Latest Server related questions

I have CentOS 6 & 7 server and am creating 512 MB logical volumes:

CentOS 7:

sudo lvcreate -v -n lvname -L 512M rootvg && sudo mkfs.xfs -L "lvname" /dev/mapper/rootvg-lvnamee

CentOS 6:

sudo lvcreate -v -n lvname -L 512M rootvg && sudo mkfs.ext4 -L "lvname" /dev/mapper/rootvg-lvname

Now the commands work fine, but when I issue df -h /fs-name, on CentOS 7, I get Size=509M and on Cent ...

I have 4 2012 windows servers. 3 of which I cannot access the shared folders on. I get an error that says that I don't have permissions. I have verified that the share permissions has "everyone" with "full access" the folder permissions are the same across all servers yet I still cannot dive the share from my local laptop. If I remote into another server, I can dive the share that I cannot get into from ...

Is there a linux server utility that can list the network ports and protocols that have been active over a given period of time?

For example, I'd like to know which ports and protocols were active at least once last week. The answer would be something like: TCP/80, TCP/443, UDP/5678...

I have a directory /some/dir containing millions of files and directories. I need to remove the X-bit for all file, but not from the directories.

The following works:

find /some/dir -type f -chmod -x {} \;

But I believe it spawns a "chmod" process for each file. That may explain why it runs for a long time.

Is there a way to do this in a more efficient manner?

I only really need help understand the following image, but I will give the background for context.

We have an app that is configured to use a proxy on port 8080 and requires Internet access. At random times throughout the day, the app fails to connect and just dies. We are trying to figure out the cause. We have ruled out FW and proxy URL rules (it's always hitting the same URL when it works and ...

As far as I can see connection over SSL/TLS is always available with Cloud SQL. If I enforce it, it becomes required. But the maximum level of protection I was able reach is verify-ca from the perspective of both the client and the server. That is:

• the server won't make sure (auth-options) the common name in the client certificate matches the user I'm trying to connect as (any common name can be used) ...

I have numbers of Ocserv servers and connected to a FreeRADIUS server for authentication. I have configured directive bellow in Ocserv of each server to don't let a user connect more than 2 times. max-same-clients = 2 but it works in server itself and a user can connect 2 times to each server. I want my clients to connect only 2 times and if a user is active 2 times in server 1, there will be no mor ...

Im installing SQL reporting services. After installation, the databases was created correctly and have the user permissions assigned. A login domain\reportaccount is also created. The problem is when i try to connect from visual studio, i want use the same account, but when i try it a have problems with different kind of authentication:

Windows authetication, no account selected > its OK, its usi ...

I have a domain that is something like mydomain.com and I want to manage the DNS for it myself using my own DNS servers (on a completely different domain - EDIT): ns1.myowndns.com, ns2.myowndns.com, etc... When I try to update the nameserver records with my registrar it rejects these domains. It seems that the .com TLD registrar (and possibly all TLDs?) only accept "well known" DNS servers, possib ...

I was able to follow this guide and run VPN on my Ubuntu 22.04, but was unable to persist my VPN configuration with

-v openvpn_conf:/opt/Dockovpn_data

Where should this /opt/Dockovpn_data folder appear? At least there is no this folder on the host machine.

/opt folder on the host contains the following:

me@localhost:/opt$ cd /
me@localhost:/$ ll opt
total 12
drwxr-xr-x  3 root root 4096 Apr 13 15:46 ...

I have an OpenStack-kolla environment with the Ceph backend. I've configured my cinder backend with NFS. I can create a Backup with Cinder from all instances and store them on NFS. In this case, I don't want to change the Cinder backend to the Ceph but I wonder if there is a way to have access to all Instance volumes on the Ceph like a file and then extract/Download those files from ceph. what exactly I ...

I have a video-based website. It gets slow when about 1k concurrent users watch/download a video.

I'm trying to debug it to see what resource is weak to increase it. I executed htop command to see resource usage, but the server is over 50% free for both CPU and RAM when the page loading is too much slow (in that case, a simple webpage takes over 40sec to be loaded)

That's why I thought probably i ...

Has anyone experienced an issue where when the slow log is enabled with the following options:

root@(none)> show global variables like "%slow_query%";
+-----------------------------------+-------------------------------+
| Variable_name                     | Value                         |
+-----------------------------------+-------------------------------+
| slow_query_log                    | ...

Dockerfile of nginx container

FROM nginx:latest

# Remove sym links from nginx image
RUN rm /var/log/nginx/access.log
RUN rm /var/log/nginx/error.log

RUN apt-get update && apt-get install -y logrotate && rm -rf /var/lib/apt/lists/*

COPY nginx.conf /etc/nginx/nginx.conf
# COPY conf.d /etc/nginx/conf.d
# COPY cert/ /etc/nginx/certs
COPY data /data
COPY --chown=root:root nginx /etc/logr ...

I have been successfully using the method described here: Maintained by a Single User and it has been working well for me. This is my script for all my websites:

sudo chown -R WebAdmin /var/www/example.com/
sudo chgrp -R www-data /var/www/example.com/
sudo chmod -R 750 /var/www/example.com/
sudo chmod g+s /var/www/example.com/
sudo chown www-data:www-data /var/www/example.com/Uploads/
sudo chmod - ...

linux mint. uname -r yields 5.15.0-56. dpkg-query -l bash yields 5.1.6ubuntu1.
My script shows this problematic output when bash -x script invoked:

attrib =' '\''{type nat hook prerouting  priority mangle+10;}'\'' '

But from the commandline:

sudo nft create chain inet firewalld mangle_PREROUTING '{ type nat hook prerouting priority mangle + 10 ;}'

It works fine.
This script replicates the fedora nft  ...

