Search Results

Search found 24623 results on 985 pages for 'linux'.

Page 410/985 | < Previous Page | 406 407 408 409 410 411 412 413 414 415 416 417 | Next Page >

Input traffic shaping

- by whitequark

I know that I can shape output traffic with tc or a similar tool. However, I want to shape the input traffic now—actually, I want to prioritize downloading of files of certain type through a slow lossy connection. I know the reason tc can only shape output traffic: the host itself has no direct control over the amount of input traffic. On the other hand, TCP has some measures built in it which prevent the TCP traffic from overflowing a slow connection. So, can I mangle something in TCP header so that the remote host will think my connection is slower than it thinks? Suppose that I am able to set the corresponding mark on both types of connections with iptables. Is there any way to reduce the input bandwidth of connections of first type, but only if connections of second type are present?

Read the article
How do i allow users to execute commands via ssh without allocating a psuedo-terminal

- by Dani El

I need to allow users to run a limited set of commands. But not to allow them to create interactive sessions. Just like GitHub does. If you try to ssh without a command it greetings you and close the session. I can acquire this by using ForceCommand some-script But getting in some-script i then need to eval user's input. Perhaps any other NoTTY-like option in sshd_config? --- UPDATE --- i'm looking for a pure SSH / Bash solution, not Perl/Python/etc. hacks.

Read the article
Strange ssh login

- by Hikaru

I am running debian server and i have received a strange email warning about ssh login It says, that user mail logged in using ssh from remote address: Environment info: USER=mail SSH_CLIENT=92.46.127.173 40814 22 MAIL=/var/mail/mail HOME=/var/mail SSH_TTY=/dev/pts/7 LOGNAME=mail TERM=xterm PATH=/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games LANG=en_US.UTF-8 SHELL=/bin/sh KRB5CCNAME=FILE:/tmp/krb5cc_8 PWD=/var/mail SSH_CONNECTION=92.46.127.173 40814 my-ip-here 22 I looked in /etc/shadow and find out, that password for is not set mail:*:15316:0:99999:7::: I found this lines for login in auth.log n 3 02:57:09 gw sshd[2090]: pam_winbind(sshd:auth): getting password (0x00000388) Jun 3 02:57:09 gw sshd[2090]: pam_winbind(sshd:auth): pam_get_item returned a password Jun 3 02:57:09 gw sshd[2091]: pam_winbind(sshd:auth): user 'mail' granted access Jun 3 02:57:09 gw sshd[2091]: Accepted password for mail from 92.46.127.173 port 45194 ssh2 Jun 3 02:57:09 gw sshd[2091]: pam_unix(sshd:session): session opened for user mail by (uid=0) Jun 3 02:57:10 gw CRON[2051]: pam_unix(cron:session): session closed for user root and lots of auth failures for this user. There is no lines with COMMAND string for this user. Nothing was found with "rkhunter" and with "ps aux" process inspection, also there is no suspicious connections was found with "netstat" (as I can see) Can anyone tell me how it is possible and what else should be done? Thanks in advance.

Read the article
Unable to use cloned VM, OpenSUSE, VirtualBox

- by Kremchik

I've cloned a VM and now while booting it I see a message: Trying manual resume from /dev/sda1 Invoking userspace resume from /dev/sda1 resume: libgcrypt version: 1.5.0 Trying manual resume from /dev/sda1 invoking in-kernel resume from /dev/sda1 Waiting for device /dev/disk/by-id/ata-VBOX_HARDDISK_.....-part2 to appear: ... Could not find /dev/disk/...-part2 Want me to fall back to /dev/disk/...-part2 (Y/n) If I press 'Y' it tries to boot again with failure, then exits to /bin/sh. If I press 'n' it exits to /bin/sh immediately. I've read a solution here: http://diggerpage.blogspot.com/2011/11/cannot-boot-opensuse-12-after-cloning.html but I don't understand how to access files on disk to edit /etc/fstab and /boot/grub/menu.lst?

