Recent Questions - Server Fault

---

• Can ping OPC UA server, but cannot connect to it
• RDS RD Web Access on Windows Server 2012 R2 Essentials
• I'm having trouble accessing my Plesk Panel on the remote server after Node.Js installation [closed]
• Apache VirtualDocumentRoot multiple subdirectories possible
• Google Cloud VM startup-script to change ssh port
• php-fpm not conncecting to mysqld.sock
• why is port 35128 associated with ssh2? [duplicate]
• I Would like to develop a web crawling system. how to get the Web URL List?
• AD domain accounts cannot login Windows workstation
• Not Able to start tomcat-logserver.service
• Wifi Router Internet connection not working with PC, although mobile's hotspot does [closed]
• Aggregate multiple log files in a directory
• How can I setup 2FA on non-interactive SSH connections?
• How to configure a double proxy jump for apt install?
• what's root cause of "A start job is running for Create Volatile Files and Directories"
• How do I forward all invalid incoming mails in exim
• GlusterFS not running on correct port! (peer disconnected / brick not starting)
• Samba login failure: getpwuid failed
• Dovecot Virtual Users Cannot Send/Receive Mail
• Squid proxy behind Haproxy
• Containerized PostgreSQL with data on a distributed file system
• PHP5 unmet dependencies when upgrading
• Convert HTTP request to HTTPS through Apache and Squid
• Failed at step EXEC spawning /usr/libexec/mariadb-prepare-db-dir
• Domino always server fails to send SMTP email at first attempt
• Unable to Access SBS 2011 Backup Drive
• Zabbix agent - high CPU usage
• nginx regex characters that require quoting?
• blank email bodies on exchange 2010 / outlook 2010

Can ping OPC UA server, but cannot connect to it Posted: 27 Apr 2022 12:50 AM PDT I have an OPC UA server running on a PLC from BR Automation and would like to connect to it from UaExpert running on a Windows 10 machine. It has worked previously, but after physical re-placement of the components and installing a new ethernet cable, I cannot connect to the server any more: GetEndpoints on EndpointUrl failed with 'BadTimeout', retrying on all DiscoveryUrls Could not connect to server: BadHostUnknown However, I am still able to ping the OPC UA server. Security and Authentication Settings are unchanged on my side. I have no possibility to access the settings on the server side, but there is no reason why they would have changed. They have never changed in the past. The new ethernet cable has a length of about 40 meters. Maybe that is an issue? Does anyone have a suggestion why I cannot connect to the server, even though I can ping it?

RDS RD Web Access on Windows Server 2012 R2 Essentials Posted: 27 Apr 2022 12:50 AM PDT I have a single server setup on Windows Server Essentials 2012 R2 and I need to deploy MFA to secure RDP access to some of the office machines. I don't believe the Anywhere Access bundled with 2012 R2 Essentials is capable of this, so I have installed RDS in order to run it through the Application Proxy (1.6, which I know is only supported until August). I am having issues getting access to desktop sessions through RD Web Access and would like some advice please. So far I have de-activated Anywhere Access and have RDS setup on the server, which is also the DC and DNS for the network. The external domain (server.domain.com) is backed by a trusted certificate and points to the gateway router that the server is behind. Port 443 is forwarded to the server and there is an A record resolving internal lookups to server.domain.com to the server There is a CAP and a RAP in place that are assigned a security group of users that are permitted remote access and a security group of computers that should be remotely accessible. The RD Web landing page shows up at server.domain.com/RDWeb and if I try and login there were initially only basic resources (MS Paint, etc.). I unpublished these and published the RDP app, but this was not visible and there are no computers visible on the RDWeb landing page. I found an article that advised changing the value of ShowInPortal in a Terminal Server registry key, and this creates an RDP sessions for what I think is the server that repeatedly asks for credentials, but doesn't authenticate Interestingly, the original Anywhere Access landing page is still served up by IIS and this still provides RDP sessions for the individual computers on the network, but these throw out an error message after providing credentials to say that 1) the user account, or 2) the computer is not authorised to use the RD Gateway or 3) an incompatible authentication method is being used (I have selected password only at this stage). I haven't looked at licensing yet, as I am assuming that the grace period will allow me to test this and shouldn't be a barrier to getting it up and running? I know the above is a lot to pick through, but if anyone has any ideas, I would love to hear them.

I'm having trouble accessing my Plesk Panel on the remote server after Node.Js installation [closed] Posted: 27 Apr 2022 12:10 AM PDT I'm having trouble accessing my Plesk Panel on the remote server. I used Apache Web Server in Plesk Panel. But for an application development I had to use Node.Js. So I searched Plesk official website how to do it and just installed Node.Js and NPM server from Plesk admin panel. After confirming the install, I saw the install progress bar and it never went away. I've waited over a few days to finish this process bar. The problem is that I can never access the Plesk login panel again (port 8443/8880 is closed automatically) and I can't even access the login page. HTTP or HTTPS requests return "Unable to connect" message. However, everything except the Plesk Panel login page (i.e. webpages, emails, MySQL database) works fine. I've tried accessing the server to open the port with SSH by the admin account, but it's being rejected by server. (I've tested FTP access from the admin account, but it's also denied). Thus, I cannot restart the server again. I cannot see logs, I cannot edit htaccess files, or stop any process, change firewall setting, etc. I can only access the server using SSH and FTP by standard user accounts, but they don't have the required permission to make any changes. How can I solve this problem? Any help would be greatly appreciated.

