This guide assumes you have a working Postfix server and want it to sign with DKIM.
There are a few things we have to understand to make all of this work though, which require you to be familiar with DNS as well.
1.) Install OpenDKIM
apt install opendkim
systemctl enable opendkim
2.) Edit /etc/opendkim.conf
Syslog yes
SyslogSuccess yes
Mode&nbs........
This can break things easily in remove environments where it was normally easy to convert a normal eth0 to a bridge under br0, and that bridge would normally have the same MAC address by default, which is desirable for most situations.
In Debian 11 this is different for some reason now.
https://unix.stackexchange.com/questions/681013/bridge-gets-random-mac-........
This seems to happen in many different drivers but it happened more often in newer versions such as 530 vs 525.
Then nvidia-modeset goes to 100%
There are many reports of this appearing since driver 4.70 and I can confirm I've seen this in various machines.
https://forums.de........
Sometimes users take their removal drives and unplug and replug them to test what happens during the failure of a disk. However, this breaks things quite badly due to the /dev/mapper in LUKS not coming back online due to it not being closed.
In other words, generally with non-encrypted drives the process is smooth but when encrypted you may want to follow a strategy like this:
We can see below that both disks are unavailable as they were physically remov........
Have you ever tried mounting a partition that you exists but you get this error?
mount: /mnt: can't read superblock on /dev/sda1.
The superblock in this example was bad because the physical disk had corruption and bad blocks/sectors. However, the data was generally accessible and you can always try this trick below (with caution and no warranty).
This is specifically for filesystems that place superblocks in multiple locations, which........
A lot of companies are unsure which solution to choose and many may not be aware of Docker Swarm as an alternative to Kubernetes. One thing that many Sysadmins find is that Docker Swarm is simply easier, quicker to setup and maintain by far than Kubernetes.........
When Is It Time to Leave Your VPS, VDS, and Dedicated Server Provider?
Choosing the right hosting solution—be it Virtu........
In today’s digital landscape, finding a reliable and secure Virtual Private Server (VPS) or Virtual Dedicated Server (VDS) goes beyond just comparing specs and prices. With increasing concerns over data privacy, security breaches, and government surveillance, the wisdom of choosing your VPS/VDS provider based on juri........
This will be the goto to help solve e-mail delivery issues and talk about many practical issues that happen between developers, admins and scripts that send e-mail and do things that may not be acceptable or cause deliverability problems.
Sendmail Stuff
Edit /etc/mail/sendmail.mc
The problem is that if you send directly out from the server using the mail function, the Return-path of the e-mails will be username@thehostnameoftheserver.com. Let........
find /usr/share/zoneinfo/|sed s#"/usr/share/zoneinfo/"##g|grep "/"|grep -v posix|grep -v ^"Etc/"|grep -v ^right|grep -v ^"SystemV"
Africa/Addis_Ababa
Africa/Abidjan
Africa/Blantyre
Africa/Lusaka
Africa/Casablanca
Africa/Libreville
Africa/Asmara
Africa/Bujumbura
Africa/Dakar
Africa/Lagos
Africa/Malabo
Africa/Harare
Africa/Kigali........
If you get this error, it is often because you have configured Apache with modules that weren't actually installed. Eg. you try to load the PHPmodule but didn't actually install the apache2 php module, so the server can't start. In general, this error can often be caused by issues with problematic modules and/or Apache being configured for modules that have not actually be installed (eg. libapache2-mod-php) is missing.
The above results in this less than obv........
This should work for most console ports of other manufacturers too. It is a quick and simple method for emegencies or deploying a few appliances/devices in a non-standard environment or small environment.
However, if this is a route thing, or the equipment is not physically close to you, it would be best to use some sort of "Terminal" server which is an IP connected switch with several serial ports built-in for this purpose. Normally they accessible by web/........
Just in case, it is reocmmended to backup the original contents of the directory (especially your home dir) before proceeding.
Setup ecryptfs
Run this command: ecryptfs-setup-private
It will ask you for your login password, this is so that when you login, everything is automatically decrypted by using a passphrase that is wrapped with your login.
You can hit enter and leave things blank for an autogenerated passphrase (for mounting) or you can en........
How to check what kernel version you have/currently running?
uname -rm
5.4.0-91-generic x86_64
The above shows us that we are running 5.4.0-91-generic on the x86_64 architecture.
The safest way is to stick with the same flavor eg if you're on generic, and say on kernel 5.4.0 then it makes sense to follow what is below. However, if you are migrating or dual booting between newer hardware (eg. you got a........
A lot of developers want to go to 3.11 because of the speed improvements, but most distros never have the latest Python version.
Using the deadsnakes third party repo is the easiest way aside from compiling it yourself (which is safer and recommended):
Step 1 - Add the repo
apt-add-repository ppa:deadsnakes/ppa
If you get an error about requests then install it:........
haproxy is one of the best known and widely used Open Source load balancers out there and a strong competitor to nginx.
haproxy is used by many large sites per Wikipedia:
HAProxy is used by a number of high-profile websites including GoDaddy, GitHub,........
1 - Install Vagrant
apt install vagrant
Make sure you have a supported Virtualization tool like Virtualbox or VMWare, Hyper-V etc.. It automatically detects and uses what you have. Virtualbox has a lot of support here with tons of images.
2 - Init Vagrant
We'll init to have a Debian 10 box by default to show how quick and easy it is.
vagrant init generic/debian10........
This can be a real pain when automating things and you do an apt install and some packages ask a lot of questions.
Make sure you set this variable when running:
DEBIAN_FRONTEND=noninteractive
Remember as well that if chrooting you will want to run like this:
DEBIAN_FRONTEND=noninteractive apt install -y yourpackagename
........
So say you happen to have 2 NICs of the exact same chipset, they will generally show up as the same name, with possibly a different revision in lspci. Normally this is not an issue if you have a server with 4 NICs, generally the eth0 to eth3 appears from left to the right (or right to left on some vendors) so it doesn't take much figuring out.
Generally if you have different chipsets for different NICs, it should be easy to know which one is eth0 or the first NIC in the OS.........
If you are converting a generic wifi IP camera to ethernet, it may not be that simple as many are default hard coded to a static IP of 192.168.1.168 and login info admin/admin.
From there you can login to the camera and assign it to DHCP by going to http://192.168.1.168
For security these cameras +DVR should be on a separate untagged VLAN or if possible a physically isolated non-internet connected switch/network.
The reference below is applicable to many of the r........
Sometimes due to your BIOS/EFI you may find that you have chosen "Energy Efficient" for your CPU which may effectively disable turbo mode. This is because "Energy Efficient" will often restrict or throttle your CPU to the base speed. This can impact nearly any CPU such as Intel's, AMDs, Opteron, Xeon etc...
This is of course frustrating, for example if you have a CPU that is 2.0GHz base speed but turbo to 2.5GHz, you will never hit more than 2GHz.........
It may appear to be an Xorg or lightdm/gdm/mdm error but in reality for many users with this issue, it's a driver conflict and issue. I had a system that had two GPUs, an Intel and Nvidia GPU.
The only thing that got it working was to remove the nouveau driver and blacklist it so it never came back, then the Intel GPU works fine without these issues.
Solution
sudo rmmod nouveau
add nouveau/other driver to blacklist
edit th........
Bonding is an excellent way to get both increased redundancy and throughput. It is similar to the "Network Teaming" feature in Windows.
There are a few different modes but we will use mode 6, I think it's the best of both worlds, as it is not just a failover, but it provides round robin, so you will get redundancy and load balancing. So if you have a 1G single port, you will have a combined throughput of 4G at this point. Just bear in mind that the true thr........
