Search Results

Search found 4834 results on 194 pages for 'nsswitch conf'.

Page 164/194 | < Previous Page | 160 161 162 163 164 165 166 167 168 169 170 171  | Next Page >

• configuration of zend frame work in ubuntu

  - by Rahul Mehta

  Hi, I have created a project zfapi by zf command in ubuntu. Now http://myserverpath.com/zfapi/ gives me listing of folder public application and others. http://myserverpath.com/zfapi/public give me the index page index.php. and i have made the UserController.php in application/controllers but by http://myserverpath.com/zfapi/user/ is saying user not found. what configuration i need to set for running it proper. I had set my /etc/apache2/apache2.conf added the following in the last . <VirtualHost *:80> DocumentRoot "/var/www/mypath/zfapi" <Directory "/var/www/mypath/zfapi"> Order allow,deny Allow from all AllowOverride all </Directory> </VirtualHost> is giving me this error while restarting server. [Sat Jan 08 13:32:53 2011] [error] VirtualHost *:80 -- mixing * ports and non-* ports with a NameVirtualHost address is not supported, proceeding with undefined results apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName [Sat Jan 08 13:33:03 2011] [error] VirtualHost *:80 -- mixing * ports and non-* ports with a NameVirtualHost address is not supported, proceeding with undefined results what this i should do .?

  Read the article

• What file transfer protocols can be used for PXE booting besides TFTP?

  - by Stefan Lasiewski

  According to ISC's dhcpd manpage: The filename statement filename "filename"; The filename statement can be used to specify the name of the initial boot file which is to be loaded by a client. The filename should be a filename recognizable to whatever file transfer protocol the client can be expected to use to load the file. My questions are: What file transfer protocols, besides tftp, are available to load the file (e.g. What protocols "can be expected to" load the file)? How can I tell? Can I see a list of these protocols? Does my choice of DHCP server influence which file transfer protocols are in use? Pretend I want to use dnsmasq instead of ISC's dhcpd Are these features dependent on the PXE which is in use (e.g. My Intel NICs use an Intel ROM)? I know that some PXE-variants, such as iPXE/gPXE/Etherboot, can also load files over HTTP. However, the PXE rom needs to be replaced with the iPXE image, either by chainloading or by burning the PXE rom onto the NIC. For example, the iPXE Howto "Using ISC dhcpd" says: ISC dhcpd is configured using the file /etc/dhcpd.conf. You can instruct iPXE to boot using the filename directive: filename "pxelinux.0"; or filename "http://boot.ipxe.org/demo/boot.php";

  Read the article

• linux container bridge filters ARP reply

  - by Dani Camps

  I am using kernel 3.0, and I have configured a linux container that is bridged to a tap interface in my host computer. This is the bridge configuration: :~$ brctl show bridge-1 bridge name bridge id STP enabled interfaces bridge-1 8000.9249c78a510b no ns3-mesh-tap-1 vethjUErij My problem is that this bridge is dropping ARP replies that come from the ns3-mesh-tap-1 interface. Instead, if I statically populate the ARP tables and ping directly everything works, so it has to be something related to ARP. I have read about similar problems in related posts, and I have tried with the solutions explained therein but nothing seems to work. Specifically: ~$ grep net.bridge /etc/sysctl.conf net.bridge.bridge-nf-call-arptables = 0 net.bridge.bridge-nf-call-iptables = 0 net.bridge.bridge-nf-call-ip6tables = 0 net.bridge.bridge-nf-filter-vlan-tagged = 0 net.bridge.bridge-nf-filter-pppoe-tagged = 0 arptables and ebtables are not installed. iptables FORWARD is all set to accept: Chain FORWARD (policy ACCEPT) target prot opt source destination The bridged interfaces are set to PROMISC: ~$ ifconfig ns3-mesh-tap-1 Link encap:Ethernet HWaddr 1a:c7:24:ef:36:1a ... UP BROADCAST PROMISC MULTICAST MTU:1500 Metric:1 vethjUErij Link encap:Ethernet HWaddr aa:b0:d1:3b:9a:0a .... UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 The macs learned by the bridge are correct (checked with brctl showmacs). Any insight on what I am doing wrong would be greatly appreciated. Best Regards Daniel

