Generally most containers are by default set not to start automatically.
Ther eare 3 settings for the "RestartPolicy" of containers:
No: Do not automatically restart the container (default).
Always: Always restart the container regardless of the exit status.
Unless-stopped: Always restart the container unless it is explicitly stopped.
On-failure:........
Most relevant config points from my video here.
1.) Create a new End User
The most important part is setting the "Digest Credentials", that is the password that the phone will use to authenticate.........
Although it is well-known that pptp is not secure and is subject to many forms of attacks, the reality is that a lot of legacy and embedded devices use pptp. I argue that if it is being used for routing or remote access or over an already secure connection (eg. another VPN like ikev2) then this is still acceptable. Or in a LANor in a public environment where no private data is exchanged. However, if the nature of the data is extremely sensitive, you should do whatever........
Sometimes systemd-journald can take several hundred megs of RAMor more which is bad for microservices and embedded devices.
Edit /etc/systemd/journald.conf
You can set it to max 5M of RAM like below:
SystemMaxUse=5M
........
FreePBX official install guide is here.
Requirements:
Debian 12 Download Link
Minimal - System Utilities
RAM: 4G
HDD:20G
Note that if you don't have the required base OS yo........
#Remember that you need a valid gateway IPunless the Asterisk server is on the same subnet and LAN
Set Valid Gateway IP (if you don't have one already)
ip route 0.0.0.0 0.0.0.0 GATEWAYIP
Enable VOIPTrust
voice service voip
ip address trusted list
ipv4 0.0.0.0 0.0.0.0
sip
Set Credentials For Asterisk and Register To Asterisk
sip-ua........
This is how we configure outside PSTNaccess or dialing through another SIPtrunk. Beware that this a simplistic example that neglects most security including SRTP
First you'll need to be in config mode:
Step - 1 Enter Voice Service VOIP security options
There are more options but for now we'll just focus on security/allowing connections to and from our phones and the trunk.
Router(config)#voice service voip
........
In newer versions this is a very stubborn issue. Here is how you fix it.
Step 1 - Create networks.conf
sudo mkdir /etc/vbox/
sudo vi /etc/vbox/networks.conf
put this in:
In our case we can use the slash /16 range of 192.168.0..0, change the subnet accor........
Since newer versions of Ubuntu like 20, you will find there is no longer dynagen and that the dynamips provided is faulty and will segfault each time:
Cisco Router Simulation Platform (version 0.2.14-amd64/Linux stable)
Copyright (c) 2005-2011 Christophe Fillot.
Build date: Apr 3 2018 12:20:29
Local UUID: 3c1c0b7f-2fab-4fda-b40b-74841d1bcfe0
Instance ID set to 1.
netio_tap_create: unable to open TAP device tap1 (No such fi........
Your frontend CDN (eg. Cloudflare or even your own load balancer/proxy) must be sending the X-Forwarded-For and you must be running Apache on the backend.
This solves the problem where your logs and services will only see the proxy/CDN IP and not the real client IP.
mod_rpaf will fix all of this
This solution transparently sets the real IP of the client for Apache and any services that rely on........
yum update
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=container error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
One of the configured repositories failed (Unknown),
and yum doesn't have enough cached data to continue. At this point the onl........
This example is using RTL8821AU chipset from a TP-Link T2U Plus USB adapter and other similar ones should work the same.
Here's how to get this chipset RTL8821AU working in Linux.
Here's how to get RTL8812 and RTL8822 working in Linux.........
Edit your /etc/hostapd/hostapd.conf file like below and restart hostapd.
#WPS stuff
# Enable control interface for PBC/PIN entry
wpa_psk_file=/etc/hostapd/hostapd.psk
ctrl_interface=/var/run/hostapd
eap_server=1
wps_state=2
ap_setup_locked=1
wps_pin_requests=/var/run/hostapd.pin-req
config_methods=label display push_button keypad
#WPS model info stuff change to suit your needs
d........
Many times just doing an update-grub may find Windows and add it to grub, but a lot of times it won't.
Create Windows in a custom grub entry like below:
sudo vi /etc/grub.d/40_custom
menuentry "Windows 10" {
set root='(hd0,0)'
chainloader + 1
}
Change Windows 10 to whatever you want to call it. For example if it was for Windows 11 you'd probably want to ca........
This guide assumes you have a working Postfix server and want it to sign with DKIM.
There are a few things we have to understand to make all of this work though, which require you to be familiar with DNS as well.
1.) Install OpenDKIM
apt install opendkim
systemctl enable opendkim
2.) Edit /etc/opendkim.conf
Syslog yes
SyslogSuccess yes
Mode&nbs........
apt install tftpd-hpa
#change TFTP_ADDRESS to by setting address to 192.168.1.1:69 or the IP you need, otherwise it will listen on all IPs and interfaces which could be a security risk.
# edit /etc/default/tftpd-hpa
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/srv/tftp"
TFTP_ADDRESS="192.168.1.1:69"
TFTP_OPTIONS="--secure"........
[Wed Nov 01 18:47:08 2023] [error] Unable to configure verify locations for client authentication
[Wed Nov 01 18:47:08 2023] [error] SSL Library Error: 151441510 error:0906D066:PEM routines:PEM_read_bio:bad end line
[Wed Nov 01 18:47:08 2023] [error] SSL Library Error: 185090057 error:0B084009:x509 certificate routines:X509_load_cert_crl_file:PEM lib
It actually gives us a good clue that at last one component of our cert is invalid/improperl........
sysctl vm.overcommit_memory=1
echo never > /sys/kernel/mm/transparent_hugepage/enabled
echo 511 > /proc/sys/net/core/somaxconn
1:M 26 Nov 2023 21:34:33.840 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
1:M 26 Nov 2023 21:34:33.840 # Server initialized
1:M 26 Nov 2023 21:34:33.840 # WARNING overcommit_memory is set to 0! Background sa........
You can do a static lease that is tied to the MAC address but what a lot of users prefer is that they come into the office or lab the next day and that their device gets assigned the same IP address (if possible).
As we can see in the dhcpd logs that there is threshold that is defaulted as we'll show later. Whatever the threshold is set at, if the lease is younger than the threshold, it will keep the same lease. In other words, if the device goes to sleep or is powered off........
Sometimes users take their removal drives and unplug and replug them to test what happens during the failure of a disk. However, this breaks things quite badly due to the /dev/mapper in LUKS not coming back online due to it not being closed.
In other words, generally with non-encrypted drives the process is smooth but when encrypted you may want to follow a strategy like this:
We can see below that both disks are unavailable as they were physically remov........
You may have been expecting a normal sized kernel but if you don't disable these .config options you may have a kernel that is several gigabytes.
CONFIG_SLUB_DEBUG=no
CONFIG_DEBUG_INFO=no
CONFIG_DEBUG_MISC=no
Rebuild and you should find that the kernel is the normal and as expected size.........
Are you getting this error when trying to connect to a site/domain/service and then you checked your router/nameserver's logs to see what's wrong?
You may see something like this:
named[3025898]: REFUSED unexpected RCODE resolving
This is not usually an error with named or bind, at least not on your end but NORMALLY this is an issue with the remote nameserver.
A lot of times this is a misconfigured remote nameserver. A classi........
Some people find it less than intuitive to do on DNSMasq and by default DNSMasq is available on 0.0.0.0 which could even be your LAN or Public IP.
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp ........
A lot of companies are unsure which solution to choose and many may not be aware of Docker Swarm as an alternative to Kubernetes. One thing that many Sysadmins find is that Docker Swarm is simply easier, quicker to setup and maintain by far than Kubernetes.........
When Is It Time to Leave Your VPS, VDS, and Dedicated Server Provider?
Choosing the right hosting solution—be it Virtu........
In today’s digital landscape, finding a reliable and secure Virtual Private Server (VPS) or Virtual Dedicated Server (VDS) goes beyond just comparing specs and prices. With increasing concerns over data privacy, security breaches, and government surveillance, the wisdom of choosing your VPS/VDS provider based on juri........
This will be the goto to help solve e-mail delivery issues and talk about many practical issues that happen between developers, admins and scripts that send e-mail and do things that may not be acceptable or cause deliverability problems.
Sendmail Stuff
Edit /etc/mail/sendmail.mc
The problem is that if you send directly out from the server using the mail function, the Return-path of the e-mails will be username@thehostnameoftheserver.com. Let........
First we need a few extra packages:
apt update
apt install -y adduser libfontconfig1 musl sudo
wget https://dl.grafana.com/enterprise/release/grafana-enterprise_10.3.1_amd64.deb
Install / Enable Grafana
dpkg -i grafana-enterprise_10.3.1_amd64.deb
dpkg -i grafana-enterprise_10.3.1_amd64.deb
(Reading database ... 44309 files and directories currently installed.)
Preparin........
During a migration or other custom setup, it's possible you don't have a $HOME/Desktop and as a result the config file that controls this is set to just use your $HOME directory.
This is controlled in the file: $HOME/.config/user-dirs.dirs
As we can see below, Desktop, Downloads, Music and Pictures are set to $HOME. We can edit any of these as we like.
# This file is written by xdg-user-dirs-update
# If you want........
If you are using a hypervisor to test Proxmox (eg. Vbox) then changing the video card/display adapter can fix it.
For example VboxSVGA causes the issue but switching to VMSVGA fixes it.
For example VboxSVGA causes the issue but switching to VMSVGA fixes it.
........
configure.ac:75: error: possibly undefined macro: AC_PROG_LIBTOOL
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
autoreconf: /usr/bin/autoconf failed with exit status: 1
make: *** [/software/pixman/configure] Error 1
make: *** Deleting file `/software/pixman/configure'
yum install libtool........
autoreconf: Entering directory `.'
autoreconf: configure.ac: not using Gettext
autoreconf: running: aclocal --output=aclocal.m4t
Can't exec "aclocal": No such file or directory at /usr/share/autoconf/Autom4te/FileUtils.pm line 326.
autoreconf: failed to run aclocal: No such file or directory
make: *** [/software/pixman/configure] Error 1
Just install automake:
yum install automake........
This means the autoconf package is not installed, so we'll install it:
/bin/sh: autoreconf: command not found
yum install autoconf
On Debian
apt install autoconf........
./configure
glib-2.0 required to compile QEMU
yum install glib2 glib2-devel
or on Debian/Ubuntu based:
apt install libglib2 libglib2-dev........
Step 1.) Upgrade to Debian 11 first
The process to go to Debian 12 is not as smooth as 11, when trying to upgrade from Debian 10. In fact, it doesn't work directly, so you'll first need to follow this guide to update to Debian 11, reboot and come back here if successful.
Step 2.) Update sources.list
Update your /etc/apt/sources.list like this:
deb http://........
If you are running a local DNS server like named/bind and don't want to use the ISPsupplied DNS servers that are announced via a DHCP request (using dhclient) then the solution is simple.
The reason should be obvious, but normally running your own DNS server will provide a more reliable, and fast DNS response and you won't have to worry about filtering as much (unless your upstream filters or proxies outgoing DNS requests).
Edit /etc/dhcp/dhclient.conf........
If you have swarm services and dockerd is creating a high load even with the containers just being idle, the easiest solution is to upgrade to a newer docker version.
For example an identical config of 3 nodes, with Redis 5 with 30 replicas produces a load of about 1.45 in Debian 10 with Docker18.09.1
If I create the same setup on Debian 11, with Docker 20.10.5+dfsg1 then the CPU usage is low.
One other difference I wondered is the kernel. In my test setup........
If you get this error, it is often because you have configured Apache with modules that weren't actually installed. Eg. you try to load the PHPmodule but didn't actually install the apache2 php module, so the server can't start. In general, this error can often be caused by issues with problematic modules and/or Apache being configured for modules that have not actually be installed (eg. libapache2-mod-php) is missing.
The above results in this less than obv........
The issue is that Docker images are stripped down, so many tools and even python3 is missing, so you'll have to build or update the actual image yourself.
I assume you have started an image with something like this and that you have the Nvidia Toolkit installed (assuming you are using GPUs). If you're not using nvidia just remove --runtime=nvidia --gpus all.
docker run -it --runtime=nvidia --gpus all ubuntu bash
These works for most images li........
Welcome to our in-depth guide on configuring NVIDIA GPUs with Docker on Ubuntu. This post is tailored for developers, data scientists, and IT professionals who are looking to leverage the power of NVIDIA's GPU acceleration within Docker containers.
Whether you're working on machine lea........
You'll notice that /etc/resolv.conf contains dire warners on most Linux Desktops.
# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use........
We could always disable swap but this would normally be a bad idea unless you have an incredible amount of RAM and a workload that will never exceed it. However, for live/containerized and high performance environments it could be desirable.
Another middle ground may be to set swappiness to a lower number.
You may also want to clear your kernel's cache, which could be eating up RAM unnecessarily by c........
request_module: runaway loop modprobe binfmt-464c Kernel panic - not syncing: No init found Pid: 1, comm: swapper/0 Not tainted
This is usually caused by a mismatch in architecture and happens frequently in development environments.
Here is a example of what caused this issue:
Your binaries are based on one architecture
Your kernel was compiled with another architecture.
Why does this happe........
Check your initramfs if it's missing /dev/null or /dev/console, this is likely the reason.
If you want all actual devices to be created you could also enable devtmpfs in your kernel (.config) and mount like this during init:
CONFIG_DEVTMPFS=y
CONFIG_DEVTMPFS_MOUNT=y
mount -t devtmpfs none /dev
But note devtmpfs will not create /dev/null or /dev/console for........
You may have a broken apt configure that calls for snap (which is not installed if you get the error below):
apt install coreutils
Reading state information... Done
E: Could not read response to hello message from hook [ ! -f /usr/bin/snap ] || /usr/bin/snap advise-snap --from-apt 2>/dev/null || true: Connection reset by peer
E: Could not read message separator line after handshake from [ ! -f /usr/bin/snap ] || /usr/bin/snap advi........
haproxy is one of the best known and widely used Open Source load balancers out there and a strong competitor to nginx.
haproxy is used by many large sites per Wikipedia:
HAProxy is used by a number of high-profile websites including GoDaddy, GitHub,........
If you are installing ta-lib for Python and get this error then you can normally solve it by manually getting the ta-lib source files and compiling.
tar -zxvf ta-lib-0.4.0-src.tar.gz
cd ta-lib;./configure;make;make install
Collecting ta-lib
Downloading https://files.pythonhosted.org/packages/39/6f/6acaee2eac6afb2cc6a2adcb294080577f9983fbd2726395b9047c4e13ec/TA-Lib-0.4.26.tar.gz (272kB)
&nbs........
Be very careful about what filename you specify in dhcpd.conf if you get an error like this:
NBP filesize is 0 Bytes PXE-E23:Client received TFTP error from server.
If you specify "BOOTx64.efi" then the file had better not be called "BOOTx64.EFI" as it is case sensitive. It's really a case of th........
Virtualbox is a very powerful tool, but for some use cases it is less than optimal.
Say you are in a work, lab or other environment where you are not alone on the physical network and there could be overlap of IPs, but you need all of your VMs to be contactable from your host, VMs need to communicate with each other, and VMs need internet.
NAT Network will give you VM to VM communication and internet, however, it is buggy and unstable. It also doesn't allow host to VM co........
In this example we install debian 10 with --variant=minbase which gives us a minimal/tiny install. Don't use variant if you want the full size install.
mkdir /tmp/deb10files
debootstrap --variant=minbase buster /tmp/deb10files/
Did you get an error?
debootstrap --variant=minbase buster /home/theuser/VMs/deb10files/
You'll get this error if you make a directory in your home........
Have you checked your router/firewall logs and disconcertingly see connections to an unknown IP207.246.119.209:3478 from your Grandstream VOIPphones?
You're not alone and the Grandstream forums have discussed this issue.
However, even their own staff d........
If you find your NAT Network is not working properly, the first thing you may want to do is list the networks, check their status and make sure the Network is actually started and configured as you expect (eg. is DHCP on and enabled?).
This is a long known, unresolved bug that seems to affect Version 6 randomly and disportionately on especially Mint 20/Ubuntu 18.
https://www.virtualbox.org/ticket/1474........
This is an ongoing issue even with the latest Thunderbird 102.x where attachments downloaded via IMAP just won't save or will be corrupt which is a huge interruption to workflow or if you come back later to find out the file you thought you saved is invalid/corrupt and you have perhaps deleted the e-mail.
How to solve the Thunderbird filesize attachment issue?
1. Click on "Settings". then go to "General".
2. Scroll to the bottom to find "Conf........
Router#show license
Index 1 Feature: ipbasek9
Period left: Life time
License Type: Permanent
License State: Active, In Use
License Count: Non-Counted
Lic........
1.) Make sure your conf register is 0x2102
Do show version and at the very end of the output you will see the Configuration register.
show version
Configuration register is 0x2102
If the config register is not 0x2102 then enter this command:
r1#configure terminal
r1(config)#config-register 0x2102
r1(config)#end
2.) Let's Erase the NVRAM/flash........
It is a bit different and annoying here for these types of routers/models as you need to physically remove the CF (Compact Flash) and only then, will it enter ROMMON mode (Ctrl + Pause remotely over the console will not do it for us). This means you cannot do this remotely, or at least not without the help of a remote/physical helper.
Step 1.) Power off, router and remove CF Disk Slot#2
Go to the router and remove the slot#2 cover uses your hand or it may help to use a........
If you are in enable mode and make a typo, the router will treat it as a domain name and try to resolve it, and if it can't resolve it, you'll have to wait until it times out.
Here's how to solve the Translating domain server error in Cisco
Enter this in config mode:
no ip domain-lookup
Be sure to sav........
How To Fix This Cisco Switch/Router Error %Error opening tftp
%Error opening tftp://10.0.2.2/network-confg (Permission denied)
%Error opening tftp://10.0.2.2/cisconet.cfg (Permission denied)
%Error opening tftp://10.0.2.2/router-confg (Permission denied)
%Error opening tftp://10.0.2.2/ciscortr.cfg (Permission denied)
%Error opening tftp://10.0.2.2/network-confg (Perm........
To find which package a file is from just pass it the path to the file in question, whether it's a config file or binary, you'll find your answer (assuming it does belong to a package of course).
Just use dpkg -S /path/to/yourfile
How To Find Which Package The File Belongs To in Debian Mint Ubuntu Linux
eg.
dpkg -S /usr/bin/xed
xed: /usr/bin/xed
dpkg -S /etc/pam.conf
libpam-runtime........
This article about migrating to a CentOS 7 /8 RAID mdadm array has a lot of info but I wanted to focus specifically on what newer versions of CentOS 7 require to boot mdadm and what changes are necessary on CentOS 7.8+
CentOS 7 / 8 mdadm RAID booting requirements
This assumes you are chrooting into an existing install or using it to get a new deployment ready. However, these steps can........
If you are getting this error from systemctl "Loaded: masked (Reason: Unit hostapd.service is masked.)" we need to unmask the service.
Solution
systemctl unmask hostapd
Removed /etc/systemd/system/hostapd.service.
It's fixed
root@routerOS:/var/log# systemctl start hostapd
root@routerOS:/var/log# systemctl status hostapd
● hostapd.service - Access point and authentication server for Wi-Fi and Ethern........
It may appear to be an Xorg or lightdm/gdm/mdm error but in reality for many users with this issue, it's a driver conflict and issue. I had a system that had two GPUs, an Intel and Nvidia GPU.
The only thing that got it working was to remove the nouveau driver and blacklist it so it never came back, then the Intel GPU works fine without these issues.
Solution
sudo rmmod nouveau
add nouveau/other driver to blacklist
edit th........
NetworkManager is normally good for GUI users who may not be good with manually confguring devices, but if you are using things like bridging and bonding, it will often break things.
How To Disable NetworkManager
systemctl disable NetworkManager
Now that it's disabled you will need to stop NetworkManager. NetworkManager will still be running until you reboot next or manually stop it.
How To Stop NetworkManager
systemctl stop........
Is your /var/log/journal overweight and bloated? For example a decent install of Debian 11 with most applications and services ends up being about 4.9G with the journal taking a few gigs.
du -hs /var/log/journal/
1.3G /var/log/journal/
By default in a lot of distributions there is no maximum size so it will keep growing. This is especially problematic for embedded distributions and devices, but is also a huge waste of sp........
The easiest way for the 8821AU Realtek Wifi chipset / TP-Link T2U Plus:
Bus 002 Device 003: ID 2357:0120 TP-Link Archer T2U PLUS [RTL8821AU]
First install your kernel headers/source/other required tools:
sudo apt install linux-headers-`uname -r` make gcc bc
Clone this github repo with the driver:
git clone https://github.com/morrownr/8821au-20210708
Run the compile/ins........
If you get this error when trying to SSHto a device or machine and you never even got a password prompt:
Too many authentication failures
This means that either the remote side is configured for key auth only, OR your client side may be attempting to auth using mulitple keys, and that exceeds the amount of attempted authorizations on the remote ssh server.
If the issue is trying to auth too many times which ssh defaults to sending the keys to, you ca........
If you get an error like this when installing the Nvidia drivers:
WARNING: Unable to determine the path to install the libglvnd EGL vendor library config files. Check that you have pkg-config and the libglvnd development libraries installed, or specify a path with --glvnd-egl-config-path.
