Search Results

Search found 38064 results on 1523 pages for 'oracle linux'.

Page 597/1523 | < Previous Page | 593 594 595 596 597 598 599 600 601 602 603 604  | Next Page >

  • iptable CLUSTERIP won't work

    - by Rad Akefirad
    We have some requirements which explained here. We tried to satisfy them without any success as described. Here is the brief information: Here are requirements: 1. High Availability 2. Load Balancing Current Configuration: Server #1: one static (real) IP for each 10.17.243.11 Server #2: one static (real) IP for each 10.17.243.12 Cluster (virtual and shared among all servers) IP: 10.17.243.15 I tried to use CLUSTERIP to have the cluster IP by the following: on the server #1 iptables -I INPUT -i eth0 -d 10.17.243.15 -j CLUSTERIP --new --hashmode sourceip --clustermac 01:00:5E:00:00:20 --total-nodes 2 --local-node 1 on the server #2 iptables -I INPUT -i eth0 -d 10.17.243.15 -j CLUSTERIP --new --hashmode sourceip --clustermac 01:00:5E:00:00:20 --total-nodes 2 --local-node 2 When we try to ping 10.17.243.15 there is no reply. And the web service (tomcat on port 8080) is not accessible either. However we managed to get the packets on both servers by using TCPDUMP. Some useful information: iptable roules (iptables -L -n -v): Chain INPUT (policy ACCEPT 21775 packets, 1470K bytes) pkts bytes target prot opt in out source destination 0 0 CLUSTERIP all -- eth0 * 0.0.0.0/0 10.17.243.15 CLUSTERIP hashmode=sourceip clustermac=01:00:5E:00:00:20 total_nodes=2 local_node=1 hash_init=0 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 14078 packets, 44M bytes) pkts bytes target prot opt in out source destination Log messages: ... kernel: [ 7.329017] e1000e: eth3 NIC Link is Up 100 Mbps Full Duplex, Flow Control: None ... kernel: [ 7.329133] e1000e 0000:05:00.0: eth3: 10/100 speed: disabling TSO ... kernel: [ 7.329567] ADDRCONF(NETDEV_CHANGE): eth3: link becomes ready ... kernel: [ 71.333285] ip_tables: (C) 2000-2006 Netfilter Core Team ... kernel: [ 71.341804] nf_conntrack version 0.5.0 (16384 buckets, 65536 max) ... kernel: [ 71.343168] ipt_CLUSTERIP: ClusterIP Version 0.8 loaded successfully ... kernel: [ 108.456043] device eth0 entered promiscuous mode ... kernel: [ 112.678859] device eth0 left promiscuous mode ... kernel: [ 117.916050] device eth0 entered promiscuous mode ... kernel: [ 140.168848] device eth0 left promiscuous mode TCPDUMP while pinging: tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 12:11:55.335528 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 10.17.243.1 > 10.17.243.15: ICMP echo request, id 16162, seq 2390, length 64 12:11:56.335778 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 10.17.243.1 > 10.17.243.15: ICMP echo request, id 16162, seq 2391, length 64 12:11:57.336010 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 10.17.243.1 > 10.17.243.15: ICMP echo request, id 16162, seq 2392, length 64 12:11:58.336287 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 10.17.243.1 > 10.17.243.15: ICMP echo request, id 16162, seq 2393, length 64 And there is no ping reply as I said. Does anyone know which part I missed? Thanks in advance.

