#13 (P#26) L2 L#7 (2048KB) + L1i L#7 (64KB) + Core L#7 L1d L#14 (16KB) + PU L#14 (P#28) L1d L#15 (16KB) + PU L#15 (P#30) HostBridge L#0 PCIBridge PCI 14e4:1639 Net L#0 "enp4s0f0" PCI 14e4:1639 Net L#1 "enp4s0f1" PCIBridge PCI 14e4:1639 Net L#2 "enp5s0f0" PCI 14e4:1639 Net L#3 "enp5s0f1" PCIBridge PCI 103c:323a PCI 1002:4390 PCI 1002:439c Block(Removable Media Device) L#4 "sr0" PCIBridge PCI 1002:515e GPU L#5 "renderD128" GPU L#6 "card0" GPU L#7 "controlD64" NUMANode L#1 (P#2 8032MB) + Package L#1 L3 L#2 (6144KB) L2 L#8 (2048KB) + L1i L#8 (64KB) + Core L#8 L1d L#16 (16KB) + PU L#16 (P#1) L1d L#17 (16KB) + PU L#17 (P#3) L2 L#9 (2048KB) + L1i L#9 (64KB) + Core L#9 L1d L#18 (16KB) + PU L#18 (P#5) L1d L#19 (16KB) + PU L#19 (P#7) L2 L#10 (2048KB) + L1i L#10 (64KB) + Core L#10 L1d L#20 (16KB) + PU L#20 (P#9) L1d L#21 (16KB) + PU L#21 (P#11) L2 L#11 (2048KB) + L1i L#11 (64KB) + Core L#11 L1d L#22 (16KB) + PU L#22 (P#13) L1d L#23 (16KB) + PU L#23 (P#15) L3 L#3 (6144KB) L2 L#12 (2048KB) + L1i L#12 (64KB) + Core L#12 L1d L#24 (16KB) + PU L#24 (P#17) L1d L#25 (16KB) + PU L#25 (P#19) L2 L#13 (2048KB) + L1i L#13 (64KB) + Core L#13 L1d L#26 (16KB) + PU L#26 (P#21) L1d L#27 (16KB) + PU L#27 (P#23) L2 L#14 (2048KB) + L1i L#14 (64KB) + Core L#14 L1d L#28 (16KB) + PU L#28 (P#25) L1d L#29 (16KB) + PU L#29 (P#27) L2 L#15 (2048KB) + L1i L#15 (64KB) + Core L#15 L1d L#30 (16KB) + PU L#30 (P#29) L1d L#31 (16KB) + PU L#31 (P#31)

Set your affinity

taskset -p ps aux^C
mint mint # ps aux|grep kvm
root      1306 0.0 0.0      0     0 ?        S<   Aug17   0:00 [kvm-irqfd-clean]
root      3724 0.0 0.0 91656 5056 pts/3    S+   16:44   0:00 sudo qemu-system-x86_64 -m 11264 -smp 1 -net tap -net nic -enable-kvm -cpu host -drive file=/dev/sda
root      3725 8.7 45.2 12405860 7413032 pts/3 Sl+ 16:44 11:34 qemu-system-x86_64 -m 11264 -smp 1 -net tap -net nic -enable-kvm -cpu host -drive file=/dev/sda
root      3759 0.0 0.0      0     0 ?        S    16:44   0:00 [kvm-pit/3725]
root      5234 0.0 0.0 14224   980 pts/6    S+   18:56   0:00 grep --color=auto kvm
mint mint # taskset -pc 31 3725
pid 3725's current affinity list: 0-31 pid 3725's new affinity list: 31 mint mint # taskset -pc 30,31 3725 pid 3725's current affinity list: 31 pid 3725's new affinity list: 30,31

In the above command I set the affinity to core 31 and then changed it to cores 30 and 31.

Firefox An error occurred during a connection to some-ip-or-domain. SSL peer reports incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_ALERT Solution

An error occurred during a connection to some-ip-or-domain. SSL peer reports incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_ALERT The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.

**Solution**

Go to about:config

security.tls.insecure_fallback_hosts

Set your hostname or IP that isn't work as the value.

Proxmox understanding the directory structure and why an NFS datastore appears to be missing files/isos

Proxmox at the root of your storage creates and "images" and "templates/iso" folder for VM images and iso's respectively. It ignores files in any other location.

pandoc convert markdown to html

Where markdown=markdown language file and $output is your outputfile.html

pandoc -f markdown $markdown -t html5 --toc --toc-depth=1 > $output

Proxmox error uploading an iso solution

Error 0 occurred while receiving the document

root@vh1:/var/tmp# wget http://mirror.compevo.com/proxmox/proxmox-ve_5.2-1.iso
--2018-08-30 16:27:37-- http://mirror.compevo.com/proxmox/proxmox-ve_5.2-1.iso
Resolving mirror.compevo.com (mirror.compevo.com)... 103.25.61.44
Connecting to mirror.compevo.com (mirror.compevo.com)|103.25.61.44|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 641517568 (612M) [application/octet-stream]
Saving to: ‘proxmox-ve_5.2-1.iso’

proxmox-ve_5.2-1.iso 80%[==================================> ] 493.39M 2.38MB/s in 45s

2018-08-30 16:28:22 (10.9 MB/s) - Connection closed at byte 517359784. Retrying.

--2018-08-30 16:28:23-- (try: 2) http://mirror.compevo.com/proxmox/proxmox-ve_5.2-1.iso
Connecting to mirror.compevo.com (mirror.compevo.com)|103.25.61.44|:80... connected.
HTTP request sent, awaiting response... 206 Partial Content
Length: 641517568 (612M), 124157784 (118M) remaining [application/octet-stream]
Saving to: ‘proxmox-ve_5.2-1.iso’

var/tmp is out of space the same as tmpfs

#this normally happens when Proxmox first uploads it to a place in /tmp on your / filesystem and if you have used a small HDD for testing it's easy for a simple ISO upload to fail for this reason. You'll have to wget directly to the main filesystem or datastore with more space.

Cannot install moodle

After starting the install it stalls here:
admin/index.php?cache=0&agreelicense=1&confirmrelease=1&lang=en

If you manually refresh you get a Plugins check screen:

Installation
System

Moodle second step fails just blank screen:

https://domain.la/user/editadvanced.php?id=2

Solution: give up and choose something else it shouldn't be this hard to just install this moodle software!

MySQL change for Antelope format to Barracuda error solution

Your database uses Antelope as the file format. Full UTF-8 support in MySQL and MariaDB requires the Barracuda file format. Please switch to the Barracuda file format. See the documentation MySQL full unicode support for details.

In /etc/my.cnf under [mysqld]

180827 21:43:14 InnoDB: 5.5.59 started; log sequence number 1589339
180827 21:43:14 [ERROR] /usr/libexec/mysqld: unknown variable 'db_file_format=Barracuda'
#instead set this: innodb_file_format=Barracuda

You will also need to run mysql_upgrade after changing the format and restarting mysql:

mysql_upgrade -u root -p

vmkping -I vmk1 10.0.2.69 PING 10.0.2.69 (10.0.2.69): 56 data bytes sendto() failed (Host is down)

[root@localhost:~] vmkping -I vmk1 10.0.2.69 PING 10.0.2.69 (10.0.2.69): 56 data bytes sendto() failed (Host is down) vsphere distributed switch vmotion not working [root@localhost:~] esxcfg-route -l VMkernel Routes: Network Netmask Gateway Interface 10.0.2.0 255.255.255.0 Local Subnet vmk1 192.168.1.0 255.255.255.0 Local Subnet vmk0 default 0.0.0.0 192.168.1.1 vmk0

Have you set internal IPs in VMWare and cannot ping between them on servers? It is probably because you are using an older than 6.5 version of VMWare's switch without MAC learning. To fix it you'll need to enable Promiscuous mode on the port group or change the software version ot 6.5 which has MAC learning and will make things work fine again.

gvfs mount in /run/user cannot be accessed or displayed wrong permissions

The folder contents could not be displayed
Backend currently unmounting

drwx------ 10 userhere group 260 Aug 23 19:40 ..
?????????? ? ?   ?      ?            ? sftp:host=192.168.8.80,user=adhoc
ls: cannot access 'sftp:host=192.168.8.80,user=adoc': Input/output error

$ ps aux|grep fuse
one       2534 0.0 0.0 1071572 6472 ?        Sl   Jul13   1:19 /usr/lib/gvfs/gvfsd-fuse /run/user/1001/gvfs -f -o big_writes
one      24028 0.0 0.0 14228   976 pts/22   S+   12:51   0:00 grep --color=auto fuse
youruser@superuser-desktop ~ $ sudo killall -9 gvfsd-fuse

youruser@superuser-desktop /run/user/1001 $ ls -alh
ls: cannot access 'gvfs': Transport endpoint is not connected
total 0
drwx------ 10 myuser myuser 260 Aug 23 19:40 .
drwxr-xr-x 3 root root 60 Jul 30 08:10 ..
drwx------ 2 myuser myuser   60 Aug 27 12:51 dconf
d????????? ? ?    ?      ?            ? gvfs

sudo fuser -a -k /usr/lib/gvfs
[sudo] password for youruser:
Sorry, try again.
[sudo] password for youruser:
Sorry, try again.
[sudo] password for youruser:
Cannot stat file /proc/4748/fd/3: Permission denied
Cannot stat file /proc/4748/fd/8: Permission denied
Cannot stat file /proc/4748/fd/33: Permission denied
Cannot stat file /proc/4748/fd/34: Permission denied

ps aux|grep gvfs|awk '{print $11}'|sed s#/usr/lib/gvfs/##g
gvfsd-sftp
gvfsd-trash
gvfs-udisks2-volume-monitor
gvfs-mtp-volume-monitor
gvfs-gphoto2-volume-monitor
gvfs-afc-volume-monitor
gvfs-goa-volume-monitor
gvfsd-metadata
gvfsd-network
gvfsd-smb-browse
gvfsd-smb
gvfsd-dnssd
gvfsd-http
gvfsd-sftp
gvfsd-sftp
gvfsd-computer
gvfsd-burn
grep
sed
youruser@superuser-desktop /run/user/1001 $ for binary in `ps aux|grep gvfs|awk '{print $11}'|sed s#/usr/lib/gvfs/##g`; do
> sudo killall -9 $binary
> done

#sftp from the ui works OK for other apps but the gvfs folder is messed up still

ls: cannot access 'gvfs': Transport endpoint is not connected

VMWare vSphere 6.7 Errors Solution 503 Service Unavailable (Failed to connect to endpoint:

503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http20NamedPipeServiceSpecE:0x00005556ba09c070] _serverNamespace = / action = Allow _pipeName =/var/run/vmware/vpxd-webserver-pipe) 503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http16LocalServiceSpecE:0x00007fd26000b240] _serverNamespace = /ui action = Allow _port = 5090)

Errors like the above are usually because there is an issue with your vSphere or more commonly it is just taking a very long time to start so check back in a number of minutes.

How To Enable Nested KVM so guests can virtualize with hardware extensions

#check if nested KVM is enabled by doing a cat on nested inside sys

root@s14:~# cat /sys/module/kvm_intel/parameters/nested

root@s14:~# echo "options kvm-intel nested=Y" > /etc/modprobe.d/kvm-intel.conf root@s14:~# echo "options kvm-amd nested=1" > /etc/modprobe.d/kvm-amd.conf root@s14:~# modprobe -r kvm_intel modprobe: FATAL: Module kvm_intel is in use. root@s14:~# modprobe kvm_intel

To apply it properly you may need to reboot after the above

vi error solution E166: Can't open linked file for writing

This is not so much of a vi error as it is a physical filesystem error in the sense that the file you are trying to write to is a symlink and the destination doesn't exist or for some other reason is inacessible.

So vi is tellng you "you're writing to a symlinked file and the file the symlink points to cannot be written to". This is especially highlighted byt he fact that if you are using wq! to write and you still get the error.

Supermicro IPMI / KVM / BMC Remote Console Screen Resizing Issue - Window Cut Off Solution

It could just be my specific Java but other KVM/IP works ok on my machine but with Supermicro's IPMI for some reason the console window doesn't resize and even putting it in full screen leaves the window cut off as shown below:

As you can see above the screen is cut off you can't see the "I agree" on the right side.

The window resize option is on and it is clearly not working properly. Even choosing full screen doesn't change anything.

Solution - Here's how you can fix it with the Macro option:

Macro Menu/Settings and click the option for "Hold Left Alt Key"
Then click and hold and the mouse pointer becomes a hand.
You can then drag to the right to expose what is cut off or whereever else you need to see.
After you've moved the screen to where you need and want to click something make sure you disable the "Hold Left Alt Key" in macro or you won't be able to click or interact with anything.

See the example below after using the process above:

Supermicro IPMI Screen Cut Off

Linux bash shell doesn't show username, hostname or current path fix solution

Usually this is because when you created your user you added a user but didn't create their home directory and/or for some reason your .bashrc and .bash_profile in ~ (home) is broken/missing.

In your home just create the following files with the following content to solve it:

.bashrc and .bash_profile.

To apply it just relogin/start a new bash session

# .bash_profile# Get the aliases and functions if [ -f ~/.bashrc ]; then . ~/.bashrc fi # User specific environment and startup programs PATH=$PATH:$HOME/bin export PATH

# .bashrc# User specific aliases and functions alias rm='rm -i' alias cp='cp -i' alias mv='mv -i' # Source global definitions if [ -f /etc/bashrc ]; then . /etc/bashrc fi

zenity popup messages, windows, dialogs, error messages calendars and more howto on Gnome Linux including Ubuntu, Linux Mint, Centos and more

zenity is a nice utility as part of the gnome window manager that allows you to script from bash and retrieve the input from the user. It could also be helpful in just notifying a user when they login with a popup window.

I'll give an overview of what's available with zenity:

Application Options:
  --calendar                                        Display calendar dialog
  --entry                                           Display text entry dialog
  --error                                           Display error dialog
  --info                                            Display info dialog
  --file-selection                                  Display file selection dialog
  --list                                            Display list dialog
  --notification                                    Display notification
  --progress                                        Display progress indication dialog
  --question                                        Display question dialog
  --warning                                         Display warning dialog
  --scale                                           Display scale dialog
  --text-info                                       Display text information dialog
  --color-selection                                 Display color selection dialog
  --password                                        Display password dialog
  --forms                                           Display forms dialog
  --display=DISPLAY                                 X display to use

A few quick examples:

Note you can even use zenity remotely from an SSH session and make a zenity window popup.

zenity --info --text="hello" --title="hithere" --display=:0 Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.

As you can see below I've chosen the "info" dialog type and the text inside it will be "hello" and the title of the window is "hithere" and it is going to show on X Window Display ":0" (the default). The --display portion is only necessary if you have multiple displays or if you are running from a remote SSH session.

Debian/Ubuntu/Mint Linux How To Set VLAN in /etc/network/interfaces

You can find many ways to specify the VLAN in your network configuration but I find this is the simplest and quickest.

In this case we are talking about a bridged adapter "vmbr0" but it works even if you just had a normal non-bridged interface.

The key here is that in vmbr0 you'll notice there is no IP address. We just specify "manual".

