Tired of checking iotop and seeing that your drbd partition is using 99.99% of io all the time and finding your drbd device performs slow in general?

This is especially an issue in versions of DRBD in the 8.3 tree in particular one documented case is on "8.3.13" but it likely applies to other devices.

The symptoms are that resyncing is fine and normal but any reasonable amount of activity is very slow and lagged and creates a high server load and consequently high io wait.  You may not notice it though until you apply a reasonable load or usage to the server and DRBD device.

In some kernels and some versions you may get the following error in dmesg

block drbd0: [drbd0_worker/1670] sock_sendmsg time expired, ko = 4294967295

*But we have seen many cases where the above error is not present (perhaps an older kernel or module does not recognize it is being blocked).

Here are some quick sysctl.conf kernel tuning tips that have changed a server's load from 10-18, to less than 1.

Add or edit these in sysctl.conf to solve the issue

net.ipv4.tcp_rmem = 131072  131072  10485760
net.ipv4.tcp_wmem = 131072  131072  10485760
vm.dirty_ratio = 10
vm.dirty_background_ratio = 4
 

This is a preferable way rather than hacking or changing DRBD settings by upgrading the userland or kernel manually or while it runs (results can be unpredictable) whereas this kernel tuning has virtually no risk or impact on DRBD except a positive one.

To disable NCQ in the Linux kernel (change sda to match your device).

echo 1 > /sys/block/sda/device/queue_depth

To enable NCQ (change sda to match your device).

echo 31 > /sys/block/sda/device/queue_depth

When installing Windows 2012 I cannot get around that error for some reason it just keeps on happening.

code:0xc0000005

Your cPanel may not work if you enter your non-main IP when setting it up.  The way to fix it is to go back to the setup screen by removing the following file:

rm /etc/.whostgrft

First you have to stop it.

mdadm --stop /dev/md0

Then you can remove it:

mdadm --remove /dev/md0

It is possible to tell mdadm to create an md device on a raw disk even though it will give you an error, it writes a superblock and this corrupts the partition table which can result in your system not booting.

To fix it just zero the super-block on the offending device that you made the mistake in.

Eg: /dev/sda

mdadm --zero-superblock /dev/sda

It is also a way of starting fresh if you wanted to create a new array.

vzkernel-2.6.32-042stab116.2.x86_64.rpm                                                                                                                                                                               |  33 MB     00:06    
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : vzkernel-2.6.32-042stab116.2.x86_64                                                                                                                                                                                       1/1
grubby fatal error: unable to find a suitable template

#note how menu.lst is a normal file.  It should be a symlink to grub.conf
#because of this grubby will use grub.conf which does not match the current setup in menu.lst used for booting
#
 ls -al /boot/grub/
total 292
drwxr-xr-x 2 root root   4096 Aug 10 15:07 .
dr-xr-xr-x 5 root root   4096 Aug 10 15:06 ..
-rw-r--r-- 1 root root  13396 Jul  9  2015 e2fs_stage1_5
-rw-r--r-- 1 root root  12636 Jul  9  2015 fat_stage1_5
-rw-r--r-- 1 root root  11780 Jul  9  2015 ffs_stage1_5
-rw------- 1 root root    798 Aug 10 15:07 grub.conf
-rw-r--r-- 1 root root  11772 Jul  9  2015 iso9660_stage1_5
-rw-r--r-- 1 root root  13284 Jul  9  2015 jfs_stage1_5
-rw------- 1 root root    764 Aug  8 19:11 menu.lst

#to fix it you need to move menu.lst to grub.conf and make a symlink to menu.lst from grub.conf
cd /boot/grub
mv menu.lst grub.conf
ln -s grub.conf menu.lst

Now see that menu.lst is a symlink and the kernel will install.

ls -al /boot/grub/menu.lst
lrwxrwxrwx 1 root root 9 Aug 10 15:12 /boot/grub/menu.lst -> grub.conf


vzkernel-2.6.32-042stab116.2.x86_64.rpm                                                                                                                                                                               |  33 MB     00:03    
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : vzkernel-2.6.32-042stab116.2.x86_64                                                                                                                                                                                       1/1
  Verifying  : vzkernel-2.6.32-042stab116.2.x86_64                                                                                                                                                                                       1/1

Installed:
  vzkernel.x86_64 0:2.6.32-042stab116.2                                                                                                                                                                                                     

Complete!


We've all done this at some point, you work on the wrong shell window and this was my first time making this mistake but I deleted a partition table in fdisk, recreated it and saved it with "wq" and even ran partprobe!  If you haven't rebooted yet then you can still recover your partition table, otherwise you're in big trouble.

Fortunately since it was a live system and in use the kernel still had to use the old table like below:

Warning: WARNING: the kernel failed to re-read the partition table on /dev/sda (Device or resource busy).  As a result, it may not reflect all of your changes until after reboot.
Warning: Error fsyncing/closing /dev/md127: Input/output error
Warning: Error fsyncing/closing /dev/md126: Input/output error
Warning: Error fsyncing/closing /dev/md125: Input/output error


Other places on the internet don't properly explain the procedure for recovery which can be done but you need the right side of instructions and info.

Step 1 -Find your device directory in /sys/block/sda/sda1 (change the /sda and /sda1 to match your disk device name and partition number).

You have to do a cat on the 'start' and 'size' which represents the starting sector of the partition and the 'size' represents how many sectors it is. 

#take the size value and subtract 1 from it or you will not get the original or correct result
fdisk /dev/sda
#press u to change to sectors which is what /sys/block/sda goes by
 /sys/block/sda
[root@server1 sda]# cat sda1/start
2048
[root@server1 sda]# cat sda1/size
1024000

[root@server1 sda]# cat sda2/start
1026048
[root@server1 sda]# cat sda2/size
1464121344
 

 Step 2 -Use fdisk to take the above sector information and input it (remembering to subtract 1 from the size when telling fdisk the end sector)

"Press u" to switch to sector mode once you run:

fdisk /dev/sda

Command (m for help): n
Command action
   e   extended
   p   primary partition (1-4)
p
Partition number (1-4): 1
First sector (63-1465149167, default 63): 2048
Last sector, +sectors or +size{K,M,G} (2048-1465149167, default 1465149167): +1023999

Command (m for help): n
Command action
   e   extended
   p   primary partition (1-4)
p
Partition number (1-4): 2
First sector (63-1465149167, default 63): 1026048
Last sector, +sectors or +size{K,M,G} (1026048-1465149167, default 1465149167): +1464121343

##########


and for those who do a normal fdisk -l /dev/sda and wonder why you can't duplicate the cylinder setup is because you need to press "u" and deal with sectors.

Using sectors shows that you can actually end and start a partition on the same cylinder and in other ways cylinders will not work for:


   Device Boot      Start         End      Blocks   Id  System
/dev/sda1               1          64      512000   83  Linux
Partition 1 does not end on cylinder boundary.
/dev/sda2              64       91202   732060672   83  Linux




###########

mv -f /home/user/Downloads/android-studio/ /mnt/sda3/
mv: inter-device move failed: ‘/home/user/Downloads/android-studio/’ to ‘/mnt/sda3/android-studio’; unable to remove target: Is a directory


Usage: geoiplookup [-h] [-?] [-d custom_dir] [-f custom_file] [-v] [-i] [-l] <ipaddress|hostname>
Usage: geoiplookup [-h] [-?] [-d custom_dir] [-f custom_file] [-v] [-i] [-l] <ipaddress|hostname>
grep: Address: No such file or directory
grep: not: No such file or directory
grep: found: No such file or directory
sh: -c: line 1: syntax error near unexpected token `|'
sh: -c: line 1: `|cut -d ',' -f 2'
 

migrating from an old OpenVZ (Centos 5) to new OpenVZ (Centos 6)
Also if migrating from 32-bit HN to 64-bit your RAM will probably be much bigger than it should be!
16x bigger

eg. 32bit HN:

             total       used       free     shared    buffers     cached
Mem:           256         16        239          0          0          0
-/+ buffers/cache:         16        239
Swap:            0          0          0


eg. 64bit HN with same config:


free -m
             total       used       free     shared    buffers     cached
Mem:          3906         42       3863          0          0         33
-/+ buffers/cache:          9       3897
Swap:        28614          0      28614



