Search Results

Search found 41561 results on 1663 pages for 'linux command'.

Page 490/1663 | < Previous Page | 486 487 488 489 490 491 492 493 494 495 496 497  | Next Page >

• Configure Iptables to allow a PHP-app accessing a port-nr

  - by Camran

  I have a php-application which connects to another app called Solr (database search engine). I can via this php app add/remove documents (records) from the Solr index. However, the Solr security is low, and anybody with the right port nr can access Solr and remove documents (records). I wonder, is it possible to ONLY allow my own php-app to have access to Solr somehow? Prefferably via Iptables. I am thinking I can only allow my own servers IP to that port, and it would solve my problem, because PHP is a server-side code. But I am not sure. About the Php-app: The website is a classifieds website, and when users wants to add or remove classifieds, they do so through a php app, which is this one. The app has a function which connects to solr and updates the database (index). I appreciate detailed answers... Thanks

  Read the article

• DRBD not syncing between my nodes when IP is reset

  - by ramdaz

  I am trying to setup DRBD by following the article at http://www.howtoforge.com/setting-up-network-raid1-with-drbd-on-ubuntu-11.10-p2 I am using Ubuntu 10.04 DRBD - 8.3.11 In the first run I had everything working perfectly and when shifting the systems to a production environment I decided to restart the Meta Data creation part and start from scratch. The IPs had changed entirely in the production environment. Issuing drdbadm create-md r0 in both the servers runs successfully. But when I do "drbdadm -- --overwrite-data-of-peer primary all" on the primary it fails to start the re sync. My config file is as given below resource r0 { protocol C; syncer { rate 50M; } startup { wfc-timeout 15; degr-wfc-timeout 60; } net { cram-hmac-alg sha1; shared-secret "aklsadkjlhdbskjndsf8738734jkfkjfkjf"; } on primaryds { device /dev/drbd0; disk /dev/md2; address 172.16.7.1:7788; meta-disk internal; } on secondaryds { device /dev/drbd0; disk /dev/md2; address 172.16.7.3:7788; meta-disk internal; } } Status on primary root at primaryds:~# cat /proc/drbd version: 8.3.7 (api:88/proto:86-91) GIT-hash: ea9e28dbff98e331a62bcbcc63a6135808fe2917 build by root at primaryds, 2012-05-12 15:08:01 0: cs:WFBitMapS ro:Primary/Secondary ds:UpToDate/Inconsistent C r---- ns:0 nr:0 dw:0 dr:200 al:0 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:b oos:5690352828 Status on secondary root at secondaryds:/etc/drbd.d# cat /proc/drbd version: 8.3.7 (api:88/proto:86-91) GIT-hash: ea9e28dbff98e331a62bcbcc63a6135808fe2917 build by root at secondaryds, 2012-05-12 15:25:25 0: cs:WFBitMapT ro:Secondary/Primary ds:Inconsistent/UpToDate C r---- ns:0 nr:0 dw:0 dr:0 al:0 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:b oos:5690352828 Log of Primary May 30 13:42:23 primaryds kernel: [ 1584.057076] block drbd0: role( Secondary -> Primary ) disk( Inconsistent -> UpToDate ) May 30 13:42:23 primaryds kernel: [ 1584.086264] block drbd0: Forced to consider local data as UpToDate! May 30 13:42:23 primaryds kernel: [ 1584.086303] block drbd0: Creating new current UUID May 30 13:42:26 primaryds kernel: [ 1586.405551] block drbd0: drbd_sync_handshake: May 30 13:42:26 primaryds kernel: [ 1586.405564] block drbd0: self E8A075F378173D4B:0000000000000004:0000000000000000:0000000000000000 bits:1422588207 flags:0 May 30 13:42:26 primaryds kernel: [ 1586.405574] block drbd0: peer 0000000000000004:0000000000000000:0000000000000000:0000000000000000 bits:1422588207 flags:0 May 30 13:42:26 primaryds kernel: [ 1586.405582] block drbd0: uuid_compare()=2 by rule 30 May 30 13:42:26 primaryds kernel: [ 1586.405587] block drbd0: Becoming sync source due to disk states. May 30 13:42:26 primaryds kernel: [ 1586.405592] block drbd0: Writing the whole bitmap, full sync required after drbd_sync_handshake. May 30 13:42:27 primaryds kernel: [ 1588.171638] block drbd0: 5427 GB (1422588207 bits) marked out-of-sync by on disk bit-map. May 30 13:42:27 primaryds kernel: [ 1588.172769] block drbd0: conn( Connected -> WFBitMapS ) Log in Secondary May 30 13:42:24 secondaryds kernel: [ 1563.304894] block drbd0: peer( Secondary - Primary ) pdsk( Inconsistent - UpToDate ) May 30 13:42:24 secondaryds kernel: [ 1563.339674] block drbd0: drbd_sync_handshake: May 30 13:42:24 secondaryds kernel: [ 1563.339685] block drbd0: self 0000000000000004:0000000000000000:0000000000000000:0000000000000000 bits:1422588207 flags:0 May 30 13:42:24 secondaryds kernel: [ 1563.339695] block drbd0: peer E8A075F378173D4B:0000000000000004:0000000000000000:0000000000000000 bits:1422588207 flags:0 May 30 13:42:24 secondaryds kernel: [ 1563.339703] block drbd0: uuid_compare()=-2 by rule 20 May 30 13:42:24 secondaryds kernel: [ 1563.339709] block drbd0: Becoming sync target due to disk states. May 30 13:42:24 secondaryds kernel: [ 1563.339714] block drbd0: Writing the whole bitmap, full sync required after drbd_sync_handshake. May 30 13:42:26 secondaryds kernel: [ 1565.652342] block drbd0: 5427 GB (1422588207 bits) marked out-of-sync by on disk bit-map. May 30 13:42:26 secondaryds kernel: [ 1565.652965] block drbd0: conn( Connected - WFBitMapT ) The serves are not responding once it reaches this stage. Tried redoing it couple of time but noting happens. Why could the resync not be taking place? I would like some advice? Directions?