Apache VirtualDocumentRoot multiple subdirectories possible Posted: 26 Apr 2022 11:38 PM PDT I have a local Apache server for developing pages. Therefore, I have a root folder where all the different pages are in subfolders. Those folders then have another subfolders for the public content. This could be - depending on the framework - a different folder (e.g. public, wwwroot, webroot, httpdocs). Folder structure: / |-- srv |-- http |-- page | |-- webroot | |-- .htaccess | |-- index.php |-- page2 |-- public |-- index.php Now instead of using http://localhost/page/webroot I want to use the http://page.localhost/ URL scheme because it should be like in real world (e.g. links which point to root should work and so on). First I tried with VirtualDocumentRoot /srv/http/%-2/webroot/ which seems to work pretty fine if all pages have the webroot folder as public folder. However, it does not work if the public folder has a different name. So my second approach was to use mod_rewrite. with something like: DocumentRoot /srv/http RewriteEngine On RewriteCond %{HTTP_HOST} (.+)\.[^\.]+$ RewriteCond %{DOCUMENT_ROOT}/%1/webroot -d RewriteRule ^(.+) %{DOCUMENT_ROOT}/%1/webroot/$1 [L] (The last 3 lines can be repeated for the other folders - skipped here for readability) That looked quite promising in the beginning, but then I found out that it does not work if the page has a .htaccess file with local mod_rewrite in it which maps all requests to index.php (like some framework do). In this case the mod_rewrite will run into an endless loop as the dynamic part of the path is treated like a subfolder and not like the DocumentRoot. Here is the output from the log: https://pastebin.com/4aNgRahx This repeats until the recursion limit is reached. The .htaccess file looks like this: <IfModule mod_rewrite.c> RewriteEngine On RewriteRule ^ index.php [L] </IfModule> If I switch it off it will work. So what I should do now? Changing the .htaccess or any files in the project folder is not an option because it will not work anymore in the real server then.

Google Cloud VM startup-script to change ssh port Posted: 26 Apr 2022 11:34 PM PDT After changing port i'm unable to login SSH Extremely large packet length from remote suggests data stream corruption firewall already open for that port Now i wanted to try revert ssh port to 22 Can I do it with google startup-script and if yes, what command i need for that ? Thanks

php-fpm not conncecting to mysqld.sock Posted: 26 Apr 2022 11:12 PM PDT i have created a profile using aa-genprof type=AVC msg=audit(1): apparmor="DENIED" operation="connect" info="Failed name lookup - disconnected path" error=-13 profile="/usr/sbin/php-fpm7.4" name="run/mysqld/mysqld.sock" pid=3723 comm="php-fpm7.4" requested_mask="wr" denied_mask="wr" fsuid=33 ouid=113 i manually added /var/run/mysqld/mysqld.sock rw, to apparmor profile still same any solution??

why is port 35128 associated with ssh2? [duplicate] Posted: 26 Apr 2022 10:41 PM PDT I failed to login to my root account over ssh, and when doing so I noticed this interesting line in auth.log: "Failed password for root from [ip address] port 35128 ssh2" I'm not so interested in the actual failure to access root (I found a solution to this), I'm more interested in why this is going to/coming from port 35128 since ufw is set to deny incoming traffic on ports that aren't 80 and 22 by default. I'm very new to working with servers, so I'm interested to see what this is.

I Would like to develop a web crawling system. how to get the Web URL List? Posted: 26 Apr 2022 10:32 PM PDT I Would like to develop a web crawling system. any idea to get Malaysia visited Web URL? or how to get all the world Domain name? like google bot can web crawling for all web site.

AD domain accounts cannot login Windows workstation Posted: 26 Apr 2022 09:01 PM PDT Tried some searching but failed to find helpful answers. I'm currently examining an AD domain user account issues in an enterprise DevOp environment which is utilizing VMware Horizon VDI and the VDI is affected by the issues. The problem is: the existing AD user accounts are able to access Windows 10 desktops(which are domain-joined) but the new created AD user accounts cannot login these desktops. While logging in with the "welcome" word and circle figure appear on the screen, the "new created AD user accounts" will be kicked with no error messages. I did some troubleshooting with the VMware Horizon part and some of the error/log messages from theses VMware Horizon products are listed below: "Sending not authenticated response for set-user-global-preferences request." "Sending not authenticated response for do-logout request." "Invalidating the session marked unauthenticated" "Session : bab3--0c66--72f6-***-7a66 is removed" "Request router channel became inactive" And eventually VMware official support engineer determined that the root cause is from AD domain. Let's back to the topic about AD domain. At the beginning, there's only one Ad domain controller of window server 2016 version 1607 with only the roles "AD domain service" and "DNS" installed. In recent days, I thought the issue was due to first DC system unstable so a second domain controller was created and all 5 FSMO roles were transferred to this second DC. Currently I tried using the new created ad domain users to login the Windows desktops directly(bypass VMware product) - still the same issue! I can see Windows server ID 2089, 2887 on the domain controllers but according to my understanding these do not concern the domain accounts' login issue of my question. From the Windows workstation desktop(that I repeatedly use domain users to try to login and troubleshoot), I discovered lots of id 7001 and 10005 events in the event viewer. This is weird. I enabled LDAP "require signing" policy on DC and workstations but the issue still persist... Can anyone give me some hints please.

Not Able to start tomcat-logserver.service Posted: 26 Apr 2022 11:24 PM PDT systemctl status tomcat-logserver.service ● tomcat-logserver.service - Apache Tomcat Web Application Container Loaded: loaded (/etc/systemd/system/tomcat-logserver.service; enabled; vendor preset: disabled) Active: failed (Result: start-limit) since Tue 2022-04-26 23:30:23 BST; 4s ago Process: 29949 ExecStart=/apps/tomcat/apache-tomcat-9.0.58/bin/startup.sh (code=exited, status=203/EXEC) [root@XXXXXXX bin]# systemctl status tomcat-logserver.service ● tomcat-logserver.service - Apache Tomcat Web Application Container Loaded: loaded (/etc/systemd/system/tomcat-logserver.service; enabled; vendor preset: disabled) Active: failed (Result: start-limit) since Tue 2022-04-26 23:30:23 BST; 4s ago Process: 29949 ExecStart=/apps/tomcat/apache-tomcat-9.0.58/bin/startup.sh (code=exited, status=203/EXEC) Apr 26 23:30:23 blt15204001 systemd[1]: Failed to start Apache Tomcat Web Application Container. Apr 26 23:30:23 blt15204001 systemd[1]: Unit tomcat-logserver.service entered failed state. Apr 26 23:30:23 blt15204001 systemd[1]: tomcat-logserver.service failed. Apr 26 23:30:23 blt15204001 systemd[1]: tomcat-logserver.service holdoff time over, scheduling restart. Apr 26 23:30:23 blt15204001 systemd[1]: Stopped Apache Tomcat Web Application Container. Apr 26 23:30:23 blt15204001 systemd[1]: start request repeated too quickly for tomcat-logserver.service Apr 26 23:30:23 blt15204001 systemd[1]: Failed to start Apache Tomcat Web Application Container. Apr 26 23:30:23 blt15204001 systemd[1]: Unit tomcat-logserver.service entered failed state. Apr 26 23:30:23 blt15204001 systemd[1]: tomcat-logserver.service failed. [root@blt15204001 bin]#

