This guide assumes you have a working Postfix server and want it to sign with DKIM.
There are a few things we have to understand to make all of this work though, which require you to be familiar with DNS as well.
1.) Install OpenDKIM
apt install opendkim
systemctl enable opendkim
2.) Edit /etc/opendkim.conf
Syslog yes
SyslogSuccess yes
Mode&nbs........
Sometimes users take their removal drives and unplug and replug them to test what happens during the failure of a disk. However, this breaks things quite badly due to the /dev/mapper in LUKS not coming back online due to it not being closed.
In other words, generally with non-encrypted drives the process is smooth but when encrypted you may want to follow a strategy like this:
We can see below that both disks are unavailable as they were physically remov........
convert-im6.q16: DistributedPixelCache '127.0.0.1' @ error/distribute-cache.c/ConnectPixelCacheServer/244.
convert-im6.q16: cache resources exhausted `/tmp/magick-27777Al6FGY7dhyKt10' @ error/cache.c/OpenPixelCache/3984.
convert-im6.q16: DistributedPixelCache '127.0.0.1' @ error/distribute-cache.c/ConnectPixelCacheServer/244.
convert-im6.q16: cache resources exhausted `/tmp/magick-277772Y_-pJnMdT2r1' @ error/cache.c/OpenPixelCache/3984.
convert-im6.q16: Distr........
find /usr/share/zoneinfo/|sed s#"/usr/share/zoneinfo/"##g|grep "/"|grep -v posix|grep -v ^"Etc/"|grep -v ^right|grep -v ^"SystemV"
Africa/Addis_Ababa
Africa/Abidjan
Africa/Blantyre
Africa/Lusaka
Africa/Casablanca
Africa/Libreville
Africa/Asmara
Africa/Bujumbura
Africa/Dakar
Africa/Lagos
Africa/Malabo
Africa/Harare
Africa/Kigali........
Step 1.) Upgrade to Debian 11 first
The process to go to Debian 12 is not as smooth as 11, when trying to upgrade from Debian 10. In fact, it doesn't work directly, so you'll first need to follow this guide to update to Debian 11, reboot and come back here if successful.
Step 2.) Update sources.list
Update your /etc/apt/sources.list like this:
deb http://........
If you get this error, it is often because you have configured Apache with modules that weren't actually installed. Eg. you try to load the PHPmodule but didn't actually install the apache2 php module, so the server can't start. In general, this error can often be caused by issues with problematic modules and/or Apache being configured for modules that have not actually be installed (eg. libapache2-mod-php) is missing.
The above results in this less than obv........
The issue is that Docker images are stripped down, so many tools and even python3 is missing, so you'll have to build or update the actual image yourself.
I assume you have started an image with something like this and that you have the Nvidia Toolkit installed (assuming you are using GPUs). If you're not using nvidia just remove --runtime=nvidia --gpus all.
docker run -it --runtime=nvidia --gpus all ubuntu bash
These works for most images li........
In this example we install debian 10 with --variant=minbase which gives us a minimal/tiny install. Don't use variant if you want the full size install.
mkdir /tmp/deb10files
debootstrap --variant=minbase buster /tmp/deb10files/
Did you get an error?
debootstrap --variant=minbase buster /home/theuser/VMs/deb10files/
You'll get this error if you make a directory in your home........
Here is how Ifixed it on a Mint/Ubuntu install
1.) First download the latest AMDGPU-Pro driver from here:
https://www.amd.com/en/support
Navigate to your relevant video card:
2.) Download the installer
One issue is that by default they give you a version for the latest version of........
This can be used on almost anything, since Gluster is a userspace tool, based on FUSE. This means that all Gluster appears as to any application is just a directory.
Applications don't need specific support for Gluster, so long as you can tell the application to use a certain directory for storage.
One application can be for redundant and scaled storage, including for within Docker and Kubernetes, LXC, Proxmox, OpenStack, etc or just your image/web/video files or even da........
The Best Docker Tutorial for Beginners
We quickly explain the basic Docker concepts and show you how to do the most common tasks from starting your first container, to making custom images, a Docker Swarm Cluster Tutorial, docker compose and Docker buildfiles.........
Why choose OpenVPN instead of a firewall appliance?
OpenVPN can be a reliable and easy replacement for traditional hardware or just be an additional tool that your company uses so that the firewall can focus on its job rather than acting as a VPNappliance at the same time.
When comparing OpenVPN with traditional firewal........
The key is that you need to know the passphrase to do it, if you don't know the password for the key then you can't remove the key since it cannot be decrypted.
ssh-keygen is the easiest method and openssl can be used to manually remove the key and output it to a new file, which you can then copy back over top of the encrypted file.
After that your public key authentication will work without any password prompt because it is no longer encrypted. Make sure you understand........
Just a quick note and warning is that if you are testing to see if EFIPXE booting works on a VM, MAKE SURE it actually works. For example Iinitially tested using my Distro's QEMU 2.5+dfsg-5ubuntu10.46 and ovmf BIOS firmware (OVMF supports EFI). However, I found on old versions of QEMU (like 2.5), EFIbooting with GRUB NEVER works so it may appear that you have made a mistake when everything is fine when you boot a physi........
How To Compile QEMU Manually (using sensible options)
1.) Download the QEMU source file you want.
wget https://download.qemu.org/qemu-4.2.0.tar.xz
2.) Extract The Source File
tar -Jxvf qemu-4.2.0.tar.xz
3.) Switch to the extracted source
cd qemu-4.2.0
4.) Make sure we have the right libraries and tools to compile QEMU manually
sudo apt install build-e........
I have a Canon MF642c and the scanner wouldn't work. I tried to use saned but it didn't work with the BJNPlike it did for some other Canon models.
Introducing sane-airscan with packages for the most common distributions: https://software.opensuse.org/download.html?project=home%3Apzz&package=sane-airscan
http........
A very common use case is that you don't want to waste time using a video editor that requires you to open it up and manually import the video clip and audio clip, then manually delete the old audio track and import the video and new audio. That's too much work and time since we don't want to go through the hassle.
ffmpeg is our solution, all we have to do is specify 3 variables and we're done!
-i Windows2019-Server-Noaudio.mp4 is our in........
apt install software-properties-common
add-apt-repository ppa:deadsnakes/ppa
apt update
apt install python3-pip
apt install python3.7 curl gnupg python3.7-dev git
ln -s /usr/bin/python3.7 /usr/bin/python3
pip3 install numpy keras_preprocessing
curl https://bazel.build/bazel-release.pub.gpg | sudo apt-key add -
echo "deb [arch=amd64] http://storage.googleapis.com/bazel-apt stable jdk1.8" | sudo tee /etc/apt/sources.list.d/bazel........
Unless you are using OpenStack, AWS etc then cloud-init is just some bloat that slows down the booting of your VMand can actually halt it from booting if it doesn't have a proper working IP (not good!).
#remove cloud init!
Debian based Ubuntu / Mint
sudo apt remove cloud-init
RHEL / CentOS based
yum remove cloud-init
........
yum -y install wget unzip
wget https://download.nextcloud.com/server/releases/nextcloud-18.0.2.zip
unzip nextcloud-18.0.2.zip
yum -y install php php-mysqlnd php-json php-zip php-dom php-xml php-libxml php-mbstring php-gd mysql mysql-server
Last metadata expiration check: 0:58:02 ago on Fri 13 Mar 2020 02:12:49 PM EDT.
Dependencies resolved.
===================================================================........
There are a few caveats that may not be obvious to everyone so I am going to cover them here but keep this in mind before starting.
Before starting install epel or you will be missing tesseract:
yum -y install epel-release
#1) When you specify your SSL certificate with a full path, it really needs to exist where you tell it to (including the default location of /etc/ssl/certs and /etc/ssl/c........
If you are getting this error it is usually caused by having more than 5 keys in your ".ssh" directory. It is a bit of a bug and this is how it manifests itself.
You will find at this point that you are not given any chance to enter a password, or if you are using key based auth that the same thing happens. You'll also find that this is happening with ALLservers you try connecting to.
The solution is to move away key pairs from .ssh so that there ar........
It is unfortunate that LXC's dir mode is completely insecure and allows way too much information from the host to be seen. I wonder if there will eventually be a way to break into the host filesystem or other container's storage?
