Recent Questions - Server Fault

---

• Windows AD OU Block (Read/List) Objects from other OU
• ESXi esxcli Error: Unknown command or namespace vm process kill –t=soft –w=67909
• GITLAB AZURE PORTAL DEPLOYMENT
• Overlapping certificates
• how to change user privileges from 'Y' to 'N' im mysql Server?
• What happens if you make a mistake when you change the authoritative nameservers for a domain?
• Unable to open PHP script files, even though I own them and have permissions
• EC2 instance doesn't show up in AWS Systems Manager
• Windows OpenVPN client 3.2.3 can only ping using FQDN. While OpenVPN client 2.5.1 can ping by both hostname and by FQDN
• enough free pages but high number of major page faults and page reclaims
• SSH hanging after sending env LANG, only on one computer on network
• Nameserver invalid warning
• Debian: LVM cache pool slows down WD Red HDD to 12 MB/s (no RAID)
• How to install snapd on Oracle Linux 7.9
• How do production web applications make backups? [closed]
• How to create an ansible-vault file from a task
• How do I Pipe in Skip or Overwrite All when running the following bat?
• zabbix agent vs agent2
• NFS server daemon fails to start at boot
• rewrite URL in htaccess and remove everything but parameter
• Error using mod_jk in httpd: undefined symbol: ap_get_server_version
• MySQL [ERROR] Can't start server: can't create PID file: No such fie or directory
• Apache: Request exceeded the limit of 10 internal redirects due to probable configuration error - WooCommerce
• Openvas ldap authentication configuration
• How to configure nDPI for iptables
• mod_security2.so: undefined symbol: ap_unixd_set_gl
• Samba share, local group, AD users
• svn: Too many arguments to import command
• Automating ssh-copy-id
• Exchange 2010 add mailbox server to DAG error

Windows AD OU Block (Read/List) Objects from other OU Posted: 17 Apr 2021 07:38 PM PDT I have a Root OU that has an OU called "Clients" and under I have multiple OU's and the client's PC's/User Accounts in sub-OU's. The issue is, my clients can see other groups' user accounts/computers and need to prevent this as if they're on completely different machines and not under the same Domain. I am guessing I have to go make Deny rules for every single OU Group about every Client OU Group? Currently, they can search AD for users and see other clients (not within a said company). Any thoughts on how to do it and potentially with Powershell or just in general?

ESXi esxcli Error: Unknown command or namespace vm process kill –t=soft –w=67909 Posted: 17 Apr 2021 07:32 PM PDT I'm running ESXi 6.5 embedded host client. When i ssh into the system I can run esxcli vm process list and get the expected output: testserver1 World ID: 67909 Process ID: 0 VMX Cartel ID: 67908 UUID: someuuid Display Name: testserver1 Config File: /vmfs/volumes/somelocation/testserver1/testserver1.vmx But if i run esxcli vm process kill –t=soft –w=67909 I get the error Error: Unknown command or namespace vm process kill –t=soft –w=67909 To confirm i'm running the correct command, i ran esxcli vm process kill -help and get Error: Invalid option -h Usage: esxcli vm process kill [cmd options] Description: kill Used to forcibly kill Virtual Machines that are stuck and not responding to normal stop operations. Cmd options: -t|--type=<str> The type of kill operation to attempt. There are three types of VM kills that can be attempted: [soft, hard, force]. Users should always attempt 'soft' kills first, which will give the VMX process a chance to shutdown cleanly (like kill or kill -SIGTERM). If that does not work move to 'hard' kills which will shutdown the process immediately (like kill -9 or kill -SIGKILL). 'force' should be used as a last resort attempt to kill the VM. If all three fail then a reboot is required. (required) -w|--world-id=<long> The World ID of the Virtual Machine to kill. This can be obtained from the 'vm process list' command (required) Can you see anything i'm doing wrong that might be preventing this command from working? I realize there's vim-cmd alternative in docs but i'm trying to figure out why the first option from the docs is responding like it's not even a valid command.

GITLAB AZURE PORTAL DEPLOYMENT Posted: 17 Apr 2021 07:25 PM PDT Before the update on Microsoft Azure deployment Center i can connect my gitlab repository and the portal successfully fetched the commits. But after the update i cannot deploy my gitlab repository to the Azure portal the same way. Does anyone know how to fix this? Image for reference. Thanks! LOGS SHOWS

Overlapping certificates Posted: 17 Apr 2021 06:58 PM PDT I came across two hosts which have overlapping certificates: host 1: www.redacted.com CN = *.redacted.com AltNames = {*.redacted.com, redacted.com} host 2: foo.redacted.com CN = foo.redacted.com AltNames = {foo.redacted.com} My problem is with caching. In my own proxy I cache the first certificate for both *.redacted.com and redacted.com, but then, when I visit the second host, I reuse the first certificate because *.redacted.com matches foo.redacted.com. I can easily add a sort of "specificity rule", since foo.redacted.com seems more specific than *.redacted.com, but I'd like to know whether there is such a rule or the two certificates shouldn't overlap.