Read the article
GitLab on a fresh Ubuntu 13 EC2 instance

- by Polly

I've spun up a fresh Amazon EC2 instance for a micro Ubuntu 13 server to be used as a GitLab server. I know the specs are a little low, but it should serve well for my purposes. It has an elastic (static) IP address that I have created an A record for git.mydomain.com. The first thing I did to the instance was add 1GB of swap to keep it happy from a memory perspective. I then set the hostname of the box to be git.mydomain.com and followed https://github.com/gitlabhq/gitlabhq/blob/6-2-stable/doc/install/installation.md to the letter. Everything seems to have worked, except for the web server side of things. Doing a gitlab:check shows the following: Checking Environment ... Git configured for git user? ... yes Has python2? ... yes python2 is supported version? ... yes Checking Environment ... Finished Checking GitLab Shell ... GitLab Shell version >= 1.7.4 ? ... OK (1.7.4) Repo base directory exists? ... yes Repo base directory is a symlink? ... no Repo base owned by git:git? ... yes Repo base access is drwxrws---? ... yes update hook up-to-date? ... yes update hooks in repos are links: ... can't check, you have no projects Running /home/git/gitlab-shell/bin/check Check GitLab API access: /usr/local/lib/ruby/2.0.0/net/http.rb:878:in `initialize': Connection refused - connect(2) (Errno::ECONNREFUSED) from /usr/local/lib/ruby/2.0.0/net/http.rb:878:in `open' from /usr/local/lib/ruby/2.0.0/net/http.rb:878:in `block in connect' from /usr/local/lib/ruby/2.0.0/timeout.rb:52:in `timeout' from /usr/local/lib/ruby/2.0.0/net/http.rb:877:in `connect' from /usr/local/lib/ruby/2.0.0/net/http.rb:862:in `do_start' from /usr/local/lib/ruby/2.0.0/net/http.rb:851:in `start' from /home/git/gitlab-shell/lib/gitlab_net.rb:62:in `get' from /home/git/gitlab-shell/lib/gitlab_net.rb:29:in `check' from /home/git/gitlab-shell/bin/check:11:in `<main>' gitlab-shell self-check failed Try fixing it: Make sure GitLab is running; Check the gitlab-shell configuration file: sudo -u git -H editor /home/git/gitlab-shell/config.yml Please fix the error above and rerun the checks. Checking GitLab Shell ... Finished Checking Sidekiq ... Running? ... yes Number of Sidekiq processes ... 1 Checking Sidekiq ... Finished Checking GitLab ... Database config exists? ... yes Database is SQLite ... no All migrations up? ... yes GitLab config exists? ... yes GitLab config outdated? ... no Log directory writable? ... yes Tmp directory writable? ... yes Init script exists? ... yes Init script up-to-date? ... yes projects have namespace: ... can't check, you have no projects Projects have satellites? ... can't check, you have no projects Redis version >= 2.0.0? ... yes Your git bin path is "/usr/bin/git" Git version >= 1.7.10 ? ... yes (1.8.3) Checking GitLab ... Finished It seems like I'm very nearly there. Searching on this error I have only found advice that unfortunately hasn't helped. I'm not using any kind of SSL setup, which a lot of the posts I found were about. I have tried appending 127.0.0.1 git.mydomain.com to /etc/hosts and giving the instance a reboot but there was no change. My config/gitlab.yml file has host: git.mydomain.com in it, and my gitlab-shell/config.yml has gitlab_url: "http://git.mydomain.com/" in it. I'm sure I'm missing something simple, but I've been through every relevant link I can find and have had no positive results; thank you in advance for any help!

Read the article
No Data Received

- by Ben Moore

Out of the blue, around 40% of my website's community can no longer visit, saying they're getting "No Data Received" errors. We've taken our firewall offline, tried going through systems such as Cloudflare and checked our .htaccess to no avail. I've asked affected users to traceroute but the weird thing is it looks like it's being stopped at ISP level. Can anyone suggest other things that may be causing this error?

Read the article
Nothing is written in php5-fpm.log

- by jaypabs

I have two servers which is Ubuntu 12.04 and Ubuntu 14.04. When I use Ubuntu 14.04 in my new server and enabled the php-fpm log file found under /etc/php5/fpm/php-fpm.conf that reads as follows: error_log = /var/log/php5-fpm.log I noticed that most of the log that I found in Ubuntu 12.04 is not written in 14.04. For example, if I restart php5-fpm in my Ubuntu 12.04, a restart log is being written, however, this does not happen in 14.04. Another log which I missed in 14.04 are the following: [23-Aug-2014 16:23:03] NOTICE: [pool web42] child 118098 exited with code 0 after 12983.480191 seconds from start [23-Aug-2014 16:23:03] NOTICE: [pool web42] child 147653 started [23-Aug-2014 17:27:31] WARNING: [pool web8] child 76743, script '/var/www/mysite.com/web/wp-comments-post.php' (request: "POST /wp-comments-post.php") executing too slow (12.923022 sec), logging I really wanted to have this kind of log so I will know the length of time a slow script has executed. Does anyone know if there are other settings in Ubuntu 14.04 that I need to change in addition to /etc/php5/fpm/php-fpm.conf?

