Search Results

Search found 2503 results on 101 pages for 'danger cat'.

Page 77/101 | < Previous Page | 73 74 75 76 77 78 79 80 81 82 83 84  | Next Page >

• Broken fonts in konsole kde 4.3.4

  - by depesz

  I have strange situation - after some upgrade couple of days ago fonts in KDE konsole broke. To make it more specific - standard fonts look more or less ok, but when I use my national characters (like acelnsózz) they all look broken - like from another font, or badly scaled. The same problem doesn't exist in gnome-terminal. I usually use Terminus font, so I used this for demonstration, but it shows in other fonts as well - if that will be necessary I will provide list. Konsole shot: gnome-terminal shot: As for my settings: =$ cat /etc/X11/xorg.conf Section "Device" Identifier "Builtin Default intel Device 0" Driver "intel" EndSection Section "Monitor" Identifier "Monitor0" VendorName "Monitor Vendor" ModelName "Monitor Model" EndSection Section "Screen" Identifier "Builtin Default intel Screen 0" Device "Builtin Default intel Device 0" Monitor "Monitor0" EndSection Section "InputDevice" Identifier "touchpad" Driver "synaptics" Option "CorePointer" EndSection Section "ServerLayout" Identifier "Builtin Default Layout" Screen "Builtin Default intel Screen 0" InputDevice "touchpad" EndSection =$ xdpyinfo | grep -E resolution\|dimensions dimensions: 1680x1050 pixels (444x277 millimeters) resolution: 96x96 dots per inch I tried forcing DPI in system settings (to 120), or adding monitor size to xorg.conf - so far nothing helped. Any idea on what should I do to make it work sanely again?

  Read the article

• Running multiple sites on a LAMP with secure isolation

  - by David C.

  Hi everybody, I have been administering a few LAMP servers with 2-5 sites on each of them. These are basically owned by the same user/client so there are no security issues except from attacks through vulnerable deamons or scripts. I am builing my own server and would like to start hosting multiple sites. My first concern is... ISOLATION. How can I avoid that a c99 script could deface all the virtual hosts? Also, should I prevent that c99 to be able to write/read the other sites' directories? (It is easy to "cat" a config.php from another site and then get into the mysql database) My server is a VPS with 512M burstable to 1G. Among the free hosting managers, is there any small one which works for my VPS? (which maybe is compatible with the security approach I would like to have) Currently I am not planning to host over 10 sites but I would not accept that a client/hacker could navigate into unwanted directories or, worse, run malicious scripts. FTP management would be fine. I don't want to complicate things with SSH isolation. What is the best practice in this case? Basically, what do hosting companies do to sleep well? :) Thanks very much! David

