RealTechTalk (RTT) - Linux/Server Administration/Related

We have years of knowledge with technology, especially in the IT (Information Technology) industry. 

realtechtalk.com will always have fresh and useful information on a variety of subjects from Graphic Design, Server Administration, Web  Hosting Industry and much more.

This site will specialize in unique topics and problems faced by web hosts, Unix/Linux administrators, web developers, computer technicians, hardware, networking, scripting, web design and much more. The aim of this site is to explain common problems and solutions in a simple way. Forums are ineffective because they have a lot of talk, but it's hard to find the answer you're looking for, and as we know, the answer is usually not there. No one has time to scour the net for forums and read pages of irrelevant information on different forums/threads. RTT just gives you what you're looking for.

  • sign_and_send_pubkey: signing failed: agent refused operation - SSH Solution


    sign_and_send_pubkey: signing failed: agent refused operation

    This happens when you don't manually add your ssh key with ssh-add it is some weird new feature in SSH or Ubuntu/Debian that causes this weird problem.
     

    Solution:


    ssh-add
    Identity added: /home/user/.ssh/id_rsa (/home/user/.ssh/id_rsa)


  • Centos PXEBoot NetInstall Failure - Pane is dead


    ValueError: new value non-existent xfs filesystem is not valid as a default fs type

    Pane is dead

    From what I read this is misleading and has to do with the fact that the initrd and kernel are mismatched.

    This is a hard situation because for some older hardware I am using the Centos Plus kernel which has modules that I require for an older server/NIC.  This seems to have cropped up in the past few months and there is no simple fix which is quite frustrating.

    I wish RHEL/Centos would provide a CentosPlus kernel for their PXE boot image as this essentially stops things from working and creates a PXEBoot/NetInstall scenario that cannot be relied on because it seems to pull other image data from the Centos repo which ends up breaking in the event that the repo has been updated and your kernel/initrd are mismatched.

    But it worked before the whole time so something unexpected or undesirable has changed upstream unfortunately.  For now I am not sure of the solution short of creating my own PXEBoot initrd image and kernel.


  • Intel NUC J3455 Linux Kernel freeze slowness 4.4.98 errors


    It looks like this has something to do with APIC but I am not sure.  I have similar CPUs with a different MB and BIOS that work fine on the same type of kernel.  A lot of time the issue is because of the C-step setting in the BIOS.

    The same thing happened on the 2.6 kernel with Centos 6 but this is a homebrew 4.4 kernel so I am not sure why it is happening when even Centos 7 (3.2) kernel works OK.


    [72799.017154] INFO: rcu_sched detected stalls on CPUs/tasks:
    [72799.017193]     1-...: (185 GPs behind) idle=832/0/0 softirq=52330/52330 fqs=0
    [72799.017220]     (detected by 0, t=5252 jiffies, g=1775778, c=1775777, q=678)
    [72799.017249] Task dump for CPU 1:
    [72799.017270] swapper/1       R running      0     0      1 0x00200008
    [72799.017301]  00200086 00000000 00000000 00000000 c1037b90 f34f0000 c147140d 0
    [72799.017353]  00000000 00000000 00000000 00000001 00000000 00000000 0000007b b
    [72799.017405]  f3bb00d8 00000000 ffffff10 c100bc48 00000060 00200246 00000000 a
    [72799.017458] Call Trace:
    [72799.017486]  [<c1037b90>] ? smp_apic_timer_interrupt+0x30/0x40
    [72799.017515]  [<c147140d>] ? apic_timer_interrupt+0x2d/0x34
    [72799.017542]  [<c100bc48>] ? mwait_idle+0x68/0x150
    [72799.017568]  [<c100b586>] ? arch_cpu_idle+0x6/0x10
    [72799.017593]  [<c10815dd>] ? cpu_startup_entry+0x1dd/0x2d0
    [72799.017618]  [<c1036d9b>] ? setup_APIC_timer+0x9b/0xb0
    [72799.017645] rcu_sched kthread starved for 5252 jiffies! g1775778 c1775777 f00
    [72862.037828] INFO: rcu_sched detected stalls on CPUs/tasks:
    [72862.037866]     1-...: (185 GPs behind) idle=832/0/0 softirq=52330/52330 fqs=0
    [72862.037893]     (detected by 0, t=21007 jiffies, g=1775778, c=1775777, q=3093)
    [72862.037923] Task dump for CPU 1:
    [72862.037944] swapper/1       R running      0     0      1 0x00200008
    [72862.037975]  00200086 00000000 00000000 00000000 c1037b90 f34f0000 c147140d 0
    [72862.038028]  00000000 00000000 00000000 00000001 00000000 00000000 0000007b b
    [72862.038080]  f3bb00d8 00000000 ffffff10 c100bc48 00000060 00200246 00000000 a
    [72862.038132] Call Trace:
    [72862.038161]  [<c1037b90>] ? smp_apic_timer_interrupt+0x30/0x40
    [72862.038190]  [<c147140d>] ? apic_timer_interrupt+0x2d/0x34
    [72862.038216]  [<c100bc48>] ? mwait_idle+0x68/0x150
    [72862.038242]  [<c100b586>] ? arch_cpu_idle+0x6/0x10
    [72862.038268]  [<c10815dd>] ? cpu_startup_entry+0x1dd/0x2d0
    [72862.038293]  [<c1036d9b>] ? setup_APIC_timer+0x9b/0xb0
    [72862.038320] rcu_sched kthread starved for 21007 jiffies! g1775778 c1775777 f0
    [72925.058501] INFO: rcu_sched detected stalls on CPUs/tasks:
    [72925.058539]     1-...: (185 GPs behind) idle=832/0/0 softirq=52330/52330 fqs=0
    [72925.058566]     (detected by 2, t=36762 jiffies, g=1775778, c=1775777, q=5985)
    [72925.058596] Task dump for CPU 1:
    [72925.058617] swapper/1       R running      0     0      1 0x00200008
    [72925.058648]  00200086 00000000 00000000 00000000 c1037b90 f34f0000 c147140d 0
    [72925.058701]  00000000 00000000 00000000 00000001 00000000 00000000 0000007b b
    [72925.058752]  f3bb00d8 00000000 ffffff10 c100bc48 00000060 00200246 00000000 a
    [72925.058805] Call Trace:
    [72925.058834]  [<c1037b90>] ? smp_apic_timer_interrupt+0x30/0x40
    [72925.058863]  [<c147140d>] ? apic_timer_interrupt+0x2d/0x34
    [72925.058890]  [<c100bc48>] ? mwait_idle+0x68/0x150
    [72925.058915]  [<c100b586>] ? arch_cpu_idle+0x6/0x10
    [72925.058941]  [<c10815dd>] ? cpu_startup_entry+0x1dd/0x2d0
    [72925.058967]  [<c1036d9b>] ? setup_APIC_timer+0x9b/0xb0
    [72925.058993] rcu_sched kthread starved for 36762 jiffies! g1775778 c1775777 f0
    [72988.079176] INFO: rcu_sched detected stalls on CPUs/tasks:
    [72988.079216]     1-...: (185 GPs behind) idle=832/0/0 softirq=52330/52330 fqs=0
    [72988.079243]     (detected by 0, t=52517 jiffies, g=1775778, c=1775777, q=9582)
    [72988.079273] Task dump for CPU 1:
    [72988.079294] swapper/1       R running      0     0      1 0x00200008
    [72988.079325]  00200086 00000000 00000000 00000000 c1037b90 f34f0000 c147140d 0
    [72988.079378]  00000000 00000000 00000000 00000001 00000000 00000000 0000007b b
    [72988.079430]  f3bb00d8 00000000 ffffff10 c100bc48 00000060 00200246 00000000 a
    [72988.079482] Call Trace:
    [72988.079511]  [<c1037b90>] ? smp_apic_timer_interrupt+0x30/0x40
    [72988.079539]  [<c147140d>] ? apic_timer_interrupt+0x2d/0x34
    [72988.079566]  [<c100bc48>] ? mwait_idle+0x68/0x150
    [72988.079592]  [<c100b586>] ? arch_cpu_idle+0x6/0x10
    [72988.079617]  [<c10815dd>] ? cpu_startup_entry+0x1dd/0x2d0
    [72988.079643]  [<c1036d9b>] ? setup_APIC_timer+0x9b/0xb0
    [72988.079669] rcu_sched kthread starved for 52517 jiffies! g1775778 c1775777 f0
    [73051.099850] INFO: rcu_sched detected stalls on CPUs/tasks:
    [73051.099888]     1-...: (185 GPs behind) idle=832/0/0 softirq=52330/52330 fqs=0
    [73051.099915]     (detected by 0, t=68272 jiffies, g=1775778, c=1775777, q=12493)
    [73051.099946] Task dump for CPU 1:
    [73051.099966] swapper/1       R running      0     0      1 0x00200008
    [73051.099997]  00200086 00000000 00000000 00000000 c1037b90 f34f0000 c147140d 0
    [73051.100050]  00000000 00000000 00000000 00000001 00000000 00000000 0000007b b
    [73051.100102]  f3bb00d8 00000000 ffffff10 c100bc48 00000060 00200246 00000000 a
    [73051.100154] Call Trace:
    [73051.100183]  [<c1037b90>] ? smp_apic_timer_interrupt+0x30/0x40
    [73051.100211]  [<c147140d>] ? apic_timer_interrupt+0x2d/0x34
    [73051.100238]  [<c100bc48>] ? mwait_idle+0x68/0x150
    [73051.100264]  [<c100b586>] ? arch_cpu_idle+0x6/0x10
    [73051.100289]  [<c10815dd>] ? cpu_startup_entry+0x1dd/0x2d0
    [73051.100315]  [<c1036d9b>] ? setup_APIC_timer+0x9b/0xb0
    [73051.100341] rcu_sched kthread starved for 68272 jiffies! g1775778 c1775777 f0
    [73114.120521] INFO: rcu_sched detected stalls on CPUs/tasks:
    [73114.120560]     1-...: (185 GPs behind) idle=832/0/0 softirq=52330/52330 fqs=0
    [73114.120588]     (detected by 3, t=84027 jiffies, g=1775778, c=1775777, q=15681)
    [73114.120618] Task dump for CPU 1:
    [73114.120639] swapper/1       R running      0     0      1 0x00200008
    [73114.120670]  00200086 00000000 00000000 00000000 c1037b90 f34f0000 c147140d 0
    [73114.120722]  00000000 00000000 00000000 00000001 00000000 00000000 0000007b b
    [73114.120774]  f3bb00d8 00000000 ffffff10 c100bc48 00000060 00200246 00000000 a
    [73114.120827] Call Trace:
    [73114.120856]  [<c1037b90>] ? smp_apic_timer_interrupt+0x30/0x40
    [73114.120884]  [<c147140d>] ? apic_timer_interrupt+0x2d/0x34
    [73114.120911]  [<c100bc48>] ? mwait_idle+0x68/0x150
    [73114.120937]  [<c100b586>] ? arch_cpu_idle+0x6/0x10
    [73114.120962]  [<c10815dd>] ? cpu_startup_entry+0x1dd/0x2d0
    [73114.120988]  [<c1036d9b>] ? setup_APIC_timer+0x9b/0xb0
    [73114.121014] rcu_sched kthread starved for 84027 jiffies! g1775778 c1775777 f0
    [73177.141194] INFO: rcu_sched detected stalls on CPUs/tasks:
    [73177.141232]     1-...: (185 GPs behind) idle=832/0/0 softirq=52330/52330 fqs=0
    [73177.141259]     (detected by 2, t=99782 jiffies, g=1775778, c=1775777, q=18837)
    [73177.141289] Task dump for CPU 1:
    [73177.141310] swapper/1       R running      0     0      1 0x00200008
    [73177.141340]  00200086 00000000 00000000 00000000 c1037b90 f34f0000 c147140d 0
    [73177.141393]  00000000 00000000 00000000 00000001 00000000 00000000 0000007b b
    [73177.141445]  f3bb00d8 00000000 ffffff10 c100bc48 00000060 00200246 00000000 a
    [73177.141497] Call Trace:
    [73177.141525]  [<c1037b90>] ? smp_apic_timer_interrupt+0x30/0x40
    [73177.141554]  [<c147140d>] ? apic_timer_interrupt+0x2d/0x34
    [73177.141581]  [<c100bc48>] ? mwait_idle+0x68/0x150
    [73177.141607]  [<c100b586>] ? arch_cpu_idle+0x6/0x10
    [73177.141632]  [<c10815dd>] ? cpu_startup_entry+0x1dd/0x2d0
    [73177.141658]  [<c1036d9b>] ? setup_APIC_timer+0x9b/0xb0
    [73177.141684] rcu_sched kthread starved for 99782 jiffies! g1775778 c1775777 f0
    [73240.161868] INFO: rcu_sched detected stalls on CPUs/tasks:
    [73240.161906]     1-...: (185 GPs behind) idle=832/0/0 softirq=52330/52330 fqs=0
    [73240.161934]     (detected by 3, t=115537 jiffies, g=1775778, c=1775777, q=22200)
    [73240.161964] Task dump for CPU 1:
    [73240.161985] swapper/1       R running      0     0      1 0x00200008
    [73240.162016]  00200086 00000000 00000000 00000000 c1037b90 f34f0000 c147140d 0
    [73240.162069]  00000000 00000000 00000000 00000001 00000000 00000000 0000007b b
    [73240.162121]  f3bb00d8 00000000 ffffff10 c100bc48 00000060 00200246 00000000 a
    [73240.162173] Call Trace:
    [73240.163521]  [<c1037b90>] ? smp_apic_timer_interrupt+0x30/0x40
    [73240.163550]  [<c147140d>] ? apic_timer_interrupt+0x2d/0x34
    [73240.163577]  [<c100bc48>] ? mwait_idle+0x68/0x150
    [73240.163603]  [<c100b586>] ? arch_cpu_idle+0x6/0x10
    [73240.163628]  [<c10815dd>] ? cpu_startup_entry+0x1dd/0x2d0
    [73240.163654]  [<c1036d9b>] ? setup_APIC_timer+0x9b/0xb0
    [73240.163680] rcu_sched kthread starved for 115537 jiffies! g1775778 c1775777 0
    [73303.182543] INFO: rcu_sched detected stalls on CPUs/tasks:
    [73303.182582]     1-...: (185 GPs behind) idle=832/0/0 softirq=52330/52330 fqs=0
    [73303.182609]     (detected by 0, t=131292 jiffies, g=1775778, c=1775777, q=24499)
    [73303.182639] Task dump for CPU 1:
    [73303.182660] swapper/1       R running      0     0      1 0x00200008
    [73303.182691]  00200086 00000000 00000000 00000000 c1037b90 f34f0000 c147140d 0
    [73303.182743]  00000000 00000000 00000000 00000001 00000000 00000000 0000007b b
    [73303.182796]  f3bb00d8 00000000 ffffff10 c100bc48 00000060 00200246 00000000 a
    [73303.182848] Call Trace:
    [73303.182877]  [<c1037b90>] ? smp_apic_timer_interrupt+0x30/0x40
    [73303.182906]  [<c147140d>] ? apic_timer_interrupt+0x2d/0x34
    [73303.182932]  [<c100bc48>] ? mwait_idle+0x68/0x150
    [73303.182958]  [<c100b586>] ? arch_cpu_idle+0x6/0x10
    [73303.182984]  [<c10815dd>] ? cpu_startup_entry+0x1dd/0x2d0
    [73303.183009]  [<c1036d9b>] ? setup_APIC_timer+0x9b/0xb0
    [73303.183035] rcu_sched kthread starved for 131292 jiffies! g1775778 c1775777 0
    [73366.203215] INFO: rcu_sched detected stalls on CPUs/tasks:
    [73366.203254]     1-...: (185 GPs behind) idle=832/0/0 softirq=52330/52330 fqs=0
    [73366.203281]     (detected by 3, t=147047 jiffies, g=1775778, c=1775777, q=26783)
    [73366.203311] Task dump for CPU 1:
    [73366.203332] swapper/1       R running      0     0      1 0x00200008
    [73366.203363]  00200086 00000000 00000000 00000000 c1037b90 f34f0000 c147140d 0
    [73366.203416]  00000000 00000000 00000000 00000001 00000000 00000000 0000007b b
    [73366.203468]  f3bb00d8 00000000 ffffff10 c100bc48 00000060 00200246 00000000 a
    [73366.203520] Call Trace:
    [73366.203549]  [<c1037b90>] ? smp_apic_timer_interrupt+0x30/0x40
    [73366.203578]  [<c147140d>] ? apic_timer_interrupt+0x2d/0x34
    [73366.203604]  [<c100bc48>] ? mwait_idle+0x68/0x150
    [73366.203630]  [<c100b586>] ? arch_cpu_idle+0x6/0x10
    [73366.203656]  [<c10815dd>] ? cpu_startup_entry+0x1dd/0x2d0
    [73366.203681]  [<c1036d9b>] ? setup_APIC_timer+0x9b/0xb0
    [73366.203707] rcu_sched kthread starved for 147047 jiffies! g1775778 c1775777 0


