Search Results

Search found 26179 results on 1048 pages for 'linux from scratch'.

Page 408/1048 | < Previous Page | 404 405 406 407 408 409 410 411 412 413 414 415 | Next Page >

Forcedeth - too many iterations (6) in > nv_nic_irq

- by RyanC

Hey, I'm having trouble with an onboard nvidia gigabit network, under times of heavy load on the network, I'm seeing this error logged: "too many iterations (6) in nv_nic_irq" I'm running Hadoop DFS over these NICs and I see checksum errors build up until the whole thing just fails. I'm running the 2.6.26-2-amd64 kernel, and my initial research seems to imply its a problem with the forcedeth driver. Has anyone run into this problem before? Thanks in advance if anyone can help! Ryan

Read the article
Is it safe to run Postfix w/o securing it?

- by Miko

Does postfix need to be secured before it's safe to run it on a production server? I rely on Monit to notify me if certain processes are down or in trouble. For this purpose and this purpose only, I need postfix on the server so that Monit can send me email notifications. If it's necessary to secure Postfix before deploying it, what are some steps I can take to make it safer?

Read the article
NAT via iptables and virtual interface

- by Alex

I'm trying to implement the following scenario: One VM-host, multiple guest VMs, each one gets its own IP-address (and domain). Our server has only one physical interface, so the intended use is to add virtual interfaces on eth0. To complicate our situation the provider uses port-security on their switches, so I can't run the guest interfaces in bridged mode, because then the switch detects a "spoofed" MAC-address and kills the interface (permanently, forcing me to call the support, which I'm sure will get them a little bit angry the third time ;) ). My first guess was to use iptables and NAT to forward all packages from one virtual interface to another one, but iptables doesn't seem to like virtual interfaces (at least I can't get it to work properly). So my second guess is to use the source IP of the packages to the public interface. Let's assume libvirt creates a virbr0-network with 192.168.100.0/24 and the guest uses 192.168.100.2 as IP-address. This is what I tried to use: iptables -t nat -I PREROUTING --src public_ip_on_eth0:0 -p tcp --dport 80 -j DNAT --to-destination 192.168.100.2:80 That doesn't give me the intended results either (accessing the server times out). Is there a way to do what I'm trying to do, or even to route all traffic to a certain IP on a virtual interface to the VM's device?

Read the article
Mounting /var /tmp /var/log to separate partition

- by William MacDonald

Per DISA hardening requirements for RHEL, I'm supposed to make sure a number of locations on the filesystem are mounted on separate partitions. A few of the locations they specify include /var /tpm /var/log etc. Is it possible to go about doing this on a live machine (without booting a separate OS)? And how would I go about doing that. I've backed up the OS so if I do screw something up I can recover. Thanks!

Read the article
Samba does not reload user group members

- by xato

I am running a simple samba server setup where users connect to a share which contains folders for specific user groups. The folders are chmod 2770, so only users which are in the correct group can read/write in them. The problem is that if I change group memberships (i.e. remove user from group / add user to group; changes are in sync between clients and server!) samba does not automatically reload the group memberships for the user, so they can still write to groups that they are no longer a member of etc. I either have to reconnect to the share or to restart samba to apply the changes. Is there any way to prevent group caching and/or enable group membership reload in samba? My smb.conf: https://gist.github.com/anonymous/ca7c10a3b3e2168d7a03