  Read the article

• Problems mounting HPUX LVM+VXFS filesystem on Linux

  - by golimar

  I have a physical disk from a HPUX system that I need to access from a Debian Linux for ia64 system. From the hpux-lvm-tools project I have the tools to access the HPUX LVMs (Linux LVM has a different format) and I also have the freevxfs driver. I know beforehand that the disk has three partitions, and that the biggest one contains LVM volumes, and some of those are VxFS filesystems. I can see the partitions: # cat /proc/partitions major minor #blocks name 8 32 143374744 sdc 8 33 512000 sdc1 8 34 142452736 sdc2 8 35 409600 sdc3 It finds a VG in one of the disk partitions: # ./vgscan_hpux On /dev/sdc2 - vg1328874723 # ./pvdisplay_hpux /dev/sdc2 PV General Information ---------------------- VG Creation Time Fri Feb 10 12:52:03 2012 Physical Volume ID 1766760336 1328874723 Volume Group ID 1766760336 1328874723 Physical Volumes in VG 1766760336 1328874723 VG Actication Mode 0 - LOCAL PE Size 64 MBs Lvol sizes ---------- lvol1 - 8 Extents - 512 MBs lvol2 - 192 Extents - 12288 MBs lvol3 - 16 Extents - 1024 MBs ... lvol21 - 13 Extents - 832 MBs lvol22 - 224 Extents - 14336 MBs lvol23 - 16 Extents - 1024 MBs Then I activate that VG and some new devices appear in my system: # ./pvactivate_hpux /dev/sdc2 VG vg1328874723 Activated succesfully with 23 lvols. # # ll /dev/mapper/ total 0 crw------- 1 root root 10, 59 Nov 26 16:08 control lrwxrwxrwx 1 root root 7 Nov 26 16:38 vg1328874723-lvol1 -> ../dm-0 lrwxrwxrwx 1 root root 7 Nov 26 16:38 vg1328874723-lvol10 -> ../dm-9 ... lrwxrwxrwx 1 root root 7 Nov 26 16:38 vg1328874723-lvol8 -> ../dm-7 lrwxrwxrwx 1 root root 7 Nov 26 16:38 vg1328874723-lvol9 -> ../dm-8 But: # mount /dev/mapper/vg1328874723-lvol18 /mnt/tmp mount: you must specify the filesystem type # mount -t vxfs /dev/mapper/vg1328874723-lvol18 /mnt/tmp mount: wrong fs type, bad option, bad superblock on /dev/mapper/vg1328874723-lvol18, missing codepage or helper program, or other error In some cases useful info is found in syslog - try dmesg | tail or so # lsmod |grep vxfs freevxfs 23905 0 I also tried to identify the raw data with the file command and it just says 'data': # file -s /dev/mapper/vg1328874723-lvol18 /dev/mapper/vg1328874723-lvol18: symbolic link to `../dm-17' # file -s /dev/dm-17 /dev/dm-17: data # Any clues?

  Read the article

• Debian: Should I add vlan interface into bridge for KVM?

  - by javano

  I am setting up a Debian Squeeze box as a KVM host. I want to add multiple interfaces to each KVM guest so I want them to be on different VLANs. After reading about this, I believe the best method is to add multiple logical VLAN (sub)-interfaces to the physical NICs and then create a bridge adapter for each VLAN interace, and assign each bridge as a NIC for KVM guests. Does this make good sense, or madness? Do I have to use bridged interfaces with KVM like this? Can't I just add eth1.xx and eth1.yy to my interfaces config below and then configure those directly as bridged KVM guest NICs? If so, how should this look in the interfaces config file below? user@host:~$ cat /etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # Management Interface auto eth0 iface eth0 inet static address 172.22.0.31 netmask 255.255.255.0 gateway 172.22.0.1 # Interface for guest VMs auto eth1 # Guest1 : Use VLAN 117 auto eth1.117 iface eth1.117 inet manual # Set up br1 for guest 1, bridging with vlan 117 auto br1.117 iface br1.117 inet manual bridge_ports eth1.117 bridge_stp off user@host:~$ uname -a Linux hostname 3.4.9 #1 SMP Wed Aug 22 19:08:46 BST 2012 x86_64 GNU/Linux UPDATE I would really like it if someone could clarify the config for me, as I have also seen the above configured with this syntax, so I don't see why one would be preferred over the other; # Interface for guest VMs auto eth1 allow-hotplug eth1 iface eth1 inet static # Vlan 117 for guest 1 auto vlan 117 iface vlan111 inet static vlan_raw_device eth1 # Guest 1 : NIC 1 auto br1.117 iface br1.117 inet manual bridge_ports vlan117 bridge_stp off

