Latest Server related questions

I have a postfix + dovecot + spamassassin setup which works great, but I would like to bypass all outgoing messages (sasl authenticated) from spam filtering. I must do something wrong, because I already implemented permit_sasl_authenticated in my main.cf but looks like it does not work.

My main.cf relevant part:

# SASL Auth for SMTP relaying
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_s ...

We use a dual network card server with bond in 802.3ad mode. The outgoing bandwidth on both network cards is balanced, but the incoming bandwidth is concentrated on one network card. This issue is resolved by modifying the kernel code to make it broadcast the ETH_P_ARP package in __bond_start_xmit function.

So I have questions about how the ARP protocol works in bond mode and why it affects the dis ...

I have an Linux Debain 10 server running an web project. The project (parent) folder is as follows:

ls -la:

drwxrwxr--+   7 some_user some_group       4096 Jul 21 11:01 .

getfacl:

# file: .
# owner: some_user
# group: some_group
user::rwx
user:some_user:rwx
group::rwx
group:www-data:rwx
group:some_group:rwx
mask::rwx
other::r--
default:user::rwx
default:user:some_user:rwx
default:group::rwx
default: ...

In the journal of my Debian 12 kernel linux-image-6.1.0-10-amd64 version 6.1.37-1 I discovered the following lines:

…
… hostname systemd[1]: Starting systemd-journald.service - Journal Service …
… hostname kernel: device-mapper: core: CONFIG_IMA_DISABLE_HTABLE is disabled. Duplicate IMA measurements will not be recorded in the IMA log.

The last line is yellow, i.e., a warning. The machine exh ...

Deploying new Windows Server 2022 VM. Our application - classic ISAPI with no managed code - writes events to the Application Event Log to track progress of certain processes, for debugging and troubleshooting purposes.

Application Event log is showing appropriate entries for a given time, but the event log text is always "The system cannot find the file specified". Although the application write ...

I'm trying to setup a squid proxy that will accept multiple inbound connections on one IPv4 across a range of ports, and for each port connection to connect out on a unique IPv6 address.

I can actually connect to proxy but when I check my IP on a browser it says the IPv4 address of the server.

Please help me to understand the issue

There is my squid.conf (ubuntu 22)

access_log none
cache_store_log ...

I need to manage a federation of clusters (KubeFed), so I was wondering if it's possible to deploy Lens Dashboard within the cluster? Otherwise is there any alternative dashboad with multi cluster support within cluster?

hi friends hope everyone is doing well.

i got a little misunderstanding of how i should configure iptables v4 rules for an openvpn server.

if some wizard can give me a hint it would be great.

i'm pretty sure this conf is full of mess and i can clean up and get working.

the openvpn is a server behind a pfsense (connected to other pfsense via ipsec)

there are 5 subnet :

10.17.1.0/24
10.17.3.0/24
192.168.0 ...

There's an OpenVPN server running in a VirtualBox virtual machine with NAT networking. The VM is running on a physical host, and that host is attached to a LAN. I would like to make the VM's host's LAN (192.168.0.0/24) available over the VPN. The VPN network is 10.8.0.0/24.

Here's what I've done:

• I've configured OpenVPN and clients can connect to it without problems;
• in the VPN server config, I'm p ...

I am adding smart card login to our domain and have got almost everything working properly except that when I revoke the certificate on our Enterprise CA I can still log into computers. I have checked that I can download the CRL using the link in the certificate and see that the cert SN is in the revocation list. I cleared the local CRL cache (using certutil -urlcache crl delete) on the client machine,  ...

I am trying to achieve the following:

All searches at https://example.com/a/* will display file article.php.

For example (links to articles):

https://example.com/a/new-robot-eats-banana 
https://example.com/a/best-shoes-for-mud
https://example.com/a/its-about-time-we-move-to-mars

Will use article.php

echo basename($_SERVER['PHP_SELF']);

Example:

https://example.com/a/new-robot-eats-banana

new-robot-ea ...

I have exported a WordPress XML file which contain all pages, posts, WooCommerce products, orders etc. File size is 100MB. Now I am trying to import it on another machine but getting error. It even shows that allowed file size is 200MB. This is a 1GB RAM, 1 Core VPS.

But I am getting following error:

[error] 3811#3811: *10 FastCGI sent in stderr: "PHP message: PHP Fatal error: Allowed memory s ...

I'm running a container with Caddy. My website is properly working. I can access it.

The problem is that whenever I visit any page on my website - I can see apache2 that takes a lot of CPU (in top). Can I safely stop & delete apache service since I'm already running Caddy in docker?

I was trying to run:

sudo service apache2 stop

But it says that

Failed to stop apache2.service: Unit apache2.se ...

I understand this might be a very basic question, but I would like to know the answer to this question before accidentally losing all the data on the NAS due to multiple drive failures with the first going unnoticed because the pool is technically still up albeit degraded.

Does the value of this SNMP OID:

.1.3.6.1.4.1.50536.1.1.1.1.7.2

change whenever a disk fails? Currently the devices I'm using  ...

i have a three node galera cluster. one of the nodes (its a passive not active used node) died and mysql is not able to start again on this host:

InnoDB: We intentionally generate a memory trap.
InnoDB: Submit a detailed bug report to http://bugs.mysql.com.
InnoDB: If you get repeated assertion failures or crashes, even
InnoDB: immediately after the mysqld startup, there may be
InnoDB: corruption i ...

I face a problem for adding a DNS record to a sub sub domain ("x.y.example.com").