Wifi Router Internet connection not working with PC, although mobile's hotspot does [closed] Posted: 26 Apr 2022 10:03 PM PDT I have a PC with windows 11 on it, and I bought this network adapter for allowing me connect the internet through wifi: https://prnt.sc/5ekQQycs6QWl After installing the driver, I tried to connect to my home's wifi network, but it didn't succes. After connecting to it, it says "No Internet, Secure" in the wifi's list. However, when I open hotspot on my phone, it always working and I have internet on my PC. Also, the house's wifi works execlent, as all the devices and TV's are working with it. It tried restart everything, the modem, PC, forget network and connect again but it still not working. Also, I do have ping to the default gateway (192.168.1.1) Any help please ?

Aggregate multiple log files in a directory Posted: 26 Apr 2022 11:48 PM PDT I have k3s single node cluster running on a machine. I do not have any logging infrastructure set up yet and I'd leave this as a future learning experience for now. On that k3s I run some cron jobs which create logs for each of the jobs into a separate file. I can observe them in /var/log/containers/cron-job-* on the host machine. These logs disappear after a certain amount of time(successfulJobsHistoryLimit: 3). New job instances create new log files. I'm unable to find a simple tool that could watch that logs directory, preferably with a file name pattern, and stream/join those small job logs into a single log file, including new files that are being created. I don't mind if file name is lost, I just want the log lines to end up in one file serving as an archive of all the job runs. What I have considered? I could just add a script to cat those files and append into a target file with an interval, but I'd have to keep track which files have already been inserted in case of the jobs get out of sync or the cron interval changes. Also I might like to extend this functionality for pods that are "long-running" and in this case I'd have to start tracking updated lines in logs. All examples I have found deal with real-time tailing on screen, which Is not what I need. I kind of need multi-tailing into a target log file. Any ideas? (I'd also accept some kind of simple Kubernetes logging hook example)

How can I setup 2FA on non-interactive SSH connections? Posted: 26 Apr 2022 08:59 PM PDT I would like to add a level of security for logins to an SSH server (Ubuntu), using two factor authentication. One particularity on how the users connect to the SSH server is that sometimes they do it in a non-interactive way: the SSH server is configured in the users' MySQL client to be used as a bastion/proxy to reach a database. As a consequence I'm looking for 2FA setups that don't require the user to type anything in a terminal. One existing solution that sounds promising in theory is Google's phone prompt allowing the user to validate the connection. Every SSH user would be associated with a phone number and this phone number would receive a prompt to validate on each connection. An obvious downside to this idea is that it sounds like it would require the development of a phone app, which would make it way too complicated and expensive. Are there other techniques that I could use to allow users to validate non-interactive SSH logins?

How to configure a double proxy jump for apt install? Posted: 27 Apr 2022 01:06 AM PDT I need to install packets in a KVM guest (vm) but the KVM host (hypervisor) doesn't have internet. I already know how to configure an ssh+apt proxy to give apt install capabilities to computers in a one jump lenght proxy. I tried setting a bridged interface but I keep getting connexion error after a few seconds of apt install through ssh. I'm now in the need to perform a double jump to work aroung this issue. I tried chaining the proxy like below but I encounter some errors : | pc-wan | | hypervisor | |192.168.254.50|<-------ssh1------->|192.168.254.20| | VM1 | / |192.168.122.1 |<-------ssh2------->|192.168.122.15 | -R 3334:ftp-debian:80 | \ | | -R 3333:pc-wan:3334 | | | apt-proxy = localhost:3334 apt-proxy = localhost:3333 \_______________working_______________/ \_____________________________________________KO_____________________________________________/ The first jump work fine, I can apt install on the hypervisor. But when I try it on VM1, the following error apprear : connect_to to 192.168.254.50 port 3344: failed. It seems to come from the redirection between the two ssh sessions, the hypervisor seems to fail to redirect the apt install request from VM1 to the ssh1 tunnel. Do you know how to resolve my issue ? Note : The KVM host-guest network interconnexion is done by the default NAT bridge (switch).

what's root cause of "A start job is running for Create Volatile Files and Directories" Posted: 26 Apr 2022 11:28 PM PDT Stuck at "A start job is running for Create Volatile Files and Directories" after reboot a server(Debian 9.5, 64bit), and solve by this "boot-stuck-at-a-start-job-is-running-for-create-volatile-files-and-directories". I can't figure out what is the root cause of this issue, although search from many questions which are not refer the root cause but just the varied solutions that not meet me. We have not reach the limit of file or (sub) directory, and set the dir_nlink for ext4. # sudo tune2fs -l /dev/debian-vg/root | grep dir_nlink Filesystem features: has_journal ext_attr resize_inode dir_index filetype needs_recovery extent 64bit flex_bg sparse_super large_file huge_file dir_nlink extra_isize metadata_csum And the are more than 50% capacity of inode and disk. The original /tmp directory only little file and directory, total disk space usage only 1G. Some info: $ cat /proc/cmdline BOOT_IMAGE=/boot/vmlinuz-4.9.0-7-amd64 root=/dev/mapper/debian--vg-root ro net.ifnames=0 biosdevname=0 console0=tty0 console=ttyS0,115200n8 quiet $ mount sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime) proc on /proc type proc (rw,nosuid,nodev,noexec,relatime) udev on /dev type devtmpfs (rw,nosuid,relatime,size=4077900k,nr_inodes=1019475,mode=755) devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000) tmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=817924k,mode=755) /dev/mapper/debian--vg-root on / type ext4 (rw,relatime,errors=remount-ro,data=ordered) securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime) tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev) tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k) tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755) cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd) pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime) cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct) cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices) cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids) cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event) cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio) cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory) cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset) cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer) cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio) systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=36,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=9039) mqueue on /dev/mqueue type mqueue (rw,relatime) hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime) debugfs on /sys/kernel/debug type debugfs (rw,relatime) tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=817920k,mode=700,uid=1000,gid=1000) $ lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT vda 254:0 0 1000G 0 disk └─vda1 254:1 0 1000G 0 part └─debian--vg-root 253:0 0 3T 0 lvm / vdb 254:16 0 4T 0 disk vdc 254:32 0 2T 0 disk └─debian--vg-root 253:0 0 3T 0 lvm / $ blkid /dev/vda1: UUID="ijfyeQ-***" TYPE="LVM2_member" PARTUUID="d6***" /dev/mapper/debian--vg-root: UUID="2d2294a9-***" TYPE="ext4" /dev/vdc: UUID="PXrGC9-***" TYPE="LVM2_member" $ sudo find /tmp/ | wc -l 28905144

