Edit your /etc/hostapd/hostapd.conf file like below and restart hostapd.
#WPS stuff
# Enable control interface for PBC/PIN entry
ctrl_interface=/var/run/hostapd
eap_server=1
wps_state=2
ap_setup_locked=1
wps_pin_requests=/var/run/hostapd.pin-req
config_methods=label display push_button keypad
#WPS model info stuff change to suit your needs
device_name=USB2.0 WLAN
manufacturer=ATHEROS
model_name=WAP........
This is certainly a poor design, as you can read many seasoned admins who have updated their iDRAC only to have it killed. One possible cause is not by doing all the incremental updates, doing updates from an old iDRAC to one many revisions newer is a sure way to kill things, but even then there is no guarantee based on the amount of failures.
List of threads of people's dead iDRAC's:........
This guide assumes you have a working Postfix server and want it to sign with DKIM.
There are a few things we have to understand to make all of this work though, which require you to be familiar with DNS as well.
1.) Install OpenDKIM
apt install opendkim
systemctl enable opendkim
2.) Edit /etc/opendkim.conf
Syslog yes
SyslogSuccess yes
Mode&nbs........
This sometimes happens when trying to install the EFIversion of grub to a device when you are booted into Legacy/MBR mode. It doesn't seem to occur on all machines, but some and seems somewhat BIOS dependent.
grub-install --target=x86_64-efi /dev/sda
Installing for x86_64-efi platform.
grub-install.real: warning: Couldn't find physical volume `(null)'. Some modules may be missing from core image..
grub-install.real: warning: Couldn't find physica........
[Wed Nov 01 18:47:08 2023] [error] Unable to configure verify locations for client authentication
[Wed Nov 01 18:47:08 2023] [error] SSL Library Error: 151441510 error:0906D066:PEM routines:PEM_read_bio:bad end line
[Wed Nov 01 18:47:08 2023] [error] SSL Library Error: 185090057 error:0B084009:x509 certificate routines:X509_load_cert_crl_file:PEM lib
It actually gives us a good clue that at last one component of our cert is invalid/improperl........
sysctl vm.overcommit_memory=1
echo never > /sys/kernel/mm/transparent_hugepage/enabled
echo 511 > /proc/sys/net/core/somaxconn
1:M 26 Nov 2023 21:34:33.840 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
1:M 26 Nov 2023 21:34:33.840 # Server initialized
1:M 26 Nov 2023 21:34:33.840 # WARNING overcommit_memory is set to 0! Background sa........
Assign way more replicas than you have of memory on all nodes and watch the Swarm crash which can easily reproduce in a small VMfor testing.
root@Deb11Docker01:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAM........
The error below can be caused by a gateway that is unpingable:
docker swarm join --token SWMTKN-1-1kogg8da68gtb1j7ezaddowyy9s0an5s9tue758o20k18liskw-5h3f61hrrmv3u6agshvbtcklf 172.16.1.80:2377
Error response from daemon: manager stopped: can't initialize raft node: rpc error: code = Unknown desc = could not connect to prospective new cluster member using its advertised address: rpc error: code = DeadlineExceeded desc = context deadline exceeded........
This seems to happen in many different drivers but it happened more often in newer versions such as 530 vs 525.
Then nvidia-modeset goes to 100%
There are many reports of this appearing since driver 4.70 and I can confirm I've seen this in various machines.
https://forums.de........
Have you got this error from Apache?
[notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[error] (28)No space left on device: Cannot create SSLMutex
At first glance it appears that you may be out of disk space but the issue is ipc or interprocess communication.
This will clear out the ipcs processes so things can work, this often happens during high traffic and may be a sign of DDOS.
The command below will fix it, it will list al........
Have you ever tried mounting a partition that you exists but you get this error?
mount: /mnt: can't read superblock on /dev/sda1.
The superblock in this example was bad because the physical disk had corruption and bad blocks/sectors. However, the data was generally accessible and you can always try this trick below (with caution and no warranty).
This is specifically for filesystems that place superblocks in multiple locations, which........
PTY allocation request failed on channel 0
You may have messed up your environment and specifically under /dev you may have remounted a wrong source point or otherwise killed /dev/pts
The solution is to recreate /dev/pts or fix whatever caused it to be wiped out or broken.
In verbose mode the client may show this:
#verbose client
Authenticated to 172.16.17.2 ([172.16.17.2]:22).
debug........
Nov 15 17:00:49 rttbox kernel: overlayfs: filesystem on '/var/lib/docker/overlay2/check-overlayfs-support450709549/upper' not supported as upperdir
Nov 15 17:00:49 rttbox dockerd[93755]: failed to start daemon: error initializing graphdriver: driver not supported
The above error is often/normally caused because you are trying to run docker out of an unsuitable directory/filesystem. For example if you try to place docker's data inside an existing overl........
[ 0.206301] [Firmware Bug]: TSC_DEADLINE disabled due to Errata; please update microcode to version: 0x3a (or later)
[ 0.430409] MDS: Vulnerable: Clear CPU buffers attempted, no microcode
[ 0.430411] MMIO Stale Data: Vulnerable: Clear CPU buffers attempted, no microcode
[ 2.980359] microcode: sig=0x306f2, pf=0x1, revision=0x36
[ 2.981621] microcode: Microcode Update Driv........
Some people find it less than intuitive to do on DNSMasq and by default DNSMasq is available on 0.0.0.0 which could even be your LAN or Public IP.
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp ........
A lot of companies are unsure which solution to choose and many may not be aware of Docker Swarm as an alternative to Kubernetes. One thing that many Sysadmins find is that Docker Swarm is simply easier, quicker to setup and maintain by far than Kubernetes.........
When Is It Time to Leave Your VPS, VDS, and Dedicated Server Provider?
Choosing the right hosting solution—be it Virtu........
In today’s digital landscape, finding a reliable and secure Virtual Private Server (VPS) or Virtual Dedicated Server (VDS) goes beyond just comparing specs and prices. With increasing concerns over data privacy, security breaches, and government surveillance, the wisdom of choosing your VPS/VDS provider based on juri........
First we need a few extra packages:
apt update
apt install -y adduser libfontconfig1 musl sudo
wget https://dl.grafana.com/enterprise/release/grafana-enterprise_10.3.1_amd64.deb
Install / Enable Grafana
dpkg -i grafana-enterprise_10.3.1_amd64.deb
dpkg -i grafana-enterprise_10.3.1_amd64.deb
(Reading database ... 44309 files and directories currently installed.)
Preparin........
During a migration or other custom setup, it's possible you don't have a $HOME/Desktop and as a result the config file that controls this is set to just use your $HOME directory.
This is controlled in the file: $HOME/.config/user-dirs.dirs
As we can see below, Desktop, Downloads, Music and Pictures are set to $HOME. We can edit any of these as we like.
# This file is written by xdg-user-dirs-update
# If you want........
Proxmox's documentation shows the following here.
Which mainly just says change /etc/hosts and /etc/hostname with your new hostname.
Here's what happens if you only do that:
If you just do the above, you will find you have an inaccessible original hostname that contains those VMs and you cannot........
find /usr/share/zoneinfo/|sed s#"/usr/share/zoneinfo/"##g|grep "/"|grep -v posix|grep -v ^"Etc/"|grep -v ^right|grep -v ^"SystemV"
Africa/Addis_Ababa
Africa/Abidjan
Africa/Blantyre
Africa/Lusaka
Africa/Casablanca
Africa/Libreville
Africa/Asmara
Africa/Bujumbura
Africa/Dakar
Africa/Lagos
Africa/Malabo
Africa/Harare
Africa/Kigali........
configure.ac:75: error: possibly undefined macro: AC_PROG_LIBTOOL
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
autoreconf: /usr/bin/autoconf failed with exit status: 1
make: *** [/software/pixman/configure] Error 1
make: *** Deleting file `/software/pixman/configure'
yum install libtool........
autoreconf: Entering directory `.'
autoreconf: configure.ac: not using Gettext
autoreconf: running: aclocal --output=aclocal.m4t
Can't exec "aclocal": No such file or directory at /usr/share/autoconf/Autom4te/FileUtils.pm line 326.
autoreconf: failed to run aclocal: No such file or directory
make: *** [/software/pixman/configure] Error 1
Just install automake:
yum install automake........
This means the autoconf package is not installed, so we'll install it:
/bin/sh: autoreconf: command not found
yum install autoconf
On Debian
apt install autoconf........
Step 1.) Upgrade to Debian 11 first
The process to go to Debian 12 is not as smooth as 11, when trying to upgrade from Debian 10. In fact, it doesn't work directly, so you'll first need to follow this guide to update to Debian 11, reboot and come back here if successful.
Step 2.) Update sources.list
Update your /etc/apt/sources.list like this:
deb http://........
If you have swarm services and dockerd is creating a high load even with the containers just being idle, the easiest solution is to upgrade to a newer docker version.
For example an identical config of 3 nodes, with Redis 5 with 30 replicas produces a load of about 1.45 in Debian 10 with Docker18.09.1
If I create the same setup on Debian 11, with Docker 20.10.5+dfsg1 then the CPU usage is low.
One other difference I wondered is the kernel. In my test setup........
We used a simple Debian 10 VM and showed the memory before starting docker and with no docker containers being started. The goal is to show much much memory dockerd actually uses.
Before docker was started
The VMwas using 58M of RAM.
After docker was started
it was using 99MB of RAM.
How much RAM does docker use?
It's not scientific but fair to say dockerd itself uses about 41MB of RAM (99-58).........
You are trying to mount and connect to an image using qemu-nbd:
qemu-nbd -c /dev/nbd0 rtt.qcow2
qemu-nbd: Failed to set NBD socket
qemu-nbd: Disconnect client, due to: Failed to read request: Unexpected end-of-file before all bytes were read
Another related error:
qemu-nbd: Failed to unlink socket /var/lock/qemu-nbd-nbd0: Operation not permitted
Error with nbd, exiting........
If you get this error, it is often because you have configured Apache with modules that weren't actually installed. Eg. you try to load the PHPmodule but didn't actually install the apache2 php module, so the server can't start. In general, this error can often be caused by issues with problematic modules and/or Apache being configured for modules that have not actually be installed (eg. libapache2-mod-php) is missing.
The above results in this less than obv........
This should work for most console ports of other manufacturers too. It is a quick and simple method for emegencies or deploying a few appliances/devices in a non-standard environment or small environment.
However, if this is a route thing, or the equipment is not physically close to you, it would be best to use some sort of "Terminal" server which is an IP connected switch with several serial ports built-in for this purpose. Normally they accessible by web/........
The issue is that Docker images are stripped down, so many tools and even python3 is missing, so you'll have to build or update the actual image yourself.
I assume you have started an image with something like this and that you have the Nvidia Toolkit installed (assuming you are using GPUs). If you're not using nvidia just remove --runtime=nvidia --gpus all.
docker run -it --runtime=nvidia --gpus all ubuntu bash
These works for most images li........
Welcome to our in-depth guide on configuring NVIDIA GPUs with Docker on Ubuntu. This post is tailored for developers, data scientists, and IT professionals who are looking to leverage the power of NVIDIA's GPU acceleration within Docker containers.
Whether you're working on machine lea........
This does not seem to be officially documented but makes sense that an overlay on an overlay does not work and is considered an unsupported filesystem as is even NTFS . Some admins/organizations try to use ecyptfs as a simple solution to encrypt the contents of Docker. Instead, you could probably........
Just in case, it is reocmmended to backup the original contents of the directory (especially your home dir) before proceeding.
Setup ecryptfs
Run this command: ecryptfs-setup-private
It will ask you for your login password, this is so that when you login, everything is automatically decrypted by using a passphrase that is wrapped with your login.
You can hit enter and leave things blank for an autogenerated passphrase (for mounting) or you can en........
The passwords are stored in the following locations on Unix/Linux:
The directory is usually inside your home like this:
~/.mozilla/firefox
logins.json contains the locations, username and password
key*.db (usually then name could be key3.db or key4.db)
Without the key file you will not see any passwords in Firefox as it is required to in order to decrypt the contents of logins.json........
The issue is when you need to echo something as root/sudo, that it doesn't work. You can never do a sudo echo to an output file as you'd expect.
Take an example to clear out wasted RAM buffers/cache like this:
sudo echo 1 > /proc/sys/vm/drop_caches
-bash: /proc/sys/vm/drop_caches: Permission denied
The solution is to run tee as sudo/root
What we do is echo 1, but then pipe it to the "tee" command as sudo........
So you started a process or other important task that is remote but it is in the foreground and on a pts. This means if you background with Ctrl + Z or otherwise logout or get disconnected that the process will be stopped.
Here is how you can solve the problem:
1.) Hit Ctrl + Z to suspend the process.
2.) Type bg to restore the process into the background. If you do a ps aux on the process you will see it was restored with the & at the end, which puts........
We could always disable swap but this would normally be a bad idea unless you have an incredible amount of RAM and a workload that will never exceed it. However, for live/containerized and high performance environments it could be desirable.
Another middle ground may be to set swappiness to a lower number.
You may also want to clear your kernel's cache, which could be eating up RAM unnecessarily by c........
A lot of developers want to go to 3.11 because of the speed improvements, but most distros never have the latest Python version.
Using the deadsnakes third party repo is the easiest way aside from compiling it yourself (which is safer and recommended):
Step 1 - Add the repo
apt-add-repository ppa:deadsnakes/ppa
If you get an error about requests then install it:........
haproxy is one of the best known and widely used Open Source load balancers out there and a strong competitor to nginx.
haproxy is used by many large sites per Wikipedia:
HAProxy is used by a number of high-profile websites including GoDaddy, GitHub,........
This seems to have changed for RHEL 8 where a normal dracut to update your initramfs creates a system that only boots for the running kernel. For example if you have Kernel 5 and then chroot into a RHEL 8 variant which uses kernel 4.18, and run dracut, it seems that by default the system will be unbootable.
It is also the case that if you move your RAID array or drives to another server that it will be unbootable, because dracut seems to only include modules needed for the curre........
If you plugin your phone to your computer and enable USB File Transfer/Allow on the phone side but the contents of your phone on the computer side are empty in the file manager, you probably don't have mtp-tools.MTP or media transfer protocol is the standard protocol that most phones use to communicate over USB to the computer.
Just do this to fix it and get access to your files:
apt install mtp-tools
After that you should be a........
Virtualbox is a very powerful tool, but for some use cases it is less than optimal.
Say you are in a work, lab or other environment where you are not alone on the physical network and there could be overlap of IPs, but you need all of your VMs to be contactable from your host, VMs need to communicate with each other, and VMs need internet.
NAT Network will give you VM to VM communication and internet, however, it is buggy and unstable. It also doesn't allow host to VM co........
You can read lots of posts about this issue but there is not much information about why this is the case or how grub determines the root= device name. Some even suggest modifying grub.cfg manually which is a disaster as the next kernel update will cause grub to revert back to the device name.
For most people this won't be an issue but those using template system, automated deployments and working in embedded may run into this issue with custom embedded and created minimal kernel........
Remember that control connections are established on port 1723 and then actual data is transferred over GRE protocol 47.
If you have a NAT setup this will work without special forwarding or accepting of GRE packets (normally if you are not blocking outgoing connections and accepting established and related connections).
The below two commands will get things going so PPTP and GRE work
We first load the ip_nat_pptp module which allows PPTP to work with........
If you find your NAT Network is not working properly, the first thing you may want to do is list the networks, check their status and make sure the Network is actually started and configured as you expect (eg. is DHCP on and enabled?).
This is a long known, unresolved bug that seems to affect Version 6 randomly and disportionately on especially Mint 20/Ubuntu 18.
https://www.virtualbox.org/ticket/1474........
Sometimes due to your BIOS/EFI you may find that you have chosen "Energy Efficient" for your CPU which may effectively disable turbo mode. This is because "Energy Efficient" will often restrict or throttle your CPU to the base speed. This can impact nearly any CPU such as Intel's, AMDs, Opteron, Xeon etc...
This is of course frustrating, for example if you have a CPU that is 2.0GHz base speed but turbo to 2.5GHz, you will never hit more than 2GHz.........
Docker adds iptables rules that break a lot of things including MASQUERADE or anything that needs the FORWARD table. If NAT is not working after Docker installation, it is probably because it set the iptables FORWARD policy to DROP.
This may also make you think that your br0 or bridge is not working, but it's likely just due to what we'll mention later on below, that, Docker probably set your FORWARD chain to default DROP all packets, so nothing on your bridge ever makes it out........
It sounds intuitive that you may just move the /var/lib/docker dir to another location and symlink it back but it won't work and you'll get an error.
How to move Docker Storage the Correct Way
This assumes that you want to use /mnt/raid as the new location.
1.) Stop Docker
systemctl stop docker
2.) Move /var/lib/docker
mv /var/lib/docker /mnt/raid/
3.) Edit the Docker daemon file
Specify the path you wan........
Router#show license
Index 1 Feature: ipbasek9
Period left: Life time
License Type: Permanent
License State: Active, In Use
License Count: Non-Counted
Lic........
1.) Make sure your conf register is 0x2102
Do show version and at the very end of the output you will see the Configuration register.
show version
Configuration register is 0x2102
If the config register is not 0x2102 then enter this command:
r1#configure terminal
r1(config)#config-register 0x2102
r1(config)#end
2.) Let's Erase the NVRAM/flash........
It is a bit different and annoying here for these types of routers/models as you need to physically remove the CF (Compact Flash) and only then, will it enter ROMMON mode (Ctrl + Pause remotely over the console will not do it for us). This means you cannot do this remotely, or at least not without the help of a remote/physical helper.
Step 1.) Power off, router and remove CF Disk Slot#2
Go to the router and remove the slot#2 cover uses your hand or it may help to use a........
If you are doing a custom deployment and image, make sure that when you rsync'd or tar'd that you didn't mess up the symlnk of /etc/mtab to /proc/self/mounts
ln --force -s /proc/self/mounts /etc/mtab
Will fix this........
cat /proc/mdstat
Personalities : [raid1] [raid10] [linear] [multipath] [raid0] [raid6] [raid5] [raid4]
md124 : inactive sdj1[0](S)
1048512 blocks
Solution, we "run" the array
sudo mdadm --manage /dev/md124 --run
mdadm: started array /dev/md/0_0........
If you are getting this error from systemctl "Loaded: masked (Reason: Unit hostapd.service is masked.)" we need to unmask the service.
Solution
systemctl unmask hostapd
Removed /etc/systemd/system/hostapd.service.
It's fixed
root@routerOS:/var/log# systemctl start hostapd
root@routerOS:/var/log# systemctl status hostapd
● hostapd.service - Access point and authentication server for Wi-Fi and Ethern........
In this scenario, let's say you want to clone your OS at the filesystem level and the source system (the system you want to clone from) is in use.
Doing a blind rsync / is a big problem because it uses twice as much space for no reason.
The reason for this is that with ecryptfs you have a /home/.ecryptfs directory which has the actual encrypted versions of your files and folders. However your home directory (eg. /home/someuser) is mounted.
Doing the blind rsync will ca........
It may appear to be an Xorg or lightdm/gdm/mdm error but in reality for many users with this issue, it's a driver conflict and issue. I had a system that had two GPUs, an Intel and Nvidia GPU.
The only thing that got it working was to remove the nouveau driver and blacklist it so it never came back, then the Intel GPU works fine without these issues.
Solution
sudo rmmod nouveau
add nouveau/other driver to blacklist
edit th........
I've encountered this after upgrading some Debian/Ubuntu/Mint based systems for no explicable reason, although there are some bug trackers on Ubuntu that document this: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1889509
The short end of the solution is that you need to properly reinstall grub.
1.) Boot from a LiveCD
2.) Mount your root / filesystem and don't forget to mo........
This error implies that there may be an issue with Xorg or maybe your NVIDIA GPU cannot start or initialize:
35 laptop kernel: [ 2031.857704] nvidia: loading out-of-tree module taints kernel.
35 laptop kernel: [ 2031.857724] nvidia: module license 'NVIDIA' taints kernel.
35 laptop kernel: [ 2031.857725] Disabling lock debugging due to kernel taint
35 laptop kernel: [ 2031.873280] nvidia: module verification failed: signature a........
Bonding is an excellent way to get both increased redundancy and throughput. It is similar to the "Network Teaming" feature in Windows.
There are a few different modes but we will use mode 6, I think it's the best of both worlds, as it is not just a failover, but it provides round robin, so you will get redundancy and load balancing. So if you have a 1G single port, you will have a combined throughput of 4G at this point. Just bear in mind that the true thr........
If you are using mint, delete the preference that stops snap from installing (as it is required for lxc)
sudo rm /etc/apt/preferences.d/nosnap.pref
1. Install lxd:
sudo apt install lxd
Issues install lxd or errors? Click here
Debian at this time does not have lxd so you'll need to use snap:
sudo apt in........
This can be used on almost anything, since Gluster is a userspace tool, based on FUSE. This means that all Gluster appears as to any application is just a directory.
Applications don't need specific support for Gluster, so long as you can tell the application to use a certain directory for storage.
One application can be for redundant and scaled storage, including for within Docker and Kubernetes, LXC, Proxmox, OpenStack, etc or just your image/web/video files or even da........
Let's say you have a VM file that uses 200G of dynamic space, but really only has 40G in usage. If you add fles and delete, at some point the file will be larger than the current space you are using.
Take this image which shows is using 71G of space on the host:
The actual space being used inside the image is about 43G as we can see:........
This may be necessary if you have a VM or if for some reason you just want to be more efficient with your space and have the flexibility of changing your swap space at will.
What we mean is the ability to use a "swap file" or similar to the Windows "pagefile" that normally resides on the root or c: partition of Windows.
Here's all you have to do and then you to can have a single partiton with everything, including the swap file on the root partition if you........
freshclam
ClamAV update process started at Sun Mar 20 00:30:50 2022
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.3 Recommended version: 0.103.5
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
main.cld is up to date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
WARNING: getpatch: Can't download daily-26337.cdiff from db.local.clamav.net
WARNING:........
(firefox:9562): LIBDBUSMENU-GLIB-WARNING **: Unable to get session bus: Failed to execute child process "dbus-launch" (No such file or directory)
ExceptionHandler::GenerateDump cloned child 9743
ExceptionHandler::WaitForContinueSignal waiting for continue signal...
ExceptionHandler::SendContinueSignalToChild sent continue signal to child
[Parent 9562, Gecko_IOThread] WARNING: pipe error (40): Connection reset by peer: file /build/firefox-EymEXX/fire........
Install procps and it will install the other packages you need:
apt install procps
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
libgpm2 libncurses6 libprocps7 lsb-base psmisc
Suggested packages:
gpm
The following NEW packages will be ins........
There is a random bug that sometimes occurs with Vbox NAT mode DNS, although it has never happened in the past and Vbox was working fine until recently.
The symptom is that you can see it does get an IP+ DNS from the Vbox NAT DHCP.
Below we use resolvectl dns and verify the DNS server is set to 10.0.2.3 which is the DNS from Vbox NAT. We can ping it but it does not respond to any DNS requests when we use dig @10.0.2.3 realtechtalk.com........
The Best Docker Tutorial for Beginners
We quickly explain the basic Docker concepts and show you how to do the most common tasks from starting your first container, to making custom images, a Docker Swarm Cluster Tutorial, docker compose and Docker buildfiles.........
Just click on the Start Menu and go to "Startup Applications"
Then click on the "Add"Button
Now enter the command we need to open the folder/directory automatically using the filemanager
For remote SSH host (you need pub key auth for it to open without a pa........
Why choose OpenVPN instead of a firewall appliance?
OpenVPN can be a reliable and easy replacement for traditional hardware or just be an additional tool that your company uses so that the firewall can focus on its job rather than acting as a VPNappliance at the same time.
When comparing OpenVPN with traditional firewal........
In our 2024 VPS Server/Cloud Buyer's Guide, we place the location of your VPS/hosting/server as one of the priorities that is often overlooked.
2024 Update - Datacent........
How To Install Wazuh Server / Quickest Installation
Wazuh (forked from the well known OSSEC project) is a full SIEM (Security Information Event Management) that works extremely well with the platforms it natively supports as an "Agent", which allows you to do scans of everything such as all processes running, CVE vulnerability check, incident reporting etc...
Prerequisites:
A lot of issues with Wazuh seem to be caused by i........
1. Let's work from an environment where we can install Ansible on.
If you are using an older version of Linux based on Mint 18 or Ubuntu 16, you may want to get the PPA and get the latest version of Ansible that way:
sudo apt install gpg
sudo add-apt-repository ppa:ansible/ansible
sudo apt update........
Here is the scenario, you are using QEMU/KVM and are using something like the AC97 sound driver to pass the host audio to the guest via pulseaudio. This is useful because you can transparently pass your mic input from the host which means you can mute your microphone from the host, which prevents the guest from receiving any mic input even if unmuted.
Mute / Unmute Fix
This issue also seems to happen even if you press the mute button on the microphone and then unmute,........
NAT Network, the VMs can communicate but your host cannot access them by default.
NAT VMs have internet but cannot communicate with each other.
Bridged is simple and allows full LAN access as if you had a physical machine plugged in but is often bad for testing, work or corporate environments and is not very portable when it comes to moving your VMs to other locations and networks.
Here is how you can use NAT Ne........
From the terminal do this:
cat /proc/cpuinfo|grep -E "svm|vmx"
You should get output like this(svm = AMD-v and vmx=Intel-VTx):
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqd........