  Read the article

• Linux VLAN Bridge

  - by raspi

  I have home network with VLANs, one for LAN, one for WLAN and one for internet. I'd like to use bridging so that instead of configuring these same VLANs to every machine, they had own VLAN ID and bridges were LAN, WLAN and internet. I've tried it but for some reason keep-alive/ttl seems to get broken because SSH sessions etc suddenly disconnects. We have this same setup working in workplace for 4+ years with 100+ customers but it's custom firewall/router hardware so accessing it is impossible. I know that it runs Linux. So what is Debian/Ubuntu default network settings doing wrong or is it just NIC driver/hw problem? I've tried to mess araund with ttl etc settings without any luck. The bad stuff is happening in the bridge because current VLAN-only setup works fine. interfaces: auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 allow-hotplug eth1 iface eth0 inet static iface eth1 inet static auto vlan111 auto vlan222 auto vlan333 auto vlan444 auto br0 auto br1 auto br2 # LAN iface vlan111 inet static vlan_raw_device eth0 # WLAN iface vlan222 inet static vlan_raw_device eth0 # ADSL Modem iface vlan333 inet static vlan_raw_device eth1 # Internet iface vlan444 inet static vlan_raw_device eth0 # LAN bridge iface br0 inet static address 192.168.0.1 netmask 255.255.255.0 bridge_ports eth0.111 bridge_stp on # Internet bridge iface br1 inet static address x.x.x.x netmask x.x.x.x gateway x.x.x.x bridge_ports eth1.333 eth0.444 bridge_stp on post-up iptables -t nat -A POSTROUTING -o br1 -j MASQUERADE pre-down iptables -t nat -D POSTROUTING -o br1 -j MASQUERADE # WLAN bridge iface br2 inet static address 192.168.1.1 netmask 255.255.255.0 bridge_ports eth0.222 bridge_stp on Sysctl: net.ipv4.conf.default.forwarding=1

  Read the article

• Host name change breaking http? Fedora

  - by Dave

  OK so I have been messing around on my development server. It has been a while since I have had my head in linux and I suspect I have broken something. I have SSH running and that is working fine. I also have HTTP and I had FTP running also. Earlier today I decided I wanted to rename the machine so I updated the /etc/hosts file and /etc/sysconfig/network. I also changed the server name in the httpd.conf. I rebooted the machine and reconnected to SSH fine. Later I was messing around with the FTP service (trying to tighten up the user security) and when i tried to connect remotely to FTP no joy, it said cannot connect. I thought that was weird but had planned to remove ftp as we will be using github so removed ftp and moved on. Then I tried to connect to the website but major fail. even connecting to the IP address is failing. I used lynx to connect to the localhost and there was my site so something going on at server level. I thought maybe something up with iptables but I have not changed them but tried adding http but still no joy. I have a - Fedora release 17 (Beefy Miracle) NAME=Fedora VERSION="17 (Beefy Miracle)" ID=fedora VERSION_ID=17 PRETTY_NAME="Fedora 17 (Beefy Miracle)" ANSI_COLOR="0;34" CPE_NAME="cpe:/o:fedoraproject:fedora:17" Fedora release 17 (Beefy Miracle) Fedora release 17 (Beefy Miracle) Linux version 3.3.4-5.fc17.x86_64 ([email protected]) (gcc version 4.7.0 20120504 (Red Hat 4.7.0-4) (GCC) ) #1 SMP Mon May 7 17:29:34 UTC 2012 This is my iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination Like I say I can use SSH no issue but http although running is a no go from a remote computer. Any ideas?

  Read the article

• nginx with ssl: I get a 403 and log "directory index of '...dir...' is forbidden" log message. works fine with unencrypted connection

  - by user72464

  As mentioned in the title, I had nginx working fine with my rails app, until I tried to add the ssl server. The unencrypted connection still works but the ssl always returns me a 403 page with the following line in the error log: directory index of "/home/user/rails/" is forbidden, client: [my ip], server: _, request: "GET / HTTP/1.1", host: "[server ip]" Below my nginx.conf server block: server { listen 80; listen 443 ssl; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; client_max_body_size 4G; keepalive_timeout 5; root /home/user/rails; try_files $uri/index.html $uri.html $uri @app; location @app { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass http://0.0.0.0:8080; } error_page 500 502 503 504 /500.html; location = /500.html { root /home/user/rails; } } the /home/user/rails directory and it's parent have all read to all rights. and they belong to the user nginx. the certificate and key file have the following rights: -rw-r--r-- 1 nginx root 830 Nov 8 09:09 server.crt -rw--w---- 1 nginx root 887 Nov 8 09:09 server.key any clue?

