Search Results

Search found 27515 results on 1101 pages for 'embedded linux'.

Page 409/1101 | < Previous Page | 405 406 407 408 409 410 411 412 413 414 415 416  | Next Page >

  • Trying to make changes to the size of the events buffer in prelude-ids auditd plugin

    - by tharris
    I am running systems using the prelude-ids plugin for auditd. When the manager is up every thing works fine however I have a requirement that when the clients can't talk to the manager they should store no more than 250MB of messages, and when they hit that point they should start deleting the oldest events. All I can find is that audispd can be set to an overflow action of ignore,syslog,suspend,single, and halt none of which meet my requirement, and several of which I really cannot use. Does anyone know a way to do this? I know the events get stored in /var/spool/prelude/auditd/global, but I can't find anything about configuring how things are stored here. There are usually several files in the global directory but only 2 of them ever go above 0 in size, data0 and data0.journal.

    Read the article

  • Make a socket as a user but make it readable and writable by another

    - by user1598585
    I have a software that is run under user A, this software creates a socket in /sockets and the socket should be readable and writable by user B. I have tried setting the directory to have ownership A:A or A:B but when user A creates the socket, it ends up with uid A and gid A. Using ACLs has not helped so far, the default mask is preventing the rights to be effective. rw permisions for B will always turn into jusr r. If what I make is not a socket it will work fine. How can I best accomplish this task? (It is for a web-server where the web-application makes the socket and the web-server software forwards requests to it)

    Read the article

  • Tool to convert a file of HEX to ASCII character set?

    - by Aaron
    Question: Is there a known tool to convert a file consisting of 2 byte Hex into ascii? Note: - Maintain file offset listing in bytes Example: File contents: 00000000 0054 0065 0073 0074 0020 0054 0065 0073 00000008 0074 0020 0054 0065 0073 0074 0020 0054 00000016 0065 0073 0074 0020 0054 0065 0073 0074 00000024 0020 0054 0065 0073 0074 0020 0054 0065 00000032 0073 0074 0020 0054 0065 0073 0074 0020 00000040 0054 0065 0073 0074 000a 0054 0065 0073 00000048 0074 0020 0054 0065 0073 0074 0020 0054 00000056 0065 0073 0074 0020 0054 0065 0073 0074 00000064 0020 0054 0065 0073 0074 0020 0054 0065 Expected output 00000016 0065 0073 0074 0020 0054 0065 0073 0074 |est Test Test Te| 00000032 0073 0074 0020 0054 0065 0073 0074 0020 |st Test Test.Tes| 00000048 0074 0020 0054 0065 0073 0074 0020 0054 |t Test Test Test| 00000064 0020 0054 0065 0073 0074 0020 0054 0065 | Test Test Test |

    Read the article

  • Script for checking the nologin accounts and then disable the account

    - by suma
    "Could you please share the scripts which does the below ?" I have written a script that scans all the relevent logs daily, makes a list of people that have had any activity that day, and maintains database (just a text file) of users and the last time they logged in. Then I have a second script that examines the database for dates more than x days ago, an notifies the user and administrator 2 weeks prior to locking the account. And if there are any dates more than x+y days ago, deletes the account altogether. This seems to be working for me - but I would like to use a non-proprietary solution if one is available. "Could you please share the scripts?"

    Read the article

  • In Cent os 6.2 can i update Kernel version to 3.4 ? if so how to upgrade kernel?

    - by shiva
    Hi, I have a server with Centos 6.2 with Kernel version 2.6 , but i need to increase my application Performance. The Kernel Version 3.4 has x32abi which can improve the performance so i want to upgrade to 3.4 ? Is it possible? I tried 1) downloading kernel compiling and installing but still i see the same Kernel version.. What went wrong? i followed the process in mentioned in the below link.. http://www.tecmint.com/kernel-3-5-released-install-compile-in-redhat-centos-and-fedora/

    Read the article

  • /etc/hosts.deny ignored in Ubuntu 14.04

    - by Matt
    I have Apache2 running on Ubuntu 14.04LTS. To begin securing network access to the machine, I want to start by blocking everything, then make specific allow statements for specific subnets to browse to sites hosted in Apache. The Ubuntu Server is installed with no packages selected during install, the only packages added after install are: apt-get update; apt-get install apache2, php5 (with additional php5-modules), openssh-server, mysql-client Following are my /etc/hosts.deny & /etc/hosts.allow settings: /etc/hosts.deny ALL:ALL /etc/hosts.allow has no allow entries at all. I would expect all network protocols to be denied. The symptom is that I can still web browse to sites hosted on the Apache web server even though there is a deny all statement in /etc/hosts.deny The system was rebooted after the deny entry was added. Why would /etc/hosts.deny with ALL:ALL be ignored and allow http browsing to sites hosted on the apache web server?