Read the article
Which ports for IPSEC/LT2P?

- by Matt

I have a firewall/router (not doing NAT). I've googled and seen conflicting answers. It seems UDP 500 is the common one. But the others are confusing. 1701, 4500. And some say I need to also allow gre 50, or 47, or 50 & 51. Ok, which ports are the correct ones for IPSec/L2TP to work in a routed environment without NAT? i.e. I want to use the built in windows client to connect to a VPN behind this router/firewall.

Read the article
Routing with VPN and asymmetric communication

- by Louis

I'm stumbling on a problem that requires your advice. Keywords : networking, route, openVPN Problem : I have a local network with several physical servers and VMs. These machines have ip's in the range 10.10.x.x. I can access these machines from the Internet with the help of openVPN. These machines can : access each other within the local 10.10.x.x subnet access the Internet via the VPN can themselves be accessed (via SSH) from the Internet via the VPN. There is one machine however that behaves strangely and I don't know why. I can SSH into this machine from anywhere via SSH and I can also PING it from anywhere (including the Internet). However from this machine (i.e. when logged into it) I cannot access the Internet or ping machines outside the local network. In other words it will not go beyond the VPN. My question is why? Here are some technical details: The machine's Network Config (running Debian 6.0.3): allow-hotplug eth0 iface eth0 inet static address 10.10.10.200 netmask 255.255.0.0 network 10.10.10.0 broadcast 10.10.10.255 gateway 10.10.10.200 The machine's Routing : Destination Gateway Genmask Flags MSS Window irtt Iface 127.0.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 lo 10.10.0.0 10.10.10.250 255.255.0.0 UG 0 0 0 eth0 10.10.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 0.0.0.0 10.10.10.250 0.0.0.0 UG 0 0 0 eth0 0.0.0.0 10.10.10.200 0.0.0.0 UG 0 0 0 eth0 The VPN's Network Config (running Debian 6.0.3): # This is the local network interface auto eth1 allow-hotplug eth1 iface eth1 inet static address 10.10.10.250 netmask 255.255.0.0 broadcast 10.10.10.255 gateway 10.10.10.250 The VPN's routing table Destination Gateway Genmask Flags MSS Window irtt Iface 10.10.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0 private 0.0.0.0 255.255.255.0 U 0 0 0 eth0 10.10.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 10.10.10.250 0.0.0.0 UG 0 0 0 eth1 0.0.0.0 private 0.0.0.0 UG 0 0 0 eth0 net.ipv4.ip_forward = 1 on both machines. there are no iptables set anywhere. Thanks in advance for any feedback.

Read the article
How can I view results of my cron jobs?

- by Zombies

I see so many guides on how to run crontab, but what I need right now is to learn how to Find log files about cron jobs Configure what gets logged

Read the article
virtualbox port forwarding - firewall config

- by Roose

i have a ubuntu host system with virtualbox running a windows server. In Virtualbox i have configured the network with a NAT interface and port forwarding for the RDP deamon running inside the vm. That works really well - i can connect to the windows rdp service over the internet. TCP *:3389 - *:3389 Now i like to restrict the access to the rdp service to only 3 public ip addresses and have no idea how to do that via iptables / shorewall. Something like: ACCEPT net:91.x.x.x fw tcp 3389 (shorewall rule) isn't working. Would be glad for any hint.

Read the article
Amazon Web Services : mise à jour de l'environnement Linux, avec les dernières versions de MySQL, Python, Ruby et le Kernel 3.2

Amazon Web Services : mise à jour de l'environnement Linux avec les dernières versions de MySQL, Python, Ruby et le Kernel Linux 3.2 Amazon Web Services (AWS) vient de procéder à une mise à jour majeure d'Amazon Linux AMI. L'image du système d'exploitation Linux qui s'exécute sur la plateforme intègre désormais les versions les plus récentes de TomCat, MySQL, Python, GCC, Ruby, etc. Cette version a été construite avec pour objectif principal de permettre aux entreprises de migrer ou de rester sur les anciennes versions des outils. Ainsi, les organismes peuvent exécuter différentes versions majeures des applications et langages de programmation. Ceci permet au code qui s'appuie su...