If your audio is not working and you got this in your syslog:
pulseaudio[13710]: [pulseaudio] sink-input.c: Failed to create sink input: too many inputs per sink.
The issue is generally caused by too many audio inputs, or in other words you have too many applications that are hooked into pulseaudio.
An easy and notorious offender is by having dozens of Firefox browser tabs open.
Solution:
Close all of your Firefox and the problem will........
(firefox:9562): LIBDBUSMENU-GLIB-WARNING **: Unable to get session bus: Failed to execute child process "dbus-launch" (No such file or directory)
ExceptionHandler::GenerateDump cloned child 9743
ExceptionHandler::WaitForContinueSignal waiting for continue signal...
ExceptionHandler::SendContinueSignalToChild sent continue signal to child
[Parent 9562, Gecko_IOThread] WARNING: pipe error (40): Connection reset by peer: file /build/firefox-EymEXX/fire........
The Best Docker Tutorial for Beginners
We quickly explain the basic Docker concepts and show you how to do the most common tasks from starting your first container, to making custom images, a Docker Swarm Cluster Tutorial, docker compose and Docker buildfiles.........
Why choose OpenVPN instead of a firewall appliance?
OpenVPN can be a reliable and easy replacement for traditional hardware or just be an additional tool that your company uses so that the firewall can focus on its job rather than acting as a VPNappliance at the same time.
When comparing OpenVPN with traditional firewal........
In our 2024 VPS Server/Cloud Buyer's Guide, we place the location of your VPS/hosting/server as one of the priorities that is often overlooked.
2024 Update - Datacent........
The key is that you need to know the passphrase to do it, if you don't know the password for the key then you can't remove the key since it cannot be decrypted.
ssh-keygen is the easiest method and openssl can be used to manually remove the key and output it to a new file, which you can then copy back over top of the encrypted file.
After that your public key authentication will work without any password prompt because it is no longer encrypted. Make sure you understand........
How To Install Wazuh Server / Quickest Installation
Wazuh (forked from the well known OSSEC project) is a full SIEM (Security Information Event Management) that works extremely well with the platforms it natively supports as an "Agent", which allows you to do scans of everything such as all processes running, CVE vulnerability check, incident reporting etc...
Prerequisites:
A lot of issues with Wazuh seem to be caused by i........
If you are using the stock 5.4 kernel this is normal but I can confirm it is fixed in newer 5.8 kernels.
To fix it just install the 5.8 kernel and reboot:
sudo apt install linux-headers-5.8.0-64-generic linux-modules-extra-5.8.0-64-generic linux-image-5.8.0-64-generic........
Enable "cli" mode equivalent in JunOS
cli
Configure Mode
configure
So rather than going to the console on a Cisco switch and typing "enable" and then "conf t", the equivalent in JunOS is "cli" and "configure".
How Do You Apply Changes You've Made?
You can make all kinds of changes to the switch, but remember they are not........
If you want to start fresh a lot of people falsely assume that an apt remove and then reinstall or apt --reinstall install package will start you off fresh. To be sure and remove all associated config files do the below with the example of ssh server (don't remove it though if you actually use it!)
The key below is using the --purge flag or apt-get purge proftpd (eg sudo apt --purge remove packagename)
apt purge proftpd; apt install proftpd........
Traditionally kernels were numbered starting from 0 but by default the "new style" of grub boot loading considers each subkernel item to be different so if you have 3 entries for 4.40-148 rather than counting for 1.
To get the expected behavior let's show this example and how we can boot it
We do a grep on menuentry in /boot/grub/grub.cfg to see all of the bootable kernels rather than scrolling through loads of extra entries we don't care about (thou........
It took a lot of fiddling to make a Huion Kamvas 13 Pro work in Linux but it simple once you know what to do. Don't bother searching as it is unlkely there is a guide out there that will actually make your tablet work.
It mainly comes down to the fact that the hid_uclogic kernel module is buggy or doesn't support MANYof these wacom based/Huion tablets properly.
What was happening with me is that Ihad the Kamvas 13 Huion setup as a secondary screen/monitor.&nb........
The idlepc value is very important to dynamips and it is both image and often CPU dependent. There is no "magic"value that will work for all images and all CPUs so this is why I'll show you a quick and handy way.
Also don't be disappointed, some values do not work well but idlepc gives you several. For example in my example below #6 didn't help at all but #7 got me down to about 6% CPU from 99-100%.
*Befo........
This tutorial will get your router up and running using emulation tools. In this case we'll be getting a Cisco C7206 (C7200 series) VXR router going which also supports SCCP VOIP services.
dynamips is the emulator itself and dynagen is the front-end tool that helps us control everything. It is used by tools such as gns3 and eve-ng.
Together the two tools (dynamips and dynagen) allow us to create and emulate REAL router........
This assumes your system is a fresh and normally working install.
What often happens is that many new devices have multiple audio outputs which are generally analog and HDMI/Digital out. Sometimes the OS defaults to the wrong one that you didn't want.
For example if your sound is supposed to play over the HDMI, perhaps the output is set to analog or vice versa.........
It really seems limited in that it can mainly give you the things you would see on the physical unit such as load etc..
wget https://downloads.sourceforge.net/project/apcupsd/apcupsd%20-%20Stable/3.14.14/apcupsd-3.14.14.tar.gz?r=https%3A%2F%2Fsourceforge.net%2Fprojects%2Fapcupsd%2Ffiles%2Flatest%2Fdownload&ts=1598115866
tar -zxvf apcupsd-3.14.14.tar.gz
cd apcupsd-3.14.14
[root@somebox apcupsd-3.14.14]#
./conf........
You should only get this if you are using a Pentium II or something really old. The problem here is that newer kernels than 2.6 don't have true i386 support even if you tell it to compile as i386. It will still include features like cmov that break older computers from being able to work.
Generally for very old computers like above, you need to use a 2.6.x kernel and of course make sure it is i386 and all the binaries are as well.
........
yum -y install gcc make gperf genisoimage flex bison ncurses ncurses-devel pcre-devel augeas-devel augeas readline-devel
checking for cpio... cpio
checking for gperf... no
configure: error: gperf must be installed
configure: error: Package requirements (augeas >= 1.2.0) were not met:
Requested 'augeas >= 1.2.0' but version of augeas is 1.0.0
yum remove augeas augeas-libs augeas-devel
wget http://downl........
apt install software-properties-common
add-apt-repository ppa:deadsnakes/ppa
apt update
apt install python3-pip
apt install python3.7 curl gnupg python3.7-dev git
ln -s /usr/bin/python3.7 /usr/bin/python3
pip3 install numpy keras_preprocessing
curl https://bazel.build/bazel-release.pub.gpg | sudo apt-key add -
echo "deb [arch=amd64] http://storage.googleapis.com/bazel-apt stable jdk1.8" | sudo tee /etc/apt/sources.list.d/bazel........
I used to believe that for Desktops especially that the "ondemand" CPUfrequency changing that kernels included with Ubuntu and Debian based distros have would be sufficient for snappy performance.
However, you can feel the lack of performance on the fastest computer if you have ondemand. A lot of times even under high load 100% of your CPUfrequency in MHz will not be used.
For example a 2.8Ghz CPUmay only run at 1.8MHz or even .9GHz. Now........
Occasionally my whole screen locks up and I cannot even swith to the console and I find this in my syslog:
*-display
description: VGA compatible controller
product: Mullins [Radeon R3 Graphics]
vendor: Advanced Micro Devices, Inc. [AMD/ATI]
 ........
The reason for doing this is that the installer doesn't seem to work properly for LUKS and the server installer doesn't even support LUKS anymore. When you use the GUI install on Desktop for LUKS it won't boot and will just hang after you enter your password. So the only reliable way is to do it ourselves.
