Search Results

Search found 16491 results on 660 pages for 'root node'.

Page 255/660 | < Previous Page | 251 252 253 254 255 256 257 258 259 260 261 262 | Next Page >

HAProxy and Intermediate SSL Certificate Issue

- by Sam K

We are currently experiencing an issue with verifying a Comodo SSL certificate on an Ubuntu AWS cluster. Browsers are displaying the site/content fine and showing all the relevant certificate information (at least, all the ones we've checked), but certain network proxies and the online SSL checkers are showing we have an incomplete chain. We have tried the following to try to resolve this: Upgraded haproxy to the latest 1.5.3 Created a concatenated ".pem" file containing all the certificate (site, intermediate, w/ and w/out root) Added an explicit "ca-file" attribute to the "bind" line in our haproxy.cfg file. The ".pem" file verifies OK using openssl. The various intermediate and root certificates are installed and showing in /etc/ssl/certs. But the checks still come back with an incomplete chain. Can anyone advise about anything else we can check or any other changes we can make to try to fix this? Many thanks in advance... UPDATE: The only relevant line from the haproxy.cfg (I believe), is this one: bind *:443 ssl crt /etc/ssl/domainaname.com.pem

Read the article
sudo access for desktop actions in Gnome/KDE?

- by Jakobud

I feel kinda silly asking this question. I'm using CentOS 5.4 and KDE. I downloaded an archive and I want to drag/drop the contents into a folder that I need root access to write to. I can obviously go into terminal and sudo blah blah. But how do I get sudo access for desktop procedures? Like for simple dragging and dropping of files? KDE just tells me that I don't have permission to do that, but doesn't give me the option of entering the root password or sudo.

Read the article
How to make local apache server public/visible ?

- by George

Hello. I am running an Apache2 server on a Fedora 13. I'd like to make it publicly accessible(visible).For example I'd like when somebody types http://my.ip.numbes/ that they would see what I have in my document root folder. Just for a presentation of a course work at university. Permissions are set to 755. User owning the document root is apache. SELinux is temporarily disabled. But port 80 is closed. I tried to open it by adding an entry to iptables and restarting them, no change. I guess I am missing something big here. Help would be greatly appreciated. Note: I have a static (public, real) IP address.

Read the article
Multiple SSL vhosts using wildcard certificate in nginx

- by vvanscherpenseel

I have two hostnames sharing the same domain name which I want to serve over HTTPs. I've got a wildcard-SSL certificate and created two vhost configs: Host A listen 127.0.0.1:443 ssl; server_name a.example.com; root /data/httpd/a.example.com; ssl_certificate /etc/ssl/wildcard.cer; ssl_certificate_key /etc/ssl/wildcard.key; Host B listen 127.0.0.1:443 ssl; server_name b.example.com; root /data/httpd/b.example.com; ssl_certificate /etc/ssl/wildcard.cer; ssl_certificate_key /etc/ssl/wildcard.key; However, I get the same vhost served for either hostname.

Read the article
Windows shortcut doesn't work: how to enclose filenames with spaces?

- by Olivier Pons

Here's my problem: I've made a shortcut on my Desktop (Windows XP (sigh)) like this: C:\WINDOWS\system32\cmd.exe /k "mysql -u root drupal-defaultadm < ^"C:\Documents and Settings\AAA\Mes documents\Downloads\01.drupal-defaultadm.sql^" && exit" When I double click on it, the DOS prompt is opened, but I get this error: File not found. C:\wamp\bin\mysql\mysql5.5.24\bin> So I'm trying to do the command "by hand" and only removing the ^: C:\wamp\bin\mysql\mysql5.5.24\bin>mysql -u root drupal-defaultadm < "C:\Documents and Settings\AAA\Mes documents\Downloads\01.drupal-defaultadm.sql" C:\wamp\bin\mysql\mysql5.5.24\bin> And gives no error. I'm pretty sure this has to do with the whitespaces enclosed with ". How shall I do to make it work?

Read the article
Using DNS entries to determine location

- by Raphink

I'm trying to think of a clean way to determine the location of machines (mainly, which datacenter they belong to) based on their network settings. I would like it to be dynamic, and I'm thinking of using special DNS records that would be specific to the DNS server in each datacenter. For example, you could have: root@machine1# dig TXT mysite ... mysite 3600 IN TXT "DC1" ... root@machine2# dig TXT mysite ... mysite 3600 IN TXT "DC2" ... etc. I know that DNS has a special LOC record for location, but it takes coordinates, so it doesn't help in my case. Is there a standard way of addressing this issue, another special type of record for it, or some standard entries in TXT records?

