Although it is well-known that pptp is not secure and is subject to many forms of attacks, the reality is that a lot of legacy and embedded devices use pptp. I argue that if it is being used for routing or remote access or over an already secure connection (eg. another VPN like ikev2) then this is still acceptable. Or in a LANor in a public environment where no private data is exchanged. However, if the nature of the data is extremely sensitive, you should do whatever........
Sometimes systemd-journald can take several hundred megs of RAMor more which is bad for microservices and embedded devices.
Edit /etc/systemd/journald.conf
You can set it to max 5M of RAM like below:
SystemMaxUse=5M
........
FreePBX official install guide is here.
Requirements:
Debian 12 Download Link
Minimal - System Utilities
RAM: 4G
HDD:20G
Note that if you don't have the required base OS yo........
In our example below, we create 2 hunt groups.
You could assume the #1 group is sales and #2 group is support etc.. and you can create more as needed.
The main part of hunt is the "list" option where you add each phone number that is to be part of the group
ephone-hunt 1 sequential
pilot 2001
list 1234
timeout 10
ephone-hunt 2 sequential
pilot 2002
list 5678
tim........
In newer versions this is a very stubborn issue. Here is how you fix it.
Step 1 - Create networks.conf
sudo mkdir /etc/vbox/
sudo vi /etc/vbox/networks.conf
put this in:
In our case we can use the slash /16 range of 192.168.0..0, change the subnet accor........
Make sure this makes sense for you but I've started to block a lot of commercial Cloud services and easily accessible providers as they are a very high source of abusive traffic. The cost savings for a lot of organizations are huge, as you now have less bandwidth usage and less resource usage from garbage/bot/malicious traffic. This mainly works for when you can be reasonably sure that your audience has no business visiting your service(s) from freely accessible commercial IP ........
Uses:
Install OS on physical drive
Linux installation VMware
Install Windows on physical drive
Boot OS from physical drive
VMware Workstation tutorial
Linux virtual machine to physical disk
Windows to Linux migration
Dual boot OS installation
Boot from external SSD
Linux, Windows, BSD installation guide
Physical drive boot OS........
yum update
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=container error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
One of the configured repositories failed (Unknown),
and yum doesn't have enough cached data to continue. At this point the onl........
A lot of times you may see when installing packages that apt will recommend packages, a lot of times when doing things like upgrading or install a new kernel, it is very smart at recommending related packages (eg. modules, headers, extras etc..)
All you need to do is add this flag to your "apt install" command:
--install-suggests........
If you just have 1 disk per node/testing/POC then you can reduce the overall disk usage during install as below:
1.) Click on "Options" on the HDD that you want to install to.
2.) Under "hdsize" Set the Maximum Size smaller than the disk size.
In this example the disk is 60G and I set max size as 20G. This then........
Edit your /etc/hostapd/hostapd.conf file like below and restart hostapd.
#WPS stuff
# Enable control interface for PBC/PIN entry
wpa_psk_file=/etc/hostapd/hostapd.psk
ctrl_interface=/var/run/hostapd
eap_server=1
wps_state=2
ap_setup_locked=1
wps_pin_requests=/var/run/hostapd.pin-req
config_methods=label display push_button keypad
#WPS model info stuff change to suit your needs
d........
This is certainly a poor design, as you can read many seasoned admins who have updated their iDRAC only to have it killed. One possible cause is not by doing all the incremental updates, doing updates from an old iDRAC to one many revisions newer is a sure way to kill things, but even then there is no guarantee based on the amount of failures.
List of threads of people's dead iDRAC's:........
This is mainly for if you've done something silly like trying to clone a Live, running VM image. In this example, the VM initially finds grub and tries to boot but is kicked straight into initramfs rescue mode/busybox right after this.
If you've done this "silly" thing, you could have dataloss but a lot of times just using fsck will fix it as you are guaranteed at best to have some corruption and inconsistencies in the filesystem. My theory is that some files wer........
Many times just doing an update-grub may find Windows and add it to grub, but a lot of times it won't.
Create Windows in a custom grub entry like below:
sudo vi /etc/grub.d/40_custom
menuentry "Windows 10" {
set root='(hd0,0)'
chainloader + 1
}
Change Windows 10 to whatever you want to call it. For example if it was for Windows 11 you'd probably want to ca........
This guide assumes you have a working Postfix server and want it to sign with DKIM.
There are a few things we have to understand to make all of this work though, which require you to be familiar with DNS as well.
1.) Install OpenDKIM
apt install opendkim
systemctl enable opendkim
2.) Edit /etc/opendkim.conf
Syslog yes
SyslogSuccess yes
Mode&nbs........
apt install tftpd-hpa
#change TFTP_ADDRESS to by setting address to 192.168.1.1:69 or the IP you need, otherwise it will listen on all IPs and interfaces which could be a security risk.
# edit /etc/default/tftpd-hpa
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/srv/tftp"
TFTP_ADDRESS="192.168.1.1:69"
TFTP_OPTIONS="--secure"........
This can break things easily in remove environments where it was normally easy to convert a normal eth0 to a bridge under br0, and that bridge would normally have the same MAC address by default, which is desirable for most situations.
In Debian 11 this is different for some reason now.
https://unix.stackexchange.com/questions/681013/bridge-gets-random-mac-........
sysctl vm.overcommit_memory=1
echo never > /sys/kernel/mm/transparent_hugepage/enabled
echo 511 > /proc/sys/net/core/somaxconn
1:M 26 Nov 2023 21:34:33.840 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
1:M 26 Nov 2023 21:34:33.840 # Server initialized
1:M 26 Nov 2023 21:34:33.840 # WARNING overcommit_memory is set to 0! Background sa........
Sometimes users take their removal drives and unplug and replug them to test what happens during the failure of a disk. However, this breaks things quite badly due to the /dev/mapper in LUKS not coming back online due to it not being closed.
In other words, generally with non-encrypted drives the process is smooth but when encrypted you may want to follow a strategy like this:
We can see below that both disks are unavailable as they were physically remov........
convert-im6.q16: DistributedPixelCache '127.0.0.1' @ error/distribute-cache.c/ConnectPixelCacheServer/244.
convert-im6.q16: cache resources exhausted `/tmp/magick-27777Al6FGY7dhyKt10' @ error/cache.c/OpenPixelCache/3984.
convert-im6.q16: DistributedPixelCache '127.0.0.1' @ error/distribute-cache.c/ConnectPixelCacheServer/244.
convert-im6.q16: cache resources exhausted `/tmp/magick-277772Y_-pJnMdT2r1' @ error/cache.c/OpenPixelCache/3984.
convert-im6.q16: Distr........
Some people find it less than intuitive to do on DNSMasq and by default DNSMasq is available on 0.0.0.0 which could even be your LAN or Public IP.
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp ........
This will be the goto to help solve e-mail delivery issues and talk about many practical issues that happen between developers, admins and scripts that send e-mail and do things that may not be acceptable or cause deliverability problems.
Sendmail Stuff
Edit /etc/mail/sendmail.mc
The problem is that if you send directly out from the server using the mail function, the Return-path of the e-mails will be username@thehostnameoftheserver.com. Let........
First we need a few extra packages:
apt update
apt install -y adduser libfontconfig1 musl sudo
wget https://dl.grafana.com/enterprise/release/grafana-enterprise_10.3.1_amd64.deb
Install / Enable Grafana
dpkg -i grafana-enterprise_10.3.1_amd64.deb
dpkg -i grafana-enterprise_10.3.1_amd64.deb
(Reading database ... 44309 files and directories currently installed.)
Preparin........
This is for the situation that you're doing other things that may conflict or have your own custom rules and ufw keeps overriding iptables.
A lot of guides don't work, and even ufw reset does not work, because it still leaves the old ufw chains.
Here is what works to disable ufw completely
systemctl stop ufw
systemctl disable ufw
ufw disable
rm -f /et........
Proxmox's documentation shows the following here.
Which mainly just says change /etc/hosts and /etc/hostname with your new hostname.
Here's what happens if you only do that:
If you just do the above, you will find you have an inaccessible original hostname that contains those VMs and you cannot........
find /usr/share/zoneinfo/|sed s#"/usr/share/zoneinfo/"##g|grep "/"|grep -v posix|grep -v ^"Etc/"|grep -v ^right|grep -v ^"SystemV"
Africa/Addis_Ababa
Africa/Abidjan
Africa/Blantyre
Africa/Lusaka
Africa/Casablanca
Africa/Libreville
Africa/Asmara
Africa/Bujumbura
Africa/Dakar
Africa/Lagos
Africa/Malabo
Africa/Harare
Africa/Kigali........
Step 1.) Upgrade to Debian 11 first
The process to go to Debian 12 is not as smooth as 11, when trying to upgrade from Debian 10. In fact, it doesn't work directly, so you'll first need to follow this guide to update to Debian 11, reboot and come back here if successful.
Step 2.) Update sources.list
Update your /etc/apt/sources.list like this:
deb http://........
If you are running a local DNS server like named/bind and don't want to use the ISPsupplied DNS servers that are announced via a DHCP request (using dhclient) then the solution is simple.
The reason should be obvious, but normally running your own DNS server will provide a more reliable, and fast DNS response and you won't have to worry about filtering as much (unless your upstream filters or proxies outgoing DNS requests).
Edit /etc/dhcp/dhclient.conf........
If you get this error, it is often because you have configured Apache with modules that weren't actually installed. Eg. you try to load the PHPmodule but didn't actually install the apache2 php module, so the server can't start. In general, this error can often be caused by issues with problematic modules and/or Apache being configured for modules that have not actually be installed (eg. libapache2-mod-php) is missing.
The above results in this less than obv........
The issue is that Docker images are stripped down, so many tools and even python3 is missing, so you'll have to build or update the actual image yourself.
I assume you have started an image with something like this and that you have the Nvidia Toolkit installed (assuming you are using GPUs). If you're not using nvidia just remove --runtime=nvidia --gpus all.
docker run -it --runtime=nvidia --gpus all ubuntu bash
These works for most images li........
Welcome to our in-depth guide on configuring NVIDIA GPUs with Docker on Ubuntu. This post is tailored for developers, data scientists, and IT professionals who are looking to leverage the power of NVIDIA's GPU acceleration within Docker containers.
Whether you're working on machine lea........
You'll notice that /etc/resolv.conf contains dire warners on most Linux Desktops.
# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use........
We could always disable swap but this would normally be a bad idea unless you have an incredible amount of RAM and a workload that will never exceed it. However, for live/containerized and high performance environments it could be desirable.
Another middle ground may be to set swappiness to a lower number.
You may also want to clear your kernel's cache, which could be eating up RAM unnecessarily by c........
You may have a broken apt configure that calls for snap (which is not installed if you get the error below):
apt install coreutils
Reading state information... Done
E: Could not read response to hello message from hook [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true: Connection reset by peer
E: Could not read message separator line after handshake from [ ! -f /usr/bin/snap ] || /usr/bin/snap advi........
haproxy is one of the best known and widely used Open Source load balancers out there and a strong competitor to nginx.
haproxy is used by many large sites per Wikipedia:
HAProxy is used by a number of high-profile websites including GoDaddy, GitHub,........
1 - Install Vagrant
apt install vagrant
Make sure you have a supported Virtualization tool like Virtualbox or VMWare, Hyper-V etc.. It automatically detects and uses what you have. Virtualbox has a lot of support here with tons of images.
2 - Init Vagrant
We'll init to have a Debian 10 box by default to show how quick and easy it is.
vagrant init generic/debian10........
This seems to have changed for RHEL 8 where a normal dracut to update your initramfs creates a system that only boots for the running kernel. For example if you have Kernel 5 and then chroot into a RHEL 8 variant which uses kernel 4.18, and run dracut, it seems that by default the system will be unbootable.
It is also the case that if you move your RAID array or drives to another server that it will be unbootable, because dracut seems to only include modules needed for the curre........
This likely works for even older versions but I have only tested on 8,9,10 (11,12). It's quite impressive at how easy it is to upgrade from a very old version to the new version. I would say that Debian version upgrades are some of the quickest and smoothest of any distro.
1.) Backup your /etc/apt/sources.list
cp /etc/apt/sources.list ~
#Get your keys first, you need the latest keys for Debian 11 or it won't work:........
Virtualbox is a very powerful tool, but for some use cases it is less than optimal.
Say you are in a work, lab or other environment where you are not alone on the physical network and there could be overlap of IPs, but you need all of your VMs to be contactable from your host, VMs need to communicate with each other, and VMs need internet.
NAT Network will give you VM to VM communication and internet, however, it is buggy and unstable. It also doesn't allow host to VM co........
You can read lots of posts about this issue but there is not much information about why this is the case or how grub determines the root= device name. Some even suggest modifying grub.cfg manually which is a disaster as the next kernel update will cause grub to revert back to the device name.
For most people this won't be an issue but those using template system, automated deployments and working in embedded may run into this issue with custom embedded and created minimal kernel........
So say you happen to have 2 NICs of the exact same chipset, they will generally show up as the same name, with possibly a different revision in lspci. Normally this is not an issue if you have a server with 4 NICs, generally the eth0 to eth3 appears from left to the right (or right to left on some vendors) so it doesn't take much figuring out.
Generally if you have different chipsets for different NICs, it should be easy to know which one is eth0 or the first NIC in the OS.........
Later versions of ls try to be helpful and smart to prevent errors in dealing with files with spaces that were tradtionally a pain.
However if you need the raw/real filenames, this can break scripts or if you are pasting into a csv etc....
How do you make ls not add the quotes?
Add the capital "-N" switch
ls -N
You could also add an alias to make it more permanent
Do this to add it to ~/........
Sometimes due to your BIOS/EFI you may find that you have chosen "Energy Efficient" for your CPU which may effectively disable turbo mode. This is because "Energy Efficient" will often restrict or throttle your CPU to the base speed. This can impact nearly any CPU such as Intel's, AMDs, Opteron, Xeon etc...
This is of course frustrating, for example if you have a CPU that is 2.0GHz base speed but turbo to 2.5GHz, you will never hit more than 2GHz.........
It sounds intuitive that you may just move the /var/lib/docker dir to another location and symlink it back but it won't work and you'll get an error.
How to move Docker Storage the Correct Way
This assumes that you want to use /mnt/raid as the new location.
1.) Stop Docker
systemctl stop docker
2.) Move /var/lib/docker
mv /var/lib/docker /mnt/raid/
3.) Edit the Docker daemon file
Specify the path you wan........
To find which package a file is from just pass it the path to the file in question, whether it's a config file or binary, you'll find your answer (assuming it does belong to a package of course).
Just use dpkg -S /path/to/yourfile
How To Find Which Package The File Belongs To in Debian Mint Ubuntu Linux
eg.
dpkg -S /usr/bin/xed
xed: /usr/bin/xed
dpkg -S /etc/pam.conf
libpam-runtime........
If you are doing a custom deployment and image, make sure that when you rsync'd or tar'd that you didn't mess up the symlnk of /etc/mtab to /proc/self/mounts
ln --force -s /proc/self/mounts /etc/mtab
Will fix this........
This article about migrating to a CentOS 7 /8 RAID mdadm array has a lot of info but I wanted to focus specifically on what newer versions of CentOS 7 require to boot mdadm and what changes are necessary on CentOS 7.8+
CentOS 7 / 8 mdadm RAID booting requirements
This assumes you are chrooting into an existing install or using it to get a new deployment ready. However, these steps can........
Are you getting this error in CentOS 8 when trying to use yum to install a package?
Error: Failed to download metadata for repo 'appstream': Cannot prepare internal mirrorlist: No URLs in mirrorlist
What we need to do is not use the automatic mirror list and manually set the base URL
Solution
sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS*
sed -i 's%#baseurl=http://mirror.centos.org%baseurl=........
If you are getting this error from systemctl "Loaded: masked (Reason: Unit hostapd.service is masked.)" we need to unmask the service.
Solution
systemctl unmask hostapd
Removed /etc/systemd/system/hostapd.service.
It's fixed
root@routerOS:/var/log# systemctl start hostapd
root@routerOS:/var/log# systemctl status hostapd
● hostapd.service - Access point and authentication server for Wi-Fi and Ethern........
It may appear to be an Xorg or lightdm/gdm/mdm error but in reality for many users with this issue, it's a driver conflict and issue. I had a system that had two GPUs, an Intel and Nvidia GPU.
The only thing that got it working was to remove the nouveau driver and blacklist it so it never came back, then the Intel GPU works fine without these issues.
Solution
sudo rmmod nouveau
add nouveau/other driver to blacklist
edit th........
Is your /var/log/journal overweight and bloated? For example a decent install of Debian 11 with most applications and services ends up being about 4.9G with the journal taking a few gigs.
du -hs /var/log/journal/
1.3G /var/log/journal/
By default in a lot of distributions there is no maximum size so it will keep growing. This is especially problematic for embedded distributions and devices, but is also a huge waste of sp........
The display manager is more so what controls the main graphical login process after Debian/Mint/Ubuntu boot and controls the graphical login sequence. Once you login, you are then usually passed to an Xorg based Window manager like XFCE, Mate, Ubuntu etc...
Popular display managers are mdm, gdm, lightdm etc... and they all basically do the same thing with a different interface/style and some feature differences.
In Mint for example the normal default display manager is l........
Debian based OS's have a similar issue as the behavior in RHEL/CentOS dhclient, which is that if you have an interface that relies on DHCP, if the first attempt fails, it will quit and stop. This is a problem especially if you are using your Linux as a router or something else mission critical, but where the internet for some reason may have been down or the DHCP server it gets a lease from broken.
The expected behavior you would hope is that when things are back online that the........
Linux Mint offers an easy and painless upgrade path through the last 3 versions, which means no more reinstalling to stay current with the latest version.
The only catch is that you need the latest of each version, so for 18, you need 18.3 before you can go to 19, and then 19.3 (or latest), until you go to 20. However, it's really a small price to pay and on the machines we've tested, the upgrade went seamlessly each time (although sometimes video drivers/custom kernel modules l........
Bonding is an excellent way to get both increased redundancy and throughput. It is similar to the "Network Teaming" feature in Windows.
There are a few different modes but we will use mode 6, I think it's the best of both worlds, as it is not just a failover, but it provides round robin, so you will get redundancy and load balancing. So if you have a 1G single port, you will have a combined throughput of 4G at this point. Just bear in mind that the true thr........
If you are using mint, delete the preference that stops snap from installing (as it is required for lxc)
sudo rm /etc/apt/preferences.d/nosnap.pref
1. Install lxd:
sudo apt install lxd
Issues install lxd or errors? Click here
Debian at this time does not have lxd so you'll need to use snap:
sudo apt in........
This can be used on almost anything, since Gluster is a userspace tool, based on FUSE. This means that all Gluster appears as to any application is just a directory.
Applications don't need specific support for Gluster, so long as you can tell the application to use a certain directory for storage.
One application can be for redundant and scaled storage, including for within Docker and Kubernetes, LXC, Proxmox, OpenStack, etc or just your image/web/video files or even da........
This may be necessary if you have a VM or if for some reason you just want to be more efficient with your space and have the flexibility of changing your swap space at will.
What we mean is the ability to use a "swap file" or similar to the Windows "pagefile" that normally resides on the root or c: partition of Windows.
Here's all you have to do and then you to can have a single partiton with everything, including the swap file on the root partition if you........
This happens during an apt update and is related to an issue with sources.list, which is particularly troubling, if you are doing a "live-build".
P: Configuring file /etc/apt/sources.list
Hit:1 http://deb.debian.org/debian bullseye InRelease
Get:2 http://deb.debian.org/debian bullseye-updates InRelease [39.4 kB........
(firefox:9562): LIBDBUSMENU-GLIB-WARNING **: Unable to get session bus: Failed to execute child process "dbus-launch" (No such file or directory)
ExceptionHandler::GenerateDump cloned child 9743
ExceptionHandler::WaitForContinueSignal waiting for continue signal...
ExceptionHandler::SendContinueSignalToChild sent continue signal to child
[Parent 9562, Gecko_IOThread] WARNING: pipe error (40): Connection reset by peer: file /build/firefox-EymEXX/fire........
Install procps and it will install the other packages you need:
apt install procps
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
libgpm2 libncurses6 libprocps7 lsb-base psmisc
Suggested packages:
gpm
The following NEW packages will be ins........
The Best Docker Tutorial for Beginners
We quickly explain the basic Docker concepts and show you how to do the most common tasks from starting your first container, to making custom images, a Docker Swarm Cluster Tutorial, docker compose and Docker buildfiles.........
Just click on the Start Menu and go to "Startup Applications"
Then click on the "Add"Button
Now enter the command we need to open the folder/directory automatically using the filemanager
For remote SSH host (you need pub key auth for it to open without a pa........
Why choose OpenVPN instead of a firewall appliance?
OpenVPN can be a reliable and easy replacement for traditional hardware or just be an additional tool that your company uses so that the firewall can focus on its job rather than acting as a VPNappliance at the same time.
When comparing OpenVPN with traditional firewal........