How do I forward all invalid incoming mails in exim Posted: 26 Apr 2022 10:30 PM PDT I have to all my invalid incoming to new addresss I have a route like this. virtual_aliases: driver = redirect allow_defer allow_fail domains = lsearch;/etc/userdomains user = "${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }" group = "${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }" address_data = \ "router=$router_name \ redirect=${quote:${lookup \ {$local_part} \ lsearch{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/aliases} \ }}" data = ${extract{redirect}{$address_data}} file_transport = address_file router_home_directory = ${extract \ {5} \ {::} \ {${lookup passwd \ {${lookup \ {$domain_data} \ lsearch{/etc/userdomains} \ {$value} \ }} \ {$value} \ }} \ } local_part_suffix = +* local_part_suffix_optional retry_use_local_part unseen userforward: driver = redirect allow_filter allow_fail forbid_filter_run forbid_filter_perl forbid_filter_lookup forbid_filter_readfile forbid_filter_readsocket check_ancestor check_local_user domains = $primary_hostname no_expn require_files = "+$home/.forward" condition = "${extract{size}{${stat:$home/.forward}}}" file = $home/.forward file_transport = address_file reply_transport = address_reply directory_transport = address_directory user = $local_part_data group = $local_part_data no_verify File as user: redirect@domain.com , user *: ::fail:Any Message Here my normal forward works but not this * one

GlusterFS not running on correct port! (peer disconnected / brick not starting) Posted: 26 Apr 2022 10:01 PM PDT On CentOS 7 witch two bricks on srv1 and srv2 I've upgraded gluster from 313 to 6 by using yum. I then rebooted server 1, started and mounted the drive successfully. This is my mount command: /usr/sbin/mount.glusterfs 127.0.0.1:/RepVol /home -o direct-io-mode=enable I then restarted srv2, I cannot mount: [2019-08-29 14:16:01.354362] I [MSGID: 101190] [event-epoll.c:680:event_dispatch_epoll_worker] 0-epoll: Started thread with index 0 [2019-08-29 14:16:01.354402] I [glusterfsd-mgmt.c:2443:mgmt_rpc_notify] 0-glusterfsd-mgmt: disconnected from remote-host: srv2 [2019-08-29 14:16:01.354409] I [glusterfsd-mgmt.c:2463:mgmt_rpc_notify] 0-glusterfsd-mgmt: Exhausted all volfile servers [2019-08-29 14:16:01.354600] W [glusterfsd.c:1570:cleanup_and_exit] (-->/lib64/libgfrpc.so.0(+0xf1d3) [0x7f477284f1d3] -->/usr/sbin/glusterfsd(+0x12fef) [0x564e35a67fef] -->/usr/sbin/glusterfsd(cleanup_and_exit+0x6b) [0x564e35a6001b] ) 0-: received signum (1), shutting down [2019-08-29 14:16:01.357036] I [socket.c:3754:socket_submit_outgoing_msg] 0-glusterfs: not connected (priv->connected = 0) [2019-08-29 14:16:01.357050] W [rpc-clnt.c:1704:rpc_clnt_submit] 0-glusterfs: failed to submit rpc-request (unique: 0, XID: 0x2 Program: Gluster Portmap, ProgVers: 1, Proc: 5) to rpc-transport (glusterfs) The error message is Exhausted all volfile servers. At least that's the only thing showing as an error imo. on srv1: Gluster process TCP Port RDMA Port Online Pid ------------------------------------------------------------------------------ Brick srv1:/datafold 49152 0 Y 16291 Self-heal Daemon on localhost N/A N/A Y 16313 Task Status of Volume RepVol ------------------------------------------------------------------------------ There are no active volume tasks on srv2: Gluster process TCP Port RDMA Port Online Pid ------------------------------------------------------------------------------ Brick srv1:/datafold 49152 0 Y 16291 Brick srv2:/datafold N/A N/A N N/A Self-heal Daemon on localhost N/A N/A N N/A Self-heal Daemon on srv1 N/A N/A Y 16313 Task Status of Volume RepVol ------------------------------------------------------------------------------ There are no active volume tasks So it makes sense it cannot mount when the brick is offline. However, I have no clue how to start this brick, even after searching for hours. It would be nice to find a solution. I tried removing the volume to recreate it but it complains not all bricks are connected. I also read that gluster uses ipv6 on default since version 5, but not sure how it affect my setup since srv1 seems to be up and running? EDIT: Glusterd is not running on the right port! It should be 24007 but it is shown as: netstat -tulpn | grep gluster tcp 0 0 0.0.0.0:34678 0.0.0.0:* LISTEN 28743/glusterd what the hell? How do I fix this?? Restarting does nothing than that it assigns a new random port... tcp 0 0 0.0.0.0:43914 0.0.0.0:* LISTEN 17134/glusterd Why is it not running on 24007?