Below it is a similar stanza for "vmbr0.58" in this case 58 represents the VLAN (change the 58 to the number of your desired VLAN). Then below it we set the IP address or we could have used DHCP as well.

auto lo iface lo inet loopback iface enp2s0 inet manual auto vmbr0 iface vmbr0 inet manual bridge_ports enp2s0 bridge_stp off bridge_fd 0 auto vmbr0.58 iface vmbr0.58 inet static address 172.16.58.14 netmask 255.255.255.0 gateway 172.16.58.254

moodle install error Error reading from database

Error reading from database

More information about this error

It is usually not possible to recover from errors triggered during installation, you may need to create a new database or use a different database prefix if you want to retry the installation.
Solution:

This happened when I was running MySQL 5.1. Assuming your database details are right and the DB is up then make sure you are using the correct and required MySQL 5.5

After upgrading to MySQL 5.5 things were good.

PHP Displaying Blank Page on Apache

Almost always the reason will be that the php.so file is missing but also that php.conf is misconfigured.

In the problem machine it is actually PHP 7 installed so if you reference PHP 5 of course things wil be broken!

Take for example here:

cat /etc/httpd/conf.d/php.conf # # PHP is an HTML-embedded scripting language which attempts to make it # easy for developers to write dynamically generated webpages. # LoadModule php7_module modules/libphp7.so # # Cause the PHP interpreter to handle files with a .php extension. # AddHandler php7-script .php AddType text/html .php # # Add index.php to the list of files that will be served as directory # indexes. # DirectoryIndex index.php # # Uncomment the following line to allow PHP to pretty-print .phps # files as PHP source code: # #AddType application/x-httpd-php-source .phps

moodle displays code instead of outputting HTML
cat /etc/httpd/conf.d/php.conf|grep -i addhandlerAddHandler php5-script .php

Fix it and then restart Apache

sed -i s/"php5-script"/"php7-script"/g /etc/httpd/conf.d/php.conf service httpd restart

PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/geoip.so' - /usr/lib64/php/modules/geoip.so: undefined symbol: GeoIP_country_code_by_name_v6 in Unknown on line 0

PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/geoip.so' - /usr/lib64/php/modules/geoip.so: undefined symbol: GeoIP_country_code_by_name_v6 in Unknown on line 0

Solution:

Edit geoip.ini

vi /etc/php.d/geoip.ini

Comment out the .so like so:

;extension=geoip.so

service httpd restart

Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/httpd/modules/libphp5.so: cannot open shared object file:

Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/httpd/modules/libphp5.so: cannot open shared object file: No such file or directory

This is basically caused by the PHP module specified in php.conf being non existent. The error tells us it couldn't fnd /etc/httpd/modules/libphp5.so

OK let's see what PHP module we do have:

ls /etc/httpd/modules/libphp* /etc/httpd/modules/libphp7-zts.so /etc/httpd/modules/libphp7.so

If you have one there that works for you then just update php.conf to match.

sed -i s/"libphp5.so"/"libphp7.so"/g /etc/httpd/conf.d/php.conf sed -i s/"php5_module"/"php7_module"/g /etc/httpd/conf.d/php.conf

prosody xmpp server "Failed in all attempts to connect to proxy.eu.jabber.org"

Aug 13 13:46:33 s2sout2d45040 info Failed in all attempts to connect to proxy.eu.jabber.org Aug 13 13:46:33 s2sout2d45040 info Sending error replies for 1 queued stanzas because of failed outgoing connection to proxy.eu.jabber.org
No clue why it tries to use a proxy not explicitly specified. This could be because the proxy specified for the domain fails when someone is trying to send a file. I wish this could be disabled for security reasons in prosody.

VMWare ESXi 6.7 SSH/PowerShell CLI Commands

[root@localhost:~]
BootModuleConfig.sh          echo                         host-ind                     nfcd                         seq                          vim-cmd
InstallHelper.sh             egrep                        host_reboot.sh               nohup                        services.sh                  vm-support
Xorg                         eject                        host_shutdown.sh             nologin                      setsid                       vmcp
[                            enum_instances               hostd                        nslookup                     sfcbd                        vmdumper
[[                           env                          hostd-probe                  ntfscat                      sh                           vmfs-support
amldump                      esxcfg-advcfg                hostd-probe.sh               ntp-keygen                   sha1sum                      vmfsfilelockinfo
apply-host-profiles          esxcfg-dumppart              hostdCgiServer               ntpd                         sha256sum                    vmkbacktrace
applyHostProfile             esxcfg-fcoe                  hostname                     ntpq                         sha512sum                    vmkchdev
applyHostProfileWrapper      esxcfg-hwiscsi               hwclock                      nvidiaStats                  sharedStorageHostProfile.sh vmkdevmgr
ash                          esxcfg-info                  indcfg                       od                           shutdown.sh                  vmkdump_extract
authd                        esxcfg-init                  inetd                        openssl                      sleep                        vmkerrcode
auto-backup.sh               esxcfg-ipsec                 init                         openwsmand                   slpd                         vmkfstools
awk                          esxcfg-module                init-launcher                pam_tally2                   smartd                       vmkiscsi-tool
backup.sh                    esxcfg-mpath                 initterm.sh                  partedUtil                   smbiosDump                   vmkiscsid
basename                     esxcfg-nas                   install                      passwd                       snmpd                        vmkload_mod
bootOption                   esxcfg-nics                  irqinfo                      pcscd                        sntp                         vmkmkdev
bunzip2                      esxcfg-rescan                isoinfo                      pgrep                        sort                         vmkperf
bzip2                        esxcfg-resgrp                jumpstart                    pidof                        ssh                          vmkping
cat                          esxcfg-route                 kdestroy                     pigz                         stat                         vmkramdisk
chardevlogger                esxcfg-scsidevs              kill                         ping                         storageRM                    vmkvsitools
check_serial                 esxcfg-swiscsi               kinit                        ping6                        strace                       vmtar
chgrp                        esxcfg-vmknic                klist                        pkill                        stty                         vmtoolsd
chkconfig                    esxcfg-volume                less                         pktcap-uw                    sum                          vmware
chmod                        esxcfg-vswitch               lldpnetmap                   powerOffVms                  summarize-dvfilter           vmware-autostart.sh
chown                        esxcli                       ln                           poweroff                     sync                         vmware-toolbox-cmd
chvt                         esxcli.cgi                   localcli                     printf                       tail                         vmware-usbarbitrator
cim-diagnostic.sh            esxcli.py                    lockfile                     prop_of_instances            tar                          vmware-vimdump
cim_host_powerops            esxhpcli                     logchannellogger             ps                           taskset                      vmx
cksum                        esxhpedit                    logger                       pwqcheck                     tcpdump-uw                   vmx-buildtype
clear                        esxtop                       login                        python                       techsupport.sh               vmx-debug
cmmds-tool                   esxupdate                    ls                           python3                      tee                          vmx-stats
cp                           ethtool                      lsof                         python3.5                    test                         voma
cpio                         expr                         lspci                        python3.5m                   time                         vprobe
crond                        false                        lsusb                        randomSeed                   timeout                      vscsiStats
crypto-util                  fdisk                        lzop                         readlink                     tmpwatch.py                  vsi_traverse
cut                          fgrep                        lzopcat                      reboot                       touch                        vsish
date                         find                         mcopy                        remoteDeviceConnect          tracenet                     vvold
dcbd                         firmwareConfig.sh            md5sum                       reset                        traceroute                   watch
dcui                         gdbserver                    memstats                     resize                       true                         watchdog.sh
dcuiweasel                   generate-certificates        mkdir                        rhttpproxy                   tune2fs                      wc
dd                           genisoimage                  mkfifo                       rm                           uname                        wget
debugfs                      getty                        mknod                        rmdir                        uniq                         which
df                           gpuvm                        mktemp                       runInRP                      unlzop                       who
dhclient-uw                  grabCIMData                  more                         scantools                    unzip                        xargs
diff                         grep                         mv                           sched-stats                  uptime                       xkbcomp
dirname                      gunzip                       nc                           schedsnapshot                usleep                       xz
dmesg                        gzip                         net-cdp                      scp                          uwstats                      zcat
dnsdomainname                halt                         net-dvs                      sdrsInjector                 vdf
doat                         hbrfilterctl                 net-lacp                     secpolicytools               vdq
dosfsck                      head                         net-lbt                      sed                          vdu
du                           hexdump                      net-stats                    sensord                      vi

VMWare Vsphere VCSA Graphical Install Creates json

yes it does create its own json
============================================
cat /tmp/vcsaUiInstaller/ovftool-20180809-175238948-20180809-175603497.log |grep -i json
2018-08-09T17:56:04.238-07:00 verbose OVFTool[30966] [Originator@6876 sub=Default] Manifest file entry: SHA1(VMware-vCenter-Server-Appliance-6.7.0.12000-8832884_OVF10-file1.json) = 1deb658c724767697587d5909c4051c01813e6a1
-->     <ovf:File ovf:href="VMware-vCenter-Server-Appliance-6.7.0.12000-8832884_OVF10-file1.json" ovf:id="layout.json_id" ovf:size="25562"/>
-->         <Description>A string encoding a JSON object mapping port names to port numbers.</Description>
-->         <Description>Advanced upgrade settings specified in json format. Optional. Set only for upgrade</Description>
-->                      description = "A string encoding a JSON object mapping port names to port numbers."
-->                      description = "Advanced upgrade settings specified in json format. Optional. Set only for upgrade"

============================================================
ps aux|grep -i vcsa
one      30656 3.2 0.5 1301368 93476 ?       Sl   17:52   0:09 /media/one/VMware VCSA/vcsa-ui-installer/lin64/installer
one      30660 0.0 0.1 321468 27316 ?        S    17:52   0:00 /media/one/VMware VCSA/vcsa-ui-installer/lin64/installer --type=zygote --no-sandbox
one      30686 9.5 0.9 1203472 155008 ?      Sl   17:52   0:26 /media/one/VMware VCSA/vcsa-ui-installer/lin64/installer --type=renderer --no-sandbox --primordial-pipe-token=AA8FF400C3DED10AF8B8A9961BBF72D7 --lang=en-US --node-integration=true --enable-pinch --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=AA8FF400C3DED10AF8B8A9961BBF72D7 --renderer-client-id=4 --v8-natives-passed-by-fd --v8-snapshot-passed-by-fd
one      30734 0.4 0.5 1072436 91628 ?       Sl   17:52   0:01 /media/one/VMware VCSA/vcsa-ui-installer/lin64/installer --type=renderer --no-sandbox --primordial-pipe-token=758945DCC6827E2BF8399B10D8557D01 --lang=en-US --node-integration=false --guest-instance-id=1 --enable-blink-features --disable-blink-features --enable-pinch --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=758945DCC6827E2BF8399B10D8557D01 --renderer-client-id=6 --v8-natives-passed-by-fd --v8-snapshot-passed-by-fd
one      30966 13.1 0.3 1268676 62372 ?       Sl   17:56   0:09 /media/one/VMware VCSA/vcsa/ovftool/lin64/ovftool.bin --X:logFile=/tmp/vcsaUiInstaller/ovftool-20180809-175238948-20180809-175603497.log --X:logLevel=trivia --machineOutput --I:morefArgs --targetSSLThumbprint=F9:93:44:4C:6F:07:E5:32:36:0D:D9:99:88:71:D1:4A:6E:35:ED:DA --acceptAllEulas --powerOn --X:enableHiddenProperties --allowExtraConfig --X:injectOvfEnv --sourceType=OVA --name=UserVMware vCenter Server Appliance --deploymentOption=tiny --prop:guestinfo.cis.deployment.node.type=embedded --prop:guestinfo.cis.deployment.autoconfig=False --prop:guestinfo.cis.clientlocale=en --datastore=vim.Datastore:192.168.1.125:/nfs/nfstestshare --net:Network 1=vim.Network:HaNetwork-VM Network --prop:guestinfo.cis.appliance.net.addr.family=ipv4 --prop:guestinfo.cis.appliance.net.mode=static --diskMode=thin --prop:guestinfo.cis.appliance.net.pnid=areeb.vcenter.lab --prop:guestinfo.cis.appliance.net.addr=192.168.1.68 --prop:guestinfo.cis.appliance.net.prefix=24 --prop:guestinfo.cis.appliance.net.dns.servers=192.168.1.1 --prop:guestinfo.cis.appliance.net.gateway=192.168.1.1 --prop:guestinfo.cis.appliance.net.ports={"rhttpproxy.ext.port1":"80","rhttpproxy.ext.port2":"443"} --prop:guestinfo.cis.appliance.root.passwd=insecurepassword* /media/one/VMware VCSA/vcsa/VMware-vCenter-Server-Appliance-6.7.0.12000-8832884_OVF10.ova vi://root:insecurepassword@192.168.1.67:443
one      31060 0.0 0.0 14228   944 pts/40   S+   17:57   0:00 grep --color=auto -i vcsa

error while loading shared libraries: libasound.so.2: cannot open shared object file: No such file or directory

./tronwatch: error while loading shared libraries: libasound.so.2: cannot open shared object file: No such file or directory
[root@testing linux-unpacked-1.0.7]#

Solution:

yum -y install alsa-lib-devel

./xmr-stak: error while loading shared libraries: libmicrohttpd.so.10: cannot open shared object file: No such file or directory

The solution is just to install libmicrohttpd-dev

./xmr-stak
./xmr-stak: error while loading shared libraries: libmicrohttpd.so.10: cannot open shared object file: No such file or directory
libmicrohttpd
libmicrohttpd10 - library embedding HTTP server functionality
libmicrohttpd-dbg - library embedding HTTP server functionality (debug)
libmicrohttpd-dev - library embedding HTTP server functionality (development)
$ sudo apt-get install libmicrohttpd-dev
[sudo] password for one:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
libmicrohttpd10
The following NEW packages will be installed:
libmicrohttpd-dev libmicrohttpd10
0 upgraded, 2 newly installed, 0 to remove and 305 not upgraded.
Need to get 190 kB of archives.
After this operation, 499 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://archive.ubuntu.com/ubuntu/ trusty/universe libmicrohttpd10 amd64 0.9.33-1 [41.0 kB]
Get:2 http://archive.ubuntu.com/ubuntu/ trusty/universe libmicrohttpd-dev amd64 0.9.33-1 [149 kB]
Fetched 190 kB in 0s (192 kB/s)

qemu-img resize howto

The Correct Way To Resize In Place

qemu-img resize kvmuserwindows2008dcetest.img +1G Image resized.

Below is a common mistake that some users make they are trying to specify a new image name but it can be resized in place (just make sure the VM is NOT running and you've backed up the data in case something goes wrong).

qemu-img resize kvmuser453111.img kvmuser453111-larger.img +5G New image size must be positive

gmail.com address failing in Postfix

Aug 10 01:11:54 mailserver postfix/smtp[6180]: 020AE17C2BD1: to=<theuserperson@gmail.con>, relay=none, delay=0.29, delays=0.28/0/0/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=gmail.con type=A: Host not found)

A user complained that their e-mails weren't being delivered but they actually made a small typo and used gmail.con so it wasn't working as expected of course!

VMWare Hardware virtualization is selected and cannot be deselected due to selection of VBS Insufficient resources to satisfy configured failover level for vSphere HA.