  Read the article

• How to display escaped characters in tmux status bar

  - by walrus

  i am running tmux from a tty on an embedded linux device. (NOT a terminal emulator) because the screen is rather small, i want to add some "icons" to the tmux status bar. to achieve this, i have simply created a font with the appropriate glyphs for things like battery, or wifi. i can load the font, and display the characters with calls that use an escape to the line drawing characters like so: echo -e "\xe\234\xf" \xe escapes me into line drawing character mode, \234 is my created character, and \xf returns me to normal character mode so my terminal doesnt start getting goofy. this works perfectly if i enter the command at the terminal whether tmux is started or not. the issue arises if i then try to use it in my ~/.tmux.conf file for the status bar. i currently have a line like this: set -g status-right "#(echo -e "\xe\234\xf") #(/script/to/output/powerlevel) this simply outputs \xe\234\xf powerlevel this goes the same if i try printf over echo. this is the output i would expect to get on the terminal if i made the call without passing -e to echo, or without enclosing the statement with quotes. i then decided to wrap the calls to the echo or printf in a shell script. again, the script works when called from the terminal, but not in tmux's status bar. now i get the unprintable character "?" instead of my icon, like this: ? powerlevel this is what i would expect if i did not use the line drawing escapes previously mentioned above, or if i tried to copy and paste the character as text using tmux. in addition, the calling of these character scripts screws up the rest of my status-right, as the clock has about 6 digits for minutes when it is called (though it correctly only updates two of them). how can i make tmux respect the escape characters? any help or insight is greatly appreciated.

  Read the article

• PHP 5.4.9 Mysqli issue

  - by Vitaly

  On Ubuntu 12.04 server I had PHP 5.4.9 installed from the source: ./configure --prefix=/etc/php --with-apxs2=/etc/apache2/bin/apxs --with-config-file-path=/etc/php --with-config-file-scan-dir=/etc/php/conf.d --with-libxml-dir=/usr/local/libxml2 --with-xsl=/usr/local/libxslt --with-mysql --with-zlib --with-pdo-mysql --enable-calendar --with-gd --with-iconv-dir --enable-mbstring --enable-soap --enable-sockets --enable-zip --with-curl --with-openssl --with-kerberos --with-tidy' Then, using apt-get, I had mysql server and phpMyAdmin installed. Unfortunatelly phpMyAdmin keep saying that 'mysqli' and 'mcrypt' not installed. php -m | grep mysqli just confirms it. So I tried to install mysqli with "apt-get install php5-mysqli", but just got message to do it by means of "php5-mysqlnd" or "php5-mysql". Even though they are already installed (according to phpinfo()) I tried - doesn't work. However, in php.ini, there's mysqli staff like "extension=php_mysqli.dll", but no "extension=mysqli.so". And block [MySQLi] with some uncommented settings also present. Since this is my first attempt to build php from source I reckon I did some silly mistake. Any help is greatly appreciated.

  Read the article

• Windows Network File Transfer to Samba server: “Are you sure you want to copy this file without its properties?”

  - by jimp

  I am transferring a lot of files to a new NAS based on OpenMediaVault, with the Samba 3.5.6 service running. I am transferring from Windows 7 64-bit to the NAS, and on some media files Windows is prompting about losing some property data across the transfer. I have never seen this before when transferring to Samba boxes I have built myself (vs this turnkey solution), so I'm guessing there must be a Samba setting I can change to preserve the file properties in question instead of permanently losing whatever they contain (Date Taken? Exposure? Flash Fired? etc). Or maybe I've just never encountered this before; I'm really not sure. I tried adding ea support = yes and store dos attributes = yes to the [global] section, but the problem remains. The Linux file system is ext4 mounted with user_xattr (full options: defaults,acl,user_xattr,noexec,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0) as Samba requires. Any ideas would be greatly appreciated. Thank you! Samba config: [global] workgroup = WORKGROUP server string = %h server include = /etc/samba/dhcp.conf dns proxy = no log level = 2 syslog = 2 log file = /var/log/samba/log.%m max log size = 1000 syslog only = yes panic action = /usr/share/samba/panic-action %d encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = no passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes socket options = TCP_NODELAY IPTOS_LOWDELAY guest account = nobody load printers = no disable spoolss = yes printing = bsd printcap name = /dev/null unix extensions = yes wide links = no create mask = 0777 directory mask = 0777 use sendfile = no null passwords = no local master = yes time server = yes wins support = yes ea support = yes store dos attributes = yes Note: I found this related question, but it explains the loss due to the user trying to transfer from NTFS to FAT32.