Read the article
Galera install failure on Fedora 18

- by ehime

I've been trying to reinstall MariaDB and have been encountering multiple issues, $ yum install Mariadb-Galera-server Error: Package: MariaDB-Galera-server-5.5.29-1.i386 (mariadb) Requires: galera Available: galera-23.2.4-1.rhel5.i386 (mariadb) galera galera = 23.2.4-1.rhel5 You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest there is a requirement that libssl.so.6 and libcrypto.ssl.6 are installed, these DO show up in my /lib64 and /lib though as linked items. /usr/lib -rwxr-xr-x 1 root root 1356700 Nov 23 2010 libcrypto.so.0.9.8e lrwxrwxrwx 1 root root 19 Jun 28 12:03 libcrypto.so.6 -> libcrypto.so.0.9.8e -rwxr-xr-x. 1 root root 394272 Mar 18 14:22 libssl.so.1.0.1e lrwxrwxrwx 1 root root 16 Jun 28 12:03 libssl.so.6 -> libssl.so.0.9.8e /usr/lib64 -rwxr-xr-x 1 root root 1849680 Mar 18 14:21 libcrypto.so.1.0.1e lrwxrwxrwx 1 root root 26 Jun 28 11:54 libcrypto.so.6 -> /lib64/libcrypto.so.1.0.1e -rwxr-xr-x 1 root root 421712 Mar 18 14:21 libssl.so.1.0.1e lrwxrwxrwx 1 root root 23 Jun 28 11:54 libssl.so.6 -> /lib64/libssl.so.1.0.1e So the deps SHOULD be met, trying to $ yum install galera returns this Resolving Dependencies --> Running transaction check ---> Package galera.i386 0:23.2.4-1.rhel5 will be installed --> Restarting Dependency Resolution with new changes. --> Running transaction check ---> Package galera.i386 0:23.2.4-1.rhel5 will be installed --> Finished Dependency Resolution No errors? but no install either .... ? lets try wget and rpm'ing the package instead I guess? $ wget https://launchpad.net/galera/2.x/23.2.4/+download/galera-23.2.4-1.rhel5.x86_64.rpm $ rpm -ivh galera-23.2.4-1.rhel5.x86_64.rpm This issues the dreaded error: Failed dependencies: libcrypto.so.6()(64bit) is needed by galera-23.2.4-1.rhel5.x86_64 libssl.so.6()(64bit) is needed by galera-23.2.4-1.rhel5.x86_64 But we saw above these packages are here =( Whats going on?? Is openssl not installed? $ yum install openssl Loaded plugins: langpacks, presto, refresh-packagekit Package 1:openssl-1.0.1e-4.fc18.x86_64 already installed and latest version Nothing to do Its there.... ??? wth Fedora?

Read the article
Converting an ancient RH8 system to VMware ESXi

- by donatello

I am curious to know what options I have to convert a very old RedHat8 machine to a virtual one on ESXi. Looking at VMware Converter it seems there's an option to login to the RH8 using SSH, and from there it will convert to the ESXi-server. That makes me a bit nervous though, exactly what is happening there? The RH8 machine is slightly critical, and if anything messes up it'll likely result in many hours extra work. :( Another option I thought of was to boot a LiveCD on RH8-system and create a raw "dd dump" of the disk. The similar method is used to restore the image, I boot a LiveCD on the VM in ESXi and use "dd" to write it to disk. Is there any other option I could use? I'm using the cheap version of ESXi, hence I have no access to the Converter BootCD so these rather cumbersome methods is the only I can think of. :)

Read the article
Run application with other user

- by user62367

OS: Fedora 14 GUI: GNOME I need to run an application with another user then the "default" (normally used). Purpose: create a ".desktop" file on my desktop to run e.g.: Google Chrome with another user (NOT ROOT! - so beesu doesn't count.) There aren't any gksu, or kdesu packages in Fedora 14. Why? So i want to create a user with "adduser SOMEONE", and i want to run e.g.: Google Chrome with "SOMEONE" - then it will have minimum permissions, "more security". Thank you!

Read the article
what to do when ctrl-c can't kill a process?

- by Dustin Boswell

Ctrl-c doesn't always work to kill the current process (for instance, if that process is busy in certain network operations). In that case, you just see "^C" by your cursor, and can't do much else. What's the easiest way to force that process to die now without losing my terminal? Summary of answers below: Usually, you can Ctrl-z to put the process to sleep, and then do "kill -9 process-pid", where you find the process's pid with 'ps' and other tools. On Bash (and possibly other shells) you can do "kill -9 %1" (or '%N' in general) which is easier. If Ctrl-z doesn't work, you'll have to open another terminal and kill from there.

Read the article
Force ntpd to make changes in smaller steps

- by David Wolever

The NTP documentation says: Under ordinariy conditions, ntpd adjusts the clock in small steps so that the timescale is effectively continuous and without discontinuities - http://doc.ntp.org/4.1.0/ntpd.htm However, this is not at all what I have noticed in practice. If I manually change the system time backwards or forwards 5 or 10 seconds then start ntpd, I notice that it adjusts the clock in one shot. For example, with this code: #!/usr/bin/env python import time last = time.time() while True: time.sleep(1) print time.time() - last last = time.time() When I first change the time, I'll notice something like: 1.00194311142 8.29711604118 1.0010509491 Then when I start NTPd, I'll see something like: 1.00194311142 -8.117301941 1.0010509491 Is there any way to force ntpd to make the adjustments in smaller steps?