Samba login failure: getpwuid failed Posted: 27 Apr 2022 12:56 AM PDT I cannot access a remote drive using Windows or smbclient; my authentication appears successful according to the samba log file, but getpwuid fails. The server (remote) is running CentOS 7.2 and Samba 4.2.3. The client is CentOS 7.2 and smbclient 4.2.3. The logfile shows: [2017/05/06 22:57:48.729284, 2] ../source3/auth/auth.c:305(auth_check_ntlm_password) check_ntlm_password: authentication for user [developer_prod] -> [developer_prod] -> [developer_prod] succeeded [2017/05/06 22:57:48.731091, 1] ../source3/auth/token_util.c:430(add_local_groups) SID S-1-5-21-4007675785-2624567327-467545301-1000 -> getpwuid(16777216) failed [2017/05/06 22:57:48.731164, 1] ../source3/smbd/sesssetup.c:280(reply_sesssetup_and_X_spnego) Failed to generate session_info (user and group token) for session setup: NT_STATUS_UNSUCCESSFUL Strangely, the SID corresponds to a local user: # wbinfo -s S-1-5-21-4007675785-2624567327-467545301-1000 NY4010\developer_prod 1 (ny4010 is my samba server machine) Even though on the client I am logging in using a domain user: $ smbclient -U 'my_domain\developer_prod' \\\\ny4010\\release 'password' session setup failed: NT_STATUS_UNSUCCESSFUL Here is my smb.conf file: [global] workgroup = MYDOMAIN password server = my_domain_server.mydomain.local realm = MYDOMAIN.LOCAL security = ads idmap config * : range = 16777216-33554431 template homedir = /home/%U template shell = /bin/bash kerberos method = secrets only winbind use default domain = true winbind offline logon = false log level = 2 encrypt passwords = yes unix extensions = no server string = Samba Server Version %v log file = /var/log/samba/log.%m max log size = 50 security = ads passdb backend = tdbsam realm = MYDOMAIN.LOCAL password server = my_domain_server.mydomain.local local master = no [homes] comment = Home Directories browseable = no writable = yes [release] comment = Shared directory: /prod path = /prod browseable = yes read only = no valid users = developer_prod guest ok = yes public = yes follow symlinks = yes wide links = yes force user = developer_prod [log] comment = Shared directory: /prod/log path = /prod/log browseable = yes read only = yes guest ok = yes public = yes my nsswitch.conf file looks like: passwd: files winbind I think the smoking gun here is that a local user's SID is showing up in that getpwuid failed line...

Dovecot Virtual Users Cannot Send/Receive Mail Posted: 26 Apr 2022 10:01 PM PDT I got Dovecot + Postfix running a few days ago in conjunction with Squirrelmail. Soon after, I got tired of "Mail for nuts," and switched to RainLoop. It seems to be working fine however, only with literal users. Virtual users can login, but cannot send OR receive mail. I've looked around, but can't figure anything out. One post indicated that this was caused by having destinations other than "localhost" in the Postfix config, but I still had the same issue. I think I've created all the needed accounts. The userDB is under the vmail account. Postfix (main.cf): # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no # TLS parameters smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt smtpd_tls_key_file = /etc/ssl/private/smtpd.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination myhostname = server1.endev.xyz alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = localhost relayhost = </code> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all home_mailbox = Maildir/ mailbox_command = smtpd_sasl_local_domain = smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtp_tls_security_level = encrypt smtpd_tls_security_level = may smtpd_tls_auth_only = no smtp_tls_note_starttls_offer = yes smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom Dovecot (dovecot.conf): ## Dovecot configuration file # If you're in a hurry, see http://wiki2.dovecot.org/QuickConfiguration # "doveconf -n" command gives a clean output of the changed settings. Use it # instead of copy&pasting files when posting to the Dovecot mailing list. # '#' character and everything after it is treated as comments. Extra spaces # and tabs are ignored. If you want to use either of these explicitly, put the # value inside quotes, eg.: key = "# char and trailing whitespace " # Most (but not all) settings can be overridden by different protocols and/or # source/destination IPs by placing the settings inside sections, for example: # protocol imap { }, local 127.0.0.1 { }, remote 10.0.0.0/8 { } # Default values are shown for each setting, it's not required to uncomment # those. These are exceptions to this though: No sections (e.g. namespace {}) # or plugin settings are added by default, they're listed only as examples. # Paths are also just examples with the real defaults being based on configure # options. The paths listed here are for configure --prefix=/usr # --sysconfdir=/etc --localstatedir=/var # Enable installed protocols !include_try /usr/share/dovecot/protocols.d/*.protocol # A comma separated list of IPs or hosts where to listen in for connections. # "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces. # If you want to specify non-default ports or anything more complex, # edit conf.d/master.conf. #listen = *, :: # Base directory where to store runtime data. #base_dir = /var/run/dovecot/ # Name of this instance. In multi-instance setup doveadm and other commands # can use -i <instance_name> to select which instance is used (an alternative # to -c <config_path>). The instance name is also added to Dovecot processes # in ps output. #instance_name = dovecot # Greeting message for clients. #login_greeting = Dovecot ready. # Space separated list of trusted network ranges. Connections from these # IPs are allowed to override their IP addresses and ports (for logging and # for authentication checks). disable_plaintext_auth is also ignored for # these networks. Typically you'd specify your IMAP proxy servers here. #login_trusted_networks = # Space separated list of login access check sockets (e.g. tcpwrap) #login_access_sockets = # With proxy_maybe=yes if proxy destination matches any of these IPs, don't do # proxying. This isn't necessary normally, but may be useful if the destination # IP is e.g. a load balancer's IP. #auth_proxy_self = # Show more verbose process titles (in ps). Currently shows user name and # IP address. Useful for seeing who are actually using the IMAP processes # (eg. shared mailboxes or if same uid is used for multiple accounts). #verbose_proctitle = no # Should all processes be killed when Dovecot master process shuts down. # Setting this to "no" means that Dovecot can be upgraded without # forcing existing client connections to close (although that could also be # a problem if the upgrade is e.g. because of a security fix). #shutdown_clients = yes # If non-zero, run mail commands via this many connections to doveadm server, # instead of running them directly in the same process. #doveadm_worker_count = 0 # UNIX socket or host:port used for connecting to doveadm server #doveadm_socket_path = doveadm-server # Space separated list of environment variables that are preserved on Dovecot # startup and passed down to all of its child processes. You can also give # key=value pairs to always set specific settings. #import_environment = TZ ## ## Dictionary server settings ## # Dictionary can be used to store key=value lists. This is used by several # plugins. The dictionary can be accessed either directly or though a # dictionary server. The following dict block maps dictionary names to URIs # when the server is used. These can then be referenced using URIs in format # "proxy::<name>". dict { #quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext #expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext } # Most of the actual configuration gets included below. The filenames are # first sorted by their ASCII value and parsed in that order. The 00-prefixes # in filenames are intended to make it easier to understand the ordering. !include conf.d/*.conf # A config file can also tried to be included without giving an error if # it's not found: !include_try local.conf # CUSTOM CONFIG # # Enabled Protocols protocols = pop3 imap pop3_uidl_format = %08Xu%08Xv # Plugins mail_plugins = $mail_plugins quota # IMAP Protocol protocol imap { listen = *:143 ssl_listen = *:993 imap_client_workarounds = tb-extra-mailbox-sep mail_plugins = $mail_plugins imap_quota } # POP3 Protocol protocol pop3 { listen = *:110 ssl_listen = *:995 } plugin { quota = maildir } # SSL ssl = yes ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem ssl_key_file = /etc/ssl/private/ssl-cert-snakeoil.key # logs log_path = /var/log/dovecot.log info_log_path = /var/log/dovecot-info.log # Authentication configuration: auth_verbose = yes auth_mechanisms = plain passdb { driver = passwd-file args = scheme=plain-md5 username_format=%n /home/vmail/dovedb } userdb { driver = passwd-file args = username_format=%n /home/vmail/dovedb default_fields = uid=vmail gid=vmail home=/home/vmail/%u } protocol lda { postmaster_address = postmaster@endev.xyz } Dovecot commands also seems to indicate that some settings such as ssl_cert_file and ssl_key_file are deprecated, however, when I replaced them with the new settings, RainLoop would not authenticate. I'm thinking about switching to RoundCube anyway, but still not sure what happened. VirtualUserDB (dovedb): oct:{SSHA}*removed*::::::userdb_quota_rule=*:storage=128M pf:{SSHA}*removed*::::::userdb_quota_rule=*:storage=128M