To explain the architecture further :

• "example.com" is my commercial website. NS records are set from my provider
• "y.example.com" is used by a thrid party emailing to manage my email campaigns. it have a A record to thier server and use custom NS records to thier name server.
• "x.y.example.com" is used to track link  ...

I have an ansible structure that contains some roles.

/usr/local/ansible
    playbooks
        roles
            role1
            role2
                tasks
                handlers
                files
                templates
                    my_template.yml
                vars
                    main.yml
    group_vars
        role2.yml

Usually, when running this from the ansible server, t ...

I currently faced issue after renewing Puppet certificate. I did a clean backup of client SSL folder and did a puppet agent ‑t.

Can anyone help me?

This is the code.

[root@pupcltlp0001 AEST /etc/puppetlabs/puppet]# puppet agent -t
Info: Creating a new SSL key for pupcltlp0001.dt.network
Info: csr_attributes file loading from /etc/puppetlabs/puppet/csr_attributes.yaml
Info: Creating a new SSL certi ...

I have a 50 TB BTRFS filesystem on a hardware RAID array in an HPC cluster I manage. Users have filled up this partition to 100% and complained about I/O errors while reading old files. The filesystem went read-only.

I unmounted the partition. It took a while to unmount and it finished with "segmentation fault". Then I tried to mount it back and it is already taking 20h with no sign of progress.

In the ...

I have a Ubuntu Server setup with LAMP at DO (Digitalocean, VPS - self managed via shell) running mainly Wordpess (php).

Now which ways do you recommend to detect outcalls/outreaches of scripts/plugins to external websites (like auto-update, crons, timed scripts, vulnerabilities reaching out)?

Also is there anything to check equally for outgoing "Php mail" or "smtp reaches"?

Thanks for any hint ...:) ...

I have a service (NameOfService.exe) that frequently shuts down on its own. I haven't yet figured out why it keeps stopping. I want to trigger an alert for when it does shutdown. I assume that this can be done via the Recovery Options. I also want to use the Recovery Options to attempt and automatic restart of the service. However, these options are grayed out and I am unable to configure them. I am log ...

Currently I have a 4TB pool with two striped drives:

# zpool status
  pool: lxd
 state: ONLINE
status: Some supported features are not enabled on the pool. The pool can
        still be used, but some features are unavailable.
action: Enable all features using 'zpool upgrade'. Once this is done,
        the pool may no longer be accessible by software that does not support
        the features. See ...

RockyLinux 9. On reboot Apache fails to start with the message

Jul 21 10:53:13 cl httpd[877]: (99)Cannot assign requested address: AH00072: make_sock: could not bind to address 1.2.3.4:80
Jul 21 10:53:13 cl httpd[877]: no listening sockets available, shutting down
Jul 21 10:53:13 cl httpd[877]: AH00015: Unable to open logs
Jul 21 10:53:13 cl systemd[1]: httpd.service: Main process exited, code=exit ...

I have deployed an instance of a RDS PostgreSQL database with MultiAZ enabled, using CloudFormation. When I try to remove MultiAZ I get the following error from CloudFormation:

CloudFormation cannot update a stack when a custom-named resource requires replacing. Rename and update the stack again.

The only parameters I changed in the resource template are MultiAZ (set from true to false) and Avail ...

I've two OVS bridges which they are connected to the 3rd v-switch using patch(es).

    Bridge br1
        Port br1
            Interface br1
                type: internal
        Port br1-ext
            Interface br1-ext
                type: patch
                options: {peer=ext-br1}
        Port veth573b5f8a
            Interface veth573b5f8a
    Bridge br2
        Port br2
            Inter ...

I'm trying to create a virtual machine on Google Cloud using the following command:

gcloud compute instances create my-server-1 \
    --zone=europe-west3-b \
    --machine-type=n1-standard-16 \
    --accelerator type=nvidia-tesla-t4-vws,count=1 \
    --maintenance-policy="TERMINATE" \
    --image-project=windows-cloud \
    --image-family=windows-2019 \
    --boot-disk-size=200 \
    --network=defa ...

I have a Alma Linux 9 host with two IP addresses.

I want assign one IP to the host (This is already done) and the second one to a Ubuntu VM.

What's the best way to do this? I've set up the VM through Cockpit, and it got an internal IP address.

I tried this to add Masquerading so the traffic for the ports I need is forwarded:

sudo firewall-cmd --permanent --new-policy VMForwardPolicy
sudo firewall- ...

Assume we face x requests per seconds, where x is magic number of requests which single load balancer cannot handle.

So we have to use multiple load balancers to handle all requests, yes? But how? I need to load balance the load balancers farm? Poor idea, at the end it also occurs that single load balancer must handle all requests.

So how to use multiple load balancers to handle enormous number of reque ...

I have the following errors when trying to send emails to gmail addresses via my terminal:

sudo tail /var/log/mail.log
Jul 19 13:19:44 ubuntu-4gb-fsn1-1 postfix/cleanup[5780]: B4B8C5F4A3: message-id=<20230719131944.B4B8C5F4A3@ubuntu-4gb-fsn1-1>
Jul 19 13:19:44 ubuntu-4gb-fsn1-1 postfix/qmgr[4961]: B4B8C5F4A3: from=<[email protected]>, size=269, nrcpt=2 (queue active)
Jul 19 13:19:45 ubuntu- ...

My first question in ServerFault heya :)

In our domain manage all server and client machines with Microsoft Active Directory. We have 13 Vm Server. Domain\administrator user is Domain admin. I use it in domain everywhere (IIS web services, Remote Logins, Task Schedule, Veeam Backups etc.) without any permission issue.

Today i config a policy under DC and assign it to Servers OU which all servers in ...