Situation

I have two web servers that connect to a file repository over sshfs:

/usr/bin/sshfs -f -o reconnect -o follow_symlinks -o allow_other \
  repo@files3:/var/repo /var/repo

On one web server this mount point can be used with "normal" speed, but on the other web server any operation on the mounted folder takes a long time, for example:

user@good-server$ time ls /var/repo/big-folder > /dev ...

I want to create one include with SPF IP address to be used from all dns zones in my server. Can you suggest me how to do it? I work on BIND9. Thank you.

Hello I am trying to Integrate Openstack Keystone as Ceph authentication Mechanism So i can use ceph object storage as openstack swift backend

Environment:

Kernel : Ubunutu Server LTS 22.04 (minimal)
Openstack : Zed (Manual Installation)
Ceph : quiny (Cephadm Installation)

//Controller node

openstack service create --name swift object-store 

openstack user create --domain default --password-prompt  ...

Just for preface: I'm a software developer and at first no one knew what's going on, so I did some testing and reading, and would like to help my colleagues fix this problem.

The issue:

The issue is that at peak times, the server becomes so slow that the connection times out in browsers like chrome (after 30 seconds), but the server is still up and can serve pages after ~100 seconds (tested with ins ...

I have set cache-control header in my nginx conf file successfully for js/css files

location ~* \.(css|js)$ {
      add_header Pragma public;
      add_header Cache-Control "public, must-revalidate, proxy-revalidate, max-age=305360000, s-maxage=305360000";
    }

But the js/css files are randomly loaded from cache and server on page refreshes. What exactly tells browser to re-load the files from the ca ...

My goal is to implement 2 nodes HTTP load-balancer, using virtual IP (VIP). For this task I picked pacemaker (virtual IP switching) and Caddy for HTTP load-balancer. Load-balancer choice is not a point of this question. :)

My requirement is simple - I want virtual IP to be assigned to the host where a healthy and working Caddy instance is running.

Here is how I implemented it using Pacemaker:

# Disabl ...

for a page in an Apache webserver under ACL, is there a way to force apache to prompt again for credentials after a fixed timeout? For example, user tries to access the url, he fills the credentials and displays the page. After 10 minutes the webserver asks again for credentials and in case they're correct it responds with 401 page. Best regards

It's obvious that magnetic tape media performs IO operations as well as HDDs and SSDs, although this storage device is not designed for a random access pattern.

LTO standards define maximal data transfer rate (also known as throughput) measured in bytes/sec for every LTO generation. But I wasn't able to find any information about IO rate with exception to this paper claiming that

Tape drive is available ...

As per title, squid proxy blocks access to the Anydesk network although there are exceptions.

My squid.conf is:

acl acl.anydesk3 dstdomain "/etc/squid/acl.anydesk3"
http_access allow acl.anydesk3

acl.anydesk3 is:

relay-a541c14e.net.anydesk.com
relay-9b6827f2.net.anydesk.com
relay-61f2512e.net.anydesk.com

but squid proxy's access.log file always shows a TCP_DENIED:

192.168.10.79 - - [14/Dec/2022:10 ...

As mentioned above I'm getting error generating certificate from Lets encrypt for subdomain. Using Chrome tried www, http://www.subdomain www.subdomain. Here is error I'm getting

fzcpnl49094m6oe7p2@a04pm945 [~]$ acme.sh   **--issue -d subdomain.domain.com -d subdomain.domain.com  -w /home/fzcpnpm945/public_html**
       subdomain.domain.com:Verify error:IPADRESS: Invalid response from http://subdomain ...

Bonjour,

We running an on premise Microsoft active directory DAP system on Windows Server 2016.

On the side, we also have several Debian 11 running web applications and we would like to move the authentication backend of our web applications to AD. The issue is, if we opt for AD authentication, how would users change their password without having to log into a domain computer and change password the ...

I'm looking to extract a list of users from /etc/passwd and then grep their crontab files for disabled (commented: ^#) jobs.

The high level steps would be:

1. Grab an array of usernames from /etc/passwd ("my_users")
2. Run grep against the files named in step 1 (/var/spool/cron/{{my_users}})
3. Use 'Debug' to print out the results.

I'd appreciate any suggestions, here's what I have so far:

  - name: ANSIB ...

I've got a RPi LAMP server; Apache alone drives our Nextcloud, Zabbix, Prestashop, Guacamole and few other - we're unhappy with the performance as my 1GBit fiber is wasting on RPi(only 100Mb/s) and playing 4k video is not possible for two people at the same time. My system is located on a SSD and the whole NC data is stored on HDD(inb4 uses better cards).

I want to migrate to x64 based on Ryzen 5 Pro 360 ...

While trying to download the backup file via API or GUI using the nsroot account which has the owner group, I get the bellow error: {"Not Authorized to perform this operation"}

Have checked the settings for the account and policies and all seems pretty ok, kindly assist how could I troubleshoot this issue as the Citrix documentation does not provide much information. Version of Citrix ADC SDX: 13 ...

1. There's no constraint with directly connecting a Realtek 1000/100/10Mbit transceiver towards a common router.

2. There was no connection ('Could not activate connection: Connection 'Name of Lan connection' is not available on device eth0 because device has no carrier') with connecting a Realtek 1000/100/10Mbit transceiver through a straight wired ('patch') LAN cable.
   Changing from straight wired to crossov ...