1.) Make a default minimal install of Ubuntu
2.) Have a secondary disk on the server or VM.
3.)........
This is the reason that I don't like the new ADATA USB drives such as the UV128/64GB or 128GB drives and other ones that look to be the same style (the green sliding USB connector).
They just don't work well from new and never work properly at any point.
[ 788.242463] usb 1-1.2: new high-speed USB device number 16 using ehci-pci
[ 788.339816] usb 1-1.2: New USB device found, idVendor=125f, idProduct=db8a
[ 7........
The problem is that by default ssh-keygen loves to generate an easy to crack 2048 bit key (RSA). Supposedly having a larger keysize helps such as 4096 or 8096 but it is thought to be useless still against Quantum computing.
How can I check my existing keysize and type?
ssh-keygen -lf /path/to/your/id_rsa.pub
The output will be something like below followed by the hash. The first number is the key size and the second part will b........
This problem has been around forever, Linux seems to think it is fine to use the r8169 driver for an r8168 NIC but this often causes problems including the link not working at all.
In my case ethttool shows the link up and detected but it simply does not work especially on a laptop that has been resumed from suspension. Sometimes it takes several minutes for it to work or to unplug and replug the ethernet.
Here is the solution:
Install th........
Downloading and compiling from source to get the latest version of Asterisk is really simple with this guide.
apt install gcc make g++ libedit-dev uuid-dev libjansson-dev apt install libxml2-dev sqlite3 libsqlite3-dev
wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-16-current.tar.gz
tar -zxvf asterisk-16-current.tar.gz
cd asterisk-16.6.2/
./configure
If you get this error change y........
I don't consider a lot of these "extra" kernel modules "nice to have" as they often contain drivers for essential items like your soundcard, your NIC and many other devices that may not work. Sometimes you may find that "sound" or "ethernet" worked before a kernel/OS upgrade and now in the new version they don't. Often it will be because you need to install the "extra" kernel modules.
One other weird thing is that sometimes........
If you've just installed VBox and it is not starting or working, the most common problem is usually that you don't have your kernel source installed, which means there is no kernel driver for vbox so it can't work.
You may get an error that says "Kernel driver not installed" in your Virtualbox.
So the first thing you should do is install your kernel source by running this:
sudo apt-get install linux-headers-`uname -r`........
SSH helps keep us secure in many ways, one of those is the host-key fingerprint which is unique. If you have been connecting to an SSH server that you've made no changes to and suddenly ssh warns that the key doesn't match then you have a problem.
But how about connecting to an existing server for the first time on a new machine or client?
A lot of new clients calculate it using an SHA256 hash but it is not as easy on your host machine to produce the sam........
ssh-keygen -p -f /path/to/your/id_rsa
Enter new passphrase (empty for no passphrase):
After that your rsa private key will be encrypted which is a layer of protection and security in the event that somehow someone acquires your key and tries to access servers that the key is authorized on.........
Install Errors on Version 12:
This error happened on QEMU emulator version 2.11.1 pve-qemu-kvm_2.11.1-5
on Proxmox/Debian but installing on QEMU.12 on Centos 6 did not produce the error.
*Update it is not related to the OS or QEMU version. This happened in Centos 6 too after a second install.
What really causes this even though you successfully install........
The strange thing is that usually the first install or two will work on any new machine but then it suddenly won't. I had this experience on QEMU 2.13 on a different machine. There is something finicky or buggy about the CUCM installer even when choosing the same virtual hardware specs.
qemu-kvm command:
/usr/libexec/qemu-kvm -version
QEMU PC emulator version 0.12.1 (qemu-kvm-0.12.1.2-2.506.el6_10.1), Copyright (c) 2003-2008 Fabrice Bellard
........
In most of the Cisco router IOS I find the ports like ge0/0 ge0/1 and ge0/2 or whatever your ports are down. They will not even give you a link light. So one of the first tasks should be getting the port you are working with up.
In my case the first goal is often connectivity with the LAN and WAN.
LAN = your local area network (eg. in the office/home )
WAN= your ISP/public internet (eg. fiber/cable/dsl/ethernet).........
Enter configuration console:
enable
configure terminal
This is important because if your console doesn't look like below none of the commands will work!
Switch(config)#
Save and Apply Settings
wr
Show Switch Configuration:
show run
Show Port List/Sta........
The key thing is that you must use a "machine"id of "pc-1.3" or it will say your hardware is not supported.
Additionally you MUST use a virtio disk or you will get a ks_pre.sh error as soon as the install starts (a look at logs will show it can't find a disk). This is funny because even though the OS finds the disk and an fdisk -l shows it, it looks like the script looks for a /dev/vda device (virtio) and nothing else, so if you didn't use Virtio as you........
Whether you are at work, at the coffee shop or on the public internet here are some basic but effective rules for iptables that lock things down (eg. no one can SMB or SSH to you or really anything):
# Generated by iptables-save v1.4.21 on Fri Dec 14 14:00:08 2018
*nat
:PREROUTING ACCEPT [160:19844]
:INPUT ACCEPT [4:357]
:OUTPUT ACCEPT [2955:182236]
:POSTROUTING ACCEPT [2955:182236]
COMMIT
# Completed on Fri Dec 14........
growisofs -Z /dev/sr0 critical.tar.gz.gpg
Executing 'genisoimage critical.tar.gz.gpg | builtin_dd of=/dev/sr0 obs=32k seek=0'
I: -input-charset not specified, using utf-8 (detected in locale settings)
File critical.tar.gz.gpg is larger than 4GiB-1.
-allow-limited-size was not specified. There is no way do represent this file size. Aborting.
:-( write failed: Input/output error
#remember to us........
Before getting into the output here is my typical experience with SMART, there is what I call a "bad disk" with pending and uncorrectable sectors that cannot be reallocated.
It has caused a kernel panic and system crash repeatedly as we can see from the logs.
But SMART says it has "PASSED" its self assessment. SMART is still useful to me but it is more about looking at Current_Pending_Sector.
Any time I have had anything but 0 for that attribute it........
Cisco's CUCM (Cisco Unified Communication Manager) is a system that combines voice, video, data and mobile products into a single unified management suite. At its core, the CUCMis like a "Super PBX" that controls the flow of all communications through an organization even single or multiple site deployments.
Cisco's CUCMmakes communication more effective and simple through centralized management and unification of communications resources.........
systemd is like the service manager for your Centos and other modern Linux distributions (including Debian/Mint/Ubuntu) allows you to enable services, stop them, restart them, check their status and even reboot your system.
The key commands or arguments you will use with systemctl are the following:
Unit Commands:
list-units [PATTERN...] List loaded units
&nbs........
You'll have to violate the iso9660 standards but it is necessary if you want to preserve your filesystem and filenames and shouldn't be an issue as long as you are using a modern OS like Linux.
genisoimage -o Backup-Myfiles.iso -r -J -joliet-long /some/path/
You will get errors like below (even enabling joliet-long didn't help)
genisoimage: Error: /some/filename.pdf have the same Joliet name
Joliet tree sort failed. The -joliet-lo........
#Linux Mint 18.2 how to install gajim .16.9 so you can use OMEMO encryption:
sudo apt-get install python-axolotl python-nbxmpp
wget https://gajim.org/downloads/0.16/gajim-0.16.9.tar.gz
tar -zxvf gajim-0.16.9.tar.gz
cd gajim-0.16.9
./autogen.sh ;make;sudo make install
#if you get this error you need to get a newer python-nbxmpp from here:
gajim
Gajim needs python-nbxmpp >= 0.6.1 to run. Quiting...........
Almost always the reason will be that the php.so file is missing but also that php.conf is misconfigured.