how to change user privileges from 'Y' to 'N' im mysql Server? Posted: 17 Apr 2021 06:56 PM PDT i want to change a privilege to my glpiuser from 'N' to 'Y' in mysql server what is the command to do this task her's the image that display my users i'm using Ubuntu 20.04.1

What happens if you make a mistake when you change the authoritative nameservers for a domain? Posted: 17 Apr 2021 10:27 PM PDT Say for example during a DNS migration to cloudflare, rather than transfering to "fred.ns.cloudflare.com" you typo'd "ferd.ns.cloudflare.com" or something similar for NS1, and the same kind of thing for NS2. You realise this after the change has propagated, so you can no longer edit DNS on your original DNS host, but cloudflare never receives the domains. Is there a way to recover from that kind of situation / would the transfer fail in the first place or something similar, or would you effectively just lose control of your DNS? -- Not something that's actually happened to me, but something of a potential nightmare scenario that I can't find any information on, which makes me think I may be overly worried about nothing?

Unable to open PHP script files, even though I own them and have permissions Posted: 17 Apr 2021 05:04 PM PDT I'm using RHEL 8, and I have run into a crazy problem. My user account is unable to open PHP files. If I have a file, owned by my user, and readable by my user, and I add <?php as the first line, I'm suddenly unable to open, edit, or view the file, even though I have not otherwise changed my permissions. It tells me: cat: test.txt: Operation not permitted If I look at the file using file, I see the file reported as PHP Script once I add the above line. It doesn't appear to be an SELinux problem, since setenforce 0 doesn't change the behavior, and audit2allow doesn't see anything. It's possible this is happening to all script files, but on this server, I only need to use PHP scripts. Help!

EC2 instance doesn't show up in AWS Systems Manager Posted: 17 Apr 2021 04:26 PM PDT I am trying to create an EC2 instance (Amazon Linux, so I shouldn't have to configure the SSM agent as it should be autoconfigured) in a private subnet, and want to be able to SSH into it. According to this post I have to use AWS Systems Manager for this. I've done quite a bit with codestar/beanstalk before, but now simply want to be able to create and delete everything via the AWS CLI manually for learning purposes. Here are the commands I'm able to run fine (the ec2 instance is created succesfully with my role) aws iam create-role --role-name ec2-role --assume-role-policy-document file://roles/ec2-role.json aws iam attach-role-policy --role-name ec2-role --policy-arn "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore" aws iam create-instance-profile --instance-profile-name ssm-instance-profile-for-ec2-instances aws iam add-role-to-instance-profile --instance-profile-name ssm-instance-profile-for-ec2-instances --role-name ec2-role // Creating the EC2 instance aws ec2 run-instances --image-id ami-0db9040eb3ab74509 --count 1 --instance-type t2.micro --key-name key-pair-for-instance1 --subnet-id <my_valid_subnet_id> --iam-instance-profile Name=ssm-instance-profile-for-ec2-instances I took parts of these commands from this post. My json file for ec2-role: { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "ec2.amazonaws.com"}, "Action": "sts:AssumeRole" } ] } Unfortunately this instance isn't visible in the SSM (Systems Manager): aws ssm describe-instance-information { "InstanceInformationList": [] } I have been following the main documentation on SSM and from what I understand from the page below is that all you would need is the AmazonSSMManagedInstanceCore policy: https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-getting-started-instance-profile.html The web console hasn't been any help so far, according to this page it treats roles and instance-profiles as the same thing. What am I missing here to be able to use the aws ssm command to start an ssh session?

Windows OpenVPN client 3.2.3 can only ping using FQDN. While OpenVPN client 2.5.1 can ping by both hostname and by FQDN Posted: 17 Apr 2021 04:01 PM PDT On my personal computer, I can only ping hostnames using the FQDN when using version 3.2.3 and version 2.7.1. Yet I am able to ping by hostname and by FQDN when using version 2.5.1. However, one of my field co-worker's computer can ping hostnames without using the FQDN when using version 3.2.3. Sadly, they can't ping hostnames without using the FQDN when using version 2.5.1. I didn't try version 2.7.1, since version 3.2.3 worked. Both of these computers are running Windows 10 and fully updated.