  Read the article

• Solaris 10: cannot ping to/from server

  - by anurag kohli

  All, I have a Solaris 10 server which is not reachable by IP (ie can't ping to/from the server). I believe I have the default route setup correctly. See below: # ifconfig -a lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 bge0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet 192.168.62.100 netmask ffffff00 broadcast 192.168.62.255 ether 0:14:4f:b1:9b:30 # netstat -rn Routing Table: IPv4 Destination Gateway Flags Ref Use Interface -------------------- -------------------- ----- ----- ------ --------- 192.168.62.0 192.168.62.100 U 1 40 bge0 224.0.0.0 192.168.62.100 U 1 0 bge0 default 192.168.62.1 UG 1 0 127.0.0.1 127.0.0.1 UH 1 4 lo0 # # cat /etc/defaultrouter 192.168.62.1 I have verified layer1 and layer 2 are up on the switchport, and that it's on the correct VLAN. I have also checked the default gateawy (192.168.62.1) is in fact reachable since I can ping it from my PC: Pinging 192.168.62.1 with 32 bytes of data: Reply from 192.168.62.1: bytes=32 time=1ms TTL=254 Reply from 192.168.62.1: bytes=32 time=1ms TTL=254 Reply from 192.168.62.1: bytes=32 time=3ms TTL=254 Reply from 192.168.62.1: bytes=32 time=6ms TTL=254 I'm at a loss as to what is wrong. I would highly appreciated your assistance. Thank you very much.

  Read the article

• sudo or acl or setuid/setgid ?

  - by Xavier Maillard

  Hi, for a reason I do not really understand, everyone wants sudo for all and everything. At work we even have as many entries as there are way to read a logfile (head/tail/cat/more, ...). I think, sudo is defeating here. I'd rather use a mix of setgid/setuid directories and add ACL here and there but I really need to know what are the best practices before starting up. Our servers have %admin, %production, %dba, %users -i.e many groups and many users. Each service (mysql, apache, ...) has its own way to install privileges but members of the %production group must be able to consult configuration file or even log files. There is still the solution to add them into the right groups (mysql...) and set the good permission. But I do not want to usermod all users, I do not want to modify standards permissions since it could change after each upgrade. On the other hand, setting acls and/or mixing setuid/setgid on directories is something I could easily do without "defacing" the standard distribution. What do you think about this ? Taking the mysql example, that would look like this: setfacl d:g:production:rx,d:other::---,g:production:rx,other::--- /var/log/mysql /etc/mysql Do you think this is good practise or should I definetely usermod -G mysql and play with standard permissions system ? Thank you

  Read the article

• Linux: How do I remove bootchart from the boot process?

  - by java.is.for.desktop

  Hello, everyone! I have OpenSUSE 11.2. I removed bootchart and forgot to run mkinitrd. Now, right at the start of the boot process, I get boot/93-bootchart.sh: line 17: 462 Terminated stopinitrd 5 I Can't find any 93-bootchart.sh anywhere. Failsafe boot mode doesn't help. Earlier I got an error message about non existing /sbin/bootchartd, but I just copied /bin/cat to /sbin/bootchartd using a GParted boot disk. I tried to use chroot with an OpenSUSE boot disk, but mkinitrd can't find the root device, which is there actually (/dev/sda5). How can I make my system boot again? EDIT Ok, now I managed to re-install the bootchart rpm, using OpenSUSE boot disk and chmod. The system starts again. But that annoying bootchart is still there. I will not try again to remove it. First I will try to figure out, how to disable it during the boot process. Hopefully with your help ;)

  Read the article

• I have added a port to the public zone in firewalld but still can't access the port

  - by mikemaccana

  I've been using iptables for a long time, but have never used firewalld until recently. I have enabled port 3000 TCP via firewalld with the following command: # firewall-cmd --zone=public --add-port=3000/tcp --permanent However I can't access the server on port 3000. From an external box: telnet 178.62.16.244 3000 Trying 178.62.16.244... telnet: connect to address 178.62.16.244: Connection refused There are no routing issues: I have a separate rule for a port forward from port 80 to port 8000 which works fine externally. My app is definitely listening on the port too: Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name tcp 0 0 0.0.0.0:3000 0.0.0.0:* LISTEN 99 36797 18662/node firewall-cmd doesn't seem to show the port either - see how ports is empty. You can see the forward rule I mentioned earlier. # firewall-cmd --list-all public (default, active) interfaces: eth0 sources: services: dhcpv6-client ssh ports: masquerade: no forward-ports: port=80:proto=tcp:toport=8000:toaddr= icmp-blocks: rich rules: However I can see the rule in the XML config file: # cat /etc/firewalld/zones/public.xml <?xml version="1.0" encoding="utf-8"?> <zone> <short>Public</short> <description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description> <service name="dhcpv6-client"/> <service name="ssh"/> <port protocol="tcp" port="3000"/> <forward-port to-port="8000" protocol="tcp" port="80"/> </zone> What else do I need to do to allow access to my app on port 3000? Also: is adding access via a port the correct thing to do? Or should I make a firewalld 'service' for my app instead?