Just install these packages: &nbs........
Bonding is an excellent way to get both increased redundancy and throughput. It is similar to the "Network Teaming" feature in Windows.
There are a few different modes but we will use mode 6, I think it's the best of both worlds, as it is not just a failover, but it provides round robin, so you will get redundancy and load balancing. So if you have a 1G single port, you will have a combined throughput of 4G at this point. Just bear in mind that the true thr........
If you are using mint, delete the preference that stops snap from installing (as it is required for lxc)
sudo rm /etc/apt/preferences.d/nosnap.pref
1. Install lxd:
sudo apt install lxd
Issues install lxd or errors? Click here
Debian at this time does not have lxd so you'll need to use snap:
sudo apt in........
This can be used on almost anything, since Gluster is a userspace tool, based on FUSE. This means that all Gluster appears as to any application is just a directory.
Applications don't need specific support for Gluster, so long as you can tell the application to use a certain directory for storage.
One application can be for redundant and scaled storage, including for within Docker and Kubernetes, LXC, Proxmox, OpenStack, etc or just your image/web/video files or even da........
This happens during an apt update and is related to an issue with sources.list, which is particularly troubling, if you are doing a "live-build".
P: Configuring file /etc/apt/sources.list
Hit:1 http://deb.debian.org/debian bullseye InRelease
Get:2 http://deb.debian.org/debian bullseye-updates InRelease [39.4 kB........
freshclam
ClamAV update process started at Sun Mar 20 00:30:50 2022
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.3 Recommended version: 0.103.5
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
main.cld is up to date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
WARNING: getpatch: Can't download daily-26337.cdiff from db.local.clamav.net
WARNING:........
Install procps and it will install the other packages you need:
apt install procps
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
libgpm2 libncurses6 libprocps7 lsb-base psmisc
Suggested packages:
gpm
The following NEW packages will be ins........
There is a random bug that sometimes occurs with Vbox NAT mode DNS, although it has never happened in the past and Vbox was working fine until recently.
The symptom is that you can see it does get an IP+ DNS from the Vbox NAT DHCP.
Below we use resolvectl dns and verify the DNS server is set to 10.0.2.3 which is the DNS from Vbox NAT. We can ping it but it does not respond to any DNS requests when we use dig @10.0.2.3 realtechtalk.com........
The Best Docker Tutorial for Beginners
We quickly explain the basic Docker concepts and show you how to do the most common tasks from starting your first container, to making custom images, a Docker Swarm Cluster Tutorial, docker compose and Docker buildfiles.........
Have you been given a Zoom password that the meeting owner says is correct but it doesn't work anymore or never works?
If the meeting name says "Zoom Meeting" and it's not really named that (which most meetings are not), then the issue is usually that there is an initial password to be able to join, aside from the passcode. It basically means that Zoom has deauthenticated you randomly or maybe after X amount of uses, without clicking on the Join Meeting URL which contains a........
Why choose OpenVPN instead of a firewall appliance?
OpenVPN can be a reliable and easy replacement for traditional hardware or just be an additional tool that your company uses so that the firewall can focus on its job rather than acting as a VPNappliance at the same time.
When comparing OpenVPN with traditional firewal........
These types of errors are normally caused by misconfiguration of your /etc/apt/sources.list.
In this example on Debian 10, if you didn't complete the install correctly, you will have no repos enabled and only rely on CDROM.
"Package wget is not available, but is referred to by another package. This may mean that the package is missing, has been obsoleted, or is only available from another source.
E: Package 'wget' ha........
You might assume you have a bad drive or the SATA interface/cable is bad, or the power supply is bad/weak to the drive. These are all possible issues, but definitely check your SATA cable for "twisting". It is a big issue because until the error stops or times out, your system will not boot (in my case this was the case even though the drive with the issue was not part of the OS or booting process at all).
If you run an open rig that you move around often that ha........
How To Install Wazuh Server / Quickest Installation
Wazuh (forked from the well known OSSEC project) is a full SIEM (Security Information Event Management) that works extremely well with the platforms it natively supports as an "Agent", which allows you to do scans of everything such as all processes running, CVE vulnerability check, incident reporting etc...
Prerequisites:
A lot of issues with Wazuh seem to be caused by i........
A lot of newer installs will automatically prohibit the root user from logging in directly, for security reasons or they will only allow key based access.
If you know what you are doing/don't care about security or have an incredibly secure password for testing, then you can enable it.
Edit this file: /etc/ssh/sshd_config
Find the following line: PermitRootLogin
Set it like this:
PermitRootLogin yes
Now rest........
1. Let's work from an environment where we can install Ansible on.
If you are using an older version of Linux based on Mint 18 or Ubuntu 16, you may want to get the PPA and get the latest version of Ansible that way:
sudo apt install gpg
sudo add-apt-repository ppa:ansible/ansible
sudo apt update........
Are you getting this error in Proxmox while trying to apt update or install Ceph?
apt update
Hit:1 http://security.debian.org bullseye-security InRelease
Err:2 https://enterprise.proxmox.com/debian/pve bullseye InRelease
401 Unauthorized [IP: 144.217.225.162 443]
Hit:3 http://ftp.hk.debian.org/debian bullseye InRelease ........
How To Install Ceph
If you stopped an install of Ceph midway you will need to manually restart it with "pveceph install"
Remember that your VM needs to have working internet (gateway) and DNS in order to connect to the apt repo to download all of the packages that Ceph requires.
Remember to repeat these steps for each node that you want Ceph on.
........
Here is the scenario, you are using QEMU/KVM and are using something like the AC97 sound driver to pass the host audio to the guest via pulseaudio. This is useful because you can transparently pass your mic input from the host which means you can mute your microphone from the host, which prevents the guest from receiving any mic input even if unmuted.
Mute / Unmute Fix
This issue also seems to happen even if you press the mute button on the microphone and then unmute,........
Kubernetes Easy Beginners Tutorial/Architecture Guide
Kubernetes is known as container orchestration and we should start at explaining the container part of it.
A Container is what runs the actual application and based on an Image, and are more comparable to something like an LXC Container, Virtuozzo/OpenVZ using the Linux Kernel Namespaces feature. Containers run these images as independent, isolated operating environments under the O........
vi is very handy when doing a lot of config file editing and can save you time over using the mouse or using the x or delete keys to manually delete.
Solution:
If you don't want it to stop deleting when encountering things like - or _, then you want this:
d$
Or if you want it to stop on - and _ then use this:
dw
Remember both commands are in "non-input mode" so not when you're........
This assumes that you've already installed the relevant HWIC cards eg. Cisco Asynchronous Serial NIM
These are essentially cards that you install into your router, once installed you connect an Async cable to one of the ports on the card which normally gives you 8 console cables and are normally labelled 1 through 8.
You connect all of the cables to the devices you need (even non-Cisco devices) whether switches, routers or firewalls, they will usually work.
The real m........
This was done on a 2900 but applies to all the switches of the same era.
Step 1 - Power Cycle and enter recovery mode
If you have physical access you can power cycle and hold the mode button down for 15 seconds. After that the SYS light will flash on the switch and you will see the following screenshot.
If you don't have physical access (eg. it is a datacenter swich over console only) then power cycle and hit "Ctrl+Pause/B........
It is common that you may get access to undocumented equipment and need to reset the password. This applies to many Cisco routers whether 2600, 2900, 3900 etc...
Cisco's Guide says to hit Ctrl +Pause/Break but if it doesn't work on some devices causing people to say "cisco password reset pause break does not work", you can see Cisco's alternative key combinations here:........
So you're trying to browse to a properly configured Samba share but you get this error:
Unable to mount location
Failed to retrieve share list from server: Connection timed out
If your config is right, it can be due to a protocol miss-match where your client has not enabled SMB3 but by default the other side (server) has enabled it.
You can test this out to see with the smbclient tool........
Just a quick note and warning is that if you are testing to see if EFIPXE booting works on a VM, MAKE SURE it actually works. For example Iinitially tested using my Distro's QEMU 2.5+dfsg-5ubuntu10.46 and ovmf BIOS firmware (OVMF supports EFI). However, I found on old versions of QEMU (like 2.5), EFIbooting with GRUB NEVER works so it may appear that you have made a mistake when everything is fine when you boot a physi........
Enable "cli" mode equivalent in JunOS
cli
Configure Mode
configure
So rather than going to the console on a Cisco switch and typing "enable" and then "conf t", the equivalent in JunOS is "cli" and "configure".
How Do You Apply Changes You've Made?
You can make all kinds of changes to the switch, but remember they are not........
If you want to start fresh a lot of people falsely assume that an apt remove and then reinstall or apt --reinstall install package will start you off fresh. To be sure and remove all associated config files do the below with the example of ssh server (don't remove it though if you actually use it!)
The key below is using the --purge flag or apt-get purge proftpd (eg sudo apt --purge remove packagename)
apt purge proftpd; apt install proftpd........
One simple flag to configure will create a makefile that statically links all the shared objects and embeds them instead the binary execute. This means as long as you have the same architecture that things should run.
Eg. if you have an old version of Debian with a different version of glibc, then this will solve that problem.
./configure LDFLAGS="-static"
To test that it is really statically linked run ldd:
ldd src/wget........
If you get this error, you were probably compiling some sort of binary or package and got this error. It is normally solved by installing the "gettext"package.
On Debian/Ubuntu just apt-get it:
apt-get install gettext
After that you should be able to configure and make (compile) properly.........
How To Compile QEMU Manually (using sensible options)
1.) Download the QEMU source file you want.
wget https://download.qemu.org/qemu-4.2.0.tar.xz
2.) Extract The Source File
tar -Jxvf qemu-4.2.0.tar.xz
3.) Switch to the extracted source
cd qemu-4.2.0
4.) Make sure we have the right libraries and tools to compile QEMU manually
sudo apt install build-e........
To disable selinux temporarily and immediately:
setenforce 0
To make it permanent edit /etc/selinux/config:
vi /etc/selinux/config........
kdenlive is VERY finicky especially if using an older or newer version it can cause crashes, menus not to work, features not to work, things not to work properly.
A good example is that Icould NOT get automask to work, there would be no box to control it until I did this full reset.
One caution is that your backup project files will be erased when doing this:
How to Reset kdenlive entirely
rm ~/.config/kdenlive-layoutsrc
rm........
I have a Canon MF642c and the scanner wouldn't work. I tried to use saned but it didn't work with the BJNPlike it did for some other Canon models.
Introducing sane-airscan with packages for the most common distributions: https://software.opensuse.org/download.html?project=home%3Apzz&package=sane-airscan
http........
It took a lot of fiddling to make a Huion Kamvas 13 Pro work in Linux but it simple once you know what to do. Don't bother searching as it is unlkely there is a guide out there that will actually make your tablet work.
It mainly comes down to the fact that the hid_uclogic kernel module is buggy or doesn't support MANYof these wacom based/Huion tablets properly.
What was happening with me is that Ihad the Kamvas 13 Huion setup as a secondary screen/monitor.&nb........
A very common use case is that you don't want to waste time using a video editor that requires you to open it up and manually import the video clip and audio clip, then manually delete the old audio track and import the video and new audio. That's too much work and time since we don't want to go through the hassle.
ffmpeg is our solution, all we have to do is specify 3 variables and we're done!
-i Windows2019-Server-Noaudio.mp4 is our in........
The idlepc value is very important to dynamips and it is both image and often CPU dependent. There is no "magic"value that will work for all images and all CPUs so this is why I'll show you a quick and handy way.
Also don't be disappointed, some values do not work well but idlepc gives you several. For example in my example below #6 didn't help at all but #7 got me down to about 6% CPU from 99-100%.
*Befo........
This tutorial will get your router up and running using emulation tools. In this case we'll be getting a Cisco C7206 (C7200 series) VXR router going which also supports SCCP VOIP services.
dynamips is the emulator itself and dynagen is the front-end tool that helps us control everything. It is used by tools such as gns3 and eve-ng.
Together the two tools (dynamips and dynagen) allow us to create and emulate REAL router........
Cannot register the hard disk '/some/path/windows-marking.vdi' {f54def00-2252-43f5-9178-0998636cad61} because a hard disk '/other-path/windows-marking.vdi' with UUID {f54def00-2252-43f5-9178-0998636cad61} already exists.
Result Code:
NS_ERROR_INVALID_ARG (0x80070057)
Component:
VirtualBoxWrap
Interface:
IVirtualBox {0169423f-46b4-cde9-91af-1e9d5b6cd945}
Callee RC:
VBOX_E_OBJECT_NOT_FOUND (0x80BB0001)........
It really seems limited in that it can mainly give you the things you would see on the physical unit such as load etc..
wget https://downloads.sourceforge.net/project/apcupsd/apcupsd%20-%20Stable/3.14.14/apcupsd-3.14.14.tar.gz?r=https%3A%2F%2Fsourceforge.net%2Fprojects%2Fapcupsd%2Ffiles%2Flatest%2Fdownload&ts=1598115866
tar -zxvf apcupsd-3.14.14.tar.gz
cd apcupsd-3.14.14
[root@somebox apcupsd-3.14.14]#
./conf........
If you've come here, don't be embarraassed, working in IT, this is the MOST common computer problem that almost everyone will encounter. The reason why I'm doing this post is because I've seen an increase from colleagues and admins having this problem and many times it's not even your fault. A common scenario is that someone acquires a new or used computer which they weren't given the password for. Fortunately Ihave a detailed list of all the options whether free or pa........
This seems to happen on most if not all Nvidia cards but the good news is that if you are using any of the Linux drivers and have the nvidia-settings tool installed it is just a simple command.
Solution:
nvidia-settings --assign CurrentMetaMode="nvidia-auto-select +0+0 { ForceFullCompositionPipeline = On }"
Enter the above command in your terminal and the screentearing will be fixed which is like enabling Tear Free on AMD cards.&........
/usr/libexec/qemu-kvm -enable-kvm -boot order=cd,once=dc -vga cirrus -m 4096 -drive file=~/23815135.img,if=virtio -usbdevice tablet -net nic,macaddr=DE:AD:BE:EF:D4:AB -netdev bridge,br=br0,id=net0
qemu-kvm: -usbdevice tablet: '-usbdevice' is deprecated, please use '-device usb-...' instead
access denied by acl file
qemu-kvm: bridge helper failed
[root@CentOS-82-64-minimal 23815135]# /usr/libexec/qemu-kvm -enable-kvm -boot order=cd,once=dc -vga cirrus -........
yum -y install gcc make gperf genisoimage flex bison ncurses ncurses-devel pcre-devel augeas-devel augeas readline-devel
checking for cpio... cpio
checking for gperf... no
configure: error: gperf must be installed
configure: error: Package requirements (augeas >= 1.2.0) were not met:
Requested 'augeas >= 1.2.0' but version of augeas is 1.0.0
yum remove augeas augeas-libs augeas-devel
wget http://downl........
apt install software-properties-common
add-apt-repository ppa:deadsnakes/ppa
apt update
apt install python3-pip
apt install python3.7 curl gnupg python3.7-dev git
ln -s /usr/bin/python3.7 /usr/bin/python3
pip3 install numpy keras_preprocessing
curl https://bazel.build/bazel-release.pub.gpg | sudo apt-key add -
echo "deb [arch=amd64] http://storage.googleapis.com/bazel-apt stable jdk1.8" | sudo tee /etc/apt/sources.list.d/bazel........
Most newer distros inexplicably cause your NIC to have what Icall "random" non-standard name conventions because of systemd.
This is a big problem for many people and especially those running servers. Imagine that you have a static IPconfigured for ens33 but then the hard disk is moved to a newer system, the NIC could be anything from ens33 to enp0s1, meaning that manual intervention is required to go and update the NIC config file (eg. /etc/network/interfa........
When authentication times out that is one thing, but when it just fails like below Asterisk by default will not re-register until you the admin reload the sip or asterisk server:
voipserver*CLI> sip show registry
Host dnsmgr Username Refresh State&........
I used to believe that for Desktops especially that the "ondemand" CPUfrequency changing that kernels included with Ubuntu and Debian based distros have would be sufficient for snappy performance.
However, you can feel the lack of performance on the fastest computer if you have ondemand. A lot of times even under high load 100% of your CPUfrequency in MHz will not be used.
For example a 2.8Ghz CPUmay only run at 1.8MHz or even .9GHz. Now........
This happens when upgrading to Apache 2.4 from 2.2 or just because you don't have the right permissions set which we'll get into.
You need this in the ........
There are a few caveats that may not be obvious to everyone so I am going to cover them here but keep this in mind before starting.
Before starting install epel or you will be missing tesseract:
yum -y install epel-release
#1) When you specify your SSL certificate with a full path, it really needs to exist where you tell it to (including the default location of /etc/ssl/certs and /etc/ssl/c........
This is sure simple if you follow the guide but it took a lot of hacking around to make this work on Debian/Ubuntu!
Now before you ask why bother running wine and python, the reason is because Python executables are NOT cross-platform. If you run pyinstaller in Linux, that binary will only run on Linux and the same if you do it in Windows. So it is preferable if you have a single environment that you can create Linux and Windows binaries from rather than running 2 separate........
The scenario here is that you have some sort of remote headless Linux server but would like to run some programs on them and get graphical access to them. The problem is that the remote server may be an image or VMwithout any virtual GPU and even if so, it is likely without KDE or Gnome, so there's no real way to do this, unless you follow our guide.
Install xvfb
apt install xvfb
Reading package lists... D........
Mar 22 13:46:14 box named[31767]: validating @0x7f51bc001550: . DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches a trusted key for '.'
Mar 22 13:46:14 box named[31767]: validating @0x7f51bc001550: . DNSKEY: please check the 'trusted-keys' for '.' in named.conf.
Mar 22 13:46:14 box named[31767]: error (broken trust chain) resolving './NS/IN': 192.36.148.17#53
One possibility is sometimes that your time is ou........
httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load modules/libphp5.so into server: /lib64/libresolv.so.2: symbol __h_errno, version GLIBC_PRIVATE not defined in file libc.so.6 with link time reference
This is usually caused by a mismatch in OpenSSLversion. Interestingly enough a lot of times if it has happened during an update of your system, or after, usually just restarting httpd........
Occasionally my whole screen locks up and I cannot even swith to the console and I find this in my syslog:
*-display
description: VGA compatible controller
product: Mullins [Radeon R3 Graphics]
vendor: Advanced Micro Devices, Inc. [AMD/ATI]
 ........
MySQL on Debian versions is configured differently than the native local MySQL plugin so you will be disappointed when your password on the mysql client fails by default.
Here is how you reset the MySQL root password the proper and "working way"
#first we gracefully stop mysql
sudo systemctl stop mysql;
#then we forcefully kill any mysqld process just in case
sudo killall -9 mysqld mysqld_safe;........
A big problem over ssh and especially sshfs is that your connection will often timeout and disconnect after inactivity.
To fix this you can modify the server but it may not be practical or you may not have access. Why not send keep alives fom your end (client side)?
Just edit /etc/ssh/ssh_config (not to be confused with sshd_config as that is the server side):
Find the line that says "Host *" and change it like this:........
This is only really necessary in the case you don't want DHCP. If you are dealing with an encrypted LUKS server on the internet, you will often want to have a static IP so you know which IP to connect to (or if you have a semi-static IP assigned by DHCP).
SET IP Address by /etc/initramfs-tools/initramfs.conf
IP Address=192.168.1.27
Gateway=192.168.1.1
Subnet Mask: 255.255.255.0
Hostname=myhome.com
IP=192.1........
The cool thing here is that we only need 1 drive to make a RAID 10 or RAID 1 array, we just tell the Linux mdadm utility that the other drive is "missing" and we can then add our original drive to the array after booting into our new RAID array.
Step#1 Install tools we need
yum -y install mdadm rsync
Step #2 Create your partitions on the drive that will be our RAID array
Here I assume it is /dev........
sudo vi /etc/lightdm/lightdm.conf.d/70-linuxmint.conf
Change this:
[SeatDefaults]
user-session=mate
allow-guest=false
To this:
[SeatDefaults]
user-session=mate
allow-guest=false
greeter-hide-users=true
greeter-show-manual-login=true
To see and apply your changes just restart light........
In this case I am executing using "python3" but what you find in cases like this can be surprising.
The most common issues are that someone has a module for python 2 "pip" and doesn't realize they need "pip3" to install it for python3, but this is not one of those cases.
ModuleNotFoundError: No module named 'bs4'
OKmaybe we didn't install it for python3?
[........
It is fairly simple to use once you know how to use it. However, the tricky thing is that by default it doesn't seem to be active or listen on any interface on manually specified.
How To Install ifplugd
First we install ifplugd
sudo apt install ifplugd
Let's enable it on our desired device(s)
vi /etc/default/ifplugd
set this line as so:........
The easiest way to know if your videos are playing with GPU acceleration are to watch the process of xplayer, mpv or whatever you are playing. The CPU usage should be no more than 10% for that process/program if it is using acceleration.
Let's manually play with vdpau to make sure it works before we make it permanent:
First make sure you have libvdpau installed:
sudo apt install vdpau-driver-all
If yo........