Squid proxy behind Haproxy Posted: 27 Apr 2022 01:05 AM PDT In my configuration, I use Haproxy mainly for reverse proxy. I installed Squid Proxy in my private lan and I can access it from external with port 3128. But I use the basic authentification ncsa and the headers is not crypted so my login is vulnerable. I want to forward my proxy by haproxy. [Client]->proxy.example.net->[haproxy:443 ssl]->[squid:3128] I added in my haproxy configuration a new backend: frontend www-https bind *:443 ssl crt /etc/haproxy/ssl/fullchain.pem no-sslv3 log global mode http use_backend proxy-squid if { ssl_fc_sni proxy.example.com } use_backend default if { ssl_fc_sni example.com } default_backend default backend default option forwardfor server d8-apps 127.0.0.1:8000 #nginx backend proxy-squid mode http option forwardfor option http-server-close server d8-apps 127.0.0.1:3128 My default backend and other works fine but not proxy-squid. I realized a "tcpdump -nX -vv -i lo port 3128" during my request and nothing.. and with the port 443, I see many packets with incorrect checksum. In Wireshark, I do not see the ssl handshake like when I accessing example.com (default backend). I just see the 3-way handshake tcp followed by FIN, ACK. I think Haproxy do not understand my real request when I set the proxy in my browser config. So, is it possible to realize that with a specific configuration? Thanks!

Containerized PostgreSQL with data on a distributed file system Posted: 27 Apr 2022 01:05 AM PDT I am curious if somebody is actually running PostgreSQL in a container in production on some form of distributed file system - GlusterFS preferably, or anything. I am currently running Mesos/Marathon. In case the PostgreSQL node fails, Marathon simply launches another instance of PostgreSQL on other nodes and if done properly (service discovery and application recovering from database connection loss), the ultimate fault tolerance will be achieved. I know PostgreSQL has its own HA solutions, like log shipping and hot stand-by backup, but then one still need to solve the problem on when to switch from master to slave, how to do it properly and so on. So, how do you run PostgreSQL in production on GlusterFS or similar? If so, is it stable? How about performance?

