Questions tagged as ['linux']

Linux is the generic term for a UNIX-like open source operating system based on the Linux kernel.
Score: -1
Maxim Khokhryakov avatar
Why does this routing setup not working
cn flag

I have two interfaces on server machine. The output of ip route is next:

default via 192.168.100.1 dev enp1s0 proto static metric 100
10.8.0.0/24 dev tap0 proto kernel scope link src 10.8.0.1
192.168.100.0/24 dev enp1s0 proto kernel scope link src 192.168.100.201 metric 100

and ip address is next (MACs are hidden):

...
1: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state U ...
Score: 0
synth45 avatar
Jenkins linux master <=> windows build agent/slave WMI issue
cn flag

I'm trying to set up a build agent on a windows host using this plugin in Jenkins: https://plugins.jenkins.io/windows-slaves/

I've configured the windows build agent/node on the Jenkins master, and have set up the correct service account on the windows side and provided password, but am getting an error related to Netbios and CIFS, it seems:

Here is the error message:

[2021-08-04 10:36:28] [windows-agents ...
Score: 0
richardwhitney avatar
How do I set the anomaly score in crs-setup.conf?
cn flag

I am using v3.0.0 of CRS with ModSecurity set to DetectionOnly mode and the nginx connector. I want to set the anomaly score to 100 or so to fine-tune the settings, but I can't see where or how to do that. Looking in crs-setup.conf

nginx 1.18.0 if that helps

Score: 0
antimatter avatar
How to setup ssh public key for another machine without access?
pk flag

This might be a stupid question but I have to ask it anyway:
I already did setup an ssh public key for my client machine A. I copied the public key to the remote server, everything works fine, I can log in from machine A.

Now I also want to access that server from another machine and following best practices, I wanted to generate another key for client machine B, rather than using the key from machine  ...

Score: 1
danone avatar
spawn-fcgi doesn't start automatically even though has root permission Centos 7
br flag

I have very strange problem I don't know how to solve this. I have spawn-fcgi service only starts if I manually start as root but not with on boot

systemctl enable spawn-cgi gives me this information I don't know if this error message or just information

[root@www ~]# systemctl enable spawn-fcgi spawn-fcgi.service is not a native service, redirecting to /sbin/chkconfig. Executing /sbin/chkconfig sp ...

Score: 1
solveit avatar
How to delete the grepped iptables
ar flag

I have iptables starting from cali-

 root@Ubuntu-18-VM:~# iptables -S | grep -oP '(?<!^:)cali-[^ ]+'
    cali-FORWARD
    cali-INPUT
    cali-OUTPUT
    cali-cidr-block
    cali-from-hep-forward
    cali-from-host-endpoint
    cali-from-wl-dispatch
    cali-from-wl-dispatch-5
    cali-fw-cali2847b154969
    cali-fw-cali4bb24809f90
    cali-fw-cali531f8f2e712
    cali-fw-cali5a82b3ff301
    cali-pri-_CV ...
Score: 0
Brandon Pham avatar
Cron Tab as specific user and python virtual env
us flag

Wanting to run an hourly cron job as a specific user (xfeautomation) and python virtual environment. Running as a specific user, will I have to add the script location into PATH? My current cron job looks like this:

0 * * * *  xfeautomation /opt/scripts/wf_venv/bin/python /opt/scripts/wf_api_linux.py 2>&l /opt/scripts/log.txt

Is this the correct or optimal way? TIA

Score: 0
Convert thin logical volume to thick
ru flag

I have a volume group that has a thin pool with logical volumes. I don't want these to be thin -- I want them to be regular logical volumes.

How can I move them out and convert them to thick allocation?

$ sudo vgdisplay -v centos
  --- Volume group ---
  VG Name               centos
  System ID             
  Format                lvm2
  Metadata Areas        3
  Metadata Sequence No  34
  VG Access  ...
Score: 0
Setting tcp option to packet header
my flag

I'm trying to debug some networking issues and I'd like to add the "router alert" flag to some SYN packets that are being sent from my server. Is there a way to do that using iptables?

I'm looking at the mangle table but I couldn't find anything on adding arbitrary tcp header options to the packets. I imagine it would be something like iptables -t mangle -I OUTPUT -p tcp --dport 22 --tcp-flags SYN SY ...

Score: 0
udovdh avatar
IPv6 DHCP PD reply going to FORWARD rule in iptables firewall?
th flag

On my Fedora 34 Linux firewall/router box I noticed

  • that IPV6 DHCP PD requests are sent out fine.
  • that IPV6 DHCP PD replies do arrive on the wire
  • that the firewall kernel for some reason sends the DHCP PD reply in the FORWARD rule even though dhclient is local
  • that addresses in the packets were correct, match with DHCP-server and local firewall.