Read the article
amplified reflected attack on dns

- by Mike Janson

The term is new to me. So I have a few questions about it. I've heard it mostly happens with DNS servers? How do you protect against it? How do you know if your servers can be used as a victim? This is a configuration issue right? my named conf file include "/etc/rndc.key"; controls { inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; }; }; options { /* make named use port 53 for the source of all queries, to allow * firewalls to block all ports except 53: */ // query-source port 53; /* We no longer enable this by default as the dns posion exploit has forced many providers to open up their firewalls a bit */ // Put files that named is allowed to write in the data/ directory: directory "/var/named"; // the default pid-file "/var/run/named/named.pid"; dump-file "data/cache_dump.db"; statistics-file "data/named_stats.txt"; /* memstatistics-file "data/named_mem_stats.txt"; */ allow-transfer {"none";}; }; logging { /* If you want to enable debugging, eg. using the 'rndc trace' command, * named will try to write the 'named.run' file in the $directory (/var/named"). * By default, SELinux policy does not allow named to modify the /var/named" directory, * so put the default debug log file in data/ : */ channel default_debug { file "data/named.run"; severity dynamic; }; }; view "localhost_resolver" { /* This view sets up named to be a localhost resolver ( caching only nameserver ). * If all you want is a caching-only nameserver, then you need only define this view: */ match-clients { 127.0.0.0/24; }; match-destinations { localhost; }; recursion yes; zone "." IN { type hint; file "/var/named/named.ca"; }; /* these are zones that contain definitions for all the localhost * names and addresses, as recommended in RFC1912 - these names should * ONLY be served to localhost clients: */ include "/var/named/named.rfc1912.zones"; }; view "internal" { /* This view will contain zones you want to serve only to "internal" clients that connect via your directly attached LAN interfaces - "localnets" . */ match-clients { localnets; }; match-destinations { localnets; }; recursion yes; zone "." IN { type hint; file "/var/named/named.ca"; }; // include "/var/named/named.rfc1912.zones"; // you should not serve your rfc1912 names to non-localhost clients. // These are your "authoritative" internal zones, and would probably // also be included in the "localhost_resolver" view above :

Read the article
xinet vs iptables for port forwarding performance

- by jamie.mccrindle

I have a requirement to run a Java based web server on port 80. The options are: Web proxy (apache, nginx etc.) xinet iptables setuid The baseline would be running the app using setuid but I'd prefer not to for security reasons. Apache is too slow and nginx doesn't support keep-alives so new connections are made for every proxied request. xinet is easy to set up but creates a new process for every request which I've seen cause problems in a high performance environment. The last option is port forwarding with iptables but I have no experience of how fast it is. Of course, the ideal solution would be to do this on a dedicated hardware firewall / load balancer but that's not an option at present.

Read the article
Multiheaded X.org with a single workspace-pool

- by blauwblaatje

I've got an idea for x.org/$randomwindowmanager in combination with a multiheaded setup, but I haven't figured out how it should work. Also I don't really know where to place the feature request. Now for the idea. I've been working with screen (wikipedia:GNU_Screen) for some years now. One thing I like about it, is the fact that I can get a multi-display mode (screen -x), so you can have multiple terminals all connected to the same screen. The fun thing about it, is that you can get 2 terminals with the same content and switch my onscreen layout, without moving the terminals. I admit, in screen it's not extremely useful, but I think for a wm it can be. Imagine this. You've got two monitors and 4 workdesks. On one workdesk I've got my IDE with code, on the second one I've got the output, on the third one I've got the documentation and on the forth one I've got my e-mail and IM clients. At one moment, I want my IDE and output on my monitors, another moment my code and documentation and Yet another moment my IM to consult a colleague and documentation or code. Finally my colleague comes to help me at my desk. I'd like it if we could both watch the same workdesk without him sitting on my lap, so I turn one monitor so he can see it better. It would be great if we could see the same thing that's on my monitor (exclude mousepointer). The thing with most WMs is that your workspaces on the two monitors are either separated or glued together. If they're separated, you can change workspaces on each monitor autonomous, but you can't exchange applications between monitors because they're different x-clients (iirc). If they're glued together (xinerama), you can exchange the applications, but when changing your workspace, the other monitors change too. So, what I'd like to know is this. Is this already possible or should I submit a feature request somewhere (and if so, where?)

Read the article
SSH agent forwarding on debian squeeze

- by nfvindaloo

Im trying to set up SSH forwarding like this osx debianA debianB I can connect to debianA fine, using ssh -A and it has the following env vars when i do: SSH_AGENT_PID=1543 SSH_AUTH_SOCK=/tmp/ssh-giwdYY1542/agent.1542 SSH_CLIENT='92.233.199.x 38954 22' SSH_CONNECTION='92.233.199.x 38954 108.171.179.x 22' SSH_TTY=/dev/pts/0 When i try to connect to debianB, the agent is not used! ssh -v output ends with: debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Trying private key: /home/nic/.ssh/id_rsa debug1: Trying private key: /home/nic/.ssh/id_dsa debug1: Next authentication method: password Then im asked for a password. I have not set any ForwardAgent no directives in ssh_config and dont have a .ssh/config at all. sshd_config has not got AllowAgentForwarding in it. I have tried all of these directives as yes also. debianA and debianB both have identical ssh_config and sshd_config (verified with diff) so the really weird thing is connecting OSX debianB debianA works fine!! Im totally out of ideas! Has anyone come across this before? Cheers! NFV

Read the article
Elastix, how to MOVE files from one server to other server?