  • named[1525]: error (broken trust chain) resolving 'min-api.cryptocompare.com/A/IN': 173.245.58.78#53 solution


    So you restarted your router/dhcpd server or for some other reason you wonder why DHCP is not working on any of your clients?  You go and check that named is in fact running fine.

    But then you check /var/log/messages and see this error for everything hostname:

    named[1525]: error (broken trust chain) resolving 'min-api.cryptocompare.com/A/IN': 173.245.58.78#53

    I've only ever seen this when the time on the server was off.  It is important to make sure you are running ntpd or ntpdate on boot and at all times.  Once you change your time to the correct time things will work again.


  • Linux Ubuntu Mint Debian cannot play xvid,x264,mp4 or any videos codec issue - xplayer Could not initialize supporting library.


    In xplayer I get the following error "Could not initialize supporting library.".  It actually looks more like a gstreamer issue.

    For those wondering what the default video player is called it is "xvid" and not "totem" anymore like previous versions.

    Basically it looks like some codecs are missing when I uninstalled another program it uninstalled other programs and codecs that it shouldn't have.

    I've tried installing all the gstream packages and other codecs but nothing has helped so far.

     There is also this console output:

    libva info: VA-API version 0.39.0
    libva info: va_getDriverName() returns -1
    libva error: va_getDriverName() failed with unknown libva error,driver_name=(null)

    Solution:

    sudo apt-get remove gstreamer1.0-vaapi


  • wget howto output to terminal or script instead of file


    wget -qO

    You just need the -qO switch and you'll be good to go, the output then goes to your console/screen/script rather than a file.


  • imagemagick convert to chop off top of image


     convert -crop -0-400 image.jpg image.pdf

    The -crop -0-400 is what does it.  The 0 says not to chop anything from the left.  If you want to chop the left of course change 0 to whatever pixels you want chopped from the left.  The 400 says to chop 400 pixels off the top.

    This is useful if you have a bunch of images/scans where the same area at the top needs to be chopped.

    Sometimes the -trim option (such as the case of white space on top) is wrong and ends up cropping the image and losing some text.

    ImageMagick's convert is very useful but tricky to find some things out as I find it to be less than intuitive sometimes.


  • How To Set or Change Useragent in Firefox and Seamonkey


    In your browser go to "about:config"

    Right click and choose "New" -> "String"

    The name should be:

    general.useragent.override

    String Value:

    Mozilla/5.0 (Linux; U; Android 2.2.1; en-ca; LG-P505R Build/FRG83) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1

     

    You don't even have to restart to make this work.


  • How To Turn Any .iso file into a bootable USB drive


    This works for almost all ISO's I find (at least Linux based):

    sudo dd if=CentOS-6.9-x86_64-minimal.iso of=/dev/sdg bs=20M
    20+1 records in
    20+1 records out
    427819008 bytes (428 MB) copied, 118.233 s, 3.6 MB/s
     

    Of course change the .iso filename above and the /dev/sdg to your desired USB drive!


  • Linux Mint Ubuntu Debian How To Disable Webcam Automatically Onboot To Prevent Spying and Privacy Violations


    It is well known hackers, the NSA, CIA and other groups have created malware to secretly turn on your webcam and microphone on your phone, tv etc.. But fortunately on our computers and laptops we have some options.

    Most webcams use the "uvcvideo" kernel module / driver.  You can disable this in two ways on boot. I recommend both just as a failsafe. 

    Disable it on rc.local once your system boots automatically

    Add the following to /etc/rc.local:

    /sbin/rmmod uvcvideo

    Even if the kernel module was loaded during boot this will unload it.

    Disable it from loading at all in blacklist.conf

    Edit /etc/modprobe.d/blacklist.conf

    blacklist uvcvideo
     

    Now of course note a hacker who gains access as root/admin could still load this driver and spy on you but it is a reasonable amount of privacy.  To increase security you should use electrical or duct tape over your microphone and webcam itself.

    As a more invasive mode you could also edit your initramfs and kernel not to even contain the driver (but the issue is that on kernel upgrade the uvcvideo driver will be back).

    You could also use a cronjob like this every minute:

    sudo crontab -e

    */1 * * * * /sbin/rmmod uvcvideo

    This would try to unload the driver every minute just in case something malicious did activate it again. 

     


  • IcedTea Java Web Viewer Config Utility How To Enter


    In at least Ubuntu and Mint there is nothing intuitive about configuring Java.

    Execute it to get to it:

    itweb-settings

    You'll be able to configure different options and variables.

     


  • Debian Linux Mint Ubuntu Disable Automatic apt-get update


    sudo chmod 000 /etc/cron.daily/apt-compat
     

    This is the easiest way to disable the cron without anything more invasive like deleting the file.

    After that you won't have anymore apt-get's starting.

    This can be critical for systems without much extra RAM that is not in use.  I've seen systems that have swapped and crashed over apt-get.


  • How To Install Seamonkey Web Browser on Debian Ubuntu Linux Mint


    It's a little tricky if you are running a 64-bit OS which most people will be.

    The weird thing is that the Seamonkey website for Linux seems to only provide a 32-bit download.

    seamonkey-2.49.2.tar.bz2

    First unpack it

    tar -jxvf seamonkey-2.49.2.tar.bz2
     

    Try to run it

     ./seamonkey
    XPCOMGlueLoad error for file /home/queenlazina/Downloads/seamonkey/libmozgtk.so:
    libgtk-3.so.0: cannot open shared object file: No such file or directory
    Couldn't load XPCOM.


    Seems that libgtk is installed:


    ls /usr/lib/x86_64-linux-gnu/libgtk-3.so.0
    /usr/lib/x86_64-linux-gnu/libgtk-3.so.0

     

    But note it is 64-bit and you need the 32-bit library since Seamonkey is 32-bit.

    We need to enable i386/32-bit architecture and add the libgtk for 32 bit

    sudo dpkg --add-architecture i386
    sudo apt-get install libgtk-3-0:i386

    After that you can run Seamonkey finally!


  • Prevent SSH Bruteforce and Hacks By Disabling Password Authentication


    One simple way to keep your server public but almost impossible to hack via SSH is to disable password authentication over SSH.  This means the only way in is via  your own private key that only you should have.

    Edit your /etc/ssh/sshd.conf file

    Set this option

    PasswordAuthentication no

    Restart your SSH server.

    service sshd restart

     

    Now your server will be much more secure, even if someone has the password they cannot login remotely no matter what (so long as no one has stolen your private key).  This makes bruteforcing absolutely impossible, so long as they don't enter another way, get root access and enable password login again.


  • SMF Forums / Simple Machines Forums Not Displaying Images Theme or Styles Properly using 127.0.0.1


    This is one thing that has me wondering about SMF.  It is apparently a known issue but in the latest version and new install nothing looked right because it was using http://127.0.0.1 to find everything!  How on earth would it ever do this or think it is normal?

