As a fun test in an old/unloved dual CPU Xeon system, I removed the fan for the heatsink and after 1.5 hours, the system was completely stable and had surprisingly not crashed, despite exceeding or hitting the critical thermal levels........
Edit your /etc/hostapd/hostapd.conf file like below and restart hostapd.
#WPS stuff
# Enable control interface for PBC/PIN entry
ctrl_interface=/var/run/hostapd
eap_server=1
wps_state=2
ap_setup_locked=1
wps_pin_requests=/var/run/hostapd.pin-req
config_methods=label display push_button keypad
#WPS model info stuff change to suit your needs
device_name=USB2.0 WLAN
manufacturer=ATHEROS
model_name=WAP........
This guide assumes you have a working Postfix server and want it to sign with DKIM.
There are a few things we have to understand to make all of this work though, which require you to be familiar with DNS as well.
1.) Install OpenDKIM
apt install opendkim
systemctl enable opendkim
2.) Edit /etc/opendkim.conf
Syslog yes
SyslogSuccess yes
Mode&nbs........
apt install tftpd-hpa
#change TFTP_ADDRESS to by setting address to 192.168.1.1:69 or the IP you need, otherwise it will listen on all IPs and interfaces which could be a security risk.
# edit /etc/default/tftpd-hpa
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/srv/tftp"
TFTP_ADDRESS="192.168.1.1:69"
TFTP_OPTIONS="--secure"........
sysctl vm.overcommit_memory=1
echo never > /sys/kernel/mm/transparent_hugepage/enabled
echo 511 > /proc/sys/net/core/somaxconn
1:M 26 Nov 2023 21:34:33.840 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
1:M 26 Nov 2023 21:34:33.840 # Server initialized
1:M 26 Nov 2023 21:34:33.840 # WARNING overcommit_memory is set to 0! Background sa........
Assign way more replicas than you have of memory on all nodes and watch the Swarm crash which can easily reproduce in a small VMfor testing.
root@Deb11Docker01:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAM........
Some people find it less than intuitive to do on DNSMasq and by default DNSMasq is available on 0.0.0.0 which could even be your LAN or Public IP.
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp ........
A lot of companies are unsure which solution to choose and many may not be aware of Docker Swarm as an alternative to Kubernetes. One thing that many Sysadmins find is that Docker Swarm is simply easier, quicker to setup and maintain by far than Kubernetes.........
When Is It Time to Leave Your VPS, VDS, and Dedicated Server Provider?
Choosing the right hosting solution—be it Virtu........
In today’s digital landscape, finding a reliable and secure Virtual Private Server (VPS) or Virtual Dedicated Server (VDS) goes beyond just comparing specs and prices. With increasing concerns over data privacy, security breaches, and government surveillance, the wisdom of choosing your VPS/VDS provider based on juri........
This will be the goto to help solve e-mail delivery issues and talk about many practical issues that happen between developers, admins and scripts that send e-mail and do things that may not be acceptable or cause deliverability problems.
Sendmail Stuff
Edit /etc/mail/sendmail.mc
The problem is that if you send directly out from the server using the mail function, the Return-path of the e-mails will be username@thehostnameoftheserver.com. Let........
During a migration or other custom setup, it's possible you don't have a $HOME/Desktop and as a result the config file that controls this is set to just use your $HOME directory.
This is controlled in the file: $HOME/.config/user-dirs.dirs
As we can see below, Desktop, Downloads, Music and Pictures are set to $HOME. We can edit any of these as we like.
# This file is written by xdg-user-dirs-update
# If you want........
Step 1.) Upgrade to Debian 11 first
The process to go to Debian 12 is not as smooth as 11, when trying to upgrade from Debian 10. In fact, it doesn't work directly, so you'll first need to follow this guide to update to Debian 11, reboot and come back here if successful.
Step 2.) Update sources.list
Update your /etc/apt/sources.list like this:
deb http://........
If you are running a local DNS server like named/bind and don't want to use the ISPsupplied DNS servers that are announced via a DHCP request (using dhclient) then the solution is simple.
The reason should be obvious, but normally running your own DNS server will provide a more reliable, and fast DNS response and you won't have to worry about filtering as much (unless your upstream filters or proxies outgoing DNS requests).
Edit /etc/dhcp/dhclient.conf........
If you have swarm services and dockerd is creating a high load even with the containers just being idle, the easiest solution is to upgrade to a newer docker version.
For example an identical config of 3 nodes, with Redis 5 with 30 replicas produces a load of about 1.45 in Debian 10 with Docker18.09.1
If I create the same setup on Debian 11, with Docker 20.10.5+dfsg1 then the CPU usage is low.
One other difference I wondered is the kernel. In my test setup........
If you get this error, it is often because you have configured Apache with modules that weren't actually installed. Eg. you try to load the PHPmodule but didn't actually install the apache2 php module, so the server can't start. In general, this error can often be caused by issues with problematic modules and/or Apache being configured for modules that have not actually be installed (eg. libapache2-mod-php) is missing.
The above results in this less than obv........
You'll notice that /etc/resolv.conf contains dire warners on most Linux Desktops.
# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use........
Just in case, it is reocmmended to backup the original contents of the directory (especially your home dir) before proceeding.
Setup ecryptfs
Run this command: ecryptfs-setup-private
It will ask you for your login password, this is so that when you login, everything is automatically decrypted by using a passphrase that is wrapped with your login.
You can hit enter and leave things blank for an autogenerated passphrase (for mounting) or you can en........
We could always disable swap but this would normally be a bad idea unless you have an incredible amount of RAM and a workload that will never exceed it. However, for live/containerized and high performance environments it could be desirable.
Another middle ground may be to set swappiness to a lower number.
You may also want to clear your kernel's cache, which could be eating up RAM unnecessarily by c........
Install exiftool:
apt install exiftool
Remove the metadata from "thefile.pdf":
exiftool -all= thefile.pdf
Warning: [minor] ExifTool PDF edits are reversible. Deleted tags may be recovered! - thefile.pdf
1 image files updated
Metadata, in the context of PDFs, refers to a set of data that describes and gives informat........
This likely works for even older versions but I have only tested on 8,9,10 (11,12). It's quite impressive at how easy it is to upgrade from a very old version to the new version. I would say that Debian version upgrades are some of the quickest and smoothest of any distro.
1.) Backup your /etc/apt/sources.list
cp /etc/apt/sources.list ~
#Get your keys first, you need the latest keys for Debian 11 or it won't work:........
Virtualbox is a very powerful tool, but for some use cases it is less than optimal.
Say you are in a work, lab or other environment where you are not alone on the physical network and there could be overlap of IPs, but you need all of your VMs to be contactable from your host, VMs need to communicate with each other, and VMs need internet.
NAT Network will give you VM to VM communication and internet, however, it is buggy and unstable. It also doesn't allow host to VM co........
It sounds intuitive that you may just move the /var/lib/docker dir to another location and symlink it back but it won't work and you'll get an error.
How to move Docker Storage the Correct Way
This assumes that you want to use /mnt/raid as the new location.
1.) Stop Docker
systemctl stop docker
2.) Move /var/lib/docker
mv /var/lib/docker /mnt/raid/
3.) Edit the Docker daemon file
Specify the path you wan........
Router#show license
Index 1 Feature: ipbasek9
Period left: Life time
License Type: Permanent
License State: Active, In Use
License Count: Non-Counted
Lic........
This article about migrating to a CentOS 7 /8 RAID mdadm array has a lot of info but I wanted to focus specifically on what newer versions of CentOS 7 require to boot mdadm and what changes are necessary on CentOS 7.8+
CentOS 7 / 8 mdadm RAID booting requirements
This assumes you are chrooting into an existing install or using it to get a new deployment ready. However, these steps can........
It may appear to be an Xorg or lightdm/gdm/mdm error but in reality for many users with this issue, it's a driver conflict and issue. I had a system that had two GPUs, an Intel and Nvidia GPU.
The only thing that got it working was to remove the nouveau driver and blacklist it so it never came back, then the Intel GPU works fine without these issues.
Solution
sudo rmmod nouveau
add nouveau/other driver to blacklist
edit th........
Is your /var/log/journal overweight and bloated? For example a decent install of Debian 11 with most applications and services ends up being about 4.9G with the journal taking a few gigs.
du -hs /var/log/journal/
1.3G /var/log/journal/
By default in a lot of distributions there is no maximum size so it will keep growing. This is especially problematic for embedded distributions and devices, but is also a huge waste of sp........
Debian based OS's have a similar issue as the behavior in RHEL/CentOS dhclient, which is that if you have an interface that relies on DHCP, if the first attempt fails, it will quit and stop. This is a problem especially if you are using your Linux as a router or something else mission critical, but where the internet for some reason may have been down or the DHCP server it gets a lease from broken.
The expected behavior you would hope is that when things are back online that the........
Linux Mint offers an easy and painless upgrade path through the last 3 versions, which means no more reinstalling to stay current with the latest version.
The only catch is that you need the latest of each version, so for 18, you need 18.3 before you can go to 19, and then 19.3 (or latest), until you go to 20. However, it's really a small price to pay and on the machines we've tested, the upgrade went seamlessly each time (although sometimes video drivers/custom kernel modules l........
Bonding is an excellent way to get both increased redundancy and throughput. It is similar to the "Network Teaming" feature in Windows.
There are a few different modes but we will use mode 6, I think it's the best of both worlds, as it is not just a failover, but it provides round robin, so you will get redundancy and load balancing. So if you have a 1G single port, you will have a combined throughput of 4G at this point. Just bear in mind that the true thr........
This can be used on almost anything, since Gluster is a userspace tool, based on FUSE. This means that all Gluster appears as to any application is just a directory.
Applications don't need specific support for Gluster, so long as you can tell the application to use a certain directory for storage.
One application can be for redundant and scaled storage, including for within Docker and Kubernetes, LXC, Proxmox, OpenStack, etc or just your image/web/video files or even da........
freshclam
ClamAV update process started at Sun Mar 20 00:30:50 2022
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.3 Recommended version: 0.103.5
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
main.cld is up to date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
WARNING: getpatch: Can't download daily-26337.cdiff from db.local.clamav.net
WARNING:........
The Best Docker Tutorial for Beginners
We quickly explain the basic Docker concepts and show you how to do the most common tasks from starting your first container, to making custom images, a Docker Swarm Cluster Tutorial, docker compose and Docker buildfiles.........
Just click on the Start Menu and go to "Startup Applications"
Then click on the "Add"Button
Now enter the command we need to open the folder/directory automatically using the filemanager
For remote SSH host (you need pub key auth for it to open without a pa........
In our 2024 VPS Server/Cloud Buyer's Guide, we place the location of your VPS/hosting/server as one of the priorities that is often overlooked.
2024 Update - Datacent........
How To Install Wazuh Server / Quickest Installation
Wazuh (forked from the well known OSSEC project) is a full SIEM (Security Information Event Management) that works extremely well with the platforms it natively supports as an "Agent", which allows you to do scans of everything such as all processes running, CVE vulnerability check, incident reporting etc...
Prerequisites:
A lot of issues with Wazuh seem to be caused by i........
A lot of newer installs will automatically prohibit the root user from logging in directly, for security reasons or they will only allow key based access.
If you know what you are doing/don't care about security or have an incredibly secure password for testing, then you can enable it.
Edit this file: /etc/ssh/sshd_config
Find the following line: PermitRootLogin
Set it like this:
PermitRootLogin yes
Now rest........
The Linux Mint team has disabled it by setting an apt preference, you can edit or just remove the file:
sudo apt install snapd
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package snapd is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source........
Just install these packages and restart the VM:
1.) Enable guest-utils on the host side:
sudo apt install virtualbox-guest-utils virtualbox-guest-x11
2.) Enable guest editions on the VMside
This must be done for each VM that you want to have the guest additons for accelerated GPU performance and for drag and drop/clipboard sharing
First insert the Guest Addtions CD image........
vi is very handy when doing a lot of config file editing and can save you time over using the mouse or using the x or delete keys to manually delete.
Solution:
If you don't want it to stop deleting when encountering things like - or _, then you want this:
d$
Or if you want it to stop on - and _ then use this:
dw
Remember both commands are in "non-input mode" so not when you're........
Just edit your ~/.bashrc and add this at the very end:
export PS1="realtechtalk.com"
Then your prompt will look like this:
bladeblox:uptime
08:47:14 up 48 min, 1 user, load average: 1.00, 1.07, 0.96
If you wanted a dollar sign at the end then you would change it like this:
export PS1=&........
So you're trying to browse to a properly configured Samba share but you get this error:
Unable to mount location
Failed to retrieve share list from server: Connection timed out
If your config is right, it can be due to a protocol miss-match where your client has not enabled SMB3 but by default the other side (server) has enabled it.
You can test this out to see with the smbclient tool........