PHP5 unmet dependencies when upgrading Posted: 26 Apr 2022 08:06 PM PDT Trying to upgrade PHP from 5.3 to 5.6 using the following: sudo add-apt-repository ppa:ondrej/php5-5.6 sudo apt-get update sudo apt-get install php5-common When I try this, I run into this error and not sure how to resolve: Reading package lists... Done Building dependency tree Reading state information... Done You might want to run 'apt-get -f install' to correct these: The following packages have unmet dependencies: libapache2-mod-php5 : Depends: apache2-api-20120211 Depends: apache2 (>= 2.4) Depends: php5-json php5-cli : Depends: php5-common (= 5.3.10-1ubuntu3.21) but 5.6.18+dfsg-1+deb.sury.org~precise+1 is to be installed php5-common : Breaks: php5-xdebug (< 2.2.2) but 2.1.0-1 is to be installed php5-curl : Depends: php5-common (= 5.3.10-1ubuntu3.21) but 5.6.18+dfsg-1+deb.sury.org~precise+1 is to be installed php5-gd : Depends: php5-common (= 5.3.10-1ubuntu3.21) but 5.6.18+dfsg-1+deb.sury.org~precise+1 is to be installed php5-intl : Depends: php5-common (= 5.3.10-1ubuntu3.21) but 5.6.18+dfsg-1+deb.sury.org~precise+1 is to be installed php5-mysqlnd : Depends: php5-common (= 5.3.10-1ubuntu3.21) but 5.6.18+dfsg-1+deb.sury.org~precise+1 is to be installed E: Unmet dependencies. Try 'apt-get -f install' with no packages (or specify a solution). If I try to precede the upgrade by doing sudo apt-get install python-software-properties then I get this error: The following packages have unmet dependencies: libapache2-mod-php5 : Depends: apache2-api-20120211 Depends: apache2 (>= 2.4) Depends: php5-common (= 5.6.18+dfsg-1+deb.sury.org~precise+1) but 5.3.10-1ubuntu3.21 is to be installed E: Unmet dependencies. Try 'apt-get -f install' with no packages (or specify a solution). If I try sudo apt-get apache2, I get this error: The following packages have unmet dependencies: apache2 : Depends: apache2-bin (= 2.4.16-4+deb.sury.org~precise+4) but it is not going to be installed Depends: apache2-utils (>= 2.4) Depends: apache2-data (= 2.4.16-4+deb.sury.org~precise+4) but it is not going to be installed Conflicts: apache2.2-bin but 2.2.22-1ubuntu1.10 is to be installed Conflicts: apache2.2-common but 2.2.22-1ubuntu1.10 is to be installed libapache2-mod-php5 : Depends: apache2-api-20120211 Depends: php5-common (= 5.6.18+dfsg-1+deb.sury.org~precise+1) but 5.3.10-1ubuntu3.21 is to be installed E: Unmet dependencies. Try 'apt-get -f install' with no packages (or specify a solution). I tried doing sudo apt-get -f install as suggested, but does not resolve problem. Instead, I get this: The following extra packages will be installed: apache2 apache2-bin apache2-data apache2-utils dh-php5 libedit2 libgd3 libmemcached11 libvpx1 php5-cli php5-common php5-curl php5-dev php5-gd php5-intl php5-json php5-mcrypt php5-memcached php5-mysqlnd php5-xdebug pkg-php-tools Suggested packages: www-browser apache2-doc apache2-suexec-pristine apache2-suexec-custom libgd-tools php5-user-cache dh-make Recommended packages: php5-readline The following packages will be REMOVED: apache2-mpm-prefork apache2.2-bin apache2.2-common The following NEW packages will be installed: apache2-bin apache2-data dh-php5 libgd3 libmemcached11 libvpx1 php5-json pkg-php-tools The following packages will be upgraded: apache2 apache2-utils libedit2 php5-cli php5-common php5-curl php5-dev php5-gd php5-intl php5-mcrypt php5-memcached php5-mysqlnd php5-xdebug 13 upgraded, 8 newly installed, 3 to remove and 10 not upgraded. 8 not fully installed or removed. Need to get 0 B/7,060 kB of archives. After this operation, 3,685 kB of additional disk space will be used. Do you want to continue [Y/n]? y (Reading database ... 149017 files and directories currently installed.) Unpacking apache2-bin (from .../apache2-bin_2.4.16-4+deb.sury.org~precise+4_amd64.deb) ... dpkg: error processing /var/cache/apt/archives/apache2-bin_2.4.16-4+deb.sury.org~precise+4_amd64.deb (--unpack): trying to overwrite '/usr/share/man/man8/apache2.8.gz', which is also in package apache2.2-common 2.2.22-1ubuntu1.10 dpkg-deb (subprocess): subprocess data was killed by signal (Broken pipe) dpkg-deb: error: subprocess <decompress> returned error exit status 2 Processing triggers for man-db ... Errors were encountered while processing: /var/cache/apt/archives/apache2-bin_2.4.16-4+deb.sury.org~precise+4_amd64.deb E: Sub-process /usr/bin/dpkg returned an error code (1) Also tried doing just sudo apt-get install php5 but get essentially the same error. What is the correct way to resolve these dependencies issues?

Convert HTTP request to HTTPS through Apache and Squid Posted: 27 Apr 2022 12:01 AM PDT We have a service running internally that needs to upload files to S3 and all outgoing traffic currently routes through a Squid server I manage. The service that sends the files only supports HTTP but we want them encrypted when going from the proxy to S3. It appears that Squid cannot do this natively, so I'm attempting to set up Apache 2.2 on port 80 on the same Ubuntu server to transparently rewrite the URL from http to https and then proxy it through Squid on 3128. I just haven't been able to figure out the right Apache configuration for this. I think it should be something like this (assume local IP is 10.1.2.3): <VirtualHost 10.1.2.3> ServerName 10.1.2.3 RewriteEngine on RewriteCond %{HTTPS} !=on RewriteCond %{SERVER_NAME} /\.s3-.*amazonaws\.com/ RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] ProxyRequests on <Proxy *> Order deny,allow Deny from all Allow from 10.0.0.0/8 # for example </Proxy> # now need to send rewritten https request through squid at 10.1.2.3:3128 </VirtualHost> It's that last comment that I haven't been able to figure out. Any suggestions?

Failed at step EXEC spawning /usr/libexec/mariadb-prepare-db-dir Posted: 27 Apr 2022 12:01 AM PDT a bit of a newbie here so mind my obliviousness. I'm trying to install mariadb on a fresh Centos 7 server, though upon running "systemctl start mariadb.service" I get this malarkey: Job for mariadb.service failed. See 'systemctl status mariadb.service' and 'journalctl -xn' for details. "journalctl -xn" outputs: The process /usr/libexec/mariadb-prepare-db-dir could not be executed and failed. And "systemctl status mariadb.service" outputs: Process: 27729 ExecStartPre=/usr/libexec/mariadb-prepare-db-dir %n (code=exited, status=203/EXEC) Dec 30 20:37:54 localhost.localdomain systemd[27729]: Failed at step EXEC spawning /usr/libexec/mariadb-prepare-db-dir: Permission denied I've checked the file permissions and it seems to be in order... Running from sudo also produces the same result. If anyone has any tips, they would be greatly appreciated. Thanks!

Domino always server fails to send SMTP email at first attempt Posted: 26 Apr 2022 09:05 PM PDT In our logs, we find the below: Router: No messages transferred to example.com (host mx.example.com) via SMTP: The server is not responding. The server may be down or you may be experiencing network problems. Contact your system administrator if this problem persists. Which is then followed by: Router: Transferring mail to domain example.com (host mx.example.com [111.111.111.111]) via SMTP Router: Message 12345678 transferred to mx.example.COM for recipient@example.com via SMTP Router: Transferred 1 messages to example.com (host mx.example.com) via SMTP Our messages go out normally, but we see this same issue EVERY connection we make. I beleive there is something wrong with my configuration, probably with a timeout, or something similar, but I have not been able to pinpoint it correctly.