    Excerpt of crazy html code it produces that causes the issue:


        <link rel="stylesheet" type="text/css" href="http://127.0.0.1/smf/Themes/default/css/index.css?fin20" />
        <script type="text/javascript" src="http://127.0.0.1/smf/Themes/default/scripts/script.js?fin20"></script>
        <script type="text/javascript" src="http://127.0.0.1/smf/Themes/default/scripts/theme.js?fin20"></script>

            <img id="upshrink" src="http://127.0.0.1/smf/Themes/default/images/upshrink.png" alt="*" title="Shrink or expand the header." style="display: none;" />
                <img id="smflogo" src="http://127.0.0.1/smf/Themes/default/images/smflogo.png" alt="Simple Machines Forum" title="Simple Machines Forum" />
            </div>



    To repair it you need to get a tool from the SMF site: https://wiki.simplemachines.org/smf/Repair_settings.php#Download_the_Repair_Settings_Tool

     

    Get the tool run it and you'll see some output like this:

    Almost always aside from MySQL DB you should change 127.0.0.1 to the domain name of your server.



     URLs
    These are the paths and URLs to your SMF installation, and can cause big problems when they are wrong. Sorry, there are a lot of them.
    Forum URL:    
    Recommended value: "https://forums.domain.com".
    Forum Directory:    
    Recommended value: "/var/www/vhosts/domain.com/httpdocs".
    Sources Directory:    
    Recommended value: "/var/www/vhosts/domain.com/httpdocs/Sources".
    Attachment Directory:    
    Recommended value: "/var/www/vhosts/domain.com/httpdocs/attachments".
    Avatar URL:    
    Recommended value: "https://forums.domain.com/avatars".
    Avatar Directory:    
    Recommended value: "/var/www/vhosts/domain.com/httpdocs/avatars".
    Custom Avatar URL:
    Value not found!    
    Custom Avatar Directory:
    Value not found!    
    Smileys URL:    
    Recommended value: "https://forums.domain.com/Smileys".
    Smileys Directory:    
    Recommended value: "/var/www/vhosts/domain.com/httpdocs/Smileys".






    Paths & URLs For Themes
    These are the paths and URLs to your SMF themes.
    SMF Default Theme - Curve URL:    
    Recommended value: "https://forums.domain.com/Themes/default".
    SMF Default Theme - Curve Images URL:    
    Recommended value: "https://forums.domain.com/Themes/default/images".
    SMF Default Theme - Curve Directory:    
    Recommended value: "/var/www/vhosts/domain.com/httpdocs/Themes/default".
    Core Theme URL:    
    Recommended value: "https://forums.domain.com/Themes/core".
    Core Theme Images URL:    
    Recommended value: "https://forums.domain.com/Themes/core/images".
    Core Theme Directory:    
    Recommended value: "/var/www/vhosts/domain.com/httpdocs/Themes/core".


  • solution mysqldump: Got error: 1044: Access denied for user 'user'@'localhost' to database 'thedb' when using LOCK TABLES


    It is simple the user just needs to be given the "LOCK TABLES" privilege.

    As root run this command:

    GRANT LOCK TABLES ON yourdatabase.* TO yourmysqluser@localhost;


  • MySQL How To Grant Access To ALL Databases For Export and Backup Purposes


    GRANT SELECT, LOCK TABLES ON *.* TO yourmysqluser@localhost;

    All you need to do a full MySQL dump on all databases is the SELECT and LOCK TABLES privileges.  This way you don't have to use the mysql root user.  Data could be compromised this way but at least no harm from manipulation, changes or deletion are possible by locking down the privileges to the minimum for a full MySQL dump and backup.

    Here is a command you could use to dump all databases.


  • mdadm how to stop or start a check


    It's fairly simple to start or stop a check but I do wish mdadm's command had this built in.  Sometimes it will do a check at the worst time causing the server to crawl to a halt.

    Stop check on md126:

    echo idle > /sys/block/md126/md/sync_action

    Start check on md126:

    echo check > /sys/block/md126/md/sync_action

     

    If you don't want to stop everything you can use this guide to set the minimum and maximum sync speed which does help.

     

     


  • vzquota : (error) Quota on syscall for id 4532: No such file or directory vzquota on failed [3] OpenVZ Error and Solution


    Starting container...
    vzquota : (error) Quota on syscall for id 4532: No such file or directory
    vzquota on failed [3]

     

    Solution

    vzquota drop 4532

    Then start the container and it should work.  It actually happened after migrating the VPS manually to another location (very common).

    Another way of doing essentially the same is the following:

    https://realtechtalk.com/vzquota_error_Quota_on_syscall_for_id_42131_No_such_file_or_directory_vzquota_on_failed_[3]-1447-articles


  • Apache htaccess Custom ErrorDocument not working properly for root home page 403 Error Issue and Solution


    So I have a domain "testdomain.com".

    Inside test domain.com's root is the following .htaccess:


    Options +FollowSymLinks -Indexes
    ErrorDocument 403 /launch/index.html

    Order Deny,Allow
    Deny From All
    Allow From 192.168.1.2

    When you visit anything other than root things work fine.  Eg. if you visit http://testdomain.com/somedirfile.html

    It will show the right error in /launch/

    But if you just visit the root you get the standard Apache Test page even though a 403 is returned.  The reason for this is because of an Alias "Error" in /etc/httpd/httpd.conf

    Find this line and comment it out:

    Alias /error/ "/var/www/error/"

    What happens when visiting root is that it checks for a custom 403 error in /var/www/error/ and when it doesn't find one in there it returns noindex.html (the Apache test page).

    However I don't know a better work-around what Apache then does after commenting out that alias is it insists in then looking inside your /www/document_root/error/ folder for a matching custom file.  If not it looks for a noindex.html in there.

    So all I did was create a no index.html in an error folder within my document root.

    This solves the issue but I am not sure of how to make a better solution.  I searched for hours modifying the vhost configuration but nothing worked or helped except the above.

    These URLs below had the same issue:


    https://www.linuxquestions.org/questions/linux-server-73/apache-403-on-root-serves-test-page-instead-of-forbidden-page-4175492016/
    https://www.linuxquestions.org/questions/linux-server-73/apache-denied-ips-getting-test-page-914257/

     


    Here is some of the troubleshooting process I went through:

     

    I have an issue where I am only allowing a few IPs to view a website in .htaccess:


    Options +FollowSymLinks -Indexes
    ErrorDocument 403 /launch/index.html

    Order Deny,Allow
    Deny From All
    Allow From 192.168.1.2


    # Now it works if you go to http://url/somecrap it will take you to /launch/index.html
    But if you just go to the reoot http://url/ or http://url you get the Apache Test page instead:



    https://www.linuxquestions.org/questions/linux-server-73/apache-403-on-root-serves-test-page-instead-of-forbidden-page-4175492016/
    https://www.linuxquestions.org/questions/linux-server-73/apache-denied-ips-getting-test-page-914257/

    solution:
    edit /etc/httpd/httpd.conf

    # Customizable error responses come in three flavors:
    # 1) plain text 2) local redirects 3) external redirects
    #
    # Some examples:
    #ErrorDocument 500 "The server made a boo boo."
    #ErrorDocument 404 /missing.html
    #ErrorDocument 404 "/cgi-bin/missing_handler.pl"
    #ErrorDocument 402 http://www.example.com/subscription_info.html
    #

    #
    # Putting this all together, we can internationalize error responses.
    #
    # We use Alias to redirect any /error/HTTP_<error>.html.var response to
    # our collection of by-error message multi-language collections.  We use
    # includes to substitute the appropriate text.
    #
    # You can modify the messages' appearance without changing any of the
    # default HTTP_<error>.html.var files by adding the line:
    #
    #   Alias /error/include/ "/your/include/path/"
    #
    # which allows you to create your own set of files by starting with the
    # /var/www/error/include/ files and
    # copying them to /your/include/path/, even on a per-VirtualHost basis.
    #

    #Alias /error/ "/var/www/error/"


    [root@serverdev error]# mv noindex.html noindex.html-bad
    [root@serverdev error]# readlink -f .
    /var/www/error


    Alias /error/ "/var/www/error/"


    #Alias /error/ "/var/www/error/"

    <IfModule mod_negotiation.c>
    <IfModule mod_include.c>
        <Directory "/var/www/error">
            AllowOverride None
            Options IncludesNoExec
            AddOutputFilter Includes html
            AddHandler type-map var
            Order allow,deny
            Allow from all
            LanguagePriority en es de fr
            ForceLanguagePriority Prefer Fallback
        </Directory>


    Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

    log#
    [Sun Apr 08 04:09:43 2018] [error] [client 192.168.1.55] client denied by server configuration: /www/vhosts/vhosttest.com/httpdocs/
    [Sun Apr 08 04:09:43 2018] [error] [client 192.168.1.55] client denied by server configuration: /www/vhosts/vhosttest.com/httpdocs/error
     


  • syslinux / pxelinux how to boot from local drive how to


    Just type the command:

    localboot

    By default it will boot the first local drive "0".  I believe you can specify a different number to boot a different device.

    eg.

    localboot 3

    (will boot the 4th BIOS device)'


  • samba how to listen on specific IP only


    This is useful for security purposes especially on a server which may have a public IP assigned to it but has a second NIC for the LAN.

    Here is how you edit smb.conf:

    [global]

    interfaces = 192.168.1.50
    bind interfaces only = yes

    As you can see above it will only listen on 192.168.1.50 and remind to keep the "bind interfaces only" option.


  • How To Install Windows Server 7 8 10 12 2008 2012 2014 2016 Servers Desktops using Linux tftp, dhcpd and samba


    It has been a big pain for a long-time to install Windows from a Linux environment.  I used to run a windows install server and it never worked right for some reason (the install would fail on most servers).

    Before getting start be sure to setup your samba share so once you boot into WinPE you can mount the install for whatever Windows you want

    /etc/samba/smb.conf

    [smbwinstall]
    path = /tftpboot/images/winstall
    guest ok = yes
    directory mask = 0775

    It's much easier and stable to deploy all OS's using a Linux tftp and dhcpd server:

     

    WinPE Boot with pxelinux
    It requires pxelinux 6.04 or higher so I've included that in winpe-libs.tar.gz

    cd /tftpboot/images
    wget realtechtalk.com/downloads/winpe-tftp.tar.gz
    wget realtechtalk.com/downloads/winpe-tftp-root-libs.tar.gz
    #Extract it into your /tftpboot/

    cd /tftpboot/
    tar -zxvf winpe-tftp-root-libs.tar.gz
    ldlinux.c32
    libcom32.c32
    libutil.c32
    linux.c32
    menu.c32
    pxelinux.0
    wimboot


    cp winpe-libs/* /tftpboot/

    tar -zxvf winpe-tftp.tar.gz
    Edit your /tftpboot/pxelinux.cfg/default

    Add this:

    MENU TITLE WinPE
    label WinPE
    com32 linux.c32
    APPEND wimboot initrdfile=../images/winpe/bootmgr,../images/winpe/bcd,../images/winpe/boot.sdi,../images/winpe/boot.wim

    #the next step is to make sure you have a samba or windows fileshare with the windows install you want

    mkdir -p /tftpboot/images/winstall
    #mount and copy the install you want

    pxeboot the WinPE image then mount the remote share and install windows from it

    Get booting!

    If everything was done right you should be able to boot off your NIC, see the pxellinux menu for winpe and boot into it.

    Once in WinPE type the following command to mount your install share:

    net use z: \192.168.5.20winstall

    z:

     

    Of course change the IP and "winstall" share name to match what you have on your network.
     