  Read the article

• SELinux Contexts

  - by Josh

  I am configuring Apache\PHP and noticed Apache complaining about permissions with the php shared object. Starting httpd: httpd: Syntax error on line 206 of /etc/httpd/conf/httpd.conf: Cannot load /usr/lib/httpd/modules/libphp5.so into server: /usr/lib/httpd/modules/libphp5.so: cannot restore segment prot after reloc: Permission denied I looked at the context (started fine with enforcement off) and found: [root@HDSSERVER conf]# ls --lcontext /usr/lib/httpd/modules/libphp5.so -rwxr-xr-x 1 root:object_r:httpd_modules_t root root 15565418 May 10 08:39 /usr/lib/httpd/modules/libphp5.so Shouldn't httpd (apache) be able to access files with a context of httpd_modules_t? I got it fixed by applying chcon -t textrel_shlib_t '/usr/lib/httpd/modules/libphp5.so' But I would think the httpd version would work before this one. Can someone explain this to me?

  Read the article

• Firefox being really sluggish on php.net website?

  - by Rory

  Is it just me, or is firefox (3.5 on Ubuntu 9.10 karmic) really sluggish when opening the PHP.net website? When I have several tabs open with just the PHP.net website, and I tab up and down (with Control-PageUp/Down), it's slow to change tab. If I do it quickly, then firefox freezes for a few seconds (I know because it goes grey, which is a compiz feature to show unresponsive windows). The CPU usage also goes up when I'm tabbing to PHP.net pages. UPDATE: This appears to happen for all PHP.net webpages. For other pages, on other sites, Firefox is fine (for me).