  Read the article

• How do I hook into Tar with BASH?

  - by orb

  Long Story Short I am working with Tar archives that contain PNG images in base64 encoding. I would like to use BASH (or whatever else works) to hook into the extraction function of Tar to decode PNG images from base64 encoding to standard PNG encoding after the files are unpacked. A simple cat $input-file | base64 -d >$output-file will successfully decode the images. Is there a way I can hook into tar -xf so that users do not have to do any (or minimal) extra work to decode the images? In the GNU Tar documentation (http://www.gnu.org/software/tar/manual/html_chapter/Backups.html#SEC97) I found that there are in fact variables reserved to hold the names of functions I desire to be hooked into various moments in Tar program execution. However, the documentation explains that these variables, along with other variables that can be set to configure Tar, are located in a file named backup-specs. Unfortunately, the path to this file is not given. Further, running sudo find / -name backup-specs tells me that this file is not present on my Ubuntu version 13.04 system. Background Information not included in the Long Story Short I have been working on a browser-based (WebGL) particle effect creation application (http://www.particleeffect.org), (https://github.com/cgrabowski/webgl-particle-effect-editor), (https://github.com/cgrabowski/webgl-particle-effect). I have began to write a client-side-only solution for saving and loading effect data as a tar archive. However, since client-side JavaScript has limited capability to process binary data, the images used as textures in the effect are saved with base64 encoding. I have been able to implement saving effect data as a Tar archive (haven't pushed that to Github yet). However, the images present in said Tar archive cannot be manipulated unless they are decoded from base64 encoding.

  Read the article

• Setfacl configuration issue in Linux

  - by Balualways

  I am configuring a Linux Server with ACL[Access Control Lists]. It is not allowing me to perform setfacl operation on one of the directoriy /xfiles. I am able to perform the setfacl on other directories as /tmp /op/applocal/. I am getting the error as : root@asifdl01devv # setfacl -m user:eqtrd:rw-,user:feedmgr:r--,user::---,group::r--,mask:rw-,other:--- /xfiles/change1/testfile setfacl: /xfiles/change1/testfile: Operation not supported I have defined my /etc/fstab as /dev/ROOTVG/rootlv / ext3 defaults 1 1 /dev/ROOTVG/varlv /var ext3 defaults 1 2 /dev/ROOTVG/optlv /opt ext3 defaults 1 2 /dev/ROOTVG/crashlv /var/crash ext3 defaults 1 2 /dev/ROOTVG/tmplv /tmp ext3 defaults 1 2 LABEL=/boot /boot ext3 defaults 1 2 tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 /dev/ROOTVG/swaplv swap swap defaults 0 0 /dev/APPVG/home /home ext3 defaults 1 2 /dev/APPVG/archives /archives ext3 defaults 1 2 /dev/APPVG/test /test ext3 defaults 1 2 /dev/APPVG/oracle /opt/oracle ext3 defaults 1 2 /dev/APPVG/ifeeds /xfiles ext3 defaults 1 2 I have a solaris server where the vfstab is defined as cat vfstab #device device mount FS fsck mount mount #to mount to fsck point type pass at boot options # fd - /dev/fd fd - no - /proc - /proc proc - no - /dev/vx/dsk/bootdg/swapvol - - swap - no - swap - /tmp tmpfs - yes size=1024m /dev/vx/dsk/bootdg/rootvol /dev/vx/rdsk/bootdg/rootvol / ufs 1 no logging /dev/vx/dsk/bootdg/var /dev/vx/rdsk/bootdg/var /var ufs 1 no logging /dev/vx/dsk/bootdg/home /dev/vx/rdsk/bootdg/home /home ufs 2 yes logging /dev/vx/dsk/APP/test /dev/vx/rdsk/APP/test /test vxfs 3 yes - /dev/vx/dsk/APP/archives /dev/vx/rdsk/APP/archives /archives vxfs 3 yes - /dev/vx/dsk/APP/oracle /dev/vx/rdsk/APP/oracle /opt/oracle vxfs 3 yes - /dev/vx/dsk/APP/xfiles /dev/vx/rdsk/APP/xfiles /xfiles vxfs 3 yes - I am not able to find out the issue. Any help would be appreciated.

