| Multiple Cron processes listed in Tasks State after an OOM killer run in EC2 Posted: 28 Jun 2022 04:30 AM PDT An EC2 instance running Ubuntu 22.04 crashed during the night. When looking into the syslogs I found that there were multiple out of memory errors listed - normally the instance is running at 25% under low load, to 50% memory usage under high load so I was surprised that it crashed due to low memory - I didn't find anything else during the time of the incident int he logs. This is an example of the syslog Jun 27 21:56:42 kernel: [673114.882825] Out of memory: Killed process 1580007 (python3) total-vm:199460kB, anon-rss:35200kB, file-rss:1888kB, shmem-rss:0kB, UID:1000 pgtables:304kB oom_score_adj:0 Jun 27 21:56:42 kernel: [673114.912438] oom_reaper: reaped process 1580007 (python3), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB Jun 27 21:56:42 kernel: [673115.026800] systemd-journald[174]: /dev/kmsg buffer overrun, some messages lost. Jun 27 21:57:32 kernel: [673165.581141] systemd invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 Jun 27 21:57:32 kernel: [673165.581151] CPU: 1 PID: 1 Comm: systemd Not tainted 5.11.0-1027-aws #30-Ubuntu Jun 27 21:57:32 kernel: [673165.581154] Hardware name: Xen HVM domU, BIOS 4.2.amazon 08/24/2006 Jun 27 21:57:32 kernel: [673165.581156] Call Trace: Jun 27 21:57:32 kernel: [673165.581160] show_stack+0x52/0x58 Jun 27 21:57:32 kernel: [673165.581168] dump_stack+0x70/0x8b Jun 27 21:57:32 kernel: [673165.581172] dump_header+0x4f/0x1f6 Jun 27 21:57:32 kernel: [673165.581176] oom_kill_process.cold+0xb/0x10 Jun 27 21:57:32 kernel: [673165.581179] out_of_memory.part.0+0xcc/0x280 Jun 27 21:57:32 kernel: [673165.581185] out_of_memory+0x41/0x80 Jun 27 21:57:32 kernel: [673165.581187] __alloc_pages_slowpath.constprop.0+0x95a/0xa20 Jun 27 21:57:32 kernel: [673165.581193] __alloc_pages_nodemask+0x2e0/0x310 Jun 27 21:57:32 kernel: [673165.581196] alloc_pages_current+0x87/0x110 Jun 27 21:57:32 kernel: [673165.581201] pagecache_get_page+0x18a/0x3b0 Jun 27 21:57:32 kernel: [673165.581205] filemap_fault+0x589/0x840 Jun 27 21:57:32 kernel: [673165.581207] ? xas_find+0x17a/0x1d0 Jun 27 21:57:32 kernel: [673165.581212] ? filemap_map_pages+0x215/0x3f0 Jun 27 21:57:32 kernel: [673165.581215] ext4_filemap_fault+0x32/0x50 Jun 27 21:57:32 kernel: [673165.581219] __do_fault+0x3c/0xe0 Jun 27 21:57:32 kernel: [673165.581223] do_fault+0xc4/0x1f0 Jun 27 21:57:32 kernel: [673165.581226] handle_pte_fault+0x1e5/0x260 Jun 27 21:57:32 kernel: [673165.581228] __handle_mm_fault+0x59a/0x7c0 Jun 27 21:57:32 kernel: [673165.581233] handle_mm_fault+0xd7/0x2b0 Jun 27 21:57:32 kernel: [673165.581236] do_user_addr_fault+0x1a0/0x450 Jun 27 21:57:32 kernel: [673165.581241] exc_page_fault+0x69/0x150 Jun 27 21:57:32 kernel: [673165.581246] ? asm_exc_page_fault+0x8/0x30 Jun 27 21:57:32 kernel: [673165.581249] asm_exc_page_fault+0x1e/0x30 Jun 27 21:57:32 kernel: [673165.581251] RIP: 0033:0x55e0930dcb50 Jun 27 21:57:32 kernel: [673165.581259] Code: Unable to access opcode bytes at RIP 0x55e0930dcb26. Jun 27 21:57:32 kernel: [673165.581261] RSP: 002b:00007fffc43d24b8 EFLAGS: 00010202 Jun 27 21:57:32 kernel: [673165.581263] RAX: 000055e09320b420 RBX: 00007eff693d2c20 RCX: 000055e093461cb0 Jun 27 21:57:32 kernel: [673165.581265] RDX: 0000000000001cb0 RSI: 000055e0931b8949 RDI: 000055e0933f29c0 Jun 27 21:57:32 kernel: [673165.581267] RBP: 00000000000001cb R08: bb4fefbd7a5fd0a0 R09: 26fa61bd63d99de3 Jun 27 21:57:32 kernel: [673165.581268] R10: a20216aaa3f96a7e R11: 00007eff693d3f60 R12: 0000000000000000 Jun 27 21:57:32 kernel: [673165.581270] R13: 000055e093264b10 R14: 0000000000003c30 R15: 000055e093461cb0 Jun 27 21:57:32 kernel: [673165.581273] Mem-Info: Jun 27 21:57:32 kernel: [673165.581275] active_anon:2661 inactive_anon:782961 isolated_anon:0 Jun 27 21:57:32 kernel: [673165.581275] active_file:7 inactive_file:69 isolated_file:2 Jun 27 21:57:32 kernel: [673165.581275] unevictable:6031 dirty:0 writeback:0 Jun 27 21:57:32 kernel: [673165.581275] slab_reclaimable:7704 slab_unreclaimable:97465 Jun 27 21:57:32 kernel: [673165.581275] mapped:5118 shmem:3206 pagetables:43591 bounce:0 Jun 27 21:57:32 kernel: [673165.581275] free:20750 free_pcp:420 free_cma:0 Jun 27 21:57:32 kernel: [673165.581281] Node 0 active_anon:10644kB inactive_anon:3131844kB active_file:28kB inactive_file:276kB unevictable:24124kB isolated(anon):0kB isolated(file):8kB mapped:20472kB dirty:0kB writeback:0kB shmem:12824kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:69840kB pagetables:174364kB all_unreclaimable? yes Jun 27 21:57:32 kernel: [673165.581285] Node 0 DMA free:15392kB min:268kB low:332kB high:396kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15988kB managed:15904kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB Jun 27 21:57:32 kernel: [673165.581290] lowmem_reserve[]: 0 3713 3895 3895 3895 Jun 27 21:57:32 kernel: [673165.581295] Node 0 DMA32 free:64612kB min:64168kB low:80208kB high:96248kB reserved_highatomic:0KB active_anon:9648kB inactive_anon:3046736kB active_file:476kB inactive_file:624kB unevictable:52kB writepending:0kB present:3915776kB managed:3815760kB mlocked:52kB bounce:0kB free_pcp:1680kB local_pcp:1184kB free_cma:0kB Jun 27 21:57:32 kernel: [673165.581300] lowmem_reserve[]: 0 0 182 182 182 Jun 27 21:57:32 kernel: [673165.581304] Node 0 Normal free:2996kB min:3144kB low:3928kB high:4712kB reserved_highatomic:0KB active_anon:996kB inactive_anon:85108kB active_file:164kB inactive_file:32kB unevictable:24072kB writepending:0kB present:262144kB managed:186484kB mlocked:19536kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB Jun 27 21:57:32 kernel: [673165.581309] lowmem_reserve[]: 0 0 0 0 0 Jun 27 21:57:32 kernel: [673165.581313] Node 0 DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15392kB Jun 27 21:57:32 kernel: [673165.581328] Node 0 DMA32: 1371*4kB (UME) 4546*8kB (UME) 667*16kB (UME) 224*32kB (UME) 58*64kB (UME) 16*128kB (UME) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 65452kB Jun 27 21:57:32 kernel: [673165.581342] Node 0 Normal: 220*4kB (UME) 262*8kB (UME) 10*16kB (UM) 2*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 3200kB Jun 27 21:57:32 kernel: [673165.581356] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Jun 27 21:57:32 kernel: [673165.581358] 6741 total pagecache pages Jun 27 21:57:32 kernel: [673165.581359] 0 pages in swap cache Jun 27 21:57:32 kernel: [673165.581360] Swap cache stats: add 0, delete 0, find 0/0 Jun 27 21:57:32 kernel: [673165.581362] Free swap = 0kB Jun 27 21:57:32 kernel: [673165.581362] Total swap = 0kB Jun 27 21:57:32 kernel: [673165.581364] 1048477 pages RAM Jun 27 21:57:32 kernel: [673165.581365] 0 pages HighMem/MovableOnly