enough free pages but high number of major page faults and page reclaims Posted: 17 Apr 2021 03:56 PM PDT We find that for some servers io disk read is very high. We also notice that there are many major page faults on those servers. But we checked the /proc/zoneinfo, there are enough free pages. Here is the content of /proc/zoneinfo: pages free 3913507 min 11333 low 14166 high 16999 scanned 0 spanned 16777216 present 16777216 managed 16507043 nr_free_pages 3913507 We also use "perf" to monitor the event of "mm_filemap_delete_from_page_cache". Here is the result of perf: 7fff81189dd0 __delete_from_page_cache ([kernel.kallsyms]) 7fff8119b771 __remove_mapping ([kernel.kallsyms]) 7fff8119c8e8 shrink_page_list ([kernel.kallsyms]) 7fff8119d45a shrink_inactive_list ([kernel.kallsyms]) 7fff8119df55 shrink_lruvec ([kernel.kallsyms]) 7fff8119e376 shrink_zone ([kernel.kallsyms]) 7fff8119e880 do_try_to_free_pages ([kernel.kallsyms]) 7fff8119ed6c try_to_free_pages ([kernel.kallsyms]) 7fff816ac515 __alloc_pages_slowpath ([kernel.kallsyms]) 7fff811932d5 __alloc_pages_nodemask ([kernel.kallsyms]) 7fff811d7a68 alloc_pages_current ([kernel.kallsyms]) 7fff811e27f5 new_slab ([kernel.kallsyms]) 7fff811e40fc ___slab_alloc ([kernel.kallsyms]) 7fff816adaf1 __slab_alloc ([kernel.kallsyms]) 7fff811e609b kmem_cache_alloc ([kernel.kallsyms]) 7fff812778ed proc_alloc_inode ([kernel.kallsyms]) 7fff812234d0 alloc_inode ([kernel.kallsyms]) 7fff81225771 new_inode_pseudo ([kernel.kallsyms]) 7fff812257d9 new_inode ([kernel.kallsyms]) 7fff8127bc1e proc_pid_make_inode ([kernel.kallsyms]) 7fff812800e5 proc_fd_instantiate ([kernel.kallsyms]) 7fff8127c54c proc_fill_cache ([kernel.kallsyms]) 7fff812802dd proc_readfd_common ([kernel.kallsyms]) 7fff812803f5 proc_readfd ([kernel.kallsyms]) 7fff8121c246 vfs_readdir ([kernel.kallsyms]) 7fff8121c665 sys_getdents ([kernel.kallsyms]) 7fff816c2715 system_call_fastpath ([kernel.kallsyms]) bab95 __getdents64 (/usr/lib64/libc-2.17.so) It seems that os is carrying on page reclaim. But I don't know since there are enough free pages, why could page reclaim ocurr?

SSH hanging after sending env LANG, only on one computer on network Posted: 17 Apr 2021 03:41 PM PDT I'm unable to SSH into a server from one machine on my network. I can successfully SSH using the exact same port, address, user, and ssh key from other machines on my network. When I try to connect, half of my MOTD is printed out and then the connection hangs. I figured it might be an issue with my terminal reading the MOTD, but I've tried several different terminals with the WSL bash shell and the problem is consistent. What could the issue be, or what would be the next step to diagnosing this? The server is running Ubuntu 20.04.2 LTS and OpenSSH 8.2p1 Desired Actual Successful Output debug1: Authentication succeeded (publickey). Authenticated to REDACTED ([REDACTED]:22). debug1: channel 0: new [client-session] debug1: Requesting no-more-sessions@openssh.com debug1: Entering interactive session. debug1: pledge: network debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0 debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 debug1: Sending env LC_TERMINAL = iTerm2 debug1: Sending env LC_TERMINAL_VERSION = 3.3.7 _ _ ___ _ ___ ___ | | ___ _ | | _____ / | '_ \ / _ \ / _ \| |/ / | | |/ _` |/ _ \ \ / / \__ \ |_) | (_) | (_) | <| |_| | (_| | /\ V / |___/ ./ \___/ \___/|_|\_\\__, |\__,_|\___| \_/ |_| |___/ Last login..........: root at Sat Apr 17 18:25 from REDACTED Failure Output debug1: Authentication succeeded (publickey). Authenticated to REDACTED ([REDACTED]:22). debug1: channel 0: new [client-session] debug1: Requesting no-more-sessions@openssh.com debug1: Entering interactive session. debug1: pledge: network debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0 debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 _ _ ___ _ __ ___ ___ | | ___ _ __| | _____ __ / __| '_ \ / _ \ / _ \| |/ / | | |/ _` |/ _ \ \ / / \__ \ |_) | (_) | (_) | <| |_| | (_| | __/\ V /

Nameserver invalid warning Posted: 17 Apr 2021 02:54 PM PDT I made my own nameserver configuration, but as you can see in the picture and the link, I am getting a (hostname) warning. WARNING: At least one of your NS name does not seem a valid host name The ones that do not seem valid: ns2.bo(*).works ns1.bo(*).works Screenshot Hosting provider nameserver IPs: 5.250.241.34 5.250.242.34 My dedicated IP: 5.250.252.52 My DNS Records: Screenshot Domain Provider DNS Settings: Screenshot 1 Screenshot 2 Where am I making a mistake? Do I enter the dedicated IP in the fields? I could not understand! Why am I getting this error? How should it be properly configured?