- by yudayyy

In my office, i have to schedule for moving a file from one computer to other computer (Both are using Elastix). My idea is using cron, scp, and rm to do this. So here are the script that i use: scp -r /home/data/* [email protected]:/home/data1 && rm -r /home/data/* That script did the copy, but not remove the source file. I already read this question: Hov to _MOVE_ files with scp? The problem is, the computer doesn't have an internet connection. So i cannot install rsync on my elastix computer. yum install rsync Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile and then it freezes. Any idea how to do this?

Read the article
Minimize VirtualBox Hard Drive disk

- by Aviv

I have Ubuntu Server 10.04 TLS installed on a Virtual Machine in a VirtualBox. The size of the Hard Drive is dynamic growing hard drive and the maximum is 32GB. At the beginning i had 4GB on the Hard Drive and the size of the .vdi was 4GB. Lately the size of data on the disk is 15GB but the size of the .vdi is almost 32GB. Why is that? How can i pack / optimize / defrag the HD so it will be the same size of the data on the disk? Thanks.

Read the article
Still no external sound after installing ubuntu 10.04

- by Walter

As suggested I upgraded. Same as before except now not even the speaker control in the application bar. Please help. Background: I have Ubuntu 9.10. Headphones appear to work fine. External speakers - nothing. There are so many sound preferences I have no idea what or which combination. Went to terminal and ran alsamixer which seems to recognize my sound card, though the driver is not listed in System Administration Hardware Drivers; the only driver listed is my graphics card. Setup: I have a Dell 8250. Speakers are plugged into the SB live card. Woofer and 2 speakers using transformer.

Read the article
What can impact the throughput rate at tcp or Os level?

- by Jimm

I am facing a problem, where running the same application on different servers, yields unexpected performance results. For example, running the application on a particular faster server (faster cpu, more memory), with no load, yields slower performance than running on a less powerful server on the same network. I am suspecting that either OS or TCP is causing the slowness on the faster server. I cannot use IPerf , unless i modify it, because the "performance" in my application is defined as Component A sends a message to Component B. Component B sends an ACK to component A and ONLY then Component A would send the next message. So it is different from what IPerf does, which to my knowledge, simply tries to push as many messages as possible. Is there a tool that can look at OS and TCP configuration and suggest the cause of slowness?

Read the article
Using more recent kernel for Xen Dom0 in production.

- by thelsdj

Does anyone have experience running Xen dom0 on a more recent kernel than the stock 2.6.18? What host distro are you running? What release of Xen (or hg/git changeset)? What set of patches are you using on kernel source? (Has anyone got the pvops dom0 stuff working in production or is it better to stick with something like the SUSE patches? Any other tips and tricks to running a more recent kernel version as dom0 would be helpful.

Read the article
How can I make subversion reset the stored passwords/users and remember my authentication credential