  Read the article

• Centos 5.xx Nagios sSMTP mail cannot be sent from nagios server, but works great from console

  - by adam

  I spent last 3 hours of reasearch on how to get nagios to work with email notifications, i need to send emails form work where the only accesible smtp server is the company's one. i managed to get it done from the console using: mail [email protected] working perfectly for the purpouse i set up ssmtp.conf so as: [email protected] mailhub=smtp.company.com:587 [email protected] AuthPass=mypassword FromLineOverride=YES useSTARTTLS=YES rewriteDomain=company.pl hostname=nagios UseTLS=YES i also edited the file /etc/ssmtp/revaliases so as: root:[email protected]:smtp.company.com:587 nagios:[email protected]:smtp.company.com:587 nagiosadmin:[email protected]:smtp.company.com:587 i also edited the file permisions for /etc/ssmtp/* so as: -rwxrwxrwx 1 root nagios 371 lis 22 15:27 /etc/ssmtp/revaliases -rwxrwxrwx 1 root nagios 1569 lis 22 17:36 /etc/ssmtp/ssmtp.conf and i assigned to proper groups i belive: cat /etc/group |grep nagios mail:x:12:mail,postfix,nagios mailnull:x:47:nagios nagios:x:2106:nagios nagcmd:x:2107:nagios when i send mail manualy, i recieve it on my priv box, but when i send mail from nagios the mail log says: Nov 22 17:47:03 certa-vm2 sSMTP[9099]: MAIL FROM:<[email protected]> Nov 22 17:47:03 certa-vm2 sSMTP[9099]: 550 You are not allowed to send mail from this address it says [email protected] and im not allowed to send mails claiming to be [email protected], its suppoused to be [email protected], what am i doing wrong? i ran out of tricks... kind regards Adam xxxx

  Read the article

• Is there any free software to check for issues with a DVD drive?

  - by AgentConundrum

  I don't usually play movies on my laptop (prefer the standalone with the tv), but I tried to watch one the other night, and noticed playback was really choppy and had audio artifacts in places. I thought it could be related to memory issues so I rebooted and tried again, but the results were the same. I considered that it could be an issue with the disc, so I tried to clean it but again there was no change. I don't think the problem is with the disc, because I tried another disc and it also had the same problem. I don't think I've ever watched the second disc since I've had it, so it should have been safe in its jewel case. Also, there were no issues when I watched an episode off the first disc in my standalone player. What I'm wondering is: are there are any (free) utilities that can check for issues with the drive itself? I looked around but most of the software I found focuses on integrity checks for the disc, not the drive. I have had issues with this laptop recently (had to replace the keyboard when the cat damaged it while I was cleaning dust out and the machine was ripped apart, also replaced part of the chassis after I cracked it when I tried to open it not knowing a screw was still in it) so I may have just replaced the drive incorrectly. I'm going to check on this while I await an answer to this question. Thanks.

  Read the article

• Split big Apache log to folder structure

  - by Dough

  I just changed my Apache log behavior because it was making me having very BIG files... So I now use cronolog to split my logs to log/httpd/2012/11/access_2012.11.30.log for exemple, pattern : %Y/%m/access_%Y.%m.%d.log I now want to split my old 42GB file to the same structure but really don't know how to do that efficiently. I tried some simple commands with cat, egrep, awk... but really don't know how to handle all that in a more powerful script. Here is how the log looks like : x.x.237.134 - - [08/Apr/2011:14:43:09 +0200] "GET... x.x.50.15 - - [08/Apr/2011:14:43:09 +0200] "GET... [...] x.x.254.19 - - [28/Feb/2012:15:24:48 +0100] "GET... So I need for yeah line to get : year %Y (ex. 2012) month %m (ex. 11) day %d And to push out the entire line to : %Y/%m/access_%Y.%m.%d.log Can someone give me clues to get that working ? Thanks a lot for your interest.