Read the article
How do I make an encrypted disk image on Debian?

- by Blacklight Shining

I'm basically looking for an equivalent to OS X's encrypted sparsebundles. The solution should have support for file ACLs and should not force me to specify a size in the beginning (the image should only take up as much space as it needs) or require root access to mount and unmount. Ideally, I should be able to set two different passwords (both for the same data), but that's not too important. (I do have root access to the machine and so can install packages and such, but I would rather not have to sudo just to mount an image.)

Read the article
File permissions to run mysqld in chroot

- by Neo

I'm trying to run mysqld inside chroot environment. Herez the situation. When I run mysqld as root, I can connect to my databases. But when I run mysql using init.d scripts, mysql gives me an error. $ mysql --user=root --password=password ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (111) So I guess, I need to change file permissions of some files. But which ones? Oh and in case you are wondering '/var/run/mysqld/mysqld.sock' is owned by 'mysql' user. EDIT: strace output looks something like this [pid 20599] <... select resumed> ) = 0 (Timeout) [pid 20599] time (NULL) = 12982215237 [pid 20599] select(0, NULL, NULL, NULL, {1, 0} <unfinished ...>

Read the article
Samba / smbd on Centos 6.5

- by Satalink

I've installed Samba4 and have the smb.conf file as follows: [global] workgroup = WORKGROUP server string = Samba Server realm = REXIALO.COM netbios name = REXIALO.COM security = user map to guest = Bad Password bind interfaces only = no interfaces = lo venet0 log file = /var/log/samba/samba.log max log size = 1000 [webroot] path = /usr/local/apache/htdocs comment = Example.com webroot directory read only = No I can connect from the same server with smbclient. Localhost: # smbclient -L localhost -U root Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.11] Sharename Type Comment --------- ---- ------- webroot Disk RexiAlo webroot directory IPC$ IPC IPC Service (RexiAlo Samba Server) Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.11] Server Comment --------- ------- Workgroup Master --------- -------Enter root's password: network: # smbclient -L rexialo.com -U Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.11] Sharename Type Comment --------- ---- ------- webroot Disk RexiAlo webroot directory IPC$ IPC IPC Service (RexiAlo Samba Server) Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.11] Server Comment --------- ------- Workgroup Master --------- ------- The problem is when I try to map to the smb webroot from Windows 7, it asks for user/pass but just times out and then prompts for credentials. The samba.log file does not show any activity other than the startup of the smbd process. Any help would be appreciated.

Read the article
Samba + Centos (Share not working)

- by mplacona

I've done this a few times already, but for some reason this time it's not working. I have a folder called ruby (root:root - 0777) on /home/placona I'm trying to see this folder from my WindowsXP box, but keep getting permission denied. I can see the global share though, but whenever I try clicking on the ruby share, it won't let me in. Here's my smb.conf settings: [global] log file = /var/log/samba/samba.%m guest account = nobody netbios name = DEVBOX server string = DEVBOX CENTOS workgroup = WORKGROUP encrypt passwords = yes security = share max log size = 50 [ruby] path = /home/placona/ruby I want to be able to open this folder without using password (hence the guest account = nobody). I tried even with password, but never seems to work. Can anyone spot anything wrong with my settings?

Read the article
running autobench (httperf)

- by Matthew

So I ran apt-get install httperf on my system and I can now run httperf. But how can I run 'autobench'? I downloaded the file and unarchived it and if I go in it and run autobench it says -bash command not found I think it's a perl script but if I run perl autobench, it says: root@example:/tmp/autobench-2.1.2# perl autobench Autobench configuration file not found - installing new copy in /root/.autobench.conf cp: cannot stat `/etc/autobench.conf': No such file or directory Installation complete - please rerun autobench Even if I run it again it says the same thing.

Read the article
Migrating to ssh key authentication; implications of adding sbin's to users $PATH

- by ancillary

I'm in the process of migrating to key's for authentication on my CentOS boxes. I have it all set up and working, but was a bit taken aback when I noticed service (and other things) didn't work the way I was accustomed to. Even after su'ing to root, still had to call the full path for it to work (which I assume to be expected/normal behavior). I also assume this is because there are different $PATH's for root (what I was using and am used to) and the newly created, key-using user. Specifically, I noticed the sbin's of the world missing from the user path. If I were to add those paths (/sbin/,/usr/sbin/,/usr/local/sbin) to a profile.d .sh script for this new key-loving user, would: I be opening up the system in ways I shouldn't be? I be doing something I needn't do save for reasons of laziness? I create other potential problems? Thanks.