OpenVZ better security:
[root@ev ~]# cat /proc/mdstat
cat: /proc/mdstat: No such file or directory
/dev/simfs 843G 740G 61G........
httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load modules/libphp5.so into server: /lib64/libresolv.so.2: symbol __h_errno, version GLIBC_PRIVATE not defined in file libc.so.6 with link time reference
This is usually caused by a mismatch in OpenSSLversion. Interestingly enough a lot of times if it has happened during an update of your system, or after, usually just restarting httpd........
The reason for doing this is that the installer doesn't seem to work properly for LUKS and the server installer doesn't even support LUKS anymore. When you use the GUI install on Desktop for LUKS it won't boot and will just hang after you enter your password. So the only reliable way is to do it ourselves.
1.) Make a default minimal install of Ubuntu
2.) Have a secondary disk on the server or VM.
3.)........
This is not about using ssh as a proxy, but rather, using a proxy when you are SSHing to another host and using ProxyCommand (where we normally use nc as our proxy tool).
In newer versions of nc the syntax has changed to the following:
ssh -o ProxyCommand="nc -x 127.0.0.1:1234" %h %p user@host
The format must be like above in newer nc versions.
Just be sure to change the 1234 to the port of your SOC........
service sshd status
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: failed (Result: start-limit-hit) since Wed 2019-10-02 11:07:54 EDT; 36s ago
Process: 476 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=255)
Oct 02 11:07:54 box systemd[1]: Failed to start OpenBSD Secure Shell server.
Oct 02 11:07:54 box sys........
Opening Firefox from the CLI reveals the following as the cause of the error:
Query failed: Error: Error(s) encountered during statement execution: no such table: moz_favicons
The symptoms of this issue are that in the address bar you cannot hit enter to browse to a site/url/address and your history cannot be accessed, nor does your history show up in the address bar when typing previously used addresses.
This usually happens because you've........
If you get error messages like this it is usually because /var/run/sshd does not exist.
root@userbox:/# service sshd status
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enab
Active: failed (Result: start-limit-hit) since Wed 2019-04-10 02:24:44 EDT; 1
Process: 511 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=255)........
The strange thing is that usually the first install or two will work on any new machine but then it suddenly won't. I had this experience on QEMU 2.13 on a different machine. There is something finicky or buggy about the CUCM installer even when choosing the same virtual hardware specs.
qemu-kvm command:
/usr/libexec/qemu-kvm -version
QEMU PC emulator version 0.12.1 (qemu-kvm-0.12.1.2-2.506.el6_10.1), Copyright (c) 2003-2008 Fabrice Bellard
........
If you don't aleady have it, you'll need EPEL
Install LXC
yum -y install lxc lxc-templates
Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: mirror.it.ubc.ca
* epel: mirrors.kernel.org
* extras: mirror.it.ubc.ca
* updates:........
The key thing here is to know the actual partition that is encrypted.
Often in Linux Mint's installer that ends up being partition 5 or /dev/sda5
sudo cryptsetup luksOpen /dev/sda5 anynamehere
You will then be prompted for your irrecoverable passphrase:
Enter passphrase for /dev/sda5:
If all goes well it won't say anything further. If it says ""No key available with this passphr........
I tried to stop a qemu-img copy or clone and it broke everything. It was fine to "stop" it from the GUI but a process still persisted so I killed the relevant qemu-img and the kernel went crazy. It also may not have helped that I tried to lvremove a different volume (an unused disk). But either way it breaks LVM (you cannot even run lvdisplay) so a reboot is necessary.
Jan 17 06:45:21 testserver kernel: [ 5680.439337] systemd-udevd D 0&nbs........
[root@localhost:~]
BootModuleConfig.sh echo host-ind nfcd........
sudo apt-get install libcurl4-openssl-dev git build-essential autotools-dev autoconf libcurl3
sudo apt-get install libcurl4-gnutls-dev
git clone https://github.com/wolf9466/cpuminer-multi
sudo apt-get install cmake libpthread-* libmicrohttpd-dev libssl-dev libhwloc-dev
git clone https://github.com/fireice-uk/xmr-stak-cpu.git
make install
cd bin
chmod +x xmr-stak-cpu
./xmr-stak -O xmr........
./nsgpucnminer: error while loading shared libraries: libOpenCL.so.1w: cannot open shared object file: No such file or directory
........
vzctl stop 4096
Removing stale lock file /vz/lock/4096.lck
Stopping container ...
Child 546213 exited with status 1
^Z
[1]+ Stopped vzctl stop 4096
~]# rm /vz/lock/4096.lck
rm: remove regular file `/vz/lock/4096.lck'? y
~]# vzctl stop 4096
Stopping container ...
Child 546246 exited with status 1........
Starting with newer versions of OpenVPN Ibelieve 2.2+ you need to have "script-security 3" set or you can't execute a third party script.
Prior to that you could also use the auth-user-pass-verify like this:
auth-user-pass-verify ./validate.pl "$username $password $ip" via-env
Options error: the --auth-user-pass-verify directive should have at most 2 parameters. To pass a list of arguments as one of the paramete........
This basically means that you are running as non-root and you need to be root to create the tun0 or tap0 device on OpenVPN. You could try sudo or adding the openvpn binary to the list of sudoers.........
Sometimes if you have a very basic configuration OpenVPN on the client side for some reason sends all traffic to the OpenVPN server IP through the tun0 which is of course impossible and creates a block or routing loop.
This is because you need to use your normal ISP/LANgateway to hit the OpenVPN server if it is remote/offsite as is usually the case. So if you are connected to the OpenVPN through say a tun0 device and your routing is set to connect to the OpenVPN&nbs........
This is not the normal "black screen"issue and I was shocked to eventually find out why. The normal advice of reconfiguring Xorg didn't work. Even booting into "Recovery Mode" did not help.
Here is the short end of the stick that fixed it:
sudo apt-get install mdm mate-desktop-environment
Yes you got it right, mdm and the mate-desktop-environment / gnome were somehow uninstalled. This must be whe........
Here is the only solution Ifound that works in Firefox:
*Note you could basically just copy all of the commands in bold (the rest just shows the output)
Install sqlite3
sqlite3 places.sqlite
sqlite> .clone places.sqlite-fixed
moz_places... done
moz_historyvisits... done
moz_inputhistory..........
Starting container...
vzquota : (error) Quota on syscall for id 4532: No such file or directory
vzquota on failed [3]
Solution
vzquota drop 4532
Then start the container and it should work. It actually happened after migrating the VPS manually to ano........
Error: Unable to apply new quota values: quota not running
Container start failed (try to check kernel messages, e.g. "dmesg | tail")
Killing container ...
Container was stopped
Error: Unable to apply new quota values: quota not running
Can't umount /vz/private/123123: Invalid argument
[root@rtt 123123]# vzquota on 123123
vzquota : (error) Can't open quota file for id 123123, maybe you need to reinit........
curl: (35) Unknown SSL protocol error in connection
The main solution is to update curl and nss. If you are having an issue with curl through Apache/PHPyou will need to restart PHPafter.
It's important to remember that this error could mean a lot of things but most often it simply means that curl and openssl may be outdated and only allow newer secure ways of connecting to SSL.
In general here is how you would fix it in most c........
This happened on Centos for no apparent reason with no obvious issue in the logs. Data could be read fine but not written (possibly due to some corruption or out of memory issue in the OpenVZ container is the best guess).
All mysql update and insert queries failed freezing without any error log on any database and table.
Tried to restart:
service mysqld restart
Timeout error occurred trying to stop MySQL........
edit theme css:
Click "Appearance -> Editor -> Stylesheet"
http://yourblog.com/wp-admin/theme-editor.php?file=style.css&theme=twentysixteen
textarea {
color: #1a1a1a;
/*font-family: Merriweather, Georgia, serif;*/
font-family: "Lucida Sans Unicode", "Lucida Grande", sans-serif........
Unable to load dynamic library '/usr/lib64/php/modules/php_openssl'
not sure how to fix this........
In Thunderbird in a very large folder suddenly all of my e-mail list became blank/white even though you could click on the invisible/white/blank lines and it would show the e-mails. Itried to close and reopen but only going to Folder -> Properties and clicking Repair Folder fixed it (basically it had to redownload/rebuild the entire index and all e-mails).........