Just a quick note and warning is that if you are testing to see if EFIPXE booting works on a VM, MAKE SURE it actually works. For example Iinitially tested using my Distro's QEMU 2.5+dfsg-5ubuntu10.46 and ovmf BIOS firmware (OVMF supports EFI). However, I found on old versions of QEMU (like 2.5), EFIbooting with GRUB NEVER works so it may appear that you have made a mistake when everything is fine when you boot a physi........
Enable "cli" mode equivalent in JunOS
cli
Configure Mode
configure
So rather than going to the console on a Cisco switch and typing "enable" and then "conf t", the equivalent in JunOS is "cli" and "configure".
How Do You Apply Changes You've Made?
You can make all kinds of changes to the switch, but remember they are not........
Traditionally kernels were numbered starting from 0 but by default the "new style" of grub boot loading considers each subkernel item to be different so if you have 3 entries for 4.40-148 rather than counting for 1.
To get the expected behavior let's show this example and how we can boot it
We do a grep on menuentry in /boot/grub/grub.cfg to see all of the bootable kernels rather than scrolling through loads of extra entries we don't care about (thou........
To disable selinux temporarily and immediately:
setenforce 0
To make it permanent edit /etc/selinux/config:
vi /etc/selinux/config........
It is different than other Wordpress templates.
You have to edit the following file:
wp-content/themes/hueman/parts/single-heading.php
Add the following PHPcode to the bottom:
........
The problem for me is that Ihad two videos with different types of audio streams. ffmpeg would join them but they would not play past the point of the join.
So Iused mencoder like below and it joined the audio and made them both mp3 streams and it worked!
-oac mp3lame specifies the audio to be convered into an mp3 stream using the lame codec.
after the oac the two files are the ones to be joined.
the -o is the name of the outp........
A very common use case is that you don't want to waste time using a video editor that requires you to open it up and manually import the video clip and audio clip, then manually delete the old audio track and import the video and new audio. That's too much work and time since we don't want to go through the hassle.
ffmpeg is our solution, all we have to do is specify 3 variables and we're done!
-i Windows2019-Server-Noaudio.mp4 is our in........
The idlepc value is very important to dynamips and it is both image and often CPU dependent. There is no "magic"value that will work for all images and all CPUs so this is why I'll show you a quick and handy way.
Also don't be disappointed, some values do not work well but idlepc gives you several. For example in my example below #6 didn't help at all but #7 got me down to about 6% CPU from 99-100%.
*Befo........
Cannot register the hard disk '/some/path/windows-marking.vdi' {f54def00-2252-43f5-9178-0998636cad61} because a hard disk '/other-path/windows-marking.vdi' with UUID {f54def00-2252-43f5-9178-0998636cad61} already exists.
Result Code:
NS_ERROR_INVALID_ARG (0x80070057)
Component:
VirtualBoxWrap
Interface:
IVirtualBox {0169423f-46b4-cde9-91af-1e9d5b6cd945}
Callee RC:
VBOX_E_OBJECT_NOT_FOUND (0x80BB0001)........
It really seems limited in that it can mainly give you the things you would see on the physical unit such as load etc..
wget https://downloads.sourceforge.net/project/apcupsd/apcupsd%20-%20Stable/3.14.14/apcupsd-3.14.14.tar.gz?r=https%3A%2F%2Fsourceforge.net%2Fprojects%2Fapcupsd%2Ffiles%2Flatest%2Fdownload&ts=1598115866
tar -zxvf apcupsd-3.14.14.tar.gz
cd apcupsd-3.14.14
[root@somebox apcupsd-3.14.14]#
./conf........
apt install software-properties-common
add-apt-repository ppa:deadsnakes/ppa
apt update
apt install python3-pip
apt install python3.7 curl gnupg python3.7-dev git
ln -s /usr/bin/python3.7 /usr/bin/python3
pip3 install numpy keras_preprocessing
curl https://bazel.build/bazel-release.pub.gpg | sudo apt-key add -
echo "deb [arch=amd64] http://storage.googleapis.com/bazel-apt stable jdk1.8" | sudo tee /etc/apt/sources.list.d/bazel........
Most newer distros inexplicably cause your NIC to have what Icall "random" non-standard name conventions because of systemd.
This is a big problem for many people and especially those running servers. Imagine that you have a static IPconfigured for ens33 but then the hard disk is moved to a newer system, the NIC could be anything from ens33 to enp0s1, meaning that manual intervention is required to go and update the NIC config file (eg. /etc/network/interfa........
If you've ever gotten errors like this the solution is simple, you need i386 enabled on your 64-bit install because wine depends on some 32-bit x86 libraries:
dpkg --add-architecture i386
apt update
apt install wine
After that it will install just fine.
apt install wine
Reading package lists... Done
Building dependency tree
Reading state information... Done........
This is sure simple if you follow the guide but it took a lot of hacking around to make this work on Debian/Ubuntu!
Now before you ask why bother running wine and python, the reason is because Python executables are NOT cross-platform. If you run pyinstaller in Linux, that binary will only run on Linux and the same if you do it in Windows. So it is preferable if you have a single environment that you can create Linux and Windows binaries from rather than running 2 separate........
A big problem over ssh and especially sshfs is that your connection will often timeout and disconnect after inactivity.
To fix this you can modify the server but it may not be practical or you may not have access. Why not send keep alives fom your end (client side)?
Just edit /etc/ssh/ssh_config (not to be confused with sshd_config as that is the server side):
Find the line that says "Host *" and change it like this:........
Yes you have that right, the network service in RHEL8 / CentOS 8 / Rocky Linux / Alma Linux no longer exists. So there is no more systemctl restart network
You can restart NetworkManager but it doesn't have the same effect or ifup/ifdown on all interfaces.
Generally if NetworkManager is installed you will want to restart it or it won't apply the settings from ifcfg.
systemctl restart NetworkManager
To repl........
If you just do a normal chown user.user somedir it won't work. You will see the ownership is still the previous owner.
How To Change Ownership Of Symlink:
The simplest part is just adding the -h which means no dereference so it applies the ownership on the symlink and does not try (and fail) to change ownership of the dereferenced symlink destination.
chown -h user.user somedir........
The easiest way to know if your videos are playing with GPU acceleration are to watch the process of xplayer, mpv or whatever you are playing. The CPU usage should be no more than 10% for that process/program if it is using acceleration.
Let's manually play with vdpau to make sure it works before we make it permanent:
First make sure you have libvdpau installed:
sudo apt install vdpau-driver-all
If yo........
I find that the default settings for the radeon driver that is applied to most AMD cards is horrible. For example by default TearFree is not enabled and it causes videos to have some kind of square artifacts.
Here are the settings I have found most suitable for AMD cards:
You need to create file in the following path and restart Xorg or your computer to apply it:
*Beware that making a mistake here will possibly make your computer........
Downloading and compiling from source to get the latest version of Asterisk is really simple with this guide.
apt install gcc make g++ libedit-dev uuid-dev libjansson-dev apt install libxml2-dev sqlite3 libsqlite3-dev
wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-16-current.tar.gz
tar -zxvf asterisk-16-current.tar.gz
cd asterisk-16.6.2/
./configure
If you get this error change y........
Most of us know the heredoc method but what if you need a basic query done repeatedly and manually while working from bash? It is a pain to manually type mysql and login each time.
With this command below you can semi-automate those queries:
echo "use somedb; select * from auctions" | mysql -u root --password="yourpassword"
Just modify the above to suit your needs and you can add more queries by adding a sem........
Create Database:
create database yourdbname;
Show All Databases:
show databases;
Change Database:
use mysql;
Drop / Delete a MySQL Database:
drop database nameofyourdatabase;........
Just edit your tftp file for xinetd like this:
*Change the IPto be the IPof the interface you want to listen on.
To test if your tftp is available on a certain IP range use nc -u yourip 69 to see if you can still connect (/var/log/messages or /var/log/syslog) should show the connection if it is open.
Oct 13 23:20:34 01 xinetd[26631]: Started working: 1 available servic........
Video Links:
How To Setup 2 Phones on a Single CME Router and get the GUI going.
How to use Dialpeers with CME with two routers
How to implement call restrictions using COR / Class of Restriction
Getting started, let's enable ephones and DNs we can add a phone with........
By default at least on Centos 7 nfs only allows 8 connections and starts 8 nfsd daemons.
To fix this edit this file:/etc/sysconfig/nfs
Edit the line "RPCNFSDCOUNT" (uncomment it so it looks like this:
RPCNFSDCOUNT=30
In the example above we are setting 30 nfsd daemons to run (or in other words 30 connections are possible this way).........
In Centos 7 tftpd will not work with selinux. Clients will not be able to connect and this is all you'll see in the log (then nothing more):
Sep 18 14:39:15 localhost xinetd[4327]: START: tftp pid=4331 from=192.168.1.65
On the client/computer side you will see this:
TFTP.
PXE-M0F: Exiting Intel Boot Agent
Basically the client is being instantly connected and bloc........
Having a network bridge allows you to bridge traffic under multiple devices so they can talk natively without using any special routing, iptables/firewall or other trickery.
To create your bridge you need the bridge-utils package for brctl and if you want to do things like bridge VMs that run on a tap device you will need the uml-utilities which provides "tunctl".
1.) Install the utilities to make our bridge
sudo apt-get i........
By default your DHCP will often not work because it is not listening on any interfaces.
All you have to do is edit this file:
vi /etc/default/isc-dhcp-server
then find the "INTERFACES" line and add each interface that should listen:
INTERFACES="br0 enp0s10"
........
It is really simple using .htaccess with mod_rewrite.
Here is all you need:
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://site.com/$1 [R=301,L]
Another more graceful way is to use the %{SERVER_NAME}variable to make it dynamic. Just be careful that the server name will always match what you expect. (eg. if you are doing load balancing or clustering what if the server name may be somethi........
You'll have to edit the policy.xml file to fix this:
convert -density 300 output.pdf agreement.jpg
convert.im6: not authorized `output.pdf' @ error/constitute.c/ReadImage/454.
convert.im6: no images defined `agreement.jpg' @ error/convert.c/ConvertImageCommand/3044.
sudo vi /etc/ImageMagick*/policy.xml
Change
policy domain="coder" rights="no........
This is a security hole in my opinion and should be plugged by editing the lock screen ui layout:
vi /usr/share/mate-screensaver/lock-dialog-default.ui
#find these objects and set the visible property to false
object class="GtkLabel" id="note-tab-label"
object class="GtkLabel" id="auth-username-label>
object class="GtkLabel" id="auth-realname-label"........
Install Errors on Version 12:
This error happened on QEMU emulator version 2.11.1 pve-qemu-kvm_2.11.1-5
on Proxmox/Debian but installing on QEMU.12 on Centos 6 did not produce the error.
*Update it is not related to the OS or QEMU version. This happened in Centos 6 too after a second install.
What really causes this even though you successfully install........
The strange thing is that usually the first install or two will work on any new machine but then it suddenly won't. I had this experience on QEMU 2.13 on a different machine. There is something finicky or buggy about the CUCM installer even when choosing the same virtual hardware specs.
qemu-kvm command:
/usr/libexec/qemu-kvm -version
QEMU PC emulator version 0.12.1 (qemu-kvm-0.12.1.2-2.506.el6_10.1), Copyright (c) 2003-2008 Fabrice Bellard
........
It is much more useful to have meaningful and detailed logging from tftp to see what is or isn't happening especially for VOIPand other embedded device appications:
Edit the file:
vi /etc/xinetd.d/tftp
Change the server line like this:
server_args = -s /var/lib/tftpboot........
Are you tired of coming back to your computer only to find your SSH connections have been broken? Even worse are the ones that hang where it appears to be connected but it is really not.
The one option you have is an SSHclient side modification to send KeepAlive packets, sometimes this can also keep up your WiFi connection and stop it from disconnecting you as well.
To make the keep alive changes for your just yourself (not system wide)........
This is usually because the Group Policy forbids that user or group from logging in.
run "gpmc" (not "gpedit.msc" as that is for local computer settings when you are not using Active Directory) or go to Administrative Tools and Group Policy Management.
Edit the default domain policy like below........
gsmartcontrol is a free tool that let's you see the status of the SMART parameters so you can check things like temperature, reallocated sectors, bad sectors etc.. to give you a better idea of your drive health.
Download it here.
gsmartcontrol is a very useful tool in Windows to check your HDD / Hard Drive health status.
In my experience you should NEVER trust that everything is OK just because SMAR........
chroot which stands for change root allows you to virtually operate in another operating system even though you haven't booted it. It is commonly used to deploy new distros, applications and to fix a broken Linux/Unix install or prep a new system image without having to physically boot the drive or disk.
So in this example let's say we have a drive that has a Linux OS installed on /dev/sdb1 and we have mounted this partition on /mnt/sdb1
The key point is to edit the &quo........
This is usually because of STP causing a delay in the negotiation.
Edit your ifcfg script eg:
/etc/sysconfig/network-scripts/ifcfg-eth0
Add a LINKDELAY of 30 seconds or whatever works for you:
LINKDELAY=30
After that you should have an IP during bootup.........