  Read the article

• IP routing Solaris 9 access the internet from local network

  - by help_me

  I am trying to configure the NICS on the Solaris Sparc server. My problem lies in getting out to the "Internet" from the local network. I have requested the NIC to receive a DHCP server address #ifconfig -interface dhcp start. If anyone could guide me as to what I need to do next. I am not able to ping 4.2.2.2 or access the internet. Much appreciated, thank you #uname -a SunOS dev 5.9 Generic_122300-59 sun4u sparc SUNW,Sun-Fire-V210 ifconfig -a lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 bge0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet 10.100.0.3 netmask ffffc000 broadcast 10.100.63.255 bge0:2: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet 10.100.0.22 netmask ffffc000 broadcast 10.100.63.255 bge3: flags=1004843<UP,BROADCAST,RUNNING,MULTICAST,DHCP,IPv4> mtu 1500 index 12 inet 169.14.60.37 netmask fffffe00 broadcast 169.14.61.255 cat /etc/defaultrouter 10.100.0.254 169.14.60.1 cat /etc/resolv.conf nameserver 169.14.96.73 nameserver 169.10.8.4 netstat -rn Routing Table: IPv4 Destination Gateway Flags Ref Use Interface -------------------- -------------------- ----- ----- ------ --------- 169.14.60.37 169.14.60.1 UGH 1 0 169.14.60.0 169.14.60.37 U 1 18 bge3 10.100.0.0 10.100.0.3 U 1 34940 bge0 10.100.0.0 10.100.0.22 U 1 0 bge0:2 224.0.0.0 10.100.0.3 U 1 0 bge0 default 10.100.0.254 UG 1 111 default 169.14.60.1 UG 1 26 127.0.0.1 127.0.0.1 UH 10 59464 lo0 bash-2.05$ sudo ndd -get /dev/ip bge0:ip_forwarding 1 bash-2.05$ sudo ndd -get /dev/ip bge3:ip_forwarding 1 bash-2.05$ sudo ndd -get /dev/ip ip_forwarding 1

  Read the article

• Arch Linux: eth0 no carrier - network fails at boot

  - by user905686

  The problem My computer is connected to a network where dhcp is required. So my network configuration in /etc/rc.conf looks like interface=eth0 address= netmask= broadcast= gateway= My deamons are DAEMONS=(!hwclock syslog-ng network netfs crond ntpd) With this configuration, Arch hangs at boot a long time at "Network" (Still it says "[done]", but after boot I have no connection). I found out two workaround: Workaround 1 remove network from deamons run mii-tool --reset eth0 and dhcpcd eth0 after boot (somehow it does not work when placing these commands in /etc/rc.local. Then dhcp work very quickly (because of the reset!). Before executing the first command, ip link show eth0 has "NO CARRIER" in output. Afterwards, it doesn´t. (Also, mii-tool first shows "no link", afterwards eth0: 10 Mbit, half duplex, link ok. Workaround 2 Change network configuration to interface=eth0 address=x.y.z.21 netmask=255.255.255.0 broadcast=xxx.y.z.255 gateway=x.y.z.254 whereas x, y, z build the specific adresses of the network (Though dhcp is used, I get a static ip). Add the commands mii-tool --reset eth0 and dhcpcd eth0 to /etc/rc.local Now network starts quickly at boot (though I don´t know if successfully), the commands in /etc/rc.local are executed and the connection is fine after login. What to do? So the problem seems to be that dhcpcd stucks at "wating for carrier" or sth. I do not like the workaround, because some deamons need network (though they seem to start). What can I do to have eth0 ready for dhcp at boot? Or is there another problem?

  Read the article

• DNS Issue- Nameserver Issue

  - by Master-Man

  I setup new server on centos 5.3 and configure dns and hostnam using WHM. I also register my new nameservers with my domain registrar with ns1.example.com and ns2.example.com. But i am unable to ping hostname and NS. ping pc2.example.com or ping ns1.example.com I received the below email from server. IMPORTANT: Do not ignore this email. Your hostname (pc2.example.com) could not be resolved to an IP address. This means that /etc/hosts is not set up correctly, and/or there is no dns entry for pc2.example.com. Please be sure that the contents of /etc/hosts are configured correctly, and also that there is a correct 'A' entry for the domain in the zone file. Some or all of these problems can be caused by /etc/resolv.conf being setup incorrectly. Please check that file if you believe everything else is correct. You may be able to automatically correct this problem by using the 'Add an A entry for your hostname' option under 'Dns Functions' in your Web Host Manager. When I issue the command root@pc[~]# host pc2.example.com I receive the below error that Host pc2.example.com not found: 3(NXDOMAIN) I added A entries for hostname and Nameservers but nothing replies. Its almost more than 72 hours for setting & registering nameservers and dns configurations. thanks,

  Read the article

• How can I find out if a port is opened or not?