I find that the default settings for the radeon driver that is applied to most AMD cards is horrible. For example by default TearFree is not enabled and it causes videos to have some kind of square artifacts.
Here are the settings I have found most suitable for AMD cards:
You need to create file in the following path and restart Xorg or your computer to apply it:
*Beware that making a mistake here will possibly make your computer........
yum install centos-release-scl
yum install rh-php72 rh-php72-php rh-php72-php-mysqlnd
Symlink PHP binary:
ln -s /opt/rh/rh-php72/root/usr/bin/php /usr/bin/php
Symlink Apache and PHP module config:
ln -s /opt/rh/httpd24/root/etc/httpd/conf.d/rh-php72-php.conf /etc/httpd/conf.d/
ln -s /opt/rh/httpd24/root/etc/httpd/conf.modules.d/15-rh-php........
This problem has been around forever, Linux seems to think it is fine to use the r8169 driver for an r8168 NIC but this often causes problems including the link not working at all.
In my case ethttool shows the link up and detected but it simply does not work especially on a laptop that has been resumed from suspension. Sometimes it takes several minutes for it to work or to unplug and replug the ethernet.
Here is the solution:
Install th........
Downloading and compiling from source to get the latest version of Asterisk is really simple with this guide.
apt install gcc make g++ libedit-dev uuid-dev libjansson-dev apt install libxml2-dev sqlite3 libsqlite3-dev
wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-16-current.tar.gz
tar -zxvf asterisk-16-current.tar.gz
cd asterisk-16.6.2/
./configure
If you get this error change y........
It is very silly but the default on the ifup-eth script tells dhclient ( the program that obtains a DHCP IPaddress if you have selected DHCPin your ifcfg-eth* config file) to EXIT / QUIT if the first attempt to obtain a lease fails.
No amount of dhclient.conf settings will fix this because if dhclient is started with -1 (which it is by default)then dhclient will quit.
This is obviously very bad for MOST cases. Say for example you have a power outage or........
Video Links:
How To Setup 2 Phones on a Single CME Router and get the GUI going.
How to use Dialpeers with CME with two routers
How to implement call restrictions using COR / Class of Restriction
Set your clock:
HH:MM:SS
clock set 22:00:00 24 September 2024........
This often happens if you are adding a secondary route, especially with Linux source based routing.
ip route add default via 10.10.10.254 table 10
RTNETLINK answers: Network is unreachable
If that happens you will probably find that it is unreachable because your NIC does not have an IP in the 10.10.10.0/24 range so just assign an IP in that range to your NIC and try again.
eg. ifconfig eth0 10.10.10.254 netmask 255.255.255.0 up........
yum install iptables-services
systemctl enable iptables
service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]........
By default at least on Centos 7 nfs only allows 8 connections and starts 8 nfsd daemons.
To fix this edit this file:/etc/sysconfig/nfs
Edit the line "RPCNFSDCOUNT" (uncomment it so it looks like this:
RPCNFSDCOUNT=30
In the example above we are setting 30 nfsd daemons to run (or in other words 30 connections are possible this way).........
In Centos 7 tftpd will not work with selinux. Clients will not be able to connect and this is all you'll see in the log (then nothing more):
Sep 18 14:39:15 localhost xinetd[4327]: START: tftp pid=4331 from=192.168.1.65
On the client/computer side you will see this:
TFTP.
PXE-M0F: Exiting Intel Boot Agent
Basically the client is being instantly connected and bloc........
Having a network bridge allows you to bridge traffic under multiple devices so they can talk natively without using any special routing, iptables/firewall or other trickery.
To create your bridge you need the bridge-utils package for brctl and if you want to do things like bridge VMs that run on a tap device you will need the uml-utilities which provides "tunctl".
1.) Install the utilities to make our bridge
sudo apt-get i........
I don't consider a lot of these "extra" kernel modules "nice to have" as they often contain drivers for essential items like your soundcard, your NIC and many other devices that may not work. Sometimes you may find that "sound" or "ethernet" worked before a kernel/OS upgrade and now in the new version they don't. Often it will be because you need to install the "extra" kernel modules.
One other weird thing is that sometimes........
python3 testserver.com-car-scraping.py html.txt
Traceback (most recent call last):
File "testserver.com-car-scraping.py", line 5, in
import mysql.connector
ImportError: No module named 'mysql'
For some reason it won't install properly even though I have the mysql client on this machine installed too.
Solution:
You need the mys........
By default bind will not respond to outside queries for security reasons.
In most distributions you will find the default in /etc/named.conf looks like this at the top under options:
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";........
By default printscreen or alt print screen will get the whole desktop or the application in focus, respectively. But what if you want to select a portion of the screen?
gnome-screenshot:
ksnapshot
compiz
This is a nicely integrated solution
sudo apt-get install compizconfig-s........
Install Errors on Version 12:
This error happened on QEMU emulator version 2.11.1 pve-qemu-kvm_2.11.1-5
on Proxmox/Debian but installing on QEMU.12 on Centos 6 did not produce the error.
*Update it is not related to the OS or QEMU version. This happened in Centos 6 too after a second install.
What really causes this even though you successfully install........
I have seen this in a few rare cases after a reboot, where all folders and files will have the Read Only Attribute. If you uncheck it, it will just come back. It is more of a filesystem issue in Windows than a configuration issue and it looks like when Windows detects a badly corrupted filesystem that it will make things read-only, sort of like Linux would.
If you are Administrator or the owner of the folder and this is happening it is probably due to the reasoning mention........
The strange thing is that usually the first install or two will work on any new machine but then it suddenly won't. I had this experience on QEMU 2.13 on a different machine. There is something finicky or buggy about the CUCM installer even when choosing the same virtual hardware specs.
qemu-kvm command:
/usr/libexec/qemu-kvm -version
QEMU PC emulator version 0.12.1 (qemu-kvm-0.12.1.2-2.506.el6_10.1), Copyright (c) 2003-2008 Fabrice Bellard
........
There are multiple layers but most are enabled by default such as the setting in the Phone Device Settings.
However the one not enabled by default is the one in "Enterprise Phone Configuration".
Enable "Cisco Camera" and then reboot your phones to enable it.........
This will find all tap devices and try deleting all of them. Of course don't run this if there is a chance an unused tap device is necessary and would not be created by the script ro application using it.
for tap in `ifconfig -a|grep tap[0-255]|awk '{print $1}'`; do
tunctl -d $tap
done........
Are you tired of coming back to your computer only to find your SSH connections have been broken? Even worse are the ones that hang where it appears to be connected but it is really not.
The one option you have is an SSHclient side modification to send KeepAlive packets, sometimes this can also keep up your WiFi connection and stop it from disconnecting you as well.
To make the keep alive changes for your just yourself (not system wide)........
If you visit a site that exploits the WebRTC vulnerability including whatismyipaddress.com it may show "Local IP Address" which would be the real IP of your machine.
The vulnerability works on Windows and Linux machines (contrary to false information on the web which claims it only affects Windows).
The above works and happens even if you are using a proxy or VPNaccount like ProVPNAccounts.com
It is easy........
This is usually because of STP causing a delay in the negotiation.
Edit your ifcfg script eg:
/etc/sysconfig/network-scripts/ifcfg-eth0
Add a LINKDELAY of 30 seconds or whatever works for you:
LINKDELAY=30
After that you should have an IP during bootup.........
The net-tools command brings back all of the oldschool tools that we're used to:
/bin/netstat
/sbin/ifconfig
/sbin/ipmaddr
/sbin/iptunnel
/sbin/mii-tool
/sbin/nameif
/sbin/plipconfig
/sbin/rarp........
So say you are behind a typical NAT/LAN setup whether at home, work or while travelling. What if you have a computer or server that you need to connect to from the outside?
Yes you could use a VPN but a quick and dirty, temporary and secure way is to use SSH's Reverse Tunneling Proxy feature.
Requirements
On the remote ssh server host you need the GatewayPorts option enabled in sshd_config (be........
In most of the Cisco router IOS I find the ports like ge0/0 ge0/1 and ge0/2 or whatever your ports are down. They will not even give you a link light. So one of the first tasks should be getting the port you are working with up.
In my case the first goal is often connectivity with the LAN and WAN.
LAN = your local area network (eg. in the office/home )
WAN= your ISP/public internet (eg. fiber/cable/dsl/ethernet).........
00:55:07: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
00:55:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
Switch(config)#no logging console
........
Switch#show ip dhcp snooping
Switch DHCP snooping is disabled
DHCP snooping is configured on following VLANs:
1
Insertion of option 82 is enabled
circuit-id format: vlan-mod-port
remote-id format: MAC
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Interface&nb........
Enter configuration console:
enable
configure terminal
This is important because if your console doesn't look like below none of the commands will work!
Switch(config)#
Save and Apply Settings
wr
Show Switch Configuration:
show run
Show Port List/Sta........
This works on the 2000 and 3000 series generally.
*The easy way is to just hold the mode button for 10+ seconds.
The full/proper way is below:
1.) Either power on the unit and hold the "mode" button or hold the "mode" button until you see the below:
00:04:08: %SYS-7-NV_BLOCK_INIT: Initalized the geometry of nvram
00:04:08: %EXPRESS_SETUP-6-CONFIG_IS_RESET: The configur........
The key thing is that you must use a "machine"id of "pc-1.3" or it will say your hardware is not supported.
Additionally you MUST use a virtio disk or you will get a ks_pre.sh error as soon as the install starts (a look at logs will show it can't find a disk). This is funny because even though the OS finds the disk and an fdisk -l shows it, it looks like the script looks for a /dev/vda device (virtio) and nothing else, so if you didn't use Virtio as you........
This is not about systemd/systemctl and not about "onboot" so there's no rc.local trick here but it's the GUI/Gnome etc when a user logs in that a command is launched.
Put this in your home dir
The .config/autostart directory is where Linux Mint/Ubuntu checks for autostart application config files
mkdir -p ~/.config/autostart
Create a new entry/file that starts an application........
If you see this in /etc/sudoers it is NOT a comment but an include.
#includedir /etc/sudoers.d
For example in Linux mint sudoers.d contains the following files:
casper mintupdate README
casper for example contains the following sudoers line:
mint ALL=(ALL) NOPASSWD: ALL
So if you are messing ar........
./certbot-auto --apache certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
No names were found in your configuration files. Please enter in your domain
name(s) (comma and/or space separated) (Enter 'c' to cancel): yourdomain.com
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for yourdomain.com
Cleaning........
debug1: Local connections to LOCALHOST:18006 forwarded to remote address 192.168.1.93:8006
debug1: Local forwarding listening on 127.0.0.1 port 18006.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on ::1 port 18006.
bind: Cannot assign requested address
What we are seeing is that we can't listen on an IPV6 address of ::1. We need to tell SSH to stop using IPV6 so we'll edit ssh_config to take care of this issue........
Jan 30 17:16:10 localhost sshd[25385]: error: Failed to allocate internet-domain X11 display socket.
The solution for me on the server side was the following in sshd_config:
AddressFamily inet
*Remember to restart sshd and also reconnect from the client side.
Ihad all the normal X11 settings on the server but it just stopped........
If Proxmox won't start a VM with an error like this:
trying to acquire lock...
TASK ERROR: can't lock file '/var/lock/qemu-server/lock-102.conf' - got timeout
rm /var/lock/qemu-server/lock-102.conf
Then try to restart the VM and it should be good.
What we did above was find the lock file that is named lock-VMID (in our case 102) and deleted it to release the lock.........
In Debian a lot of times SSH disables the root user to login by password by default. This means you will get an authentication failure as if you typed in the wrong password.
The logs also indicate the password is wrong but what is often the case is in the config file
Check /etc/ssh/sshd_config
cat /etc/ssh/sshd_config|grep -i permitrootlogin
Make sure it says:
PermitRootLogin yes
If not change it and restart SSH........
Set this in /etc/sysctl.conf
net.ipv6.conf.all.disable_ipv6 = 1
#apply the settings
sudo sysctl -p
........
First we need to create dhclient.conf if it doesn't exist or edit it:
vi /etc/dhclient/dhclient.conf
#add this line at the top add the IPs as commas they will be the highest priority nameservers and whatever your ISP gives you will be used after these one (good for DNS backup)
prepend domain-name-servers 127.0.0.1,10.10.25.8;
After you restart your network or run dhclient again you should see the contents of........
initiator = client
target = server
These are the first concepts you should understand which is that in iscsi essentially the "initiator" is the client and the "target" is the server.
iSCSI is derived from the old fashioned SCSI that us oldtimers grew to love. The "i" stands for Internet and the SCSI stands for "Small Computers Systems Interface" (SCSI).
iSCSI Target (Server)Setup
targetcli is the pac........
httpd
AH00534: httpd: Configuration error: No MPM loaded.
Simple Solution (assuming you don't have this line in httpd.conf aleady:
echo "Include conf.modules.d/*.conf" >> /etc/httpd/conf/httpd.conf
........
confmodules=`cat /etc/httpd/conf/httpd.conf |grep -v ^#|grep "modules/"|awk '{print $3}'|cut -d "/" -f 2`
for module in $confmodules; do
echo "module=$module"
if [ ! -f /etc/httpd/modules/$module ]; then
linenum=`awk /"$module/{ print NR; exit}" /etc/httpd/conf/httpd.conf`
sed -i "$linenum"s/.*// /etc/httpd/conf/httpd.conf
&n........
Cisco's CUCM (Cisco Unified Communication Manager) is a system that combines voice, video, data and mobile products into a single unified management suite. At its core, the CUCMis like a "Super PBX" that controls the flow of all communications through an organization even single or multiple site deployments.
Cisco's CUCMmakes communication more effective and simple through centralized management and unification of communications resources.........
mytop is one of my favorite tools and it is fairly simple aside from a few caveats and issues that persist to this day.
To install it on Centos:
yum -y install centos
Configure ~/.mytop
vi ~/.mytop
user=root
host=localhost
db=test
#port=3306
socket=/var/lib/mysql/mysql.sock
header=1
color=1
Try runni........
systemd is like the service manager for your Centos and other modern Linux distributions (including Debian/Mint/Ubuntu) allows you to enable services, stop them, restart them, check their status and even reboot your system.
The key commands or arguments you will use with systemctl are the following:
Unit Commands:
list-units [PATTERN...] List loaded units
&nbs........
You'll have to violate the iso9660 standards but it is necessary if you want to preserve your filesystem and filenames and shouldn't be an issue as long as you are using a modern OS like Linux.
genisoimage -o Backup-Myfiles.iso -r -J -joliet-long /some/path/
You will get errors like below (even enabling joliet-long didn't help)
genisoimage: Error: /some/filename.pdf have the same Joliet name
Joliet tree sort failed. The -joliet-lo........
An error occurred during a connection to some-ip-or-domain. SSL peer reports incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_ALERT
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
**Solution**
Go to about:config........
After starting the install it stalls here:
admin/index.php?cache=0&agreelicense=1&confirmrelease=1&lang=en
If you manually refresh you get a Plugins check screen:
Installation
System
Moodle second step fails just blank screen:
https://domain.la/user/editadvanced.php?id=2
Solution: give up and choose something else it shouldn't be thi........
You get errors like below and see you have all question marks for the permissions if you go to /run/user/1000/gvfs
If you try to access the mounted share such as anything mounted as gvfs like an SSH share in your file manager you may get an error like this. It generally means an interruption in communication or a fault with gvfsd has caused it.
Solutio........
How to check if nested KVM is enabled by doing a cat on nested inside sys
Nested KVM is mainly important for testing for example if you wanted to install VMWare or Proxmox Nodes in a virtual environment for testing. Without nesting, the performance will be extremely slow, since the VMs within the nodes will not be using Virtualization extensions.
I've used wildcard on kvm_ because it could be kvm_intel or kvm_amd depending on whether y........
You can find many ways to specify the VLANin your network configuration but Ifind this is the simplest and quickest.
In this case we are talking about a bridged adapter "vmbr0" but it works even if you just had a normal non-bridged interface.
The key here is that in vmbr0 you'll notice there is no IP address. We just specify "manual".
Below it is a similar stanza for "vmbr0.58" in this case 58 represents the VLAN (change........
Almost always the reason will be that the php.so file is missing but also that php.conf is misconfigured.
In the problem machine it is actually PHP7 installed so if you reference PHP5 of course things wil be broken!
Take for example here:
cat /etc/httpd/conf.d/php.conf
#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamica........
Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/httpd/modules/libphp5.so: cannot open shared object file: No such file or directory
This is basically caused by the PHPmodule specified in php.conf being non existent. The error tells us it couldn't fnd /etc/httpd/modules/libphp5.so........
[root@localhost:~]
BootModuleConfig.sh echo host-ind nfcd........
yes it does create its own json
============================================
cat /tmp/vcsaUiInstaller/ovftool-20180809-175238948-20180809-175603497.log |grep -i json
2018-08-09T17:56:04.238-07:00 verbose OVFTool[30966] [Originator@6876 sub=Default] Manifest file entry: SHA1(VMware-vCenter-Server-Appliance-6.7.0.12000-8832884_OVF10-file1.json) = 1deb658c724767697587d5909c4051c01813e6a1
--> ........
There is no such option as "VBS" that Ican see in vSphere 6.7 Ibelieve this is actually an issue because of using old hardware in this case L5420 doesn't support Nested Virtualization I believe.
Hardware virtualization is selected and cannot be deselected due to selection of VBS
Insufficient resources to satisfy configured failover level for vSphere HA.........
sudo apt-get install libcurl4-openssl-dev git build-essential autotools-dev autoconf libcurl3
sudo apt-get install libcurl4-gnutls-dev
git clone https://github.com/wolf9466/cpuminer-multi
sudo apt-get install cmake libpthread-* libmicrohttpd-dev libssl-dev libhwloc-dev
git clone https://github.com/fireice-uk/xmr-stak-cpu.git
make install
cd bin
chmod +x xmr-stak-cpu
./xmr-stak -O xmr........
checking whether autoconf works... ../configure: line 5377: 7325 Segmentation fault $AUTOCONF $ACFLAGS configure.in > /dev/null 2>&1
no
configure: error:
*** These critical programs are missing or too old: gawk
*** Check the INSTALL file for required versions.
........
[root@thetor2017 conf]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: WARNING: MaxClients of 3000 exceeds ServerLimit value of 300 servers,
lowering MaxClients to 300. To increase........
Server Side Config
1.) First install nfs-utils
yum -y install nfs-utils
2.) Configure nfs share
Create a directory for your NFS share
mkdir /datastore
Create your NFS share in /etc/exports
echo "/datastore 10.220.101.0/24(rw,sync,no_root_squash)" >> /etc/exports
systemctl restart nfs........
dvd+rw-mediainfo /dev/sr0
INQUIRY: [ASUS ][BW-16D1HT ][3.00]
GET [CURRENT] CONFIGURATION:
Mounted Media: 11h, DVD-R Sequential
Media ID: RITEKF1&n........
You can search for this bug and it seems like it may be related to ecryptfs and is many years old.
The symptoms are that you return to the computer and the screensaver was active or the screen was asleep/black and it doesn't seem to come back. But you check by SSH the computer is running fine and are frustrated you'll lose your running programs and have to reboot.
There is a simple solution:
Ctrl + Alt + F1
Ctrl +Alt + F8
Ba........
Intel VT-X is enabled in Virtualbox but it doesn't seem to pass through the needed vmx extension despite the following variables on the host confirming it is enabled:
cat /sys/module/kvm_intel/parameters/nested
Y
cat /sys/module/kvm_intel/parameters/ept
Y
OVF Tool: Disk progress: 99%
OVF Tool: Transfer Completed
OVF Tool: Powering on VM: Embedded-vCenter-Server-Appliance-
OVF Tool: Task p........
#mount the VCSA DVD
mount /dev/sr0 /mnt/cd
#alternatively you could mount the iso directly
mount -o loop vcsa.iso /your/mount/path
#for this purpose we are using the CLI installer on Linux
cd /mnt/cd/vcsa-cli-installer/lin64
#no it's not going to be that easy you can't just run vcsa-deploy like that you need to use a template or configured .json file
./vcsa-deploy
Usage: vcsa-deploy [-h] [--version] [--supported-deploymen........
The main issue is it looks like Java is not configured to accept the invalid ssl cert that is coming from the download location.
Exception in thread "main" java.lang.RuntimeException: javax.net.ssl.SSLException: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error
export ANDROID_HOME=/home/user/Downloads/tools/
Conversations-master$ ./gradlew
Downloading https://services.gradle.org/distributions/grad........
Jul 3 22:12:17mailserver postfix/smtpd[6195]: fatal: no SASL authentication mechanisms
Jul 3 22:12:18mailserver postfix/master[4881]: warning: process /usr/libexec/postfix/smtpd pid 6195 exit status 1
Jul 3 22:12:18mailserver postfix/master[4881]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
This only ever happens in my experience when the authentication method is actually Dovecot. Usually the problem........
Sometimes if you have a very basic configuration OpenVPN on the client side for some reason sends all traffic to the OpenVPN server IP through the tun0 which is of course impossible and creates a block or routing loop.
