I have 1 box that seems to not want to run chef, while I have 5 other identical boxes that are working just fine using the same rhel and chef versions. On the non-working box, Chef runs correctly when the runbook is empty, but it fails when I add something to the runbook and try again.

Here is some of the error that is returned

/opt/chef/embedded/lib/ruby/2.6.0/fileutils.rb:529: [BUG] rb_sys_fail_path ...

Is it possible to create an ETR that blocks certain combinations of recipients? Imagine I have two customers in different domains with similar email addresses. I want to prevent sending to recipient lists that inadvertently mix users from the two domains.

Ideally, I'd block outbound messages with *@domainA.com AND *@domainB.com recipients. Also, blocking outbound messages with [email protected] AND ...

I am having difficulties (confused) understanding SSL for a domain for mail server. GMail "send mail as" set up is reporting error with "550 certificate name does not match host name" while trying to connect with SSL/TLS.

Domain: domain.com

Mail domain: mail.domain.com

Email account: [email protected]

DNS

A domain.com IP

CNAME mail domain.com

MX @ domain.com

Tried with SSL certificates for both doma ...

I have a role ovirt_vm_add_disk_role that creates a new disk for a VM with ovirt_disk module.

In that role I register the variable disk_info which contains the results of the ovirt_disk module:

- name: "Update disk information"
  ovirt_disk:
    auth: "{{ ovirt_auth }}"
    activate: true
    name: "{{ disk_name }}"
    poll_interval: 10
    vm_name: "{{ HOSTNAME }}"
  delegate_to: localhost
  regist ...

I'm trying to set up fail2ban to monitor our traefik access logs but I'm not getting fail2ban to actually ban anything even though fail2ban-regex shows a lot of matches.

I've also specified loglevel = HEAVYDEBUG for fail2ban but it's not logging anything special to my logtarget (/var/log/fail2ban.log)

I've checked that pyinotify is installed. I also tried switching for a polling backend but the resu ...

Update: after commenting out the line in /etc/hosts that is kinda like

#127.0.1.1  my-host.domain.edu  my-host

and rebooting, the firewall does open the expected ports. I thought to do this because, during testing with the firewall down, binding to host '' was able to accept connections, but binding to the host my-host did not (because that was only binding to 127.0.1.1, not my external address).

I don't want to require the use of TLS 1.2 in Exchange online/O365 as it might result in some important business email not being sent/received.

So has anyone found a way to actually encrypt all in/out going emails with e.g. Office 365 Message Encryption (OME) to ensure it is encrypted, if not using TLS.

Our monitoring sensor connection for https 443 to our secondary ADFS server is refused.

We recently renewed theADFS SSL certificate, and since the secondary server is not listening on port 443.

All changes appeared to have been replicated successfully and correctly from the primary server. i.e. can see New SSL is bound to port 443, and ADFS service restarted.

The servers are in AWS, both have the same ...

I wrote the following script; it's modified for simplicity and privacy reasons:

FILES_ROOT='/data/FILES'

BACK_B2B_RETURNS_S="$FILES_ROOT"'/wms-m-company/w2z/b2breturns/backup'
BACK_B2B_RETURNS_D="$FILES_ROOT"'/wms-d-company/w-to-z/backup/m-company/b2b-delivery-confirmations'
find "$BACK_B2B_RETURNS_S" -maxdepth 1 -type f -exec mv {} "$BACK_B2B_RETURNS_D" \;

LOG_B2B_RETURNS_S="$FILES_ROOT"'/wms-m- ...

Is there a way to delete olcAttributeTypes from my schema?

It's not a system attribute, I added it myself, now I need to delete it.

I'm using LAM (LDAP Account Manager) v5.6

The attribute is located at /etc/openldap/slapd.d/cn=config/cn=schema.ldif

The way I added it was ldapmodify -Y EXTERNAL -H ldapi:/// -f ldif.ldif

Contents of ldif.ldif were:

dn: cn=schema,cn=config
changetype: modify
add: olcAttribu ...