You are using Centos 5 which is deprecated so nothing in yum will work until you follow this post to use the vault:
http://realtechtalk.com/Centos_59_Working_Vault_Repo_file-1921-articles
yum update
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* epel: fedora-archive.ip-connect.vn.ua
Traceback........
I have never had this error on Linux and this is running FreeBSD as root:
Wed Aug 9 04:29:34 2017 us=329050 Cannot allocate TUN/TAP dev dynamically
Wed Aug 9 04:29:34 2017 us=329832 Exiting due to fatal error
The Solution you need a kernel module that is for some reason not automatically loaded like Linux:
kldload if_tap........
I have never had this error on Linux and this is running FreeBSD as root:
Wed Aug 9 04:29:34 2017 us=329050 Cannot allocate TUN/TAP dev dynamically
Wed Aug 9 04:29:34 2017 us=329832 Exiting due to fatal error
The Solution
You need a kernel module that is for some reason not automatically loaded like Linux:
kldload if_tap........
When using the .sh script the rendering doesn't work after an upgrade of related packages to kdenlive.
kdenlive (kdenlive:amd64 (4:17.04.1+git201705191233~ubuntu16.04.1)) with affine or composite transitions was fine but is now broken during the time of transition it is just a white screen.
The previous version was fine:
kdenlive:amd64 (4:17.04.1+git201705191233~ubuntu16.04.1
But now I can't find it or install it:........
cagecoin linux compile:
sudo apt-get install qt4-qmake libqt4-dev build-essential libboost-dev libboost-system-dev
libboost-filesystem-dev libboost-program-options-dev libboost-thread-dev
libssl-dev libdb++-dev libminiupnpc-dev
Solution:
sed -i s/"BOOST_LIB_SUFFIX=-mt-s"/"#BOOST_LIB_SU........
Solution:
Aptitude is very smart and fixed the issues it was because of nvidia cuda and opencl and nothing else suggested or hinted this using apt
sudo aptitude install wine
The following NEW packages will be installed:
ocl-icd-libopencl1{ab} ocl-icd-libopencl1:i386{ab} wine wine1.6
wine1.6-amd64{a} wine1.6-i386:i386{a}
The following packages will be REMOVED:........
When things go wrong your video is basically unplayable or the first video plays fine and then freezes when moving on to the next. Generally if both videos weren't produced with the exact 100% same settings you will have issues. You can try the basic concat but it often won't work right.
Solution for me:
My example uses 3 videos in total so "n=3" and a=1 to include audio.
ffmpeg -threads 12 -i file1.mp4 -........
This container won't start after exhausting its memory. There are no relevant or helpful messages in dmesg or vzctl.log as well. Standard troubleshooting such as disabling PPP etc has not helped.
2017-07-06T23:33:29-0400 vzctl : CT 888171 : Locked by: pid 166029, cmdline vzctl start 888171
2017-07-06T23:33:29-0400 vzctl : CT 888171 : Container already locked
2017-07-06T23:33:29-0400 vzctl : CT 888171 : Container was stopped
2017-07........
I am using a GTX 1060 but replace the download for the driver with the correct/current version for your particular card by visiting: http://www.nvidia.com/Download/index.aspx?lang=en-us
yum install automake curl openssl-devel libcurl-devel gcc gcc-c++
yum -y install kernel-devel-`uname -r`
yum -y install unzip
#the........
Jun 1 15:45:42 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: project_data:INFO Missing folder chosen by user:
Jun 1 15:45:42 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: project_data:INFO Removed missing file: MAH02949.MP4
Jun 1 15:45:57 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: ui_util:WARNING Icon theme media-playback-start not found. Will use backup........
I was sure this was a Centos bug with OpenSSL, Apache, MySQL or even PHP. I tried everything but nothing helped. One clue is that if you check the Apache logs you will see nothing in the access logs until minutes later (this means Firefox has not even passed your request to the remote Apache/htttpd server).
When even accepting the invalid certificate message that would show up minutes later when trying to "View the Certificate" Firefox would freeze. This bu........
Does this mean? [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
Basically it means you created your SSL Certificate as a CA the wrong way, usually with this command:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
How can you fix it and do it properly?
Step 1.) Make a new Private KeyCreate server pass key:........
Very useful in embedded and other non-standard deployments. The above makes a random salt of 14 random characters from /dev/urandom (you can change the -14 to whatever number of characters you want for your salt).
openssl passwd -1 -salt `< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-14};echo;` YourPassword
Output:
$1$eW-ScuyL$f/iKMJ5mbJ..7bSzvX6EO0
How To Create Password Has........
This error is commonly due to Java security or TLS settings but there is a second issue with forwarded ports that also causes it.
1. Java Security/TLS Settings issue:
This article has the solution to change them all in Linux automatically
2. Port Forwarding Issue if your Avocent DSR is behind NAT/private IP........
This is especially helpful if you run your own servers. If you are presented with an error message or warning that the signature has changed or does not match the IP/domain you are connecting to you always want to verify manually.
So your e-mail/web client will show you an SHA-1 fingerprint like this:
"Could not verify this certificate because the issuer is unkown" or other reasons such as a mismatch in IP/domain.
It will also show you........
[Thu Jan 26 14:13:31 2017] [notice] caught SIGTERM, shutting down
[Thu Jan 26 14:14:00 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jan 26 14:14:00 2017] [error] Server certificate is expired: 'Server-Cert'
[Thu Jan 26 14:14:00 2017] [notice] SSL FIPS mode disabled
[Thu Jan 26 14:14:07 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jan 26 14:14:07 2017] [error] Server certificate is expired: 'Server-Ce........
Many users still are not aware but simply patching OpenSSL does not secure you against many known and easy to exploit attacks that will render your encryption useless by an attacker.
Use the following setings in /etc/httpd/conf.d/ssl.conf
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !CAMELLIA !SEED !3DES !RC4 !aNULL !eNULL !LOW !MD5 !EXP !PSK !........
# yum -y install qemu-kvm
Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: mirror.lzu.edu.cn
* elrepo: ftp.utexas.edu
* epel: ftp.jaist.ac.jp
* extras: mirrors.aliyun.com
* openvz-kernel-rhel6: mirror.fdcservers.net
* openvz-utils: mirror.fdcservers.net
* updates: mirrors.nwsuaf.edu.cn
Resolving Dependencies........
The file ipupdate.txt should look like this:
ip.ip.ip.ip ctid
while read -r; do
ip=$REPLY
setip=`echo $ip|awk '{print $1}'`
ctid=`echo $ip|awk '{print $2}'`
echo "vzctl set $ctid --ipadd $setip --save"
vzctl set $ctid --ipadd $setip --save
done < ipupdate.txt........
The only solution after trying many suggestions was to simply restart the "vz" service (definitely not preferable).
Even doing an ifdown and ifup for venet0 did not help.
ifup venet0
Bringing up interface venet0:
Configuring interface venet0:
net.ipv4.conf.venet0.send_redirects = 0
RTNETLINK answers: Network is down
Some errors from log:
CPT ERR: d2dc60........
migrating from an old OpenVZ (Centos 5) to new OpenVZ (Centos 6)
Also if migrating from 32-bit HN to 64-bit your RAM will probably be much bigger than it should be!
16x bigger
eg. 32bit HN:
total used free shared buffers cached
Mem:&nb........
Syncing private
Live migrating container...
Syncing 2nd level quota
11000: invalid option -- F
Usage: vzdqload quotaid [-c file] commands
Loads user/group qouta information from stdin into quota file.
-c file use given quota file
Commands specify what user/group information to load:
-G grace time
-U disk limits........
rm /vz/lock/1200.lck
rm: remove regular file `/vz/lock/1200.lck'? y
vzctl start 1200
Container already locked
vzctl start 1200
Starting container ...
vzquota : (error) can't lock quota file, some quota operations are performing for id 1200
vzquota on failed [7]
vzquota off 1200
vzctl start 1200
vzquota on 1200
root@rttbox ~]# vzquota off 1200
vzquota : (........
This happened while an mdadm array was syncing, all access from writing a new blank file to opening a small .txt file was very slow:
[222117.312078] kjournald starting. Commit interval 5 seconds
[222117.685060] EXT3-fs (md0): using internal journal
[222117.685096] EXT3-fs (md0): mounted filesystem with ordered data mode
[222122.376847] kjournald starting. Commit interval 5 seconds
[222122.602825] EXT3-fs (md2): using internal jour........
