Latest Server related questions

I have large slowlogfiles generated by percona 5.7 packed by zstd. Its for test, logging all queries, query time is set to 0s

I need it process quickly than in 12 hrs :) The pt-query-digest is probably only singlethread app in default setting and in man i cant see any parallelization.

The command is

zstdcat *.zst | pt-query-digest [some options] > out_slow.log

Is there any tool that do this tas ...

Our apache error log is littered with messages saying client denied by server configuration, even though the htaccess configuration is working as intended.

Here is the relevant bit of the htaccess:

SetEnvIfExpr "req_novary('User-Agent') =~ /.*WHATEVER.*/" WHATEVER=1

<RequireAll>
    # Only allow access for these hosts
    Require expr "%{HTTP_HOST} =~ /((host1|host2|host3)\.com)/"

    # Den ...

I'm having issues performing a 301 redirection of URLs that contain capitals to lowercase, excluding static files (PDF/CSS/JS/JPEG/JPG/PNG/WEBP...etc). For example:

https://www.example.com/Page/ would become
https://www.example.com/page/

but https://www.example.com/Clear_IMAGE.png would not be changed.

In my VirtualHost conf file:

RewriteMap lc int:tolower 

In my .htaccess:

RewriteRule ^/(.*)$ /${lc ...

00:1f.4 SMBus [0c05]: Intel Corporation Comet Lake PCH-V SMBus Host Controller [8086:a3a3]
    DeviceName: Onboard - Other
    Subsystem: Micro-Star International Co., Ltd. [MSI] Comet Lake PCH-V SMBus Host Controller [1462:7c82]
    Kernel driver in use: i801_smbus
    Kernel modules: i2c_i801
01:00.0 VGA compatible controller [0300]: NVIDIA Corporation GP104 [GeForce GTX 1080] [10de:1b80] (rev a1)
    S ...

so I know that a /64 IPv6 range has 18,446,744,073,709,551,616 addresses, but I was told a majority of these IPs can only be use for local ips on LAN.

How many useable public ipv6 ip addresses are there in a /64? Thank you.

The following errors occur every time I run the pipeline

│ Error: error updating EKS Cluster (business-staging) version: InvalidParameterException: Unsupported Kubernetes minor version update from 1.19 to 1.18
│ {
│   RespMetadata: {
│     StatusCode: 400,
│     RequestID: "d3203e19-5691-48eb-9442-05435331c8a4"
│   },
│   ClusterName: "business-staging",
│   Message_: "Unsupported K ...

Sometimes when I try cqlsh command on my Ubuntu 22.04 machine I get the following error:

Connection error: (Unable to connect to any servers, {127.0.0.1:9042: ConnectionRefusedError(111, Tried connecting to [(127.0.0.1, 9042)]. Last error: Connection refused)})

And stopping or restarting Cassandra service won't help at all. This happens with no obvious reason, I mean I may exit the cqlsh and put  ...

I want to be able to give my admin users the permission to create policies in IAM, but I want to make sure that they aren't able to create a policy that affects a specific resource.

To be more specific, these admin users are currently in a user group with a policy that gives them full S3 access except for a specific S3 bucket (in this case, it's a bucket that contains CloudTrail logs). They are al ...

So we've been using this PS script for a while and was working fine until we migrated the domain controllers. The new domain controllers are running core Microsoft Windows Server 2019 Datacenter. We have 2 domain controllers and both are enabled in Task Scheduler. But for some reason the script is working intermittently. Sometimes it sends out the alerts other times it doesn't. And I can't figure out wh ...

So I already have glusterfs volume and it is working fine (I guess).

Now I am creating a new high-value prod setup and was starting to wonder - what is the "right" layout of nodes and bricks and/or replica count? I have about 9 nodes to spare. I was wondering how to use them to create a layout, that can sustain the fallout of two nodes/bricks. Namely, two of the nodes are actually VMs that are on ...

I have Samba server installed on a CentOS 9 Stream machine and I am trying to share an external USB HDD, formatted in NTFS. This is my /etc/fstab record for mounting it:

UUID=880AFE920AAB7B8E /home/smbusr/archive-hdd ntfs-3g defaults,user,uid=1001,gid=1001,umask=022 0 0

The user smbusr have a directory in /home and there is also a samba user existing with the same name, created with smbpasswd -a  ...

I moved our website to an updates IIS on a new server. Is there anything I need ask our network people or server people to do?

I am have two issue that may be related. When disabling Anonymous Authentication, all user get asked to log in. When enabling it SOME users get asked to log in. In both case windows authentication is enabled.

The other issue is when clicking a link to a file on a file server ...

So, i have a postfix mail server set up, and when i run the following command:

telnet smtp.gmail.com 25
------------------------------------
Trying 142.250.147.108...
Trying 2a00:1450:4025:c01::6d...
telnet: Unable to connect to remote host: Network is unreachable

But when i try to send an email:

root@vps:~# mail -a FROM:[email protected] *my address*@gmail.com
Cc: mail
Subject: test
test

Then the l ...

I modified some geolocation DNS records a while back (December) on AWS Route 53. But I'm now seeing some unexpected traffic changes on the service.

The service traffic can be tracked easily with regular EC2 monitoring.