    Read the article

  • php startup error Invalid library (maybe not a PHP library) 'pcntl.so'

    - by And-y
    After searching for hours to solve my problem and found nothing helpful I ask my first question here. I want to compile and install php 5.3.17 cli with pcntl extension enabled on a Debian server. The installation was successfull but when I start php cli, the following error is displayed: PHP Warning: PHP Startup: Invalid library (maybe not a PHP library) 'pcntl.so' in Unknown\ on line 0 The following configure is used: './configure' '--prefix=/usr/share' '--datadir=/usr/share/php' '--bindir=/usr/bin' '--libdir=/usr/share' '--includedir=/usr/include' '--with-config-file-path=/etc/php5/cli' '--disable-cgi' '--enable-bcmath' '-- enable-inline-optimization' '--enable-mbstring' '--enable-mbregex' '--enable-pcntl' '--enable-sigchild' '--enable-shmop' '--enable-sysvmsg' '--enable-sysvsem' '--enable-sysvshm' '--with-mysql' '--with-imap' '--with-imap-ssl' '--with-kerberos' In the php.ini following options are set: extension_dir=/usr/lib/php5/20090626/ extension=pcntl.so I hope someone can help me.

    Read the article

  • How can I prevent firefox from using bitmap fonts at certain zoom levels?

    - by Ryan Thompson
    In firefox 3.6 on Ubuntu 9.10, certain sites seem to use bitmap fonts for any fixed-width fonts, but only at specific zoom levels. This site and other stackexchange sites are among the affected sites, and of course the default zoom level is affected. At unaffected zoom levels, I get the expected smooth curvy fonts. How can I make firefox use the nice curvy smooth fonts at all zoom levels?

    Read the article

  • How do I format this regex so it will work in fail2ban?

    - by chapkom
    I've just installed fail2ban on my CentOS server in response to an SSH brute force attempt. The default regular expressions in fail2ban's sshd.conf file do not match any entries in audit.log, which is where SSH seems to be logging all connection attempts, so I am trying to add an expression that will match. The string I am trying to match is as follows: type=USER_LOGIN msg=audit(1333630430.185:503332): user pid=30230 uid=0 auid=500 subj=user_u:system_r:unconfined_t:s0-s0:c0.c1023 msg='acct="root": exe="/usr /sbin/sshd" (hostname=?, addr=<HOST IP>, terminal=sshd res=failed)' The regular expression I am attempting to use is: ^.*addr=<HOST>, terminal=sshd res=failed.*$ I've used regextester.com and regexr to try to build the regex. The testers give me a match for this regex:^.*addr=\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}, terminal=sshd res=failed.*$ but fail2ban-regex complains if I don't use the <HOST> tag in the regex. However, using ^.*addr=<HOST>, terminal=sshd res=failed.*$ gives me 0 matches. At this point, I am totally stuck and I would greatly appreciate any assistance. What am I doing wrong in the regex I am trying to use?

    Read the article

  • .desktop shortcuts aren't working for java applications in LXDE

    - by chaz
    I just installed minecraft on my LXDE desktop/Lubuntu machine and I'm trying to create a .desktop file on the desktop that executes java -jar ~/minecraftlauncher.jar. The command works in bash scripts and the terminal but refuses to work when I click on my .DESKTOP shortcut which is suppose to execute the same command. I've experimented with other jars and they can't seem to start too. Here is my xsession log: ** (pcmanfm:1572): DEBUG: launch command: <java -jar ~/Downloads/minecraft_server.jar> ** (pcmanfm:1572): DEBUG: sn_id = pcmanfm-1572-administrator-Dimension-3000-java-14_TIME14031891 Unable to access jarfile ~/Downloads/minecraft_server.jar ** (pcmanfm:1572): DEBUG: launch command: <java -jar ~/minecraftlauncher.jar> ** (pcmanfm:1572): DEBUG: sn_id = pcmanfm-1572-administrator-Dimension-3000-java-15_TIME14070158 Unable to access jarfile ~/minecraftlauncher.jar UPDATE: Whoops, it seems to work when I give an absolute path. I guess the home path is something else. UPDATE: I guess X doesn't resolve the home specifier. I ran a .desktop file that executed a script that outputs the current directory, and it seems to be correct.

    Read the article

  • Read floppy from OpenVMS machine

    - by Goyuix
    I have a floppy I need to read the contents from - unfortunately it was formatted and the data written on an OpenVMS server. I believe the floppy is formatted "Files-11" and I can see parts of the MFT [equivalent] and file contents through a hex editor, however I would love to be able to mount this and actually read the files off. Is there a Files-11 FUSE module or other kernel module I can install to read this format? Any standalone utilities that can understand a floppy image taken with dd?