    Read the article

  • EFI pxe network boot error

    - by Lee
    Asking this on both [serverfault][1] and [superuser][2]. When attempting to network boot RHEL 5.4 on an old ia64 machine I get the following error : ![alt text][3] So I've basically followed the tutorial here : [http://www-uxsup.csx.cam.ac.uk/pub/doc/suse/sles9/adminguide-sles9/ch04s03.html][4] DHCPD,TFTPD etc are already setup and working with standard x86 PXE clients. I've unpacked the boot.img file into /tftpboot/ia64/ and passed the path to the elilo.efi file via DHCP with the filename ""; option. Changing this filename generates a PXE file not found error (see below). So I assume that PXE has found the file... ![alt text][5] The only thing wrong I can find in the logs is : Jan 6 19:49:31 dhcphost in.tftpd[31379]: tftp: client does not accept options Any ideas? I'm sure I hit a problem like this a few years ago but I can't remember the fix :) Thanks in advance! Thanks in advance! [1]: http:// serverfault.com/questions/100188/ efi-pxe-network-boot-error [2]: http:// superuser.com/questions/92295/ efi-pxe-network-boot-error [3]: http:// i.imgur.com/Zx1Jy. png [4]: http:// www-uxsup.csx.cam.ac.uk/pub/doc/suse/sles9/adminguide-sles9/ch04s03.html [5]: http:// i.imgur.com/CEzGf. jpg

    Read the article

  • Nagios orphaned services warnings

    - by Gordon
    We have had Nagios running on one of our servers with out any problems for a while but lately certain old service warning have been reappearing and then disappearing on the service detail page. From looking at the logs I found warning like the following. Warning: The check of service 'Tomcat' on host 'virtual1' looks like it was orphaned (results never came back). I'm scheduling an immediate check of the service... Has anyone ever came across this before or at least know a way to delete the old Orphaned Warnings. The Nagios Version we are running is Version 3.0b7 so an update might be in order. Thanks.

    Read the article

  • how do you set the admin password on openldap 2.4

    - by dingfelder
    I am getting started with openLdap 2.4 and am having a bit of trouble, all the examples I see seem to refer to previous versions which used the text config file slapd.conf but from what I see on discussions about v2.4, this has been deprecated. I thought prehaps I needed to add a user, and log in as them but when I try and run an ldapadd command, I get a prompt to enter a password: Enter LDAP Password: ldap_bind: Invalid credentials (49) Notes: I installed openldap server via yum (in fedora 15), and have installed phpldapadminbut also can try things on the command line if anyone has suggestions. After installing and starting I get the following response from a search: # ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts # extended LDIF # LDAPv3 # base <> with scope baseObject # filter: (objectclass=*) # requesting: namingContexts dn: namingContexts: dc=my-domain,dc=com # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 I am glad to remove and reinstall the server if that helps, can anyone provide a link to tips that works for version 2.4 for a new setup?

    Read the article

  • v4l - capture and watch at the same time

    - by John Barrett
    Capturing v4l and line-in audio using mencoder works very well, but I would like to record real-time gameplay video from consoles plugged into the video card. I've used xawtv for this (Works quite well, can preview and record in real time), but when I enable any deinterlacing or aspect ration options the video fails to record. I have to record raw and re-encode the video with the appropriate filters later to get something workable. Other things I have tried: tvtime with xvidcap and jack audio capture - xvidcap drops frames and muxing the audio is impossible as it will go out of sync (I have not found muxer options that work to force a correct frame rate) mencoder capture to file, attempt to pipe tail of file to mplayer... mencoder works great, piping the file is far too heavy to attempt gameplay. Soooo, v4l capture and preview simultaneously, recommendations?

    Read the article

  • Mounting NAS drive with cifs using credentials file through fstab does not work