Error: required UB parameter swappages not set

 vzctl start 27000
Starting container...
Error: required UB parameter swappages not set
Saving VE layout 'simfs' to the VE config file
CT configuration saved to /etc/vz/conf/27000.conf
[root@server18 conf]# vzlist
Container(s) not found
[root@server18 conf]# vzctl start 27000
Starting container...
Error: required UB parameter swappages not set

vzctl set 27000 --swappages 0:unlimited --save

 vzctl set 27000 --swappages 0:unlimited --save
CT configuration saved to /etc/vz/conf/27000.conf
[root@server18 conf]# vzctl start 27000
Starting container...
stat(/vz/root/27000): No such file or directory
stat(/vz/root/27000): No such file or directory
stat(/vz/root/27000): No such file or directory
Initializing quota ...
Container is mounted
Adding IP address(es): 98.158.135.57 98.158.135.58
Setting CPU units: 1000
Setting devices
Container start in progress...

I still cannot understand how this would not be enabled by default and I struggled to find the reason why with manually installing samba etc.. wondering why the option for sharing was not in the menu.

On Linux Mint "MATE" the package is called "caja-share" and on Cinnamon it is called "nemo-share" so edit the below command as necessary:

apt-get install caja-share
Reading package lists... Done
Building dependency tree      
Reading state information... Done
The following package was automatically installed and is no longer required:
  libsctp1
Use 'apt-get autoremove' to remove it.
The following extra packages will be installed:
  caja-extensions-common caja-gksu caja-open-terminal
The following NEW packages will be installed:
  caja-share
The following packages will be upgraded:
  caja-extensions-common caja-gksu caja-open-terminal
3 upgraded, 1 newly installed, 0 to remove and 469 not upgraded.
Need to get 113 kB of archives.
After this operation, 145 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://packages.linuxmint.com/ rafaela/import caja-open-terminal amd64 1.10.1-1+rafaela [10.8 kB]
Get:2 http://packages.linuxmint.com/ rafaela/import caja-gksu amd64 1.10.1-1+rafaela [8,016 B]
Get:3 http://packages.linuxmint.com/ rafaela/import caja-extensions-common all 1.10.1-1+rafaela [75.1 kB]
Get:4 http://packages.linuxmint.com/ rafaela/import caja-share amd64 1.10.1-1+rafaela [19.2 kB]
Fetched 113 kB in 0s (154 kB/s)      
(Reading database ... 184362 files and directories currently installed.)
Preparing to unpack .../caja-open-terminal_1.10.1-1+rafaela_amd64.deb ...
Unpacking caja-open-terminal (1.10.1-1+rafaela) over (1.10.0-1+rafaela) ...
Preparing to unpack .../caja-gksu_1.10.1-1+rafaela_amd64.deb ...
Unpacking caja-gksu (1.10.1-1+rafaela) over (1.10.0-1+rafaela) ...
Preparing to unpack .../caja-extensions-common_1.10.1-1+rafaela_all.deb ...
Unpacking caja-extensions-common (1.10.1-1+rafaela) over (1.10.0-1+rafaela) ...
Selecting previously unselected package caja-share.
Preparing to unpack .../caja-share_1.10.1-1+rafaela_amd64.deb ...
Unpacking caja-share (1.10.1-1+rafaela) ...
Processing triggers for libglib2.0-0:i386 (2.40.2-0ubuntu1) ...
Processing triggers for libglib2.0-0:amd64 (2.40.2-0ubuntu1) ...
Setting up caja-extensions-common (1.10.1-1+rafaela) ...
Setting up caja-open-terminal (1.10.1-1+rafaela) ...
Setting up caja-gksu (1.10.1-1+rafaela) ...
Setting up caja-share (1.10.1-1+rafaela) ...
Processing triggers for libc-bin (2.19-0ubuntu6.6) ...
 

VBoxManage modifyhd "my.vdi" --resize 60000

Note the above will resize my.vdi to 60,000MB

Syncing private
Live migrating container...
Syncing 2nd level quota
11000: invalid option -- F
Usage: vzdqload quotaid [-c file] commands
Loads user/group qouta information from stdin into quota file.
    -c file    use given quota file
Commands specify what user/group information to load:
    -G    grace time
    -U    disk limits
    -T    expiration times
Error: Failed to load 2nd level quota

#solution

yum -y update vzctl

The reason this seems to happen is because OpenVZ (vzctl) on the destination node is out of date and lacks some features or has changed compared to what the source node has. 

Updating vzctl fixed the above problem.

I have not found the source of this but essentially it seems like drbd and ext4 may not play well but I have to confirm still.

In either case an older DRBD setup with older hard drives seems to have little to no iowait, but the main difference is the drbd partition is ext3 and not ext4.  I will experiment and see if that fixes this, then we will know that DRBD and ext4 have issues.

I do not understand why heartbeat would try to communicate with another system not considered part of the node:

heartbeat: [8280]: WARN: string2msg_ll: node [otherbox.com] failed authentication
 

rm /vz/lock/1200.lck
rm: remove regular file `/vz/lock/1200.lck'? y

vzctl start 1200
Container already locked



vzctl start 1200
Starting container ...
vzquota : (error) can't lock quota file, some quota operations are performing for id 1200
vzquota on failed [7]

vzquota off 1200
vzctl start 1200
vzquota on 1200


root@rttbox ~]# vzquota off 1200
vzquota : (error) Quota off syscall for id 1200: Device or resource busy
vzquota : (error)     Possible reasons:
vzquota : (error)     - Container's root is not unmounted
vzquota : (error)     - there are opened files inside container's root/private area
vzquota : (error)     - your current working directory is inside a container directory
vzquota : (error)       root/private area
[root@rttbox ~]# vzctl start 1200
Container is already running
[root@rttbox ~]# vzquota on 1200
vzquota : (warning) Quota is running for id 1200 already
 

The above is what happens when everything is fine but it takes a long time for the quota update to complete, such after a live migration etc... you know it is often the case when the normal tricks don't work:

eg. removing the .lck file, turning quota on and off.

This happened while an mdadm array was syncing, all access from writing a new blank file to opening a small .txt file was very slow:

[222117.312078] kjournald starting.  Commit interval 5 seconds
[222117.685060] EXT3-fs (md0): using internal journal
[222117.685096] EXT3-fs (md0): mounted filesystem with ordered data mode
[222122.376847] kjournald starting.  Commit interval 5 seconds
[222122.602825] EXT3-fs (md2): using internal journal
[222122.602866] EXT3-fs (md2): mounted filesystem with ordered data mode
[223081.568032] INFO: task kjournald:352 blocked for more than 120 seconds.
[223081.568069] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[223081.568121] kjournald       D ef1e41c0     0   352      2 0x00000000
[223081.568157]  eee0dac0 00000046 ef1e41c0 ef1e41c0 0000cab8 00000000 e971ee70 22650000
[223081.568219]  e8c11c9f ccb941c0 eee0dc74 ccb941c0 eee0dac0 ccb941c0 ccb941c0 00000000
[223081.568280]  eee0daf4 eee0daf4 ef1e4204 ff48eeaf c102e1e0 e971ee70 00000012 ff48eeaf
[223081.568341] Call Trace:
[223081.568375]  [<c102e1e0>] ? dequeue_task_fair+0x149/0x1d6
[223081.568411]  [<c11939a6>] ? journal_commit_transaction+0x12c/0xd02
[223081.568446]  [<c1605d15>] ? __schedule+0x5cb/0x5f2
[223081.568478]  [<c1047ef5>] ? wake_up_bit+0x56/0x56
[223081.568510]  [<c103bfe1>] ? lock_timer_base+0x19/0x34
[223081.568541]  [<c103c48c>] ? try_to_del_timer_sync+0x5c/0x63
[223081.568574]  [<c1197306>] ? kjournald+0xb5/0x1cc
[223081.568604]  [<c1047ef5>] ? wake_up_bit+0x56/0x56
[223081.568633]  [<c1197251>] ? commit_timeout+0x5/0x5
[223081.568663]  [<c1047b9f>] ? kthread+0x63/0x68
[223081.568692]  [<c1047b3c>] ? kthread_worker_fn+0x114/0x114
[223081.568725]  [<c160cbbe>] ? kernel_thread_helper+0x6/0xd
[223081.568756] INFO: task vi:530 blocked for more than 120 seconds.
[223081.568787] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[223081.568838] vi              D 00000002     0   530  32563 0x00000004
[223081.568873]  cc72dee0 00000086 00000003 00000002 c1098a00 00000000 00204033 22636000
[223081.572601]  00000002 ccb941c0 cc72e094 ccb941c0 cc72dee0 ccb941c0 ccb941c0 eec86180
[223081.572662]  c10284ce 00000002 00000001 00000005 cc263dec 00000000 00000001 eec03870
[223081.572723] Call Trace:
[223081.572751]  [<c1098a00>] ? __alloc_pages_nodemask+0x121/0x572
[223081.572785]  [<c10284ce>] ? find_busiest_group+0x244/0x7e5
[223081.572818]  [<c104e4e8>] ? timekeeping_get_ns+0x10/0x48
[223081.572850]  [<c104f849>] ? ktime_get_ts+0x76/0x7d
[223081.572880]  [<c1605fff>] ? io_schedule+0x6c/0xa4
[223081.572911]  [<c10e40f0>] ? sleep_on_buffer+0x5/0x8
[223081.572941]  [<c1606255>] ? __wait_on_bit_lock+0x2f/0x68
[223081.572973]  [<c10e40eb>] ? unmap_underlying_metadata+0x41/0x41
[223081.573005]  [<c10e40eb>] ? unmap_underlying_metadata+0x41/0x41
[223081.573037]  [<c1606329>] ? out_of_line_wait_on_bit_lock+0x9b/0xa3
[223081.573071]  [<c1047f1e>] ? autoremove_wake_function+0x29/0x29
[223081.573103]  [<c10e4210>] ? __lock_buffer+0x1c/0x1e
[223081.573133]  [<c1192e25>] ? do_get_write_access+0x4f/0x305
[223081.573166]  [<c11928e1>] ? start_this_handle+0x27a/0x2d6
[223081.573197]  [<c1196d5a>] ? journal_add_journal_head+0x85/0xec
[223081.573230]  [<c11930f3>] ? journal_get_write_access+0x18/0x26
[223081.573263]  [<c1154fde>] ? __ext3_journal_get_write_access+0x16/0x36
[223081.573298]  [<c114ae9a>] ? ext3_orphan_add+0x78/0x13e
[223081.573328]  [<c1192a4e>] ? journal_start+0x80/0xa7
[223081.573359]  [<c1147da7>] ? ext3_setattr+0x180/0x2ad
[223081.573391]  [<c10d627e>] ? notify_change+0x182/0x252
[223081.573424]  [<c10c40d6>] ? do_truncate+0x61/0x77
[223081.573455]  [<c10ce12b>] ? do_last+0x4c4/0x52f
[223081.573485]  [<c10ce620>] ? path_openat+0x9f/0x285
[223081.573514]  [<c10ce8aa>] ? do_filp_open+0x21/0x5d
[223081.573545]  [<c10c10a8>] ? kmem_cache_alloc+0x21/0xd9
[223081.573576]  [<c10cc7ed>] ? getname_flags+0x24/0xd5
[223081.573606]  [<c10c3779>] ? do_sys_open+0x58/0xd1
[223081.573636]  [<c10c3836>] ? sys_open+0x1e/0x23
[223081.573666]  [<c160711c>] ? syscall_call+0x7/0x7


[224161.572060] INFO: task kjournald:349 blocked for more than 120 seconds.
[224161.572099] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[224161.572151] kjournald       D ef1e41c0     0   349      2 0x00000000
[224161.572187]  eee0f7a0 00000046 ef1e41c0 ef1e41c0 0000cbae 00000000 e07bdd83 22650000
[224161.572248]  dfcdf1fd ccb941c0 eee0f954 ccb941c0 eee0f7a0 ccb941c0 ccb941c0 00000000
[224161.572310]  eee0f7d4 eee0f7d4 ef1e4204 ff52147a c102e1e0 e07bdd83 0000001d ff52147a
[224161.572371] Call Trace:
[224161.572405]  [<c102e1e0>] ? dequeue_task_fair+0x149/0x1d6
[224161.572441]  [<c11939a6>] ? journal_commit_transaction+0x12c/0xd02
[224161.572477]  [<c1605d15>] ? __schedule+0x5cb/0x5f2
[224161.572509]  [<c1047ef5>] ? wake_up_bit+0x56/0x56
[224161.572541]  [<c103bfe1>] ? lock_timer_base+0x19/0x34
[224161.572573]  [<c103c48c>] ? try_to_del_timer_sync+0x5c/0x63
[224161.572605]  [<c1197306>] ? kjournald+0xb5/0x1cc
[224161.572635]  [<c1047ef5>] ? wake_up_bit+0x56/0x56
[224161.572664]  [<c1197251>] ? commit_timeout+0x5/0x5
[224161.572694]  [<c1047b9f>] ? kthread+0x63/0x68
[224161.572723]  [<c1047b3c>] ? kthread_worker_fn+0x114/0x114
[224161.572757]  [<c160cbbe>] ? kernel_thread_helper+0x6/0xd
[224161.572789] INFO: task vi:791 blocked for more than 120 seconds.
[224161.572821] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[224161.572872] vi              D 00000010     0   791    552 0x00000000
[224161.572907]  cc47f380 00000086 00000040 00000010 c1820380 00000000 00000000 22629000
[224161.572968]  00000002 ccb941c0 cc47f534 ccb941c0 cc47f380 ccb941c0 ccb941c0 ef1b8c40
[224161.573029]  eec03870 eec44a40 c14747c5 eec03860 eec86100 c10284ce 00000002 00000001
[224161.573090] Call Trace:
[224161.573117]  [<c14747c5>] ? cpumask_next_and+0x20/0x2b
[224161.573150]  [<c10284ce>] ? find_busiest_group+0x244/0x7e5
[224161.573183]  [<c104e4e8>] ? timekeeping_get_ns+0x10/0x48
[224161.573214]  [<c104f849>] ? ktime_get_ts+0x76/0x7d
[224161.573244]  [<c1605fff>] ? io_schedule+0x6c/0xa4
[224161.573275]  [<c10e40f0>] ? sleep_on_buffer+0x5/0x8
[224161.573305]  [<c1606255>] ? __wait_on_bit_lock+0x2f/0x68
[224161.573337]  [<c10e40eb>] ? unmap_underlying_metadata+0x41/0x41
[224161.573370]  [<c10e40eb>] ? unmap_underlying_metadata+0x41/0x41
[224161.573402]  [<c1606329>] ? out_of_line_wait_on_bit_lock+0x9b/0xa3
[224161.573435]  [<c1047f1e>] ? autoremove_wake_function+0x29/0x29
[224161.573468]  [<c10e4210>] ? __lock_buffer+0x1c/0x1e
[224161.573498]  [<c1192e25>] ? do_get_write_access+0x4f/0x305
[224161.573530]  [<c1196d5a>] ? journal_add_journal_head+0x85/0xec
[224161.573562]  [<c11930f3>] ? journal_get_write_access+0x18/0x26
[224161.573596]  [<c1154fde>] ? __ext3_journal_get_write_access+0x16/0x36
[224161.573630]  [<c1145c46>] ? ext3_reserve_inode_write+0x2d/0x5a
[224161.573663]  [<c114aeb2>] ? ext3_orphan_add+0x90/0x13e
[224161.573693]  [<c1147da7>] ? ext3_setattr+0x180/0x2ad
[224161.573726]  [<c10d627e>] ? notify_change+0x182/0x252
[224161.573758]  [<c10c40d6>] ? do_truncate+0x61/0x77
[224161.573790]  [<c10ce12b>] ? do_last+0x4c4/0x52f
[224161.573819]  [<c10ce7b1>] ? path_openat+0x230/0x285
[224161.573849]  [<c10ce8aa>] ? do_filp_open+0x21/0x5d
[224161.573880]  [<c10cc7ed>] ? getname_flags+0x24/0xd5
[224161.573910]  [<c10c3779>] ? do_sys_open+0x58/0xd1
[224161.573940]  [<c10c3836>] ? sys_open+0x1e/0x23
[224161.573970]  [<c160711c>] ? syscall_call+0x7/0x7
[224161.573999] INFO: task grub:817 blocked for more than 120 seconds.
[224161.574031] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[224161.574082] grub            D 00000002     0   817  32563 0x00000004
[224161.574117]  cc47eb40 00000082 c109a37f 00000002 0000000e 00000000 c9eabec4 22643000
[224161.574178]  00000000 ccb941c0 cc47ecf4 ccb941c0 cc47eb40 ccb941c0 ccb941c0 c9eabf1c
[224161.574239]  c1093d65 0000000e 00000001 c9eabf38 00000000 c9eabf34 00000000 c8270270
[224161.574300] Call Trace:
[224161.574325]  [<c109a37f>] ? write_cache_pages+0x10d/0x2be
[224161.574358]  [<c1093d65>] ? find_get_pages_tag+0x37/0xd1
[224161.574390]  [<c1025f08>] ? __wake_up+0x2c/0x3b
[224161.574419]  [<c1048067>] ? prepare_to_wait+0x14/0x52
[224161.574450]  [<c11971b3>] ? log_wait_commit+0xa9/0xf1
[224161.574480]  [<c1047ef5>] ? wake_up_bit+0x56/0x56
[224161.574510]  [<c1153556>] ? ext3_sync_fs+0x5d/0x67
[224161.574541]  [<c10f9d6f>] ? dquot_quota_sync+0x193/0x235
[224161.574572]  [<c10f9bdc>] ? dquot_file_open+0x25/0x25
[224161.574603]  [<c10e1fc4>] ? __sync_filesystem+0x69/0x69
[224161.574634]  [<c10e1f8b>] ? __sync_filesystem+0x30/0x69
[224161.574664]  [<c10c6a1f>] ? iterate_supers+0x4e/0x8d
[224161.574695]  [<c10e2005>] ? sys_sync+0x36/0x49
[224161.574724]  [<c160711c>] ? syscall_call+0x7/0x7