This is because you need to use your normal ISP/LANgateway to hit the OpenVPN server if it is remote/offsite as is usually the case. So if you are connected to the OpenVPN through say a tun0 device and your routing is set to connect to the OpenVPN&nbs........
This happens because Dovecot limits the maximum IMAPconnections per IPto just 10. This may be fine for a single client side IPbut if an entire office or multiple users are behind one IPor a single heavy user is active then you will get bizarre errors in your e-mail clients such as "Password Incorrect" or similar in Thunderbird. It won't be obvious on the client side as to what the problem is and they will probably just think the server is misconfi........
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, root@localhost and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Apache/2.2.15 (CentOS) Server at testdomain.com Port 80........
This is not the normal "black screen"issue and I was shocked to eventually find out why. The normal advice of reconfiguring Xorg didn't work. Even booting into "Recovery Mode" did not help.
Here is the short end of the stick that fixed it:
sudo apt-get install mdm mate-desktop-environment
Yes you got it right, mdm and the mate-desktop-environment / gnome were somehow uninstalled. This must be whe........
In your browser go to "about:config"
Right click and choose "New" ->"String"
The name should be:
general.useragent.override
String Value:
Mozilla/5.0 (Linux; U; Android 2.2.1; en-ca; LG-P505R Build/FRG83) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1
You don't even have to restart to make this work.........
It is well known hackers, the NSA, CIA and other groups have created malware to secretly turn on your webcam and microphone on your phone, tv etc.. But fortunately on our computers and laptops we have some options.
Most webcams use the "uvcvideo" kernel module / driver. You can disable this in two ways on boot. I recommend both just as a failsafe.
Disable it on rc.local once your system boots automatically
Add the followi........
In at least Ubuntu and Mint there is nothing intuitive about configuring Java.
Execute it to get to it:
itweb-settings
You'll be able to configure different options and variables.
You can also check under Security as some of those settings could prevent applets from starting or prompting to........
One simple way to keep your server public but almost impossible to hack via SSHis to disable password authentication over SSH. This means the only way in is via your own private key that only you should have.
Edit your /etc/ssh/sshd.conf file
Set this option
PasswordAuthentication no
Restart your SSH server.
service sshd restart
........
So I have a domain "testdomain.com".
Inside test domain.com's root is the following .htaccess:
Options +FollowSymLinks -Indexes
ErrorDocument 403 /launch/index.html
Order Deny,Allow
Deny From All
Allow From 192.168.1.2
When you visit anything other than root things work fine. Eg. if you visit http://testdomain.com/somedirfile.html
It will show the right error in /launch/........
This is useful for security purposes especially on a server which may have a public IP assigned to it but has a second NIC for the LAN.
Here is how you edit smb.conf:
[global]
interfaces = 192.168.1.50
bind interfaces only = yes
As you can see above it will only listen on 192.168.1.50 and remind to keep the "bind interfaces only"option.........
It has been a big pain for a long-time to install Windows from a Linux environment. I used to run a windows install server and it never worked right for some reason (the install would fail on most servers).
Before getting start be sure to setup your samba share so once you boot into WinPE you can mount the install for whatever Windows you want
/etc/samba/smb.conf
[smbwinstall]
path = /tftpboot/images/winstall
guest ok = yes........
error: Could not locate RPC credentials. No authentication cookie could be found, and no rpcpassword is set in the configuration file
This is usually because the .cookie file cannot be read by the user you are running Litecoin or Bitcoin client/daemon as.
You can adjust the permissions of the file so that the user or group they are apart of has read permissions.
........
Some of the cheaper or newer SSL suppliers will require this to work properly (otherwise you may be prompted that the cert is invalid when it's not the case but it will certainly scare off your users!).
In the Apache vhost conf for the domain here is what you add:
SSLCACertificateFile /path/to/your/cafile.pem
Here is a full example of an SSL Vhost config in Apache using a CA Certificate file
........
PHP Warning: Cannot load module 'XCache' because conflicting module 'apc' is already loaded in Unknown on line 0
Solution:
yum remove php-pecl-apc-*........
Getting this error on Centos 6 with PHP 5.3 when just running "php -v"
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/module.so' - /usr/lib64/php/modules/module.so: cannot open shared object file: No such file or directory in Unknown on line 0
PHP Warning: Cannot load module 'XCache' because conflicting module 'apc' is already loaded in Unknown on line 0
Solution:........
Centos 6 requires GLIBC 2.12 however a lot of new programs you would want to compile may need a newer glibc. You can't remove the old glibc since the whole OS is based on it but you can install the updated glibc alongside it and do an export pointing to your updated GLIBC.
mkdir ~/glibc_install; cd ~/glibc_install
wget http://ftp.gnu.org/gnu/glibc/glibc-2.14.tar.gz........
Stopping httpd: [ OK ]
Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/h........
Install requirements:
yum -y install gmp-devel mpfr-devel libmpc-devel glibc-devel glibc-devel.i686 zip unzip jar
Download, untar, configure, compile and install GCC
http://mirrors.kernel.org/gnu/gcc/gcc-5.5.0/gcc-5.5.0.tar.gz
tar -zxvf gcc-5.5.0.tar.gz
cd gcc-5.5.0
./configure
make
make install
Now you need to cleanup th........
The Linux Kernel interpretated a very high volume of real traffic as a DDOS attack so it basically ends up blocking your web server.
possible SYN flooding on ctid 42131, port 80. Sending cookies.
Simple fix edit sysctl values for max_syn_backlog
sysctl -w net.ipv4.tcp_max_syn_backlog=5000
To make them permanent edit /etc/sysctl.conf
echo "net.ipv4.tcp_........
yum -y install samba
vi /etc/samba/smb.conf
https://www.kernel.org/pub/linux/utils/boot/syslinux/syslinux-6.03.zip
mkdir syslinux;cd syslinux;unzip syslinux-6.03.zip
mkdir -p /tftpboot/libs/
cp bios/com32/modules/linux.c32 /tftpboot/libs/
cp bios/com32/libutil/libutil.c32 /tftpboot/libs/
cp bios/com32/lib/libcom32.c32 /tftpboot/libs/
#add lib path
echo "PATH libs" >> /tftpboot/pxeli........
By default Samba SMB/NMB listen on ANY and ALLIPs on your system by binding to 0.0.0.0. Obviously this is a huge security risk if you have a public facing server with both internal and external access. Usually when a system administrator sets up a samba server their intention is just to share with a LAN.
To do this you need to the following options under the [global] section in smb.conf
bind interfaces only = yes
interfaces = 192........
It's really simple and just a matter of the following line within the subnet declaration.
deny unknown-clients;
See example below:
subnet 10.25.20.0 netmask 255.255.255.0 {
range 10.25.20.11 10.25.20.254;
deny unknown-clients;
option routers 10.25.20.10;
option domain-name-servers 208.67.222.222;
 ........
This is important as unfortunately Centos may designate a package obsolete and the replacement breaks everything (eg. you have a config file and the new replacement is not at all compatible with it and it breaks your application).
This is where disabling obsoletes comes into play, it can be done from yum but it doesn't work at the time I find.
yum --setopt=obsoletes=0 install someapp However Ifind it still installs the new app and not the one you ask for........
Just a note before you do this you should have a sure, guaranteed way into the system such as local, KVMor preferably publickey making bruteforce SSH absolutely impossible since there is no password to bruteforce and even if someone knew the password they wouldn't be able to login except from the local console (presumably you should make sure no one unauthorized has physical access).
1. Edit /etc/ssh/sshd_config
Find the section like this:........
Solution:
Aptitude is very smart and fixed the issues it was because of nvidia cuda and opencl and nothing else suggested or hinted this using apt
sudo aptitude install wine
The following NEW packages will be installed:
ocl-icd-libopencl1{ab} ocl-icd-libopencl1:i386{ab} wine wine1.6
wine1.6-amd64{a} wine1.6-i386:i386{a}
The following packages will be REMOVED:........
When things go wrong your video is basically unplayable or the first video plays fine and then freezes when moving on to the next. Generally if both videos weren't produced with the exact 100% same settings you will have issues. You can try the basic concat but it often won't work right.
Solution for me:
My example uses 3 videos in total so "n=3" and a=1 to include audio.
ffmpeg -threads 12 -i file1.mp4 -........
#if you have nvidia make sure you install the nvidia-cuda-toolkit so hardware acceleration can be used
wget http://ffmpeg.org/releases/ffmpeg-3.3.2.tar.bz2
tar -jxvf ffmpeg-3.3.2.tar.bz2
cd ffmpeg-3.3.2/
./configure --disable-yasm
install prefix /usr/local
source path ........
Some guides still use the old Centos 6 style (do not use /etc/sysconfig/network).
In Centos 7 the file is /etc/hostname
echo "HOSTNAME=yourhostname.com" > /etc/hostname........
Done on Centos 7.3 very important as clearly based on older guides it was a lot easier and more simpler! Hint do not use grub2-install!
If you have trouble booting after this check this CentOS mdadm RAID booting/fixing guide.
One huge caveat if you are an oldschool user or sysadmin who has avoided UEFIbooting
The nor........
This is a 8TB Seagate external USB 3.0 device apparently newer kernels use a module called "UAS" instead of "USB Storage" which causes issues as a lot of devices are not properly supported in UAS mode by the kernel driver. The solution some say is to disable UAS specifically for your USB device but I'd rather just disable UAS altogether.
Solution blacklist UAS: *do not do this it does not work and just causes your USB 3.0........
I am using a GTX 1060 but replace the download for the driver with the correct/current version for your particular card by visiting: http://www.nvidia.com/Download/index.aspx?lang=en-us
yum install automake curl openssl-devel libcurl-devel gcc gcc-c++
yum -y install kernel-devel-`uname -r`
yum -y install unzip
#the........
sudo mkdir -p /etc/X11/xorg.conf.d/
sudo vi /etc/X11/xorg.conf.d/20-intel.conf
On newer Ubuntu / Mint / Debian systems the file would go in: /usr/share/X11/xorg.conf.d/20-intel.conf
Type "i" and enter the following:
Section "Device"
Identifier "Intel Graphics"
Driver&n........
**** Warning: can't process font stream, loading font by the name.
Can't find CMap Identity-UTF16-H building a CIDDecoding resource.
Warning: falling back to Identity ordering
**** Error reading a content stream. The page may be incomplete.
**** File did not complete the page properly and may be damaged.
**** This file had errors that were repaired or ignored.
****........
Here is a simple MP3 player and now there's a reason to understand why the supplied cable has some kind of capacitor and is very short. These devices can be VERY finicky and any voltage fluctuation or difference is enough to cause issues.
Take for example the error messages from Linux Mint:
[804829.895414] usb 1-1: USB disconnect, device number 11
[806961.109030] usb 1-1: new high-speed USB device number 12 using xhci_hcd........
Finally after ages I found the solution which is on many pages on the net but not obvious and should have been standard or more common info!
Instant Solution:
Type this into the terminal (unfortunately the driver config menu doesn't have the option as itis hidden):
nvidia-settings --assign CurrentMetaMode="nvidia-auto-select +0+0 { ForceCompositionPipeline = On }"
Make permanent
Cli........
Jun 1 15:45:42 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: project_data:INFO Missing folder chosen by user:
Jun 1 15:45:42 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: project_data:INFO Removed missing file: MAH02949.MP4
Jun 1 15:45:57 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: ui_util:WARNING Icon theme media-playback-start not found. Will use backup........
Transaction Check Error:
file /usr/lib64/php/modules/fileinfo.so conflicts between attempted installs of php-pecl-fileinfo-1.0.4-2.el6.rf.x86_64 and php-common-5.3.3-49.el6.x86_64
solution you can't install php-pecl-fileinfo it seems to be incompatble with the php5.3 being installed:
yum --exclude=php-pecl-fileinfo --skip-broken --disablerepo=epel install php-*........
*Update so this doesn't work it must be something to do with the path of nfs or something else but the installer fails with "Installer crashed" at the end whereas with the CD/USB it works.
This assumes you've already installed and configured a separate PXE/DHCP server somewhere else and your /tftpboot directory is setup.
This is for Linux Mint 18.1 but generally applies to most versions although you may have tro change things like "casper"........
apachectl -l
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c
It is "prefork.c" so in httpd.conf these settings are what you would use (if you use worker.c it won't have any impact):
StartServers 2
MinSpareServers 5
MaxSpareServers&nb........
Centos 7 is no cakewalk, there are many fundamental features and basic utilities that are missing or even completely renamed or different!
Another shocking thing is to check your NIC it is set by default to not turn on when booting!
And by the way there is no more standard eth0 the NIC convention is now "enp0s3"
vi /etc/sysconfig/network-scripts/ifcfg-enp0s3........
In short the two drives in the array were /dev/sdd and /dev/sde. The kernel sees they were unplugged and have gone down as you can see below.
mdadm caught the first one being unplugged /dev/sde and disabled the missing drive. However when the final drive that was part of the array is unplugged it didn't notice at all. Instead it complains about an IO error later for drives that the kernel knows do not exist anymore.
[45817.162728] ata4: exception........
1.) Replicate the number of partitions in your new drives.
gdisk /dev/sda
gdisk /dev/sdb
I created 3 partitions of the same same size.
partition #1: +1G (/boot)
partition #2: +60G (swap)
partition #3: rest of it (/)
#note if you are using GPT/gdisk you need to create separate a partition at least 1MB in size (in my case I would a 4th partition and mark it type ef02).........
The "passwords do not match" implies or makes it appear that your auth code is wrong but actually you have to click "View additional settings" and then see there are 2 password fields to manage the domain once it is transferred (the password is typed twice for confirmation). Simply fill out a password twice or remove the first password fields contents and all will be well.........
At first I thought it's just not possible but there is actually an option that can be enabled to make symlinks work with Samba.
Then I put this under the [global] section
Note: It's "wide links" and not "wide symlinks" (some other sites have incorrect info which was a frustrating waste of time :))
Add this to your smb.conf
follow symlinks = yes
wide links = yes
unix ex........
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=6&arch=x86_64&repo=os error was
12: Timeout on http://mirrorlist.centos.org/?release=6&arch=x86_64&repo=os: (28, 'Operation too slow. Less than 1 bytes/sec transfered the last 30 seconds')
Error: Cannot find a valid baseurl for repo: base
You would think this should be fine and simple like using a proxy with most other software?
However........
In short the solution is just to use vgremove for the actual /dev/mapper device:
vgremove /dev/mapper/backups-backuplv
box mnt # mdadm --manage /dev/md8 --stop
mdadm: Cannot get exclusive access to /dev/md8:Perhaps a running process, mounted filesystem or active volume group?
box mnt # lv
lvchange lvconvert lvcreate l........
Cannot even "Browse Network" when clicking on "Windows Network"
Unable to mount location
Failed to retrieve share list from server: No such file or directory
logs:
[2017/02/14 00:16:44.271314, 0] ../source3/nmbd/nmbd.c:58(terminate)
Got SIGTERM: going down...
[2017/02/13 17:35:41.797944, 0] ../lib/util/become_daemon.c:124(daemon_ready)
&........
[Thu Jan 26 14:13:31 2017] [notice] caught SIGTERM, shutting down
[Thu Jan 26 14:14:00 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jan 26 14:14:00 2017] [error] Server certificate is expired: 'Server-Cert'
[Thu Jan 26 14:14:00 2017] [notice] SSL FIPS mode disabled
[Thu Jan 26 14:14:07 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jan 26 14:14:07 2017] [error] Server certificate is expired: 'Server-Ce........
Uh oh
[17925926.174277] block drbd0: Handshake successful: Agreed network protocol version 96
[17925926.174325] block drbd0: conn( WFConnection -> WFReportParams )
[17925926.174342] block drbd0: Starting asender thread (from drbd0_receiver [1682])
[17925926.174432] block drbd0: data-integrity-alg:
[17925926.174581] block drbd0: drbd_sync_handshake:
[17925926.174586] block drbd0: self 2AAE66AF9252D6DB:2815BF........
Many users still are not aware but simply patching OpenSSL does not secure you against many known and easy to exploit attacks that will render your encryption useless by an attacker.
Use the following setings in /etc/httpd/conf.d/ssl.conf
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !CAMELLIA !SEED !3DES !RC4 !aNULL !eNULL !LOW !MD5 !EXP !PSK !........
The solution is simple but strange, if you copy your /var/lib/mysql directory to another server and think it will work, be sure to check if you have /var/log/mysql and binary log files. If you do, the server will not work and will give you errors like below and crash without the proper log files.
UPDATE user SET password=password("newpass") WHERE user='root';
flush privileges;
ERROR 2013 (HY000): Lost connection to MySQL server durin........
PHP Fatal error: PHP Startup: apc_shm_create: shmget(0, 67108864, 914) failed: Invalid argument. It is possible that the chosen SHM segment size is higher than the operation system allows. Linux has usually a default limit of 32MB per segment. in Unknown on line 0
PHP Fatal error: PHP Startup: apc_shm_attach: shmat failed: in Unknown on line 0
This error is not at all fun because it actually prevents Apache/httpd from starting or working at all. It will........
iptables -t nat -A OUTPUT -m addrtype --src-type LOCAL --dst-type LOCAL -p tcp --dport 3306 -j DNAT --to-destination ip.ip.ip.ip
iptables -t nat -A POSTROUTING -m addrtype --src-type LOCAL --dst-type UNICAST -j MASQUERADE
sysctl -w net.ipv4.conf.all.route_localnet=1
Make sure you substitute "ip.ip.ip.ip" for your real public IP and also the "--dport 3306" for the port you want to forward.
Finally run the sysctl command and........
forcedeth 0000:00:08.0: irq 25 for MSI/MSI-X
forcedeth 0000:00:08.0: eth0: MSI enabled
forcedeth 0000:00:08.0: eth0: no link during initialization
ADDRCONF(NETDEV_UP): eth0: link is not ready
forcedeth 0000:00:08.0: eth0: link up
ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
Dec 1 18:21:32 box15 kernel: forcedeth: Reverse Engineered nForce ethernet driver. Version 0.64.
Dec 1 18:21:32 box15 kernel........
The only solution after trying many suggestions was to simply restart the "vz" service (definitely not preferable).
Even doing an ifdown and ifup for venet0 did not help.
ifup venet0
Bringing up interface venet0:
Configuring interface venet0:
net.ipv4.conf.venet0.send_redirects = 0
RTNETLINK answers: Network is down
Some errors from log:
CPT ERR: d2dc60........
md127 issue, it should be /dev/md3 per mdadm.conf
Any time something is mounted as md127 it almost always means there is no entry for this mdadm array in the mdadm.conf in initramfs (which is separate from your actual /etc/mdadm.conf).
cat /etc/mdadm.conf
ARRAY /dev/md3 metadata=1.2 UUID=b6722845:381cc94e:7a2c5b5f:8e3b7c4f
The reason for this is something strange, most Linux OS's bizarrely always keep their own copy of /etc/mdadm.con........
Everytime I've seen this error "/dev/drbd0: State change failed: (-2) Need access to UpToDate data" it is because DRBD has no disk:
cat /proc/drbd
version: 8.3.13 (api:88/proto:86-96)
GIT-hash: 83ca112086600faacab2f157bc5a9324f7bd7f77 build by root@sighted, 2012-10-09 12:47:51
0: cs:Connected ro:Secondary/Secondary ds:Diskless/Inconsistent A r-----
ns:0 nr:0 dw:0 dr:0 al........
M4A is a weird format, so you have to be creative here is a quick copy of what I did.
Basically you need to convert to .wav to make use of them and thenI converted the resulting .wav into an mp3 (nice small file size and basically universally playable):
=======
sudo apt-get install mpg321 mp3gain faad normalize lame
faad "Voice 002 (copy).m4a"
faad "Voice 002 (copy).m4a"........
Tired of checking iotop and seeing that your drbd partition is using 99.99% of io all the time and finding your drbd device performs slow in general?
This is especially an issue in versions of DRBD in the 8.3 tree in particular one documented case is on "8.3.13" but it likely applies to other devices.
The symptoms are that resyncing is fine and normal but any reasonable amount of activity is very slow and lagged and creates a high server load and con........
vzkernel-2.6.32-042stab116.2.x86_64.rpm&n........
migrating from an old OpenVZ (Centos 5) to new OpenVZ (Centos 6)
Also if migrating from 32-bit HN to 64-bit your RAM will probably be much bigger than it should be!
16x bigger
eg. 32bit HN:
total used free shared buffers cached
Mem:&nb........
It is as simple as the command below, it will then update your mdadm.conf or create it in /etc/mdadm.conf
mdadm --detail --brief --scan > /etc/mdadm.conf
........
Stopping httpd: [ OK ]
Starting httpd: [Wed Jun 29 19:29:44 2016] [warn] _default_ VirtualHost overlap on port 80, the first has precedence
[Wed Jun 29 19:29:44 2016] [warn] _default_ VirtualHost overlap on........
In Firefox I cannot connect to any website, proxy is disabled and outside network access is confirmed, no system or manual proxy was set on this Linux Mint/Ubuntu system. Normally this can be caused by proxy or DNS problems and the weird thing is that traceroute and ping to other IPs worked fine but even connecting to sites by IP was not working.
The connection was reset
The connection to the server was reset while the page was loading.........