    #errors
    linux.c32: not a COM32R image this means your pxelinux is probably trying to open an image like Winpe with wimboot and is too old (upgrade to at least pxelinux 6.04.  The pxelinux.0 file in the winpe-tftp.tar.gz file is from 6.04 so it will automatically update if you overwrite your pxelinux.0 file
     


  • error: Could not locate RPC credentials. No authentication cookie could be found, and no rpcpassword is set in the configuration file Bitcoin Litecoin Error


    error: Could not locate RPC credentials. No authentication cookie could be found, and no rpcpassword is set in the configuration file

    This is usually because the .cookie file cannot be read by the user you are running Litecoin or Bitcoin client/daemon as.

    You can adjust the permissions of the file so that the user or group they are apart of has read permissions.

     


  • OpenVZ Solutions vzquota : (error) Can't open quota file for id 123123, maybe you need to reinitialize quota: No such file or directory


    Error: Unable to apply new quota values: quota not running
    Container start failed (try to check kernel messages, e.g. "dmesg | tail")
    Killing container ...
    Container was stopped
    Error: Unable to apply new quota values: quota not running
    Can't umount /vz/private/123123: Invalid argument


    [root@rtt 123123]# vzquota on 123123
    vzquota : (error) Can't open quota file for id 123123, maybe you need to reinitialize quota: No such file or directory
    You have mail in /var/spool/mail/root
    [root@rtt 123123]# vzquota off 123123
    vzquota : (error) Can't open quota file for id 123123, maybe you need to reinitialize quota: No such file or directory


    problem:

    VE_ROOT="/vz/private/$VEID"
    VE_PRIVATE="/vz/private/$VEID"


    solution = fix VE_ROOT!

    VE_ROOT="/vz/root/$VEID"



     vzctl start 123123
    Starting container...
    Initializing quota ...
    Container is mounted
    Adding IP address(es):
    Setting CPU units: 1000
    Container start in progress...


     


  • curl: (35) Unknown SSL protocol error in connection Solution Centos


    curl: (35) Unknown SSL protocol error in connection

    The main solution is to update curl and nss.  If you are having an issue with curl through Apache/PHP you will need to restart PHP after.

    It's important to remember that this error could mean a lot of things but most often it simply means that curl and openssl may be outdated and only allow newer secure ways of connecting to SSL.

    In general here is how you would fix it in most cases:

    yum -y update curl nss openssl

    *Remember again if your PHP/Apache application is using curl it won't work until you restart Apache


  • sudo: unable to resolve host


    sudo: unable to resolve host yourhostname

    No clue why sudo is doing that when running.

    Solution

     

    Check /etc/hosts

    You will probably find that it doesn't contain "yourhostname" for 127.0.0.1

    Just update the hostname or add a field for your hostname like this:

    127.0.0.1 yourhostname

     


  • "Object of class WP_Term could not be converted to string"


    Normally when I've seen this it's when you are using a variable like a normal string when in fact it's actually an array such as this example:

     

    [Tue Mar 13 04:22:35 2018] [error] PHP Catchable fatal error:  Object of class WP_Term could not be converted to string in /vhost/httpdocs/wp-content/plugins/wp-instagram-post/classes/class-woo-igp.php on line 578


                                    $tags = get_tags($post_id);
                                    foreach ( $tags as $tag )
                                    {
                                       $the_tags=$the_tags. "#". $tag;
                                    }

     

    With the above the $tag variable actually is an array so you would need to reference it like this $tag->name or $tag["name"];

     


  • Wordpress Instagram Post Modify Plugin To Add Tags


    I modified this code after quickly learning how Wordpress plugins actually work, how they're called etc.. was the first trick to modifying the code to add tags.

    Add this code after line 570 in wp-content/plugins/wp-instagram-post/classes/class-woo-igp.php
     


                                    $tags = get_the_tags($post_id);
                                    foreach( $tags as $tag )
                                    {

                                       $the_tags=$the_tags. "#". $tag->name;
                                    }


                                    $message = $message .  "$the_tags";


  • Linux input/output error invalid program cannot read data on some CD-Rs and DVD-Rs on ASUS BW-16D1HT


    I've never seen this before in all of my years.  I have some very old CDs and DVDs 12-15 years old that seem not to work in this BD-R/DVD-R/CD-R Asus drive.

    The discs are fine actually and ironically they even work fine on a normal LG USB based BD-R drive!

    Here are the errors in Linux:
    [2914936.884924] attempt to access beyond end of device
    [2914936.884927] loop1: rw=0, want=730424, limit=688384
    [2914954.556873] attempt to access beyond end of device
    [2914954.556883] loop1: rw=0, want=730328, limit=688384
    [2914954.557225] attempt to access beyond end of device
    [2914954.557230] loop1: rw=0, want=730424, limit=688384
    [2914954.560679] attempt to access beyond end of device
    [2914954.560685] loop1: rw=0, want=730328, limit=688384
    [2914954.666068] attempt to access beyond end of device
    [2914954.666081] loop1: rw=0, want=730072, limit=688384
    [2914969.467216] attempt to access beyond end of device
    [2914969.467231] loop1: rw=0, want=730072, limit=688384


    Mar 12 11:53:13 localhost kernel: [2915064.079511] VFS: busy inodes on changed media or resized disk sr0
    Mar 12 12:55:04 localhost kernel: [2918775.634645] VFS: busy inodes on changed media or resized disk sr0
    Mar 12 12:55:23 localhost kernel: [2918794.508782] VFS: busy inodes on changed media or resized disk sr0
    Mar 12 12:55:40 localhost kernel: [2918811.408231] VFS: busy inodes on changed media or resized disk sr0
    Mar 12 12:55:45 localhost kernel: [2918816.012111] VFS: busy inodes on changed media or resized disk sr0
    Mar 12 12:56:02 localhost kernel: [2918832.911498] VFS: busy inodes on changed media or resized disk sr0
    Mar 12 12:56:16 localhost kernel: [2918847.599010] VFS: busy inodes on changed media or resized disk sr0

    Basically you can read the directory structure and browse it but no actual data from any file even though the discs themselves are fine and 100% working in another drive.

    Drives in question:

    sudo wodim --devices
    wodim: Overview of accessible drives (2 found) :
    -------------------------------------------------------------------------
     0  dev='/dev/sg5'    rwrw-- : 'ASUS' 'BW-16D1HT'
     1  dev='/dev/sg4'    rwrw-- : 'HL-DT-ST' 'BD-RE WP50NB40'
    -------------------------------------------------------------------------
     

    Just to clarify again the Asus has a problem with a lot of my discs whereas the LG works with everything.  I would have thought the USB powered LG would be more likely to have issues.

    I suspect this is some firmware bug in the Asus.  For now I'll use the LG or plugin an old DVD-R SATA based drive.


  • Installing SSL Certificate with Chain Intermediary CA File


    Some of the cheaper or newer SSL suppliers will require this to work properly (otherwise you may be prompted that the cert is invalid when it's not the case but it will certainly scare off your users!).

    In the Apache vhost conf for the domain here is what you add:

    SSLCACertificateFile /path/to/your/cafile.pem

    Here is a full example of an SSL Vhost config in Apache using a CA Certificate file

    <VirtualHost *:443>
    DocumentRoot /www/vhosts/domain.com/httpdocs
    ServerName domain.com
    ServerAlias www.domain.com
    LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-agent}i"" combined
    CustomLog /www/vhosts/domain.com/stats/access_log combined
    ErrorLog /www/vhosts/domain.com/stats/error_log
    #begin enable SSL
    SSLEngine on
    SSLVerifyClient none
    SSLCertificateFile /www/ssl-certs/www.domain.com-ssl-cert.crt
    SSLCertificateKeyFile /www/ssl-certs/www.domain.com-ssl-private.key

    SSLCACertificateFile /www/ssl-certs/www.domain.com-ssl-ca.crt
    #begin stop SSL
    </VirtualHost>


  • PHP Warning: Cannot load module 'XCache' because conflicting module 'apc' is already loaded in Unknown on line 0


    PHP Warning:  Cannot load module 'XCache' because conflicting module 'apc' is already loaded in Unknown on line 0

    Solution:

    yum remove php-pecl-apc-*


  • Unable to load dynamic library '/usr/lib64/php/modules/module.so' - /usr/lib64/php/modules/module.so: cannot open shared object file: No such file or directory in Unknown on line 0


    Getting this error on Centos 6 with PHP 5.3 when just running "php -v"

     

    PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/module.so' - /usr/lib64/php/modules/module.so: cannot open shared object file: No such file or directory in Unknown on line 0
    PHP Warning:  Cannot load module 'XCache' because conflicting module 'apc' is already loaded in Unknown on line 0

    Solution:

     This is caused by php-mcrypt and usually means your OS doesn't have mcrypt installed and Centos by default doesn't seem to have it.

    The easiest thing to do if you aren't using it is to remove it:

    yum remove php-mcrypt

    You could also edit /etc/php.d/mcrypt.ini and comment the line out and add the module back when and if you get it.


  • How to start screen in bash script or from /etc/rc.local on startup as a specific user


    It takes some tinkering the main thing is that the "-dmS" flag allows screen to start without a session which of course sudo won't have.

    solution:

    /usr/bin/sudo -u user /usr/bin/screen -dmS nameyouchoose /script/start.bash


    this doesn't work at all:

    /usr/bin/sudo -u user "/usr/bin/screen /script/start.bash"


    this doesn't work:

    /usr/bin/sudo -u user /usr/bin/screen /script/start.bash


  • Linux How To Clone One System Harddrive to another remote system


    The easiest way is to use SSH and DD or a combination of netcat.  SSH will be a little slower due to encryption but is the most secure way (on two older systems the average clone speed is about 40-50MB/s).  This is also OS independent as it doesn't matter what the source OS is because you are literallly cloning the drive so you retain the partition table and settings.


     

    Clone HDD using SSH and DD

    dd if=/dev/sourcedrive | ssh user@yourhostname.com "dd of=/dev/destinationdrive"

    However especially in Linux you'll want to do a fsck on all partitions on the remote drive or it probably won't boot because the filesystem recognizes the partitions are not right due to the different drive sizes. More info here.

    Note you will need to use sudo or root on both systems.  I also like to use a live CD/USB/Network on the remote system so that the operation can completely cleanly (especially helpful if that would be the only disk device on the remote system).

     


     

     

    Clone HDD using netcat (nc)

     

    This is the faster but less secure way someone could accidentally or maliciously send random/wrong data to the remote nc causing corruption.  There is of course the risk of eavesdropping where an attacker could essentially have a copy of your cloned hard drive too.

    First setup the remote server.

    Remote Server Setup

    nc -l 29000|dd of=/dev/destinationdrive

    This tells nc to listen on port 29000 and write the data to /dev/destinationdrive

    Now we are ready to push the source drive from the source server.

    Source Server

    dd if=/dev/sourcedrive| nc remoteserver 29000

    This tells dd to take data from /dev/sourcedrive and send it to an nc server at remoteserver on port 29000


  • Ubuntu/Debian/Linux won't boot and drops to Busybox shell after cloning HDD with dd


    I don't recall having this issue in the distant past but nowadays at least Debian seems to be very picky about this.

    I used dd to copy one hard drive to another and tried booting it.  Everything seemed fine with grub working but each time it would drop to the busybox shell.  There is no particular error so this is misleading.

    Normally the first things you would check are to make sure your fstab is correct (that the UUID is correct) and that you've updated grub.  This will not apply or be necessary if you've cloned the entire hard drive (by doing this your partitions still retain the same UUID).

    Part of the issue is likely that the filesystem thinks something is wrong since the partition table is technically going to be incorrect if you clone a 256GB drive to a 3TB for example (as in this case).

    The solution in this case is that you need to fsck the boot and root partitions.  The great news is that this can be done from the same busybox shell that you landed in.

    fsck.ext4 /dev/sda1

    After that reboot and everything should be good!


  • Unable to negotiate with 192.168.1.99 port 22: no matching host key type found. Their offer: ssh-dss Solution


    ssh rtt@192.168.1.199
    Unable to negotiate with 192.168.1.99 port 22: no matching host key type found. Their offer: ssh-dss

    It looks like the DSS option is not considered secure so when connecting from newer Linux systems to an older one you will get the above error.

