Latest Server related questions

All:

We've been trying to prepare for the EOL/EOS for CentOS by moving to AlmaLinux 8.7. For many of our machines, we're using Carbon Black (CB) 2.14.0 for security. But VMWare/CB support is telling us that CB won't work on AlmaLinux until Q3, even though they claim it works fine on RHEL 8.7, something about bpf support in the kernel. This makes no sense to me. Shouldn't the kernels be identical  ...

I am having a hard time figuring out what steps are needed to set a PTR record on a VM since I want to run a mailserver on it. My scenario looks like this:

• (unfortunately because of planned migration) I have two GCP accounts and therefor two seperate GCP projects and therefor two GCP Cloud DNS
• I own $domain.com and DNS is set up on first account
• on second account: I created a new zone for mail.$domain. ...

apache2 normally runs a service. I don't apache2 service to run in background. I want to run it as long as it's a foreground program so I know that when I close my terminals while forgetting to stop a background service.

If not, is there any simple alternative? python -m SimpleHTTPServer is perfect except it doesn't support POST unless I write a script.

So I am trying to find a single command ser ...

I am getting errors in prod splunk(not able to reproduce error in lower regions) which my senior believe is due to Apache AJP. Below are the errors -

[31m10:53:39,465 ERROR [io.undertow.request] (default task-316) UT005023: Exception handling request to /eservicing/api/commissions/ltc: org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springfram ...

we recently started transitioning from domain binding to using nginx as a proxy for our web apps.

Requests going to the wildcard subdomain *.domain.tld are being loadbalanced by our firewall to two linux machines (Debian 11) proxy-01 and proxy-02 that have nginx running on them, with proxy configurations for *.domain.tld subdomains.

proxy-01 and proxy-02 both have an /etc/hosts entry for webserver-07 ...

I have a Java web application running on Tomcat and Linux.

This application uses Kerberos authentication for clients, so workstations are able to connect to the site and their windows credentials will be used to automatically sign them in.

All of this part works fine. However this web application also needs to call on another HTTP server running on windows to access a service. It does this via kerbe ...

I am running Windows server 2022 with IIS installed, and my website is working for http://help.revonecompanies.com, but the connection is being reset whenever I try to go to https://help.revonecompanies.com.

The windows firewall is disabled, and if it matters the security group on my AWS EC2 instance allows all https traffic into it as well.

I have enabled TLS 1.0, 1.1, 1.2, and 1.3.

The binding has the S ...

As per the title I'm looking to see if I can change the behavior (ideally via gpo) of our workstations to go to the login screen when a user locks or puts their computer to sleep instead of the more restricted lock screen.

The reasoning for this is due to the Connect before logon VPN, the network sign-in button not being displayed on the lock screen but it is displayed on the login screen, due to ...

I have an issue with a postfix install, version 3.5.17, in a email server with Debian 11, where when given an email with a list a recipients and if a recipient is not well written, like using uppercase letters or special characters like á or ñ, the email is bounced automatically for every recipient (even if it is in CC or BCC) in the list. I've checked the postfix configurations, in main.cf, but se ...

I am trying to create a K8S cluster in HA. I have created 2 VMs, one acting as a load balancer and the second as the master node.

The load balancer has a simple NGINX server with the following configuration

events {}
http {
   upstream backend {
      server <master ip>:6443;
   }

   # This server accepts all traffic to port 80 and passes it to the upstream.
   # Notice that the upstream name a ...

I'm working on ultimate backup script for very important server. My script already:

• creates a backup
• verifies copied file(-s)
• verifies gz archive
• compares MD5 on local and remote after sending file to remote server via scp
• removes monthly backups older than 365, weekly backups older than 31 days, daily backups older than 7 days, hourly backups older than 24 hours
• checks for available disk space  ...

Our small computing cluster has 3 computing nodes and 1 file server. The file server has around 70TB data to be accessed by the 3 computing nodes. All of the 3 computing nodes have 3 4TB SSDs which are now idling.

Currently the computing nodes use NFS to access files on the file server, and all the servers are connected to a 1 Gbps network. Is there a proper way to create a "pool of cache" fro ...

I deployed a spot VM on Azure, using an ephemeral OS Disk.

I also defined a Microsoft.DevTestLab/schedules resource with the hope to automatically shutdown (and so, in my case, destroy), the VM automatically:

resource autoShutdownConfig 'Microsoft.DevTestLab/schedules@2018-09-15' = {
  name: 'shutdown-computevm-${vmName}'
  tags: mytags
  location: location
  properties: {
    status: 'Enabled'

    d ...

Good afternoon,

after successfully failing to ask that Question on Stackoverflow, I have to post it here. Problem still exists.

I need your power for another project.

I want to have a DNS-Server, wich is in the Backend connected with a database (mysql pref.).

I tried to follw serval tutorials, but I often failed at the point where I have to install the following package:

libmysqlclient-dev

And because ...

I've bunch of ips / networks added to csf.deny

csf.deny
1.1.0.0/19 # do not delete

However i want to allow 1.1.1.1 on port 80 and 443 with csf.allow

csf.allow
tcp|in|d=80|s=1.1.1.1
tcp|in|d=443|s=1.1.1.1

is not working and

csf.allow
1.1.1.1

not working either

• If i add IP adress to both csf.allow and csf.ignore it works but opens all ports which i don't want to
• Adding "tcp|in|d=80|s=1.1.1.1" to b ...