The Linux Mint team has disabled it by setting an apt preference, you can edit or just remove the file:
sudo apt install snapd
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package snapd is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source........
Kubernetes Easy Beginners Tutorial/Architecture Guide
Kubernetes is known as container orchestration and we should start at explaining the container part of it.
A Container is what runs the actual application and based on an Image, and are more comparable to something like an LXC Container, Virtuozzo/OpenVZ using the Linux Kernel Namespaces feature. Containers run these images as independent, isolated operating environments under the O........
It is common that you may get access to undocumented equipment and need to reset the password. This applies to many Cisco routers whether 2600, 2900, 3900 etc...
Cisco's Guide says to hit Ctrl +Pause/Break but if it doesn't work on some devices causing people to say "cisco password reset pause break does not work", you can see Cisco's alternative key combinations here:........
So you're trying to browse to a properly configured Samba share but you get this error:
Unable to mount location
Failed to retrieve share list from server: Connection timed out
If your config is right, it can be due to a protocol miss-match where your client has not enabled SMB3 but by default the other side (server) has enabled it.
You can test this out to see with the smbclient tool........
Usually if you get the grub boot loader and it doesn't show any boot options, it's because grub was not installed correctly and/or the partition that it is supposed to be on has changed or does not exist. It can also happen if you install Linux to one drive, but the boot loader to another by accident, whether EFI or MBR/Legacy mode.
You can normally fix your booting/bootloader/MBR/EFI it by chrooting into your root partition:
#become root
sudo su........
Just a quick note and warning is that if you are testing to see if EFIPXE booting works on a VM, MAKE SURE it actually works. For example Iinitially tested using my Distro's QEMU 2.5+dfsg-5ubuntu10.46 and ovmf BIOS firmware (OVMF supports EFI). However, I found on old versions of QEMU (like 2.5), EFIbooting with GRUB NEVER works so it may appear that you have made a mistake when everything is fine when you boot a physi........
Enable "cli" mode equivalent in JunOS
cli
Configure Mode
configure
So rather than going to the console on a Cisco switch and typing "enable" and then "conf t", the equivalent in JunOS is "cli" and "configure".
How Do You Apply Changes You've Made?
You can make all kinds of changes to the switch, but remember they are not........
If you want to start fresh a lot of people falsely assume that an apt remove and then reinstall or apt --reinstall install package will start you off fresh. To be sure and remove all associated config files do the below with the example of ssh server (don't remove it though if you actually use it!)
The key below is using the --purge flag or apt-get purge proftpd (eg sudo apt --purge remove packagename)
apt purge proftpd; apt install proftpd........
Many people may not be aware that you can turn commodity hardware into a Mikrotik OS and there are various options which is "CHR" (Cloud Hosted Router) which is a VMimage meant for Virtualization only (seriously, I've tried to dd the image to a physical server and it just crashed as it does not contain any drivers for physical).
One note as well if you are trying to do a baremetal install you may get an error "Error Loading Operating System" or........
This normally works but if not use my mencoder solution if the output video does not play past the joined time.
the contents of list.txt need to look like this:
file somefile.mp4
file somefile2.mp4
then run ffmpeg
ffmpeg -f concat -i list.txt -c copy CME-2-router-dial-peer-final.mp4
The result is almost instant joining since there is no video processing since we are........
A very common use case is that you don't want to waste time using a video editor that requires you to open it up and manually import the video clip and audio clip, then manually delete the old audio track and import the video and new audio. That's too much work and time since we don't want to go through the hassle.
ffmpeg is our solution, all we have to do is specify 3 variables and we're done!
-i Windows2019-Server-Noaudio.mp4 is our in........
It really seems limited in that it can mainly give you the things you would see on the physical unit such as load etc..
wget https://downloads.sourceforge.net/project/apcupsd/apcupsd%20-%20Stable/3.14.14/apcupsd-3.14.14.tar.gz?r=https%3A%2F%2Fsourceforge.net%2Fprojects%2Fapcupsd%2Ffiles%2Flatest%2Fdownload&ts=1598115866
tar -zxvf apcupsd-3.14.14.tar.gz
cd apcupsd-3.14.14
[root@somebox apcupsd-3.14.14]#
./conf........
If you've come here, don't be embarraassed, working in IT, this is the MOST common computer problem that almost everyone will encounter. The reason why I'm doing this post is because I've seen an increase from colleagues and admins having this problem and many times it's not even your fault. A common scenario is that someone acquires a new or used computer which they weren't given the password for. Fortunately Ihave a detailed list of all the options whether free or pa........
This seems to happen on most if not all Nvidia cards but the good news is that if you are using any of the Linux drivers and have the nvidia-settings tool installed it is just a simple command.
Solution:
nvidia-settings --assign CurrentMetaMode="nvidia-auto-select +0+0 { ForceFullCompositionPipeline = On }"
Enter the above command in your terminal and the screentearing will be fixed which is like enabling Tear Free on AMD cards.&........
Is a mdadm check on your trusty software RAID array happening at the worst time and slowing down your server or NAS?
cat /proc/mdstat
Personalities : [raid1] [raid10]
md127 : active raid10 sdb4[0] sda4[1]
897500672 blocks super 1.2 2 near-copies [2/2] [UU]
[==========>..........] check = 50.4% (452485504/897500672) finish=15500.3min speed=478K/sec
........
This is very frustrating but the fix is usually easy once you read this blog. It's very frustrating when you find that your Linux / Ubuntu laptop's wifi will NEVER work unless it is plugged into the power. The wifi menu may say "Wifi disabled by hardware switch". You may find that your laptop has no switch or has a function wifi button on the keyboard but this does not work or have any effect.
The cause is usual a "wmi" kernel module and simply doing an........
yum -y install gcc make gperf genisoimage flex bison ncurses ncurses-devel pcre-devel augeas-devel augeas readline-devel
checking for cpio... cpio
checking for gperf... no
configure: error: gperf must be installed
configure: error: Package requirements (augeas >= 1.2.0) were not met:
Requested 'augeas >= 1.2.0' but version of augeas is 1.0.0
yum remove augeas augeas-libs augeas-devel
wget http://downl........
apt install software-properties-common
add-apt-repository ppa:deadsnakes/ppa
apt update
apt install python3-pip
apt install python3.7 curl gnupg python3.7-dev git
ln -s /usr/bin/python3.7 /usr/bin/python3
pip3 install numpy keras_preprocessing
curl https://bazel.build/bazel-release.pub.gpg | sudo apt-key add -
echo "deb [arch=amd64] http://storage.googleapis.com/bazel-apt stable jdk1.8" | sudo tee /etc/apt/sources.list.d/bazel........
I used to believe that for Desktops especially that the "ondemand" CPUfrequency changing that kernels included with Ubuntu and Debian based distros have would be sufficient for snappy performance.
However, you can feel the lack of performance on the fastest computer if you have ondemand. A lot of times even under high load 100% of your CPUfrequency in MHz will not be used.
For example a 2.8Ghz CPUmay only run at 1.8MHz or even .9GHz. Now........
mdadm --create /dev/md0 --level 1 --raid-devices 2 /dev/sdb1 missing --metadata=0.90
mdadm: super0.90 cannot open /dev/sdb1: Device or resource busy
mdadm: /dev/sdb1 is not suitable for this array.
mdadm: create aborted
Sometimes running "partprobe" can fix this. Other times it requires a reboot.
One other manual thing that can be done is the following to fix it (if dm is using and blocking it):........
yum -y install wget unzip
wget https://download.nextcloud.com/server/releases/nextcloud-18.0.2.zip
unzip nextcloud-18.0.2.zip
yum -y install php php-mysqlnd php-json php-zip php-dom php-xml php-libxml php-mbstring php-gd mysql mysql-server
Last metadata expiration check: 0:58:02 ago on Fri 13 Mar 2020 02:12:49 PM EDT.
Dependencies resolved.
===================================================================........
There are a few caveats that may not be obvious to everyone so I am going to cover them here but keep this in mind before starting.
Before starting install epel or you will be missing tesseract:
yum -y install epel-release
#1) When you specify your SSL certificate with a full path, it really needs to exist where you tell it to (including the default location of /etc/ssl/certs and /etc/ssl/c........
This is sure simple if you follow the guide but it took a lot of hacking around to make this work on Debian/Ubuntu!
Now before you ask why bother running wine and python, the reason is because Python executables are NOT cross-platform. If you run pyinstaller in Linux, that binary will only run on Linux and the same if you do it in Windows. So it is preferable if you have a single environment that you can create Linux and Windows binaries from rather than running 2 separate........
The scenario here is that you have some sort of remote headless Linux server but would like to run some programs on them and get graphical access to them. The problem is that the remote server may be an image or VMwithout any virtual GPU and even if so, it is likely without KDE or Gnome, so there's no real way to do this, unless you follow our guide.
Install xvfb
apt install xvfb
Reading package lists... D........
It is unfortunate that LXC's dir mode is completely insecure and allows way too much information from the host to be seen. I wonder if there will eventually be a way to break into the host filesystem or other container's storage?
OpenVZ better security:
[root@ev ~]# cat /proc/mdstat
cat: /proc/mdstat: No such file or directory
/dev/simfs 843G 740G 61G........
Occasionally my whole screen locks up and I cannot even swith to the console and I find this in my syslog:
*-display
description: VGA compatible controller
product: Mullins [Radeon R3 Graphics]
vendor: Advanced Micro Devices, Inc. [AMD/ATI]
 ........
MySQL on Debian versions is configured differently than the native local MySQL plugin so you will be disappointed when your password on the mysql client fails by default.
Here is how you reset the MySQL root password the proper and "working way"
#first we gracefully stop mysql
sudo systemctl stop mysql;
#then we forcefully kill any mysqld process just in case
sudo killall -9 mysqld mysqld_safe;........
This is only really necessary in the case you don't want DHCP. If you are dealing with an encrypted LUKS server on the internet, you will often want to have a static IP so you know which IP to connect to (or if you have a semi-static IP assigned by DHCP).
SET IP Address by /etc/initramfs-tools/initramfs.conf
IP Address=192.168.1.27
Gateway=192.168.1.1
Subnet Mask: 255.255.255.0
Hostname=myhome.com
IP=192.1........
The reason for doing this is that the installer doesn't seem to work properly for LUKS and the server installer doesn't even support LUKS anymore. When you use the GUI install on Desktop for LUKS it won't boot and will just hang after you enter your password. So the only reliable way is to do it ourselves.
1.) Make a default minimal install of Ubuntu
2.) Have a secondary disk on the server or VM.
3.)........
The cool thing here is that we only need 1 drive to make a RAID 10 or RAID 1 array, we just tell the Linux mdadm utility that the other drive is "missing" and we can then add our original drive to the array after booting into our new RAID array.
Step#1 Install tools we need
yum -y install mdadm rsync
Step #2 Create your partitions on the drive that will be our RAID array
Here I assume it is /dev........
This is not about using ssh as a proxy, but rather, using a proxy when you are SSHing to another host and using ProxyCommand (where we normally use nc as our proxy tool).
In newer versions of nc the syntax has changed to the following:
ssh -o ProxyCommand="nc -x 127.0.0.1:1234" %h %p user@host
The format must be like above in newer nc versions.
Just be sure to change the 1234 to the port of your SOC........
Symbolic link not allowed or link target not accessible: /path/httpdocs/news.html
There are a few reasons that can cause this message and this is for people who have ruled out the basics, eg. your symlinks are enabled and the right permissions are applied (but read on to learn about ownership requirements above the directory in question).
So there are a few key things here that cause Apache not to follow symlinks:........
This is a gotcha but be aware sometimes iptables may be active and loaded by default.
Also make sure you don't just disable firewalld but also stop it otherwise it will still block stuff:
systemctl stop firewalld
If the above is not the issue then it is possible iptables is running and blocking stuff too, so you'll need to stop iptables.
So in addition to opening firewalld or disabling it, you would need to disable iptables........
mysql reset root password.
Oops I can't remember my MySQL root password!
[root@centos7test etc]# mysql -u root -p
Enter password:
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
First we need to stop mariadb:
systemctl stop mariadb
Now we need to restart it with skip-grant-tables whic........
yum -y install mariadb-server
systemctl start mariadb
mysql_secure_installation
Now we need to secure our install and set the MariaDB root password:
The lines you need to act on are marked in bold shown with the answer you need.
mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SER........
You need to disable vsync like this when running glxgears:
vblank_mode=0 glxgears
For Nvidia drivers do this:
__GL_SYNC_TO_VBLANK=0 glxgears
Notice the higher than 59-60 fps results with vblank_mode=0:
ATTENTION: default value of option vblank_mode overridden by environment.
7919 frames in 5.0 seconds = 1583.704 FPS
8187 frames in 5.0 seconds = 1637.266 FPS........
Downloading and compiling from source to get the latest version of Asterisk is really simple with this guide.
apt install gcc make g++ libedit-dev uuid-dev libjansson-dev apt install libxml2-dev sqlite3 libsqlite3-dev
wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-16-current.tar.gz
tar -zxvf asterisk-16-current.tar.gz
cd asterisk-16.6.2/
./configure
If you get this error change y........
Use fdisk on your USB drive to create a bootable NTFS partition (in my case /dev/sdb):
sudo fdisk /dev/sdb
Welcome to fdisk (util-linux 2.27.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Command (m for help): n
Partition type
p primary (0 primary, 0 extended, 4 free)........
If you can print other PDFs but not a particular one it is very likely that the PDF size is A4 (the longer, skinnier Asian paper size) instead of the North American letter size ( 8.5" x 11"). This breaks printing in most cases. Or it may print if you find a program that ignores the size issue.
Here is an example of an A4 being rejected by a printer in Ubuntu Linux via CUPS
Cannot print PDF CUPS Samsung C460:
Processin........
Most of us know the heredoc method but what if you need a basic query done repeatedly and manually while working from bash? It is a pain to manually type mysql and login each time.
With this command below you can semi-automate those queries:
echo "use somedb; select * from auctions" | mysql -u root --password="yourpassword"
Just modify the above to suit your needs and you can add more queries by adding a sem........
Oct 18 11:06:46 server systemd[529]: rc-local.service: Failed at step EXEC spawning /etc/rc.local: Exec format error
Oct 18 11:06:46 server systemd[1]: rc-local.service: Control process exited, code=exited status=203
Oct 18 11:06:46 server systemd[1]: Failed to start /etc/rc.local Compatibility.
Oct 18 11:06:46 server systemd[1]: rc-local.service: Unit entered failed state.
Oct 18 11:06:46 server systemd[1]: rc-local.service: Failed with result 'exit-code'.........
Create Database:
create database yourdbname;
Show All Databases:
show databases;
Change Database:
use mysql;
Drop / Delete a MySQL Database:
drop database nameofyourdatabase;........
Just edit your tftp file for xinetd like this:
*Change the IPto be the IPof the interface you want to listen on.
To test if your tftp is available on a certain IP range use nc -u yourip 69 to see if you can still connect (/var/log/messages or /var/log/syslog) should show the connection if it is open.
Oct 13 23:20:34 01 xinetd[26631]: Started working: 1 available servic........
sudo pip3 install python-docx
[sudo] password for :
Downloading/unpacking python-docx
Downloading python-docx-0.8.10.tar.gz (5.5MB): 5.5MB downloaded
Running setup.py (path:/tmp/pip_build_root/python-docx/setup.py) egg_info for package python-docx
no previously-included directories found matching 'docs/.build'
warning: no previously-included files matching '.DS_Store' foun........
Video Links:
How To Setup 2 Phones on a Single CME Router and get the GUI going.
How to use Dialpeers with CME with two routers
How to implement call restrictions using COR / Class of Restriction
Getting started, let's enable ephones and DNs we can add a phone with........
service sshd status
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: failed (Result: start-limit-hit) since Wed 2019-10-02 11:07:54 EDT; 36s ago
Process: 476 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=255)
Oct 02 11:07:54 box systemd[1]: Failed to start OpenBSD Secure Shell server.
Oct 02 11:07:54 box sys........
In Centos 7 tftpd will not work with selinux. Clients will not be able to connect and this is all you'll see in the log (then nothing more):
Sep 18 14:39:15 localhost xinetd[4327]: START: tftp pid=4331 from=192.168.1.65
On the client/computer side you will see this:
TFTP.
PXE-M0F: Exiting Intel Boot Agent
Basically the client is being instantly connected and bloc........
I think this is more so an issue with kernel modules not being included. I had this issue on Linux Mint because a new kernel I upgraded to DIDNOT have the "extra" modules and part of that reason is also because older kernels are named differently than new ones.
Take this example article below that shows it in action.
If you were previously........
I don't consider a lot of these "extra" kernel modules "nice to have" as they often contain drivers for essential items like your soundcard, your NIC and many other devices that may not work. Sometimes you may find that "sound" or "ethernet" worked before a kernel/OS upgrade and now in the new version they don't. Often it will be because you need to install the "extra" kernel modules.
One other weird thing is that sometimes........
python3 testserver.com-car-scraping.py html.txt
Traceback (most recent call last):
File "testserver.com-car-scraping.py", line 5, in
import mysql.connector
ImportError: No module named 'mysql'
For some reason it won't install properly even though I have the mysql client on this machine installed too.
Solution:
You need the mys........
If you've just installed VBox and it is not starting or working, the most common problem is usually that you don't have your kernel source installed, which means there is no kernel driver for vbox so it can't work.
You may get an error that says "Kernel driver not installed" in your Virtualbox.
So the first thing you should do is install your kernel source by running this:
sudo apt-get install linux-headers-`uname -r`........
By default bind will not respond to outside queries for security reasons.
In most distributions you will find the default in /etc/named.conf looks like this at the top under options:
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";........
This is a security hole in my opinion and should be plugged by editing the lock screen ui layout:
vi /usr/share/mate-screensaver/lock-dialog-default.ui
#find these objects and set the visible property to false
object class="GtkLabel" id="note-tab-label"
object class="GtkLabel" id="auth-username-label>
object class="GtkLabel" id="auth-realname-label"........
Install Errors on Version 12:
This error happened on QEMU emulator version 2.11.1 pve-qemu-kvm_2.11.1-5
on Proxmox/Debian but installing on QEMU.12 on Centos 6 did not produce the error.
*Update it is not related to the OS or QEMU version. This happened in Centos 6 too after a second install.
What really causes this even though you successfully install........
The strange thing is that usually the first install or two will work on any new machine but then it suddenly won't. I had this experience on QEMU 2.13 on a different machine. There is something finicky or buggy about the CUCM installer even when choosing the same virtual hardware specs.
qemu-kvm command:
/usr/libexec/qemu-kvm -version
QEMU PC emulator version 0.12.1 (qemu-kvm-0.12.1.2-2.506.el6_10.1), Copyright (c) 2003-2008 Fabrice Bellard
........
This is usually because the Group Policy forbids that user or group from logging in.
run "gpmc" (not "gpedit.msc" as that is for local computer settings when you are not using Active Directory) or go to Administrative Tools and Group Policy Management.
Edit the default domain policy like below........
gsmartcontrol is a free tool that let's you see the status of the SMART parameters so you can check things like temperature, reallocated sectors, bad sectors etc.. to give you a better idea of your drive health.
Download it here.
gsmartcontrol is a very useful tool in Windows to check your HDD / Hard Drive health status.
In my experience you should NEVER trust that everything is OK just because SMAR........
chroot which stands for change root allows you to virtually operate in another operating system even though you haven't booted it. It is commonly used to deploy new distros, applications and to fix a broken Linux/Unix install or prep a new system image without having to physically boot the drive or disk.
So in this example let's say we have a drive that has a Linux OS installed on /dev/sdb1 and we have mounted this partition on /mnt/sdb1
The key point is to edit the &quo........
https://docs.microsoft.com/en-us/powershell/module/skype/?view=skype-ps
Troubleshooting Client Connectivity Issues
The first step is to enable full logging in the Skype Client itself and then check the log on the client side. In Windows this normally means going to the Skype client "settings" and then "Enable Full Logging".
Aft........
If you don't aleady have it, you'll need EPEL
Install LXC
yum -y install lxc lxc-templates
Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: mirror.it.ubc.ca
* epel: mirrors.kernel.org
* extras: mirror.it.ubc.ca
* updates:........
Install Issues:
How to Make CUCM iso /modify to work on non-VMWare machines like QEMU/Xen/OpenStack
If you get kernel panic errors in VBOX usually disabling Nested Paging will fix the issue (thanks to Mark).
ks_pre.sh error is caused by having the wrong VDX pattern (change it do sd per guide link above) and/or the wrong VMSpecs (Cisco req........
#!/bin/bash
sshcommand="ssh -N -R 20000:localhost:22 user@8.8.8.8"
result=`ps aux|grep $sshcommand"|grep -v grep`
if [ -z "$result" ]; then
echo "we are going to connect"
$sshcommand
else
echo "we are already connected"
fi
This is a handy script you can use and then add it to cron.
Save........
So say you are behind a typical NAT/LAN setup whether at home, work or while travelling. What if you have a computer or server that you need to connect to from the outside?
Yes you could use a VPN but a quick and dirty, temporary and secure way is to use SSH's Reverse Tunneling Proxy feature.
Requirements
On the remote ssh server host you need the GatewayPorts option enabled in sshd_config (be........
For some reason, perhaps you don't want to run a daemon or let Letsencrypt have access to your production server.
There is a way to use it like a normal CSR/CA setup in manual mode.
./letsencrypt-auto certonly --manual -d realtechtalk.com - www.realtechtalk.com
Eventually you will get prompted to create a certain path and file with certain data:
Create a file containing just this data:
Casdfasfadsfsad........
In most of the Cisco router IOS I find the ports like ge0/0 ge0/1 and ge0/2 or whatever your ports are down. They will not even give you a link light. So one of the first tasks should be getting the port you are working with up.
In my case the first goal is often connectivity with the LAN and WAN.
LAN = your local area network (eg. in the office/home )
WAN= your ISP/public internet (eg. fiber/cable/dsl/ethernet).........
00:55:07: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
00:55:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
Switch(config)#no logging console
........
This works on the 2000 and 3000 series generally.
*The easy way is to just hold the mode button for 10+ seconds.
The full/proper way is below:
1.) Either power on the unit and hold the "mode" button or hold the "mode" button until you see the below:
00:04:08: %SYS-7-NV_BLOCK_INIT: Initalized the geometry of nvram
00:04:08: %EXPRESS_SETUP-6-CONFIG_IS_RESET: The configur........
The key thing is that you must use a "machine"id of "pc-1.3" or it will say your hardware is not supported.
Additionally you MUST use a virtio disk or you will get a ks_pre.sh error as soon as the install starts (a look at logs will show it can't find a disk). This is funny because even though the OS finds the disk and an fdisk -l shows it, it looks like the script looks for a /dev/vda device (virtio) and nothing else, so if you didn't use Virtio as you........
What you need to do if you have taken a dd or real raw image dump of a hard disk:
VBoxManage convertdd windows2019-eval-template.img windows2019.vdi --format VDI
The .img is the raw dd dump and the .vdi is the output file.
--format VDIspecifies to output to .vdi format
If you are in a pinch you can always use qemu-kvm binary and manually specify the .img as your disk and i........
Idid a systemctl restart networking and it broke Proxmox VM connectivity!
#proxmox is the problem after restarting the network the tap devices go to disabled state
[2230884.919905] vmbr0: port 7(tap118i0) entered disabled state
[2230884.948864] vmbr0: port 8(tap122i0) entered disabled state
[2230884.972748] vmbr0: port 6(tap119i0) entered disabled state
[2230885.004745] vmbr0: port 5(tap117i0) entered disabled state
[2230885.03673........
The key thing here is to know the actual partition that is encrypted.
Often in Linux Mint's installer that ends up being partition 5 or /dev/sda5
sudo cryptsetup luksOpen /dev/sda5 anynamehere
You will then be prompted for your irrecoverable passphrase:
Enter passphrase for /dev/sda5:
If all goes well it won't say anything further. If it says ""No key available with this passphr........
A lot of people think arp wil do it but the arp table will only show devices you have communicated with.
Using nmap is a quick and simple way to scan a range to find a machine you may not know the IP for:
eg:
nmap -sP 10.1.5.0/24
Just change the above to your subnet........
Do you hate how Centos 7 defaults to allocating most of your valuable space to /home even though it is a production server?
Here is a quick guide on how to take back that space live, while online (of course make sure you have backups just in case something goes wrong!):
First we will reduce our home dir by 100G:
lvreduce -L -100G /dev/mapper/centos-home
WARNING: Reducing active and open logical volume to ........
debug1: Local connections to LOCALHOST:18006 forwarded to remote address 192.168.1.93:8006
debug1: Local forwarding listening on 127.0.0.1 port 18006.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on ::1 port 18006.
bind: Cannot assign requested address
What we are seeing is that we can't listen on an IPV6 address of ::1. We need to tell SSH to stop using IPV6 so we'll edit ssh_config to take care of this issue........
Jan 30 17:16:10 localhost sshd[25385]: error: Failed to allocate internet-domain X11 display socket.
The solution for me on the server side was the following in sshd_config:
AddressFamily inet
*Remember to restart sshd and also reconnect from the client side.
Ihad all the normal X11 settings on the server but it just stopped........