Read the article
"Countersigning" a CA with openssl

- by Tom O'Connor

I'm pretty used to creating the PKI used for x509 authentication for whatever reason, SSL Client Verification being the main reason for doing it. I've just started to dabble with OpenVPN (Which I suppose is doing the same things as Apache would do with the Certificate Authority (CA) certificate) We've got a whole bunch of subdomains, and applicances which currently all present their own self-signed certificates. We're tired of having to accept exceptions in Chrome, and we think it must look pretty rough for our clients having our address bar come up red. For that, I'm comfortable to buy a SSL Wildcard CN=*.mycompany.com. That's no problem. What I don't seem to be able to find out is: Can we have our Internal CA root signed as a child of our wildcard certificate, so that installing that cert into guest devices/browsers/whatever doesn't present anything about an untrusted root? Also, on a bit of a side point, why does the addition of a wildcard double the cost of certificate purchase?

Read the article
Debug unstable Apache server under Debian

- by almo

Since yesterday my Apache server that runs on a Debian machine runs very unstable. Sometiems my websites load and sometimes not. I think it has to do with the memory since my Apache log is full of Out of memory (allocated 262144) (tried to allocate 4480 bytes). I also attached a screenshot of the memory graph. A server restart resolves the problem temporarily. I looked at the processes that are using memory but the biggest one is MySQL with 6.5%. Where else can look for the problem? Edit: I did a free -m right after rebooting and one about 2 hours later. I think the trend is visible: root@xxx:~# free -m total used free shared buffers cached Mem: 4016 731 3284 0 80 200 -/+ buffers/cache: 449 3566 Swap: 459 0 459 root@xxx:~# free -m total used free shared buffers cached Mem: 4016 2466 1550 0 92 473 -/+ buffers/cache: 1900 2115 Swap: 459 0 459

Read the article
Trying to setup virtual hosts on unix PHP on nginx

- by user1634653

I have tried to install php5-fpm and Nginx on Ubuntu machine, but I got a problem. When I have only one virtual host on a unix port it is all fine but when I try to add another virtual host Nginx goes to default web page "Welcome to Nginx!" but when I run it on a tcp port example port 9000 it work fine with multisites. It is a fresh install of ubuntu 11.10, Nginx 1.2.3 with php5-fpm installed. It also has extra php installs such as php-apc. I can only give the links to the virtual hosts because I am doing it from a mobile phone. Here are the links for the two virtual hosts I am using: http://ic0nic.co.uk/ic0nic.txt, http://ic0nic.co.uk/sourproxy.txt also I want to use unix port because I find it a whole lot faster. Edit: Here are the nginx configs server { server_name ic0nic.co.uk www.ic0nic.co.uk; root /var/www/ic0nic.co.uk; listen 8080; index index.html index.htm index.php; include conf.d/drop; location / { try_files $uri $uri/ /index.php?q=$uri&$args; } location ~ \.php$ { fastcgi_buffers 8 256k; fastcgi_buffer_size 128k; fastcgi_intercept_errors on; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass unix:/dev/shm/php-fpm-www.sock; root /var/www/ic0nic.co.uk; } } server { server_name sourproxy.co.uk www.sourproxy.co.uk; root /var/www/sourproxy.co.uk/; listen 8080; index index.html index.htm index.php; include conf.d/drop; location / { try_files $uri $uri/ /index.php?q=$uri&$args; } location ~ \.php$ { fastcgi_buffers 8 256k; fastcgi_buffer_size 128k; fastcgi_intercept_errors on; include fastcgi_params; fastcgi_param SCRIPT_FILENAME /var/www/sourproxy.co.uk$fastcgi_script_name; fastcgi_pass unix:/dev/shm/php-fpm-www.sock; } }

Read the article
How to access MySQL on Windows

- by Dan

This may sound like a really dumb question, but I normally only deal with MSSQL, no LAMP stuff, so I'm struggling to figure out what's going on. I have Windows 7 and have installed MySQL 5.1 through Web Platform Installer. I have HeidiSQL installed to manage data in MySQL, but how do I connect? In Heidi it's asking for 'Hostname / IP' which is prepopulated with 127.0.0.1. It prepopulates the user field to 'root' (which is right) and I'm entering the password I chose when MySQL was installed. However, it just errors when I connect, saying: SQL Error (1045): Access denied for user 'root'@'localhost' (using password: YES). Can anyone point me in the right direction here? Many thanks...