    Read the article

  • Keepalived for more than 20 virtual addresses

    - by cvaldemar
    I have set up keepalived on two Debian machines for high availability, but I've run into the maximum number of virtual IP's I can assign to my vrrp_instance. How would I go about configuring and failing over 20+ virtual IP's? This is the, very simple, setup: LB01: 10.200.85.1 LB02: 10.200.85.2 Virtual IPs: 10.200.85.100 - 10.200.85.200 Each machine is also running Apache (later Nginx) binding on the virtual IPs for SSL client certificate termination and proxying to backend webservers. The reason I need so many VIP's is the inability to use VirtualHost on HTTPS. This is my keepalived.conf: vrrp_script chk_apache2 { script "killall -0 apache2" interval 2 weight 2 } vrrp_instance VI_1 { interface eth0 state MASTER virtual_router_id 51 priority 101 virtual_ipaddress { 10.200.85.100 . . all the way to . 10.200.85.200 } An identical configuration is on the BACKUP machine, and it's working fine, but only up to the 20th IP. I have found a HOWTO discussing this problem. Basically, they suggest having just one VIP and routing all traffic "via" this one IP, and "all will be well". Is this a good approach? I'm running pfSense firewalls in front of the machines. Quote from the above link: ip route add $VNET/N via $VIP or route add $VNET netmask w.x.y.z gw $VIP Thanks in advance. EDIT: @David Schwartz said it would make sense to add a route, so I tried adding a static route to the pfSense firewall, but that didn't work as I expected it would. pfSense route: Interface: LAN Destination network: 10.200.85.200/32 (virtual IP) Gateway: 10.200.85.100 (floating virtual IP) Description: Route to VIP .100 I also made sure I had packet forwarding enabled on my hosts: $ cat /etc/sysctl.conf net.ipv4.ip_forward=1 net.ipv4.ip_nonlocal_bind=1 Am I doing this wrong? I also removed all VIPs from the keepalived.conf so it only fails over 10.200.85.100.

    Read the article

  • Understanding RedHats recommended tuned profiles

    - by espenfjo
    We are going to roll out tuned (and numad) on ~1000 servers, the majority of them being VMware servers either on NetApp or 3Par storage. According to RedHats documentation we should choose the virtual-guestprofile. What it is doing can be seen here: tuned.conf We are changing the IO scheduler to NOOP as both VMware and the NetApp/3Par should do sufficient scheduling for us. However, after investigating a bit I am not sure why they are increasing vm.dirty_ratio and kernel.sched_min_granularity_ns. As far as I have understood increasing increasing vm.dirty_ratio to 40% will mean that for a server with 20GB ram, 8GB can be dirty at any given time unless vm.dirty_writeback_centisecsis hit first. And while flushing these 8GB all IO for the application will be blocked until the dirty pages are freed. Increasing the dirty_ratio would probably mean higher write performance at peaks as we now have a larger cache, but then again when the cache fills IO will be blocked for a considerably longer time (Several seconds). The other is why they are increasing the sched_min_granularity_ns. If I understand it correctly increasing this value will decrease the number of time slices per epoch(sched_latency_ns) meaning that running tasks will get more time to finish their work. I can understand this being a very good thing for applications with very few threads, but for eg. apache or other processes with a lot of threads would this not be counter-productive?

    Read the article

  • Restrict a port to a single app

    - by viraptor
    I'd like to restrict a range of udp ports to a single application (or a user). What I'd like to achieve is not simply blocking a bind() from other uids, but also remove the range from a pool that can be auto-assigned. For example, if someone tries to explicitly bind 12345, but doesn't run the specified app, they should get EPERM. If someone tries to bind an unspecified port, they should never try to bind 12345 at random. Is there any system that can help here? I tried browsing apparmor / selinux docs, but they seem to do the blocking part only.

    Read the article

  • Where to download unix command?

    - by person
    I tried to run mvdir earlier and it said command not found. I then ran a search for it and still not found. Is there a place I can download the script for the command, and is there any information I should know post-download to get it to work?

    Read the article

  • Create kickstart configuration file from existing configuration.

    - by ÜMineiro
    Is there a script or another way to automatically generate a kickstart configuration file from the system state of an existing server so that the file can be use to replicate (not clone) the configuration of the system in another install? I know that the anaconda-ks.cfg file is stored on the /root dir. but the system in question have been extensively changed since it's installation, and the file is of no use now.