For some reason, perhaps you don't want to run a daemon or let Letsencrypt have access to your production server.
There is a way to use it like a normal CSR/CA setup in manual mode.
./letsencrypt-auto certonly --manual -d realtechtalk.com - www.realtechtalk.com
Eventually you will get prompted to create a certain path and file with certain data:
Create a file containing just this data:
Casdfasfadsfsad........
The key thing is that you must use a "machine"id of "pc-1.3" or it will say your hardware is not supported.
Additionally you MUST use a virtio disk or you will get a ks_pre.sh error as soon as the install starts (a look at logs will show it can't find a disk). This is funny because even though the OS finds the disk and an fdisk -l shows it, it looks like the script looks for a /dev/vda device (virtio) and nothing else, so if you didn't use Virtio as you........
What you need to do if you have taken a dd or real raw image dump of a hard disk:
VBoxManage convertdd windows2019-eval-template.img windows2019.vdi --format VDI
The .img is the raw dd dump and the .vdi is the output file.
--format VDIspecifies to output to .vdi format
If you are in a pinch you can always use qemu-kvm binary and manually specify the .img as your disk and i........
If you see this in /etc/sudoers it is NOT a comment but an include.
#includedir /etc/sudoers.d
For example in Linux mint sudoers.d contains the following files:
casper mintupdate README
casper for example contains the following sudoers line:
mint ALL=(ALL) NOPASSWD: ALL
So if you are messing ar........
debug1: Local connections to LOCALHOST:18006 forwarded to remote address 192.168.1.93:8006
debug1: Local forwarding listening on 127.0.0.1 port 18006.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on ::1 port 18006.
bind: Cannot assign requested address
What we are seeing is that we can't listen on an IPV6 address of ::1. We need to tell SSH to stop using IPV6 so we'll edit ssh_config to take care of this issue........
By default VMWare Workstation often doesn't work as we would like.
If you create a VM with a default NAT IP it won't work you will find the NIC is disconnected (even though on the VMWare side it says connected including at Power On).
How To Solve It
1.) Create New VMNet for NAT
Click "Edit" -> "Virtual Network Editor"
Click "Add Network"
Select Network To Add "VMNet1" (........
Just find the relevant file in /etc/NetworkManager/system-connections
sudo vi /etc/NetworkManager/system-connections/Wired connection 1
[802-3-ethernet]
duplex=full
mac-address=00:00:00:FE:FE:FE
[connection]
id=Wired connection 1
type=802-3-ethernet
timestamp=1532403341
[ipv6]
method=ignore
[ipv4]
method=manual........
First we need to create dhclient.conf if it doesn't exist or edit it:
vi /etc/dhclient/dhclient.conf
#add this line at the top add the IPs as commas they will be the highest priority nameservers and whatever your ISP gives you will be used after these one (good for DNS backup)
prepend domain-name-servers 127.0.0.1,10.10.25.8;
After you restart your network or run dhclient again you should see the contents of........
Before getting into the output here is my typical experience with SMART, there is what I call a "bad disk" with pending and uncorrectable sectors that cannot be reallocated.
It has caused a kernel panic and system crash repeatedly as we can see from the logs.
But SMART says it has "PASSED" its self assessment. SMART is still useful to me but it is more about looking at Current_Pending_Sector.
Any time I have had anything but 0 for that attribute it........
#to show all
VBoxManage list vms
#show ONLY running vms
VBoxManage list runningvms
VBoxManage storageattach test --storagectl "SATA" --port 0 --device 0 --type hdd --medium iscsi --server 192.168.1.91 --target "iqn.2018-12.local.abcrandom.target:sdb" --initiator "iqn.1982-01.ca.bla.tld:abc123" --t........
confmodules=`cat /etc/httpd/conf/httpd.conf |grep -v ^#|grep "modules/"|awk '{print $3}'|cut -d "/" -f 2`
for module in $confmodules; do
echo "module=$module"
if [ ! -f /etc/httpd/modules/$module ]; then
linenum=`awk /"$module/{ print NR; exit}" /etc/httpd/conf/httpd.conf`
sed -i "$linenum"s/.*// /etc/httpd/conf/httpd.conf
&n........
Cisco's CUCM (Cisco Unified Communication Manager) is a system that combines voice, video, data and mobile products into a single unified management suite. At its core, the CUCMis like a "Super PBX" that controls the flow of all communications through an organization even single or multiple site deployments.
Cisco's CUCMmakes communication more effective and simple through centralized management and unification of communications resources.........
After starting the install it stalls here:
admin/index.php?cache=0&agreelicense=1&confirmrelease=1&lang=en
If you manually refresh you get a Plugins check screen:
Installation
System
Moodle second step fails just blank screen:
https://domain.la/user/editadvanced.php?id=2
Solution: give up and choose something else it shouldn't be thi........
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/geoip.so' - /usr/lib64/php/modules/geoip.so: undefined symbol: GeoIP_country_code_by_name_v6 in Unknown on line 0
Solution:
Edit geoip.ini
vi /etc/php.d/geoip.ini
Comment out the .so like so:
;extension=geoip.so
service httpd restart........
[root@localhost:~]
BootModuleConfig.sh echo host-ind nfcd........
[root@thetor2017 conf]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: WARNING: MaxClients of 3000 exceeds ServerLimit value of 300 servers,
lowering MaxClients to 300. To increase........
dvd+rw-mediainfo /dev/sr0
INQUIRY: [ASUS ][BW-16D1HT ][3.00]
GET [CURRENT] CONFIGURATION:
Mounted Media: 11h, DVD-R Sequential
Media ID: RITEKF1&n........
Ithought I'd post this becuase there is some bad information out there. Some guides tell you to edit /etc/postfix/master.cf (-o smtp_bind_address=) but this doesn't work. The same guide also says if you don't change it there you end up changing the listening IP/bind interface which is also not true.
Here is a simple and effective way to change Postfix's sending/binding/outgoing IP address (very important for reverse DNS and so mail servers don't block you)........
#mount the VCSA DVD
mount /dev/sr0 /mnt/cd
#alternatively you could mount the iso directly
mount -o loop vcsa.iso /your/mount/path
#for this purpose we are using the CLI installer on Linux
cd /mnt/cd/vcsa-cli-installer/lin64
#no it's not going to be that easy you can't just run vcsa-deploy like that you need to use a template or configured .json file
./vcsa-deploy
Usage: vcsa-deploy [-h] [--version] [--supported-deploymen........
The main issue is it looks like Java is not configured to accept the invalid ssl cert that is coming from the download location.
Exception in thread "main" java.lang.RuntimeException: javax.net.ssl.SSLException: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error
export ANDROID_HOME=/home/user/Downloads/tools/
Conversations-master$ ./gradlew
Downloading https://services.gradle.org/distributions/grad........
This is most likely to happen on a normal GUI system like Ubuntu or Linux Mint. If you or the user is meant to have sudo / root privileges it is as simple as editing the following files:
Now assume your username is "iamtheuser"
vi /etc/group
adm:x:4:syslog,iamtheuser
sudo:x:27:anotheruser,iamtheuser
Find the above lines and add a comma and "ia........
This is not the normal "black screen"issue and I was shocked to eventually find out why. The normal advice of reconfiguring Xorg didn't work. Even booting into "Recovery Mode" did not help.
Here is the short end of the stick that fixed it:
sudo apt-get install mdm mate-desktop-environment
Yes you got it right, mdm and the mate-desktop-environment / gnome were somehow uninstalled. This must be whe........
Here is the only solution Ifound that works in Firefox:
*Note you could basically just copy all of the commands in bold (the rest just shows the output)
Install sqlite3
sqlite3 places.sqlite
sqlite> .clone places.sqlite-fixed
moz_places... done
moz_historyvisits... done
moz_inputhistory..........
It is well known hackers, the NSA, CIA and other groups have created malware to secretly turn on your webcam and microphone on your phone, tv etc.. But fortunately on our computers and laptops we have some options.
Most webcams use the "uvcvideo" kernel module / driver. You can disable this in two ways on boot. I recommend both just as a failsafe.
Disable it on rc.local once your system boots automatically
Add the followi........
One simple way to keep your server public but almost impossible to hack via SSHis to disable password authentication over SSH. This means the only way in is via your own private key that only you should have.
Edit your /etc/ssh/sshd.conf file
Set this option
PasswordAuthentication no
Restart your SSH server.
service sshd restart
........
So I have a domain "testdomain.com".
Inside test domain.com's root is the following .htaccess:
Options +FollowSymLinks -Indexes
ErrorDocument 403 /launch/index.html
Order Deny,Allow
Deny From All
Allow From 192.168.1.2
When you visit anything other than root things work fine. Eg. if you visit http://testdomain.com/somedirfile.html
It will show the right error in /launch/........
This is useful for security purposes especially on a server which may have a public IP assigned to it but has a second NIC for the LAN.
Here is how you edit smb.conf:
[global]
interfaces = 192.168.1.50
bind interfaces only = yes
As you can see above it will only listen on 192.168.1.50 and remind to keep the "bind interfaces only"option.........
It has been a big pain for a long-time to install Windows from a Linux environment. I used to run a windows install server and it never worked right for some reason (the install would fail on most servers).
Before getting start be sure to setup your samba share so once you boot into WinPE you can mount the install for whatever Windows you want
/etc/samba/smb.conf
[smbwinstall]
path = /tftpboot/images/winstall
guest ok = yes........
Some of the cheaper or newer SSL suppliers will require this to work properly (otherwise you may be prompted that the cert is invalid when it's not the case but it will certainly scare off your users!).
In the Apache vhost conf for the domain here is what you add:
SSLCACertificateFile /path/to/your/cafile.pem
Here is a full example of an SSL Vhost config in Apache using a CA Certificate file
........
Getting this error on Centos 6 with PHP 5.3 when just running "php -v"
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/module.so' - /usr/lib64/php/modules/module.so: cannot open shared object file: No such file or directory in Unknown on line 0
PHP Warning: Cannot load module 'XCache' because conflicting module 'apc' is already loaded in Unknown on line 0
Solution:........
This guide will work for most modern Linux versions like Centos RHEL 7, Debian, Mint, Ubuntu etc...
In Centos 7 the days of editing the "kernel"line and adding "single"are gone. On top of that sometimes after a new install passwords do not work, maybe you forgot your password or for some other reason you need to break in or fix your system? It could also be because you can't mount your root / or some other /etc/fstab error and many other err........
This happened on Centos for no apparent reason with no obvious issue in the logs. Data could be read fine but not written (possibly due to some corruption or out of memory issue in the OpenVZ container is the best guess).
All mysql update and insert queries failed freezing without any error log on any database and table.
Tried to restart:
service mysqld restart
Timeout error occurred trying to stop MySQL........
Centos 6 requires GLIBC 2.12 however a lot of new programs you would want to compile may need a newer glibc. You can't remove the old glibc since the whole OS is based on it but you can install the updated glibc alongside it and do an export pointing to your updated GLIBC.
mkdir ~/glibc_install; cd ~/glibc_install
wget http://ftp.gnu.org/gnu/glibc/glibc-2.14.tar.gz........
MySQL will silently truncate a larger INT than capable.
Check MySQL's own documentation here:
As we can see the maximum size of INT (which is the most commonly used) is 2147483647
A lot of coders make this mistake by using very large values such as 9999999999 but it would actually truncate to 2147483647 which is the maximum size of an INT. This is dangerous beca........
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/geoip.so' - /usr/lib64/php/modules/geoip.so: undefined symbol: GeoIP_country_code_by_name_v6 in Unknown on line 0
Remove the GEOIP from PHP:
php71w-pecl-geoip-1.1.1-1.w6.x86_64
PHP Fatal error: PHP Startup: apc_shm_create: shmget(0, 67108864, 914) failed: Invalid argument. It is possible that the........
The Linux Kernel interpretated a very high volume of real traffic as a DDOS attack so it basically ends up blocking your web server.
possible SYN flooding on ctid 42131, port 80. Sending cookies.
Simple fix edit sysctl values for max_syn_backlog
sysctl -w net.ipv4.tcp_max_syn_backlog=5000
To make them permanent edit /etc/sysctl.conf
echo "net.ipv4.tcp_........
edit theme css:
Click "Appearance -> Editor -> Stylesheet"
http://yourblog.com/wp-admin/theme-editor.php?file=style.css&theme=twentysixteen
textarea {
color: #1a1a1a;
/*font-family: Merriweather, Georgia, serif;*/
font-family: "Lucida Sans Unicode", "Lucida Grande", sans-serif........
Just a note before you do this you should have a sure, guaranteed way into the system such as local, KVMor preferably publickey making bruteforce SSH absolutely impossible since there is no password to bruteforce and even if someone knew the password they wouldn't be able to login except from the local console (presumably you should make sure no one unauthorized has physical access).
1. Edit /etc/ssh/sshd_config
Find the section like this:........
