Quantcast
Channel: linuxadmin: Expanding Linux SysAdmin knowledge
Viewing all 17763 articles
Browse latest View live

mounting on /mnt , doent give me access to that mount point

September 29, 2017, 10:36 pm
$
0
0 
$ ls -l /mnt total 20 drwxr-xr-x 5 root root 4096 Sep 30 10:33 ./ drwxr-xr-x 17 root root 4096 Sep 29 19:17 ../ drwxr-xr-x 2 root root 4096 Sep 30 10:33 driveC/ drwxr-xr-x 2 root root 4096 Sep 30 10:33 driveD/ drwxr-xr-x 2 root root 4096 Sep 30 10:33 driveE/ $sudo mount /dev/sda6 /mnt/driveE $ ls -l /mnt total 20 drwxr-xr-x 5 root root 4096 Sep 30 10:33 ./ drwxr-xr-x 17 root root 4096 Sep 29 19:17 ../ drwxr-xr-x 2 root root 4096 Sep 30 10:33 driveC/ drwxr-xr-x 2 root root 4096 Sep 30 10:33 driveD/ drwx------ 1 root root 4096 Sep 29 18:27 driveE $ cd driveE/ cd: Permission denied: “./driveE/"

as a normal user doesnt give me access to it. but before i did a fresh installation of my system, it wasnt not a problem !! something is missing this time!! please help. i did tried to change the chown to me but still the same problem

submitted by /u/narutoaerowindy
[link] [comments]
Search

How do you backup letsencrypt private keys?

September 29, 2017, 2:12 pm

FreeIPA is ruining my weekend

September 30, 2017, 3:06 am
$
0
0

I know, Fridays should be read only. But I updated my Centos7 FreeIPA server yesterday and now nothing works.

The WEB UI cannot be used, browser says "an internal error has occurred" and httpd error log has "ipa: ERROR: non-public: KeyError: 'ipacertmaprule'". If I try to use the ipa cli commands, I get internal error with "TypeError: 'NoneType' object has no attribute 'getitem'"

Authentication fails on clients (ssh or console), giving the dreaded "System Error" in /var/log/secure, leaving no visible hints in any of SSSD or krb5client logs. I can however do kinit admin or kinit <user> correctly and roll ipa-client-install on new clients. But the user authentication does not work on new or old clients. I'm testing with Fedora 26 that has ipa-client 4.4.4 and Centos7 / 4.5.0, both fail in similar manner.

ipaupgrade.log has no errors. ipactl shows all services running. If I use an older backup that has 4.4.4 installed, it works. But the upgrade to 4.5.0 will break it always in the same way. I have tried googling and found that 4.5.0 has cert-mapping and pkinit as new features, so either of them might break the upgrade in some way.

Fortunately this is not a production system but my homelab, but I'd still like to know what is going on as I can't stay forever in version 4.4.4. I'd gladly hear any tips on what I'm doing wrong or what is happening to the upgrade. This is starting to become the last straw that makes me move back to OpenLDAP or some other centralized auth.

submitted by /u/TechnoPenguin_
[link] [comments]

Sacred of losing Linux Command Line skills.

September 30, 2017, 8:58 am
$
0
0

Hey everbody, I'm a Junior Linux Admin at my current job and I've become extremely proficient at using the command line and scripting. I've even build a HA OpenStack environment with no single point of failure for my company. I just got offered a high paying job im a windows enviroment, which I took. I'm afraid I'll have a hard time finding creative ways to challenge myself and continue to cultivate my CLI skills outside a work environment. Any thoughts?

submitted by /u/CanadianNinja49
[link] [comments]

[Help] could someone tell me how to correct iptables rules.

October 1, 2017, 4:00 pm

How to duplicate UDP stream in CentOS 7 / firewalld?

October 1, 2017, 6:22 pm
$
0
0

I am receiving a UDP stream to a server that I would like to duplicate to another. It looks like there was a way to do this in iptables with a 'TEE' option, but wondering if there is a way to do this with the default firewalld.