The next section about the Tasks State was Jun 27 21:56:41 kernel: [673114.840338] Tasks state (memory values in pages): Jun 27 21:56:41 kernel: [673114.840339] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name Jun 27 21:56:41 kernel: [673114.840356] [ 174] 0 174 57833 1038 466944 0 -250 systemd-journal Jun 27 21:56:41 kernel: [673114.840360] [ 208] 0 208 5023 904 61440 0 -1000 systemd-udevd Jun 27 21:56:41 kernel: [673114.840364] [ 304] 0 304 70285 4799 98304 0 -1000 multipathd Jun 27 21:56:41 kernel: [673114.840368] [ 464] 100 464 4036 740 65536 0 0 systemd-network Jun 27 21:56:41 kernel: [673114.840371] [ 500] 0 500 60013 659 102400 0 0 accounts-daemon Jun 27 21:56:41 kernel: [673114.840374] [ 502] 0 502 2213 581 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.840376] [ 506] 103 506 2182 758 53248 0 -900 dbus-daemon Jun 27 21:56:41 kernel: [673114.840378] [ 512] 0 512 20712 807 61440 0 0 irqbalance Jun 27 21:56:41 kernel: [673114.840380] [ 532] 0 532 3476 760 65536 0 0 systemd-logind Jun 27 21:56:41 kernel: [673114.840383] [ 534] 0 534 98414 992 131072 0 0 udisksd Jun 27 21:56:41 kernel: [673114.840385] [ 548] 0 548 1879 468 53248 0 0 agetty Jun 27 21:56:41 kernel: [673114.840387] [ 553] 0 553 1498 410 49152 0 0 agetty Jun 27 21:56:41 kernel: [673114.840390] [ 600] 0 600 16735 394 102400 0 0 nginx Jun 27 21:56:41 kernel: [673114.840392] [ 601] 33 601 16988 1022 110592 0 0 nginx Jun 27 21:56:41 kernel: [673114.840394] [ 602] 33 602 16903 637 110592 0 0 nginx Jun 27 21:56:41 kernel: [673114.840397] [ 604] 0 604 58747 691 90112 0 0 polkitd Jun 27 21:56:41 kernel: [673114.840399] [ 699] 0 699 3324 825 65536 0 -1000 sshd Jun 27 21:56:41 kernel: [673114.840402] [ 98480] 1000 98480 3817 797 69632 0 0 systemd Jun 27 21:56:41 kernel: [673114.840404] [ 98481] 1000 98481 25760 1133 86016 0 0 (sd-pam) Jun 27 21:56:41 kernel: [673114.840409] [ 246897] 0 246897 74453 1017 155648 0 0 packagekitd Jun 27 21:56:41 kernel: [673114.840412] [ 334932] 113 334932 55194 3961 163840 0 -900 postgres Jun 27 21:56:41 kernel: [673114.840415] [1382582] 0 1382582 3685 1089 69632 0 0 sshd Jun 27 21:56:41 kernel: [673114.840418] [1382696] 1000 1382696 3686 678 69632 0 0 sshd Jun 27 21:56:41 kernel: [673114.840420] [1382697] 1000 1382697 2656 1007 49152 0 0 bash Jun 27 21:56:41 kernel: [673114.840423] [1397098] 0 1397098 3716 1095 65536 0 0 sshd Jun 27 21:56:41 kernel: [673114.840425] [1397195] 1000 1397195 3750 637 65536 0 0 sshd Jun 27 21:56:41 kernel: [673114.840428] [1572150] 0 1572150 3047 579 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.840430] [1572151] 0 1572151 3047 677 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.840433] [1572152] 0 1572152 3047 584 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.840435] [1572155] 0 1572155 3047 644 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843849] [1575948] 0 1575948 3047 563 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843851] [1575949] 0 1575949 3047 571 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843853] [1575950] 0 1575950 3047 572 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843856] [1575951] 0 1575951 3047 560 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843858] [1575952] 0 1575952 3047 539 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843860] [1575953] 0 1575953 3047 590 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843862] [1575954] 0 1575954 3047 510 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843865] [1575955] 0 1575955 3047 623 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843868] [1575956] 0 1575956 3047 506 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843870] [1575957] 0 1575957 3047 495 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843872] [1575958] 0 1575958 3047 524 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843875] [1575959] 0 1575959 3047 502 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843877] [1575960] 0 1575960 3047 650 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843879] [1575961] 0 1575961 3047 493 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843881] [1575962] 0 1575962 3047 491 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843884] [1575963] 0 1575963 3047 598 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843886] [1575964] 0 1575964 3047 641 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843889] [1575965] 0 1575965 3047 593 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843891] [1575966] 0 1575966 3047 502 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843893] [1575967] 0 1575967 3047 569 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843896] [1575968] 0 1575968 3047 574 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843898] [1575969] 0 1575969 3047 548 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843900] [1575970] 0 1575970 3047 572 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843903] [1575971] 0 1575971 3047 656 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843905] [1575972] 0 1575972 3047 574 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843907] [1575973] 0 1575973 3047 500 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843910] [1575974] 0 1575974 3047 492 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843912] [1575975] 0 1575975 3047 617 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843915] [1575976] 0 1575976 3047 551 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843917] [1575979] 0 1575979 3047 648 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843919] [1575980] 0 1575980 3047 572 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843921] [1575983] 0 1575983 3047 588 49152 0 0 cron Jun 27 21:56:41 kernel: [673114.843924] [1575985] 0 1575985 3047 564 49152 0 0 cron
And a lot of more pages of only cron processes were listed in this section each with a different tpig. The cronjob tasks i'm running are fairly light on threads 1 - 10 threads depending on the task. All tasks join the threads before terminating, and I never had an issue before with non terminating tasks. The OOM reaper run a few more times and then the instance became unreachable. What is the tasks state section mean? Why is cron listed so many times in the tasks state? Any ideas on what could cause such a spike in memory usage as to crash the instance? For reference there is a cron job running every 5s using sleep n*5; python script. Running ps -aux shows only a small number (depending on the time) of tasks scheduled by cron, and only two entries where cron is shown in the command section |
| Is it possible to create a ncat loop? Posted: 28 Jun 2022 04:26 AM PDT If you had two computers, wanting to control one from another using only ncat, without using telnet, ssh or other networking tools and only two shells, how could i go about that? I have successfully done so with three shells: cat | ncat 192.168.0.11ncat -l | bash | ncat 192.168.0.16ncat -l Would it be possible to have one shell, where the input from one ncat would get displayed on the screen and the input in the shell would get piped into the other ncat? So far I have run into the following problems: - Before a ncat can start sending data, another ncat has to be listening for it, so I need a way to force a ncat to send data anyways.
