Questions tagged as ['debian']

Debian is a popular and influential GNU/Linux distribution. Questions here should generally be about Debian Server.
Score: 0
Ror avatar
Monit restart service output
om flag

I used to restart my services via init.d scripts on my debian servers. I moved to Monit to restart the services but now I don't have the output of the script when restarted. Basically, when the service is restarted, the init script returns :

Service stopping... 
Service stopped. 
Service starting... 
Service started.

I'd like to see this output when I restart with Monit (especially because I have mult ...

Score: 0
One interface take all the IP addresses and the other one use none
cn flag

I built my first custom kernel and have a few problem with it (see this other post).

I configured with /etc/network/interfaces one ip address on each physical interface of the computer. The commande ip a show the IP addresses on each interfaces.

debian@debian:~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd ...
Score: 0
OttoEisen avatar
Debian 11 security updates: deb or security, which to choose?
br flag

I'm in the process of upgrading my first system to Debian 11 / Bullseye following Debian's 41-point-plan. The sources.list entry for security updates has changed and according to the documentation it should point to the server On Debian 10 and a fresh install of Bullseye it points to These are actually different servers, with deb returning a single IP and securi ...

Score: 0
OttoEisen avatar
NAT64 on Debian
br flag

Update 2: I wrote a quick&dirty tutorial for Jool on Debian 11, since their website is very thorough, but also slightly confusing and the examples too complex for most cases.

I'm looking to go IPv6 native and need a NAT64 implementation on my Debian routers. Is tayga still the way to go, as it's in the user space and all? Is there no kernel equivalent to "iptables ... -j MASQ" for NAT64?

Also with t ...

Score: 0
handygaber avatar
Connecting though WireGuard to VPN connected server
cn flag

I'm trying to connect to a VPN connected server, right now it only accepts LAN connections but not from outside the network.

My ultimate goal is that the server is always connected to PIA VPN (WireGuard protocol) and I'll be able to connect to this server via WireGuard hosted on this server. I know I'll need to do some routing but I don't know where to start.


It's a Debian 10.10 server LAN inte ...

Score: 1
apt-get throwing warning: "W: --force-yes is deprecated, use one of the options starting with --allow instead"
pk flag

I'm running on Ubuntu 20.04 on Circle CI "machine" executor. Today I see that:

sudo apt-get install -y pkg1 pkg2

is throwing this warning:

W: --force-yes is deprecated, use one of the options starting with --allow instead

I'm not using "--force-yes". Where is this coming from? Even

sudo apt-get update

throws the same warning.

Score: 0
OttoEisen avatar
Lightweight HTTPS reverse proxy
br flag

I have a need similar to this member: Single public IP, multiple HTTPS backends, Certs should stay on the backend servers. The answers to the post list NGINX, haproxy and sniproxy als possible solutions.

My public IP lives on a Debian server with really tight resources (1 vCPU, 512MB RAM), so that's an issue. Which of the listed solutions needs the least resources? Or are there other alternatives? TIA!

Score: 0
user3726755 avatar
Debian 10 guest freezing on ESXi 6.5
vn flag

I have an ESXi 6.5.

Windows and CentOS guests are running fine but my 3 Debian guests freeze after a moment (4 days to 1 week).

Nothing responding, i need to reboot the guest. The logs files of the guest show no error.

I don't know where to look for and what to do. An idea ?


Score: 0
Why does booting in debian freeze at /dev/sda1: clean
cn flag

I need a new debian kernel to activate a module available only on version 5.13 and more. So I found a tutorial to configure, build and install it.

After rebooting the computer and selecting through grub the new kernel, the computer get stuck at /dev/sda1: clean. Booting on the new kernel in recovery mode don't avoid the problem.

I can ping and ssh into the computer when the main terminal is froze ...

Score: 0
How do I set up Fail2Ban on an Amazon Lightsail Debian instance, when it has its own firewall?
it flag

This is a very basic question, but all the answers I can find either relate to WordPress installs or Bitnami installs. I have a plain Debian instance running Nginx.

I would like to set up Fail2Ban. The problem is that Lightsail seems to have its own firewall, configurable via the console. It isn't clear to me how Fail2Ban would work with such a firewall, and I don't want to potentially screw up  ...

Score: 1
Bil5 avatar
Showing message to the user during a Debian unattended preseeded installation
tr flag

During the late_command step of an unattended installation, I'm running a shell script :

d-i preseed/late_command string in-target /bin/sh -c './'

When the late_command step is reached, the UI (blue background, grey window) displays a "Running preseed..." message :

enter image description here

I'm wondering if there is any way to lively displaying other messages based on what the is doing.