It is not obvious but the rsync --help
rsync --help|grep port
--port=PORT specify double-colon alternate port number
--port does not do anything at all actually for some strange reason it still uses 22
You have to specify a manual ssh command to make it work:
-e 'ssh -........
In Debian/Ubuntu this is called "holding".
To hold/exclude a package from being installed or upgraded:
sudo apt-mark hold packagename
To allow the upgrade/installation unhold:
sudo apt-mark unhold packagename........
If you were in my boat you were frustrated that you had to double encode, eg. one separate encode for watermark and a separate from concat and it's not easy to figure out this with ffmpeg on your own. However it is a nice way to save time!
ffmpeg -i file1.mp4 -i file2.mp4 -i file3.mp4 -i watermark.png -filter_complex "[0:v]setpts=PTS-STARTPTS[v0]; [1:v]setpts=PTS-STARTPTS[v1]; [2:v]setpts=PTS-STARTPTS[v2]; [v0][0:a][v1][1:a][v2][2:a]concat=n=3:v=1:a=1[v][aout]; [v][3:........
This is a 8TB Seagate external USB 3.0 device apparently newer kernels use a module called "UAS" instead of "USB Storage" which causes issues as a lot of devices are not properly supported in UAS mode by the kernel driver. The solution some say is to disable UAS specifically for your USB device but I'd rather just disable UAS altogether.
Solution blacklist UAS: *do not do this it does not work and just causes your USB 3.0........
Finally after ages I found the solution which is on many pages on the net but not obvious and should have been standard or more common info!
Instant Solution:
Type this into the terminal (unfortunately the driver config menu doesn't have the option as itis hidden):
nvidia-settings --assign CurrentMetaMode="nvidia-auto-select +0+0 { ForceCompositionPipeline = On }"
Make permanent
Cli........
Jun 1 15:45:42 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: project_data:INFO Missing folder chosen by user:
Jun 1 15:45:42 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: project_data:INFO Removed missing file: MAH02949.MP4
Jun 1 15:45:57 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: ui_util:WARNING Icon theme media-playback-start not found. Will use backup........
These errors believe it or not are simply because of not being the root user or running with sudo! However if you didn't know to try as root you'd think there was a problem with your burner or disc Essentially it looks like without root you cannot send the required scsi commands to continue writing. Ithink cdrecord should have built-in tests or safeguards to see if it has the permissions to run the required commands.
I guess for more advanced users the idea is simila........
Just make sure you have php-xdebug installed and edit your php.ini:
[xdebug]
xdebug.profiler_enable = 0
xdebug.profiler_enable_trigger = 1
xdebug.profiler_output_dir = "/tmp/xdebug/"
xdebug.output_name = "cachegrind.out.%t-%s"
Also make and set permissions on /tmp/xdebug:
mkdir /tmp/xdebug
chmod 777 /tmp/xdeb........
Error while connecting to MYSQL: (XID 4ea7s9) Access denied for user 'root'@'localhost' (using password: YES) at /usr/local/cpanel/Cpanel/Mysql.pm line 181
Solution
This error occurs because the /root/.my.cnf has the wrong/outdated password for MySQL root user. Simply edit /root/.my.cnf with the correct user. This normally happens if you update outside of cPanel.........
1.) gedit/pluma
both very good the only thing I wish is that there was an autosave for unsaved documents! The only other competitor which is similar but I prefer less is kwrite (although I think kwrite may have proper autosave)
pluma seems to be a renamed gedit yet gedit is still installable on Linux Mint)
........
Using Apache 2.2 and PHP5.6 PHPBB3 is very slow to respond. Actually for some reason it takes so long to even register a log entry in access_log as in several seconds or a few minutes later it shows up in Apache. All other vhosts and Apache access stops working and freezes until the request to access PHPBB3 slowly completes.
It seems to randomly be slow if you stop using it whether for posting or reading the forums. I've migrated to different machines including........
There are usually two reasons for this.
#1 The most common is that you need to enable the -r (recursive) flag with zip to make it recurse into directories.
So the solution is to use -r
zip -r somefile.zip yourfiles
#2 If you are using bash scripting based on ls without the full path or for some other reason the full path is missing, zip looks for the files in the current directory so this will always fail.........
whois in Linux is incredibly out of date and does not seem to recognize most new TLDs domains, but there is a quick and easy tip/hack/tweak for this.
An example of new TLD's site as .review .site .club
whois somesite.club
No whois server is known for this kind of object.
bash to the rescue
Now I did try to apply this in .bashrc but DONOT! Ithink the * wil........
Just manage your domain in Enom and choose "Host Records"
Choose "URL Redirect" as the record type.
As shown below choose the URL and add "?redir_mode=301" to the end of it.
To test the 301 and make sure it is a 301 (unlike Godaddy which really did a 302 when I chose 301!).
........
What code is being returned or where is a URL/domain redirecting you to? Curl makes this easy and simple:
curl -Iyourdomain.com........
The only real way us to do the following in the root of your site's .htaccess
RewriteRule ^somedirectory-not-to-inherit/.*$ - [L]........
[Thu Jan 26 14:13:31 2017] [notice] caught SIGTERM, shutting down
[Thu Jan 26 14:14:00 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jan 26 14:14:00 2017] [error] Server certificate is expired: 'Server-Cert'
[Thu Jan 26 14:14:00 2017] [notice] SSL FIPS mode disabled
[Thu Jan 26 14:14:07 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jan 26 14:14:07 2017] [error] Server certificate is expired: 'Server-Ce........
Disclaimer, before starting this I do not like ioncube, it is great to protect your source code, but a big pain to setup this extension since it has to be done manually. Further, fi you do a PHPupdate ioncube may no longer work, causing important sites or services to not work (I wish authors would take another approach).
1.) Download from here:https://www.ioncube.com/loaders.php
2.) Extract the contents and co........
PHP Fatal error: PHP Startup: apc_shm_create: shmget(0, 67108864, 914) failed: Invalid argument. It is possible that the chosen SHM segment size is higher than the operation system allows. Linux has usually a default limit of 32MB per segment. in Unknown on line 0
PHP Fatal error: PHP Startup: apc_shm_attach: shmat failed: in Unknown on line 0
This error is not at all fun because it actually prevents Apache/httpd from starting or working at all. It will........
The only solution after trying many suggestions was to simply restart the "vz" service (definitely not preferable).
Even doing an ifdown and ifup for venet0 did not help.
ifup venet0
Bringing up interface venet0:
Configuring interface venet0:
net.ipv4.conf.venet0.send_redirects = 0
RTNETLINK answers: Network is down
Some errors from log:
CPT ERR: d2dc60........
M4A is a weird format, so you have to be creative here is a quick copy of what I did.
Basically you need to convert to .wav to make use of them and thenI converted the resulting .wav into an mp3 (nice small file size and basically universally playable):
=======
sudo apt-get install mpg321 mp3gain faad normalize lame
faad "Voice 002 (copy).m4a"
faad "Voice 002 (copy).m4a"........
Tired of checking iotop and seeing that your drbd partition is using 99.99% of io all the time and finding your drbd device performs slow in general?
This is especially an issue in versions of DRBD in the 8.3 tree in particular one documented case is on "8.3.13" but it likely applies to other devices.
The symptoms are that resyncing is fine and normal but any reasonable amount of activity is very slow and lagged and creates a high server load and con........
I still cannot understand how this would not be enabled by default and I struggled to find the reason why with manually installing samba etc.. wondering why the option for sharing was not in the menu.
On Linux Mint "MATE" the package is called "caja-share" and on Cinnamon it is called "nemo-share" so edit the below command as necessary:
*Also note that the "samba" package is necessary as it is not inst........
sed gets to be a pain and a real mess and is hard to read and understand when you have to escape things like / etc.
Idid not realize until recently that you don't need to use / as a separator, you can use virtually any non letter or number character.
Eg we have used # as the separator to avoid having to escape the forward slashes and in this way the command is plain, easy to understand, edit and saves time/hassle without the need for escaping.
sed -i s#http........
There was only one solution here and it was the following:
edit /etc/httpd/conf/httpd.conf
Comment the lines for the Mime Magic Module:
# MIMEMagicFile /usr/share/magic.mime
# MIMEMagicFile conf/magic
*Don't forget to restart Apache and clear your browser cache twice
I was using DefaultType and ForceType a........
When you start uploading larger images in Wordpress you have to make sure your maximum attachment size is large enough and that the execution time is not too short:
Uploading
Error
HTTP error.
[Thu May 12 16:32:25 2016] [error] [client 10.10.5.2] PHP Fatal error: Maximum execution time of 30 seconds exceeded in /httpdocs/blog/wp-includes/class-wp-image-editor-gd.php on line 182
Solution Edit p........
1.) Flash directly to this file:
http://tomato.groov.pl/download/K26RT-N/build5x-132-EN/Linksys%20E-series/tomato-E2500-NVRAM60K-1.28.RT-N5x-MIPSR2-132-Max.zip
*I was never able to get the larger "Mega" file to work, at least not initially so I recommend the file above.
To enable 5ghz I had to do the "Clear NVRAM" Option before it was shown.
2.) Or if you don't need 5ghz (most devices do not support it and cannot........
The below forces all request to your domain to go to the main non-www root domain.
Updated code:
RewriteCond %{HTTP_HOST} !=domain.com
RewriteRule ^(.*)$ https://newurl.com/subdir/$1 [R=301,L]
If you don't want it to go to a subdirectory:
RewriteCond %{HTTP_HOST} !=domain.com
RewriteRule ^(.*)$ https://newurl.com/$1 [R=301,L]
Bad code:
This code is bad beca........
The best way is as below in .htaccess using modrewrite, any request that is not SSL will be redirected to https://domain.com and the exact same URL
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://domain.com/$1 [R=301,L]........
/var/lib/samba/usershares
But note that it is just simple file sharing if you need directory mask, create mask etc... you still need to edit the smb.conf file to create your share.
Here is an example file:
comment=
usershare_acl=S-1-1-0:R,S-1-22-1-1000:F
guest_ok=y
sharename=BabyPhotos........
This command in Debian/Ubuntu/Mint will get everything need installed for most Java based KVM viewers:
sudo apt install icedtea-netx
The following additional packages will be installed:
ca-certificates-java icedtea-netx-common openjdk-8-jre openjdk-8-jre-headless
It seems every other updated version of Java or Icedtea breaks things and I will save the frustration of Java for another post.........
Here is the scenario you or a client have a remote machine that was installed as a standard/default minimal Centos 6.x machine on a single disk with LVM for whatever reason. Often many people do not know how to install it to a RAID array so it is common to have this problem and why reinstall if you don't need to? In some cases on a remote system you can't easily reinstall without physical or KVM access.
So in this case you add a second physical or disk or already ha........
In my case I could login with the initial install but I rsync'd everything over while preserving ownership and permissions to another RAID partition and booted from that.was fine before. The problem is that you are kicked out the second you login and the problem was SELINUX for some reason (perhaps it noticed something strange when it was moved to the new partition)
login: pam_unix(login:session): session opened for user root by LOGIN(uid=0)
login: ROOT LOG........
#solution
Edit /etc/yum.repos.d/openvz.repo
For the first two entries comment out #mirrorlist and uncomment #baseurl and then it worked
openvz yum problem Centos 6.5 cannot find file on mirror:
yum update
Loaded plugins: fastestmirror
Determining fastest mirrors
* openvz-kernel-rhel6: mirrors.ustc.edu.cn
* openvz-utils: mirrors.ustc.edu.cn
base ........
mount -o bind /somedir /anotherdir
In /etc/fstab
/somedir /anotherdir none bind 0 0........
Before reading on remember to put the line at the bottom of /etc/sudoers as from experience what happen is that other rules cancel out what you have added.
If your sudoers setup is correct it will work immediately upon saving without requiring a reboot.
Edit /etc/sudoers
yourusername ALL = NOPASSWD: /path/to/command
*Once again remember the above should be on the bottom of the sudoers file or........
sudo apt-get install zoneminder
[sudo] password for one:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libuser-perl python-evince kdebase-apps kwrite unixodbc
libgnomeprint2.2-data python-soappy vgabios python-metacity hddtemp
python-mediaprof........
yum -y install wget
wget -P /etc/yum.repos.d/ http://ftp.openvz.org/openvz.repo
rpm --import http://ftp.openvz.org/RPM-GPG-Key-OpenVZ
yum -y install vzkernel vzctl
#enable ip_forward
sed -i s/'net.ipv4.ip_forward = 0'/'net.ipv4.ip_forward = 1'/g /etc/sysctl.conf
#all interfaces should not send redirects
echo "net.ipv4.conf.default.send_redirects = 1" >> /etc/sysctl.conf
echo "net.ipv4.co........
Based on this from Debian
The 'distribution' can be either the release code name / alias (wheezy, jessie, stretch, sid) or the release class (........
You need to set your application type as "Desktop" even though this would sound counterintuitive.........
This happened while trying to delete several thousand users from phpBB and basically corrupted the innoDB tables.