Read the article
How to setup Proxy Cache with Nginx and Passenger

- by tiny

I use Nginx and Passenger for my rails application. I want to use proxy cache to cache my pages. However, every request go direct to my rails application. I don't know what wrong with my configuration. Below is my configuration: user www-data; worker_processes 1; events { worker_connections 1024; } http { passenger_root /usr/lib/ruby/gems/1.8/gems/passenger-2.2.15; passenger_ruby /usr/bin/ruby1.8; passenger_max_pool_size 6; passenger_max_instances_per_app 1; passenger_pool_idle_time 0; rails_spawn_method conservative; include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 512; sendfile on; #tcp_nopush on; keepalive_timeout 65; tcp_nodelay on; gzip on; gzip_http_version 1.0; gzip_vary on; gzip_comp_level 6; gzip_proxied any; gzip_types text/plain text/css text/javascript application/javascript application/json application/x-javascript text/xml application/xml application/xml+rss; proxy_cache_path /var/www/cache/webapp levels=1:2 keys_zone=webapp:8m max_size=1000m inactive=600m; include vhosts/*.conf; include /opt/nginx/conf/sites-enabled/*; root /var/www; } server { listen 127.0.0.1:3008; server_name localhost; root /var/www/yoolk_web_app/public; # <--- be sure to point to 'public'! passenger_enabled on; rails_env development; passenger_use_global_queue on; } server { listen 80; server_name webpage.dev; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; error_page 503 http://$host/maintenance.html; location ~* (css|js|png|jpe?g|gif|ico)$ { root /var/www/web_app/public; expires max; } location / { proxy_pass http://127.0.0.1:3008/; proxy_cache webapp; proxy_cache_valid 200 10m; } #More Location }

Read the article
ftp users configuration in OpenSuse 12

- by chieroz

I usually work with MacOSX servers but this time I need to set up a ftp service on a OpenSuse 12.2 server and I am a little lost. I am using the remote YAST2 tool via ssh. I created several users who can connect via ssh and/or ftp, so the basic setup is ok. But when connecting via ftp all my users don't have write permissions. The FTP directory for authenticated users is /srv/www/htdocs, which has permissions root:root. The OpenSuse manual say it's bad practice to change these permissions, but my normal users (even the ones in the sudoers list) cannot upload files. So I am stuck: as a workaround I use rsync, but from time to time I just need to establish a working ftp connection. What's the right approach for users permissions in this scenario? Thanks a lot.

Read the article
kvm process has too large a memory footprint on host

- by gucki

I'm using latest ubuntu quantal and start a kvm guest which should have 2048 MB of memory. Now after a few hours I can see that the kvm process of this guest is around 2700 MB, so 700 MB more than the guest should be able to consume. I mean a small overhead like 1% would be ok, but not 30%?! root 8631 74.0 22.2 4767484 2752336 ? Sl Nov07 512:58 kvm -cpu kvm64 -smp sockets=1,cores=2 -cpu kvm64 -m 2048 -device virtio-blk-pci,drive=drive-virtio0,id=virtio0,bus=pci.0,addr=0xa,bootindex=100 -drive file=rbd:data/vm-disk-1,if=none,id=drive-virtio0,cache=writeback,aio=native -device virtio-net-pci,netdev=net0,bus=pci.0,addr=0x12,id=net0,mac=02:7a:86:e6:1a:6c,bootindex=200 -netdev type=tap,id=net0,vhost=on -usbdevice tablet -nodefaults -enable-kvm -daemonize -boot menu=on -vga cirrus root 8694 0.0 0.0 0 0 ? S Nov07 0:00 [kvm-pit/8631] How is this possible and how to prevent it?

Read the article
redirect to rootdomain after the first slash in url

- by user142397

I want to redirect this: http://www.site.com/xyz To http://www.site.com/ Basically i want to redirect to the root domain if a user types anything else after the first slash of my domain name like /xyz or anything else should be redirected or rewritten as the root URL in the browser. Can anybody help? Thanks for your help! (* This should be only for the first time like when a new user comes to visit my page, because once the page loads for the first time i do not want any re directions as i have different directories, and related webpages. Otherwise my visitor will only see landing page. )