The main use I have for this is virtual servers being able to use an LVM volume but not occupying all of the space. It saves time in deploying machines and copying them so you are only copying the space they are using (eg. 5GB / 60GB vs the full 60GB). There are some disadvantages which is mainly the fact that thin pools by their nature allow you to "overallocate" disk space which is that you could use more space than is available on the disk itself and corrupt your data........
cat /proc/mdstat
Personalities : [linear] [multipath] [raid0] [raid1] [raid10] [raid6] [raid5] [raid4]
md127 : active (auto-read-only) raid10 sdc1[0] sdb1[2]
1953382400 blocks super 1.2 512K chunks 2 far-copies [2/1] [U_]
resync=PENDING
bitmap: 15/15 pages [60KB], 65536KB chunk
Solution force repai........
I tried to stop a qemu-img copy or clone and it broke everything. It was fine to "stop" it from the GUI but a process still persisted so I killed the relevant qemu-img and the kernel went crazy. It also may not have helped that I tried to lvremove a different volume (an unused disk). But either way it breaks LVM (you cannot even run lvdisplay) so a reboot is necessary.
Jan 17 06:45:21 testserver kernel: [ 5680.439337] systemd-udevd D 0&nbs........
Below are the common errors you'll get with named AKA bind if your time is incorrect.
The simplest solution is to install and run ntpd to correct your system's time (install ntpd if it is not installed)
systemctl start ntpd
systemctl enable ntpd
Dec 20 13:36:16 hostingbox named[2169]: error (no valid DS) resolving 'develop.waxrain.com/A/IN': 14.215.150.17#53........
growisofs -Z /dev/sr0 critical.tar.gz.gpg
Executing 'genisoimage critical.tar.gz.gpg | builtin_dd of=/dev/sr0 obs=32k seek=0'
I: -input-charset not specified, using utf-8 (detected in locale settings)
File critical.tar.gz.gpg is larger than 4GiB-1.
-allow-limited-size was not specified. There is no way do represent this file size. Aborting.
:-( write failed: Input/output error
#remember to us........
In a RAID array I had a have periodically lost a drive here and there over the past several months. Iwas always able to readd and resync without losing data. However at some point it looks like some minor corruption happened and this makes DRBD unhappy.
Using fsck did not help either.
Dec 19 06:01:45 storageboxtest4 kernel: [19005.945890] EXT3-fs error (device drbd0): ext3_get_inode_loc: unable to read inode block - inode=22184379........
mdadm --manage /dev/md125 -a /dev/sdb4
mdadm: add new device failed for /dev/sdb4 as 3: Invalid argument
Dec 19 01:23:48 storageboxtest kernel: [ 2328.854491] md: sdb4 does not have a valid v1.2 superblock, not importing!
Dec 19 01:23:48 storageboxtest kernel: [ 2328.854499] md: md_import_device returned -22
#zero the superblock and try again!
mdadm --zero-superblock /dev/sdb4
mdadm --ma........
Before getting into the output here is my typical experience with SMART, there is what I call a "bad disk" with pending and uncorrectable sectors that cannot be reallocated.
It has caused a kernel panic and system crash repeatedly as we can see from the logs.
But SMART says it has "PASSED" its self assessment. SMART is still useful to me but it is more about looking at Current_Pending_Sector.
Any time I have had anything but 0 for that attribute it........
# a single first slash means first occurrence
# format=${haystack/needle/replacement}
# if you use a double first slash it means ALL occurrences
# format=${haystack//needle/replacement}
email=${file/.txt-marked/}
In the example above we are searching in the variable $file for ".txt-marked" and replacing with nothing (the empty part after the last / means we are replacing with n........
Cisco's CUCM (Cisco Unified Communication Manager) is a system that combines voice, video, data and mobile products into a single unified management suite. At its core, the CUCMis like a "Super PBX" that controls the flow of all communications through an organization even single or multiple site deployments.
Cisco's CUCMmakes communication more effective and simple through centralized management and unification of communications resources.........
This happened in a PHPscript with heredoc but it could really happen anywhere. The issue was whitespace in code like this:
$variable = ........
#get line number of occurrence in text file and then print out x lines from that point
#get the line number of the first occurrence of our search text
linenumber=`grep -n "someuniqueitem" inventory.txt|head -n1|cut -d ":" -f 1`
#linestop represents how many lines after the occurring line we want to print out in this case "20"
linestop=$((linenumber+20))
# sed prints out the line range we want f........
mytop is one of my favorite tools and it is fairly simple aside from a few caveats and issues that persist to this day.
To install it on Centos:
yum -y install centos
Configure ~/.mytop
vi ~/.mytop
user=root
host=localhost
db=test
#port=3306
socket=/var/lib/mysql/mysql.sock
header=1
color=1
Try runni........
systemd is like the service manager for your Centos and other modern Linux distributions (including Debian/Mint/Ubuntu) allows you to enable services, stop them, restart them, check their status and even reboot your system.
The key commands or arguments you will use with systemctl are the following:
Unit Commands:
list-units [PATTERN...] List loaded units
&nbs........
umask are the default permissions that are applied when a file or directory are created. To see this in action simply just "touch filename" or "mkdir somedir" and you'll see what default permissions are applied.
The first thing Ialways tell people you should know is to NEVER change the defaults unless you are making them more restrictive. But they work well and if you change the defaults you could end up creating a file without permission to read........
Ihave a directory structure which the primary user needs full access on but wanted a user to access only a specific directory within the main directory (so they could write in there only and nowhere else).
Here's what Idid:
[root@compevo8001 dllnow]# ls -alh
drwxrwxr-x 2 someuser software 4.0K Oct 19 2017 ExpireYMD-2017-11-20
drwxrwxr-x 2 someuser software 4.0K Nov 19 2017 ExpireYMD-20........
You can do other things but this particular script is just to set all AMD cards to 80% fan speed (remember this script needs to applied everytime you reboot). You could set it is a cron or just throw it into /etc/rc.local
basepath=/sys/class/drm
for hwmon in `ls -1 /sys/class/drm|grep card[0-99]$`; do
echo card=$hwmon;
hwmonname=`ls $basepath/$hwmon/device/hwmon|grep hwmon[0-99]`
hwmonpath=$basepath/$hwmon/device/hwmon/$hwmonname
echo "ec........
This happens if you don' have an updated version normally(eg. things were working fine and you suddenly get this error):
Pool sent wrong data, cannot set epoch, disconnect
ETH: Connection lost, retry in 20 sec...
ETH: Connection lost, retry in 20 sec...
Solution - Download an updated Claymore!
........
You'll have to violate the iso9660 standards but it is necessary if you want to preserve your filesystem and filenames and shouldn't be an issue as long as you are using a modern OS like Linux.
genisoimage -o Backup-Myfiles.iso -r -J -joliet-long /some/path/
You will get errors like below (even enabling joliet-long didn't help)
genisoimage: Error: /some/filename.pdf have the same Joliet name
Joliet tree sort failed. The -joliet-lo........
4.374647] usb_common: exports duplicate symbol usb_get_dr_mode (owned by kernel)
[ 4.403334] usbcore: exports duplicate symbol __usb_get_extra_descriptor (owned by kernel)
[ 4.427736] xhci_hcd 0000:00:15.0: xHCI Host Controller
[ 4.427844] xhci_hcd 0000:00:15.0: new USB bus registered, assigned bus number 1
[ 4.429040] xhci_hcd 0000:00:15.0: hcc params 0x200077c1 hci version 0x100 quirks 0x01109810
[ 4.429141] xhci_hcd 0000:00:15.0: cache line size of 64 is not sup........
wget https://downloads.linux.hpe.com/repo/spp/rhel/6/x86_64/current/CP017004.scexe
--2018-08-16 05:11:16-- https://downloads.linux.hpe.com/repo/spp/rhel/6/x86_64/current/CP017004.scexe
Resolving downloads.linux.hpe.com (downloads.linux.hpe.com)... 15.249.152.85
Connecting to downloads.linux.hpe.com (downloads.linux.hpe.com)|15.249.152.85|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1525561 (1.5........
sudo apt-get install hwloc-nox
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
hwloc-nox
0 upgraded, 1 newly installed, 0 to remove and 530 not upgraded.
Need to get 151 kB of archives.
After this operation, 453 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubunt........
Where markdown=markdown language file and $output is your outputfile.html
pandoc -f markdown $markdown -t html5 --toc --toc-depth=1 > $output
........
Error 0 occurred while receiving the document
root@vh1:/var/tmp# wget http://mirror.compevo.com/proxmox/proxmox-ve_5.2-1.iso
--2018-08-30 16:27:37-- http://mirror.compevo.com/proxmox/proxmox-ve_5.2-1.iso
Resolving mirror.compevo.com (mirror.compevo.com)... 103.25.61.44
Connecting to mirror.compevo.com (mirror.compevo.com)|103.25.61.44|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 641517568 (612M) [application/o........
Your database uses Antelope as the file format. Full UTF-8 support in MySQL and MariaDB requires the Barracuda file format. Please switch to the Barracuda file format. See the documentation MySQL full unicode support for details.
In /etc/my.cnf under [mysqld]
180827 21:43:14 InnoDB: 5.5.59 started; log sequence number 1589339
180827 21:43:14 [ERROR] /usr/libexec/mysqld: unknown variable 'db_file_format=Ba........
[root@localhost:~] vmkping -I vmk1 10.0.2.69
PING 10.0.2.69 (10.0.2.69): 56 data bytes
sendto() failed (Host is down)
vsphere distributed switch vmotion not working
[root@localhost:~] esxcfg-route -l
VMkernel Routes:
Network Netmask Gateway Interface&........
You get errors like below and see you have all question marks for the permissions if you go to /run/user/1000/gvfs
If you try to access the mounted share such as anything mounted as gvfs like an SSH share in your file manager you may get an error like this. It generally means an interruption in communication or a fault with gvfsd has caused it.
Solutio........
503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http20NamedPipeServiceSpecE:0x00005556ba09c070] _serverNamespace = / action = Allow _pipeName =/var/run/vmware/vpxd-webserver-pipe)
503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http16LocalServiceSpecE:0x00007fd26000b240] _serverNamespace = /ui action = Allow _port = 5090)
Errors like the above are usually because there is an issue with your vSphere or more commonly it i........
[root@localhost:~]
BootModuleConfig.sh echo host-ind nfcd........
yes it does create its own json
============================================
cat /tmp/vcsaUiInstaller/ovftool-20180809-175238948-20180809-175603497.log |grep -i json
2018-08-09T17:56:04.238-07:00 verbose OVFTool[30966] [Originator@6876 sub=Default] Manifest file entry: SHA1(VMware-vCenter-Server-Appliance-6.7.0.12000-8832884_OVF10-file1.json) = 1deb658c724767697587d5909c4051c01813e6a1
--> ........
sudo apt-get install libcurl4-openssl-dev git build-essential autotools-dev autoconf libcurl3
sudo apt-get install libcurl4-gnutls-dev
git clone https://github.com/wolf9466/cpuminer-multi
sudo apt-get install cmake libpthread-* libmicrohttpd-dev libssl-dev libhwloc-dev
git clone https://github.com/fireice-uk/xmr-stak-cpu.git
make install
cd bin
chmod +x xmr-stak-cpu
./xmr-stak -O xmr........
checking whether autoconf works... ../configure: line 5377: 7325 Segmentation fault $AUTOCONF $ACFLAGS configure.in > /dev/null 2>&1
no
configure: error:
*** These critical programs are missing or too old: gawk
*** Check the INSTALL file for required versions.
........
[root@thetor2017 conf]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: WARNING: MaxClients of 3000 exceeds ServerLimit value of 300 servers,
lowering MaxClients to 300. To increase........
INFO [07-19|12:11:51] Imported new block receipts count=590 elapsed=8.440s bytes=74117699 number=4870906 hash=6bc60b…934753 ignored=0
INFO [07-19|12:11:57] Imported new state entries count=499 elapsed=9.963ms processed=71076 pending=1526 retry=2&nbs........
https://yarnpkg.com/lang/en/docs/install/#centos-stable
curl --silent --location https://dl.yarnpkg.com/rpm/yarn.repo | tee /etc/yum.repos.d/yarn.repo
If you need node.js:
curl --silent --location https://rpm.nodesource.com/setup_6.x | bash - yum install nodejs yarn........
Server Side Config
1.) First install nfs-utils
yum -y install nfs-utils
2.) Configure nfs share
Create a directory for your NFS share
mkdir /datastore
Create your NFS share in /etc/exports
echo "/datastore 10.220.101.0/24(rw,sync,no_root_squash)" >> /etc/exports
systemctl restart nfs........
dvd+rw-mediainfo /dev/sr0
INQUIRY: [ASUS ][BW-16D1HT ][3.00]
GET [CURRENT] CONFIGURATION:
Mounted Media: 11h, DVD-R Sequential
Media ID: RITEKF1&n........
Ialready have the caja-image-converter option installed but it shows nothing.
Weirdly enough if you install nemo and nautilus converter it does show and work inside caja:
The solution is to install *-image-converter
sudo apt-get install *-image-converter
Reading package lists... Done
Building dependency tree
Reading state information... Done
Note, selecting 'n........
We all know Linux is known for good memory management but is it really? It seems all on its own with hardly anything running that you can come back in days or weeks and find that almost all of your RAMis used!
And many will say "no don't worry it's buffers for optimization" but it doesn't seem to help because what is in buffers is not available to use for new programs running or ones that allocate more RAM as far as Ican tell.
The reason Iknow........
I can't get vmx cpu extensions to show up in Virtualbox guests despite enabling nested paging and
enable vmx in virtualbox guest but this doesn't help that you check VT-X or the AMD Virtualization SVM it enables it for the guest to use BUT does not pass it through. This means if you check cat /proc/cpuinfo in the guest you will see the CPUdoesn't support virtualization. It looks like VirtualBox still hasn't implemented this!
But there is good news I&n........
InternalServerError (com.vmware.vapi.std.errors.internal_server_error) => {
messages = [LocalizableMessage (com.vmware.vapi.std.localizable_message) => {
id = vapi.bindings.method.impl.unexpected,
defaultMessage = Provider method implementation threw unexpected exception: com.vmware.vapi.std.errors.InternalServerError,
args = [com.vmware.vapi.std.errors.InternalServerError]
}],
data =
}
I was getting the........
nfs mount failed:
mount 10.10.2.20:/tmp/nfsmount /mnt/nfs/
mount: wrong fs type, bad option, bad superblock on 10.10.2.20:/tmp/nfsmount,
missing codepage or helper program, or other error
(for several filesystems (e.g. nfs, cifs) you might
need a /sbin/mount. helper program)
 ........
I had this error in an unsupported CPUon VMWare 6.7 and apparently this sometimes works especially on older VMWare versions like 6.5 5.5 etc (but in my case it did not).
To make sure it proceed when you see "Loading VMWare"
Hit "Shift+O"
Then add "ignoreHeadless=TRUE"
See an example below:........
#mount the VCSA DVD
mount /dev/sr0 /mnt/cd
#alternatively you could mount the iso directly
mount -o loop vcsa.iso /your/mount/path
#for this purpose we are using the CLI installer on Linux
cd /mnt/cd/vcsa-cli-installer/lin64
#no it's not going to be that easy you can't just run vcsa-deploy like that you need to use a template or configured .json file
./vcsa-deploy
Usage: vcsa-deploy [-h] [--version] [--supported-deploymen........
10/07/2018 03:05:14 PM [IPv4] Got connection from client10.10.25.1
10/07/2018 03:05:14 PM other clients:
10/07/2018 03:05:14 PM Client Protocol Version 3.7
10/07/2018 03:05:14 PM Advertising security type 18
10/07/2018 03:05:14 PM Client returned security type 18
10/07/2018 03:05:14 PM TLS Handshake failed: Could not negotiate a supported cipher suite.
10/07/2018 03:05:14 PM Client10.10.25.1 gone
10/07/2018 03:05:14 PM Statistics:........
This basically means that you are running as non-root and you need to be root to create the tun0 or tap0 device on OpenVPN. You could try sudo or adding the openvpn binary to the list of sudoers.........
The main issue is it looks like Java is not configured to accept the invalid ssl cert that is coming from the download location.
Exception in thread "main" java.lang.RuntimeException: javax.net.ssl.SSLException: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error
export ANDROID_HOME=/home/user/Downloads/tools/
Conversations-master$ ./gradlew
Downloading https://services.gradle.org/distributions/grad........
This is most likely to happen on a normal GUI system like Ubuntu or Linux Mint. If you or the user is meant to have sudo / root privileges it is as simple as editing the following files:
Now assume your username is "iamtheuser"
vi /etc/group
adm:x:4:syslog,iamtheuser
sudo:x:27:anotheruser,iamtheuser
Find the above lines and add a comma and "ia........
Database Error
One or more of the WHMCS database tables appear to be either missing or corrupted. Please check and repair.
This error can be misleading especially if you know you are using a known good backup or restoration of the WHMCS database. The error can also be that the user lacks permissions to read and write to the database.
To check to this in MySQL shell:
GRANT read,write to dbusername@localhost on dbna........
This happens because Dovecot limits the maximum IMAPconnections per IPto just 10. This may be fine for a single client side IPbut if an entire office or multiple users are behind one IPor a single heavy user is active then you will get bizarre errors in your e-mail clients such as "Password Incorrect" or similar in Thunderbird. It won't be obvious on the client side as to what the problem is and they will probably just think the server is misconfi........
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, root@localhost and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Apache/2.2.15 (CentOS) Server at testdomain.com Port 80........
This is not the normal "black screen"issue and I was shocked to eventually find out why. The normal advice of reconfiguring Xorg didn't work. Even booting into "Recovery Mode" did not help.
Here is the short end of the stick that fixed it:
sudo apt-get install mdm mate-desktop-environment
Yes you got it right, mdm and the mate-desktop-environment / gnome were somehow uninstalled. This must be whe........
So you restarted your router/dhcpd server or for some other reason you wonder why DHCP is not working on any of your clients?You go and check that named is in fact running fine.
But then you check /var/log/messages and see this error for everything hostname:
named[1525]: error (broken trust chain) resolving 'min-api.cryptocompare.com/A/IN': 173.245.58.78#53
I've only ever seen this when the time on the server was off. It........
This is one thing that has me wondering about SMF. It is apparently a known issue but in the latest version and new install nothing looked right because it was using http://127.0.0.1 to find everything! How on earth would it ever do this or think it is normal?
Excerpt of crazy html code it produces that causes the issue:
........
It is simple the user just needs to be given the "LOCK TABLES" privilege.
As root run this command:
GRANT LOCK TABLES ON yourdatabase.* TO yourmysqluser@localhost;........
GRANT SELECT, LOCK TABLES ON *.* TO yourmysqluser@localhost;
All you need to do a full MySQL dump on all databases is the SELECT and LOCK TABLES privileges. This way you don't have to use the mysql root user. Data could be compromised this way but at least no harm from manipulation, changes or deletion are possible by locking down the privileges to the minimum for a full MySQL dump and backup.........
So I have a domain "testdomain.com".
Inside test domain.com's root is the following .htaccess:
Options +FollowSymLinks -Indexes
ErrorDocument 403 /launch/index.html
Order Deny,Allow
Deny From All
Allow From 192.168.1.2
When you visit anything other than root things work fine. Eg. if you visit http://testdomain.com/somedirfile.html
It will show the right error in /launch/........
Just type the command:
localboot
By default it will boot the first local drive "0". Ibelieve you can specify a different number to boot a different device.
eg.
localboot 3
(will boot the 4th BIOS device)'........
error: Could not locate RPC credentials. No authentication cookie could be found, and no rpcpassword is set in the configuration file
This is usually because the .cookie file cannot be read by the user you are running Litecoin or Bitcoin client/daemon as.
You can adjust the permissions of the file so that the user or group they are apart of has read permissions.
........
curl: (35) Unknown SSL protocol error in connection
The main solution is to update curl and nss. If you are having an issue with curl through Apache/PHPyou will need to restart PHPafter.
It's important to remember that this error could mean a lot of things but most often it simply means that curl and openssl may be outdated and only allow newer secure ways of connecting to SSL.
In general here is how you would fix it in most c........
Normally when I've seen this it's when you are using a variable like a normal string when in fact it's actually an array such as this example:
[Tue Mar 13 04:22:35 2018] [error] PHP Catchable fatal error: Object of class WP_Term could not be converted to string in /vhost/httpdocs/wp-content/plugins/wp-instagram-post/classes/class-woo-igp.php on line 578
&nbs........
I've never seen this before in all of my years. Ihave some very old CDs and DVDs 12-15 years old that seem not to work in this BD-R/DVD-R/CD-R Asus drive.
The discs are fine actually and ironically they even work fine on a normal LG USB based BD-R drive!
Here are the errors in Linux:
[2914936.884924] attempt to access beyond end of device
[2914936.884927] loop1: rw=0, want=730424, limit=688384
[2914954.556873] attempt to........
Some of the cheaper or newer SSL suppliers will require this to work properly (otherwise you may be prompted that the cert is invalid when it's not the case but it will certainly scare off your users!).
In the Apache vhost conf for the domain here is what you add:
SSLCACertificateFile /path/to/your/cafile.pem
Here is a full example of an SSL Vhost config in Apache using a CA Certificate file
........
This happened on Centos for no apparent reason with no obvious issue in the logs. Data could be read fine but not written (possibly due to some corruption or out of memory issue in the OpenVZ container is the best guess).
All mysql update and insert queries failed freezing without any error log on any database and table.
Tried to restart:
service mysqld restart
Timeout error occurred trying to stop MySQL........
MySQL will silently truncate a larger INT than capable.
Check MySQL's own documentation here:
As we can see the maximum size of INT (which is the most commonly used) is 2147483647
A lot of coders make this mistake by using very large values such as 9999999999 but it would actually truncate to 2147483647 which is the maximum size of an INT. This is dangerous beca........
Stopping httpd: [ OK ]
Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/h........
The Linux Kernel interpretated a very high volume of real traffic as a DDOS attack so it basically ends up blocking your web server.
possible SYN flooding on ctid 42131, port 80. Sending cookies.
Simple fix edit sysctl values for max_syn_backlog
sysctl -w net.ipv4.tcp_max_syn_backlog=5000
To make them permanent edit /etc/sysctl.conf
echo "net.ipv4.tcp_........
Check for crap in /var/lib/mysql like this
ls -al /var/lib/mysql/
total 20888
drwxr-xr-x 24 mysql mysql 4096 Oct 3 18:30 .
drwxr-xr-x 20 root root 4096 Oct 3 04:23 ..
-rw-rw-rw- 1 mysql mysql 11776 Oct 3 17:10 c:exp.exe
-rw-rw-rw- 1 mysql mysql 48128 Oct 3 17:10 c:exp1.exe........
myguy@devbox:~$ sudo mdadm -As
myguy@devbox:~$ cat /proc/mdstat |grep sdf
md125 : inactive sdf3[2](S)
sudo mdadm --manage /dev/md125 --run
mdadm: started /dev/md125
........
A great way if you have a bunch of drives and mdadm connected and are looking for backups/archives and don't know what is where!
for md in `cat /proc/mdstat|grep md[0-99]|awk '{print $1}'`; do mkdir /mnt/$md; mount /dev/$md /mnt/$md; done........
You are using Centos 5 which is deprecated so nothing in yum will work until you follow this post to use the vault:
http://realtechtalk.com/Centos_59_Working_Vault_Repo_file-1921-articles
yum update
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* epel: fedora-archive.ip-connect.vn.ua
Traceback........
The code may lead you to believe you have an incompatible template but if you are not trying to use an old template currently that is not the issue. I actually deleted all 3.x style templates to make sure.
What the issue is, is old plugins that are not compatible but Vbulletin does not seem to account for this except that you'll see a fatal PHPerror. You should disable all plugins and then enable one by one until you find the one that is causing the issue.
&........
I have never had this error on Linux and this is running FreeBSD as root:
Wed Aug 9 04:29:34 2017 us=329050 Cannot allocate TUN/TAP dev dynamically
Wed Aug 9 04:29:34 2017 us=329832 Exiting due to fatal error
The Solution you need a kernel module that is for some reason not automatically loaded like Linux:
kldload if_tap........
sudo mount -a
Unable to find suitable address.
[35758.706993] CIFS VFS: Error connecting to socket. Aborting operation.
[35758.707247] CIFS VFS: cifs_mount failed w/return code = -111
[35795.476160] CIFS VFS: Error connecting to socket. Aborting operation.
[35795.476346] CIFS VFS: cifs_mount failed w/return code = -111
When the above happens "Unable eto find suitable address" it usually means the smb nam........
Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]
Some say changing the "leftprotoport=17/%any" will fix this but I have not found this to be the case.
Essentially it means at least one end is blocking the ipsec packets. Sometimes the %any allows an alt........
I have never had this error on Linux and this is running FreeBSD as root:
Wed Aug 9 04:29:34 2017 us=329050 Cannot allocate TUN/TAP dev dynamically
Wed Aug 9 04:29:34 2017 us=329832 Exiting due to fatal error
The Solution
You need a kernel module that is for some reason not automatically loaded like Linux:
kldload if_tap........
sudo tar --ignore-failed-read -czvf mycomputer-backup.tar.gz --exclude=/home/otheruser/* --exclude=/proc/* --exclude=/sys/* /
Note the --exclude clauses and modify/add according to your needs........
This is an important feature a failed read can genuinely occur if a temporary file has been removed or if you try backing up a sysetm file in /proc /sys (which you shouldn't really anyway).