Errors like this are shown on high usage servers and ports so it is common to see it on http and even imap ports:
possible SYN flooding on port 80. Sending cookies.
The Linux kernel will even detect flooding on OpenVZ containers:
possible SYN flooding on ctid 6000, port 993. Sending cookies.
In many cases this is not an issue and is more so simply a result of regular, but high usage traffic.........
kernel: [10186978.064405] TCP: time wait bucket table overflow (CT3)
Varying opinions are out there but in general it seems like the most common culprit is a lack of privvmpages, with a modern OpenVZ system the best way is to set privvmpages as equal to what your RAM is and this has resolved the messages on another system.
If it's truly a TCP issue you can adjust the following parameters:........
It all comes down to a bug essentially where you are running an older kernel that doesn't support the newer Debian templates. The solution is to update your OpenVZ kernel.
Here are some symptoms of the problem/lack of kernel support:
Ubuntu Template 12.04 requires a manual network start:
service networking start
sshd will not start:
/usr/sbin/sshd
PRNG is not seeded
mknod /dev/random c 1 8........
openvpn 2.3.10-1.el6 issues
in the .conf
auth-user-pass-verify "passwordcheck $username $password $untrusted_ip" via-env
auth-env does not work correctly in OpenVPN 2.3:
Sat Apr 23 02:30:22 2016 - $username - $untrusted_ip - login failure
But OpenVPN 2.2 does work as expected.
It could be that the specified script automatically receive........
service iptables start
iptables: Applying firewall rules: iptables-restore: line 40 failed
[FAILED]........
The following assumes the computer is local/physical to you and/or it always has a LANIP so it can be accessed on site without having a default gateway.
The key to this is not to set a default gateway for your computer or you can set a script on boot or other time to delete the gateway (where eth0 is the NIC you are using):
route del default eth0
50.80.20.2 is the VPN server you connect to
192.168.1.1 is your........
mono/wine not working in Ubuntu/Linux Mint/Debian:
The assembly mscorlib.dll was not found or could not be loaded.
It should have been installed in the `/usr/lib/mono/2.0/mscorlib.dll' directory.
solution:
sudo apt-get install mono-complete
Problems:
mono does not work well for even simple things like a Winrar self extracting .exe fi........
vzctl set 2 --devnodes fuse:rw --save
Where "2" is the ctid........
It sounds like this is corrected in later versions of the OpenVZ kernel but Iam not sure, it may also be that a much newer kernel is needed and Centos may not have a recent enough kernel.
*Debain 7.0 however does work fine as a temporary fix or work around.
Debian 8 OpenVZ no IP and networking not working:
lo Link encap:Local Loopback
 ........
This is useful in the case you are not properly logged in via an OpenVZ session or even a normal SSH session that you fear may go down(if the connection is broken the history is not saved).
Save your bash_history like this:
history -w ~/.bash_history
You can always change the above to another file eg /tm........
#solution
Edit /etc/yum.repos.d/openvz.repo
For the first two entries comment out #mirrorlist and uncomment #baseurl and then it worked
openvz yum problem Centos 6.5 cannot find file on mirror:
yum update
Loaded plugins: fastestmirror
Determining fastest mirrors
* openvz-kernel-rhel6: mirrors.ustc.edu.cn
* openvz-utils: mirrors.ustc.edu.cn
base ........
First of all this seems to apply to many ONVIF devices
Hard coded IP: 192.168.1.10 (yes not kidding no DHCP!)
00:12:12:9C:C2:00
To view RTSP stream use VLC, or openRTSP or other RTSP capable software:
rtsp://192.168.1.10/user=admin_password=tlJwpbo6_channel=1_stream=0.sdp
user: admin
password: blank
http://ip/Login.htm
Uses Quicktime and is a poor quality picture and slow
Cannot change pass........
I never did get it working, it is too bad as obfsproxy should really be an option and integrated into the OpenVPN client and server or something similar:
yum -y install python-pip python-devel
No package python-pip available.
#install the EPEL repo
python-pip install obfsproxy
python-pip install obfsproxy
-bash: python-pip: command not found
pip install obfsproxy
&........
yum -y install wget
wget -P /etc/yum.repos.d/ http://ftp.openvz.org/openvz.repo
rpm --import http://ftp.openvz.org/RPM-GPG-Key-OpenVZ
yum -y install vzkernel vzctl
#enable ip_forward
sed -i s/'net.ipv4.ip_forward = 0'/'net.ipv4.ip_forward = 1'/g /etc/sysctl.conf
#all interfaces should not send redirects
echo "net.ipv4.conf.default.send_redirects = 1" >> /etc/sysctl.conf
echo "net.ipv4.co........
vzctl set $CTID --devnodes net/tun:rw --capability net_admin:on --save........
#from epel repo
yum -y install opendkim
chkconfig opendkim on
cd /etc/opendkim/keys
opendkim-genkey -vd mail.server.com
opendkim-genkey: generating private key
opendkim-genkey: private key written to default.private
opendkim-genkey: extracting public key
opendkim-genkey: DNS TXT record written to default.txt
........
What matters most about VPNproviders in 2024?
We are highly suspicious of VERYLARGE VPN providers that have LOW PRICES and HUGE DISCOUNTS. The suspicion is that for those who know what costs are involved to purchase thousands of IPs and servers are not small. At the prices that many of the big mainstream providers offer, it is likely unprofitable or barely profitable. Then, how are those companies making money or is that even the goal?
There use........
You need the "openssh-clients" package which contains sftp and scp.
yum -y install openssh-clients........
Are you getting the same old error message even though your iptables settings for OpenVZ are correct?
iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
The reason is because in newer vzctl the old way of setting IPTABLES="" in vz.conf is completely deprecated (I spent some time fiddling wondering why my settings were correct but........
cc: Internal error: Killed (program cc1)
Please submit a full bug report.
See for instructions.
make: *** [ext/fileinfo/libmagic/apprentice.lo] Error 1
make: *** Waiting for unfinished jobs....
Stopping crond: ........
It's simple, just edit /etc/vz/vz.conf and add or change the following:
VE_LAYOUT=simfs........
iptables -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1/32 --dport 3389 -j DNAT --to-destination 192.168.5.2:3389
iptables v1.4.7: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
The above is often because you don't have the correct modules loaded on the hostnode or enabled for the container but in some cases it's actually a weird openvz setting.
Che........
2014-08-12T19:05:55-0400 vzctl : CT 391801 : Unable to start init, probably incorrect template
2014-08-12T19:05:55-0400 vzctl : CT 391801 : Container start failed
This was caused by trying to run a 64-bit template on a 32-bit kernel hostnode which is obviously impossible.
The solution is to use a 32-bit template or upgrade the hostnode to 64-bit.........
vzctl stop ctid
Killing container ...
Child 1033348 exited with status 7
Unable to stop container
vzctl enter ctid
enter into CT 29831 failed
Some have suggested using vzctl stop ctid --fast which does not work.
The only thing that seems to work is restarting the vz service.........
http://sourceforge.net/projects/apacheoo-deb/files/debian/dists/wheezy/main/binary-i386/
To install AOO on your computer, you need to add the following entry to the /etc/apt/sources.list file:
deb http://downloads.sourceforge.net/project/apacheoo-deb/debian wheezy main
sudo apt-get update && sudo apt-get install openoffice-en* openoffice-brand-writer openoffice-brand-calc openoffice-brand-impress openoffice-brand-base open........
I used the matching 8.3.13 utilities and it didn't work but strangely the newer 8.3.16 which makes DRBD complain works just fine.
GIT-hash: 83ca112086600faacab2f157bc5a9324f7bd7f77 build by root@sighted, 2012-10-09 12:47:51
0: cs:SyncSource ro:Secondary/Primary ds:UpToDate/Inconsistent A r-----
ns:0 nr:0 dw:0 dr:0 al:0 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:b oos:5236960
&am........
Can't load ploop library: libploop.so: cannot open shared object file: No such file or directory
The above happens when you haven't installed the ploop tools:
yum -y install ploop........
OpenVZ has made vzctl version 4.7 default to using ploop which is a big annoyance. No one wants it otherwise we'd use Xen or KVM.
Make sure to manually specify vzctl 4.6.1 or you will have issues with old scripts breaking since it defaults to using ploop (a single image like Xen/KVM).
Here's a list to old versions of vzctl.........