In the problem machine it is actually PHP7 installed so if you reference PHP5 of course things wil be broken!
Take for example here:
cat /etc/httpd/conf.d/php.conf
#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamica........
[root@localhost:~]
BootModuleConfig.sh echo host-ind nfcd........
[root@thetor2017 conf]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: WARNING: MaxClients of 3000 exceeds ServerLimit value of 300 servers,
lowering MaxClients to 300. To increase........
dvd+rw-mediainfo /dev/sr0
INQUIRY: [ASUS ][BW-16D1HT ][3.00]
GET [CURRENT] CONFIGURATION:
Mounted Media: 11h, DVD-R Sequential
Media ID: RITEKF1&n........
You can search for this bug and it seems like it may be related to ecryptfs and is many years old.
The symptoms are that you return to the computer and the screensaver was active or the screen was asleep/black and it doesn't seem to come back. But you check by SSH the computer is running fine and are frustrated you'll lose your running programs and have to reboot.
There is a simple solution:
Ctrl + Alt + F1
Ctrl +Alt + F8
Ba........
This is not the normal "black screen"issue and I was shocked to eventually find out why. The normal advice of reconfiguring Xorg didn't work. Even booting into "Recovery Mode" did not help.
Here is the short end of the stick that fixed it:
sudo apt-get install mdm mate-desktop-environment
Yes you got it right, mdm and the mate-desktop-environment / gnome were somehow uninstalled. This must be whe........
This usually happens when you are using something like an INT and try to insert a larger valuethan the maximum which is larger than "2147483647"
On a practical term I have seen this and been guilty of this error when using scripts like PHPand generating large random numbers:
$hash = mt_rand(5,9999999999999);
Obviously that many 9's are more digits than the maximum of an INT resulting in that error. Change your code accord........
In your browser go to "about:config"
Right click and choose "New" ->"String"
The name should be:
general.useragent.override
String Value:
Mozilla/5.0 (Linux; U; Android 2.2.1; en-ca; LG-P505R Build/FRG83) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1
You don't even have to restart to make this work.........
Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]
Some say changing the "leftprotoport=17/%any" will fix this but I have not found this to be the case.
Essentially it means at least one end is blocking the ipsec packets. Sometimes the %any allows an alt........
First of all check to see which version if any you have available for a downgrade:
apt-cache showpkg packagename
Downgrade/Install old package:
apt-get install package=version
Example
apt-cache showpkg caja
Package: caja
Versions:
1.10.3-1+rafaela (/var/lib/apt/lists/packages.linuxmint.com_dists_rafaela_import_binary-amd64_Packages) (/var/........
In Debian/Ubuntu this is called "holding".
To hold/exclude a package from being installed or upgraded:
sudo apt-mark hold packagename
To allow the upgrade/installation unhold:
sudo apt-mark unhold packagename........
This is an important feature a failed read can genuinely occur if a temporary file has been removed or if you try backing up a sysetm file in /proc /sys (which you shouldn't really anyway).
The way to fix this is the following switch:
--ignore-failed-read
Example:
sudo tar --ignore-failed-read -czvf mycomputer-backup.tar.gz --exclude=/home/otheruser/* --exclude=/proc/* --e........
When things go wrong your video is basically unplayable or the first video plays fine and then freezes when moving on to the next. Generally if both videos weren't produced with the exact 100% same settings you will have issues. You can try the basic concat but it often won't work right.
Solution for me:
My example uses 3 videos in total so "n=3" and a=1 to include audio.
ffmpeg -threads 12 -i file1.mp4 -........
Essentially a program I was running for mining did not terminate properly with Ctrl+C it is listed as defunct and cannot be killed, kernel is tainted and normal tricks to disable the port are impossible the dev and sys entries for the device cannot be browsed or interacted with in any form without a lockup of the request. The only solution is to reboot due to the kernel taint as far as I can find so far.
[1130246.811056] INFO: task minerd:21861 blocked for more th........
#if you have nvidia make sure you install the nvidia-cuda-toolkit so hardware acceleration can be used
wget http://ffmpeg.org/releases/ffmpeg-3.3.2.tar.bz2
tar -jxvf ffmpeg-3.3.2.tar.bz2
cd ffmpeg-3.3.2/
./configure --disable-yasm
install prefix /usr/local
source path ........
This is a 8TB Seagate external USB 3.0 device apparently newer kernels use a module called "UAS" instead of "USB Storage" which causes issues as a lot of devices are not properly supported in UAS mode by the kernel driver. The solution some say is to disable UAS specifically for your USB device but I'd rather just disable UAS altogether.
Solution blacklist UAS: *do not do this it does not work and just causes your USB 3.0........
I am using a GTX 1060 but replace the download for the driver with the correct/current version for your particular card by visiting: http://www.nvidia.com/Download/index.aspx?lang=en-us
yum install automake curl openssl-devel libcurl-devel gcc gcc-c++
yum -y install kernel-devel-`uname -r`
yum -y install unzip
#the........
Why won't my Linux Mint boot after I manually installed a new kernel?
eg.
apt-get install linux-image-newerone
Do this
dpkg -l|grep linux-image|grep extra
ii linux-image-extra-3.16.0-38-generic 3.16.0-38.52~14.04.1&nb........
When running cudaminer once it tries to initialize the card the entire screen freezes. The computer itself is still running but the Xorg is done for, you cannot even switch to another console window and must reboot (even an mdm or Xorg restart does not help).
At first cudaminer will give you these errors:
stratrum_recv_line failed
...retry after 15 seconds
GPU #0: Geforce 210 with compute ca........
Here is a simple MP3 player and now there's a reason to understand why the supplied cable has some kind of capacitor and is very short. These devices can be VERY finicky and any voltage fluctuation or difference is enough to cause issues.
Take for example the error messages from Linux Mint:
[804829.895414] usb 1-1: USB disconnect, device number 11
[806961.109030] usb 1-1: new high-speed USB device number 12 using xhci_hcd........
I was sure this was a Centos bug with OpenSSL, Apache, MySQL or even PHP. I tried everything but nothing helped. One clue is that if you check the Apache logs you will see nothing in the access logs until minutes later (this means Firefox has not even passed your request to the remote Apache/htttpd server).
When even accepting the invalid certificate message that would show up minutes later when trying to "View the Certificate" Firefox would freeze. This bu........
These errors believe it or not are simply because of not being the root user or running with sudo! However if you didn't know to try as root you'd think there was a problem with your burner or disc Essentially it looks like without root you cannot send the required scsi commands to continue writing. Ithink cdrecord should have built-in tests or safeguards to see if it has the permissions to run the required commands.
I guess for more advanced users the idea is simila........
*Update so this doesn't work it must be something to do with the path of nfs or something else but the installer fails with "Installer crashed" at the end whereas with the CD/USB it works.
This assumes you've already installed and configured a separate PXE/DHCP server somewhere else and your /tftpboot directory is setup.
This is for Linux Mint 18.1 but generally applies to most versions although you may have tro change things like "casper"........
Does this mean? [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
Basically it means you created your SSL Certificate as a CA the wrong way, usually with this command:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
How can you fix it and do it properly?
Step 1.) Make a new Private KeyCreate server pass key:........
This command will generate a random password using all letters and numbers that is 20 characters wrong based on /dev/urandom (for the most truly random output).
echo `< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-20};echo;`........
This was a surprising bug but I unplugged all drives for an array md127. At first it was just 1 drive and mdadm seemed to notice this. I unplugged the second drive taking the array offline but mdadm did not realize it was offline and still showed a non-existent disk as being part of it. This created problems trying to unmount it or even to stop this array with mdadm freezing.