The way to fix this is the following switch:
--ignore-failed-read
Example:
sudo tar --ignore-failed-read -czvf mycomputer-backup.tar.gz --exclude=/home/otheruser/* --exclude=/proc/* --e........
When using the .sh script the rendering doesn't work after an upgrade of related packages to kdenlive.
kdenlive (kdenlive:amd64 (4:17.04.1+git201705191233~ubuntu16.04.1)) with affine or composite transitions was fine but is now broken during the time of transition it is just a white screen.
The previous version was fine:
kdenlive:amd64 (4:17.04.1+git201705191233~ubuntu16.04.1
But now I can't find it or install it:........
[1035724.274610] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=62076478 end=62076479) time 102 us, min 894, max 899, scanline start 893, end 900
W: Possible missing firmware /lib/firmware/i915/kbl_dmc_ver1.bin for module i915_bpo
I've been getting those errors on a J3455 NUC box with the latest kernel on Linux Mint 18.2. When updating the initramfs I also got the error about the firmware........
Solution:
Aptitude is very smart and fixed the issues it was because of nvidia cuda and opencl and nothing else suggested or hinted this using apt
sudo aptitude install wine
The following NEW packages will be installed:
ocl-icd-libopencl1{ab} ocl-icd-libopencl1:i386{ab} wine wine1.6
wine1.6-amd64{a} wine1.6-i386:i386{a}
The following packages will be REMOVED:........
When things go wrong your video is basically unplayable or the first video plays fine and then freezes when moving on to the next. Generally if both videos weren't produced with the exact 100% same settings you will have issues. You can try the basic concat but it often won't work right.
Solution for me:
My example uses 3 videos in total so "n=3" and a=1 to include audio.
ffmpeg -threads 12 -i file1.mp4 -........
I believe from what I've read that this card's driver doesn't support the features after trying all known troubleshooting methods.
ffmpeg -i uservideoRendered.mp4 -filter:v hwupload_cuda,scale_npp=w=1920:h=1080:format=nv12:interp_algo=lanczos,hwdownload -c:v hevc_nvenc -profile main -preset slow -rc vbr_hq -c:a copy uservideoRendered.mp4-test
ffmpeg -i uservideoRendered.mp4 -filter:v hwupload_cuda,scale_npp=w=1920:h=1080:format=nv12:interp_algo=lanczos,hwdownload........
Essentially a program I was running for mining did not terminate properly with Ctrl+C it is listed as defunct and cannot be killed, kernel is tainted and normal tricks to disable the port are impossible the dev and sys entries for the device cannot be browsed or interacted with in any form without a lockup of the request. The only solution is to reboot due to the kernel taint as far as I can find so far.
[1130246.811056] INFO: task minerd:21861 blocked for more th........
#if you have nvidia make sure you install the nvidia-cuda-toolkit so hardware acceleration can be used
wget http://ffmpeg.org/releases/ffmpeg-3.3.2.tar.bz2
tar -jxvf ffmpeg-3.3.2.tar.bz2
cd ffmpeg-3.3.2/
./configure --disable-yasm
install prefix /usr/local
source path ........
Done on Centos 7.3 very important as clearly based on older guides it was a lot easier and more simpler! Hint do not use grub2-install!
If you have trouble booting after this check this CentOS mdadm RAID booting/fixing guide.
One huge caveat if you are an oldschool user or sysadmin who has avoided UEFIbooting
The nor........
This is a 8TB Seagate external USB 3.0 device apparently newer kernels use a module called "UAS" instead of "USB Storage" which causes issues as a lot of devices are not properly supported in UAS mode by the kernel driver. The solution some say is to disable UAS specifically for your USB device but I'd rather just disable UAS altogether.
Solution blacklist UAS: *do not do this it does not work and just causes your USB 3.0........
I am using a GTX 1060 but replace the download for the driver with the correct/current version for your particular card by visiting: http://www.nvidia.com/Download/index.aspx?lang=en-us
yum install automake curl openssl-devel libcurl-devel gcc gcc-c++
yum -y install kernel-devel-`uname -r`
yum -y install unzip
#the........
This is a common issue, what if a issue shouldn't have root but you want to use that user to make a full backup of a system? They of course need root access.
You can actually just give them passwordless sudo access to rsync in /etc/sudoers:
sudo vi /etc/sudoers
yourusername ALL = NOPASSWD: /usr/bin/rsync
Here is how you would execute rsync:
The key thing for the remote host is to........
When running cudaminer once it tries to initialize the card the entire screen freezes. The computer itself is still running but the Xorg is done for, you cannot even switch to another console window and must reboot (even an mdm or Xorg restart does not help).
At first cudaminer will give you these errors:
stratrum_recv_line failed
...retry after 15 seconds
GPU #0: Geforce 210 with compute ca........
[2017/06/12 21:14:04.991169, 0] ../source3/param/loadparm.c:3259(process_usershare_file)
process_usershare_file: stat of /var/lib/samba/usershares/dump failed. Permission denied
Issue was the parent directory needed chmod 755........
Jun 1 15:45:42 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: project_data:INFO Missing folder chosen by user:
Jun 1 15:45:42 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: project_data:INFO Removed missing file: MAH02949.MP4
Jun 1 15:45:57 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: ui_util:WARNING Icon theme media-playback-start not found. Will use backup........
These errors believe it or not are simply because of not being the root user or running with sudo! However if you didn't know to try as root you'd think there was a problem with your burner or disc Essentially it looks like without root you cannot send the required scsi commands to continue writing. Ithink cdrecord should have built-in tests or safeguards to see if it has the permissions to run the required commands.
I guess for more advanced users the idea is simila........
*Update so this doesn't work it must be something to do with the path of nfs or something else but the installer fails with "Installer crashed" at the end whereas with the CD/USB it works.
This assumes you've already installed and configured a separate PXE/DHCP server somewhere else and your /tftpboot directory is setup.
This is for Linux Mint 18.1 but generally applies to most versions although you may have tro change things like "casper"........
Error while connecting to MYSQL: (XID 4ea7s9) Access denied for user 'root'@'localhost' (using password: YES) at /usr/local/cpanel/Cpanel/Mysql.pm line 181
Solution
This error occurs because the /root/.my.cnf has the wrong/outdated password for MySQL root user. Simply edit /root/.my.cnf with the correct user. This normally happens if you update outside of cPanel.........
1.) gedit/pluma
both very good the only thing I wish is that there was an autosave for unsaved documents! The only other competitor which is similar but I prefer less is kwrite (although I think kwrite may have proper autosave)
pluma seems to be a renamed gedit yet gedit is still installable on Linux Mint)
........
espeak - is horrible and sounds very old and robotic
echo "hello there"|espeak
#don't know how to use
mbrola and plugins
cicero
jovie just seems to be a graphical interface to espeak
There is also sbreader/sapi
Google's Text To Speech Works Quite Well
#!/bin/bash
say() { local IFS=+;/usr/bin/mplayer -ao alsa -really-quiet -noconsolec........
This error is commonly due to Java security or TLS settings but there is a second issue with forwarded ports that also causes it.
1. Java Security/TLS Settings issue:
This article has the solution to change them all in Linux automatically
2. Port Forwarding Issue if your Avocent DSR is behind NAT/private IP........
Centos 7 is no cakewalk, there are many fundamental features and basic utilities that are missing or even completely renamed or different!
Another shocking thing is to check your NIC it is set by default to not turn on when booting!
And by the way there is no more standard eth0 the NIC convention is now "enp0s3"
vi /etc/sysconfig/network-scripts/ifcfg-enp0s3........
This is especially helpful if you run your own servers. If you are presented with an error message or warning that the signature has changed or does not match the IP/domain you are connecting to you always want to verify manually.
So your e-mail/web client will show you an SHA-1 fingerprint like this:
"Could not verify this certificate because the issuer is unkown" or other reasons such as a mismatch in IP/domain.
It will also show you........
In short the two drives in the array were /dev/sdd and /dev/sde. The kernel sees they were unplugged and have gone down as you can see below.
mdadm caught the first one being unplugged /dev/sde and disabled the missing drive. However when the final drive that was part of the array is unplugged it didn't notice at all. Instead it complains about an IO error later for drives that the kernel knows do not exist anymore.
[45817.162728] ata4: exception........
1.) Replicate the number of partitions in your new drives.
gdisk /dev/sda
gdisk /dev/sdb
I created 3 partitions of the same same size.
partition #1: +1G (/boot)
partition #2: +60G (swap)
partition #3: rest of it (/)
#note if you are using GPT/gdisk you need to create separate a partition at least 1MB in size (in my case I would a 4th partition and mark it type ef02).........
Remove the failed partition /dev/sde1
mdadm --manage /dev/md99 -r /dev/sde1
mdadm: hot removed /dev/sde1 from /dev/md99
Now add another drive back to replace it:
# mdadm --manage /dev/md99 -a /dev/sdf1
mdadm: added /dev/sdf1
A "cat /proc/mdstat" should show it resyncing if all is well.........
In short the solution is just to use vgremove for the actual /dev/mapper device:
vgremove /dev/mapper/backups-backuplv
box mnt # mdadm --manage /dev/md8 --stop
mdadm: Cannot get exclusive access to /dev/md8:Perhaps a running process, mounted filesystem or active volume group?
box mnt # lv
lvchange lvconvert lvcreate l........
This was a surprising bug but I unplugged all drives for an array md127. At first it was just 1 drive and mdadm seemed to notice this. I unplugged the second drive taking the array offline but mdadm did not realize it was offline and still showed a non-existent disk as being part of it. This created problems trying to unmount it or even to stop this array with mdadm freezing.
As for how to fix it I can only think of making sure you are not in a mounted path of........
This seems to only happen from a bash script but it's not clear why it works from the terminal but not from a bash script.........
[Thu Jan 26 14:13:31 2017] [notice] caught SIGTERM, shutting down
[Thu Jan 26 14:14:00 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jan 26 14:14:00 2017] [error] Server certificate is expired: 'Server-Cert'
[Thu Jan 26 14:14:00 2017] [notice] SSL FIPS mode disabled
[Thu Jan 26 14:14:07 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jan 26 14:14:07 2017] [error] Server certificate is expired: 'Server-Ce........
Uh oh
[17925926.174277] block drbd0: Handshake successful: Agreed network protocol version 96
[17925926.174325] block drbd0: conn( WFConnection -> WFReportParams )
[17925926.174342] block drbd0: Starting asender thread (from drbd0_receiver [1682])
[17925926.174432] block drbd0: data-integrity-alg:
[17925926.174581] block drbd0: drbd_sync_handshake:
[17925926.174586] block drbd0: self 2AAE66AF9252D6DB:2815BF........
Many users still are not aware but simply patching OpenSSL does not secure you against many known and easy to exploit attacks that will render your encryption useless by an attacker.
Use the following setings in /etc/httpd/conf.d/ssl.conf
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !CAMELLIA !SEED !3DES !RC4 !aNULL !eNULL !LOW !MD5 !EXP !PSK !........
The solution is simple but strange, if you copy your /var/lib/mysql directory to another server and think it will work, be sure to check if you have /var/log/mysql and binary log files. If you do, the server will not work and will give you errors like below and crash without the proper log files.
UPDATE user SET password=password("newpass") WHERE user='root';
flush privileges;
ERROR 2013 (HY000): Lost connection to MySQL server durin........
The "-S" switch is important as it works with sockets if you use "-f" it will not detect the socket file is there.
if [ ! -S "/var/lib/mysql/mysql.sock" ]; then
echo "Socket does not exist, restarting"
service mysqld restart
fi........
2017-01-12 14:25:36 529 (ERROR): The installer was unable to verify that your kernel supports IPv6.
2017-01-12 14:25:36 530 (ERROR): The message received when trying to create an IPv6 socket was Address already in use
2017-01-12 14:25:36 531 (ERROR): Please ensure that the ipv6 module is enabled and loaded in your kernel.
2017-01-12 14:25:36 532 (FATAL): Exiting...
Solution
This happened........
Change Host="192.168.5.99" with the remote IP allowed(this is of course more secure but also cumbersome if your IP changes). You could also have a single layer of protection that specifies the IP via firewall or both (of course both are far mor secure).
UPDATE user SET Host="192.168.5.99" where Host="localhost"
or for any/wildcard
UPDATE user SET Host="%" where Host="localhost&qu........
I created a new partition table on a newly plugged in device and it caused fdisk to hang (even force kill does not work). It also may be a bad drive or some other issue because fdisk -l hangs after the first 2 HDDs (totaly of 8 HDDs on this system):
[1232879.903596] INFO: task fdisk:27176 blocked for more than 120 seconds.
[1232879.903607] Tainted: P&nbs........
iptables -t nat -A OUTPUT -m addrtype --src-type LOCAL --dst-type LOCAL -p tcp --dport 3306 -j DNAT --to-destination ip.ip.ip.ip
iptables -t nat -A POSTROUTING -m addrtype --src-type LOCAL --dst-type UNICAST -j MASQUERADE
sysctl -w net.ipv4.conf.all.route_localnet=1
Make sure you substitute "ip.ip.ip.ip" for your real public IP and also the "--dport 3306" for the port you want to forward.
Finally run the sysctl command and........
forcedeth 0000:00:08.0: irq 25 for MSI/MSI-X
forcedeth 0000:00:08.0: eth0: MSI enabled
forcedeth 0000:00:08.0: eth0: no link during initialization
ADDRCONF(NETDEV_UP): eth0: link is not ready
forcedeth 0000:00:08.0: eth0: link up
ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
Dec 1 18:21:32 box15 kernel: forcedeth: Reverse Engineered nForce ethernet driver. Version 0.64.
Dec 1 18:21:32 box15 kernel........
If you want to make sure only a certain IP can access your server for any service or protocol here is a way to do it (just be sure you have access to the IP(s) mentioned or you will be locked out).
iptables -F
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp -s IP.IP.IP.IP -j ACCEPT
iptables -A INPUT -j DROP
serv........
Everytime I've seen this error "/dev/drbd0: State change failed: (-2) Need access to UpToDate data" it is because DRBD has no disk:
cat /proc/drbd
version: 8.3.13 (api:88/proto:86-96)
GIT-hash: 83ca112086600faacab2f157bc5a9324f7bd7f77 build by root@sighted, 2012-10-09 12:47:51
0: cs:Connected ro:Secondary/Secondary ds:Diskless/Inconsistent A r-----
ns:0 nr:0 dw:0 dr:0 al........
M4A is a weird format, so you have to be creative here is a quick copy of what I did.
Basically you need to convert to .wav to make use of them and thenI converted the resulting .wav into an mp3 (nice small file size and basically universally playable):
=======
sudo apt-get install mpg321 mp3gain faad normalize lame
faad "Voice 002 (copy).m4a"
faad "Voice 002 (copy).m4a"........
Tired of checking iotop and seeing that your drbd partition is using 99.99% of io all the time and finding your drbd device performs slow in general?
This is especially an issue in versions of DRBD in the 8.3 tree in particular one documented case is on "8.3.13" but it likely applies to other devices.
The symptoms are that resyncing is fine and normal but any reasonable amount of activity is very slow and lagged and creates a high server load and con........
It is possible to tell mdadm to create an md device on a raw disk even though it will give you an error, it writes a superblock and this corrupts the partition table which can result in your system not booting.
To fix it just zero the super-block on the offending device that you made the mistake in.
Eg: /dev/sda
mdadm --zero-superblock /dev/sda
It is also a way of starting fresh if you wanted to create a new array.........
I still cannot understand how this would not be enabled by default and I struggled to find the reason why with manually installing samba etc.. wondering why the option for sharing was not in the menu.
On Linux Mint "MATE" the package is called "caja-share" and on Cinnamon it is called "nemo-share" so edit the below command as necessary:
*Also note that the "samba" package is necessary as it is not inst........
This happened while an mdadm array was syncing, all access from writing a new blank file to opening a small .txt file was very slow:
[222117.312078] kjournald starting. Commit interval 5 seconds
[222117.685060] EXT3-fs (md0): using internal journal
[222117.685096] EXT3-fs (md0): mounted filesystem with ordered data mode
[222122.376847] kjournald starting. Commit interval 5 seconds
[222122.602825] EXT3-fs (md2): using internal jour........
It all comes down to a bug essentially where you are running an older kernel that doesn't support the newer Debian templates. The solution is to update your OpenVZ kernel.
Here are some symptoms of the problem/lack of kernel support:
Ubuntu Template 12.04 requires a manual network start:
service networking start
sshd will not start:
/usr/sbin/sshd
PRNG is not seeded
mknod /dev/random c 1 8........
When you start uploading larger images in Wordpress you have to make sure your maximum attachment size is large enough and that the execution time is not too short:
Uploading
Error
HTTP error.
[Thu May 12 16:32:25 2016] [error] [client 10.10.5.2] PHP Fatal error: Maximum execution time of 30 seconds exceeded in /httpdocs/blog/wp-includes/class-wp-image-editor-gd.php on line 182
Solution Edit p........
This is a common mistake but many people do not realize this function comes from mysql itself, so therefore you need an active mysql connection open.
Usually the string will be empty and null when you call it from outside of the database connection portion of your code.
eg. an example of the wrong way and creating a null/empty string
$var = mysql_real_escape_string($myself)
mysql_connect();
// returns n........
pip install obfsproxy
/usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
You are using pip version 7.1.0, however version 8.1.1 i........
cp -a /your/source/. /your/dest/
-a preserves all file atributes and symlinks
the "." at the end of /source/ includes all hidden files such as .htacess, .bash_history, .ssh etc..
The / in /dest/ makes sure the contents go into it instead of replacing /dest itself (eg. if you did not have the / at the end).........
This is a simple fix but not a simple problem and it still doesn't make sense to me.
But in a nutshell if your target proxy server works fast when accessing directly over SSL then this may be your issue.
It seems SSL does not play nicely when the target proxy destination/host has a riduculously long key (such as 8192 bits long). Now this is normally not a problem, in fact the target server could be accessed with hardly any delay directly despite such a long key.........
At first my BIOS said the card may not work right because there is no more option ROM space.
I disabled the Option ROM for both LSI 1068 and 2008 chipsets, Network Boot ROM and most other PCI slots, Serial Port, etc... and the message went away but the card still does not work properly.
But it still cannot initialize the card properly(does not work):
[ 33.943272] NVRM: This PCI I/O region assigned to your NVIDIA device is invalid:........
Download from here http://www.avagotech.com/products/server-storage/host-bus-adapters/sas-9200-8e#downloads
sudo Installer_P20_for_Linux/sas2flash_linux_i686_x86-64_rel/sas2flash -listall
LSI Corporation SAS2 Flash Utility
Version 20.00.00.00 (2014.09.18)
Copyright (c) 2008-2014 LSI Corporation. All rights reserved
&nbs........
There are a few ways of doing this and all basically involve using the reverse proxy or "ProxyPass" feature of Apache to accomplish it.
1.) Create a normal vhost and simply symlink the root directory of the site you want to mirror.
Eg. originalsite.com and newsite.com
/vhosts/originalsite.com/httpdocs
You would symlink like this:
ln -s /vhosts/originalsite.com/httpdocs vhosts/originalsite.com/........
I modified the default to the following for faster local dialing for North American area codes:
(*xx|[3469]11|0|00 [2-9]xxxxxxS0|[2-9]xxxxxxxxxS0|1xxx[2-9]xxxxxxS0|xxxxxxxxxxxx.)
This is what I added to the above: "[2-9]xxxxxxxxxS0" so any 9 digit number is dialed instantly xxx-xxx-xxxx (the S0 at the end makes it dial right away). This makes dialing much quicker and is recommended.
*No........
This is a real pain because I had to manually unplug ethernet cables for network testing or to use an alternate network or guarantee physical access to one network segment is cut off.
For some reason this happened after Ikilled dbus because it was confused and blocking packets thinking they were coming from the wrong interface since eth0 and eth1 both had the same subnet and gateway.
I eventually did a "service network-manager restart" but the option was........
The location of the hash is stored in the configuration.php file and is really a bit of pain to have to pull out everytime but this is how WHMCS stores its encryption key hash to see the full credit card number.........
Debian/Ubuntu vi keyboard problem, up and down arrows do not work and instead make an A (Up), B (Down), C (Right) or D(Left).
The working solution
(you could also add the set nocompatible to /etc/vim/vimrc to make it system wide-will not be applied until reboot I believe):
echo "set nocompatible" > ~/.vimr........
Add the following to fstab where 192.168.1.125/Media is the samba share and where /home/homeuser/Downloads is where you want to mount.
Change user and pass to what is needed (if no pass is required it still works fine with the below).
//192.168.1.125/Media /home/homeuser/Downloads cifs user=guest,pass=bla 0 0
mount: wrong fs type, bad option, bad superblock on //192.168.1.125/Media,
&nbs........
This command in Debian/Ubuntu/Mint will get everything need installed for most Java based KVM viewers:
sudo apt install icedtea-netx
The following additional packages will be installed:
ca-certificates-java icedtea-netx-common openjdk-8-jre openjdk-8-jre-headless
It seems every other updated version of Java or Icedtea breaks things and I will save the frustration of Java for another post.........
How to Increase The Disk and Partition Size in Windows 2022,2019,11,10,8,7 etc.. Server
1, Enter the command prompt
Start -> cmd
2. Start diskpart
diskpart
3. Find the drive that has the wrong size
list volume
4. Select the volume (in this example we use volume 2)
select volume 2
5. Extend the volume........
Here is the scenario you or a client have a remote machine that was installed as a standard/default minimal Centos 6.x machine on a single disk with LVM for whatever reason. Often many people do not know how to install it to a RAID array so it is common to have this problem and why reinstall if you don't need to? In some cases on a remote system you can't easily reinstall without physical or KVM access.
So in this case you add a second physical or disk or already ha........
#solution
Edit /etc/yum.repos.d/openvz.repo
For the first two entries comment out #mirrorlist and uncomment #baseurl and then it worked
openvz yum problem Centos 6.5 cannot find file on mirror:
yum update
Loaded plugins: fastestmirror
Determining fastest mirrors
* openvz-kernel-rhel6: mirrors.ustc.edu.cn
* openvz-utils: mirrors.ustc.edu.cn
base ........
Iwas surprised to see that Linux Mint at the latest 17.2 version still has NO mdadm installer option, and worse the installer will not be able to create a proper booting environment even when you do install it.
How to setup mdadm in Linux mint LiveCD
sudo su
apt-get install mdadm
# partition as you need and then create your mdadm devices
# create your SWAP md0
mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/sda1 /d........
freshclam
ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!).
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
Tue Oct 13 13:49:35 2015 -> WARNING: Incremental update failed, trying to download daily.cvd
Tue Oct 13 13:49:35 2015 -> WARNING: Can't download daily.cvd from db.local.clamav.net
Tue Oct 13 13:49:35 2015 -> Trying again in 5 secs...........
sudo apt-get install zoneminder
[sudo] password for one:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libuser-perl python-evince kdebase-apps kwrite unixodbc
libgnomeprint2.2-data python-soappy vgabios python-metacity hddtemp
python-mediaprof........
[ 2868.041375] ata1: EH in SWNCQ mode,QC:qc_active 0x40 sactive 0x40
[ 2868.041554] ata1: SWNCQ:qc_active 0x40 defer_bits 0x0 last_issue_tag 0x6
[ 2868.041556] dhfis 0x40 dmafis 0x40 sdbfis 0x20
[ 2868.041874] ata1: ATA_REG 0x41 ERR_REG 0x84
[ 2868.042013] ata1: tag : dhfis dmafis sdbfis sactive
[ 2868.042163] ata1: tag 0x6: 1 1 0 1
[ 2868.042301] ata1.00: exception Emask 0x1 SAct 0x40 SErr 0x400000 action 0x6 frozen
[........
So the situaton is this, you depend on things being relevant to where your bash script is and to be safe you want it to be dynamic (eg. do not hard code that we switch to /abc/dir but rather detect where script.sh is located).
scriptlocation="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
The path is then contained the the variable "scriptlocation" so you can cd to it in your script etc............
I never did get it working, it is too bad as obfsproxy should really be an option and integrated into the OpenVPN client and server or something similar:
yum -y install python-pip python-devel
No package python-pip available.
#install the EPEL repo
python-pip install obfsproxy
python-pip install obfsproxy
-bash: python-pip: command not found
pip install obfsproxy
&........
rsync -Phaz --exclude=/dev/* --exclude=/sys/* --exclude=/proc/* --exclude=/mnt/md126 / /mnt/md126........
Use netstat with the -anpe option. The e option shows the inodes and I do not know if it will always work or if it was by fluke but I was dealing with dozens of SSHsessions and needed to know which session was related to which forward (the PIDs of the SSHand SSHD did not match etc...)
Notice the "59560675" and "59560762" those are almost identical, if you find two sets that are nearly identical except for the last 3 digits they may match (in my ca........
Message from syslogd@server at Sep 14 11:35:59 ...
kernel:[Hardware Error]: MC4 Error (node 1): DRAM ECC error detected on the NB.
Message from syslogd@server at Sep 14 11:35:59 ...
kernel:[Hardware Error]: Error Status: Corrected error, no action required.
Message from syslogd@server at Sep 14 11:35:59 ...
kernel:[Hardware Error]: CPU:6 (10:8:0) MC4_STATUS[Over|CE|MiscV|-|AddrV|CECC]: 0xdc00400021080813........
Avocent Unable to load resource avctVideo.jar
Avocent requires port 80 and 443 to be forwarded or you will get a message like above if it's on a NAT network and you are accessing it from the outside (internet).........