    - by mahatmanich
    I can mount the drive in the following way, no problem there: mount -t cifs //nas/home /mnt/nas -o username=username,password=pass\!word,uid=1000,gid=100,rw,suid However if I try to mount it via fstab I get the following error: //nas/home /mnt/nas cifs iocharset=utf8,credentials=/home/username/.smbcredentials,uid=1000,gid=100 0 0 auto .smbcredentials file looks like this: username=username password=pass\!word Note the ! in my password ... which I am escaping in both instances I also made sure there are no eol in the file using :set noeol binary from Mount CIFS Credentials File has Special Character chmod on .credentials file is 0600 and chown is root:root file is under ~/ Why am I getting in on the one side and not with fstab?? I am running on ubuntu 12 LTE and mount.cifs -V gives me mount.cifs version: 5.1 Any help and suggestions would be appreciated ... UPDATE: /var/log/syslog shows following [26630.509396] Status code returned 0xc000006d NT_STATUS_LOGON_FAILURE [26630.509407] CIFS VFS: Send error in SessSetup = -13 [26630.509528] CIFS VFS: cifs_mount failed w/return code = -13 UPDATE no 2 Debugging with strace mount through fstab: strace -f -e trace=mount mount -a Process 4984 attached Process 4983 suspended Process 4985 attached Process 4984 suspended Process 4984 resumed Process 4985 detached [pid 4984] --- SIGCHLD (Child exited) @ 0 (0) --- [pid 4984] mount("//nas/home", ".", "cifs", 0, "ip=<internal ip>,unc=\\\\nas\\home"...) = -1 EACCES (Permission denied) mount error(13): Permission denied Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) Process 4983 resumed Process 4984 detached Mount through terminal strace -f -e trace=mount mount -t cifs //nas/home /mnt/nas -o username=user,password=pass\!wd,uid=1000,gid=100,rw,suid Process 4990 attached Process 4989 suspended Process 4991 attached Process 4990 suspended Process 4990 resumed Process 4991 detached [pid 4990] --- SIGCHLD (Child exited) @ 0 (0) --- [pid 4990] mount("//nas/home", ".", "cifs", 0, "ip=<internal ip>,unc=\\\\nas\\home"...) = 0 Process 4989 resumed Process 4990 detached

    Read the article

  • mplayer audio desync

    - by geek
    I have and avi file and an ac3 file that contains an alternate audio stream. I run mplayer like: mplayer -audiofile foo.ac3 bar.avi mplayer takes the audio stream from the ac3 file as expected, but when I try to scroll the video using arrows or pgup/pgdown keys, the audio gets desynced: mplayer just starts playing the audio stream from the beginning. Do I have to pass any additional command line arguments in order to make it scroll properly without desyncing audio?

    Read the article

  • Cannot run a VM with more than three network interfaces with KVM

    - by Bostonvaulter
    I'm running KVM on top of Ubuntu 10.10 Server I can create VM's (Virtual Machine) and network interfaces fine but I cannot seem to add more than three network interfaces. As soon as I have a VM with four network interfaces it gets stuck on startup at the starting SeaBIOS page with this message: Starting SeaBIOS (version pre-0.6.1-20100702_143500-palmer) So far I've verified this with two VM's, a Ubuntu 10.10 desktop and a Vyatta router. The specific network hardware I assign to the VM's doesn't seem to matter. I'm trying to have one bridged interface and three private networks using Vyatta to route between them. Does anyone know why I can't run a VM with more than three network interfaces? Edit: Additionally the KVM thread responsible for the specific VM hangs using ~100% CPU (i.e. one core). Here's the command for the process that is hanging: /usr/bin/kvm -S -M pc-0.12 -enable-kvm -m 512 -smp 1,sockets=1,cores=1,threads=1 -name vyatta -uuid 6dff7c94-6810-423e-5fea-fec10da0e9b7 -nodefaults -chardev socket,id=monitor,path=/var/lib/libvirt/qemu/vyatta.monitor,server,nowait -mon chardev=monitor,mode=readline -rtc base=utc -boot c -drive file=/home/rams/virtual-machines/vyatta.img,if=none,id=drive-ide0-0-0,boot=on,format=raw -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -drive if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,format=raw -device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -device rtl8139,vlan=0,id=net0,mac=00:54:00:be:cc:4b,bus=pci.0,addr=0x3 -net tap,fd=97,vlan=0,name=hostnet0 -device rtl8139,vlan=1,id=net1,mac=52:54:00:da:59:ed,bus=pci.0,addr=0x5 -net tap,fd=98,vlan=1,name=hostnet1 -device rtl8139,vlan=2,id=net2,mac=52:54:00:ce:22:b6,bus=pci.0,addr=0x6 -net tap,fd=99,vlan=2,name=hostnet2 -device rtl8139,vlan=3,id=net3,mac=52:54:00:1e:bc:46,bus=pci.0,addr=0x7 -net tap,fd=101,vlan=3,name=hostnet3 -chardev pty,id=serial0 -device isa-serial,chardev=serial0 -usb -vnc 127.0.0.1:0 -k en-us -vga cirrus -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x4 Edit: I've also found an error in dmesg that might be related (it also shows up when running virtd in verbose mode): 14:47:24.399: warning : qemudParsePCIDeviceStrs:1422 : Unexpected exit status '1', qemu probably failed I've also tried disabling app armor but that doesn't seem to make a difference.