  Read the article

• rm -rf not erasing directory

  - by chief

  I am attempting to erase a directory called apps. When I run rm-rf apps it looks like it erases it for the moment. When I log back on to the server the directory is still there, though it is highlighted in green. drwxrwxrwx 3 user user 4096 2010-04-24 18:33 apps

  Read the article

• rm -rf not erasing directory

  - by chief

  I am attempting to erase a directory called apps. When I run rm-rf apps it looks like it erases it for the moment. When I log back on to the server the directory is still there, though it is highlighted in green. drwxrwxrwx 3 user user 4096 2010-04-24 18:33 apps Ubuntu 9.10

  Read the article

• How do I configure a secondary gateway in RHEL5?

  - by Brett Ryan

  Greetings, we have been experiencing a random timeout issue with VPN users connecting to one of our servers which is causing a problem. My network administrator has instructed me to configure a secondary gateway to include the VPN connection. My current connection resides as follows, 10.1.9.1 is the internal gateway to the internet, I'd like to add 10.1.1.20 as the VPN gateway. # Broadcom Corporation NetXtreme II BCM5708S Gigabit Ethernet DEVICE=eth0 BOOTPROTO=none BROADCAST=10.1.255.255 IPADDR=10.1.1.22 IPV6_AUTOCONF=yes NETMASK=255.255.0.0 NETWORK=10.1.0.0 ONBOOT=yes GATEWAY=10.1.9.1 TYPE=Ethernet USERCTL=no IPV6INIT=no PEERDNS=yes

  Read the article

• Set Users as chrooted for sftp, but allow user to login in SSH

  - by Eghes

  I have setup a ssh server on debian 7, to use sftp connection. I chrooted some user, with this config: Match Group sftpusers ChrootDirectory /sftp/%u ForceCommand internal-sftp But if i want login with one of this chrooted users in ssh console, they get logged, but autoclose the connection. In logs I see: Oct 17 13:39:32 xxxxxx sshd[31100]: Accepted password for yyyyyy from zzz.zzz.zzz.zzz port 7855 ssh2 Oct 17 13:39:32 xxxxxx[31100]: pam_unix(sshd:session): session opened for user yyyyyyyyyyyy by (uid=0) Oct 17 13:39:32 d00hyr-ea1 sshd[31100]: pam_unix(sshd:session): session closed for user yyyyyyyyyyyy How can I chroot a user only for sftp, and use it as a normal user for ssh?

  Read the article

• Symbol lookup error while starting pidgin in Arch

  - by Hossein Mobasher

  I have just installed pidgin from the source code that i downloaded from pidgin site, it compile correctly with using below commands : ./configure --disable-gtkspell ; make ; make install but, when i try to start pidgin from terminal, occurres an error :? pidgin: symbol lookup error: /usr/lib/libfarstream-0.1.so.0: undefined symbol: g_key_file_free how can i solve this problem ? Thanks for your attention :)

  Read the article

• send outgoing email via postfix from mail client

  - by Ey Jay

  I have installed postfix on my ubuntu that is hosted on digitalocean. What I want to do is. With my smtp server setup, I want to use it to send mail from my email client. I don't need to receive, I just need to send. I can telnet example.com 25 successfully, I received the email in my inbox, but when I tried using in a email client. smtp: example.com:25 user: smtp1user password: smtp1userpassword I get an error that says "Server doesn't respond. Try changing the port." I dont know how to proceed.

  Read the article

• Exploratory Question for Security Admins (/etc/passwd + PHP)

  - by JPerkSter

  Hi everyone, I've been seeing a few issues lately on a few of my servers where an account gets hacked via outdated scripts, and the hacker uploads a cPanel / FTP Brute forcing PHP script inside the account. The PHP File reads /etc/passwd to get the usernames, and than uses a passwd.txt file to try and brute force it's way in to 127.0.0.1:2082. I'm trying to think of a way to block this. It doesn't POST anything except "GET /path/phpfile.php", so I can't use mod_security to block this. I've been thinking of maybe changing permissions on /etc/passwd to 600, however I'm unsure how this will result in regards to my users. I was also thinking of rate-limiting localhost connections to :2082, however I'm worried about mod_proxy being affected. Any suggestions?