Score: 4
Hamish Moffatt avatar
SSH public key authentication with google authenticator still asks for password
de flag

I'm trying to enable 2FA with ssh using libpam-google-authenticator. Not all users need authenticator enabled. Everybody uses ssh public keys, and nobody has a password. I'm running Debian buster, and I've also tried libpam-google-authenticator from bullseye.

My problem is that no matter what I put in the PAM config, users without authenticator enabled are never logged straight in, but always asked for  ...

Score: 0
Joe avatar
debian as gatway block port from ip
cn flag

I have a number of public ips behind a debian router connected to vms. I want a specific ip not to be able to use port 25 outgoing.

I have tried /sbin/iptables -A OUTPUT -o ens19 -p tcp --destination-port 25 -s -j DROP along with several other combinations of command but I cannot get it to work. It will block outgoing ports on the router fine but not for systems behind it.

Score: 1
Bil5 avatar
Debian unattended (preseed) installation, access to audio card(s)
tr flag

I'm using the preseeding feature in order to shape a custom Debian 10 x64 system. Everything is happening well, except that during the late_command step, I'm running a shell script to configure and deploy miscellaneous things and I would like to be able to access the physical audio interfaces.

Usually, I'm doing that using pacmd list-sinks and then I can easily access the different audio cards names. Bu ...

Score: 1
Docker w/ PHP-FPM & Nginx - 502 Bad Gateway
de flag

I'm currently trying to dockerise a Laravel application, I've managed to create my Dockerfile and docker-compose.yml with the dependencies I need. However, I am struggling to get php-fpm to kick in that will show my application.


# Set master image
FROM php:8.0-fpm-alpine

# Copy composer.lock and composer.json
COPY composer.lock composer.json /var/www/html/

# Set working directory
WORKDIR /va ...
Score: 0
carlitobrigante avatar
POSTFIX: New mail server. Can neither send nor receive mail
cn flag

I am trying to learn about mail servers and have setup one. However neither can I send, nor receive mail. I can login to my email account and I see the folders (Inbox, Sent, Trash, etc) are being populated within the email client. Also /var/log/syslog indicates that my user has successfully logged in via imap-login

When I click on the test button from Thunderbird before logging in, the test alway ...

Score: 0
ps0604 avatar
Cannot install deb command in Debian Docker image
im flag

I'm trying to install a deb package in a Docker image.

I based my Dockerfile on continuumio/miniconda3 that's a Python/Debian image.

This works fine in Debian 9 but not when I try to build my Docker image. The problem that I have is that the deb command is not in Debian, and I cannot find a way to install it in the image. Any ideas how to install the deb command or another way to run that statement? ...

Score: 0
carlitobrigante avatar
Postfix doesn't send mail
cn flag

I am trying to learn about mail servers and am quite daunted by all of the moving pieces in the setup..

Currently I am unable to send via from my smtp server. I can receive mails fine from various domains.

In my logs I see the below entries when trying to send mail..

  • mail.log
Jul 31 11:59:15 mail postfix/submission/smtpd[1290]: connect from unknown[]
Jul 31 12:01:03 mail postfix/posts ...
Score: 1
Javier Vilarroig avatar
Apache Archiva backup best practices
cn flag

I have a server running Apache Archiva in standalone mode built from the Apache site tarball. It has been running like a charm for already 6 years. The OS is Debian Linux.

Until now all the artifacts we were storing on it where easily recoverable, so I excluded Archiva from any backup strategy.

But recently we have started to store artifacts that are impossible to rebuild. So now I need to include A ...

Score: 0
“GPG error: unstable Release”
ng flag

The error I am having when trying to update my package list.

root@wetainfotech:/# apt update
Hit:1 buster InRelease
Hit:2 buster InRelease
Hit:3 buster InRelease
Hit:4 buster/updates InRelease
Hit:5 buster-updates InRelease
Hit:7 http://r ...
Score: 0
jfernandz avatar
rsyslog seems to be triggering sdhci dumps when writing in external storage
cn flag

Acording what I read, rsyslog is usually used to process logs and send them to another locations, either local (external storage, specific partition, etc.) or remote (logging server, for example). However I'm trying to configure rsyslog to store the logs in an external storage device (SD card) but I'm having problems with the sdhci driver in the kernel. First you have here the rsyslog configurati ...

