Latest Server related questions

Score: 0
jammann avatar
Apache expression to read from file and compare
zm flag

I'm trying to write an Apache HTTP 2.4 snippet, where some directives are conditionally applied, if the content of a HTTP header matches a list of strings

This works as expected, the messages are logged if the header is 'x' or 'y'

<If "%{req:X-Header} in { 'x','y' }">
   LogMessage "Header: %{req:X-Header}"
   LogMessage "FileContent: %{file:/tmp/strings_to_compare}"
</If>

The file /tmp/strin ...

Score: 0
bekoyzc avatar
Receiving Mail in Google Cloud (SMTP Relay-Mailjet) on EXIM
kn flag

I am using DirectAdmin on my server. I have configured EXIM. I can send e-mails, but I have not been able to receive e-mails. For example, when I try to send e-mail via [email protected], I either get 550 verification required error return or I do not get any error. How can I solve this. I am using 2525 port on GCP.

My config below:

exim.authenticators.post.conf

mailjet_login:
driver = plaintext
p ...
Score: 1
Alfador avatar
RHEL won't update correctly a package for security
wf flag

What does that error even mean? I have tzdata package. I run yum update --security and I get this:

[dada@dada-dada-dispatcher aem]# yum update --security
Failed to set locale, defaulting to C
Loaded plugins: search-disabled-repos
 --> tzdata-2022f-1.el7.noarch from rhui-rhel-7-server-rhui-rpms removed (updateinfo)
 --> tzdata-2022e-1.el7.noarch from @rhui-rhel-7-server-rhui-rpms removed (upda ...
Score: 1
d9ngle avatar
CONNECT Proxy over Squid with TLS termination
cn flag

I can create a regular http(s) proxy with Squid, which can then be accessed at http://my-ip.

I want to have TLS termination, so I can access httpS://my-domain.

I have generated ssl certs using certbot over nginx and then reused those files as:

https_proxy 443 tls-cert=/path/fullchain.pem tls-key=/path/privkey.pem

However running:

$ curl -x httpS://my-domain google.com
curl: (60) SSL certificate pro ...
Score: 3
Jaroslav Kucera avatar
Why the RHEL8 system do not generate SSH host keys automatically when missing?
ru flag

On the RHEL 8 and previous it is usual, that the SSH host keys in /etc/ssh are generated automatically by sshd service when missing. Usually there should be:

/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_ecdsa_key.pub
/etc/ssh/ssh_host_ed25519_key
/etc/ssh/ssh_host_ed25519_key.pub
/etc/ssh/ssh_host_rsa_key
/etc/ssh/ssh_host_rsa_key.pub

Restart of the node or even systemctl restart sshd should be suffic ...

Score: 0
mona moghadampanah avatar
What does fragmented table mean in MySQL?
in flag

I have a MariaDB database with an InnoDB engine and querying data take a lot of time so I search and found that it is maybe related to the tables being fragmented but I cannot understand what it means and what I have to do about it.

Score: 0
Wassim BEN FATMA avatar
How to convert .cer and .key file to .pem?
do flag

I have a .cer certificate, .key file and I would like to convert it to the .pem format.

How do I convert them to .pem?

Score: 0
user8546041 avatar
Lost remote connection to MySql through DDNS addres to local server after installing IIS Windows Server 2012 R2
hm flag

I have a DDNS service that I use to connect to my local MySQL server when out of the office through my desktop app, everything was working fine until I installed IIS on the Server (Win Ser 2012 R2), I installed IIS because I also have a mobile app that connects to MySQL server through PHP and that one works fine through the DDNS connection. I am using VB on MS Visual Studio 2019, my connection string is ...

Score: 0
YaKs avatar
Windows DNS - Reverse resolution not working for public IPs
cn flag

I was troubleshooting an internal application when I discovered that the reverse lookup only works for internal private IPs.

Is there a way I could configure our Microsoft DNS servers (Win2016) to use the forwarder servers to resolve every rDNS requests not found locally?

The final goal is to get at least the DNS entries of our public IP addresses.

Thanks

Score: 0
user3637971 avatar
Tcpdump output file is not storing the destination IP address and port number
ve flag

I'm capturing tcpdump packets. Even though, when I want to see the output by tcpdump -r I see destination hostname instead of address IP and service name instead of port number.

Example:

tcpdump -w /home/backup/out.bin -nn -i ens192 '(dst port 80)'

After a minute Ctrl + C to stop the process

Then:

tcpdump -r /home/backup/out.bin

It shows:

12:01:28.079940 IP 192.168.1.20.50704 > app.server.http: Fl ...
Score: 0
manifestor avatar
Postfix - limit SMTP user to be able to send to certain domains only
mp flag

What I'm basically trying to do is to restrict some SMTP email accounts to deliver to certain domains only. For example I have user [email protected] who should eventually only send emails to addresses belonging to domain-a.com and domain-b.com. Any attempts by [email protected] to send email messages to email addresses belonging to other domains should be rejected. All other SMTP users should not be rest ...