- If I did something like
ncat -l | cat | ncat 192.168.0.11, the data would just get looped right back into the sending ncat (which I don't want), and wouldn't get displayed on the screen (which I want) and the input from the keyboard would just get ignored (which I also don't want). Maybe the first two problems could be solved by somehow redirecting the received data to stderr, but how would I capture KB input? It doesn't matter in which shell such a manouver would be possible, just that it works (fish, bash, zsh, anything is fine). This is not a serious scenario, I am just curious. |
| download .ovpn file from pfsense from terminal Posted: 28 Jun 2022 04:08 AM PDT i found this here link but problem here is that download is only for .key and .crt file. Have anyone idea how to download ovpn file, cause i need to download whole bundle. Or how to download bundle configuration from OpenVPN/Client Export Utility BACKUPDIR="where the cert will go" USERNAME="pfsense user" PASSWORD="pfsense password" PORT="pfsense port" SITE="pfsense ip or address" wget -qO- --keep-session-cookies --save-cookies /tmp/pfsense_cookies.txt \ --no-check-certificate https://$SITE/system_certmanager.php \ | grep "name='__csrf_magic'" | sed 's/.*value="\(.*\)".*/\1/' > /tmp/pfsense_csrf.txt wget -qO- --keep-session-cookies --load-cookies /tmp/pfsense_cookies.txt \ --save-cookies /tmp/pfsense_cookies.txt --no-check-certificate \ --post-data "login=Login&usernamefld="$USERNAME"&passwordfld="$PASSWORD"&__csrf_magic=$(cat /tmp/pfsense_csrf.txt)" \ https://$SITE/system_certmanager.php | grep "name='__csrf_magic'" \ | sed 's/.*value="\(.*\)".*/\1/' > /tmp/pfsense_csrf2.txt if [ -e /tmp/pfsense_cookies.txt ]; then FILENAME="$BACKUPDIR/certname.crt" wget --keep-session-cookies --load-cookies /tmp/pfsense_cookies.txt --no-check-certificate \ --post-data "act=exp&id=1&__csrf_magic=$(head -n 1 /tmp/pfsense_csrf2.txt)" \ https://$SITE/system_certmanager.php -O $FILENAME FILENAME2="$BACKUPDIR/certname.key" wget --keep-session-cookies --load-cookies /tmp/pfsense_cookies.txt --no-check-certificate \ --post-data "act=key&id=1&__csrf_magic=$(head -n 1 /tmp/pfsense_csrf2.txt)" \ https://$SITE/system_certmanager.php -O $FILENAME2 #rm -f /tmp/pfsense_cookies.txt #rm -f /tmp/pfsense_csrf.txt #rm -f /tmp/pfsense_csrf2.txt else echo "Failed to retrieve cert from $SITE" fi done
|
| How can I disable the laptop keyboard in tty and then after a time turn it on again? Posted: 28 Jun 2022 04:24 AM PDT I have a kind of old ASUS Eee 1000HE PC and I replaced Windows 7 with Debian 32 Bit (PC is 32 bit). And now I use it a lot because I always wanted Linux on a laptop But I have one problem, some of the laptop's built-in keyboard don't work. I already know more or less how to fix it, but until then I'll use an external keyboard. Only my question is, how do I turn off the built-in keyboard and then when the keyboard is fixed, turn it on? I don't use any X sessions, I just use TTY. I searched the Internet, but it only shows me, X sessions, not TTY |
| Nginx reverse stream proxy for subdomains "curl: (52) Empty reply from server" Posted: 28 Jun 2022 02:59 AM PDT I'm trying to setup a reverse proxy to redirect tcp from subdomain.example.com to localhost:3000 using Nginx's ssl_preread_server_name module. The host test.localhost is defined for testing purposes in /etc/hosts/. My /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } stream { map $ssl_preread_server_name $name { test.localhost test; } upstream test { server localhost:3000; } server { listen 2600; proxy_pass $name; #proxy_protocol on; ssl_preread on; } }
When i try the webapp directly with curl: $ curl localhost:3000 Hello World!
But when i try the proxy: $ curl -vvv test.localhost:2600 * Trying 127.0.0.1:2600... * Connected to test.localhost (127.0.0.1) port 2600 (#0) > GET / HTTP/1.1 > Host: test.localhost:2600 > User-Agent: curl/7.74.0 > Accept: */* > * Empty reply from server * Connection #0 to host test.localhost left intact curl: (52) Empty reply from server
Changing it to proxy_pass test; would work, but i want multiple sub domains to stream tcp to different local ports. |
| What happens when you name a folder as ".."? Posted: 28 Jun 2022 02:50 AM PDT Instead of moving a folder to parent directory, I renamed it as ".." using mv folder_name ... Do you have any solution to recover the folder or is it just deleted? (macos 12.4) |
| Upgrade matrix synapse postgresql database from 9.6 to 11 Posted: 28 Jun 2022 03:27 AM PDT I have a VM on my server where I host a Matrix synapse homeserver. Now I need to update postgresql, because version 9.6 is EOL. The database in /var/lib/postgresql/9.6/main already has 56 GByte. I dumped the database in sql files with this script: #!/bin/bash DB=synapse U=irc-bridge # directory to dump files without trailing slash: DIR=/home/synapse/postgres-backup mkdir -p $DIR TABLES="$(psql -q -d $DB -U $U -t -c "SELECT table_name FROM information_schema.tables WHERE table_type='BASE TABLE' ORDER BY table_name")" w=$(echo $TABLES|wc -w) echo $w tables i=0 for table in $TABLES; do i=$((i + 1)) echo "$i/$w: backup $table ..." pg_dump -U $U -t $table $DB | gzip > $DIR/$table.sql.gz; done;
I get about 9 GByte of zipped Files. What would be the easyest path to upgrade the Postgres cluster up from 9.6? |
| Route origin: ``RTPROT_BOOT`` vs. ``RTPROT_STATIC`` Posted: 28 Jun 2022 01:40 AM PDT Setting up routes I need to supply a value for .rtm_protocol: struct rtmsg { … unsigned char rtm_protocol; /* Routing protocol; see below */ … };
According to rtnetlink(7) the meanings of the possible values are: rtm_protocol Route origin ----------------------------------------------------------- RTPROT_UNSPEC unknown RTPROT_REDIRECT by an ICMP redirect (currently unused) RTPROT_KERNEL by the kernel RTPROT_BOOT during boot RTPROT_STATIC by the administrator
The description sounds like the field is purely informational and doesn't actually have a function in the kernel. However, I need to supply some value and would like to make the correct choice. ip-route(8) defaults to RTPROT_BOOT unless the user specifies a different value explicitly.