There is no such option as "VBS" that I can see in vSphere 6.7 I believe this is actually an issue because of using old hardware in this case L5420 doesn't support Nested Virtualization I believe.

Hardware virtualization is selected and cannot be deselected due to selection of VBS Insufficient resources to satisfy configured failover level for vSphere HA.

Debian Mint Ubuntu compiling xmr-stak

sudo apt-get install libcurl4-openssl-dev git build-essential autotools-dev autoconf libcurl3
sudo apt-get install libcurl4-gnutls-dev

git clone https://github.com/wolf9466/cpuminer-multi

sudo apt-get install cmake libpthread-* libmicrohttpd-dev libssl-dev libhwloc-dev
git clone https://github.com/fireice-uk/xmr-stak-cpu.git
make install
cd bin
chmod +x xmr-stak-cpu

./xmr-stak -O xmr-eu1.nanopool.org:14433 -u --currency monero7 -i 0 -p "" -r ""

for i in {0..31}; do echo { "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : $i },; done
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 0 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 1 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 2 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 3 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 4 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 5 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 6 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 7 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 8 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 9 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 10 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 11 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 12 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 13 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 14 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 15 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 16 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 17 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 18 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 19 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 20 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 21 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 22 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 23 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 24 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 25 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 26 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 27 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 28 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 29 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 30 },
{ "low_power_mode" : false, "no_prefetch" : true, "affine_to_cpu" : 31 },

#use 28 cores or you will not 1005 h/s you'll get 865 h/s or so

https://github.com/fireice-uk/xmr-stak
wget https://github.com/fireice-uk/xmr-stak/archive/master.zip

mint@mint ~ $ cd xmr-stak-master/
mint@mint ~/xmr-stak-master $ ls
CI CMakeLists.txt CONTRIBUTING.md doc Dockerfile LICENSE README.md scripts THIRD-PARTY-LICENSES xmrstak
mint@mint ~/xmr-stak-master $ cd xmrstak/
mint@mint ~/xmr-stak-master/xmrstak $ ls
backend cli config.tpl cpputil donate-level.hpp http jconf.cpp jconf.hpp misc net params.hpp picosha2 pools.tpl rapidjson version.cpp version.hpp
mint@mint ~/xmr-stak-master/xmrstak $ cd ..
mint@mint ~/xmr-stak-master $ ls
CI CMakeLists.txt CONTRIBUTING.md doc Dockerfile LICENSE README.md scripts THIRD-PARTY-LICENSES xmrstak
mint@mint ~/xmr-stak-master $ cd scripts/
mint@mint ~/xmr-stak-master/scripts $ ls
build_xmr-stak_docker
mint@mint ~/xmr-stak-master/scripts $ cd build_xmr-stak_docker/
mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ ls
build_xmr-stak_docker.sh
mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ sudo ^C
mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ ./build_xmr-stak_docker.sh
+ [[ 999 -ne 0 ]]
+ echo 'This script must be run as root'
This script must be run as root
+ exit 1
mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ sudo ./build_xmr-stak_docker.sh
+ [[ 0 -ne 0 ]]
+ '[' -d xmr-stak ']'
+ git clone https://github.com/fireice-uk/xmr-stak.git
Cloning into 'xmr-stak'...
remote: Counting objects: 5108, done.
remote: Compressing objects: 100% (6/6), done.
remote: Total 5108 (delta 1), reused 0 (delta 0), pack-reused 5102
Receiving objects: 100% (5108/5108), 1.49 MiB | 0 bytes/s, done.
Resolving deltas: 100% (3642/3642), done.
Checking connectivity... done.
+ wget -c https://developer.nvidia.com/compute/cuda/9.0/Prod/local_installers/cuda_9.0.176_384.81_linux-run
--2018-08-04 18:34:23-- https://developer.nvidia.com/compute/cuda/9.0/Prod/local_installers/cuda_9.0.176_384.81_linux-run
Resolving developer.nvidia.com (developer.nvidia.com)... 192.229.162.216
Connecting to developer.nvidia.com (developer.nvidia.com)|192.229.162.216|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://developer.download.nvidia.com/compute/cuda/9.0/secure/Prod/local_installers/cuda_9.0.176_384.81_linux.run?ZX7wuQ4plyyj4R-GNCbYZsePieK4HW5E0zO3qXB-1feswNzXmUm7yNO2iSgtHK73v2OgUn2hxP4HNsAdLKS3WAkvjiiZZGEijzlt2Ve6Eili6Qvjl71_QQZorpl2WlnBwvEN7jRxmJnFhX_Jwzu0BGApoZ7j1Kpnnx15uMfuiMvhv8HzQl39L-Gt [following]
--2018-08-04 18:34:24-- https://developer.download.nvidia.com/compute/cuda/9.0/secure/Prod/local_installers/cuda_9.0.176_384.81_linux.run?ZX7wuQ4plyyj4R-GNCbYZsePieK4HW5E0zO3qXB-1feswNzXmUm7yNO2iSgtHK73v2OgUn2hxP4HNsAdLKS3WAkvjiiZZGEijzlt2Ve6Eili6Qvjl71_QQZorpl2WlnBwvEN7jRxmJnFhX_Jwzu0BGApoZ7j1Kpnnx15uMfuiMvhv8HzQl39L-Gt
Resolving developer.download.nvidia.com (developer.download.nvidia.com)... 192.229.211.70, 2606:2800:21f:3aa:dcf:37b:1ed6:1fb
Connecting to developer.download.nvidia.com (developer.download.nvidia.com)|192.229.211.70|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1643293725 (1.5G) [application/octet-stream]
Saving to: ‘cuda_9.0.176_384.81_linux-run’

cuda_9.0.176_384.81_linux-run                     100%[===========================================================================================================>]   1.53G 20.9MB/s    in 77s

2018-08-04 18:35:41 (20.4 MB/s) - ‘cuda_9.0.176_384.81_linux-run’ saved [1643293725/1643293725]

+ chmod a+x cuda_9.0.176_384.81_linux-run
+ docker run --rm -it -v /home/mint/xmr-stak-master/scripts/build_xmr-stak_docker:/mnt fedora:27 /bin/bash -c '
set -x ;
dnf install -y -q cmake gcc-c++ hwloc-devel libmicrohttpd-devel libstdc++-static make openssl-devel;
cd /mnt/xmr-stak ;
cmake -DCUDA_ENABLE=OFF -DOpenCL_ENABLE=OFF . ;
make ;
'
./build_xmr-stak_docker.sh: line 22: docker: command not found
mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ sudo apt-get install docker
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
docker
0 upgraded, 1 newly installed, 0 to remove and 525 not upgraded.
Need to get 12.2 kB of archives.
After this operation, 65.5 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu xenial/universe amd64 docker amd64 1.5-1 [12.2 kB]
Fetched 12.2 kB in 0s (40.1 kB/s)
Selecting previously unselected package docker.
(Reading database ... 224040 files and directories currently installed.)
Preparing to unpack .../docker_1.5-1_amd64.deb ...
Unpacking docker (1.5-1) ...
Processing triggers for man-db (2.7.5-1) ...
Setting up docker (1.5-1) ...
mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ sudo ./build_xmr-stak_docker.sh
+ [[ 0 -ne 0 ]]
+ '[' -d xmr-stak ']'
+ git -C xmr-stak clean -fd
+ wget -c https://developer.nvidia.com/compute/cuda/9.0/Prod/local_installers/cuda_9.0.176_384.81_linux-run
--2018-08-04 18:36:03-- https://developer.nvidia.com/compute/cuda/9.0/Prod/local_installers/cuda_9.0.176_384.81_linux-run
Resolving developer.nvidia.com (developer.nvidia.com)... 192.229.162.216
Connecting to developer.nvidia.com (developer.nvidia.com)|192.229.162.216|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://developer.download.nvidia.com/compute/cuda/9.0/secure/Prod/local_installers/cuda_9.0.176_384.81_linux.run?hEToY5LvMogLvVQXRAaUxyQIifpZ2UTHTq95b2roNjuBoyhMdJaorG2jYri3qMoxTUyfTdKaOh1n1aZrZCX3gRytNMyhIysa3EAldjZ-gu6FqzKfqsbcauJReZ5dNaJqfNGordQB21H4J28vRpa16iHzzxIl7qk9Mm0oiDQitXEQHjNXwu-xjLdM [following]
--2018-08-04 18:36:03-- https://developer.download.nvidia.com/compute/cuda/9.0/secure/Prod/local_installers/cuda_9.0.176_384.81_linux.run?hEToY5LvMogLvVQXRAaUxyQIifpZ2UTHTq95b2roNjuBoyhMdJaorG2jYri3qMoxTUyfTdKaOh1n1aZrZCX3gRytNMyhIysa3EAldjZ-gu6FqzKfqsbcauJReZ5dNaJqfNGordQB21H4J28vRpa16iHzzxIl7qk9Mm0oiDQitXEQHjNXwu-xjLdM
Resolving developer.download.nvidia.com (developer.download.nvidia.com)... 192.229.211.70, 2606:2800:21f:3aa:dcf:37b:1ed6:1fb
Connecting to developer.download.nvidia.com (developer.download.nvidia.com)|192.229.211.70|:443... connected.
HTTP request sent, awaiting response... 416 Requested Range Not Satisfiable

    The file is already fully retrieved; nothing to do.

+ chmod a+x cuda_9.0.176_384.81_linux-run
+ docker run --rm -it -v /home/mint/xmr-stak-master/scripts/build_xmr-stak_docker:/mnt fedora:27 /bin/bash -c '
set -x ;
dnf install -y -q cmake gcc-c++ hwloc-devel libmicrohttpd-devel libstdc++-static make openssl-devel;
cd /mnt/xmr-stak ;
cmake -DCUDA_ENABLE=OFF -DOpenCL_ENABLE=OFF . ;
make ;
'
./build_xmr-stak_docker.sh: line 22: docker: command not found
mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ docker
The program 'docker' is currently not installed. You can install it by typing:
sudo apt install docker.io
mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ sudo ./build_xmr-stak_docker.sh ^C
mint@mint ~/xmr-stak-master/scripts/build_xmr-stak_docker $ apt-cache search docker

sudo apt-get install docker.io

./build_xmr-stak_docker.sh

cd ./xmrstak/donate-level.hpp
constexpr double fDevDonationLevel = 0.0 / 100.0;

cmake -DCMAKE_CXX_COMPILER=/usr/bin/g++-5 -DCMAKE_CC_COMPILER=/usr/bin/gcc5 -DCUDA_ENABLE=OFF
#some say adding -DCMAKE_CXX_FLAGS=-march=native adds more hashing but I didn't see this I saw about 4 h/s less!
# also if you added a bad -DCMAKE_CXX_FLAGS you can just set it to -DCMAKE_CXX_FLAGS=""

make install

#considering I have 32 total cores (16 per CPU Opteron 6276)
#remember to put the affine settings in cpu.txt anywhere else is ignored!
#in this new XMR stack 29 cores gets you in 886 h/s so I have moved to 27 but that gets lower.
31 got me about 925 h/s
30 got me about 945.4 h/s
29 got me about 890 h/s

cd bin/
mint@mint ~/xmr-stak-master/bin $ ls
libxmr-stak-backend.a libxmr-stak-c.a libxmrstak_opencl_backend.so xmr-stak
mint@mint ~/xmr-stak-master/bin $ ./xmr-stak
sudo sysctl -w vm.nr_hugepages=128
Please enter:
- Do you want to use the HTTP interface?
Unlike the screen display, browser interface is not affected by the GPU lag.
If you don't want to use it, please enter 0, otherwise enter port number that the miner should listen on

0
Configuration stored in file 'config.txt'
Please enter:
- Please enter the currency that you want to mine:
    - aeon7
    - bbscoin
    - bittube
    - cryptonight
    - cryptonight_bittube2
    - cryptonight_masari
    - cryptonight_haven
    - cryptonight_heavy
    - cryptonight_lite
    - cryptonight_lite_v7
    - cryptonight_lite_v7_xor
    - cryptonight_v7
    - cryptonight_v7_stellite
    - graft
    - haven
    - intense
    - masari
    - monero7
    - ryo
    - stellite
    - turtlecoin

monero7
- Pool address: e.g. pool.usxmrpool.com:3333

./xmr-stak
Please enter:
- Do you want to use the HTTP interface?
Unlike the screen display, browser interface is not affected by the GPU lag.
If you don't want to use it, please enter 0, otherwise enter port number that the miner should listen on

0
Configuration stored in file 'config.txt'
Please enter:
- Please enter the currency that you want to mine:
    - aeon7
    - bbscoin
    - bittube
    - cryptonight
    - cryptonight_bittube2
    - cryptonight_masari
    - cryptonight_haven
    - cryptonight_heavy
    - cryptonight_lite
    - cryptonight_lite_v7
    - cryptonight_lite_v7_xor
    - cryptonight_v7
    - cryptonight_v7_stellite
    - graft
    - haven
    - intense
    - masari
    - monero7
    - ryo
    - stellite
    - turtlecoin

monero7
- Pool address: e.g. pool.usxmrpool.com:3333
xmr-eu1.nanopool.org:14433
- Username (wallet address or pool login):
yourmonerwalletaddress.1/youremail@domain.com
- Password (mostly empty or x):

- Rig identifier for pool-side statistics (needs pool support). Can be empty:

- Does this pool port support TLS/SSL? Use no if unknown. (y/N)
y
- Do you want to use nicehash on this pool? (y/n)
n
- Do you want to use multiple pools? (y/n)
n
Pool configuration stored in file 'pools.txt'
[2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
[2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
[2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
[2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
[2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
-------------------------------------------------------------------
xmr-stak 2.4.7 c5f0505d

Brought to you by fireice_uk and psychocrypt under GPLv3.
Based on CPU mining code by wolf9466 (heavily optimized by fireice_uk).
Based on OpenCL mining code by wolf9466.