 

You may get this after a long time of not rebooting but especially if you have rsync'd a / partition or deployed an image to another VPS or computer, you will often have this issue.

The good thing it usually just takes a reboot.

Here is more info from Centos

Errors like this are shown on high usage servers and ports so it is common to see it on http and even imap ports:

possible SYN flooding on port 80. Sending cookies.

The Linux kernel will even detect flooding on OpenVZ containers:

possible SYN flooding on ctid 6000, port 993. Sending cookies.

In many cases this is not an issue and is more so simply a result of regular, but high usage traffic.

It is as simple as the command below, it will then update your mdadm.conf or create it in /etc/mdadm.conf

mdadm --detail --brief --scan > /etc/mdadm.conf
 

Stopping httpd:                                            [  OK  ]
Starting httpd: [Wed Jun 29 19:29:44 2016] [warn] _default_ VirtualHost overlap on port 80, the first has precedence
[Wed Jun 29 19:29:44 2016] [warn] _default_ VirtualHost overlap on port 443, the first has precedence



In order to avoid the above message and a conflict where only a default/first domain by alphabet gets served you need to use NameVirtualHost in httpd.conf


Add the following to httpd.conf:

NameVirtualHost *:80
NameVirtualHost *:443

In Firefox I cannot connect to any website, proxy is disabled and outside network access is confirmed, no system or manual proxy was set on this Linux Mint/Ubuntu system.  Normally this can be caused by proxy or DNS problems and the weird thing is that traceroute and ping to other IPs worked fine but even connecting to sites by IP was not working.

The connection was reset

The connection to the server was reset while the page was loading.

    The site could be temporarily unavailable or too busy. Try again in a few moments.
    If you are unable to load any pages, check your computer's network connection.
    If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.

This even causes apt-get to fail to install packages

The solution:

This was a virtual machine cloned in VirtualBox and for some silly reason it clones the MAC address, so there was the original machine running with the same MAC.  The solution is to regenerate a new MAC address from the VBOX config.

kernel: [10186978.064405] TCP: time wait bucket table overflow (CT3)

Varying opinions are out there but in general it seems like the most common culprit is a lack of privvmpages, with a modern OpenVZ system the best way is to set privvmpages as equal to what your RAM is and this has resolved the messages on another system.

If it's truly a TCP issue you can adjust the following parameters:

Source: Openvz forums

1) Per-system tw_count is greater than per-system max_tw_buckets limit:
tw_count < sysctl_max_tw_buckets
net.ipv4.tcp_max_tw_buckets = 1800000
IMHO very unlikely in your situation

2) Per-VE counter is greater than per-VE max_tw_buckets limit:
tw_count < sysctl_tcp_max_tw_buckets_ub
net.ipv4.tcp_max_tw_buckets_ub = 165360

I wanted to use Astrachat because it seems to be the only app that has video, pic and file sharing for Jabber but I cannot even connect despite any other client working fine including Xabber and others.

astrachat "Oops.. We can't connect to the account that you provide above.  Please recheck your account detail".

Unfortunately to make it worse there doesn't seem to be any error log or more details about the issue.

The jabberd server requires start tls and I have hard coded the info into Astrachat as well and that didn't work.

Here is the jabberd log:

Jul 13 16:47:36 jabberbox jabberd/c2s[14145]: [8] [192.168.5.66, port=26400] connect
Jul 13 16:47:37 jabberbox jabberd/c2s[14145]: [8] [192.168.5.66, port=26400] disconnect jid=unbound, packets: 0

If I choose "NON-SASL Login" and disable "TLS/SSL (Establish secure connection on network) then I get a start tls error on the server:

 [8] got pre STARTTLS packet, dropping
 

sed gets to be a pain and a real mess and is hard to read and understand when you have to escape things like / etc.

I did not realize until recently that you don't need to use / as a separator, you can use virtually any non letter or number character.

Eg we have used # as the separator to avoid having to escape the forward slashes and in this way the command is plain, easy to understand, edit and saves time/hassle without the need for escaping.

sed -i s#http://someurl.com#http://anotherurl.com#/g

It all comes down to a bug essentially where you are running an older kernel that doesn't support the newer Debian templates.  The solution is to update your OpenVZ kernel.

Here are some symptoms of the problem/lack of kernel support:

Ubuntu Template 12.04 requires a manual network start:
service networking start

sshd will not start:
/usr/sbin/sshd
PRNG is not seeded

mknod /dev/random c 1 8

service ssh start
ssh start/running, process 30022

#but netstat does not show it running

#also no processes are started it looks like init is not getting called.

init 2

There was only one solution here and it was the following:

edit /etc/httpd/conf/httpd.conf

Comment the lines for the Mime Magic Module:

#   MIMEMagicFile /usr/share/magic.mime
#    MIMEMagicFile conf/magic

  *Don't forget to restart Apache and clear your browser cache twice

I was using DefaultType and ForceType and the weird thing is for MOST files it was fine, but a few randomly did not like this becuase it appears Mime Magic was determing and rewriting the Mime Type and basically overruling the .htaccess I had (yes I had AllowOverride in the VHOST conf too).
 