    It can be fixed (but you should consider upgrading your SSH daemon):

     

    ssh -oHostKeyAlgorithms=+ssh-dss rtt@192.168.1.199 

  • Centos 7 Password Reset


    In Centos 7 the days of editing the "kernel" line and adding "single" are gone.  On top of that sometimes after a new install passwords do not work (possibly because requirements were not met but the installer never mentioned this?).

    1. 1.) On bootup edit the bootline by entering GRUB.
    2. Type e
    3. Find the line that says "linux16 /vmlinuz"
    4. Edit the part that says "ro" and change with "rw init=/sysroot/bin/sh
    5. Hit "Ctrl-X"
    6. Upon bootup type "chroot /sysroot"
    7. password
    8. touch ./autorelabel
    9. exit
    10. reboot

     


  • MySQL Adding New Field to Existing Database Table


    ALTER TABLE existingtable ADD newfieldname VARCHAR(255);


  • MySQL Cannot Update/Write to any database table solution


    This happened on Centos for no apparent reason with no obvious issue in the logs.  Data could be read fine but not written (possibly due to some corruption or out of memory issue in the OpenVZ container is the best guess).

     

    All mysql update and insert queries failed freezing without any error log on any database and table.

    Tried to restart:

    service mysqld restart
    Timeout error occurred trying to stop MySQL Daemon.
    Stopping mysqld:                                           [FAILED]
    MySQL Daemon failed to start.
    Starting mysqld:                                           [FAILED]




    #manually kill mysqld and mysqld_safe

    ps aux|grep mysqld
    root       876  0.0  0.0   3732   584 ?        S     2017   0:00 /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql
    mysql     1322  2.3  4.2 484384 269240 ?       Sl    2017 12779:34 /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock
    root      2423  0.0  0.0   2360   692 pts/2    S+   13:28   0:00 grep mysqld

    After manually killing everything seemed to work OK after that point.


  • Centos How To Update to Glibc 2.14 Plus


    Centos 6 requires GLIBC 2.12 however a lot of new programs you would want to compile may need a newer glibc.  You can't remove the old glibc since the whole OS is based on it but you can install the updated glibc alongside it and do an export pointing to your updated GLIBC.

    mkdir ~/glibc_install; cd ~/glibc_install

    wget http://ftp.gnu.org/gnu/glibc/glibc-2.14.tar.gz

    tar zxvf glibc-2.14.tar.gz

    cd glibc-2.14

    mkdir build

    cd build

    ../configure --prefix=/opt/glibc-2.14

    make -j4

    sudo make install

    export LD_LIBRARY_PATH=/opt/glibc-2.14/lib

     

    The export should be done in ~/.bashrc or /etc/profile to make it permanent otherwise programs will have unpredictable results.  If you are calling a remote/cron script that needs this GLIBC you should probably do the export in the script itself to be sure.


  • php remove last letters of string


     $title_clean = substr($title,0,-3);

    In the above example the last 3 characters will be removed from the string "$title".  You can of course have the last X removed by changing -3 to -X


  • MySQL Maximum INT Size Truncation Issue/Warning


    MySQL will silently truncate a larger INT than capable.

    Check MySQL's own documentation here:

    As we can see the maximum size of INT (which is the most commonly used) is 2147483647

    A lot of coders make this mistake by using very large values such as 9999999999 but it would actually truncate to 2147483647 which is the maximum size of an INT.  This is dangerous because any value over that would truncate to that exact maximum number causing duplicate or unintended entries.


     

    Type Storage Minimum Value Maximum Value
      (Bytes) (Signed/Unsigned) (Signed/Unsigned)
    TINYINT 1 -128 127
        0 255
    SMALLINT 2 -32768 32767
        0 65535
    MEDIUMINT 3 -8388608 8388607
        0 16777215
    INT 4 -2147483648 2147483647
        0 4294967295
    BIGINT 8 -9223372036854775808 9223372036854775807
        0 1844674407370955161

     


  • MySQL How To Add New Field Column To Existing Table


    ALTER TABLE thetable ADD newfield VARCHAR(255)

    It's very simple just specify "the table" and then the newfield type


  • mysql how to reset passwords with a few commands


    The commands below will help you reset any mysql user password.

    use mysql;

    update user set password=PASSWORD('thenewpass') where User='theusername';

    flush privileges;

     

    1. The first line says to use the "mysql" database which contains all the user info.
    2. the second update line sets the new password "thenewpass" for the user "theusername".
    3. the third line flushes privileges this is necessary otherwise the new password will not work or actually be applied.

  • htaccess apache how deny/allow to block or allow by IP address


    order deny,allow
    Deny From All
    Allow From 8.8.8.8

    A simple and quick way to improve security by only allowing specific IPs to your web application.

    In this case the above allows only the IP 8.8.8.8 to access things and everything else is denied.


  • PHP geoip.so fatal error Solution


    PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/geoip.so' - /usr/lib64/php/modules/geoip.so: undefined symbol: GeoIP_country_code_by_name_v6 in Unknown on line 0

     Remove the GEOIP from PHP:

    php71w-pecl-geoip-1.1.1-1.w6.x86_64


     

    PHP Fatal error:  PHP Startup: apc_shm_create: shmget(0, 67108864, 914) failed: Invalid argument. It is possible that the chosen SHM segment size is higher than the operation system allows. Linux has usually a default limit of 32MB per segment. in Unknown on line 0
    PHP Fatal error:  PHP Startup: apc_shm_attach: shmat failed: in Unknown on line 0

    Solution

    Already found it earlier just edit sysctl kernel.shmmax

    /apc_shm_attach_shmat_failed_in_Unknown_on_line_0_apc_shm_create_shmget0_67108864_914_failed_PHP_Solution-1804-articles


  • Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/httpd/modules/libphp5.so: cannot open shared object file: No such file or direct


    Stopping httpd:                                            [  OK  ]
    Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/httpd/modules/libphp5.so: cannot open shared object file: No such file or directory
                                                               [FAILED]

     

    I actually installed PHP 7 so the file /etc/httpd/modules in php.conf should be:

    libphp5.so

     

    Apache still won't start:

     

    Stopping httpd:                                            [  OK  ]
    Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Can't locate API module structure `php5_module' in file /etc/httpd/modules/libphp7.so: /etc/httpd/modules/libphp7.so: undefined symbol: php5_module
                                                               [FAILED]
     

     

    Solution

    Look carefully at the whole "Load" line to make sure it makes sense.

    LoadModule php5_module modules/libphp7.so

    Although I updated the line to say libphp7.so I didn't notice the "Load Module php5_module" so you have to update it the final solution is this:

     

    LoadModule php7_module modules/libphp7.so


  • GCC 5 on Centos 6 - How To Install


    Install requirements:


    yum -y install gmp-devel mpfr-devel libmpc-devel glibc-devel glibc-devel.i686 zip unzip jar

     

    Download, untar, configure, compile and install GCC



    http://mirrors.kernel.org/gnu/gcc/gcc-5.5.0/gcc-5.5.0.tar.gz
    tar -zxvf gcc-5.5.0.tar.gz
    cd gcc-5.5.0
    ./configure
    make
    make install

    Now you need to cleanup the old GCC by removing it (ironically it was required to make the new GCC and now we have to toss it away!

    yum remove gcc
    rm -rf /usr/bin/gcc
    rm -rf /usr/bin/c++
    rm -rf /usr/bin/cc


    ln -s /usr/local/bin/x86_64-unknown-linux-gnu-gcc-5.5.0 /usr/bin/gcc
    ln -s /usr/local/bin/x86_64-unknown-linux-gnu-c++ /usr/bin/c++
    ln -s /usr/local/bin/x86_64-unknown-linux-gnu-gcc /usr/bin/cc


  • bash find line and replace howto


    First find the line number:

    awk '/what you are searching for/{ print NR; exit }' input-file

    86

    Now use sed to replace it:

    sed -i  86s/.*/"your replacement text"/ $file

     

    Here is a full sample script to automate it:

    file=some/file.txt
    linenum=`awk /'your search query/{ print NR; exit }' $file`
    newline=`echo -e "your new line here")`
    sed -i "$linenum"s/.*/"$newline"/ $file


  • How To Create Apache htpasswd file


    This just simply outputs what you need a username and password that can be used to authenticate from .htaccess

    htpasswd -nb user password
    user:Gnb6uE9Lp4gt2
     

    If you want to write it straight to a file

    htpasswd -cb /tmp/somefile.pw user password

    How To Use This In .htaccess

    AuthUserFile /tmp/somefile.pw
    AuthName GetLost!!
    AuthType Basic

    #make sure you require a user!

    require valid-user 

  • possible SYN flooding on ctid 42131, port 80. Sending cookies. - Solution


    The Linux Kernel interpretated a very high volume of real traffic as a DDOS attack so it basically ends up blocking your web server.

    possible SYN flooding on ctid 42131, port 80. Sending cookies.

    Simple fix edit sysctl values for max_syn_backlog
    sysctl -w net.ipv4.tcp_max_syn_backlog=5000


    To make them permanent edit /etc/sysctl.conf

    echo "net.ipv4.tcp_max_syn_backlog=5000" >> /etc/sysctl.conf


  • Linux last command show login by IP instead of hostname


    In the "last" command in Linux by default it will show the information with the hostname (not very useful at all especially since it normally truncates long hostnames).

    To get last to show the IP address use this:

    last -i

    The -i makes it show the numeric IP instead of hostname.


  • Install Windows From a Linux TFTP Server instead of using WDS Solution


    yum -y install samba
    vi /etc/samba/smb.conf

    https://www.kernel.org/pub/linux/utils/boot/syslinux/syslinux-6.03.zip
    mkdir syslinux;cd syslinux;unzip syslinux-6.03.zip

    mkdir -p /tftpboot/libs/

    cp bios/com32/modules/linux.c32 /tftpboot/libs/
    cp bios/com32/libutil/libutil.c32 /tftpboot/libs/
    cp bios/com32/lib/libcom32.c32 /tftpboot/libs/

    #add lib path
    echo "PATH libs" >> /tftpboot/pxelinux.cfg/default

    cp ./bios/com32/elflink/ldlinux/ldlinux.c32 /tftpboot/

    #now get WIMBoot
    wget http://git.ipxe.org/releases/wimboot/wimboot-latest.zip
    unzip wimboot-latest.zip

    cp -va wimboot*/wimboot /tftpboot/libs/


    mkdir win2012r2
    mkdir -p /tftpboot/images/win2012r2

    mount -o loop windows-2012-r2-eval-9600.17050.WINBLUE_REFRESH.140317-1640_X64FRE_SERVER_EVAL_EN-US-IR3_SSS_X64FREE_EN-US_DV9.ISO win2012r2/
    cd win2012r2/
    [root@evodal01 win2012r2]# ls
    autorun.inf  boot  bootmgr  bootmgr.efi  efi  setup.exe  sources  support


    cp bootmgr /tftpboot/images/win2012r2
    cp boot/bcd  /tftpboot/images/win2012r2
    cp boot/boot.sdi  /tftpboot/images/win2012r2
    cp sources/boot.wim /tftpboot/images/win2012r2/


    label Win2012R2
    com32 linux.c32 libs/wimboot
    APPEND wimboot initrdfile=images/win2012r2/bootmgr,images/win2012r2/bcd,images/win2012r2/boot.sdi,images/win2012r2/boot.wim

     


  • How To Secure Samba NMBD/SMBD to bind to a specific IP address


    By default Samba SMB/NMB listen on ANY and ALL IPs on your system by binding to 0.0.0.0.  Obviously this is a huge security risk if you have a public facing server with both internal and external access.  Usually when a system administrator sets up a samba server their intention is just to share with a LAN.

    To do this you need to the following options under the [global] section in smb.conf

    bind interfaces only = yes
    interfaces = 192.168.1.10
    hosts allow = 192.168.1.