Unable to Access SBS 2011 Backup Drive Posted: 26 Apr 2022 09:05 PM PDT I have a client running an SBS 2011 server that is configured to make backups to an external hard drive via the built in server backup utility. I am unable to access this drive - It shows up in disk management but there is no drive letter assigned. When I assign a drive letter, the drive shows up but I get an access denied error when attempting to open. Is this normal behavior for an SBS backup drive?

Zabbix agent - high CPU usage Posted: 26 Apr 2022 11:06 PM PDT I am monitoring a host with the help of Zabbix and I noticed that Zabbix agent started using quite a lot of CPU cycles: PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 26774 zabbix 20 0 68428 1312 752 R 99 0.0 63:27.67 /usr/sbin/zabbix_agentd 26773 zabbix 20 0 68428 1324 764 R 99 0.0 63:26.33 /usr/sbin/zabbix_agentd There are about 100 items monitored with the agent. They are also monitored on other identical hosts where Zabbix agent does not consume so much of CPU. Agents send collected data to Zabbix proxy. The agent configuration is default. The host CPU has 8 cores (2.4 Gz). The smallest time value for monitored items is 60 seconds. I use Zabbix server / agent 1.8.11 and I can't upgrade to 2.2 at least now. I checked debug log from all sides: Zabbix server, proxy, agent and can't find any issues there. Just usual checks received and sent all of the time. I don't know how to investigate this issue further and asking for community help. How could I trace why agent is consuming CPU so hard? One more thing that is looking strange for me is stats of the network connections: netstat -an|awk '/tcp/ {print $6}'|sort|uniq -c 2 CLOSE_WAIT 21 CLOSING 3521 ESTABLISHED 2615 FIN_WAIT1 671 FIN_WAIT2 1542 LAST_ACK 14 LISTEN 256 SYN_RECV 117841 TIME_WAIT Thank you. Update 1. netstat -tnp|grep zabbix tcp 1 0 10.120.0.3:10050 10.128.0.15:53372 CLOSE_WAIT 23777/zabbix_agentd tcp 1 0 10.120.0.3:10050 10.128.0.15:53970 CLOSE_WAIT 23775/zabbix_agentd tcp 1 0 10.120.0.3:10050 10.128.0.15:53111 CLOSE_WAIT 23776/zabbix_agentd 10.128.0.15 - IP of Zabbix server 10.120.0.3 - IP of Zabbix host Update 2. Those TIME_WAIT connections are from web server nginx. Update 3. I attached to the Zabbix agent process with strace and it appeared that 100% is used by agents on the read syscall: strace -C -f -p 23776 Process 23776 detached % time seconds usecs/call calls errors syscall ------ ----------- ----------- --------- --------- ---------------- 100.00 2.175528 2515 865 read ------ ----------- ----------- --------- --------- ---------------- 100.00 2.175528 865 total Update 4. Just to get all things clear... I tried to work with the TIME_WAIT connections state. For example, I tried decreasing net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait and net.netfilter.nf_conntrack_tcp_timeout_time_wait and see if it helps. Unfortunately, it did not help. Conclusion The Zabbix agent CPU load issue appeared to be bound with the network connections number. If we attach to the zabbix_agentd process using strace, we will see how CPU cycles are used (1-st column - CPU time spent running in the kernel): % time seconds usecs/call calls errors syscall ------ ----------- ----------- --------- --------- ---------------- 100.00 15.252232 8646 1764 read 0.00 0.000000 0 3 write 0.00 0.000000 0 1 open ... ------ ----------- ----------- --------- --------- ---------------- 100.00 15.252232 1778 total Here most of the CPU time is used on the read system calls. Further investigation showed that these read calls (2 of them are shown below) are continious attempts to read the /proc/net/tcp file. The latter contains network statistic such as TCP and UDP connections, sockets, etc. In average the file contains 70000-150000 entries. 8048 0.000068 open("/proc/net/tcp", O_RDONLY) = 7 <0.000066> 8048 0.000117 fstat(7, {st_dev=makedev(0, 3), st_ino=4026531993, st_mode=S_IFREG|0444, st_nlink=1, st_uid=0, st_gid=0, st_blksize=1024, st_blocks=0, st_size=0, st_atime=2013/04/01-09:33:57, st_mtime=2013/04/01-09:33:57, st_ctime=2013/04/01-09:33:57}) = 0 <0.000012> 8048 0.000093 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f30a0d38000 <0.000033> 8048 0.000087 read(7, " sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode "..., 1024) = 1024 <0.000091> 8048 0.000170 read(7, " \n 6: 0300810A:0050 9275CE75:E67D 03 00000000:00000000 01:00000047 0000000"..., 1024) = 1024 <0.000063>

nginx regex characters that require quoting? Posted: 26 Apr 2022 08:06 PM PDT So I was configuring nginx today and I hit a weird problem. I was trying to match a location like this: location ~ ^/([0-9]+)/(.*) { # do proxy redirects } ...for URLs like "http://my.domain.com/0001/index.html". This rule was never matching, despite the fact that it by all rights should. It took me awhile to figure out, based on this documentation, that some characters in regexes need to be quoted. The problem is, the documentation is for rewrites, and it specifically calls out curly braces, not square brackets. After a fair bit of experimentation that involved a lot of swearing, I discovered that I could fix the problem by quoting the regex like so: location ~ "^/([0-9]+)/(.*)" { # do proxy redirects } Is there a list somewhere of characters that nginx requires quoting regexes with? Or could there be something else going on here that I'm totally missing? This is my first nginx configuration job, so it's very possible I've misunderstood something...

blank email bodies on exchange 2010 / outlook 2010 Posted: 26 Apr 2022 11:06 PM PDT We are experiencing random blank email bodies on email sent between internal users on Exchange 2010 sp1 rollup pack 3 and clients using outlook 2010 sp 1 on windows 7 with latest patches. The same email sent to different users is correctly received by everyone but one single user (it happens randomly on different users). In outlook the user can see headers (Sender, Receiver, subject, date, etc) but the body is completely blank. We already tried with no luck: disabling antivirus. setting outlook email compose setting to rtf. deleting and recreating profiles and also disable cached mode on profiles. Any suggestion would be welcome.

You are subscribed to email updates from Recent Questions - Server Fault. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States