As for how to fix it I can only think of making sure you are not in a mounted path of........
The solution is simple but strange, if you copy your /var/lib/mysql directory to another server and think it will work, be sure to check if you have /var/log/mysql and binary log files. If you do, the server will not work and will give you errors like below and crash without the proper log files.
UPDATE user SET password=password("newpass") WHERE user='root';
flush privileges;
ERROR 2013 (HY000): Lost connection to MySQL server durin........
I created a new partition table on a newly plugged in device and it caused fdisk to hang (even force kill does not work). It also may be a bad drive or some other issue because fdisk -l hangs after the first 2 HDDs (totaly of 8 HDDs on this system):
[1232879.903596] INFO: task fdisk:27176 blocked for more than 120 seconds.
[1232879.903607] Tainted: P&nbs........
I keep reading these drives are slower, but they are cheap and still SSDand work very fast for my needs.
As you can see the sequential read is 481-491MB/s, if I put them in MDADM RAID10 mode (normal RAID1) they should give me well over 900MB/s and with redundancy and being very cheap for what they offer.
[1232206.315622] scsi 8:0:1:0: Direct-Access ATA ADATA SU800&........
forcedeth 0000:00:08.0: irq 25 for MSI/MSI-X
forcedeth 0000:00:08.0: eth0: MSI enabled
forcedeth 0000:00:08.0: eth0: no link during initialization
ADDRCONF(NETDEV_UP): eth0: link is not ready
forcedeth 0000:00:08.0: eth0: link up
ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
Dec 1 18:21:32 box15 kernel: forcedeth: Reverse Engineered nForce ethernet driver. Version 0.64.
Dec 1 18:21:32 box15 kernel........
In Firefox I cannot connect to any website, proxy is disabled and outside network access is confirmed, no system or manual proxy was set on this Linux Mint/Ubuntu system. Normally this can be caused by proxy or DNS problems and the weird thing is that traceroute and ping to other IPs worked fine but even connecting to sites by IP was not working.
The connection was reset
The connection to the server was reset while the page was loading.........
#solution
Edit /etc/yum.repos.d/openvz.repo
For the first two entries comment out #mirrorlist and uncomment #baseurl and then it worked
openvz yum problem Centos 6.5 cannot find file on mirror:
yum update
Loaded plugins: fastestmirror
Determining fastest mirrors
* openvz-kernel-rhel6: mirrors.ustc.edu.cn
* openvz-utils: mirrors.ustc.edu.cn
base ........
The solution was to reinstall the vbox dkms package and do a manual modprobe of the modules it makes.
I never sorted out the unable to start due to the USB issue, I did have the guest additions installed but the only way to boot was to change the pointing device from USB to PS2 and then to disable the USB controller (if your pointing device is set as USB, disabling USB will not work because it will re-enable by default when it sees your pointing device is USB, this is w........
Your firefox is out of date if you get errors like below:
Secure Connection Failed
........
I never did get it working, it is too bad as obfsproxy should really be an option and integrated into the OpenVPN client and server or something similar:
yum -y install python-pip python-devel
No package python-pip available.
#install the EPEL repo
python-pip install obfsproxy
python-pip install obfsproxy
-bash: python-pip: command not found
pip install obfsproxy
&........
Message from syslogd@server at Sep 14 11:35:59 ...
kernel:[Hardware Error]: MC4 Error (node 1): DRAM ECC error detected on the NB.
Message from syslogd@server at Sep 14 11:35:59 ...
kernel:[Hardware Error]: Error Status: Corrected error, no action required.
Message from syslogd@server at Sep 14 11:35:59 ...
kernel:[Hardware Error]: CPU:6 (10:8:0) MC4_STATUS[Over|CE|MiscV|-|AddrV|CECC]: 0xdc00400021080813........
Motherboard: Gigabyte GA-3CESL: http://b2b.gigabyte.com/products/product-page.aspx?pid=2658#dl
Dell Part Numbers for the motherboard: R1232 R1232L R2232S SERVER MOTHERBOARD GENUINE 408P9 CN-0408P9
GA-3CESL Manual Download here
RAMSlots: 16 (8 controlled by each CPU)
RAMType: DDR2 ECC 5300P........
#from epel repo
yum -y install opendkim
chkconfig opendkim on
cd /etc/opendkim/keys
opendkim-genkey -vd mail.server.com
opendkim-genkey: generating private key
opendkim-genkey: private key written to default.private
opendkim-genkey: extracting public key
opendkim-genkey: DNS TXT record written to default.txt
........
What matters most about VPNproviders in 2024?
We are highly suspicious of VERYLARGE VPN providers that have LOW PRICES and HUGE DISCOUNTS. The suspicion is that for those who know what costs are involved to purchase thousands of IPs and servers are not small. At the prices that many of the big mainstream providers offer, it is likely unprofitable or barely profitable. Then, how are those companies making money or is that even the goal?
There use........
Account Functions -> Change Site's IP Address
Choose the domain and then click "Change"
Choose the new IP
1.) Setup SSL Certificate in cPanel
Click on "SSL/TLS Manager" under the "Security" section.
2.) Under " Private Keys (KEY)"
Click "Generate, view, upload, or delete your private keys."
Choose "Key Size: 4096........
It is a permissions issue that is hard to fix.
All but one USB device is greyed out.
I am already a member of "vboxusers"
I have already enabled and disabled USB support for the guest.
I have already reinstalled the latest VBOx guest editions
If running as root it all works fine
Changing........
It's always bothered me how Wordpress basically forces the user to provide their hosting credentials to install themes and plugins. How do know for sure the data is not being saved, intercepted and being provided backdoor access to the NSA or other agencies or even just being misused by others with access?
Here's how to close the security hole above and if you're already given Wordpress your credentials make sure you change everything associated it with it. Eg. change your........
This server has been running for weeks without issue, it's currently only using 1 of 2 CPUs as it is running in the office as a test bed (mainly due to the handle 12 bay storage/great for testing HDDs). The errors below seem to mainly be from AMD CPUs, it's only happened a single time and in the days since Igot that error it hasn't occurrred.
Interestingly enough /proc/cpuinfo still shows all 4 cores of the CPU (Opteron 2373 Quadcore HE) and the functionality doesn't seem........
Failed to load VMMR0.r0 (VERR_SUPLIB_OWNER_NOT_ROOT)
In most cases the error above is useful, it generally means /usr or /usb/lib or /usr/lib/virtualbox is not owned by root and this is the cause of the error.
Solution
sudo chown root.root /usr/lib........
This happens because of a permissions or ownership issue.
Generally /var/lib/mysql should be all owned by mysql.mysql (check that).
To fix it use chown -R mysql.mysql /var/lib/mysql
Also make sure the files are at least readable and writable by mysql (eg. 700).........
mount -o bind /proc /sda2/proc
mount -o bind /dev/ /sda2/dev
mount -o bind /sys /sda2/sys
chroot /sda2
mint / # mount -o bind /proc /sda2/proc
mint / # mount -o bind /dev/ /sda2/dev
mint / # mount -o bind /sys /sda2/sys
mint / # chroot /sda2
mint / # cd ~
mint ~ # ls
Desktop
mint ~ # cd /
mint / # ls
bin Desktop dev-temp home&nb........
/scripts/phpextensionmgr install PHPSuHosin
Updating md5sum list
Fetching http://httpupdate.cpanel.net/cpanelsync/easy/targz.yaml (connected:0).......(request attempt 1/12)...Resolving httpupdate.cpanel.net...(resolve attempt 1/65)...
Fetching http://httpupdate.cpanel.net/mirror_addr_list (connected:0).......(request attempt 1/3)......connecting to 74.50.120.123...@74.50.120.123......connected......receiving...100%......request success......Done........