I have set up a Postfix Dovecot email server on my Vultr. And I'm getting following message from Google:

   gmail-smtp-in.l.google.com said: 550-5.7.1
     Our system has detected that
    550-5.7.1 this message does not meet IPv6 sending guidelines regarding PTR
    550-5.7.1 records and authentication. Please review 550-5.7.1
https://support.google.com/mail/?p=IPv6AuthError for more information 5 ...

I'm using an HTTP meta-refresh to execute a script multiple times.

After 100 refreshes, the browser stalls.

According to devtools, the browser doesn't even complete an initial connection to the server.

After this point I can't load any other pages from my website.

At first I thought this was a server side issue, however, if I switch to another browser, on the same device, I'm again able to access my websi ...

I use a MariaDB to store users for Dovecot 2.2.10. The Dovecot keeps giving "Disconnected unexpectedly" errors, and I can't find a reason. Is there anything I could look at?

Mail logs

Aug 29 22:46:15 xxxx postfix/qmgr[3467]: 544A8BB01: from=<>, size=4034, nrcpt=1 (queue active)
Aug 29 22:46:15 xxxx postfix/qmgr[3467]: 65FF1B94D: from=<<myemailaccont>@gmail.com>, size=2769, nrcpt=1  ...

When trying to connect to plane WiFi, I was unable to resolve the captive portal. When looking at my network settings, I saw that at sometime I had my DNS set to override as 8.8.8.8. (I vaguely recall doing this on some wifi connection with unreliable DNS.) NSLookup confirms that 8.8.8.8 is being used, and Get-DnsClientServerAddresses lists 8.8.8.8 as the ServerAddress for Wi-Fi.

Unfortunately, I can't  ...

Supermicro TwinPro chassis with dual SYS-1029TP-DC1R server modules, each with Supermicro X11DPT-PS motherboard and Avago 3108 RAID card.

OS: VMware ESXi 6.7.

Problem: can't figure out how rebuild an existing RAID5 array after a "failed" drive was replaced. (Not really failed; rather, it's an attempt to replace spinning disks with SSDs one-by-one, rebuilding the RAID group every time - as opposed to ...

I have the following virtual hosts:

<VirtualHost *:443>
  ServerName article.example.com
  AliasMatch "^/(.*)" "/var/www/html/article.php"
 </VirtualHost>
 <VirtualHost *:443>
  ServerName company.example.com
  AliasMatch "^/(.*)" "/var/www/html/company.php"
 </VirtualHost>

I would like to put everything under one virtual host like so:

 <VirtualHost *:443>
  ServerNa ...

The following logic in .bash_aliases to remove duplicate paths works fine when opening a new terminal:

# prune duplicate paths
PATHS=("PATH" "LD_LIBRARY_PATH" "C_INCLUDE_PATH")
for P in "${PATHS[@]}"; do
    source $HOME/bin/prune_paths $P
done

~/bin/prunepaths

#!/bin/bash

path_name=$1
curr_paths=${!path_name}

# split paths string into an array of paths
IFS=':' read -ra path_array <<< "$cu ...

I inherited an application and AWS infrastructure using a wildcard certificate on Amplify. We're moving away from Amplify and I want to move the certificate to CloudFront, but I can't seem to find the certificate anywhere outside of Amplify. It's not in ACM.

I checked all regions and only one cert in ACM and it's not that one (the one there is for a specific domain, not wildcard).

I assume I'm missi ...

I am using the mysql 8 image in a docker compose file. Periodically I discover that the mysql user I set up for a database no longer has privileges on that database. The user still exists and has GRANT USAGE on *.* but all the database specific privileges are gone. I use this same user on multiple databases in this container. Is there something about my configuration that's causing mysql to lose that ...

I have created a few VMs with encrypted filesystems + dropbear-initramfs (https://packages.debian.org/bullseye/dropbear-initramfs) with a procedure similar to How to unlock LUKS using Dropbear SSH keys remotely in Linux.

At first it works, unlocking over SSH works and all is fine.

However after a few reboots and a few days later following error starts pops up several dozen times, unlocking is no longe ...

I configured NFS over WAN(Internet) on VPS. VPS in Moscow, me near, The ping over Internet is about 5ms

And mount work well(both on two clients, with CentOS and Ubunutu) But showmount doesn't work on Ubunutu. On Centos showmount work and because of this a can use easy mount with autofs comman cd /net/ip/folder

On ubuntu showmount doesn't work, it show rpc mount export: RPC: Timed out

And I notice ...

I don't have much experience in linux tools for infrastructure and authentication with Active Directory.

I'm trying to set up authentication via AD on Ubuntu 22.04. The structure we use is as follows:

• we have a local AD with windows server 2019, I will nickname it DOMAIN1;
• an AD in another geographic location that we connect via VPN, I don't know which version of Windows, I'll call it DOMAIN2.

There  ...

I have a minimum example of my problem, which is trying to install a crontab that looks like this:

FOO="foo\"bar\"bin"

0 0 1 * * ls

by running crontab crontab (I have it in a file name crontab). It fails with this error:

% crontab crontab
"crontab":0: bad minute
crontab: errors in crontab file, can't install

It's the escaped quote, \", causing the problem.

How do I escape quotes in crontab's environmen ...

I'm using vsftpd, and I can't seem to get the behaviour I want through vsftpd.conf. What if you want /folder to be the change root folder to disallow users from going one folder up, but the starting directory for all sessions to be /folder/$USER??

#vsftpd.conf
user_sub_token=$USER
local_root=/folder
#user_config_dir=/etc/vsftpd/users
passwd_chroot_enable=YES
#hide everything
hide_file={.*}

If I use pa ...