  Read the article

• ubuntu: mumble 1.2.2 in Karmic

  - by Dan

  Karmic only has mumble 1.1.8, but if I want to connect to a 1.2 server I need to upgrade... So I would like to know how I can upgrade to mumble 1.2.2 without messing myself up for later when I upgrade to 10.04 and beyond... I just want a smooth transition into the next versions of mumble. Is there anyway to upgrade to this newer version and either keep it in the package manager or make it not interfere with the natural upgrades the program will later recieve from the package manager? Thanks, Dan

  Read the article

• racoon-tool doesn't generate full racoon.conf file in /var/lib/racoon/racoon.conf

  - by robthewolf

  I am using ipsec-tools/racoon to create my VPN. I am using racoon-tool to configure racoon.conf but when I run racoon-tool reload it only generates the first section - Global items. When I run racoon-tool I get: # racoon-tool reload Loading SAD and SPD... SAD and SPD loaded. Configuring racoon...done. This is the entire file /var/lib/racoon/racoon.conf # # Racoon configuration for Samuel # Generated on Wed Jan 5 21:31:49 2011 by racoon-tool # # # Global items # path pre_shared_key "/etc/racoon/psk.txt"; path certificate "/etc/racoon/certs"; log debug; I cannot find anywhere a solution as to why this is happening. Please help

  Read the article

• how to prevent new windows from stealing focus in gnome

  - by BD at Rivenhill

  I'm running Ubuntu 9.04 and I have the window manager configured for "focus follows mouse" but new application windows will steal the focus. Seems like there are many threads out there complaining about this behavior, but I see no solutions, am I missing something?

  Read the article

• Permission issue for apache

  - by Aamir Adnan

  Environment Details: Amazon Ec2 Ubuntu 12.04 Django + mod_wsgi + python 2.6 web server: apache2 I have mounted a 10GB ebs volume to an instance to /mnt/ebs1/. After mounting the volume and formatting, I have placed all my project files in /mnt/ebs1/project. the wsgi file is in /mnt/ebs1/project/apache/django.wsgi. The content of wsgi file is: import os, sys sys.path.insert(0, '/mnt/ebs1/project') sys.path.insert(1, '/mnt/ebs1') os.environ['DJANGO_SETTINGS_MODULE'] = 'project.configs.common.settings' import django.core.handlers.wsgi application = django.core.handlers.wsgi.WSGIHandler() My httpd.conf file looks as: LoadModule wsgi_module /usr/lib/apache2/modules/mod_wsgi.so WSGIPythonHome /usr/bin/python2.6 WSGIScriptAlias / /mnt/ebs1/project/apache/django.wsgi <Directory /mnt/ebs1/project> Order allow,deny Allow from all </Directory> <Directory /mnt/ebs1/project/apache> Order allow,deny Allow from all </Directory> Alias /static/ /mnt/ebs1/project/static/ <Directory /mnt/ebs1/project/static> Order deny,allow Allow from all </Directory> The above configurations gives me Forbidden: You don't have permission to access / on this server. I tried to find the user which is running apache using ps aux which is www-data and has group www-data. I have tried to change the ownership of /mnt/ebs1 and its subdirectories using chown -R www-data:www-data /mnt/ebs1 but that still does not solve the problem. Can any one tell me what I am doing wrong or have missed?