* 10:32:03 root@machine ~ # ip r a 1.2.3.4/32 dev eth0 * 10:32:29 root@machine ~ # ip r default via 172.16.42.42 dev eth0 1.2.3.4 dev eth0 scope link
However, since I'll be adding and removing routes dynamically and not during boot it would seem that RTPROT_STATIC would be the more appropriate choice for my use case. If you allow the pun, what's the correct protocol here? Can I expect routes to be treated equally regardless of the value of .rtm_protocol? |
| Can SELinux limit the scope of a binary which has capabilities set? Posted: 28 Jun 2022 01:23 AM PDT I would like to give my application (running unprivileged) a set of capabilities which allows it to: - chown/delete some files not owned by it
- set quota for users
but limit the scope of its "powers". During my tests I saw that I can use CAP_CHOWN for the first point and, for the second, it seems that using CAP_SYS_RESOURCE is not enough, only CAP_SYS_ADMIN does the job, which is a bit too much. Considering the above, is it possible to use SELinux to reduce the scope of what and where the application is able to change? Thank you! |
| How to search for a String/Word in Ansible.results Posted: 28 Jun 2022 04:37 AM PDT I wrote a a task which just print if restart required. I have this yum output and i need to extract the word "Complete | or_some_other_word" and this task will only run if aforementioned words exists. TASK [deploying_security_updates : Installed Packages] ************************************************************************************************************************************************************************************** ok: [192.168.8.26] => { "yum_update": { "changed": true, "changes": { "installed": [], "updated": [ [ "xz", "5.2.2-2.el7_9.x86_64 from rhel-remote" ], [ "xz-libs", "5.2.2-2.el7_9.x86_64 from rhel-remote" ] ] }, "failed": false, "msg": "", "rc": 0, "results": [ "Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-\n : manager\nThis system is not registered with an entitlement server. You can use subscription-manager to register.\n --> device-mapper-persistent-data-0.7.3-3.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> 7:device-mapper-event-1.02.170-6.el7_9.5.x86_64 from rhel-remote removed (updateinfo)\n --> libgnomekbd-3.26.0-3.el7.x86_64 from rhel-remote removed (updateinfo)\n --> cryptsetup-python-2.0.3-3.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> PackageKit-gstreamer-plugin-1.1.10-2.el7.x86_64 from rhel-remote removed (updateinfo)\n --> libstoragemgmt-1.6.2-4.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> PackageKit-gtk3-module-1.1.10-2.el7.x86_64 from rhel-remote removed (updateinfo)\n --> 7:device-mapper-event-1.02.149-8.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> setroubleshoot-plugins-3.0.67-3.el7.noarch from @anaconda/7.6 removed (updateinfo)\n --> libdrm-2.4.91-3.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> mesa-dri-drivers-18.3.4-12.el7_9.x86_64 from rhel-remote removed (updateinfo)\n --> subscription-manager-plugin-container-1.24.51-1.el7_9.x86_64 from rhel-remote removed (updateinfo)\n --> firewalld-0.6.3-13.el7_9.noarch from rhel-remote removed (updateinfo)\n --> gdb-7.6.1-114.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> grubby-8.28-26.el7.x86_64 from rhel-remote removed (updateinfo)\n --> hostname-3.13-3.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> 32:bind-libs-lite-9.11.4-26.P2.el7_9.9.x86_64 from rhel-remote removed (updateinfo)\n --> abrt-dbus-2.1.11-52.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> unzip-6.0-21.el7.x86_64 from @rhel-remote removed (updateinfo)\n --> realmd-0.16.1-12.el7_9.1.x86_64 from rhel-remote removed (updateinfo)\n --> 2:shadow-utils-4.1.5.1-25.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> libreport-2.1.11-53.el7.x86_64 from rhel-remote removed (updateinfo)\n --> 1:grub2-tools-minimal-2.02-0.87.el7_9.6.x86_64 from @rhel-remote removed (updateinfo)\n --> 1:grub2-pc-modules-2.02-0.87.el7_9.6.noarch from @rhel-remote removed (updateinfo)\n --> 1:make-3.82-23.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> anaconda-gui-21.48.22.147-1.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> 2:gedit-3.28.1-1.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> iptables-1.4.21-35.el7.x86_64 from rhel-remote removed (updateinfo)\n --> gnome-shell-extension-window-list-3.28.1-14.el7.noarch from @rhel-remote removed (updateinfo)\n --> plymouth-0.8.9-0.31.20140113.el7.x86_64 from @anaconda/7.6 re\n --> gnome-settings-daemon-3.28.1-11.el7_9.x86_64 from rhel-remote removed (updateinfo)\n --> 10:qemu-kvm-1.5.3-175.el7_9.6.x86_64 from rhel-remote removed (updateinfo)\n --> libcap-2.22-9.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> libvirt-daemon-driver-nodedev-4.5.0-36.el7_9.3.x86_64 from @rhel-remote removed (updateinfo)\n --> libblockdev-swap-2.18-3.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> tzdata-2018e-3.el7.noarch from @anaconda/7.6 removed (updateinfo)\n --> langtable-0.0.31-4.el7.noarch from rhel-remote removed (updateinfo)\n --> librdmacm-22.4-6.el7_9.x86_64 from rhel-remote removed (updateinfo)\n --> libreport-plugin-reportuploader-2.1.11-53.el7.x86_64 from rhel-remote removed (updateinfo)\n --> mesa-libglapi-18.3.4-12.el7_9.x86_64 from rhel-remote removed (updateinfo)\n --> sos-3.6-9.el7.noarch from @anaconda/7.6 removed (updateinfo)\n --> anaconda-tui-21.48.22.159-1.el7.x86_64 from rhel-remote removed (updateinfo)\n --> 3:irqbalance-1.0.7-12.el7.x86_64 from rhel-remote removed (updateinfo)\n --> libreport-plugin-ureport-2.1.11-53.el7.x86_64 from rhel-remote removed (updateinfo)\n --> systemd-219-78.el7_9.5.x86_64 from rhel-remote removed (updateinfo)\n --> python2-blockdev-2.18-5.el7.x86_64 from rhel-remote removed (updateinfo)\n --> pulseaudio-module-bluetooth-10.0-5.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> ipset-libs-6.38-2.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> lshw-B.02.18-17.el7.x86_64 from rhel-remote removed (updateinfo)\n --> libblockdev-crypto-2.18-5.el7.x86_64 from rhel-remote removed (updateinfo)\n --> libffi-3.0.13-19.el7.x86_64 from rhel-remote removed (updateinfo)\n2 package(s) needed (+0 related) for security, out of 401 available\nResolving Dependencies\n--> Running transaction check\n---> Package xz.x86_64 0:5.2.2-1.el7 will be updated\n---> Package xz.x86_64 0:5.2.2-2.el7_9 will be an update\n---> Package xz-libs.x86_64 0:5.2.2-1.el7 will be updated\n---> Package xz-libs.x86_64 0:5.2.2-2.el7_9 will be an update\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nUpdating:\n xz x86_64 5.2.2-2.el7_9 rhel-remote 229 k\n xz-libs x86_64 5.2.2-2.el7_9 rhel-remote 103 k\n\nTransaction Summary\n================================================================================\nUpgrade 2 Packages\n\nTotal download size: 332 k\nDownloading packages:\nNo Presto metadata available for rhel-remote\n--------------------------------------------------------------------------------\nTotal 1.3 MB/s | 332 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Updating : xz-libs-5.2.2-2.el7_9.x86_64 1/4 \n Updating : xz-5.2.2-2.el7_9.x86_64 2/4 \n Cleanup : xz-5.2.2-1.el7.x86_64 3/4 \n Cleanup : xz-libs-5.2.2-1.el7.x86_64 4/4 \n Verifying : xz-libs-5.2.2-2.el7_9.x86_64 1/4 \n Verifying : xz-5.2.2-2.el7_9.x86_64 2/4 \n Verifying : xz-libs-5.2.2-1.el7.x86_64 3/4 \n Verifying : xz-5.2.2-1.el7.x86_64 4/4 \n\nUpdated:\n xz.x86_64 0:5.2.2-2.el7_9 xz-libs.x86_64 0:5.2.2-2.el7_9 \n\nComplete!\n" ] } }
