I would like to schedule a one-off OOH restart of a service using cron.

Can I just add something like:

/usr/sbin/service myservicenamehere restart

... in the crontab, to run once?

I have created an instance running bare AL2023. This instance has an IAM role asociated which has a single policy

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "s3:ListAllMyBuckets",
                "cognito-idp:ListUserPools"
            ],
            "Resource": "*"
        }
 ...

I am using Fortigate + FortiAP for WiFi. The WiFi is working, I can connect to it via for example WEP password. However, I want to authorize all my LDAP (Windows Standard 2019 AD) users vie WPA Enterprise and I have problem with it. Fortigate + LDAP is working (I am using my Domain Users to login on my Forti, so there is no problem). I see my OU's and all users, and still. On SSID I have authorization v ...

Our company recently updated our DNS settings so they could be managed in AWS Route53 via Terraform instead of manually managed in Google Domains. We have a site that sits on example.com as well as two more sites that sit on stage.plus.example.com and plus.example.com.

example.com and plus.example.com work fine but stage.plus.example.com has intermittent issues with DNS resolving and the NXDOMAIN

I'm using Certbot to implement LetsEncrypt generated certificates on a Debian 11 server. Certbot was run/setup while logged in as root. This solution creates two files, fullchain.pem & privkey.pem, which the webserver needs to access.

ls -la of live files needed by webserver:

root@myserver:~# ls -la /etc/letsencrypt/live/mydomain.com/
total 12
drwxr-xr-x 2 root root 4096 Mar 21 14:34 .
drwx---- ...

I am trying to use the active directory structure to keep the workers information of our company (names, phones, etc..). Our layout is based on departments (each department is an OU) and within that department there are the user objects.

OU=Sales
  CN=John
  CN=Jane
OU=IT
..

I would like to define the ManagedBy attribute in the OU so I can write a powershell script to set the Person in charge for ever ...

How can I add a rule that blocks any message with any explicit (script tag) or implicit javascript code (e.g. onclick="....")?

I know Exchange online has a rule to block any executable attachments but it doesn't work for this type of spam because no hacker is using attachments anymore.

I have created an S3 bucket. All objects are publicly accessible.

I can access the image file via S3 url: https://S3_BUCKET_NAME.s3.eu-west-1.amazonaws.com/xyz.jpg

I can access the image file via CloudFront root url: https://CLOUDFRONT_ID.cloudfront.net/xyz.jpg

However, I can't access the image file via CloudFront URL's sub path: https://CLOUDFRONT_ID.cloudfront.net/images/xyz.jpg

I'm getting HTT ...

I have a project that has the root directory ed_v001 and all the includes and settings are in a directory ed_v001/includes.

When i open it in a browser it displays the login page properly but when you login , the landing page will give an error 200 below is my default config file:

server {
        listen 80 default_server;
        listen [::]:80 default_server;

        # SSL configuration
        #
  ...

My school network blocks access to game pages, more exactly colonist.io. We have an access to linux server for learning purposes. I'd like to avoid blocking by setting up some kind of proxy server on said linux server through which I could forward all the traffic. I read about squid but I can't make it work. Idea is to write server url in the browser and that it redirects all the traffic to colonist.io, ...

I am running systemd via user (i.e. enable-linger $USER) and I interact with services via systemctl --user

I noticed a strange issue.

Sourcing Type 1

In order for the above systemd to work for a user, I need to add export XDG_RUNTIME_DIR=/run/user/$(id -u) inside my ~/.bashrc

This works fine.

Sourcing Type 2

When I instead source my bashrc as follows, the systemd does not work:

inside .bashrc:

source ...

We have the policy to create AD users in format of FAMILY NAME Given name, so my name appeared as BARANYI Peter (btw: this is the standard Hungarian format :) ). Now the management asked us to change the Display name to Given name FAMILIY NAME, so i appear as Peter BARANYI (like in the rest of the world). But this creates some probelm at the Outlook users. They used view folders with sort by name of the ...

My question is on the feasibility of having a single DHCP server with 2 NICS, each NIC connected to an independent network. Each independent network will have an IP helper configured pointing to the respective NIC on the DHCP server. Would this work providing the networking and scopes are configured correctly?

I want to write remote logs to the /data directory

# cat /etc/rsyslog.d/default.conf
#### GLOBAL DIRECTIVES ####

$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$template myFormat,"%timestamp% %fromhost-ip% %syslogtag% %msg%\n"
$ActionFileDefaultTemplate myFormat

$template RemoteFirewallLogs,"/data/%fromhost-ip%/%$YEAR%-%$MONTH%/%$YEAR%-%$MONTH%-%$DAY%.log"
local2.* !isequal, "127.0.0.1" ...

I run Debian 11 with mariadb and everything worked fine. Just yesterday I saw that different commands, such as "/etc/init.d/mariadb reload" or "mysql -u root" bring the error:

ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)

But I can log in with "mysql -u root -p xxx".

The password seems to be okay:

SELECT User, Host, authentication_string,plugin FROM mysql.use ...

I am running jenkins in eks cluster. Till yesterday it worked, but today when I want to change any configuration in the jenkins system configuration page, it is not saving anything and page is also not loading properly.

Below is the log I got from the jenkins pod. Log file github link

I tried to paste here but character limit exceeded.