The key is that you need to know the passphrase to do it, if you don't know the password for the key then you can't remove the key since it cannot be decrypted.
ssh-keygen is the easiest method and openssl can be used to manually remove the key and output it to a new file, which you can then copy back over top of the encrypted file.
After that your public key authentication will work without any password prompt because it is no longer encrypted. Make sure you understand........
These types of errors are normally caused by misconfiguration of your /etc/apt/sources.list.
In this example on Debian 10, if you didn't complete the install correctly, you will have no repos enabled and only rely on CDROM.
"Package wget is not available, but is referred to by another package. This may mean that the package is missing, has been obsoleted, or is only available from another source.
E: Package 'wget' ha........
How To Install Wazuh Server / Quickest Installation
Wazuh (forked from the well known OSSEC project) is a full SIEM (Security Information Event Management) that works extremely well with the platforms it natively supports as an "Agent", which allows you to do scans of everything such as all processes running, CVE vulnerability check, incident reporting etc...
Prerequisites:
A lot of issues with Wazuh seem to be caused by i........
If you get an error that you aren't in the sudoers file, this typically means that your user is not designated as an admin with sudo privileges.
In plain English, when it comes to some OS's like Debian including 10,11 etc.., by default the user is created without special privileges which is contrary to how Ubuntu/Mint handle the secondary user.
Let's check the sudoers file to see the problem.........
A lot of newer installs will automatically prohibit the root user from logging in directly, for security reasons or they will only allow key based access.
If you know what you are doing/don't care about security or have an incredibly secure password for testing, then you can enable it.
Edit this file: /etc/ssh/sshd_config
Find the following line: PermitRootLogin
Set it like this:
PermitRootLogin yes
Now rest........
1. Let's work from an environment where we can install Ansible on.
If you are using an older version of Linux based on Mint 18 or Ubuntu 16, you may want to get the PPA and get the latest version of Ansible that way:
sudo apt install gpg
sudo add-apt-repository ppa:ansible/ansible
sudo apt update........
Are you getting this error in Proxmox while trying to apt update or install Ceph?
apt update
Hit:1 http://security.debian.org bullseye-security InRelease
Err:2 https://enterprise.proxmox.com/debian/pve bullseye InRelease
401 Unauthorized [IP: 144.217.225.162 443]
Hit:3 http://ftp.hk.debian.org/debian bullseye InRelease ........
There are many reasons why Proxmox services may not start, but one common one, is if you have changed your /etc/hostname or /etc/hosts and don't have a valid FQDN (eg. proxmox01 instead proxmox01.com).
Failed to start The Proxmox VE cluster filesystem.
Failed to start Proxmox VE firewall.
Failed to start PVE Status Daemon.
Failed to start Proxmox VE scheduler.
Failed to start PVE Cluster HA Resource Manager Daemon.
Failed to star........
The Linux Mint team has disabled it by setting an apt preference, you can edit or just remove the file:
sudo apt install snapd
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package snapd is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source........
Kubernetes Easy Beginners Tutorial/Architecture Guide
Kubernetes is known as container orchestration and we should start at explaining the container part of it.
A Container is what runs the actual application and based on an Image, and are more comparable to something like an LXC Container, Virtuozzo/OpenVZ using the Linux Kernel Namespaces feature. Containers run these images as independent, isolated operating environments under the O........
This assumes that you've already installed the relevant HWIC cards eg. Cisco Asynchronous Serial NIM
These are essentially cards that you install into your router, once installed you connect an Async cable to one of the ports on the card which normally gives you 8 console cables and are normally labelled 1 through 8.
You connect all of the cables to the devices you need (even non-Cisco devices) whether switches, routers or firewalls, they will usually work.
The real m........
Just edit your ~/.bashrc and add this at the very end:
export PS1="realtechtalk.com"
Then your prompt will look like this:
bladeblox:uptime
08:47:14 up 48 min, 1 user, load average: 1.00, 1.07, 0.96
If you wanted a dollar sign at the end then you would change it like this:
export PS1=&........
It is common that you may get access to undocumented equipment and need to reset the password. This applies to many Cisco routers whether 2600, 2900, 3900 etc...
Cisco's Guide says to hit Ctrl +Pause/Break but if it doesn't work on some devices causing people to say "cisco password reset pause break does not work", you can see Cisco's alternative key combinations here:........
So you're trying to browse to a properly configured Samba share but you get this error:
Unable to mount location
Failed to retrieve share list from server: Connection timed out
If your config is right, it can be due to a protocol miss-match where your client has not enabled SMB3 but by default the other side (server) has enabled it.
You can test this out to see with the smbclient tool........
Just a quick note and warning is that if you are testing to see if EFIPXE booting works on a VM, MAKE SURE it actually works. For example Iinitially tested using my Distro's QEMU 2.5+dfsg-5ubuntu10.46 and ovmf BIOS firmware (OVMF supports EFI). However, I found on old versions of QEMU (like 2.5), EFIbooting with GRUB NEVER works so it may appear that you have made a mistake when everything is fine when you boot a physi........
Enable "cli" mode equivalent in JunOS
cli
Configure Mode
configure
So rather than going to the console on a Cisco switch and typing "enable" and then "conf t", the equivalent in JunOS is "cli" and "configure".
How Do You Apply Changes You've Made?
You can make all kinds of changes to the switch, but remember they are not........
Traditionally kernels were numbered starting from 0 but by default the "new style" of grub boot loading considers each subkernel item to be different so if you have 3 entries for 4.40-148 rather than counting for 1.
To get the expected behavior let's show this example and how we can boot it
We do a grep on menuentry in /boot/grub/grub.cfg to see all of the bootable kernels rather than scrolling through loads of extra entries we don't care about (thou........
yum update
Loaded plugins: fastestmirror
Setting up Install Process
Determining fastest mirrors
YumRepo Error: All mirror URLs are not using ftp, http[s] or file.
Eg. Invalid release/repo/arch combination/
removing mirrorlist with no valid mirrors: /var/cache/yum/x86_64/6/base/mirrorlist.txt
Error: Cannot find a valid baseurl for repo: base
You have mail in /var/spool/mail/root
........
To disable selinux temporarily and immediately:
setenforce 0
To make it permanent edit /etc/selinux/config:
vi /etc/selinux/config........
Interestingly enough Windows 2000 works fine on QEMU 64-bit but you have to specify Pentium as your CPU otherwise it doesn't complete the install (it will not pass the detecting/setting up devices phase).
-vga cirrus is wise because it is supported by Windows 2000 and allows higher resolutions and 24-bit color.
-cpu Pentium emulates an old computer and is necessary for install to complete
-device rtl8139 is important as this oldschool Realtek 8139 NIC is supported by W........
When you automount a drive in /etc/fstab even if it's not important like an external drive that you only use sometimes and is not required for booting, it will prevent a successfuly boot.
If you disable quiet mode for booting you will see something like below "A start job is running for dev-disk ...."
How do we fix an fstab entry from preventi........
qemu-img can convert many formats.
Here is an example of how to convert different images to different formats for QEMU-KVM
The example above converts a raw windows2019.img file from QEMU to a Virtualbox .vdi
qemu-img convert -f raw -Ovdi windows2019.img windows2019.vdi
-f raw = this means the format of the source image (instead of raw it could be vdi, vmdi, qcow2 etc..)........
This happens to a lot of Nvidia users especially users of newer cards like the RTX series. If for example you are trying to boot and install Linux and you get a black and white grub2 screen instead of a nice graphical welcome installer, you probably suffer from this bug. It is normally followed by the user booting and finding they just have a blank/black screen.
Here is the quick flow of steps to fix it:
If you get a black grub scree........
It really seems limited in that it can mainly give you the things you would see on the physical unit such as load etc..
wget https://downloads.sourceforge.net/project/apcupsd/apcupsd%20-%20Stable/3.14.14/apcupsd-3.14.14.tar.gz?r=https%3A%2F%2Fsourceforge.net%2Fprojects%2Fapcupsd%2Ffiles%2Flatest%2Fdownload&ts=1598115866
tar -zxvf apcupsd-3.14.14.tar.gz
cd apcupsd-3.14.14
[root@somebox apcupsd-3.14.14]#
./conf........
If you've come here, don't be embarraassed, working in IT, this is the MOST common computer problem that almost everyone will encounter. The reason why I'm doing this post is because I've seen an increase from colleagues and admins having this problem and many times it's not even your fault. A common scenario is that someone acquires a new or used computer which they weren't given the password for. Fortunately Ihave a detailed list of all the options whether free or pa........
This seems to happen on most if not all Nvidia cards but the good news is that if you are using any of the Linux drivers and have the nvidia-settings tool installed it is just a simple command.
Solution:
nvidia-settings --assign CurrentMetaMode="nvidia-auto-select +0+0 { ForceFullCompositionPipeline = On }"
Enter the above command in your terminal and the screentearing will be fixed which is like enabling Tear Free on AMD cards.&........
-?????????? ? ? ? ? ? shadow
----------. 1 root root 748 Jul 10 04:35 shadow-
cat: shadow: Input/output error
If you see this you are probably in big trouble, it could be a physical error or if it's a VM image that it is corrupted due to a physical error on the underlying disk/array/NAS or it could a........
/usr/libexec/qemu-kvm -enable-kvm -boot order=cd,once=dc -vga cirrus -m 4096 -drive file=~/23815135.img,if=virtio -usbdevice tablet -net nic,macaddr=DE:AD:BE:EF:D4:AB -netdev bridge,br=br0,id=net0
qemu-kvm: -usbdevice tablet: '-usbdevice' is deprecated, please use '-device usb-...' instead
access denied by acl file
qemu-kvm: bridge helper failed
[root@CentOS-82-64-minimal 23815135]# /usr/libexec/qemu-kvm -enable-kvm -boot order=cd,once=dc -vga cirrus -........
This is very frustrating but the fix is usually easy once you read this blog. It's very frustrating when you find that your Linux / Ubuntu laptop's wifi will NEVER work unless it is plugged into the power. The wifi menu may say "Wifi disabled by hardware switch". You may find that your laptop has no switch or has a function wifi button on the keyboard but this does not work or have any effect.
The cause is usual a "wmi" kernel module and simply doing an........
apt install software-properties-common
add-apt-repository ppa:deadsnakes/ppa
apt update
apt install python3-pip
apt install python3.7 curl gnupg python3.7-dev git
ln -s /usr/bin/python3.7 /usr/bin/python3
pip3 install numpy keras_preprocessing
curl https://bazel.build/bazel-release.pub.gpg | sudo apt-key add -
echo "deb [arch=amd64] http://storage.googleapis.com/bazel-apt stable jdk1.8" | sudo tee /etc/apt/sources.list.d/bazel........
Unless you are using OpenStack, AWS etc then cloud-init is just some bloat that slows down the booting of your VMand can actually halt it from booting if it doesn't have a proper working IP (not good!).
#remove cloud init!
Debian based Ubuntu / Mint
sudo apt remove cloud-init
RHEL / CentOS based
yum remove cloud-init
........
Iam going to build this based on a series of small howto QEMU / KVMposts I've made as I feel much of the information is actually hard to find and piece together from the rest of the web.
What I'm going to focus on is how to use virtio as the NIC because if you don't you get very slow NIC speeds but with the virtio NIC model you basically get host speeds.
/usr/libexec/qemu-kvm -enable-kvm -smp 8 -m 16000 -net user -net nic,model=virtio -drive file=ubuntu-gpt2l........
Most newer distros inexplicably cause your NIC to have what Icall "random" non-standard name conventions because of systemd.
This is a big problem for many people and especially those running servers. Imagine that you have a static IPconfigured for ens33 but then the hard disk is moved to a newer system, the NIC could be anything from ens33 to enp0s1, meaning that manual intervention is required to go and update the NIC config file (eg. /etc/network/interfa........
When authentication times out that is one thing, but when it just fails like below Asterisk by default will not re-register until you the admin reload the sip or asterisk server:
voipserver*CLI> sip show registry
Host dnsmgr Username Refresh State&........
Just run this apt install command
sudo apt install pepperflashplugin-nonfree browser-plugin-freshplayer-pepperflash
After this restart your browser and check Adobe's site to verify if your Pepper flash is working and showing at least version 32.
https://helpx.adobe.com/flash-player.html
As you'll see below it will download the latest version which is currently 32 and this was not possible with the old/crappy deprecated adobe-flash plu........
yum -y install wget unzip
wget https://download.nextcloud.com/server/releases/nextcloud-18.0.2.zip
unzip nextcloud-18.0.2.zip
yum -y install php php-mysqlnd php-json php-zip php-dom php-xml php-libxml php-mbstring php-gd mysql mysql-server
Last metadata expiration check: 0:58:02 ago on Fri 13 Mar 2020 02:12:49 PM EDT.
Dependencies resolved.
===================================================================........
It's as simple as below where you just specify the dev device of the CDROM which is usually /dev/sr0. You can boot actual bootable discs like Windows, Linux, etc straight from a physical drive this way.
sudo qemu-system-x86_64 -cdrom /dev/sr0 -m 4096
........
There are a few caveats that may not be obvious to everyone so I am going to cover them here but keep this in mind before starting.
Before starting install epel or you will be missing tesseract:
yum -y install epel-release
#1) When you specify your SSL certificate with a full path, it really needs to exist where you tell it to (including the default location of /etc/ssl/certs and /etc/ssl/c........
The scenario here is that you have some sort of remote headless Linux server but would like to run some programs on them and get graphical access to them. The problem is that the remote server may be an image or VMwithout any virtual GPU and even if so, it is likely without KDE or Gnome, so there's no real way to do this, unless you follow our guide.
Install xvfb
apt install xvfb
Reading package lists... D........
httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load modules/libphp5.so into server: /lib64/libresolv.so.2: symbol __h_errno, version GLIBC_PRIVATE not defined in file libc.so.6 with link time reference
This is usually caused by a mismatch in OpenSSLversion. Interestingly enough a lot of times if it has happened during an update of your system, or after, usually just restarting httpd........
A big problem over ssh and especially sshfs is that your connection will often timeout and disconnect after inactivity.
To fix this you can modify the server but it may not be practical or you may not have access. Why not send keep alives fom your end (client side)?
Just edit /etc/ssh/ssh_config (not to be confused with sshd_config as that is the server side):
Find the line that says "Host *" and change it like this:........
This is only really necessary in the case you don't want DHCP. If you are dealing with an encrypted LUKS server on the internet, you will often want to have a static IP so you know which IP to connect to (or if you have a semi-static IP assigned by DHCP).
SET IP Address by /etc/initramfs-tools/initramfs.conf
IP Address=192.168.1.27
Gateway=192.168.1.1
Subnet Mask: 255.255.255.0
Hostname=myhome.com
IP=192.1........
The reason for doing this is that the installer doesn't seem to work properly for LUKS and the server installer doesn't even support LUKS anymore. When you use the GUI install on Desktop for LUKS it won't boot and will just hang after you enter your password. So the only reliable way is to do it ourselves.
1.) Make a default minimal install of Ubuntu
2.) Have a secondary disk on the server or VM.
3.)........
Create your netplan file
vi /etc/netplan/01-netcfg.yaml
network:
version: 2
renderer: networkd
ethernets:
ens3:
dhcp4: no
........
The cool thing here is that we only need 1 drive to make a RAID 10 or RAID 1 array, we just tell the Linux mdadm utility that the other drive is "missing" and we can then add our original drive to the array after booting into our new RAID array.
Step#1 Install tools we need
yum -y install mdadm rsync
Step #2 Create your partitions on the drive that will be our RAID array
Here I assume it is /dev........
sudo vi /etc/lightdm/lightdm.conf.d/70-linuxmint.conf
Change this:
[SeatDefaults]
user-session=mate
allow-guest=false
To this:
[SeatDefaults]
user-session=mate
allow-guest=false
greeter-hide-users=true
greeter-show-manual-login=true
To see and apply your changes just restart light........
The problem is that by default ssh-keygen loves to generate an easy to crack 2048 bit key (RSA). Supposedly having a larger keysize helps such as 4096 or 8096 but it is thought to be useless still against Quantum computing.
How can I check my existing keysize and type?
ssh-keygen -lf /path/to/your/id_rsa.pub
The output will be something like below followed by the hash. The first number is the key size and the second part will b........
This is not about using ssh as a proxy, but rather, using a proxy when you are SSHing to another host and using ProxyCommand (where we normally use nc as our proxy tool).
In newer versions of nc the syntax has changed to the following:
ssh -o ProxyCommand="nc -x 127.0.0.1:1234" %h %p user@host
The format must be like above in newer nc versions.
Just be sure to change the 1234 to the port of your SOC........
It is fairly simple to use once you know how to use it. However, the tricky thing is that by default it doesn't seem to be active or listen on any interface on manually specified.
How To Install ifplugd
First we install ifplugd
sudo apt install ifplugd
Let's enable it on our desired device(s)
vi /etc/default/ifplugd
set this line as so:........
mysql reset root password.
Oops I can't remember my MySQL root password!
[root@centos7test etc]# mysql -u root -p
Enter password:
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
First we need to stop mariadb:
systemctl stop mariadb
Now we need to restart it with skip-grant-tables whic........
yum install centos-release-scl
yum install rh-php72 rh-php72-php rh-php72-php-mysqlnd
Symlink PHP binary:
ln -s /opt/rh/rh-php72/root/usr/bin/php /usr/bin/php
Symlink Apache and PHP module config:
ln -s /opt/rh/httpd24/root/etc/httpd/conf.d/rh-php72-php.conf /etc/httpd/conf.d/
ln -s /opt/rh/httpd24/root/etc/httpd/conf.modules.d/15-rh-php........
This problem has been around forever, Linux seems to think it is fine to use the r8169 driver for an r8168 NIC but this often causes problems including the link not working at all.
In my case ethttool shows the link up and detected but it simply does not work especially on a laptop that has been resumed from suspension. Sometimes it takes several minutes for it to work or to unplug and replug the ethernet.
Here is the solution:
Install th........
This is all controlled by /etc/issue
You can basically enter anything in there that you like, but there are preset variables that are mentioned at the end of the page that discuss this.
Some examples of /etc/issue:
Centos 7:
S
Kernel r on an m
Ubuntu 16.04:
Ubuntu 16.04.6 LTS n l
You can also insert any of t........
Oct 18 11:06:46 server systemd[529]: rc-local.service: Failed at step EXEC spawning /etc/rc.local: Exec format error
Oct 18 11:06:46 server systemd[1]: rc-local.service: Control process exited, code=exited status=203
Oct 18 11:06:46 server systemd[1]: Failed to start /etc/rc.local Compatibility.
Oct 18 11:06:46 server systemd[1]: rc-local.service: Unit entered failed state.
Oct 18 11:06:46 server systemd[1]: rc-local.service: Failed with result 'exit-code'.........
service sshd status
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: failed (Result: start-limit-hit) since Wed 2019-10-02 11:07:54 EDT; 36s ago
Process: 476 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=255)
Oct 02 11:07:54 box systemd[1]: Failed to start OpenBSD Secure Shell server.
Oct 02 11:07:54 box sys........
yum install iptables-services
systemctl enable iptables
service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]........
By default at least on Centos 7 nfs only allows 8 connections and starts 8 nfsd daemons.
To fix this edit this file:/etc/sysconfig/nfs
Edit the line "RPCNFSDCOUNT" (uncomment it so it looks like this:
RPCNFSDCOUNT=30
In the example above we are setting 30 nfsd daemons to run (or in other words 30 connections are possible this way).........
In Centos 7 tftpd will not work with selinux. Clients will not be able to connect and this is all you'll see in the log (then nothing more):
Sep 18 14:39:15 localhost xinetd[4327]: START: tftp pid=4331 from=192.168.1.65
On the client/computer side you will see this:
TFTP.
PXE-M0F: Exiting Intel Boot Agent
Basically the client is being instantly connected and bloc........
Having a network bridge allows you to bridge traffic under multiple devices so they can talk natively without using any special routing, iptables/firewall or other trickery.
To create your bridge you need the bridge-utils package for brctl and if you want to do things like bridge VMs that run on a tap device you will need the uml-utilities which provides "tunctl".
1.) Install the utilities to make our bridge
sudo apt-get i........
By default your DHCP will often not work because it is not listening on any interfaces.
All you have to do is edit this file:
vi /etc/default/isc-dhcp-server
then find the "INTERFACES" line and add each interface that should listen:
INTERFACES="br0 enp0s10"
........
I don't consider a lot of these "extra" kernel modules "nice to have" as they often contain drivers for essential items like your soundcard, your NIC and many other devices that may not work. Sometimes you may find that "sound" or "ethernet" worked before a kernel/OS upgrade and now in the new version they don't. Often it will be because you need to install the "extra" kernel modules.
One other weird thing is that sometimes........
If you've just installed VBox and it is not starting or working, the most common problem is usually that you don't have your kernel source installed, which means there is no kernel driver for vbox so it can't work.
You may get an error that says "Kernel driver not installed" in your Virtualbox.
So the first thing you should do is install your kernel source by running this:
sudo apt-get install linux-headers-`uname -r`........
By default bind will not respond to outside queries for security reasons.
In most distributions you will find the default in /etc/named.conf looks like this at the top under options:
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";........