  Read the article

• How to configure mod_proxy_balancer to gracefully fail under high load

  - by bramp

  We have a system which has one Apache instance in front of multiple tomcats. These tomcats then connect to various databases. We balance the load to the tomcat with mod_proxy_balancer. Currently we are receiving 100 requests a second, the load on the Apache server is quite low, but due to database heavy operations on the tomcats, the load there is roughly 25% (of what I estimate they can handle). In a few weeks there is an event happening and we estimate that our requests will jump significant, maybe by a factor of 10. I'm doing everything I can do reduce the load on our tomcats, but I know we are going to run out of capacity, so I would like to fail gracefully. By this I mean, instead of trying to deal with too many connections which all timeout, I would like Apache to somehow monitor average response time, and as soon as the response time to Tomcat is getting above some threshold, I would like a error page displayed. This means that users who are lucky still get a page rendered quickly, and those who are unlucky get a error page quickly. Instead of everyone waiting far too long for their page, and eventually everyone timing out, and the database being swamped with queries which are never used. Hopefully this makes sense, so I was looking for suggestions on how I could achieve this. thanks

  Read the article

• How to add message that will be read with dmesg?

  - by calandoa

  I am trying to write some custom messages in my dmesg output. I tried: logger "Hello" but this does not work. It exits without error, but no "Hello" appears int the output of: dmesg I am using a Fedora 9, and it seems that there is no syslogd/klogd daemon running. However, all my kernel messages are succesfully written in the dmesg buffer. Any idea?

  Read the article

• Reset user passwd when you don't know it

  - by warren

  I have a small problem. I have shared keys setup on my domain, so I never type my password to login anymore. I've forgotten my password now. This is a problem because only my user can sudo. Password authentication for root has been disabled, so without my password, I cannot do maintenance on my web server. Is there a way to reset my password as my [now only] key-authenticated user? Specifically, can this be done on CentOS 4?

  Read the article

• How long does a blocked connection from Iptables last? Is there a way to set the timeout?

  - by Josh

  iptables -A INPUT -m state --state NEW -m recent --set # If we receive more than 10 connections in 10 seconds block our friend. iptables -A INPUT -m state --state NEW -m recent --update --seconds 5 --hitcount 15 -j Log-N-Drop I have these two relevant rules from iptables. if more than 15 connections are made in 5 seconds it logs the attempt and blocks it. How long does iptables maintain the counter? Does it refresh if connections are attempted again?

  Read the article

• iptables not writing rules.

  - by Darkmage

  im running these two rules as root, but when doing a iptables -L it dosent show any rules, any one have an idea of what the problem can be? iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 --source 84.244.145.135 -j REDIRECT --to-port 1222 iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 --source 243.134.97.194 -j REDIRECT --to-port 1222 duno@Virtual-Box:/home/glennwiz# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination

  Read the article

• Conflicting answers from du with different units

  - by dpitch40

  My question is quite simple. I get this output when checking the total amount of space I'm using on my Walkman. david@Milton:/media$ du -b --max-depth=0 WALKMAN/ 14823290693 WALKMAN/ david@Milton:/media$ du -k --max-depth=0 WALKMAN/ 14523776 WALKMAN/ Last I checked, 14,523,776 KB * 1024 = 14,872,646,624 B, not 14,823,290,693. Dividing the two, their "K" unit seems to be equal to about 1020.62 rather than 1024 as advertised. This is causing some errors in the program I wrote to sync my Walkman, so it fills up faster than it claims to. Can anyone explain this discrepency?

  Read the article

• Tips and tricks to make NX server more stable

  - by gareth_bowles

  My shop has been using the FreeNX server on Fedora 11 for a while now and mostly getting good results, especially with performance, but we have some annoying problems with client connections. There are two main issues: Client sessions sometimes freeze after a long time (seems to be at least 2 hours of having the session active) We often have to make multiple attempts to start a new client session, especially if a previous session was suspended rather than terminated. In qwuite a few cases, we've had to restart the NX server to get around this. Our NX server configuration is the default except that we've enabled logging level 7 to /var/log/nxserver.log, and set the font server to "unix:/7100" so that it uses xfs. Does anyone have any ideas for making things more stable ?