    Read the article

  • Getting Error while running RED5 server - class path resource [red5.xml] cannot be opened because it does not exist

    - by sunil221
    HI , I have installed java version "1.6.0_14" and Ant version 1.8.2 for red5 Server. when i am trying to run red5 server i am getting the following error please help Root: /usr/local/red5 Deploy type: bootstrap Logback selector: org.red5.logging.LoggingContextSelector Setting default logging context: default 11:27:39.838 [main] INFO org.red5.server.Launcher - Red5 Server 1.0.0 RC1 $Rev: 4171 $ (http://code.google.com/p/red5/) Red5 Server 1.0.0 RC1 $Rev: 4171 $ (http://code.google.com/p/red5/) SLF4J: Class path contains multiple SLF4J bindings. SLF4J: Found binding in [jar:file:/usr/local/red5/red5.jar!/org/slf4j/impl/StaticLoggerBinder.class] SLF4J: Found binding in [jar:file:/usr/local/red5/lib/logback-classic-0.9.26.jar!/org/slf4j/impl/StaticLoggerBinder.class] SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation. 11:27:39.994 [main] INFO o.s.c.s.FileSystemXmlApplicationContext - Refreshing org.springframework.context.support.FileSystemXmlApplicationContext@39d85f79: startup date [Mon Dec 21 11:27:39 EST 2009]; root of context hierarchy 11:27:40.149 [main] INFO o.s.b.f.xml.XmlBeanDefinitionReader - Loading XML bean definitions from class path resource [red5.xml] Exception org.springframework.beans.factory.BeanDefinitionStoreException: IOException parsing XML document from class path resource [red5.xml]; nested exception is java.io.FileNotFoundException: class path resource [red5.xml] cannot be opened because it does not exist Bootstrap complete

    Read the article

  • Debian Unstable + Postfix 2.6.5 + dkim-filter 2.8.2 issue

    - by kura
    I have Postfix installed on Debian Unstable, as the title states, the system is completely up-to-date, I have tried to get DKIM signatures working on outgoing mail using dkim-filter 2.8.2. I couldn't use the default Debian way of doing things with sockets, instead I used the Ubuntu way: SOCKET="inet:12345@localhost"` I have the following in my postfix/main.cf milter_default_action = accept milter_protocol = 6 smtpd_milters = inet:localhost:12345 non_smtpd_milters = inet:localhost:12345 All is fine except I get the following message I start DKIM in mail.log: dkim-filter[22029]: can't configure DKIM library; continuing And when it tries to sign mails I get the following error: postfix/cleanup[22042]: warning: milter inet:localhost:12345: can't read SMFIC_EOH reply packet header: Success And then dkim-filter daemon stops. I've looked through Google but found no actual way to fix this that works for me. I have this working fine on an Ubuntu server but would love to get it working on Debian too.

    Read the article

  • KVM-Guests can't get past bridge - no internet connection

    - by tmn29a
    I'm running a backported KVM on a Debian Squeeze. ATM the KVM-Guest can't connect to the internet through the bridge I have set up. The guests can reach each other, the host but nothing outside. I can neither ping, nslookup or do anything to a remote address. The guest are configured to have a static IP. When I didn;t have the bridge but a virtual bridge (the KVM-default) the guest could connect fine. After setting up the bridge things broke, so I think the problem lies there. # The loopback network interface auto lo br0 iface lo inet loopback # Bonding Interface auto bond0 iface bond0 inet static address 10.XXX.XXX.84 netmask 255.255.255.192 network 10.XXX.XXX.64 gateway 10.XXX.XXX.65 slaves eth0 eth1 bond_mode active-backup bond_miimon 100 bond_downdelay 200 bond_updelay 200 iface br0 inet static bridge_ports eth0 eth1 address 172.xxx.xxx.65 broadcast 172.xxx.xxx.127 netmask 255.255.255.192 gateway 172.xxx.xxx.65 bridge_stp on bridge_maxwait 0 Thanks in advance for your help !