I created an OpenBSD guest VM on fedora. I migrated the qcow2 image from fedora to rockylinux and used it create a new VM.

virt-install \
        --import \
        --virt-type=kvm \
        --name=openbsd-template \
        --vcpus=1 \
        --memory=1024 \
        --disk path=/var/lib/libvirt/images/openbsd-template.qcow2,fo
rmat=qcow2 \
        --network bridge="nm-bridge" \
        --osinfo ...

I am facing issue disk space issue under tmp folder due to its got full for ServiceNow application Linux server. As checked some files (./webapps , ./backup.dist-upgrade ,./logs) are consuming more space. So just wanted to know whether I can delete or can move on other folder to make some space under /tmp directory.?

I've tried to set up my prosody xmpp-server (more exactly: I migrated from a different machine with some really outdated version)

Most stuff works fine. Apart from mod_http_file_share that is.

If I open it in my browser, anything looks okay.

Looking over the config, I now have removed pretty much anything that could have posed problems.

But it just doesn't connect - most clients don't even detect som ...

Can i use root domain like google.com instead of _spf.google.com in SPF record?.

My SPF record

v=spf1 include:_spf.mx.cloudflare.net include:_spf.google.com include:mxsmtp.sendpulse.com +a +mx ~all

Can i change it to

v=spf1 include:cloudflare.net include:google.com include:sendpulse.com +a +mx ~all

This make any problem?

A week ago one user (UserA) on a certain PC (Workstation09) produced an error message when accessing a network share using its server's hostname(srv04). The share is still accessible using the server's IP (192.168.10.4).

There are multiple users in the same room with identical PCs and identical rights (same ACL/security groups). UserA can access the network share on srv04 on EVERY other workstati ...

I’ve started a nginx webserver recently with Ubuntu Server 22.04 as usual. The hypervisor is VMware Workstation 16.2.4. When I open the site http://192.168.0.213 I can see the default nginx page. But if I try to use my domain name example.com page won’t be found… I make attempts on my host and on other virtual machines using curl. The result is the same. And I’m not able to open my site even f ...

I have a multimaster k8s cluster. I had to delete some of the master nodes, and had executed a kubeadm delete m2 and the same for the third node (m3), so that I could have only one master and rejoin the others later. However, this somehow messed with the main node (m1), which now gives me these errors:

Jan 12 08:56:29 k8s-m1 kubelet[14734]: E0112 08:56:29.314499   14734
eviction_manager.go:256] "Evi ...

So I have a basic Nginx configuration that redirects any request to my site to www and HTTPS:

server {
    listen 80;
    listen [::]:80;
    server_name www.goodjobs.ro goodjobs.ro;
    return 301 https://www.goodjobs.ro$request_uri;
}

server {
    listen 443 ssl;
    ssl_certificate hidden/path;
    ssl_certificate_key hidden/path;
    server_name goodjobs.ro;
    return 301 https://www.goodjobs ...

I have an API Gateway with an API configured that requires an API Key. Now my question is, among all the get/post resources there are, can I make that for a specific API Key, this key won't be able to connect to some of them?

I know I could check it at the level code, but I would like to know if Amazon includes any option.

I have a Debian server with multiple users. I would like to enable them to use multiple versions of PHP-CLI.

I know I could use ondrej PPA, but I am not very comfortable adding unofficial apt sources.

I was thinking to use podman in rootless mode to achieve this. This way I would have to install and run each php version container for each user.

I could make each php version container a service but to ...

I have a Linux server set up with Postfix and Dovecot. I have an address I am using to test the mail sending, [email protected]. I can send out mail fine. However, when an email is sent to the email address, Postfix rewrites the recipient from [email protected] to [email protected]. mail.firstdomain.com is the domain I am using as the server hostname. I can't figure out why its doing ...

I am migrating my API to a new server and both old and new server are running on Ubuntu 20.04 and Nginx. My SSL certificate was generated by certbot. Should I generate a new certificate on the new server or copy the certificate from the old server? Will generating a new certificate cause any issues for my clients, especially for the native android apps? How long will clients keep the old certificate det ...

I am facing a problem while trying to SSH a DO droplet. It is running 4 Python scripts fetching data via API and storing in MySQL(running on same Droplet). It had no issue when I was running 2 Python script but I started facing issue of SSH when I ran 4. Intially it gave the error:

'shell request failed on channel 0

and I was unable to login. When I enabled the verbose mode after sending -v switch  ...

I have a linux machine that has lots of processes in uninterruptible sleep state.

I'd like to know why this happens.

Here's part of the information of running top -o S command:

top - 14:44:51 up 298 days,  4:47,  1 user,  load average: 84.54, 85.11, 85.33
Tasks: 622 total,   1 running, 621 sleeping,   0 stopped,   0 zombie
%Cpu(s): 11.5 us,  2.0 sy,  0.0 ni, 85.6 id,  0.5 wa,  0.0 hi,  0.3 si,  0.0 st
 ...

When using curl to get a directory listing from a remote host running vsftpd, how can you suppress "." and ".." from being listed?

Consider ...

curl --insecure --user 'name:pass' sftp://host/some/path/

At a minimum, this will return . and .. - I never want to see these.

I set hide_file={.,..} in vsftpd's configuration file but this has no effect.