I hope this helps out someone else as it took me ages to sort out.

wget -e robots=off

It is as simple as the above and this is something one must watch out carefully when using wget because you may think you have archived or downloaded content when you never did due to a nofollow/robots.txt statement.

When you start uploading larger images in Wordpress you have to make sure your maximum attachment size is large enough and that the execution time is not too short:

Uploading
Error
HTTP error.

[Thu May 12 16:32:25 2016] [error] [client 10.10.5.2] PHP Fatal error:  Maximum execution time of 30 seconds exceeded in /httpdocs/blog/wp-includes/class-wp-image-editor-gd.php on line 182

Solution Edit php.ini to increase the maximum_execution_time variable to 80 seconds
vi /etc/php.ini

max_execution_time = 80
 

This is a common mistake but many people do not realize this function comes from mysql itself, so therefore you need an active mysql connection open.

Usually the string will be empty and null when you call it from outside of the database connection portion of your code.

eg. an example of the wrong way and creating a null/empty string

$var = mysql_real_escape_string($myself)


mysql_connect();

// returns null/empty

As you can see above the escape was called before we connected to the db so that's why it returns empty.

How to fix it (put the escape call after you connect to mysql):

mysql_connect();

$var = mysql_real_escape_string($myself)


There realy should be more of a warning from PHP itself because an empty string could cause havoc with database transactions.

Another way the problem can be created:

Sometimes as coders we get too smart and thank "we'll update all of our unescaped data to be escaped and mass replace all functions with sed"

sed -i s/'addslashes('/'mysql_real_escape_string('/g admin.php

A good example is the above, why does it break?  Because as we showed earlier typically most coders will do the string manipulation outside of the database call section.

Usually the cause is inexplicable because some things just don't work correctly even when calling all commands by their full path.

Usually adding the following to your crontab file at the top will fix/solve the issue:

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
 

This can happen because port 80 is not open, or your license has expired and/or your IP is out of date and also if the license server itself from cPanel is having issues.

In most cases as long as you have a valid license the following command will solve it:

 /usr/local/cpanel/cpkeyclt
Updating cPanel license...Done. Update succeeded.
Building global cache for cpanel...Done

 

Cannot Read License File
To access the interface, you must install the license and ensure that the license is active.

    To ensure that the server is licensed, navigate to http://verify.cpanel.net/, and enter the server’s public IP address.
    If the server is licensed, run the /usr/local/cpanel/cpkeyclt command as the root user.
    Make certain that port 80 is open to contact our license server and that your server’s hostname is a FQDN.

If you do not currently own a license, register at the cPanel Store and request a trial license in the Free Services section.

You can purchase or lease a license directly from cPanel, or from one of our Partners.

After you successfully activate the license, reload the page and the message will no longer display.

pip install obfsproxy
/usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
  InsecurePlatformWarning
You are using pip version 7.1.0, however version 8.1.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
Collecting obfsproxy
/usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
  InsecurePlatformWarning
  Downloading obfsproxy-0.2.13.tar.gz (93kB)
    100% |████████████████████████████████| 94kB 39kB/s
Requirement already satisfied (use --upgrade to upgrade): setuptools in /usr/lib/python2.6/site-packages (from obfsproxy)
Collecting PyCrypto (from obfsproxy)
  Downloading pycrypto-2.6.1.tar.gz (446kB)
    100% |████████████████████████████████| 446kB 259kB/s
Collecting Twisted (from obfsproxy)
  Downloading Twisted-16.1.1.tar.bz2 (2.9MB)
    100% |████████████████████████████████| 2.9MB 95kB/s
    Complete output from command python setup.py egg_info:
    Traceback (most recent call last):
      File "<string>", line 20, in <module>
      File "/tmp/pip-build-7aeuJC/Twisted/setup.py", line 57, in <module>
        main(sys.argv[1:])
      File "/tmp/pip-build-7aeuJC/Twisted/setup.py", line 36, in main
        from twisted.python.dist import (
      File "./twisted/__init__.py", line 55, in <module>
        _checkRequirements()
      File "./twisted/__init__.py", line 17, in _checkRequirements
        raise ImportError("Twisted requires Python 2.7 or later.")
    ImportError: Twisted requires Python 2.7 or later.

#try again after installing these packages
yum -y install python-crypto gcc make

pip install obfsproxy
#same result as before
 ImportError: Twisted requires Python 2.7 or later.

#there is no python 2.7 package for Centos 6

#build it ourselves


There was a problem importing one of the Python modules
required to run yum. The error leading to this problem was:

   No module named yum

Please install a package which provides this module, or
verify that the module is installed correctly.

It's possible that the above module doesn't match the
current version of Python, which is:
2.7.9 (default, Apr 21 2016, 16:51:58)
[GCC 4.4.7 20120313 (Red Hat 4.4.7-16)]

If you cannot solve this problem yourself, please go to
the yum faq at:
  http://yum.baseurl.org/wiki/Faq
 
Solution

Revert back to the stock Centos Python and do not ever overwrite the default Python.  You can install a newer python along side but NEVER overwrite the default or it will break things like Python or you will have to manually symlink a lof of things to manually use the old/original python.

curl -k https://somesite.org
curl: (35) SSL connect error

The site used to work until I got a new SSL cert
Updating curl with (yum -y install curl) made it work again.

 

Simple solution install python-dev

sudo apt-get install python-dev libyaml-dev libpam-dev

This is using find and -mtime in Centos Linux, it simply takes "n" (which is a day) as a number and you can specifiy a + or - to say older or less than a certain age.

# (show everything older than 1 day)

find . -mtime +1

openvpn 2.3.10-1.el6 issues
 

in the .conf

auth-user-pass-verify "passwordcheck $username $password $untrusted_ip"  via-env

auth-env does not work correctly in OpenVPN 2.3:

Sat Apr 23 02:30:22 2016 - $username - $untrusted_ip - login failure

But OpenVPN 2.2 does work as expected.

It could be that the specified script automatically receives those variables and manually passing them breaks things in OpenVPN 2.3?

For themes and custom CMS setups, the typical HTML theme is not ready to go at all but here are some common sed commands (search and replace that will get most of them working without breaking as you'd expect).

The problem is that often the theme directory will be separate from the content and this will break the relative paths that these themes use.

sed -i s/'href="'/'href="/themes/yourtheme/'/g index.html
sed -i s/'src="'/'src="/themes/yourtheme/'/g index.html
sed -i s/"url(.."/"url(/themes/yourtheme/"/g *.css


In the order of the above

replace all instances of href=" with href="/themes/yourtheme/

replace all instances of src=" with src="/themes/yourtheme/

replace all instances of "url(.. with url(/themes/yourtheme/

Does anyone have any suggestions on how to handle this error code?  It is for a client who has a Windows 2008 R2 Datacenter License and wants to install virtual instances on the same host.

cp -a /your/source/. /your/dest/

-a preserves all file atributes and symlinks

the "." at the end of /source/ includes all hidden files such as .htacess, .bash_history, .ssh etc..

The / in /dest/ makes sure the contents go into it instead of replacing /dest itself (eg. if you did not have the / at the end).

Stopping httpd:                                            [FAILED]
Starting httpd: httpd: Syntax error on line 73 of /etc/httpd/conf/httpd.conf: Cannot load /etc/httpd/modules/mod_file_cache.so into server: /etc/httpd/modules/mod_file_cache.so: cannot open shared object file: No such file or directory
                                                           [FAILED]
This is usually because the file is not found in the expected location.   This often happens when moving an httpd.conf between different servers and versions of Apache.  I

In this case for some reason in a newer version of Apache the module mod_file_cache.so is missing.