    The "bind interfaces only" tells Samba to only bind to the IP specified under "interfaces".

    hosts allow is there for good measure (normally hosts allow will the only thing stopping people from the outside from accessing your samba server).  The safest way of course is to firewall on the public WAN side and to not bind to any interface or IP that you don't want to have access.

     


  • tftp: client does not accept options - solution if you are using UEFI PXEBoot disable it!


    tftp: client does not accept options

    I spent the good portion of a late evening on this double checking settings that I know always worked right for tftp!

    This error can also happen if you are trying to boot PXE in UEFI mode.  Enter your BIOS and change it to "Legacy PXE" or non-UEFI PXE mode and you'll be good to go!


  • Linux how to view video card make and exact model


    Normally lspci will show you just like this and would suggest they are exactly the same card:

    1a:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Ellesmere [Radeon RX 470/480/570/580] (rev e7)
    1c:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Ellesmere [Radeon RX 470/480/570/580] (rev e7)

    lspci -vnn is the answer

    As we can see one is a Gigabyte and the other is an MSI card.  What's interesting about Linux is that it says what you may not already know bute the RX 470/480/570/580 are essentially the same cards/family.

    1a:00.0 VGA compatible controller [0300]: Advanced Micro Devices, Inc. [AMD/ATI] Ellesmere [Radeon RX 470/480/570/580] [1002:67df] (rev e7) (prog-if 00 [VGA controller])
            Subsystem: Gigabyte Technology Co., Ltd Device [1458:22f1]
            Flags: bus master, fast devsel, latency 0, IRQ 33
            Memory at d0000000 (64-bit, prefetchable) [size=256M]
            Memory at e0000000 (64-bit, prefetchable) [size=2M]
            I/O ports at 2000 [size=256]
            Memory at e0300000 (32-bit, non-prefetchable) [size=256K]
            [virtual] Expansion ROM at 000c0000 [disabled] [size=128K]
            Capabilities: <access denied>
            Kernel driver in use: amdgpu
            Kernel modules: amdgpu

    1c:00.0 VGA compatible controller [0300]: Advanced Micro Devices, Inc. [AMD/ATI] Ellesmere [Radeon RX 470/480/570/580] [1002:67df] (rev e7) (prog-if 00 [VGA controller])
            Subsystem: Micro-Star International Co., Ltd. [MSI] Device [1462:3418]
            Flags: bus master, fast devsel, latency 0, IRQ 36
            Memory at b0000000 (64-bit, prefetchable) [size=256M]
            Memory at c0000000 (64-bit, prefetchable) [size=2M]
            I/O ports at 1000 [size=256]
            Memory at e0200000 (32-bit, non-prefetchable) [size=256K]
            Expansion ROM at e0260000 [disabled] [size=128K]
            Capabilities: <access denied>
            Kernel driver in use: amdgpu
            Kernel modules: amdgpu

     


  • Authentication refused: bad ownership or modes for directory /home/user SSH Public Key Authentication Failed Solution


    First of all I got this error after accidentally messing up my usergroup by using usermod -G user group

    When I would login using SSH keys it would fail:

    sshd[2020]: Authentication refused: bad ownership or modes for directory /home/one

    No worries, the fix is simple!

    chmod g-w /home/use
    
    

  • How to Update Linux /usr/share/misc/pci.ids


    This works with lspci and if it's outdated may not give you the exact manufacturer and device model.

    For example take these 3 different RX 580's:

    1a:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Device 67df (rev e7)
    1b:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Device 67df (rev e7)
    1d:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Device 67df (rev e7)
     

    You can update it like so:

    sudo wget -O /usr/share/misc/pci.ids http://pci-ids.ucw.cz/v2.2/pci.ids

    Now try again after updating:

    1a:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Ellesmere [Radeon RX 470/480/570/580] (rev e7)
    1b:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Ellesmere [Radeon RX 470/480/570/580] (rev e7)
    1d:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Ellesmere [Radeon RX 470/480/570/580] (rev e7)


  • pcimodules and lspci not working alternative solution


    pcimodules no longer works it produces nothing probably because the format of /sys/bus/pci is different.

    lspci -k doesn't work on older lspci versions.

    pciutils can be compiled but it won't work if you have an old system and compile on a newer glibc.

    iteriate through /sys/bus/pci/devices/*/modalias

    cat /sys/bus/pci/devices/*/modalias
    pci:v00008086d00001237sv00000000sd00000000bc06sc00i00
    pci:v00008086d00007000sv00000000sd00000000bc06sc01i00
    pci:v00008086d00007111sv00000000sd00000000bc01sc01i8A
    pci:v000080EEd0000BEEFsv00000000sd00000000bc03sc00i00
    pci:v00008086d0000100Esv00008086sd0000001Ebc02sc00i00
    pci:v000080EEd0000CAFEsv00000000sd00000000bc08sc80i00
    pci:v00008086d00002415sv00008086sd00000000bc04sc01i00
    pci:v0000106Bd0000003Fsv00000000sd00000000bc0Csc03i10
    pci:v00008086d00007113sv00000000sd00000000bc06sc80i00




    compare it to /lib/modules/4.4.98/modules.alias
    pci:v00008086d00001237sv00000000sd00000000bc06sc00i00
    the part we care about is:
    8086d00001237 (note I now truncate more of the end so try again removing the 7 or even the 73 at the end to be more inclusive or you will have a lower success rate).


    cat /lib/modules/4.4.98/modules.alias|grep 8086d0000123
    alias pci:v00008086d00001234sv*sd*bc*sc*i* pata_mpiix
    alias pci:v00008086d00001230sv*sd*bc*sc*i* pata_oldpiix
    alias pci:v00008086d00001234sv*sd*bc*sc*i* piix
    alias pci:v00008086d00001230sv*sd*bc*sc*i* piix

    So bash to the rescue!

    iteriate through /sys/bus/pci/devices/*/modalias

    compare it to /lib/modules/4.4.98/modules.alias

     bash script that I use in my init

    #use this code to do the same thing as pcimodules
    for device in `ls -1 /sys/bus/pci/devices/`; do
       device=`cat /sys/bus/pci/devices/$device/modalias`
        #specifying 9:11 or 9:14 with 9:11 being less restrictive and presenting more options
        #9:14 drills down and is more strict giving you less chance of getting the wrong driver
       alias=${device:9:14}
       kernversion=`uname -r`
       module=`cat /lib/modules/$kernversion/modules.alias|grep $alias|awk '{print $3}'`
       if [ ! -z "$module" ]; then
         for mod in $module; do
         echo "module for $device $alias =$module"
         modprobe $module
         done
         else
         echo "No module found for $device $alias"
       fi
    done


  • How to disable Google Fonts in Wordpress


    edit theme css:

    Click "Appearance -> Editor -> Stylesheet"

    http://yourblog.com/wp-admin/theme-editor.php?file=style.css&theme=twentysixteen

    textarea {
        color: #1a1a1a;
        /*font-family: Merriweather, Georgia, serif;*/
        font-family: "Lucida Sans Unicode", "Lucida Grande", sans-serif





    line 210


    edit wp-content/themes/twentysixteen/functions.php

            //return $fonts_url;
            return 0;

    #another problem is that in the code this shows up still:
    <link rel='stylesheet' id='open-sans-css'  href='https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C300%2C400%2C600&#038;subset=latin%2Clatin-ext&#038;ver=4.4.11' type='text/css' media='all' />


    edit wp-includes/script-loader.php
    line 708:


                    $open_sans_font_url = "https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,300,400,600&subset=$subsets";
                    $open_sans_font_url = "";


  • Unable to load dynamic library /usr/lib64/php/modules/php_openssl


     Unable to load dynamic library '/usr/lib64/php/modules/php_openssl'

    not sure how to fix this


  • mysqld in Linux hacked


    Check for crap in /var/lib/mysql like this

     

    ls -al /var/lib/mysql/
    total 20888
    drwxr-xr-x 24 mysql mysql     4096 Oct  3 18:30 .
    drwxr-xr-x 20 root  root      4096 Oct  3 04:23 ..

    -rw-rw-rw-  1 mysql mysql    11776 Oct  3 17:10 c:exp.exe
    -rw-rw-rw-  1 mysql mysql    48128 Oct  3 17:10 c:exp1.exe
    -rw-rw-rw-  1 mysql mysql    55296 Oct  3 17:10 c:exp2.exe
    -rw-rw-rw-  1 mysql mysql    33812 Oct  3 17:10 c:tan.exe
    -rw-rw-rw-  1 mysql mysql    45056 Oct  3 17:10 c:tan1.exe
     

    This happened to a client who didn't firewall their port 3306 and had a weak root password.


  • W: GPG error: http://archive.debian.org squeeze Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY AED4B06F473041FA NO_PUBKEY 64481591B98321F9


    W: GPG error: http://archive.debian.org squeeze Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY AED4B06F473041FA NO_PUBKEY 64481591B98321F9

    No clue how to fix this.


  • cannot mount kvm ntfs image


    guestmount -a kvmuserscra.img -m /dev/sda1 mount
    libguestfs: error: mount_options: /dev/sda1 on / (options: ''): mount: unknown filesystem type 'ntfs'
    guestmount: '/dev/sda1' could not be mounted.
    guestmount: Did you mean to mount one of these filesystems?
    guestmount:     /dev/sda1 (ntfs)
    guestmount:     /dev/sda2 (ntfs)



    yum -y install ntfs-3g

    still doesn't work
     


  • h264 DVR security camera footage cannot be played


    This is not just a Linux issue but a general issue most software or hardware players cannot play the resulting exported/backed up format of .h264 from DVR security camera footage for some silly reason.

    There is a simple solution in Linux using ffmpeg fortunately.

    Convert the .h264 file into mp4


    ffmpeg -i yourfile.h264 -codec copy video.mp4

     

    play dvr .h264 file

     ffplay -f h264 yourfile.h264

     


     


  • dhcpd.conf how to secure so only known and allowed clients will be given dhcpd IP address leases


    It's really simple and just a matter of the following line within the subnet declaration.

      deny unknown-clients;

    See example below:

    subnet 10.25.20.0 netmask 255.255.255.0 {
      range 10.25.20.11 10.25.20.254;
      deny unknown-clients;
      option routers 10.25.20.10;
      option domain-name-servers 208.67.222.222;

       host client05 {
       hardware ethernet aa:bb:cc:dd:ee:ff;

       }

    }

     

    After that only clients with a declared host statement will be able to get a DHCP lease increasing security a little bit.

     


  • Thunderbird E-mail List Blank White but e-mails still clickable and viewable


    In Thunderbird in a very large folder suddenly all of my e-mail list became blank/white even though you could click on the invisible/white/blank lines and it would show the e-mails.  I tried to close and reopen but only going to Folder -> Properties and clicking Repair Folder fixed it (basically it had to redownload/rebuild the entire index and all e-mails).


  • css responsive images


    add this style="background-size: contain;max-width: 100%; height: auto;" to your img code.
    Example: <img style='background-size: contain;max-width: 100%; height: auto;' src="/some/pic.jpg">

    This code is really essential because in responsive mode on a phone it will cause images to be cut off and unviewable past the width of the device.

    Another nice trick is to add this as css to the img tag based on maximum screen width (this way no html code has to be changed):

     

    @media only screen and (min-width: 300px) and (max-width:1024px) {
           img {
            background-size: contain;max-width: 100%; height: auto
               }
    }

     

    If you want to center the image use this:

    margin-left:auto;margin-right:auto

           img {
            background-size: contain;max-width: 100%; height: auto;
    margin-left:auto;margin-right:auto

               }


  • responsive table without changing much code solution


    So you've got a responsive site with tables but it breaks them so anything not viewable on the screen is now cut off.

    Here is a simple solution that will allow users to scroll horizontally so they can see the whole table:

    <div style="overflow-x:auto;">
      <table>
         <tr>

             <td></td>

         </tr>
      </table>
    </div>

     

    Basically just put it inside a div with the 'style="overflow-x:auto;".


