Search Results

Search found 26947 results on 1078 pages for 'util linux'.

Page 442/1078 | < Previous Page | 438 439 440 441 442 443 444 445 446 447 448 449 | Next Page >

forward outbound traffic rule

- by Claudiu

I am trying to forward the outbound traffic to another server. Current rule is: /sbin/iptables -A OUTPUT -p tcp -s localhost -o 91.xxx.xxx.xxx --dport 65000:65010 -j ACCEPT but when I do a iptables -L, the rule its showed like this: ACCEPT tcp -- localhost.localdomain anywhere tcp dpts:65000:65010 So I guess my rule is bad written since the "destination" column shows "anywhere" Can you help me with this?

Read the article
Launch script after SFTP disconnect

- by Mates

I'm currently using Caja (basically the same as Nautilus) to connect using SSH to my server and work with files. What I'm looking for is a way to launch a simple script when I disconnect - I can launch a script after disconnecting from the TTY by putting it into ~/.bash_logout file, but that is not executed when disconnecting from a file manager. The only idea I have is to set up a cronjob which would be checking for existing sftp-server or sshd processes periodicaly and launched the script when there's no such process running. Is there any easier way to do this?

Read the article
Hardware recommendations for building an Ubuntu encrypted file server

- by Robert Mashlan

I would like to build a file server for my home network using Ubuntu. It will serve files from RAID1 configured disks, either in the OS or in hardware. It will be connected to a Gigabit ethernet LAN. The disks will use an encrypted file system. It will serve samba shares. I would like a recommendation on what kind of processing power/memory I would need to build a box that would be able to sustain the full capacity of the Gigabit ethernet connection in a file transfer for a single connection with the overhead of serving from an encrypted disk. I'm not looking to build a dream server, I just want enough processing capacity for high performance (and reliable) file sharing and spend as little as possible for it. This may be tangential, but what kind of hardware would I need to have a server be able to reliably go into a low power mode when no requests are being made of it?

Read the article
Limited bandwidth and transfer rates per user.

- by Cx03

I searched for a while but couldn't find anything concrete, hopefully someone can help me. I'm going to be running a Debian server on a gigabit port, and want to give each user his/her fair share of internet access. The first objective is easy - transfer rates (speed) per user. From what I've looked at, IPTables/Shorewall could do the job easy. Is this easy to setup, or could one of you point me at a config? I was hoping to limit users at 300mbit or 650mbit each. The second objective gets complicated. Due to the usage of the boxes, most of the traffic will be internal network traffic that does NOT get counted to the quota. However, I still need to limit the external traffic, and if they go over, cut off access (or throttle traffic to a very low speed (10mbit?)). Let's say the user has a 3TB external traffic limit. The IF part is: If the hostname they are exchanging the traffic with DOES NOT MATCH .ovh. or .kimsufi. (company owns multiple TLDs), count to the quota. Once said quota exceeds 3TB, choke them. Where could I find a system to count that for me? It would also need to reset or be able to be manually reset on a monthly basis. Thanks ahead of time!

Read the article
Remotely enter encryption key?

- by Jason Swett

This might be a really dumb question but here goes, anyway. I just bought a couple servers. I already installed Ubuntu with encrypted LVM on one and I'm planning on doing the same with the other. This means that every time I boot up each of these machines, I have to enter the passphrase. And I'll have to do this every morning because I'll power each machine off each night for security reasons. Here's the problem: I don't have monitors or keyboards for these servers. It seems to me I have two options: Somehow enter the passphrase remotely Buy a KVM switch I doubt #1 is an option but I want to make sure it's not before I buy a KVM. Is it possible to enter the passphrase remotely? AND is it a good idea?

Read the article
Date sorting with ls

- by nearly_lunchtime

How can I sort the output of ls by last modified date?