  Read the article

• Rebuild Fedora 19 ISO adding Kickstart for USB install

  - by dooffas

  I am attempting to edit a Fedora 19 DVD ISO to add a kickstart file. I then need this ISO burnt to a USB stick for instillation. The error I get when booting is Warning: Could not boot. Warning: /dev/root does not exist To try and determine which part of the process is failing I have broken the process down in to separate stages. Step 1: Burn the original ISO "Fedora-19-x86_64-DVD.iso" (Available - here) to a pendrive and see if that will install. dd if=/path/to/iso of=/dev/sdc Burning this image was successful and it installed without issue. Step 2: Exctract the ISO, repackage it and burn it to a pendrive and see if that will install. PLEASE NOTE: The final command in this section has been broken down in to multiple lines for ease of reading, in fact it was run as a single command on one line. mkdir -p /mnt/linux mount -o loop /tmp/linux-install.iso /mnt/linux cd /mnt/ tar -cvf - linux | (cd /var/tmp/ && tar -xf - ) cd /var/tmp/linux xorriso -as mkisofs -R -J -V "NewFedoraImage" -o ouput/file.iso -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -isohybrid-mbr /usr/share/syslinux/isohdpfx.bin . This iso was then burnt to a pendrive as before. dd if=/path/to/iso of=/dev/sdc This ISO burnt to the pen drive with no problem and will boot. I then see the fedora options screen. After choosing either "Install Fedora 19" or "Test this media & install Fedora 19" I then receive the errors highlighted above. This means the kickstart file is not to blame, but repackaging the ISO. Is there something I am missing in the repackaging process? Any input would be great! NOTE: If it is of any help, I attempted Step 2 with an Ubuntu server ISO and the process was successful.

  Read the article

• Authenticate VNC session with ConsolKit?

  - by lori

  I have a linux machine running Fedora 16 in a cupboard. It has no screen or keyboard. I connect to it using a combination of vnc and ssh. Recently, after an update, I have had issues with authentication on the machine. If I vnc to it, the kde desktop pops up an error dialog every few minutes saying Authorization failed. Failed to obtain authentication. If I plug in a USB drive it fails to mount, Dolphin reports an authentication issue again. I have had limited success finding the solution. AFAICT, it is an issue with ConsoleKit deeming me to be a non-local user so it prevents authentication. This is the output from ck-list-sessions: $ ck-list-sessions Session5: unix-user = '1000' realname = 'steve' seat = 'Seat6' session-type = '' active = FALSE x11-display = ':1' x11-display-device = '' display-device = '' remote-host-name = '' is-local = FALSE on-since = '2012-09-16T08:07:03.137011Z' login-session-id = '1' I have tried to update my .vnc/xstartup script to include ck-launch-session as follows: $ cat ~/.vnc/xstartup #!/bin/sh exec ck-launch-session vncconfig -iconic & unset SESSION_MANAGER unset DBUS_SESSION_BUS_ADDRESS export XKL_XMODMAP_DISABLE=1 OS=`uname -s` if [ $OS = 'Linux' ]; then case "$WINDOWMANAGER" in *gnome*) if [ -e /etc/SuSE-release ]; then PATH=$PATH:/opt/gnome/bin export PATH fi ;; esac fi if [ -x /etc/X11/xinit/xinitrc ]; then exec ck-launch-session /etc/X11/xinit/xinitrc fi if [ -f /etc/X11/xinit/xinitrc ]; then exec ck-launch-session sh /etc/X11/xinit/xinitrc fi [ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources exec ck-launch-session xsetroot -solid grey exec ck-launch-session xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" & exec ck-launch-session twm & This has not helped. How can I either authenticate myself to ConsoleKit, or trick it into believing I am a local user?