Also open to other options. Ideally would be something that could leave the original stream in place and just 'sniff' it, and send on the copy. Looked a bit at: https://github.com/sleinen/samplicator but looks like that will bind to the port I use, and if it goes down, my data stream will also stop.

submitted by /u/beer_and_unix
[link] [comments]

​Serious Linux kernel security bug fixed

October 2, 2017, 7:04 am

Graphing top batch output to Excel

October 2, 2017, 10:31 am
$
0
0

Hello all. As part of our endeavor to provide as much impact assessment as possible regarding BigFix's client being ran against a test machine, I'd like to know how I might take the data and "prettify" it as a line graph in Excel.

First, the command we used to see what BigFix client is doing: 

while true; do printf "`date` : " >> /var/log/besclient_resourcemonitor.txt; top -bn1 | awk '/BESClient/ {print $9}' >> /var/log/besclient_resourcemonitor.txt ; sleep 20; done

This results in the following output:

Mon Oct 2 11:37:28 CDT 2017 : 3.8 Mon Oct 2 11:37:48 CDT 2017 : 1.9 Mon Oct 2 11:38:09 CDT 2017 : 0.0 Mon Oct 2 11:38:29 CDT 2017 : 3.8 Mon Oct 2 11:38:50 CDT 2017 : 0.0 Mon Oct 2 11:39:10 CDT 2017 : 0.0 Mon Oct 2 11:39:31 CDT 2017 : 3.8 Mon Oct 2 11:39:51 CDT 2017 : 1.9 Mon Oct 2 11:40:12 CDT 2017 : 1.9 Mon Oct 2 11:40:33 CDT 2017 : 1.9 Mon Oct 2 11:40:53 CDT 2017 : 1.9 Mon Oct 2 11:41:14 CDT 2017 : 0.0 Mon Oct 2 11:41:34 CDT 2017 : 3.8 Mon Oct 2 11:41:55 CDT 2017 : 1.9 Mon Oct 2 11:42:15 CDT 2017 : 1.9 Mon Oct 2 11:42:36 CDT 2017 : 1.9 Mon Oct 2 11:42:56 CDT 2017 : 1.9 Mon Oct 2 11:43:17 CDT 2017 : 1.9 Mon Oct 2 11:43:37 CDT 2017 : 0.0 Mon Oct 2 11:43:58 CDT 2017 : 0.0 Mon Oct 2 11:44:19 CDT 2017 : 0.0 Mon Oct 2 11:44:39 CDT 2017 : 1.9 Mon Oct 2 11:45:00 CDT 2017 : 3.8 Mon Oct 2 11:45:20 CDT 2017 : 0.0 Mon Oct 2 11:45:41 CDT 2017 : 1.9 Mon Oct 2 11:46:01 CDT 2017 : 1.9 Mon Oct 2 11:46:22 CDT 2017 : 1.9 Mon Oct 2 11:46:42 CDT 2017 : 1.9 Mon Oct 2 11:47:03 CDT 2017 : 3.8 Mon Oct 2 11:47:24 CDT 2017 : 1.9 Mon Oct 2 11:47:44 CDT 2017 : 3.8 Mon Oct 2 11:48:05 CDT 2017 : 1.9

So, I'd like to keep the date info along with the load value from top when displaying the results in Excel. I've managed to import the data and remove extraneous columns, but kind of at a loss how to proceed from here. Ideally, I'd like to have the Y access contain the time and the X the top output values which is the last column (8). Any/all help would be awesome.

submitted by /u/srvrmrdr
[link] [comments]
Search

autofs config.

October 2, 2017, 10:39 am
$
0
0

Right now i have auto fs set to homedir

auto.master

/home /etc/auto.home

auto.home

* -fstype=nfs4,rw,sec=krb5i fileserver:/data/home/&

I want to change the auto home to /home/<$user>/storage so instead of mounting the whole home dir, the homedir will be local. I tried changing the * to storage or change /home in auto.master to /home/&/storage to no aval.

submitted by /u/juniorsysadmin1
[link] [comments]

Samba+Winbind cannot find certain user IDs?