Could you please suggest what need to be fixed?

I'm working on provisioning a server that requires full drive encryption and I want to automate the process of decrypting the drive at startup using the TPM2 module available on the motherboard, but I can't quite get the system to do so. I have a fresh install of CentOS 9 Stream that was created uing automated LVM partitioning of the only available drive, and it was encrypted as a LUKSv2.

After t ...

I have this htaccess that redirects all requests to a folder (public folder for laravel framework) and now I have a staging app that is clone from the main application e.g. mydomain.com/staging and I wanted to access the staging folder to run the staging application but it returns me 404

DirectoryIndex index.php

RewriteEngine On 
RewriteRule ^$ public/index.php [L]
RewriteRule ^((?!public/).*)$ pu ...

We are planing to deploy MySQL /var/lib/mysql (InnoDB) folder on Gluster server. Configuration is two Gluster servers + thin Arbiter. Gluster is in replica mode!

Does anybody have experience with configuration like this? Database current size is 12G.

If this kind of configuration is not possible, how can I make my /var/lib/mysql/ external storage (glusterfs)... maybe as a single node, or else?

I need to free disk space on a OpenSUSE Leap 15.4 server.

I notice I have a .snapshot directory at system's root:

srv-abc:~ # ll -h /
total 0
drwxr-x---   1 root root   36 Sep 14  2021 .snapshots
drwxr-xr-x   1 root root 1.8K Jan 26 13:50 bin
drwxr-xr-x   1 root root 1.2K Jan 26 13:58 boot
drwxr-xr-x  17 root root 4.0K Mar 19 22:54 dev
drwxr-xr-x   1 root root 5.0K Mar 19 22:54 etc
drwxr-xr-x   1 r ...

^{(Credit @Kerrick Staley)}

I would like to create an Ansible playbook with an async task followed by an async_status task that lets me do the following:

1. I run the playbook on my laptop. It starts the async task in the background and starts polling it with the async_status task.

2. I reboot my laptop. The async task continues running on the server.

3. I run the playbook again. It recognizes that the asyn ...

IT support team in my organization is enforcing periodic forceful shutdowns of the developer Macbooks using JAMF or some other kind of mechanism. This is damn annoying. In my experience, I never faced any problem with the Macbook even if it is running for weeks and months, when I know what I am opening and whether I am gracefully closing the applications or not. And if I am rebooting my system periodica ...

So I have a HPE S100i SR Gen10 software RAID 1 device that hosts 2 SATA SSD's for a Windows boot partion. The HPE Storage Array management software looks like it found a problem on the SSD's during a patrol read...

Warning: This logical drive has Unrecoverable Media Errors Detected on Drives during previous Rebuild or Background Surface Analysis (ARM) scan. Errors will be fixed automatically when the s ...

I am having issues attempting to get Apache with mod_ssl to see/use the new version of openssl which is 3.1.0.

In my httpd.spec file I have specified --with-ssl=/opt/openssl/openssl3.1.0.

rpmbuild -ba httpd.spec completes without error and builds apache 2.4.55 and mod_ssl rpms. I am able to install the rpms and the web server runs without any problems.

However when I run the curl --header https://local ...

Currently, I have a structure which takes a SOAP request, fires the request at a reverse proxy (a script written in Lua) which takes a copy of the SOAP request and then passes that to the webserver, and I get some SOAP response.

Without the reverse proxy, the request works fine and I get the expected response, however once I add in the reverse proxy (which I currently only want to use to get a co ...

tldr; The idea is for a server to host javascript that connects to the connected-device's socketServer.

MyDevice's Browser > http://myserver.local > socket.io().connect('http://myDeviceIp:5000');

How best to achieve this and are there any safety implications?

elaborated;

I have a server at 192.168.0.2

• :8080 - browser client (engine control & view)
• :5000 - socketServer (an engine communic ...

on server side:

Load FOU kernel module

modprobe fou

Create IPIP tunnel encapsulated to FOU,

ipip kernel module will be loaded automatically.

ip link add name ipipou0 type ipip
remote 81.25.63.84 local 0.0.0.0
encap fou encap-sport 10000 encap-dport 20001
mode ipip dev ens3

Add FOU listener for this tunnel

ip fou add port 10000 ipproto 4 local 0.0.0.0 dev ens3

Assign IP address to the tunnel

ip a ...

If a DNS server redirects mysrv.domain.io to the IP 192.168.0.100, but there is a second server in the network, let's say 192.168.0.101, that also "reacts" to the Host-Header mysrv.domain.io, is it possible to redirect the user from the first server to the second server with the same domain without the DNS server "interfering" and redirecting it again to the first server?

So I have Alertmanager running with Button in slack. I've created a new button that I want to use with a custom domain, however add an expression to the url based on the alert.

    {{define "__alert_button_link" -}}
       https://example.com/$expression
{{-end }}

So if a high cpu alert came in, the botton would take me to https://example.com/HighCPU or whatever the alert name was.

Thank you.

Our Windows Server 2019 AD is setup and working well. Due to the Outlook exploit (CVE-2023-23397), we implemented one of the recommendations - move users to the Protected Users group. Since then, users have been having issues to login on their laptop from home.

They use a username/password combo and in the office it works fine, but once they get home - none of the passwords (password/PIN/facelock ...