Read the article
Setting up Web server so it is easy to migrate

- by Nyxynyx

Hi I am about to move my site from a VPS to another host's dedicated server. One of my concern is about scaling the site in the future that involves a change of server. Now that I am starting the dedicated server from scratch with only the OS, this means that I need to install the web server stack, including Apache and its mods, PHP, MySQL, PostgreSQL, Tomcat, Solr and a few other softwares like ImageMagick and git. Question: Is there a way for me to setup this new dedicated server such that I can easily migrate the entire site, both the technology stack and the code to the a newer server (upgrade from this new dedicated server) easily without reinstalling and reconfiguring everything? The code for the website is being handled by git and github so thats not a problem. I'm more conerned about the rest of the software required. Side question: The current VPS uses CentOs with cpanel and it seems that many packages are outdated on yum and cpanel interfers with the installation of many packages. Which OS should I go with for the new server? Ubuntu?

Read the article
How do you backup your own files? [on hold]

- by Antonis Christofides

I'm a system administrator and I use rsnapshot to backup some servers, duplicity for some others. Both work fine, each one with advantages and disadvantages. Despite that, I am at a loss on how to backup my own private files. I'd use duplicity to automatically backup my files to a remote server; but the problem is that once in a while I must do a full backup. My emails and important files are 9G, and I expect this to increase. Uploading through aDSL at 1Mbit would be 20 hours. Too much. rsnapshot doesn't require periodic full backups (only the first time), but it must be running on the remote server and have a means to connect to my computer; if the server is compromised (or simply if the NSA decides to use it), my own machine is also compromised. Not good. The only solution I've come up with is use encfs, use unison to synchronize the files to a remote server, and use duplicity or rsnapshot on the remote server to backup these files. In that case, the question is whether I can sync the files on many computers; is it possible for encfs to be used with the same key on many computers? I also think that if I append one character to the unencrypted file, its encrypted encfs counterpart might change a lot, so that incrementals with duplicity would be less efficient—but not a big deal. Maybe also, when I need to restore a file, finding the correct file to restore could be a pain, because of filename encryption. I wonder whether there is any other possibility that I've overlooked. Maybe I'm asking too much for my personal use, and I should settle with an external disk?

Read the article
How can I make the NetworkManager work?

- by Yang Jy

I am running a version of RHCE6 on my laptop, and lately I've been trying various stuff about network configuration through command line. Last night, I tried removing the NetworkManager using "yum remove NetworkManager" from the system, so that I could have more control of the network through the command line. But the result is, I didn't manage to configure the wireless connection through wpa_supplicant, and I need wireless connection during my travel to another place. So I need the wireless function back as soon as possible. I typed " yum install NetworkManager", some version installed, but I don't get to have an icon on the taskbar, and of course, the network doesn't work. The package I previously removed(about 24MB) was much larger that the one I just installed(about 2MB), so I think some dependencies must be missing. How could I install all these dependencies? Please help!

Read the article
Apache conf for high trafic CMS with backend users?

- by Annan

I'm in the situation where a website is going to have a high number of web users and a few backend webmasters. Webmasters will upload images (+other high mem tasks) and this bumps up the memory allocation of the httpd child processes to 100-150mb. In order to stop swapping I'm currently setting MaxClients in httpd.conf to 20. However this lowers maximum simultaneous requests. Will this be a problem when the website goes live? What is the best configuration? Info: Drupal 6, PHP 5, Apache 2.2 (Prefork atm) I'm thinking about Worker MPM, two apache instances or low MaxRequestsPerChild.

Read the article
Is it inefficient to have symbolic links to symbolic links?

- by Ogre Psalm33

We're setting up a series of Makefiles where we want to have a project-level include directory that will have symbolic links to sub-project-level include files. Many sub-project developers have chosen to have their include files also be symbolic links to yet another directory where the actual software is located. So my question is, is it inefficient to have a symbolic link to a symbolic link to another file (for, say, a C++ header that may be included dozens or more times during a compile)? Example directory tree: /project/include/ x_header1.h -> /project/src/csci_x/include/header1.h x_header2.h -> /project/src/csci_x/include/header2.h /project/src/csci_x/ include/ header1.h -> /project/src/csci_x/local_1/cxx/header1.h header2.h -> /project/src/csci_x/local_2/cxx/header2.h local_1/cxx/ module1.cpp header1.h local_2/cxx/ module2.cpp header2.h

Read the article
How to secure postfix to find out whether the emails are coming really from the sender?

- by codeworxx

Is it possible to secure postfix in a way, that incoming emails are checked on whether the email comes really from the sender? Is that possible to write php script and chose a sender, like the mail is really coming from the sender and what are the possibilities for postfix to find out that this mail is not actually coming from the real sender? What I have found out and activated are the options smtpd_sender_restrictions = reject_unknown_sender_domain unknown_address_reject_code = 554 smtpd_client_restrictions = reject_unknown_client unknown_client_reject_code = 554 Please mention, whether I have missed out on any points!