I'm trying to create an azure pipeline. Part of the process involves creating a service connection so that I can copy files to the remote server securely.

I have 2 questions:

1. What do I put in the Service connection name field? An example with a brief explanation would suffice.
2. How do I create this SSH service connection if I have MFA enabled? There's no option related to this on UI.

I asked Chat ...

I encountered an interesting problem while examining a specific AD/OpenLDAP interop case. On the OpenLDAP server, there is a user1, whose gidNumber corresponds to a group1. There is another user2, whose gidNumber corresponds to group2. However, group1 lists only user2 as its member, group2 lists both of them. How is this possible?

I expected gidNumber in Linux environments to work similarly to ho ...

I was so confused with my configuration.

In my server I have 2 interfaces:

eth0: 192.168.1.22  gw 192.168.1.1
eth2: 10.2.1.6 gw 10.2.1.1

I wrote a static route:

ip r a 8.8.8.8 via 192.168.1.1
 worked great!!

then I deleted it and
ip r a 8.8.8.8 dev eth0
 From 192.168.1.22 icmp_seq=1 Destination Host Unreachable

Why?????

I need to use the following cmdlets from ExchangeOnline Powershell module with an unattended connection.

• Get-QuarantineMessage
• Preview-QuarantineMessage
• Release-QuarantineMessage
• Export-QuarantineMessage

1. Following this first documentation https://learn.microsoft.com/en-us/powershell/exchange/app-only-auth-powershell-v2?view=exchange-ps, I created an Azure App registration with self-signed certif ...

I create a KVM Guest VM (virsh define a.xml, virsh start a.xml). Guest uses pre-configured/pre-made QCOW2 disk image, which represents a virtual router (Arista vEOS). Host is Redhat 9.1. Guest is based on Centos 7.9. The VM uses a boot loader (Aboot) in a cdrom. The guest has two environments where one can configure it: Bash Shell as well as "Arista CLI".

I use bash to make changes to the system: addus ...

I have an mlflow server that is hosted on aws, that uses s3 in the background for storage. I am trying to run a lambda-function that runs a python script which accesses the mlflow server, loads a pytorch model, makes predictions and finishes. The code where my problems arise is:

with open('./data/api_keys.json', 'r') as f:
    API_KEYS = json.load(f)

os.environ['AWS_DEFAULT_REGION'] = API_KEYS['AWS_ ...

When attempting to discover iscsi targets using the following command, I get (as expected not running with sudo) the following:

iscsiadm -m discovery -t st -p 192.168.1.199

Result:

iscsiadm: Could not open /var/lock/iscsi: Permission denied iscsiadm: Could not open /var/lock/iscsi: Permission denied

When attempting to run elevated:

sudo iscsiadm -m discovery -t st -p 192.168.1.199

I get the fol ...

So I have purchased a domain on go daddy by the name let's say example.com. Now I want to direct all *.example.com to a nextjs app hosted on heroku.

I followed the standard process to point any subdomain to a heroku app which was

1. Add a custom domain to heroku app by name *.example.com.
2. Copy the dns target given by heroku
3. Create a cname record in go daddy's DNS records page for the site with * as name and ...

Ocserv assigns dynamic interface names based on TUN device name. For example if tun device name is vpns, users connect via vpns0, vpns1 , vpns2 and ... Everytime a user opens a new session, a new interface name is assigned and because most tracking systems use interface names, I cannot figure out how much traffic a user has used for example in the past week. Is it possible to configure ocserv to assign  ...

On Windows 10 Enterprise, I can't connect via ssh to a linux machine. 192.168.0.3 is a valid local IP, i can connect to it with putty.

PS C:\Users\elsneste> ssh 192.168.0.3
CreateProcessW failed error:193
ssh_askpass: posix_spawnp: Unknown error
Host key verification failed.