You'll have to edit the policy.xml file to fix this:
convert -density 300 output.pdf agreement.jpg
convert.im6: not authorized `output.pdf' @ error/constitute.c/ReadImage/454.
convert.im6: no images defined `agreement.jpg' @ error/convert.c/ConvertImageCommand/3044.
sudo vi /etc/ImageMagick*/policy.xml
Change
policy domain="coder" rights="no........
SSH helps keep us secure in many ways, one of those is the host-key fingerprint which is unique. If you have been connecting to an SSH server that you've made no changes to and suddenly ssh warns that the key doesn't match then you have a problem.
But how about connecting to an existing server for the first time on a new machine or client?
A lot of new clients calculate it using an SHA256 hash but it is not as easy on your host machine to produce the sam........
Install Errors on Version 12:
This error happened on QEMU emulator version 2.11.1 pve-qemu-kvm_2.11.1-5
on Proxmox/Debian but installing on QEMU.12 on Centos 6 did not produce the error.
*Update it is not related to the OS or QEMU version. This happened in Centos 6 too after a second install.
What really causes this even though you successfully install........
If you get error messages like this it is usually because /var/run/sshd does not exist.
root@userbox:/# service sshd status
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enab
Active: failed (Result: start-limit-hit) since Wed 2019-04-10 02:24:44 EDT; 1
Process: 511 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=255)........
The strange thing is that usually the first install or two will work on any new machine but then it suddenly won't. I had this experience on QEMU 2.13 on a different machine. There is something finicky or buggy about the CUCM installer even when choosing the same virtual hardware specs.
qemu-kvm command:
/usr/libexec/qemu-kvm -version
QEMU PC emulator version 0.12.1 (qemu-kvm-0.12.1.2-2.506.el6_10.1), Copyright (c) 2003-2008 Fabrice Bellard
........
2,6,A or E is what the second digit of your MAC address must be otherwise a lot of OS's will not work. They will say the NIC is down/not connected even though it is.
This is because if the second digit is not set properly it will not view as a valid MAC or device uplink. This is especially an issue with VMs whether in QEMU etc.. if you are making your own MAC.
MAC address is invalid
c4:d1:aa:e5:10:05
To fix it just........
It is much more useful to have meaningful and detailed logging from tftp to see what is or isn't happening especially for VOIPand other embedded device appications:
Edit the file:
vi /etc/xinetd.d/tftp
Change the server line like this:
server_args = -s /var/lib/tftpboot........
You may have noticed if you are running QEMU/KVMmanually that in Windows the the position of the physical mouse does not match where the mouse is positioned within Windows.
There is an easy command to pass to qemu-kvm or qemu-system (whatever you call your binary):
-usbdevice tablet
The above flag will fix your mouse pointing problems whether you are running Windows 95, 98, NT, XP 2000, 2003, Vista, 7, 8 10 or Server 2000, 2003, 2008, 2012, 2016 or 2........
Are you tired of coming back to your computer only to find your SSH connections have been broken? Even worse are the ones that hang where it appears to be connected but it is really not.
The one option you have is an SSHclient side modification to send KeepAlive packets, sometimes this can also keep up your WiFi connection and stop it from disconnecting you as well.
To make the keep alive changes for your just yourself (not system wide)........
gsmartcontrol is a free tool that let's you see the status of the SMART parameters so you can check things like temperature, reallocated sectors, bad sectors etc.. to give you a better idea of your drive health.
Download it here.
gsmartcontrol is a very useful tool in Windows to check your HDD / Hard Drive health status.
In my experience you should NEVER trust that everything is OK just because SMAR........
This is usually because of STP causing a delay in the negotiation.
Edit your ifcfg script eg:
/etc/sysconfig/network-scripts/ifcfg-eth0
Add a LINKDELAY of 30 seconds or whatever works for you:
LINKDELAY=30
After that you should have an IP during bootup.........
The net-tools command brings back all of the oldschool tools that we're used to:
/bin/netstat
/sbin/ifconfig
/sbin/ipmaddr
/sbin/iptunnel
/sbin/mii-tool
/sbin/nameif
/sbin/plipconfig
/sbin/rarp........
Perhaps you've just seen this in the bash prompt:
-bash-4.1#
Instead of the expected user@hostname#
It is probably because you are missing .bash_profile or .bashrc in your home directory
Check for yourself:
ls -al ~/|grep -E ".bash_profile|.bashrc"
-rw-r--r--. 1 root root&nbs........
For some reason, perhaps you don't want to run a daemon or let Letsencrypt have access to your production server.
There is a way to use it like a normal CSR/CA setup in manual mode.
./letsencrypt-auto certonly --manual -d realtechtalk.com - www.realtechtalk.com
Eventually you will get prompted to create a certain path and file with certain data:
Create a file containing just this data:
Casdfasfadsfsad........
By default telnet is not enabled or installed on the latest Windows servers so you'll get an error saying:
telnet is not recognized as an internal or external command
dism /online /Enable-Feature /FeatureName:TelnetClient
........
The key thing here is to know the actual partition that is encrypted.
Often in Linux Mint's installer that ends up being partition 5 or /dev/sda5
sudo cryptsetup luksOpen /dev/sda5 anynamehere
You will then be prompted for your irrecoverable passphrase:
Enter passphrase for /dev/sda5:
If all goes well it won't say anything further. If it says ""No key available with this passphr........
This is not about systemd/systemctl and not about "onboot" so there's no rc.local trick here but it's the GUI/Gnome etc when a user logs in that a command is launched.
Put this in your home dir
The .config/autostart directory is where Linux Mint/Ubuntu checks for autostart application config files
mkdir -p ~/.config/autostart
Create a new entry/file that starts an application........
If you see this in /etc/sudoers it is NOT a comment but an include.
#includedir /etc/sudoers.d
For example in Linux mint sudoers.d contains the following files:
casper mintupdate README
casper for example contains the following sudoers line:
mint ALL=(ALL) NOPASSWD: ALL
So if you are messing ar........
Do you hate how Centos 7 defaults to allocating most of your valuable space to /home even though it is a production server?
Here is a quick guide on how to take back that space live, while online (of course make sure you have backups just in case something goes wrong!):
First we will reduce our home dir by 100G:
lvreduce -L -100G /dev/mapper/centos-home
WARNING: Reducing active and open logical volume to ........
debug1: Local connections to LOCALHOST:18006 forwarded to remote address 192.168.1.93:8006
debug1: Local forwarding listening on 127.0.0.1 port 18006.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on ::1 port 18006.
bind: Cannot assign requested address
What we are seeing is that we can't listen on an IPV6 address of ::1. We need to tell SSH to stop using IPV6 so we'll edit ssh_config to take care of this issue........
The defaults in Windows 2016 server leave clients crippled so they can't even download basic files or software. But Group Policy Management Editor comes to our rescue!
Use cmd or Powershell and run:
gpme.msc
Choose your domain/computer and then navigate like below and create a new menu entry for IE11 or whatever your version is. Don't be worried if the highest version is IE10 it means that it applies to IE10 AND above.........
In Debian a lot of times SSH disables the root user to login by password by default. This means you will get an authentication failure as if you typed in the wrong password.
The logs also indicate the password is wrong but what is often the case is in the config file
Check /etc/ssh/sshd_config
cat /etc/ssh/sshd_config|grep -i permitrootlogin
Make sure it says:
PermitRootLogin yes
If not change it and restart SSH........
This should apply to most Linux distributions just incase you get into trouble or wipe out the defaults by accident.
/etc/iproute2/rt_tables
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep........
Just find the relevant file in /etc/NetworkManager/system-connections
sudo vi /etc/NetworkManager/system-connections/Wired connection 1
[802-3-ethernet]
duplex=full
mac-address=00:00:00:FE:FE:FE
[connection]
id=Wired connection 1
type=802-3-ethernet
timestamp=1532403341
[ipv6]
method=ignore
[ipv4]
method=manual........
Set this in /etc/sysctl.conf
net.ipv6.conf.all.disable_ipv6 = 1
#apply the settings
sudo sysctl -p
........
First we need to create dhclient.conf if it doesn't exist or edit it:
vi /etc/dhclient/dhclient.conf
#add this line at the top add the IPs as commas they will be the highest priority nameservers and whatever your ISP gives you will be used after these one (good for DNS backup)
prepend domain-name-servers 127.0.0.1,10.10.25.8;
After you restart your network or run dhclient again you should see the contents of........
First you need the "iptables-persistent" package. This gives you an init script that loads your settings from /etc/iptables/rules.v4 and rules.v6
When you install it, it wll save your default setings in /etc/iptables.
sudo apt-get install iptables-persistent
Remember that the rules are stored here:
For IPV4: /etc/iptables/rules.v4
For IPV6: /etc/iptables/r........
#to show all
VBoxManage list vms
#show ONLY running vms
VBoxManage list runningvms
VBoxManage storageattach test --storagectl "SATA" --port 0 --device 0 --type hdd --medium iscsi --server 192.168.1.91 --target "iqn.2018-12.local.abcrandom.target:sdb" --initiator "iqn.1982-01.ca.bla.tld:abc123" --t........
initiator = client
target = server
These are the first concepts you should understand which is that in iscsi essentially the "initiator" is the client and the "target" is the server.
iSCSI is derived from the old fashioned SCSI that us oldtimers grew to love. The "i" stands for Internet and the SCSI stands for "Small Computers Systems Interface" (SCSI).
iSCSI Target (Server)Setup
targetcli is the pac........
httpd
AH00534: httpd: Configuration error: No MPM loaded.
Simple Solution (assuming you don't have this line in httpd.conf aleady:
echo "Include conf.modules.d/*.conf" >> /etc/httpd/conf/httpd.conf
........
confmodules=`cat /etc/httpd/conf/httpd.conf |grep -v ^#|grep "modules/"|awk '{print $3}'|cut -d "/" -f 2`
for module in $confmodules; do
echo "module=$module"
if [ ! -f /etc/httpd/modules/$module ]; then
linenum=`awk /"$module/{ print NR; exit}" /etc/httpd/conf/httpd.conf`
sed -i "$linenum"s/.*// /etc/httpd/conf/httpd.conf
&n........
function centos7 {
release=`cat /etc/redhat-release|awk '{print $4}'|grep ^[7]`
if [ "$release" != "" ]; then
centos7='yes'
fi
}
centos7
echo "$centos7"
We create a function called "centos7" and then call it by just typing "centos7"
We then access a variable that may be set........
Cisco's CUCM (Cisco Unified Communication Manager) is a system that combines voice, video, data and mobile products into a single unified management suite. At its core, the CUCMis like a "Super PBX" that controls the flow of all communications through an organization even single or multiple site deployments.
Cisco's CUCMmakes communication more effective and simple through centralized management and unification of communications resources.........
systemd is like the service manager for your Centos and other modern Linux distributions (including Debian/Mint/Ubuntu) allows you to enable services, stop them, restart them, check their status and even reboot your system.
The key commands or arguments you will use with systemctl are the following:
Unit Commands:
list-units [PATTERN...] List loaded units
&nbs........
You can do other things but this particular script is just to set all AMD cards to 80% fan speed (remember this script needs to applied everytime you reboot). You could set it is a cron or just throw it into /etc/rc.local
basepath=/sys/class/drm
for hwmon in `ls -1 /sys/class/drm|grep card[0-99]$`; do
echo card=$hwmon;
hwmonname=`ls $basepath/$hwmon/device/hwmon|grep hwmon[0-99]`
hwmonpath=$basepath/$hwmon/device/hwmon/$hwmonname
echo "ec........
#Linux Mint 18.2 how to install gajim .16.9 so you can use OMEMO encryption:
sudo apt-get install python-axolotl python-nbxmpp
wget https://gajim.org/downloads/0.16/gajim-0.16.9.tar.gz
tar -zxvf gajim-0.16.9.tar.gz
cd gajim-0.16.9
./autogen.sh ;make;sudo make install
#if you get this error you need to get a newer python-nbxmpp from here:
gajim
Gajim needs python-nbxmpp >= 0.6.1 to run. Quiting...........
sudo apt-get install hwloc-nox
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
hwloc-nox
0 upgraded, 1 newly installed, 0 to remove and 530 not upgraded.
Need to get 151 kB of archives.
After this operation, 453 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubunt........
Your database uses Antelope as the file format. Full UTF-8 support in MySQL and MariaDB requires the Barracuda file format. Please switch to the Barracuda file format. See the documentation MySQL full unicode support for details.
In /etc/my.cnf under [mysqld]
180827 21:43:14 InnoDB: 5.5.59 started; log sequence number 1589339
180827 21:43:14 [ERROR] /usr/libexec/mysqld: unknown variable 'db_file_format=Ba........
How to check if nested KVM is enabled by doing a cat on nested inside sys
Nested KVM is mainly important for testing for example if you wanted to install VMWare or Proxmox Nodes in a virtual environment for testing. Without nesting, the performance will be extremely slow, since the VMs within the nodes will not be using Virtualization extensions.
I've used wildcard on kvm_ because it could be kvm_intel or kvm_amd depending on whether y........
Usually this is because when you created your user you added a user but didn't create their home directory and/or for some reason your .bashrc and .bash_profile in ~ (home) is broken/missing.
In your home just create the following files with the following content to solve it:
.bashrc and .bash_profile.
To apply it just relogin/start a new bash session
# .bash_profile
# Get the aliases and funct........
You can find many ways to specify the VLANin your network configuration but Ifind this is the simplest and quickest.
In this case we are talking about a bridged adapter "vmbr0" but it works even if you just had a normal non-bridged interface.
The key here is that in vmbr0 you'll notice there is no IP address. We just specify "manual".
Below it is a similar stanza for "vmbr0.58" in this case 58 represents the VLAN (change........
Almost always the reason will be that the php.so file is missing but also that php.conf is misconfigured.
In the problem machine it is actually PHP7 installed so if you reference PHP5 of course things wil be broken!
Take for example here:
cat /etc/httpd/conf.d/php.conf
#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamica........
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/geoip.so' - /usr/lib64/php/modules/geoip.so: undefined symbol: GeoIP_country_code_by_name_v6 in Unknown on line 0
Solution:
Edit geoip.ini
vi /etc/php.d/geoip.ini
Comment out the .so like so:
;extension=geoip.so
service httpd restart........
Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/httpd/modules/libphp5.so: cannot open shared object file: No such file or directory
This is basically caused by the PHPmodule specified in php.conf being non existent. The error tells us it couldn't fnd /etc/httpd/modules/libphp5.so........
The solution is just to install libmicrohttpd-dev
./xmr-stak
./xmr-stak: error while loading shared libraries: libmicrohttpd.so.10: cannot open shared object file: No such file or directory
libmicrohttpd
libmicrohttpd10 - library embedding HTTP server functionality
libmicrohttpd-dbg - library embedding HTTP server functionality (debug)
libmicrohttpd-dev - library embedding HTTP server functionality (development)
$ sudo apt-get i........
sudo apt-get install libcurl4-openssl-dev git build-essential autotools-dev autoconf libcurl3
sudo apt-get install libcurl4-gnutls-dev
git clone https://github.com/wolf9466/cpuminer-multi
sudo apt-get install cmake libpthread-* libmicrohttpd-dev libssl-dev libhwloc-dev
git clone https://github.com/fireice-uk/xmr-stak-cpu.git
make install
cd bin
chmod +x xmr-stak-cpu
./xmr-stak -O xmr........
https://yarnpkg.com/lang/en/docs/install/#centos-stable
curl --silent --location https://dl.yarnpkg.com/rpm/yarn.repo | tee /etc/yum.repos.d/yarn.repo
If you need node.js:
curl --silent --location https://rpm.nodesource.com/setup_6.x | bash - yum install nodejs yarn........
Server Side Config
1.) First install nfs-utils
yum -y install nfs-utils
2.) Configure nfs share
Create a directory for your NFS share
mkdir /datastore
Create your NFS share in /etc/exports
echo "/datastore 10.220.101.0/24(rw,sync,no_root_squash)" >> /etc/exports
systemctl restart nfs........
Ialready have the caja-image-converter option installed but it shows nothing.
Weirdly enough if you install nemo and nautilus converter it does show and work inside caja:
The solution is to install *-image-converter
sudo apt-get install *-image-converter
Reading package lists... Done
Building dependency tree
Reading state information... Done
Note, selecting 'n........
Ithought I'd post this becuase there is some bad information out there. Some guides tell you to edit /etc/postfix/master.cf (-o smtp_bind_address=) but this doesn't work. The same guide also says if you don't change it there you end up changing the listening IP/bind interface which is also not true.
Here is a simple and effective way to change Postfix's sending/binding/outgoing IP address (very important for reverse DNS and so mail servers don't block you)........
I've read a few guides about this but they didn't work for me.
sudo apt-get install bridge-utils
#don't think the above is enough it won't work still even though you have by default an /etc/qemu-ifup that handles it if you have the right tools and setup
sudo qemu-system-x86_64 -net tap -net nic -enable-kvm -cpu host,vmx=on ~/VirtualBox VMs/vsphere-vcenter/vsphere-vcenter.vdi
W: /etc/qemu-ifup: no bridge for guest interface foun........
sudo apt-get install nfs-kernel-server #oops there are no exports so it won't startsudo /etc/init.d/nfs-kernel-server start* Not starting NFS kernel daemon: no exports.
#we will use the /tmp/nfstestshare directory for our NFS share
mkdir /tmp/nfstestshare
#add it to /etc/exports (basically what NFS checks to determine what to make an NFS share)
/tmp/nfstestshare 192.168.1.5(rw,sync,........
I had this error in an unsupported CPUon VMWare 6.7 and apparently this sometimes works especially on older VMWare versions like 6.5 5.5 etc (but in my case it did not).
To make sure it proceed when you see "Loading VMWare"
Hit "Shift+O"
Then add "ignoreHeadless=TRUE"
See an example below:........
#mount the VCSA DVD
mount /dev/sr0 /mnt/cd
#alternatively you could mount the iso directly
mount -o loop vcsa.iso /your/mount/path
#for this purpose we are using the CLI installer on Linux
cd /mnt/cd/vcsa-cli-installer/lin64
#no it's not going to be that easy you can't just run vcsa-deploy like that you need to use a template or configured .json file
./vcsa-deploy
Usage: vcsa-deploy [-h] [--version] [--supported-deploymen........
The reason for this article is because a lot of us don't physically see our hard drives they are often remote in a datacenter etc and the actual serial number we see in SMART is not enough to check for some manufacturers.
A good example is our first one the Toshiba
=== START OF INFORMATION SECTION ===
Device Model: TOSHIBA DT01ACA200
Serial Number: 33FMDW4AS........
First of all download the raw .so file from zend:
Copy the one relevant to your PHPversion to /usr/lib64/php/modules/
eg.:cp ioncube_loader_lin_5.3.so /usr/lib64/php/modules/
Then in your /etc/php.d/ directory create the file:
vi /etc/php.d/zend.ini
zend_extension = /usr/lib64/php/modules/ioncube_loader_lin_5.3.so
After that restart apache/httpd and you'll be good to go!........
This is most likely to happen on a normal GUI system like Ubuntu or Linux Mint. If you or the user is meant to have sudo / root privileges it is as simple as editing the following files:
Now assume your username is "iamtheuser"
vi /etc/group
adm:x:4:syslog,iamtheuser
sudo:x:27:anotheruser,iamtheuser
Find the above lines and add a comma and "ia........
Jul 3 22:12:17mailserver postfix/smtpd[6195]: fatal: no SASL authentication mechanisms
Jul 3 22:12:18mailserver postfix/master[4881]: warning: process /usr/libexec/postfix/smtpd pid 6195 exit status 1
Jul 3 22:12:18mailserver postfix/master[4881]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
This only ever happens in my experience when the authentication method is actually Dovecot. Usually the problem........
A simple way that may work for a lot of people who just need basic output for their scripts or daemons to announce an action is this:
echo "body or message" | mail -s "realtechtalk.com" user@domain.com
If you want to send a text file as the body just do this instead:
mail -s "realtechtalk.com" user@domain.com < /tmp/sometxtfile.txt
These are some ve........
Sometimes if you have a very basic configuration OpenVPN on the client side for some reason sends all traffic to the OpenVPN server IP through the tun0 which is of course impossible and creates a block or routing loop.
This is because you need to use your normal ISP/LANgateway to hit the OpenVPN server if it is remote/offsite as is usually the case. So if you are connected to the OpenVPN through say a tun0 device and your routing is set to connect to the OpenVPN&nbs........
This is not the normal "black screen"issue and I was shocked to eventually find out why. The normal advice of reconfiguring Xorg didn't work. Even booting into "Recovery Mode" did not help.
Here is the short end of the stick that fixed it:
sudo apt-get install mdm mate-desktop-environment
Yes you got it right, mdm and the mate-desktop-environment / gnome were somehow uninstalled. This must be whe........
It looks like this has something to do with APIC but I am not sure. I have similar CPUs with a different MB and BIOS that work fine on the same type of kernel. A lot of time the issue is because of the C-step setting in the BIOS.