- by NicDumZ

Hello folks! Background: I used to have everything working just fine on my fresh install: $ svn co https://domain:443/ test1 Error validating server certificate for 'https://domain:443': - The certificate is not issued by a trusted authority. Use the fingerprint to validate the certificate manually! Certificate information: - Hostname: **REMOVED** - Valid: **REMOVED** - Issuer: **REMOVED** - Fingerprint: **checked with issuer and REMOVED** (R)eject, accept (t)emporarily or accept (p)ermanently? p Authentication realm: <https://domain:443> Subversion repository Password for 'nicdumz-machine-hostname': Authentication realm: <https://domain:443> Subversion repository Username: nicdumz Password for 'nicdumz': # proceeds to checkout correctly $ svn co https://domain:443/ test2 # checkouts nicely, without asking for my password. At some point I needed to commit stuff using a different account. So I did that $ svn ci --username other.user Authentication realm: <https://domain:443> Subversion repository Password for 'other.user': # works fine But since then, everytime I want to commit as 'nicdumz' (default user, all repos have been checked-out with that user), it prompts me for my password: $ svn ci Authentication realm: <https://domain:443> Subversion repository Password for 'nicdumz': Hey come on, why :) The same happens if I want a fresh checkout, since read-access is also protected. So I tried fixing the issue by myself. I read around that ~/.subversion/auth was storing credentials, so I removed it from the way: $ cd ~/.subversion $ mv auth oldauth $ mkdir auth It seemed to work at first, because svn had forgotten about certificate validation: $ svn co https://domain:443/ test3 Error validating server certificate for 'https://domain:443': - The certificate is not issued by a trusted authority. Use the fingerprint to validate the certificate manually! Certificate information: - Hostname: **REMOVED** - Valid: **REMOVED** - Issuer: **REMOVED** - Fingerprint: **checked with issuer and REMOVED** (R)eject, accept (t)emporarily or accept (p)ermanently? p Authentication realm: <https://domain:443> Subversion repository Password for 'nicdumz-machine-hostname': Authentication realm: <https://domain:443> Subversion repository Username: nicdumz Password for 'nicdumz': # proceeds to checkout correctly $ svn up Authentication realm: <https://domain:443> Subversion repository Password for 'nicdumz': What? how is this happening? If you have suggestions to investigate more about the behaviour, I am very interested. If I'm correct, there is no way to do a verbose svn up or anything of the like, so I'm not sure should I go for investigation. Oh, and for what it's worth: $ svn --version svn, version 1.6.6 (r40053) compiled Oct 26 2009, 06:19:08 Copyright (C) 2000-2009 CollabNet. Subversion is open source software, see http://subversion.tigris.org/ This product includes software developed by CollabNet (http://www.Collab.Net/). The following repository access (RA) modules are available: * ra_neon : Module for accessing a repository via WebDAV protocol using Neon. - handles 'http' scheme - handles 'https' scheme * ra_svn : Module for accessing a repository using the svn network protocol. - with Cyrus SASL authentication - handles 'svn' scheme * ra_local : Module for accessing a repository on local disk. - handles 'file' scheme * ra_serf : Module for accessing a repository via WebDAV protocol using serf. - handles 'http' scheme - handles 'https' scheme

Read the article
Package kernel-package has no installation candidate

- by Am1rr3zA

Hi, I want to install kernel package by this command sudo apt-get install kernel-package but it gives me the error : Package kernel-package has no installation candidate How can I solve this???

Read the article
Smokeping monitoring IP address and port

- by bob

Hi I have successfully install smokeping on my Ubuntu Karmic machine and am monitoring servers. I need to be able to monitor an IP address and a port, can someone tell me how I do that? I looked into Smokeping::probes::TCPPing but I cannot find how to install TCPPing Any help would be much appreciated Thanks

Read the article
How to keep subtree removal (`rm -rf`) from starving other processes for Disk I/O?

- by David Eyk

We have a very large (multi-GB) Nginx cache directory for a busy site, which we occasionally need to clear all at once. I've solved this in the past by moving the cache folder to a new path, making a new cache folder at the old path, and then rm -rfing the old cache folder. Lately, however, when I need to clear the cache on a busy morning, the I/O from rm -rf is starving my server processes of disk access, as both Nginx and the server it fronts for are read-intensive. I can watch the load average climb while the CPUs sit idle and rm -rf takes 98-99% of Disk IO in iotop. I've tried ionice -c 3 when invoking rm, but it seems to have no appreciable effect on the observed behavior. Is there any way to tame rm -rf to share the disk more? Do I need to use a different technique that will take its cues from ionice? Update: The filesystem in question is an AWS EC2 instance store (the primary disk is EBS). The /etc/fstab entry looks like this: /dev/xvdb /mnt auto defaults,nobootwait,comment=cloudconfig 0 2

Read the article
how to customize debian installation cd for your needs

- by Frank

I have with me a Debian CD, which I want to customize for my own needs. I have extracted the CD and started to change some parts of it, e.g Splash screen (splash.png) installer Title (through isolinux.cfg) etc These are the things that I want to do: Change the Splash logo at start up of installation to have my own (which is done) Change the grub boot parameters to use my comapny name on it. Change the set of packages in it, so that I can have my own set of packages in it and only those packages are installed Do some post installation steps Customize it's startup and login screen to have my company name. After I am done with this customization, I need to build its live installer CD so that I can install it on my own, on any other system.

Read the article
Recommendations for a PDF viewer with "web browser"-like navigation.

- by Tshepang

Am looking for a PDF reader that can navigate PDF files like a web browser (IE, when I click a link that takes me to another part of the doc, I should be able to go back by pressing Ctrl+left arrow). I am using Debian.

Read the article

< Previous Page | 404 405 406 407 408 409 410 411 412 413 414 415 | Next Page >