Debian: LVM cache pool slows down WD Red HDD to 12 MB/s (no RAID) Posted: 17 Apr 2021 03:54 PM PDT I've a brand new WD RED 6 TB HDD (WD50EFAX) in my HP Microserver Gen 8 running Debian 10. I used LVM caching for years, to improve reading performance. Today, I investigated a performance bottleneck when copying large files over SMB. It resulted in a dd test dd if=/dev/zero of=test.xx bs=16M count=100 speedup 12 MB/s Disabling the LVM caching of the WD RED, this value was increased to 120 MB/s which is usual for such HDDs, I guess. The bottleneck occurs after a few hundred MB have been written. My cache size is 10G as you can see below. The HDDs own write cache is disabled hdparm -W0 /dev/sdb I double checked this. So, what could cause the LVM cache to slow down write performance? The cache type is write-through so it should work as pure read cache. $ lvs -a LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert data server-vg Cwi-aoC--- <5,47t [data_cache] [data_corig] 0,01 6,66 0,00 [data_cache] server-vg Cwi---C--- 10,00g 0,01 6,66 0,00 [data_cache_cdata] server-vg Cwi-ao---- 10,00g [data_cache_cmeta] server-vg ewi-ao---- 20,00m [data_corig] server-vg owi-aoC--- <5,47t [lvol0_pmspare] server-vg ewi------- 20,00m root server-vg -wi-ao---- <27,94g swap_1 server-vg -wi-ao----3,96g Does anyone have an idea what could cause this? With my old HDD (2 TB WD red) the performance was quite good. I used thie tutorial (German, sorry) https://www.thomas-krenn.com/de/wiki/LVM_Caching_mit_SSDs_einrichten lvs -o name,cache_policy,cache_settings,chunk_size,cache_used_blocks,cache_dirty_blocks /dev/server-vg/data LV CachePolicy CacheSettings Chunk CacheUsedBlocks CacheDirtyBlocks data smq 64,00k 2 0 P.S. I know my disk uses SMR but I don't use a RAID So I don't think this "bug" could affect me.

How to install snapd on Oracle Linux 7.9 Posted: 17 Apr 2021 02:47 PM PDT I am trying to install snapd on Oracle Linux Server 7.9 On many sites I have seen that it has been advised to install spand as follows sudo yum install epel-release sudo yum -y install snapd But I am not able to install this repo on Oracle Linux (No package epel-release available.) Following repos are available in the system ol7_MySQL80/x86_64 ol7_UEKR6/x86_64 ol7_addons/x86_64 ol7_developer_php74/x86_64 ol7_ksplice ol7_latest/x86_64 ol7_oci_included/x86_64 ol7_optional_latest/x86_64 ol7_software_collections/x86_64 Can someone tell me how to install snapd on Oracle Linux 7.9?

How do production web applications make backups? [closed] Posted: 17 Apr 2021 09:26 PM PDT So, I'm almost finished building my first major production web app, and am wondering how to manage the backup protocol. Cold backups via my hosting control panel seem ideal - but daily downtime sounds awful for UX. Hot backups seem pointless as they cannot be trusted to not be corrupt. My server runs Debian. Is there a way to SSH in and clone the filesystem on my local machine, before encrypting with Veracrypt, before posting it to the moon, as an off-planet backup? (Lol.) I suppose I don't need to backup the entire fs on a daily basis, but definitely Mongodb. What's the easiest way to automate a mongodb backup? Thanks so much for reading :)

How to create an ansible-vault file from a task Posted: 17 Apr 2021 02:52 PM PDT I need to create an ansible-vault file to store credentials in a task in a playbook. This file would be used by another playbook. Is there an internal ansible method/module to accomplish this? I would prefer not to do it invoking shell/command. Any help would be highly appreciated.

How do I Pipe in Skip or Overwrite All when running the following bat? Posted: 17 Apr 2021 02:54 PM PDT How would I Pipe in Skip or Overwrite All (Always) to the following code? NB! the code recursively extracts archives with folders and sub-archives. FOR /D /r %%F in ("*") DO ( pushd %CD% cd %%F FOR %%X in (*.rar *.zip) DO ( "C:\Program Files\7-zip\7z.exe" x "%%X" ) popd ) See below an example of the prompt:

zabbix agent vs agent2 Posted: 17 Apr 2021 10:17 PM PDT I am working on deploying Zabbix in our organization and comparing zabbix agent vs agent2 I found following link which is useful, https://www.zabbix.com/documentation...ent_comparison I just have a couple of questions: For agent2 "Daemonization" is "no". Does it mean agent2 service does not run in background? That does not seem right... Similarly "Drop user privileges" is "no". To me it sounds like the service would run as "root". However on testing, I can see that service is running as "zabbix" user. Also, is there anything else I should know when using agent2? e.g. any limitations, gotchas? Thank you J