|
| What would happen if /var is made Read-Only with an embedded system that always runs the same program? Posted: 28 Jun 2022 01:12 AM PDT I had some troubles and questions in regards of making a system Read-Only. My main objective is to start the system with a service that will run redis-server and some .py files (I don't think it's trivial but a DL vision model) that will run until the machine is plugged off. And restart this process everytime it's plugged in (that's why I want robustness against system corruption, constant powerloss). It might need to run some pulls of code in a different partition, an external micro-SD card, which will be RW. The options of using OverlayFS seems like is not available in my system: cat /proc/filesystems nodev sysfs nodev rootfs nodev ramfs nodev bdev nodev proc nodev cpuset nodev cgroup nodev cgroup2 nodev tmpfs nodev devtmpfs nodev configfs nodev debugfs nodev sockfs nodev pipefs nodev hugetlbfs nodev rpc_pipefs nodev devpts ext3 ext4 ext2 squashfs vfat nodev nfs nodev nfs4 nodev jffs2 nodev autofs nodev 9p nodev pstore nodev mqueue nodev ubifs
If I make / as RO, I don't encounter errors now, but I am wondering about future problems with /var (Linux definition of /var). This answer regarding /var is a bit contradictory. But by definition, the system might need to write at some point for the resources a process needs (or logs, but let's say I won't need logs). I also saw that it is possible to make /var mounted as tmpfs, but I also read that it would be useless against corruption if all / is RO, /var is tmpfs, and they are in the same FS/disk. I also checked and my system lacks any Initramfs folders/files, so I guess that won't work too? The following commands are how the system was installed by default (Debian, Mendel): lsblk -l NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT mmcblk0 179:0 0 7,3G 0 disk mmcblk0p1 179:1 0 128M 0 part /boot mmcblk0p2 179:2 0 1M 0 part mmcblk0p3 179:3 0 2G 0 part /home mmcblk0p4 179:4 0 5,1G 0 part / mmcblk0boot0 179:32 0 4M 1 disk mmcblk0boot1 179:64 0 4M 1 disk mmcblk0rpmb 179:96 0 512K 0 disk mmcblk1 179:128 0 28,8G 0 disk df -h S.ficheros Tamaño Usados Disp Uso% Montado en /dev/root 5,0G 2,1G 2,7G 44% / devtmpfs 333M 0 333M 0% /dev tmpfs 493M 0 493M 0% /dev/shm tmpfs 493M 26M 468M 6% /run tmpfs 5,0M 4,0K 5,0M 1% /run/lock tmpfs 493M 0 493M 0% /sys/fs/cgroup /dev/mmcblk0p1 124M 30M 88M 26% /boot /dev/mmcblk0p3 2,0G 1,7G 106M 95% /home tmpfs 99M 4,6M 94M 5% /run/user/1000 cat /etc/fstab /dev/mmcblk0p4 / ext4 noatime,defaults 0 1 /dev/mmcblk0p1 /boot ext2 noatime,defaults 0 2 /dev/mmcblk0p3 /home ext4 noatime,nosuid,nodev,defaults 0 3
The official Debian ReadOnlyRoot does not mention anything regarding /var, just that it can be done via Aufs (aufsrootreadonly) (although in Ubuntu). So: What will happen if I make everything under / as RO (specially with something like /var which in my understanding, the system might need to write at some point). What solution can I bring into this? All my research summarised points to using OverlayFS. But according to cat /proc/filesystems, it can't be done? Something similar to this would be useful but it's using AUFS: You have to mount some directories in rw, like /var, /etc and maybe /home. This could by done using aufs or unionfs. I like this another way, using /dev/shm and mount --bind: cp -a /var /dev/shm/ mount --bind /dev/shm/var /var
EDIT: AUFS compatibility with my kernel seems unsupported. uname -r 4.14.98-imx
|
| How to delete lines whose first field contains special characters only? Posted: 28 Jun 2022 02:13 AM PDT How to delete lines which contains a / or ' or - or . only in their first |-separated field? - code tried:
sed 's/^\.\d; /^\-/d; /^\//d' file > file_out
- example input :
/|98374| /trust|q83129| //|392720| //cust|23892| .|9374| .abcd|28374| '|238674| 'hcsu|3810| -|327492| -abcde|9837|
- expected output:
.abcd|28374| /trust|q83129| //cust|23892| 'hcsu|3810| -abcde|9837|
|
| In the vs code the number six turn into tab and the number five turn into backspace Posted: 28 Jun 2022 01:29 AM PDT Only when I'm in vs code, number 6 becomes tab and number 5 becomes backspace. Video showing I'm using termux emulated Ubuntu on Android 11. root@localhost:~# cat /etc/os-release NAME="Ubuntu" VERSION="20.04 LTS (Focal Fossa)" ID=ubuntu ID_LIKE=debian PRETTY_NAME="Ubuntu 20.04 LTS" VERSION_ID="20.04" HOME_URL="https://www.ubuntu.com/" SUPPORT_URL="https://help.ubuntu.com/" BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/" PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy" VERSION_CODENAME=focal UBUNTU_CODENAME=focal
|
| Sending Zip files through mailx command Posted: 28 Jun 2022 03:23 AM PDT I have a zip file named : zip_final.zip I have to attach this file as a attachment and send the mail. Also, I have to display all the file_names present inside the zip file in the mail body. I have this code : export files_list=`unzip -Zl zip_final.zip` mailx -a ${zip_final.zip} -s "Files list | Zip file" << EOM Hi team, sent zip file. Files inside it are : $files_list Thank you. EOM
But the mail is not sent if I am doing this. Like the mail command is not even getting called/triggered. I am not even getting any error messages too. Can someone suggest how to send that zipfile as an attachment using mailx command and also display all the file names inside the zipfile in the mail body? |
| How can I optimize the transfer of files between two systems and also trim the file Posted: 28 Jun 2022 02:05 AM PDT I have computer 1 logging voltage data to a file volts.json every second. My second computer connects via ssh and grabs that file every 5 minutes. Splunk indexes that file for a dashboard. Is scp efficient in this manner, if so then ok. Next is how to manage the file and keep it small without growing to 2mb lets say? is there a command to roll off the earlier logs and keep the newest? the json looks like this right now: { "measuredatetime": "2022-06-27T18:00:10.915668", "voltage": 207.5, "current_A": 0.0, "power_W": 0.0, "energy_Wh": 2, "frequency_Hz": 60.0, "power_factor": 0.0, "alarm": 0 } { "measuredatetime": "2022-06-27T18:00:11.991936", "voltage": 207.5, "current_A": 0.0, "power_W": 0.0, "energy_Wh": 2, "frequency_Hz": 59.9, "power_factor": 0.0, "alarm": 0 }