Configurable dev donation level is set to 2.0%

You can use following keys to display reports:
'h' - hashrate
'r' - results
'c' - connection
-------------------------------------------------------------------
[2018-08-04 18:49:59] : Mining coin: monero7
[2018-08-04 18:49:59] : WARNING: UNKNOWN_ERROR when calling clGetPlatformIDs for number of platforms.
[2018-08-04 18:49:59] : WARNING: No OpenCL platform found.
[2018-08-04 18:49:59] : WARNING: No AMD OpenCL platform found. Possible driver issues or wrong vendor driver.
[2018-08-04 18:49:59] : WARNING: backend AMD (OpenCL) disabled.
[2018-08-04 18:49:59] : Autoconf FAILED: Failed to allocate a PU.. Create config for a single thread.
[2018-08-04 18:49:59] : CPU configuration stored in file 'cpu.txt'
[2018-08-04 18:49:59] : Starting 1x thread, no affinity.
[2018-08-04 18:49:59] : MEMORY ALLOC FAILED: mmap failed
[2018-08-04 18:49:59] : Fast-connecting to xmr-eu1.nanopool.org:14433 pool ...
[2018-08-04 18:49:59] : Pool xmr-eu1.nanopool.org:14433 connected. Logging in...
[2018-08-04 18:50:00] : SOCKET ERROR - [xmr-eu1.nanopool.org:14433] RECEIVE error: socket closed
HASHRATE REPORT - CPU
| ID |    10s |    60s |    15m |
| 0 |   (na) |   (na) |   (na) |
Totals (CPU):     0.0    0.0    0.0 H/s
-----------------------------------------------------------------
Totals (ALL):      0.0    0.0    0.0 H/s
Highest:     0.0 H/s
-----------------------------------------------------------------
HASHRATE REPORT - CPU
| ID |    10s |    60s |    15m |
| 0 |   (na) |   (na) |   (na) |
Totals (CPU):     0.0    0.0    0.0 H/s
-----------------------------------------------------------------
Totals (ALL):      0.0    0.0    0.0 H/s
Highest:     0.0 H/s
-----------------------------------------------------------------

./nsgpucnminer: error while loading shared libraries: libOpenCL.so.1w: cannot open shared object file: No such file or directory

*** These critical programs are missing or too old: gawk

checking whether autoconf works... ../configure: line 5377: 7325 Segmentation fault $AUTOCONF $ACFLAGS configure.in > /dev/null 2>&1 no configure: error: *** These critical programs are missing or too old: gawk *** Check the INSTALL file for required versions.

migration/4 migration 4 is using too much CPU

top - 13:02:52 up 603 days, 19:19, 2 users, load average: 5.01, 4.15, 3.44 Tasks: 604 total, 5 running, 599 sleeping, 0 stopped, 0 zombie Cpu(s): 17.7%us, 36.1%sy, 0.0%ni, 42.0%id, 4.1%wa, 0.0%hi, 0.2%si, 0.0%st Mem: 16278908k total, 4269684k used, 12009224k free, 119672k buffers Swap: 8k total, 8k used, 0k free, 1802992k cached PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 273765 root 20 0 102m 680 572 R 36.1 0.0 7:23.08 swapoff 410417 501 20 0 229m 53m 1784 S 26.1 0.3 0:13.60 imap 19 root RT 0 0 0 0 S 37.9 0.0 217:19.08 migration/4

migration/4 migration 4 is using too much CPU but not sure why. I think it was due to heavy IO or swapping at the time possibly.

convert.im6: Unknown field with tag 317 (0x13d) encountered. `TIFFReadDirectory' @ warning/tiff.c/TIFFWarnings/788.

convert "file.TIF" "resize.jpg" convert.im6: Unknown field with tag 317 (0x13d) encountered. `TIFFReadDirectory' @ warning/tiff.c/TIFFWarnings/788.

I've been getting this error in ImageMagick on some .tif files even though it seems to actually convert properly.

Python SyntaxError: Missing parentheses in call to 'print'

SyntaxError: Missing parentheses in call to 'print'

This is an annoying issue where the syntax between Python 2 and 3 changed which breaks old scripts.

print "hello" #change to print("Hello, World!")

Linux How To Rename Files

To remove all spaces from all files in the current directory

linux rename remove spaces

rename "s/ //g" *

The above won't work in Centos but in Debian based distros as rename in Centos doesn't work that way.

See this more comprehensive article.

OpenVZ container will not stop Child 546246 exited with status 1

vzctl stop 4096 Removing stale lock file /vz/lock/4096.lck Stopping container ... Child 546213 exited with status 1 ^Z [1]+ Stopped vzctl stop 4096 ~]# rm /vz/lock/4096.lck rm: remove regular file `/vz/lock/4096.lck'? y ~]# vzctl stop 4096 Stopping container ... Child 546246 exited with status 1 vzctl chkpnt 4096 --kill Removing stale lock file /vz/lock/4096.lck Can not join cpt context 4096: No such file or directory

[warn] VirtualHost 10.2.5.101:443 overlaps with VirtualHost 10.2.5.101:443, the first has precedence, perhaps you need a NameVirtualHost directive

[root@thetor2017 conf]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: WARNING: MaxClients of 3000 exceeds ServerLimit value of 300 servers,
lowering MaxClients to 300. To increase, please see the ServerLimit
directive.
Warning: DocumentRoot [/www/vhosts/seconddomain.com/httpdocs] does not exist
Warning: DocumentRoot [/www/vhosts/seconddomain.com/httpdocs] does not exist
httpd: Could not reliably determine the server's fully qualified domain name, using 10.2.5.69 for ServerName
[Sat Jul 21 19:17:31 2018] [warn] VirtualHost 10.2.5.101:443 overlaps with VirtualHost 10.2.5.101:443, the first has precedence, perhaps you need a NameVirtualHost directive
[Sat Jul 21 19:17:31 2018] [warn] NameVirtualHost *:9343 has no VirtualHosts
[ OK ]
=======

The Solution

Edit the vhosts that are having the trouble they probably have a hardcoded IP.

Change it like so:

<VirtualHost some-ip.here:443>

<VirtualHost *:443>

================

[root@thetor2017 conf]# grep 10.2.5.101 *
hostdomain.com.conf:
hostdomain.com.conf-orig:

========

apache shared ssl returns wrong certificate vhost
I believe it has to do with the IP they are hitting:

[root@thetor2017 conf]# host seconddomain.com
seconddomain.com has address 10.2.5.55
seconddomain.com mail is handled by 10 mail.seconddomain.com.
[root@thetor2017 conf]# host realtechtalk.com
realtechtalk.com has address 10.2.5.55
realtechtalk.com mail is handled by 10 mail.realtechtalk.com.
[root@thetor2017 conf]# host thirddomain.com.com
thirddomain.com.com has address 10.2.5.102
thirddomain.com.com mail is handled by 10 mail.thirddomain.com.com.
[root@thetor2017 conf]# host onedomain.com
onedomain.com has address 10.2.5.102

the IPs with .55 work fine with SSL

The IPs with .102 serve domain.cn because I believe it is the first vhost and cert by alphabet on that IP

the problem is in this vhost# domain.cn.conf:
it applies to onedomain.com and thirddomain.com.com because they use the same IP as domain.cn 10.2.5.102

Normally when using .55 the first domain it would find and search is the default 00-defaultsite.conf which points to the generic cert
On top of that domain.cn.conf has the IP as the vhost "" so it is the first match for SSL.

So it defaults to the first IP and cert it finds which is domain.cn rather than sending the default 10.2.5.55 generic cert

Ethereum Client Errors

INFO [07-19|12:11:51] Imported new block receipts count=590 elapsed=8.440s bytes=74117699 number=4870906 hash=6bc60b…934753 ignored=0 INFO [07-19|12:11:57] Imported new state entries count=499 elapsed=9.963ms processed=71076 pending=1526 retry=2 duplicate=0 unexpected=384 WARN [07-19|12:12:05] Stalling state sync, dropping peer peer=ce5db7601fa43fe0 WARN [07-19|12:12:06] Stalling state sync, dropping peer peer=aa7f4024eb42bd70 WARN [07-19|12:12:09] Stalling state sync, dropping peer peer=868d7f91fb0463d1 WARN [07-19|12:12:10] Stalling state sync, dropping peer peer=b6490529f4b4848d WARN [07-19|12:12:11] Stalling state sync, dropping peer peer=146c324e5559b344 WARN [07-19|12:12:11] Node data write error err="state node eb281e…3b0157 failed with all peers (2 tries, 2 peers)"

The solution is to update to the latest Ethereum client and wipeout your "chaindata" if that doesn't work. Ethereum is a work in progress and unlike stable currencies like Bitcoin and Litecoin it must be updated to the latest version or things won't work (which means almost weekly updates!).

PayPal IPN Failed "result: IPN Handshake Invalid"

This is often the result of PayPal's "item name" or another name having invalid characters or not supporting Unicode.

173.0.81.1 - - [17/Jul/2018:13:39:45 -0400] "POST //modules/gateways/callback/paypal.php HTTP/1.1" 406 - "-" "PayPal IPN ( https://www.paypal.com/ipn )"

A good clue is if you check the debug output of the IPN and find a mandatory column empty.

item_name =>

Obviously item_name has to be populated or things will usually break. Login to your PayPal settings and update your character encoding settings:

See how to do this in PayPal below:

Linux Centos 7 HowTo Install Yarn

https://yarnpkg.com/lang/en/docs/install/#centos-stable

curl --silent --location https://dl.yarnpkg.com/rpm/yarn.repo | tee /etc/yum.repos.d/yarn.repo

If you need node.js:

curl --silent --location https://rpm.nodesource.com/setup_6.x | bash -  yum install nodejs yarn

HP DL385 G7 BIOS Key Enter

Just Press F9.

F11 gets you the boot Menu.

Centos 7 - How To Install NFS and Mount Remotely

Server Side Config

1.) First install nfs-utils

yum -y install nfs-utils

2.) Configure nfs share

Create a directory for your NFS share

mkdir /datastore

Create your NFS share in /etc/exports

echo "/datastore 10.220.101.0/24(rw,sync,no_root_squash)" >> /etc/exports systemctl restart nfs

/etc/exports is where all NFS shares are defined

Allowed Client IP Range = 10.220.101.0/24

Read and Writing Allowed = rw

no_root_squash = makes it so the default of nobody is not used on the NFS share as a user (not secure in normal environments with user access but it makes sense for our situation)

sync = a good idea because otherwise the nfs server will reply to requests for unwritten/unstable data which can lead to corruption and data loss potentially.

Client Side

yum -y install nfs-utils

mount 10.10.2.20:/tmp/nfsmount /mnt/nfs/

IP of NFS Server = 10.10.2.20

NFS Share = /tmp/nfsmount

Local Mount Path = /mnt/nfs

Make it permanent with fstab

10.10.2.20:/tmp/nfsmount /mnt/nfs nfs defaults 0 0

Troubleshooting

Most issues are a result of a few things.

You can't mount because nfs-utils was not installed on the client side.
The IP range you specified is incorrect or invalid (if you are using NAT absolutely verify what the source IP from your client looks like to the server).
Insecure ports issue if you are using NAT (you should set the "insecure" option

 rpc.mountd: refused mount request from somehostname.com for /some/path (/a/path/): illegal port 59201

If you get the above error you are probably using NAT somewhere between the client and server. NAT mapping ends up resulting in high and so-called "insecure" ports to be used (I guess the fact that they are unprivileged and a non-root user could easly sniff or intercept on those ports). However if that's not a concern you modify your exports line like this:

/datastore 10.220.101.0/24(insecure,rw,sync,no_root_squash)

wodim / cdrecord error cannot burn DVD or BDR .iso Errno: 5 (Input/output error), write_g1 scsi sendcmd: no error

dvd+rw-mediainfo /dev/sr0
INQUIRY: [ASUS ][BW-16D1HT ][3.00] GET [CURRENT] CONFIGURATION: Mounted Media: 11h, DVD-R Sequential Media ID: RITEKF1 Current Write Speed: 16.0x1385=22160KB/s Write Speed #0: 16.0x1385=22160KB/s Write Speed #1: 8.0x1385=11080KB/s Speed Descriptor#0: 08/2297887 R@16.0x1385=22160KB/s W@16.0x1385=22160KB/s Speed Descriptor#1: 08/2297887 R@16.0x1385=22160KB/s W@8.0x1385=11080KB/s READ DVD STRUCTURE[#10h]: Media Book Type: 00h, DVD-ROM book [revision 0] Legacy lead-out at: 2298496*2KB=4707319808 READ DVD STRUCTURE[#0h]: Media Book Type: 25h, DVD-R book [revision 5] Last border-out at: 2045*2KB=4188160 READ DISC INFORMATION: Disc status: blank Number of Sessions: 1 State of Last Session: empty "Next" Track: 1 Number of Tracks: 1 READ TRACK INFORMATION[#1]: Track State: blank Track Start Address: 0*2KB Next Writable Address: 0*2KB Free Blocks: 2298496*2KB Track Size: 2298496*2KB READ CAPACITY: 0*2048=0

The problem with cdrecord / wodim when burning a DVD

:~/00-ISO$ sudo cdrecord linuxmint-18.2-mate-64bit.iso

wodim: No write mode specified. wodim: Assuming -tao mode. wodim: Future versions of wodim may have different drive dependent defaults. Device was not specified. Trying to find an appropriate drive... Looking for a DVD-R drive to store 1659.12 MiB... Detected DVD-R drive: /dev/sr0 Using /dev/cdrom of unknown capabilities Device type : Removable CD-ROM Version : 5 Response Format: 2 Capabilities : Vendor_info : 'ASUS ' Identification : 'BW-16D1HT ' Revision : '3.00' Device seems to be: Generic mmc2 DVD-R/DVD-RW. Using generic SCSI-3/mmc DVD-R(W) driver (mmc_mdvd). Driver flags : SWABAUDIO BURNFREE Supported modes: PACKET SAO Speed set to 22160 KB/s Starting to write CD/DVD at speed 17.0 in real unknown mode for single session. Last chance to quit, starting real write in 0 seconds. Operation starts. Errno: 5 (Input/output error), write_g1 scsi sendcmd: no error CDB: 2A 00 00 00 00 1F 00 00 1F 00 status: 0x2 (CHECK CONDITION) Sense Bytes: 72 06 28 00 00 00 00 0E 09 0C 00 20 00 03 00 00 Sense Key: 0x8 Blank Check, Segment 6 Sense Code: 0x00 Qual 0x03 (setmark detected) Fru 0x0 Sense flags: Blk 0 (not valid) illegal block length cmd finished after 0.000s timeout 40s write track data: error after 63488 bytes wodim: A write error occured. wodim: Please properly read the error message above. Errno: 5 (Input/output error), test unit ready scsi sendcmd: no error CDB: 00 00 00 00 00 00 status: 0x2 (CHECK CONDITION) Sense Bytes: 70 00 02 00 00 00 00 0A 00 00 00 00 04 08 00 00 Sense Key: 0x2 Not Ready, Segment 0 Sense Code: 0x04 Qual 0x08 (logical unit not ready, long write in progress) Fru 0x0 Sense flags: Blk 0 (not valid) cmd finished after 0.007s timeout 40s ^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^Cc

The error even happens if you lower the speed:

sudo wodim speed=8 driveropts=burnfree linuxmint-18.2-mate-64bit.iso wodim: No write mode specified. wodim: Assuming -tao mode. wodim: Future versions of wodim may have different drive dependent defaults. Device was not specified. Trying to find an appropriate drive... Looking for a DVD-R drive to store 1659.12 MiB... Detected DVD-R drive: /dev/sr0 Using /dev/cdrom of unknown capabilities Device type : Removable CD-ROM Version : 5 Response Format: 2 Capabilities : Vendor_info : 'ASUS ' Identification : 'BW-16D1HT ' Revision : '3.00' Device seems to be: Generic mmc2 DVD-R/DVD-RW. Using generic SCSI-3/mmc DVD-R(W) driver (mmc_mdvd). Driver flags : SWABAUDIO BURNFREE Supported modes: PACKET SAO Speed set to 11080 KB/s Starting to write CD/DVD at speed 8.0 in real unknown mode for single session. Last chance to quit, starting real write in 0 seconds. Operation starts. Errno: 5 (Input/output error), write_g1 scsi sendcmd: no error CDB: 2A 00 00 00 00 1F 00 00 1F 00 status: 0x2 (CHECK CONDITION) Sense Bytes: 72 06 28 00 00 00 00 0E 09 0C 00 20 00 03 00 00 Sense Key: 0x8 Blank Check, Segment 6 Sense Code: 0x00 Qual 0x03 (setmark detected) Fru 0x0 Sense flags: Blk 0 (not valid) illegal block length cmd finished after 0.000s timeout 40s write track data: error after 63488 bytes wodim: A write error occured. wodim: Please properly read the error message above. Errno: 5 (Input/output error), test unit ready scsi sendcmd: no error CDB: 00 00 00 00 00 00 status: 0x2 (CHECK CONDITION) Sense Bytes: 70 00 02 00 00 00 00 0A 00 00 00 00 04 08 00 00 Sense Key: 0x2 Not Ready, Segment 0 Sense Code: 0x04 Qual 0x08 (logical unit not ready, long write in progress) Fru 0x0 Sense flags: Blk 0 (not valid) cmd finished after 0.007s timeout 40s

linux mint image convert menu option missing solution

I already have the caja-image-converter option installed but it shows nothing.