./configure
./configure: line 91: cd: /lib/modules/2.6.32-042stab084.25/build: No such file or directory
Error: kernel version not found.
Please make sure your kernel is configured.
dr-xr-xr-x. 4 root root 4096 Feb 21 06:13 ..
lrwxrwxrwx 1 root root 45 Feb 21 06:13 build -> ../../../usr/src/kernels/2.6.32-042stab084.25
drwxr-xr-x 2 root root 4096 Feb 12 20........
This can happen when you install RPMForge or other repos with the wrong architecture and here's how you fix it (simply uninstalling won't usually fix it):
solution
yum clean all
yum -y install openvpn
Loaded plugins: fastestmirror, presto
Loading mirror speeds from cached hostfile
* base: mirror.its.sfu.ca
* extras: centos.mirror.nexicom.net
* rpmforge: mirror.cpsc.ucalgary.ca
* up........
yum -y install wget
wget -P /etc/yum.repos.d/ http://ftp.openvz.org/openvz.repo
rpm --import http://ftp.openvz.org/RPM-GPG-Key-OpenVZ
yum -y install vzkernel vzctl
After that just reboot and you may also have to enable ip_forward in /etc/sysctl.conf........
Iused the slightly older "304.117" version and it worked.
With the newest version Icouldn't get X to start and kept getting these errors in messages/dmesg.
[ 2346.083660] nvidia 0000:01:00.0: irq 44 for MSI/MSI-X
[ 2350.608342] NVRM: RmInitAdapter failed! (0x12:0x2b:1831)
[ 2350.608354] NVRM: rm_init_adapter failed for device bearing minor number 0
[ 2350.608369] NVRM: nvidia_frontend_open: minor 0, module->open() failed, err........
It's not as simple as "yum install" as you can see below and it doesn't stop there.
yum install php53
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* rpmforge: mirror.us.leaseweb.net
* extras: centos.mirror.rafal.ca
* updates: centos.mirror.nexicom.net
* base: centos.mirror.nexicom.net
* addons: centos.mirror.nexicom.net
Setting up Install Process........
Cannot find /usr/include/openssl/ssl.h.
Did you run the pre-install commands?
http://help.directadmin.com/item.php?id=354
yum -y install openssl*........
Idon't know why but some installations don't have this in the database by default.
To fix it to an:
sudo apt-get update;sudo apt-get install openssh-server
and then it will work........
Linux box13. 2.6.32-042stab076.5 #1 SMP Mon Mar 18 20:41:34 MSK 2013 x86_64 x86_64 x86_64 GNU/Linux
even setting privvmpages to a specific setting DOES not affect "free -m" in containers.
This is probably a kernel issue
23:36:29 up 159 days, 7:12, 4 users, load average: 0.42, 0.44, 0.33
[root@box13 ~]# free -m
total&n........
PHP5 Centos 6 displays part of code from PHP file for some scripts
Solution
edit /etc/php.ini change short_open_tag = Off to:
short_open_tag = On
Then restart Apache and it should be resolved (assuming the scripts failing used )
........
I flashed an LSI Logic firmware to it and it broke the BIOS (cannot do Ctrl+R) for booting purposes but allows other functionality to work normally.
I tried downgrading to a Dell firmware for Perc 6i but it won't work, not even with MegaCli
wget http://downloads.dell.com/FOLDER00416606M/1/SAS-RAID_Firmware_W83M2_LN32_6.3.1-0003_A14.BIN
--2013-08-26 12:53:39-- http://downloads.dell.com/FOLDER00416606M/1/SAS-RAID_Firmware_W83M2_LN32_6.3.1-0003_A14.BIN
Resolvi........
open /dev/kvm: No such file or directory
failed to initialize KVM: Operation not permitted
[ 96.084502] kvm: disabled by bios
Any of the above means that "Virtualization" is not enabled in your BIOS. Most servers and Desktops (non-mainstream) can do this no problem but leave it off by default. Note that some systems even though the CPU supports it, don't allow enabling of Virtualization for some reason (especially some lap........
mkdir: cannot create directory 'test': Disk quota exceeded
You are out of inodes usually:
df -i
Filesystem Inodes IUsed IFree IUse% Mounted on
/dev/simfs 200000 200000 0 100% /
none ........
Make sure that the Page mode is set to landscape and that the columns fall within the margins/boundaries, otherwise this is why there will be blank pages (Print Preview will show you this too).........
openoffice calc landscape printing problem
OpenOffice.org 3.2.1
OOO320m19 (Build:9505)
ooo-build 3.2.1.4, Ubuntu package 1:3.2.1-7ubuntu1.
It's not extending the printing and margins all the way to the edge even when setting the Page and print settings to Landscape
Solution (incorrect margins set under Page):
*Check the margins, my right margin was like 14cm!........
Container is currently mounted (umount first)
The container is stuck in the "mounted" state, you must manually start it to get it out of that state (there is no umount option as implied by OpenVZ vzctl).........
When trying to reboot this Centos 5 container, it gets stuck as "mounted" and requires a manual start command, here is what dmesg shows:
[424458.173252] VE10000: no allowed mount options found for device 0:21
[424458.177970] proc: unrecognized mount option "relatime" or missing value
[424460.297663] CT: 10000: stopped
[426663.466433] CT: 10000: started........
Client Log
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.1.253 [192.168.1.253] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_d........
vzquota : (warning) block_hard_limit [102] < block_current_usage [520824]
This is because your disk usage of the container exceeds the quota.
Eg. once on a test container I had accidentally set it to 32MB yet the OS took about 600MB.
Just set the quota to something bigger than the currently used space to solve it.
vzctl set 3891 --diskspace 5G:5G --save........
Solution To The Following:
yum -y install zlib-devel
yum -y install e2fsprogs*
*** Cannot find /usr/include/et/com_err.h. (yum install libcom_err-devel) ***
Installation didn't pass, halting install.
Once requirements are met, run the following to continue the install:
cd /usr/local/directadmin/scripts
./install.sh
Common pre-install commands:
http://help.directadmin.com/it........
Step #1 - Create Wrapper Script
vi /usr/local/bin/phpsendmail
#!/usr/bin/php
........
Install unoconv
unoconv -d document -f pdf file.doc
Change "file.doc" to the name of your document. Note you could specify *.doc and it will convert all .doc's in the current directory to pdf which is very handy.
unoconv uses the cli from OpenOffice to do this, OpenOffice actually doesn't have an easy way I've found of doing this despite it having the functionality.
........
There are 3 pieces that are required to restore and make it work (of course consider if any kernel modules need to re-enabled and if you need to change the IPs):
Copy the vz/private/VEID directory to /vz/private
Copy the /etc/vz/conf/VEID.conf to /etc/vz/conf/
mkdir /vz/root/VEID
After that you should be able to see the VE in vzlist -a
You should then be able to start it normally.........
Tools -> Options -> OpenOffice Writer -> Table
Uncheck "Number Recognition"
This will permanently disable it but won't undo the damage it has already done. I spent a long-time fighting with this horrible feature which should be disabled by default.........
Cannot load certificate file keys/server.crt: error:0906D06C:PEM
The .crt is blank empty because when generating it I kept hitting enter for the defaults and this caused the crt not to be signed.
Certificate is to be certified until Dec 18 00:35:49 2022 GMT (3650 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
So if you get messages like these, a........
qemu-img create -b centos.5-8.x86.20120308.qcow2 -f qcow2 ../kvmguests/25000-centos5.8x86.qcow2
Formatting '../kvmguests/25000-centos5.8x86.qcow2', fmt=qcow2, backing_file=centos.5-8.x86.20120308.qcow2, size=10485760 kB
-b the source/base image
-f format is qcow2 and the location of the destination image
What is so special about this? It's even quicker than creating a template with OpenVZ but this is an actual OS.
It saves time a........
For whatever reason the current OpenVZ yum repo file enables the RHEL6 version of OpenVZ, why is this bad? Because if you're running Centos 5 it still defaults to using the kernel from RHEL6 which won't work on RHEL5/Centos 5.
Ionly realized this after wondering why I couldn't boot into OpenVZ that it was using one meant for RHEL6.
To fix the problem you have to edit /etc/yum.repos.d/openvz.repo and disable the "[openvz-kernel-rhel6]" section by changing........
Directadmin Error when changing user settings/saving
Details
Error with system Quotas
setquota: Mountpoint (or device) / not found. setquota: Not all specified mountpoints are using quota.