Read the article
Log with iptalbes which user is delivering email to port 25

- by Maus

Because we got blacklisted on CBL I set up the following firewall rules with iptables: #!/bin/bash iptables -A OUTPUT -d 127.0.0.1 -p tcp -m tcp --dport 25 -j ACCEPT iptables -A OUTPUT -p tcp -m tcp --dport 25 -m owner --gid-owner mail -j ACCEPT iptables -A OUTPUT -p tcp -m tcp --dport 25 -m owner --uid-owner root -j ACCEPT iptables -A OUTPUT -p tcp -m tcp --dport 25 -m owner --uid-owner Debian-exim -j ACCEPT iptables -A OUTPUT -p tcp -m limit --limit 15/minute -m tcp --dport 25 -j LOG --log-prefix "LOCAL_DROPPED_SPAM" iptables -A OUTPUT -p tcp -m tcp --dport 25 -j REJECT --reject-with icmp-port-unreachable I'm not able to connect to port 25 from localhost with another user than root or a mail group member - So it seems to work. Still some questions remain: How effective do you rate this rule-set to prevent spam coming from bad PHP-Scripts hosted on the server? Is there a way to block port 25 and 587 within the same statement? Is the usage of /usr/sbin/sendmail also limited or blocked by this rule-set? Is there a way to log the username of all other attempts which try to deliver stuff to port 25?

Read the article
Nginx PHP-FPM Basic Auth

- by Lari13

I have nginx with php-fpm installed on Debian Squeeze. Directory tree is: /var/www/mysite index.php secret_folder_1 admin.php static.html secret_folder_2 admin.php static.html pictures img01.jpg I need to close secret_folder_1 and secret_folder_2 with basic_auth. Now config looks like: location ~ /secret_folder_1/.+\.php$ { root /var/www/mysite/; fastcgi_pass 127.0.0.1:9000; fastcgi_param SCRIPT_FILENAME /var/www/mysite$fastcgi_script_name; include fastcgi_params; auth_basic "Restricted Access"; auth_basic_user_file /path/to/.passwd; } location ~ /secret_folder_1/.* { root /var/www/mysite/; auth_basic "Restricted Access"; auth_basic_user_file /path/to/.passwd; } Same config for secret_folder_2. Is it normal? I mean, first location for serving php files in restricted folder, and second location for serving static files. Can it be simplified?

Read the article
group write permission ignored in ubuntu

- by NorthPole

Its probably my stupidy here but i'm stuck on this and would appreciate the help. I want my user to have full access to the local apache root folder, and i also want the apache to have full access to the same folder. What i did was create a new group called DevGroup and i added my username and www-data there. also i changed the permissions to 770 to allow full group access but now it wont allow me or the apache any kind of access to the folder. here is what i get with ls drwxrwx--- 12 root DevGroup 4096 Sep 27 17:34 testFolder which seems perfect but when i try as a user to access the file i get this var/www$ ls testFolder/ ls: cannot open directory testFolder/: Permission denied also when i try to access the a page in the folder from browser [Thu Sep 27 17:47:16 2012] [error] [client 127.0.0.1] PHP Fatal error: Unknown: Failed opening required '/var/www/testFolder/foo.php' (include_path='.:/usr/share/php:/usr/share/pear') in Unknown on line 0

Read the article
Mounting share over VPN

- by user1337

I have a CentOS 5 web server which currently mounts a NFS export on my Mac OS X 10.7 laptop. It works great, except over VPN I can't get it to mount at all. I tried SMBUp but haven't been able to get it working even locally. It doesn't look like there's an easy way to install netatalk for CentOS 5. Even still, I'm not sure if that's the best way to do it. I tried using a GUI SSH client that can "mount a FTP disk" and it would work, except the files require root access and there's no external root access and the client can't elevate permissions. The basic thing I need to do is have the server be able to read the files off of my laptop, connected via VPN. The files are frequently updated (every 5-20 seconds) so I don't want to manually do that via SSH. Which protocol can work with both platforms and easily handle the latency introduced by VPN (and potentially mobile broadband)? Thanks

Read the article
scp using a password on the command line

- by spierepf

I am trying to write a script that will deploy a build created on my desktop machine (windows/cygwin) to a machine in my test environment (linux). I would like to use scp to copy the build to the target machine. The only account on the target machine is root, and I cannot create a special user for this task. The root user is unable to log in using an ssh key (I suspect that this is configured on the ssh server, but I do not know which configuration options control this). At any rate, I cannot change the configuration of the ssh server. My desktop machine uses Cygwin, and I have ssh installed. What I need is the command-line-fu that will allow me to put the password on the command line. I am aware of the dangers of having a plaintext password in a shell script, but that is not a concern here.

Read the article

< Previous Page | 251 252 253 254 255 256 257 258 259 260 261 262 | Next Page >