The same thing happened on the 2.6 kernel with Centos 6 but this is a homebrew 4.4 kernel soI am not sure why it is happening when even Centos 7 (3.2) kernel works OK.
Solution - It comes down to the BIOS set........
It is well known hackers, the NSA, CIA and other groups have created malware to secretly turn on your webcam and microphone on your phone, tv etc.. But fortunately on our computers and laptops we have some options.
Most webcams use the "uvcvideo" kernel module / driver. You can disable this in two ways on boot. I recommend both just as a failsafe.
Disable it on rc.local once your system boots automatically
Add the followi........
sudo chmod 000 /etc/cron.daily/apt-compat
This is the easiest way to disable the cron without anything more invasive like deleting the file.
After that you won't have anymore apt-get's starting.
This can be critical for systems without much extra RAMthat is not in use. I've seen systems that have swapped and crashed over apt-get.........
One simple way to keep your server public but almost impossible to hack via SSHis to disable password authentication over SSH. This means the only way in is via your own private key that only you should have.
Edit your /etc/ssh/sshd.conf file
Set this option
PasswordAuthentication no
Restart your SSH server.
service sshd restart
........
So I have a domain "testdomain.com".
Inside test domain.com's root is the following .htaccess:
Options +FollowSymLinks -Indexes
ErrorDocument 403 /launch/index.html
Order Deny,Allow
Deny From All
Allow From 192.168.1.2
When you visit anything other than root things work fine. Eg. if you visit http://testdomain.com/somedirfile.html
It will show the right error in /launch/........
It has been a big pain for a long-time to install Windows from a Linux environment. I used to run a windows install server and it never worked right for some reason (the install would fail on most servers).
Before getting start be sure to setup your samba share so once you boot into WinPE you can mount the install for whatever Windows you want
/etc/samba/smb.conf
[smbwinstall]
path = /tftpboot/images/winstall
guest ok = yes........
sudo: unable to resolve host yourhostname
No clue why sudo is doing that when running.
Solution
Check /etc/hosts
You will probably find that it doesn't contain "yourhostname" for 127.0.0.1
Just update the hostname or add a field for your hostname like this:
127.0.0.1 yourhostname
........
I modified this code after quickly learning how Wordpress plugins actually work, how they're called etc.. was the first trick to modifying the code to add tags.
Add this code after line 570 in wp-content/plugins/wp-instagram-post/classes/class-woo-igp.php
&nb........
Getting this error on Centos 6 with PHP 5.3 when just running "php -v"
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/module.so' - /usr/lib64/php/modules/module.so: cannot open shared object file: No such file or directory in Unknown on line 0
PHP Warning: Cannot load module 'XCache' because conflicting module 'apc' is already loaded in Unknown on line 0
Solution:........
It takes some tinkering the main thing is that the "-dmS" flag allows screen to start without a session which of course sudo won't have.
solution:
/usr/bin/sudo -u user /usr/bin/screen -dmS nameyouchoose /script/start.bash
this doesn't work at all:
/usr/bin/sudo -u user "/usr/bin/screen /script/s........
The easiest way is to use SSHand DD or a combination of netcat. SSHwill be a little slower due to encryption but is the most secure way (on two older systems the average clone speed is about 40-50MB/s). This is also OS independent as it doesn't matter what the source OS is because you are literallly cloning the drive so you retain the partition table and settings.
Clone HDD using SSH and DD........
Centos 6 requires GLIBC 2.12 however a lot of new programs you would want to compile may need a newer glibc. You can't remove the old glibc since the whole OS is based on it but you can install the updated glibc alongside it and do an export pointing to your updated GLIBC.
mkdir ~/glibc_install; cd ~/glibc_install
wget http://ftp.gnu.org/gnu/glibc/glibc-2.14.tar.gz........
Stopping httpd: [ OK ]
Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/h........
The Linux Kernel interpretated a very high volume of real traffic as a DDOS attack so it basically ends up blocking your web server.
possible SYN flooding on ctid 42131, port 80. Sending cookies.
Simple fix edit sysctl values for max_syn_backlog
sysctl -w net.ipv4.tcp_max_syn_backlog=5000
To make them permanent edit /etc/sysctl.conf
echo "net.ipv4.tcp_........
yum -y install samba
vi /etc/samba/smb.conf
https://www.kernel.org/pub/linux/utils/boot/syslinux/syslinux-6.03.zip
mkdir syslinux;cd syslinux;unzip syslinux-6.03.zip
mkdir -p /tftpboot/libs/
cp bios/com32/modules/linux.c32 /tftpboot/libs/
cp bios/com32/libutil/libutil.c32 /tftpboot/libs/
cp bios/com32/lib/libcom32.c32 /tftpboot/libs/
#add lib path
echo "PATH libs" >> /tftpboot/pxeli........
Normally lspci will show you just like this and would suggest they are exactly the same card:
1a:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Ellesmere [Radeon RX 470/480/570/580] (rev e7)
1c:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Ellesmere [Radeon RX 470/480/570/580] (rev e7)
lspci -vnn is the answer
As we can see one is a Gigabyte and the other is an MSI card. Wha........
This is important as unfortunately Centos may designate a package obsolete and the replacement breaks everything (eg. you have a config file and the new replacement is not at all compatible with it and it breaks your application).
This is where disabling obsoletes comes into play, it can be done from yum but it doesn't work at the time I find.
yum --setopt=obsoletes=0 install someapp However Ifind it still installs the new app and not the one you ask for........
I'm having trouble making it work on very shaky video the result seems kind of warped/blurry/fish eye like and not as good as some other examples I've seen:
ffmpeg -i MVI_1285.MOV -vf vidstabdetect=shakiness=10:accuracy=15 -f null MVI_1285.trf
ffmpeg -i MVI_1285.MOV -vf vidstabtransform=smoothing=30:input="transforms.trf" MVI_1285.MOV.mp4
I've played around with the shakiness, accuracy etc.. but not the smoothing part.........
I am not sure why this happened I think it's because the file was in use by another duplicate process or script.
userdel user
userdel: cannot lock /etc/passwd; try again later.
........
This through me for a loop when I would do a cp -rf or mv -f nothing would get overwritten even if piping y or yes to the command.
Type alias and you'll see why:
alias cp='cp -i'
alias l.='ls -d .* --color=auto'
alias ll='ls -l --color=auto'
alias ls='ls --color=auto'
alias mv='mv -i'
alias rm='rm -i'
The -i is a safeguard against messing things up but however does mess things up worse when you know what........
mysqldump or mysql query of a larger file/table
ERROR 2006 (HY000) at line 567: MySQL server has gone away
Add this to /etc/my.cnf
max_allowed_packet=64M
service mysqld restart........
The code may lead you to believe you have an incompatible template but if you are not trying to use an old template currently that is not the issue. I actually deleted all 3.x style templates to make sure.
What the issue is, is old plugins that are not compatible but Vbulletin does not seem to account for this except that you'll see a fatal PHPerror. You should disable all plugins and then enable one by one until you find the one that is causing the issue.
&........
sudo mount -a
Unable to find suitable address.
[35758.706993] CIFS VFS: Error connecting to socket. Aborting operation.
[35758.707247] CIFS VFS: cifs_mount failed w/return code = -111
[35795.476160] CIFS VFS: Error connecting to socket. Aborting operation.
[35795.476346] CIFS VFS: cifs_mount failed w/return code = -111
When the above happens "Unable eto find suitable address" it usually means the smb nam........
Centos 5 is not supported running yum will produce an error like this:
YumRepo Error: All mirror URLs are not using ftp, http[s] or file.
Eg. Invalid release/
removing mirrorlist with no valid mirrors: /var/cache/yum/base/mirrorlist.txt
Error: Cannot find a valid baseurl for repo: base
Solution - Update this file CentOS-Base.repo
# CentOS-Base.repo........
Just a note before you do this you should have a sure, guaranteed way into the system such as local, KVMor preferably publickey making bruteforce SSH absolutely impossible since there is no password to bruteforce and even if someone knew the password they wouldn't be able to login except from the local console (presumably you should make sure no one unauthorized has physical access).
1. Edit /etc/ssh/sshd_config
Find the section like this:........
A great way when moving your equipment to a new location, new router/switch etc to help confirm what MAC has what IP:
for ip in `arp -na|awk '{print $2}'|sed s/(//g|sed s/)//g`; do
echo ping $ip
ping -c 1 -w 1 $ip > /dev/null
if [ "$?" == 0 ]; then
echo "$ip UP"
fi
done........
This container won't start after exhausting its memory. There are no relevant or helpful messages in dmesg or vzctl.log as well. Standard troubleshooting such as disabling PPP etc has not helped.
2017-07-06T23:33:29-0400 vzctl : CT 888171 : Locked by: pid 166029, cmdline vzctl start 888171
2017-07-06T23:33:29-0400 vzctl : CT 888171 : Container already locked
2017-07-06T23:33:29-0400 vzctl : CT 888171 : Container was stopped
2017-07........
Some guides still use the old Centos 6 style (do not use /etc/sysconfig/network).
In Centos 7 the file is /etc/hostname
echo "HOSTNAME=yourhostname.com" > /etc/hostname........
Done on Centos 7.3 very important as clearly based on older guides it was a lot easier and more simpler! Hint do not use grub2-install!
If you have trouble booting after this check this CentOS mdadm RAID booting/fixing guide.
One huge caveat if you are an oldschool user or sysadmin who has avoided UEFIbooting
The nor........
This is a 8TB Seagate external USB 3.0 device apparently newer kernels use a module called "UAS" instead of "USB Storage" which causes issues as a lot of devices are not properly supported in UAS mode by the kernel driver. The solution some say is to disable UAS specifically for your USB device but I'd rather just disable UAS altogether.
Solution blacklist UAS: *do not do this it does not work and just causes your USB 3.0........
I am using a GTX 1060 but replace the download for the driver with the correct/current version for your particular card by visiting: http://www.nvidia.com/Download/index.aspx?lang=en-us
yum install automake curl openssl-devel libcurl-devel gcc gcc-c++
yum -y install kernel-devel-`uname -r`
yum -y install unzip
#the........
This is a common issue, what if a issue shouldn't have root but you want to use that user to make a full backup of a system? They of course need root access.
You can actually just give them passwordless sudo access to rsync in /etc/sudoers:
sudo vi /etc/sudoers
yourusername ALL = NOPASSWD: /usr/bin/rsync
Here is how you would execute rsync:
The key thing for the remote host is to........
sudo mkdir -p /etc/X11/xorg.conf.d/
sudo vi /etc/X11/xorg.conf.d/20-intel.conf
On newer Ubuntu / Mint / Debian systems the file would go in: /usr/share/X11/xorg.conf.d/20-intel.conf
Type "i" and enter the following:
Section "Device"
Identifier "Intel Graphics"
Driver&n........
I was sure this was a Centos bug with OpenSSL, Apache, MySQL or even PHP. I tried everything but nothing helped. One clue is that if you check the Apache logs you will see nothing in the access logs until minutes later (this means Firefox has not even passed your request to the remote Apache/htttpd server).
When even accepting the invalid certificate message that would show up minutes later when trying to "View the Certificate" Firefox would freeze. This bu........
*Update so this doesn't work it must be something to do with the path of nfs or something else but the installer fails with "Installer crashed" at the end whereas with the CD/USB it works.
This assumes you've already installed and configured a separate PXE/DHCP server somewhere else and your /tftpboot directory is setup.
This is for Linux Mint 18.1 but generally applies to most versions although you may have tro change things like "casper"........
Just type the following in the bash/terminal shell to enable the blue LED light on the Coolermaster CM Storm keyboard:
xset led 3
To make it automatic and permanent execute the following as root:
echo "xset led 3" >> /etc/rc.local
This is a fairly nice gaming keyboard whichI bought because I type very quickly and the cheap standard keyboards simply can't keep up!........
This happens on any file an even just typing "vi"whereas it never happened before. I suspect an update or environment variable is causing this issue
When entering vi I get this weird stuff
line 58:
E488: Trailing characters: t_Sbet
line 63:
E171: Missing :endif
When exiting vi I get this weird stuff
t_Sb=^[[4%?%p1%{1}%=%t........
Very useful in embedded and other non-standard deployments. The above makes a random salt of 14 random characters from /dev/urandom (you can change the -14 to whatever number of characters you want for your salt).
openssl passwd -1 -salt `< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-14};echo;` YourPassword
Output:
$1$eW-ScuyL$f/iKMJ5mbJ..7bSzvX6EO0
How To Create Password Has........
Centos 7 is no cakewalk, there are many fundamental features and basic utilities that are missing or even completely renamed or different!
Another shocking thing is to check your NIC it is set by default to not turn on when booting!
And by the way there is no more standard eth0 the NIC convention is now "enp0s3"
vi /etc/sysconfig/network-scripts/ifcfg-enp0s3........
Normally an ls will just produce the actual contents of the current or target directory eg.
ls mydir
myfile1
myfile2
myfile3
But what if you need to find the full or relative path to another program that cares whether that be zip or etc.?
You need the "-d" switch and the asterisk inside the actual directory.
ls -d mydir/*
mydir/myfil........
This is especially helpful if you run your own servers. If you are presented with an error message or warning that the signature has changed or does not match the IP/domain you are connecting to you always want to verify manually.
So your e-mail/web client will show you an SHA-1 fingerprint like this:
"Could not verify this certificate because the issuer is unkown" or other reasons such as a mismatch in IP/domain.
It will also show you........
1.) Replicate the number of partitions in your new drives.
gdisk /dev/sda
gdisk /dev/sdb
I created 3 partitions of the same same size.
partition #1: +1G (/boot)
partition #2: +60G (swap)
partition #3: rest of it (/)
#note if you are using GPT/gdisk you need to create separate a partition at least 1MB in size (in my case I would a 4th partition and mark it type ef02).........
mdadm won't boot in Ubuntu/Mint/Debian anymore.
You just get the following in a loop:
mdadm: CREATE group disk not found
Incrementally started RAID arrays.
Incrementally starting RAID arrays...
mdadm: CREATE group disk not found
Incrementally started RAID arrays.
Incrementally starting RAID arrays...
mdadm: CREATE group disk not found
Incrementally started RAID arrays.
Incrementally starting RAID arrays...
mdadm: CREATE group dis........
Add this to the .htaccess file
#right/working:
AddType application/x-httpd-php .html .htm
#wrong (won't work in many cases):
AddHandler application/x-httpd-php5 .html .htm........
Get the python "warc extractor" from here. WARC just seems to be such an unnecessary and complicated format. Why not use tar, rar, zip etc...?
./warc-extractor.py -dump content !http:content-type:pdf yourfile.warc........
Cannot even "Browse Network" when clicking on "Windows Network"
Unable to mount location
Failed to retrieve share list from server: No such file or directory
logs:
[2017/02/14 00:16:44.271314, 0] ../source3/nmbd/nmbd.c:58(terminate)
Got SIGTERM: going down...
[2017/02/13 17:35:41.797944, 0] ../lib/util/become_daemon.c:124(daemon_ready)
&........
[Thu Jan 26 14:13:31 2017] [notice] caught SIGTERM, shutting down
[Thu Jan 26 14:14:00 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jan 26 14:14:00 2017] [error] Server certificate is expired: 'Server-Cert'
[Thu Jan 26 14:14:00 2017] [notice] SSL FIPS mode disabled
[Thu Jan 26 14:14:07 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jan 26 14:14:07 2017] [error] Server certificate is expired: 'Server-Ce........
Many users still are not aware but simply patching OpenSSL does not secure you against many known and easy to exploit attacks that will render your encryption useless by an attacker.
Use the following setings in /etc/httpd/conf.d/ssl.conf
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !CAMELLIA !SEED !3DES !RC4 !aNULL !eNULL !LOW !MD5 !EXP !PSK !........
Disclaimer, before starting this I do not like ioncube, it is great to protect your source code, but a big pain to setup this extension since it has to be done manually. Further, fi you do a PHPupdate ioncube may no longer work, causing important sites or services to not work (I wish authors would take another approach).
1.) Download from here:https://www.ioncube.com/loaders.php
2.) Extract the contents and co........
PHP Fatal error: PHP Startup: apc_shm_create: shmget(0, 67108864, 914) failed: Invalid argument. It is possible that the chosen SHM segment size is higher than the operation system allows. Linux has usually a default limit of 32MB per segment. in Unknown on line 0
PHP Fatal error: PHP Startup: apc_shm_attach: shmat failed: in Unknown on line 0
This error is not at all fun because it actually prevents Apache/httpd from starting or working at all. It will........
service named status
rndc: connect failed: 127.0.0.1#953: connection refused
named (pid 10557) is running...
This issue is normally caused by a permissions issue where named doesn't have the permissions to read the rndc.key.
Check /var/log/messages:
Jan 4 17:06:22 storagebox named[10753]: none:0: open: /etc/rndc.key: permission denied
Jan 4 17:06:22 storagebox named[10........
iptables -t nat -A OUTPUT -m addrtype --src-type LOCAL --dst-type LOCAL -p tcp --dport 3306 -j DNAT --to-destination ip.ip.ip.ip
iptables -t nat -A POSTROUTING -m addrtype --src-type LOCAL --dst-type UNICAST -j MASQUERADE
sysctl -w net.ipv4.conf.all.route_localnet=1
Make sure you substitute "ip.ip.ip.ip" for your real public IP and also the "--dport 3306" for the port you want to forward.
Finally run the sysctl command and........
forcedeth 0000:00:08.0: irq 25 for MSI/MSI-X
forcedeth 0000:00:08.0: eth0: MSI enabled
forcedeth 0000:00:08.0: eth0: no link during initialization
ADDRCONF(NETDEV_UP): eth0: link is not ready
forcedeth 0000:00:08.0: eth0: link up
ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
Dec 1 18:21:32 box15 kernel: forcedeth: Reverse Engineered nForce ethernet driver. Version 0.64.
Dec 1 18:21:32 box15 kernel........
md127 issue, it should be /dev/md3 per mdadm.conf
Any time something is mounted as md127 it almost always means there is no entry for this mdadm array in the mdadm.conf in initramfs (which is separate from your actual /etc/mdadm.conf).
cat /etc/mdadm.conf
ARRAY /dev/md3 metadata=1.2 UUID=b6722845:381cc94e:7a2c5b5f:8e3b7c4f
The reason for this is something strange, most Linux OS's bizarrely always keep their own copy of /etc/mdadm.con........
Everytime I've seen this error "/dev/drbd0: State change failed: (-2) Need access to UpToDate data" it is because DRBD has no disk:
cat /proc/drbd
version: 8.3.13 (api:88/proto:86-96)
GIT-hash: 83ca112086600faacab2f157bc5a9324f7bd7f77 build by root@sighted, 2012-10-09 12:47:51
0: cs:Connected ro:Secondary/Secondary ds:Diskless/Inconsistent A r-----
ns:0 nr:0 dw:0 dr:0 al........
Now many people report this card simply not working in various Linux distros and kernels. My issue is different, it always works at 100mbit (eg. plugged into a 100mbit switch) but no matter what 1000M/gigabit switch I would try, it would never work.
The link would be up (the lights were on) and the OS detected the link as being up as well but it wouldn't work at all and could not pass data in or out (not even a ack/ping).
There is one simple solution and command........
Your cPanel may not work if you enter your non-main IP when setting it up. The way to fix it is to go back to the setup screen by removing the following file:
rm /etc/.whostgrft........
We've all done this at some point, you work on the wrong shell window and this was my first time making this mistake but I deleted a partition table in fdisk, recreated it and saved it with "wq" and even ran partprobe! If you haven't rebooted yet then you can still recover your partition table, otherwise you're in big trouble.
Fortunately since it was a live system and in use the kernel still had to use the old table like below:........
migrating from an old OpenVZ (Centos 5) to new OpenVZ (Centos 6)
Also if migrating from 32-bit HN to 64-bit your RAM will probably be much bigger than it should be!
16x bigger
eg. 32bit HN:
total used free shared buffers cached
Mem:&nb........
I still cannot understand how this would not be enabled by default and I struggled to find the reason why with manually installing samba etc.. wondering why the option for sharing was not in the menu.
On Linux Mint "MATE" the package is called "caja-share" and on Cinnamon it is called "nemo-share" so edit the below command as necessary:
*Also note that the "samba" package is necessary as it is not inst........
rm /vz/lock/1200.lck
rm: remove regular file `/vz/lock/1200.lck'? y
vzctl start 1200
Container already locked
vzctl start 1200
Starting container ...
vzquota : (error) can't lock quota file, some quota operations are performing for id 1200
vzquota on failed [7]
vzquota off 1200
vzctl start 1200
vzquota on 1200
root@rttbox ~]# vzquota off 1200
vzquota : (........
It is as simple as the command below, it will then update your mdadm.conf or create it in /etc/mdadm.conf
mdadm --detail --brief --scan > /etc/mdadm.conf
........
sed gets to be a pain and a real mess and is hard to read and understand when you have to escape things like / etc.
Idid not realize until recently that you don't need to use / as a separator, you can use virtually any non letter or number character.
Eg we have used # as the separator to avoid having to escape the forward slashes and in this way the command is plain, easy to understand, edit and saves time/hassle without the need for escaping.
sed -i s#http........