Read the article
Ubuntu 12.04 as router with 2 nic

- by Blue Gene

I have been trying this setup for weeks and still can not make this to work... ubuntu 12.04 64 bit with 2 nic nic1: eth0:192.168.2.33 -static ip with internet access (connected to modem) nic2: eth1:192.168.1.2 -static ip connected to LAN. enabled ip_forward on ubuntu box net_ip_forward = 1 on the LAN with ip address 192.168.1.5 specified gateway as 192.168.1.2 and able to ping gateway.But can not ping public address.What am i missing? on router box: route -n Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.2.1 0.0.0.0 UG 100 0 0 eth0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 tried ip route add 192.168.2.0/24 via 192.168.1.2 dev eth0 route -n on LAN 192.168.1.5 Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.1.2 0.0.0.0 UG 100 0 0 eth0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.2.0 192.168.1.2 255.255.255.0 UG 0 0 0 eth0 iptables default policy is to accept all. tracepath 8.8.8.8 from LAN 1: 192.168.1.5 0.060ms pmtu 1500 1: 192.168.1.2 3.367ms 1: 192.168.1.2 3.764ms 2: no reply Is there a way to make this work,other than NAT ing.

Read the article
How to change font size on display

- by Tim

My laptop is Lenovo T400, whose screen size is 14.1 inches and default resolution is 1440 x 900. My main OS is Ubuntu 10.10. The default font size on the display is somehow small, which might contribute to the fatigue of my eyes. My previous laptop is Acer 5000, whose screen size is 15.4 inches and the default resolution is 1024 x 768. I like reading on my old laptop better than on my new one. Is it possible to change the setting of my new one to look like reading my old one? What are the parameters that control the font size? Are screen size, resolution part of them? In Windows, there are choices for font size, while in Ubuntu I haven't find out where I can change the setting and would like know if someone here knows about it. I also wonder if I can use a separate bigger display (perhaps just like a desktop display) as the display of my laptop, in case I don't want to enlarge font size at the cost of sacrificing the amount of the content to display, and how I shall do it? Thanks and regards!

Read the article
Iptables - forward email ports?

- by Emmet Brown

im trying to open some local ports (LAN) and then re-direct them to another server (WAN) using iptables. Here is my config: #WAN allow-hotplug eth1 auto eth1 iface eth1 inet static #Tarjeta red WAN address 192.168.2.2 gateway 192.168.2.1 netmask 255.255.255.0 #LAN allow-hotplug eth0 auto eth0 iface eth0 inet static address 192.168.16.6 netmask 255.255.255.0 network 192.168.16.0 broadcast 192.168.16.255 I try this: iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 110 -j DNAT --to 200.40.30.218:110 iptables -A FORWARD -p tcp -i eth0 -o eth1 -d 200.40.30.218 --dport 110 -j ACCEPT iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 25 -j DNAT --to 200.40.30.218:25 iptables -A FORWARD -p tcp -i eth0 -o ethq -d 200.40.30.218 --dport 25 -j ACCEPT but, it did not work. i also try changeing eth0 to eth1 (and eth1 to eth0) but nothing happened. Starting Nmap 5.00 ( http://nmap.org ) at 2011-10-03 14:44 UYST Interesting ports on 192.168.16.6: Not shown: 997 closed ports PORT STATE SERVICE 22/tcp open ssh 111/tcp open rpcbind 8080/tcp open http-proxy Im running debian. Can u guys help me to check what is happening? edit: IPTABLES-SAVE # Generated by iptables-save v1.4.8 on Mon Oct 3 15:43:14 2011 *mangle :PREROUTING ACCEPT [139993:77867651] :INPUT ACCEPT [139385:77761761] :FORWARD ACCEPT [186:12071] :OUTPUT ACCEPT [173556:74341650] :POSTROUTING ACCEPT [173734:74352988] COMMIT # Completed on Mon Oct 3 15:43:14 2011 # Generated by iptables-save v1.4.8 on Mon Oct 3 15:43:14 2011 *nat :PREROUTING ACCEPT [1649:190626] :POSTROUTING ACCEPT [6729:339646] :OUTPUT ACCEPT [6697:337660] -A PREROUTING -i eth0 -p tcp -m tcp --dport 110 -j DNAT --to-destination 200.40.30.218:110 -A PREROUTING -i eth0 -p tcp -m tcp --dport 25 -j DNAT --to-destination 200.40.30.218:25 COMMIT # Completed on Mon Oct 3 15:43:14 2011 # Generated by iptables-save v1.4.8 on Mon Oct 3 15:43:14 2011 *filter :INPUT ACCEPT [138307:77066136] :FORWARD ACCEPT [168:11207] :OUTPUT ACCEPT [172288:73655708] -A FORWARD -d 200.40.30.218/32 -i eth0 -o eth1 -p tcp -m tcp --dport 110 -j ACCEPT -A FORWARD -d 200.40.30.218/32 -i eth0 -o ethq -p tcp -m tcp --dport 25 -j ACCEPT COMMIT # Completed on Mon Oct 3 15:43:14 2011 Regards

Read the article
Why isn't passwordless ssh working?