NFS server daemon fails to start at boot Posted: 17 Apr 2021 04:47 PM PDT I´m trying to export an external disk, so, I configured my nfs-server service to wait for disk1 to mount, however it fails. This is the situation after boot: $ systemctl status nfs-server.service ● nfs-server.service - NFS server and services Loaded: loaded (/etc/systemd/system/nfs-server.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Sun 2020-04-26 14:46:28 CEST; 3min 7s ago Process: 307 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=1/FAILURE) Process: 312 ExecStopPost=/usr/sbin/exportfs -au (code=exited, status=0/SUCCESS) Process: 314 ExecStopPost=/usr/sbin/exportfs -f (code=exited, status=0/SUCCESS) abr 26 14:46:28 raspberrypi systemd[1]: Starting NFS server and services... abr 26 14:46:28 raspberrypi exportfs[307]: exportfs: Failed to stat /media/pi/disk1: No such file or directory abr 26 14:46:28 raspberrypi systemd[1]: nfs-server.service: Control process exited, code=exited, status=1/FAILURE abr 26 14:46:28 raspberrypi systemd[1]: nfs-server.service: Failed with result 'exit-code'. abr 26 14:46:28 raspberrypi systemd[1]: Failed to start NFS server and services. If I just restart the service it just works smoothly $ sudo systemctl restart nfs-server.service $ systemctl status nfs-server.service ● nfs-server.service - NFS server and services Loaded: loaded (/etc/systemd/system/nfs-server.service; enabled; vendor preset: enabled) Active: active (exited) since Sun 2020-04-26 14:59:51 CEST; 4s ago Process: 943 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=0/SUCCESS) Process: 944 ExecStart=/usr/sbin/rpc.nfsd $RPCNFSDARGS (code=exited, status=0/SUCCESS) Main PID: 944 (code=exited, status=0/SUCCESS) abr 26 14:59:51 raspberrypi systemd[1]: Starting NFS server and services... abr 26 14:59:51 raspberrypi systemd[1]: Started NFS server and services. I configured the service to "Requires" and "After" disk1 mounts, but it didn´t work: # /etc/systemd/system/nfs-server.service [Unit] Description=NFS server and services DefaultDependencies=no Requires=network.target proc-fs-nfsd.mount media-pi-disk1.mount Requires=nfs-mountd.service Wants=rpcbind.socket Wants=nfs-idmapd.service After=local-fs.target media-pi-disk1.mount After=network.target proc-fs-nfsd.mount rpcbind.socket nfs-mountd.service After=nfs-idmapd.service rpc-statd.service Before=rpc-statd-notify.service Extra info requested: $ systemctl status media-pi-disk1.mount ● media-pi-disk1.mount - /media/pi/disk1 Loaded: loaded Active: active (mounted) since Sun 2020-04-26 14:47:34 CEST; 3h 22min ago Where: /media/pi/disk1 What: /dev/sda1 $ egrep -v '^#|^$' /etc/fstab proc /proc proc defaults 0 0 /dev/mmcblk0p8 /boot vfat defaults 0 2 /dev/mmcblk0p9 / $ lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 931,5G 0 disk └─sda1 8:1 0 931,5G 0 part /media/pi/disk1 mmcblk0 179:0 0 29,7G 0 disk ├─mmcblk0p1 179:1 0 2,4G 0 part ├─mmcblk0p2 179:2 0 1K 0 part ├─mmcblk0p5 179:5 0 32M 0 part ├─mmcblk0p6 179:6 0 512M 0 part /media/pi/System ├─mmcblk0p7 179:7 0 12,1G 0 part /media/pi/Storage ├─mmcblk0p8 179:8 0 256M 0 part /boot └─mmcblk0p9 179:9 0 14,5G 0 part / $ mount /dev/mmcblk0p9 on / type ext4 (rw,noatime) devtmpfs on /dev type devtmpfs (rw,relatime,size=217076k,nr_inodes=54269,mode=755) sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime) proc on /proc type proc (rw,relatime) tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev) devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000) tmpfs on /run type tmpfs (rw,nosuid,nodev,mode=755) tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k) tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755) cgroup2 on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate) cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,name=systemd) bpf on /sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,relatime,mode=700) cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory) cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct) cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer) cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices) cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio) cgroup on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls) systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=28,pgrp=1,timeout=0,minproto=5,maxproto=5,direct) debugfs on /sys/kernel/debug type debugfs (rw,relatime) mqueue on /dev/mqueue type mqueue (rw,relatime) sunrpc on /run/rpc_pipefs type rpc_pipefs (rw,relatime) nfsd on /proc/fs/nfsd type nfsd (rw,relatime) configfs on /sys/kernel/config type configfs (rw,relatime) /dev/mmcblk0p8 on /boot type vfat (rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,errors=remount-ro) tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=44280k,mode=700,uid=1000,gid=1000) gvfsd-fuse on /run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=1000) fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime) /dev/sda1 on /media/pi/disk1 type ext4 (rw,nosuid,nodev,relatime,uhelper=udisks2) /dev/mmcblk0p7 on /media/pi/Storage type ext4 (rw,nosuid,nodev,relatime,uhelper=udisks2) /dev/mmcblk0p6 on /media/pi/System type vfat (rw,nosuid,nodev,relatime,uid=1000,gid=1000,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,showexec,utf8,flush,errors=remount-ro,uhelper=udisks2)