Score: 0
Stuart.Sklinar avatar
Azure Service Plans - Windows VS Nix high memory usage
in flag

We're seeing HUGE differences between Windows app service plan usage and Linux app service plan usage, when both apps are idle.

The difference is circa 300mb, which when we're talking a few app deployed to it, would equal a (few) different pricing bands, and we would be much better off using windows - which feels like a step backwards.

Am I doing something wrong? They're just vanilla app services, r ...

Score: 0
Chayne avatar
Postfix Sendonly Multiple Domains - smtp Auth for each domain?
ph flag

My title pretty much sums it up I have recently setup a sendonly postfix server i used this guide https://www.linuxbabe.com/mail-server/postfix-send-only-multiple-domains-ubuntu#generate-dkim-keypair It works as expected.

The purpose of this server is to be used by our hosted websites to send the website mail. My server sends successfully from the three test domains i have used

I would like to lock do ...

Score: 0
kinjelom avatar
How to configure CoreDNS to resolve CNAME records using foreign resolver
cn flag

I am looking for an example configuration in which CoreDNS will read the CNAME record from the file (file plugin) and then resolve it using a custom resolver (forward plugin?). A client should not get CNAME record but only A records.

For example:

  • if the client ask the CoreDNS for test.r1.svc
  • then the CoreDNS get the CNAME record test IN CNAME test.r2.svc.
  • then ask the foreign resolver 10.11.12.13:53
Score: 0
acgbox avatar
How can I organize the IPs/CIDR when executing restore ipset?
ng flag

I have this bash script of ipset v7.15 (run in ubuntu 22.04), courtesy of Martin (that I have made some modifications for this question):

ipset create -! blacklist hash:net family inet hashsize 1024
ipset save -! > /tmp/ipset.txt

cat list.txt | sort -t . -k 1,1n -k 2,2n -k 3,3n -k 4,4n -k 5,5n -k 6,6n -k 7,7n -k 8,8n -k 9,9n | while read line; do
    echo "add blacklist $line" >> /tmp/ip ...
Score: 0
serge1peshcoff avatar
What is the best way to set up Prometheus + Alertmanager with a HA
ua flag

I have a monitoring solution that uses Prometheus as a scraper and a data storage, Grafana as a visualiser and Alertmanager as an alerting tool. This all is running on a single server.

However, there's an issue with this approach. If a server that is hosting all of this goes down, I basically lose all the monitorings, so in case something would crash after that I would never know.

I assume best way  ...

Score: 0
marafado88 avatar
How to save/print a powershell terminal text in the end of a script run through powershell commands?
in flag

I've a script that needs user inputs, and also let them check all the data being displayed, while script is running, and in the end, save/print all the content, to a file, through powershell commands.

I know that there is a way through, GUI selecting all and copy to a text editor, but this is not feasible in this case.

Anyone knows how to achieve this?

Score: 0
AWS CodeStar SNS notification delivers JSON as email body
cn flag

I have created a notification rule in CodeBuild to deliver notifications about build errors by e-mail. Unfortunately, the generated emails are just a plaintext email with the body being a truckload of JSON and not, like e.g. Cloudwatch Alerts, a proper human-readable text. What am I doing wrong?

I created the rule and SNS topic using this Terraform code:

resource "aws_sns_topic" "build-monitoring" {
  ...
Score: 0
Mikkel avatar
AD FS SP forcing custom AuthnRequest
us flag

AD FS Error: Exception details: Microsoft.IdentityServer.Service.Policy.PolicyServer.Engine.UnknownAuthenticationTypePolicyException: MSIS3305: None of the AuthenticationContext class references specified in the SAMLP request is supported by the server.

An SP we are working with have changed their saml authentication request. Now it forces a custom authenticationmethod that AD FS does not know.

 ...

Score: 0
erdemyanik avatar
AD joined Linux machine with different suffix
io flag

I've been struggling for 4 days and according to the information I have stated below, I can't access the linux os (debian) joined in AD to users with different UPN suffixes. What kind of config (sssd smb or krb5) should I make, can you help me?


domain name = TEST.COM
DNS domain name = test.com
NETBIOS = FACTORY
ADDC1 = msdc1.test.com
ADDC2 = msdc2.test.com


users: admin ...

Score: 0
Roman Kuzmin avatar
Can't access Kubernetes service using curl (GKE Autopilot)
br flag

I have created GKE Autopilot private and deployed Prometheus to it. I have Prometheus service in metrics namespace.