InnoDB: Page lsn 3 881164362, low 4 bytes of lsn at page end 881164362
InnoDB: Page number (if stored to page already) 86920,
InnoDB: space id (if created with >= MySQL-4.1.1 and stored already) 0
InnoDB: Page may be an index page where index id is 700
InnoDB: (index "tid_post_time" of table "phpBBdb2005"."phpbb3_p........
This example is based on Wordpress but applies to any other query string eg.
http://wordpress.com/?p=55
If you want to manually redirect that p=55 to /some/other/url how do you do it?
RewriteCond %{QUERY_STRING} p=55 [NC]
RewriteRule .* /new-url/? [R=301,L]
You can change the p=55 to whatever your query string looks like.
Remember to keep the "?" at the end of the new URLunless you really want the query s........
windows cannot find the microsoft license terms windows 2012 server install
This is actually because you are using less than 576MB of RAM. In my case I was installing on a KVM VPS with 512MB of RAM. This issue would apply to any physical or virtual server with less than 576MB of RAM. This includes Virtualized VPS Servers with XENHVM, KVM, VBOX, VMWare etc.. or Dedicated Servers with such little RAM.
It's very misleading of course since it has not........
Account Functions -> Change Site's IP Address
Choose the domain and then click "Change"
Choose the new IP
1.) Setup SSL Certificate in cPanel
Click on "SSL/TLS Manager" under the "Security" section.
2.) Under " Private Keys (KEY)"
Click "Generate, view, upload, or delete your private keys."
Choose "Key Size: 4096........
It is a permissions issue that is hard to fix.
All but one USB device is greyed out.
I am already a member of "vboxusers"
I have already enabled and disabled USB support for the guest.
I have already reinstalled the latest VBOx guest editions
If running as root it all works fine
Changing........
It's simple, just edit /etc/vz/vz.conf and add or change the following:
VE_LAYOUT=simfs........
The most common solution is to use the /etc/postfix/header_checks but this is a big problem.
Why is header_checks a problem? Because it does it to all mail whether incoming or outgoing and whether authenticated or not. We of course want as much header information for incoming as we can get for many reasons but many organizations want to secure and make their mail clients as secure as possible.
I adapted this solution to the client's custom config, they are configur........
I've only ever seen this in Ubuntu for some reason and it is because of the /etc/nsswitch.conf settings.
So the issue is that if the hostname's reverse DNS cannot be found that you need to go back to DNS which was not the default in this nsswitch.conf file for some strange reason.
Edit /etc/nsswitch.conf and replace your "hosts" line with this:
#hosts: files dns mdns4_minimal [NOTFOUND=return] mdns........
Many may ask why would you need to do this? When upgrading from phpBB 2 to 3 the conversion does not keep the admin user you create. If your old admin user has an email address associated that no longer works or is accessible this makes it impossible to reset the admin password.
Some may just say "I'll just manually edit the e-mail address" but it won't work and phpBB will fail to find that user if you don't update the "user_email_hash" field but how do........
-A PREROUTING -d 98.98.98.5/32 -p tcp -m tcp --dport 1050 -j DNAT --to-destination 192.168.1.50:3389
The above forwards port 1050 on IP98.98.98.5 to 192.168.1.50 port 3389 (you can obviously edit things to meet your needs).........
#count=10000 makes an image of 10000MB make sure your image is at least the same as your existing
dd if=/dev/zero of=yourimage.img bs=1M count=10000
# losetup -fv newimage.raw
# fdisk -cu /dev/loop0
# kpartx -a /dev/loop0
# dd if= of=/dev/mapper/loop0p1
# e2fsck -f /dev/mapper/loop0p1
# resize2fs /dev/mapper/loop0p1
# a lot of guides tell you to edit /etc/fst........
This seems to mainly affect new installs of Windows and especially on XP randomly.
There are whole pages dedicated to the subject but none of them have a simple proper solution.
They and Microsoft say to use "Microsoft Fix It", the only problem is it requires .NET and many new installs of Windows don't have it by default.
The simple solution you asked for
Just reboot Windows and that is how Ifixed it.........
mencoder -fps 30 -ss 00:00:38 -oac lavc -ovc copy 152408.mp4 -o soundedit.mp4
The -ss flag means to start at 38 seconds (so the first 38 seconds of video will be removed).........
Error: Package: php-Monolog-dynamo-1.7.0-1.el6.noarch (epel)
Requires: php-aws-sdk
Error: php-pecl-zendopcache conflicts with 1:php-eaccelerator-0.9.6.1-1.el6.x86_64
Error: php-xcache conflicts with php-pecl-apc-3.1.9-2.el6.x86_64
Error: php-pecl-zendopcache conflicts with php-pecl-apc-3.1.9-2.el6.x86_64
Error: Package: php-horde-Horde-Vfs-2.1.2-2.el6.noarch (epel)
&n........
root@hkhosting [/]# service httpd start
Starting httpd: Syntax error on line 2 of /etc/httpd/conf/httpd.conf:
Invalid command 'Alias', perhaps misspelled or defined by a module not included in the server configuration
........
Movie-Aspect is undefined - no prescaling applied.
videocodec: libavcodec (720x1280 fourcc=34504d46 [FMP4])
[mpeg4 @ 0x2c91c00] timebase not supported by mpeg 4 standard
Could not open codec.
FATAL: Cannot initialize video driver.
That is the error I would get, I thought it was a codec error something else. By fluke Isaw something about ffmpeg where someone recommended manually telling it to the "fps" and it worked.........
./rsync.sh
sudo: sorry, you must have a tty to run sudo
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(601) [sender=3.0.7]
Solution edit
/etc/sudoers
#Defaults requiretty........
PHP5 Centos 6 displays part of code from PHP file for some scripts
Solution
edit /etc/php.ini change short_open_tag = Off to:
short_open_tag = On
Then restart Apache and it should be resolved (assuming the scripts failing used )
........
The results are not bad, the Hitachi performs the same as it does in a SATA2 motherboard. However, the 2TB is much different, on a similar 2TB Toshiba I get about 198MB/s on a different motherboard vs the 2TB Hitachi which should produce similar results.
This Dell Perc 6/i is on a PCI x8 riser card and is connected to a 12-port backplane.
Adapter #0
Enclosure Device ID: 32
Slot Number: 0
Enclosure position: N/A
De........
LSi Megaraid
At first it was configured as a RAID 0, then I deleted the Virtual Disk Group.
I thought both drives would be shown and detected in Linux as sda and sdb but it actually shows nothing.
To make them work you have to hit Ctrl+R before the system boots (when prompted) and create a Virtual Disk Group. In my case I created each one as RAID 0 (with a single drive only) as I just wanted JBOD but there is no such option or default in these Dell Pe........
CPanel ->Basic cPanel &WHMSetup
At the bottom you'll see them, set the nameservers you want to use and the corresponding A record if needed.
Then all new domains will use those settings/nameservers.
It's strange that there's no section for this specifically.........
The Cause
Basically it's usually because your Cpanel has new IPs and the old IPs it knows are no longer available/working/valid.
The solution is to change the site's IP but you may run into issues for various reasons. Here is what I encountered below.
It redirects there even though public_html is empty and doesn't have any index or htaccess redirect.
---
This issue happened after a CPanel migration, the site is bein........
iptables -t nat -A PREROUTING -p udp -m multiport --dports 20,123,443 -j REDIRECT --to-port 53
getsockopt failed strangely: Invalid argument........
yum update error
Traceback (most recent call last):
File "/usr/bin/yum", line 29, in ?
yummain.user_main(sys.argv[1:], exit_code=True)
File "/usr/share/yum-cli/yummain.py", line 229, in user_main
errcode = main(args)
File "/usr/share/yum-cli/yummain.py", line 145, in main
(result, resultmsgs) = base.buildTransaction()
&nbs........
This is important if you need public access to internal IPs such as at your office and don't want to use a VPN just to SSHinto different servers:
Below forwards the port "10001" to the IP192.200.5.53 on port 22 (of course adjust it to your needs).
iptables -t nat -A PREROUTING -p tcp --dport 10001 -j DNAT --to-destination 192.200.5.53:22
Remember to enable MASQUERADE on your NAT IPs or they won't be able to talk to the outside world (........
I installed Ubuntu 11.04 for testing purposes but I couldn't even download SSH server:
sudo sed -i -e 's/us.archive.ubuntu.com/old-releases.ubuntu.com/g' /etc/apt/sources.list
After running the above make sure you do a "apt-get update"
Note with the above that Ihave the search string of "us.archive.ubuntu.com" change it to whatever is in your sources.list
The above does not fix all repositories either, I haven't had a chance t........
SELECT column_name
FROM information_schema.columns
W........
Have you ever unplugged the wrong drive and then had to rebuild the entire array? It may not be a big deal in some ways but it does make your system vulnerable until the rebuild is done.
Many distros often enable the "bitmap" feature and this basically keeps track of what parts need to be resynced in the case of a temporary removal of a drive from the array, this way it only needs to sync what has changed.
To enable bitmap to speed up rebuilds and sync........
find / -name 'thedirectorytofind' -type d
That's all there is to it and now you don't have to get a listing of all the files along with it.
Another cleaner solution that supports wildcards is the following
find prep-*/dvd-slideshow_temp*/ -type d
........
This is just trying to read 5GB off the drive with dd and the drive initially tested ok but shortly after I wondered why I was seeing 2MB/s read speeds. Notice the "current_pending_sector", anytime I've seen it at anything above 0 even with no other bad fields/attributes, it means the drive is bad.
ata1.00: exception Emask 0x0 SAct 0x3 SErr 0x0 action 0x0
ata1.00: irq_stat 0x40000008
ata1.00: failed command: READ FPDMA QUEUED
ata1.00: cmd 60/00:00:........
vi /etc/httpd/conf.d/ssl.conf
Change the following from "Listen 443" to something like below
Listen 2243
Then find the SSLVirtual Host Context and edit like below (to your new listening port)
##
## SSL Virtual Host Context
##
........
I find it very annoying that this mouse has buttons on the side where you grip it and the left one goes back in the browser and the right one goes forward. Imagine if you're filling out a form and hit it, most forms/websites have no protection against it.
Source: http://ubuntuforums.org/showthread.php?t=2065400
Here's how I fixed it with xinput, it's too bad there's no good standard GUI to........
Client Log
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.1.253 [192.168.1.253] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_d........
Step #1 - Create Wrapper Script
vi /usr/local/bin/phpsendmail
#!/usr/bin/php
........
cat | grub --device-map=/dev/null
Now pay close to the attention of the beginning.
Type: "device (hd0) VPS.img" this is telling what hd0 will be to GRUB and we're telling it the disk image file "VPS.img" in the current directory is hd0, you can specify alternate paths and image names of course.
GNU GRUB version 0.97 (640K lower / 3072K upper memory)
[ Minimal BASH-li........
This booting error is because the Xen PV guest image uses the Xen kernel, this is not compatible with anything but a host running a Xen kernel.
I did a kpartx -av virtual.img and then it created some partitions that showed up in fdisk.
I mounted it and did a chroot into it and removed the xen kernel and installed a normal kernel but Xen still shows the same kernel in Grub (only the Xen one).
This is strange but it seems like this Xen PV guest has some sort of hidden or........
This is something I often setup for clients because it's very helpful for people in datacenters, this allows custom OS installs on demand, you can customize it more by using kickstart etc.. but here's a base I use before customizing more:
This little script below will install everything you need to get booting by PXE Linux.
It also assumes you set a local IP (be sure not to overwrite your existing IP) on eth0:0 (note the :0) as 192.168.1.10 and it........
This error in my experience is user error although CPanel doesn't help, this message doesn't give you much to go on.
Let's talk more about the process of setting up SSL with CPanel.
Your site must have a dedicated/non-shared IP to even have the option of creating an SSL Certificate.
You must create a Private Key (do not delete this private key!)
You must create a CSR (Certificate Signing Request)
Use CSR to create cert........
For whatever reason the current OpenVZ yum repo file enables the RHEL6 version of OpenVZ, why is this bad? Because if you're running Centos 5 it still defaults to using the kernel from RHEL6 which won't work on RHEL5/Centos 5.
Ionly realized this after wondering why I couldn't boot into OpenVZ that it was using one meant for RHEL6.
To fix the problem you have to edit /etc/yum.repos.d/openvz.repo and disable the "[openvz-kernel-rhel6]" section by changing........
This may sound silly but there will be conflicts/issues with the default Centos repository so you have to use a third party like remi (I prefer not to do this but it's the only option unless you migrate your sites/data to another server or can stand some downtime-not an option IMHOon a production server).
You may need to upgrade to PHP5.3 to run Joomla or many other reasons.
Your host needs to use PHP 5.2.4 or higher to run this version of Jo........