Weirdly enough if you install nemo and nautilus converter it does show and work inside caja:

The solution is to install *-image-converter

sudo apt-get install *-image-converter Reading package lists... Done Building dependency tree Reading state information... Done Note, selecting 'nemo-image-converter' for glob '*-image-converter' Note, selecting 'caja-image-converter' for glob '*-image-converter' Note, selecting 'nautilus-image-converter' for glob '*-image-converter' caja-image-converter is already the newest version (1.16.0-1+serena). The following packages were automatically installed and are no longer required: gyp libgoocanvas-common libgoocanvas3 libjs-inherits libjs-node-uuid libkf5plotting5 libssl-dev libuv1 libuv1-dev python-pygoocanvas Use 'sudo apt autoremove' to remove them. Recommended packages: nautilus nemo The following NEW packages will be installed: nautilus-image-converter nemo-image-converter 0 upgraded, 2 newly installed, 0 to remove and 459 not upgraded. Need to get 42.5 kB of archives. After this operation, 328 kB of additional disk space will be used. Do you want to continue? [Y/n] y Get:1 http://packages.linuxmint.com serena/backport amd64 nemo-image-converter amd64 3.2.0+serena [19.8 kB] Get:2 http://archive.ubuntu.com/ubuntu xenial-updates/universe amd64 nautilus-image-converter amd64 0.3.1~git20110416-1ubuntu1.16.04.1 [22.7 kB] Fetched 42.5 kB in 0s (97.7 kB/s) Selecting previously unselected package nautilus-image-converter. (Reading database ... 364378 files and directories currently installed.) Preparing to unpack .../nautilus-image-converter_0.3.1~git20110416-1ubuntu1.16.04.1_amd64.deb ... Unpacking nautilus-image-converter (0.3.1~git20110416-1ubuntu1.16.04.1) ... Selecting previously unselected package nemo-image-converter. Preparing to unpack .../nemo-image-converter_3.2.0+serena_amd64.deb ... Unpacking nemo-image-converter (3.2.0+serena) ... Setting up nautilus-image-converter (0.3.1~git20110416-1ubuntu1.16.04.1) ... Setting up nemo-image-converter (3.2.0+serena) ...

ImageMagick How To Convert Specific PDF Pages or a Range

A very handy feature of ImageMagick's convert command is that it can convert PDF's to other image formats like jpg but did you know you can even manually select a range or specific pages from the PDF?

Here is an example of converting a range of pages from a PDF in this case pages 25 to 36:

convert -density 300 "vSphere 6.5-1.pdf[25-36]" vsphere.jpg

Here is an example of converting a list of specific pages from a PDF in this case pages 45,54,69:

convert -density 300 "vSphere 6.5-1.pdf[45,54,69]" vsphere.jpg

Linux How To Free Wasted Memory RAM in Buffers

We all know Linux is known for good memory management but is it really? It seems all on its own with hardly anything running that you can come back in days or weeks and find that almost all of your RAM is used!

And many will say "no don't worry it's buffers for optimization" but it doesn't seem to help because what is in buffers is not available to use for new programs running or ones that allocate more RAM as far as I can tell.

The reason I know this is because you can see that SWAP will get used so if there was enough RAM not eaten by buffers it should be freed for new or growing memory allocations but it is not.

So how do we fix this or clear out Linux's memory buffers to free RAM?

[root@realtechtalk.com ~]# free -m
             total       used       free     shared    buffers     cached
Mem:          3851       3738        113          0       3269        222
-/+ buffers/cache:        246       3605
Swap:         2999          0       2999

 [root@realtechtalk.com ~]# echo 3 > /proc/sys/vm/drop_caches

[root@realtechtalk.com ~]#
[root@realtechtalk.com ~]#
[root@realtechtalk.com ~]# free -m
             total       used       free     shared    buffers     cached
Mem:          3851        146       3705          0          0          9
-/+ buffers/cache:        137       3714
Swap:         2999          0       2999

Now we can see that we have our RAM back!

Linux How To Eject and Insert a CD-R/DVD-R/BD-R Disc

Many people are aware of the "eject command" which works as you would expect.

To eject the disc:

sudo eject /dev/sr0

To insert the disc again you still use the same command but with the "-t" close try toggle:

sudo eject -t /dev/sr0

Linux Mint 18 Screen Goes Dark or Black After Screensaver or even when using the Desktop Solution

You can search for this bug and it seems like it may be related to ecryptfs and is many years old.

The symptoms are that you return to the computer and the screensaver was active or the screen was asleep/black and it doesn't seem to come back. But you check by SSH the computer is running fine and are frustrated you'll lose your running programs and have to reboot.

There is a simple solution:

Ctrl + Alt + F1

Ctrl + Alt + F8

Basically you are switching to another virtual console/screen and then back to screen 8 which is your Desktop. This removes the black screen and presents the login prompt and doesn't cause any loss of data or interruption to your session.

This also works if you are using your computer normally and the screen becomes partially dark or very dark. It seems related to the above bug.

It may also be related to a bug in the Intel i915 driver but this issue seems to plague Nvidia and AMD users too.

Some related syslog or dmesg errors you may see:

mate-screensaver-dialog: pam_ecryptfs: seteuid error [ 4.825400] [drm] RC6 on [15732.058803] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=172171 end=172172) time 100 us, min 894, max 899, scanline start 893, end 900 [24966.142220] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=54325 end=54326) time 101 us, min 894, max 899, scanline start 893, end 900 [252173.205297] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=33067 end=33068) time 102 us, min 894, max 899, scanline start 893, end 900 [266867.040745] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=19806 end=19807) time 102 us, min 894, max 899, scanline start 893, end 900 [266872.190787] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=20115 end=20116) time 102 us, min 894, max 899, scanline start 893, end 899 [266873.174149] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=20174 end=20175) time 100 us, min 894, max 899, scanline start 893, end 900 [370925.989870] [drm] stuck on render ring [370925.995049] [drm] GPU HANG: ecode 9:0:0x85dffffd, in Xorg [1562], reason: Engine(s) hung, action: reset [370925.995054] [drm] GPU hangs can indicate a bug anywhere in the entire gfx stack, including userspace. [370925.995056] [drm] Please file a _new_ bug report on bugs.freedesktop.org against DRI -> DRM/Intel [370925.995057] [drm] drm/i915 developers can then reassign to the right component if it's not a kernel issue. [370925.995059] [drm] The gpu crash dump is required to analyze gpu hangs, so please always attach it. [370925.995061] [drm] GPU crash dump saved to /sys/class/drm/card0/error [370925.998026] drm/i915: Resetting chip after gpu hang [370928.001884] [drm] RC6 on

Other errors when the screen goes dark (sometimes Alt F1 + Alt F8 will not fix it)

This behavior was seen on kernel 4.4.0-116-generic

Sep 24 07:09:36 queenlazina-desktop console-kit-daemon[1768]: (process:6292): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed Sep 24 07:09:38 queenlazina-desktop console-kit-daemon[1768]: (process:6294): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed Sep 24 07:09:43 queenlazina-desktop console-kit-daemon[1768]: (process:6297): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed Sep 24 07:09:49 queenlazina-desktop console-kit-daemon[1768]: (process:6299): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed Sep 24 07:10:00 queenlazina-desktop console-kit-daemon[1768]: (process:6301): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed Sep 24 07:10:01 queenlazina-desktop console-kit-daemon[1768]: (process:6303): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed Sep 24 07:10:08 queenlazina-desktop console-kit-daemon[1768]: (process:6305): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed

iptables guide and examples and howto

iptables allow port 22 example

Of course change --dport and -s to suit your needs

#allow certain IP to access port 22
iptables -A INPUT -p tcp -m tcp --dport 22 -s 192.168.1.0/24 -j ACCEPT

# block others
iptables -A INPUT -p tcp --dport 22 -j DROP

Postfix How To Change Sending IP Address To Specific IP Binding or Interface

I thought I'd post this becuase there is some bad information out there. Some guides tell you to edit /etc/postfix/master.cf (-o smtp_bind_address=) but this doesn't work. The same guide also says if you don't change it there you end up changing the listening IP/bind interface which is also not true.

Here is a simple and effective way to change Postfix's sending/binding/outgoing IP address (very important for reverse DNS and so mail servers don't block you):

vi /etc/postfix/main.cf

#add this option

smtp_bind_address=192.168.5.80

*Obviously change the 192.168.5.80 to the outgoing address you want to use for Postfix

How to qemu-kvm enable bridged networking in Debian Ubuntu Linux Mint on KVM containers

I've read a few guides about this but they didn't work for me.

sudo apt-get install bridge-utils

#don't think the above is enough it won't work still even though you have by default an /etc/qemu-ifup that handles it if you have the right tools and setup
sudo qemu-system-x86_64 -net tap -net nic -enable-kvm -cpu host,vmx=on ~/VirtualBox VMs/vsphere-vcenter/vsphere-vcenter.vdi W: /etc/qemu-ifup: no bridge for guest interface found

vi /etc/networking/interfaces

Add the following br0 adapter and make sure you replace eth0 with your network adapter name such as "enp3s0"

auto br0 iface br0 inet dhcp bridge_ports eth0 bridge_stp off bridge_maxwait 0 bridge_fd 0

#restart your network/networking

sudo service networking restart

sudo qemu-system-x86_64 -m 11G -net tap -net nic -enable-kvm -cpu host,vmx=on ~/VirtualBox VMs/vsphere-vcenter/vsphere-vcenter.vdi

There is no more error or complaint about no bridge interface being found not that we've installed bridge utils and created a br0 bridge.

VirtualBox Nested Virtual Machine Containers with KVM Not Working no SVM or VMX module in the guest

I can't get vmx cpu extensions to show up in Virtualbox guests despite enabling nested paging and

enable vmx in virtualbox guest but this doesn't help that you check VT-X or the AMD Virtualization SVM it enables it for the guest to use BUT does not pass it through. This means if you check cat /proc/cpuinfo in the guest you will see the CPU doesn't support virtualization. It looks like VirtualBox still hasn't implemented this!

But there is good news I was able to install qemu-kvm and run straight from the VirtualBox .vdi directly and also enable the nested virtualization no problem.

#it looks like it is just not supported it's just easier to use KVM directly on the .vdi file!

qemu-system-x86_64 -enable-kvm -cpu host,vmx=on ~/VirtualBox VMs/test/test.vdi

Virtualbox is a great project and way for virtualizing but it is disappointing that they don't just pass through the virtualization CPU flags for nesting.

VSphere InternalServerError - Error When Adding Permissions

InternalServerError (com.vmware.vapi.std.errors.internal_server_error) => { messages = [LocalizableMessage (com.vmware.vapi.std.localizable_message) => { id = vapi.bindings.method.impl.unexpected, defaultMessage = Provider method implementation threw unexpected exception: com.vmware.vapi.std.errors.InternalServerError, args = [com.vmware.vapi.std.errors.InternalServerError] }], data = <null> }

I was getting the error but it almost seemed delayed as if it were from the previous operation a minute before and not the current. You can just refresh and try again but it seems like a bug. The permissions show they have applied but hopefully they really have and nothing is broken!

NFS Share Won't Mount Solution - mount: wrong fs type, bad option, bad superblock on 10.10.2.20:/tmp/nfsmount

nfs mount failed:

mount 10.10.2.20:/tmp/nfsmount /mnt/nfs/
mount: wrong fs type, bad option, bad superblock on 10.10.2.20:/tmp/nfsmount,
       missing codepage or helper program, or other error
       (for several filesystems (e.g. nfs, cifs) you might
       need a /sbin/mount.<type> helper program)
       In some cases useful info is found in syslog - try
       dmesg | tail or so

In this case the client machine didn't have nfs-utils installed! You would think that when trying to mount that the error would indicate this!

yum -y install nfs-utils
So make sure you have nfs client utilities installed on the machine you are trying to mount the nfs share from!

OVF Tool: Error: Task failed on server: This host does not support Intel VT-x. VMWare VCenter install On ESXi ERror

Intel VT-X is enabled in Virtualbox but it doesn't seem to pass through the needed vmx extension despite the following variables on the host confirming it is enabled:

cat /sys/module/kvm_intel/parameters/nested Y cat /sys/module/kvm_intel/parameters/ept Y

OVF Tool: Disk progress: 99% OVF Tool: Transfer Completed OVF Tool: Powering on VM: Embedded-vCenter-Server-Appliance- OVF Tool: Task progress: 0% OVF Tool: Task Failed OVF Tool: Error: Task failed on server: This host does not support Intel VT-x. OVF Tool: Error: Fault cause: vim.fault.InvalidState OVF Tool: Completed with errors Deployment failed. OVF Tool return error code: 1 Proceed with certificate thumbprint check... The certificate for server '192.168.1.54' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Failed to collect support bundle from appliance because: Cannot gather support logs because the appliance was not power on. =========================================================================== [FAILED] Task: Deploying vCenter Server Appliance execution failed at 19:34:28 =========================================================================== ====================================================================================================================================================================================================== Error message: com.vmware.vcsa.installer.ovf.deploy_appliance: ApplianceDeploymentTask: Caught an exception Deployment failed. O

VF Tool return error code: 1 ============================================================================================== 19:34:29 ============================================================================================== Result and Log File Information...

Install NFS (Network File System) On Debian Linux Ubuntu Mint Howto

sudo apt-get install nfs-kernel-server  #oops there are no exports so it won't startsudo /etc/init.d/nfs-kernel-server start
 * Not starting NFS kernel daemon: no exports.

#we will use the /tmp/nfstestshare directory for our NFS share

mkdir /tmp/nfstestshare

#add it to /etc/exports (basically what NFS checks to determine what to make an NFS share)

/tmp/nfstestshare 192.168.1.5(rw,sync,no_root_squash)

As you can see the brackets take 3 variables as follows:

ro (readonly) or rw (readwrite)
sync means no changes to the directory until changes are committed
no_root_squash allows root to access the directory

sudo /etc/init.d/nfs-kernel-server start

Relocating modules and starting up the kernel - VMWare ESXi 6.7 Error and Solution

I had this error in an unsupported CPU on VMWare 6.7 and apparently this sometimes works especially on older VMWare versions like 6.5 5.5 etc (but in my case it did not).