There was only one solution here and it was the following:
edit /etc/httpd/conf/httpd.conf
Comment the lines for the Mime Magic Module:
# MIMEMagicFile /usr/share/magic.mime
# MIMEMagicFile conf/magic
*Don't forget to restart Apache and clear your browser cache twice
I was using DefaultType and ForceType a........
pip install obfsproxy
/usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
You are using pip version 7.1.0, however version 8.1.1 i........
openvpn 2.3.10-1.el6 issues
in the .conf
auth-user-pass-verify "passwordcheck $username $password $untrusted_ip" via-env
auth-env does not work correctly in OpenVPN 2.3:
Sat Apr 23 02:30:22 2016 - $username - $untrusted_ip - login failure
But OpenVPN 2.2 does work as expected.
It could be that the specified script automatically receive........
Stopping httpd: [FAILED]
Starting httpd: httpd: Syntax error on line 73 of /etc/httpd/conf/httpd.conf: Cannot load /etc/httpd/modules/mod_file_cache.so into server: /etc/httpd/modules/mod_file_cache.so: cannot open shared obje........
This is a simple fix but not a simple problem and it still doesn't make sense to me.
But in a nutshell if your target proxy server works fast when accessing directly over SSL then this may be your issue.
It seems SSL does not play nicely when the target proxy destination/host has a riduculously long key (such as 8192 bits long). Now this is normally not a problem, in fact the target server could be accessed with hardly any delay directly despite such a long key.........
At first my BIOS said the card may not work right because there is no more option ROM space.
I disabled the Option ROM for both LSI 1068 and 2008 chipsets, Network Boot ROM and most other PCI slots, Serial Port, etc... and the message went away but the card still does not work properly.
But it still cannot initialize the card properly(does not work):
[ 33.943272] NVRM: This PCI I/O region assigned to your NVIDIA device is invalid:........
There are a few ways of doing this and all basically involve using the reverse proxy or "ProxyPass" feature of Apache to accomplish it.
1.) Create a normal vhost and simply symlink the root directory of the site you want to mirror.
Eg. originalsite.com and newsite.com
/vhosts/originalsite.com/httpdocs
You would symlink like this:
ln -s /vhosts/originalsite.com/httpdocs vhosts/originalsite.com/........
service iptables start
iptables: Applying firewall rules: iptables-restore: line 40 failed
[FAILED]........
The location of the hash is stored in the configuration.php file and is really a bit of pain to have to pull out everytime but this is how WHMCS stores its encryption key hash to see the full credit card number.........
/var/lib/samba/usershares
But note that it is just simple file sharing if you need directory mask, create mask etc... you still need to edit the smb.conf file to create your share.
Here is an example file:
comment=
usershare_acl=S-1-1-0:R,S-1-22-1-1000:F
guest_ok=y
sharename=BabyPhotos........
This command in Debian/Ubuntu/Mint will get everything need installed for most Java based KVM viewers:
sudo apt install icedtea-netx
The following additional packages will be installed:
ca-certificates-java icedtea-netx-common openjdk-8-jre openjdk-8-jre-headless
It seems every other updated version of Java or Icedtea breaks things and I will save the frustration of Java for another post.........
This is actually very simple and this example assumes your network device is "eth0"
In Centos your network config would be the following: /etc/sysconfig/network-scripts/ifcfg-eth0
Take the same path and just add a "-range0"
So to add a range create the following file: /etc/sysconfig/network-scripts/ifcfg-eth0-range0
IPADDR_START=192.168.1.50
IPADD........
grub> root (hd0,0)
root (hd0,0)
Filesystem type is ext2fs, partition type 0xfd
grub> setup (hd0)
setup (hd0)
But if you do:
root (hd1,0)
setup (hd1)
it does work, I think hd0/sda had a GPT partition that was not removed properly (what I did was just dd bs=512 count=1 the partition table from another drive since the partition table should be identical).
Checking if "/boot/grub/........
Here is the scenario you or a client have a remote machine that was installed as a standard/default minimal Centos 6.x machine on a single disk with LVM for whatever reason. Often many people do not know how to install it to a RAID array so it is common to have this problem and why reinstall if you don't need to? In some cases on a remote system you can't easily reinstall without physical or KVM access.
So in this case you add a second physical or disk or already ha........
In my case I could login with the initial install but I rsync'd everything over while preserving ownership and permissions to another RAID partition and booted from that.was fine before. The problem is that you are kicked out the second you login and the problem was SELINUX for some reason (perhaps it noticed something strange when it was moved to the new partition)
login: pam_unix(login:session): session opened for user root by LOGIN(uid=0)
login: ROOT LOG........
Before reading on remember to put the line at the bottom of /etc/sudoers as from experience what happen is that other rules cancel out what you have added.
If your sudoers setup is correct it will work immediately upon saving without requiring a reboot.
Edit /etc/sudoers
yourusername ALL = NOPASSWD: /path/to/command
*Once again remember the above should be on the bottom of the sudoers file or........
sudo apt-get install zoneminder
[sudo] password for one:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libuser-perl python-evince kdebase-apps kwrite unixodbc
libgnomeprint2.2-data python-soappy vgabios python-metacity hddtemp
python-mediaprof........
[ 2868.041375] ata1: EH in SWNCQ mode,QC:qc_active 0x40 sactive 0x40
[ 2868.041554] ata1: SWNCQ:qc_active 0x40 defer_bits 0x0 last_issue_tag 0x6
[ 2868.041556] dhfis 0x40 dmafis 0x40 sdbfis 0x20
[ 2868.041874] ata1: ATA_REG 0x41 ERR_REG 0x84
[ 2868.042013] ata1: tag : dhfis dmafis sdbfis sactive
[ 2868.042163] ata1: tag 0x6: 1 1 0 1
[ 2868.042301] ata1.00: exception Emask 0x1 SAct 0x40 SErr 0x400000 action 0x6 frozen
[........
I never did get it working, it is too bad as obfsproxy should really be an option and integrated into the OpenVPN client and server or something similar:
yum -y install python-pip python-devel
No package python-pip available.
#install the EPEL repo
python-pip install obfsproxy
python-pip install obfsproxy
-bash: python-pip: command not found
pip install obfsproxy
&........
yum -y install wget
wget -P /etc/yum.repos.d/ http://ftp.openvz.org/openvz.repo
rpm --import http://ftp.openvz.org/RPM-GPG-Key-OpenVZ
yum -y install vzkernel vzctl
#enable ip_forward
sed -i s/'net.ipv4.ip_forward = 0'/'net.ipv4.ip_forward = 1'/g /etc/sysctl.conf
#all interfaces should not send redirects
echo "net.ipv4.conf.default.send_redirects = 1" >> /etc/sysctl.conf
echo "net.ipv4.co........
vi /etc/yum/pluginconf.d/fastestmirror.conf
exclude=.hk,.cn
You could also use specific domains but as you can see above we are blacklisting all Hong Kong and Chinese mirrors in this example.........
-------------------------------------
ProCurve J4903A Switch 2824
Software revision I.10.77
Copyright (C) 1991-2009 Hewlett-Packard Co. All Rights Reserved.
RESTRICTED RIGHTS LEGEND
Use, duplication, or disclosure by the Government is subject to restrictions........
0000:00:00.0 RAM memory: NVIDIA Corporation MCP55 Memory Controller (rev a2)
0000:00:01.0 ISA bridge: NVIDIA Corporation MCP55 LPC Bridge (rev a3)
0000:00:01.1 SMBus: NVIDIA Corporation MCP55 SMBus (rev a3)
0000:00:02.0 USB controller: NVIDIA Corporation MCP55 USB Controller (rev a1)
0000:00:02.1 USB controller: NVIDIA Corporation MCP55 USB Controller (rev a2)
0000:00:05.0 IDE interface: NVIDIA Corporation MCP55 SATA Controller (rev a3)
0000:00:05.1 I........
[Tue Jun 23 02:05:52 2015] [error] Unable to configure RSA server private key
[Tue Jun 23 02:05:52 2015] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
The above is an accurate description of what is wrong.
In our case the client made a simple mistake of thinking the localhost.crt and localhost.key (default key locations for Apache SSL in Centos) were in the same directory but they we........
An error occurred during a connection to site.com. SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
When the above happens in our experience it is a misconfiguration of........
#from epel repo
yum -y install opendkim
chkconfig opendkim on
cd /etc/opendkim/keys
opendkim-genkey -vd mail.server.com
opendkim-genkey: generating private key
opendkim-genkey: private key written to default.private
opendkim-genkey: extracting public key
opendkim-genkey: DNS TXT record written to default.txt
........
[ 17.208336] tg3 0000:08:00.0: eth0: Link is up at 1000 Mbps, full duplex
[ 17.210194] tg3 0000:08:00.0: eth0: Flow control is on for TX and on for RX
[ 76.000065] phy0 -> rt2x00lib_request_firmware: Error - Failed to request Firmware.
[ 76.002332] ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
[ 86.736004] eth0: no IPv6 routers present
[ 148.960038] phy0 -> rt2x00lib_request_fi........
Thsi is very handy when doing your own kernel development.
-m specifies how much ram (in the example it is 768MB)
-kernel specifies the path to the kernel file
-net tap,ifname=tap1,script=no (the ifname=tap1 is what you need to change and setup manually).
*Run "tunctl -b" to create a tap device and use the one it gives you for ifname=
Enable networking to the outside like this:
*Note we assume that your bridge is br0 i........
Are you getting the same old error message even though your iptables settings for OpenVZ are correct?
iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
The reason is because in newer vzctl the old way of setting IPTABLES="" in vz.conf is completely deprecated (I spent some time fiddling wondering why my settings were correct but........
if you type Export and see something like this:
declare -x all_proxy="socks://127.0.0.1:22000/"
Most sites assume and tell you to check your .bashrc or /etc/profile /etc/bash.bashrc which may not apply if you've unknowingly or forgot that you setup a proxy from your GUI such as Gnome.
To check in Gnome if you have a permanent proxy do the following:
System -> Settings -> Network Proxy........
It's a basic script that reads the file "ips.txt" in the current directory and then creates a corresponding ifcfg file
#!/bin/bash
GATEWAY=192.168.1.1
NETMASK=255.255.255.0
device=eth0
counter=0
for ips in `cat ips.txt`; do........
The solution is to run '/etc/init.d/vboxdrv setup' and sometimes happens when upgrading VBox and the kernel modules don't get upgraded with it. Sometimes the above doesn't work until you reboot because sometimes other unknown processes (even the file manager possibly) may be locking the old module from being unloaded.
Failed to open a session for the virtual machine XP.
The virtual machine 'XP' has terminated unexpectedly during startup with exit code 1.........
wget http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz
tar xzvf bash-4.3.tar.gz
cd bash-4.3/
wget --no-directories --level 1 --recursive http://ftp.gnu.org/gnu/bash/bash-4.3-patches/
for patch in `ls bash43-*|grep -v .sig$`; do
echo applying "$patch"
patch -p0 < $patch
done
./configure;make;make install
#it will install to /usr/bin/bash but if your bash is somewhere else you need to overwrite the old one.........
It's simple, just edit /etc/vz/vz.conf and add or change the following:
VE_LAYOUT=simfs........
iptables -t nat -A PREROUTING -p tcp -m tcp -d 192.168.2.1/32 --dport 3389 -j DNAT --to-destination 192.168.5.2:3389
iptables v1.4.7: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
The above is often because you don't have the correct modules loaded on the hostnode or enabled for the container but in some cases it's actually a weird openvz setting.
Che........
The most common solution is to use the /etc/postfix/header_checks but this is a big problem.
Why is header_checks a problem? Because it does it to all mail whether incoming or outgoing and whether authenticated or not. We of course want as much header information for incoming as we can get for many reasons but many organizations want to secure and make their mail clients as secure as possible.
I adapted this solution to the client's custom config, they are configur........
This error seems to happen randomly and especially when trying to send e-mails. Apparently it's a long-standing GNome bug but is also partially the default of Thunderbird depending on who you ask. There is no known fix that I'm aware of except to upgrade gnome and the gvfs package but this is not an option for older versions/distributions.
An error occurred while loading or saving configuration information for thunderbird. Some of your configuration settings may not........
CPanel says you can access 98% of the functions through CLI which experienced Unix/Linux admins prefer for simplicity and for scripting. I've never found CPanel easy to use from the admin panel, it seems everything is hard to find and a simple task becomes a series of hunts.
So for people like me here's the list: http://cpanel.net/system-administrators/command-line-scrip........
I've only ever seen this in Ubuntu for some reason and it is because of the /etc/nsswitch.conf settings.
So the issue is that if the hostname's reverse DNS cannot be found that you need to go back to DNS which was not the default in this nsswitch.conf file for some strange reason.
Edit /etc/nsswitch.conf and replace your "hosts" line with this:
#hosts: files dns mdns4_minimal [NOTFOUND=return] mdns........
error: Failed to create domain from /home/kvm/kvm101/kvm101.xml
error: cannot open file '/dev//dev/kvmcontainer/kvm101_img': No such file or directory
This is caused by what we consider a quark in SolusVMthat Ihelped a client with.
SolusVMhas as config for the "LVMvolume name" and does not enforce any convention.
Naturally most technical people would use the actual path eg "/dev/kvmcontainer".
However th........
mytop-1.4-2.el5.rf.noarch from rpmforge has depsolving problems
--> Missing Dependency: perl(DBI) is needed by package mytop-1.4-2.el5.rf.noarch (rpmforge)
solution:
#disabling excludes is required on CPanel type boxes which exclude most updates including perl-DBI
yum --disableexcludes=main install perl-DBI
mytop-1.4-2.el5.rf.noarch from rpmforge has depsolving problems
--> Missing Dependency:........
This is what fixed it:
[root@box13 ~]# dd if=/dev/zero of=/dev/md160 bs=512 count=500
Basically you need to wipe out more than just the 512 byte partition table so 512 bytes * 500 is more than enough to make DRBD happy and think the partition is now empty.
The reason this happens is because it gets confused when there is a previous partition with data on the device you are using.
root@box13 ~]# d........
Apr 17 11:55:47 Cluster01 heartbeat: [1426]: WARN: ha_msg_add_nv_depth: line doesn't contain '='
Apr 17 11:55:47 Cluster01 heartbeat: [1426]: info: >>>
Apr 17 11:55:47 Cluster01 heartbeat: [1426]: ERROR: NV failure (msgfromsteam): [>>>
]
I have never been able to reproduce the above but it happened on heartbeat-3.04-2 when Itook a node down for testing.
One thing Ibelieve caused it was by configuring ha.cf........
#count=10000 makes an image of 10000MB make sure your image is at least the same as your existing
dd if=/dev/zero of=yourimage.img bs=1M count=10000
# losetup -fv newimage.raw
# fdisk -cu /dev/loop0
# kpartx -a /dev/loop0
# dd if= of=/dev/mapper/loop0p1
# e2fsck -f /dev/mapper/loop0p1
# resize2fs /dev/mapper/loop0p1
# a lot of guides tell you to edit /etc/fst........
Start -> Administrative Tools ->Server Manager
Under "Computer Information" click "Configure Remote Desktop".
Under "System Properties" choose the type of "Allow connections" you want.
That's all there is to enabling RDP Access in 2008 server.........
./configure
./configure: line 91: cd: /lib/modules/2.6.32-042stab084.25/build: No such file or directory
Error: kernel version not found.
Please make sure your kernel is configured.
dr-xr-xr-x. 4 root root 4096 Feb 21 06:13 ..
lrwxrwxrwx 1 root root 45 Feb 21 06:13 build -> ../../../usr/src/kernels/2.6.32-042stab084.25
drwxr-xr-x 2 root root 4096 Feb 12 20........
cat /etc/some.conf|grep -Ev '^#|^;|^$'
This assumes that comments start with # or ; (adjust as necessary). Also note that the ^$ omits blank lines.........
yum -y install wget
wget -P /etc/yum.repos.d/ http://ftp.openvz.org/openvz.repo
rpm --import http://ftp.openvz.org/RPM-GPG-Key-OpenVZ
yum -y install vzkernel vzctl
After that just reboot and you may also have to enable ip_forward in /etc/sysctl.conf........
Error: Package: php-Monolog-dynamo-1.7.0-1.el6.noarch (epel)
Requires: php-aws-sdk
Error: php-pecl-zendopcache conflicts with 1:php-eaccelerator-0.9.6.1-1.el6.x86_64
Error: php-xcache conflicts with php-pecl-apc-3.1.9-2.el6.x86_64
Error: php-pecl-zendopcache conflicts with php-pecl-apc-3.1.9-2.el6.x86_64
Error: Package: php-horde-Horde-Vfs-2.1.2-2.el6.noarch (epel)
&n........
root@hkhosting [/]# service httpd start
Starting httpd: Syntax error on line 2 of /etc/httpd/conf/httpd.conf:
Invalid command 'Alias', perhaps misspelled or defined by a module not included in the server configuration
........
I never found a solution to do it live (nothing worked that I found) so it looks like a relogin is required.
Check your maximum file limit
cat /proc/sys/fs/file-max
824460
This is different than your actual's user limit which you'll see below
ulimit -n
1024
Try and set it higher but it won't work
ulimit -n 65000........
It's not as simple as "yum install" as you can see below and it doesn't stop there.
yum install php53
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* rpmforge: mirror.us.leaseweb.net
* extras: centos.mirror.rafal.ca
* updates: centos.mirror.nexicom.net
* base: centos.mirror.nexicom.net
* addons: centos.mirror.nexicom.net
Setting up Install Process........
On some CPanel installs we see complaints of "/usr/local/cpanel/bin/apache_conf_distiller" causing 100% cpu usage without any solution.
Killing the process causes it to spawn again, actually it seems it tends to spawn multiple processes itself.
Restarting CPanel itself is a temporary but not permanent solution.........
[3805108.257042] sd 0:0:0:0: [sda] 1953525168 512-byte hardware sectors: (1.00 TB/931 GiB)
[3805108.257052] sd 0:0:0:0: [sda] Write Protect is off
[3805108.257054] sd 0:0:0:0: [sda] Mode Sense: 00 3a 00 00
[3805108.257066] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[3805108.257083] sd 0:0:0:0: [sda] 1953525168 512-byte hardware sectors: (1.00 TB/931 GiB)
[3805108.257090] sd 0:0:0:0: [sda] Write Protect is off........
I was having an issue with only certain random/jpeg files with the functions imagecreatefromjpeg imagecreatetruecolor and other related ones.
This issue was annoying basically it seems like a libgd issue/bug with newer versions of PHP and it was difficult to trace-out. One very useful thing that helped me was using "php-cgi" and passing the query string as an argument eg:
php-cgi images.php source=IMG.jpg (that way you get all the error messages wh........
Go to:
"Server Configuration" -> Basic cPanel & WHM Setup
Scroll to: "Nameservers" (at the bottom)
From there you can set the names of the nameserver and their IPs.
It's very weird and confusing that nothing under IP Functions/DNS has or links to this.........
yum -y install fail2ban
vi /etc/fail2ban/jail.conf
[asterisk-tcp]
enabled = true
filter = asterisk
action = iptables-multiport[name=asterisk-tcp, port="5060,5061", protocol=tcp]
sendmail-whois[name=Asterisk, dest=you@example.com, sender=fail2ban@example.com]
logpath = /var/log/asterisk/messages
maxret........
This is different than Centos 5, you have two services btu they are called "smb" and "nmb".
You need to enable and start "nmb" in order for your samba server to be listed.
chkconfig nmb on; chkconfig smb on
service nmb start;service smb start........
VBox/Virtualbox solution to NS_ERROR_CALL_FAILED error
This is likely because you have 2D/3D acceleration enabled and your card doesn't support it.
Eg. you switched video card drivers or video cards that did support it.
The funny thing is that you CANNOT disable those options as they are "greyed" out in the VBox client GUI.
The config file has to be manually changed and fixed with these options "accelerate3D="false" accelera........
Visit that link
http://yourforums.com/forum/register.php?do=requestemail
Or in AdminCPit can be done.........
cat Xorginfo.txt|grep -nr "xserver-xorg"
Result:
9: sudo apt-get remove --purge xserver-xorg
13: sudo apt-get install xserver-xorg
17: sudo dpkg-reconfigure xserver-xorg........
./configure
./configure: cannot locate gcc 3.x. please install it or specify with --qemu-cc
yum -y install gcc make
./configure
./configure: cannot locate gcc 3.x. please install it or specify with --qemu-cc
yum -y install compat-gcc-*
./configure
Error: Could not find alsa
Make sure to have the alsa libs and headers installed.
yum -y install alsa-lib-devel
./configure........
template=$(cat ........
mount -o bind /proc /sda2/proc
mount -o bind /dev/ /sda2/dev
mount -o bind /sys /sda2/sys
chroot /sda2
mint / # mount -o bind /proc /sda2/proc
mint / # mount -o bind /dev/ /sda2/dev
mint / # mount -o bind /sys /sda2/sys
mint / # chroot /sda2
mint / # cd ~
mint ~ # ls
Desktop
mint ~ # cd /
mint / # ls
bin Desktop dev-temp home&nb........