ERROR 1045 (28000): Access denied for user 'contentmanager'@'localhost' (using password: YES)
For fun I thought I'd reset the password:
GRANT ALL ON thecontent.* TO contentmanager IDENTIFIED by 'dfdfsdfdsfsdfsd';
ERROR 1470 (HY000): String 'contentmanager' is too long for user name (should be no longer than 16)
This is ridiculous that this new version has some bizarre 16 character username limit and not only that but i........
iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
This solution applies to all other iptables modules/problems for OpenVZ, you'll just need to add them to both lists/lines below if you have modules other than what I have below.
The modules need to be enabled in both iptables and the OpenVZ hostnode itself and then the containers which need it must be restarted.
How To Enable IPTables Modules in OpenVZ........
I really am a Linux fan but my comments here may not show it. Although I'm quite familiar with Linux CLI to administer servers, I find Linux GUI OS's like Ubuntu at times very clunky.
This is partially because there's no such thing as a "self-made" Linux from scratch where the UIwas designed by a single team. Linux is made up of several different projects that are generally completely separate and this lack of integratiion is a key issue that makes things f........
This is the mail system at host mail.postmail.com.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
&........
PDOException: SQLSTATE[42000] [1044] Access denied for user 'db_user'@'localhost' to database 'dbname' in lock_may_be_available() (line
167 of /home/user/public_html/includes/lock.inc).
The username and password were correct but some reason CPanel added the user with no permissions! Edit the user's permissions to include "All" from Cpanel or MySQL and that is the solution.........
It really is as simple as:
cdrecord -v dev=/dev/sr0 pathtoyourisoimage.iso
-v is for verbose, I prefer it but if you don't you won't see as much output like below (I like to know the details and exactly what's happening)
dev=/dev/sr0 specifies the device name of your burner (they say not to use it and to specify some weird annoying device string but using the raw /dev has always worked for me and is how it should have been implemented from the start IMHO)........
Visit http://linux.softpedia.com/get/Programming/Interpreters/Android-32340.shtml
Basically copy and paste all of that below and you'll have installed and started the Android SDK before you know it.
wget http://dl.google.com/android/android-sdk_r12-linux_x86.tgz
sudo apt-get install openjdk-6-jre openjdk-6-lib openjdk-6-jre-headless
tar -xvf android-sdk_r12-linux_x86.tgz
cd android-sdk-linux_x86/tools
./android........
This is very annoying, the only known fix is to install vim
apt-get install vim
After that everything works as normal.........
Within vi if you can't exit /etc/vim/vimrc you can type
:syntax off
And to turn it back on:
:syntax on
Many of us have a dark/black background in our terminal/shell making the default syntax unreadable, the solution is to either turn off syntax highlighting with :syntax off or to enable a special option in /etc/vim/vimrc
Edit /etc/vim/vimrc
The "syntax on" enables the highligh........
I am watching the Canucks riot and a reporter said Twitter is down.
My home connection on Shaw is fine, but when Iused my Rogers network over the cell, it says "Rate Limit Exceeded". I wonder if this is a transparent redirect by Rogers under police order?
I noticed that the Telus network loaded Twitter just fine.........
GNU GRUB version 0.97 (640K lower / 3072K upper memory)
[ Minimal BASH-like line editing is supported. For the first word, TAB
lists possible command completions. Anywhere else TAB lists the possible
completions of a device/filename.]
grub> root (hd1,0)
Filesystem type is ext2fs, partition type 0xfd
grub> setup........
This assumes that you've at least created the correct partition for your DRBD already.
Notice that I am "diskless", that's because either your DRBD partition doesn't exist/has been renamed (eg. sdb becomes sda when sdb dies and you reboot) or because that drive is really actually dead/gone.
*If you need to permanently change the partition/device for your resource be sure to edit /etc/drbd.conf on both hosts and reload the config.
(replace r0 with........
yum -y install vnstat
chown nobody.nobody -R /var/lib/vnstat/
#replace venet0 below with your desired interface
sudo -u nobody vnstat -u -i venet0
#edit: vi /etc/sysconfig/vnstat
#VNSTAT_OPTIONS="-i venet0"
# only use the sed below if you are using venet0 instead of eth0 or replace accordingly
sed -i 's/eth0/venet0/g' /etc/sysconfig/vnstat
[root@monitor]# yum install vn........
This happened during a RAID array check:
SMART says both drives pass the test, but I'm doing a long test on them and hopefully this is not a hardware error.
Apr 3 04:22:01 remote kernel: md: syncing RAID array md2
Apr 3 04:22:01 remote kernel: md: minimum _guaranteed_ reconstruction speed: 1000 KB/sec/disc.
Apr 3 04:22:01 remote kernel: md: using maximum available idle IO bandwidth (but not more than 200000 KB/sec) for reconstruction.
Apr........
My Samsung drive failed on me, at first I thought it was the enclosure but a direct SATA connection causes the same problems for discs that are inserted. It will work fine for a few minutes but then starts spewing the errors below.
I've never been a fan of Korean made optical drives and have always had trouble with them. The problem is that I don't believe NEC and Lite-ON make drives anymore, and I considered them the leaders.
Apr 7 11:58:48 bo........
You need to enable the httpd daemon with monit to actually view the status and control, it's not only for the web interface since the httpd is theONLY way of controlling monit and viewing the status.
monit monitor all will also reinstate disabled services if they've timed out too much. Just restarting the service will do nothing to re-monitor a service that monit has stopped monitoring due to too many failures.
*Also note that /etc/monit.conf i........
I don't have a solution other than to use rsync, I used diff on about 1.7TB of data which includes hundreds of thousands if not millions of small files to ensure nothing was missing or corrupt.
diff didn't even get past the first large directory without spitting that error out.
Keep in mind I used "diff -r" because that means recursive, otherwise it wouldn't compare all files and subdirectories and would be a false way of doing it.........
My mother needed a new laptop and I recommended her the same one I would have bought myself or my wife, that means the cheapest possible laptop with the most features for the money.
This HP shines at this price point and one thing that made me stay away from buying more and recommending HP/Compaq was the poor battery life. Not anymore, this model has an industry leading up to 4 hours of battery life.
Key Factors for Choosing It:
HDMI Out........
Centos 5 Postfix and SPAMASSASSIN Tutorial
yum install spamassassin
chkconfig spamassassin on
vi /etc/mail/spamassassin/local.cf
##############
#required_hits 5
#report_safe 0
#rewrite_header Subject [SPAM]
#5 is the least restrictive (means only the most obvious SPAM is caught. 0 is obviously the most restrictive/sensitive and would have lots of false positives
require........
I'm posting this because it wasn't easy or obvious how this would be accomplished and the man page leaves it to guesswork.
Multi-line body_checks
Example 1
/........
When migrating away from Plesk I couldn't figure out an easy way to get a straight list of all e-mails, but here is where I found the solution:
http://nakuls77.wordpress.com/2008/08/30/details-of-email-ftp-database-users-from-psa-database/
mysql> SELECT mail.mail_name, accounts.password, domains.name FROM mail, accounts, domains WHERE domains.id=mail.dom_id AND mail.account_id=accounts.id;
mysql> SELECT CONCAT(mail.mail_name,’@’,domains.name) AS Em........
cp msgFilterRules.dat /other/mail/folder
edit msgFilterRules.dat change all instances of your old mailbox: actionValue="mailbox://joes@mail.server.com/name"
to:
actionValue="imap://joes%40server.com@mail.server.com/INBOX"
sed s/'actionValue="mailbox:joes@mail.server.com'/imap://joes%40server.com@mail.server.com/g msgFilterRules.dat-........
Dovecot enable SSL (by default it uses an old expired cert if you choose pop3s and imaps as protocols)
===================
Create Cert & Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
mkdir /etc/mailssl
chmod 700 /etc/mailssl
cp server.* /etc/mailssl
Edit /etc/dovecot.conf
ssl_cert_file = /etc/mailssl/server.crt
s........
Create Cert & Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
mkdir /etc/mailssl
chmod 700 /etc/mailssl
cp server.* /etc/mailssl
Postfix SSL config
Edit /etc/postfix/main.cf:
#SSL stuff
smtpd_tls_cert_file = /etc/mailssl/server.crt
smtpd_tls_key_file = /etc/mailssl/server.key
To make smtps w........
understanding /etc/aliases
*remember to apply changes you need to run "newaliases" after editing /etc/aliases
one thing I don't get is that it doesn't allow you to specify the whole e-mail address on the left-hand side
eg:
yourfullemail@domain.com: someotheremail@domain.com
postalias: warning: /etc/aliases, line 109: name must be local (if you try the above)
It works more like this:
your........
genuine.com/IN: loading master file genuine.com.zone: file not found
_default/genuine.com/IN: file not found
I always found it silly that no one really talks about this and apparently many like me and even control panels like Plesk were still using hard paths. I always thought "why can't I just specify the name of the zone file and have bind find it". Surely the default search path must be /var/named or somewhere else but there is no such thing.........
CPU/Kernel/MB/RAID problem?
Jan 5 12:45:05 testbox kernel: [653298.890004] BUG: soft lockup - CPU#0 stuck for 61s! [hal-acl-tool:4168]
Jan 5 12:45:05 testbox kernel: [653298.890005] Modules linked in: vmnet vmci vmmon binfmt_misc drbd video output input_polldev ocfs2_stackglue ocfs2_dlmfs ocfs2_dlm ocfs2_nodemanager configfs k8temp hwmon_vid lp snd_hda_intel snd_pcm_oss snd_mixer_oss snd_pcm snd_seq_dummy snd_seq_oss snd_seq_midi snd_rawmidi........
Apache/httpd
Failed to save enabled features : The Suexec command on your system is configured to only run scripts under /var/www, but the Virtualmin base directory is /home. CGI and PHP scripts run as domain owners will not be executed.
This is because I never edited the Apache Config and Virtualmin config to reflect my new/current updated structure.........
Importing Plesk 8.6 Backup to Virtualmin:
Validating migration file ..
.. validation failed : XML::Simple Perl module is not installed
Solution is to install the correct module:
perl -MCPAN -e 'install XML::Simple'
Migrating a single domain works just fine, but it doesn't work with a full client backup containing multiple domains.........
VMWare bridged adapter not working:
Message from system: The network bridge on device vmnet0 is not running. The virtual machine will not be able to communicate with the host or with other machines on your network. Failed to connect virtual device Ethernet1.
I'm not sure how to fix this but one of the issues is that my eth0 became eth1 after moving my hard drives to a new motherboard. I have run the vmware-config.pl but this did not resolve the issue.........
Webmin Setup Centos 5:
wget http://downloads.sourceforge.net/project/webadmin/webmin/1.530/webmin-1.530-1.noarch.rpm?r=http%3A%2F%2Fwww.webmin.com%2Fstandard.html&ts=1294339690&use_mirror=surfnet
[1] 24229
[2] 24230
[root@host ~]# --2011-01-06 21:48:20-- http://downloads.sourceforge.net/project/webadmin/webmin/1.530/webmin-1.530-1.noarch.rpm?r=http%3A%2F%2Fwww.webmin.com%2Fstandard.html
Resolving downloads.sourceforge.net... 216.34.181.........
Virtualmin Postfix Error:
The status of your system is being checked to ensure that all enabled features are available, that the mail server is properly configured, and that quotas are active ..
A problem was found with your Postfix virtual maps : No map sources were found in the Postfix configuration
.. your system is not ready for use by Virtualmin.
........
Install the "Editors" and "Net" groups that will give you rsync, ssh, ssh-keygen and cron.
The trickiest thing that I keep forgetting about each time is you have to run "cron-config" which adds the cron service to Windows, and without doing that obviously no cron jobs will be run thus making automatic backups impossible.
Warning about rsync/cygwin and using the -a archive switch.
It's a good thing I caught this because it doesn't work ri........
Login as Admin
Languages & Phrases -> Search in Phrases
Choose "Phrase Variable Name Only"
Search for: welcomemail
Edit the "Translation" box with what you'd like in it.........
There's no partial WD EARS alignment fix:
I had data on /dev/sda3 and /dev/sdb3 (RAID1) so I couldn't edit that one.
I thought I'd be smart and try fixing the first two partitions so I set the first one starting at sector 2048 and then +8 for the second partition.
This has really slowed the performance down worse than it ever was!
Disk /dev/sda: 2000.4 GB, 2000398934016 bytes
255 heads, 63 sectors/track, 243201 cylinders, tot........
mdadm: metadata format 00.90 unknown, ignored.
This happens with various versions of older mdadm such as mdadm - v2.6.7.1 - 15th October 2008
It is all because an extra 0 in 00.90 in /etc/mdadm/mdadm.conf that it doesn't like (it doesn't seem to cause any problem except that message though):
Solution - Edit your /etc/mdadm/mdadm.conf and change 00.90 to 0.90 in your arrays:
ARRAY /dev/md3 level=raid1 num-devices=2 metadata=0.90 UUID=f41a4644:6b2a05f........
One of the purposes of rsync is to backup whole filesystems and archive them but how can you do that properly and restore things to normal if all permissions and ownerships are not preserved from your root filesystem?