1.) My screensaver would take a long time to disable after hitting a key.
2.) Usually errors like below will follow.
3.) Compiz sometimes uses 100% or high CPU
4.) My window controls will disable (eg. the minimize, maximize and close buttons).
It seems like Compiz or appearance/effects disable themselves. Re-enabling Desktop Effects under Appearance temporarily fixes it.
5.) high load in general from things like "Migration" pr........
-------------------------------------
ProCurve J4903A Switch 2824
Software revision I.10.77
Copyright (C) 1991-2009 Hewlett-Packard Co. All Rights Reserved.
RESTRICTED RIGHTS LEGEND
Use, duplication, or disclosure by the Government is subject to restrictions........
0000:00:00.0 RAM memory: NVIDIA Corporation MCP55 Memory Controller (rev a2)
0000:00:01.0 ISA bridge: NVIDIA Corporation MCP55 LPC Bridge (rev a3)
0000:00:01.1 SMBus: NVIDIA Corporation MCP55 SMBus (rev a3)
0000:00:02.0 USB controller: NVIDIA Corporation MCP55 USB Controller (rev a1)
0000:00:02.1 USB controller: NVIDIA Corporation MCP55 USB Controller (rev a2)
0000:00:05.0 IDE interface: NVIDIA Corporation MCP55 SATA Controller (rev a3)
0000:00:05.1 I........
Motherboard: Gigabyte GA-3CESL: http://b2b.gigabyte.com/products/product-page.aspx?pid=2658#dl
Dell Part Numbers for the motherboard: R1232 R1232L R2232S SERVER MOTHERBOARD GENUINE 408P9 CN-0408P9
GA-3CESL Manual Download here
RAMSlots: 16 (8 controlled by each CPU)
RAMType: DDR2 ECC 5300P........
[Tue Jun 23 02:05:52 2015] [error] Unable to configure RSA server private key
[Tue Jun 23 02:05:52 2015] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
The above is an accurate description of what is wrong.
In our case the client made a simple mistake of thinking the localhost.crt and localhost.key (default key locations for Apache SSL in Centos) were in the same directory but they we........
No response from subprocess (whostmgr (whostmgr)): The subprocess exited with status 12 (ENOMEM).
This happened on a client's VPS which ran out of memory.........
What matters most about VPNproviders in 2024?
We are highly suspicious of VERYLARGE VPN providers that have LOW PRICES and HUGE DISCOUNTS. The suspicion is that for those who know what costs are involved to purchase thousands of IPs and servers are not small. At the prices that many of the big mainstream providers offer, it is likely unprofitable or barely profitable. Then, how are those companies making money or is that even the goal?
There use........
Install the "Flashblock" plugin because we all know most unwanted high CPU usage situations come from the browser usually because of a looping Flash ad taking up 100% CPU.
The solution is to install the "Flashblock" plugin that doesn't allow any Flash to load and play unless you click on the placeholder.........
The solution is to run '/etc/init.d/vboxdrv setup' and sometimes happens when upgrading VBox and the kernel modules don't get upgraded with it. Sometimes the above doesn't work until you reboot because sometimes other unknown processes (even the file manager possibly) may be locking the old module from being unloaded.
Failed to open a session for the virtual machine XP.
The virtual machine 'XP' has terminated unexpectedly during startup with exit code 1.........
wget http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz
tar xzvf bash-4.3.tar.gz
cd bash-4.3/
wget --no-directories --level 1 --recursive http://ftp.gnu.org/gnu/bash/bash-4.3-patches/
for patch in `ls bash43-*|grep -v .sig$`; do
echo applying "$patch"
patch -p0 < $patch
done
./configure;make;make install
#it will install to /usr/bin/bash but if your bash is somewhere else you need to overwrite the old one.........
i337 Canada on Bell is hard to root or even install TWRP
Installed TWRP from Odin and my computer gave me the bluescreen at the end but it seemed to be successful (after ODIN said reset).
TWRP mode does not seem to enter, instead you get the Android recovery mode with Volume up + Home
http://galaxys4root.com/galaxy-s4-root/how-to-root-att-or-verizon-galaxy-s4-on-android-4-4-2/
1.)........
The most common solution is to use the /etc/postfix/header_checks but this is a big problem.
Why is header_checks a problem? Because it does it to all mail whether incoming or outgoing and whether authenticated or not. We of course want as much header information for incoming as we can get for many reasons but many organizations want to secure and make their mail clients as secure as possible.
I adapted this solution to the client's custom config, they are configur........
It really seems that 4.4.4 is not ready or stable for the i717 yet and this makes sense since it takes a lot of work/development and testing to get the factory stock ROMs working well. In the end I used the 4.1.2 based Blackstra BlackJelly because it was fast, stable and just works and feels great. The aftermarket support is great but many devs are focussed on adding features and customization that most of us don't want or need rather than getting things smooth and stable.........
Unable to mount iPad 4
Unhandled Lockdown error (-4)
This is because you need the libimobiledevice-utils package installed and a newer version of it.
My older Ubuntu 10.10 uses a version that does not have "idevicepair" which seems to work perfectly and automatically with newer versions of the library.
Basically if you install the above library it should be plug and play and if your imobiledevice-utils doesn't have 'idevice........
https://www.2checkout.com/documentation/notifications/order-created
It shows all the parameters that get passed so you can make a simple script to process it.
To enable 2CONotifications you need to do the following:
Login
Browse to the top right to an icon that looks like a "circle with horizontal lines inside" - Notifications.
Enter the appropriate URL for your IPN/Notification processing script (........
It was hard to find this as I find most online payment processors don't just put the basic information in plain view.
Remember to set your sid (your seller id). The below can easily be turned into a scripted PHP template to integrate into your own custom or existing payment solution.
http://help.2checkout.com/articles/How_to/How-to-Sell-Recurring-Products-with-2Checkout/........
CPanel says you can access 98% of the functions through CLI which experienced Unix/Linux admins prefer for simplicity and for scripting. I've never found CPanel easy to use from the admin panel, it seems everything is hard to find and a simple task becomes a series of hunts.
So for people like me here's the list: http://cpanel.net/system-administrators/command-line-scrip........
Many may ask why would you need to do this? When upgrading from phpBB 2 to 3 the conversion does not keep the admin user you create. If your old admin user has an email address associated that no longer works or is accessible this makes it impossible to reset the admin password.
Some may just say "I'll just manually edit the e-mail address" but it won't work and phpBB will fail to find that user if you don't update the "user_email_hash" field but how do........
Enter the console as root
mysql -u root -p
Then kill the process (where 1234 = the thread ID)
kill 1234
It's also a good idea to use a tool like "mtop" to monitor which processes and queries are slow, killing them is a temporary fix while you try to isolate the actual problem.........
It is located in /root/.my.cnf
This is truly a horrible idea and a security flaw and on top of that MySQL port 3306 is wide open by default with CPanel.........
This is what fixed it:
[root@box13 ~]# dd if=/dev/zero of=/dev/md160 bs=512 count=500
Basically you need to wipe out more than just the 512 byte partition table so 512 bytes * 500 is more than enough to make DRBD happy and think the partition is now empty.
The reason this happens is because it gets confused when there is a previous partition with data on the device you are using.
root@box13 ~]# d........
I used the matching 8.3.13 utilities and it didn't work but strangely the newer 8.3.16 which makes DRBD complain works just fine.
GIT-hash: 83ca112086600faacab2f157bc5a9324f7bd7f77 build by root@sighted, 2012-10-09 12:47:51
0: cs:SyncSource ro:Secondary/Primary ds:UpToDate/Inconsistent A r-----
ns:0 nr:0 dw:0 dr:0 al:0 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:b oos:5236960
&am........
ERROR: make_io_childpair: cannot open ucast br0
You cannot specify ucast br0 without an IP address associated with it.........
It's always bothered me how Wordpress basically forces the user to provide their hosting credentials to install themes and plugins. How do know for sure the data is not being saved, intercepted and being provided backdoor access to the NSA or other agencies or even just being misused by others with access?
Here's how to close the security hole above and if you're already given Wordpress your credentials make sure you change everything associated it with it. Eg. change your........
# first we need a physical volume which we use the pvcreate tool to create
# I create mine on /dev/sdb3
pvcreate /dev/sdb3
dev_is_mpath: failed to get device for 8:19
Physical volume "/dev/sdb3" successfully created
# pvdisplay shows the newly created volume
pvdisplay
"/dev/sdb3" is a new physical volume of "1.35 TiB"
--- NEW Physical volume ---
PV N........
#count=10000 makes an image of 10000MB make sure your image is at least the same as your existing
dd if=/dev/zero of=yourimage.img bs=1M count=10000
# losetup -fv newimage.raw
# fdisk -cu /dev/loop0
# kpartx -a /dev/loop0
# dd if= of=/dev/mapper/loop0p1
# e2fsck -f /dev/mapper/loop0p1
# resize2fs /dev/mapper/loop0p1
# a lot of guides tell you to edit /etc/fst........
http://realtechtalk.com/downloads/virtio-win-0.1-74.iso
Current Direct stable URL from Fedora: https://fedoraproject.org/wiki/Windows_Virtio_Drivers
Direct Downoad of Stable Virtio: https://fedorap........
"Detecting hardware, please wait..."
Solution
This occurs if you are installing with low RAM such as 128MB
Bump it up at least to 512MB for the install........
This can happen when you install RPMForge or other repos with the wrong architecture and here's how you fix it (simply uninstalling won't usually fix it):
solution
yum clean all
yum -y install openvpn
Loaded plugins: fastestmirror, presto
Loading mirror speeds from cached hostfile
* base: mirror.its.sfu.ca
* extras: centos.mirror.nexicom.net
* rpmforge: mirror.cpsc.ucalgary.ca
* up........
nf_conntrack: table full, dropping packet
The above in some cases I've seen is a sign of a DOS attack or can occur if users are using services like torrenting, proxy, VPNetc... Do not take it lightly as the above can knock a server offline if the table becomes full and I've also seen full crashes and kernel panics shortly after.
........
root@hkhosting [/]# service httpd start
Starting httpd: Syntax error on line 2 of /etc/httpd/conf/httpd.conf:
Invalid command 'Alias', perhaps misspelled or defined by a module not included in the server configuration
........
I never found a solution to do it live (nothing worked that I found) so it looks like a relogin is required.
Check your maximum file limit
cat /proc/sys/fs/file-max
824460
This is different than your actual's user limit which you'll see below
ulimit -n
1024
Try and set it higher but it won't work
ulimit -n 65000........
It's not as simple as "yum install" as you can see below and it doesn't stop there.
yum install php53
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* rpmforge: mirror.us.leaseweb.net
* extras: centos.mirror.rafal.ca
* updates: centos.mirror.nexicom.net
* base: centos.mirror.nexicom.net
* addons: centos.mirror.nexicom.net
Setting up Install Process........
I was worried the server was hacked, I was logged in already as root but couldn't login to CPanel or a new SSHsession. I even reset the password from the shell and it did not work still.
The reason is CPanel Hulk, it detected a brute-force attack so it locked down the root account entirely even from the correct password. According to cPanel the best way around this is to whitelist your IP.........
Movie-Aspect is undefined - no prescaling applied.
videocodec: libavcodec (720x1280 fourcc=34504d46 [FMP4])
[mpeg4 @ 0x2c91c00] timebase not supported by mpeg 4 standard
Could not open codec.
FATAL: Cannot initialize video driver.
That is the error I would get, I thought it was a codec error something else. By fluke Isaw something about ffmpeg where someone recommended manually telling it to the "fps" and it worked.........
ssh -L 5905:localhost:5900 root@yourserver.com
The "-L" means to create a port forward to a port on your server.
The 5905 means the port on your computer that will be used to access the port 5900 on the remote server.
localhost is the IP that you use to access the port forward (you can change it to 0.0.0.0 which will be all IPs on your system/computer but localhost is good for security and privacy unless a whole network of people need access).........
On some CPanel installs we see complaints of "/usr/local/cpanel/bin/apache_conf_distiller" causing 100% cpu usage without any solution.
Killing the process causes it to spawn again, actually it seems it tends to spawn multiple processes itself.
Restarting CPanel itself is a temporary but not permanent solution.........
[3805108.257042] sd 0:0:0:0: [sda] 1953525168 512-byte hardware sectors: (1.00 TB/931 GiB)
[3805108.257052] sd 0:0:0:0: [sda] Write Protect is off
[3805108.257054] sd 0:0:0:0: [sda] Mode Sense: 00 3a 00 00
[3805108.257066] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[3805108.257083] sd 0:0:0:0: [sda] 1953525168 512-byte hardware sectors: (1.00 TB/931 GiB)
[3805108.257090] sd 0:0:0:0: [sda] Write Protect is off........
This server has been running for weeks without issue, it's currently only using 1 of 2 CPUs as it is running in the office as a test bed (mainly due to the handle 12 bay storage/great for testing HDDs). The errors below seem to mainly be from AMD CPUs, it's only happened a single time and in the days since Igot that error it hasn't occurrred.
Interestingly enough /proc/cpuinfo still shows all 4 cores of the CPU (Opteron 2373 Quadcore HE) and the functionality doesn't seem........
Fatal error: Out of memory (allocated 6291456) (tried to allocate 7680 bytes)
This is usually caused by Wordpress, Drupal or other ridiculously inefficient CMS' out there, as a temporary fix you can increase PHP's memory limit but it's best to find the actual culprit, by disabling add-ons and other scripts etc...........
yum -y install fail2ban
vi /etc/fail2ban/jail.conf
[asterisk-tcp]
enabled = true
filter = asterisk
action = iptables-multiport[name=asterisk-tcp, port="5060,5061", protocol=tcp]
sendmail-whois[name=Asterisk, dest=you@example.com, sender=fail2ban@example.com]
logpath = /var/log/asterisk/messages
maxret........
All Errors (CPanel does not report by domain, but puts everything in a single log which Ithink is a bit silly and annoying):
/usr/local/apache/logs/error_log
Access_Logs
They are found within the home directory of the site user eg.:
/home/admin/access-logs/yoursite.com
MySQL Logs
/var/lib/mysql/yourhostname.err........
./configure
./configure: cannot locate gcc 3.x. please install it or specify with --qemu-cc
yum -y install gcc make
./configure
./configure: cannot locate gcc 3.x. please install it or specify with --qemu-cc
yum -y install compat-gcc-*
./configure
Error: Could not find alsa
Make sure to have the alsa libs and headers installed.
yum -y install alsa-lib-devel
./configure........
template=$(cat ........
Here is a handy script that will check all processes and report what is swapping
#!/bin/bash
for pid in `ps x|awk '{print $1}'`; do
result=`cat /proc/$pid/status|grep VmSwap|awk '{print $2}'|grep -v ^"0"`
if [ ! -z "$result" ]; then
programresult=`ps x|grep $pid|grep -v grep`
if [ $? == 0 ]; then
program=`echo $programresult|awk '{print $5}'|grep -v ^grep`........
mount -o bind /proc /sda2/proc
mount -o bind /dev/ /sda2/dev
mount -o bind /sys /sda2/sys
chroot /sda2
mint / # mount -o bind /proc /sda2/proc
mint / # mount -o bind /dev/ /sda2/dev
mint / # mount -o bind /sys /sda2/sys
mint / # chroot /sda2
mint / # cd ~
mint ~ # ls
Desktop
mint ~ # cd /
mint / # ls
bin Desktop dev-temp home&nb........
Linux box13. 2.6.32-042stab076.5 #1 SMP Mon Mar 18 20:41:34 MSK 2013 x86_64 x86_64 x86_64 GNU/Linux
even setting privvmpages to a specific setting DOES not affect "free -m" in containers.
This is probably a kernel issue
23:36:29 up 159 days, 7:12, 4 users, load average: 0.42, 0.44, 0.33
[root@box13 ~]# free -m
total&n........
./rsync.sh
sudo: sorry, you must have a tty to run sudo
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(601) [sender=3.0.7]
Solution edit
/etc/sudoers
#Defaults requiretty........
This was caused by some weird dmraid setup which kind of takes control of drives even if they're blank/unused.
1. Check the table.
dmsetup table
ddf1_44656c6c202020201000006010281f0b3f5195b77cf86172: 0 3905945600 linear 8:0 0
ddf1_44656c6c202020201000006010281f0b3f5195b77cf86172p3: 0 37124096 linear 253:0 284547072
ddf1_44656c6c202020201000006010281f0b3f5195b77cf86172p2: 0 283496448 linear 253:0 1050624
ddf1_44656c6c2020202010........
The units in echo are kB as in kilobyte.
Setting a high sync speed
echo 120000 >/proc/sys/dev/raid/speed_limit_min
This will increase the speed, note that sometimes a rebuild is slow due to current disk activity/iowait.
If that is not the cause then you may have a hardware issue (controller, cable or a bad drive).
Setting a lower sync speed
echo 1200 >/proc/sys/dev/raid/speed_limit_max........
date -d @timestampgoeshere +%c
It's very handy and simple as shown above.........
/scripts/phpextensionmgr install PHPSuHosin
Updating md5sum list
Fetching http://httpupdate.cpanel.net/cpanelsync/easy/targz.yaml (connected:0).......(request attempt 1/12)...Resolving httpupdate.cpanel.net...(resolve attempt 1/65)...
Fetching http://httpupdate.cpanel.net/mirror_addr_list (connected:0).......(request attempt 1/3)......connecting to 74.50.120.123...@74.50.120.123......connected......receiving...100%......request success......Done........
Browse to this directory: ~/.config/libreoffice/3/user/backup/........
The first is a dual CPU AMD Opteron 2373EE (4 cores x 2) and I think it did bad because it has some old 250GB SATAs which can only do about 65MB/s max sequential reads. I think it should have blown away the second (AMD X4 640 Quad Core).
[root@fs12home unixbench-4.1.0-wht-2]# ./Run
make all
make[1]: Entering directory `/root/unixbench-4.1.0-wht-2'
Checking distribution of files
./pgms exists
./src exists........
relay=alt4.gmail-smtp-in.l.google.com. [74.125.136.26], dsn=4.0.0, stat=Deferred: 421-4.7.0 [ 10] Our system has detected an unusual rate of
This is strange because the mail server IP is not blacklisted anywhere and the IP itself has not been used for years and this server is clean and has only sent a few e-mails to gmail.com in its entire time.
I wonder if this is a legacy block on a whole range of IPs as punishment for others in the block........
I just realized I have some blank users which I deleted butI can still login to this dummy account without a password for some reason.
mysql -u -p
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 5
Server version: 5.1.69 Source distribution
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation an........
I've got one of these for testing projects from work at home and got more than I bargained for with the time I've spent on it due to the storage handing/Perc 6/i cards.
My particular model came with the following:
2U Rack Mount Server with Rails
2xOpteron 2373 EE (Quad Core, there is a 6-core version that can be found at times)
16GB RAM
2 x 250GB Seagate SATA
2 x Dell Perc 6/i (horrible and a nightmare to work........
The results are not bad, the Hitachi performs the same as it does in a SATA2 motherboard. However, the 2TB is much different, on a similar 2TB Toshiba I get about 198MB/s on a different motherboard vs the 2TB Hitachi which should produce similar results.
This Dell Perc 6/i is on a PCI x8 riser card and is connected to a 12-port backplane.
Adapter #0
Enclosure Device ID: 32
Slot Number: 0
Enclosure position: N/A
De........
I flashed an LSI Logic firmware to it and it broke the BIOS (cannot do Ctrl+R) for booting purposes but allows other functionality to work normally.
I tried downgrading to a Dell firmware for Perc 6i but it won't work, not even with MegaCli
wget http://downloads.dell.com/FOLDER00416606M/1/SAS-RAID_Firmware_W83M2_LN32_6.3.1-0003_A14.BIN
--2013-08-26 12:53:39-- http://downloads.dell.com/FOLDER00416606M/1/SAS-RAID_Firmware_W83M2_LN32_6.3.1-0003_A14.BIN
Resolvi........
LSi Megaraid
At first it was configured as a RAID 0, then I deleted the Virtual Disk Group.
I thought both drives would be shown and detected in Linux as sda and sdb but it actually shows nothing.
To make them work you have to hit Ctrl+R before the system boots (when prompted) and create a Virtual Disk Group. In my case I created each one as RAID 0 (with a single drive only) as I just wanted JBOD but there is no such option or default in these Dell Pe........
pxe-32 tftp open timeout
The solution was to enable tftp in xinetd with "chkconfig tftp on".
See the troubleshooting below:
chkconfig --list
NetworkManager 0:off 1:off 2:off 3:off 4:off 5:off 6:off
acpid 0:off&n........
zonetemplate=$(cat ........
iptables -t nat -A PREROUTING -p udp -m multiport --dports 20,123,443 -j REDIRECT --to-port 53
getsockopt failed strangely: Invalid argument........
package kernel-xen-2.6.18-274.7.1.el5.x86_64 is intended for a x86_64 architecture
Linux etc 2.6.18-274.7.1.el5xen #1 SMP Thu Oct 20 17:06:34 EDT 2011 x86_64 x86_64 x86_64 GNU/Linux
As you can see above architecture and kernel is 64-bit but I had to force it to install using "--ignorearch"
Solution
#rpm --ignorearch -ivh kernel-xen-2.6.18-274.7.1.el5.x86_64.rpm
Preparing...&nb........
Another new drive bad from the start:
Jun 2 15:14:18 one-desktop kernel: [15895.386779] ata2.00: exception Emask 0x50 SAct 0x1 SErr 0x280900 action 0x6 frozen
Jun 2 15:14:18 one-desktop kernel: [15895.386782] ata2.00: irq_stat 0x08000000, interface fatal error
Jun 2 15:14:18 one-desktop kernel: [15895.386784] ata2: SError: { UnrecovData HostInt 10B8B BadCRC }
Jun 2 15:14:18 one-desktop kernel: [15895.386788] ata2.00: cmd 60/0........
When trying to reboot this Centos 5 container, it gets stuck as "mounted" and requires a manual start command, here is what dmesg shows:
[424458.173252] VE10000: no allowed mount options found for device 0:21
[424458.177970] proc: unrecognized mount option "relatime" or missing value
[424460.297663] CT: 10000: stopped
[426663.466433] CT: 10000: started........
Have you ever unplugged the wrong drive and then had to rebuild the entire array? It may not be a big deal in some ways but it does make your system vulnerable until the rebuild is done.
Many distros often enable the "bitmap" feature and this basically keeps track of what parts need to be resynced in the case of a temporary removal of a drive from the array, this way it only needs to sync what has changed.
To enable bitmap to speed up rebuilds and sync........
This is just trying to read 5GB off the drive with dd and the drive initially tested ok but shortly after I wondered why I was seeing 2MB/s read speeds. Notice the "current_pending_sector", anytime I've seen it at anything above 0 even with no other bad fields/attributes, it means the drive is bad.
ata1.00: exception Emask 0x0 SAct 0x3 SErr 0x0 action 0x0
ata1.00: irq_stat 0x40000008
ata1.00: failed command: READ FPDMA QUEUED
ata1.00: cmd 60/00:00:........
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
bind-address=127.0.0.1
The key is "bind-address", set that to 127.0.0.1 and no one from outside the server can connect.........
mysqldump: Couldn't execute 'show create table `general_log`': SHOW command denied to user 'user'@'localhost' for table 'general_log' (1142)
One of my clients almost found out the hard way, here is an unlikely situation that happened.
1.) Years ago the client had another VPS to which they backed up a BLOG nightly to an .sql file, what they forgot is that the file also contained all databases (they used the --all-databases option but forgot). So imagi........
foreach ($_POST as $key => $value) {
if ( $key != submit )
{
$values.="$key=$value<........
This is useful for developing a lot of applications, I'm putting it here to keep it handy for myself and hopefully others:
Choose CountryCanadaJapanUnited StatesUnited KingdomAfghanistan........
On occassion and from a variety of networks and clients, Sent messages don't get saved.
I'm wondering if these log messages could be why:
May 3 14:16:39 mail.box postfix/smtpd[5195]: connect from 192.168.1.58
May 3 14:16:39 mail.box postfix/smtpd[5195]: SSL_accept error from 192.168.1.58: -1
May 3 14:16:39 mail.box postfix/smtpd[5195]: lost connection after CONNECT from 192.168.1.58
May 3 14:16:39 mail.box postfix/smtpd[5195]:........
mdadm --create /dev/md2 --level=1 --raid-devices=2 /dev/sda3 /dev/sdb3
cat /proc/mdstat
Personalities : [raid1]
md2 : active raid1 sdb3[1] sda3[0]
1363020736 blocks super 1.2 [2/2] [UU]
[=>...................] resync = 8.3% (113597440/1363020736) finish=276.2min speed=75366K/sec
........
Client Log
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.1.253 [192.168.1.253] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_d........
Kernel panic - not syncing: Attempted to kill init!
Pid: 1,comm: init Tained: G I------------- 2.6.32-358.el6.x86_64 #1
Call Trace:
[] ? panic+0xa0/0x16f
[] ? do_exit+0x862/0x870
[] ? fput+0x25/0x30
[] ? do_group_exit+0x58/0xd0
[] ? sys_exit_........
This is a handy link and list of all the relevant Directadmin log files and related servers.
http://help.directadmin.com/item.php?id=11
DirectAdmin:
/var/log/directadmin/error.log
/var/log/directadmin/errortaskq.log
/var/log/directadmin/system.log
/var/log/directadmin/security.log
Apache:........