Linux box13. 2.6.32-042stab076.5 #1 SMP Mon Mar 18 20:41:34 MSK 2013 x86_64 x86_64 x86_64 GNU/Linux
even setting privvmpages to a specific setting DOES not affect "free -m" in containers.
This is probably a kernel issue
23:36:29 up 159 days, 7:12, 4 users, load average: 0.42, 0.44, 0.33
[root@box13 ~]# free -m
total&n........
tar -czf yourfile.tar.gz .
The . dot is the crucial part, normally many will use * and that will exclude hidden files by default which is very undesirable as many hidden files are important such as .htaccess and conf files in your home directory etc.. It seems the default behavior of tar should be the opposite but these are all very old tools.........
/scripts/phpextensionmgr install PHPSuHosin
Updating md5sum list
Fetching http://httpupdate.cpanel.net/cpanelsync/easy/targz.yaml (connected:0).......(request attempt 1/12)...Resolving httpupdate.cpanel.net...(resolve attempt 1/65)...
Fetching http://httpupdate.cpanel.net/mirror_addr_list (connected:0).......(request attempt 1/3)......connecting to 74.50.120.123...@74.50.120.123......connected......receiving...100%......request success......Done........
Browse to this directory: ~/.config/libreoffice/3/user/backup/........
I've got one of these for testing projects from work at home and got more than I bargained for with the time I've spent on it due to the storage handing/Perc 6/i cards.
My particular model came with the following:
2U Rack Mount Server with Rails
2xOpteron 2373 EE (Quad Core, there is a 6-core version that can be found at times)
16GB RAM
2 x 250GB Seagate SATA
2 x Dell Perc 6/i (horrible and a nightmare to work........
The results are not bad, the Hitachi performs the same as it does in a SATA2 motherboard. However, the 2TB is much different, on a similar 2TB Toshiba I get about 198MB/s on a different motherboard vs the 2TB Hitachi which should produce similar results.
This Dell Perc 6/i is on a PCI x8 riser card and is connected to a 12-port backplane.
Adapter #0
Enclosure Device ID: 32
Slot Number: 0
Enclosure position: N/A
De........
One thing to remember is that you need MegaCli to do the flashing.
You also need the correct file,I tried at least 2 different Perc 6 firmwares from Dell that kept getting rejected as corrupt by MegaCli(they were really the wrong version). I have an external PCI-E Dell 6 Perc/I butI chose images from the 'Integrated" on motherboard version as it was allI could find. They are different, and below is my first time finding success.........
I flashed an LSI Logic firmware to it and it broke the BIOS (cannot do Ctrl+R) for booting purposes but allows other functionality to work normally.
I tried downgrading to a Dell firmware for Perc 6i but it won't work, not even with MegaCli
wget http://downloads.dell.com/FOLDER00416606M/1/SAS-RAID_Firmware_W83M2_LN32_6.3.1-0003_A14.BIN
--2013-08-26 12:53:39-- http://downloads.dell.com/FOLDER00416606M/1/SAS-RAID_Firmware_W83M2_LN32_6.3.1-0003_A14.BIN
Resolvi........
It is stored in the "configuration.php" file of all places which is annoying andI get questons like this at worke each day.........
LSi Megaraid
At first it was configured as a RAID 0, then I deleted the Virtual Disk Group.
I thought both drives would be shown and detected in Linux as sda and sdb but it actually shows nothing.
To make them work you have to hit Ctrl+R before the system boots (when prompted) and create a Virtual Disk Group. In my case I created each one as RAID 0 (with a single drive only) as I just wanted JBOD but there is no such option or default in these Dell Pe........
pxe-32 tftp open timeout
The solution was to enable tftp in xinetd with "chkconfig tftp on".
See the troubleshooting below:
chkconfig --list
NetworkManager 0:off 1:off 2:off 3:off 4:off 5:off 6:off
acpid 0:off&n........
The Cause
Basically it's usually because your Cpanel has new IPs and the old IPs it knows are no longer available/working/valid.
The solution is to change the site's IP but you may run into issues for various reasons. Here is what I encountered below.
It redirects there even though public_html is empty and doesn't have any index or htaccess redirect.
---
This issue happened after a CPanel migration, the site is bein........
Jul 11 15:20:58 tor sendmail[9617]: r6AKjOD07: to=
mailserver.com was the hostname of the server, sendmail sends this by default and many mailservers will reject mail to a hostname that does not resolve or exist.
The easiest way is just to change the hostname and make sure it does resolve to something.
I read there is a way in sendmail.mc to manually set a hostname but I never got it working:
vi /etc/mail/sendmail.mc
define(`confDOMAIN........
Another new drive bad from the start:
Jun 2 15:14:18 one-desktop kernel: [15895.386779] ata2.00: exception Emask 0x50 SAct 0x1 SErr 0x280900 action 0x6 frozen
Jun 2 15:14:18 one-desktop kernel: [15895.386782] ata2.00: irq_stat 0x08000000, interface fatal error
Jun 2 15:14:18 one-desktop kernel: [15895.386784] ata2: SError: { UnrecovData HostInt 10B8B BadCRC }
Jun 2 15:14:18 one-desktop kernel: [15895.386788] ata2.00: cmd 60/0........
Have you ever unplugged the wrong drive and then had to rebuild the entire array? It may not be a big deal in some ways but it does make your system vulnerable until the rebuild is done.
Many distros often enable the "bitmap" feature and this basically keeps track of what parts need to be resynced in the case of a temporary removal of a drive from the array, this way it only needs to sync what has changed.
To enable bitmap to speed up rebuilds and sync........
This happened to a customer Asterisk server and it somehow found the ID of the registration account to the upstream SIP server and was railing connection attempts (it filled up the console and there were literally thousands per second). Basically this caused all incoming and outgoing calls to fail.
It was a temporary fix but the solution was to block that specific IP, it's hard to stop it 100% because the customer needs the default SIP port.........
This is just trying to read 5GB off the drive with dd and the drive initially tested ok but shortly after I wondered why I was seeing 2MB/s read speeds. Notice the "current_pending_sector", anytime I've seen it at anything above 0 even with no other bad fields/attributes, it means the drive is bad.
ata1.00: exception Emask 0x0 SAct 0x3 SErr 0x0 action 0x0
ata1.00: irq_stat 0x40000008
ata1.00: failed command: READ FPDMA QUEUED
ata1.00: cmd 60/00:00:........
This is the most I can get when plugging in a hard drive hot and only on some power connectors.
[71656.314271] ata5: exception Emask 0x50 SAct 0x0 SErr 0x90a02 action 0xe frozen
[71656.314277] ata5: irq_stat 0x00400000, PHY RDY changed
[71656.314285] ata5: SError: { RecovComm Persist HostInt PHYRdyChg 10B8B }
[71656.314294] ata5: hard resetting link
[71660.360686] ata5: softreset failed (device not ready)
[71660.360694] ata5: applying........
vi /etc/httpd/conf.d/ssl.conf
Change the following from "Listen 443" to something like below
Listen 2243
Then find the SSLVirtual Host Context and edit like below (to your new listening port)
##
## SSL Virtual Host Context
##
........
If you make changes to /etc/sysctl.conf (which are permanent and not lost during reboot) but want them to apply with rebooting just use the following command:
sysctl -p
After that your changes will be enabled.........
If you move your hard drive(s) around to other computers/servers, you'll find that your eth0 keeps getting higher, the first time it will become eth1 and then eth2 etc and even higher if your server has dual or quad NICs. The reason is that udevd basically assigns eth0 tot he first NIC it finds and remembers it, if it encounters a NIC with a differentMAC, it assigns it one higher (eg. eth1).
See the example below, I have eth2 now so how doI fix it?........
Client Log
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.1.253 [192.168.1.253] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_d........
Kernel panic - not syncing: Attempted to kill init!
Pid: 1,comm: init Tained: G I------------- 2.6.32-358.el6.x86_64 #1
Call Trace:
[] ? panic+0xa0/0x16f
[] ? do_exit+0x862/0x870
[] ? fput+0x25/0x30
[] ? do_group_exit+0x58/0xd0
[] ? sys_exit_........
Solution To The Following:
yum -y install zlib-devel
yum -y install e2fsprogs*
*** Cannot find /usr/include/et/com_err.h. (yum install libcom_err-devel) ***
Installation didn't pass, halting install.
Once requirements are met, run the following to continue the install:
cd /usr/local/directadmin/scripts
./install.sh
Common pre-install commands:
http://help.directadmin.com/it........
Step #1 - Create Wrapper Script
vi /usr/local/bin/phpsendmail
#!/usr/bin/php
........
[2013/02/22 19:06:37.373564, 0] param/loadparm.c:8004(lp_do_parameter)
Global parameter guest account found in service section!
This is annoying but the solution is simple:
The line "guest account = " is in the section for a share (in /etc/samba/smb.conf), but it should be under globals. Move it under [global] and then everything should be fine.........
There are 3 pieces that are required to restore and make it work (of course consider if any kernel modules need to re-enabled and if you need to change the IPs):
Copy the vz/private/VEID directory to /vz/private
Copy the /etc/vz/conf/VEID.conf to /etc/vz/conf/
mkdir /vz/root/VEID
After that you should be able to see the VE in vzlist -a
You should then be able to start it normally.........
This seems to be a verified bug on KVM with no solution. I wasn't able to get through the installer with Ubuntu 12.04, it would crash while "configuring apt". I was able to install it with Ubuntu 12.10 but it crashes randomly at times.
This happens with the latest Centos 6.3 kernel and KVM package, I even compiled the latest version from the KVM website and used that, but the results are still the same.
Here's some links to discussion about the bugs:........
cat | grub --device-map=/dev/null
Now pay close to the attention of the beginning.
Type: "device (hd0) VPS.img" this is telling what hd0 will be to GRUB and we're telling it the disk image file "VPS.img" in the current directory is hd0, you can specify alternate paths and image names of course.
GNU GRUB version 0.97 (640K lower / 3072K upper memory)
[ Minimal BASH-li........
This booting error is because the Xen PV guest image uses the Xen kernel, this is not compatible with anything but a host running a Xen kernel.
I did a kpartx -av virtual.img and then it created some partitions that showed up in fdisk.
I mounted it and did a chroot into it and removed the xen kernel and installed a normal kernel but Xen still shows the same kernel in Grub (only the Xen one).
This is strange but it seems like this Xen PV guest has some sort of hidden or........
No one needs this feature for the most part, so here's what I added to /etc/dhcpd.conf to fix it:
ddns-update-style none;........
This is something I often setup for clients because it's very helpful for people in datacenters, this allows custom OS installs on demand, you can customize it more by using kickstart etc.. but here's a base I use before customizing more:
This little script below will install everything you need to get booting by PXE Linux.
It also assumes you set a local IP (be sure not to overwrite your existing IP) on eth0:0 (note the :0) as 192.168.1.10 and it........
Here is a quick script that works on most Centos versions to disable the virus/SELinux from blocking basic functionality.
The first echo 0 statement disables SELinux instantly but it will still be enabled on reboot.
The second line disables it permanently.
#!/bin/bash
#disable SELinux Immediately
echo 0 > /selinux/enforce
#disable SELinux Permanently
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config........
qemu-kvm-1.2.0]# ./configure
Disabling PIE due to missing toolchain support
glib-2.12 required to compile QEMU
Solution install glib2
*Don't confuse glib2 with glibc, they are different and it may catch some off guard.
yum -y install glib2*
After that KVM should compile and install just fine.........
ip_conntrack: table full, dropping packet.
A lot of clients I've seen have this issue, it really seems the default level is way too small. Once this connection tracking table becomes full then packets get dropped which is obviously a bad thing.
One thing to be mindful of though is that 350 bytes of memory are used per entry so there is some justification for not keeping it too high. However, if you have multiple servers running or high traffic daemons........
A lot of people become nervous (and understandably so) when checking their auth or security logs, in Centos /var/log/secure and see dozens, hundreds of even thousands of attempted logins to various services, especially SSH.
Of course you could manually block these people/IPs but no one has time to read the logs like that, what if some program or script could do it for you?
This is what denyhosts does for you, it checks the logs and based on a certain number of failed SSH attem........
This may sound silly but there will be conflicts/issues with the default Centos repository so you have to use a third party like remi (I prefer not to do this but it's the only option unless you migrate your sites/data to another server or can stand some downtime-not an option IMHOon a production server).
You may need to upgrade to PHP5.3 to run Joomla or many other reasons.
Your host needs to use PHP 5.2.4 or higher to run this version of Jo........
00:14.2 Audio device: Advanced Micro Devices [AMD] Hudson Azalia Controller (rev 01)
00:01.1 Audio device: Advanced Micro Devices [AMD] nee ATI Device 9902
Backup your also.conf file
cp /usr/share/alsa/alsa.conf /usr/share/alsa/alsa.conf.bk
Change all instances of "card 0" to "card 1" (no need to manually do it, this command below does it all instantly and without fail or error:........
ERROR 1045 (28000): Access denied for user 'contentmanager'@'localhost' (using password: YES)
For fun I thought I'd reset the password:
GRANT ALL ON thecontent.* TO contentmanager IDENTIFIED by 'dfdfsdfdsfsdfsd';
ERROR 1470 (HY000): String 'contentmanager' is too long for user name (should be no longer than 16)
This is ridiculous that this new version has some bizarre 16 character username limit and not only that but i........
After about 15 tabs I believe, they become hidden on the right side and are accessible only by furiously clicking the "right arrow" and even then it takes forever and honestly this hidden tab feature seems to slow down everything.
If you enter "about:config" in your browser without the quotes just set this value to get rid of this annoying (one of many new) feature from Firefox (set it to false and restart your browser):
services.sync.prefs.sync.brows........
Error: detected vswap CT config but kernel does not support vswap
This means either old kernel or bad config (physpages NOT set to 0:unlimited)
Solution
vzctl set $veid --physpages 0:unlimited --save........
So you've just purchased your SSL cert, renewed it and installed it or maybe you've had it installed and working fine all the time with all other browsers but you've upgraded to a recent version of Firefox and suddenly get the warning "Error code: sec_error_unknown_issuer" error.
This is terrible since if you bought an SSL cert, you are most likely using it for trust purposes for your business and obviously that message will scare away most potential customers.........
iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
This solution applies to all other iptables modules/problems for OpenVZ, you'll just need to add them to both lists/lines below if you have modules other than what I have below.
The modules need to be enabled in both iptables and the OpenVZ hostnode itself and then the containers which need it must be restarted.
How To Enable IPTables Modules in OpenVZ........
It's really silly how DA doesn't enable SSL by default but is otherwise a stable, fast and secure control panel.
Here's a copy and paste way of enabling SSL for Directadmin in just a few seconds:
*setup SSL
openssl req -x509 -newkey rsa:1024 -keyout /usr/local/directadmin/conf/cakey.pem -out /usr/local/directadmin/conf/cacert.pem -days 9999 -nodes
That creates the public certificate and private key pair in the location Directadmin expects to fi........
[ 12.460014] ata1: SRST failed (errno=-16)
[ 17.626677] ata1: link is slow to respond, please be patient (ready=0)
[ 22.480011] ata1: SRST failed (errno=-16)
[ 27.646681] ata1: link is slow to respond, please be patient (ready=0)
[ 38.106817] ata1.01: failed to IDENTIFY (INIT_DEV_PARAMS failed, err_mask=0x80)
[ 48.266676] ata1: link is slow to respond, please be patient (ready=0)........
*************************************
* *
* All parts have been installed *
*........
debug1: An invalid name was supplied
Cannot determine realm for numeric host address
debug1: Local version string SSH-2.0-OpenSSH_4.3p2 Debian-9etch3
debug1: An invalid name was supplied
Cannot determine realm for numeric host address
debug1: An invalid name was supplied
A parameter was malformed
Validation error
Solution, disable auth from the ssh client (this is a client side error)........
I experienced this with CPanel's Exim after an auto-update (a Google of this error produces lots of complaints with few clear solutions). In this case I'll put the solution at the top.
Run /scripts/buildeximconf to rebuild the Exim config and it should be fine after that.
mail -vs "from test" user@dest.com < .bash_history
LOG: MAIN
cwd=/root 4 args: send-mail -i -v user@dest.com
LOG: MAIN
&........
Type "about:config" in your browser and then search for "Quit"
Set these values to true
browser.showQuitWarning
browser.warnOnQuit........
In Firefox type "about:config" in the address bar.
Search for "browser.urlbar.trimURLs;false" and set it to true, then you'll have the http:// and https:// back.
Firefox talks about the greater good but unless they don't care about security why would they hide if the url is secure or not?........
I've thought for awhile that Asus has been banking on its years old reputation for quality amongst gamers and enthusiasts and I think I'm right. My Asus VE247H Monitor with a supposed 2MS refresh rate has 1 red/stuck/dead pixel but fortunately it can only be seen on a non-true black picture or against a blue screen.
I have several Asus products and find they're all of fairly poor quality. First of all their motherboards have given me the most issues of any brand, they te........
This is what I call a ridiculous bug in compiz that causes it.
The solution/To fix it just install "compizconfig-settings-manager"
Open it up and Navigate to General Options -> Display Settings
Set the "Refresh Rate" to the current refresh rate of your monitor.
For ATI cards with slow window dragging/response supposedly disabling "Sync to VBlank" fixes that but otherwise leave it as is.........
Stuff like this always happens/breaks after a vzctl update, whether it's new parameters being added or required etc..
File /etc/vz/conf/ve-vps.basic.conf-sample not found: No such file or directory
Fix the value of CONFIGFILE in /etc/vz/vz.conf
Creation of container private area failed
Warning: distribution not specified in CT config, using defaults from /etc/vz/dists/default
WARNING: /etc/vz/conf/4400.conf not found: No such file or directory........
I'll start by showing some problems in the logs:
[2011/08/07 16:22:06, 0] param/loadparm.c:8569(process_usershare_file)
process_usershare_file: stat of /var/lib/samba/usershares/movie failed. Permission denied
[2011/08/07 16:22:06, 1] smbd/service.c:676(make_connection_snum)
create_connection_server_info failed: NT_STATUS_ACCESS_DENIED
That means you don't have permission to access the fi........
I like dd, although it only reads it, usually a read test of the entire disk will uncover if your hard drive is bad in some parts. This is a good thing to do at least once a month, a lot of times bizarre program behavior, laginess and crashing/unnmounting problems etc.. are due to a failing disc and SMART won't know it or indicate a problem:
We must also remember there's never a guarantee, I've found that ever since we moved to larger and more platters per drive with 1TB drives........
Warning: Unable to open /dev/fd0 read-write (Read-only file system). /dev/fd0 has been opened read-only.
That's a very annoying error, it's simply because Centos for some reason thinks it's wise to load the "floppy" kernel module, who has a floppy drive? I haven't seen or used a floppy for over 12 years!
It's more than just annoying, if you probe the drives attached to your system, eg. with grub or partprobe, it keeps trying to locate a flopp........
GNU GRUB version 0.97 (640K lower / 3072K upper memory)
[ Minimal BASH-like line editing is supported. For the first word, TAB
lists possible command completions. Anywhere else TAB lists the possible
completions of a device/filename.]
grub> root (hd1,0)
Filesystem type is ext2fs, partition type 0xfd
grub> setup........
This assumes that you've at least created the correct partition for your DRBD already.
Notice that I am "diskless", that's because either your DRBD partition doesn't exist/has been renamed (eg. sdb becomes sda when sdb dies and you reboot) or because that drive is really actually dead/gone.
*If you need to permanently change the partition/device for your resource be sure to edit /etc/drbd.conf on both hosts and reload the config.
(replace r0 with........
mod_status is a great way to track down the source of high CPU usage and to find what vhost/script is the cause of it.
It gives you a live view of bandwith usage, CPU usage, and memory usage broken down by domain/vhost and script/URI.
Enable mod_status
vi /etc/httpd/conf/httpd.conf
ExtendedStatus On
SetHandler server-status
Order Deny,Allow
Deny from all
All........
yum -y install vnstat
chown nobody.nobody -R /var/lib/vnstat/
#replace venet0 below with your desired interface
sudo -u nobody vnstat -u -i venet0
#edit: vi /etc/sysconfig/vnstat
#VNSTAT_OPTIONS="-i venet0"
# only use the sed below if you are using venet0 instead of eth0 or replace accordingly
sed -i 's/eth0/venet0/g' /etc/sysconfig/vnstat
[root@monitor]# yum install vn........
The fix for this was setting the correct permissions in /var/lib/php, it needs to be "root.root"
And /var/lib/php/session needs to be "root.apache" to work properly.
After that I was able to login to phpMyAdmin as normal. This whole thing happened because I accidentally changed all of /var/lib to root.root.........
This happened during a RAID array check:
SMART says both drives pass the test, but I'm doing a long test on them and hopefully this is not a hardware error.
Apr 3 04:22:01 remote kernel: md: syncing RAID array md2
Apr 3 04:22:01 remote kernel: md: minimum _guaranteed_ reconstruction speed: 1000 KB/sec/disc.
Apr 3 04:22:01 remote kernel: md: using maximum available idle IO bandwidth (but not more than 200000 KB/sec) for reconstruction.
Apr........