- by Nelson

I have two Ubuntu Server machines sitting at home. One is 192.168.1.15 (we'll call this 15), and the other is 192.168.1.25 (we'll call this 25). For some reason, when I want to setup passwordless login from 15 to 25, it works like a champ. When I repeat the steps on 25, so that 25 can login without a password on 15, no dice. I have checked both sshd_config files. Both have: RSAAuthentication yes PubkeyAuthentication yes I have checked permissions on both servers: drwx------ 2 bion2 bion2 4096 Dec 4 12:51 .ssh -rw------- 1 bion2 bion2 398 Dec 4 13:10 authorized_keys On 25. drwx------ 2 shimdidly shimdidly 4096 Dec 4 19:15 .ssh -rw------- 1 shimdidly shimdidly 1018 Dec 4 18:54 authorized_keys On 15. I just don't understand when things would work one way and not the other. I know it's probably something obvious just staring me in the face, but for the life of me, I can't figure out what is going on. Here's what ssh -v says when I try to ssh from 25 to 15: ssh -v -p 51337 192.168.1.15 OpenSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to 192.168.1.15 [192.168.1.15] port 51337. debug1: Connection established. debug1: identity file /home/shimdidly/.ssh/id_rsa type 1 debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 debug1: identity file /home/shimdidly/.ssh/id_rsa-cert type -1 debug1: identity file /home/shimdidly/.ssh/id_dsa type 2 debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024 debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024 debug1: identity file /home/shimdidly/.ssh/id_dsa-cert type -1 debug1: identity file /home/shimdidly/.ssh/id_ecdsa type -1 debug1: identity file /home/shimdidly/.ssh/id_ecdsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1 debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ECDSA 54:5c:60:80:74:ab:ab:31:36:a1:d3:9b:db:31:2a:ee debug1: Host '[192.168.1.15]:51337' is known and matches the ECDSA host key. debug1: Found key in /home/shimdidly/.ssh/known_hosts:2 debug1: ssh_ecdsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Offering RSA public key: /home/shimdidly/.ssh/id_rsa debug1: Authentications that can continue: publickey,password debug1: Offering DSA public key: /home/shimdidly/.ssh/id_dsa debug1: Authentications that can continue: publickey,password debug1: Trying private key: /home/shimdidly/.ssh/id_ecdsa debug1: Next authentication method: password

Read the article
How can I avoid hard-coding YubiKey user identities into the PAM stack?

- by CodeGnome

The Yubico PAM Module seems to require changes to the PAM stack for each user that will be authenticated with a YubiKey. Specifically, it seems that each user's client identity must be added to the right PAM configuration file before the user can be authenticated. While it makes sense to add authorized keys to an authentication database such as /etc/yubikey_mappings or ~/.yubico/authorized_yubikeys, it seems like a bad practice to have to edit the PAM stack itself for each individual user. I would definitely like to avoid having to hard-code user identities into the PAM stack this way. So, is it possible to avoid hard-coding the id parameter to the pam_yubico.so module itself? If not, are there any other PAM modules that can leverage YubiKey authentication without hard-coding the stack?