-bash-3.1# shutdown -rn now
Connection to localhost closed by remote host.
Connection to localhost closed.
Sometimes I work with embedded systems/custom kernels without any of the fancy init scripts and other common Linux basics that most would expect. This means that often the "reboot" command (which uses an init script) will never work, not only that but it will hang the server and a manual power cycle or reboo........
vzquota : (warning) block_hard_limit [102] < block_current_usage [520824]
This is because your disk usage of the container exceeds the quota.
Eg. once on a test container I had accidentally set it to 32MB yet the OS took about 600MB.
Just set the quota to something bigger than the currently used space to solve it.
vzctl set 3891 --diskspace 5G:5G --save........
Solution To The Following:
yum -y install zlib-devel
yum -y install e2fsprogs*
*** Cannot find /usr/include/et/com_err.h. (yum install libcom_err-devel) ***
Installation didn't pass, halting install.
Once requirements are met, run the following to continue the install:
cd /usr/local/directadmin/scripts
./install.sh
Common pre-install commands:
http://help.directadmin.com/it........
mdadm --manage /dev/md3 --add /dev/sda1
cat /proc/mdstat
Personalities : [raid1] [linear] [multipath] [raid0] [raid6] [raid5] [raid4] [raid10]
md0 : inactive sdd2[1] sdd1[2](S)
31270272 blocks
md3 : active raid1 sda1[2] sdb1[1] sdc1[3](F)
943730240 blocks [2/1] [_U]
[>....................]........
Here's the link to the warranty checker and from there you can also create an RMA:
https://myapps.taec.toshiba.com/myapps/admin/jsp/webrma/addRequest1NoLogin.jsp
Note that the serial# shown in SMART is not complete as is the case for many other brand sof HDDs.
For example a 2TB Toshiba shows the following Serial Number in SMART:
Device Model:........
I chose this because I heard a lot of stories about scams and that many providers I contacted said they can't unlock the Canadian I717s (one said "my Bell server" is down).
This method worked perfectly on my Bell I717M and should work for all I717 in Canada, I was able to insert a foreign SIMcard. This will work abroad too but remember entering CWM mode is different for I717's in other countries (at least theUS).
Step 1 - Root + CWM........
Here's a proven example of what a bad hard drive can do, it was technically functioning OKin a RAID array but the system became extremely low and the load become high and IOWAIT was even higher and I always thought it was a bad application. The truth is that this failing 1TBHitachi has slowly gotten worse and caused huge slowdowns, (eg. 100% load on Thunderbird waiting for e-mails to load etc..). After swapping it out, tabs change instantly, emails are not lagged, and........
Install unoconv
unoconv -d document -f pdf file.doc
Change "file.doc" to the name of your document. Note you could specify *.doc and it will convert all .doc's in the current directory to pdf which is very handy.
unoconv uses the cli from OpenOffice to do this, OpenOffice actually doesn't have an easy way I've found of doing this despite it having the functionality.
........
I like badblocks and don't know a better more reliable way of checking the drive. If there are no errors from badblocks and dmesg doesn't produce any SATA related errors, the drive should be good (for now at least).
I also prefer to do read and write mode, yes it takes ages but it is really the best way of doing it. This gives me the most confidence in knowing that a drive, especially a new one is at least OK at the moment.
To test in read only mode........
This booting error is because the Xen PV guest image uses the Xen kernel, this is not compatible with anything but a host running a Xen kernel.
I did a kpartx -av virtual.img and then it created some partitions that showed up in fdisk.
I mounted it and did a chroot into it and removed the xen kernel and installed a normal kernel but Xen still shows the same kernel in Grub (only the Xen one).
This is strange but it seems like this Xen PV guest has some sort of hidden or........
Inever started these processes but they are from a custom based bootable Linux I've made and I've never seen this behavior on other machines or even with the same machine using different kernels. These processes seemed to spawn on their own and I have no idea why and even worse why the CPU usage is so high?
Here's the output from top:
907 extaudit 30 10 0 0 0 R 90.7 0.0........
This is something I often setup for clients because it's very helpful for people in datacenters, this allows custom OS installs on demand, you can customize it more by using kickstart etc.. but here's a base I use before customizing more:
This little script below will install everything you need to get booting by PXE Linux.
It also assumes you set a local IP (be sure not to overwrite your existing IP) on eth0:0 (note the :0) as 192.168.1.10 and it........
Here is a quick script that works on most Centos versions to disable the virus/SELinux from blocking basic functionality.
The first echo 0 statement disables SELinux instantly but it will still be enabled on reboot.
The second line disables it permanently.
#!/bin/bash
#disable SELinux Immediately
echo 0 > /selinux/enforce
#disable SELinux Permanently
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config........
mdadm --manage /dev/md1 --add /dev/sdb1
mdadm: metadata format 00.90 unknown, ignored.
mdadm: metadata format 00.90 unknown, ignored.
mdadm: metadata format 00.90 unknown, ignored.
mdadm: /dev/sdb1 not large enough to join array
md1's first primary member /dev/sda3 has 57394 cylinders while the /dev/sdb1 has 57393 (1 less cylinder) which is why it won't work.
fdisk -l /dev/sda3
Disk /dev/sda3: 47........
ip tunnel add tun3 mode gre remote 192.58.1.5 ttl 64
ioctl: no such device
I solved this on Centos by loading the ip_gre module:
modprobe ip_gre
On Debian I believe it is the "sit" module.........
parted sdc.img
GNU Parted 1.8.8
Using /home/one/sdc.img
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) unit&nb........
When trying to delete a tunnel
ip tunnel del tunl0
I get this message:
ioctl: Operation not permitted........
ip_conntrack: table full, dropping packet.
A lot of clients I've seen have this issue, it really seems the default level is way too small. Once this connection tracking table becomes full then packets get dropped which is obviously a bad thing.
One thing to be mindful of though is that 350 bytes of memory are used per entry so there is some justification for not keeping it too high. However, if you have multiple servers running or high traffic daemons........
A lot of people become nervous (and understandably so) when checking their auth or security logs, in Centos /var/log/secure and see dozens, hundreds of even thousands of attempted logins to various services, especially SSH.
Of course you could manually block these people/IPs but no one has time to read the logs like that, what if some program or script could do it for you?
This is what denyhosts does for you, it checks the logs and based on a certain number of failed SSH attem........
I backed up everything in the /mnt/sd_card directory thinking that some dataloss could occur for some reason but purposely left my microSDHC unbacked up thinking that "it won't touch that since it's external" and Samsung's and other manufacturers website even say this (that it won't be affected and not to worry etc).
Apparently I was wrong, my microSD was "undetected" and asked to be formatted after the upgrade (there goes 3-months worth of family photos). No........
This may sound silly but there will be conflicts/issues with the default Centos repository so you have to use a third party like remi (I prefer not to do this but it's the only option unless you migrate your sites/data to another server or can stand some downtime-not an option IMHOon a production server).
You may need to upgrade to PHP5.3 to run Joomla or many other reasons.
Your host needs to use PHP 5.2.4 or higher to run this version of Jo........
JFolder::create: Could not create directory
Plugin Install: Failed to create directory:
This can occur when trying to upload content or when installing themes/templates.
It's usually not a permissions issue per say but doing a 777 (which is very insecure) will fix it. But the real problem solution is that the owner of the files is different than the owner of the Apache process/server.
Eg. if your Apache is running as user "apache........
ERROR 1045 (28000): Access denied for user 'contentmanager'@'localhost' (using password: YES)
For fun I thought I'd reset the password:
GRANT ALL ON thecontent.* TO contentmanager IDENTIFIED by 'dfdfsdfdsfsdfsd';
ERROR 1470 (HY000): String 'contentmanager' is too long for user name (should be no longer than 16)
This is ridiculous that this new version has some bizarre 16 character username limit and not only that but i........
This array is a RAID 1 and in this case 1 of the 2 drives failed (a WD drive and I've found them to be the weakest and most unreliable of any brand and are easily damaged/DOA when shipping them).
mdadm --manage /dev/md0 --add /dev/sdb1
The above assumes the array you want to add to is /dev/md0 and the device we are adding is /dev/sdb1
*One thing to remember is to make sure the partition you are adding is the correct size for the array. You can also g........
Neither the blkid or the UUID internal to mdadm work to automount for some reason in Debian
partprobe doesn't work but was a good suggestion from: http://pato.dudits.net/2008/11/03/special-device-uuidxxxxxxxxxxxxxxxx-does-not-exist-especially-with-lvm
mount: special device /dev/disk/by-uuid/431b9b96-29e8f298-e89bd504-7065bddd does not exist
mdadm -D /dev/md_d12
mdadm: metadata format 00.90 unknown, ignored.
/dev/md_d12:
&nb........
Replace "Administrator" with your username.
C:Documents and SettingsAdministratorLocal SettingsTemp
Ihave often found several gigabytes of temporary files in there! Just be warned that they may not all be deletable if the files are being used by open programs (so close everything you can).
This helped me in a pinch many times when for apparently no reason gigs of disk space are being used for an unknown reason.........
In bash you test like this for problems that can be caused by non-printable characters since if you don't know how to identify it because it basically breaks your script.
echo "url=$url" should print something like this normally if you have properly formatted input/text:
url=::http://someaddress.com::
But if you have some weird hidden characters (not visible in a text editor of any sort you'll get something like this
::l=::http://s........
Could not display "trash:///".
Error: DBus error org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.
Please select another viewer and try again.
This happened in Ubuntu but only because I was trying to delete millions of files at once and i........
wget -N http://httpupdate.cpanel.net/latest;sh latest
That one command above will do it all (and it takes a long time to install/compile). After that you can access CPanel with your root login information by visiting https://yourdomain-or-ip.com:2087
I personally don't like CPanel (bloated, full of bugs, no shared SSL, difficult to use etc..)but I admit it's easier to install than........
I experienced this with CPanel's Exim after an auto-update (a Google of this error produces lots of complaints with few clear solutions). In this case I'll put the solution at the top.
Run /scripts/buildeximconf to rebuild the Exim config and it should be fine after that.
mail -vs "from test" user@dest.com < .bash_history
LOG: MAIN
cwd=/root 4 args: send-mail -i -v user@dest.com
LOG: MAIN
&........
For years I've always built cheap systems believing that there is little difference in more expensive components when it comes to reliability and quality, I generally believe this still except for Power Supplies.
I've always bought cheap cases with nice sounding 350-550W stock/cheap/crap power supplies and haven't had any issues for the most part until recently.
One such case is an NGEAR case with a 550W Optimax power supply, I always read that these supplies don't produce the........
I'm running Ubuntu 10.10 with Asus NVIDIA GT430
2.6.35-32-generic-pae #65-Ubuntu SMP Tue Jan 24 14:06:16 UTC 2012 i686 GNU/Linux
Nvidia binary driver: 260.19.06
The screen sometimes completely freezes and locks up or everything starts going very slow:
[1903398.100007] NVRM: os_schedule: Attempted to yield the CPU while in atomic or interrupt context
[1903402.373210] NVRM: Xid (0001:00): 53, CMDre 00000000 00000080 00000000 00000005 00........
fdisk -lu VPS.img
last_lba(): I don't know how to handle files with mode 81ed
You must set cylinders.
You can do this from the extra functions menu.
Disk VPS.img: 0 MB, 0 bytes
255 heads, 63 sectors/track, 0 cylinders, total 0 sectors
Units = sectors of 1 * 512 = 512 bytes
Device Boot Start End ........
One of my test Centos 5 containers was on a partition that filled up and it threw all sorts of errors and stopped responding but now I can't boot it again anymore.
All the console shows is the Linux Penguin on the top left corner and the xm console says "usbcore: registered new driver hub" and has halted there.
Centos 5 Xen container stuck/frozen won't boot on "usbcore: registered new driver hub"
Another great way of troubleshooting is booting fro........
It sure is annoying when you connect to the console using xm and it locks your shell session.
It doesn't really, you just need to know it is "Ctrl + ]" to exit it.
Once again to exit an xm console session, press Ctrl + ]........
I dread updating the kernel and rebooting to find the Ubuntu graphics aren't working and you have to manually intervene. This is usually because Ubuntu for whatever reason didn't update the drivers you need (eg. the manually compiled Nvidia Kernel driver that MUST be recompiled for each and every kernel update unfortunately).
The most common reason may be that "linux-source" hasn't been installed automatically on my system. I tried to manually reinstall the........
This is one in a series of weird things whichIthought was motherboard related (I RMA'd the motherboard), the RAM tests fine with memtest86 and I used badblocks on both RAID 1 members with no errors and smartctl is happy with them.
Basically the array crashes the kernel a lot and has issues when writing.
[112322.723465] md0: rw=0, want=14958668696, limit=1887460480
[112322.731077] attempt to access beyond end of device
[112322.731087] md........
PDOException: SQLSTATE[42000] [1044] Access denied for user 'db_user'@'localhost' to database 'dbname' in lock_may_be_available() (line
167 of /home/user/public_html/includes/lock.inc).
The username and password were correct but some reason CPanel added the user with no permissions! Edit the user's permissions to include "All" from Cpanel or MySQL and that is the solution.........
It really is as simple as:
cdrecord -v dev=/dev/sr0 pathtoyourisoimage.iso
-v is for verbose, I prefer it but if you don't you won't see as much output like below (I like to know the details and exactly what's happening)
dev=/dev/sr0 specifies the device name of your burner (they say not to use it and to specify some weird annoying device string but using the raw /dev has always worked for me and is how it should have been implemented from the start IMHO)........
gocr works great and it's simple, just invoke it like so:
gocr filename.png
The output will be printed to the screen.
My only complaint/concern is that even with standard terminal output (not scanned) from a printscreen, gocr does make mistakes by inserting extra spaces where they don't belong, mistaking letters for numbers etc.. but it's definitely enough to be readable and figure out what you're looking at.
I haven't tested yet with scanned input........
The normal solution would be as follows:
export DISPLAY=:0.0
/usr/lib/vino/vino-server &
But what happens if that doesn't work? I haven't been able to find much documentation about how to find the list of displays and how their numbering works in Xorg.
Sometimes you'll get this error when trying to restart vino:
Cannot open display:
For some reason my display is not on 0.0........
Have you ever found a website/page that has several or perhaps dozens, hundreds or thousands of files that you need downloaded but don't have the time to manually do it?
wget's recursive function called with -r does that, but also with some quirks to be warned about.
If you're doing it from a standard web based directory structure, you will notice there is still a link to .. and wget will follow that.
Eg. let's say you have files in http://serverip/documen........
I'll start by showing some problems in the logs:
[2011/08/07 16:22:06, 0] param/loadparm.c:8569(process_usershare_file)
process_usershare_file: stat of /var/lib/samba/usershares/movie failed. Permission denied
[2011/08/07 16:22:06, 1] smbd/service.c:676(make_connection_snum)
create_connection_server_info failed: NT_STATUS_ACCESS_DENIED
That means you don't have permission to access the fi........
dd if=/dev/sda of=/dev/null creates ever increasing load every second.
After minutes the load has moved up to 4.79
I've tried with two different discs in my system.
I wonder if it's a delay or problem with the SATA bus because one drive I have connected has recently failed.
I notice when drives fail that you get some IO/blocking issue when they don't respond properly.
Yes I believe it was, because here's the same disc after removing the dead........
ifup eth0
SIOCSIFFLAGS: Cannot allocate memory
Failed to bring up eth0
This is on a Centos 5.5 machine with OpenVZ kernel 2.6.18-238.12.1.el5.028stab091.1PAE, I updated 3 systems with the same hardware to the same kernel and for some reason the network didn't come back.
This only happened once the first time I booted into the new kernel and hasn't happened again but this is a serious issue for those running systems from remote locations such as a datacente........
netstat is weak and can't show udp connections and most other protocols, use "ss" which is what netstat should have been:
The "-u" switch stands for udp, here's a list of other options:
Usage: ss [ OPTIONS ]
ss [ OPTIONS ] [ FILTER ]
-h, --help this message
-V, --version output ver........
I had a system running a 128MB live CD image with 2.8 gigs of available RAM and the OOM kernel killer went crazy when using dd for more than 8 minutes and kept killing everything. I've read that this is due to a low-memory issue and paging in the kernel and 32-bit systems with lots of RAM.
I even enabled swapspace on my LiveCD and the issue happened 25 minutes into dd rather than 8 minutes, so what gives?
Also no swap space was ever used!
cat /proc/s........
I like dd, although it only reads it, usually a read test of the entire disk will uncover if your hard drive is bad in some parts. This is a good thing to do at least once a month, a lot of times bizarre program behavior, laginess and crashing/unnmounting problems etc.. are due to a failing disc and SMART won't know it or indicate a problem:
We must also remember there's never a guarantee, I've found that ever since we moved to larger and more platters per drive with 1TB drives........
I had a dying drive that smart thought until it totally disappeared was a good drive, and actually all parameters did look fine but this system was causing my system to lockup and other bad behavior:
=== START OF INFORMATION SECTION ===
Device Model: WDC WD20EARS-00MVWB0
Serial Number: WD-WMAZ20139
Firmware Version: 50.0AB50
User Capacity: 2,000,398,934,016 bytes
Device........
Warning: Unable to open /dev/fd0 read-write (Read-only file system). /dev/fd0 has been opened read-only.
That's a very annoying error, it's simply because Centos for some reason thinks it's wise to load the "floppy" kernel module, who has a floppy drive? I haven't seen or used a floppy for over 12 years!
It's more than just annoying, if you probe the drives attached to your system, eg. with grub or partprobe, it keeps trying to locate a flopp........
I had one of these shipped and it was not recognized when plugged in, here's what a dead drive looks like (I assume it's teh circuit board which is dead):
ata1: link is slow to respond, please be patient (ready=0)
ata1: softreset failed (device not ready)
ata1: SATA link up 3.0 Gbps (SStatus 123 SControl 300)
ata1: link online but device misclassified, retrying
ata1: link is slow to respond, please be patient (ready=0)
ata1: softreset f........
This assumes that you've at least created the correct partition for your DRBD already.
Notice that I am "diskless", that's because either your DRBD partition doesn't exist/has been renamed (eg. sdb becomes sda when sdb dies and you reboot) or because that drive is really actually dead/gone.
*If you need to permanently change the partition/device for your resource be sure to edit /etc/drbd.conf on both hosts and reload the config.
(replace r0 with........
I thought only a faster CPUand SSDwould help but I already have a Quad-Core CPU and it wasn't being maxed out. The actual tests were performed on an AMD-V enabled 128MB dual core VMWare container though.
There is a flag that can be passed to make in order to start multiple threads, by specifying 4 threads I was able to reduce the whole kernel compilation time from scratch by about 50%! (65minutes vs 31minutes!). *Yes I did do a make clean before each co........
One thing to note about DNS servers and providers is that they aren't always trustworthy, not even if they're Google or your favorite ISP. Any DNS server can compromise your privacy, and they are likely tracking your browsing habits and keeping logs of it. Sometimes it's for Marketing/Research purposes such as Google's GMail service which they admit is scraped/datamined. I would expect nothing less from their DNS service.
The other danger with such widely used and pu........
(98)Address already in use: make_sock: could not bind to address [::]:80
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
This will even trip you up if you have a service like monit to save you if httpd crashes. The only way to fix this is to either wait (it's not an option for production situations) or to kill the ghost httpd processes that wouldn't gracefully close:
So........
If you have a webserver and find you have high IO/lagginess MySQL is one of the first things to check. It turns out MySQL was my problem and it was creating a high load on my server, especially for IO.
How to Enable MySQL Slow Query Logging To Find Slow Performance/Queries
vi /etc/my.cnf
Add this anywhere under [mysqld]
#slow queries
log-slow-queries = /var/log/mysql/mysqlslowqueries.log
long_query_time = 1........
mod_status is a great way to track down the source of high CPU usage and to find what vhost/script is the cause of it.
It gives you a live view of bandwith usage, CPU usage, and memory usage broken down by domain/vhost and script/URI.
Enable mod_status
vi /etc/httpd/conf/httpd.conf
ExtendedStatus On
SetHandler server-status
Order Deny,Allow
Deny from all
All........
I was getting frustrated with trying to write a simple URL like this:
/example-withdash
I used the htaccess code like this:
Rewriterule ^example-withdash$ / [R=301]
I also tried escaping the dash which I thought should have treated it as a literal but that didn't work either:
Rewriterule ^example-withdash$ / [R=301]
But it wouldn't work, apparently the "-" dash means don't substitute,........
http://www.splitbrain.org/blog/2010-06/15-linux_ocr_software_comparison
They did a great writeup and comparison on the different OCR options available for Linux.........
telnet localhost 80
Trying localhost...
Connected to localhost).
Escape character is '^]'.
^]
telnet>
A lot of people don't know that "^" means the Control Key, so many times you can't force quite telnet without knowing that (Ctrl + C won't always work).
*Just use Ctrl + ]
Ihope this saves some time and frustration from some people.........
This happened during a RAID array check:
SMART says both drives pass the test, but I'm doing a long test on them and hopefully this is not a hardware error.
Apr 3 04:22:01 remote kernel: md: syncing RAID array md2
Apr 3 04:22:01 remote kernel: md: minimum _guaranteed_ reconstruction speed: 1000 KB/sec/disc.
Apr 3 04:22:01 remote kernel: md: using maximum available idle IO bandwidth (but not more than 200000 KB/sec) for reconstruction.
Apr........
You need to enable the httpd daemon with monit to actually view the status and control, it's not only for the web interface since the httpd is theONLY way of controlling monit and viewing the status.
monit monitor all will also reinstate disabled services if they've timed out too much. Just restarting the service will do nothing to re-monitor a service that monit has stopped monitoring due to too many failures.
*Also note that /etc/monit.conf i........
My mother needed a new laptop and I recommended her the same one I would have bought myself or my wife, that means the cheapest possible laptop with the most features for the money.
This HP shines at this price point and one thing that made me stay away from buying more and recommending HP/Compaq was the poor battery life. Not anymore, this model has an industry leading up to 4 hours of battery life.
Key Factors for Choosing It:
HDMI Out........
high IO wait
424 root 39 19 1900 848 552 D 0.0 0.0 0:00.91 updatedb
root 424 0.0 0.0 1900 848 ? DN Mar11 0:00 /usr/bin/updatedb -f sysfs?rootfs?bdev?proc?cpuset?binfmt_misc?debugfs?sockfs?usbfs?pipefs?anon_inodefs?futexfs?tmpfs?inotifyfs?eventp........
Santrex Review/Scam/Complaint
Santrex never provided any working server, I believe it was just a dummy management Solus server because the server said it was booted but never connected to the console. I complained to them and eventually the support admitted the server was not working and to wait for 24 hours. I waited for 4-days, after which they sent an e-mail saying my service was being disabled for SPAM ...(when SolusVM shows 0kb of traffic). Th........
There are all kinds of threads and links on the internet, and this seems to be a contentious issue butI don't know why.
95th percentile is either a good deal for some or a big rip off for others, Ijust said it there :)
But the reality is that for MOST people who transfer low amounts of data but burst to higher speeds such as 40mbit+ even for short periods of time, then you'll pay a lot of money to do that.
Basically 95th percentile is an-old archaic method........
find what MPM Apache is using, it will either be using "worker" or "prefork"
apachectl -l
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c
In my case it is "prefork"
vi /etc/httpd/conf/httpd.conf
Find the section that looks like this (by default one will normally exist for prefork and for worker, but in my case I only care a........
kernel 2.6.27.54
Fusion MPT base driver 3.04.07
Copyright (c) 1999-2008 LSI Corporation
Fusion MPT SPI Host driver 3.04.07
mptbase: ioc0: Initiating bringup
mptbase: ioc0: WARNING - Unexpected doorbell active!
mptbase: ioc0: ERROR - Doorbell ACK timeout (count=4999), IntStatus=80000001!
mptbase: ioc0: ERROR - Diagnostic reset FAILED! (102h)
mptbase: ioc0: WARNING - NOT READY!
mptbase: ioc0: ERROR - didn't initialize proper........
These are the only two I've encountered but here is the low-end and note my story is not at all unique.
In my case I was scammed out of money and did not receive any service at all from either company.
Santrex Review/Scam/Complaint
Santrex never provided any working server, I believe it was just a dummy management Solus server because the server said it was booted but never connected to the console. I complained to them and eventually the support adm........
Centos 5 Postfix and SPAMASSASSIN Tutorial
yum install spamassassin
chkconfig spamassassin on
vi /etc/mail/spamassassin/local.cf
##############
#required_hits 5
#report_safe 0
#rewrite_header Subject [SPAM]
#5 is the least restrictive (means only the most obvious SPAM is caught. 0 is obviously the most restrictive/sensitive and would have lots of false positives
require........
ls
ls: error while loading shared libraries: libtermcap.so.2: cannot open shared object file: No such file or directory
This is not an ldd problem or case of anything missing, this only happened after I upradedUbuntu.
declare -x PATH="/home/user/bin:/usr/local/bin:/usr/bin:/bin:/usr/games"
"/home/user/bin" is the problem! It's weird because I have no idea how it happened.........
Use "ImageMagick" which can be installed easily on most UNIX/Linux distros.
Remember that it will go with the standard file listing to determine the order but I believe you can manually specify multiple jpg's in the arguments.
Convert image/jpg to PDF
convert *.jpg yourpdf.pdf
This is a very handy and free tool.