rewrite URL in htaccess and remove everything but parameter Posted: 17 Apr 2021 04:47 PM PDT Is it possible to turn this URL: example.com/send.php?url=google.com&name=&submit=submit Into this URL: example.com/google.com When I try I just keep getting 404 or 500 errors and it's frustrating. Here's a few thing's I've tried. RewriteRule ^([^/]*)$ /send.php?url=$1&name=&submit=submit [NC,L] RewriteRule ^([-\w\.]*)$ /send.php?url=$1&name=&submit=submit [NC,L] RewriteRule ^(.*)$ /send.php?url=$1&name=&submit=submit [NC,L] If it's not possible then please could you tell me why it's not. I'm rather new to mod_rewrite and want to learn.

Error using mod_jk in httpd: undefined symbol: ap_get_server_version Posted: 17 Apr 2021 06:52 PM PDT We just recently installed a new RHEL7 server. Inside of this server, we have a bunch of vhosts, and inside the vhosts there is a couple of lines that looks like this - JkMount /rules_engine/rulesApi/rules/* rulesEngine JkMount /api/* rulesEngine JkMount /rules_editor/* rulesEngine So in order to handle this, we use mod_jk inside of our apache configuration. However, when I try to start apache, I get the following error - Syntax error on line 1 of /etc/httpd/conf.d/mod_jk.conf: Cannot load /etc/httpd/modules/mod_jk.so into server: /etc/httpd/modules/mod_jk.so: undefined symbol: ap_get_server_version The mod_jk.conf file is inside of /etc/httpd/conf.d, and it looks like this - LoadModule jk_module /etc/httpd/modules/mod_jk.so JkWorkersFile /etc/httpd/conf.d/workers.properties JkLogFile /var/log/httpd/mod_jk.log Change to WARN or ERROR for Prod JkLogLevel info JkShmFile /var/log/httpd/mod_jk.shm JkMount /rulesApi/rules/* rulesEngine JkMount /api/* rulesEngine JkMount /* rulesEditor JkMount /rules_editor/* rulesEditor Any ideas as to what that error means, and how I can get httpd to start? Thanks.

MySQL [ERROR] Can't start server: can't create PID file: No such fie or directory Posted: 17 Apr 2021 03:44 PM PDT I'm having trouble starting mysql and mysqld. Output of sudo service mysql start command is mysql : Unrecognized service Same way output of sudo service mysqld start is nothing When I tried sudo service mysqld status it says stopped I went through /var/log/mysql.log found this error : 2015-10-20 08:00:54 23694 [Note] InnoDB: 128 rollback segment(s) are active. 2015-10-20 08:00:54 23694 [Note] InnoDB: Waiting for purge to start 2015-10-20 08:00:54 23694 [Note] InnoDB: 5.6.21 started; log sequence number 1600607 2015-10-20 08:00:54 23694 [Note] Server hostname (bind-address): '*'; port: 3306 2015-10-20 08:00:54 23694 [Note] IPv6 is available. 2015-10-20 08:00:54 23694 [Note] - '::' resolves to '::'; 2015-10-20 08:00:54 23694 [Note] Server socket created on IP: '::'. 2015-10-20 08:00:54 23694 [ERROR] /usr/local/mysql/bin/mysqld: Can't create/write to fie '/var/run/mysqld/mysqld.pid' (Errcode: 2 - No such file or directory) 2015-10-20 08:00:54 23694 [ERROR] Can't start server: can't create PID file: No such fie or directory 151020 08:00:54 mysqld_safe mysqld from pid file /var/run/mysqld/mysqld.pid ended For which I looked online and tried to fix issue which said to be of the permission, So I created to fix this error which /var/run/mysqld for mysql.pid and I did chown the directory to mysql:mysql But still the problem persist. Can anyone help me out with this! Thanks