October 2, 2017, 12:42 pm
$
0
0

I have an Oracle Linux 6.9 server running samba 3.6.23-44.0.1.el6_9 that has been joined to our Active Directory domain(08 R2 functional level) for well over a year, and last week a user reported he could not login. While investigating, I found the following:

wbinfo -i <AD account> returns 'no such user' for this person. If I run this against my own account, it returns fine, along with others I have tested. Group membership does not seem to affect this.

wbinfo -u returns only a limited list of user accounts. The domain has several thousand AD User objects, so something seems off there. GREPing this list does not find the above id either.

wbinfo -g returns a similarly limited list of groups.

net ads status returns all good info. Domain is shown, with correct server information etc.

net ads join -U domainadminaccount@CHILD.DOMAIN.AD returns:

Failed to join domain: failed to lookup DC info for domain 'CHILD.DOMAIN.AD' over rpc: NT_STATUS_CONNECTION_RESET

I've increased my logging level and reviewed /var/log/samba/log.winbindd-idmap, which shows this:

[2017/10/02 11:02:44.411403, 1] winbindd/winbindd_cm.c:927(cm_prepare_connection) cli_negprot failed: NT_STATUS_CONNECTION_RESET [2017/10/02 11:02:44.413149, 5] winbindd/winbindd_dual.c:1084(child_msg_offline) child_msg_offline received for domain CHILD. [2017/10/02 11:02:44.413176, 5] winbindd/winbindd_dual.c:1100(child_msg_offline) child_msg_offline: marking CHILD offline. [2017/10/02 11:03:03.094034, 5] lib/util_sock.c:319(read_fd_with_timeout) read_fd_with_timeout: blocking read. EOF from client. [2017/10/02 11:03:03.094070, 3] winbindd/winbindd_dual.c:61(child_read_request) child_read_request: read_data failed: NT_STATUS_END_OF_FILE

I've confirmed that DNS is healthy, I can nslookup the domain, and no firewalls are in place to disrupt traffic.

At this point, I've even removed it from the domain (net ads leave) and removed the AD object, purged the TDB cache files in /var/lib/samba, and rebooted. When attempting to join, I get the above 'NT_STATUS_CONNECTION_RESET' message.

I'm a little stumped. Any idea what might be causing the CONNECTION RESETs?

submitted by /u/GildMyKarma
[link] [comments]

Configure grub for multiple harddrives

October 2, 2017, 9:03 am
$
0
0

I have two linux installs on two separate hard-drives. One is CentOS6 and the other CentOS7. I've been having a hell of a time getting Grub to recognize both drives on the boot menu. Can anyone point me to some articles/guides?

Having a hell of a time finding something relevant. Thanks!

submitted by /u/Segfaultimus
[link] [comments]

Centrally manage server system mail?

October 2, 2017, 11:35 am
$
0
0

I have about 2 dozen linux servers and I'd like to find a way to centrally manage the local system mail on each server. I know my way around linux but haven't set up email before.

I know I can add my email to ~/.forward and have everything sent to my personal email, but I don't really want that. I'd rather not be alerted at 2 am to be informed that tar stripped the leading slashes. :)

I've also looked at setting up pop3 on each server as a way of retrieving the local mail to my workstation in a separate email client, but haven't been able to get this to work yet (tried solid-pop3d on Debian).

Is there a better way I'm not considering?

submitted by /u/lykwydchykyn
[link] [comments]

What do you do when a script starts to grow out of control?

October 2, 2017, 1:49 pm
$
0
0

A couple of months ago I wrote some small scripts to perform some routine data gathering. Since then, the requirements and number of features have grown more and more, leading me to regret many of my initial design choices.

For those of you that have been in this situation before...

1) What tips do you have for preventing this from happening (other than acquiring extraordinary powers of foresight)?

2) If you find yourself in the situation where this has already happened and you can't go back, how do you fix it? Do you take the time to refactor or even rewrite the script? Or do you just forge ahead and hack it together in whatever way gets you by?

submitted by /u/naive-bison
[link] [comments]

Histogram statistics in MySQL

October 2, 2017, 3:55 pm

Asciinema - Record Terminal Sessions And Share Them On The Web - OSTechNix

October 3, 2017, 7:52 am
Search

Commercial support options for MySQL database

October 3, 2017, 7:53 am
$
0
0

Besides Oracle and Percona, anyone have any recommendations on a commercial MySQL support provider. It's really for CYA.

