Quantcast
Channel: linuxadmin: Expanding Linux SysAdmin knowledge
Viewing all 17885 articles
Browse latest View live

Xrdp issue fixed but what went wrong?

January 10, 2019, 7:51 am
$
0
0

Hi all,

I'm looking for some insight as to what happened today, I rebooted my server yesterday and I checked xrdp which logged in fine (part of my checks when I reboot so never looked at xrdp for any reason). So today I tried to login to do something in the remote desktop area and I was greeted by password failed message.

Now I have since fixed this issue by adding 2 lines to seaman.ini which seemed to have fixed this problem.

Now looking at it what went wrong for these lines to be added param8=-SecurityTypes param9=None

Any suggestions into this as I feared my server was hacked but since my ssh password was uneffected I'm at a loss

Ubuntu 16.04 Xrdp 0.6.1 (which seems wildly out of date but I reinstalled it today using apt-get install xrdp?) Unsure of the repo

submitted by /u/Graeme89
[link] [comments]
Search

On-Call Nightmares Podcast - Episode 5 with Gremlin CEO Kolton Andrus

January 10, 2019, 8:12 am

Intermittent loss of connectivity on WiFi

January 10, 2019, 2:58 am
$
0
0

Hello,

My Laptop is latest MSI GL63D. It has CPU 8300H & Wireless Adapter Intel Wireless-AC 9462. I am running Linux Mint 19 Tara (kernel 4.15.0-29-generic)

I sometimes just can not access WWW. The browser just keeps loading the page to display it eventually. My speed tests were acting funny only on this machine sometimes. I have 10mbps connection at home (10.100.x.x) as well work (192.168.x.x.)

To cross check things - I ran ping tests for an hour (3600 packets) over a period of few weeks against my GW devices. I am seeing packet loss of 6% to 20% for most of the attempts, if not all for all. Today I am not seeing any packet loss at all. But few days back - It was like 30%.

TL;DR - I am facing intermittent connectivity drop on Wireless - that occurs randomly for some time and it goes away on its own. I am suspecting something wrong WiFi adpater Or Wireless Drivers. (Wireless GW at both points is stable for other devices - so can't blame them ATM). I doubt it can be hardware issue in such new machine. So I am suspecting driver/firmware.

Few outputs -

makrand@mint-gl63:~$ dmesg | grep iwlwifi

[ 4.524608] iwlwifi 0000:00:14.3: enabling device (0000 -> 0002)

[ 4.553544] iwlwifi 0000:00:14.3: loaded firmware version 34.0.0 op_mode iwlmvm

[ 4.569604] iwlwifi 0000:00:14.3: Detected Intel(R Dual Band Wireless AC 9462, REV=0x318)

[ 4.645028] iwlwifi 0000:00:14.3: base HW address: 74:70:fd:c7:af:24

[ 4.692578] iwlwifi 0000:00:14.3 wlo1: renamed from wlan0

[ 7.392239] iwlwifi 0000:00:14.3: Conflict between TLV & NVM regarding enabling LAR (TLV = enabled NVM =disabled)

[ 131.979381] iwlwifi 0000:00:14.3: Conflict between TLV & NVM regarding enabling LAR (TLV = enabled NVM =disabled)

makrand@mint-gl63:/lib/firmware$ ls -l iwlwifi-9*

-rw-r--r-- 1 root root 2632620 Apr 24 2018 iwlwifi-9000-pu-b0-jf-b0-33.ucode

-rw-r--r-- 1 root root 2677620 May 18 2018 iwlwifi-9000-pu-b0-jf-b0-34.ucode

-rw-r--r-- 1 root root 2520568 May 18 2018 iwlwifi-9000-pu-b0-jf-b0-38.ucode

-rw-r--r-- 1 root root 2637216 Apr 24 2018 iwlwifi-9260-th-b0-jf-b0-33.ucode

-rw-r--r-- 1 root root 2677772 May 18 2018 iwlwifi-9260-th-b0-jf-b0-34.ucode

-rw-r--r-- 1 root root 2521412 May 18 2018 iwlwifi-9260-th-b0-jf-b0-38.ucode

makrand@mint-gl63:~$ sudo lshw -C network | grep -B 1 -A 12 'Wireless interface'

*-network

description: Wireless interface

product: Wireless-AC 9560 [Jefferson Peak]

vendor: Intel Corporation

physical id: 14.3

bus info: pci@0000:00:14.3

logical name: wlo1

This Intel Page says Kernel 4.14+ do support my wireless adapter. So I doubt upgrading kernel will help, as I have 4.15.