  Read the article

• Updating Network Solutions Virtual Private Server

  - by Peter Turner

  Just got a VPS from Network Solutions, it's got Red Hat 4, PHP 5.16, Java 1.4, no Yum and a whole bunch of packages I'd expect to have from a fresh install. Anyway, obviously I sound like a spoiled Ubunutoligist, but do I seriously have to manually update all this stuff, is there a shortcut, I'm used to Fedora, so I'm not sure what the differences are between using Yum in Redhat and Fedora. Should I just demand that Network Solutions give me a server that's not 4 years old or is there a way to update this thing that won't take all week?

  Read the article

• Installing Git on Ubuntu 12.04

  - by Sven Jung

  I installed git with gitolite on my vserver using this tutorial. But I've got a problem to clone the gitolite-admin repo to my computer. The user is created with the option --disabled-password But if I try to clone with git clone git@<server>:gitolite-admin.git he asks not only for the passphrase of my rsa_key but also for the password of the gituser. Anyone an idea? I thought the user is created without password and I don't know what to type in

  Read the article

• arp -n responds with (incomplete) on the wrong subnet, can't remove it

  - by Hannes

  context There are 2 servers: server1 - eth0 10.129.76.16 eth0.2 192.168.0.103 server2 - eth0 10.129.79.1 eth0.2 192.168.62.101 The 192.x.x.x addresses are connected to the same vlan (vlan2) and are able to see eachother. The 10.x.x.x addresses are connected to different vlan's which are not able to see eachother. on request of David Swartz: the routing table on server 1 is: ~$ sudo route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.129.76.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.0.0 0.0.0.0 255.255.192.0 U 0 0 0 eth0.2 0.0.0.0 192.168.61.254 0.0.0.0 UG 100 0 0 eth0.2 the routing table on server 2 is: ~$ sudo route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 <public IP gw> 0.0.0.0 UG 100 0 0 eth0.11 10.129.79.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 <public IP> 0.0.0.0 255.255.255.128 U 0 0 0 eth0.11 192.168.0.0 0.0.0.0 255.255.192.0 U 0 0 0 eth0.2 Problem: When I ping from server 1 to server 2, it seems no packets are arriving and vice versa. When I check the routes (route -n) I see the default gw uses eth0.2 on both servers. But when I use arping, I get a response one way (from server 2 to server 1) but no response vice versa. arping 192.168.62.101 ARPING 192.168.62.101 from 10.129.76.16 eth0 ^CSent 2 probes (2 broadcast(s)) Received 0 response(s) As you can see it uses the 10.x.x.x address instead of the 192.x.x.x. And as I told before, the 10.x.x.x address is unreachable from the other server. When I force arping to use eth0.2, it does work. I don't have any problems with ping'ing other servers from any of those 2 servers. I did see this in the arp tables: ~# arp -n | grep 192.168.0.103 192.168.0.103 (incomplete) eth0 and ~# arp -n | grep 192.168.62.101 Question quite obvious... How can I make these servers see each other again? Things I've tied clear the apropriate entries in the arptable and tried to get rid of the (incomplete) But I think the biggest problem is that eth0 is used instead of eth0.2 for the packets from server 1 to server 2 Because of David Swartz' remark about the routing tables, I added a route in there defining the host. I added 192.168.0.103 0.0.0.0 255.255.255.255 UH 0 0 0 eth0.2 and 192.168.62.101 0.0.0.0 255.255.255.255 UH 0 0 0 eth0.2 to the appropriate servers but this didn't solve the problem so I presume the problem is not in the routing. My guess I guess the problem lies in the following. ~$ arp -n | grep 192.168.0.103 192.168.0.103 (incomplete) eth0 but I'm unable to remove this entry. (arp -d 192.168.0.103 has no effect) Thanks for reading and even more thanks for answering!

  Read the article

< Previous Page | 486 487 488 489 490 491 492 493 494 495 496 497  | Next Page >