The error below can be caused by a gateway that is unpingable:
docker swarm join --token SWMTKN-1-1kogg8da68gtb1j7ezaddowyy9s0an5s9tue758o20k18liskw-5h3f61hrrmv3u6agshvbtcklf 172.16.1.80:2377
Error response from daemon: manager stopped: can't initialize raft node: rpc error: code = Unknown desc = could not connect to prospective new cluster member using its advertised address: rpc error: code = DeadlineExceeded desc = context deadline exceeded........
If you get this error, it is often because you have configured Apache with modules that weren't actually installed. Eg. you try to load the PHPmodule but didn't actually install the apache2 php module, so the server can't start. In general, this error can often be caused by issues with problematic modules and/or Apache being configured for modules that have not actually be installed (eg. libapache2-mod-php) is missing.
The above results in this less than obv........
The Best Docker Tutorial for Beginners
We quickly explain the basic Docker concepts and show you how to do the most common tasks from starting your first container, to making custom images, a Docker Swarm Cluster Tutorial, docker compose and Docker buildfiles.........
Why choose OpenVPN instead of a firewall appliance?
OpenVPN can be a reliable and easy replacement for traditional hardware or just be an additional tool that your company uses so that the firewall can focus on its job rather than acting as a VPNappliance at the same time.
When comparing OpenVPN with traditional firewal........
How To Install Wazuh Server / Quickest Installation
Wazuh (forked from the well known OSSEC project) is a full SIEM (Security Information Event Management) that works extremely well with the platforms it natively supports as an "Agent", which allows you to do scans of everything such as all processes running, CVE vulnerability check, incident reporting etc...
Prerequisites:
A lot of issues with Wazuh seem to be caused by i........
A lot of newer installs will automatically prohibit the root user from logging in directly, for security reasons or they will only allow key based access.
If you know what you are doing/don't care about security or have an incredibly secure password for testing, then you can enable it.
Edit this file: /etc/ssh/sshd_config
Find the following line: PermitRootLogin
Set it like this:
PermitRootLogin yes
Now rest........
mysql reset root password.
Oops I can't remember my MySQL root password!
[root@centos7test etc]# mysql -u root -p
Enter password:
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
First we need to stop mariadb:
systemctl stop mariadb
Now we need to restart it with skip-grant-tables whic........
This is all controlled by /etc/issue
You can basically enter anything in there that you like, but there are preset variables that are mentioned at the end of the page that discuss this.
Some examples of /etc/issue:
Centos 7:
S
Kernel r on an m
Ubuntu 16.04:
Ubuntu 16.04.6 LTS n l
You can also insert any of t........
It is much more useful to have meaningful and detailed logging from tftp to see what is or isn't happening especially for VOIPand other embedded device appications:
Edit the file:
vi /etc/xinetd.d/tftp
Change the server line like this:
server_args = -s /var/lib/tftpboot........
This is usually because the Group Policy forbids that user or group from logging in.
run "gpmc" (not "gpedit.msc" as that is for local computer settings when you are not using Active Directory) or go to Administrative Tools and Group Policy Management.
Edit the default domain policy like below........
00:55:07: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
00:55:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
Switch(config)#no logging console
........
A lot of people just have a -j DROP to drop all unwanted traffic or traffic not explicitly allowed but there is a better solution if you want real and proper logging:
Here is another example of more advanced iptables rules.
Take an example iptables rules file
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth1 -p icmp -j ACCEPT........
[root@localhost:~]
BootModuleConfig.sh echo host-ind nfcd........
sudo apt-get install libcurl4-openssl-dev git build-essential autotools-dev autoconf libcurl3
sudo apt-get install libcurl4-gnutls-dev
git clone https://github.com/wolf9466/cpuminer-multi
sudo apt-get install cmake libpthread-* libmicrohttpd-dev libssl-dev libhwloc-dev
git clone https://github.com/fireice-uk/xmr-stak-cpu.git
make install
cd bin
chmod +x xmr-stak-cpu
./xmr-stak -O xmr........
Many people are aware of the "eject command" which works as you would expect.
To eject the disc:
sudo eject /dev/sr0
To insert the disc again you still use the same command but with the "-t" close try toggle:
sudo eject -t /dev/sr0
........
This is most likely to happen on a normal GUI system like Ubuntu or Linux Mint. If you or the user is meant to have sudo / root privileges it is as simple as editing the following files:
Now assume your username is "iamtheuser"
vi /etc/group
adm:x:4:syslog,iamtheuser
sudo:x:27:anotheruser,iamtheuser
Find the above lines and add a comma and "ia........
This is not the normal "black screen"issue and I was shocked to eventually find out why. The normal advice of reconfiguring Xorg didn't work. Even booting into "Recovery Mode" did not help.