  • yum how to install old obsolete packages


    This is important as unfortunately Centos may designate a package obsolete and the replacement breaks everything (eg. you have a config file and the new replacement is not at all compatible with it and it breaks your application).

    This is where disabling obsoletes comes into play, it can be done from yum but it doesn't work at the time I find.

    yum --setopt=obsoletes=0 install someapp  However I find it still installs the new app and not the one you ask for until the second run which is kind of pointless.
    I recommend just turning this feature off from yum.conf

    vi /etc/yum.conf

    obsoletes=0
     


  • PHP Howto Store Value of Included File Output Into Variable


    ob_start();

    include "yourfile.php";

    $stored_value=ob_get_clean();


  • PHP Migration from 5.3 to 5.4+ and dealing with deprecated functions


    Upgrading from PHP 5.3 to 5.4+ there are many challenges basic things like mysql_connect() do not work anymore.


  • ffmpeg vidstab to stabilize video


    I'm having trouble making it work on very shaky video the result seems kind of warped/blurry/fish eye like and not as good as some other examples I've seen:

    ffmpeg -i MVI_1285.MOV -vf vidstabdetect=shakiness=10:accuracy=15 -f null MVI_1285.trf
    ffmpeg -i MVI_1285.MOV -vf vidstabtransform=smoothing=30:input="transforms.trf" MVI_1285.MOV.mp4

    I've played around with the shakiness, accuracy etc.. but not the smoothing part.


  • userdel user userdel: cannot lock /etc/passwd; try again later.


    I am not sure why this happened I think it's because the file was in use by another duplicate process or script.

     userdel user
    userdel: cannot lock /etc/passwd; try again later.
     


  • mdadm how to mount inactive array


    myguy@devbox:~$ sudo mdadm -As


    myguy@devbox:~$ cat /proc/mdstat |grep sdf
    md125 : inactive sdf3[2](S)


    sudo mdadm --manage /dev/md125 --run
    mdadm: started /dev/md125



     


  • How to find and mount mdadm arrays automatically


    A great way if you have a bunch of drives and mdadm connected and are looking for backups/archives and don't know what is where!

     

     for md in `cat /proc/mdstat|grep md[0-99]|awk '{print $1}'`; do mkdir /mnt/$md; mount /dev/$md /mnt/$md; done


  • M2Crypto.SSL.Checker.WrongHost: Peer certificate subjectAltName does not match host, expected fedora-archive.ip-connect.vn.ua, got DNS:mirror.ip-connect.vn.ua


    You are using Centos 5 which is deprecated so nothing in yum will work until you follow this post to use the vault:

    http://realtechtalk.com/Centos_59_Working_Vault_Repo_file-1921-articles

    yum update
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
     * epel: fedora-archive.ip-connect.vn.ua
    Traceback (most recent call last):
      File "/usr/bin/yum", line 29, in ?
        yummain.user_main(sys.argv[1:], exit_code=True)
      File "/usr/share/yum-cli/yummain.py", line 309, in user_main
        errcode = main(args)
      File "/usr/share/yum-cli/yummain.py", line 178, in main
        result, resultmsgs = base.doCommands()
      File "/usr/share/yum-cli/cli.py", line 345, in doCommands
        self._getTs(needTsRemove)
      File "/usr/lib/python2.4/site-packages/yum/depsolve.py", line 101, in _getTs
        self._getTsInfo(remove_only)
      File "/usr/lib/python2.4/site-packages/yum/depsolve.py", line 112, in _getTsInfo
        pkgSack = self.pkgSack
      File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 661, in <lambda>
        pkgSack = property(fget=lambda self: self._getSacks(),
      File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 501, in _getSacks
        self.repos.populateSack(which=repos)
      File "/usr/lib/python2.4/site-packages/yum/repos.py", line 260, in populateSack
        sack.populate(repo, mdtype, callback, cacheonly)
      File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 168, in populate
        if self._check_db_version(repo, mydbtype):
      File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 226, in _check_db_version
        return repo._check_db_version(mdtype)
      File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 1229, in _check_db_version
        repoXML = self.repoXML
      File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 1392, in <lambda>
        repoXML = property(fget=lambda self: self._getRepoXML(),
      File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 1384, in _getRepoXML
        self._loadRepoXML(text=self)
      File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 1374, in _loadRepoXML
        return self._groupLoadRepoXML(text, ["primary"])
      File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 1358, in _groupLoadRepoXML
        if self._commonLoadRepoXML(text):
      File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 1204, in _commonLoadRepoXML
        result = self._getFileRepoXML(local, text)
      File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 985, in _getFileRepoXML
        cache=self.http_caching == 'all')
      File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 822, in _getFile
        http_headers=headers,
      File "/usr/lib/python2.4/site-packages/urlgrabber/mirror.py", line 412, in urlgrab
        return self._mirror_try(func, url, kw)
      File "/usr/lib/python2.4/site-packages/urlgrabber/mirror.py", line 398, in _mirror_try
        return func_ref( *(fullurl,), **kwargs )
      File "/usr/lib/python2.4/site-packages/urlgrabber/grabber.py", line 934, in urlgrab
        return self._retry(opts, retryfunc, url, filename)
      File "/usr/lib/python2.4/site-packages/urlgrabber/grabber.py", line 852, in _retry
        r = apply(func, (opts,) + args, {})
      File "/usr/lib/python2.4/site-packages/urlgrabber/grabber.py", line 920, in retryfunc
        fo = URLGrabberFileObject(url, filename, opts)
      File "/usr/lib/python2.4/site-packages/urlgrabber/grabber.py", line 1008, in __init__
        self._do_open()
      File "/usr/lib/python2.4/site-packages/urlgrabber/grabber.py", line 1091, in _do_open
        fo, hdr = self._make_request(req, opener)
      File "/usr/lib/python2.4/site-packages/urlgrabber/grabber.py", line 1200, in _make_request
        fo = opener.open(req)
      File "/usr/lib/python2.4/urllib2.py", line 358, in open
        response = self._open(req, data)
      File "/usr/lib/python2.4/urllib2.py", line 376, in _open
        '_open', req)
      File "/usr/lib/python2.4/urllib2.py", line 337, in _call_chain
        result = func(*args)
      File "/usr/lib/python2.4/site-packages/M2Crypto/m2urllib2.py", line 82, in https_open
        h.request(req.get_method(), req.get_selector(), req.data, headers)
      File "/usr/lib/python2.4/httplib.py", line 810, in request
        self._send_request(method, url, body, headers)
      File "/usr/lib/python2.4/httplib.py", line 833, in _send_request
        self.endheaders()
      File "/usr/lib/python2.4/httplib.py", line 804, in endheaders
        self._send_output()
      File "/usr/lib/python2.4/httplib.py", line 685, in _send_output
        self.send(msg)
      File "/usr/lib/python2.4/httplib.py", line 652, in send
        self.connect()
      File "/usr/lib/python2.4/site-packages/M2Crypto/httpslib.py", line 47, in connect
        self.sock.connect((self.host, self.port))
      File "/usr/lib/python2.4/site-packages/M2Crypto/SSL/Connection.py", line 159, in connect
        if not check(self.get_peer_cert(), self.addr[0]):
      File "/usr/lib/python2.4/site-packages/M2Crypto/SSL/Checker.py", line 88, in __call__
        fieldName='subjectAltName')
    M2Crypto.SSL.Checker.WrongHost: Peer certificate subjectAltName does not match host, expected fedora-archive.ip-connect.vn.ua, got DNS:mirror.ip-connect.vn.ua


  • [Wed Sep 20 15:34:44 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Wed Sep 20 15:34:44 2017] [error] Init: Unable to read server certificate from file /www/ssl-certs/server.crt [Wed Sep 20 15:34:44 2017] [error] SSL Library Err


    [Wed Sep 20 15:34:44 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
    [Wed Sep 20 15:34:44 2017] [error] Init: Unable to read server certificate from file /www/ssl-certs/server.crt
    [Wed Sep 20 15:34:44 2017] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
    [Wed Sep 20 15:34:44 2017] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error

    This happened when I accidentally used a .csr as a .crt.  If in doubt check the contents of the file it complains about and you may be surprised that the contents are not what they are supposed to be!

     


  • linux how to answer yes to copy


    Have you have a command ask a question such as cp or move?

    You can do this:

    echo y|cp * /tmp/othercopy

    However it may still fail if your bashrc aliases have the "-i" flag see this post here.


  • linux cp and mv will not overwrite due to alias!


    This through me for a loop when I would do a cp -rf or mv -f nothing would get overwritten even if piping y or yes to the command.

    Type alias and you'll see why:

    alias cp='cp -i'
    alias l.='ls -d .* --color=auto'
    alias ll='ls -l --color=auto'
    alias ls='ls --color=auto'
    alias mv='mv -i'
    alias rm='rm -i'

    The -i is a safeguard against messing things up but however does mess things up worse when you know what you're doing and trying to update or upgrade applications/files etc...

    alias is a built-in feature of bash where you can have an alias eg. type a command and above it will actually execute a different command or append switches transparently and automatically with you the user seeing or noticing.

    You can usually find alias entries in ~/.bashrc or if it doesn't exist in /etc/bashrc:

    cat .bashrc
    # .bashrc

    # User specific aliases and functions

    alias rm='rm -i'
    alias cp='cp -i'
    alias mv='mv -i'

    # Source global definitions
    if [ -f /etc/bashrc ]; then
        . /etc/bashrc
    fi

     

    Solution

    You can remove those aliases if you like because it really requires interaction to overwrite files based on those aliases and even piping yes/y to the answers has no impact since it is not truly interactive.


  • ERROR 2006 (HY000) at line 567: MySQL server has gone away


    mysqldump or mysql query of a larger file/table

    ERROR 2006 (HY000) at line 567: MySQL server has gone away

    Add this to /etc/my.cnf

    max_allowed_packet=64M

    service mysqld restart


  • vbulletin 4.2.5 after upgrading from 3.6 white screen fatal php errors


    The code may lead you to believe you have an incompatible template but if you are not trying to use an old template currently that is not the issue.  I actually deleted all 3.x style templates to make sure.

    What the issue is, is old plugins that are not compatible but Vbulletin does not seem to account for this except that you'll see a fatal PHP error.  You should disable all plugins and then enable one by one until you find the one that is causing the issue.

     

    [Tue Sep 26 00:54:18 2017] [error] [client 184.65.124.41] PHP Stack trace:
    [Tue Sep 26 00:54:18 2017] [error] [client 184.65.124.41] PHP   1. {main}() /www/vhosts/forums.int.com/forums/index.php:0
    [Tue Sep 26 00:54:18 2017] [error] [client 184.65.124.41] PHP   2. require() /www/vhosts/forums.int.com/forums/index.php:43
    [Tue Sep 26 00:54:18 2017] [error] [client 184.65.124.41] PHP   3. require_once() /www/vhosts/forums.int.com/forums/forum.php:67
    [Tue Sep 26 00:54:18 2017] [error] [client 184.65.124.41] PHP   4. eval() /www/vhosts/forums.int.com/forums/global.php:29
    [Tue Sep 26 00:54:18 2017] [error] [client 184.65.124.41] PHP   5. fetch_template() /www/vhosts/forums.int.com/forums/global.php(29) : eval()'d code:197
    [Tue Sep 26 00:54:18 2017] [error] [client 184.65.124.41] PHP   6. vB_Bootstrap->process_templates() /www/vhosts/forums.int.com/forums/includes/functions.php:4208
    [Tue Sep 26 00:54:18 2017] [error] [client 184.65.124.41] PHP Fatal error:  Call to a member function query_first() on null in /www/vhosts/forums.int.com/forums/includes/class_bootstrap.php(433) : eval()'d code on line 146
    [Tue Sep 26 00:54:18 2017] [error] [client 184.65.124.41] PHP Stack trace:


  • iptables v1.4.7: can't initialize iptables table `NAT': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded.


    iptables -t NAT -A PREROUTING -s 24.30.44.0/24 -j DNAT --to-destination 10.10.10.1
    iptables v1.4.7: can't initialize iptables table `NAT': Table does not exist (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded.