It's not desirable to have everything running as root, especially not just for an rsync.
The Easy rsync preserve permission solution for non-root users
sudo is the answer and all you have to do is edit /etc/sudoers
At the end o........
I've only used it on Centos, soI thought I'd make a quick Debian guide:
Install the DRBD Package
apt-get install drbd8-utils
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libswfdec-0.8-0
Use 'apt-get autoremove' to remove them.
The following........
The Xen VPSI had was not working properly and when they asked for the login information I found the support was coming directly from India:
whois 122.178.148.*
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-5]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 122.178.128.0 - 122.178.191.255
netname:&........
http://apt.sw.be/redhat/el5/en/i386/test/repodata/repomd.xml: [Errno 14] HTTP Error 404: Not Found
Trying other mirror.
Error: Cannot retrieve repository metadata (repomd.xml) for repository: rpmforge-testing. Please verify its path and try again
Notice it is complaining about "rpmforge-testing", just disable it for now:
Solution is to edit the repo:
vi /etc/yum.repos.d/rpmforge-testing.repo........
ping test.com
connect: No buffer space available
/var/log/messages
Oct 18 12:21:03 vps kernel: printk: 177 messages suppressed.
Oct 18 12:21:03 vps kernel: Neighbour table overflow.
Solution in /etc/sysctl.conf:
net.ipv4.neigh.default.gc_thresh1 = 4096
net.ipv4.neigh.default.gc_thresh2 = 8192
net.ipv4.neigh.default.gc_thresh3 = 8192
net.ipv4.neigh.default.base_reachab........
/usr/local/cpanel/bin/swapip domain(s)
It simply doesn't work, the Apache VHOSTS remain 100% unchanged, why does this script exist? I'm sure it would work from the control panel but I am locked out because my IP was changed and it doesn't match the CPanel license. I wish CPanel would make it easier to update the license IP.
I even took it a step farther, I manually edited the vhosts and restarted Apache and it........
Always make a backup of the original file before trying this, I find this kind of thing when updating IPs etc.. to use a script.
Where the old IP is "192.168.5.8" and the new IP is "10.10.5.8"
sed -i s/192.168.5.8/10.10.5.8/g testdomain.org.db
The -i with sed means "inline" meaning we edit the file directly, but without the -i we could just use >and output the results to another file or do whatever else we wanted.........
Create New RAID 1 Array:
First setup your partitions (make sure they are exactly the same size)
In my example I have sda3 and sdb3 which are 500GB in size.
mdadm --create /dev/md2 --level=1 --raid-devices=2 /dev/sda3 /dev/sdb3
mdadm: array /dev/md2 started.
Check Status Of The Array
*Note I already have other arrays md0 and md1.
You can see below that md2 is syn........
Virtualbox Error
I tried to copy a .vdi of one container to use in another one, basically to clone instead of having to install the OS again.
Failed to start the virtual machine Centos 5.5 Mirror.
Medium '/home/testuser/.VirtualBox/HardDisks/Centos 5.5 Mirror.vdi' is not accessible. UUID {a1a9fad7-0402-4867-b8f3-39fb49454bc5} of the medium '/home/testuser/.VirtualBox/HardDisks/Centos 5.5 Mirror.vdi' does not match the value {4945a0e8-0ed5-4736-9088-bcaf........
You'll see the following and the boot process will freeze:
io scheduler noop registered
io scheduler anticipatory registered
io scheduler deadline registered
io scheduler cfq registered (default)
I have struggled with this issue on vari........
For a standalone system the solution is simple, just use the same version of Windows a copy a good version of:
C:windowsSecurityDatabasesecedit.sdb from another computer.
Then you should be able to login again without getting the nasty message "Local policy does not permit you to log on interactively."
Of course you will probably need a way of accessing the filesystem off-line in order to get to it such as a Linux boot disc.
Some........
This was done on Centos butI think it's easier on Debian machines, the paths that it is set to use are tailored towards Debian, so there is some fiddling that needs to be done on Centos.
This is for chrooting ssh, but jailkit has other uses than just SSH jails but I won't cover them in this writeup.
1. Install jailkit
yum install jailkit
2. Setup Jail Home
mkdir /home/jail
chown root:root /home/ja........
After installation Directadmin does not work on OpenVZ VPS when browsing http://ip.ip.ip.ip:2222
service directadmin status
directadmin dead but pid file exists
tail /var/log/directadmin/error.log
Check the value of your ethernet_dev=eth0 setting in your /usr/local/directadmin/conf/directadmin.conf file and the output of /sbin/ifconfig
2010:07:10-12:44:01: ioctl can't find........
Mencoder is great, you can throw anything at it, including video files from your camera and have it encode into xvid or almost any other format.
In my case I took 640x480 video from my Canon and reduced the size by 1/3 with the options below (there are many other options that you can read about in the manual but I like to keep it simple).
Mencoder Encode
mencoder -ovc xvid -oac mp3lame -xvidencopts fixed_quant=4 -o ........
[27969.398749] sd 5:0:0:0: [sdb] 3907029168 512-byte hardware sectors (2000399 MB)
[27969.398749] sd 5:0:0:0: [sdb] Write Protect is off
[27969.398749] sd 5:0:0:0: [sdb] Mode Sense: 00 3a 00 00
[27969.398749] sd 5:0:0:0: [sdb] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[27972.117543] ata6.00: exception Emask 0x0 SAct 0x1 SErr 0x0 action 0x0
[27972.117543] ata6.00: irq_stat 0x48000000
[27972.117543] ata6.00: cmd 60/08:00:ff:7........
This is a great way to use your ftp server space, for example on your web hosting account (althoughI believe many hosts don't allow storage like this), but if you have a VPS/Dedicated Server etc.., this would be perfect. Imagine how easy it is to work with an ftp account that you can just mount as a normal partition or directory in Linux, it would be great for backups etc..
Name
curlftpfs - mount a ftp host as a local directory
Synopsis........
I've never understood how to enable and disable services for different run levels in Debian based distros, it's just weird, annoying and doesn't make sense. I much prefer chkconfig from RHEL.
Just install the package called 'rcconf' and be done with it. rcconf makes things easy for you.
apt-get install rcconf
Reading package lists... Done
Building dependency tree
Reading state information... Done........
I'm using Ubuntu 8.04 but anyone using older kernels will find this may apply to them. My Intel graphics are very slow with the default Xorg settings but by using "EXA" acceleration, scrolling down windows of text becomes pretty snappy.
Just edit /etc/X11/xorg.conf
Section "Device"
Identifier "Configured Video Device"
&nb........
I've recently used CPanel on the admin side for the first time and have to say I hate it. Everything from the layout to the functionality screams "hackish". It just lacks so many common sense features and way of working.
I was never 100% impressed with Plesk but the basics were definitely laid out and done in a sensible manner, even though it is made by a Russian company, they definitely thought about how to make a Control Panel.
I have no idea why people........
Warning: get_browser(): browscap ini directive not set.
Solution is to edit /etc/php.ini
Uncomment this:
[browscap]
browscap = extra/browscap.ini........
Edit /etc/wwwacct.conf
Then add/edit the HOST line to add your hostname. eg:
HOST yourcpanelserver.com........
The default options for iptables are very basic. Here is what you need to do in order to enable them in OpenVZ.
1.) Add the modules to iptables and restart iptables:
vi /etc/sysconfig/iptables-config
Edit the line as so:
IPTABLES_MODULES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"
2.........
One note is to secure MySQL, I don't know for sure but I believe you could login to MySQL remotely with no password during this operation (I'm not sure, maybe it doesn't accept blank passwords but I firewall MySQL port anyway and recommend you do the same).
First edit /etc/my.cf
Under the [mysqld] field add the following line somewhere:
skip-grant-tables
Now restart mysql: service mysql restart or on Debian sty........
This function and others may not work with the stock PHPinstall on Centos/CPanel: Fatal error: Call to > undefined function imagecreatefromjpeg()
Even with libjpeg-devel installed it won't work because PHP was not compiled with jpeg support, so we have to do the dirty work ourselves :)
Here is the command/yum's I did to install missing libraries for PHP that configure will complain about (yes it is a one by one process).
yum install bzip2-........
This is a very simple solution, but most guides out there make you login twice (once to scp the key) and once to put the key in authorized_keys. There's no need for that.
If you don't already have a ~/.ssh/id_rsa.pub just type "ssh-keygen -t rsa" and keep hitting enter until it's done :)
Just use this code to easily enable passwordless login with SSHD
key=`cat ~/.ssh/id_rsa.pub`;ssh user@192.168.5.25 "echo $key >> ~/.ssh/auth........
This drive is clearly on the way out, the Kernel knows it but I'm surprised that SMART is not concerned. I didn't blame Seagate for their past issues until now. This hard drive has hardly been used and has not even been powered on for a year according to SMART.
Home page is http://smartmontools.sourceforge.net/
=== START OF INFORMATION SECTION ===
Model Family: Seagate Barracuda 7200.11
Device........
I thought there would be an error message or warning from MySQL in the case that the text you submit is greater than the allowed limit based on the field.
So essentially I submitted text that was about 120,000 characters long, whereas the limit of TEXT is just 65,535 characters! I almost lost half of my data/what I typed without knowing it!
I just altered the field type in my database from TEXT to LONGTEXT. I can't see how LONGTEXT wouldn't be long enough for MOST........
The folder I was trying to archive is about 72GB, but much like rsync at about 17GB it chokes because of the filesize. What's with so many common and essential Linux tools having such limitations? I guess it is likely that the authors never wrote their code with the idea that files would be so large but it's still very annoying. It's important to stay on top of these limitations on production servers because I didn't realize what happened until I checked the file with "........
I decided on using yum to help me decide even though I normaly use proftpd I decided to see what else I could find.
yum search ftp
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* rpmforge: ftp-stud.fht-esslingen.de
* base: mirrors.netdna.com
* updates: updates.interworx.info
* addons: yum.singlehop.com
* extras: mirrors.netdna.com
rpmforge........
All you have to do is browse to:
C:Documents & SettingsYourUserName and you'll see the following:
Inside "My Recent Documents" are of course shortcuts to the most recent documents you opened
Inside "SendTo" is your sendto, you could edit that to Send a file to a network destination, your Flash Drive........
Here are the results, it is Sempron 3000+ AMD Mobile, 500Gig HDD, 512MB RAM with shared ATI Radeon graphics.
# # # # # # # ##### ###### # # #### # #
# # ## # # # #&nb........
PHP cannot access /usr/bin/opensslI have verified the username that runs the process is able to access /usr/bin/openssl and it does exist but the PHP script is saying it doesn't exist:
[code:1:1fd0f3abbe]
if (!file_exists($OPENSSL)) {
//echo "ERROR: OPENSSL $OPENSSL not foundn";
}[/code:1:1fd0f3abbe]
I don't get itI can clearly see the contents of /usr/bin by using the PHP system fu........
rsync bash script
[code:1:722d8a25c1]#!/bin/bash
# config ---------------------------------
# two methods
# from = receive data from another server
# to = send data to another server
rsync_method=from
rsync_ip='192.168.5.18'
local_dir='/home/backupguy/backups'
remote_dir='/home/backup'
free_space_bin='/home/backups/freediskspace.sh'
# config end ------------------------------
if [ '$rsync_me........
JavaScript get valued of selected drop down l
[code:1:4be190f44a]Package = OrderForm.package.options[OrderForm.package.selectedIndex].value;[/code:1:4be190f44a]
OrderForm = Name of HTML form the SELECT is inside
package = Name of SELECT element eg.
JavaScript says form name is not defined even though it is
I've integrated this into my design and I got an error saying the Form Name i........
JavasScript how to set or write value in id tagbla
I need to set a value inside that DIV tag using Javascript, how would I do it?Doesn't work for me:
[quote:c6b5f693a5]Warning: Element referenced by ID/NAME in the global scope. Use W3C standard document.getElementById() instead.
Source File: http://hosting.com/vps-order.html
Line: 19[/quote:c6b5f693a5]
[code:1:c6b5f693a5]........
Problems surfing web/servingI noticed sometimes websites wouldn't load at random through a FreeBSD box and other systems on the same link didn't have the issue. I believe it is because of the low default limit of 128 TCP connections that caused the problem. It would also slow down any traffic that requires many connections such as Bittorrent.
The fix is to increase the amount of connections to at least 1024
Edit [b:520b050d3e]/etc/sysctl.conf[/b:520b05........
Nice General Linux RAID 1 GuideFull examples/tutorials that should work for any Linux system using GRUB or LILO as the boot loader.
This is the only tutorial I've seen that clearly shows how you can convert an existing non-RAID system to software RAID1 remotely, without ever having to be at the computer. This is important for people who co-locate or rent dedicated servers that they may not have physical access to in a timely manner.
https://alioth.debia........
Setup Static IP Address ONBOOTAssuming you are using eth0
Note this will work for any version of CentOS and basically any version of Redhat Linux or Redhat based distribution.