Debug Guide
You have to disable and enable the quota's using vzquota on and off.
After that it will work.........
VBoxManage modifyhd XP.vdi --resize 15000
VBoxManage modifyhd XP.vdi --resize 15000
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
That resizes the virtual hard drive image "XP.vdi" to 15000MB instantly.
I doubt this is safe to do while the VM is running and I'm not sure if it would attempt it still but turn the VM off first to be safe.
I also notice in the VBOX GUI that it still shows the orig........
Error: detected vswap CT config but kernel does not support vswap
This means either old kernel or bad config (physpages NOT set to 0:unlimited)
Solution
vzctl set $veid --physpages 0:unlimited --save........
iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
This solution applies to all other iptables modules/problems for OpenVZ, you'll just need to add them to both lists/lines below if you have modules other than what I have below.
The modules need to be enabled in both iptables and the OpenVZ hostnode itself and then the containers which need it must be restarted.
How To Enable IPTables Modules in OpenVZ........
It's really silly how DA doesn't enable SSL by default but is otherwise a stable, fast and secure control panel.
Here's a copy and paste way of enabling SSL for Directadmin in just a few seconds:
*setup SSL
openssl req -x509 -newkey rsa:1024 -keyout /usr/local/directadmin/conf/cakey.pem -out /usr/local/directadmin/conf/cacert.pem -days 9999 -nodes
That creates the public certificate and private key pair in the location Directadmin expects to fi........
debug1: An invalid name was supplied
Cannot determine realm for numeric host address
debug1: Local version string SSH-2.0-OpenSSH_4.3p2 Debian-9etch3
debug1: An invalid name was supplied
Cannot determine realm for numeric host address
debug1: An invalid name was supplied
A parameter was malformed
Validation error
Solution, disable auth from the ssh client (this is a client side error)........
Stuff like this always happens/breaks after a vzctl update, whether it's new parameters being added or required etc..
File /etc/vz/conf/ve-vps.basic.conf-sample not found: No such file or directory
Fix the value of CONFIGFILE in /etc/vz/vz.conf
Creation of container private area failed
Warning: distribution not specified in CT config, using defaults from /etc/vz/dists/default
WARNING: /etc/vz/conf/4400.conf not found: No such file or directory........
I dread updating the kernel and rebooting to find the Ubuntu graphics aren't working and you have to manually intervene. This is usually because Ubuntu for whatever reason didn't update the drivers you need (eg. the manually compiled Nvidia Kernel driver that MUST be recompiled for each and every kernel update unfortunately).
The most common reason may be that "linux-source" hasn't been installed automatically on my system. I tried to manually reinstall the........
I really am a Linux fan but my comments here may not show it. Although I'm quite familiar with Linux CLI to administer servers, I find Linux GUI OS's like Ubuntu at times very clunky.
This is partially because there's no such thing as a "self-made" Linux from scratch where the UIwas designed by a single team. Linux is made up of several different projects that are generally completely separate and this lack of integratiion is a key issue that makes things f........
I used the suggested script to bridge from OpenVPN and it took my client's server off-line! Don't ever use their "sample" scripts if you don't have another way of accessing the server than SSH.
I actually found it easier to use iptables to tell it to route IPs based on a certain subnet to route through eth0:
iptables -t nat -A POSTROUTING -s 192.168.200.0/24 -o eth0 -j MASQUERADE
Replace "192.168.200.0/24" with your subnet of cour........
Visit http://linux.softpedia.com/get/Programming/Interpreters/Android-32340.shtml
Basically copy and paste all of that below and you'll have installed and started the Android SDK before you know it.
wget http://dl.google.com/android/android-sdk_r12-linux_x86.tgz
sudo apt-get install openjdk-6-jre openjdk-6-lib openjdk-6-jre-headless
tar -xvf android-sdk_r12-linux_x86.tgz
cd android-sdk-linux_x86/tools
./android........
It's actually fairly straight forward:
load data local infile 'billpayments-payments.csv' into table payments
fields terminated by ','
enclosed by '"'
lines terminated by 'n'
The above assumes that your fields are terminated by a comma (some programs like OpenOffice change this to a semi-colon ;) and that they are enclosed with "
The above will insert the data from billpayments-payments.csv into the table payments.........
Some minimal installs of Centos may be missing the scp command, which is actually part of the "openssh-clients" package.
scp not found
yum install openssh-clients........
ifup eth0
SIOCSIFFLAGS: Cannot allocate memory
Failed to bring up eth0
This is on a Centos 5.5 machine with OpenVZ kernel 2.6.18-238.12.1.el5.028stab091.1PAE, I updated 3 systems with the same hardware to the same kernel and for some reason the network didn't come back.
This only happened once the first time I booted into the new kernel and hasn't happened again but this is a serious issue for those running systems from remote locations such as a datacente........
This may not apply to everyone but here is what happened to me.
One day my IP connectivity for one container went dead, I could ping the hostnode from it and the hostnode could ping it but there was no external routing. I restarted the network service but it didn't help.
I checked the routing table inside the VPS and the host and everything looked normal. Iadded another different IPon the same subnet to the container and it worked. Right away I st........
Starting online migration of CT 25000 to 192.168.5.1
Preparing remote node
Initializing remote quota
Syncing private
Live migrating container...
Error: Failed to suspend container
CPT ERR: f68cf000,25000 :foreign process 15755/14731(vzctl) inside CT (e.g. vzctl enter or vzctl exec).
CPT ERR: f68cf000,25000 :suspend is impossible now.
CPT ERR: f68cf000,25000 :foreign process 15755/14731(vzctl) inside CT (e.g. vzctl enter or........
CPT ERR: cc4c0800,28000 :Unknown image version: 304. Can't restore.
This happens when you live migrate between OpenVZ servers with different kernels running, at least significantly different by date.
There is no solution except to make sure you're running the same kernels on all machines, or at least not kernels that are much older or different (this is just a guess though, you should ensure all kernels are the same).........
It's weird because I have a nearly identical box and setup and I can update the ovzkernel-PAE* just fine but on this box it doesn't work.
I only get this error with the openvz.repo and not others such as Centos-Base.repo
With my other server it works normally:
================
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package ovzkernel-PAE.i686 0:2.6.18-238.12.1.el5.0........
One thing to note about DNS servers and providers is that they aren't always trustworthy, not even if they're Google or your favorite ISP. Any DNS server can compromise your privacy, and they are likely tracking your browsing habits and keeping logs of it. Sometimes it's for Marketing/Research purposes such as Google's GMail service which they admit is scraped/datamined. I would expect nothing less from their DNS service.
The other danger with such widely used and pu........
I found this technique listed in many places which shows you how to use a common Linux tool "dd" to dump the raw partition of your iPhone.
I give credit to this site for showing me the correct way to dd from the iPhone, I never thought to try it in the other direction:http://log.ijulien.com/post/182804914/iphone-3gs-data-recovery
Requirements
1.) Jailbreak your........
Centos 5 Postfix and SPAMASSASSIN Tutorial
yum install spamassassin
chkconfig spamassassin on
vi /etc/mail/spamassassin/local.cf
##############
#required_hits 5
#report_safe 0
#rewrite_header Subject [SPAM]
#5 is the least restrictive (means only the most obvious SPAM is caught. 0 is obviously the most restrictive/sensitive and would have lots of false positives
require........
SPAMASSASSIN
Disable OpenWhois RBL (it is dead/defunct/no longer active):
You might see this in your headers
2.4 DNS_FROM_OPENWHOIS RBL: Envelope sender listed in bl.open-whois.org
comment out this inside /usr/share/spamassassin/72_active.cf
##{ DNS_FROM_OPENWHOIS
ifplugin Mail::SpamAssassin::Plugin::DNSEval
header DNS_FROM_OPENWHOIS eva........
yum -y install openssl* gcc-c++ gcc flex g++ make;wget http://www.directadmin.com/setup.sh;chmod +x ./setup.sh;./setup.sh
#enable SSL
/usr/bin/openssl req -x509 -newkey rsa:1024 -keyout /usr/local/directadmin/conf/cakey.pem -out /usr/local/directadmin/conf/cacert.pem -days 9999 -nodes
chown diradmin:diradmin /usr/local/directadmin/conf/cakey.pem
chmod 400 /usr/local/directadmin/conf/cakey.pem
sed -i "s/SSL=0/SSL=1/g" /usr/local/dire........