|
| Red Hat Linux: default route not persistent Posted: 28 Jun 2022 02:08 AM PDT My default route disappears from the routing table on network restart or system reboot. The contents of /etc/sysconfig/network are: NETWORKING=yes HOSTNAME=server NTPSERVERARGS=iburst GATEWAY=192.1.1.250 GATEWAYDEV=Wired_connection_1
The contents of /etc/sysconfig/network-script/ifcfg-Wired_connection_1 are: TYPE=Ethernet BOOTPROTO=dhcp DEFROUTE=yes GATEWAY0=192.1.1.250 IPV4_FAILURE_FATAL=yes IPV6INIT=no NAME="Wired connection 1" UUID=4aef50a9-b5fe-4b60-abe9-e7de5d4c194e ONBOOT=yes DEVICE=Wired_connection_1 USERCTL=no HWADDR=2C:27:D7:33:6D:9E PEERDNS=yes PEERROUTES=yes
Any suggestions how do I make my default route persistent? |
| Bash function for 'Deep Replace' in file contents, file name, directory name, allowing for whitespace Posted: 28 Jun 2022 04:36 AM PDT On my Ubuntu system, I commonly need to do a 'Deep Replace' in file contents, the file name and directory name. For example when copying source code as a template for another application. I've put together a function in ~/.bashrc which works, but fails if the find or replace string has white space in it. I believe this is due to the sed command not accepting white space in the script as is, and the cd to the path variable also fails where the path includes white space. The arguments are ($1) directory, ($2) find text, ($3) replace text. Is it possible to improve this script so the arguments can all include white space? deepreplace() { if [ -z "$1" ] || [ -z "$2" ] || [ -z "$3" ] then echo "A parameter is missing" else cd $1 vfind=$2 vreplace=$3 # Replace the string in file find . -type f -exec sed -i "s/$vfind/$vreplace/g" {} + # Replace the string in file names, then directories find . -type d -name "*$vfind*" | while read f; do mv $f $(echo $f | sed "s/$vfind/$vreplace/g"); done find . -type f -name "*$vfind*" | while read f; do mv $f $(echo $f | sed "s/$vfind/$vreplace/g"); done fi }
|
| Is there such thing as "administrator root"? Posted: 28 Jun 2022 04:50 AM PDT So leaving details aside last night i stumbled across "administrator root" in a live instance of Zorin. First off, is Administrator Root even a thing? If so, where does it fall into the hierarchy? As i understood it there were three users in linux - root, admin, and user. Picture is attached. 
Thank you. |
| History : For what technical reason(s) GNOME was forced to remove its icons from the desktop by default? Posted: 28 Jun 2022 03:20 AM PDT I'm asking a question about GNOME History. I've red on few websites that GNOME developers where forced to remove the ability to put icons on desktop by default, for some technical reasons that I can't remember or have not understood then. Can you explain me what happened that forced this choice to be made? |
| systemd-coredump - Invalid argument Posted: 28 Jun 2022 01:48 AM PDT I'm trying to force a core dump using systemd-coredump, however, when I check my journal I see the following error: systemd-coredump@7-3897-0.service: Failed at step NETWORK spawning /lib/systemd/systemd-coredump: Invalid argument and coredumpctl reports no cores. My core_pattern is: |/lib/systemd/systemd-coredump %P %u %g %s %t %c %e
/lib/systemd/systemd-coredump does exist and is executable. I have noticed that in the /etc/systemd/coredump.conf, everything is commented out. [Coredump] #Storage=external #Compress=yes #ProcessSizeMax=2G #ExternalSizeMax=2G #JournalSizeMax=767M #MaxUse= #KeepFree=
...which strikes me as odd... Is there a way of "previewing" the arguments from core_pattern having been expanded that are fed into systemd-coredump - that way I could see if there is anything odd going on there... Otherwise, any idea what the problem could be? Edit I've also tried setting the core_pattern to point to a file like bash -c 'echo "/home/root/core.%e.%p" > /proc/sys/kernel/core_pattern'
and ulimit -c unlimited
But that doesn't work either - the core file doesn't get created. |
| Copy content from a file to add into a shell script file Posted: 28 Jun 2022 03:18 AM PDT I want to copy multiple lines from a file to a shell script (i.e. not an "ordinary" file). For example: The shell script should copy and paste automatically the content from another file to a script file. Kindly help me to resolve this |
| Ansible - How to reboot the server based on condition? Posted: 28 Jun 2022 04:12 AM PDT I wrote the playbook to apply the security patches on Linux servers, the only part remaining is to write the task to restart the patched server. Below is the content of the task to apply the patches - name: Deploying Security Packages shell: "yum update --security -y" register: progress when: deploypackages == "y" - name: Installed Packages debug: msg: "{{ progress.stdout_lines | regex_search('complete') }}" #when: progress.changed | regex_search('complete')
I was looking for a filter to look in the output for the word in registered variable, if it is completed and kernel and then reboot the server. Thanks Attempt 1 - Failed For testing purpose I've changed kernel with xz-libs, but it is failing when reaches the when condition. --- - name: Deploying Security Packages #shell: "yum update --security -y" yum: name: '*' state: latest security: yes register: yum_update when: deploypackages == "y" - name: Installed Packages debug: msg: " Packages installed Successfully " when: - yum_update.changed - yum_update.stdout | regex_search('xz-libs', ignorecase=True ) is not none
It gives this error TASK [deploying_security_updates : Deploying Security Packages] ********************** changed: [192.168.8.26] TASK [deploying_security_updates : Installed Packages] ******************************* fatal: [192.168.8.26]: FAILED! => {"msg": "The conditional check 'yum_update.stdout | regex_search('*xz-libs*', ignorecase=True ) is not none' failed. The error was: nothing to repeat\n\nThe error appears to be in '/home/sysadmin/ansible_files/play-security-update/roles/deploying_security_updates/tasks/main.yaml': line 11, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Installed Packages\n ^ here\n"}