You would need to create a new file
[code:1:02f8d34c30] /etc/sysconfig/network-scripts/ifcfg-eth0:0[/code:1:02f8d34c30]
DEVICE=eth0:0
the ":0" at the end specifies alias 0 we could actually change this to ":99" or "........
Need identd for port 113 ? Install authdyum install authd
Happy identing :)Actually it's not that simple.
It installs as an "xinetd" service and is disabled and turned off by deafult.
To enable it run:
[code:1:8c94df8319]
chkconfig --level 3 auth on
service xinetd restart
[/code:1:8c94df8319]
This will set identd aka authd to start by default.
service xinetd resta........
Linux Unix Xorg X Server Intel Extreme i810 Graphics Problem(EE) I810(0): No Video BIOS modes for chosen depth.
(EE) Screen(s) found, but none have a usable configuration.
I have a new Dell PC with one of the latest Intel Extreme Graphics on-board crap. From what I can see any Linux/Unix/FreeBSD versions running XFree86 or Xorg from years ago or the latest version today will have this problem.
It's easily corrected FOR MOST people. Go into your........
Quick Tutorial On Starting A Web Site[b:3cef3c01b6]Step 1.[/b:3cef3c01b6] Purchase a Domain Name (eg. yoursite.com)
[b:3cef3c01b6]Step 2.[/b:3cef3c01b6] Design your site using a program such as Microsoft Frontpage or Macromedia Dreamweaver. If you are unable or unfamiliar with doing this you may want to hire a company to create your site (many of them will handle each aspect of setting up your site).
[b:3cef3c01b6]Step 3.[/b:3cef3c01b6] Host your site........
The New Chips on the BlockThe New Chips on the Block
By Bruce Gain
Story location: http://www.wired.com/news/infostructure/0,1377,67795,00.html
02:00 AM Jun. 13, 2005 PT
We have embarked upon a new era in x86 PC computing -- so say chip giants AMD and Intel following their launches of dual-core PC processors. So how will dual-core processing change your PC computing experience? Our FAQ should help you decide whether or when you sho........
Proftp Passive PortsIf you use a locked down firewall you can edit proftpd.conf and tell it something like this:
[quote:8419cab1f8]PassivePorts 6170 6270[/quote:8419cab1f8]
That would force all passive ftp traffic to ports 6170 6270 which you could then open on your firewall rather than leaving open ports 1024-65000 open........
Package managementIf you're like me and often like using an older version you'll need to know this.
Since all 5.x versions no longer have packages of their own you'll have to use the 5-stable
The best way is to set the [b:d5e8972240]packagesite environment variable[/b:d5e8972240] like so in your [b:d5e8972240].profile [/b:d5e8972240]file
[quote:d5e8972240]vi /etc/.profile[/quote:d5e8972240]
Add this:
[code:1:d5e897224........
CVSUp the Easy WayIf you're reading this you probably have never used CVSUp or don't know how.
CVSUp can be used for two things or just one if you prefer.
*Keeping your kernel up to date
*Keeping your port list up to date
Start by editing the following file in:
[b:76928b387d]vi /usr/share/examples/cvsup/cvs-upfile[/b:76928b387d]
It can be quite overwhelming with all the crazy options.
Basically there are only 3........
NEC ND-3500A is great!I just picked up an NEC 3500A a few weeks ago and I love it.
It is a great all in-one optical drive solution.
It can burn DVD/+R-R at up 16x, read at 16x and rewrite at 4x and CD-R at up to 48x!
Not bad, but the impotant part is that it delivers consistent high quality burns and the drive is as quiet as I could ask it to be.
It's also convenient that it has a lot of hacked firmware for overspeeding of........
Load Balancing/ClusteringAn interesting article that discusses the pros, cons and viability of load balancing/clustering
http://www.wwwcoder.com/main/parentid/493/site/4189/68/default.aspx
ZoneEdit seems to offer an interesting Fail Over Service as well:
http://www.zoneedit.com/doc/faq.html#fo........
This is a very weird, annoying and bizarre quirk with many distributions, especially Debian. The home and end keys don't work, but it's a simple fix as long as you found this article :)
You just have to edit /etc/inputrc:
Find the commented lines as shown below:
# "e[1~": beginning-of-line
# "e[4~": end-of-line
*If you can't find the above, just copy and paste the code below into your inputrc, it will en........
Shortcut/Easiest Way To Create A Self-Signed Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
Using the above, you instantly create a self-signed certificate valid for 1530 days and you can simply skip to step #5.) below.
If You Need a Real SSLCertificate (eg. Equifax/Openssl) then you need to create a CSR request (you'll need to follow Steps 1.) and 2.) in order to create the CSR. You then upload the CSR Certi........
This really is a difficult and confusing process for non-Mandarin speakers, but here's what I've done and learned so far:
You can purchase an "M-Zone" China Mobile pre-paid SIMCard from almost anywhere but I tried to purchase mine from Suning (a large electronics dealer) hoping they would be able to help me or answer my questions but my plan didn't work out at all. At Suning once I found someone who spoke some English they gave me the 55 RMB M-Zone China Mobile P........
This is something that happens a lot and it is very dirty, as you probably know each site is hosted on a certain IP address. Sometimes a domain is hosted by a single IP address and the IP address defaults to this very same domain.
This means that if someone buys domain abcd.com and enters your IP address (the one of your website) as the A record, your content will show up on their domain as if it was their own.
There is an easy way to prevent this by using .htacces........
You can see the problem below, GRUB recognizes my hard drive and sees the partitions but cannot access them. This is from the GRUB boot disc I'm using.
What happened is that I had some power issues causing this system's power to be interrupted several times and basically an on/off on/off situation.
The system won't boot, I just get a flashing cursor and no message or error from GRUB. Obviously the problem is that my MBR seems corrupt or some other issue.
My........
I've tried to find a good sensible solution to cluster with and each technology has it's pros and cons and there is no perfect solution and I've found a lot of "exaggerations" in the applications, benefits and performance of these different filesystems.
DRBD
I first started off with DRBD and Ihave to say it does live up to the hype, is quite reliable (although it can be annoying to match up the kernel module and user applications since they must match and whe........
In those 4 simple commands you can setup mutual key exchange between two sshservers by using a single login shell session and single window.
*Just change the IP address examples of (10.10.0.2) to the target of your mutual key exchange. It doesn't matter if the server is on a LANor WAN(well unless the server is behind a firewall and you cannot SSHinto it).........
Have you ever seen this dreaded message in your Apache/HTTPD /var/log/httpd/error_log?
[error] server reached MaxClients setting, consider raising the MaxClients setting
The error itself is slightly misleading. Ibelieve this happened to one of my servers, I found Apache was running still, and that you could telnet to port 80 but no respnose would be given.
For some reason my error log initially did not have the above error, but after a restart I saw........
For some reason Ikeep getting this error when trying to run a sudo command eg:
sudo -u someuser somecommand
sudo: Error dropping capabilities, aborting
My version of sudo is:sudo-1.6.9p17-3.el5_3.1 and I've heard that version 1.7 fixes everything. The only thing is yum does not think sudo has any update. Iguess the new version has not been committed to the RPM repository yet.
This is really a huge and ann........
Backing MySQL Databases
Backing Up/Dumping All Mysql Databases To A Single File
mysqldump --all-databases -u admin -p > allmysqldatabases.sql
The "-all-databases" clause is pretty obvious isn't it? It means that it will backup all databases.
The "-u admin" means login using the user "admin", if you h........
Here is an example that I recently found, most PR checkers will say this domain is PR8 or will say "cannot analyze PR".
The example is domain "bonserotica.com" view Google's cache of the homepage and you'll see as in the picture below, it lists a different URL, which means they used a redirect to a high PR site to fool you and the PR checkers.........
First of all you need to be jailbroken, but this is not covered here.
Go into Cydia and click "Manage Sources" then "Edit"and add: repo666.ultrasn0w.com
Then search for "ultrasn0w" as a package and install it, that's all there is to it, your iPhone is finally unlocked so when you travel abroad you can avoid ridiculous roaming charges, or you can switch providers and use any SIMcard you like.
You'd really thi........
Apple crippled the iPhone by not allowing multi-tasking of the non-primary apps. I use SSH a lot and I don't want to close my session just to check my e-mail, etc, now an app found in Cydia called "Backgrounder" allows just that.
Although it's not perfect, we installed the correct one for "3.x" iPhones and hit "Reload SpringBoard" and the hour/circle glass has just been going for minutes.
It seems like it installed fine even with the crash t........
This happened during a sync of my iPhone while installing some apps. This usually happens to non-jailbroken iPhones who are trying to install non-Apple approved software OR jailbroken phones who haven't done the "Sync update".
How to fix this error and get the Sync Update
Open Cydia - Manage - Sources - Edit
Add this source: http://cydia.hackulo.us
Then under the section "Hackulo.us" install "Ap........
Truly, the only way to unleash the capabilities and customization abilities of iPhone are to jailbreak, it's not just for hackers anymore.
A few days ago someone by the named of "geohot" released a single click application called "purplera1n", which does the entire operation smoothly and seamlessly.
In our case, the first time it went as far as "done, wait for reboot" on our Windows machine and for minutes we waited and saw the pic on the iPhone w........
Yes, Iadmit I finally got bitten by the hype as much as I can usually see through it all. Keep in mind this review is of the "stock" phone, no jailbreaking yet which is what really unleashes the customizability and whyI bought iPhone.
I had better things to say about this phone before buying it, and it is a great phone, perhaps the best on the market by far, if not because of the Mac OS port onto the iPhone and all the apps, etc, etc.
With that said........
The dmg format is silly and annoying to work with, why couldn't Apple stick with the .iso standard? Anyway, there's an excellent Linux and Windows based tool to convert it back to a normal .iso Image called dmg2iso
I'll only cover theLinux version although the Windows pre-built binary works the same way.
Download dmg2iso here for free (from the author's website)
It's just silly and doesn't make sense that Ubuntu doe........
I've had an old Blackberry for a few years and I was ready to spend some serious cash on a nice Nokia. I love the idea of the Linux based Symbian S60 OS, so I was looking at phones like the E63, E71 (both are basically the same, at least CPU/screensize although E71 is thinner, has a 3MP camera, has GPS, and has dedicated buttons to adjust the volume).
Then Iheard about the N97 and what a revolution it was supposed to be and it was even compared to iPhone.
To........
Icouldn't understand why on one system it took a few minutes to get the SSHlogin prompt when connecting to other systems. The other systems all had the UseDNS parameter set to no, which almost always resolves the login prompt delay.
The reason is Ubuntu and perhaps Debian and other distributions /etc/nsswitch.conf file
Edit yours to have the "hosts" line like so (notice that files and dns are the primary resolution choice........
resume: could not stat the resume device file
I got that after migrating to a different physical hard drive, it wanted to resume from a swap partition that no longer exists.
This is actually controlled by "uswsusp.conf" in /etc
Just edit it and remove the device or change it to the correct new swap file.........
This is really something the SSHServer developers should consider. The cause of this annoyance is because of failed DNS lookups on your IPaddress, which is especially common for many dedicated/col-located servers and also computers on internal NAT/private networks.
The chances are this is the cause of your SSHSlow/Delayed Login problems.
The easy solution to SSH Login Problems
Edit /etc/ssh/sshd_config
Add this line to disable r........
Igot this after copying a VMWare image onto another machine in Debian.
SIOCSIFADDR No such device eth0 error while getting interface flags
The solution
1.) Find and edit the device line in persisent-net.rules note it will be prefixed with something like z25 or something else.
vi /etc/udev/rules.d/z25_persistent-net.rules
The easiest way is to comment anything out.
If you are feeling........
When trying to even cd or ls the mounted OCFS2 partition it crashes. Ithink this is a combination of VMWare Server's problem and the way I mounted and symlinked to it.
More than anything this shows the problem and lack of forsight with VMWare, but also that OCFS2 is easily crashed if you do strange things.
Output of /var/log/messages for OCFS2
Apr 10 15:57:45 localhost kernel: [84331.691258] Modules linked in: vmnet vmci vmmon ocfs2_stac........
User username from 127.0.0.1 not allowed because not listed in AllowUsers
What's going on? The user was created properly, it has been defined as having a shell entry and the entry for /etc/passwd and /etc/shadow is set just fine.
This is a new and very smart/secure feature of SSHD. It is simple and yet effective, but also very annoying if you didn't know about it being implemented and that hand editing of /etc/ssh/sshd_config is required to allow a newly add........
At this time we can't resolve Enom's website and all DNS requests to their 4 primary name servers are failing, although the hostnames themselves still resolve:
Name Server: DNS1.NAME-SERVICES.COM
Name Server: DNS2.NAME-SERVICES.COM
Name Server: DNS3.NAME-SERVICES.COM
Name Server: DNS4.NAME-SERVICES.COM
Name Server: DNS5.NAME-SERVICES.COM
You would really think Enom, bein........