LSi Megaraid
At first it was configured as a RAID 0, then I deleted the Virtual Disk Group.
I thought both drives would be shown and detected in Linux as sda and sdb but it actually shows nothing.
To make them work you have to hit Ctrl+R before the system boots (when prompted) and create a Virtual Disk Group. In my case I created each one as RAID 0 (with a single drive only) as I just wanted JBOD but there is no such option or default in these Dell Pe........
pxe-32 tftp open timeout
The solution was to enable tftp in xinetd with "chkconfig tftp on".
See the troubleshooting below:
chkconfig --list
NetworkManager 0:off 1:off 2:off 3:off 4:off 5:off 6:off
acpid 0:off&n........
mysqldump: Couldn't execute 'show create table `general_log`': SHOW command denied to user 'user'@'localhost' for table 'general_log' (1142)
One of my clients almost found out the hard way, here is an unlikely situation that happened.
1.) Years ago the client had another VPS to which they backed up a BLOG nightly to an .sql file, what they forgot is that the file also contained all databases (they used the --all-databases option but forgot). So imagi........
This is useful for developing a lot of applications, I'm putting it here to keep it handy for myself and hopefully others:
Choose CountryCanadaJapanUnited StatesUnited KingdomAfghanistan........
If you move your hard drive(s) around to other computers/servers, you'll find that your eth0 keeps getting higher, the first time it will become eth1 and then eth2 etc and even higher if your server has dual or quad NICs. The reason is that udevd basically assigns eth0 tot he first NIC it finds and remembers it, if it encounters a NIC with a differentMAC, it assigns it one higher (eg. eth1).
See the example below, I have eth2 now so how doI fix it?........
This is a handy link and list of all the relevant Directadmin log files and related servers.
http://help.directadmin.com/item.php?id=11
DirectAdmin:
/var/log/directadmin/error.log
/var/log/directadmin/errortaskq.log
/var/log/directadmin/system.log
/var/log/directadmin/security.log
Apache:........
Here's a proven example of what a bad hard drive can do, it was technically functioning OKin a RAID array but the system became extremely low and the load become high and IOWAIT was even higher and I always thought it was a bad application. The truth is that this failing 1TBHitachi has slowly gotten worse and caused huge slowdowns, (eg. 100% load on Thunderbird waiting for e-mails to load etc..). After swapping it out, tabs change instantly, emails are not lagged, and........
Cannot load certificate file keys/server.crt: error:0906D06C:PEM
The .crt is blank empty because when generating it I kept hitting enter for the defaults and this caused the crt not to be signed.
Certificate is to be certified until Dec 18 00:35:49 2022 GMT (3650 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
So if you get messages like these, a........
This error in my experience is user error although CPanel doesn't help, this message doesn't give you much to go on.
Let's talk more about the process of setting up SSL with CPanel.
Your site must have a dedicated/non-shared IP to even have the option of creating an SSL Certificate.
You must create a Private Key (do not delete this private key!)
You must create a CSR (Certificate Signing Request)
Use CSR to create cert........
I backed up everything in the /mnt/sd_card directory thinking that some dataloss could occur for some reason but purposely left my microSDHC unbacked up thinking that "it won't touch that since it's external" and Samsung's and other manufacturers website even say this (that it won't be affected and not to worry etc).
Apparently I was wrong, my microSD was "undetected" and asked to be formatted after the upgrade (there goes 3-months worth of family photos). No........
This may sound silly but there will be conflicts/issues with the default Centos repository so you have to use a third party like remi (I prefer not to do this but it's the only option unless you migrate your sites/data to another server or can stand some downtime-not an option IMHOon a production server).
You may need to upgrade to PHP5.3 to run Joomla or many other reasons.
Your host needs to use PHP 5.2.4 or higher to run this version of Jo........
For years I've always built cheap systems believing that there is little difference in more expensive components when it comes to reliability and quality, I generally believe this still except for Power Supplies.
I've always bought cheap cases with nice sounding 350-550W stock/cheap/crap power supplies and haven't had any issues for the most part until recently.
One such case is an NGEAR case with a 550W Optimax power supply, I always read that these supplies don't produce the........
I've thought for awhile that Asus has been banking on its years old reputation for quality amongst gamers and enthusiasts and I think I'm right. My Asus VE247H Monitor with a supposed 2MS refresh rate has 1 red/stuck/dead pixel but fortunately it can only be seen on a non-true black picture or against a blue screen.
I have several Asus products and find they're all of fairly poor quality. First of all their motherboards have given me the most issues of any brand, they te........
I'm running Ubuntu 10.10 with Asus NVIDIA GT430
2.6.35-32-generic-pae #65-Ubuntu SMP Tue Jan 24 14:06:16 UTC 2012 i686 GNU/Linux
Nvidia binary driver: 260.19.06
The screen sometimes completely freezes and locks up or everything starts going very slow:
[1903398.100007] NVRM: os_schedule: Attempted to yield the CPU while in atomic or interrupt context
[1903402.373210] NVRM: Xid (0001:00): 53, CMDre 00000000 00000080 00000000 00000005 00........
I dread updating the kernel and rebooting to find the Ubuntu graphics aren't working and you have to manually intervene. This is usually because Ubuntu for whatever reason didn't update the drivers you need (eg. the manually compiled Nvidia Kernel driver that MUST be recompiled for each and every kernel update unfortunately).
The most common reason may be that "linux-source" hasn't been installed automatically on my system. I tried to manually reinstall the........
I really am a Linux fan but my comments here may not show it. Although I'm quite familiar with Linux CLI to administer servers, I find Linux GUI OS's like Ubuntu at times very clunky.
This is partially because there's no such thing as a "self-made" Linux from scratch where the UIwas designed by a single team. Linux is made up of several different projects that are generally completely separate and this lack of integratiion is a key issue that makes things f........
It really is as simple as:
cdrecord -v dev=/dev/sr0 pathtoyourisoimage.iso
-v is for verbose, I prefer it but if you don't you won't see as much output like below (I like to know the details and exactly what's happening)
dev=/dev/sr0 specifies the device name of your burner (they say not to use it and to specify some weird annoying device string but using the raw /dev has always worked for me and is how it should have been implemented from the start IMHO)........
These were caused by a bad stick of Corsair RAM
[] free_hot_cold_page+0xfc/0x150
[] __pagevec_free+0x14/0x1a
[] release_pages+0x127/0x12f
[] __pagevec_release+0x15/0x1d
[] __invalid_mapping_pages+0x120/0x156
[........
I had a system running a 128MB live CD image with 2.8 gigs of available RAM and the OOM kernel killer went crazy when using dd for more than 8 minutes and kept killing everything. I've read that this is due to a low-memory issue and paging in the kernel and 32-bit systems with lots of RAM.
I even enabled swapspace on my LiveCD and the issue happened 25 minutes into dd rather than 8 minutes, so what gives?
Also no swap space was ever used!
cat /proc/s........
I like dd, although it only reads it, usually a read test of the entire disk will uncover if your hard drive is bad in some parts. This is a good thing to do at least once a month, a lot of times bizarre program behavior, laginess and crashing/unnmounting problems etc.. are due to a failing disc and SMART won't know it or indicate a problem:
We must also remember there's never a guarantee, I've found that ever since we moved to larger and more platters per drive with 1TB drives........