  - by Roman

  I have installed Apache server on my Windows 7 computer. I was able to display the default index.php by typing http://localhost/ in the address line of my browser. However, I am still unable to see this page by typing IP address of my computer (neither locally (from the same computer) no globally (from another computer connected to the Internet)). I was told that I need to open port 80. I did it (in a way described here) but it did not solve the problem. First of all I would like to check which ports are opened and which are not. For example I am not sure that my port 80 was closed before I tried to open. I am also not sure that it is opened after I tried to open it. I tried to run a very simple web server written in Python. For that I used port 81 and it worked! And I did not try to open the port 81. So, it was opened by default. So, if 81 is opened by default, why 80 is not? Or it is? ADDITIONAL INFORMATION: 1. In my httpd.conf file I have "Listen 80". 2. This site tells me that port 80 on my computer is opened. 3. I get different responses if I try http://myip:80 and http://myip:81. In the last case browser (Chrome) writes me that link is broken. In the first case I get: Forbidden You don't have permission to access / on this server. 4. IE writes that "The website declined to show this webpage".

  Read the article

• How do I format this regex so it will work in fail2ban?

  - by chapkom

  I've just installed fail2ban on my CentOS server in response to an SSH brute force attempt. The default regular expressions in fail2ban's sshd.conf file do not match any entries in audit.log, which is where SSH seems to be logging all connection attempts, so I am trying to add an expression that will match. The string I am trying to match is as follows: type=USER_LOGIN msg=audit(1333630430.185:503332): user pid=30230 uid=0 auid=500 subj=user_u:system_r:unconfined_t:s0-s0:c0.c1023 msg='acct="root": exe="/usr /sbin/sshd" (hostname=?, addr=<HOST IP>, terminal=sshd res=failed)' The regular expression I am attempting to use is: ^.*addr=<HOST>, terminal=sshd res=failed.*$ I've used regextester.com and regexr to try to build the regex. The testers give me a match for this regex:^.*addr=\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}, terminal=sshd res=failed.*$ but fail2ban-regex complains if I don't use the <HOST> tag in the regex. However, using ^.*addr=<HOST>, terminal=sshd res=failed.*$ gives me 0 matches. At this point, I am totally stuck and I would greatly appreciate any assistance. What am I doing wrong in the regex I am trying to use?

  Read the article

• Apache Virtual host (SSL) Doc Root issue

  - by Steve Hamber

  I am having issues with the SSL document root of my vhosts configuration. Http sees to work fine and navigates to the root directory and publishes the page fine - DocumentRoot /var/www/html/websites/ssl.domain.co.uk/ (as specified in my vhost config) However, https seems to be looking for files in the main apache document root found further up the httpd.conf file, and is not being overwritten by the vhost config. (I assume that vhost config does overwrite the default doc root?). DocumentRoot: The directory out of which you will serve your documents. By default, all requests are taken from this directory, but symbolic links and aliases may be used to point to other locations. DocumentRoot "/var/www/html/websites/" Here is my config, I am quite a new Linux guy so any advise is appreciated on why this is happening!? NameVirtualHost *:80 NameVirtualHost *:443 <VirtualHost *:443> ServerAdmin root@localhost DocumentRoot /var/www/html/websites/https_domain.co.uk/ ServerName ssl.domain.co.uk ErrorLog /etc/httpd/logs/ssl.domain.co.uk/ssl.domain.co.uk-error_log CustomLog /etc/httpd/logs/ssl.domain.co.uk/ssl.domain.o.uk-access_log common SSLEngine on SSLOptions +StrictRequire SSLCertificateFile /var/www/ssl/ssl_domain_co_uk.crt SSLCertificateKeyFile /var/www/ssl/domain.co.uk.key SSLCACertificateFile /var/www/ssl/ssl_domain_co_uk.ca-bundle </VirtualHost> <VirtualHost *:80> ServerAdmin root@localhost DocumentRoot /var/www/html/websites/ssl.domain.co.uk/ ServerName ssl.domain.co.uk ErrorLog /etc/httpd/logs/ssl.domain.co.uk/ssl.domain.xo.uk-error_log CustomLog /etc/httpd/logs/ssl.domain.co.uk/ssl.domain.xo.uk-access_log common </VirtualHost>

  Read the article

• EngineX ignores Auth Basic?