Read the article
List of all nested subfolders with a specific name

- by shawn

How to get a list of all the subfolders with a specific name e.g. all the folders which their name contains 'NAME' I know: find . | grep *NAME* but this won't give me a unique list (if the folder has subfolders it gets listed multiple times)

Read the article
Title: Better logging for cronjob output

- by Stefan Lasiewski

I am looking for a better way to log cronjobs. Most cronjobs tend to spam email or the console, get ignored, or create yet another logfile. In this case, I have a Nagios NSCA script which sends data to a central Nagios sever. This send_nsca script also prints a single status line to STDOUT, indicating success or failure. 0 * * * * root /usr/local/nagios/sbin/nsca_check_disk This emails the following message to root@localhost, which is then forwarded to my team of sysadmins. Spam. forwarded nsca_check_disk: 1 data packet(s) sent to host successfully. I'm looking for a log method which: Doesn't spam the messages to email or the console Don't create yet another krufty logfile which requires cleanup months or years later. Capture the log information somewhere, so it can be viewed later if desired. Works on most unixes Fits into an existing log infrastructure. Uses common syslog conventions like 'facility' Some of these are third party scripts, and don't always do logging internally.

Read the article
Tool to allow Kerberos Authenticated users to modify Firewall settings

- by Lars Hanke

I run a firewall on a central router. Recently, several users want to use Skype. Since firewalling Skype virtually means to switch the firewall off, I consider to allow users to temporarily punch holes for their system. Since the users have no accounts on the router, I consider using Kerberos for authentication and authorization. The router is a Debian Squeeze box, with minimal configuration, i.e. no web-server, database or similar gimmicks. Does anyone know an existing solution, which could be used for that purpose? Or does anybody know easy to use and well documented frameworks in say Perl, Python, C, C++, ... making the set-up of a Kerberos authenticated Client and Server application really simple?

Read the article
File descriptor linked to socket or pipe in proc

- by primero

i have a question regarding the file descriptors and their linkage in the proc file system. I've observed that if i list the file descriptors of a certain process from proc ls -la /proc/1234/fd i get the following output: lr-x------ 1 root root 64 Sep 13 07:12 0 -> /dev/null l-wx------ 1 root root 64 Sep 13 07:12 1 -> /dev/null l-wx------ 1 root root 64 Sep 13 07:12 2 -> /dev/null lr-x------ 1 root root 64 Sep 13 07:12 3 -> pipe:[2744159739] l-wx------ 1 root root 64 Sep 13 07:12 4 -> pipe:[2744159739] lrwx------ 1 root root 64 Sep 13 07:12 5 -> socket:[2744160313] lrwx------ 1 root root 64 Sep 13 07:12 6 -> /var/lib/log/some.log I get the meaning of a file descriptor and i understand from my example the file descriptors 0 1 2 and 6, they are tied to physical resources on my computer, and also i guess 5 is connected to some resource on the network(because of the socket), but what i don't understand is the meaning of the numbers in the brackets. Do the point to some property of the resource? Also why are some of the links broken? And lastly as long as I asked a question already :) what is pipe?

Read the article
Crontab -- scheduling my backups

- by Garfonzo

I want to do a backup every Friday night (no, this is not the whole backup routine, just part of it). Each Friday night's backup will not be overwritten until 4 weeks later. So, essentially, I have a four revolving backups: Week1, week2, week3, and week4. Now, I need the week1 backup script to run every 4 weeks. But I also want week2's script to run every four weeks. I know that I can tell the crontab to execute something every X weeks/days/hours/whatever. However, how do I set it up so that each of these four scripts actually run on different weeks, how do I avoid all 4 scripts running on the same night, then dutifully waiting for weeks only to all run again? Thanks.

Read the article
Le noyau Linux sort en version 3.15 et permet une mise en veille et une reprise plus rapides

Le noyau Linux sort en version 3.15 et permet une mise en veille et une reprise plus rapides Comme il est de coutume, Linus Torvalds, le père du noyau Linux a annoncé la sortie de la version stable de Linux 3.15.Des améliorations de performances sont au coeur des modifications de cette troisième version du célèbre noyau open source depuis le début de cette année. Le nouveau Kernel réduit considérablement le temps de mise en veille et de reprise du système pour les ordinateurs portables.Le nouveau...