In the case of Centos/RHEL 5 it was, but in RHEL/Centos 6 mod_file_cache is missing according to this from the RHEL website:

4.4. Apache HTTP Server

The Solution/Replacement

mod_disk_cache or mod_cache

It is as simple as the following in httpd.conf

CacheEnable disk /
 

This significantly improves the load times especially when Apache is using ProxyPass as a proxy server in front of the real host.

This is a simple fix but not a simple problem and it still doesn't make sense to me.

But in a nutshell if your target proxy server works fast when accessing directly over SSL then this may be your issue.

It seems SSL does not play nicely when the target proxy destination/host has a riduculously long key (such as 8192 bits long).  Now this is normally not a problem, in fact the target server could be accessed with hardly any delay directly despite such a long key.

However when throwing a Proxy and Reverse Proxy with SSL in front of it, made requests take 20-30 seconds (not milliseconds but actual seconds).

I found many proposed solutions or people saying it should be that slow, but that's just not the case, yes SSL is slower but it shouldn't be this slow.  Disabling or enabling all SSL protocols also made no difference.

Solution

The problem was instantly solved by replacing the target server's SSL key with a 2048 bit one ( a smaller one). I think this is a big where the SSLProxyPass just can't handle the request properly when the target SSL server has a large public key.

Additional Performance Improvements

Use the "CacheEnable disk /" directive in httpd.conf

Please wait...
If this message is not eventually replaced by the proper contents of the document, your PDF
viewer may not be able to display this type of document.
You can upgrade to the latest version of Adobe Reader for Windows®, Mac, or Linux® by
visiting http://www.adobe.com/products/acrobat/readstep2.html.
For more assistance with Adobe Reader visit http://www.adobe.com/support/products/
acrreader.html.
Windows is either a registered trademark or a trademark of Microsoft Corporation in the United States and/or other countries. Mac is a trademark
of Apple Inc., registered in the United States and other countries. Linux is the registered trademark of Linus Torvalds in the U.S. and other
countries.

There is a new style of PDFs floating around called "interactive PDFs", and not just fillable forms but more advanced onces that behave more like an HTML and Javascript dynamic form where dropdowns change etc.. This is a horrible idea and mistake because it is very difficult to save and reopen the contents between different Adobe versions and even different Operating Systems (some things just don't save or reopen properly).  Aside from that no standard Linux PDF reader can read these either.

The only native Linux solution is an old Adobe Acrobat reader from 2013 (they seem to have abandoned Linux for everything) but you can still download and install it here quite easily:

ftp://ftp.adobe.com/pub/adobe/reader/unix/9.x/9.5.5/enu/

I used this .deb package for myself

I got this when running yum on a Centos 6 machine:

Error: database disk image is malformed

It was easily fixed with the following command:

yum clean all

Auction 262382440107: Cannot connect to URL : SSL connect error: gnutls_handshake() failed: Illegal parameter
Retrying...
esniper encountered a bug.  It looks like your esniper version is not
current.  You have version 2.28.0, the newest version is 2.31.0.
Please go to http://esniper.sf.net/ and update your copy of esniper.



At first my BIOS said the card may not work right because there is no more option ROM space.

I disabled the Option ROM for both LSI 1068 and 2008 chipsets, Network Boot ROM and most other PCI slots, Serial Port, etc... and the message went away but the card still does not work properly.

But it still cannot initialize the card properly (does not work):

[   33.943272] NVRM: This PCI I/O region assigned to your NVIDIA device is invalid:
[   33.943272] NVRM: BAR0 is 0M @ 0x0 (PCI:0000:18:00.0)
[   33.943279] NVRM: The system BIOS may have misconfigured your GPU.
[   33.943286] nvidia: probe of 0000:18:00.0 failed with error -1
[   33.943943] NVRM: The NVIDIA probe routine failed for 1 device(s).
[   33.943953] NVRM: None of the NVIDIA graphics adapters were initialized!
[   33.943958] [drm] Module unloaded
[   33.944975] systemd-udevd[2015]: Failed to apply ACL on /dev/dri/card0: No such file or directory
[   34.281514] NVRM: This PCI I/O region assigned to your NVIDIA device is invalid:
[   34.281514] NVRM: BAR0 is 0M @ 0x0 (PCI:0000:18:00.0)
[   34.281521] NVRM: The system BIOS may have misconfigured your GPU.
[   34.281528] nvidia: probe of 0000:18:00.0 failed with error -1
[   34.281844] NVRM: The NVIDIA probe routine failed for 1 device(s).
[   34.281847] NVRM: None of the NVIDIA graphics adapters were initialized!
[   34.281849] [drm] Module unloaded

One thing is that lspci lists the SAS2008 card before the graphics card and I have not tried the other PCI x8 port yet:

0000:00:00.0 RAM memory: NVIDIA Corporation MCP55 Memory Controller (rev a2)
0000:00:01.0 ISA bridge: NVIDIA Corporation MCP55 LPC Bridge (rev a3)
0000:00:01.1 SMBus: NVIDIA Corporation MCP55 SMBus Controller (rev a3)
0000:00:02.0 USB controller: NVIDIA Corporation MCP55 USB Controller (rev a1)
0000:00:02.1 USB controller: NVIDIA Corporation MCP55 USB Controller (rev a2)
0000:00:04.0 IDE interface: NVIDIA Corporation MCP55 IDE (rev a1)
0000:00:05.0 IDE interface: NVIDIA Corporation MCP55 SATA Controller (rev a3)
0000:00:05.1 IDE interface: NVIDIA Corporation MCP55 SATA Controller (rev a3)
0000:00:05.2 IDE interface: NVIDIA Corporation MCP55 SATA Controller (rev a3)
0000:00:06.0 PCI bridge: NVIDIA Corporation MCP55 PCI bridge (rev a2)
0000:00:06.1 Audio device: NVIDIA Corporation MCP55 High Definition Audio (rev a2)
0000:00:08.0 Bridge: NVIDIA Corporation MCP55 Ethernet (rev a3)
0000:00:09.0 Bridge: NVIDIA Corporation MCP55 Ethernet (rev a3)
0000:00:0a.0 PCI bridge: NVIDIA Corporation MCP55 PCI Express bridge (rev a3)
0000:00:0d.0 PCI bridge: NVIDIA Corporation MCP55 PCI Express bridge (rev a3)
0000:00:0f.0 PCI bridge: NVIDIA Corporation MCP55 PCI Express bridge (rev a3)
0000:00:18.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Family 10h Processor HyperTransport Configuration
0000:00:18.1 Host bridge: Advanced Micro Devices, Inc. [AMD] Family 10h Processor Address Map
0000:00:18.2 Host bridge: Advanced Micro Devices, Inc. [AMD] Family 10h Processor DRAM Controller
0000:00:18.3 Host bridge: Advanced Micro Devices, Inc. [AMD] Family 10h Processor Miscellaneous Control
0000:00:18.4 Host bridge: Advanced Micro Devices, Inc. [AMD] Family 10h Processor Link Control
0000:00:19.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Family 10h Processor HyperTransport Configuration
0000:00:19.1 Host bridge: Advanced Micro Devices, Inc. [AMD] Family 10h Processor Address Map
0000:00:19.2 Host bridge: Advanced Micro Devices, Inc. [AMD] Family 10h Processor DRAM Controller
0000:00:19.3 Host bridge: Advanced Micro Devices, Inc. [AMD] Family 10h Processor Miscellaneous Control
0000:00:19.4 Host bridge: Advanced Micro Devices, Inc. [AMD] Family 10h Processor Link Control
0000:01:05.0 FireWire (IEEE 1394): Texas Instruments TSB43AB22A IEEE-1394a-2000 Controller (PHY/Link) [iOHCI-Lynx]
0000:05:00.0 Serial Attached SCSI controller: LSI Logic / Symbios Logic SAS2008 PCI-Express Fusion-MPT SAS-2 [Falcon] (rev 03)
0000:18:00.0 VGA compatible controller: NVIDIA Corporation GT218 [GeForce 210] (rev a2)
0000:18:00.1 Audio device: NVIDIA Corporation High Definition Audio Controller (rev a1)
0000:2b:00.0 PCI bridge: NEC Corporation uPD720400 PCI Express - PCI/PCI-X Bridge (rev 06)
0000:2b:00.1 PCI bridge: NEC Corporation uPD720400 PCI Express - PCI/PCI-X Bridge (rev 06)
0001:40:00.0 RAM memory: NVIDIA Corporation MCP55 Memory Controller (rev a2)
0001:40:01.0 RAM memory: NVIDIA Corporation MCP55 LPC Bridge (rev a3)
0001:40:01.1 SMBus: NVIDIA Corporation MCP55 SMBus Controller (rev a3)
0001:40:0d.0 PCI bridge: NVIDIA Corporation MCP55 PCI Express bridge (rev a3)
0001:6b:00.0 SCSI storage controller: LSI Logic / Symbios Logic SAS1068E PCI-Express Fusion-MPT SAS (rev 08)