This alternative provider must be able to support an existing MySQL installation and provide support for either paid or free MySQL installs.

Thanks for the replies!

submitted by /u/dancerjx
[link] [comments]

Have pacemaker monitor a host via Ping, modify configuration file based on result

October 3, 2017, 11:49 am
$
0
0

Hey,

This may be an odd request, and there is likely a much better way then I'm aware of to handle it (so, let me know if you have a better alternative).

So I'm setting up a pacemaker cluster for 2 nginx servers. Basically I have a Virtual IP that floats between them. One server is Primary, while the other is there in the event of a failure.

These servers act as the frontend to our backend application servers (4 in total), and just round robin picks the backend server to serve the website.

Basically what I'm wanting to do is have pacemaker monitor each of the 4 application servers with a ping resource agent, and if the server goes down to update the nginx configuration file, removing the server from the list.

My question is, A) is this possible what I'm wanting to do, or B) is there a better way to do this?

submitted by /u/solteranis
[link] [comments]

The job market is ridiculous

October 3, 2017, 2:31 pm
$
0
0

I think I just about lost it when I saw a Junior Linux Admin position that required 8 years of experience, Python, and knowledge of OpenShift.

Who's coming up with these requirements?

How the hell is someone new supposed to enter the industry? Whatever happened to the concept of training?

No wonder why most of these companies are saying they can't find anybody, and no wonder why employees just leverage their short stint at a company to move on to another company/opportunity.

These people have turned the IT job market into the Wild Wild West lol

submitted by /u/infragold
[link] [comments]

Automated Debian Install not running preseed

October 3, 2017, 1:48 pm
$
0
0

I am trying to troubleshoot an old file created, I don't know how long ago, by the people before me, and I cant for the life of me figure out why it doesn't work. For some reason, the final step as listed below does not run during the installation. The new server being created is supposed to pull the script from another server by URL, but it hangs on applying the late_command part of the preseed. Any reason or guesses as to why this might be the case? Thanks.

Final configuration

d-i preseed/late_command string \

in-target chsh -s /bin/bash ; \

in-target wget -O first_run.sh http://mysecreturl.com/myscript.sh ; \

in-target sh first_run.sh ;

in-target rm first_run.sh ;

d-i finish-install/reboot_in_progress note

d-i hw-detect/load_firmware boolean true

submitted by /u/Sophswag
[link] [comments]

Need guidance on switching from web dev to Linux SysAdmin

October 3, 2017, 10:05 pm
$
0
0

As the title states, I'm currently a web/software developer. I've only been doing this for a little over a year now, but it's not really giving me the enjoyment/satisfaction I am looking for.

I've always been into hardware and tinkering around in the OS. I've built a handful of computers over the years, so I'm familiar with the various hardware. I've been using Linux full time for the past 6 or so months, but I've been dabbling in it for the past few years.

I use the terminal throughout the majority of my day and I've automated some monotonous tasks via BASH, so I've got a fairly decent understanding of that. There's still a lot I need to master though.

Now to my point. I've been trying to figure out what direction to take in my first steps of this new journey. Should I even bother taking the compTIA A+? Is it better to just start with the LPIC-1, LFCS, or RHCSA? As far as networking goes, I have very little experience in that department, so I'm also wondering if these courses cover any of that, or if I should be looking into Net+ or CCENT/CCNA.

I know that's a broad spectrum, but I just want to make sure I have a road map to getting everything I need to get into this field.

I've tried searching for some answers, but the majority of the search results are from current CS students or people who already have their feet wet in a help desk position. I'd be extremely grateful for some feedback on this. I still hold my current job with no intentions on leaving anytime soon, so I have time to get the certs I need.

TL;DR - I'm looking for advice (first steps to take) on switching careers from web/software dev to Linux SysAdmin.

Cheers!

submitted by /u/GRAV3SERKER
[link] [comments]
Viewing all 17763 articles
Browse latest View live
Search