There was only one solution here and it was the following:
edit /etc/httpd/conf/httpd.conf
Comment the lines for the Mime Magic Module:
# MIMEMagicFile /usr/share/magic.mime
# MIMEMagicFile conf/magic
*Don't forget to restart Apache and clear your browser cache twice
I was using DefaultType and ForceType a........
When you start uploading larger images in Wordpress you have to make sure your maximum attachment size is large enough and that the execution time is not too short:
Uploading
Error
HTTP error.
[Thu May 12 16:32:25 2016] [error] [client 10.10.5.2] PHP Fatal error: Maximum execution time of 30 seconds exceeded in /httpdocs/blog/wp-includes/class-wp-image-editor-gd.php on line 182
Solution Edit p........
cp -a /your/source/. /your/dest/
-a preserves all file atributes and symlinks
the "." at the end of /source/ includes all hidden files such as .htacess, .bash_history, .ssh etc..
The / in /dest/ makes sure the contents go into it instead of replacing /dest itself (eg. if you did not have the / at the end).........
Stopping httpd: [FAILED]
Starting httpd: httpd: Syntax error on line 73 of /etc/httpd/conf/httpd.conf: Cannot load /etc/httpd/modules/mod_file_cache.so into server: /etc/httpd/modules/mod_file_cache.so: cannot open shared obje........
At first my BIOS said the card may not work right because there is no more option ROM space.
I disabled the Option ROM for both LSI 1068 and 2008 chipsets, Network Boot ROM and most other PCI slots, Serial Port, etc... and the message went away but the card still does not work properly.
But it still cannot initialize the card properly(does not work):
[ 33.943272] NVRM: This PCI I/O region assigned to your NVIDIA device is invalid:........
service iptables start
iptables: Applying firewall rules: iptables-restore: line 40 failed
[FAILED]........
According to this and my own experience it is the case that you have started something running in the foreground or a server that does not terminate with a normal rc.d script. The server will reboot once you kill whatever command or process that is.........
Iwill start by saying I think I know what caused this boot-time error on Linux Mint but should also apply to Debian and Ubuntu.
I changed my BIOS time to several hours in the past to match the current time, but this caused Linux to think there were incorrect filesystem times.
The problem is that it seems when you hit this I am not sure what is happening, it doesn't seem to be doing fsck and hangs without prompting the user.
What I have found is that........
The below forces all request to your domain to go to the main non-www root domain.
Updated code:
RewriteCond %{HTTP_HOST} !=domain.com
RewriteRule ^(.*)$ https://newurl.com/subdir/$1 [R=301,L]
If you don't want it to go to a subdirectory:
RewriteCond %{HTTP_HOST} !=domain.com
RewriteRule ^(.*)$ https://newurl.com/$1 [R=301,L]
Bad code:
This code is bad beca........
/var/lib/samba/usershares
But note that it is just simple file sharing if you need directory mask, create mask etc... you still need to edit the smb.conf file to create your share.
Here is an example file:
comment=
usershare_acl=S-1-1-0:R,S-1-22-1-1000:F
guest_ok=y
sharename=BabyPhotos........
apt-get install pptp-linux
echo "yourvpnusername * yourpasspass *" >> /etc/ppp/chap-secrets
vi /etc/ppp/peers/provpnaccounts.com
enter (ignore the lines):
============
pty "pptp server.provpnaccounts.com --nolaunchpppd"
name testuser
#remotename PPTP
require-mppe-128
file /etc/ppp/options.pptp
==========........
Debian/Ubuntu vi keyboard problem, up and down arrows do not work and instead make an A (Up), B (Down), C (Right) or D(Left).
The working solution
(you could also add the set nocompatible to /etc/vim/vimrc to make it system wide-will not be applied until reboot I believe):
echo "set nocompatible" > ~/.vimr........
This is actually very simple and this example assumes your network device is "eth0"
In Centos your network config would be the following: /etc/sysconfig/network-scripts/ifcfg-eth0
Take the same path and just add a "-range0"
So to add a range create the following file: /etc/sysconfig/network-scripts/ifcfg-eth0-range0
IPADDR_START=192.168.1.50
IPADD........
In plain English this happens after you upgrade VBOX and it rebuilds kernel modules based on a newer kernel than you are running (eg. you upgraded your kernel but haven't booted into it).
It is too bad there is not a standard work around that would allow it to realize this and keep old kernel modules and use them if it detects your current kernel is older than the most recently build modules.
===============
RTR3InitEx failed with rc=-1912 (rc=-1912)
The........
It is just the readlink command with the -f switch and it will display the full path, very handy to save time when you want to copy and paste the location of a file or script etc..
readlink -f updatehtaccess.sh
/var/lib/updatehtaccess.sh
........
HTTP error 401
You do not have permission to access this page.
It was actually a bad hosts entry or where your IP was somehow added to /etc/hosts.deny this is what you will see from CPanel........
Here is the scenario you or a client have a remote machine that was installed as a standard/default minimal Centos 6.x machine on a single disk with LVM for whatever reason. Often many people do not know how to install it to a RAID array so it is common to have this problem and why reinstall if you don't need to? In some cases on a remote system you can't easily reinstall without physical or KVM access.
So in this case you add a second physical or disk or already ha........
#solution
Edit /etc/yum.repos.d/openvz.repo
For the first two entries comment out #mirrorlist and uncomment #baseurl and then it worked
openvz yum problem Centos 6.5 cannot find file on mirror:
yum update
Loaded plugins: fastestmirror
Determining fastest mirrors
* openvz-kernel-rhel6: mirrors.ustc.edu.cn
* openvz-utils: mirrors.ustc.edu.cn
base ........
mount -o bind /somedir /anotherdir
In /etc/fstab
/somedir /anotherdir none bind 0 0........
The solution was to reinstall the vbox dkms package and do a manual modprobe of the modules it makes.
I never sorted out the unable to start due to the USB issue, I did have the guest additions installed but the only way to boot was to change the pointing device from USB to PS2 and then to disable the USB controller (if your pointing device is set as USB, disabling USB will not work because it will re-enable by default when it sees your pointing device is USB, this is w........
Before reading on remember to put the line at the bottom of /etc/sudoers as from experience what happen is that other rules cancel out what you have added.
If your sudoers setup is correct it will work immediately upon saving without requiring a reboot.
Edit /etc/sudoers
yourusername ALL = NOPASSWD: /path/to/command
*Once again remember the above should be on the bottom of the sudoers file or........
sudo apt-get install zoneminder
[sudo] password for one:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libuser-perl python-evince kdebase-apps kwrite unixodbc
libgnomeprint2.2-data python-soappy vgabios python-metacity hddtemp
python-mediaprof........
So the situaton is this, you depend on things being relevant to where your bash script is and to be safe you want it to be dynamic (eg. do not hard code that we switch to /abc/dir but rather detect where script.sh is located).
scriptlocation="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
The path is then contained the the variable "scriptlocation" so you can cd to it in your script etc............
yum -y install wget
wget -P /etc/yum.repos.d/ http://ftp.openvz.org/openvz.repo
rpm --import http://ftp.openvz.org/RPM-GPG-Key-OpenVZ
yum -y install vzkernel vzctl
#enable ip_forward
sed -i s/'net.ipv4.ip_forward = 0'/'net.ipv4.ip_forward = 1'/g /etc/sysctl.conf
#all interfaces should not send redirects
echo "net.ipv4.conf.default.send_redirects = 1" >> /etc/sysctl.conf
echo "net.ipv4.co........
Use netstat with the -anpe option. The e option shows the inodes and I do not know if it will always work or if it was by fluke but I was dealing with dozens of SSHsessions and needed to know which session was related to which forward (the PIDs of the SSHand SSHD did not match etc...)
Notice the "59560675" and "59560762" those are almost identical, if you find two sets that are nearly identical except for the last 3 digits they may match (in my ca........
vi /etc/yum/pluginconf.d/fastestmirror.conf
exclude=.hk,.cn
You could also use specific domains but as you can see above we are blacklisting all Hong Kong and Chinese mirrors in this example.........
tar -ztvf flashrom.tar.gz
the "z"is for gzip, if it is not gzip remove the z. If it is bzip then use "j" instead of "z" etc..........
#from epel repo
yum -y install opendkim
chkconfig opendkim on
cd /etc/opendkim/keys
opendkim-genkey -vd mail.server.com
opendkim-genkey: generating private key
opendkim-genkey: private key written to default.private
opendkim-genkey: extracting public key
opendkim-genkey: DNS TXT record written to default.txt
........
This happened while trying to delete several thousand users from phpBB and basically corrupted the innoDB tables.
InnoDB: Page lsn 3 881164362, low 4 bytes of lsn at page end 881164362
InnoDB: Page number (if stored to page already) 86920,
InnoDB: space id (if created with >= MySQL-4.1.1 and stored already) 0
InnoDB: Page may be an index page where index id is 700
InnoDB: (index "tid_post_time" of table "phpBBdb2005"."phpbb3_p........
It is very simple and like this to test for the existence of file using bash scripting:
if [ -f /etc/somefile ]; then
echo "yes it exists"
fi........
if [[ "$templatesource" == *windows* ]]; then
partition=/dev/sda2
fi
The * before and after * windows will match this "Ihavelotsofwindowshere"
Of we could have used "windows*" and anything that starts with "windows" will be matched etc...........
windows cannot find the microsoft license terms windows 2012 server install
This is actually because you are using less than 576MB of RAM. In my case I was installing on a KVM VPS with 512MB of RAM. This issue would apply to any physical or virtual server with less than 576MB of RAM. This includes Virtualized VPS Servers with XENHVM, KVM, VBOX, VMWare etc.. or Dedicated Servers with such little RAM.
It's very misleading of course since it has not........
if you type Export and see something like this:
declare -x all_proxy="socks://127.0.0.1:22000/"
Most sites assume and tell you to check your .bashrc or /etc/profile /etc/bash.bashrc which may not apply if you've unknowingly or forgot that you setup a proxy from your GUI such as Gnome.
To check in Gnome if you have a permanent proxy do the following:
System -> Settings -> Network Proxy........
It's a great feature to ward off bruteforce but is also annoying because you think you have the wrong password when you can't login.
How to Disable cp hulk for 5 minutes
/usr/local/cpanel/etc/init/stopcphulkd........
It is a permissions issue that is hard to fix.
All but one USB device is greyed out.
I am already a member of "vboxusers"
I have already enabled and disabled USB support for the guest.
I have already reinstalled the latest VBOx guest editions
If running as root it all works fine
Changing........
The solution is to run '/etc/init.d/vboxdrv setup' and sometimes happens when upgrading VBox and the kernel modules don't get upgraded with it. Sometimes the above doesn't work until you reboot because sometimes other unknown processes (even the file manager possibly) may be locking the old module from being unloaded.
Failed to open a session for the virtual machine XP.
The virtual machine 'XP' has terminated unexpectedly during startup with exit code 1.........
First of all to find your IP you can hold the "X" button for a few seconds and it will print out the DHCP IP.
Another way to find the IP that I prefer is to login to your router or switch and find a hostname that says something like "SEC001599CD2948" which will be your Samsung printer (at least for the C3xx or C4xx series of Samsung printers).
The login and password for Samsung Syncthru Webservice:........
It's simple, just edit /etc/vz/vz.conf and add or change the following:
VE_LAYOUT=simfs........
iptables -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1/32 --dport 3389 -j DNAT --to-destination 192.168.5.2:3389
iptables v1.4.7: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
The above is often because you don't have the correct modules loaded on the hostnode or enabled for the container but in some cases it's actually a weird openvz setting.
Che........
Aug 25 16:43:24 evohostingtor postfix/master[19471]: fatal: /etc/postfix/master.cf: line 24: field "unprivileged": bad value: "???"
Solution: I had the wrong thick dashes when c&ping (just retype them with your keyboard)
Aug 25 16:47:10 mailbox postfix/master[24498]: fatal: /etc/postfix/master.cf: line 25: bad transport type: syslog_name=postfix/auth-cleanup
auth-cleanup unix n - - - 0 cleanup
#-o syslog_name=postfix/........
The most common solution is to use the /etc/postfix/header_checks but this is a big problem.
Why is header_checks a problem? Because it does it to all mail whether incoming or outgoing and whether authenticated or not. We of course want as much header information for incoming as we can get for many reasons but many organizations want to secure and make their mail clients as secure as possible.
I adapted this solution to the client's custom config, they are configur........
There is a weird quirk with how this works, but there is a variable called "src" that defaults to 0 or disabled if not specified as 1.
The default 0 means not to recur billing on a subscription. It's too bad it's not more obvious anywhere nor is there an explanation or warning during payment or after to both the seller and buyer.
Here's a proper subscription code example that does recur and does not cancel........
I've only ever seen this in Ubuntu for some reason and it is because of the /etc/nsswitch.conf settings.
So the issue is that if the hostname's reverse DNS cannot be found that you need to go back to DNS which was not the default in this nsswitch.conf file for some strange reason.
Edit /etc/nsswitch.conf and replace your "hosts" line with this:
#hosts: files dns mdns4_minimal [NOTFOUND=return] mdns........
http://sourceforge.net/projects/apacheoo-deb/files/debian/dists/wheezy/main/binary-i386/
To install AOO on your computer, you need to add the following entry to the /etc/apt/sources.list file:
deb http://downloads.sourceforge.net/project/apacheoo-deb/debian wheezy main
sudo apt-get update && sudo apt-get install openoffice-en* openoffice-brand-writer openoffice-brand-calc openoffice-brand-impress openoffice-brand-base open........
#count=10000 makes an image of 10000MB make sure your image is at least the same as your existing
dd if=/dev/zero of=yourimage.img bs=1M count=10000
# losetup -fv newimage.raw
# fdisk -cu /dev/loop0
# kpartx -a /dev/loop0
# dd if= of=/dev/mapper/loop0p1
# e2fsck -f /dev/mapper/loop0p1
# resize2fs /dev/mapper/loop0p1
# a lot of guides tell you to edit /etc/fst........
cat /etc/some.conf|grep -Ev '^#|^;|^$'
This assumes that comments start with # or ; (adjust as necessary). Also note that the ^$ omits blank lines.........
yum -y install wget
wget -P /etc/yum.repos.d/ http://ftp.openvz.org/openvz.repo
rpm --import http://ftp.openvz.org/RPM-GPG-Key-OpenVZ
yum -y install vzkernel vzctl
After that just reboot and you may also have to enable ip_forward in /etc/sysctl.conf........
nf_conntrack: table full, dropping packet
The above in some cases I've seen is a sign of a DOS attack or can occur if users are using services like torrenting, proxy, VPNetc... Do not take it lightly as the above can knock a server offline if the table becomes full and I've also seen full crashes and kernel panics shortly after.
........
Error: Package: php-Monolog-dynamo-1.7.0-1.el6.noarch (epel)
Requires: php-aws-sdk
Error: php-pecl-zendopcache conflicts with 1:php-eaccelerator-0.9.6.1-1.el6.x86_64
Error: php-xcache conflicts with php-pecl-apc-3.1.9-2.el6.x86_64
Error: php-pecl-zendopcache conflicts with php-pecl-apc-3.1.9-2.el6.x86_64
Error: Package: php-horde-Horde-Vfs-2.1.2-2.el6.noarch (epel)
&n........
root@hkhosting [/]# service httpd start
Starting httpd: Syntax error on line 2 of /etc/httpd/conf/httpd.conf:
Invalid command 'Alias', perhaps misspelled or defined by a module not included in the server configuration
........
I never found a solution to do it live (nothing worked that I found) so it looks like a relogin is required.
Check your maximum file limit
cat /proc/sys/fs/file-max
824460
This is different than your actual's user limit which you'll see below
ulimit -n
1024
Try and set it higher but it won't work
ulimit -n 65000........
It's not as simple as "yum install" as you can see below and it doesn't stop there.
yum install php53
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* rpmforge: mirror.us.leaseweb.net
* extras: centos.mirror.rafal.ca
* updates: centos.mirror.nexicom.net
* base: centos.mirror.nexicom.net
* addons: centos.mirror.nexicom.net
Setting up Install Process........
[Wed Jan 08 18:50:07 2014] [emerg] (28)No space left on device: Couldn't create accept lock (/etc/httpd/logs/accept.lock.15449) (5)
This may happen when trying to restart Apache and you find it dies right after starting and check /var/log/httpd/error_logs.
What is the cause of this?
You could be out of disk space (if you're not then see #2 and below)
You're out of Semaphores, you need to kill all the old ones.........
I was having an issue with only certain random/jpeg files with the functions imagecreatefromjpeg imagecreatetruecolor and other related ones.
This issue was annoying basically it seems like a libgd issue/bug with newer versions of PHP and it was difficult to trace-out. One very useful thing that helped me was using "php-cgi" and passing the query string as an argument eg:
php-cgi images.php source=IMG.jpg (that way you get all the error messages wh........
This server has been running for weeks without issue, it's currently only using 1 of 2 CPUs as it is running in the office as a test bed (mainly due to the handle 12 bay storage/great for testing HDDs). The errors below seem to mainly be from AMD CPUs, it's only happened a single time and in the days since Igot that error it hasn't occurrred.
Interestingly enough /proc/cpuinfo still shows all 4 cores of the CPU (Opteron 2373 Quadcore HE) and the functionality doesn't seem........
Fatal error: Out of memory (allocated 6291456) (tried to allocate 7680 bytes)
This is usually caused by Wordpress, Drupal or other ridiculously inefficient CMS' out there, as a temporary fix you can increase PHP's memory limit but it's best to find the actual culprit, by disabling add-ons and other scripts etc...........
yum -y install fail2ban
vi /etc/fail2ban/jail.conf
[asterisk-tcp]
enabled = true
filter = asterisk
action = iptables-multiport[name=asterisk-tcp, port="5060,5061", protocol=tcp]
sendmail-whois[name=Asterisk, dest=you@example.com, sender=fail2ban@example.com]
logpath = /var/log/asterisk/messages
maxret........
./configure
./configure: cannot locate gcc 3.x. please install it or specify with --qemu-cc
yum -y install gcc make
./configure
./configure: cannot locate gcc 3.x. please install it or specify with --qemu-cc
yum -y install compat-gcc-*
./configure
Error: Could not find alsa
Make sure to have the alsa libs and headers installed.
yum -y install alsa-lib-devel
./configure........
mount -o bind /proc /sda2/proc
mount -o bind /dev/ /sda2/dev
mount -o bind /sys /sda2/sys
chroot /sda2
mint / # mount -o bind /proc /sda2/proc
mint / # mount -o bind /dev/ /sda2/dev
mint / # mount -o bind /sys /sda2/sys
mint / # chroot /sda2
mint / # cd ~
mint ~ # ls
Desktop
mint ~ # cd /
mint / # ls
bin Desktop dev-temp home&nb........
Linux box13. 2.6.32-042stab076.5 #1 SMP Mon Mar 18 20:41:34 MSK 2013 x86_64 x86_64 x86_64 GNU/Linux
even setting privvmpages to a specific setting DOES not affect "free -m" in containers.
This is probably a kernel issue
23:36:29 up 159 days, 7:12, 4 users, load average: 0.42, 0.44, 0.33
[root@box13 ~]# free -m
total&n........
./rsync.sh
sudo: sorry, you must have a tty to run sudo
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(601) [sender=3.0.7]
Solution edit
/etc/sudoers
#Defaults requiretty........
tar -czf yourfile.tar.gz .
The . dot is the crucial part, normally many will use * and that will exclude hidden files by default which is very undesirable as many hidden files are important such as .htaccess and conf files in your home directory etc.. It seems the default behavior of tar should be the opposite but these are all very old tools.........
Everyone should be running with safe_mode on in /etc/php.ini (on Centos) as it makes exploiting your system more difficult is PHPcan't execute anything on the system if a script is exploited.
For example with Safe_Mode on the only executable files on the system are ones in the safe_mode_exec_dir = /safephp
This is crucial, if you must execute anything from PHPthen you have to copy the binary and assign to the user that Apache runs your site under.&........
PHP5 Centos 6 displays part of code from PHP file for some scripts
Solution
edit /etc/php.ini change short_open_tag = Off to:
short_open_tag = On
Then restart Apache and it should be resolved (assuming the scripts failing used )
........
/scripts/phpextensionmgr install PHPSuHosin
Updating md5sum list
Fetching http://httpupdate.cpanel.net/cpanelsync/easy/targz.yaml (connected:0).......(request attempt 1/12)...Resolving httpupdate.cpanel.net...(resolve attempt 1/65)...
Fetching http://httpupdate.cpanel.net/mirror_addr_list (connected:0).......(request attempt 1/3)......connecting to 74.50.120.123...@74.50.120.123......connected......receiving...100%......request success......Done........
LSi Megaraid
At first it was configured as a RAID 0, then I deleted the Virtual Disk Group.
I thought both drives would be shown and detected in Linux as sda and sdb but it actually shows nothing.