Convert DOC/TXT documents to PDF
If you wanted to convert a .doc file or text........
I right clicked all applicable cells and chose "number" but that's enough.
I notice when I click the cell there is an invisible ' in front of the number:
'33.64
Calc imported my CSV and decided to add a ' in front of the numeric currency values!!!*Actually the problem occurs when you right click the cells and change the type from text to number, no matter what format you choose.
If I change it to be currency i........
umount: /home/diret/mount: device is busy.
(In some cases useful info about processes that use
the device is found by lsof(8) or fuser(1))
I tried everything (fusermount -u) to unmount it but the only thing that worked was actually doing this:
ps aux|grep sshfs
Then I identified the sshfs connection and did:
kill -kill pid........
Convert MBOX Mail files into Maildir using Linux
*You need perl an the TimeDate module
Get the free Perl script mb2md from the project/author's site:
wget http://batleth.sapienti-sat.org/projects/mb2md/mb2md-3.20.pl.gz
gunzip mb2md-3.20.pl.gz
#remember you need timedate or you'll get this error:
./mb2md-3.20.pl
Can't locate........
don't delete /var/lib/mysql/ib_logfile0 or ibdata1 or mysql won't restart
I didn't realize they were internal and not part of replication like the relay files!
/usr/libexec/mysqld: ready for connections.
Version: '4.1.22-log' socket: '/var/lib/mysql/mysql.sock' port: 3306 Source distribution
110127 16:31:00 [Note] /usr/libexec/mysqld: Normal shutdown
110127 16:31:00 InnoDB: Starting shutdown...........
The first thing you need to remember is not to check from the same host/server itself. This is a silly mistake I made, the reason is that many mailservers and especially postfix are configured to allow relaying from the localhost/same host. If you do that you'll get a false positive.
*Make sure you test from another host/system than the mail server itself!
telnet yourmailserverhost.com 25
220 Courier (FreeBS........
Dovecot enable SSL (by default it uses an old expired cert if you choose pop3s and imaps as protocols)
===================
Create Cert & Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
mkdir /etc/mailssl
chmod 700 /etc/mailssl
cp server.* /etc/mailssl
Edit /etc/dovecot.conf
ssl_cert_file = /etc/mailssl/server.crt
s........
I think this will be useful to others because I have a server that kept crashing mysteriously during intense disk usage/RAID checks. It would only crash during the weekly RAID integrity check.
ThenI noticed during a reboot that not all CPUs were being brought up, as a result this actually creates much higher temperatures with the output I got from sensors, just booting the system produced higher than normal temperatures.
You can imagine that a full blown RAID check........
Forbidden
You don't have permission to access / on this server.
[Sun Jan 23 15:28:12 2011] [crit] [client 96.44.31.12] (13)Permission denied: /www/vhosts/domain.com/httpdocs/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
Solution
I've done a chmod 755 .htaccess and index.php and restarted Apache
That wasn't the only issue, the issue was the httpdocs direc........
genuine.com/IN: loading master file genuine.com.zone: file not found
_default/genuine.com/IN: file not found
I always found it silly that no one really talks about this and apparently many like me and even control panels like Plesk were still using hard paths. I always thought "why can't I just specify the name of the zone file and have bind find it". Surely the default search path must be /var/named or somewhere else but there is no such thing.........
Openvz problem, it is confusing because it's an inode issue and there is enough free space.
cp: cannot create regular file `forums/memberlist.php': Disk quota exceeded
/dev/simfs 60G 20G 41G 33% /
none 2.0G 4.0K 2.0G 1% /dev........
mysqldump does not include CREATE DATABASE statement
you need the --databases option
"--databases" is misleading, it implies in the documentation that this is a list of databases to be dumped, it should be clear that uses this command in conjuction with dumping a single database also adds CREATE DATABASE and is the only way to get the database to automatically create itself.........
Jan 16 04:02:03 centosbox syslogd 1.4.1: restart.
Jan 16 04:07:34 centosbox kernel: INFO: task updatedb:20771 blocked for more than 300 seconds.
Jan 16 04:07:34 centosbox kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
Jan 16 04:07:34 centosbox kernel: updatedb D F78BE050 6476 20771 20766&n........
CPU/Kernel/MB/RAID problem?
Jan 5 12:45:05 testbox kernel: [653298.890004] BUG: soft lockup - CPU#0 stuck for 61s! [hal-acl-tool:4168]
Jan 5 12:45:05 testbox kernel: [653298.890005] Modules linked in: vmnet vmci vmmon binfmt_misc drbd video output input_polldev ocfs2_stackglue ocfs2_dlmfs ocfs2_dlm ocfs2_nodemanager configfs k8temp hwmon_vid lp snd_hda_intel snd_pcm_oss snd_mixer_oss snd_pcm snd_seq_dummy snd_seq_oss snd_seq_midi snd_rawmidi........
php won't work with absolute links
Warning: imagecreatefromgif(/images/header.gif): failed to open stream: No such file or directory in /vhostsdir/httpdocs/images.php on line 15
That is how my path is structured and ONLY likes the true full path as /vhostsdir/httpdocs/images/header.gif
Why can't it work relative to the vhost directory with absolute links just like say an html link would.........
VMWare bridged adapter not working:
Message from system: The network bridge on device vmnet0 is not running. The virtual machine will not be able to communicate with the host or with other machines on your network. Failed to connect virtual device Ethernet1.
I'm not sure how to fix this but one of the issues is that my eth0 became eth1 after moving my hard drives to a new motherboard. I have run the vmware-config.pl but this did not resolve the issue.........
Webmin Setup Centos 5:
wget http://downloads.sourceforge.net/project/webadmin/webmin/1.530/webmin-1.530-1.noarch.rpm?r=http%3A%2F%2Fwww.webmin.com%2Fstandard.html&ts=1294339690&use_mirror=surfnet
[1] 24229
[2] 24230
[root@host ~]# --2011-01-06 21:48:20-- http://downloads.sourceforge.net/project/webadmin/webmin/1.530/webmin-1.530-1.noarch.rpm?r=http%3A%2F%2Fwww.webmin.com%2Fstandard.html
Resolving downloads.sourceforge.net... 216.34.181.........
The normal solution doesn't help or apply here:
ssh -v user@192.168.5.41
OpenSSH_4.3p2 Debian-9etch3, OpenSSL 0.9.8c 05 Sep 2006
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.5.41 [192.168.5.41] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: i........
I can't tell if it's Flash or Javascript that they were using, but it basically caused my sysetm to lockup until I closed that one page. Is this proof enough that Wal-mart is evil?:)
I've never seen that before, it's weird how certain things mask themselves as high CPU usage with Xorg, unless it is some kind of weird Xorg problem but I believe it's more of a Flash/Javascript issue from Firefox in Wal-mart's evil scripting.........
This doesn't seem to be widely known (maybe it's in some documentation that none of us read though)but there's an easy way to check the integrity of any mdadm array:
sudo echo check > /sys/block/md0/md/sync_action
-bash: /sys/block/md0/md/sync_action: Permission denied
sudo will never work, this only works as root since echo is not actually a binary/command. It is built-into bash.
/sys/devices/virtu........
Install the "Editors" and "Net" groups that will give you rsync, ssh, ssh-keygen and cron.
The trickiest thing that I keep forgetting about each time is you have to run "cron-config" which adds the cron service to Windows, and without doing that obviously no cron jobs will be run thus making automatic backups impossible.
Warning about rsync/cygwin and using the -a archive switch.
It's a good thing I caught this because it doesn't work ri........
mdadm: metadata format 00.90 unknown, ignored.
This happens with various versions of older mdadm such as mdadm - v2.6.7.1 - 15th October 2008
It is all because an extra 0 in 00.90 in /etc/mdadm/mdadm.conf that it doesn't like (it doesn't seem to cause any problem except that message though):
Solution - Edit your /etc/mdadm/mdadm.conf and change 00.90 to 0.90 in your arrays:
ARRAY /dev/md3 level=raid1 num-devices=2 metadata=0.90 UUID=f41a4644:6b2a05f........
One of the purposes of rsync is to backup whole filesystems and archive them but how can you do that properly and restore things to normal if all permissions and ownerships are not preserved from your root filesystem?
It's not desirable to have everything running as root, especially not just for an rsync.
The Easy rsync preserve permission solution for non-root users
sudo is the answer and all you have to do is edit /etc/sudoers
At the end o........
I've only used it on Centos, soI thought I'd make a quick Debian guide:
Install the DRBD Package
apt-get install drbd8-utils
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libswfdec-0.8-0
Use 'apt-get autoremove' to remove them.
The following........
For many reasons you may be dealing with a standard text file and you want to know if there are any duplicate lines:
Here's how you do it:
cat filename|uniq -c
The "uniq -c" program counts how many time each line occurs.........
The Xen VPSI had was not working properly and when they asked for the login information I found the support was coming directly from India:
whois 122.178.148.*
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-5]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 122.178.128.0 - 122.178.191.255
netname:&........
yum exits in the middle
The problem is this VPS seems to be an OpenVZ template from HyperVM. The only way to make it work was to disable i386 packages since this was an x64 kernel. That shouldn't be necessary but it was the only way to make yum stop quitting after the first package or two. I couldn't find any issue by checking the logs either.
echo y|yum install vim-minimal telnet expect jwhois net-tools slocate iptables elinks gawk
L........
I separated the 2 drives in the RAID 1 array.
1 is the old one /dev/sda and is out of date, while the separated other one /dev/sdc was in another drive and mounted and used with more data (updated).
I wonder how mdadm will handle this:
usb-storage: device scan complete
md: md127 stopped.
md: bind
md: md127: raid array is not clean -- starting background reconstruction
raid1: raid set md127 active with 1 out of 2 m........
Let the numbers speak for themselves, from what I read the Load_Cycle_Count which is very high (more than 500,000/half a million times) is the number of head parks. What a stupid"Green" design and design flaw which will probably mean an early life for the drive.
This is almost as silly as Seagate's new reputation for BSY/poor quality disks since the 7200.11 series.
To make it worse this is also when Western Digital introduced "Advanced Format" o........
Nov 29 20:17:58 ubuntu kernel: [ 1157.180789] md: md1 stopped.
Nov 29 20:17:58 ubuntu kernel: [ 1157.180829] md0: unknown partition table
filesystem not responding/reading properly with du or rsync (this needed an fsck).
[ 2571.489217] EXT3-fs error (device md2): ext3_lookup: deleted inode referenced: 35923106
[ 2571.942299] EXT3-fs error (device md2): ext3_lookup: deleted inode referenced: 35923110
[ 2571.9568........
Moving to RAID was a pain.
What you have to do is the following from an existing install:
Install mdadm
Create your mdadm RAID 1 array on your spare hard drive.
Start it with the missing disk.
rsync the entire contents of your current / to the md partition.
Here's a good way of doing it:
rsync -Pha --exclude=/proc/* --exclude=/sys/* --exclude=/mnt/* /. /mnt/md2........
From a LiveCD or if you're doing something like converting your non-RAID install to mdadm here's how you would chroot properly (you have to mount your proc, sys and dev on the running system/LiveCD to your chroot environment if you want things to work right, especially if you need to run update-initramfs due to a driver change etc..)
*replace "path" with your mount/chroot path
mount -o bind /proc /mnt/path/proc
mount -o bind /dev/ mnt/pa........
I couldn't figure out why this wouldn't work, a test script in the root of my htdocs folder worked fine.
Within some subdirectories the same code would produce different base64 results but I didn't know hwy.
Archive: /tmp/archive.zip
Zip file size: 6888 bytes, number of entries: 92
error [/tmp/archive.zip]: missing 242827681 bytes in zipfile
(attempting to process anyway)
error [/tmp/archive.zip]: attempt........
nautilus-gksu - privilege granting extension for nautilus using gksu
nautilus-sendto - integrates Evolution and Pidgin into the Nautilus file manager
nautilus-share - Nautilus extension to share folder using Samba
nautilus-actions - nautilus extension to configure programs to launch
nautilus-bzr - Bazaar (bzr) integration for nautilus
nautilus-cd-burner - CD Burning front-end for Nautilus
nautilus-clamscan - Antivirus scanning for Nautilus
n........
I spent so much time debugging this, most sites don't tell you a very important option to use with CURL and you will only find out this is the problem by running the PHP script from the command line you get the following output that shows the issue (I don't see any way to get this output from Apache itself).
* About to connect() to ip.ip.ip.ip port 25000
* Trying ip.ip.ip.ip... * connected
* Connected to ip.ip.ip.ip (ip.ip.ip.ip) port 25000
* succes........
ping test.com
connect: No buffer space available
/var/log/messages
Oct 18 12:21:03 vps kernel: printk: 177 messages suppressed.
Oct 18 12:21:03 vps kernel: Neighbour table overflow.
Solution in /etc/sysctl.conf:
net.ipv4.neigh.default.gc_thresh1 = 4096
net.ipv4.neigh.default.gc_thresh2 = 8192
net.ipv4.neigh.default.gc_thresh3 = 8192
net.ipv4.neigh.default.base_reachab........
service vz start
Starting OpenVZ: failed to load module vzmon [FAILED]
vzmon: Unknown symbol ve_snmp_proc_init
vzmon: Unknown symbol addrconf_sysctl_free
vzmon: Unknown symbol ve_ndisc_init
vzmon: Unknown symbol addrconf_ifdown
vzmon: Unknown symbol ip6_frag_cleanup
vzmon: Unknown symbol fini_ve_route6........
service vz start
Starting OpenVZ: failed to load module vzmon [FAILED]
vzmon: Unknown symbol ve_snmp_proc_init
vzmon: Unknown symbol addrconf_sysctl_free
vzmon: Unknown symbol ve_ndisc_init
vzmon: Unknown symbol addrconf_ifdown
vzmon: Unknown symbol ip6_frag_cleanup
vzmon: Unknown symbol fini_ve_route6
........
This has stumped me a few times because I keep forgetting that Centos 5.5 comes with a default iptables configuration that ends up blocking DRBD traffic,I tried all the normal things and couldn't understand why I couldn't make my normal DRBD config work. So if you have WFConnection problems and have tried the normal "mailing list" fixes, check your firewall status first!
Both Nodes Say the Following:
version: 8.3.8 (api:88/prot........
Create New RAID 1 Array:
First setup your partitions (make sure they are exactly the same size)
In my example I have sda3 and sdb3 which are 500GB in size.
mdadm --create /dev/md2 --level=1 --raid-devices=2 /dev/sda3 /dev/sdb3
mdadm: array /dev/md2 started.
Check Status Of The Array
*Note I already have other arrays md0 and md1.
You can see below that md2 is syn........
Virtualbox Error
I tried to copy a .vdi of one container to use in another one, basically to clone instead of having to install the OS again.
Failed to start the virtual machine Centos 5.5 Mirror.
Medium '/home/testuser/.VirtualBox/HardDisks/Centos 5.5 Mirror.vdi' is not accessible. UUID {a1a9fad7-0402-4867-b8f3-39fb49454bc5} of the medium '/home/testuser/.VirtualBox/HardDisks/Centos 5.5 Mirror.vdi' does not match the value {4945a0e8-0ed5-4736-9088-bcaf........
This happens on some systems due to a video issue with Intel Videocards, after you see the kernel load you may see almost immediately that you get a black screen.
The following kernel parameters usually solve it:
nomodeset i915.modeset=0 xforcevesa
some people just use "nomodeset" and others use "i915.modeset=0". I think nomodeset may also do the same for each video driver so it may imply i915.modeset=0 anyway but I am not sure.........
NET: Registered protocol family 2
The above is the last thing that I ever saw, I tried pci=routeirq etc.. and it wouldn't work.
The solution is to enable IOAPIC in the VBOX Settings
Just enable "IOAPIC" in the settings for your Centos Guest and you'll find the kernel boots just fine. I wonder if a physical system might stall in this same way if the BIOS has IOAPIC disabled which many people do as a troubleshooting method.
........
I shared a directory on my hostnode/local system (running Ubuntu 10.04) with my Guest system running Windows XP. I have no idea why it's not mentioned or documented in an obvious way, but in the Windows client you just access it with "\Vboxsvr"
Once you access that share you'll have access to all of the VBOX shares on your local host. I think it should indicate it somewhere when you enable the sharing. Yes, I'm sure it's buried so........
This was done on Centos butI think it's easier on Debian machines, the paths that it is set to use are tailored towards Debian, so there is some fiddling that needs to be done on Centos.
This is for chrooting ssh, but jailkit has other uses than just SSH jails but I won't cover them in this writeup.
1. Install jailkit
yum install jailkit
2. Setup Jail Home
mkdir /home/jail
chown root:root /home/ja........
This server was experiencing loads of up to 80 and maxing out the RAM and kmemsize on a CPanel VPS. There were literally dozens if not hundreds of exim processes. I have no idea why exim has such a design that would allow it to consume this much CPU and RAM. Any normal MTA should not be spawning so many processes, it should be processing them in sequence and if it is going to spawn hundreds of processes in response to a large volume of mail, it's better to have a delayed del........
After installation Directadmin does not work on OpenVZ VPS when browsing http://ip.ip.ip.ip:2222
service directadmin status
directadmin dead but pid file exists
tail /var/log/directadmin/error.log
Check the value of your ethernet_dev=eth0 setting in your /usr/local/directadmin/conf/directadmin.conf file and the output of /sbin/ifconfig
2010:07:10-12:44:01: ioctl can't find........
Mencoder is great, you can throw anything at it, including video files from your camera and have it encode into xvid or almost any other format.
In my case I took 640x480 video from my Canon and reduced the size by 1/3 with the options below (there are many other options that you can read about in the manual but I like to keep it simple).
Mencoder Encode
mencoder -ovc xvid -oac mp3lame -xvidencopts fixed_quant=4 -o ........
catdoc.i386 : Decodes MS Word files into plain text or TeX format
I haven't figured out how to use it, it is really not clear or obvious but it should do the job if you can figure it out.
Usage:
catdoc [-vu8btawxlV] [-m number] [-s charset] [-d charset] [ -f format] files........
[27969.398749] sd 5:0:0:0: [sdb] 3907029168 512-byte hardware sectors (2000399 MB)
[27969.398749] sd 5:0:0:0: [sdb] Write Protect is off
[27969.398749] sd 5:0:0:0: [sdb] Mode Sense: 00 3a 00 00
[27969.398749] sd 5:0:0:0: [sdb] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[27972.117543] ata6.00: exception Emask 0x0 SAct 0x1 SErr 0x0 action 0x0
[27972.117543] ata6.00: irq_stat 0x48000000
[27972.117543] ata6.00: cmd 60/08:00:ff:7........
If you have the "(auto-read-only)" beside an arrayI have no idea why that happens but it is easy to fix.
Just run "mdadm --readwrite /dev/md1" (rename md0 to the device with the problem and it will begin to resync.
md1 : active (auto-read-only) raid1 sdb2[0] sda2[1]
19534976 blocks [2/2] [UU]
resync=PENDING
........
I finally decided to look into some utils that did this, and the first one I found is "mp3burn". It is unbelievable simple and perfect. *2017-11 update and mp3burn is still available in standard repos such as Ubuntu 14/16 so this is a current and working project.
Just install the package and it gets all required libraries to convert and then burn's on the fly. And you won't believe how simple it is.
I just want to a directory that had the MP3's I wanted t........
This is obviously a bug in the r8169 kernel module and it seems to affect a lot of people. I upgraded to the latest kernel and hope this won't happen anymore, as it is a very serious error. This is especially serious for those who are running servers with this chipset, who can afford for the NIC to randomly go off-line for no apparent reason?
[655548.189113] type=1505 audit(1277067560.902:5): operation="profile_load" name="/usr/bin/freshclam&q........
This is a great way to use your ftp server space, for example on your web hosting account (althoughI believe many hosts don't allow storage like this), but if you have a VPS/Dedicated Server etc.., this would be perfect. Imagine how easy it is to work with an ftp account that you can just mount as a normal partition or directory in Linux, it would be great for backups etc..
Name
curlftpfs - mount a ftp host as a local directory
Synopsis........
This is based on Debian Linux but should apply equally to any *nix distro.
Install LUKS/crypt-setup
apt-get install cryptsetup
Setup your LUKS Partition
Of course change /dev/md2 with whatever partition you intend to use LUKS on.
cryptsetup --verbose --verify-passphrase luksFormat /dev/md2
You'll be asked to verify your decryption password twice
*DO NOT FORGET THIS PASSWORD AS IT IS NOT RECOVERABLE!........
I've never understood how to enable and disable services for different run levels in Debian based distros, it's just weird, annoying and doesn't make sense. I much prefer chkconfig from RHEL.
Just install the package called 'rcconf' and be done with it. rcconf makes things easy for you.
apt-get install rcconf
Reading package lists... Done
Building dependency tree
Reading state information... Done........
I'm using Ubuntu 8.04 but anyone using older kernels will find this may apply to them. My Intel graphics are very slow with the default Xorg settings but by using "EXA" acceleration, scrolling down windows of text becomes pretty snappy.
Just edit /etc/X11/xorg.conf
Section "Device"
Identifier "Configured Video Device"
&nb........
Why would you want to downgrade the superblock? Old mdadm verisons like mdadm 2.5.6 only use the 0.90 superblock/metadata and new versions use 1,1.0,1.1 and 1.2 superblocks by default.
There are some annoying caveats with this, first of all the new superblocks (later than 0.90) CANNOT be read by GRUB, so you won't even be able to install GRUB. Even worse, old versions of mdadm CANNOT automatically detect arrays even if they were created with a new version of mdadm with th........
Which one does the OS care about? blkid says the UUID is "787f1fa4-b010-4d77-a010-795b42884f56" while md insists its UUID is "4d96dd3b:deb5d555:7adb93cb:ce9182d9"
When in doubt, do we assume the OS takes the one from blkid?
/dev/md0: UUID="787f1fa4-b010-4d77-a010-795b42884f56" TYPE="ext3"
[root@localhost ~]# mdadm -D /dev/md0
/dev/md0:
Version : 0.90
&........
I successfully created a single RAID 1 partition which includes /boot inside it and my root directory through the Debian installer. It said GRUB installed successfully but when I try booting the OS it seems GRUB can't read anything.
When trying to boot from GRUB
GRUB Loading stage 1.5.
GRUB loading, please wait...
Error 2
I get "Error 2" when trying to boot Debian. I also notice from a LiveCD that........
I installed 5.5 with a 300GB RAID 1 partition (boot is also on this partition). It booted up fine the first few times until after I used a Live CD and accessed the array, and it became named /dev/md127 for some reason.
Now whenI boot into CentOS I get a kernel panic and different errors, once I got "invalid superblock", even though the array is fine (it didn't happen again, probably because I was sure to dismount and stop the mdadm array properly).
Here's what........
This was unbelievable how much the Xen kernel slows things down, keep in mind both tests were done on the hostnode, one was with the Openvz-Xen hybrid kernel and the other was just OpenVZ. You can see the performance difference is nearly 300% better when not using the Xen kernel.
OpenVZ-Xen Kernel Test Results (I was wondering what was wrong/so slow with my Core i5!)
# # # # # #&n........
This can be very annoying and CPanel doesn't seem to document it, or it's not found or made as obvious as it should be. It's always funny when I find it more difficult to work with a control panel than to do everytihng manually without CPanel or even Plesk.
So once again, the default serve path for contents is: /usr/local/apache/htdocs and this is especially applicable when accessing Apache by just an IP which is unbound to any domain at this point.........
It's not just as simple as running the chroot command, you need to ensure the /proc and /dev entries are passed through and populated to the chroot environment.
Step 1 - Mount Your Off-lineOS
mount /dev/sda1 /mnt
Step 2 - Mount Proc
mount -t proc none /mnt/proc
Step 3 - Mount Dev
Most guides will tell you to use this: mount -o bind /dev /mnt//dev but that doesn't work for some reason in many cases:
mount: wron........
cat /proc/user_beancounters produces the following:
kmemsize 1861537 5139870 12752512 12752512 26965041
Notice the failcnt "26965041", that is for kmemsize and at first it confused me. The system had enough guaranteed and enough burst RAM available. kmemsize is a variable indepedent of that, but who cars about the explanation right, let's just make thing........
CC drivers/message/fusion/mptsas.o
drivers/message/fusion/mptsas.c: In function `mptsas_port_delete':
drivers/message/fusion/mptsas.c:106: sorry, unimplemented: inlining failed in call to 'mptsas_set_rphy': function body not available
drivers/message/fusion/mptsas.c:462: sorry, unimplemented: called from here
make[3]: *** [drivers/message/fusion/mptsas.o] Error 1
make[2]: *** [drivers/message/fusion] Error 2
mak........
mdadm --assemble --scan
mdadm: /dev/md/diaghost05102010:2 has been started with 2 drives.
mdadm: /dev/md/diaghost05102010:1 has been started with 2 drives.
mdadm: /dev/md/diaghost05102010:0 has been started with 2 drives.
-bash-3.1# cat /proc/mdstat
Personalities : [linear] [raid0] [raid1] [raid6] [raid5] [raid4] [multipath]
md125 : active raid1 sda1[0] sdb1[1]
14658185 blocks super 1.2........
Out of memory: kill process 7559 (rsync) score 635 or a child
Killed process 7559 (rsync)
I was surprised to see this in my dmesg whenmy rsync backup suddenly stalled/stopped.