You need to enable the httpd daemon with monit to actually view the status and control, it's not only for the web interface since the httpd is theONLY way of controlling monit and viewing the status.
monit monitor all will also reinstate disabled services if they've timed out too much. Just restarting the service will do nothing to re-monitor a service that monit has stopped monitoring due to too many failures.
*Also note that /etc/monit.conf i........
After Installing pgina I couldn't login to Windows anymore with my blank password Administrator account!
An unknown error has prevented your account from being created.nrThis may be due to policy or security settings as well as other machine configuration.nrPlease consult your administrator.
Hit F8 to start Windows in Safe Mode and you can login normally and then remove PGina, it shouldn't cause this problem or behavior out of the box.........
find what MPM Apache is using, it will either be using "worker" or "prefork"
apachectl -l
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c
In my case it is "prefork"
vi /etc/httpd/conf/httpd.conf
Find the section that looks like this (by default one will normally exist for prefork and for worker, but in my case I only care a........
*Remember to restart spamassassin after all of this.
DCC
wget http://www.dcc-servers.net/dcc/source/dcc.tar.Z
tar -zxvf dcc.tar.Z
cd dcc-1.3.138/
./configure;make;make install
#enable DCC, uncomment the line that disables it near the top
vi /etc/mail/spamassassin/v310.pre
pyzor
wget http://sourceforge.net/projects/pyzor/files/pyzor/0.5.0/pyzor-0.5.0.tar.gz/down........
Centos 5 Postfix and SPAMASSASSIN Tutorial
yum install spamassassin
chkconfig spamassassin on
vi /etc/mail/spamassassin/local.cf
##############
#required_hits 5
#report_safe 0
#rewrite_header Subject [SPAM]
#5 is the least restrictive (means only the most obvious SPAM is caught. 0 is obviously the most restrictive/sensitive and would have lots of false positives
require........
yum -y install openssl* gcc-c++ gcc flex g++ make;wget http://www.directadmin.com/setup.sh;chmod +x ./setup.sh;./setup.sh
#enable SSL
/usr/bin/openssl req -x509 -newkey rsa:1024 -keyout /usr/local/directadmin/conf/cakey.pem -out /usr/local/directadmin/conf/cacert.pem -days 9999 -nodes
chown diradmin:diradmin /usr/local/directadmin/conf/cakey.pem
chmod 400 /usr/local/directadmin/conf/cakey.pem
sed -i "s/SSL=0/SSL=1/g" /usr/local/dire........
ls
ls: error while loading shared libraries: libtermcap.so.2: cannot open shared object file: No such file or directory
This is not an ldd problem or case of anything missing, this only happened after I upradedUbuntu.
declare -x PATH="/home/user/bin:/usr/local/bin:/usr/bin:/bin:/usr/games"
"/home/user/bin" is the problem! It's weird because I have no idea how it happened.........
Amarok won't play songs, keeps skipping to the next
Some say install install phonon-backend-xine
but it was already installed automatically, obviously that's not the problem or solution.
Settings -> Configure Amarok
Playback: Configure Phonon
Audio Output: Music
It should show your different audio interfaces, choose Pulse Audio and move it to the top of the list, do the Apply, OK and manually quit Amarok (remember to close it from the tra........
I keep getting messages like this shortly after using the proxy (it works for a few seconds/page loads and then stops):
channel 12: open failed: administratively prohibited: open failed
I'm not sure what the issue is unless there's some kind of hardware firewall on the other end. I've used this exact configuration on multiple servers with no issue and even disabled iptables etc..........
The first thing you need to remember is not to check from the same host/server itself. This is a silly mistake I made, the reason is that many mailservers and especially postfix are configured to allow relaying from the localhost/same host. If you do that you'll get a false positive.
*Make sure you test from another host/system than the mail server itself!
telnet yourmailserverhost.com 25
220 Courier (FreeBS........
Basically you should always be 100% sure that whatever IPyour mail server sends out with has reverse DNS/PTR records. Remember that unless you own your IPs then you won't be able to set your own reverse DNS. Even if you were to create a reverse PTR record on your DNS servers it will be ignored. Reverse DNS is queried to pre-assigned DNS servers of your ISP, so therefore you'll need to contact your ISP/Colo/Hosting provider to do a reverse DNS entry.
If you don't have........
Dovecot enable SSL (by default it uses an old expired cert if you choose pop3s and imaps as protocols)
===================
Create Cert & Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
mkdir /etc/mailssl
chmod 700 /etc/mailssl
cp server.* /etc/mailssl
Edit /etc/dovecot.conf
ssl_cert_file = /etc/mailssl/server.crt
s........
Create Cert & Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
mkdir /etc/mailssl
chmod 700 /etc/mailssl
cp server.* /etc/mailssl
Postfix SSL config
Edit /etc/postfix/main.cf:
#SSL stuff
smtpd_tls_cert_file = /etc/mailssl/server.crt
smtpd_tls_key_file = /etc/mailssl/server.key
To make smtps w........
I think this will be useful to others because I have a server that kept crashing mysteriously during intense disk usage/RAID checks. It would only crash during the weekly RAID integrity check.
ThenI noticed during a reboot that not all CPUs were being brought up, as a result this actually creates much higher temperatures with the output I got from sensors, just booting the system produced higher than normal temperatures.
You can imagine that a full blown RAID check........
genuine.com/IN: loading master file genuine.com.zone: file not found
_default/genuine.com/IN: file not found
I always found it silly that no one really talks about this and apparently many like me and even control panels like Plesk were still using hard paths. I always thought "why can't I just specify the name of the zone file and have bind find it". Surely the default search path must be /var/named or somewhere else but there is no such thing.........
Jan 16 04:02:03 centosbox syslogd 1.4.1: restart.
Jan 16 04:07:34 centosbox kernel: INFO: task updatedb:20771 blocked for more than 300 seconds.
Jan 16 04:07:34 centosbox kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
Jan 16 04:07:34 centosbox kernel: updatedb D F78BE050 6476 20771 20766&n........
CPU/Kernel/MB/RAID problem?
Jan 5 12:45:05 testbox kernel: [653298.890004] BUG: soft lockup - CPU#0 stuck for 61s! [hal-acl-tool:4168]
Jan 5 12:45:05 testbox kernel: [653298.890005] Modules linked in: vmnet vmci vmmon binfmt_misc drbd video output input_polldev ocfs2_stackglue ocfs2_dlmfs ocfs2_dlm ocfs2_nodemanager configfs k8temp hwmon_vid lp snd_hda_intel snd_pcm_oss snd_mixer_oss snd_pcm snd_seq_dummy snd_seq_oss snd_seq_midi snd_rawmidi........
Apache/httpd
Failed to save enabled features : The Suexec command on your system is configured to only run scripts under /var/www, but the Virtualmin base directory is /home. CGI and PHP scripts run as domain owners will not be executed.
This is because I never edited the Apache Config and Virtualmin config to reflect my new/current updated structure.........
Webmin/Virtualmin when enabling bind:
Failed to save enabled features : Virtualmin is configured to setup DNS zones, but this system is not setup to use itself as a DNS server. Either add 127.0.0.1 to the list of DNS servers, or turn off the BIND feature on the module config page.
It means what it says, add "127.0.0.1" to /etc/resolv.conf........
VMWare bridged adapter not working:
Message from system: The network bridge on device vmnet0 is not running. The virtual machine will not be able to communicate with the host or with other machines on your network. Failed to connect virtual device Ethernet1.
I'm not sure how to fix this but one of the issues is that my eth0 became eth1 after moving my hard drives to a new motherboard. I have run the vmware-config.pl but this did not resolve the issue.........
Webmin Setup Centos 5:
wget http://downloads.sourceforge.net/project/webadmin/webmin/1.530/webmin-1.530-1.noarch.rpm?r=http%3A%2F%2Fwww.webmin.com%2Fstandard.html&ts=1294339690&use_mirror=surfnet
[1] 24229
[2] 24230
[root@host ~]# --2011-01-06 21:48:20-- http://downloads.sourceforge.net/project/webadmin/webmin/1.530/webmin-1.530-1.noarch.rpm?r=http%3A%2F%2Fwww.webmin.com%2Fstandard.html
Resolving downloads.sourceforge.net... 216.34.181.........
Virtualmin Postfix Error:
The status of your system is being checked to ensure that all enabled features are available, that the mail server is properly configured, and that quotas are active ..
A problem was found with your Postfix virtual maps : No map sources were found in the Postfix configuration
.. your system is not ready for use by Virtualmin.
........
This made me nervous but it's clearly a cronjob based on the messages log that happens every Sunday at about 4:22.
I actually can't find any evidence of it in cron.d cron.daily but it is there somewhere obviously.
What I don't get is why doesn't this cronjob do a datacheck like Ubuntu's cronscript does? When you unnecessarily rebuild the array you lose your redundancy during that point which makes your data extremely vulnerable.
*Update I did a grep of &q........
The normal solution doesn't help or apply here:
ssh -v user@192.168.5.41
OpenSSH_4.3p2 Debian-9etch3, OpenSSL 0.9.8c 05 Sep 2006
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.5.41 [192.168.5.41] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: i........
Install the "Editors" and "Net" groups that will give you rsync, ssh, ssh-keygen and cron.
The trickiest thing that I keep forgetting about each time is you have to run "cron-config" which adds the cron service to Windows, and without doing that obviously no cron jobs will be run thus making automatic backups impossible.
Warning about rsync/cygwin and using the -a archive switch.
It's a good thing I caught this because it doesn't work ri........
[137392.910057] ata4.00: exception Emask 0x0 SAct 0x1 SErr 0x80000 action 0x6 frozen
[137392.910077] ata4: SError: { 10B8B }
[137392.910095] ata4.00: cmd 60/20:00:00:00:00/00:00:00:00:00/40 tag 0 ncq 16384 in
[137392.910099] res 40/00:00:00:00:00/00:00:00:00:00/00 Emask 0x4 (timeout)
[137392.910122] ata4.00: status: { DRDY }
[137392.910135] ata4: hard resetting link
[137393.440060] ata4: SATA link........
mdadm: metadata format 00.90 unknown, ignored.
This happens with various versions of older mdadm such as mdadm - v2.6.7.1 - 15th October 2008
It is all because an extra 0 in 00.90 in /etc/mdadm/mdadm.conf that it doesn't like (it doesn't seem to cause any problem except that message though):
Solution - Edit your /etc/mdadm/mdadm.conf and change 00.90 to 0.90 in your arrays:
ARRAY /dev/md3 level=raid1 num-devices=2 metadata=0.90 UUID=f41a4644:6b2a05f........
I've only used it on Centos, soI thought I'd make a quick Debian guide:
Install the DRBD Package
apt-get install drbd8-utils
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libswfdec-0.8-0
Use 'apt-get autoremove' to remove them.
The following........
VMWare log: /var/log/vmware/hostd.log
SSL Handshake on client connection failed: SSL Exception
sudo /etc/init.d/vmware-mgmt restart
Stopping VMware management services:
VMware Virtual Infrastructure Web Access
VMware Server Host Agent&nb........
yum exits in the middle
The problem is this VPS seems to be an OpenVZ template from HyperVM. The only way to make it work was to disable i386 packages since this was an x64 kernel. That shouldn't be necessary but it was the only way to make yum stop quitting after the first package or two. I couldn't find any issue by checking the logs either.
echo y|yum install vim-minimal telnet expect jwhois net-tools slocate iptables elinks gawk
L........
I separated the 2 drives in the RAID 1 array.
1 is the old one /dev/sda and is out of date, while the separated other one /dev/sdc was in another drive and mounted and used with more data (updated).
I wonder how mdadm will handle this:
usb-storage: device scan complete
md: md127 stopped.
md: bind
md: md127: raid array is not clean -- starting background reconstruction
raid1: raid set md127 active with 1 out of 2 m........
This is an easy fix and highlights a huge issue again with Linux and Flash still not playing nicely/working as well as Windows yet.
Solution - Go to "about:config" and disable the two entries (set them to false):
dom.ipc.plugins.enabled.libflashplayer.so
dom.ipc.plugins.enabled.libnptest.so........
Moving to RAID was a pain.
What you have to do is the following from an existing install:
Install mdadm
Create your mdadm RAID 1 array on your spare hard drive.
Start it with the missing disk.
rsync the entire contents of your current / to the md partition.
Here's a good way of doing it:
rsync -Pha --exclude=/proc/* --exclude=/sys/* --exclude=/mnt/* /. /mnt/md2........
After an upgrade wine wouldn't open anything, not even the pre-installed notepad.
There are no wine logs and nothing is mentioned in any standard log file about why.
I finally decided to run wine from the shell and see what's going on:
wine client error:0: version mismatch 398/402.
Your wineserver binary was not upgraded correctly,
or you have an older one somewhere in your PATH.
Or maybe the wrong wineserver is still running?........
nautilus-gksu - privilege granting extension for nautilus using gksu
nautilus-sendto - integrates Evolution and Pidgin into the Nautilus file manager
nautilus-share - Nautilus extension to share folder using Samba
nautilus-actions - nautilus extension to configure programs to launch
nautilus-bzr - Bazaar (bzr) integration for nautilus
nautilus-cd-burner - CD Burning front-end for Nautilus
nautilus-clamscan - Antivirus scanning for Nautilus
n........
Virtually no system has a floppy disk drive anymore but you will often find your Linux distribution insists that you do or should have one :)
The solution is to remove the floppy module and prevent it from loading on the next reboot.
rmmod floppy
Centos/RHEL
echo "blacklist floppy">> /etc/modprobe.d/blacklist
#update initramfs so it takes effect
dracut........
ping test.com
connect: No buffer space available
/var/log/messages
Oct 18 12:21:03 vps kernel: printk: 177 messages suppressed.
Oct 18 12:21:03 vps kernel: Neighbour table overflow.
Solution in /etc/sysctl.conf:
net.ipv4.neigh.default.gc_thresh1 = 4096
net.ipv4.neigh.default.gc_thresh2 = 8192
net.ipv4.neigh.default.gc_thresh3 = 8192
net.ipv4.neigh.default.base_reachab........
[function.vB-Registry-include]: failed to open stream: No such file or directory in /www/vhosts/site.com/forums/includes/class_core.php on line 2394
This happens on a new vBulletin install where you haven't created the config.php file. Simply copy the config.php.new file into config.php and you'll be good to go.........
2010:09:09-22:22:11: The ip of this machine (xx.xx.xx.xx) does not match the ip in the license file.
Check the value of your ethernet_dev=venet0:0 setting in your /usr/local/directadmin/conf/directadmin.conf file and the output of /sbin/ifconfig
Solution
/usr/local/directadmin/scripts/getLicense.sh........
service vz start
Starting OpenVZ: failed to load module vzmon [FAILED]
vzmon: Unknown symbol ve_snmp_proc_init
vzmon: Unknown symbol addrconf_sysctl_free
vzmon: Unknown symbol ve_ndisc_init
vzmon: Unknown symbol addrconf_ifdown
vzmon: Unknown symbol ip6_frag_cleanup
vzmon: Unknown symbol fini_ve_route6........
service vz start
Starting OpenVZ: failed to load module vzmon [FAILED]
vzmon: Unknown symbol ve_snmp_proc_init
vzmon: Unknown symbol addrconf_sysctl_free
vzmon: Unknown symbol ve_ndisc_init
vzmon: Unknown symbol addrconf_ifdown
vzmon: Unknown symbol ip6_frag_cleanup
vzmon: Unknown symbol fini_ve_route6
........
cd /etc/yum.repos.d
wget http://download.openvz.org/openvz.repo
rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ
yum install ovz-kernel-PAE
Now remember to set /etc/sysctl.conf to "net.ipv4.ip_forward = 1"
You can apply the change immediately by running sysctl -w net.ipv4.ip_forward = 1 but remember that you still have to set sysctl.conf
sysctl -p will load and apply any changes to s........
This has stumped me a few times because I keep forgetting that Centos 5.5 comes with a default iptables configuration that ends up blocking DRBD traffic,I tried all the normal things and couldn't understand why I couldn't make my normal DRBD config work. So if you have WFConnection problems and have tried the normal "mailing list" fixes, check your firewall status first!
Both Nodes Say the Following:
version: 8.3.8 (api:88/prot........
Create New RAID 1 Array:
First setup your partitions (make sure they are exactly the same size)
In my example I have sda3 and sdb3 which are 500GB in size.
mdadm --create /dev/md2 --level=1 --raid-devices=2 /dev/sda3 /dev/sdb3
mdadm: array /dev/md2 started.
Check Status Of The Array
*Note I already have other arrays md0 and md1.
You can see below that md2 is syn........
Adding IP address(es): 192.168.5.8 192.168.5.9
Setting CPU units: 1000
Error: undump failed: Invalid argument
Restoring failed:
Error: iptables-restore exited with 2
Error: Most probably some iptables modules are not loaded
Error: rst_restore_net: -22
Container start failed
Stopping container ...
Container was stopped
Container is unmounted
Error: Failed to undump VE
Resuming...
vzquota : (erro........
I am a huge fan of Linux and the idea of OpenSource but I've said it many times, there are still hurdles in today in 2010 for Linux as a Desktop. Linux is still intended for servers at its very core. This can be changed succesfully though, as Apple has shown us with Mac OS X based on FreeBSD.
Half of the issue is lack of driver support and the other half is the Linux Kernel and Window Manages, KDE and GNome still both don't cut it (but they're getting closer).
I'll........
Basically it seems that Thunderbird only remembers/savesfor the first/default identity account. It is very annoying when the signature gets placed at the bottom and another huge oversight on Mozilla's part.
Fortunately you can hack/manually set this setting.
The solution for fixing the Signature At the Bottom (Below The Quote)
Click Tools -> Options ->Advanced -> Config Editor
Then search for ".sig_bottom" and set them al........
This error is annoying, in a Virtuozzo KB entry about this ip tables nat problem they say the kernel needs to be ugpraded:
Symptoms
The node runs 2.6.18-x kernel older than 2.6.18-028stab053.10.
NAT module does not work in container, you get "can't initialize iptables table 'nat'" error:
# iptables -t nat........
This server was experiencing loads of up to 80 and maxing out the RAM and kmemsize on a CPanel VPS. There were literally dozens if not hundreds of exim processes. I have no idea why exim has such a design that would allow it to consume this much CPU and RAM. Any normal MTA should not be spawning so many processes, it should be processing them in sequence and if it is going to spawn hundreds of processes in response to a large volume of mail, it's better to have a delayed del........
After installation Directadmin does not work on OpenVZ VPS when browsing http://ip.ip.ip.ip:2222
service directadmin status
directadmin dead but pid file exists
tail /var/log/directadmin/error.log
Check the value of your ethernet_dev=eth0 setting in your /usr/local/directadmin/conf/directadmin.conf file and the output of /sbin/ifconfig
2010:07:10-12:44:01: ioctl can't find........
[27969.398749] sd 5:0:0:0: [sdb] 3907029168 512-byte hardware sectors (2000399 MB)
[27969.398749] sd 5:0:0:0: [sdb] Write Protect is off
[27969.398749] sd 5:0:0:0: [sdb] Mode Sense: 00 3a 00 00
[27969.398749] sd 5:0:0:0: [sdb] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[27972.117543] ata6.00: exception Emask 0x0 SAct 0x1 SErr 0x0 action 0x0
[27972.117543] ata6.00: irq_stat 0x48000000
[27972.117543] ata6.00: cmd 60/08:00:ff:7........
This is a great way to use your ftp server space, for example on your web hosting account (althoughI believe many hosts don't allow storage like this), but if you have a VPS/Dedicated Server etc.., this would be perfect. Imagine how easy it is to work with an ftp account that you can just mount as a normal partition or directory in Linux, it would be great for backups etc..
Name
curlftpfs - mount a ftp host as a local directory
Synopsis........
I've never understood how to enable and disable services for different run levels in Debian based distros, it's just weird, annoying and doesn't make sense. I much prefer chkconfig from RHEL.
Just install the package called 'rcconf' and be done with it. rcconf makes things easy for you.
apt-get install rcconf
Reading package lists... Done
Building dependency tree
Reading state information... Done........
I'm using Ubuntu 8.04 but anyone using older kernels will find this may apply to them. My Intel graphics are very slow with the default Xorg settings but by using "EXA" acceleration, scrolling down windows of text becomes pretty snappy.
Just edit /etc/X11/xorg.conf
Section "Device"
Identifier "Configured Video Device"
&nb........
route add -net 192.16.5.0 netmask 255.255.255.0 eth0
Of course adjust as you need (eg. the 192.16.5.0 should be changed to the subnet you need access to and eth0 should be changed to the network device that you want that subnet routed through). I also use the /etc/sysconfig/rc.local script and add the above into it (remember that this route only gets added AFTER all other init scripts have finished though).........
I wasted a lot of time wondering why I could never find those packages.
Check the /etc/yum.conf file and at the bottom look for the "exclude=" line.
Below is what I found in mine
exclude=apache* httpd* mod_* mysql* MySQL* da_* *ftp* exim* sendmail* php* bind-chroot*
Just remove those entries or uncomment that line and you'll get access to the missing applications.........
Edit /etc/wwwacct.conf
Then add/edit the HOST line to add your hostname. eg:
HOST yourcpanelserver.com........