Debug - name: Deploying Security Packages yum: name: '*' state: latest security: yes register: yum_update when: deploypackages == "y" - name: Installed Packages debug: #msg: " Packages installed Successfully " msg: " {{ yum_update.stdout | regex_search('xz-libs', ignorecase=True ) }}" #when: # - yum_update.changed # - yum_update.stdout | regex_search('*xz-libs*', ignorecase=True ) is not none Do you want to deploy Packages: y PLAY [To Apply Security Patches on Linux Servers] ******************************************************************************************************************************************************************************************* TASK [Gathering Facts] ********************************************************************************************************************************************************************************************************************** ok: [192.168.8.26] TASK [Condition Failed! Wrong User Input] *************************************************************************************************************************************************************************************************** skipping: [192.168.8.26] TASK [check_for_updates : Looking for Package Updates] ************************************************************************************************************************************************************************************** skipping: [192.168.8.26] TASK [check_for_updates : Printing Available Updates] *************************************************************************************************************************************************************************************** skipping: [192.168.8.26] TASK [deploying_security_updates : Deploying Security Packages] ***************************************************************************************************************************************************************************** changed: [192.168.8.26] TASK [deploying_security_updates : Installed Packages] ************************************************************************************************************************************************************************************** fatal: [192.168.8.26]: FAILED! => {"msg": "Unexpected templating type error occurred on ( {{ yum_update.stdout | regex_search('xz-libs', ignorecase=True ) }}): expected string or buffer"} PLAY RECAP ********************************************************************************************************************************************************************************************************************************** 192.168.8.26 : ok=2 changed=1 unreachable=0 failed=1 skipped=3 rescued=0 ignored=0
Debug Output ok: [192.168.8.26] => { "msg": { "changed": true, "changes": { "installed": [], "updated": [ [ "xz", "5.2.2-2.el7_9.x86_64 from rhel-remote" ], [ "xz-libs", "5.2.2-2.el7_9.x86_64 from rhel-remote" ] ] }, "failed": false, "msg": "", "rc": 0, "results": [ "Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-\n : manager\nThis system is not registered with an entitlement server. You can use subscription-manager to register.\n --> device-mapper-persistent-data-0.7.3-3.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> 7:device-mapper-event-1.02.170-6.el7_9.5.x86_64 from rhel-remote removed (updateinfo)\n --> libgnomekbd-3.26.0-3.el7.x86_64 from rhel-remote removed (updateinfo)\n --> cryptsetup-python-2.0.3-3.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> PackageKit-gstreamer-plugin-1.1.10-2.el7.x86_64 from rhel-remote removed (updateinfo)\n --> libstoragemgmt-1.6.2-4.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> PackageKit-gtk3-module-1.1.10-2.el7.x86_64 from rhel-remote removed (updateinfo)\n --> 7:device-mapper-event-1.02.149-8.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> setroubleshoot-plugins-3.0.67-3.el7.noarch from @anaconda/7.6 removed (updateinfo)\n --> libdrm-2.4.91-3.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> mesa-dri-drivers-18.3.4-12.el7_9.x86_64 from rhel-remote removed (updateinfo)\n --> subscription-manager-plugin-container-1.24.51-1.el7_9.x86_64 from rhel-remote removed (updateinfo)\n --> firewalld-0.6.3-13.el7_9.noarch from rhel-remote removed (updateinfo)\n --> gdb-7.6.1-114.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> grubby-8.28-26.el7.x86_64 from rhel-remote removed (updateinfo)\n --> hostname-3.13-3.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> 32:bind-libs-lite-9.11.4-26.P2.el7_9.9.x86_64 from rhel-remote removed (updateinfo)\n --> abrt-dbus-2.1.11-52.el7.x86_64 from @anaconda/7.6 removed (updateinfo)\n --> unzip-6.0-21.el7.x86_64 from @rhel-remote removed (updateinfo)\n Package xz-libs.x86_64 0:5.2.2-2.el7_9 will be an update\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nUpdating:\n xz x86_64 5.2.2-2.el7_9 rhel-remote 229 k\n xz-libs x86_64 5.2.2-2.el7_9 rhel-remote 103 k\n\nTransaction Summary\n================================================================================\nUpgrade 2 Packages\n\nTotal download size: 332 k\nDownloading packages:\nNo Presto metadata available for rhel-remote\n--------------------------------------------------------------------------------\nTotal 1.3 MB/s | 332 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Updating : xz-libs-5.2.2-2.el7_9.x86_64 1/4 \n Updating : xz-5.2.2-2.el7_9.x86_64 2/4 \n Cleanup : xz-5.2.2-1.el7.x86_64 3/4 \n Cleanup : xz-libs-5.2.2-1.el7.x86_64 4/4 \n Verifying : xz-libs-5.2.2-2.el7_9.x86_64 1/4 \n Verifying : xz-5.2.2-2.el7_9.x86_64 2/4 \n Verifying : xz-libs-5.2.2-1.el7.x86_64 3/4 \n Verifying : xz-5.2.2-1.el7.x86_64 4/4 \n\nUpdated:\n xz.x86_64 0:5.2.2-2.el7_9 xz-libs.x86_64 0:5.2.2-2.el7_9 \n\nComplete!\n" ] } } PLAY RECAP ********************************************************************************************************************************************************************************************************************************** 192.168.8.26 : ok=3 changed=1 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0
|
| Can the owner of root be changed? Posted: 28 Jun 2022 03:29 AM PDT Can I use chown to change owner of root. If so, how? I'm new to shell and all this so please try to work with me on this. I'm trying to root an Insignia Fire TV. |
| How to mount cloned LV with UUID identical to already mounted LV Posted: 28 Jun 2022 04:15 AM PDT I made a bootable backup of my encrypted drive using dd: > sudo dd if=/dev/sda of=/dev/sdc bs=64k status=progress
After checking that I can boot from the clone, I booted back into the original drive and tried to mount the clone using vgimportclone: > sudo cryptsetup open /dev/sdc5 sdc5_crypt > sudo lvm lvm> vgimportclone /dev/mapper/sdc5_crypt lvm> pvscan --cache lvm> vgchange -a y lvm> quit > mount /dev/mapper/ubuntu--vg11-root /mnt
The VG names and VG & PV UUIDs on the clone are now different from those on the original drive, but the LV UUIDs are the same. The VG name for the original drive is ubuntu-vg and for the new drive it's ubuntu-vg11. I altered /boot/grub.cfg on the unencrypted partition of the cloned disk to reflect these changes and ensure it is still bootable. After checking that the clone is still bootable (it is), I booted back into the original drive, and tried mounting the clone: > sudo cryptsetup open /dev/sdc5 sdc5_crypt > mount /dev/mapper/ubuntu--vg11-root /mnt
