I have a server (VPS), I only have that one and I would like some system which would enable me to have backup of configuration etc. I found Chef and Ansible. But tbh they seem rather complicated and kind of overkill.
Is it still worth it to learning Chef for managing single server? I could probably get by with bash script and set of patches in git repo.
Did anyone here have same problem?
Every time I accidentally sudo as root and the system tells me that my actions will be reported, I get a little bit nervous, even though I know it only reports to me. Just putting it out there.
Anyone here know where I can find some discounted rate for these two tests? Any info appreciated.
Trying to make redirection/rewriting/proxying in lighttpd running on debian jessie.
Ideally it would work like this:
Typed URL : mysupersite.onion/page And the requests will go to : mysupersite.onion:9000/page
I have tried the following 'modproxy' approach.
$HTTP["url"] =~ "^/page/" { proxy.server = ( "" => ( ( "host" => "127.0.0.1", "port" => 3001 ) ) ) } This works, but subsequent GET requests made by the application on port 9000 are going to a different port
This is really not my domain, and I am unsure if this is the proxying that causes the issue or something inside the application.
I also tried mod_rewrite , but without success.
Basically I just want requests going to a particular page to be 'forwarded' to a service running on a different port.
Any suggestions welcome..
Thanks
OK, so this is a weird one for me. I am running Ubuntu 16.10, Upon install it was unable to complete the software packages install portion (Nearly 3/4 of the way down the list) so I skip it and move on to the next step (Which deals with GRUB).
After install completes I am able to log in. However unable to do sudo apt-get updates. I find out why (And it's the same reason it failed at getting software updates). It doesn't pull an IP from my DHCP server.
The above statement isn't 100% accurate. You see it pulls an IP from my DHCP server that is dolling out IP's for VLAN 1. This doesn't help though because VLAN 1 doesn't have Internet access. This prompted me tho to disable the DHCP server on VLAN 1, then I rebooted Ubuntu to see if it would now pull from the VLAN20 DHCP server, NOPE, this time it pulls nothing since I've disabled VLAN 1's DHCP.
What I did to test that everything other than the Ubuntu box is working properly is, I plugged a Windows box into the same port as the Ubuntu Box, turned it on, and VOILA it obtained an IP from my VLAN 20 DHCP server. This tells me the Port on my switch is configured correctly, and my DHCP server is functioning properly. So why isn't Ubuntu?
So I looked at the Interface in Ubuntu and noticed something called a qlen which was set to 1 and a qlen that was set to 1000.
The interface whos qlen is set to 1 is on the lo interface and the other interface enp6s0 is set to 1000. I am assuming qlen = VLAN in the Ubuntu world.
I am also assuming enp6s0 is Ubuntus new naming convention for ethX interfaces. Well since lo is for loopback I am focusing on enp6s0. That being said, how would I go about changing qlen 1000 to qlen20. Further more, how would I change qlen 1000 to qlen 20 in the install files so in the future it won't fail at the software package install portion?
Any other ideas? Brand new installs of Debian, CentOS, and Ubuntu have all been attempted. The system starts booting, giving glorious text output (none of the installs included a DE, text-mode only desired). Gets past initrd, systemd starts doing its thing, and bam, the monitor goes to sleep. The kernel apparently no longer respects the "nomodeset" command, and forces a completely unusable resolution no matter what parameters you supply via editing the kernel's commandline. I can get various other nice modes, e.g. vga=795 gives a nice 1280x1024 text console during init, but again the kernel kicks in and forces a broken resolution. Is there no longer a simple way to tell the kernel, "No, do not do anything with my text console, I want the biggest, ugliest, most basic console possible"? A system with no console has no usability :\
Have tried 'systemd.unit=rescue.target' on a whim as well, but still, the kernel kills the console and nothing can be done except to type blindly and issue the 'poweroff' command.