    Read the article

  • Passing parameters to a shell script running as a cronjob

    - by Takashi
    I am new to bash scripting (not programming in general). I am writing a bash script that will run a Python script I have written. I want to be able to do the following: Pass parameters to the bash script via the cronjob (so I can have two cron jobs) one to be run with parameter 'foobar', and the other 'foo' switch based on the parameter passed to the bash script (by switching, I mean an if/else based on the paramter passed to the bash script).

    Read the article

  • SSH command from PHP script - nothing, yet work at cmd line

    - by waxical
    I'm working on an EC2 box and trying to SSH command another box. The command works in command-line, even php -a interactive. However it does not work when running as apache. Example cmd:- system('ssh -i /home/me/keys/key.pem [email protected] "ls"'); I've tried adding apache to wheel group, and gshadow on both boxes. I've also just tried chowning the pem file to apache. Nothing. Yet the command response fine in the two other use cases outlines. What's going on here? Anyone know?

    Read the article

  • what i should do in order to build curl without error?

    - by hugemeow
    failed when i run ./buildconf the error information is as follows: [mirror@home curl]$ ls acinclude.m4 CMakeLists.txt GIT-INFO MacOSX-Framework packages TODO-RELEASE Android.mk configure.ac include Makefile.am perl vc6curl.dsw buildconf COPYING install-sh Makefile.dist README winbuild buildconf.bat CTestConfig.cmake lib Makefile.msvc.names RELEASE-NOTES CHANGES curl-config.in libcurl.pc.in maketgz sample.emacs CHANGES.0 curl-style.el log2changes.pl missing src CMake docs m4 mkinstalldirs tests [mirror@home curl]$ ./config [mirror@home curl]$ ./buildconf buildconf: autoconf version 2.63 (ok) buildconf: autom4te version 2.59 (ERROR: does not match autoconf version) [mirror@home curl]$ echo $? 1

    Read the article

  • How to correctly set up iWARP? Preferably on loopback

    - by ajdecon
    iWARP is a protocol for doing remote direct memory access (RDMA) on top of TCP/IP, so that it can work with Ethernet and other network types as opposed to Infiniband. It works with many of the standard IB interfaces - the IB verbs, for example - so it's all pretty transparent. I'm doing some IB-verbs programming (mostly for the sake of learning about how they work better), and it'd be wonderfully convenient for me if I could use iWARP to do RDMA over my loopback interface, so that I could test some of my code without getting on our IB-connected cluster. :-) But I cannot figure out how to get a "local development environment" set up: there are no tutorials I'm aware of for even setting up iWARP from scratch on a server or a network interface. Can anyone give me a tutorial or point me in the right direction? Environment is Fedora 16 running in VirtualBox.

    Read the article

  • subversion: enforce TLS

    - by Daniel Marschall
    Hello, I am running subversion on a Debian Squeeze system with Apache2 and mod_dav for viewing the contents with a webbrowser. I want to enforce the usage of TLS, so that the login data and the SVN contents cannot be read from the connection. I have tried following: <Location /svn> DAV svn SVNParentPath /daten/subversion/ # our access control policy AuthzSVNAccessFile /daten/subversion/access_control # try anonymous access first, resort to real # authentication if necessary. Satisfy Any Require valid-user # how to authenticate a user AuthType Basic AuthName "Subversion repository" AuthUserFile /daten/subversion/.htpasswd # Test SSLRequireSSL RewriteEngine On RewriteCond %{SERVER_PORT} !443 RewriteRule ^svn/(.)$ https://www.viathinksoft.de/svn/$1 [R,L] </Location> at file /etc/apache2/conf.d/subversion.conf Alas, this does not work. There is no redirect and there is still a HTTP request working at /svn/(projectname)/(somefolder) . This SSL-enforce-policy should work for - viewing the contents with webbrowser - retrieve contents with TurtoiseSVN client - committing contents with TurtoiseSVN client Can you please help me? Regards Daniel Marschall

    Read the article

  • stunnel: SSL-to-SSL? (for smtp/imap)

    - by nonot1
    Hello, How can I configure stunnel to accpet SSL connections, and connect then to an SSL port on a different server? Here is my setup: Our ISP's server, "Mail Server", supports smtp/imap over SSL. (Not starttls. Just over ssl.) But, I have a bunch of client machines that will only trust a specific, internal, root certificate. Thus, they can not connect to "Mail Server". For these client machines, I'd like to make a dedicated "Mail Tunnel" host that uses stunnel to listen with an in-house signed SSL certificate, and just forward data to "Mail Server" using a 2nd SSL connection. Can this be done? What would be the specific steps for Ubuntu Server 10.10? (I'm not too familiar with persistent service configuration.) Thank you

    Read the article

< Previous Page | 405 406 407 408 409 410 411 412 413 414 415 416  | Next Page >