This system has 3 gigs of RAM and lots of free memory so I don't understand what is happening.
rsync invoked oom-killer: gfp_mask=0x200d2, order=0, oomkilladj=0
Pid: 7600, comm: rsync Not tainted 2.6.24.2 #83
[] oom_kill_pr........
Apr 30 17:07:07 localhost kernel: [12265558.582378] r8169: eth0: link up
Apr 30 17:07:07 localhost NetworkManager: (eth0): carrier now ON (device state 1)
Apr 30 17:07:08 localhost kernel: [12265559.237961] r8169: eth0: link down
Apr 30 17:07:08 localhost NetworkManager: (eth0): carrier now OFF (device state 1)
Apr 30 17:07:11 localhost NetworkManager: (eth0): carrier now ON (device state 1)
Apr........
Not sure what rsync switches/options to use?
rsync -PDrphogtl
The short version would be:
rsync -Pha
I think these are really common sense options to use and probaby should be the default.
Explanation of rsync switches
P = display the progress
D = hybrid of --specials and --devices so all special and device files will be copied as well.
r = recursive (otherwise rsync won't copy files deeper than........
This drive is clearly on the way out, the Kernel knows it but I'm surprised that SMART is not concerned. I didn't blame Seagate for their past issues until now. This hard drive has hardly been used and has not even been powered on for a year according to SMART.
Home page is http://smartmontools.sourceforge.net/
=== START OF INFORMATION SECTION ===
Model Family: Seagate Barracuda 7200.11
Device........
Seagate Inventory/Firmware Check
I heard about this issue a long time ago but never looked into it. I figured I wasn't affected since my 500GB drives were running for so long. I've been using Seagate's since 2002 and to this day all of the drives I have are alive from Seagate.
*Update the bad news is that I realize one of my 500GB's is about to die, it's not even a year old, but is also not affected by the recall according to Seagate!
Seagate Inventory/Firm........
You can find it for free at http://nginx.org/ I find nginx is simpler to setup than pound (it's not hard but I found it unintuitive and annoying), it seemed to make some basic setups overly complicated with the config file syntax.
nginx on the other hand is perfectly suited in everyway, it is even simpler to setup and seems to be the most stable and most efficient any load balancer. I would go as far as to say that a good nginx setup is more relia........
Before we start I take no responsibility for this, you should have a backup and if you make a mistake during this process you could wipe out all of your data. So backup somewhere else before starting this as a precaution, or make sure it's data you could afford to lose.
The RAID 1 Setup (Hardware Wise)
I've already setup my 2 x 1TB (Seagate) drives with identical partitions, make sure your new hard drive (the empty one) is setup like your curr........
I have no idea why but mkfs.ext3 defaults to a patheticlly small blocksize of 1024 bytes/1KB (kilobyte). That means the maximum filesize is ONLY 16GB! With 2KB/2048 bytes you get a 256 GB maximum filesize, and with 4KB/4096 bytes you get 2TB!
I finally noticed/paid attention to this after realizing that with rsync and scp that no file larger than 17GB could be transferred. I then realized it must be a file size limit on the partition.
Here is what tune2fs tol........
It's basically free bash shell script available from: http://wpkg.org/email2fax/index.php/Main_Page
Make sure you have the required tools:
libtiff
ghostscript
mpack/munpack
Where you can e-mail your Asterisk box and it will fax it to the phone number in the subject line. The good news ends there, it is fairly undocumented and buggy.
Take for example how the documentation mentions you can invoke from the com........
In Debian based distros:
apt-get install jabber
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
fakeroot dkms
Use 'apt-get autoremove' to remove them.
The following extra packages will be installed:
jabber-common
The following NEW packag........
I decided on using yum to help me decide even though I normaly use proftpd I decided to see what else I could find.
yum search ftp
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* rpmforge: ftp-stud.fht-esslingen.de
* base: mirrors.netdna.com
* updates: updates.interworx.info
* addons: yum.singlehop.com
* extras: mirrors.netdna.com
rpmforge........
Proxmox has made this free utility to backup running OpenVZ containers. It's a great program which is actually just a PERL script but gets the job done. This program is not 100% required because all it really does is cp -a from your container's path as far as I know but it is still good to have uniformity to how you backup your containers.
For RPM distros such as Centos/RHEL/Fedora etc.. download and install this:
wget http://www.proxmox.com/cms_proxm........
All you have to do is browse to:
C:Documents & SettingsYourUserName and you'll see the following:
Inside "My Recent Documents" are of course shortcuts to the most recent documents you opened
Inside "SendTo" is your sendto, you could edit that to Send a file to a network destination, your Flash Drive........
Here are the results, it is Sempron 3000+ AMD Mobile, 500Gig HDD, 512MB RAM with shared ATI Radeon graphics.
# # # # # # # ##### ###### # # #### # #
# # ## # # # #&nb........
heartbeat is stopped for some reason
Anyway hnode2 was active and the services are running fine but I see heartbeat has been stopped somehow.
Here is the last log I see of heartbeat:
[quote:23c84415f5]
Sep 9 17:15:32 hnode2 heartbeat: [16738]: info: MSG stats: 9/1762471 ms age 0 [pid16738/MST_CONTROL]
Sep 9 17:15:32 hnode2 heartbeat: [16738]: info: cl_malloc stats: 716/51784021 152624/74519 [pid16738/MST_CONTROL]
Sep 9 17:15:32........
PHP cannot access /usr/bin/opensslI have verified the username that runs the process is able to access /usr/bin/openssl and it does exist but the PHP script is saying it doesn't exist:
[code:1:1fd0f3abbe]
if (!file_exists($OPENSSL)) {
//echo "ERROR: OPENSSL $OPENSSL not foundn";
}[/code:1:1fd0f3abbe]
I don't get itI can clearly see the contents of /usr/bin by using the PHP system fu........
rsync bash script
[code:1:722d8a25c1]#!/bin/bash
# config ---------------------------------
# two methods
# from = receive data from another server
# to = send data to another server
rsync_method=from
rsync_ip='192.168.5.18'
local_dir='/home/backupguy/backups'
remote_dir='/home/backup'
free_space_bin='/home/backups/freediskspace.sh'
# config end ------------------------------
if [ '$rsync_me........
JavaScript get valued of selected drop down l
[code:1:4be190f44a]Package = OrderForm.package.options[OrderForm.package.selectedIndex].value;[/code:1:4be190f44a]
OrderForm = Name of HTML form the SELECT is inside
package = Name of SELECT element eg.
JavaScript says form name is not defined even though it is
I've integrated this into my design and I got an error saying the Form Name i........
SSH automatic login without passwordlocal> ssh-keygen -t rsa -f .ssh/id_rsa
-t is the encryption type
-f tells where to store the public/private key pairs. In this case, the .ssh directory on home is being used
A password will be asked; leave this part blank, just pressing
Now, go the .ssh directory, and you will find two new files: id_dsa and id_dsa.pub. The last one is the public part. Now, copy the public key to the serv........
Asterisk FreeBSD compile problemsI couldn't get it to compile without using the following options at compile time:
[b:b7d672ee28]
make install WITHOUT_ZAPTEL=YES WITHOUT_MYSQL=YES WITHOUT_FAX=YES WITHOUT_ODBC=YES WITHOUT_H323=YES[/b:b7d672ee28]Some problems you might have with copying over your Linux config files to FreeBSD is different paths.
[b:f044931f41]For example the etc path for Asterisk on BSD will now be:[/b:f044931f41]
[qu........
CREATE Database/Granting PrivilegesCREATE your first database
Code:
[code:1:0668cd8e74]CREATE database myfirstdb;
[/code:1:0668cd8e74]
CREATE a user for your first database
This one creates the user 'sqladmin' and gives them 'usage' on your new database 'myfirstdb'
Code:
[code:1:0668cd8e74]mysql> GRANT usage on myfirstdb.* to sqladmin@localhost;
Query OK, 0 rows affected (0.00 sec)[/code:1:0668........
Nice General Linux RAID 1 GuideFull examples/tutorials that should work for any Linux system using GRUB or LILO as the boot loader.
This is the only tutorial I've seen that clearly shows how you can convert an existing non-RAID system to software RAID1 remotely, without ever having to be at the computer. This is important for people who co-locate or rent dedicated servers that they may not have physical access to in a timely manner.
https://alioth.debia........
Heredoc warningsExample
$somevariable = ........
Updated to Version 3.8 and can't loginSSHD accepts my password but then hangs at "Last login: Wed Sep 13 21:30:02 2006 from"
This occurred during a yum update after upgrading my release, installing the new kernel and rebooting.
I got kicked out of sshd after seeing the following during yum update:
telnet 100 % done 85/476
tux 100 % done 86/476
ntsysv 100 % done 87/476
rpmdb-redhat 94 % done 88/476........
locate: command not found (slocate database needed)For some versions especially older ones like 3.x they might not have the "slocate" database.
Meaning a "locate somefile" command doesn't work.
Just install "slocate"
[code:1:d6d717421c]yum install slocate[/code:1:d6d717421c]
Then run:
[code:1:d6d717421c]updatedb[/code:1:d6d717421c]
And you're good to go :)........
Need identd for port 113 ? Install authdyum install authd
Happy identing :)Actually it's not that simple.
It installs as an "xinetd" service and is disabled and turned off by deafult.
To enable it run:
[code:1:8c94df8319]
chkconfig --level 3 auth on
service xinetd restart
[/code:1:8c94df8319]
This will set identd aka authd to start by default.
service xinetd resta........
Crontab Tutorial - Tips & Shortcuts*/5 * * * * /command
The above is an example of a command that runs every 5 minutes.
Normally instead if the "*/5" you'd have to type
"5,10,15,20,25,30,35,40,45,50,55" etc...
You can use it to run a program every 5 days, 5 months 5 years etc...Crontab run one a day at a certain time[code:1:7a3bd32dfa]0 1 * * * /home/backupguy/databackup.sh[/code:1:7a3bd32dfa]........
The New Chips on the BlockThe New Chips on the Block
By Bruce Gain
Story location: http://www.wired.com/news/infostructure/0,1377,67795,00.html
02:00 AM Jun. 13, 2005 PT
We have embarked upon a new era in x86 PC computing -- so say chip giants AMD and Intel following their launches of dual-core PC processors. So how will dual-core processing change your PC computing experience? Our FAQ should help you decide whether or when you sho........
Intel's Finnish FetishIntel's Finnish Fetish
By Dave Mock
June 13, 2005
Chipmaker Intel (NASDAQ: INTC) has successfully topped the personal computer market for decades. Breaking into related areas such as communications has been much difficult for the world's largest semiconductor maker. But a new partnership with Nokia (NYSE: NOK) could help to change that.
Intel's forays into cellular-phone and home-entertaiment-device chips have........
Good Security Tutorial Sitehttp://securityfocus.com is nice!........
Backup Shell Script[quote:aaa4b0b165]#!/bin/sh
date=`date -I`
mysqldump --all-databases | gzip > /var/backup/backup-$date.sql.gz
[/quote:aaa4b0b165]
Something like that could be useful as a cronjob to locally or remotely backup your databases........
Cool SNMP tutorial/infohttp://www.dpstele.com/layers/l2/snmp_l2_tut_part1.html........
Create Table with structure of another existing tableOk, this has many valid uses such as if you need to create backups or the ability to undo changes, you would want to create new tables with the same structure as another. Here is how you do it.
[i:7ed9581493]
Also remember Indexes such as PRIMARY KEYS [b:7ed9581493]will not be preserved[/b:7ed9581493] so you will have to readd them manually.[/i:7ed9581493]
[code:1:7ed9581493]CREATE TABLE NewName AS SEL........
Bash Script Infohttp://www.faqs.org/docs/Linux-HOWTO/Bash-Prog-Intro-HOWTO.html#ss10.5
http://www.scit.wlv.ac.uk/~jphb/spos/notes/shell/shell5.html
http://quong.best.vwh.net/shellin20/#LtohTOCentry-41
http://www.cactus.org/~dak/shellscript.html
http://db.ilug-bom.org.in/Documentation/abs-guide/
http://pegasus.rutgers.edu/~elflord/unix/bash-tute.html
http://heather.cs.ucdavis.edu/~matloff/UnixAndC/Unix/CShellII.html
Since bash i........
It's not all about the speed.I'd also thought I'd mention that speed is not everything. Routing is the key, because if one router you hit is slow then it doesn't matter how fast your connection is. I have found that locally, Telus has much better routing than Shaw (although I have not yet tested their new DOCSIS network).
There are also some countries such as Sweden that offer high speed connections, but the high speed only applies locally. The reason is that man........
ECS K7S5A Motherboard System Take Up To 2 Minutes To BootHi guys,
My motherboard is very strange. Sometimes it will take up to a few minutes to post. I have no idea it suddenly started doing this. I have tried everything and all I can figure is that it is somehow related to the USB ports possibly.
Why do I say this?
Because if I disconnect my scanner the problem occurs less frequently. I only have a printer hooked up to USB now and by........
Use Mozilla Firefox, not Internet Explorer - You'll be glad!Hey guys,
I just thought I'd recommend that everyone switch to Mozilla Firefox as their web browser. You can find it at http://mozilla.org
It is free and it is much better than IE. It has a built-in popup blocker which works great and most importantly, it doesn't have a million critical security flaws which could compromise your security such as passwords for on-line banking etc..........
Basic Port ListingHopefully someone finds this useful or at least interesting.
http://www.sans.org/top20/#u9
Name Port Protocol Description
Small services ........
My list of handy security links - Ongoing[b:6f8d25be68][size=18:6f8d25be68]News[/size:6f8d25be68][/b:6f8d25be68]
Security Focus http://www.securityfocus.net - Nice Security News Site
CERT http://www.cert.org/
Common Criteria (see if your OS/software is EAL4 certified) EAL(Evaluation Assurance Levels is the industry standard for evaluation of security in software) http://www.commoncriteria.com
[size=18:6f8d25be68][b:6f8d25be68]Tools[........
Other Security Web SitesSeveral websites actively track security issues. This list provides you with the major providers
of security information on the Web. Many of these organizations also provide newsletters and
mailings to announce changes or security threats:
Center for Education and Research in Information Assurance and Security (CERIAS)
CERIAS is an industry-sponsored center at Purdue University that is focused on technology and
relate........
Clustering LinksI thought this might be interesting for people with spare time.
[b:6423c19973]Great clustering article from Linux Mag[/b:6423c19973]
http://www.linux-mag.com/2003-11/clusters_01.html
[b:6423c19973]General Linux cluster information[/b:6423c19973]
http://www.gdargaud.net/Hack/ClusterNotes.html#HighA
http://www.faqs.org/docs/Linux-HOWTO/Cluster-HOWTO.html#s3
http://www.yolinux.com/TUTORIALS/LinuxClustersAndFileSys........
NewEgg is one of the few companies that stocks this great right angle 1U SATA power cable. I've purchased some no-name ones and they face the wrong way (towards the bottom of the chassis) which makes it worse/impossible than standard SATA connectors.
The price is high but if you're building a 1U server and want SATA disks and don't have much space (eg. the 1U Supermicro cases) then these are simply a must and........
The "Geoip" package is available on virtually all Linux and Unix like systems and is very handy in looking an IP address' corresponding country.
The homepage of the maintainers is here.
They also have a package called "Geocity" which can be downloaded from their site, it is still free and gives you a close indication of the city the visitor is from. You can........
RemoveHandler .html .htmAddType application/x-httpd-php .php .htm .html Just add the above into the .htaccess file for your website. Also remember that you need to be allowed to override the Apache and this should go into the vhost for your site as shown below:
# you need the AllowOverride otherwise .htaccess directives will be ignoredOptions FollowSymLinksAllowO........
Shortcut/Easiest Way To Create A Self-Signed Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
Using the above, you instantly create a self-signed certificate valid for 1530 days and you can simply skip to step #5.) below.
If You Need a Real SSLCertificate (eg. Equifax/Openssl) then you need to create a CSR request (you'll need to follow Steps 1.) and 2.) in order to create the CSR. You then upload the CSR Certi........
top - 09:34:12 up 2 days, 20:57, 2 users, load average: 1.83, 1.99, 2.03
Tasks: 59 total, 2 running, 57 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.3%us, 0.0%sy, 0.0%ni, 0.0%id, 99.7%wa, 0.0%hi, 0.0%si, 0.0%st
That 99.7% wa is iowait, it means the server is waiting for a process to complete an IOoperation or in plain English, there is a delay in........
I was starting to panic because suddenly my 1TB Seagate SATA drive wasn't working,I thought it was a BIOS issue because it seemed to have happened after I tried overclocking my Desktop too much.
I tried powering down and waiting, but I still couldn't hear the drive spin up at all. I tried a second 1TB hard drive and it wouldn't work either. I checked all power connections again and again until one of the pins in the MOLEX connector popped completely loose.
Th........
The results are still not flattering and are nothing close to native performance. Unless GlusterFS has a "DRBD-like" option to delay writes over the network and to only read from the client side, I don't see how performance can ever improve much more.
After doing some client optimizations Iadded more to the score:
Start Benchmark Run: Sun Nov 29 00:37:44 PST 2009
00:37:44 up 3 min, 1 user, load average: 0.01........
I've tried to find a good sensible solution to cluster with and each technology has it's pros and cons and there is no perfect solution and I've found a lot of "exaggerations" in the applications, benefits and performance of these different filesystems.
DRBD
I first started off with DRBD and Ihave to say it does live up to the hype, is quite reliable (although it can be annoying to match up the kernel module and user applications since they must match and whe........
You might remember my original GluserFS/OpenVZ benchmark which produced a horrible 29.8
This is the exact same system, but using the latest 2.0.8 (with some small files patch which speeds up performance) you can see it is about 25% faster.
I also haven't tuned my config files at all, but there are some settings that should increase performance on small files which I believe i........
This is very disappointing since GlusterFS markets itself as a solution to deploy VPS servers on. On the HNitself I get a Unixbench of about 360.
I'm also using an SSH tunnel to secure the communications, but even before that, things seemed very slow.
# # # # # # # #####&n........
In Newer Linux Distros This Way Is Easiest and works on newer versions like Ubuntu, Mint, Fedora, Centos, Debian etc.
#if you are missing timedatectl this in newer distros like Ubuntu/Mint/Debian and are using a container like Docker then do "apt install systemd"
timedatectl set-timezone America/Vancouver
Replace the America/Vancouver with the correct timezone.
To see the list you can just type "timedatectl set........
For some reason Ikeep getting this error when trying to run a sudo command eg:
sudo -u someuser somecommand
sudo: Error dropping capabilities, aborting
My version of sudo is:sudo-1.6.9p17-3.el5_3.1 and I've heard that version 1.7 fixes everything. The only thing is yum does not think sudo has any update. Iguess the new version has not been committed to the RPM repository yet.
This is really a huge and ann........
A VPS Server I had just wasn't working right, code that I migrated there just wasn't working. For example, it kept telling me the connection to the database was unsuccessful, halfway through iterating through results it already had.
Then I realized it wasn't my code. Ichecked my /proc/user_beancounters and found this:
cat /proc/user_beancounters
Version: 2.5
uid resource held maxheld barrier limit failcnt........
I was getting very frustrated one day wondering why it appeared my .htaccess file was being ignored and not processed by Apache. No matter what I did it was obvious that Apache didn't care about my .htaccess file. Then I realized that the default settings must be in effect, which is that my vhost didn't explicitly allow me to override the default settings.
This usually comes down to your vhost settings. Make sure you have an entry like this in your Apache vhost settings in........
This is pretty bad, ever since my phone has been unlocked the battery life is horrible. Many others have reported this issue on provider unlocked phones and even jail broken phones. We're talking issues as bad as losing 1% every 3 minutes which is what I seem to have observed as well.
For now I'm going to relock the phone, and hopefully a firmware update will address this issue. This is very annoying and it seems apparent this is also happening on 3G phones and that........
Has Apple tried to give a golden egg to the cell phone companies? Has anyone noticed that if you set your lock time to x minutes, the phone doesn't just lock, it goes into standby. When it does this, any WiFi connection you have gets dropped and all push/data functions such as e-mail checking are done through the 3G network.
There is no way to change this feature and functionality and it's very annoying, especially if you are downloading something or loading files over the........
First of all you need to be jailbroken, but this is not covered here.
Go into Cydia and click "Manage Sources" then "Edit"and add: repo666.ultrasn0w.com
Then search for "ultrasn0w" as a package and install it, that's all there is to it, your iPhone is finally unlocked so when you travel abroad you can avoid ridiculous roaming charges, or you can switch providers and use any SIMcard you like.
You'd really thi........
Apple crippled the iPhone by not allowing multi-tasking of the non-primary apps. I use SSH a lot and I don't want to close my session just to check my e-mail, etc, now an app found in Cydia called "Backgrounder" allows just that.
Although it's not perfect, we installed the correct one for "3.x" iPhones and hit "Reload SpringBoard" and the hour/circle glass has just been going for minutes.
It seems like it installed fine even with the crash t........
Yes, Iadmit I finally got bitten by the hype as much as I can usually see through it all. Keep in mind this review is of the "stock" phone, no jailbreaking yet which is what really unleashes the customizability and whyI bought iPhone.
I had better things to say about this phone before buying it, and it is a great phone, perhaps the best on the market by far, if not because of the Mac OS port onto the iPhone and all the apps, etc, etc.
With that said........
The dmg format is silly and annoying to work with, why couldn't Apple stick with the .iso standard? Anyway, there's an excellent Linux and Windows based tool to convert it back to a normal .iso Image called dmg2iso
I'll only cover theLinux version although the Windows pre-built binary works the same way.
Download dmg2iso here for free (from the author's website)
It's just silly and doesn't make sense that Ubuntu doe........
I've had an old Blackberry for a few years and I was ready to spend some serious cash on a nice Nokia. I love the idea of the Linux based Symbian S60 OS, so I was looking at phones like the E63, E71 (both are basically the same, at least CPU/screensize although E71 is thinner, has a 3MP camera, has GPS, and has dedicated buttons to adjust the volume).
Then Iheard about the N97 and what a revolution it was supposed to be and it was even compared to iPhone.
To........
This is the Intel Atom 330 motherboard with integrated Realtek Gigabit NIC (Intel Desktop Board D945GCLF2 Motherboard W/ Atom 330 1.6 GHz Dual Core Processor - Mini-ITX)
I cannot achieve more than 15 MB/s, even doing a local transfer through eth0 to it's own IP.
100% 95MB 15.9MB/s 00:06
So this is not a cabling, switch or hardware issue, it seems like a driver or chipset limitation problem.
Here is my........
genisoimage: Directories too deep for 'Backup/My Documents/My Music/iTunes/Album Artwork/Local/5928CE9C1AFAC465/07/15' (7) max is 6.
Some people said choosing the --iso-level-4 option will help. I just opted to add the "-D" switch and everything was fine.........
This is really something the SSHServer developers should consider. The cause of this annoyance is because of failed DNS lookups on your IPaddress, which is especially common for many dedicated/col-located servers and also computers on internal NAT/private networks.
The chances are this is the cause of your SSHSlow/Delayed Login problems.
The easy solution to SSH Login Problems
Edit /etc/ssh/sshd_config
Add this line to disable r........
Igot this after copying a VMWare image onto another machine in Debian.
SIOCSIFADDR No such device eth0 error while getting interface flags
The solution
1.) Find and edit the device line in persisent-net.rules note it will be prefixed with something like z25 or something else.
vi /etc/udev/rules.d/z25_persistent-net.rules
The easiest way is to comment anything out.
If you are feeling........
When trying to even cd or ls the mounted OCFS2 partition it crashes. Ithink this is a combination of VMWare Server's problem and the way I mounted and symlinked to it.
More than anything this shows the problem and lack of forsight with VMWare, but also that OCFS2 is easily crashed if you do strange things.
Output of /var/log/messages for OCFS2
Apr 10 15:57:45 localhost kernel: [84331.691258] Modules linked in: vmnet vmci vmmon ocfs2_stac........
Server not using user level security and no password supplied.
tree connect failed: NT_STATUS_WRONG_PASSWORD
That happens when trying to use smbclient to connect to a share. The weird thing is that I can authnenticate just fine from Windows XP.
It is partially my mistake, I forgot this share does have a password. I've tried authenticating with the correct user and also with "Guest" because this works in Windows. In Linux I ........
There's a lot of information and guides on OCFS2 for RHELand Centos Linux but the package setup and configuration is slightly different and this has thrown some people off.
Installing OC2FS
You should install the following packages to get started:
apt-get install ocfs2-tools ocfs2console
Configure OC2FS
In RHEL/Centos the main configuration file is located in /etc/sysconfig/o2cb
However in Debian based Linux it is located........
Ithink there has been a lot of negative press towards Rackable Systems. We will give their new solution credit that it is marketed very well, and comes prepackaged and ready to go.
But let's cut through the hype of both sides, the people who love this concept and the people who hate it.
What Rackable Systems have done is a first, to minimize space, power and costs into small servers. This is great, and many companies have already built their own servers based........
((: 08: value too great for base (error token is "08")
Here is the code that caused it for ((track=1;track ........
There's a lot of outdated information and confusion for system administrator's out there.
One annoying task for many an Administrator has been backing up data in Linux. You don't need any GUI tools such as K3B or GnomeBaker. Both are excellent tools but for veteran command line users working remotely, using the keyboard is a great and possibly automated way to save yourself pain and hassle.
At a later date we'll cover how scripting can automatically backup certain........