How do you Linux Admins handle emails when the provider is 365? Just use OWA? Is there some new software client that will work with Exch Online these days? If using OWA how do you deal with the annoying timeouts and having to re-authenticate all the time?
Hi all.
We're running into a minor headache with how EL7 has set up their krsb5 handling nfs..
it seems that rpc.gssd wants to use principals in the following order: (from man page)
<HOSTNAME>$@<REALM> root/<hostname>@<REALM> nfs/<hostname>@<REALM> host/<hostname>@<REALM> root/<anyname>@<REALM> nfs/<anyname>@<REALM> host/<anyname>@<REALM> While our keytab does have the hostname$@REALM entry in it, to get NFS to work, we need the host/fqdn@REALM principle to be used.
Have confirmed it with removing the hostname$@REALM entries from the keytab, it's a hackish way around this.
We use adcli for joining to the domain and keytab creation.
Keytab name: FILE:/etc/krb5.keytab KVNO Principal ---- -------------------------------------------------------------------------- 3 hostname$@REALM 3 hostname$@REALM 3 hostname$@REALM 3 hostname$@REALM 3 hostname$@REALM 3 host/hostname.domain@REALM 3 host/hostname.domain@REALM 3 host/hostname.domain@REALM 3 host/hostname.domain@REALM 3 host/hostname.domain@REALM 3 host/hostname@REALM 3 host/hostname@REALM 3 host/hostname@REALM 3 host/hostname@REALM 3 host/hostname@REALM What we're after is the host/hostname.domain (aka fqdn)@REALM
Hello,
So I have a few questions for any of you with mysql experience.
At one point, I had to expand the iscsi drive of a mysql database and in order to do so, I had to kill a stuck mysql process (I thought I gave it plenty of time to cleanly shutdown).
Now its writing a lot of errors to the log file and causing the file it fill up over time:
InnoDB: Error: page 9 log sequence number 2249 2214230814 InnoDB: is in the future! Current system log sequence number 1899 202139938. InnoDB: Your database may be corrupt or you may have copied the InnoDB InnoDB: tablespace but not the InnoDB log files. See InnoDB: http://dev.mysql.com/doc/refman/5.0/en/forcing-recovery.html InnoDB: for more information.
Now, I tried to remove ib_logfile0/1 and start it up again.. however the database started acting up. Twice that day, it had a hiccup and the process got stuck(wasn't doing anything at all). Restarting the server seemed to fix it from getting stuck.. however I didn't delete the log files again before I restarted it.
Now its still outputting the errors. I will try deleting the logfiles one more time to see if that will fix the situation, however if it doesn't.. what steps do I have remaining?
I see the below process online, is this the only way to fix the issue? I have limited periods of 'downtime' when I can actually work on the database. When in recovery mode, does the database still server content?
http://blackbird.si/mysql-corrupted-innodb-tables-recovery-step-by-step-guide/
Thanks,
It's been ages since I monkeyed with something like this. I'm 95% there but I'm hung up on the math at the end. Here's the basics.
I'm starting here:
grep eth0 /proc/net/dev|awk '{print $2, $10}'
That gives me this for rx and tx on the eth0 device:
10636188093 7027677683
What I'm after is an aggregated number in total Mbps for both sides of the interface, so a per-second metering for an experiment. "How much total traffic is pushing in/out of this host?"
I'm basically doing this:
That final integrated value, if converted right, should give me a relatively legitimate Mbps value. What's the right formula there?
This is where I'm down to; the rest works perfect:
awk '{ foo = $1 / 1024 / 1024; print foo " Mbps" }'
That final processed "last second byte value" is foo = $1.
Then I was throwing $1 / 1024 / 1024 for generating the Mbps value, but now upon further review online I'm seeing conflicting arguments and standards on this, and my memory is probably quite outdated.
I know the numbers will be semi-hinky as I'm metering both sides of the NIC, so the "Mbps" value can exceed actual possible line speeds on the NIC (e.g., a 1gb card could show up to 2.0 Mbps, a 10gb card can show up to 20.0 Mbps, etc.).