At first it appeared to work, but on closer inspection of the contents of /mnt I realized that it had actually mounted the original LV there (which is already mounted on /, and had some new files added to it since first creating the clone). So the next thing I tried was changing the filesystem UUID of the clone using tune2fs: umount /mnt tune2fs -U random /dev/mapper/ubuntu--vg11-root
I checked that the filesystem UUID on the clone (/dev/mapper/ubuntu--vg11-root) differs from that of the original (/dev/mapper/ubuntu--vg-root) However the problem persists, so I assume it must be due to the identical LV UUIDs. Everything I've read online suggests it's not possible to change LV UUIDs, so I wonder is there any other way around this problem? How can I mount my cloned drive at the same time as the original? |
| Error building v4l2-loopback driver on pi400 Posted: 28 Jun 2022 02:11 AM PDT I'm trying to turn my phone webcam into a "fake webcam" for my raspberry pi 400, but I get an error: Anas@raspberrypi:~/Downloads/server/v4l2loopback $ make Building v4l2-loopback driver... make -C /lib/modules/`uname -r`/build M=/home/Anas/Downloads/server/v4l2loopback modules make[1]: *** /lib/modules/5.10.17-v7l+/build: No such file or directory. Stop. make: *** [Makefile:46: v4l2loopback.ko] Error 2 Anas@raspberrypi:~/Downloads/server/v4l2loopback $
Please help with this. |
| Create another partition on free space of USB after 'dd' installing debian Posted: 28 Jun 2022 01:12 AM PDT Basically a duplicate of this question but being more clear and providing more details. What I want is to have a USB drive with two things: The debian installer, and another partition using the remaining space of the USB. It should not be used for persistance within debian. Just a regular usable partition. In my linked question fdisk/gparted is recommended, but those don't really work. GParted shows this:  lsblk:
sdc 8:32 1 7.5G 0 disk ├─sdc1 8:33 1 2.7G 0 part └─sdc2 8:34 1 2.9M 0 part
fdisk /dev/sdc:
The device contains 'iso9660' signature and it will be removed by a write command. See fdisk(8) man page and --wipe option for more details. I tried ignoring this and creating a third partition anyway, it worked but made debian unable to boot. The bootmenu shows up but when trying to boot it gives several errors about not finding an ext3/ext4 partition or something similar. My PC (nautilus file manager) also doesn't detect the debian partition anymore after the fdisk write with the third partition. fdisk -l:
Device Boot Start End Sectors Size Id Type /dev/sdc1 * 0 5706399 5706400 2.7G 0 Empty /dev/sdc2 1600 7487 5888 2.9M ef EFI (FAT-12/16/32)
dd command used: dd if=debian.iso of=/dev/sdc bs=1M status=progress
|
| How to build and publish binaries for multiple Debian/Ubuntu distributions? Posted: 28 Jun 2022 04:01 AM PDT For a proprietary piece of software I'd like to build and publish multiple versions of software for multiple distributions. E.g. 1.0, 1.1 and both versions for squeeze, wheezy and precise. The builds are run on automatically on different machines and produce distribution-specific .deb files. Distribution-specific in a way that they're linked to distribution-specific versions of libraries. E.g. OpenSSL 0.9.8 for squeeze, 1.0.1 for wheezy. However, these packages are built using the same version number and package name. This is what is probably the cause for the issue following. Currently I'm using reprepro with the includedeb command to add the binaries to the repository. This works out fine, until I add the same package version built for a second distribution. Publishing for Squeeze is fine # reprepro -b ./repo --outdir ./wwwpub/repo includedeb squeeze /path/to/sqeezepackages/packagename-1.0.deb
But then publishing the same version of the software built on wheezy, publishing for wheezy fails: # reprepro -b ./repo --outdir ./wwwpub/repo includedeb wheezy /path/to/wheezypackages/packagename-1.0.deb /path/to/wheezypackages/packagename-1.0.deb: component guessed as 'main' ERROR: '/path/to/wheezypackages/packagename-1.0.deb' cannot be included as 'pool/main/p/packagename/packagename_1.0_all.deb'. Already existing files can only be included again, if they are the same, but: md5 expected: e7df7cd2ca07f4f1ab415d457a6e1c13, got: 0fa924209085a5713f79e6a30649455f sha1 expected: 947b41827bbac414baddf0648b9abecaad8de4fe, got: 1be168ff837f043bde17c0314341c84271047b31 sha256 expected: a883dafc480d466ee04e0d6da986bd78eb1fdd2178d04693723da3a8f95d42f4, got: a93dbf1e95ddc4cfa84e9cd3cfa6c9e0e14affd79812abde4bca688224430a65 size expected: 1234, got: 1235 There have been errors!
I assume my build needs a unique version number for each distribution. - What's the easiest way to accomplish this?
- How do I add this to the current version number? Is it advised to use something like
1.1~wheezy, 1.1+wheezy, 1.1-1 (incrementing), 1.1+deb6, etc.? As jessie is coming up and I'd like the system to recognize this during dist-upgrades, I think just using the distribution name won't work as j comes before the w and will be recognized as older by APT. - Once determined how to build up the version number; how do I add this to my tooling? I guess I need heuristics in the
debian/control files to have the version number specific to the distribution it's built on. And for the changelog I'll have to invoke dch to comply with that version number as well. |
| Tool to create recipe to preseed partitioning Posted: 28 Jun 2022 03:01 AM PDT I want to preseed an Ubuntu 12.04 installer using a custom partitioning recipe. My disk layout is reasonably complex, and so is the recipe syntax itself. Hand-crafting such a recipe seems tedious and error prone. Is there a tool to simply create a recipe from an existing disk, including its partitions and LVM configuration? |
| /var partition gets full what's the solution? Posted: 28 Jun 2022 04:34 AM PDT If /var partition gets full on Production server then what's the solution ? Below are my workaround: - If it is LVM Partition then we can extend it online.
- We can compress logs.
- We can remove old data.
Please suggest me more possible ways to solve and overcome this issue. It would be helpful for me if you can share your experiences of this issue ever faced. |
| Creating alias to domain name with /etc/hosts Posted: 28 Jun 2022 03:37 AM PDT I have a domain setup to point to my LAN's external IP using dynamic DNS, because my external IP address changes frequently. However, I want to create an alias to this host, so I can access it with home. So I appended the following to my /etc/hosts: example.com home
However, it doesn't seem to like the domain name. If I change it to an IP: 0.0.0.0 home
then it works, but of course this defeats the purpose of dynamic DNS! Is this possible? |
No comments:
Post a Comment