Anyone here is facing similar issue? Particularly with this card over mint or any other distro. I read few posts around looks like new Intel wireless cards are bit shaky with Linux. Any suggestion is much appreciated.

Here is output of my ping tests ran in past - https://pastebin.com/raw/9Y0tKZrL

submitted by /u/marathi_manus
[link] [comments]

Problem with offline repository

January 10, 2019, 5:36 am
$
0
0

Hi!, Im running ubuntu 16 and I have an offline repository. On the online part, y use apt-mirror to download the files, then i copy them to the offline repository on a windows machine with IIS server, and update sources.list on destination machine to match the new web path for the repositories.

But when i do apt-get update, i get an "The repository ... doesn not have a release file" And "Can update a repository like this safely"

On the repository, inside mirror/archive.ubuntu/ubuntu/dists/xenial are the release files, same as xenia-security and xenial-update.

What can be the problem??

Some way to update without them?

Thanks!

submitted by /u/YellowMimic
[link] [comments]

Using rsyslog queues

January 10, 2019, 4:01 am
$
0
0

Anyone have experience with rsyslog queues when sending over TCP? I've been reading here but was hoping someone could confirm behaviour?

If I set:

QueueSize 500000 # ~256MB QueueHighWatermark 300000 # Write to disk after this size QueueLowWatermark 100000 # Resume in memory queue QueueDiscardMark 400000 # Start throwing away messages QueueDiscardSeverity 3 # Discard Warnings and less QueueMaxDiskSpace 1gb # Disk queue size limit

What would happen if the disk queue reached 1gb? Would rsyslog start to discard all messages under my severity level of 3 once the in-mem queue hits 400,000? Leaving room in the in-memory queue for 100,000 messages with a higher priority? But ultimately allowing rsyslog to remain responsive.. (at least until that fills)?

I'm trying to avoid the situation of an unresponsive system, should the rsyslog server become unavailable for an extended period of time..

submitted by /u/bippity12
[link] [comments]

Remastering an ISO

January 10, 2019, 3:22 pm
$
0
0

Question:

I've been messing around and remastering an Ubuntu 18.04 Desktop ISO image and it's been a success. I've written a preseed to automate the installation and I've unsquashed the filesystem and made my personal changes in a chroot environment. The question I have is, are there any thorough documentation site that explains what is exactly happening when the ISO is installing on to my machine and I mean thorough like kernel level thorough. I'm googling around but keep getting sent to these "How to install Linux" articles. I want to completely understand how the bootable USB installation works.

submitted by /u/CanadianNinja49
[link] [comments]

PowerDNS "pdns_recursor"

January 11, 2019, 4:32 am
$
0
0

Hello eveyone,

I ve been tasked to deploy a new NS server for our compnay as the ones we have now are old versions of powerDNS and they do not work properly.

So as I am not familiar with the DNS servers, I'de like to see if I can have some help here. After installing and configuring powerDNS version 4.1 on a Centos 7 server, the pdns recursor doesn't work properly. When I reguest to resolve a domain from my new DNS server using the localhost it does work fine. So all good here. The problem starts when I need to resolve a domain which is not hosted on my DNS server and it has to use the recursor to ask the other DNS server. In that se I have 0 answers.

The error I see on the log is the following :

pdns_recursor[1548]: Failed to update . records, got an exception: Too much time waiting for...5msec

pdns_recursor[1548]: Failed to update . records, RCODE=-1

Also this the output when I dig a domain using my powerDNS server

google.com @localhost

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 30811

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 4096

;; QUESTION SECTION:

;google.com. IN A

;; Query time: 0 msec

;; SERVER: 127.0.0.1#53(127.0.0.1))

;; WHEN: Fri Jan 11 12:29:34 GMT 2019

;; MSG SIZE rcvd: 39

So It does ask but it never receives a reply. No firewall rules have been applied

powerDNS doco is not the greatest for these issues.

Many Thanks in advance

submitted by /u/nickmavrou
[link] [comments]

Help required emc powerpath

January 11, 2019, 4:37 am
Search

PowerDNS pdns_recursor

January 11, 2019, 5:55 am
$
0
0

Hello all,

I have been tasked to deploy a new powerDNS server for the company I work to as the the current ones we have are not working properly and they are quite old. So the new one that I installed on a centos 7 machine is the powerDNS 4.1 version.

I am not really familiar with configuring DNS servers so I did come across with an issue with pdns_recursor. Before I start explaining about the issue I have to see that the Authoritative Server of the DNS works fine. So I have added a domain to my DNS table and when I query that domain using as DNS my new DNS server it does work fine.