PS C:\Users\elsneste> ssh -V
OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2

This is a quite fresh Windows 10 installatio ...

Windows Server 2019 (OS Build 17763.4131).

Following a search for updates, I was offered the cumulative update KB5025229 which according to Microsoft contains fixes for security issues and some other bug-fixes.

Due to some other, now fixed issues, I have recently restored the Windows image using the following command:

DISM /Online /Cleanup-Image /RestoreHealth /Source:D:\sources

The D:\ drive is an 8GB ...

I've read a few blogs here on this but haven't come across similar situation as mine.

1. i have expanded the drive by 5GiB on /dev/sda
2. i have without rebooting made it visible by running the following command: echo 1 > /sys/class/block/sda/device/rescan

Please see the remaining rundown below:

[root@proddboem01 ~]# fdisk -l |grep ^Disk\ /dev/sd*
Disk /dev/sda: 205 GiB, 220117073920 bytes, 429916160 sect ...

Running into an issue that I haven't seen before.

In my nginx config, I have a server block setup for a single subdomain that is only listening on port 443 (ssl).

However, when I test the connection out using port 80, its still responding. Very head scratching at the moment.

For example, curl http://blog.omgtrolls.com should not be able to connect, yet it does and spits out the site html etc. Runnin ...

I created the simple ansible playbook to install apache on CentOS and Suse. It works on CentOS but skipping on Suse without any errors, I do not understand why.

This is the playbook:

• name: To install Apache on CentOS and Suse hosts: all gather_facts: True become: yes become_user: root

tasks:
  - name: Installing Apache on CentOS or RedHat
    yum:
      name: httpd
      state: latest
    when: ansi ...

I am using MySQL 8.0.33

Following the official documentation, I set up multiple instances of mysql using systemd. My cnf file is below. I am able to get all the instances up and running at the same time, systemctl status shows each of them with its correct sock file per my configuration, but I am unable to connect a client to any but the initial, default instance.

When I first install mysql per the instru ...

m a little stumped on this and just wondering if anyone had any ideas.

I have registered in azure an application with 3 spa redirects It is a .net core react application

http://localhost:3000/eem/ (local dev) https://xxxxxx:4388/eem/ (development) and https://apps.axxxxxxxxxege.edu/eem/ (prod)

the dev and development work perfectly the user is redirected to office 365 login and then after they authen ...

I am using Amazon Linux 2023 (which is based on Fedora and uses systemd-networkd for DHCP).

ip route show shows routes like default via 10.0.0.1 dev enX0 proto dhcp src 10.0.0.211 metric 1024

I would like to have "initcwnd 50 initrwnd 50" applied to that route. I can do this via ip route change. This works until my lease expires. When DHCP renews it, I end up with a second (duplicate) default route.

I have a HA cluster with two nodes, node one is the primary and node 2 is its mirror. I have a problem in the mysql resource since my nodes are not synchronized

drbd-overview

Node Principal:
0:home Connected Primary/Secondary UpToDate/UpToDate C r-----
1:storage Connected Secondary/Primary UpToDate/UpToDate C r-----
2:mysql StandAlone Secondary/Unknown UpToDate/Outdated r-----

Node Secundary ...

I want to define a separate directory for each part of my website on my NGINX server.

domain.com/                     -->     /var/www/html/domain.com/website
domain.com/blog/                -->     /var/www/html/domain.com/blog
domain.com/checkout/            -->     /var/www/html/domain.com/checkout
domain.com/download/            -->     /var/www/html/domain.com/download
domain.com/f ...

In a production environment we have a simple Zabbix monitoring system that works very well to collect metrics from various Tomcat instances and other Java applications.

In short, this is our current configuration (that is somehow classic):

[ Zabbix Server ] → [ Zabbix Agent (passive) ] → [ Zabbix Java Gateway ] → [ Tomcat ]

It works also in this way:

[ Zabbix Server ] ← [ Zabbix Proxy ] →  ...