Details can be found at redhat.

We have a ppp inte ...

Score: 9
AhmedWas avatar
How can I know if the current running SSH server is OpenSSH or Dropbear?
in flag

If I go inside the file /etc/ssh/ssh_config, I can see "$OpenBSD" at the top of file. However, if I change the default port to a different value, it doesn't seem to work. A colleague informed me that's because Dropbear is the software server here, not OpenSSH.

Is there a way to be sure? I can't find an answer googling that.

Score: 0
sebastien dontneedtoknowthat avatar
How to prevent netfilter to automatically change the source ports
jp flag

I observed that netfilter changes the source port when a connection is established in the conntrack module. I need to prevent this behavior.

Here is what I have done to reproduce my problem:

  1. I create a netfilter rule that will perform DNAT from port 2002 to 2003

sudo iptables -w -t nat -A OUTPUT -s 192.168.30.3 -d 192.168.30.1 -p udp --sport 2001 --dport 2002 -j DNAT --to-destination :2003

  1. I t ...
Score: 0
salim ep avatar
mail Linux command include username along with from address
us flag

Is there any way to hide username if we send email via Linux terminal? For example, I just want to hide or delete "root" username from the email header.

I have one cron job send a report every day. For now this script runs as root user.

Score: 0
udev avatar
How to setup strongSwan server for Cisco RV130 VPN Gateway?
kh flag

I'm trying to setup this scenario with goal of full subnet-to-subnet connectivity:

.--------------.            .--------------.                .--------------.
| linux        |--- LAN1 ---|  NATing      |--- INTERNET ---|  Cisco       |--- LAN2
| strongSwan   |  172.x.x.x |  ROUTER      |                |  RV130       | 192.168.a.a
| VPN gateway  |            |              |                |       ...
Score: 0
dsal3389 avatar
redirect requests based on subdomain
cn flag

I have 1 machine and I am running on it 2 docker nodes,

1 node - for testing

2 node - for prod

I have a domain, for example foo.com I want to redirect the request to the correct servers based on the sub domain, for example:

test.foo.com => node 1

prod.foo.com => node 2

what tool can do it?

can a reverse proxy deal with private ips?

I am using linux

Score: 0
synth45 avatar
Jenkins remote build agent build and return artifact to master?
cn flag

I currently have a master node (Linux host) set up, which is not defaulting to do any building, and a remote build node (Linux host) set up that performs builds. My artifacts are building on the remote node and end up in /var/lib/jenkins/workspace/<job_name>. How can I retrieve the build artifacts and bring back to the master server? What's the best way to accomplish this? I've read somewhere that ...

Score: 0
Security issues with configuring default IP address(0.0.0.0) to ethernet interface
ca flag

In our linux embedded application we would like to keep available ports up and running and assigning with 0.0.0.0 IP address. In short we will be executing all ports with ifconfig ethX 0.0.0.0, and setting all IP address to virtual interfaces ethX:100 20.20.20.20 is there any security issues with configuring ethX to 0.0.0.0? Is there any other issue can be faced if we configure all IP address on virtual  ...

Score: 2
Using variable lists in ansible returns undefined variable
ph flag

Here is my variable list file vars/blah.yml:

---
stuff:
 - stuff1: bill
   stuff2: sue

I just trying to get the values of the variable stuff.

Here's my playbook:

  hosts: all
  become: yes
  vars_files:
    - vars/blah.yml
  tasks:

  - name: test
    debug:
      var: "{{ item.stuff1 }} {{ item.stuff2 }}"
    loop :
      - "{{ stuff }}"

I'm getting this error.

fatal: [node1]: FAILED! => {"msg ...
Score: 1
Log execve's, along with parent process argv?
us flag

I'm trying to figure out if I can decomission an old server. I need the information about automated processes running there. So far I tried the following:

auditctl -a exit,always -F arch=b64  -S execve -k any-commands

At log analysis stage, I discovered two pieces of context missing:

  1. How did those programs get executed? What process was their parent and what was its argv?
  2. Where did the stdin/stdout  ...
Score: 0
Ananth avatar
Will dropbear-initramfs work along with a keyfile in crypttab in Ubuntu (21.04)?
cn flag

/etc/crypttab

# <target name> <source device>         <key file>      <options>
crypt_root UUID=12989868-19fe-4834-90a8-f1bf13977745    /dev/disk/by-label/wopr_keys:/crypt_root_key  luks,discard,keyscript=/lib/cryptsetup/scripts/passdev,initramfs,x-initrd.attach                                                        
crypt_swap /dev/disk/by-id/scsi-SSamsung_Portable_SSD_T5_4B1C ...
Score: 0
Awaish Kumar avatar
Server goes down after every few hours - No route to host
in flag

I have a Ubuntu machine, it keep going down after some(10-15) hours. It returns the error as no route to host when I try to SSH. But it works when I restart from hetzner console and again after few hours it goes down.