To make them work you have to hit Ctrl+R before the system boots (when prompted) and create a Virtual Disk Group. In my case I created each one as RAID 0 (with a single drive only) as I just wanted JBOD but there is no such option or default in these Dell Pe........
rkhunter --update
Running updater...
Mirrorfile /var/rkhunter/db/mirrors.dat rotated
Using mirror http://rkhunter.sourceforge.net
[DB] Mirror file : ERROR
Fatal error: Problem while fetching file
........
pxe-32 tftp open timeout
The solution was to enable tftp in xinetd with "chkconfig tftp on".
See the troubleshooting below:
chkconfig --list
NetworkManager 0:off 1:off 2:off 3:off 4:off 5:off 6:off
acpid 0:off&n........
yum update error
Traceback (most recent call last):
File "/usr/bin/yum", line 29, in ?
yummain.user_main(sys.argv[1:], exit_code=True)
File "/usr/share/yum-cli/yummain.py", line 229, in user_main
errcode = main(args)
File "/usr/share/yum-cli/yummain.py", line 145, in main
(result, resultmsgs) = base.buildTransaction()
&nbs........
package kernel-xen-2.6.18-274.7.1.el5.x86_64 is intended for a x86_64 architecture
Linux etc 2.6.18-274.7.1.el5xen #1 SMP Thu Oct 20 17:06:34 EDT 2011 x86_64 x86_64 x86_64 GNU/Linux
As you can see above architecture and kernel is 64-bit but I had to force it to install using "--ignorearch"
Solution
#rpm --ignorearch -ivh kernel-xen-2.6.18-274.7.1.el5.x86_64.rpm
Preparing...&nb........
The error itself "mkdir(): Too Many Links" is not very useful, but I'll translate it into plain English.
It means you've reached the filesystem's limit of how many directories can be created in a single directory.
In this case for ext3 the limit is 32000 and it was exceeded.
What's the solution?
The simple solution is to move those directories into more subdirectories possibly sorting them by date, alphabet or numerically.........
Jul 11 15:20:58 tor sendmail[9617]: r6AKjOD07: to=
mailserver.com was the hostname of the server, sendmail sends this by default and many mailservers will reject mail to a hostname that does not resolve or exist.
The easiest way is just to change the hostname and make sure it does resolve to something.
I read there is a way in sendmail.mc to manually set a hostname but I never got it working:
vi /etc/mail/sendmail.mc
define(`confDOMAIN........
I installed Ubuntu 11.04 for testing purposes but I couldn't even download SSH server:
sudo sed -i -e 's/us.archive.ubuntu.com/old-releases.ubuntu.com/g' /etc/apt/sources.list
After running the above make sure you do a "apt-get update"
Note with the above that Ihave the search string of "us.archive.ubuntu.com" change it to whatever is in your sources.list
The above does not fix all repositories either, I haven't had a chance t........
This is a great way to test and experiment without risking your current table, or to make a backup of your current table to avoid corruption or dataloss due to malicious activity eg. deletion etc..
There are two steps and two commands
1.)Copy Table Structure
"cars_backup" is the new table and it will be a copy of the table called "cars"........
Once I set a new MAC address everything was fine and finally anything can be pinged etc.., I've had this happen with many clients in different datacenters on different hardware.........
vi /etc/httpd/conf.d/ssl.conf
Change the following from "Listen 443" to something like below
Listen 2243
Then find the SSLVirtual Host Context and edit like below (to your new listening port)
##
## SSL Virtual Host Context
##
........
mysqldump: Couldn't execute 'show create table `general_log`': SHOW command denied to user 'user'@'localhost' for table 'general_log' (1142)
One of my clients almost found out the hard way, here is an unlikely situation that happened.
1.) Years ago the client had another VPS to which they backed up a BLOG nightly to an .sql file, what they forgot is that the file also contained all databases (they used the --all-databases option but forgot). So imagi........
If you make changes to /etc/sysctl.conf (which are permanent and not lost during reboot) but want them to apply with rebooting just use the following command:
sysctl -p
After that your changes will be enabled.........
If you move your hard drive(s) around to other computers/servers, you'll find that your eth0 keeps getting higher, the first time it will become eth1 and then eth2 etc and even higher if your server has dual or quad NICs. The reason is that udevd basically assigns eth0 tot he first NIC it finds and remembers it, if it encounters a NIC with a differentMAC, it assigns it one higher (eg. eth1).
See the example below, I have eth2 now so how doI fix it?........
Client Log
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.1.253 [192.168.1.253] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_d........
Kernel panic - not syncing: Attempted to kill init!
Pid: 1,comm: init Tained: G I------------- 2.6.32-358.el6.x86_64 #1
Call Trace:
[] ? panic+0xa0/0x16f
[] ? do_exit+0x862/0x870
[] ? fput+0x25/0x30
[] ? do_group_exit+0x58/0xd0
[] ? sys_exit_........
for entity in {1..20}; do
echo "entity=entity"
done
The above will loop 20 times, you could also do {2..50} etc...
for entity in {0..10..5}; do
echo "entity=entity"
done
The above will loop 10 times but will start from 0 and increment by 5 each time.........
Here's a proven example of what a bad hard drive can do, it was technically functioning OKin a RAID array but the system became extremely low and the load become high and IOWAIT was even higher and I always thought it was a bad application. The truth is that this failing 1TBHitachi has slowly gotten worse and caused huge slowdowns, (eg. 100% load on Thunderbird waiting for e-mails to load etc..). After swapping it out, tabs change instantly, emails are not lagged, and........
Step #1 - Create Wrapper Script
vi /usr/local/bin/phpsendmail
#!/usr/bin/php
........
[2013/02/22 19:06:37.373564, 0] param/loadparm.c:8004(lp_do_parameter)
Global parameter guest account found in service section!
This is annoying but the solution is simple:
The line "guest account = " is in the section for a share (in /etc/samba/smb.conf), but it should be under globals. Move it under [global] and then everything should be fine.........
There are 3 pieces that are required to restore and make it work (of course consider if any kernel modules need to re-enabled and if you need to change the IPs):
Copy the vz/private/VEID directory to /vz/private
Copy the /etc/vz/conf/VEID.conf to /etc/vz/conf/
mkdir /vz/root/VEID
After that you should be able to see the VE in vzlist -a
You should then be able to start it normally.........
This pops up when connecting the phone and it doesn't seem to charge. The phone keeps showing a status message every few seconds "Connected as a media device".
It's ridiculous why this phone doesn't just default as a simple USB Mass storage device.
Here's what I see in /var/log/messages:
Jan 30 18:51:27 QuadCoreAM2 kernel: [18038228.144046] usb 1-3: new high speed USB device using ehci_hcd and address 24
Jan 30 18:51:28 QuadCoreAM2 ke........
I've read some people/sources say "the timing must match or it won't work". This is not true at least for the Supermicro boards I've tested this on.
Some examples:
PC2-5300F-555-12
PC2-5300F-555-11
etc.. Notice the "12" and "11"
Also the ones that have a "PC2-5300F-555-11-B0" or "PC2-5300-555-11-D0" are also fine.
What happens is what one would expect, the........
This booting error is because the Xen PV guest image uses the Xen kernel, this is not compatible with anything but a host running a Xen kernel.
I did a kpartx -av virtual.img and then it created some partitions that showed up in fdisk.
I mounted it and did a chroot into it and removed the xen kernel and installed a normal kernel but Xen still shows the same kernel in Grub (only the Xen one).
This is strange but it seems like this Xen PV guest has some sort of hidden or........
No one needs this feature for the most part, so here's what I added to /etc/dhcpd.conf to fix it:
ddns-update-style none;........
I've run into two issues with Lantronix based KVMs on various servers and here's how I solved them (with that said I like these units as they are Java based and OS independent and work very well, unike some other models like Startech).
1.) If you are connected by USB only and you're sure USB support from the BIOS is enabled, you just need to click the following in Lantronix
Interfaces -> Keyboard/Mouse
Check "Force USB Full Speed Mode", this fixed the issu........
This is something I often setup for clients because it's very helpful for people in datacenters, this allows custom OS installs on demand, you can customize it more by using kickstart etc.. but here's a base I use before customizing more:
This little script below will install everything you need to get booting by PXE Linux.
It also assumes you set a local IP (be sure not to overwrite your existing IP) on eth0:0 (note the :0) as 192.168.1.10 and it........
The best way is to use rsync, I've set it up so it doesn't copy unnecessary files, or at least ones I'm sure aren't needed.
Here is the rsync command Iused (adapt to your specific Thunderbird profile location):
rsync -hazv user@remotehost.com:/home/user/.thunderbird/sbrer.default/* /home/user/.thunderbird/4nyb0.default/ --exclude=global* --exclude=Cache --exclude=ImapMail --exclude=Mail
This is a great way to get your e-mail accounts going on a new c........
Here is a quick script that works on most Centos versions to disable the virus/SELinux from blocking basic functionality.
The first echo 0 statement disables SELinux instantly but it will still be enabled on reboot.
The second line disables it permanently.
#!/bin/bash
#disable SELinux Immediately
echo 0 > /selinux/enforce
#disable SELinux Permanently
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config........
qemu-img create -b centos.5-8.x86.20120308.qcow2 -f qcow2 ../kvmguests/25000-centos5.8x86.qcow2
Formatting '../kvmguests/25000-centos5.8x86.qcow2', fmt=qcow2, backing_file=centos.5-8.x86.20120308.qcow2, size=10485760 kB
-b the source/base image
-f format is qcow2 and the location of the destination image
What is so special about this? It's even quicker than creating a template with OpenVZ but this is an actual OS.
It saves time a........
For whatever reason the current OpenVZ yum repo file enables the RHEL6 version of OpenVZ, why is this bad? Because if you're running Centos 5 it still defaults to using the kernel from RHEL6 which won't work on RHEL5/Centos 5.
Ionly realized this after wondering why I couldn't boot into OpenVZ that it was using one meant for RHEL6.
To fix the problem you have to edit /etc/yum.repos.d/openvz.repo and disable the "[openvz-kernel-rhel6]" section by changing........
ip_conntrack: table full, dropping packet.
A lot of clients I've seen have this issue, it really seems the default level is way too small. Once this connection tracking table becomes full then packets get dropped which is obviously a bad thing.
One thing to be mindful of though is that 350 bytes of memory are used per entry so there is some justification for not keeping it too high. However, if you have multiple servers running or high traffic daemons........
A lot of people become nervous (and understandably so) when checking their auth or security logs, in Centos /var/log/secure and see dozens, hundreds of even thousands of attempted logins to various services, especially SSH.
Of course you could manually block these people/IPs but no one has time to read the logs like that, what if some program or script could do it for you?
This is what denyhosts does for you, it checks the logs and based on a certain number of failed SSH attem........
I backed up everything in the /mnt/sd_card directory thinking that some dataloss could occur for some reason but purposely left my microSDHC unbacked up thinking that "it won't touch that since it's external" and Samsung's and other manufacturers website even say this (that it won't be affected and not to worry etc).
Apparently I was wrong, my microSD was "undetected" and asked to be formatted after the upgrade (there goes 3-months worth of family photos). No........
Disk /dev/sda: 320.0 GB, 320072933376 bytes
256 heads, 63 sectors/track, 38761 cylinders
Units = cylinders of 16128 * 512 = 8257536 bytes
Device Boot Start End Blocks Id System
/dev/sda1 1 38........
This is so handy, especially if you need things like old kernels etc..., this is the main and practically only place you'll ever find what you need.
http://vault.centos.org........
So you've just purchased your SSL cert, renewed it and installed it or maybe you've had it installed and working fine all the time with all other browsers but you've upgraded to a recent version of Firefox and suddenly get the warning "Error code: sec_error_unknown_issuer" error.
This is terrible since if you bought an SSL cert, you are most likely using it for trust purposes for your business and obviously that message will scare away most potential customers.........
iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
This solution applies to all other iptables modules/problems for OpenVZ, you'll just need to add them to both lists/lines below if you have modules other than what I have below.
The modules need to be enabled in both iptables and the OpenVZ hostnode itself and then the containers which need it must be restarted.
How To Enable IPTables Modules in OpenVZ........
I've encountered this problem before and I believe it may affect other drivers (I could test but I don't have time). This was happening on my custom Linux system with the pcnet32 driver.
pcnet32: eth0: transmit timed out, status 97fb, resetting (and some other kernel module tracing in dmesg)
Basically it means the card is connected (it shows connected in full duplex etc.. and recognized if the cable is disconnected too) but no packets can be sent or received........
debug1: An invalid name was supplied
Cannot determine realm for numeric host address
debug1: Local version string SSH-2.0-OpenSSH_4.3p2 Debian-9etch3
debug1: An invalid name was supplied
Cannot determine realm for numeric host address
debug1: An invalid name was supplied
A parameter was malformed
Validation error
Solution, disable auth from the ssh client (this is a client side error)........
wget -N http://httpupdate.cpanel.net/latest;sh latest
That one command above will do it all (and it takes a long time to install/compile). After that you can access CPanel with your root login information by visiting https://yourdomain-or-ip.com:2087
I personally don't like CPanel (bloated, full of bugs, no shared SSL, difficult to use etc..)but I admit it's easier to install than........
For years I've always built cheap systems believing that there is little difference in more expensive components when it comes to reliability and quality, I generally believe this still except for Power Supplies.
I've always bought cheap cases with nice sounding 350-550W stock/cheap/crap power supplies and haven't had any issues for the most part until recently.
One such case is an NGEAR case with a 550W Optimax power supply, I always read that these supplies don't produce the........
I'm running Ubuntu 10.10 with Asus NVIDIA GT430
2.6.35-32-generic-pae #65-Ubuntu SMP Tue Jan 24 14:06:16 UTC 2012 i686 GNU/Linux
Nvidia binary driver: 260.19.06
The screen sometimes completely freezes and locks up or everything starts going very slow:
[1903398.100007] NVRM: os_schedule: Attempted to yield the CPU while in atomic or interrupt context
[1903402.373210] NVRM: Xid (0001:00): 53, CMDre 00000000 00000080 00000000 00000005 00........
fdisk -lu VPS.img
last_lba(): I don't know how to handle files with mode 81ed
You must set cylinders.
You can do this from the extra functions menu.
Disk VPS.img: 0 MB, 0 bytes
255 heads, 63 sectors/track, 0 cylinders, total 0 sectors
Units = sectors of 1 * 512 = 512 bytes
Device Boot Start End ........
Stuff like this always happens/breaks after a vzctl update, whether it's new parameters being added or required etc..
File /etc/vz/conf/ve-vps.basic.conf-sample not found: No such file or directory
Fix the value of CONFIGFILE in /etc/vz/vz.conf
Creation of container private area failed
Warning: distribution not specified in CT config, using defaults from /etc/vz/dists/default
WARNING: /etc/vz/conf/4400.conf not found: No such file or directory........
I dread updating the kernel and rebooting to find the Ubuntu graphics aren't working and you have to manually intervene. This is usually because Ubuntu for whatever reason didn't update the drivers you need (eg. the manually compiled Nvidia Kernel driver that MUST be recompiled for each and every kernel update unfortunately).
The most common reason may be that "linux-source" hasn't been installed automatically on my system. I tried to manually reinstall the........
Failed to initialize monitor device 95% power on
Solution
/etc/init.d/vmware-core start........
This is the mail system at host mail.postmail.com.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
&........
It really is as simple as:
cdrecord -v dev=/dev/sr0 pathtoyourisoimage.iso
-v is for verbose, I prefer it but if you don't you won't see as much output like below (I like to know the details and exactly what's happening)
dev=/dev/sr0 specifies the device name of your burner (they say not to use it and to specify some weird annoying device string but using the raw /dev has always worked for me and is how it should have been implemented from the start IMHO)........
gocr works great and it's simple, just invoke it like so:
gocr filename.png
The output will be printed to the screen.
My only complaint/concern is that even with standard terminal output (not scanned) from a printscreen, gocr does make mistakes by inserting extra spaces where they don't belong, mistaking letters for numbers etc.. but it's definitely enough to be readable and figure out what you're looking at.
I haven't tested yet with scanned input........
The normal solution would be as follows:
export DISPLAY=:0.0
/usr/lib/vino/vino-server &
But what happens if that doesn't work? I haven't been able to find much documentation about how to find the list of displays and how their numbering works in Xorg.
Sometimes you'll get this error when trying to restart vino:
Cannot open display:
For some reason my display is not on 0.0........
Within vi if you can't exit /etc/vim/vimrc you can type
:syntax off
And to turn it back on:
:syntax on
Many of us have a dark/black background in our terminal/shell making the default syntax unreadable, the solution is to either turn off syntax highlighting with :syntax off or to enable a special option in /etc/vim/vimrc
Edit /etc/vim/vimrc
The "syntax on" enables the highligh........
The solution to this screen issue is simple.
This happened to me in Centos 5 as a user, but I also su'd to it and I don't have any password for it.
I've read some people say this is more common when su'ing.
The solution is simple though, just give others rw access to the corresponding pts whether it's 0,1,2 etc..:
As root do
chmod o+rw /dev/pts/2
........
ifup eth0
SIOCSIFFLAGS: Cannot allocate memory
Failed to bring up eth0
This is on a Centos 5.5 machine with OpenVZ kernel 2.6.18-238.12.1.el5.028stab091.1PAE, I updated 3 systems with the same hardware to the same kernel and for some reason the network didn't come back.
This only happened once the first time I booted into the new kernel and hasn't happened again but this is a serious issue for those running systems from remote locations such as a datacente........
I like dd, although it only reads it, usually a read test of the entire disk will uncover if your hard drive is bad in some parts. This is a good thing to do at least once a month, a lot of times bizarre program behavior, laginess and crashing/unnmounting problems etc.. are due to a failing disc and SMART won't know it or indicate a problem:
We must also remember there's never a guarantee, I've found that ever since we moved to larger and more platters per drive with 1TB drives........
Warning: Unable to open /dev/fd0 read-write (Read-only file system). /dev/fd0 has been opened read-only.
That's a very annoying error, it's simply because Centos for some reason thinks it's wise to load the "floppy" kernel module, who has a floppy drive? I haven't seen or used a floppy for over 12 years!
It's more than just annoying, if you probe the drives attached to your system, eg. with grub or partprobe, it keeps trying to locate a flopp........
This assumes that you've at least created the correct partition for your DRBD already.
Notice that I am "diskless", that's because either your DRBD partition doesn't exist/has been renamed (eg. sdb becomes sda when sdb dies and you reboot) or because that drive is really actually dead/gone.
*If you need to permanently change the partition/device for your resource be sure to edit /etc/drbd.conf on both hosts and reload the config.
(replace r0 with........
One thing to note about DNS servers and providers is that they aren't always trustworthy, not even if they're Google or your favorite ISP. Any DNS server can compromise your privacy, and they are likely tracking your browsing habits and keeping logs of it. Sometimes it's for Marketing/Research purposes such as Google's GMail service which they admit is scraped/datamined. I would expect nothing less from their DNS service.
The other danger with such widely used and pu........
Normally if you're in a certain directory you could do:
find *.txt and it will work as expected, but it won't work recursively through child directories, here's the correct way to do it:
find . -type f -name *.txt
The "-type f" is optional because that means only files, but we could have specified d for directory etc...
The above command will work recursively as you'd expect. In that way I find "find" to be un........
You can't just do a straight copy of the VDI image of your virtual machine because there is a unique UUID, wellI believe you can and then you can create a new UUID manually (at least you could with VMWARE) but to keep it clean just use this method:
VBoxManage clonevdi /path/to/your.vdi outputname.vdi
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
That's all there is to it, just wait for it copy and you can th........
If you have a webserver and find you have high IO/lagginess MySQL is one of the first things to check. It turns out MySQL was my problem and it was creating a high load on my server, especially for IO.
How to Enable MySQL Slow Query Logging To Find Slow Performance/Queries
vi /etc/my.cnf
Add this anywhere under [mysqld]
#slow queries
log-slow-queries = /var/log/mysql/mysqlslowqueries.log
long_query_time = 1........
mod_status is a great way to track down the source of high CPU usage and to find what vhost/script is the cause of it.
It gives you a live view of bandwith usage, CPU usage, and memory usage broken down by domain/vhost and script/URI.
Enable mod_status
vi /etc/httpd/conf/httpd.conf
ExtendedStatus On
SetHandler server-status
Order Deny,Allow
Deny from all
All........
yum -y install vnstat
chown nobody.nobody -R /var/lib/vnstat/
#replace venet0 below with your desired interface
sudo -u nobody vnstat -u -i venet0
#edit: vi /etc/sysconfig/vnstat
#VNSTAT_OPTIONS="-i venet0"
# only use the sed below if you are using venet0 instead of eth0 or replace accordingly
sed -i 's/eth0/venet0/g' /etc/sysconfig/vnstat
[root@monitor]# yum install vn........
You need to enable the httpd daemon with monit to actually view the status and control, it's not only for the web interface since the httpd is theONLY way of controlling monit and viewing the status.
monit monitor all will also reinstate disabled services if they've timed out too much. Just restarting the service will do nothing to re-monitor a service that monit has stopped monitoring due to too many failures.