Read the article
Running JBoss 6 with Runit / daemontools or other process supervision framework

- by Alex Recarey

I'm tying to use runit to daemonize JBoss. I use the /opt/jboss-6.1.0.Final/bin/run.sh script to start the server. When I do so from the comandline, JBoss does not detach (which is what we want), and will also shut down when CTRL+C is pressed. In theory a perfect candidate to use runit on. Everything works fine except when I try to get runit to shut down JBoss. When I issue the command sv stop jboss nothing happens. Runit thinks the process is stopped but jboss continues to run normally. I'm not doing anything special with the run script. This is my runit run script: #!/bin/sh exec 2>&1 exec /opt/jboss-6.1.0.Final/bin/run.sh -c standard -b 0.0.0.0 Looking at the jboss_init_redhat.sh script, the start section does mention ./bin/run.sh but the stop section has the following text: JBOSS_CMD_STOP=${JBOSS_CMD_STOP:-"java -classpath $JBOSSCP org.jboss.Shutdown --shutdown"} Any ideas of what I could try?

Read the article
Better way to quad+ boot operating systems?

- by Wijagels

I currently have Windows 7, Ubuntu 12.04, Fedora 17, and open SUSE installed. I currently use BURG boot loader to load up all the systems. However, BURG does not work with windows(I still manage) and it is a little finicky. So, I want to make windows work and have all the other OSes I want all on one boot loader. I already tried easy BCD and for whatever reason Fedora took over and blocked out the other OSes.

Read the article
How to use rsync when filenames contain double quotes?

- by wfoolhill

I am trying to synchronize the content of the directory my_dir/ from /home to /backup. This directory contains a file which name has a double quote in it, such as to"to. Here is my rsync command: rsync -Cazh /home/my_dir/ /backup/my_dir/ And I get the following message: rsync: mkstemp "/backup/my_dir/.to"to.d93PZr" failed: Invalid argument (22) For info, rsync works well when the synchronized filenames contain single quote, parenthesis and space. Thus, why is it bugging with a double quote? Thanks for any help.

Read the article
Remove some junk characters from server console log.

- by Jayakrishnan T

Please look in to the picture,here am trying to open(with vi editor) my server console log file(around 100MB) and it takes more than two minutes to open with so many special characters.after deleting the first line (means typing "dd")then i can easily view the file and size of the file is also reduced very much.My server OS is RHEL 5.4 and jboss is running in to it. Please help me to avoid such junk characters coming to my server console log files and it helps me to save my valuable space in server.

Read the article
How to retry connections with wget?

- by Andrei

I have a very unstable internet connection, and sometimes have to download files as large as 200 MB. The problem is that the speed frequently drops and sits at --, -K/s and the process remains alive. I thought just to send some KILL signals to the process, but as I read in the wget manual about signals it doesn't help. How can I force wget to reinitialize itself and pick the download up where it left off after the connection drops and comes back up again? I would like to leave wget running, and when I come back, I want to see it downloading, and not waiting with speed --,-K/s.

Read the article
why in /proc file system have this infomation

- by liutaihua

run: lsof|grep delete can find some process open fd, but system dis that it had to delete: mingetty 2031 root txt REG 8,2 15256 49021039 /sbin/mingetty (deleted) I look the /proce filesystem: ls -l /proc/[pid] lrwxrwxrwx 1 root root 0 9? 17 16:12 exe -> /sbin/mingetty (deleted) but actually, the executable(/sbin/mingetty) is normal at /sbin/mingetty path. and some soket like this situation: ls -l /proc/[pid]/fd 82 -> socket:[23716953] but, use the commands: netstat -ae|grep [socket id] can find it. why the OS display this infomation??

Read the article
Tool to run same key strokes on multiple unix machines

- by virtualvoid

I want to run the same commands on multiple machines, I know I can do this using ssh scripting or things like clusterssh, however I don't want to install anything on the server. (Don't have the rights) What I want is to just clone the keystrokes across multiple machines e.g. run cat /etc/oratab on one window and same is run on multiple windows e.g. in putty, is there a tool to do that from a windows client.

Read the article
Where is the root

- by smwikipedia

I read the manual page of the "mount" command, at it reads as below: All files accessible in a Unix system are arranged in one big tree, the file hierarchy, rooted at /. These files can be spread out over several devices. The mount command serves to attach the file system found on some device to the big file tree. My question is: Where is this "big tree" located?

Read the article

< Previous Page | 438 439 440 441 442 443 444 445 446 447 448 449 | Next Page >