  Read the article

• iptables advanced routing

  - by Shamanu4

  I have a Centos server acting as a NAT in my network. This server has one external (later ext1) interface and three internal (later int1, int2 and int3). Egress traffic comes from users via int1 and after MASQUERADE goes via ext1. Ingress traffic comes from ext1, MASQUERADE, and goes via int2 or int3 according to static routes. | ext1 | x.x.x.x/24 +---------|----------------------+ | | | Centos server (NAT) | | | +---|------|---------------|-----+ | | | int1 | | int2 | int3 10.30.1.10/24 | | 10.30.2.10/24 | 10.30.3.10/24 ^ v v 10.30.1.1/24 | | 10.30.2.1/24 | 10.30.3.1/24 +---|------|---------------|-----+ | | | | | | | v v | | ^ -Traffic policer- | | |_____________ | | | | | +------------------|-------------+ | 192.168.0.1/16 | | Clients 192.168.0.0/16 The problem: Egress traffic seems to be dropped after PREROUTING table. Packet counters are not changing on MASQUERADE rule in POSTROUTING. If I change the routes to clients causing the traffic go back via int1 - everything works perfectly. current iptable configuration is very simple: # cat /etc/sysconfig/iptables *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -I INPUT 1 -i int1 -j ACCEPT -A FORWARD -j ACCEPT COMMIT *nat -A POSTROUTING -o ext1 -j MASQUERADE # COMMIT Can anyone point me what I'm missing? Thanks. UPDATE: 192.168.100.60 via 10.30.2.1 dev int2 proto zebra # routes to clients ... 192.168.100.61 via 10.30.3.1 dev int3 proto zebra # ... I have a lot of them x.x.x.0/24 dev ext1 proto kernel scope link src x.x.x.x 10.30.1.0/24 dev int1 proto kernel scope link src 10.30.1.10 10.30.2.0/24 dev int2 proto kernel scope link src 10.30.2.10 10.30.3.0/24 dev int3 proto kernel scope link src 10.30.3.10 169.254.0.0/16 dev ext1 scope link metric 1003 169.254.0.0/16 dev int1 scope link metric 1004 169.254.0.0/16 dev int2 scope link metric 1005 169.254.0.0/16 dev int3 scope link metric 1006 blackhole 192.168.0.0/16 default via x.x.x.y dev ext1 Clients have 192.168.0.1 as gateway, which is redirecting them to 10.30.1.1

  Read the article

• How to use Timer broadcast on Multi-Processor system with linux 3.10?

  - by kevin.ji

  Hardware: ARM Cortex-A9 * 2 Software: linux-3.10.0 The platform has 2 cores of arm cortex-a9. Item CONFIG_LOCAL_TIMERS is not set in linux menuconfig. I want to use only one hardware timer to supply tick for all cpu. Interrupts looks like: CPU0 CPU1 57: 6697 0 GIC timer 81: 213 0 GIC uart-pl011 103: 0 0 GIC gmac0 104: 0 0 GIC gmac1 IPI0: 0 1 CPU wakeup interrupts IPI1: 0 0 Timer broadcast interrupts IPI2: 967 866 Rescheduling interrupts IPI3: 0 0 Function call interrupts IPI4: 1 2 Single function call interrupts IPI5: 0 0 CPU stop interrupts IPI6: 0 0 CPU backtrace Err: 0 Timer broadcast interrupts counter does not add. And it looks like that cpu1 does not work at all.But this method works well with linux-3.4, and the interrupt info looks as below in linux-3.4: # cat /proc/interrupts CPU0 CPU1 57: 8596 0 GIC timer 81: 91 0 GIC uart-pl011 103: 0 0 GIC gmac0 104: 0 0 GIC gmac1 IPI0: 0 8560 Timer broadcast interrupts IPI1: 884 1020 Rescheduling interrupts IPI2: 0 0 Function call interrupts IPI3: 0 6 Single function call interrupts IPI4: 0 0 CPU stop interrupts IPI5: 0 0 CPU backtrace Err: 0 The count of Timer broadcast interrupts is adding. And all of cpus work well. I don't know why. Any answer is welcome. :)