Apache: Request exceeded the limit of 10 internal redirects due to probable configuration error - WooCommerce Posted: 17 Apr 2021 03:44 PM PDT I have a woocommerce site. I have a recursive error in the Apache error.log: [Mon Nov 02 17:04:58.723578 2015] [core:error] [pid 2922] [client 172.31.12.207:19044] AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace., referer: https://gremyo.com/wp-content/themes/bishop/woocommerce/style.css [Mon Nov 02 17:04:58.812460 2015] [core:error] [pid 2928] [client 172.31.12.207:19045] AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace., referer: https://gremyo.com/wp-content/themes/bishop/woocommerce/style.css [Mon Nov 02 17:13:58.112870 2015] [core:error] [pid 3100] [client 172.31.27.233:39991] AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace. [Mon Nov 02 17:13:58.430530 2015] [core:error] [pid 2905] [client 172.31.27.233:39992] AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace. [Mon Nov 02 17:23:23.530340 2015] [core:error] [pid 3205] [client 172.31.11.223:48080] AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace., referer: http://gremyo.com/wp-signup.php?new=publisherweb [Mon Nov 02 17:25:08.819153 2015] [core:error] [pid 3244] [client 172.31.27.233:40380] AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace., referer: https://muyinteresante.gremyo.com/ I have seen the error happens when a javascript fires up a window with the detailed images (referer ...style.css) in the single product page. The google-chrome console registers these errors: Failed to load resource: the server responded with a status of 500 (Internal Server Error) https://gremyo.com/wp-content/themes/bishop/fonts/WooCommerce.woff Failed to load resource: the server responded with a status of 500 (Internal Server Error) https://gremyo.com/wp-content/themes/bishop/fonts/WooCommerce.ttf I have this in the .htaccess file, related to chrome errors. <IfModule mod_headers.c> <FilesMatch "\.(ttf|ttc|otf|eot|woff|font.css)$"> Header set Access-Control-Allow-Origin "*" </FilesMatch> </IfModule> However, the error appear in more places of the site (I haven't identified them yet). The reason to investigate this is the site doesn't load properly CSS in some product pages when they're cached. I use wp-super-cache and autoptimize plugins. Do you have an idea to help me? Thanks!

Openvas ldap authentication configuration Posted: 17 Apr 2021 02:43 PM PDT I'm stuck in the process of Openvas ldap authentication configuration. I use the following openvas components version from upstream: openvas libraries - 8.0.3 openvas manager - 6.0.3 (both installed from self made ppa repo openvas8) Distro - Ubuntu 14.04.2 LTS I found example.auth.conf in libraries sources tarball. With the help of strace i found the directory where openvasmd expected to find it's auth config: PREFIX/var/lib/openvas/openvasmd/auth.conf Due to empty PREFIX variable for me the path is following: /var/lib/openvas/openvasmd/auth.conf Then i raised the logging level 127=>128 for openvasmd (also runnig in verbose mode -v, cause without that flag interesting info could not be found in logs) Following the information a found in mailing list archives (example yeah it's rather outdated =\) i added to the config: [method:ldap] order=2 enable=false ldaphost=my_ldap_server_hostname authdn=uid=%s,my_dn allow-plaintext=false I also commented method:file section for test purposes. But after the service restart and login attempt (using GSAD web interface) i found in openvasmd.log: lib auth:WARNING:2015-06-23 12h04.38 utc:15352: Unsupported authentication method: method:ldap. And also the obvious result of login: md omp: DEBUG:2015-06-23 14h33.05 utc:17775: XML start: authenticate (0) ... - setting my creds, by the way password in log file was in plain text format md omp: DEBUG:2015-06-23 14h33.05 utc:17775: XML end: authenticate md main: /<authenticate_response status="400" status_text="Authentication failed"/ First of all, i thought it was misconfiguration issue while compiling the libraries (without ldap support flag). But both libraries and openvas manager are linked with ldap libs (i also added ldap dev libs to the debian/control file as build dependencies for packages): ldd /usr/lib/libopenvas_misc.so.8.0.3 | grep ldap libldap_r-2.4.so.2 => /usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2 (0x00007fc3529e9000) ldd /usr/sbin/openvasmd | grep ldap libldap_r-2.4.so.2 => /usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2 (0x00007f83fdead000) And i found no references of method:ldap in libraries source files. Only method:ldap_connect was found but it's so called "Per-User ldap authentication". If i correctly understand the conception it is an authentication mechanism for already created users with the right to authenticate via ldap, i've tested it and it works fine (this fact confirms openvas libraries/manager were compiled with ldap support). But it's not a full ldap integration feature i need.

How to configure nDPI for iptables Posted: 17 Apr 2021 08:54 PM PDT I am new to nDPI, I have installed nDPI but when I add rules like; iptables -I OUTPUT -m ndpi --http -j REJECT it shows error iptables v1.4.7: Couldn't load match `ndpi':/lib64/xtables/libipt_ndpi.so: cannot open shared object file: No such file or directory Try `iptables -h' or 'iptables --help' for more information. Plz, if anyone can tell me how to configure iptables for nDPI. I am using centOS 6.5 Thanks;

mod_security2.so: undefined symbol: ap_unixd_set_gl Posted: 17 Apr 2021 06:52 PM PDT service httpd restart Stopping httpd: [ OK ] Starting httpd: httpd: Syntax error on line 205 of /etc/httpd/conf/httpd.conf: Cannot load /etc/httpd/modules/mod_security2.so into server: /etc/httpd/modules/mod_security2.so: undefined symbol: ap_unixd_set_global_mutex_perms [FAILED] my httpd file: LoadModule unique_id_module modules/mod_unique_id.so LoadFile /usr/lib/libxml2.so #LoadFile /usr/lib/liblua5.1.so LoadModule security2_module modules/mod_security2.so any ideas? google has nothing. I followed these guidelines: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#wiki-SVN_Access Apache is 2.2.15 PHP is 5.3.3 I installed apache/php via yum