To make sure it proceed when you see "Loading VMWare"
Hit "Shift+O"
Then add "ignoreHeadless=TRUE"

See an example below:

Usually it will get you past the mentioned screen but may fail with other errors such as an Unsupported CPU.

In the case your computer/server/CPU is supported and this is just a bug you will be able to complete the install. But you'll want to make the boot option above permanent as each time you'll need to manually specify ignoreHeadless=TRUE or you won't be able to boot.

Enable SSH on the ESXi host, login and type the following command to make it permanent:

[root@localhost:~] esxcfg-advcfg -k TRUE ignoreHeadless

VMWare 6.7 VCSA VSphere ESXi Management SSO Install Guide on Linux using the CLI

#mount the VCSA DVD
mount /dev/sr0 /mnt/cd
#alternatively you could mount the iso directly
mount -o loop vcsa.iso /your/mount/path

#for this purpose we are using the CLI installer on Linux
cd /mnt/cd/vcsa-cli-installer/lin64

#no it's not going to be that easy you can't just run vcsa-deploy like that you need to use a template or configured .json file
./vcsa-deploy
Usage: vcsa-deploy [-h] [--version] [--supported-deployment-sizes]
                   {install,upgrade,migrate} ...
For descriptions of valid options, use:
    $ vcsa-deploy --help

vcsa-deploy: error: Too few arguments. The required arguments are not provided. Retry the command following the usage instructions.

#seriously just telling it to install is not enough

./vcsa-deploy install
Previous versions of this script defaulted to 'install' when no subcommand was specified. Running without a subcommand is no longer allowed. Specify 'install' as a subcommand if you want to run installation. Usage: vcsa-deploy install [-h] [--template-help] [--log-dir LOG_DIR]
                           [--skip-ovftool-verification] [--accept-eula]
                           [--acknowledge-ceip] [--pause-on-warnings]
                           [--operation-id OPERATION_ID] [-v | -t]
                           [--no-esx-ssl-verify | --no-ssl-certificate-verification]
                           [--verify-template-only | --precheck-only]
                           template [template ...]
For descriptions of valid options, use:
    $ vcsa-deploy install --help

vcsa-deploy install: error: the following arguments are required: template

./vcsa-deploy install --accept-eula --no-esx-ssl-verify /path/to/yourconfig.json

#there are preconfigured .json templates here:

ls /mnt/cd/vcsa-cli-installer/templates/install

embedded_vCSA_on_ESXi.json              PSC_first_instance_on_VC.json
embedded_vCSA_on_VC.json                PSC_replication_on_ESXi.json
embedded_vCSA_replication_on_ESXi.json PSC_replication_on_VC.json
embedded_vCSA_replication_on_VC.json    vCSA_on_ESXi.json
PSC_first_instance_on_ESXi.json         vCSA_on_VC.json

Before getting started make sure your ESXi 6.7 Host Meets The Requirements for RAM, CPU and Storage

source credit: http://vcdx56.com/2018/04/vmware-vcenter-server-6-7-resource-requirements/

http://vcdx56.com/2016/12/vmware-vsphere-vcenter-server-6-5-appliance-deployment-using-cli/

Deployment Size	vCPUs	RAM (GB)
Tiny	2	10
Small	4	16
Medium	8	24
Large	16	32
X-Large	24	48

Compute requirements per Deployment Size

The below table lists the ESXi host and VM capacity per vCSA 6.5 deployment size

Deployment Size	ESXi Hosts	VMs
Tiny	10	100
Small	100	1 000
Medium	400	4 000
Large	1 000	10 000
X-Large	2 000	35 000

Storage requirements per Deployment Size

The below table lists the storage requirements per deployment size

Deployment Size	Storage Size Default (GB)	Storage Size Large (GB)	Storage Size Large (GB)
Tiny	250	775	1 650
Small	290	820	1 700
Medium	425	925	1 805
Large	640	990	1 870
X-Large	980	1030	1 910

Here is a description from the VMWare site of what they do:

Deployment JSON Templates Included in the vCenter Server Appliance Installer
Location	Template	Description
vcsa-cli-installertemplatesinstall	embedded_vCSA_on_ESXi.json	Contains the minimum configuration parameters that are required for deployment of a vCenter Server Appliance with an embedded Platform Services Controller on an ESXi host.
	embedded_vCSA_on_VC.json	Contains the minimum configuration parameters that are required for deployment of a vCenter Server Appliance with an embedded Platform Services Controller on a vCenter Server instance.
	embedded_vCSA_replication_on_ESXi.json	Contains the minimum configuration parameters that are required for deployment of a vCenter Server Appliance with an embedded Platform Services Controller as a replication partner to another embedded vCenter Server Appliance on an ESXi host.
	embedded_vCSA_replication_on_VC.json	Contains the minimum configuration parameters that are required for deployment of a vCenter Server Appliance with an embedded Platform Services Controller as a replication partner to another embedded vCenter Server Appliance on a vCenter Server instance.
	PSC_first_instance_on_ESXi.json	Contains the minimum configuration parameters that are required for deployment of a Platform Services Controller appliance as the first instance in a new vCenter Single Sign-On domain on an ESXi host.
	PSC_first_instance_on_VC.json	Contains the minimum configuration parameters that are required for deployment of a Platform Services Controller appliance as the first instance in a new vCenter Single Sign-On domain on a vCenter Server instance.
	PSC_replication_on_ESXi.json	Contains the minimum configuration parameters that are required for deployment of a Platform Services Controller appliance joining an existing vCenter Single Sign-On domain on an ESXi host.
	PSC_replication_on_VC.json	Contains the minimum configuration parameters that are required for deployment of a Platform Services Controller appliance joining an existing vCenter Single Sign-On domain on a vCenter Server instance.
	vCSA_on_ESXi.json	Contains the minimum configuration parameters that are required for deployment of a vCenter Server Appliance with an external Platform Services Controller on an ESXi host.
	vCSA_on_VC.json	Contains the minimum configuration parameters that are required for deployment of a vCenter Server Appliance with an external Platform Services Controller on a vCenter Server instance.

For most people they will probably choose the smartly placed #1 .json option on VMWare's list as it applies to the most use cases I would think:

embedded_vCSA_on_ESXi.json

Contains the minimum configuration parameters that are required for deployment of a vCenter Server Appliance with an embedded Platform Services Controller on an ESXi host.

In plain English you have an ESXi host and want to setup the vSphere/vCenter management off the same server.

OK think you're ready now?

./vcsa-deploy install --accept-eula --no-esx-ssl-verify /mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json

Run the installer with "-v" or "--verbose" to log detailed information
Updating log file location, copying '/tmp/vcsaCliInstaller-2018-07-12-06-10-od3jvta8/vcsa-cli-installer.log' to desired location as a backup: '/tmp/vcsaCliInstaller-2018-07-12-06-10-od3jvta8/workflow_1531375823977/vcsa-cli-installer.log.bak'
Workflow log-dir
/tmp/vcsaCliInstaller-2018-07-12-06-10-od3jvta8/workflow_1531375823977
====== [START] Start executing Task: To validate CLI options at 06:10:24 ======
Deprecation Warning: The command parameter '--no-esx-ssl-verify' is deprecated.
You must use the new parameter '--no-ssl-certificate-verification' in the next
deployment.
template
'/mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json' has
ceip_enabled set to True, but the command line doesn't have --acknowledge-ceip.
You must pass in the --acknowledge-ceip command line option to confirm your
acknowledgement about your VMware Customer Experience Improvement Program (CEIP)
participation.
================ [FAILED] Task: CLIOptionsValidationTask: Executing CLI
optionsValidation task execution failed at 06:10:24 ================
================================================================================
Error message: com.vmware.vcsa.installer.template.cli_argument_validation:
template
'/mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json' has
ceip_enabled set to True, but the command line doesn't have --acknowledge-ceip.
You must pass in the --acknowledge-ceip command line option to confirm your
acknowledgement about your VMware Customer Experience Improvement Program (CEIP)
participation.
=================================== 06:10:24 ===================================
Result and Log File Information...
WorkFlow log directory:
/tmp/vcsaCliInstaller-2018-07-12-06-10-od3jvta8/workflow_1531375823977

Let's try it again oops we have used some deprecated stuff since VMWare 6.7 is a new beast!

./vcsa-deploy install --no-ssl-certificate-verification --acknowledge-ceip --accept-eula /mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json

What went wrong?

./vcsa-deploy install --no-ssl-certificate-verification --acknowledge-ceip --accept-eula /mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json
Run the installer with "-v" or "--verbose" to log detailed information
Updating log file location, copying '/tmp/vcsaCliInstaller-2018-07-12-06-12-7_cs0okb/vcsa-cli-installer.log' to desired location as a backup: '/tmp/vcsaCliInstaller-2018-07-12-06-12-7_cs0okb/workflow_1531375934346/vcsa-cli-installer.log.bak'
Workflow log-dir /tmp/vcsaCliInstaller-2018-07-12-06-12-7_cs0okb/workflow_1531375934346
================================================================= [START] Start executing Task: To validate CLI options at 06:12:14 =================================================================
Command line arguments verfied.
======================= [SUCCEEDED] Successfully executed Task 'CLIOptionsValidationTask: Executing CLI optionsValidation task' in TaskFlow 'template_validation' at 06:12:14 =======================
========================================================= [START] Start executing Task: To validate the syntax of the template. at 06:12:14 =========================================================
Template syntax validation for template '/mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json' succeeded.
Syntax validation for all templates succeeded.
======================= [SUCCEEDED] Successfully executed Task 'SyntaxValidationTask: Executing Template Syntax Validation task' in TaskFlow 'template_validation' at 06:12:14 =======================
[START] Start executing Task: To check the version of each template, and for each older template that supports CEIP, convert it to the latest template format, and save it to the Template Blackboard
at 06:12:15
Template version processing for template '/mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json' succeeded.
Version processing for all templates succeeded.
====================== [SUCCEEDED] Successfully executed Task 'VersionProcessingTask: Executing Template Version Processing task' in TaskFlow 'template_validation' at 06:12:15 ======================
============================ [START] Start executing Task: To validate the template structure against the rules specified by a corresponding template schema. at 06:12:15 ============================
The entered password for new_vcsa sso password does not meet the requirements. The password must be between 8 characters and 20 characters long. It must also contain at least one uppercase and
lowercase letter, one number, and one character from '!"#$%&'()*+,-./:;<=>?@[]^_`{|}~' and all characters must be ASCII. Space is not allowed in password.
Section 'new_vcsa', subsection 'network', property 'ip' validation failed: Expected 4 octets in ''
Section 'new_vcsa', subsection 'network', property 'system_name' validation failed: Given hostname '' is neither IPv4, IPv6 nor an
FQDN
Section 'new_vcsa', subsection 'network', property 'dns_servers' validations failed: Expected 4 octets in ''
Section 'new_vcsa', subsection 'network', property 'gateway' validation failed: Expected 4 octets in ''
An invalid value was encountered in section 'new_vcsa', subsection 'network', property 'prefix'. The network prefix must be a positive integer
Cannot obtain a valid ESXi/vCenter hostname from the template. Make sure a valid hostname is provided for the key 'hostname' under the section 'new_vcsa', section 'esxi' or 'vc'.
Section 'new_vcsa', subsection 'esxi', field 'hostname' validation failed: Given hostname '' is neither IPv4, IPv6 nor an
FQDN
The entered password for new_vcsa os password does not meet the requirements. The password must be between 8 characters and 20 characters long. It must also contain at least one uppercase and
lowercase letter, one number, and one character from '!"#$%&'()*+,-./:;<=>?@[]^_`{|}~' and all characters must be ASCII. Space is not allowed in password.
Template structure validation failed for template /mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json.
The value '******' of the key 'password' in section 'new_vcsa', subsection 'sso' is invalid. Correct the value and rerun the script.
The value '' of the key 'ip' in section 'new_vcsa', subsection 'network' is invalid. Correct the value and rerun the script.
The value '' of the key 'system_name' in section 'new_vcsa', subsection 'network' is invalid. Correct the value and rerun the
script.
The value '' of the key 'dns_servers' in section 'new_vcsa', subsection 'network' is invalid. Correct the value and rerun the script.
The value '' of the key 'gateway' in section 'new_vcsa', subsection 'network' is invalid. Correct the value and rerun the script.
The value ' 255.255.255.0, there are 24 bits in the binary version of the subnet mask, so the prefix length is 24. if used, the values must be in the inclusive range of 0 to 32 for ipv4 and 0 to 128 for ipv6.>'
of the key 'prefix' in section 'new_vcsa', subsection 'network' is invalid. Correct the value and rerun the script.
The value 'ipv4' of the key 'ip_family' in section 'new_vcsa', subsection 'network' is invalid. Correct the value and rerun the script.
The value '' of the key 'hostname' in section 'new_vcsa', subsection 'esxi' is invalid. Correct the value and rerun the
script.
The value '******' of the key 'password' in section 'new_vcsa', subsection 'os' is invalid. Correct the value and rerun the script.
=========================================================================== [FAILED] Task: StructureValidationTask: Executing Template Structure Validation task execution failed at 06:12:15
===========================================================================
======================================================================================================================================================================================================
Error message: com.vmware.vcsa.installer.template.structure_validation: Template structure validation failed for template /mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json.
============================================================================================== 06:12:15 ==============================================================================================
Result and Log File Information...
WorkFlow log directory: /tmp/vcsaCliInstaller-2018-07-12-06-12-7_cs0okb/workflow_1531375934346

We have to edit our .json template first

cp /mnt/cd/vcsa-cli-installer/templates/install/embedded_vCSA_on_ESXi.json /tmp/

{ "__version": "2.13.0", "__comments": "Sample template to deploy a vCenter Server Appliance with an embedded Platform Services Controller on an ESXi host.", "new_vcsa": { "esxi": { "hostname": "", "username": "root", "password": " ", "deployment_network": "VM Network", "datastore": "" }, "appliance": { "__comments": [ "You must provide the 'deployment_option' key with a value, which will affect the VCSA's configuration parameters, such as the VCSA's number of vCPUs, the memory size, the storage size, and the maximum numbers of ESXi hosts and VMs which can be managed. For a list of acceptable values, run the supported deployment sizes help, i.e. vcsa-deploy --supported-deployment-sizes" ], "thin_disk_mode": true, "deployment_option": "small", "name": "Embedded-vCenter-Server-Appliance" }, "network": { "ip_family": "ipv4", "mode": "static", "ip": "", "dns_servers": [ "" ], "prefix": "", "gateway": "", "system_name": "" }, "os": { "password": "", "ntp_servers": "time.nist.gov", "ssh_enable": false }, "sso": { "password": "", "domain_name": "vsphere.local" } }, "ceip": { "description": { "__comments": [ "++++VMware Customer Experience Improvement Program (CEIP)++++", "VMware's Customer Experience Improvement Program (CEIP) ", "provides VMware with information that enables VMware to ", "improve its products and services, to fix problems, ", "and to advise you on how best to deploy and use our ", "products. As part of CEIP, VMware collects technical ", "information about your organization's use of VMware ", "products and services on a regular basis in association ", "with your organization's VMware license key(s). This ", "information does not personally identify any individual. ", "Additional information regarding the data collected ", "through CEIP and the purposes for which it is used by ", "VMware is set forth in the Trust & Assurance Center at ", "http://www.vmware.com/trustvmware/ceip.html . If you ", "prefer not to participate in VMware's CEIP for this ", "product, you should disable CEIP by setting ", "'ceip_enabled': false. You may join or leave VMware's ", "CEIP for this product at any time. Please confirm your ", "acknowledgement by passing in the parameter ", "--acknowledge-ceip in the command line.", "++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++" ] }, "settings": { "ceip_enabled": true } } }#after editing the above make sure you run the install again but point to the /tmp .json file:

./vcsa-deploy install --no-ssl-certificate-verification --acknowledge-ceip --accept-eula /tmp/embedded_vCSA_on_ESXi.json

Run the installer with "-v" or "--verbose" to log detailed information
Updating log file location, copying '/tmp/vcsaCliInstaller-2018-07-12-06-37-r4wnppls/vcsa-cli-installer.log' to desired location as a backup: '/tmp/vcsaCliInstaller-2018-07-12-06-37-r4wnppls/workflow_1531377437847/vcsa-cli-installer.log.bak'
Workflow log-dir /tmp/vcsaCliInstaller-2018-07-12-06-37-r4wnppls/workflow_1531377437847
================================================================= [START] Start executing Task: To validate CLI options at 06:37:18 =================================================================
Command line arguments verfied.
======================= [SUCCEEDED] Successfully executed Task 'CLIOptionsValidationTask: Executing CLI optionsValidation task' in TaskFlow 'template_validation' at 06:37:18 =======================
========================================================= [START] Start executing Task: To validate the syntax of the template. at 06:37:18 =========================================================
Template syntax validation for template '/tmp/embedded_vCSA_on_ESXi.json' succeeded.
Syntax validation for all templates succeeded.
======================= [SUCCEEDED] Successfully executed Task 'SyntaxValidationTask: Executing Template Syntax Validation task' in TaskFlow 'template_validation' at 06:37:18 =======================
[START] Start executing Task: To check the version of each template, and for each older template that supports CEIP, convert it to the latest template format, and save it to the Template Blackboard
at 06:37:18
Template version processing for template '/tmp/embedded_vCSA_on_ESXi.json' succeeded.
Version processing for all templates succeeded.
====================== [SUCCEEDED] Successfully executed Task 'VersionProcessingTask: Executing Template Version Processing task' in TaskFlow 'template_validation' at 06:37:18 ======================
============================ [START] Start executing Task: To validate the template structure against the rules specified by a corresponding template schema. at 06:37:18 ============================
The entered password for new_vcsa sso password does not meet the requirements. The password must be between 8 characters and 20 characters long. It must also contain at least one uppercase and
lowercase letter, one number, and one character from '!"#$%&'()*+,-./:;<=>?@[]^_`{|}~' and all characters must be ASCII. Space is not allowed in password.
The entered password for new_vcsa os password does not meet the requirements. The password must be between 8 characters and 20 characters long. It must also contain at least one uppercase and
lowercase letter, one number, and one character from '!"#$%&'()*+,-./:;<=>?@[]^_`{|}~' and all characters must be ASCII. Space is not allowed in password.
Template structure validation failed for template /tmp/embedded_vCSA_on_ESXi.json.
The value '******' of the key 'password' in section 'new_vcsa', subsection 'sso' is invalid. Correct the value and rerun the script.
The value '******' of the key 'password' in section 'new_vcsa', subsection 'os' is invalid. Correct the value and rerun the script.
The key 'system_name' in section 'new_vcsa' subsection 'network' is required. Its value cannot be null or empty.
The key 'dns_servers' in section 'new_vcsa' subsection 'network' is required. Its value cannot be null or empty.
The key 'gateway' in section 'new_vcsa' subsection 'network' is required. Its value cannot be null or empty.
The key 'prefix' in section 'new_vcsa' subsection 'network' is required. Its value cannot be null or empty.
The key 'ip' in section 'new_vcsa' subsection 'network' is required. Its value cannot be null or empty.
=========================================================================== [FAILED] Task: StructureValidationTask: Executing Template Structure Validation task execution failed at 06:37:19
===========================================================================
======================================================================================================================================================================================================
Error message: com.vmware.vcsa.installer.template.structure_validation: Template structure validation failed for template /tmp/embedded_vCSA_on_ESXi.json.
============================================================================================== 06:37:19 ==============================================================================================
Result and Log File Information...
WorkFlow log directory: /tmp/vcsaCliInstaller-2018-07-12-06-37-r4wnppls/workflow_1531377437847

#no luck so far

./vcsa-deploy install --no-ssl-certificate-verification --acknowledge-ceip --accept-eula /tmp/embedded_vCSA_on_ESXi.json
Run the installer with "-v" or "--verbose" to log detailed information
Updating log file location, copying '/tmp/vcsaCliInstaller-2018-07-12-06-45-f3v4sgw5/vcsa-cli-installer.log' to desired location as a backup: '/tmp/vcsaCliInstaller-2018-07-12-06-45-f3v4sgw5/workflow_1531377957356/vcsa-cli-installer.log.bak'
Workflow log-dir /tmp/vcsaCliInstaller-2018-07-12-06-45-f3v4sgw5/workflow_1531377957356
================================================================= [START] Start executing Task: To validate CLI options at 06:45:57 =================================================================
Command line arguments verfied.
======================= [SUCCEEDED] Successfully executed Task 'CLIOptionsValidationTask: Executing CLI optionsValidation task' in TaskFlow 'template_validation' at 06:45:57 =======================
========================================================= [START] Start executing Task: To validate the syntax of the template. at 06:45:57 =========================================================
Template syntax validation for template '/tmp/embedded_vCSA_on_ESXi.json' succeeded.
Syntax validation for all templates succeeded.
======================= [SUCCEEDED] Successfully executed Task 'SyntaxValidationTask: Executing Template Syntax Validation task' in TaskFlow 'template_validation' at 06:45:57 =======================
[START] Start executing Task: To check the version of each template, and for each older template that supports CEIP, convert it to the latest template format, and save it to the Template Blackboard
at 06:45:58
Template version processing for template '/tmp/embedded_vCSA_on_ESXi.json' succeeded.
Version processing for all templates succeeded.
====================== [SUCCEEDED] Successfully executed Task 'VersionProcessingTask: Executing Template Version Processing task' in TaskFlow 'template_validation' at 06:45:58 ======================
============================ [START] Start executing Task: To validate the template structure against the rules specified by a corresponding template schema. at 06:45:58 ============================
The entered password for new_vcsa sso password does not meet the requirements. The password must be between 8 characters and 20 characters long. It must also contain at least one uppercase and
lowercase letter, one number, and one character from '!"#$%&'()*+,-./:;<=>?@[]^_`{|}~' and all characters must be ASCII. Space is not allowed in password.
Template structure validation failed for template /tmp/embedded_vCSA_on_ESXi.json.
The value '******' of the key 'password' in section 'new_vcsa', subsection 'sso' is invalid. Correct the value and rerun the script.
=========================================================================== [FAILED] Task: StructureValidationTask: Executing Template Structure Validation task execution failed at 06:45:58
===========================================================================
======================================================================================================================================================================================================
Error message: com.vmware.vcsa.installer.template.structure_validation: Template structure validation failed for template /tmp/embedded_vCSA_on_ESXi.json.
============================================================================================== 06:45:58 ==============================================================================================
Result and Log File Information...
WorkFlow log directory: /tmp/vcsaCliInstaller-2018-07-12-06-45-f3v4sgw5/workflow_1531377957356
[root@vsphere-center lin64]# vi /tmp/embedded_vCSA_on_ESXi.json
[root@vsphere-center lin64]# ./vcsa-deploy install --no-ssl-certificate-verification --acknowledge-ceip --accept-eula /tmp/embedded_vCSA_on_ESXi.json
Run the installer with "-v" or "--verbose" to log detailed information
Updating log file location, copying '/tmp/vcsaCliInstaller-2018-07-12-06-46-8qv_x80w/vcsa-cli-installer.log' to desired location as a backup: '/tmp/vcsaCliInstaller-2018-07-12-06-46-8qv_x80w/workflow_1531377985688/vcsa-cli-installer.log.bak'
Workflow log-dir /tmp/vcsaCliInstaller-2018-07-12-06-46-8qv_x80w/workflow_1531377985688
================================================================= [START] Start executing Task: To validate CLI options at 06:46:25 =================================================================
Command line arguments verfied.
======================= [SUCCEEDED] Successfully executed Task 'CLIOptionsValidationTask: Executing CLI optionsValidation task' in TaskFlow 'template_validation' at 06:46:25 =======================
========================================================= [START] Start executing Task: To validate the syntax of the template. at 06:46:26 =========================================================
Template syntax validation for template '/tmp/embedded_vCSA_on_ESXi.json' succeeded.
Syntax validation for all templates succeeded.
======================= [SUCCEEDED] Successfully executed Task 'SyntaxValidationTask: Executing Template Syntax Validation task' in TaskFlow 'template_validation' at 06:46:26 =======================
[START] Start executing Task: To check the version of each template, and for each older template that supports CEIP, convert it to the latest template format, and save it to the Template Blackboard
at 06:46:26
Template version processing for template '/tmp/embedded_vCSA_on_ESXi.json' succeeded.
Version processing for all templates succeeded.
====================== [SUCCEEDED] Successfully executed Task 'VersionProcessingTask: Executing Template Version Processing task' in TaskFlow 'template_validation' at 06:46:26 ======================
============================ [START] Start executing Task: To validate the template structure against the rules specified by a corresponding template schema. at 06:46:26 ============================
Template structure validation for template '/tmp/embedded_vCSA_on_ESXi.json' succeeded.
Structure validation for all templates succeeded.
==================== [SUCCEEDED] Successfully executed Task 'StructureValidationTask: Executing Template Structure Validation task' in TaskFlow 'template_validation' at 06:46:27 ====================
[START] Start executing Task: To create a dependency graph for the provided templates, with an edge pairing two templates that are dependent on each other. Such graph relationships will affect
whether certain templates can be deployed in parallel, or must be deployed sequentially. at 06:46:27
Dependency processing for all templates succeeded.
=================== [SUCCEEDED] Successfully executed Task 'DependencyProcessingTask: Executing Template Dependency Processing task' in TaskFlow 'template_validation' at 06:46:27 ===================
================================================== [START] Start executing Task: Validate that requirements are met in the source VCSA. at 06:46:29 ==================================================
InstallRequirementCollector: Reached gathering requirement
============================== [SUCCEEDED] Successfully executed Task 'SrcRequirementTask: Running SrcRequirementTask' in TaskFlow 'embedded_vCSA_on_ESXi' at 06:46:29 ==============================
================================================================= [START] Start executing Task: Perform precheck tasks. at 06:46:30 =================================================================
========================================== [START] Start executing Task: Verify that the provided credentials for the target ESXi/VC are valid at 06:46:30 ==========================================
Proceed with certificate thumbprint check...
The certificate for server '192.168.1.54' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
=========================================== [SUCCEEDED] Successfully executed Task 'Running precheck: TargetCredentials' in TaskFlow 'install' at 06:46:31 ===========================================
============================================= [START] Start executing Task: Precheck CPU, memory and datastore size requirements for a host. at 06:46:31 =============================================
Proceed with certificate thumbprint check...
The certificate for server '192.168.1.54' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables
verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified.
The VCSA 'Embedded-vCenter-Server-Appliance' requires hardware virtualization support from the ESXi host 'localhost.localdomain'. You are recommended to check the BIOS settings of the ESXi host for
hardware virtualization support before proceeding.
=========================================================================== [FAILED] Task: Running precheck: HostConfigs execution failed at 06:46:37
===========================================================================
======================================================================================================================================================================================================
=========================================================================== [FAILED] Task: PrecheckTask: Running prechecks. execution failed at 06:46:37
===========================================================================
======================================================================================================================================================================================================
Error message: com.vmware.vcsa.installer.prechecks: com.vmware.vcsa.installer.prechecks.host_configs: The deployment size selected by user's template for the VCSA 'Embedded-vCenter-Server-Appliance'
is 'small', which requires 4 CPUs while the ESXi host 'localhost.localdomain' has 2 physical CPUs (cores) available. Choose a different deployment option for the VCSA, or use a different ESXi host,
or provide more CPUs for the ESXi. Deployment size selected by user's template for the VCSA 'Embedded-vCenter-Server-Appliance' is 'small', which requires 16 GB of memory. That exceeds the total
memory of 4 GB of the ESXi host 'localhost.localdomain'. Choose a different deployment option for the VCSA. The capacity of datastore 'datastore1' (3.0 GB) in host 'localhost.localdomain' is less
than the minimum size required (25 GB). Use a different datastore, or increase the datastore size above the required minimum.
============================================================================================== 06:46:38 ==============================================================================================
Result and Log File Information...
WorkFlow log directory: /tmp/vcsaCliInstaller-2018-07-12-06-46-8qv_x80w/workflow_1531377985688

#now the server seems to die or at least the NIC during the install process

OVF Tool: Opening OVA source:
/mnt/cd/vcsa-cli-installer/lin64/../../vcsa/VMware-vCenter-Server-Appliance-6.7.0.12000-8832884_OVF10.ova
OVF Tool: Opening VI target: vi://root@192.168.1.54:443/
OVF Tool: Deploying to VI: vi://root@192.168.1.54:443/
OVF Tool: Disk progress: 99%
OVF Tool: Transfer Completed
OVF Tool: Powering on VM: Embedded-vCenter-Server-Appliance-
OVF Tool: Task progress: 58%
OVF Tool: Task Completed
OVF Tool: Waiting for IP address...Error: Operation was canceled
OVF Tool: Error: No route to host
Deployment failed. OVF Tool return error code: 1

It's not so much that it fails to install but rather that once the vcenter appliance starts for some reason the network stops working. Restarting the network does not help either.