The Solution

I moved the LSI card to another PCI slot and it fixed it, basically if the SAS2008 is shown before the Nvidia card it is game over.  Notice the order after I switched the physical slot (of course if you have no other slots this is a big problem).  Even disabling the Option ROM on the SAS2008 did not fix it until I switched PCI slots:

0000:18:00.0 VGA compatible controller: NVIDIA Corporation GT218 [GeForce 210] (rev a2)
0000:18:00.1 Audio device: NVIDIA Corporation High Definition Audio Controller (rev a1)
0000:2b:00.0 PCI bridge: NEC Corporation uPD720400 PCI Express - PCI/PCI-X Bridge (rev 06)
0000:2b:00.1 PCI bridge: NEC Corporation uPD720400 PCI Express - PCI/PCI-X Bridge (rev 06)
0001:40:00.0 RAM memory: NVIDIA Corporation MCP55 Memory Controller (rev a2)
0001:40:01.0 RAM memory: NVIDIA Corporation MCP55 LPC Bridge (rev a3)
0001:40:01.1 SMBus: NVIDIA Corporation MCP55 SMBus Controller (rev a3)
0001:40:0a.0 PCI bridge: NVIDIA Corporation MCP55 PCI Express bridge (rev a3)
0001:40:0d.0 PCI bridge: NVIDIA Corporation MCP55 PCI Express bridge (rev a3)
0001:45:00.0 Serial Attached SCSI controller: LSI Logic / Symbios Logic SAS2008 PCI-Express Fusion-MPT SAS-2 [Falcon] (rev 03)
0001:6b:00.0 SCSI storage controller: LSI Logic / Symbios Logic SAS1068E PCI-Express Fusion-MPT SAS (rev 08)

Download from here http://www.avagotech.com/products/server-storage/host-bus-adapters/sas-9200-8e#downloads

sudo Installer_P20_for_Linux/sas2flash_linux_i686_x86-64_rel/sas2flash -listall
LSI Corporation SAS2 Flash Utility
Version 20.00.00.00 (2014.09.18)
Copyright (c) 2008-2014 LSI Corporation. All rights reserved

    Adapter Selected is a LSI SAS: SAS2008(B2)  

Num   Ctlr            FW Ver        NVDATA        x86-BIOS         PCI Addr
----------------------------------------------------------------------------

0  SAS2008(B2)     17.00.01.00    11.00.00.06    07.33.00.00     00:05:00:00

    Finished Processing Commands Successfully.
    Exiting SAS2Flash.



sudo Installer_P20_for_Linux/sas2flash_linux_i686_x86-64_rel/sas2flash -f UEFI_BSD_P20/uefi_bsd_rel/x64sas2.rom
LSI Corporation SAS2 Flash Utility
Version 20.00.00.00 (2014.09.18)
Copyright (c) 2008-2014 LSI Corporation. All rights reserved

    Adapter Selected is a LSI SAS: SAS2008(B2)  

    Executing Operation: Flash Firmware Image

        ERROR: Firmware Image does not have a Valid Signature.

        Firmware Image Validation Failed!

    Due to error remaining commands will not be executed.
    Unable to Process Commands.
    Exiting SAS2Flash.
 

There are a few ways of doing this and all basically involve using the reverse proxy or "ProxyPass" feature of Apache to accomplish it.

1.) Create a normal vhost and simply symlink the root directory of the site you want to mirror.

Eg. originalsite.com and newsite.com

/vhosts/originalsite.com/httpdocs

You would symlink like this:

ln -s /vhosts/originalsite.com/httpdocs vhosts/originalsite.com/

2.) A flexible way and the best way if you want the mirror/different site to have a different IP address but still serve the same content.

This would be in your vhost.conf

ServerName differentdomain.com
ServerAlias www.differentdomain.com
ProxyPass / http://yourmainsite.com/
ProxyPassReverse / http://yourmainsite.com/

Alternative Way If You Want To Proxy The Same Domain through a different IP (eg. for SEO geolocation purposes you could host all content on a single server and then put proxies in front of it)

ServerName maindomani.com
ServerAlias www.maindomain.com
ProxyPass / http://ip.ip.ip.ip/
ProxyPassReverse / http://ip.ip.ip.ip/
ProxyPreserveHost On

*Make sure you keep the "/" at the end of yourmainsite.com or it will not work properly.
The above is a preferable for me because it will keep working even if the backend server config or IP changes.

Caveats Issues To Take Into Account

When doing this with live, public sites that are indexed in search engines you could get penalized or just plain confuse people so there are issues to handle.

First of all if you force all requests to go to a certain domain or on SSL, you will have to consider how to handle it by updating your .htaccess

Also if you don't want to get penalized for duplicate content, you will need to add some code to your site to determine if it is being accessed by the main host name, if not then you should dynamically insert a nofollow and noindex into your <head> section.

<meta name="robots" content="noindex, nofollow" />

To check the version of Ubuntu just use the lsb_release command as shown below and you will be able to see the exact Ubuntu version you have installed.

lsb_release -a
No LSB modules are available.
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04 LTS
Release:    14.04
Codename:    trusty

I modified the default to the following for faster local dialing for North American area codes:

(*xx|[3469]11|0|00 [2-9]xxxxxxS0|[2-9]xxxxxxxxxS0|1xxx[2-9]xxxxxxS0|xxxxxxxxxxxx.)

This is what I added to the above: "[2-9]xxxxxxxxxS0" so any 9 digit number is dialed instantly xxx-xxx-xxxx (the S0 at the end makes it dial right away).  This makes dialing much quicker and is recommended.


*Note the [2-9] is necessary otherwise the x matches a 1 so if you dial long distance or a toll-free number it dials the first 10 digits of it and cuts off the last one.

I finally fixed this after years of slow dialing.  It is also important to note that almost all dialing delay problems are caused by your phone adapter (ATA/VOIP) dial plan and not the server side.  It is also shocking that many companies do not supply their ATAs with proper, fast dial plans at least for local dialing.

I have two lines on my PAP2T and the only thing that solved this problem rather instantly was to change the line with the problem to using port 5060 instead of 5061 (so both lines are using port 5600). Note that I am not forwarding either port in my router either.

Some of the symptoms of this problem for me were the following:

• No dialtone or it would take several tries.
• You answer a call but the phone keeps ringing (takes a few times to answer).
• You answer a call and cannot hear the caller but they can hear you.

 service iptables start 
iptables: Applying firewall rules: iptables-restore: line 40 failed
                                                           [FAILED]

vi /etc/sysconfig/iptables
Line 40 is just:
COMMIT
 

It turned out that the correct iptables modules were not enabled for the OpenVZ container, enabling and rebooting the container fixed it.

