Latest Server related questions

So I was using fargate for some containers that were using http and websockets. For this to work I created a target group for each port and added their respective load balancer listener to each target group. So for example I am using the port 3026 for html and port 5006 for websockets. The only thing that I changed was in the health check port of the websocket target group. I pointed it to the html po ...

According to Ubuntu's CVE-2022-0778 this release should address the CVE. However, when I look at the OpenSSL version I can't really tell that it is 1.1.1n. I do see that it was built on Mar 9 prior to:

• OpenSSL making the source available to the public
• Ubuntu distro managers importing OpenSSL 1.1.1n into their repo (which may just be a public facing repo)

So, how would I know that this is truly 1.1. ...

This is all in an LXC container and I'm logged in as nobody user.

$ whoami
nobody
$ ls /share
ls: cannot open directory '/share': Permission denied
$ ls -lha / | grep share
drwxrws---    9 nobody       4000  183 Mar 21 18:30 share

Now, it appears that the nobody user cannot list a directory it owns.

This /share is mounted from a NAS:

$ mount -l | grep share
a_nas:/share/a_nas/my_storage on /share typ ...

I was upgrading the system specs of a VM I have.
I shutdown the VM, edit, increased the specs and then started it back up.

After doing this, it would just power back off after a moment online. Checking the serial console I see this:

Could not create MokListRT: Volume Full
Could not create MokListXRT: Volume Full
Could not create SbatLevelRT: Volume Full
Something has gone seriously wrong: import_m ...

My clients domain has various 2012R2, 2016 and 2019 Windows Server versions. Two of the four domain controllers are running Windows 2012R2 and the ADMX files haven't been updated in years. The other two domain controllers are Windows 2019 and they have the FSMO roles assigned to them.

I hope to have all 2012 instances retired for good shortly, including the DC's. Since the ADMX files haven't been updat ...

I am trying to convert the "MegaRAID Storage Manager" RPM packages to debian dep packages. I'm using the alien package therefor as explained here:

https://hosting-tutorials.co.uk/tutorials/linux/installing-megaraid-storage-manager-on-debian

This is the package I try to convert: https://docs.broadcom.com/docs-and-downloads/17.05.06.00_MSM_Linux-x64.zip

The package "lib-utils2_1.00-12_all" converts fine ...

My LXC container mounts a NAS on /share.

$ ls -lha /
...
drwxrws---    8 nobody       4000  153 Mar 21 16:22 share
...

Since I cannot login as nobody user, I tried to make myself a member of the 4000 group. But that does not work since 4000 is not a group (?):

$ usermod -a -G 4000 root
usermod: group '4000' does not exist

What is this group 4000? How can I work around accessing my NAS?

I have a Solaris 11.3 ldom and I'm trying to setup anonymous ftp user on the server. I followed the Oracle documentation (https://docs.oracle.com/cd/E53394_01/html/E54791/wuftp-193.html) and this other one (https://www.ibiblio.org/pub/packages/solaris/sparc/html/proftpd.1.2.0.p10.html) but the anonymous ftp didnt work. Thought i could connect with other users. Ive removed ftp user from list of deni ...

I installed with success MariaDB 10.4 in our ubuntu 18.04.

Root user created with success and another local user for controlling only one database.

Although I notice that with command in ssh:

service mysql status

Mar 21 17:49:11 fresco systemd[1]: Started MariaDB 10.4.24 database server.
Mar 21 17:49:11 fresco /etc/mysql/debian-start[10798]: Upgrading MySQL tables if necessary.
Mar 21 17:49:11 fresco my ...

I have set a Fine Grained Password Policy with maximum password age of 180 days along with other settings that are similar to existing password policies.

I set the precedence number to a lower number and It is applied to a security group. The results of running the powershell command still shows password expiration that matches the default domain policy password rules.

PS C:\Windows\system32> Get-A ...

I am using Bind 9.16 free BSD and trying to transfer zone data from the Microsoft DNS server but from the bind server I have the following logs,

{ transfer of 'xxxxx.xxx.xx/IN' from xx.xx.xx.xx#53: Transfer completed: 20 messages, 9091 records, 327278 bytes, 0.018 secs (18182111 bytes/sec) (serial 241231382)21/03/2022 14:21:15

transfer of 'xxxxx.xxx.xx/IN' from xx.xx.xx.xx#53: Transfer status: inval ...

I have a network with a number of VMs hosting applications mainly for internal use, but they are also exposed to the internet via Traefik. Because there is a chance one of them will be hacked eventually, it looks like a good idea to block direct outbound connections for VMs. But, I want to be able to run updates, so I need a way to allow outbound connections for updates. My current idea is to install a  ...