But I can't recall exactly "what day" I made the DNS changes. I'd want to see if the spike in traffic is correlated to the time I made the DNS change.

Is there an audit log of my own hos ...

The situation:

• debian 11 with LVM and / is a logical volume: /dev/mainvg/lv-root
• created a snapshot of the root partition by doing lvcreate -L5G -n bkp_lvroot -s /dev/mainvg/lvroot

Now I updated the system with apt, a new kernel was installed, but grub-probe failed. Output:

[...]
Setting up linux-image-5.10.0-21-amd64 (5.10.162-1) ...
I: /vmlinuz.old is now a symlink to boot/vmlinuz-5.10.0-20-amd64
 ...

i have been digging around every corner of the internet and spoken to both vmware (who only spoke enough to tell me they can't talk to me) and dell, but i can't find the answer to a simple question: do i need a vCenter Server License to use Nvidia GRID vGPU?

vSphere Enterprise Plus is required to run Nvidia GRID. that's fine. i have created a setup with an evaluation license and everything is run ...

How can I block a packet on specific IP:port on UDP that is containing for instance 'ff ff ff ff'?

I have ddos attacks that contain those packets, it's a source-query but we are not using source query for it.

I have a default installation of openbsd, with portmap, mountd, nfsd services started by via rcctl. I have following entry in /etc/exports

/nfs/testdir -alldirs  -maproot=root -network=192.168.0 -mask=255.255.255.0

I am able to mount the exported share on client as follows:

sudo mount -t nfs -o rw,noauto -v 192.168.0.122:/nfs/testdir mntpt3

From the client, I can read the contents.But writing inside ...

is there anyway that I can block all UDP connections on specific host:port and allow whitelisting based on ping? Ex. I'm trying to connect first time to UDP socket, and it will first ping the IP and than add my IP to whitelist. If no response, DROP it. Is that even possible?

as simple user, first I pass root with command :

su

I am now root on Debian 10 buster.

When I hit ufw status, I have 'command not found'. But it works with sudo ufw status

When I use su -, the command is ok.

Can someone explain me this problem / this difference between su and su - and why the command is not found even if I am root in the first case ?

I've got multiple domains hosted on a single Linode instance. As a result of some routine anti-spam checking the wonderful mxtoolbox (no affiliation) reports this:

DMARC External Validation   External Domains in your DMARC are not giving permission for your reports to be sent to them.

The domain in question publishes this TXT record:

_dmarc  "v=DMARC1; p=reject; rua=mailto:[email protected] ...

We suddenly, as of last week, are experiencing problems resolving a FQDN (syrex.quosalsell.com) in our corporate network. The Windows servers last had updates installed on them after patch Tuesday in January so no changes there.

Looks to me that Azure is doing something wrong, as another near identical domain hosted elsewhere works perfectly. I however can't figure out what they are doing wrong.

We  ...

Please do advise if I am posting in the wrong place, I have not found this the easiest site to navigate (or maybe it is me...).

I have been tasked with auditing and fixing our privileged accounts after a Microsoft CSAT scan. I have inherited an absolutely shocking number of accounts that are 'affective domain administrators' - 293!

It seems the previous attitude has been security anethema - giive se ...

Trying to do this:

iptables -A INPUT -s (some-ip-address) -j DROP

But the ip address still connects to a application running in a docker service. I suspect this is because docker bypasses the firewall.

How can I block the IP address?

Edit, clarification:

I have docker running on a server. I have a PC that connects to one of the services running on the server. The PC needs to be blocked from connecting.

I have a node alpine docker container (hosted on Azure) which periodically reaches 100% CPU usage. However, running the top or htop command shows no threads having high CPU usage.

How do I find out what the cause is? It seams like the node process isn't causing the high CPU usage. I also ran the node profiler and the cpu profile from the times when CPU is 100% has no obvious change to a regular profi ...

imagine you create a cgroup that isolates n logical cores from the general Linux scheduler. then one at a time, you create and run m processes that together comprise n threads. so # of process threads == # of logical cores.

i'm trying to decide whether it's worth writing my own process/thread -> logical core scheduler in my container runtime which pins each thread to a specific logical core, e ...

After, configuring my WSUS to use SSL it either says connection error or reverts back to http. I have a week working on this and I implemented anything that might be the probable solution.

This is the first error I get:

"WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException:  ...

I have been trying to install openstack on centos7 but while building it gives error as "CantStartEngineError: No sql_connection parameter is established". The command I am using to build is "packastack --allinone"

I have this setup, which is basically a linux server with one physical interface connected to another device. On this physical interface there is 2 VLANs, 100 and 200. In VLAN100 there is an IP address x.x.x.0/31 configured and enslaved into VRF "TEST". In VLAN200 there is an IP address x.x.x.1/31 configured without any master VRF.

The other device would basically, like a physical cross-connect,  ...

We have a Windows Storage Server 2016 having some volumes with Storage Deduplication enabled.

Its OS crashed so we had to re-install the OS (couldn't restore from backup).

There are some files which seem to be deduplicated before reinstall. When we open folders in such volumes, we are able to browse the contents of Folder (files show up correctly). But we're unable to read the content of files (unab ...