The first thing to diagnose is what is actually in the database (use PHPMyAdmin or CLI).

You will of course either find that the backslash is either in the database or not.

If the backslash is in the database you probably have magic quotes gpc/runtime on and/or are calling the "addslashes()" function which does this.

If you are escaping your data with mysql_real_escape_string() then think again, you probably have magic quotes gpc enabled either in php.ini or in an .htaccess

Most people will remember to check php.ini, but what if there is an old htaccess or one you did not remember.

In my case here is what I found:

php_flag magic_quotes_gpc off
php_flag magic_quotes_runtime on

Solution, turn off magic quotes runtime:


php_flag magic_quotes_gpc off
php_flag magic_quotes_runtime off


After that the problem should be solved.

Here is a thread where I think the answer may very well be mine in many cases.

1.) Flash directly to this file:

http://tomato.groov.pl/download/K26RT-N/build5x-132-EN/Linksys%20E-series/tomato-E2500-NVRAM60K-1.28.RT-N5x-MIPSR2-132-Max.zip

*I was never able to get the larger "Mega" file to work, at least not initially so I recommend the file above.

To enable 5ghz I had to do the "Clear NVRAM" Option before it was shown.

2.) Or if you don't need 5ghz (most devices do not support it and cannot see it) I prefer DD-WRT:

Latest versions here:

 

ftp://ftp.dd-wrt.com/betas/2016/03-07-2016-r29218/broadcom_K3X/dd-wrt.v24-29218_NEWD-2_K3.x_mega-e2500.bin

===============

dd-wrt upgrade problems when you have more than one unit that you have accessed before from the same browser.
Clear cache and cookies

#when upgrading make sure you choose reset to firmware defaults or you may have problems getting web interface after like me!

I could not even reboot the connection would reset on me until I cleared cache and cookies it seems it was inteferring from another dd-wrt that was on the same

After upgrading only telnet was up (no port 80 web interface):

telnet 192.168.1.1
Trying 192.168.1.1...
Connected to 192.168.1.1.
Escape character is '^]'.

DD-WRT v3.0-r29218 mega (c) 2016 NewMedia-NET GmbH
Release: 03/07/16

Linksys E2500 login: root
Password:
==========================================================
 
     ___  ___     _      _____  ______       ____  ___
    / _ / _ ___| | /| / / _ /_  __/ _  __|_  / / _
   / // / // /___/ |/ |/ / , _/ / /   | |/ //_ <_/ // /
  /____/____/    |__/|__/_/|_| /_/    |___/____(_)___/
                                                    
                       DD-WRT v3.0
                   http://www.dd-wrt.com
 
==========================================================


BusyBox v1.24.1 (2016-03-07 09:39:54 CET) built-in shell (ash)

root@Linksys E2500:~# reboot
root@Linksys E2500:~# Connection closed by foreign host.

#this did not fix it so I held the reinitialize button on the bottom of the unit for 10seconds
#this did fix it with the reset/reinitialize (I should have chose reset to defaults when upgrading)
I still have this problem even when choosing reset to firmware defaults

The problem is that the default of most of these units is set for non-North American phones so the ring sounds like it cuts off and is not  sequential.

How To Fix the Issue

Click on "Provisioning" and make sure you are in Advanced mode.

Set the following options:

Ring Waveform: Sinusoid

Ring Frequency: 25

Now your phone will ring normally and properly.

According to this and my own experience it is the case that you have started something running in the foreground or a server that does not terminate with a normal rc.d script.  The server will reboot once you kill whatever command or process that is.

If Linux Mint 17 or other has no window buttons/controls you can do the following from terminal:

marco --replace&
Sometimes it can be fixed if you go to your themes/appearance and choose a new one but in the case like mine where Compiz is installed but not running/working then that fix will not work and will require the marco command above.

What if you can't type in a terminal Window?

If you close that terminal window the problem reappears only worse, you will not be able to type anything in any window so you cannot do the fix again.

Do a Ctrl+Alt+F1 and login by terminal and do the following:

marco --replace -d :0&  (:0 specifies the X session number).

To find the Xsession #:
cat /tmp/.X0-lock
     28520


ps aux|grep 28520
user       9725  0.0  0.0  11748  2200 pts/23   S+   00:24   0:00 grep --color=auto 28520
root     28520  2.3  0.5 476780 181152 tty7    Rs+  Mar13  34:43 /usr/bin/X :0 -audit 0 -auth /var/lib/mdm/:0.Xauth -nolisten tcp vt7

"/usr/bin/X :0" shows that it is ":0" and that is why we will pass to marco's -d option

The Scenario

You have dual NICs and you disable NIC1 which uses 192.168.1.1 as its gateway.  With NIC2 you enable it/connect it to another network which also has the gateway 192.168.1.1

Everything will work fine at this point.

When switching back to NIC1 even with NIC2 disabled and even unplugged, the OS basically can't pick up the new/updated ARP entry of the old device for 192.168.1.1 and perhaps thinks it is a security risk or spoof of some sorts and blocks it all.  You may think there is an issue somewhere else but the syslog shows the issue below.

Mar 13 23:16:58 mybox dbus[1698]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.9" (uid=0 pid=2031 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.6" (uid=0 pid=1983 comm="NetworkManager ")
Mar 13 23:16:59 mybox dbus[1698]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.9" (uid=0 pid=2031 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.6" (uid=0 pid=1983 comm="NetworkManager ")
Mar 13 23:17:01 mybox CRON[27807]: pam_unix(cron:session): session opened for user root by (uid=0)
Mar 13 23:17:01 mybox CRON[27807]: pam_unix(cron:session): session closed for user root
Mar 13 23:17:16 mybox sudo: pam_unix(sudo:auth): conversation failed
Mar 13 23:17:16 mybox sudo: pam_unix(sudo:auth): auth could not identify password for [one]
Mar 13 23:17:24 mybox smbd[21006]: pam_unix(samba:session): session closed for user nobody
Mar 13 23:17:41 mybox dbus[1698]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.9" (uid=0 pid=2031 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.6" (uid=0 pid=1983 comm="NetworkManager ")
Mar 13 23:17:42 mybox dbus[1698]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.9" (uid=0 pid=2031 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.6" (uid=0 pid=1983 comm="NetworkManager ")

Solution

 sudo service network-manager restart
network-manager stop/waiting
network-manager start/running, process 31647
 

This is a real pain because I had to manually unplug ethernet cables for network testing or to use an alternate network or guarantee physical access to one network segment is cut off. 

For some reason this happened after I killed dbus because it was confused and blocking packets thinking they were coming from the wrong interface since eth0 and eth1 both had the same subnet and gateway.

I eventually did a "service network-manager restart" but the option was still grayed out until hours later the option returned and I could click disconnect.

I will start by saying I think I know what caused this boot-time error on Linux Mint but should also apply to Debian and Ubuntu.

I changed my BIOS time to several hours in the past to match the current time, but this caused Linux to think there were incorrect filesystem times. 

The problem is that it seems when you hit this I am not sure what is happening, it doesn't seem to be doing fsck and hangs without prompting the user. 

What I have found is that you can usually hit "S" to skip fsck or "Y" to try and fix it and it may boot.  It did in my case but X did not start probably because fsck did not complete.

So I rebooted and then got the error "Starting Enable Remaining Boot-Time Encrypted Block Devices" but it hangs there too for ages not seeming to do anything.  I think I hit "S" and was given the option to fsck so I said yes and this fixed it all and allowed boot to complete.  I did have to ignore mounting /tmp to get there though.

Another solution is that for some there are bad fstab entries causing the issue but that was not my case.

I am fairly comfortable with Linux/Debian but this threw me for a loop, the problem is that it is not obvious what is happening and it is hard to get prompted to fsck, there should be a definitive action or prompt to ask you to fsck or not etc....

Thanks for your e-mail.