In file included from drivers/block/cciss.c:1015:
include/asm-generic/pci-dma-compat.h: In function `cmd_special_free':
drivers/block/cciss.c:196: sorry, unimplemented: inlining failed in call to 'cciss_tag_discard_error_bits': function body not available
include/asm-generic/pci-dma-compat.h:25: sorry, unimplemented: called from here
make[2]: *** [drivers/block/cciss.o] Error 1
make[1]: *** [drivers/block] Error 2
make: *** [drivers] Error 2........
yum -y install vnstat
chown nobody.nobody -R /var/lib/vnstat/
#replace venet0 below with your desired interface
sudo -u nobody vnstat -u -i venet0
#edit: vi /etc/sysconfig/vnstat
#VNSTAT_OPTIONS="-i venet0"
# only use the sed below if you are using venet0 instead of eth0 or replace accordingly
sed -i 's/eth0/venet0/g' /etc/sysconfig/vnstat
[root@monitor]# yum install vn........
You need to enable the httpd daemon with monit to actually view the status and control, it's not only for the web interface since the httpd is theONLY way of controlling monit and viewing the status.
monit monitor all will also reinstate disabled services if they've timed out too much. Just restarting the service will do nothing to re-monitor a service that monit has stopped monitoring due to too many failures.
*Also note that /etc/monit.conf i........
high IO wait
424 root 39 19 1900 848 552 D 0.0 0.0 0:00.91 updatedb
root 424 0.0 0.0 1900 848 ? DN Mar11 0:00 /usr/bin/updatedb -f sysfs?rootfs?bdev?proc?cpuset?binfmt_misc?debugfs?sockfs?usbfs?pipefs?anon_inodefs?futexfs?tmpfs?inotifyfs?eventp........
genuine.com/IN: loading master file genuine.com.zone: file not found
_default/genuine.com/IN: file not found
I always found it silly that no one really talks about this and apparently many like me and even control panels like Plesk were still using hard paths. I always thought "why can't I just specify the name of the zone file and have bind find it". Surely the default search path must be /var/named or somewhere else but there is no such thing.........
Jan 16 04:02:03 centosbox syslogd 1.4.1: restart.
Jan 16 04:07:34 centosbox kernel: INFO: task updatedb:20771 blocked for more than 300 seconds.
Jan 16 04:07:34 centosbox kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
Jan 16 04:07:34 centosbox kernel: updatedb D F78BE050 6476 20771 20766&n........
CPU/Kernel/MB/RAID problem?
Jan 5 12:45:05 testbox kernel: [653298.890004] BUG: soft lockup - CPU#0 stuck for 61s! [hal-acl-tool:4168]
Jan 5 12:45:05 testbox kernel: [653298.890005] Modules linked in: vmnet vmci vmmon binfmt_misc drbd video output input_polldev ocfs2_stackglue ocfs2_dlmfs ocfs2_dlm ocfs2_nodemanager configfs k8temp hwmon_vid lp snd_hda_intel snd_pcm_oss snd_mixer_oss snd_pcm snd_seq_dummy snd_seq_oss snd_seq_midi snd_rawmidi........
Webmin Setup Centos 5:
wget http://downloads.sourceforge.net/project/webadmin/webmin/1.530/webmin-1.530-1.noarch.rpm?r=http%3A%2F%2Fwww.webmin.com%2Fstandard.html&ts=1294339690&use_mirror=surfnet
[1] 24229
[2] 24230
[root@host ~]# --2011-01-06 21:48:20-- http://downloads.sourceforge.net/project/webadmin/webmin/1.530/webmin-1.530-1.noarch.rpm?r=http%3A%2F%2Fwww.webmin.com%2Fstandard.html
Resolving downloads.sourceforge.net... 216.34.181.........
Install the "Editors" and "Net" groups that will give you rsync, ssh, ssh-keygen and cron.
The trickiest thing that I keep forgetting about each time is you have to run "cron-config" which adds the cron service to Windows, and without doing that obviously no cron jobs will be run thus making automatic backups impossible.
Warning about rsync/cygwin and using the -a archive switch.
It's a good thing I caught this because it doesn't work ri........
I've only used it on Centos, soI thought I'd make a quick Debian guide:
Install the DRBD Package
apt-get install drbd8-utils
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libswfdec-0.8-0
Use 'apt-get autoremove' to remove them.
The following........
I wanted to Import/Use a .vmdk hard disk image file from VMWare. Generally you can just "point" VirtualBox to it and use it and it will work but I found an exception.
One of my Centos 4.4 x64 images wouldn't boot. I had two copies, an older one and the newer one. The older one booted as normal (once I changed the VirtualBox driver to IDE from SATA). The newer one stopped at the "GRUB loading" message no matter what I tried.
As far as........
yum exits in the middle
The problem is this VPS seems to be an OpenVZ template from HyperVM. The only way to make it work was to disable i386 packages since this was an x64 kernel. That shouldn't be necessary but it was the only way to make yum stop quitting after the first package or two. I couldn't find any issue by checking the logs either.
echo y|yum install vim-minimal telnet expect jwhois net-tools slocate iptables elinks gawk
L........
I separated the 2 drives in the RAID 1 array.
1 is the old one /dev/sda and is out of date, while the separated other one /dev/sdc was in another drive and mounted and used with more data (updated).
I wonder how mdadm will handle this:
usb-storage: device scan complete
md: md127 stopped.
md: bind
md: md127: raid array is not clean -- starting background reconstruction
raid1: raid set md127 active with 1 out of 2 m........
Remember to replace "eth0" with your NIC device although usually it will be eth0.
Replace 192.168.1.1 with your default gateway, remember you can also add multiple gateways by adding a second/different default gateway.
route
Kernel IP routing table
Destination Gateway Genmask&nb........
I am a huge fan of Linux and the idea of OpenSource but I've said it many times, there are still hurdles in today in 2010 for Linux as a Desktop. Linux is still intended for servers at its very core. This can be changed succesfully though, as Apple has shown us with Mac OS X based on FreeBSD.
Half of the issue is lack of driver support and the other half is the Linux Kernel and Window Manages, KDE and GNome still both don't cut it (but they're getting closer).
I'll........
I finally decided to look into some utils that did this, and the first one I found is "mp3burn". It is unbelievable simple and perfect. *2017-11 update and mp3burn is still available in standard repos such as Ubuntu 14/16 so this is a current and working project.
Just install the package and it gets all required libraries to convert and then burn's on the fly. And you won't believe how simple it is.
I just want to a directory that had the MP3's I wanted t........
This is obviously a bug in the r8169 kernel module and it seems to affect a lot of people. I upgraded to the latest kernel and hope this won't happen anymore, as it is a very serious error. This is especially serious for those who are running servers with this chipset, who can afford for the NIC to randomly go off-line for no apparent reason?
[655548.189113] type=1505 audit(1277067560.902:5): operation="profile_load" name="/usr/bin/freshclam&q........
Here is a RAID 1 partition (500GB Seagate & 2TB WD):
Sequential Reads
File Blk Num Avg Maximum Lat%&nbs........
This function and others may not work with the stock PHPinstall on Centos/CPanel: Fatal error: Call to > undefined function imagecreatefromjpeg()
Even with libjpeg-devel installed it won't work because PHP was not compiled with jpeg support, so we have to do the dirty work ourselves :)
Here is the command/yum's I did to install missing libraries for PHP that configure will complain about (yes it is a one by one process).
yum install bzip2-........
This was unbelievable how much the Xen kernel slows things down, keep in mind both tests were done on the hostnode, one was with the Openvz-Xen hybrid kernel and the other was just OpenVZ. You can see the performance difference is nearly 300% better when not using the Xen kernel.
OpenVZ-Xen Kernel Test Results (I was wondering what was wrong/so slow with my Core i5!)
# # # # # #&n........
The easiest way is if you have a secure way to connect and verify the hostkey of the remote host by using this guide.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOME........
This is a very simple solution, but most guides out there make you login twice (once to scp the key) and once to put the key in authorized_keys. There's no need for that.