    Read the article

  • When using grep from VIM, how to jump to results?

    - by Marplesoft
    When using the grep plugin to VIM, I can search the current directory for all occurrences of a string within a set of files, like this: :grep Ryan *.txt This outputs something like this: file1.txt:3:Ryan was here file2.txt:10:Ryan likes VIM file3.txt:5:superuser.com is a fav of Ryan (1 of 3): Ryan was here Press ENTER or type command to continue If I press enter, it just takes me back to my editor. What I really want to do is be able to open up one of those files and jump to the place where the string was found. Is there a way to do this? The 1 of 3 part makes me think there's a way to tab through the results, but I don't know what commands are available to me. Can anybody shed some light on this?

    Read the article

  • PXE booting LACP hosts on Force10 S50N with FTOS

    - by lolwutreddit
    Hardware: S50N Firmware: FTOS 8.4.2.6 Problem: We're trying to PXE boot some servers that are connected via port-channel interfaces with LACP. Current Work-around: we PXE boot a server with a single interface (eth0), and then use a Perl script to turn up the port-channel interfaces after the server is built. Details: Is anyone doing anything similar on Force10 S50 switches with FTOS? If not, is anyone doing this on another S series, or larger chassis-based Force10? I'm wondering if Native VLAN will solve this, since ports in a port-channel cannot explicitly have a VLAN set, and they don't seem to use the tagged or untagged VLAN that the port channel is in. I will confirm this next (I think it's the only thing I haven't tried) Juniper Example: http://broken.net/openindiana/how-to-pxe-boot-systems-on-lacp-using-juniper-switches/ Cisco: there are plenty of documented ways to solve this issue on IOS and Nexus Update/Edit: since there seems to be no way to use interface or port-channel mode commands to get the individual interfaces to show up in spanning-tree (rtsp in this case), the ports should never go into a forwarding state. I'm not going to mess with it anymore unless a) someone that has experience passes it on, or b) Force10 comes up with a solution for this (I'm guessing it will only be introduced on other S platforms (S55, S60), since the S50 seems to be near EOL). I'm basing that on the fact that the Open Automation type features are only being supported on the newer switches.

    Read the article

  • Mounting Replicated Gluster Multi-AZ Storage

    - by Roman Newaza
    I have Replicated Gluster Storage which is used by Auto scaling Servers. Both, Auto scaling and Storage are allocated in two Availability zones. Gluster: Number of Bricks: 4 x 2 = 8 Transport-type: tcp Bricks: Brick1: gluster01:/storage/1a # Zone A Brick2: gluster02:/storage/1b # Zone B Brick3: gluster03:/storage/2a # Zone A Brick4: gluster04:/storage/2b # Zone B Brick5: gluster01:/storage/3a # Zone A Brick6: gluster02:/storage/3b # Zone B Brick7: gluster03:/storage/4a # Zone A Brick8: gluster04:/storage/4b # Zone B I used Round Robin DNS for Gluster entry point, so DNS name resolves to all of the storage server addresses which are returned in different order all the time: # host storage.domain.com storage.domain.com has address xx.xx.xx.x1 storage.domain.com has address xx.xx.xx.x2 storage.domain.com has address xx.xx.xx.x3 storage.domain.com has address xx.xx.xx.x4 The Storage is mounted with Native Gluster Client: # grep storage /etc/fstab storage.domain.com:/storage /storage glusterfs defaults,log-level=WARNING,log-file=/var/log/gluster.log 0 0 I have heard Gluster might be mounted with the first Server IP and after that it will fetch its configuration with the rest of Servers. Personally, I never tested single Server mount setup and I don't know how Gluster handles this. On EC2, traffic among single Availability zone is free and between different zones is not. When Client in zone A writes to storage and IP of Storage in zone B is returned, it will cost me twice more for data transfer: Client (Zone A) - Storage Server (Zone B) - Replication to Storage Server (Zone A). Question: Would it be better to mount Storage Server of the same zone, so that data transfer charges apply only for replication (A - A - B)?

    Read the article

  • What advantage to I have if I use 64bit libraries?