  - by Miko

  I have configured nginx to password protect a directory using auth_basic. The password prompt comes up and the login works fine. However... if I refuse to type in my credentials, and instead hit escape multiple times in a row, the page will eventually load w/o CSS and images. In other words, continuously telling the login prompt to go away will at some point allow the page to load anyway. Is this an issue with nginx, or my configuration? Here is my virtual host: 31 server { 32 server_name sub.domain.com; 33 root /www/sub.domain.com/; 34 35 location / { 36 index index.php index.html; 37 root /www/sub.domain.com; 38 auth_basic "Restricted"; 39 auth_basic_user_file /www/auth/sub.domain.com; 40 error_page 404 = /www/404.php; 41 } 42 43 location ~ \.php$ { 44 include /usr/local/nginx/conf/fastcgi_params; 45 } 46 } My server runs CentOS + nginx + php-fpm + xcache + mysql

  Read the article

• Running multiple copies of openssh-server (sshd) on Ubuntu

  - by cecilkorik

  I may be attacking this problem the wrong way, if so let me know. I have a server which is available through SSH from both the public internet and the local LAN. I would like to have two very different security policies for each, by running two copies of sshd with two different sshd_config files each on a different port. Some of the things I'd like to change is to allow password or public-key authentication on the LAN, but public-key only from the internet. All (real) users could login from the LAN side, but only certain authorized users would be individually whitelisted to login through the internet. As far as I can tell this requires having two different SSH daemons running on different ports with different sshd_configs. I am fine with the different ports part, I can easily forward port 22 to any port I want through my firewall. So my question is what is the best way to actually START the second sshd under Ubuntu 10.04 LTS. Is there a recommended way to do something like this? Surely I am not the first person with this sort of need. I have a bit of experience with upstart, and I can manually hack the second sshd into /etc/init/ssh.conf I suppose but I'm not sure if that will get overwritten by the package. However I do it, It's important to ensure both sshd processes always get restarted after any automatic or manual upgrade of the openssh-server package. Thanks in advance.

  Read the article

• Adding custom service to nagiosgraph

  - by ravloony

  I have successfully added nagiosgraph to our nagios installation. I also added a memory checker plugin, from here : http://blog.vergiss-blackjack.de/2010/04/nagios-plugin-to-check-memory-consumption/. However I can't seem to get the graph of this service to be output by nagiosgraph. The plugin returns a single line like this: 31% (3785 of 11903 MB) used so i added a rule like this to the map file: /output:(\d+)% \((\d+) of (\d+) MB\) used/ and push @s, ['Mem', ['Percentage', 'GUAGE', $1], ['Used', 'GUAGE', $2], ['Total', 'GUAGE', $3] ]; I have also read this : http://www.mail-archive.com/[email protected]/msg36835.html and made sure that process_performance_data=1 in the nagios conf file. So far I have no graph for the Mem service on any host, and no rrd file either. I am unsure how to proceed to get this working. The documentation is rather difficult to follow and I haven't managed yet to understand it enough to do this. Can anyone point me to a tutorial, or some documentation which explains the steps needed to get a service noticed and graphed by nagiosgraph?

  Read the article

• Set up multiple websites on a local web server

  - by mickburkejnr

  I have spent the last few days setting up a CentOS 6 server on my local network so that I can host multiple projects that I'm currently working on. Everything has been set up so that I access the server by typing 192.168.1.10 and the Apache test page comes up. What I'm aiming to do is to access different projects by typing in 192.168.1.10/project, and then view the project as if it was on it's own standalone server. I have thought about just sticking these sites inside folders on the server then accessing them that way, but a lot of my projects use CakePHP so this isn't feasible. So what I need to do is create VirtualHosts in Apache to allow me to do this, but without using a domain name. I want to stick to using the IP address of the machine (which is static). Any ideas? EDIT I've followed Peter's suggestion, but now I have a new problem. In the httpd.conf file I have entered the following information: NameVirtualHost *:80 <VirtualHost *:80> ServerAdmin [email protected] DocumentRoot /www/html/project1 ServerName local.project1.com ErrorLog logs/local.project1.com-error_log CustomLog logs/local.project1.com-access_log common </VirtualHost> And now Apache is saying: Starting httpd: Warning: DocumentRoot [/www/html/project1] does not exist When it clearly does exist. I've disabled SELinux and I can confirm this isn't turned on. I've also checked the ownership of the folder, and its owned by root. I can also save files to these folders using a guest FTP account (which isn't associated to root), so the folders are being listed and can be written to. But when I try the folder in a web browser it doesn't seem to work either. I've also done a reboot of the server and the problem persists. What should I change in order to resolve this?