    Solution

    # it is case sensitive "nat" and DO NOT use "NAT" or you will get this error!

    iptables -t nat -A PREROUTING -s 24.30.44.0/24 -j DNAT --to-destination 10.10.10.1


  • Linux and FreeBSD how to set time and date


    Linux Set Date
    date -s "YYYY-MM-DD HH:MM:SS"
    date -s '2014-12-25 12:34:56'

    BSD Unix Set Date

    date yymmddhhmmss
    date 170809121156


  • FreeBSD/OpenBSD OpenVPN Client error "Cannot allocate TUN/TAP dev dynamically"



    I have never had this error on Linux and this is running FreeBSD as root:


    Wed Aug  9 04:29:34 2017 us=329050 Cannot allocate TUN/TAP dev dynamically
    Wed Aug  9 04:29:34 2017 us=329832 Exiting due to fatal error

    The Solution you need a kernel module that is for some reason not automatically loaded like Linux:

    kldload if_tap


  • kdenlive - No LADSPA plugins were found! Check your LADSPA_PATH environment variable. [producer_xml] failed to load transition "qtblend"


    This happens if you are running a kdenlive script from the shell of a remote machine without using SSH "-X" forwarding and it will also cause any areas where you write text to be a white screen for that duration.

     

    melt FusionFestival.kdenlive
    No LADSPA plugins were found!

    Check your LADSPA_PATH environment variable.
    [producer_xml] failed to load transition "qtblend"
    [producer_xml] failed to load transition "qtblend"
    [producer_xml] failed to load transition "qtblend"
    +-----+ +-----+ +-----+ +-----+ +-----+ +-----+ +-----+ +-----+ +-----+
    |1=-10| |2= -5| |3= -2| |4= -1| |5=  0| |6=  1| |7=  2| |8=  5| |9= 10|
    +-----+ +-----+ +-----+ +-----+ +-----+ +-----+ +-----+ +-----+ +-----+
    +---------------------------------------------------------------------+
    |               H = back 1 minute,  L = forward 1 minute              |
    |                 h = previous frame,  l = next frame                 |
    |           g = start of clip, j = next clip, k = previous clip       |
    |                0 = restart, q = quit, space = play                  |
    +---------------------------------------------------------------------+
    WARNING: QApplication was not created in the main() thread.
    Current Position:        967

     

     

    So if executing a script remotely you have to ssh in like this:

    ssh -X user@host.com


  • /usr/bin/supermin-helper exited with error status 1. To see full error messages you may need to enable debugging. See http://libguestfs.org/guestfs-faq.1.html#debugging-libguestfs at /usr/bin/virt-list-partitions line 177.


     virt-list-partitions kvmusertest.img
    /usr/bin/supermin-helper exited with error status 1.
    To see full error messages you may need to enable debugging.
    See http://libguestfs.org/guestfs-faq.1.html#debugging-libguestfs at /usr/bin/virt-list-partitions line 177.


    #solution

    update-guestfs-appliance


  • Linux Unable to mount cifs/smb share in /etc/fstab


    sudo mount -a
    Unable to find suitable address.


    [35758.706993] CIFS VFS: Error connecting to socket. Aborting operation.
    [35758.707247] CIFS VFS: cifs_mount failed w/return code = -111
    [35795.476160] CIFS VFS: Error connecting to socket. Aborting operation.
    [35795.476346] CIFS VFS: cifs_mount failed w/return code = -111

    When the above happens "Unable eto find suitable address" it usually means the smb name cannot be found for some reason (perhaps the system is down or smb is not running).


  • MySQL: table is marked as crashed solultion


    myisamchk can fix it

    But be careful and use the right options to avoid losing data.  In fact if you haven't you should make a backup or at least manually copy /var/lib/mysql.

    Replace "YourDB" with the name of your database

    Replace "yourcrashedtable" with the name of your crashed table.

    The -o option is the safest and should avoid dataloss whereas -r is more aggressive and is a last option (I have lost data using -r and only discovered it later).

    myisamchk -o /var/lib/mysql/YourDB/yourcrashedtable.MYI


  • bash Linux how to get first or last letters of a word


    To get the first X letters of a word:

    It's very simple you can just pipe it to head with

    • -c 1 (gives the first letter and so on)
    • -c2 (2 gives the first 2 letters). 

     echo "dsjfsdlksjdklf;jlsd;kflasdj;kl"|head -c 2

    Returns ds
     

    To get the last X letters of a word:

    Now we use tail with -c but it works differently.  You will want to start with 2 otherwise you will get the end of the string which is nothing.

     echo "dsjfsdlksjdklf;jlsd;kflasdj;kl"|tail -c 2

    Returns "l"

     echo "dsjfsdlksjdklf;jlsd;kflasdj;kl"|tail -c 3

    Returns "kl"
     


     


  • l2tp ipsec VPN Error Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated


    Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]

    Some say changing the "leftprotoport=17/%any" will fix this but I have not found this to be the case.

    Essentially it means at least one end is blocking the ipsec packets.  Sometimes the %any allows an alternative port to be used for smart clients but generally I have not seen this fix problems (especially if a network or country is intentionally blocking ipsec packets).

     

     


  • Centos 5.9 Working Vault Repo file


    Centos 5 is not supported running yum will produce an error like this:

    YumRepo Error: All mirror URLs are not using ftp, http[s] or file.
     Eg. Invalid release/
    removing mirrorlist with no valid mirrors: /var/cache/yum/base/mirrorlist.txt
    Error: Cannot find a valid baseurl for repo: base

    Solution - Update this file CentOS-Base.repo

     

    # CentOS-Base.repo
    #
    # The mirror system uses the connecting IP address of the client and the
    # update status of each mirror to pick mirrors that are updated to and
    # geographically close to the client.  You should use this for CentOS updates
    # unless you are manually picking other mirrors.
    #
    # If the mirrorlist= does not work for you, as a fall back you can try the
    # remarked out baseurl= line instead.
    #
    #

    [base]
    name=CentOS-5.9 - Base
    #mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=$basearch&repo=os
    baseurl=http://vault.centos.org/5.9/os/$basearch/
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

    #released updates
    [updates]
    name=CentOS-5.9 - Updates
    #mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=$basearch&repo=updates
    baseurl=http://vault.centos.org/5.9/updates/$basearch/
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

    #additional packages that may be useful
    [extras]
    name=CentOS-5.9 - Extras
    #mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=$basearch&repo=extras
    baseurl=http://vault.centos.org/5.9/extras/$basearch/
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

    #additional packages that extend functionality of existing packages
    [centosplus]
    name=CentOS-5.9 - Plus
    #mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=$basearch&repo=centosplus
    baseurl=http://vault.centos.org/5.9/os/$basearch/centosplus/
    gpgcheck=1
    enabled=0
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

    #contrib - packages by Centos Users
    [contrib]
    name=CentOS-5.9 - Contrib
    #mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=$basearch&repo=contrib
    baseurl=http://vault.centos.org/5.9/os/$basearch/contrib/
    gpgcheck=1
    enabled=0
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5


  • Disable SSH Password Authentication to Increase Security and Harden SSH Linux Unix Server Ubuntu Mint Centos Debian


    Just a note before you do this you should have a sure, guaranteed way into the system such as local, KVM or preferably publickey making bruteforce SSH absolutely impossible since there is no password to bruteforce and even if someone knew the password they wouldn't be able to login except from the local console (presumably you should make sure no one unauthorized has physical access).

    1. Edit /etc/ssh/sshd_config

    Find the section like this:

    #PasswordAuthentication no
     

    2. Uncomment it like so:

    PasswordAuthentication no
     

    3. Restart SSH

    After this you won't be able to login with password.

    Permission denied (publickey,gssapi-keyex,gssapi-with-mic).


  • ecryptfs how to mount or recover from a backup


    The easiest way to recover or mount an off-line ecryptfs directory is the built-in command from ecryptfs

    sudo ecryptfs-recover-private  It will find your wrapped passphrase and ask for your password and mount it in tmp.  Much easier especially when your current active OS is using ecryptfs too.
    
    This a fantastic tool when going through old backups.

  • Linux bash script to see what connected computers respond to ping


    A great way when moving your equipment to a new location, new router/switch etc to help confirm what MAC has what IP:

     

    for ip in `arp -na|awk '{print $2}'|sed s/(//g|sed s/)//g`; do
    echo ping $ip
    ping -c 1 -w 1 $ip > /dev/null
    if [ "$?" == 0 ]; then
       echo "$ip UP"
    fi

    done


  • rsync specify alternate port non-standard port than 22


    It is not obvious but the rsync --help

     rsync --help|grep port
         --port=PORT             specify double-colon alternate port number

    --port does not do anything at all actually for some strange reason it still uses 22


    You have to specify a manual ssh command to make it work:

    -e 'ssh -p 2210'

    The snippet above is what you add for port 2210 change it to whatever port you need.

    Full Example Below of Rsync using an alternative port number:

    rsync -Phaz -e 'ssh -p 2210' /somedir/ root@somehost.com:/someremotedir
     


  • Centos 6.6/6.9 KVM VM Kernel Panic On Boot - Kernel panic - not syncing: Attempted to kill init!


    I am not sure why this is happening neither the hostnode or VM changed.  All I did was reboot the hostnode and startup the Centos VM again, also note it happened with the original kernel on the VM and also the latest 6.9 kernel as of this writing as shown below.

    Host Node: Centos 6.9

    Kernel: 2.6.32-696.6.3.el6.x86_64 

    Kernel: 2.6.32-042stab123.9

    Same result in any kernel above

    =========

    VM Node: Centos 6.6 originally (this is where the error started but chrooting and upgrading did not fix it).

    Kernels: 2.6.32-504.el6.x86_64,  2.6.32-696.6.3.el6.x86_64

    I have tried different kernels on the host node and in the VM it made no difference.

    I restored the same VM image and so far it boots fine but I have not made any changes to see if it boots again.  As mentioned even chrooting into the VM and upgrading the kernel and rebuilding initramfs has not fixed it.

     

     

    Kernel panic - not syncing: Attempted to kill init!

    Pid: 1, comm: init Not tained 2.32-696.6.3.el6.x86_64 #1

    Call Trace:

    [] ? panic+0xa7x0x179

    [] ? perf_event_exit_task<+0xc0/0x340

    [] ? do_group_exit+0x0/0xd0

    [] ? fput+0x25/0x30

    [] ? do_group_exit+0x58/0xd0

    [] ? sys_exit_group+0x17/0x20

    [] ? system_call_fastpath+0x16/0x1b


  • Cannot allocate TUN/TAP dev dynamically - FreeBSD/OpenBSD OpenVPN Client error Solution


    I have never had this error on Linux and this is running FreeBSD as root:


    Wed Aug  9 04:29:34 2017 us=329050 Cannot allocate TUN/TAP dev dynamically
    Wed Aug  9 04:29:34 2017 us=329832 Exiting due to fatal error


    The Solution

    You need a kernel module that is for some reason not automatically loaded like Linux:

    kldload if_tap


  • Linux Mint/Ubuntu/Debian apt how to downgrade a package


    First of all check to see which version if any you have available for a downgrade:

    apt-cache showpkg packagename

    Downgrade/Install old package:

    apt-get install package=version

    Example

    apt-cache showpkg caja
    Package: caja
    Versions:
    1.10.3-1+rafaela (/var/lib/apt/lists/packages.linuxmint.com_dists_rafaela_import_binary-amd64_Packages) (/var/lib/dpkg/status)
     Description Language:
                     File: /var/lib/apt/lists/packages.linuxmint.com_dists_rafaela_import_binary-amd64_Packages
                      MD5: 2d27e6d6f085ec92e7532bd116bd9d0a


    apt-get install caja=1.10.3-1+rafaela