    - by RadiantHex
    Hi folks, I see many people go crazy about 64bit libraries, and preferring them in general to the 32bit counter parts. I realise there is a lot of talk that gets lost in translation, and that the 64bit can be often over-valued. The setting is libraries that are called on web application, I'm aware that a new instance of the web app is generated for each hit. Therefore I'm thinking that 64bit is not necessary as the instances in no way surpass 2Gb of RAM usage. Help would be much appreciated! :)

    Read the article

  • ODI 11g – How to override SQL at runtime?

    - by David Allan
    Following on from the posting some time back entitled ‘ODI 11g – Simple, Powerful, Flexible’ here we push the envelope even further. Rather than just having the SQL we override defined statically in the interface design we will have it configurable via a variable….at runtime. Imagine you have a well defined interface shape that you want to be fulfilled and that shape can be satisfied from a number of different sources that is what this allows - or the ability for one interface to consume data from many different places using variables. The cool thing about ODI’s reference API and this is that it can be fantastically flexible and useful. When I use the variable as the option value, and I execute the top level scenario that uses this temporary interface I get prompted (or can get prompted to be correct) for the value of the variable. Note I am using the <@=odiRef.getObjectName("L","EMP", "SCOTT","D")@> notation for the table reference, since this is done at runtime, then the context will resolve to the correct table name etc. Each time I execute, I could use a different source provider (obviously some dependencies on KMs/technologies here). For example, the following groovy snippet first executes and the query uses SCOTT model with EMP, the next time it is from BOB model and the datastore OTHERS. m=new Properties(); m.put("DEMO.SQLSTR", "select empno, deptno from <@=odiRef.getObjectName("L","EMP", "SCOTT","D")@>"); s=new StartupParams(m); runtimeAgent.startScenario("TOP", null, s, null, "GLOBAL", 5, null, true); m2=new Properties(); m2.put("DEMO.SQLSTR", "select empno, deptno from <@=odiRef.getObjectName("L","OTHERS", "BOB","D")@>"); s2=new StartupParams(m); runtimeAgent.startScenario("TOP", null, s2, null, "GLOBAL", 5, null, true); You’ll need a patch to 11.1.1.6 for this type of capability, thanks to my ole buddy Ron Gonzalez from the Enterprise Management group for help pushing the envelope!

    Read the article

  • Accessing Netatalk/AFP Shares from OS X Snow Leopard

    - by j4nus_
    Recently upgraded Ubuntu home server from 8.04 client to 10.04 server and reinstalled all services therein. One of them is a Netatalk daemon that I configured in a fashion similar to this website: http://www.kremalicious.com/2008/06/ubuntu-as-mac-file-server-and-time-machine-volume/ Finder recognizes my server and the afp service, yet when I attempt to log in (using valid credentials), Finder indicates its the wrong username and password. I've tried altering some of the config files and my Google-fu to look for solutions, but no luck. Any tips? (This was not an issue under 8.04, if it matters)

    Read the article

  • DRBD on a disk with existing file system that takes all the place

    - by Karolis T.
    I'm currently trying to simulate the environment via XEN. I have installed two debian systems with such FS layout: cltest1:/etc# df -h Filesystem Size Used Avail Use% Mounted on /dev/xvda2 6.0G 417M 5.2G 8% / tmpfs 257M 0 257M 0% /lib/init/rw udev 10M 16K 10M 1% /dev tmpfs 257M 4.0K 257M 1% /dev/shm Host cltest2 is identical. Here's my drbd.conf global { minor-count 1; } resource mysql { protocol C; syncer { rate 10M; # 10 Megabytes } on cltest1 { device /dev/drbd0; disk /dev/xvda2; address 192.168.1.186:7789; meta-disk internal; } on cltest2 { device /dev/drbd0; disk /dev/xvda2; address 192.168.1.187:7789; meta-disk internal; } } I have not created filesystem on drbd0 Starting DRBD via init.d script errors out with: Starting DRBD resources: [ d(mysql) /dev/drbd0: Failure: (114) Lower device is already claimed. This usually means it is mounted. [mysql] cmd /sbin/drbdsetup /dev/drbd0 disk /dev/xvda2 /dev/xvda2 internal --set-defaults --create-device failed - continuing! Running: drbdadm create-md mysql gives: cltest1:/etc# drbdadm create-md mysql md_offset 6442446848 al_offset 6442414080 bm_offset 6442217472 Found ext3 filesystem which uses 6291456 kB current configuration leaves usable 6291228 kB Device size would be truncated, which would corrupt data and result in 'access beyond end of device' errors. You need to either * use external meta data (recommended) * shrink that filesystem first * zero out the device (destroy the filesystem) Operation refused. Command 'drbdmeta /dev/drbd0 v08 /dev/xvda2 internal create-md' terminated with exit code 40 drbdadm aborting As I understand, all of my problems are because I don't have unallocated disk space on xvda2. What are my options besides shrinking FS and connecting a separate physical disk? Can't the meta-data be stored on a file in the local filesystem?