Here is the short end of the stick that fixed it:
sudo apt-get install mdm mate-desktop-environment
Yes you got it right, mdm and the mate-desktop-environment / gnome were somehow uninstalled. This must be whe........
It looks like this has something to do with APIC but I am not sure. I have similar CPUs with a different MB and BIOS that work fine on the same type of kernel. A lot of time the issue is because of the C-step setting in the BIOS.
The same thing happened on the 2.6 kernel with Centos 6 but this is a homebrew 4.4 kernel soI am not sure why it is happening when even Centos 7 (3.2) kernel works OK.
Solution - It comes down to the BIOS set........
#if you have nvidia make sure you install the nvidia-cuda-toolkit so hardware acceleration can be used
wget http://ffmpeg.org/releases/ffmpeg-3.3.2.tar.bz2
tar -jxvf ffmpeg-3.3.2.tar.bz2
cd ffmpeg-3.3.2/
./configure --disable-yasm
install prefix /usr/local
source path ........
This is mainly the case on Centos but applies to other distros and situations. If you are running programs in the background with the &, at least in Centos it is usually not honored and if you quit or are disconnected the backgrounded programs will be sent sighup and be shut down.
The simplest way around this instead of using & is to start any programs or commands with "nohup"
Eg.
nohup yourscript.sh........
Using Apache 2.2 and PHP5.6 PHPBB3 is very slow to respond. Actually for some reason it takes so long to even register a log entry in access_log as in several seconds or a few minutes later it shows up in Apache. All other vhosts and Apache access stops working and freezes until the request to access PHPBB3 slowly completes.
It seems to randomly be slow if you stop using it whether for posting or reading the forums. I've migrated to different machines including........
170110 5:35:23 [Note] /usr/libexec/mysqld: Normal shutdown
170110 5:35:23 [Note] Event Scheduler: Purging the queue. 0 events
170110 5:35:23 InnoDB: Starting shutdown...
170110 5:35:24 InnoDB: Shutdown completed; log sequence number 0 12765401
170110 5:35:24 [Note] /usr/libexec/mysqld: Shutdown complete
170110 05:35:24 mysqld_safe mysqld from pid file /var/run/mysqld/mysqld.pid ended........
service named status
rndc: connect failed: 127.0.0.1#953: connection refused
named (pid 10557) is running...
This issue is normally caused by a permissions issue where named doesn't have the permissions to read the rndc.key.
Check /var/log/messages:
Jan 4 17:06:22 storagebox named[10753]: none:0: open: /etc/rndc.key: permission denied
Jan 4 17:06:22 storagebox named[10........
I still cannot understand how this would not be enabled by default and I struggled to find the reason why with manually installing samba etc.. wondering why the option for sharing was not in the menu.
On Linux Mint "MATE" the package is called "caja-share" and on Cinnamon it is called "nemo-share" so edit the below command as necessary:
*Also note that the "samba" package is necessary as it is not inst........
grub> root (hd0,0)
root (hd0,0)
Filesystem type is ext2fs, partition type 0xfd
grub> setup (hd0)
setup (hd0)
But if you do:
root (hd1,0)
setup (hd1)
it does work, I think hd0/sda had a GPT partition that was not removed properly (what I did was just dd bs=512 count=1 the partition table from another drive since the partition table should be identical).
Checking if "/boot/grub/........
This is useful in the case you are not properly logged in via an OpenVZ session or even a normal SSH session that you fear may go down(if the connection is broken the history is not saved).
Save your bash_history like this:
history -w ~/.bash_history
You can always change the above to another file eg /tm........
freshclam
ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!).
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
Tue Oct 13 13:49:35 2015 -> WARNING: Incremental update failed, trying to download daily.cvd
Tue Oct 13 13:49:35 2015 -> WARNING: Can't download daily.cvd from db.local.clamav.net
Tue Oct 13 13:49:35 2015 -> Trying again in 5 secs...........
This is still a weird quirk about phpBB, you can allow everyone+guests to see a forum.
What also controls the first layer is this weird built-in "Anonymous" account. You have to actually give that account specific rights to view all the forums or otherwise the above will happen and you'll wonder why your group permissions don't seem to apply.........
I was worried the server was hacked, I was logged in already as root but couldn't login to CPanel or a new SSHsession. I even reset the password from the shell and it did not work still.
The reason is CPanel Hulk, it detected a brute-force attack so it locked down the root account entirely even from the correct password. According to cPanel the best way around this is to whitelist your IP.........
yum -y install fail2ban
vi /etc/fail2ban/jail.conf
[asterisk-tcp]
enabled = true
filter = asterisk
action = iptables-multiport[name=asterisk-tcp, port="5060,5061", protocol=tcp]
sendmail-whois[name=Asterisk, dest=you@example.com, sender=fail2ban@example.com]
logpath = /var/log/asterisk/messages
maxret........