What should I be dividing that processed next-to-final byte value against for the most accurate Mbps counter? $value/1024/1024? $value/1024/1000? $value/1000000?
I think I need 1024/1024 but I wanted a sanity check.
So I setup client <https> reverse proxy <http> webhost. Below is my server block in my nginx conf:
server { #listen 80; listen 443 ssl; server_name dokuwiki.test-env.com; ssl_certificate /etc/pki/tls/certs/localhost.crt; ssl_certificate_key /etc/pki/tls/private/localhost.key; location / { proxy_set_header Host $host; proxy_pass http://web1.test-env.com:8002; } } So with that I can view https://dokuwiki.test-env.com just fine, but let's say if I were to make any changes, like edit the wiki and click save or cancel, it will try to redirect it to the http version of the content cuasing it to go to 502 Bad Gateway. How can get around this dilemma? I don't want to do client <http> reverse proxy <https> webserver.
We need to have LDAP authentication proxy data from a SQL database (mysql/postgres, dont care) for things that require LDAP auth and don't support SQL. (Web tools, routers/nix/etc).
So we've been banging the setup around for awhile (one of our hires was suppose to set this up recently and still hasn't) and I'm wondering just how difficult it is.
I've been trying to find some documentation/walk thrus on the topics but not really found anything good. Can someone suggest a good site/link for such a topic? Other suggestions?
I've got some baseline experience dealing with LDAP but the proxy documentation (for the various versions) seems pretty... obscure.
Hello!
We have some old computers using CentOS 5. I'm having trouble getting my tftp client to accept transfers from the server. When I stop iptables on the client, the transfers work successfully. I've been trying to input the correct rules into /etc/sysconfig/iptables but have not been able to find the correct combo of rules. I wrote both of these lines into my client iptables (ip addresses are private):
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp -s 10.0.0.0/16 --dport 69 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 10.0.0.0/16 --dport 69 -j ACCEPT However, these rules have not helped me get transfers between my client and server. With these rules on, I get a tftp transfer timeout error. My /var/log/messages on the server get a bunch of error messages:
Nov 2 12:33:38 server in.tftpd[14315]: tftpd: read(ack): No route to host Nov 2 12:33:43 server in.tftpd[14316]: tftpd: read(ack): No route to host Nov 2 12:33:48 server in.tftpd[14317]: tftpd: read(ack): No route to host Nov 2 12:33:53 server in.tftpd[14318]: tftpd: read(ack): No route to host Nov 2 12:33:58 server in.tftpd[14319]: tftpd: read(ack): No route to host This is the ip address of my tftp server:
[root@server ~]# /sbin/ifconfig | grep "inet addr" inet addr:10.0.100.102 Bcast:10.0.255.255 Mask:255.255.0.0 inet addr:10.100.100.102 Bcast:10.100.255.255 Mask:255.255.0.0 inet addr:127.0.0.1 Mask:255.0.0.0 Would anyone know the correct rules to input into the iptables? I started learning linux on RedHat7 so seeing CentOS 5 has been a trip for me at work.
Thanks in advance!
So I've been seeing these errors in the kernel log for a long time now, they seem to happen roughly every half-hour to an hour. Data seems fine, I'm not seeing any corruption, but obviously the messages indicate there's clearly an issue as it's having to reset the SATA interface constantly because it appears to be "frozen". It also resets so quickly that I don't notice it happening.