  Read the article

• Metacity/Compiz not staring upon Login Ubuntu 10.10

  - by Ryan Lanciaux

  TLDR: As of this afternoon, I do not have a window manager when I login to Ubuntu 10.10. I would like to have window manager on login without needing to add to startup. Just started using linux again as my home OS. (Used it for a long time years ago but been on windows up until this past weekend) so this may be kind of n00b-ish :) Anyways, up until today, everything on my machine was running okay. I did not have compiz running as the default wm because I'm running NVidia Drivers and Xinerama (and as I understand Xinerama & Compiz don't work well together). I made no changes to my xorg / etc but today when I logged in, I had to manually start metacity from command line to get any window manager. Really not sure what would be causing this or what I can do to get it working again. My xorg.conf is available here: https://gist.github.com/845618. My default Window Manager is set to /usr/bin/metacity in Configuration Editor under /desktop/gnome/applications/window_manager. p.s. Any tips on how to run 3 monitors where I can move windows between screens without Xinerama would be appreciated but that's prolly for another thread :)

  Read the article

• Setting up self signed cert and CA [plesk / linux]

  - by microchasm

  I'm about ready to give up and do a clean wipe of this machine and start over with ISPConfig or some other variant. I installed Plesk on this machine to help with some of the handiwork. It is the free version (single domain); I don't need it for much. It's nice, though, to use to set up db's email, etc. Anyway, I would like to set it up as a CA (which I can add to users' trusted root servers to alleviate those warnings). It seems like Plesk does all it can to obfuscate where things are. Despite trying to find the conf files, and crt/pem/key etc. I am (5 hours later) now left with a machine that won't even get to the ssl page. The browser will sit there, until a 'connection reset' error comes up. In error_log, I get messages saying CN doesn't match server name -- which it does. ssl_error_log: [Thu May 13 16:02:14 2010] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Thu May 13 16:12:19 2010] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) not very helpful. If anyone has any experience, and/or recommendations (including other software), I'd be much obliged. NB RHEL5; 1 domain, 3 subdomains; everything local only. Thanks.

  Read the article

• How to access a port via OpenVpn only

  - by Andy M

  I've set up an openvpn server alongside an apache website that can only be accessed on port 8100 on the same machine. My /etc/openvpn/server.conf file looks like this: port 1194 proto tcp dev tun ca ./easy-rsa2/keys/ca.crt cert ./easy-rsa2/keys/server.crt key ./easy-rsa2/keys/server.key # This file should be kept secret dh ./easy-rsa2/keys/dh1024.pem # Diffie-Hellman parameter server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt # make sure clients can still connect to the internet push "redirect-gateway def1 bypass-dhcp" keepalive 10 120 comp-lzo persist-key persist-tun status openvpn-status.log verb 3 Now I tried to let only clients connected to the vpn network access the website on apache via port 8100. So I defined a few iptables rules: #!/bin/sh # My system IP/set ip address of server SERVER_IP="192.168.0.2" # Flushing all rules iptables -F iptables -X # Setting default filter policy iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP # Allow incoming access to port 8100 from OpenVPN 10.8.0.1 iptables -A INPUT -i tun0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o tun0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT # outgoing http iptables -A OUTPUT -o tun0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i tun0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT Now when I connect to the server from my client computer and try to access the website on 192.168.0.2:8100, my browser can't open it. Will I have to forward traffic from tun0 to eth0? Or is there anything else I'm missing?