Another new drive bad from the start:
Jun 2 15:14:18 one-desktop kernel: [15895.386779] ata2.00: exception Emask 0x50 SAct 0x1 SErr 0x280900 action 0x6 frozen
Jun 2 15:14:18 one-desktop kernel: [15895.386782] ata2.00: irq_stat 0x08000000, interface fatal error
Jun 2 15:14:18 one-desktop kernel: [15895.386784] ata2: SError: { UnrecovData HostInt 10B8B BadCRC }
Jun 2 15:14:18 one-desktop kernel: [15895.386788] ata2.00: cmd 60/0........
This is just trying to read 5GB off the drive with dd and the drive initially tested ok but shortly after I wondered why I was seeing 2MB/s read speeds. Notice the "current_pending_sector", anytime I've seen it at anything above 0 even with no other bad fields/attributes, it means the drive is bad.
ata1.00: exception Emask 0x0 SAct 0x3 SErr 0x0 action 0x0
ata1.00: irq_stat 0x40000008
ata1.00: failed command: READ FPDMA QUEUED
ata1.00: cmd 60/00:00:........
smartctl -a /dev/sda
smartctl version 5.36 [i686-pc-linux-gnu] Copyright (C) 2002-6 Bruce Allen
Home page is http://smartmontools.sourceforge.net/
Device: ATA WDC WD1600YS-01S Version: 20.0
Serial number: WD-WCAP03024940
Device type: disk
Local Time is: Mon Apr 29 21:40:07 2013 PDT
Device does not support SMART
Error Counter logging not supported........
Here's a proven example of what a bad hard drive can do, it was technically functioning OKin a RAID array but the system became extremely low and the load become high and IOWAIT was even higher and I always thought it was a bad application. The truth is that this failing 1TBHitachi has slowly gotten worse and caused huge slowdowns, (eg. 100% load on Thunderbird waiting for e-mails to load etc..). After swapping it out, tabs change instantly, emails are not lagged, and........
I like dd, although it only reads it, usually a read test of the entire disk will uncover if your hard drive is bad in some parts. This is a good thing to do at least once a month, a lot of times bizarre program behavior, laginess and crashing/unnmounting problems etc.. are due to a failing disc and SMART won't know it or indicate a problem:
We must also remember there's never a guarantee, I've found that ever since we moved to larger and more platters per drive with 1TB drives........
I had a dying drive that smart thought until it totally disappeared was a good drive, and actually all parameters did look fine but this system was causing my system to lockup and other bad behavior:
=== START OF INFORMATION SECTION ===
Device Model: WDC WD20EARS-00MVWB0
Serial Number: WD-WMAZ20139
Firmware Version: 50.0AB50
User Capacity: 2,000,398,934,016 bytes
Device........
I had one of these shipped and it was not recognized when plugged in, here's what a dead drive looks like (I assume it's teh circuit board which is dead):
ata1: link is slow to respond, please be patient (ready=0)
ata1: softreset failed (device not ready)
ata1: SATA link up 3.0 Gbps (SStatus 123 SControl 300)
ata1: link online but device misclassified, retrying
ata1: link is slow to respond, please be patient (ready=0)
ata1: softreset f........
One thing to note about DNS servers and providers is that they aren't always trustworthy, not even if they're Google or your favorite ISP. Any DNS server can compromise your privacy, and they are likely tracking your browsing habits and keeping logs of it. Sometimes it's for Marketing/Research purposes such as Google's GMail service which they admit is scraped/datamined. I would expect nothing less from their DNS service.
The other danger with such widely used and pu........
If you have a webserver and find you have high IO/lagginess MySQL is one of the first things to check. It turns out MySQL was my problem and it was creating a high load on my server, especially for IO.
How to Enable MySQL Slow Query Logging To Find Slow Performance/Queries
vi /etc/my.cnf
Add this anywhere under [mysqld]
#slow queries
log-slow-queries = /var/log/mysql/mysqlslowqueries.log
long_query_time = 1........
mod_status is a great way to track down the source of high CPU usage and to find what vhost/script is the cause of it.
It gives you a live view of bandwith usage, CPU usage, and memory usage broken down by domain/vhost and script/URI.
Enable mod_status
vi /etc/httpd/conf/httpd.conf
ExtendedStatus On
SetHandler server-status
Order Deny,Allow
Deny from all
All........
ls
ls: error while loading shared libraries: libtermcap.so.2: cannot open shared object file: No such file or directory
This is not an ldd problem or case of anything missing, this only happened after I upradedUbuntu.
declare -x PATH="/home/user/bin:/usr/local/bin:/usr/bin:/bin:/usr/games"
"/home/user/bin" is the problem! It's weird because I have no idea how it happened.........