When starting the Virtual Appliance the last thing on the console I can see is:
Started Network Time Servce: [ *** ] (2 of 2) A start job is running for Initial c...metadata service crawler) (21s /no limit)

A successful install will look like this:

========================================= [START] Start executing Task: Invoke OVF Tool to deploy VCSA for installation, upgrade, and migration at 05:58:58 ========================================= Deployment failed. OVF Tool return error code: 255 Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Failed to collect support bundle from appliance because: Cannot gather support bundle because the vm 'Embedded-vCenter-Server-Appliance' was not found on ESX 192.168.1.60. Underlying error details: Failed to find VM Embedded-vCenter-Server-Appliance =========================================================================== [FAILED] Task: Deploying vCenter Server Appliance execution failed at 05:58:59 =========================================================================== ====================================================================================================================================================================================================== Error message: com.vmware.vcsa.installer.ovf.deploy_appliance: ApplianceDeploymentTask: Caught an exception Deployment failed. OVF Tool return error code: 255 ============================================================================================== 05:59:00 ============================================================================================== Result and Log File Information... WorkFlow log directory: /var/tmp/vcsaCliInstaller-2018-07-20-05-58-0vi0n75f/workflow_1532066319919 [root@vsphere-center lin64]# (RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Found IP address of target appliance: 192.168.1.61 Proceed with certificate thumbprint check... Requesting deployment status from target vCSA REST API endpoint 'https://192.168.1.61:5480/rest/vcenter/deployment' ==========VCSA Deployment Progress Report========== Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Task: Run firstboot scripts.(RUNNING 60/100) - Starting VMware vCenter Server... VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Failed to query appliance API against VM 'Embedded-vCenter-Server-Appliance' on '192.168.1.60' for the deployment status because 'Unable to obtain IP address of the target appliance, it might still be powering up or during IP transfer.', retrying and will timeout in '3570 seconds traceback: Traceback (most recent call last): File "/build/mts/release/bora-7892267/bora/install/vcsa-installer/vcsaCliInstaller/cli_tasks/monitor/monitor_vcenter_deployment_task.py", line 402, in execute ValueError: Unable to obtain IP address of the target appliance, it might still be powering up or during IP transfer. Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Failed to query appliance API against VM 'Embedded-vCenter-Server-Appliance' on '192.168.1.60' for the deployment status because 'Unable to obtain IP address of the target appliance, it might still be powering up or during IP transfer.', retrying and will timeout in '3540 seconds traceback: Traceback (most recent call last): File "/build/mts/release/bora-7892267/bora/install/vcsa-installer/vcsaCliInstaller/cli_tasks/monitor/monitor_vcenter_deployment_task.py", line 402, in execute ValueError: Unable to obtain IP address of the target appliance, it might still be powering up or during IP transfer. ####################fixed it by changing password Do not use ( & or # or you will have bizarre issues like above "os": { "password": "8#Klaasyeasy", "ntp_servers": "time.nist.gov", "ssh_enable": false }, "sso": { "password": "DkUOI98(&*93", "domain_name": "vsphere.local" } Change to passwords like this: "os": { "password": "8^Klaasyeasy", "ntp_servers": "time.nist.gov", "ssh_enable": false }, "sso": { "password": "DkUOI98*93", "domain_name": "vsphere.local" } ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 63/100) - Starting VMware Content Library Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 63/100) - Starting VMware Content Library Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 63/100) - Starting VMware Content Library Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 63/100) - Starting VMware Content Library Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 63/100) - Starting VMware Content Library Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 63/100) - Starting VMware Content Library Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 63/100) - Starting VMware Content Library Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 63/100) - Starting VMware Content Library Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 63/100) - Starting VMware Content Library Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 63/100) - Starting VMware Content Library Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 63/100) - Starting VMware Content Library Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 63/100) - Starting VMware Content Library Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 65/100) - Starting VMware ESX Agent Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 65/100) - Starting VMware ESX Agent Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 65/100) - Starting VMware ESX Agent Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 68/100) - Starting VMware Message Bus Configuration Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 71/100) - Starting VMware vSphere Profile-Driven Storage Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 71/100) - Starting VMware vSphere Profile-Driven Storage Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 71/100) - Starting VMware vSphere Profile-Driven Storage Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 73/100) - Starting VMware Update Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 73/100) - Starting VMware Update Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 73/100) - Starting VMware Update Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 73/100) - Starting VMware Update Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 73/100) - Starting VMware Update Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 73/100) - Starting VMware Update Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 73/100) - Starting VMware Update Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 73/100) - Starting VMware Update Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 73/100) - Starting VMware Update Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 73/100) - Starting VMware Update Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 73/100) - Starting VMware Update Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 73/100) - Starting VMware Update Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 73/100) - Starting VMware Update Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 76/100) - Starting VMware vCenter High Availability... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 78/100) - Starting VMware vSphere Authentication Proxy... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 78/100) - Starting VMware vSphere Authentication Proxy... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 81/100) - Starting VMware VSAN Data Protection Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 84/100) - Starting VMware VSAN Health Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 84/100) - Starting VMware VSAN Health Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 84/100) - Starting VMware VSAN Health Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 84/100) - Starting VMware VSAN Health Service... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 86/100) - Starting VMware vService Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 86/100) - Starting VMware vService Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 86/100) - Starting VMware vService Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 89/100) - Starting VMware Image Builder Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 89/100) - Starting VMware Image Builder Manager... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 92/100) - Starting VMware vSphere Auto Deploy Waiter... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 92/100) - Starting VMware vSphere Auto Deploy Waiter... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 92/100) - Starting VMware vSphere Auto Deploy Waiter... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 92/100) - Starting VMware vSphere Auto Deploy Waiter... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 97/100) - Starting VMware Performance Charts... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 97/100) - Starting VMware Performance Charts... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(RUNNING 97/100) - Starting VMware Performance Charts... Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. VCSA Deployment is still running Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... ==========VCSA Deployment Progress Report========== Task: Run firstboot scripts.(SUCCEEDED 100/100) - Task has completed successfully. Task: Install required RPMs for the appliance.(SUCCEEDED 100/100) - Task has completed successfully. Successfully completed VCSA deployment. VCSA Deployment Start Time: 2018-07-20T10:25:37.358Z VCSA Deployment End Time: 2018-07-20T12:10:05.023Z [SUCCEEDED] Successfully executed Task 'MonitorDeploymentTask: Monitoring Deployment' in TaskFlow 'embedded_vCSA_on_ESXi' at 12:10:34 Monitoring VCSA Deploy task completed ==================== [START] Start executing Task: Provide the login information about new appliance. at 12:10:36 ==================== Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Proceed with certificate thumbprint check... The certificate for server '192.168.1.60' will not be verified because you have provided either the '--no-ssl-certificate-verification' or '--no-esx-ssl-verify' command parameter, which disables verification for all certificates. Remove this parameter from the command line if you want server certificates to be verified. Appliance Name: Embedded-vCenter-Server-Appliance System Name: 192.168.1.61 System IP: 192.168.1.61 Log in as: Administrator@vsphere.local [SUCCEEDED] Successfully executed Task 'ApplianceLoginSummaryTask: Provide appliance login information.' in TaskFlow 'embedded_vCSA_on_ESXi' at 12:10:39 ============================================================== 12:10:40 ============================================================== Result and Log File Information... WorkFlow log directory: /tmp/vcsaCliInstaller-2018-07-20-09-36-n9d4w4qp/workflow_1532079398332

Hard Drive Serial Number Examples

The reason for this article is because a lot of us don't physically see our hard drives they are often remote in a datacenter etc and the actual serial number we see in SMART is not enough to check for some manufacturers.

A good example is our first one the Toshiba

=== START OF INFORMATION SECTION ===
Device Model: TOSHIBA DT01ACA200
Serial Number: 33FMDW4AS

If you enter the serial in Toshiba's site above: https://myapps.taec.toshiba.com/myapps/admin/jsp/webrma/addRequest1NoLogin.jsp

You will get the following result:

33FMDW4AS

Warranty could not be determined for this Non-HDD serial number. If you have any questions you may contact Toshiba at 1-855-898-1905.

That is because you are missing the "TZ5" at the end. See when you add the TZ5.

33FMDW4ASTZ5

HDKPC09A0A01S

Out Of Warranty

Out of warranty. Exp Date: 2015/03/26

Hard Drive Full Serial List Examples

The format will be that the extra characters before or after the serial number are what you have to add on your own.

Device Model: TOSHIBA DT01ACA200
Serial Number: 33FMDW4ASTZ5

Device Model: TOSHIBA MG03ACA200
Serial Number: Z4JAK5C8FVD2

vino server error cannot login

10/07/2018 03:05:14 PM [IPv4] Got connection from client10.10.25.1
10/07/2018 03:05:14 PM   other clients:
10/07/2018 03:05:14 PM Client Protocol Version 3.7
10/07/2018 03:05:14 PM Advertising security type 18
10/07/2018 03:05:14 PM Client returned security type 18
10/07/2018 03:05:14 PM TLS Handshake failed: Could not negotiate a supported cipher suite.
10/07/2018 03:05:14 PM Client10.10.25.1 gone
10/07/2018 03:05:14 PM Statistics:
10/07/2018 03:05:14 PM   framebuffer updates 0, rectangles 0, bytes 0
10/07/2018 03:05:16 PM [IPv4] Got connection from client10.10.25.1
10/07/2018 03:05:16 PM   other clients:
10/07/2018 03:05:17 PM rfbProcessClientProtocolVersion: not a valid RFB client
10/07/2018 03:05:17 PM Client10.10.25.1 gone
10/07/2018 03:05:17 PM Statistics:
10/07/2018 03:05:17 PM   framebuffer updates 0, rectangles 0, bytes 0

OpenVPN auth-user-pass-verify ENV script error

Starting with newer versions of OpenVPN I believe 2.2+ you need to have "script-security 3" set or you can't execute a third party script.

Prior to that you could also use the auth-user-pass-verify like this:

auth-user-pass-verify ./validate.pl "$username $password $ip" via-env

Options error: the --auth-user-pass-verify directive should have at most 2 parameters. To pass a list of arguments as one of the parameters, try enclosing them in double quotes ("").
However this no longer works. The way env works no longer gives you the variables as variables that you can pass as arguments.

It now works as normal so for example in a shell script you call from OpenVPN.

Just referencing $username and $password gives you the login information the user sent. This seems to have taken effect in version 2.3 or 2.4 or possibly even 2.2

OpenVPN error ERROR: Cannot ioctl TUNSETIFF tun: Operation not permitted (errno=1)

This basically means that you are running as non-root and you need to be root to create the tun0 or tap0 device on OpenVPN. You could try sudo or adding the openvpn binary to the list of sudoers.

Howto install ioncube loader to PHP by Zend

First of all download the raw .so file from zend:

Copy the one relevant to your PHP version to /usr/lib64/php/modules/

eg.: cp ioncube_loader_lin_5.3.so /usr/lib64/php/modules/

Then in your /etc/php.d/ directory create the file:

vi /etc/php.d/zend.ini

zend_extension = /usr/lib64/php/modules/ioncube_loader_lin_5.3.so

After that restart apache/httpd and you'll be good to go!

Cannot create gradle for conversations

The main issue is it looks like Java is not configured to accept the invalid ssl cert that is coming from the download location.

Exception in thread "main" java.lang.RuntimeException: javax.net.ssl.SSLException: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error

export ANDROID_HOME=/home/user/Downloads/tools/
Conversations-master$ ./gradlew
Downloading https://services.gradle.org/distributions/gradle-4.4-all.zip

Exception in thread "main" java.lang.RuntimeException: javax.net.ssl.SSLException: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error
    at org.gradle.wrapper.ExclusiveFileAccessManager.access(ExclusiveFileAccessManager.java:78)
    at org.gradle.wrapper.Install.createDist(Install.java:47)
    at org.gradle.wrapper.WrapperExecutor.execute(WrapperExecutor.java:129)
    at org.gradle.wrapper.GradleWrapperMain.main(GradleWrapperMain.java:48)
Caused by: javax.net.ssl.SSLException: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1914)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1872)
    at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1855)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1376)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1353)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1366)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263)
    at org.gradle.wrapper.Download.downloadInternal(Download.java:59)
    at org.gradle.wrapper.Download.download(Download.java:45)
    at org.gradle.wrapper.Install$1.call(Install.java:60)
    at org.gradle.wrapper.Install$1.call(Install.java:47)
    at org.gradle.wrapper.ExclusiveFileAccessManager.access(ExclusiveFileAccessManager.java:65)
    ... 3 more
Caused by: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error
    at sun.security.pkcs11.P11Key$P11ECPublicKey.getEncodedInternal(P11Key.java:1024)
    at sun.security.pkcs11.P11Key.equals(P11Key.java:158)
    at java.util.ArrayList.indexOf(ArrayList.java:302)
    at java.util.ArrayList.contains(ArrayList.java:285)
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:239)
    at sun.security.validator.Validator.validate(Validator.java:260)
    at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1459)
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:213)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:961)
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:897)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1033)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1342)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1369)
    ... 13 more
Caused by: java.security.InvalidKeyException: EC parameters error
    at sun.security.ec.ECParameters.getAlgorithmParameters(ECParameters.java:284)
    at sun.security.ec.ECPublicKeyImpl.<init>(ECPublicKeyImpl.java:59)
    at sun.security.pkcs11.P11Key$P11ECPublicKey.getEncodedInternal(P11Key.java:1021)
    ... 28 more
Caused by: java.security.NoSuchProviderException: no such provider: SunEC
    at sun.security.jca.GetInstance.getService(GetInstance.java:83)
    at sun.security.jca.GetInstance.getInstance(GetInstance.java:206)
    at java.security.Security.getImpl(Security.java:697)
    at java.security.AlgorithmParameters.getInstance(AlgorithmParameters.java:199)
    at sun.security.ec.ECParameters.getAlgorithmParameters(ECParameters.java:279)
    ... 30 more

not allowed to execute '/usr/bin/apt-get install eclipse' as root linux sudo user permisson issue and solution

This is most likely to happen on a normal GUI system like Ubuntu or Linux Mint. If you or the user is meant to have sudo / root privileges it is as simple as editing the following files:

Now assume your username is "iamtheuser"

vi /etc/group

adm:x:4:syslog,iamtheuser sudo:x:27:anotheruser,iamtheuser

Find the above lines and add a comma and "iamtheuser" right after as shown in the example above. You'll have to log out and login and things will be fine after that. If you want to stay logged into the GUI you could always just ssh in to localhost and that ssh connection would give you the new privileges.

Database Error One or more of the WHMCS database tables appear to be either missing or corrupted. Please check and repair. - WHMCS Solution

Database Error One or more of the WHMCS database tables appear to be either missing or corrupted. Please check and repair.

This error can be misleading especially if you know you are using a known good backup or restoration of the WHMCS database. The error can also be that the user lacks permissions to read and write to the database.

To check to this in MySQL shell:

GRANT read,write to dbusername@localhost on dbname;

After that things should work again.

postfix errors fatal: no SASL authentication mechanisms /usr/libexec/postfix/smtpd: bad command startup -- throttling solution

Jul 3 22:12:17mailserver postfix/smtpd[6195]: fatal: no SASL authentication mechanisms Jul 3 22:12:18mailserver postfix/master[4881]: warning: process /usr/libexec/postfix/smtpd pid 6195 exit status 1 Jul 3 22:12:18mailserver postfix/master[4881]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

This only ever happens in my experience when the authentication method is actually Dovecot. Usually the problem will be that Dovecot cannot start due to a misconfiguration and or permissions issue.

The solution is to try to trace through /var/log/maillog and find out what is wrong with Dovecot (assuming it cannot start).

After this postfix should work fine.

You should also enable debug info in dovecot.conf like this:

auth_debug = yes auth_debug_passwords = yes auth_verbose = yes

To give you an idea of what commonly goes wrong after a new Dovecot migration or install:

dovecot: auth: Error: passwd-file /etc/dovecot.passwd: open(/etc/dovecot.passwd) failed: Permission denied (euid=97(dovecot) egid=97(dovecot) missing +r perm: /etc/dovecot.passwd, euid is not dir owner)

Solution:

chmod +x /etc/dovecot.passwd

Another error:

dovecot: lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Connection refused

In this case you need to make sure /var/run/dovecot/auth-userdb and also /var/mail is set to the correct user id and group id or username/groupname as in your /etc/dovecot/dovecot.conf

first_valid_gid = 502 first_valid_uid = 501 last_valid_gid = 502 last_valid_uid = 501