  Read the article

• Protect all XML-RPC calls with HTTP basic auth but one

  - by bodom_lx

  I set up a Django project for smartphone serving XML-RPC methods over HTTPS and using basic auth. All XML-RPC methods require username and password. I would like to implement a XML-RPC method to provide registration to the system. Obviously, this method should not require username and password. The following is the Apache conf section responsible for basic auth: <Location /RPC2> AuthType Basic AuthName "Login Required" Require valid-user AuthBasicProvider wsgi WSGIAuthUserScript /path/to/auth.wsgi </Location> This is my auth.wsgi: import os import sys sys.stdout = sys.stderr sys.path.append('/path/to/project') os.environ['DJANGO_SETTINGS_MODULE'] = 'project.settings' from django.contrib.auth.models import User from django import db def check_password(environ, user, password): """ Authenticates apache/mod_wsgi against Django's auth database. """ db.reset_queries() kwargs = {'username': user, 'is_active': True} try: # checks that the username is valid try: user = User.objects.get(**kwargs) except User.DoesNotExist: return None # verifies that the password is valid for the user if user.check_password(password): return True else: return False finally: db.connection.close() There are two dirty ways to achieve my aim with current situation: Have a dummy username/password to be used when trying to register to the system Have a separate Django/XML-RPC application on another URL (ie: /register) that is not protected by basic auth Both of them are very ugly, as I would also like to define a standard protocol to be used for services like mine (it's an open Dynamic Ridesharing Architecture) Is there a way to unprotect a single XML-RPC call (ie. a defined POST request) even if all XML-RPC calls over /RPC2 are protected?

  Read the article

• Sharing a folder with Nautilus and NTFS external drive gets errors

  - by TheLQ

  I am trying to share a folder in Lubuntu over a network that's on an external NTFS drive. Due to the system that I have (rotating backup disks) this is probably the second time that the drive would of been mounted. Its manually mounted with a simple (for example) mount /dev/sdb1 /media/BACKUP On an internal NTFS disk I have successfully setup a network share and can access it. However on the external disk I can't from any other Windows computer. When setting up the share Nautilus said that it needs to change the other's permissions to allow for other users to write. However afterwords its still blank. Changing it to Read and Write just changes back to blank. Chowning the entire /media folder recursively and trying didn't work. Running PCManFM as root and changing didn't work. Adding "public=yes" to smb.conf and restarting didn't work. I'm out of idea's on what to do. What's weird is that it worked just fine on an internal NTFS disk, so why not the external one? Any solutions need to be able to managed inside of a gui (preferably Nautilus) as the person managing the machine isn't as tech savvy. Thanks

  Read the article

• Packets being dropped by iptables

  - by Shadyabhi

  I am trying to create a Software Access Point in linux. I followed the blog here. Steps I performed: Started dhcp server on wlan0. Properly configured hostapd.conf Enabled packet forwarding & masquerading. Two commands executed regarding iptables: iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE iptables --append FORWARD --in-interface wlan0 -j ACCEPT I enabled logging on iptables & I get this in everything.log Jun 29 19:42:03 MBP-archlinux kernel: [10480.180356] IN=eth0 OUT=wlan0 MAC=c8:bc:c8:9b:c4:3c:00:13:80:40:cd:80:08:00 SRC=195.143.92.150 DST=10.0.0.3 LEN=44 TOS=0x00 PREC=0x00 TTL=52 ID=38025 PROTO=TCP SPT=80 DPT=53570 WINDOW=46185 RES=0x00 ACK URGP=0 Jun 29 19:42:03 MBP-archlinux kernel: [10480.389102] IN=eth0 OUT=wlan0 MAC=c8:bc:c8:9b:c4:3c:00:13:80:40:cd:80:08:00 SRC=195.143.92.150 DST=10.0.0.3 LEN=308 TOS=0x00 PREC=0x00 TTL=52 ID=14732 PROTO=TCP SPT=80 DPT=53570 WINDOW=46185 RES=0x00 ACK PSH URGP=0 Jun 29 19:42:03 MBP-archlinux kernel: [10480.389710] IN=eth0 OUT=wlan0 MAC=c8:bc:c8:9b:c4:3c:00:13:80:40:cd:80:08:00 SRC=195.143.92.150 DST=10.0.0.3 LEN=44 TOS=0x00 PREC=0x00 TTL=52 ID=14988 PROTO=TCP SPT=80 DPT=53570 WINDOW=46185 RES=0x00 ACK FIN URGP=0 Jun 29 19:42:03 MBP-archlinux kernel: [10480.621118] IN=eth0 OUT=wlan0 MAC=c8:bc:c8:9b:c4:3c:00:13:80:40:cd:80:08:00 SRC=195.143.92.150 DST=10.0.0.3 LEN=44 TOS=0x00 PREC=0x00 TTL=52 ID=63378 PROTO=TCP SPT=80 DPT=53570 WINDOW=46185 RES=0x00 ACK FIN URGP=0 I have almost no knowledge of iptables, all I did was through googling. So, can anyone help me in making me understand what wrong is happening here? I have tried running tcpdump on wlan0 & http packets are being sent from wlan0.

  Read the article

< Previous Page | 160 161 162 163 164 165 166 167 168 169 170 171  | Next Page >