The problem is that I can access this service with kubectl port-forwarding command, but I can't access it with following setup:

  1. execute kubectl proxy

  2. execute curl http://localhost:8001/api/v1/namespaces/metrics/services/prometheus:80/proxy

Getting response:

{
  "kind": "Status",
  "a ...
Score: 1
Jakub Kuszneruk avatar
Obtain statistics of CPU and memory usage from one cgroup
fk flag

Context

I have a system in which I have to check periodically usage:

  • relative (percents) for CPU
  • and absolute (GB) for memory.

How it's currently implemented

Language we're using is python.

system-wide psutil

For system-wide stats it's trivial since we can use psutil.cpu_percent() and psutil.virtual_memory().

cgroup (v1)

The problem is that sometimes the script is run inside container, and then w ...

Score: 2
Set SPF to send email using Gmail
co flag

(Disclaimer: I totally suck at being a sysadmin) I am sending email for a domain using Gmail. The domain is partyboatcharters.com.au (I hope I am allowed to put domains here). Gmail is configured to send email as that. Emails sent to sales@partyboatcharters are forwarded straight away to [email protected] by the MX.

The MX is s412.syd5.hostingplatform.net.au (there is only one MX).

I can ...

Score: 0
shorif2000 avatar
nova-compute for compute node in openstack not working No DB access allowed in nova-compute
us flag

I have followed this guide https://docs.openstack.org/neutron/yoga/install/compute-install-ubuntu.html the configuration i have is

$ sudo egrep -v '^#|^$' /etc/nova/nova.conf
[DEFAULT]
log_dir = /var/log/nova
lock_path = /var/lock/nova
state_path = /var/lib/nova
my_ip = 10.0.0.132 
transport_url = rabbit://openstack:openstack@controller1
[api]
auth_strategy = keystone
[api_database]
connection =  ...
Score: -1
Anton A avatar
Error connecting to ftp: Recv failure: Connection reset by peer
cn flag

I'm trying to connect to the server running vsftpd:

$ sudo systemctl status vsftpd
● vsftpd.service - vsftpd FTP server
     Loaded: loaded (/lib/systemd/system/vsftpd.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2022-11-24 10:48:47 UTC; 2s ago
    Process: 6135 ExecStartPre=/bin/mkdir -p /var/run/vsftpd/empty (code=exited, status=0/SUCCESS)
   Main PID: 6136  ...
Score: 0
NdeNoob avatar
Localhost not working with vue.js
id flag

Im new using vue.js, so I just installed vue.cli and I tried localhost:8080 and it worked perfectly showing the vue welcome page. Then, 2 minutes later, localhost is not showing the page anymore (ERR_CONNECTION_REFUSED). I uninstalled vue and installed it again and it happens everytime, it works a few minutes and then it fails. What can be the problem?

Thank you.

Score: 0
HenryM avatar
Do I need more memory?
jp flag

I am running a website from an AWS EC2 instance (potentially multiple via Elastic Beanstalk) which over the last 24 hours shows memory percentage used consistently at 60 percent baseline, climbing to 68% sometimes.

Is this too high and should I be increasing the memory?

I ask because PageSpeed Insights tells me server response time is slow and I am wondering if memory could be part of the issue.

 ...
Score: 0
Lolly avatar
Excel not opening files intermittently
lu flag

We have a strange problem with Excel in the last couple of weeks, where files don't always open & it can take up to 6 attempts. So far it's affected 3 PCs that I know of, all running Windows 11 and excel version 2210 Build 16.0.15726.20188 Click-to-Run 64-bit

We could attempt to open the file once & it will up fine or need to double-click it 6 times, it's very hit and miss and doesn't fo ...

Score: 1
Mohammed Hafiz avatar
How to configure a site-to-site vpn through strongswan
mo flag

I want to configure a site-to-site vpn using strongswan, my partner gaves me a domain encryption ip (kindly tell me what is this), and the parameters for ike and esp. They told me after finish configs I can test the connectivity using telnet.

I do an nmap scan to udp port 500,4500 and got a response of 'open|filtered', I also use the 'ike-scan' tool and receives 0 handshake and 0 notify.

I do some c ...

Score: 1
Ametad avatar
Restore one protected application in GKE Kubernetes cluster in namespace with multiple apps
id flag

In a Kubernetes cluster I have several apps deployed in the same namespace called "default". An app consist of a webserver pod and a database pod.

How to restore one single app in the original cluster from a backup plan from Backup for GKE?

In the cluster I have defined several ProtectedApplication's for the backup agent for it to identify the distinct applications (websites). This definitions looks like: ...

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.