Basically the two main types of distros are Debian and RHEL/Centos based. I'm just going to give a quick overview of how the configuration of IP interfaces works in Debian/Centos based distros.
*Just one thing to remember, when setting IPs statically you have to manually specify a DNS server in /etc/resolv.conf (since DHCP is what normally does it automatically)
Debian/Ubuntu/Kubuntu/MEPIS
The IP (DHCP &........
Which one does the OS care about? blkid says the UUID is "787f1fa4-b010-4d77-a010-795b42884f56" while md insists its UUID is "4d96dd3b:deb5d555:7adb93cb:ce9182d9"
When in doubt, do we assume the OS takes the one from blkid?
/dev/md0: UUID="787f1fa4-b010-4d77-a010-795b42884f56" TYPE="ext3"
[root@localhost ~]# mdadm -D /dev/md0
/dev/md0:
Version : 0.90
&........
The default options for iptables are very basic. Here is what you need to do in order to enable them in OpenVZ.
1.) Add the modules to iptables and restart iptables:
vi /etc/sysconfig/iptables-config
Edit the line as so:
IPTABLES_MODULES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"
2.........
This function and others may not work with the stock PHPinstall on Centos/CPanel: Fatal error: Call to > undefined function imagecreatefromjpeg()
Even with libjpeg-devel installed it won't work because PHP was not compiled with jpeg support, so we have to do the dirty work ourselves :)
Here is the command/yum's I did to install missing libraries for PHP that configure will complain about (yes it is a one by one process).
yum install bzip2-........
This is a very simple solution, but most guides out there make you login twice (once to scp the key) and once to put the key in authorized_keys. There's no need for that.
If you don't already have a ~/.ssh/id_rsa.pub just type "ssh-keygen -t rsa" and keep hitting enter until it's done :)
Just use this code to easily enable passwordless login with SSHD
key=`cat ~/.ssh/id_rsa.pub`;ssh user@192.168.5.25 "echo $key >> ~/.ssh/auth........
CC drivers/message/fusion/mptsas.o
drivers/message/fusion/mptsas.c: In function `mptsas_port_delete':
drivers/message/fusion/mptsas.c:106: sorry, unimplemented: inlining failed in call to 'mptsas_set_rphy': function body not available
drivers/message/fusion/mptsas.c:462: sorry, unimplemented: called from here
make[3]: *** [drivers/message/fusion/mptsas.o] Error 1
make[2]: *** [drivers/message/fusion] Error 2
mak........
This drive is clearly on the way out, the Kernel knows it but I'm surprised that SMART is not concerned. I didn't blame Seagate for their past issues until now. This hard drive has hardly been used and has not even been powered on for a year according to SMART.
Home page is http://smartmontools.sourceforge.net/
=== START OF INFORMATION SECTION ===
Model Family: Seagate Barracuda 7200.11
Device........
From the package "parted" you can use the command "partprobe" to re-read the partition table. I really hate rebooting, and that's what Iloved to hear about AHCI motherboards, that they allow hotswap so you don't have to reboot. But that's only as good as the OS, if the OS does not reload the partition table you won't be able to do anything with that new drive you attached without rebooting. Yes, even without re-reading the partiton table Linux will........
You can find it for free at http://nginx.org/ I find nginx is simpler to setup than pound (it's not hard but I found it unintuitive and annoying), it seemed to make some basic setups overly complicated with the config file syntax.
nginx on the other hand is perfectly suited in everyway, it is even simpler to setup and seems to be the most stable and most efficient any load balancer. I would go as far as to say that a good nginx setup is more relia........
Before we start I take no responsibility for this, you should have a backup and if you make a mistake during this process you could wipe out all of your data. So backup somewhere else before starting this as a precaution, or make sure it's data you could afford to lose.
The RAID 1 Setup (Hardware Wise)
I've already setup my 2 x 1TB (Seagate) drives with identical partitions, make sure your new hard drive (the empty one) is setup like your curr........
I have no idea why but mkfs.ext3 defaults to a patheticlly small blocksize of 1024 bytes/1KB (kilobyte). That means the maximum filesize is ONLY 16GB! With 2KB/2048 bytes you get a 256 GB maximum filesize, and with 4KB/4096 bytes you get 2TB!
I finally noticed/paid attention to this after realizing that with rsync and scp that no file larger than 17GB could be transferred. I then realized it must be a file size limit on the partition.
Here is what tune2fs tol........
It's basically free bash shell script available from: http://wpkg.org/email2fax/index.php/Main_Page
Make sure you have the required tools:
libtiff
ghostscript
mpack/munpack
Where you can e-mail your Asterisk box and it will fax it to the phone number in the subject line. The good news ends there, it is fairly undocumented and buggy.
Take for example how the documentation mentions you can invoke from the com........
I decided on using yum to help me decide even though I normaly use proftpd I decided to see what else I could find.
yum search ftp
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* rpmforge: ftp-stud.fht-esslingen.de
* base: mirrors.netdna.com
* updates: updates.interworx.info
* addons: yum.singlehop.com
* extras: mirrors.netdna.com
rpmforge........
Here are the results, it is Sempron 3000+ AMD Mobile, 500Gig HDD, 512MB RAM with shared ATI Radeon graphics.
# # # # # # # ##### ###### # # #### # #
# # ## # # # #&nb........
PHP cannot access /usr/bin/opensslI have verified the username that runs the process is able to access /usr/bin/openssl and it does exist but the PHP script is saying it doesn't exist:
[code:1:1fd0f3abbe]
if (!file_exists($OPENSSL)) {
//echo "ERROR: OPENSSL $OPENSSL not foundn";
}[/code:1:1fd0f3abbe]
I don't get itI can clearly see the contents of /usr/bin by using the PHP system fu........
rsync bash script
[code:1:722d8a25c1]#!/bin/bash
# config ---------------------------------
# two methods
# from = receive data from another server
# to = send data to another server
rsync_method=from
rsync_ip='192.168.5.18'
local_dir='/home/backupguy/backups'
remote_dir='/home/backup'
free_space_bin='/home/backups/freediskspace.sh'
# config end ------------------------------
if [ '$rsync_me........
Asterisk FreeBSD compile problemsI couldn't get it to compile without using the following options at compile time:
[b:b7d672ee28]
make install WITHOUT_ZAPTEL=YES WITHOUT_MYSQL=YES WITHOUT_FAX=YES WITHOUT_ODBC=YES WITHOUT_H323=YES[/b:b7d672ee28]Some problems you might have with copying over your Linux config files to FreeBSD is different paths.
[b:f044931f41]For example the etc path for Asterisk on BSD will now be:[/b:f044931f41]
[qu........
Problems surfing web/servingI noticed sometimes websites wouldn't load at random through a FreeBSD box and other systems on the same link didn't have the issue. I believe it is because of the low default limit of 128 TCP connections that caused the problem. It would also slow down any traffic that requires many connections such as Bittorrent.
The fix is to increase the amount of connections to at least 1024
Edit [b:520b050d3e]/etc/sysctl.conf[/b:520b05........
Centos 4.3 x64 & VMWare Server Beta[code:1:6d0b2c8c2f]
The correct version of one or more libraries needed to run VMware Server may be
missing. This is the output of ldd /usr/bin/vmware:
linux-gate.so.1 => (0xffffe000)
libm.so.6 => /lib/tls/libm.so.6 (0xf7fbd000)
libdl.so.2 => /lib/libdl.so.2 (0xf7fb9000)
libpthread.so.0 => /lib/tls/libpthread.so.0 (0xf7fa7000)
libX11.so.6 => not f........
Upgrade Release Kernel TipsThis is for CentOS 3.1 to 3.8 but the methodology will apply everywhere.
I ran into a problem first of all with a non-booting system after running
#yum update centos-release
It took me to 3.8 and upgraded all the other packages [b:7e931c835d]BUT[/b:7e931c835d]
because of some stupid flags enabled in /etc/yum.conf the KERNEL WASN'T UPGRADED SO AFTER BOOTING, WELL IT DIDN'T BOOT OF COURSE :)
H........
Setup Static IP Address ONBOOTAssuming you are using eth0
Note this will work for any version of CentOS and basically any version of Redhat Linux or Redhat based distribution.
You would need to create a new file
[code:1:02f8d34c30] /etc/sysconfig/network-scripts/ifcfg-eth0:0[/code:1:02f8d34c30]
DEVICE=eth0:0
the ":0" at the end specifies alias 0 we could actually change this to ":99" or "........
Updated to Version 3.8 and can't loginSSHD accepts my password but then hangs at "Last login: Wed Sep 13 21:30:02 2006 from"
This occurred during a yum update after upgrading my release, installing the new kernel and rebooting.
I got kicked out of sshd after seeing the following during yum update:
telnet 100 % done 85/476
tux 100 % done 86/476
ntsysv 100 % done 87/476
rpmdb-redhat 94 % done 88/476........
Need identd for port 113 ? Install authdyum install authd
Happy identing :)Actually it's not that simple.
It installs as an "xinetd" service and is disabled and turned off by deafult.
To enable it run:
[code:1:8c94df8319]
chkconfig --level 3 auth on
service xinetd restart
[/code:1:8c94df8319]
This will set identd aka authd to start by default.
service xinetd resta........
Linux Unix Xorg X Server Intel Extreme i810 Graphics Problem(EE) I810(0): No Video BIOS modes for chosen depth.
(EE) Screen(s) found, but none have a usable configuration.
I have a new Dell PC with one of the latest Intel Extreme Graphics on-board crap. From what I can see any Linux/Unix/FreeBSD versions running XFree86 or Xorg from years ago or the latest version today will have this problem.
It's easily corrected FOR MOST people. Go into your........
E-mail (Thunderbird) with GnuPG encryptionThis is great tool for Mozilla Thunderbird which allows you to encrypt your e-mails so only you and the receiver can view it even if the e-mail is intercepting or obtained by another person.
The only small catch is that you of course have to install an extension to Thunderbird and then configure each account you want to use it with. Really it can probably all be done in a few minutes and the effort is worth it.........
Starting/Creating Serviceshttp://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/configtuning-starting-services.html
That might help........
Asterisk Agent Login ProblemUsing the AgentCallbackLogin function I couldn't login
I knew I had my agents setup properly in agents.conf so why couldn't I login?
The reason is because agents.conf was missing the [b:994d7a34af][agents][/b:994d7a34af] context!
I just added [agents] above the existing agent declarations and then I was able to login as expected.
It took a lot of figuring out and reading though!........
Asterisk Queue Context ExplainedThis was never explained in voip-info or any other site I read.
It is understood you can escape to a context from a queue and how to specify it.
[b:882f1e0aee]
What is NOT mentioned is that the context= you specify within the queues.conf refers to a [i:882f1e0aee]context that exists in extensions.conf[/i:882f1e0aee][/b:882f1e0aee]
This will save you headaches if you need to escape from the queue :)........
PHPBB Drop All TablesSQL Syntax:
[quote:75acd496c1]drop table phpbb_auth_access, phpbb_banlist, phpbb_categories, phpbb_config, phpbb_confirm, phpbb_disallow, phpbb_forum_prune, phpbb_forums, phpbb_groups, phpbb_posts, phpbb_posts_text, phpbb_privmsgs, phpbb_privmsgs_text, phpbb_ranks, phpbb_search_results, phpbb_search_wordlist, phpbb_search_wordmatch, phpbb_sessions, phpbb_smilies, phpbb_themes, phpbb_themes_name, phpbb_topics, phpbb_topics_watch, phpbb_user_group, p........
Proftp Passive PortsIf you use a locked down firewall you can edit proftpd.conf and tell it something like this:
[quote:8419cab1f8]PassivePorts 6170 6270[/quote:8419cab1f8]
That would force all passive ftp traffic to ports 6170 6270 which you could then open on your firewall rather than leaving open ports 1024-65000 open........
CVSUp the Easy WayIf you're reading this you probably have never used CVSUp or don't know how.
CVSUp can be used for two things or just one if you prefer.
*Keeping your kernel up to date
*Keeping your port list up to date
Start by editing the following file in:
[b:76928b387d]vi /usr/share/examples/cvsup/cvs-upfile[/b:76928b387d]
It can be quite overwhelming with all the crazy options.
Basically there are only 3........
Basic Port ListingHopefully someone finds this useful or at least interesting.
http://www.sans.org/top20/#u9
Name Port Protocol Description
Small services ........
Other Security Web SitesSeveral websites actively track security issues. This list provides you with the major providers
of security information on the Web. Many of these organizations also provide newsletters and
mailings to announce changes or security threats:
Center for Education and Research in Information Assurance and Security (CERIAS)
CERIAS is an industry-sponsored center at Purdue University that is focused on technology and
relate........
I have played around with Pound a little bit. It is a reverse proxy and load balancer in one, and it can be used as only a reverse proxy if you like. It is very simple to configure as either, and Pound even senses if one of the systems is down and stops sending requests to the dead server.
It supports SSL (but passes the request to the destination server unencrypted) and even the Apache log format. Pound is very simple, fast a........
There is actually by default a "Default SSL" vhost that can mess things up for you and can cause surprising and unexpected results.
Default Apache SSL Cert
in /etc/httpd/conf.d/ssl.conf there is a default SSL Virtual Host which screws things up by offering itself instead of the SSL cert I specify in my own vhosts........
Shortcut/Easiest Way To Create A Self-Signed Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
Using the above, you instantly create a self-signed certificate valid for 1530 days and you can simply skip to step #5.) below.
If You Need a Real SSLCertificate (eg. Equifax/Openssl) then you need to create a CSR request (you'll need to follow Steps 1.) and 2.) in order to create the CSR. You then upload the CSR Certi........
There is a nice mode that Samba supports which you can add to smb.conf
create mode=555
This way users can create and write files/directories without deleting (except I believe dirs can be deleted but only if there are no files inside).
It's too bad that Linux does not have built-in "write"/"delete" privileges and is something that even Windows 98 can trump.........
The results are still not flattering and are nothing close to native performance. Unless GlusterFS has a "DRBD-like" option to delay writes over the network and to only read from the client side, I don't see how performance can ever improve much more.
After doing some client optimizations Iadded more to the score:
Start Benchmark Run: Sun Nov 29 00:37:44 PST 2009
00:37:44 up 3 min, 1 user, load average: 0.01........
I've tried to find a good sensible solution to cluster with and each technology has it's pros and cons and there is no perfect solution and I've found a lot of "exaggerations" in the applications, benefits and performance of these different filesystems.
DRBD
I first started off with DRBD and Ihave to say it does live up to the hype, is quite reliable (although it can be annoying to match up the kernel module and user applications since they must match and whe........
You might remember my original GluserFS/OpenVZ benchmark which produced a horrible 29.8
This is the exact same system, but using the latest 2.0.8 (with some small files patch which speeds up performance) you can see it is about 25% faster.
I also haven't tuned my config files at all, but there are some settings that should increase performance on small files which I believe i........
Loaded plugins: fastestmirror
rpmdb: mmap: No such device
error: db4 error(19) from dbenv->open: No such device
error: cannot open Packages index using db3 - No such device (19)
error: cannot open Packages database in /var/lib/rpm
Traceback (most recent call last):
File "/usr/bin/yum", line 29, in ?
yummain.user_main(sys.argv[1:], exit_code=True)
File "/usr/share/yum-cli/yummain.py&qu........
Have you ever seen this dreaded message in your Apache/HTTPD /var/log/httpd/error_log?
[error] server reached MaxClients setting, consider raising the MaxClients setting
The error itself is slightly misleading. Ibelieve this happened to one of my servers, I found Apache was running still, and that you could telnet to port 80 but no respnose would be given.
For some reason my error log initially did not have the above error, but after a restart I saw........
For some reason Ikeep getting this error when trying to run a sudo command eg:
sudo -u someuser somecommand
sudo: Error dropping capabilities, aborting
My version of sudo is:sudo-1.6.9p17-3.el5_3.1 and I've heard that version 1.7 fixes everything. The only thing is yum does not think sudo has any update. Iguess the new version has not been committed to the RPM repository yet.
This is really a huge and ann........
I was getting very frustrated one day wondering why it appeared my .htaccess file was being ignored and not processed by Apache. No matter what I did it was obvious that Apache didn't care about my .htaccess file. Then I realized that the default settings must be in effect, which is that my vhost didn't explicitly allow me to override the default settings.
This usually comes down to your vhost settings. Make sure you have an entry like this in your Apache vhost settings in........
This is something that annoys a lot of people, fortunately the Redhat style OS's are the most simple in this respect. I disagree that Debian's way makes sense, it is more of a hackish approach in how they implement iptables.
Anyway, for those who are using Redhat/Centos style OS's it is very simple.
Set your rules from the shell/command prompt and to save the iptables firewall rules so they are remember/loaded on boot just run this command:
service iptables........
Truly, the only way to unleash the capabilities and customization abilities of iPhone are to jailbreak, it's not just for hackers anymore.
A few days ago someone by the named of "geohot" released a single click application called "purplera1n", which does the entire operation smoothly and seamlessly.
In our case, the first time it went as far as "done, wait for reboot" on our Windows machine and for minutes we waited and saw the pic on the iPhone w........
This is the Intel Atom 330 motherboard with integrated Realtek Gigabit NIC (Intel Desktop Board D945GCLF2 Motherboard W/ Atom 330 1.6 GHz Dual Core Processor - Mini-ITX)
I cannot achieve more than 15 MB/s, even doing a local transfer through eth0 to it's own IP.
100% 95MB 15.9MB/s 00:06
So this is not a cabling, switch or hardware issue, it seems like a driver or chipset limitation problem.
Here is my........
Icouldn't understand why on one system it took a few minutes to get the SSHlogin prompt when connecting to other systems. The other systems all had the UseDNS parameter set to no, which almost always resolves the login prompt delay.
The reason is Ubuntu and perhaps Debian and other distributions /etc/nsswitch.conf file
Edit yours to have the "hosts" line like so (notice that files and dns are the primary resolution choice........
resume: could not stat the resume device file
I got that after migrating to a different physical hard drive, it wanted to resume from a swap partition that no longer exists.
This is actually controlled by "uswsusp.conf" in /etc
Just edit it and remove the device or change it to the correct new swap file.........
This is really something the SSHServer developers should consider. The cause of this annoyance is because of failed DNS lookups on your IPaddress, which is especially common for many dedicated/col-located servers and also computers on internal NAT/private networks.
The chances are this is the cause of your SSHSlow/Delayed Login problems.
The easy solution to SSH Login Problems
Edit /etc/ssh/sshd_config
Add this line to disable r........
When trying to even cd or ls the mounted OCFS2 partition it crashes. Ithink this is a combination of VMWare Server's problem and the way I mounted and symlinked to it.
More than anything this shows the problem and lack of forsight with VMWare, but also that OCFS2 is easily crashed if you do strange things.
Output of /var/log/messages for OCFS2
Apr 10 15:57:45 localhost kernel: [84331.691258] Modules linked in: vmnet vmci vmmon ocfs2_stac........
Server not using user level security and no password supplied.
tree connect failed: NT_STATUS_WRONG_PASSWORD
That happens when trying to use smbclient to connect to a share. The weird thing is that I can authnenticate just fine from Windows XP.
It is partially my mistake, I forgot this share does have a password. I've tried authenticating with the correct user and also with "Guest" because this works in Windows. In Linux I ........
There's a lot of information and guides on OCFS2 for RHELand Centos Linux but the package setup and configuration is slightly different and this has thrown some people off.
Installing OC2FS
You should install the following packages to get started:
apt-get install ocfs2-tools ocfs2console
Configure OC2FS
In RHEL/Centos the main configuration file is located in /etc/sysconfig/o2cb
However in Debian based Linux it is located........
User username from 127.0.0.1 not allowed because not listed in AllowUsers
What's going on? The user was created properly, it has been defined as having a shell entry and the entry for /etc/passwd and /etc/shadow is set just fine.
This is a new and very smart/secure feature of SSHD. It is simple and yet effective, but also very annoying if you didn't know about it being implemented and that hand editing of /etc/ssh/sshd_config is required to allow a newly add........
This happened on one of my Ubuntu machines where Igot some kind of segfault on line 21 from LAME at random while encoding MP3s (a second try is fine usually). I've read that it's best to compile it from source and that has solved most issues for people.
Here is my preferred configure line:
./configure --enable-mp3x --with-fileio=lame --enable-debug --with-vorbis
Even with that I got a different error this tim........
Feb 5 01:39:33 server named[19768]: zone myzone.com/IN: serial number (12331465) received from master 127.0.0.2#53 < ours (200901281)
The above is taken from /var/log/messages
This can be annoying, it can happen for a variety of reasons. What seems to be happening here is that the slave realizes the time on the slave is ahead of the master, so it therefore assumes it has the most up to date copy and won't actually transfer the zone.
The solutio........
There's a lot of outdated information and confusion for system administrator's out there.
One annoying task for many an Administrator has been backing up data in Linux. You don't need any GUI tools such as K3B or GnomeBaker. Both are excellent tools but for veteran command line users working remotely, using the keyboard is a great and possibly automated way to save yourself pain and hassle.
At a later date we'll cover how scripting can automatically backup certain........