The issue starts when I'd like to query a domain which is not in my DNS table, ex. google.com using as DNS my new DNS. It seems that the server does send the query but never gets the answer. So I assume that my new DNS server sends the query to a Master DNS which I do not which one is as on powerDNS the version 4.1 you do not have that visibility. Unless I do not where to check. It seems that the master DNS does not reply to my DNS.

From the logs I do see that error message:

pdns_recursor[1548]: Failed to update . records, got an exception: Too much time waiting for...5msec

pdns_recursor[1548]: Failed to update . records, RCODE=-1

Not sure what it is for.

Also below is the output when I dig google.com from my new DNS server.

dig google.com @localhost

; <<>> DiG 9.9.4-RedHat-9.9.4-72.el7 <<>> google.com @localhost

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 30811

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 4096

;; QUESTION SECTION:

;google.com. IN A

;; Query time: 0 msec

;; SERVER: 127.0.0.1#53(127.0.0.1))

;; WHEN: Fri Jan 11 12:29:34 GMT 2019

;; MSG SIZE rcvd: 39

PowerDNS doco is not the greatest regarding these issues. I would really appreciate if someone could give some light here.

Many Thanks in advance

submitted by /u/nickmavrou
[link] [comments]

Linux Distribution for Windows Domains?

January 10, 2019, 7:27 pm
$
0
0

Any insight into a distribution built with this in mind and has a preconfigured environment that just needs to be setup? I am pushing the case for Linux VDI in my org and need to get a pilot up. Has anyone done this before and has a set of notes or steps they can pass along?

I have found a lot of articles with different steps in each article.

submitted by /u/Pantheonofoak
[link] [comments]

systemd-journald has three new CVEs to be used to gain root shell

January 10, 2019, 12:33 pm

Iptables question

January 11, 2019, 1:27 am

IDM/IPA question on limiting permissions

January 11, 2019, 1:07 pm
$
0
0

Is there any way through permissions to keep members of a certain group from being added to something like a sudo rule or HBAC rule.

For Example, I don't want to allow any server in GroupA from being added to a sudo rule.

submitted by /u/giddydog
[link] [comments]

New Linux Systemd security holes uncovered

January 12, 2019, 4:49 am

What Options Should I Use for NFS Mounting in FSTAB?

January 11, 2019, 10:52 pm
$
0
0

I started using NFS on my Debian server and I fee like I should be using something specific to NFS in regards to the <options> , <dump> , <pass> parameters.
I was just making sure I could access my NFS server which worked fine from the client but can someone please help me in some recommendations on what I should be using for the above?

fs1:/volume1/plex /mnt/plex nfs4 defaults 0 0 fs1:/volume1/data /mnt/data nfs4 defaults 0 0 fs1:/volume1/backups /var/lib/postgresql/backups nfs4 defaults 0 0

submitted by /u/cachedrive
[link] [comments]
Search

80+ .gov SSL/TLS Certificates have expired during the shutdown Read more at: https://www.thesslstore.com/blog/80-gov-ssl-tls-certificates-have-expired-during-the-shutdown/

January 12, 2019, 5:19 am

Lpic 1 pearson vue question

January 12, 2019, 6:27 am
$
0
0

Hello everybody,

first I apologize for my english which is not perfect.

I recently did the Comptia A+ and Comptia Server + certifikate in a pearson vue testcenter an the company I work for paid them.

Now I am thinking about getting a new job as a linux administrator and want to take the LPic-1 (101-102) exam.

I started to study using a book and building a test environment with Vm's, my problem is that i have to pay the exam fee by myself.

https://wsr.pearsonvue.com/vouchers/pricelist/lpi.asp

When I look at the pearson vue page, one thing seems strange to me:

"There is a minimum requirement of ten (10) vouchers per order."

Has anyone taken the exam at his own cost and can tell me how this works?

I can't imagine that you are not able to order less than 10 voucher codes.

Thank you

submitted by /u/PropanMeister
[link] [comments]

Hacking power on F5 lbs

January 12, 2019, 5:53 pm

Lighttpd no SSL not compiled - recompile?

January 13, 2019, 9:47 am
$
0
0

I'm running HAProxy on Centos7 with SNAPT for the GUI. Apparently Snapt's default install doesn't include SSL support with Lighttpd which is their included web-browser. How can I recompile the install to add support? Whenver I add the SSL modules into the config, the process refuses to start.

submitted by /u/projects67
[link] [comments]

Guide to understand what's going on in your DB and where to look for tuning it

January 13, 2019, 4:09 am
Viewing all 17885 articles
Browse latest View live
Search