    Read the article

  • if I put accept all 0.0.0.0/0 means this server is totally open for any ip ?

    - by davyzhang
    ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 is this means allow all ip from all port? but I still can not visit the server except I go through the allowed ip address and if I put this line in any line, did I make this server totally open for any connection? the full iptable list is below Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 116.211.25.89 0.0.0.0/0 ACCEPT all -- 222.215.136.8 0.0.0.0/0 ACCEPT all -- 125.82.87.21 0.0.0.0/0 ACCEPT all -- 127.0.0.1 127.0.0.1 ACCEPT tcp -- 61.172.251.109 0.0.0.0/0 tcp spt:8080 ACCEPT tcp -- 61.172.254.123 0.0.0.0/0 tcp spt:8080 ACCEPT tcp -- 61.129.44.191 0.0.0.0/0 ACCEPT tcp -- 61.129.44.128 0.0.0.0/0 ACCEPT tcp -- 61.172.251.109 0.0.0.0/0 tcp spt:8080 ACCEPT tcp -- 61.172.254.123 0.0.0.0/0 tcp spt:8080 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:123 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:123 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:20 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:21 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:80 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:88 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:8000 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:8080 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:8888 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:873 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:6969 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:6900 ACCEPT tcp -- 61.172.241.98 0.0.0.0/0 ACCEPT tcp -- 61.172.247.98 0.0.0.0/0 ACCEPT tcp -- 61.172.247.100 0.0.0.0/0 ACCEPT tcp -- 61.152.122.33 0.0.0.0/0 ACCEPT tcp -- 61.152.110.130 0.0.0.0/0 ACCEPT tcp -- 210.51.28.220 0.0.0.0/0 ACCEPT tcp -- 210.51.28.120 0.0.0.0/0 ACCEPT tcp -- 61.172.241.120 0.0.0.0/0 ACCEPT tcp -- 211.147.0.85 0.0.0.0/0 ACCEPT tcp -- 211.147.0.114 0.0.0.0/0 ACCEPT tcp -- 222.73.61.249 0.0.0.0/0 ACCEPT tcp -- 222.73.61.250 0.0.0.0/0 ACCEPT tcp -- 222.73.61.251 0.0.0.0/0 ACCEPT tcp -- 210.51.31.11 0.0.0.0/0 tcp dpt:38422 ACCEPT tcp -- 210.51.31.12 0.0.0.0/0 tcp dpt:38422 ACCEPT tcp -- 61.172.254.123 0.0.0.0/0 tcp spt:8080 ACCEPT tcp -- 61.172.251.109 0.0.0.0/0 tcp spt:8080 ACCEPT tcp -- 61.172.247.85 0.0.0.0/0 ACCEPT tcp -- 222.73.12.248 0.0.0.0/0 ACCEPT tcp -- 61.172.254.184 0.0.0.0/0 ACCEPT tcp -- 61.172.254.78 0.0.0.0/0 ACCEPT tcp -- 61.172.254.243 0.0.0.0/0 ACCEPT tcp -- 61.152.97.115 0.0.0.0/0 ACCEPT tcp -- 221.231.128.206 0.0.0.0/0 ACCEPT tcp -- 221.231.130.199 0.0.0.0/0 ACCEPT udp -- 172.0.0.0/8 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 10.0.0.0/8 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 192.168.0.0/16 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 61.172.252.58 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 61.183.13.201 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 222.73.2.11 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 221.208.157.158 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 218.30.74.250 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 202.102.54.234 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 125.64.2.115 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 222.73.23.23 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 210.51.33.97 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 210.51.33.98 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 222.73.11.112 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 222.73.11.111 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 222.73.11.89 0.0.0.0/0 udp spt:38514 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:38423 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT) target prot opt source destination DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT udp -- 0.0.0.0/0 222.73.11.89 udp dpt:38514