Use "ImageMagick" which can be installed easily on most UNIX/Linux distros.
Remember that it will go with the standard file listing to determine the order but I believe you can manually specify multiple jpg's in the arguments.
Convert image/jpg to PDF
convert *.jpg yourpdf.pdf
This is a very handy and free tool.
Convert DOC/TXT documents to PDF
If you wanted to convert a .doc file or text........
Make sure the module "tun" is loaded on the host.
vzctl set 2000 --devnodes net/tun:rw --save
*Note what's below is what OpenVZ says you need (but I've never had to do it)
vzctl exec 2000 mkdir -p /dev/net
vzctl exec 2000 mknod /dev/net/tun c 10 200
vzctl exec 2000 chmod 600 /dev/net/tun
On the container test the device:
when Something is wrong:........
I right clicked all applicable cells and chose "number" but that's enough.
I notice when I click the cell there is an invisible ' in front of the number:
'33.64
Calc imported my CSV and decided to add a ' in front of the numeric currency values!!!*Actually the problem occurs when you right click the cells and change the type from text to number, no matter what format you choose.
If I change it to be currency i........
Dovecot enable SSL (by default it uses an old expired cert if you choose pop3s and imaps as protocols)
===================
Create Cert & Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
mkdir /etc/mailssl
chmod 700 /etc/mailssl
cp server.* /etc/mailssl
Edit /etc/dovecot.conf
ssl_cert_file = /etc/mailssl/server.crt
s........
Create Cert & Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
mkdir /etc/mailssl
chmod 700 /etc/mailssl
cp server.* /etc/mailssl
Postfix SSL config
Edit /etc/postfix/main.cf:
#SSL stuff
smtpd_tls_cert_file = /etc/mailssl/server.crt
smtpd_tls_key_file = /etc/mailssl/server.key
To make smtps w........
Forbidden
You don't have permission to access / on this server.
[Sun Jan 23 15:28:12 2011] [crit] [client 96.44.31.12] (13)Permission denied: /www/vhosts/domain.com/httpdocs/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
Solution
I've done a chmod 755 .htaccess and index.php and restarted Apache
That wasn't the only issue, the issue was the httpdocs direc........
Openvz problem, it is confusing because it's an inode issue and there is enough free space.
cp: cannot create regular file `forums/memberlist.php': Disk quota exceeded
/dev/simfs 60G 20G 41G 33% /
none 2.0G 4.0K 2.0G 1% /dev........
Jan 16 04:02:03 centosbox syslogd 1.4.1: restart.
Jan 16 04:07:34 centosbox kernel: INFO: task updatedb:20771 blocked for more than 300 seconds.
Jan 16 04:07:34 centosbox kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
Jan 16 04:07:34 centosbox kernel: updatedb D F78BE050 6476 20771 20766&n........
Webmin Setup Centos 5:
wget http://downloads.sourceforge.net/project/webadmin/webmin/1.530/webmin-1.530-1.noarch.rpm?r=http%3A%2F%2Fwww.webmin.com%2Fstandard.html&ts=1294339690&use_mirror=surfnet
[1] 24229
[2] 24230
[root@host ~]# --2011-01-06 21:48:20-- http://downloads.sourceforge.net/project/webadmin/webmin/1.530/webmin-1.530-1.noarch.rpm?r=http%3A%2F%2Fwww.webmin.com%2Fstandard.html
Resolving downloads.sourceforge.net... 216.34.181.........
The normal solution doesn't help or apply here:
ssh -v user@192.168.5.41
OpenSSH_4.3p2 Debian-9etch3, OpenSSL 0.9.8c 05 Sep 2006
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.5.41 [192.168.5.41] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: i........
yum exits in the middle
The problem is this VPS seems to be an OpenVZ template from HyperVM. The only way to make it work was to disable i386 packages since this was an x64 kernel. That shouldn't be necessary but it was the only way to make yum stop quitting after the first package or two. I couldn't find any issue by checking the logs either.
echo y|yum install vim-minimal telnet expect jwhois net-tools slocate iptables elinks gawk
L........
first container would not come up:
Starting CT 2333:
service vz stop
OpenVZ is locked [FAILED]
2010-11-29T23:26:23-0800 vzctl : CT 2333 : Starting container ...
2010-11-29T23:37:21-08........
Initializing quota ...
Error: Not enough parameters, diskinodes quota not set
vzctl set $veid --diskinodes 90000:91000 --save
New versions of OpenVZ seem to have some strange diskinodes parameter which is required.........
service vz start
Starting OpenVZ: failed to load module vzmon [FAILED]
vzmon: Unknown symbol ve_snmp_proc_init
vzmon: Unknown symbol addrconf_sysctl_free
vzmon: Unknown symbol ve_ndisc_init
vzmon: Unknown symbol addrconf_ifdown
vzmon: Unknown symbol ip6_frag_cleanup
vzmon: Unknown symbol fini_ve_route6........
service vz start
Starting OpenVZ: failed to load module vzmon [FAILED]
vzmon: Unknown symbol ve_snmp_proc_init
vzmon: Unknown symbol addrconf_sysctl_free
vzmon: Unknown symbol ve_ndisc_init
vzmon: Unknown symbol addrconf_ifdown
vzmon: Unknown symbol ip6_frag_cleanup
vzmon: Unknown symbol fini_ve_route6
........
cd /etc/yum.repos.d
wget http://download.openvz.org/openvz.repo
rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ
yum install ovz-kernel-PAE
Now remember to set /etc/sysctl.conf to "net.ipv4.ip_forward = 1"
You can apply the change immediately by running sysctl -w net.ipv4.ip_forward = 1 but remember that you still have to set sysctl.conf
sysctl -p will load and apply any changes to s........
Adding IP address(es): 192.168.5.8 192.168.5.9
Setting CPU units: 1000
Error: undump failed: Invalid argument
Restoring failed:
Error: iptables-restore exited with 2
Error: Most probably some iptables modules are not loaded
Error: rst_restore_net: -22
Container start failed
Stopping container ...
Container was stopped
Container is unmounted
Error: Failed to undump VE
Resuming...
vzquota : (erro........
I'm not impressed with OpenOffice writer, it can't beat Office XP still and speaking of that, after all these years, Wine still can't run Office XP Properly.
Back to the OpenOffice issue though, it likes to default paragraphs like this:
This is an OpenOffice Annoyance Example
See this indentation. It can be changed but Idon't see a way to default it back to the normal!
........
I am a huge fan of Linux and the idea of OpenSource but I've said it many times, there are still hurdles in today in 2010 for Linux as a Desktop. Linux is still intended for servers at its very core. This can be changed succesfully though, as Apple has shown us with Mac OS X based on FreeBSD.
Half of the issue is lack of driver support and the other half is the Linux Kernel and Window Manages, KDE and GNome still both don't cut it (but they're getting closer).
I'll........
vzmigrate --online dest-host VEIDNO
eg.:
vzmigrate --oneline 192.168.1.55 101
One option I would recommend is "--keep-dst", that way if the migration is interrupted you can still bring the VPS back up on the original host. After the migration is successful you can manually destroy it.
OpenVZ has a good writeup on this including Checkpointing and Restoring etc:........
This error is annoying, in a Virtuozzo KB entry about this ip tables nat problem they say the kernel needs to be ugpraded:
Symptoms
The node runs 2.6.18-x kernel older than 2.6.18-028stab053.10.
NAT module does not work in container, you get "can't initialize iptables table 'nat'" error:
# iptables -t nat........
After installation Directadmin does not work on OpenVZ VPS when browsing http://ip.ip.ip.ip:2222
service directadmin status
directadmin dead but pid file exists
tail /var/log/directadmin/error.log
Check the value of your ethernet_dev=eth0 setting in your /usr/local/directadmin/conf/directadmin.conf file and the output of /sbin/ifconfig
2010:07:10-12:44:01: ioctl can't find........
This is a great way to use your ftp server space, for example on your web hosting account (althoughI believe many hosts don't allow storage like this), but if you have a VPS/Dedicated Server etc.., this would be perfect. Imagine how easy it is to work with an ftp account that you can just mount as a normal partition or directory in Linux, it would be great for backups etc..
Name
curlftpfs - mount a ftp host as a local directory
Synopsis........