*Also note that /etc/monit.conf i........
high IO wait
424 root 39 19 1900 848 552 D 0.0 0.0 0:00.91 updatedb
root 424 0.0 0.0 1900 848 ? DN Mar11 0:00 /usr/bin/updatedb -f sysfs?rootfs?bdev?proc?cpuset?binfmt_misc?debugfs?sockfs?usbfs?pipefs?anon_inodefs?futexfs?tmpfs?inotifyfs?eventp........
find what MPM Apache is using, it will either be using "worker" or "prefork"
apachectl -l
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c
In my case it is "prefork"
vi /etc/httpd/conf/httpd.conf
Find the section that looks like this (by default one will normally exist for prefork and for worker, but in my case I only care a........
*Remember to restart spamassassin after all of this.
DCC
wget http://www.dcc-servers.net/dcc/source/dcc.tar.Z
tar -zxvf dcc.tar.Z
cd dcc-1.3.138/
./configure;make;make install
#enable DCC, uncomment the line that disables it near the top
vi /etc/mail/spamassassin/v310.pre
pyzor
wget http://sourceforge.net/projects/pyzor/files/pyzor/0.5.0/pyzor-0.5.0.tar.gz/down........
Centos 5 Postfix and SPAMASSASSIN Tutorial
yum install spamassassin
chkconfig spamassassin on
vi /etc/mail/spamassassin/local.cf
##############
#required_hits 5
#report_safe 0
#rewrite_header Subject [SPAM]
#5 is the least restrictive (means only the most obvious SPAM is caught. 0 is obviously the most restrictive/sensitive and would have lots of false positives
require........
ls
ls: error while loading shared libraries: libtermcap.so.2: cannot open shared object file: No such file or directory
This is not an ldd problem or case of anything missing, this only happened after I upradedUbuntu.
declare -x PATH="/home/user/bin:/usr/local/bin:/usr/bin:/bin:/usr/games"
"/home/user/bin" is the problem! It's weird because I have no idea how it happened.........
Make sure the module "tun" is loaded on the host.
vzctl set 2000 --devnodes net/tun:rw --save
*Note what's below is what OpenVZ says you need (but I've never had to do it)
vzctl exec 2000 mkdir -p /dev/net
vzctl exec 2000 mknod /dev/net/tun c 10 200
vzctl exec 2000 chmod 600 /dev/net/tun
On the container test the device:
when Something is wrong:........
I keep getting messages like this shortly after using the proxy (it works for a few seconds/page loads and then stops):
channel 12: open failed: administratively prohibited: open failed
I'm not sure what the issue is unless there's some kind of hardware firewall on the other end. I've used this exact configuration on multiple servers with no issue and even disabled iptables etc..........
don't delete /var/lib/mysql/ib_logfile0 or ibdata1 or mysql won't restart
I didn't realize they were internal and not part of replication like the relay files!
/usr/libexec/mysqld: ready for connections.
Version: '4.1.22-log' socket: '/var/lib/mysql/mysql.sock' port: 3306 Source distribution
110127 16:31:00 [Note] /usr/libexec/mysqld: Normal shutdown
110127 16:31:00 InnoDB: Starting shutdown...........
Many people aren't aware but recently Dual-Master Replication setups have become increasingly popular. That's because you get similar features and benefits of having a full-blown cluster (difficult to setup and maintain and requires I believe 3 servers just as controllers).
With a dual-master you just have a different off-set for the keys and you should be good, but of course there is the chance that at some point replication will halt because of an unexpected or unforseen error........
Dovecot enable SSL (by default it uses an old expired cert if you choose pop3s and imaps as protocols)
===================
Create Cert & Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
mkdir /etc/mailssl
chmod 700 /etc/mailssl
cp server.* /etc/mailssl
Edit /etc/dovecot.conf
ssl_cert_file = /etc/mailssl/server.crt
s........
Create Cert & Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
mkdir /etc/mailssl
chmod 700 /etc/mailssl
cp server.* /etc/mailssl
Postfix SSL config
Edit /etc/postfix/main.cf:
#SSL stuff
smtpd_tls_cert_file = /etc/mailssl/server.crt
smtpd_tls_key_file = /etc/mailssl/server.key
To make smtps w........
understanding /etc/aliases
*remember to apply changes you need to run "newaliases" after editing /etc/aliases
one thing I don't get is that it doesn't allow you to specify the whole e-mail address on the left-hand side
eg:
yourfullemail@domain.com: someotheremail@domain.com
postalias: warning: /etc/aliases, line 109: name must be local (if you try the above)
It works more like this:
your........
genuine.com/IN: loading master file genuine.com.zone: file not found
_default/genuine.com/IN: file not found
I always found it silly that no one really talks about this and apparently many like me and even control panels like Plesk were still using hard paths. I always thought "why can't I just specify the name of the zone file and have bind find it". Surely the default search path must be /var/named or somewhere else but there is no such thing.........
PHP5 & Apache Blank Screen/Page
The PHP package is installed and works from the CLI
Error reporting is enabled
The only way I could get it working was:
rm /etc/php.ini
yum remove php
yum install php-* -x php-pear* -x php-pecl*
Interestingly enough reinstalling php did not bring back the deleted php.ini but everything is working.
........
Webmin/Virtualmin when enabling bind:
Failed to save enabled features : Virtualmin is configured to setup DNS zones, but this system is not setup to use itself as a DNS server. Either add 127.0.0.1 to the list of DNS servers, or turn off the BIND feature on the module config page.
It means what it says, add "127.0.0.1" to /etc/resolv.conf........
I found the cause of this issue was from all the diskspace being used but clearing it was not enough. Iguess the tables became inconsistent when space ran out and myisamchk is what fixed the rest.
service mysqld restart
ERROR! MySQL manager or server PID file could not be found!
....................................................................................... ERROR! Manager of pid-file quit without updating file.
se........
VMWare bridged adapter not working:
Message from system: The network bridge on device vmnet0 is not running. The virtual machine will not be able to communicate with the host or with other machines on your network. Failed to connect virtual device Ethernet1.
I'm not sure how to fix this but one of the issues is that my eth0 became eth1 after moving my hard drives to a new motherboard. I have run the vmware-config.pl but this did not resolve the issue.........
Virtualmin Postfix Error:
The status of your system is being checked to ensure that all enabled features are available, that the mail server is properly configured, and that quotas are active ..
A problem was found with your Postfix virtual maps : No map sources were found in the Postfix configuration
.. your system is not ready for use by Virtualmin.
........
This made me nervous but it's clearly a cronjob based on the messages log that happens every Sunday at about 4:22.
I actually can't find any evidence of it in cron.d cron.daily but it is there somewhere obviously.
What I don't get is why doesn't this cronjob do a datacheck like Ubuntu's cronscript does? When you unnecessarily rebuild the array you lose your redundancy during that point which makes your data extremely vulnerable.
*Update I did a grep of &q........
The normal solution doesn't help or apply here:
ssh -v user@192.168.5.41
OpenSSH_4.3p2 Debian-9etch3, OpenSSL 0.9.8c 05 Sep 2006
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.5.41 [192.168.5.41] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: i........
This really made me nervous but notice the mdstat says "check". This is because in Ubuntu there is a scheduled mdadm cronscript that runs everyday on Sunday at 00:57 that checks your entire array. This is a good way because it prevents gradual but unnoticed data corruption which Inever thought of.
As long as the check completes properly you have peace of mind knowing that your data integretiy is assured and that your hard drives are functioning properly (I'........
mdadm: metadata format 00.90 unknown, ignored.
This happens with various versions of older mdadm such as mdadm - v2.6.7.1 - 15th October 2008
It is all because an extra 0 in 00.90 in /etc/mdadm/mdadm.conf that it doesn't like (it doesn't seem to cause any problem except that message though):
Solution - Edit your /etc/mdadm/mdadm.conf and change 00.90 to 0.90 in your arrays:
ARRAY /dev/md3 level=raid1 num-devices=2 metadata=0.90 UUID=f41a4644:6b2a05f........
One of the purposes of rsync is to backup whole filesystems and archive them but how can you do that properly and restore things to normal if all permissions and ownerships are not preserved from your root filesystem?
It's not desirable to have everything running as root, especially not just for an rsync.
The Easy rsync preserve permission solution for non-root users
sudo is the answer and all you have to do is edit /etc/sudoers
At the end o........
I've only used it on Centos, soI thought I'd make a quick Debian guide:
Install the DRBD Package
apt-get install drbd8-utils
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libswfdec-0.8-0
Use 'apt-get autoremove' to remove them.
The following........
VMWare log: /var/log/vmware/hostd.log
SSL Handshake on client connection failed: SSL Exception
sudo /etc/init.d/vmware-mgmt restart
Stopping VMware management services:
VMware Virtual Infrastructure Web Access
VMware Server Host Agent&nb........
Refusing to automatically import keys when running unattended.
Use "-y" to override.
When using echo y|yum install gcc
Fix with rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*........
Moving to RAID was a pain.
What you have to do is the following from an existing install:
Install mdadm
Create your mdadm RAID 1 array on your spare hard drive.
Start it with the missing disk.
rsync the entire contents of your current / to the md partition.
Here's a good way of doing it:
rsync -Pha --exclude=/proc/* --exclude=/sys/* --exclude=/mnt/* /. /mnt/md2........
From a LiveCD or if you're doing something like converting your non-RAID install to mdadm here's how you would chroot properly (you have to mount your proc, sys and dev on the running system/LiveCD to your chroot environment if you want things to work right, especially if you need to run update-initramfs due to a driver change etc..)
*replace "path" with your mount/chroot path
mount -o bind /proc /mnt/path/proc
mount -o bind /dev/ mnt/pa........
I couldn't figure out whyI couldn't install a simple package. This is what's annoying about cutting edge Debian distros, yes we know you support each license on average for 1-2 years but why take down the supporting binary packages and basically disable the older versions?
sudo apt-get install update
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find p........
http://apt.sw.be/redhat/el5/en/i386/test/repodata/repomd.xml: [Errno 14] HTTP Error 404: Not Found
Trying other mirror.
Error: Cannot retrieve repository metadata (repomd.xml) for repository: rpmforge-testing. Please verify its path and try again
Notice it is complaining about "rpmforge-testing", just disable it for now:
Solution is to edit the repo:
vi /etc/yum.repos.d/rpmforge-testing.repo........
After an upgrade wine wouldn't open anything, not even the pre-installed notepad.
There are no wine logs and nothing is mentioned in any standard log file about why.
I finally decided to run wine from the shell and see what's going on:
wine client error:0: version mismatch 398/402.
Your wineserver binary was not upgraded correctly,
or you have an older one somewhere in your PATH.
Or maybe the wrong wineserver is still running?........
Just install the following package "nautilus-image-converter" and you will be able to right click any image and convert the size and rotate it.
My only wish is that you could also convert the image type from say tiff to jpg etc...
This is an awesome/handy/feature and great tool to have. This is one way where GNOME/Nautilus excel, the possibilities are endless to simplify and make simple/mundane tasks quicker and more efficient than ever.........
Virtually no system has a floppy disk drive anymore but you will often find your Linux distribution insists that you do or should have one :)
The solution is to remove the floppy module and prevent it from loading on the next reboot.
rmmod floppy
Centos/RHEL
echo "blacklist floppy">> /etc/modprobe.d/blacklist
#update initramfs so it takes effect
dracut........
ping test.com
connect: No buffer space available
/var/log/messages
Oct 18 12:21:03 vps kernel: printk: 177 messages suppressed.
Oct 18 12:21:03 vps kernel: Neighbour table overflow.
Solution in /etc/sysctl.conf:
net.ipv4.neigh.default.gc_thresh1 = 4096
net.ipv4.neigh.default.gc_thresh2 = 8192
net.ipv4.neigh.default.gc_thresh3 = 8192
net.ipv4.neigh.default.base_reachab........
service vz start
Starting OpenVZ: failed to load module vzmon [FAILED]
vzmon: Unknown symbol ve_snmp_proc_init
vzmon: Unknown symbol addrconf_sysctl_free
vzmon: Unknown symbol ve_ndisc_init
vzmon: Unknown symbol addrconf_ifdown
vzmon: Unknown symbol ip6_frag_cleanup
vzmon: Unknown symbol fini_ve_route6........
service vz start
Starting OpenVZ: failed to load module vzmon [FAILED]
vzmon: Unknown symbol ve_snmp_proc_init
vzmon: Unknown symbol addrconf_sysctl_free
vzmon: Unknown symbol ve_ndisc_init
vzmon: Unknown symbol addrconf_ifdown
vzmon: Unknown symbol ip6_frag_cleanup
vzmon: Unknown symbol fini_ve_route6
........
cd /etc/yum.repos.d
wget http://download.openvz.org/openvz.repo
rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ
yum install ovz-kernel-PAE
Now remember to set /etc/sysctl.conf to "net.ipv4.ip_forward = 1"
You can apply the change immediately by running sysctl -w net.ipv4.ip_forward = 1 but remember that you still have to set sysctl.conf
sysctl -p will load and apply any changes to s........
Internal Server Error
Could not fetch uid or gid for : root
https://192.168.1.42:2083
The reason for this is because the administration port is actually on port 2087, change the port and you'll be good to go.........
Always make a backup of the original file before trying this, I find this kind of thing when updating IPs etc.. to use a script.
Where the old IP is "192.168.5.8" and the new IP is "10.10.5.8"
sed -i s/192.168.5.8/10.10.5.8/g testdomain.org.db
The -i with sed means "inline" meaning we edit the file directly, but without the -i we could just use >and output the results to another file or do whatever else we wanted.........
Create New RAID 1 Array:
First setup your partitions (make sure they are exactly the same size)
In my example I have sda3 and sdb3 which are 500GB in size.
mdadm --create /dev/md2 --level=1 --raid-devices=2 /dev/sda3 /dev/sdb3
mdadm: array /dev/md2 started.
Check Status Of The Array
*Note I already have other arrays md0 and md1.
You can see below that md2 is syn........
wget http://download.virtualbox.org/virtualbox/3.2.8/VirtualBox-3.2-3.2.8_64453_rhel5-1.i386.rpm
rpm -i http://download.virtualbox.org/virtualbox/3.2.8/VirtualBox-3.2-3.2.8_64453_rhel5-1.i386.rpm
error: Failed dependencies:
libGLU.so.1 is needed by VirtualBox-3.2-3.2.8_64453_rhel5-1.i386
libSDL-1.2.so.0 is needed by VirtualBox-3.2-3.2.8_64453_rhel5-1.i386
libXmu.so.6 is needed b........
NET: Registered protocol family 2
The above is the last thing that I ever saw, I tried pci=routeirq etc.. and it wouldn't work.
The solution is to enable IOAPIC in the VBOX Settings
Just enable "IOAPIC" in the settings for your Centos Guest and you'll find the kernel boots just fine. I wonder if a physical system might stall in this same way if the BIOS has IOAPIC disabled which many people do as a troubleshooting method.
........
I am a huge fan of Linux and the idea of OpenSource but I've said it many times, there are still hurdles in today in 2010 for Linux as a Desktop. Linux is still intended for servers at its very core. This can be changed succesfully though, as Apple has shown us with Mac OS X based on FreeBSD.
Half of the issue is lack of driver support and the other half is the Linux Kernel and Window Manages, KDE and GNome still both don't cut it (but they're getting closer).
I'll........
Different distributions such as Debian and Centos behave differently when trying to shutdown your system.
shutdown -H now on Debian does not do what you'd expect. The system won't power down, it will halt and do everything but power down.
shutdown -PH now will do the job though (actually power the system off). This is important to test especially if you are not near the system. If you just use -P it forcefully shuts off which is not........
vzmigrate --online dest-host VEIDNO
eg.:
vzmigrate --oneline 192.168.1.55 101
One option I would recommend is "--keep-dst", that way if the migration is interrupted you can still bring the VPS back up on the original host. After the migration is successful you can manually destroy it.
OpenVZ has a good writeup on this including Checkpointing and Restoring etc:........
This error is annoying, in a Virtuozzo KB entry about this ip tables nat problem they say the kernel needs to be ugpraded:
Symptoms
The node runs 2.6.18-x kernel older than 2.6.18-028stab053.10.
NAT module does not work in container, you get "can't initialize iptables table 'nat'" error:
# iptables -t nat........
This was done on Centos butI think it's easier on Debian machines, the paths that it is set to use are tailored towards Debian, so there is some fiddling that needs to be done on Centos.
This is for chrooting ssh, but jailkit has other uses than just SSH jails but I won't cover them in this writeup.
1. Install jailkit
yum install jailkit
2. Setup Jail Home
mkdir /home/jail
chown root:root /home/ja........
This server was experiencing loads of up to 80 and maxing out the RAM and kmemsize on a CPanel VPS. There were literally dozens if not hundreds of exim processes. I have no idea why exim has such a design that would allow it to consume this much CPU and RAM. Any normal MTA should not be spawning so many processes, it should be processing them in sequence and if it is going to spawn hundreds of processes in response to a large volume of mail, it's better to have a delayed del........
This is a great way to use your ftp server space, for example on your web hosting account (althoughI believe many hosts don't allow storage like this), but if you have a VPS/Dedicated Server etc.., this would be perfect. Imagine how easy it is to work with an ftp account that you can just mount as a normal partition or directory in Linux, it would be great for backups etc..
Name
curlftpfs - mount a ftp host as a local directory
Synopsis........
This is based on Debian Linux but should apply equally to any *nix distro.
Install LUKS/crypt-setup
apt-get install cryptsetup
Setup your LUKS Partition
Of course change /dev/md2 with whatever partition you intend to use LUKS on.
cryptsetup --verbose --verify-passphrase luksFormat /dev/md2
You'll be asked to verify your decryption password twice
*DO NOT FORGET THIS PASSWORD AS IT IS NOT RECOVERABLE!........
My XBOX's dashboard/firmware was from sometime in 2008 when I first bought the system. I mainly played using composite cables but at my brother in law's house we used HDMI. The very first time it worked, but then I bought some games that did some update and after that HDMI never worked.
The symptoms besides having on sound is that your XBOX will show PC monitor resolutions but won't have any option to say you have a 720P or 1080P display, this means the XBOX firmware is fa........
I've never understood how to enable and disable services for different run levels in Debian based distros, it's just weird, annoying and doesn't make sense. I much prefer chkconfig from RHEL.
Just install the package called 'rcconf' and be done with it. rcconf makes things easy for you.
apt-get install rcconf
Reading package lists... Done
Building dependency tree
Reading state information... Done........
I'm using Ubuntu 8.04 but anyone using older kernels will find this may apply to them. My Intel graphics are very slow with the default Xorg settings but by using "EXA" acceleration, scrolling down windows of text becomes pretty snappy.
Just edit /etc/X11/xorg.conf
Section "Device"
Identifier "Configured Video Device"
&nb........
I've recently used CPanel on the admin side for the first time and have to say I hate it. Everything from the layout to the functionality screams "hackish". It just lacks so many common sense features and way of working.
I was never 100% impressed with Plesk but the basics were definitely laid out and done in a sensible manner, even though it is made by a Russian company, they definitely thought about how to make a Control Panel.
I have no idea why people........
route add -net 192.16.5.0 netmask 255.255.255.0 eth0
Of course adjust as you need (eg. the 192.16.5.0 should be changed to the subnet you need access to and eth0 should be changed to the network device that you want that subnet routed through). I also use the /etc/sysconfig/rc.local script and add the above into it (remember that this route only gets added AFTER all other init scripts have finished though).........
I wasted a lot of time wondering why I could never find those packages.
Check the /etc/yum.conf file and at the bottom look for the "exclude=" line.
Below is what I found in mine
exclude=apache* httpd* mod_* mysql* MySQL* da_* *ftp* exim* sendmail* php* bind-chroot*
Just remove those entries or uncomment that line and you'll get access to the missing applications.........
Warning: get_browser(): browscap ini directive not set.
Solution is to edit /etc/php.ini
Uncomment this:
[browscap]
browscap = extra/browscap.ini........
Edit /etc/wwwacct.conf
Then add/edit the HOST line to add your hostname. eg:
HOST yourcpanelserver.com........
Basically the two main types of distros are Debian and RHEL/Centos based. I'm just going to give a quick overview of how the configuration of IP interfaces works in Debian/Centos based distros.
*Just one thing to remember, when setting IPs statically you have to manually specify a DNS server in /etc/resolv.conf (since DHCP is what normally does it automatically)
Debian/Ubuntu/Kubuntu/MEPIS
The IP (DHCP &........
The default options for iptables are very basic. Here is what you need to do in order to enable them in OpenVZ.
1.) Add the modules to iptables and restart iptables:
vi /etc/sysconfig/iptables-config
Edit the line as so:
IPTABLES_MODULES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"
2.........
One note is to secure MySQL, I don't know for sure but I believe you could login to MySQL remotely with no password during this operation (I'm not sure, maybe it doesn't accept blank passwords but I firewall MySQL port anyway and recommend you do the same).
First edit /etc/my.cf
Under the [mysqld] field add the following line somewhere:
skip-grant-tables
Now restart mysql: service mysql restart or on Debian sty........