The relevant set (which appears every time this happens) is:
[Wed Nov 2 13:11:21 2016] ata2: exception Emask 0x50 SAct 0x0 SErr 0x4090800 action 0xe frozen [Wed Nov 2 13:11:21 2016] ata2: irq_stat 0x00400040, connection status changed [Wed Nov 2 13:11:21 2016] ata2: SError: { HostInt PHYRdyChg 10B8B DevExch } [Wed Nov 2 13:11:21 2016] ata2: hard resetting link [Wed Nov 2 13:11:21 2016] ata5: exception Emask 0x50 SAct 0x0 SErr 0x4090800 action 0xe frozen [Wed Nov 2 13:11:21 2016] ata5: irq_stat 0x00400040, connection status changed [Wed Nov 2 13:11:21 2016] ata5: SError: { HostInt PHYRdyChg 10B8B DevExch } [Wed Nov 2 13:11:21 2016] ata5: hard resetting link [Wed Nov 2 13:11:22 2016] ata2: SATA link up 6.0 Gbps (SStatus 133 SControl 300) [Wed Nov 2 13:11:22 2016] ata5: SATA link up 6.0 Gbps (SStatus 133 SControl 300) [Wed Nov 2 13:11:22 2016] ata5.00: ACPI cmd ef/10:06:00:00:00:00 (SET FEATURES) succeeded [Wed Nov 2 13:11:22 2016] ata5.00: ACPI cmd f5/00:00:00:00:00:00 (SECURITY FREEZE LOCK) filtered out [Wed Nov 2 13:11:22 2016] ata5.00: ACPI cmd b1/c1:00:00:00:00:00 (DEVICE CONFIGURATION OVERLAY) filtered out [Wed Nov 2 13:11:22 2016] ata5.00: ACPI cmd ef/10:06:00:00:00:00 (SET FEATURES) succeeded [Wed Nov 2 13:11:22 2016] ata5.00: ACPI cmd f5/00:00:00:00:00:00 (SECURITY FREEZE LOCK) filtered out [Wed Nov 2 13:11:22 2016] ata5.00: ACPI cmd b1/c1:00:00:00:00:00 (DEVICE CONFIGURATION OVERLAY) filtered out [Wed Nov 2 13:11:22 2016] ata5.00: configured for UDMA/133 [Wed Nov 2 13:11:22 2016] ata5: EH complete [Wed Nov 2 13:11:22 2016] ata2.00: configured for UDMA/133 [Wed Nov 2 13:11:22 2016] ata2: EH complete ATA2 is a 4TB 2.5" drive, I've replaced the cable with no change in behaviour. ATA5 is an M.2 SSD, so obviously that doesn't even use a cable. My thoughts were that if it's one of the drives specifically, it would be having issues echoed out for that particular drive, not both simultaneously every time.
For reference: link_power_management_policy is set to max_performance on all interfaces, the motherboard is an ASRock Z97E-ITX running its latest (2.10) BIOS. "acpi=off" and "noapic" doesn't seem to help. Neither does disabling NCQ via the kernel boot line.
Any ideas what's going on here? Actual hardware fault or something wonky in the kernel / BIOS?
I have a server running Windows Server 2003 and I have to adapt the client’s machines from Windows XP to a custom Ubuntu distribution.
Aside from the server, I have a printer and two users, A and B. On the Windows machine, User A would send a document to print and that job would be held until User B accepted it, or rejected if this user refused it.
This functionality was given by the printer manufacturer’s drivers, but is not present in any of the drivers available for Linux. I’ve been looking into CUPS, since I was told by colleagues it was a very powerful tool, but I can’t find a way to replicate the old functionality with CUPS.
User A is able to send a print job to the printer, but I’m incapable of asking for User B’s interaction. Is it possible or should I look into something else?
I'm currently fiddling around with Apache's revers proxy it works... sort of.
I want my CouchPotato to be available on 192.168.2.1/couchpotato, while it is running on 192.168.2.2:5050. It works but whenever I press a navigation button to go to for example my wanted movies it goes to 192.168.2.1/movies/wanted/ which doesn't work.
Relevant part of config:
ProxyPass /couchpotato http://192.168.2.2:5050 ProxyPassReverse /couchpotato http://192.168.2.2:5050 How do I fix this?
Oh and while I'm here, what is the difference between "ProxyPass" and "ProxyPassReverse"?