Read the article
moving files and directories between two machine, via a third, preserving permissions and usernames

- by Jarmund

The situation is as follows: Machine A has a file repository accessible via rsync Machine B needs the above mentioned files with all permissions and ownerships intact (including groups etc) Machine C has access to both A and B, but has a completely different set of users. Normally, i would just rsync everything over, directly between A and B, but due to severely limited bandwidth at the moment, i need something different, as rsync times out after building the list of the 430 files (49Mb uncompressed... can be compressed down to ~7Mb). What i've tried so far: rsync everything over from A to C, tar it, copy the tarball over, and then untar it, however, this messes up the ownership and/or the permissions. To rsync it from A to C, i run this command: rsync --numeric-ids --password-file=/root/rsync_pwd_file -oaPvu rsync://[email protected]/portal_2/ ./portal_2/ ...and from the looks of things, they do end up on C with the correct ownerships/permissions/flags/everything (not 100% sure, though.. are there any more switches i can throw in there? did i miss something?) copying the tarball over is simple enough (slow as a one-legged turtle due to the bandwidth, but it checksums out alright) What i'm unsure of is the flags and switches for creating and extracting the tarball, so could someone please provide the full commands for creating a tarball from /root/portal_2 on machine C (with everything intact) and extracting the tarball into /var/ex/portal_2 on machine B? ? Also, are there any other approaches worth mentioning that could allow me to perform this? I have root access to A and C, whereas i only have rsync access to B. PS: I'm running rsync v2.6.9 on machine B, and unfortunately i do not have the oportunity to upgrade to v3

Read the article
Redirect all outgoing traffic on port 80 to a different IP on the same server

- by Spacedust

I have multiple IP addresses on the same server and I would like to redirect all outgoing traffic on port 80 to a different IP on the same server just no to use always main IP. Currently I'm using this: /sbin/iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source IP; and it works well, but it redirects everything and when I make backups over SSH backup it's failing. System: CentOS 5.8 64-bit

Read the article
How do I start mysqld with options

- by xiankai

I need to start up mysqld with command line options as from here: http://dev.mysql.com/doc/refman/5.1/en/server-options.html#option_mysqld_skip-grant-tables I normally do sudo service mysqld start, but passing the option as sudo service mysqld start --skip-grant-tables does not seem to work. Alternatively I have tried starting as a daemon, sudo mysqld_safe --skip-grant-tables & But it seems to terminate too soon: 131101 04:59:57 mysqld_safe Logging to '/var/lib/mysql/vagrant.example.com.err'. 131101 04:59:57 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql 131101 05:00:03 mysqld_safe mysqld from pid file /var/lib/mysql/vagrant.example.com.pid ended My last option seems to specify the option in /etc/my.cnf instead, but is there any way to do it via the command line?

Read the article
Limit PulseAudio volume to prevent overdrive

- by el.pescado

Is it possible to limit maximum volume in PulseAudio? Currently, PulseAudio sets PCM channel too loud which results in distorted sound. I use aumix to turn volume down, but whenever any other sound is played (IM notification etc), PA plays with knobs, turning master volume down and PCM up. aumix ++++++++++++++++++++O+++++<Vol ++++++++++++++++++++O+++++ Pcm ++++++++++++O+++++++++++++ becomes: aumix ++++++++++++++++O+++++++++<Vol ++++++++++++++++++++++++O+ Pcm ++++++++++++O+++++++++++++ I use OpenSUSE 11.2, pulseaudio 0.9.21, ALSA 1.0.21 and ALC889A sound codec.

Read the article
How set default Kernal boot in Ubuntu

- by Daniel

I want to default boot an older Kernal of Ubuntu, what is the best way to do this?

Read the article
dns ptr entry table

- by mhay

what file shall touch to update ptr entry table ? thanks

Read the article
Setting per-directory umask using ACLs

- by Yarin

We want to mimic the behavior of a system-wide 002 umask on a certain directory foo, in order to ensure the following result: All sub-directories created underneath foo will have 775 permissions All files created underneath foo and subdirectories will have 664 permissions 1 and 2 will happen for files/dirs created by all users, including root, and all daemons. Assuming that ACL is enabled on our partition, this is the command we've come up with: setfacl -R -d -m mask:002 foo This seems to be working- I'm basically just looking for confirmation. Is this the most effective way to apply a per-directory umask with an ACL?

Read the article

< Previous Page | 406 407 408 409 410 411 412 413 414 415 416 417 | Next Page >