Assuming that I am not using logical replication...

I'm not clear on how the low level replication interacts with other low level operations like vacuum and analyze.

I'm not clear on whether replicas tend towards being block level copies of their primary server, with changes made by vacuum on the primary being replicated on the replica. Or if replicas are more responsible for self maintenance.

We have enabled kubernetes audit logging that records the orchestration related activity. Also, the underlying host audit logs have been enabled to capture the commands executed on the host. But, once we login inside a K8s container, how can we capture all the commands executed within the container ?

My default postfix was configured to handle messages upto 20MB. We have tried to send a local email bigger than this and it was found stuck in the queue. The postfix setting message_size_limit was raised and tried to re run the queue meanwhile I could see two local emails in the system are not getting delivered.

(lost connection with host.xxxx.com[private/dovecot-lmtp] while
sending end of data --  ...

I installed a smbserver on my CentOS 7. And I used an embedded Linux terminal to mount the shared directory to local /mnt/smb.

mount -t cifs //192.168.2.222/jason /mnt/smb -o username=jason,password=0801,iocharset=utf8

And I see on the CentOS 7 machine that it was connected via command smbstatus.

Samba version 4.10.16
PID     Username     Group        Machine                                   Pro ...

we are currently trying to set up a virtualized environment in which we would like to use openSUSE 15.4 Leap as a Xen Guest (DomU) on a Debian 11 Host.

To do so I have found some resources which adress the matter, but may be a little bit dated:

• Building an RPM based (Red Hat, Fedora, CentOS) Xen Guest Root Filesystem using Rinse
• How to install a openSuSE domU on a Debian dom0

We aim to use xen- ...

We use shibboleth to secure an apache virtualhost. We would like to make single file (a site map) available publicly for this site.

Is there way to code this in the virtualhost?

The current virtual host looks like this:

<VirtualHost *:443>
        ServerName my-staging.sjf.edu
        DocumentRoot /var/www/sjf/my
        <Directory "/var/www/sjf/my">
                Options -Indexes +FollowSy ...

I am trying to "listen in" on changes in a particular folder, then once a file comes in, I want to copy the file to another folder. I figured fswatch would be a great choice for this.

And as I'm reading through the official documentation of fswatch and I see this snippet of code:

fswatch -0 path | while read -d "" event \
  do \
    // do something with ${event}
  done

I convert it to my folder and ...

First of all, I'm not talking about those all-in-one routers that do wifi/switching/routing. It drives me nuts when people call a Wifi box a "router". Anway, I would like to do the following as shown in my diagram:

Is it possible to connect Router A and Router B to the same switch, while having Router B be connected to a different subnet? Excuse my ignorance, but my motivation for setting it up  ...

This is a continuation to https://stackoverflow.com/questions/25055121/can-i-remove-multiple-matching-rules-with-the-iptables-delete-command

The answer https://stackoverflow.com/a/53404390/80002 is very useful - I was able to delete most of the entries. However, some entries are still there, but they do not look like ordinary rules:

student@worker:~$ sudo iptables-save | grep -iE "kub|cali"
:cali-OUTPUT ...

EDIT. I have done the exact same step on ubuntu server 20.05 and it's working fine...

I Create new cluster kube on ubuntu server 22.04 but I have several issue. Pods from kube-system going up and down. I checked logs but I cannot found issue.

kubectl get po -A

kubectl describe po calico-kube-controllers-7bdbfc669-kdts2 -n kube-system

Sometime I cannot use kubectl I think it's because kube-api pods is  ...

I am struggling to open a remote PS session on a remote server (Windows Server 2022 Standard). The remote server is not part of a domain.

When running the command

Enter-PSSession -ComputerName server01 -Credential server01\administrator

I receive "Access is denied".

What I have done:

• server
  • Enable-PSRemoting
  • Enable-WSManCredSSP -Role server
• client
  • Add-Content -Path C:\Windows\System32\drivers\et ...

I'm using X-Sendfile=X-Accel-Redirect with an internal location so one application (app1) can handle authentication/authorization for another application (app2). Apache handles the SSL and proxies to Nginx via HTTP. Nginx proxies to app1 via HTTP. Nginx is configured to proxy to app2 via HTTP, but the request is always HTTPS and times out because app2 doesn't accept HTTPS. When I connect to Nginx direc ...

I have set up my Synology DSM to acquire and renew certificates from Let's Encrypt using acme.sh.

The problem is as follows:

• Synology's VPN Center package automatically picks up the default certificate whenever it's changed
• I can't find a way to make OpenVPN clients simply trust public certificates.
• The certificate is renewed every 2 months and it's not feasible to let my users update their .ovpn ...

picture <---click

The current status is...

1. wpn is working find(server R connected to server L)
2. chrome browser(in server R) using ServerL ip address(ip is 21.10.10.10)

My goal

1. I want the chrome browser inside nat(192.168.37.1 or 2) using serverL's ip address.
2. How should I set it up? I want to let the PCs inside the nat go out with the ip of server L to the Internet through vpn.

We have a M365 tenant with MFA enforced for all users.

We can use either text message (SMS) or Microsoft Authenticator app on smartphone with a Time Based code (6 digit TOTP code).

We would like for some users to have the MFA set to "approval" mode. I.E. when the user try to login, the MS Authenticator ask the user to approve the sign-in request and the user simply need to push on the 'approve' butt ...