If you don't already have a ~/.ssh/id_rsa.pub just type "ssh-keygen -t rsa" and keep hitting enter until it's done :)
Just use this code to easily enable passwordless login with SSHD
key=`cat ~/.ssh/id_rsa.pub`;ssh user@192.168.5.25 "echo $key >> ~/.ssh/auth........
Out of memory: kill process 7559 (rsync) score 635 or a child
Killed process 7559 (rsync)
I was surprised to see this in my dmesg whenmy rsync backup suddenly stalled/stopped.
This system has 3 gigs of RAM and lots of free memory so I don't understand what is happening.
rsync invoked oom-killer: gfp_mask=0x200d2, order=0, oomkilladj=0
Pid: 7600, comm: rsync Not tainted 2.6.24.2 #83
[] oom_kill_pr........
I'm guessing RAM manufacturers forgot they're not the oil/gas companies and are playing games. It was just a year ago when I was buying 2GB sticks as low as $20 CAD! Now the average price is $50 CAD.
What happened to Moore's law when it comes to pricing for RAM? Every other piece of hardware generally has been coming down without exception.
........
From the package "parted" you can use the command "partprobe" to re-read the partition table. I really hate rebooting, and that's what Iloved to hear about AHCI motherboards, that they allow hotswap so you don't have to reboot. But that's only as good as the OS, if the OS does not reload the partition table you won't be able to do anything with that new drive you attached without rebooting. Yes, even without re-reading the partiton table Linux will........
I decided on using yum to help me decide even though I normaly use proftpd I decided to see what else I could find.
yum search ftp
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* rpmforge: ftp-stud.fht-esslingen.de
* base: mirrors.netdna.com
* updates: updates.interworx.info
* addons: yum.singlehop.com
* extras: mirrors.netdna.com
rpmforge........
heartbeat is stopped for some reason
Anyway hnode2 was active and the services are running fine but I see heartbeat has been stopped somehow.
Here is the last log I see of heartbeat:
[quote:23c84415f5]
Sep 9 17:15:32 hnode2 heartbeat: [16738]: info: MSG stats: 9/1762471 ms age 0 [pid16738/MST_CONTROL]
Sep 9 17:15:32 hnode2 heartbeat: [16738]: info: cl_malloc stats: 716/51784021 152624/74519 [pid16738/MST_CONTROL]
Sep 9 17:15:32........
PHP cannot access /usr/bin/opensslI have verified the username that runs the process is able to access /usr/bin/openssl and it does exist but the PHP script is saying it doesn't exist:
[code:1:1fd0f3abbe]
if (!file_exists($OPENSSL)) {
//echo "ERROR: OPENSSL $OPENSSL not foundn";
}[/code:1:1fd0f3abbe]
I don't get itI can clearly see the contents of /usr/bin by using the PHP system fu........
SSH automatic login without passwordlocal> ssh-keygen -t rsa -f .ssh/id_rsa
-t is the encryption type
-f tells where to store the public/private key pairs. In this case, the .ssh directory on home is being used
A password will be asked; leave this part blank, just pressing
Now, go the .ssh directory, and you will find two new files: id_dsa and id_dsa.pub. The last one is the public part. Now, copy the public key to the serv........
Centos 4.3 x64 & VMWare Server Beta[code:1:6d0b2c8c2f]
The correct version of one or more libraries needed to run VMware Server may be
missing. This is the output of ldd /usr/bin/vmware:
linux-gate.so.1 => (0xffffe000)
libm.so.6 => /lib/tls/libm.so.6 (0xf7fbd000)
libdl.so.2 => /lib/libdl.so.2 (0xf7fb9000)
libpthread.so.0 => /lib/tls/libpthread.so.0 (0xf7fa7000)
libX11.so.6 => not f........
Asterisk Agent Login ProblemUsing the AgentCallbackLogin function I couldn't login
I knew I had my agents setup properly in agents.conf so why couldn't I login?
The reason is because agents.conf was missing the [b:994d7a34af][agents][/b:994d7a34af] context!
I just added [agents] above the existing agent declarations and then I was able to login as expected.
It took a lot of figuring out and reading though!........
CDR Manufacturers - Why is so much media bad?I have searched for good media and tried many kinds for years. I guess I'll try to summarize my findings and conclusions.
Dye is irrelevant, dye of any color can be good or bad, it more likely depends on the manufacturer.
Speaking of manufacturers, the name at the top of the disc means nothing. For example, Memorex along with any other 'brand' is actually always made by another manufaturer including CMC Mag........
Other Security Web SitesSeveral websites actively track security issues. This list provides you with the major providers
of security information on the Web. Many of these organizations also provide newsletters and
mailings to announce changes or security threats:
Center for Education and Research in Information Assurance and Security (CERIAS)
CERIAS is an industry-sponsored center at Purdue University that is focused on technology and
relate........
I played around with xmit power (how much power in mW) to see if I could increase the range and signal strength. Idon't think this Linksys WRT54G's strength is the wireless, it seems to have poor signal quality and transfer rates all around.
Ithink part of the problem is also that there are several wireless networks around my house that could be interfering and the walls are thick here.
Anyaway, moving on now :) The default is 28mW and I increased it to........
Shortcut/Easiest Way To Create A Self-Signed Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
Using the above, you instantly create a self-signed certificate valid for 1530 days and you can simply skip to step #5.) below.
If You Need a Real SSLCertificate (eg. Equifax/Openssl) then you need to create a CSR request (you'll need to follow Steps 1.) and 2.) in order to create the CSR. You then upload the CSR Certi........
I wanted to disable the "Administrator" account for security purposes and Iread some "guide" on the internet that recommended that we run "C:WindowsSystem32sysprepsysprep.exe /generalize". I also clicked the option for "Generalize" and the computer rebooted and gave some OOBE error and restarted, and now I get the error above no matter what.
I read that some drivers such as ones from AVIRA AV can cause this because they're unsign........
This really is a difficult and confusing process for non-Mandarin speakers, but here's what I've done and learned so far:
You can purchase an "M-Zone" China Mobile pre-paid SIMCard from almost anywhere but I tried to purchase mine from Suning (a large electronics dealer) hoping they would be able to help me or answer my questions but my plan didn't work out at all. At Suning once I found someone who spoke some English they gave me the 55 RMB M-Zone China Mobile P........
I've tried to find a good sensible solution to cluster with and each technology has it's pros and cons and there is no perfect solution and I've found a lot of "exaggerations" in the applications, benefits and performance of these different filesystems.
DRBD
I first started off with DRBD and Ihave to say it does live up to the hype, is quite reliable (although it can be annoying to match up the kernel module and user applications since they must match and whe........
In those 4 simple commands you can setup mutual key exchange between two sshservers by using a single login shell session and single window.
*Just change the IP address examples of (10.10.0.2) to the target of your mutual key exchange. It doesn't matter if the server is on a LANor WAN(well unless the server is behind a firewall and you cannot SSHinto it).........
genisoimage: Directories too deep for 'Backup/My Documents/My Music/iTunes/Album Artwork/Local/5928CE9C1AFAC465/07/15' (7) max is 6.
Some people said choosing the --iso-level-4 option will help. I just opted to add the "-D" switch and everything was fine.........
When trying to even cd or ls the mounted OCFS2 partition it crashes. Ithink this is a combination of VMWare Server's problem and the way I mounted and symlinked to it.
More than anything this shows the problem and lack of forsight with VMWare, but also that OCFS2 is easily crashed if you do strange things.
Output of /var/log/messages for OCFS2
Apr 10 15:57:45 localhost kernel: [84331.691258] Modules linked in: vmnet vmci vmmon ocfs2_stac........