The first thing you need to remember is not to check from the same host/server itself. This is a silly mistake I made, the reason is that many mailservers and especially postfix are configured to allow relaying from the localhost/same host. If you do that you'll get a false positive.
*Make sure you test from another host/system than the mail server itself!
telnet yourmailserverhost.com 25
220 Courier (FreeBS........
Let the numbers speak for themselves, from what I read the Load_Cycle_Count which is very high (more than 500,000/half a million times) is the number of head parks. What a stupid"Green" design and design flaw which will probably mean an early life for the drive.
This is almost as silly as Seagate's new reputation for BSY/poor quality disks since the 7200.11 series.
To make it worse this is also when Western Digital introduced "Advanced Format" o........
wget http://download.virtualbox.org/virtualbox/3.2.8/VirtualBox-3.2-3.2.8_64453_rhel5-1.i386.rpm
rpm -i http://download.virtualbox.org/virtualbox/3.2.8/VirtualBox-3.2-3.2.8_64453_rhel5-1.i386.rpm
error: Failed dependencies:
libGLU.so.1 is needed by VirtualBox-3.2-3.2.8_64453_rhel5-1.i386
libSDL-1.2.so.0 is needed by VirtualBox-3.2-3.2.8_64453_rhel5-1.i386
libXmu.so.6 is needed b........
I've recently used CPanel on the admin side for the first time and have to say I hate it. Everything from the layout to the functionality screams "hackish". It just lacks so many common sense features and way of working.
I was never 100% impressed with Plesk but the basics were definitely laid out and done in a sensible manner, even though it is made by a Russian company, they definitely thought about how to make a Control Panel.
I have no idea why people........
This drive is clearly on the way out, the Kernel knows it but I'm surprised that SMART is not concerned. I didn't blame Seagate for their past issues until now. This hard drive has hardly been used and has not even been powered on for a year according to SMART.
Home page is http://smartmontools.sourceforge.net/
=== START OF INFORMATION SECTION ===
Model Family: Seagate Barracuda 7200.11
Device........
Seagate Inventory/Firmware Check
I heard about this issue a long time ago but never looked into it. I figured I wasn't affected since my 500GB drives were running for so long. I've been using Seagate's since 2002 and to this day all of the drives I have are alive from Seagate.
*Update the bad news is that I realize one of my 500GB's is about to die, it's not even a year old, but is also not affected by the recall according to Seagate!
Seagate Inventory/Firm........
It's basically free bash shell script available from: http://wpkg.org/email2fax/index.php/Main_Page
Make sure you have the required tools:
libtiff
ghostscript
mpack/munpack
Where you can e-mail your Asterisk box and it will fax it to the phone number in the subject line. The good news ends there, it is fairly undocumented and buggy.
Take for example how the documentation mentions you can invoke from the com........
PHP cannot access /usr/bin/opensslI have verified the username that runs the process is able to access /usr/bin/openssl and it does exist but the PHP script is saying it doesn't exist:
[code:1:1fd0f3abbe]
if (!file_exists($OPENSSL)) {
//echo "ERROR: OPENSSL $OPENSSL not foundn";
}[/code:1:1fd0f3abbe]
I don't get itI can clearly see the contents of /usr/bin by using the PHP system fu........
Asterisk FreeBSD compile problemsI couldn't get it to compile without using the following options at compile time:
[b:b7d672ee28]
make install WITHOUT_ZAPTEL=YES WITHOUT_MYSQL=YES WITHOUT_FAX=YES WITHOUT_ODBC=YES WITHOUT_H323=YES[/b:b7d672ee28]Some problems you might have with copying over your Linux config files to FreeBSD is different paths.
[b:f044931f41]For example the etc path for Asterisk on BSD will now be:[/b:f044931f41]
[qu........
Trouble connecting between Windows XP and Windows 98 SharesOk a few things to check for:
* Disable all firewalls
* Make sure NetBEUI is enabled on both computers
* Make sure the Windows XP computer has the name of the computer logged in user of Windows 98 added as an XP user
* Add the XP user to anything you want to share
That fixed my problem........
This is really something the SSHServer developers should consider. The cause of this annoyance is because of failed DNS lookups on your IPaddress, which is especially common for many dedicated/col-located servers and also computers on internal NAT/private networks.
The chances are this is the cause of your SSHSlow/Delayed Login problems.
The easy solution to SSH Login Problems
Edit /etc/ssh/sshd_config
Add this line to disable r........
Server not using user level security and no password supplied.
tree connect failed: NT_STATUS_WRONG_PASSWORD
That happens when trying to use smbclient to connect to a share. The weird thing is that I can authnenticate just fine from Windows XP.
It is partially my mistake, I forgot this share does have a password. I've tried authenticating with the correct user and also with "Guest" because this works in Windows. In Linux I ........