    Read the article

  • MySQL - Why would SHOW SLAVE HOSTS cause a binlog dump?

    - by Rory McCann
    We're getting loads of binlog files in our MySQL 5.0.x. We have a normal master/slave replication thing going with 1 master, 1 slave. Looking at /var/log/mysql.log, nearly 90% of the time the replicator connects and does a SHOW SLAVE HOSTS causes a bin log dump. For example: 7020 Query SHOW SLAVE HOSTS 7020 Binlog Dump Log: 'mysql-bin.029634' Pos: 13273 However when I do a SHOW SLAVE HOSTS on the mysql myself, I get no results. Occasionally when the replicator does a SHOW SLAVE HOSTS, mysql will hang for hours. I see nothing in the /var/log/syslog at the same time... What's going on here? How can I debug this more? For the record the MySQL master and slave servers are ubuntu dapper.

    Read the article

  • .htaccess to block by file name possible?

    - by Tiffany Walker
    I have a bunch of files that are secure_xxxxxx.php. Is there a way to use .htaccess to block access to all the secure_* php files based on IP? EDIT: I've tried but I get 500 errors <FilesMatch "^secure_.*\.php$"> order deny all deny from all allow from my ip here </FilesMatch> Don't see any errors in apache error logs either httpd -M Loaded Modules: core_module (static) authn_file_module (static) authn_default_module (static) authz_host_module (static) authz_groupfile_module (static) authz_user_module (static) authz_default_module (static) auth_basic_module (static) include_module (static) filter_module (static) log_config_module (static) logio_module (static) env_module (static) expires_module (static) headers_module (static) setenvif_module (static) version_module (static) proxy_module (static) proxy_connect_module (static) proxy_ftp_module (static) proxy_http_module (static) proxy_scgi_module (static) proxy_ajp_module (static) proxy_balancer_module (static) ssl_module (static) mpm_prefork_module (static) http_module (static) mime_module (static) dav_module (static) status_module (static) autoindex_module (static) asis_module (static) info_module (static) suexec_module (static) cgi_module (static) dav_fs_module (static) negotiation_module (static) dir_module (static) actions_module (static) userdir_module (static) alias_module (static) rewrite_module (static) so_module (static) fastinclude_module (shared) auth_passthrough_module (shared) bwlimited_module (shared) frontpage_module (shared) suphp_module (shared) Syntax OK

    Read the article

  • Best practice for authenticating DMZ against AD in LAN

    - by Sergei
    We have few customer facing servers in DMZ that also have user accounts , all accounts are in shadow password file. I am trying to consolidate user logons and thinking about letting LAN users to authenticate against Active Directory.Services needing authentication are Apache, Proftpd and ssh. After consulting security team I have setup authentication DMZ that has LDAPS proxy that in turn contacts another LDAPS proxy (proxy2) in LAN and this one passes authentication info via LDAP (as LDAP bind) to AD controller.Second LDAP proxy only needed because AD server refuses speak TLS with our secure LDAP implemetation. This works for Apache using appropriate module.At a later stage I may try to move customer accounts from servers to LDAP proxy so they are not scattered around servers. For SSH I joined proxy2 to Windows domain so users can logon using their windows credentials.Then I created ssh keys and copied them to DMZ servers using ssh-copy, to enable passwordless logon once users are authenticated. Is this a good way to implement this kind of SSO?Did I miss any security issues here or maybe there is a better way ofachieving my goal?

    Read the article

< Previous Page | 593 594 595 596 597 598 599 600 601 602 603 604  | Next Page >