I checked:

  1. syslogs: there are lots of IPs trying to connect to machine but are being blocked by firewall (UFW).
  2. I checked auth.log but I could not find any suspicious login.
  3. I chec ...
Score: 0
Am3Y avatar
CentOS 8 compiling kernel 5.13.7 BTF Error
co flag

I'm compiling Kernel 5.13.7 for Centos 8.4.2105

I've got the below error

  MODPOST vmlinux.symvers
  MODINFO modules.builtin.modinfo
  GEN     modules.builtin
BTF: .tmp_vmlinux.btf: pahole (pahole) is not available
Failed to generate BTF for vmlinux
Try to disable CONFIG_DEBUG_INFO_BTF
make: *** [Makefile:1205: vmlinux] Error 1

I tried searching on Google and got this solution https://stackoverflow.com ...

Score: 0
luca ditrimma avatar
Centos Infected By Kinsing Mining Malware
pl flag

My server has been infected by Kinsing malware. I managed to clear it. Remove the cronjob. So far, it didn't return. However, I noticed, another running processes look fishy. Normally, I haven't focused on this item except my regular services like MySQL, apache because they are normally on top of the processes. Now I became paranoid.

Do you spot any culprit here?

running services

Score: 0
Sahat Shah avatar
How to protect Backend server from DDoS
in flag

I live in a country where there is no DDOS protection for game servers ( UDP Protocol ).

Since latency is important for users, I can't host it in other country or region.

So I have only one option left and that is using fail-over servers.

Current architecture

I have a main dedicated server where game server is running.

I have 64 dummy VPS where I have installed Nginx proxy.

So the main server's IP  ...

Score: 0
Ali Kargar avatar
HP 1/8 G2 medium changer not detected in Oracle Linux 8
vn flag

I have a HP 1x8 G2 Autoloader that connected to a SAN switch, on my VMware environment I have an Oracle Linux that should work with the tape. The problem is after connecting tape to VM, medium changer is not detected but tape drive is OK!

$ cat /proc/scsi/scsi 
Attached devices:
Host: scsi2 Channel: 00 Id: 00 Lun: 00
  Vendor: VMware   Model: Virtual disk     Rev: 2.0
  Type:   Direct-Access        ...
Score: 1
Makoa avatar
Reverse proxy forwarding
sa flag

Could you help me?

sudo echo "1" > /proc/sys/net/ipv4/ip_forward
sudo iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination 1.1.1.1
sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 2.2.2.2
sudo iptables -t nat -A POSTROUTING -j MASQUERADE

I am using these iptables rules to create loadbalancing servers. I am just distributing .mp4 and .mp3 contents, b ...

Score: 0
Aviad P. avatar
Interpreting strace of crashing process on VM
us flag

I have a process that is running fine on a very old RedHat Linux 7.1 machine. However when I try to run it in a VM it fails with the following strace log (this is the tail of the log):

[...many lines before this...]
shmat(688143, 0, 0)                     = 0x45665000
fork()                                  = 2375
semget(99, 1, 0x1b6|0666)               = 393228
rt_sigaction(SIGUSR1, {0x4003d860, [USR1],  ...
Score: 0
How can I let apache server work always on my ec2 instance?
lu flag

I am learning aws's EC2 server. I configured apache and php. I started the apache server with the command

Sudo service httpd start

But every time I stop my pc, or the next day, when I want to continue the course. I have to start again the apache server. I mean it is not on started status always.

Imagine if I have a website running on that instance, it means that users won't be able to go on to my websi ...

Score: 0
stefano avatar
iLO Linux Installation stuck due to "Unable to find any valid media"
cn flag

Good Morning All,

I'am a dummy in this area and I am trying to install Linux Red Hat 8.3 on a remote machine with HP iLO 5; the features of the remote machine are the folowings:

Company: HPE Product Name: ProLiant DL385 Gen10 Plus UUID: 32343150-3837-5A43-3231-303730325830 Server Serial Number: CZ210702X0 Product ID: P14278-B21

I have followed al ...

Score: 0
carlitobrigante avatar
Postfix doesn't send mail
cn flag

I am trying to learn about mail servers and am quite daunted by all of the moving pieces in the setup..

Currently I am unable to send via from my smtp server. I can receive mails fine from various domains.

In my logs I see the below entries when trying to send mail..

  • mail.log
Jul 31 11:59:15 mail postfix/submission/smtpd[1290]: connect from unknown[78.136.22.232]
Jul 31 12:01:03 mail postfix/posts ...