This function and others may not work with the stock PHPinstall on Centos/CPanel: Fatal error: Call to > undefined function imagecreatefromjpeg()
Even with libjpeg-devel installed it won't work because PHP was not compiled with jpeg support, so we have to do the dirty work ourselves :)
Here is the command/yum's I did to install missing libraries for PHP that configure will complain about (yes it is a one by one process).
yum install bzip2-........
This is a very simple solution, but most guides out there make you login twice (once to scp the key) and once to put the key in authorized_keys. There's no need for that.
If you don't already have a ~/.ssh/id_rsa.pub just type "ssh-keygen -t rsa" and keep hitting enter until it's done :)
Just use this code to easily enable passwordless login with SSHD
key=`cat ~/.ssh/id_rsa.pub`;ssh user@192.168.5.25 "echo $key >> ~/.ssh/auth........
Not sure what rsync switches/options to use?
rsync -PDrphogtl
The short version would be:
rsync -Pha
I think these are really common sense options to use and probaby should be the default.
Explanation of rsync switches
P = display the progress
D = hybrid of --specials and --devices so all special and device files will be copied as well.
r = recursive (otherwise rsync won't copy files deeper than........
ERROR: sdb2/backup.r18 failed verification -- update retained.
This happened when Iwas rsyncing a dying hard drive, a lot of people seem to report this as an error with rsync itself but I don't think rsync is the issue at all.
I know the source hard drive was bad, it was having all kinds of timeout, seek, hardware ECC recovered and reset errors.
The only time something else could be the problem is if the data is being corrupted in transit, perhaps through........
I thought there would be an error message or warning from MySQL in the case that the text you submit is greater than the allowed limit based on the field.
So essentially I submitted text that was about 120,000 characters long, whereas the limit of TEXT is just 65,535 characters! I almost lost half of my data/what I typed without knowing it!
I just altered the field type in my database from TEXT to LONGTEXT. I can't see how LONGTEXT wouldn't be long enough for MOST........
Before we start I take no responsibility for this, you should have a backup and if you make a mistake during this process you could wipe out all of your data. So backup somewhere else before starting this as a precaution, or make sure it's data you could afford to lose.
The RAID 1 Setup (Hardware Wise)
I've already setup my 2 x 1TB (Seagate) drives with identical partitions, make sure your new hard drive (the empty one) is setup like your curr........
I have no idea why but mkfs.ext3 defaults to a patheticlly small blocksize of 1024 bytes/1KB (kilobyte). That means the maximum filesize is ONLY 16GB! With 2KB/2048 bytes you get a 256 GB maximum filesize, and with 4KB/4096 bytes you get 2TB!
I finally noticed/paid attention to this after realizing that with rsync and scp that no file larger than 17GB could be transferred. I then realized it must be a file size limit on the partition.
Here is what tune2fs tol........
It's basically free bash shell script available from: http://wpkg.org/email2fax/index.php/Main_Page
Make sure you have the required tools:
libtiff
ghostscript
mpack/munpack
Where you can e-mail your Asterisk box and it will fax it to the phone number in the subject line. The good news ends there, it is fairly undocumented and buggy.
Take for example how the documentation mentions you can invoke from the com........
In Debian based distros:
apt-get install jabber
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
fakeroot dkms
Use 'apt-get autoremove' to remove them.
The following extra packages will be installed:
jabber-common
The following NEW packag........
I decided on using yum to help me decide even though I normaly use proftpd I decided to see what else I could find.
yum search ftp
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* rpmforge: ftp-stud.fht-esslingen.de
* base: mirrors.netdna.com
* updates: updates.interworx.info
* addons: yum.singlehop.com
* extras: mirrors.netdna.com
rpmforge........
Proxmox has made this free utility to backup running OpenVZ containers. It's a great program which is actually just a PERL script but gets the job done. This program is not 100% required because all it really does is cp -a from your container's path as far as I know but it is still good to have uniformity to how you backup your containers.
For RPM distros such as Centos/RHEL/Fedora etc.. download and install this:
wget http://www.proxmox.com/cms_proxm........
Codelite is a great choice and I intend on getting back into C++ development and I think Codelite is great being cross platform.
It looks like it was designed with a lot of thought and should do the job better. I really dislike the bloated and confusing IDE's from big companies like Microsoft where you usually have to use .NET and other useless technologies that just give Microsoft the advantage over you, the programmer, and the users.........
All you have to do is browse to:
C:Documents & SettingsYourUserName and you'll see the following:
Inside "My Recent Documents" are of course shortcuts to the most recent documents you opened
Inside "SendTo" is your sendto, you could edit that to Send a file to a network destination, your Flash Drive........
PHP cannot access /usr/bin/opensslI have verified the username that runs the process is able to access /usr/bin/openssl and it does exist but the PHP script is saying it doesn't exist:
[code:1:1fd0f3abbe]
if (!file_exists($OPENSSL)) {
//echo "ERROR: OPENSSL $OPENSSL not foundn";
}[/code:1:1fd0f3abbe]
I don't get itI can clearly see the contents of /usr/bin by using the PHP system fu........
Mount Linux ext2 file systemNormally in Linux you could mount ext2 or ext3 etc... like this:
mount -t ext2 /dev/hda1 /mnt/hda1/
In FreeBSD the difference is of course the disk naming conventions (hda1 would be known a /dev/ad0s1):
To mount ext2 in FreeBSD just type:
mount -t ext2[b:68c16c60bf]fs[/b:68c16c60bf] /dev/ad0s1 /mnt/ad0s1........
Asterisk FreeBSD compile problemsI couldn't get it to compile without using the following options at compile time:
[b:b7d672ee28]
make install WITHOUT_ZAPTEL=YES WITHOUT_MYSQL=YES WITHOUT_FAX=YES WITHOUT_ODBC=YES WITHOUT_H323=YES[/b:b7d672ee28]Some problems you might have with copying over your Linux config files to FreeBSD is different paths.
[b:f044931f41]For example the etc path for Asterisk on BSD will now be:[/b:f044931f41]
[qu........
Problems surfing web/servingI noticed sometimes websites wouldn't load at random through a FreeBSD box and other systems on the same link didn't have the issue. I believe it is because of the low default limit of 128 TCP connections that caused the problem. It would also slow down any traffic that requires many connections such as Bittorrent.
The fix is to increase the amount of connections to at least 1024
Edit [b:520b050d3e]/etc/sysctl.conf[/b:520b05........
Upgrade Release Kernel TipsThis is for CentOS 3.1 to 3.8 but the methodology will apply everywhere.
I ran into a problem first of all with a non-booting system after running
#yum update centos-release
It took me to 3.8 and upgraded all the other packages [b:7e931c835d]BUT[/b:7e931c835d]
because of some stupid flags enabled in /etc/yum.conf the KERNEL WASN'T UPGRADED SO AFTER BOOTING, WELL IT DIDN'T BOOT OF COURSE :)
H........
Setup Static IP Address ONBOOTAssuming you are using eth0
Note this will work for any version of CentOS and basically any version of Redhat Linux or Redhat based distribution.
You would need to create a new file
[code:1:02f8d34c30] /etc/sysconfig/network-scripts/ifcfg-eth0:0[/code:1:02f8d34c30]
DEVICE=eth0:0
the ":0" at the end specifies alias 0 we could actually change this to ":99" or "........
Updated to Version 3.8 and can't loginSSHD accepts my password but then hangs at "Last login: Wed Sep 13 21:30:02 2006 from"
This occurred during a yum update after upgrading my release, installing the new kernel and rebooting.
I got kicked out of sshd after seeing the following during yum update:
telnet 100 % done 85/476
tux 100 % done 86/476
ntsysv 100 % done 87/476
rpmdb-redhat 94 % done 88/476........
Need identd for port 113 ? Install authdyum install authd
Happy identing :)Actually it's not that simple.
It installs as an "xinetd" service and is disabled and turned off by deafult.
To enable it run:
[code:1:8c94df8319]
chkconfig --level 3 auth on
service xinetd restart
[/code:1:8c94df8319]
This will set identd aka authd to start by default.
service xinetd resta........
Updating yum repos for DAG /etc/yum.repos.dIn /etc/yum.repos.d
[quote:96456b2ab9]Create any file such as "CentOS-Dag.repo" in /etc/yum.repos.d[/quote:96456b2ab9]
Add the following to the above file:
[code:1:96456b2ab9]
[dag]
name=Dag RPM Repository For Red Hat Enterprise Linux
baseurl=http://dag.atrpms.net/redhat/el$releasever/en/$basearch/dag/
http://dag.freshrpms.net/redhat/e........
Crontab Tutorial - Tips & Shortcuts*/5 * * * * /command
The above is an example of a command that runs every 5 minutes.
Normally instead if the "*/5" you'd have to type
"5,10,15,20,25,30,35,40,45,50,55" etc...
You can use it to run a program every 5 days, 5 months 5 years etc...Crontab run one a day at a certain time[code:1:7a3bd32dfa]0 1 * * * /home/backupguy/databackup.sh[/code:1:7a3bd32dfa]........
E-Mail TipI just thought I'd give you guys a good tip about e-mail. It seems a lot of people like to use a Hotmail or ISP (eg. Telus) account for their e-mail but the problem is what happens if you switch ISPs, then your e-mail address no longer works and old friends might not be able to contact you. The same thing has happened for excite.com e-mail addresses where they just shut down.
Whether you are a business owner or personal user can you afford to lose an e-mail........
MySQL Server wouldn't startStart MySQL Server with the following script that would have installed with the port.
/usr/local/etc/rc.d/mysql-server.sh start........
MySQL Server 3.23 won't start after switching from 4.1I was using a 4.1 alpha version of mysql-server and some how version 3.23 of the client and 4.1 of the client were also both installed!
So I forced uninstalled everything because after trying and trying even though MySQL server was using the short 16byte password authentication I got some other errors.
After trying with the ports and having it fail because I had existing database data I force installe........
Chat MSN/ICQ/Yahoo etc.. ClientsText-Based:
MSN - pebrot, tmsnc, ccmsn
ICQ - centericq........
Package managementIf you're like me and often like using an older version you'll need to know this.
Since all 5.x versions no longer have packages of their own you'll have to use the 5-stable
The best way is to set the [b:d5e8972240]packagesite environment variable[/b:d5e8972240] like so in your [b:d5e8972240].profile [/b:d5e8972240]file
[quote:d5e8972240]vi /etc/.profile[/quote:d5e8972240]
Add this:
[code:1:d5e897224........
Use Mozilla Firefox, not Internet Explorer - You'll be glad!Hey guys,
I just thought I'd recommend that everyone switch to Mozilla Firefox as their web browser. You can find it at http://mozilla.org
It is free and it is much better than IE. It has a built-in popup blocker which works great and most importantly, it doesn't have a million critical security flaws which could compromise your security such as passwords for on-line banking etc..........
This is a very weird, annoying and bizarre quirk with many distributions, especially Debian. The home and end keys don't work, but it's a simple fix as long as you found this article :)
You just have to edit /etc/inputrc:
Find the commented lines as shown below:
# "e[1~": beginning-of-line
# "e[4~": end-of-line
*If you can't find the above, just copy and paste the code below into your inputrc, it will en........
auth/auth_util.c:make_server_info_sam(840)
User nobody in passdb, but getpwnam() fails!
I never found the solution to this in the web, as usual so Ithought I'd post the fix. In plain English smbd is telling us that the user "nobody" does not exist in /etc/passwd.
You can simply add this to your /etc/passwd file like so:
nobody:x:65534:65534:nobody:/nonexistent:/sbin/nologin
Now SAMBA/smbd should........
There is actually by default a "Default SSL" vhost that can mess things up for you and can cause surprising and unexpected results.
Default Apache SSL Cert
in /etc/httpd/conf.d/ssl.conf there is a default SSL Virtual Host which screws things up by offering itself instead of the SSL cert I specify in my own vhosts........
Shortcut/Easiest Way To Create A Self-Signed Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
Using the above, you instantly create a self-signed certificate valid for 1530 days and you can simply skip to step #5.) below.
If You Need a Real SSLCertificate (eg. Equifax/Openssl) then you need to create a CSR request (you'll need to follow Steps 1.) and 2.) in order to create the CSR. You then upload the CSR Certi........
This really is a difficult and confusing process for non-Mandarin speakers, but here's what I've done and learned so far:
You can purchase an "M-Zone" China Mobile pre-paid SIMCard from almost anywhere but I tried to purchase mine from Suning (a large electronics dealer) hoping they would be able to help me or answer my questions but my plan didn't work out at all. At Suning once I found someone who spoke some English they gave me the 55 RMB M-Zone China Mobile P........
It's a bit of a pain that many basic third party tools that aren't put of the main Centos/RHEL repositories are not available unless you compile them or install the RPMForge Repo.
*Updated 08/29 with new download location changed from apt.sw.be to rpmforge.sw.be
Here's a quick, simple/cut&paste way to do it:
wget http://rpmforge.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.5.1-1.el5.rf.i386.rpm
rpm -i rpmforge........
Loaded plugins: fastestmirror
rpmdb: mmap: No such device
error: db4 error(19) from dbenv->open: No such device
error: cannot open Packages index using db3 - No such device (19)
error: cannot open Packages database in /var/lib/rpm
Traceback (most recent call last):
File "/usr/bin/yum", line 29, in ?
yummain.user_main(sys.argv[1:], exit_code=True)
File "/usr/share/yum-cli/yummain.py&qu........
In those 4 simple commands you can setup mutual key exchange between two sshservers by using a single login shell session and single window.
*Just change the IP address examples of (10.10.0.2) to the target of your mutual key exchange. It doesn't matter if the server is on a LANor WAN(well unless the server is behind a firewall and you cannot SSHinto it).........
Iwas getting really annoyed with this, I used full quotes around the filename and vi, cat, less all thought I was trying to pass the dash in the filename as an argument.
I didn't realize that all you have to do is just put a dash dash "--"in front.
Here's an example:cat -- "-etc-glusterfs-glusterfsd.vol.log"
Without the -- you get: cat: invalid option -- c
Try `cat --help' for more information.
Ih........
Have you ever seen this dreaded message in your Apache/HTTPD /var/log/httpd/error_log?
[error] server reached MaxClients setting, consider raising the MaxClients setting
The error itself is slightly misleading. Ibelieve this happened to one of my servers, I found Apache was running still, and that you could telnet to port 80 but no respnose would be given.
For some reason my error log initially did not have the above error, but after a restart I saw........
In Newer Linux Distros This Way Is Easiest and works on newer versions like Ubuntu, Mint, Fedora, Centos, Debian etc.
#if you are missing timedatectl this in newer distros like Ubuntu/Mint/Debian and are using a container like Docker then do "apt install systemd"
timedatectl set-timezone America/Vancouver
Replace the America/Vancouver with the correct timezone.
To see the list you can just type "timedatectl set........
A VPS Server I had just wasn't working right, code that I migrated there just wasn't working. For example, it kept telling me the connection to the database was unsuccessful, halfway through iterating through results it already had.
Then I realized it wasn't my code. Ichecked my /proc/user_beancounters and found this:
cat /proc/user_beancounters
Version: 2.5
uid resource held maxheld barrier limit failcnt........
It's actually very simple and "grep" makes it as easy as possible. I'll outline a few common scenarios and provide some examples.
Say you want to search ALLfiles within the current directory (and inside/deeper) for the text "phpinfo()"
grep -R "phpinfo()" *
If you want to search only certain files such as only .txt you would do this instead:
grep -R "phpinfo()" *.txt
As you ca........
I was getting very frustrated one day wondering why it appeared my .htaccess file was being ignored and not processed by Apache. No matter what I did it was obvious that Apache didn't care about my .htaccess file. Then I realized that the default settings must be in effect, which is that my vhost didn't explicitly allow me to override the default settings.
This usually comes down to your vhost settings. Make sure you have an entry like this in your Apache vhost settings in........
This is something that annoys a lot of people, fortunately the Redhat style OS's are the most simple in this respect. I disagree that Debian's way makes sense, it is more of a hackish approach in how they implement iptables.
Anyway, for those who are using Redhat/Centos style OS's it is very simple.
Set your rules from the shell/command prompt and to save the iptables firewall rules so they are remember/loaded on boot just run this command:
service iptables........
There is a tool called "xml2" which will parse both HTML and XML scripts, this is very useful to do a mass extraction or conversion of data based on say an HTML table etc..
It becomes even more powerful using bash if certain tags are identified with a certain class="" attribute or something else unique to only the tags you want.
Happy parsing.........
Apple crippled the iPhone by not allowing multi-tasking of the non-primary apps. I use SSH a lot and I don't want to close my session just to check my e-mail, etc, now an app found in Cydia called "Backgrounder" allows just that.
Although it's not perfect, we installed the correct one for "3.x" iPhones and hit "Reload SpringBoard" and the hour/circle glass has just been going for minutes.
It seems like it installed fine even with the crash t........
Yes, Iadmit I finally got bitten by the hype as much as I can usually see through it all. Keep in mind this review is of the "stock" phone, no jailbreaking yet which is what really unleashes the customizability and whyI bought iPhone.
I had better things to say about this phone before buying it, and it is a great phone, perhaps the best on the market by far, if not because of the Mac OS port onto the iPhone and all the apps, etc, etc.
With that said........
This is unfortunate and frustrating as many sites use it, a lot of people are frustrated that TinyMCE does not work on the iPhone Safari browser.
Apparently the developer of TinyMCE's answer is "talk to Apple about it"
It's really frustrating although, I wonder if any other mobile phones are able to use TinyMCE or not, whatever the case is it would be nice to find a solution to use TinyMCE on the........
As much of a computer nerd as Iam, I'm usually a late adopter to technology for a few reasons. Ifeel most new hyped technologies and electronics are mainly fads, and I'm also cheap.
Adopting later means you avoid the bugs, kinks and most importantly pay the lowest price, that's me being cheap again :)
I never read much about the iPhone but Isaw all the hype around it and until recently I wasn't a big fan of anything Apple until a few years ago I realize........
Icouldn't understand why on one system it took a few minutes to get the SSHlogin prompt when connecting to other systems. The other systems all had the UseDNS parameter set to no, which almost always resolves the login prompt delay.
The reason is Ubuntu and perhaps Debian and other distributions /etc/nsswitch.conf file
Edit yours to have the "hosts" line like so (notice that files and dns are the primary resolution choice........
resume: could not stat the resume device file
I got that after migrating to a different physical hard drive, it wanted to resume from a swap partition that no longer exists.
This is actually controlled by "uswsusp.conf" in /etc
Just edit it and remove the device or change it to the correct new swap file.........
This is really something the SSHServer developers should consider. The cause of this annoyance is because of failed DNS lookups on your IPaddress, which is especially common for many dedicated/col-located servers and also computers on internal NAT/private networks.
The chances are this is the cause of your SSHSlow/Delayed Login problems.
The easy solution to SSH Login Problems
Edit /etc/ssh/sshd_config
Add this line to disable r........
Igot this after copying a VMWare image onto another machine in Debian.
SIOCSIFADDR No such device eth0 error while getting interface flags
The solution
1.) Find and edit the device line in persisent-net.rules note it will be prefixed with something like z25 or something else.
vi /etc/udev/rules.d/z25_persistent-net.rules
The easiest way is to comment anything out.
If you are feeling........
Server not using user level security and no password supplied.
tree connect failed: NT_STATUS_WRONG_PASSWORD
That happens when trying to use smbclient to connect to a share. The weird thing is that I can authnenticate just fine from Windows XP.
It is partially my mistake, I forgot this share does have a password. I've tried authenticating with the correct user and also with "Guest" because this works in Windows. In Linux I ........
There's a lot of information and guides on OCFS2 for RHELand Centos Linux but the package setup and configuration is slightly different and this has thrown some people off.
Installing OC2FS
You should install the following packages to get started:
apt-get install ocfs2-tools ocfs2console
Configure OC2FS
In RHEL/Centos the main configuration file is located in /etc/sysconfig/o2cb
However in Debian based Linux it is located........
This will give you the basic info needed to browse and connect to Samba shares from the command line. From the GUI of Gnome or KDE etc, it is pretty standard and straight forward. However, I've found very little guides on how to do it from the command line and if you're like me, a nerd who prefers command line for its simplicity and for remote use, this is the way to go.
First get a list of all the Samba/SMB shares on the target.
smbclient -L hostname........
User username from 127.0.0.1 not allowed because not listed in AllowUsers
What's going on? The user was created properly, it has been defined as having a shell entry and the entry for /etc/passwd and /etc/shadow is set just fine.
This is a new and very smart/secure feature of SSHD. It is simple and yet effective, but also very annoying if you didn't know about it being implemented and that hand editing of /etc/ssh/sshd_config is required to allow a newly add........
Feb 5 01:39:33 server named[19768]: zone myzone.com/IN: serial number (12331465) received from master 127.0.0.2#53 < ours (200901281)
The above is taken from /var/log/messages
This can be annoying, it can happen for a variety of reasons. What seems to be happening here is that the slave realizes the time on the slave is ahead of the master, so it therefore assumes it has the most up to date copy and won't actually transfer the zone.
The solutio........