Samba share, local group, AD users Posted: 17 Apr 2021 07:49 PM PDT I have a Debian 6 system running Samba 3.5.6 that has been successfully set up to authenticate against an Active Directory domain (via SSH that is). I have a directory (let's call it /foo) that I want to be editable by both local users and AD users. I have created a local group "fooedit" and added both the local users and domain users to it. I have set up the neccessary ACLs on /foo to allow fooedit users to edit the files and tested it to be functioning via SSH for both the local and AD users. I would like the AD users to be able to edit via share as well, but can't seem to get the right configuration. They can see the share, but it prompts them for credentials when trying to access it and credentials don't work. Is this possible and if so what do I need to do it? I don't want to do this with an AD group if possible because I may need to do this on many machines with different users on each machine, so a local group would be cleaner. smb.conf: [foo] path = /foo writeable = yes browseable = yes valid users = @fooedit getfacl /foo: # file: foo # owner: bar # group: fooedit # flags: -s- user::rwx group::rwx mask::rwx other::--- default:user::rwx default:group::rwx default:other::--- /etc/group: ... fooedit:x:69:adsuser ... ... and go!

svn: Too many arguments to import command Posted: 17 Apr 2021 07:49 PM PDT Having a problem with the --message flag to the svn import command. On some servers it works, but on others it gets confused if the message contains spaces, even if you single or double quote the message string thus: svn import -m 'New stuff added' https://my-remote-repo/SVN/repo/path When it fails, I get the error: svn: Too many arguments to import command If I limit the message to one without any spaces, it succeeds everytime. Clearly the problem is with the command failing to recognise a quoted string, but why? Differences between whether it succeeds or not seems to be down to the particular OS/Shell combination I'm using. The command works on SUSE 10.3 with Ksh Version M 93s+ 2008-01-31, but fails on RHEL 5.6 with Ksh Version AJM 93t+ 2010-02-02. Or perhaps that's a red herring, and the real problem is something else differing between environments?

Automating ssh-copy-id Posted: 17 Apr 2021 02:50 PM PDT I have some arbitrary number of servers with the same user/pass combination. I want to write a script (that I call once) so that ssh-copy-id user@myserver is called for each server. Since they all have the same user/pass this should be easy but ssh-copy-id wants me to type the password in separately each time which defeats the purpose of my script. There is no option for putting in a password, ie ssh-copy-id -p mypassword user@myserver. How can I write a script that automatically fills in the password field when ssh-copy-id asks for it?

Exchange 2010 add mailbox server to DAG error Posted: 17 Apr 2021 08:54 PM PDT i'm having some problems when adding a second mailbox server to my DAG in Exchange 2010. The test setup goes like this: 1x windows server 2008 (DC/DNS) 2x windows server 2008 (Exchange 2010) I have made sure all services are up and running and that the "Exchange Trusted Subsystem" account is set as a local admin. When i create a DAG i can add the first mailbox server (A) without any problems, but when i go to add the second (B) it gives me an error saying "Unable to contact the Cluster service on 1 other members (member) of the Database availability group. It does the same if i add (B) first and then try to add (A). Here is a part of the log file: [2010-04-05T15:00:27] GetRemoteCluster() for the mailbox server failed with exception = An Active Manager operation failed. Error: An error occurred while attempting a cluster operation. Error: Cluster API '"OpenCluster(EXCHANGE20102.area51.com) failed with 0x6d9. Error: There are no more endpoints available from the endpoint mapper"' failed.. This is OK. [2010-04-05T15:00:27] Ignoring previous error, as it is acceptable if the cluster does not exist yet. [2010-04-05T15:00:27] DumpClusterTopology: Opening remote cluster AREA51DAG01. [2010-04-05T15:00:27] DumpClusterTopology: Failed opening with Microsoft.Exchange.Cluster.Replay.AmClusterApiException: An Active Manager operation failed. Error: An error occurred while attempting a cluster operation. Error: Cluster API '"OpenCluster(AREA51DAG01.area51.com) failed with 0x5. Error: Access is denied"' failed. ---> System.ComponentModel.Win32Exception: Access is denied --- End of inner exception stack trace --- Any help would be really appreciated, thanks.

You are subscribed to email updates from Recent Questions - Server Fault. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States