This is based on Debian Linux but should apply equally to any *nix distro.
Install LUKS/crypt-setup
apt-get install cryptsetup
Setup your LUKS Partition
Of course change /dev/md2 with whatever partition you intend to use LUKS on.
cryptsetup --verbose --verify-passphrase luksFormat /dev/md2
You'll be asked to verify your decryption password twice
*DO NOT FORGET THIS PASSWORD AS IT IS NOT RECOVERABLE!........
The default options for iptables are very basic. Here is what you need to do in order to enable them in OpenVZ.
1.) Add the modules to iptables and restart iptables:
vi /etc/sysconfig/iptables-config
Edit the line as so:
IPTABLES_MODULES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"
2.........
This function and others may not work with the stock PHPinstall on Centos/CPanel: Fatal error: Call to > undefined function imagecreatefromjpeg()
Even with libjpeg-devel installed it won't work because PHP was not compiled with jpeg support, so we have to do the dirty work ourselves :)
Here is the command/yum's I did to install missing libraries for PHP that configure will complain about (yes it is a one by one process).
yum install bzip2-........
This was unbelievable how much the Xen kernel slows things down, keep in mind both tests were done on the hostnode, one was with the Openvz-Xen hybrid kernel and the other was just OpenVZ. You can see the performance difference is nearly 300% better when not using the Xen kernel.
OpenVZ-Xen Kernel Test Results (I was wondering what was wrong/so slow with my Core i5!)
# # # # # #&n........
cat /proc/user_beancounters produces the following:
kmemsize 1861537 5139870 12752512 12752512 26965041
Notice the failcnt "26965041", that is for kmemsize and at first it confused me. The system had enough guaranteed and enough burst RAM available. kmemsize is a variable indepedent of that, but who cars about the explanation right, let's just make thing........
Ihave no idea how to get the loopback device working in OpenVZ, but what's more frustrating is that I purchased a CPanel license for my VPS and clearly it is not "VPS Optimized". Although everything does seem to work at this point despite that error.
The suggestions here: http://forum.openvz.org/index.php?t=msg&goto=1339 don't seem to work at all. This is an OpenVZ issue, but also a CPanel isue, why on earth would loopback support be expected in a VPS a........
I decided on using yum to help me decide even though I normaly use proftpd I decided to see what else I could find.
yum search ftp
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* rpmforge: ftp-stud.fht-esslingen.de
* base: mirrors.netdna.com
* updates: updates.interworx.info
* addons: yum.singlehop.com
* extras: mirrors.netdna.com
rpmforge........
Proxmox has made this free utility to backup running OpenVZ containers. It's a great program which is actually just a PERL script but gets the job done. This program is not 100% required because all it really does is cp -a from your container's path as far as I know but it is still good to have uniformity to how you backup your containers.
For RPM distros such as Centos/RHEL/Fedora etc.. download and install this:
wget http://www.proxmox.com/cms_proxm........
heartbeat is stopped for some reason
Anyway hnode2 was active and the services are running fine but I see heartbeat has been stopped somehow.
Here is the last log I see of heartbeat:
[quote:23c84415f5]
Sep 9 17:15:32 hnode2 heartbeat: [16738]: info: MSG stats: 9/1762471 ms age 0 [pid16738/MST_CONTROL]
Sep 9 17:15:32 hnode2 heartbeat: [16738]: info: cl_malloc stats: 716/51784021 152624/74519 [pid16738/MST_CONTROL]
Sep 9 17:15:32........
PHP cannot access /usr/bin/opensslI have verified the username that runs the process is able to access /usr/bin/openssl and it does exist but the PHP script is saying it doesn't exist:
[code:1:1fd0f3abbe]
if (!file_exists($OPENSSL)) {
//echo "ERROR: OPENSSL $OPENSSL not foundn";
}[/code:1:1fd0f3abbe]
I don't get itI can clearly see the contents of /usr/bin by using the PHP system fu........
Updated to Version 3.8 and can't loginSSHD accepts my password but then hangs at "Last login: Wed Sep 13 21:30:02 2006 from"
This occurred during a yum update after upgrading my release, installing the new kernel and rebooting.
I got kicked out of sshd after seeing the following during yum update:
telnet 100 % done 85/476
tux 100 % done 86/476
ntsysv 100 % done 87/476
rpmdb-redhat 94 % done 88/476........
Clustering LinksI thought this might be interesting for people with spare time.
[b:6423c19973]Great clustering article from Linux Mag[/b:6423c19973]
http://www.linux-mag.com/2003-11/clusters_01.html
[b:6423c19973]General Linux cluster information[/b:6423c19973]
http://www.gdargaud.net/Hack/ClusterNotes.html#HighA
http://www.faqs.org/docs/Linux-HOWTO/Cluster-HOWTO.html#s3
http://www.yolinux.com/TUTORIALS/LinuxClustersAndFileSys........
Shortcut/Easiest Way To Create A Self-Signed Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
Using the above, you instantly create a self-signed certificate valid for 1530 days and you can simply skip to step #5.) below.
If You Need a Real SSLCertificate (eg. Equifax/Openssl) then you need to create a CSR request (you'll need to follow Steps 1.) and 2.) in order to create the CSR. You then upload the CSR Certi........
I didn't find any useful information that actually fixed this. My VPS was in the "Running State" and I could not stop or restart it. I kept getting "Container already locked" no matter what Idid (I tried all the suggestions in the Google results for this error).
Most of the suggestions were for Windows but I only use Linux. The other solutioins also said to restart the VZ service or even the entire hostnode and this was not acceptable to me........
The results are still not flattering and are nothing close to native performance. Unless GlusterFS has a "DRBD-like" option to delay writes over the network and to only read from the client side, I don't see how performance can ever improve much more.
After doing some client optimizations Iadded more to the score:
Start Benchmark Run: Sun Nov 29 00:37:44 PST 2009
00:37:44 up 3 min, 1 user, load average: 0.01........
You might remember my original GluserFS/OpenVZ benchmark which produced a horrible 29.8
This is the exact same system, but using the latest 2.0.8 (with some small files patch which speeds up performance) you can see it is about 25% faster.
I also haven't tuned my config files at all, but there are some settings that should increase performance on small files which I believe i........
This is very disappointing since GlusterFS markets itself as a solution to deploy VPS servers on. On the HNitself I get a Unixbench of about 360.
I'm also using an SSH tunnel to secure the communications, but even before that, things seemed very slow.
# # # # # # # #####&n........
For some reason Ikeep getting this error when trying to run a sudo command eg:
sudo -u someuser somecommand
sudo: Error dropping capabilities, aborting
My version of sudo is:sudo-1.6.9p17-3.el5_3.1 and I've heard that version 1.7 fixes everything. The only thing is yum does not think sudo has any update. Iguess the new version has not been committed to the RPM repository yet.
This is really a huge and ann........
A VPS Server I had just wasn't working right, code that I migrated there just wasn't working. For example, it kept telling me the connection to the database was unsuccessful, halfway through iterating through results it already had.
Then I realized it wasn't my code. Ichecked my /proc/user_beancounters and found this:
cat /proc/user_beancounters
Version: 2.5
uid resource held maxheld barrier limit failcnt........
To enable Fuse to work inside a OpenVZ container it's very simple (although some people say it can't be done).
Remember that on your HN(HostNode) for OpenVZ, Fuse must be installed and the module must be loaded for this to work. In addition remember that you need the Fuse package installed inside the container of course.
vzctl set 2000 --devices c:10:229:rw --save
vzctl exec 2000 mknod /dev/fuse c 10 229
The part that most people forget........
Truly, the only way to unleash the capabilities and customization abilities of iPhone are to jailbreak, it's not just for hackers anymore.
A few days ago someone by the named of "geohot" released a single click application called "purplera1n", which does the entire operation smoothly and seamlessly.
In our case, the first time it went as far as "done, wait for reboot" on our Windows machine and for minutes we waited and saw the pic on the iPhone w........
Yes, Iadmit I finally got bitten by the hype as much as I can usually see through it all. Keep in mind this review is of the "stock" phone, no jailbreaking yet which is what really unleashes the customizability and whyI bought iPhone.
I had better things to say about this phone before buying it, and it is a great phone, perhaps the best on the market by far, if not because of the Mac OS port onto the iPhone and all the apps, etc, etc.
With that said........