Score: 0
Mounted .img file does not clear up disk space when files are deleted
cn flag

I have a requirement to use more inodes than normally available on most file systems. Therefore, I create and mount a ext4 filesystem with a custom inode setting:

dd if=/dev/zero of=loop0.img bs=1MB count=5000
losetup --find --show `pwd`/loop0.img
mkfs -t ext4 -i 1024 /dev/loop0
mount /dev/loop0 /mnt

This will create a 5000MB file on the disk (via ls /mnt), but when I check using df it shows as  ...

Score: 0
perissf avatar
elasticsearch.service is not a native service, redirecting to systemd-sysv-install
ae flag

after installing Elasticsearch on Debian using these instructions, I am trying to enable it as a service using this command

 sudo /bin/systemctl enable elasticsearch.service

But I get this error:

elasticsearch.service is not a native service, redirecting to systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable elasticsearch

The service mananger is indeed systemd. However this d ...

Score: 1
perissf avatar
Curl SSL Certificate: unable to get local issuer certificate
ae flag

when using curl in verbose mode, I get this error: Command:

$ curl -vvI


  • successfully set certificate verify locations:
  • CAfile: none CApath: /etc/ssl/certs
  • TLSv1.3 (OUT), TLS handshake, Client hello (1):
  • TLSv1.3 (IN), TLS handshake, Server hello (2):
  • TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
  • TLSv1.3 (IN), TLS handshake, Certificate (11):
  • TLSv1.3 (OUT), TLS  ...
Score: 1
Server isn't responding to pings routed via vpn
in flag

I've server and virtual machine on it. I'm hosting OpenVPN on this server. The virtual machine has two interfaces: ens18 - for public IP, ens19 - for an internal network. I'm trying to ping (virtual machine ip on ens19) via VPN, but it's not responding. When I run tcpdump -i ens19 icmp on the virtual machine, its returning this:

tcpdump: verbose output suppressed, use -v or -vv for full protocol  ...
Score: 0
Michal avatar
VSFTPD: 500 OOPS: unrecognised variable in config file: local_root
id flag

I have a problem with vsftpd configuration. My vsftpd version is 3.0.3 When I'm trying add local_root variable to serwer configuration vsftpd stops working. How to fix this problem? My vsftpd config:


local_root = /DataDrive/camrecords/podworko








conn ...
Score: 0
kittygirl avatar
`bad-setting (Reason: Unit nftables.service has a bad unit file...` when add `/etc/systemd/system` conf to nftables
us flag

System is debian 10 with nftables.
I plan to make nftalbes auto restart when failed,script as below:

cat << EOF >> /etc/systemd/system/nftables.service.d/override.conf

systemctl daemon-reload

Output shows bad-setting:

systemctl status nftables.service

nftables.service - nftables
   Loaded: bad-setting (Reason: Unit nftables.service has  ...
Score: 0
kittygirl avatar
How to get the permission of `/run/user/1000/gvfs` when system is newly installed?
us flag

System is newly installed debian 10.
I cannot get the permission of /run/user/1000/gvfs properly,changed from d????????? ? ? ? ? ? to dr-x------ when cd /run/user/1000.

me@pc:~$ sudo ls -al /run/user/1000
[sudo] password for me: 
ls: cannot access '/run/user/1000/gvfs': Permission denied
total 0
drwx------ 11 me me 280 Jul 22 14:53 .
drwxr-xr-x  3 root  root   60 Jul 22 02:07 ..
s ...
Score: 0
OttoEisen avatar
Debian 11 template on Hyper-V
br flag

I used to run Debian 10 on a Hyper-V (Windows 2019) Server and I could set up a "template" VHD and copy it every time I needed a new Debian server, thus getting around the installation.

Now I'm looking into Debian 11 (currently "Testing" or "Bullseye") and the old procedure does no longer seem to work, neither with automatic partitioning nor with manual partitioning. Hyper-V says "SCSI Disk (0,0) ...

Score: 2
DJ_Ironic avatar
SSH tunnel reconnecting after WAN change or server drop
cn flag

I am fighting with autoSSH configuration.

My setup

  1. VPS as a public contact point, clients will access the VPS IP to get to the server
  2. My home server running the service. This machine has dualwan connectivity - so it can switch to another ISP if the first one drop. (IP address will change)

I want to make a SSH tunnel that will automatically reconnect when the connectivity is switched or one of those  ...