  Read the article

• InstantSSL's certificate no different than a self signed certificate under Nginx with an IP accessed address

  - by Absolute0

  I ordered an ssl certificate from InstantSSL and got the following pair of files: my_ip.ca-bundle, my_ip.crt I also previously generated my own key and crt files using openssl. I concatenated all the crt files: cat my_previously_generted.crt my_ip.ca_bundle my_ip.crt chained.crt And configured nginx as follows: server { ... listen 443; ssl on; ssl_certificate /home/dmsf/csr/chained.crt; ssl_certificate_key /home/dmsf/csr/csr.nopass.key; ... } I don't have a domain name as per the clients request. When I open the browser with https://my_ip chrome gives me this error: The site's security certificate is not trusted! You attempted to reach my_ip, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Google Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications. You should not proceed, especially if you have never seen this warning before for this site.

  Read the article

• Why does my DSDT table is different from what I found online?

  - by Hao Shen

  I have found a field in DSDT table where I want to modify from here http://www.ztex.de/misc/c2ctl.e.html Generally, I want to modify the _PSS field about the processor so that I can have more frequency levels available in the CPUfreq driver interface. I try to use this command to dissemble the DSDT table from my Desktop(Linux2.6.29,Intel CORE 2): cat /proc/acpi/dsdt > dsdt.aml iasl -d dsdt.aml Then I have a file dsdt.dsl as following(very long, so I just show the beginning of the file): /* * Intel ACPI Component Architecture * AML Disassembler version 20090123 * * Disassembly of dsdt.aml, Mon May 6 20:41:40 2013 * * * Original Table Header: * Signature "DSDT" * Length 0x00003794 (14228) * Revision 0x01 **** ACPI 1.0, no 64-bit math support * Checksum 0x46 * OEM ID "DELL" * OEM Table ID "dt_ex" * OEM Revision 0x00001000 (4096) * Compiler ID "INTL" * Compiler Version 0x20050624 (537200164) */ DefinitionBlock ("dsdt.aml", "DSDT", 1, "DELL", "dt_ex", 0x00001000) { Method (DBIN, 0, NotSerialized) { Noop } Scope (\) { Device (_SB.VBTN) ................... But I can not find the _PSS field as shown in the website I have given above. I do not know why? I am sure the current cpufreq driver shows 4 frequency levels available. So at least there should be something in the table showing this..right? Has anybody here played with the DSDT table before? Thanks,

  Read the article

• Advanced Linux file permission question (ownership change during write operation)

  - by Kent

  By default the umask is 0022: usera@cmp$ touch somefile; ls -l total 0 -rw-r--r-- 1 usera usera 0 2009-09-22 22:30 somefile The directory /home/shared/ is meant for shared files and should be owned by root and the shared group. Files created here by usern (any user) are automatically owned by the shared group. There is a cron-job taking care of changing owning user and owning group (of any moved files) once per day: usera@cmp$ cat /etc/cron.daily/sharedscript #!/bin/bash chown -R root:shared /home/shared/ chmod -R 770 /home/shared/ I was writing a really large file to the shared directory. It had me (usera) as owning user and the shared group as group owner. During the write operation the cron job was run, and I still had no problem completing the write process. You see. I thought this would happen: I am writing the file. The file permissions and ownership data for the file looks like this: -rw-r--r-- usera shared The cron job kicks in! The chown line is processed and now the file is owned by the root user and the shared group. As the owning group only has read access to the file I get a file write error! Boom! End of story. Why did the operation succeed? A link to some kind of reference documentation to back up the reason would be very welcome (as I could use it to study more details).

  Read the article

• Disabling Keyboard Wakeup for Ubuntu 10.04 on Acer 1810TZ

  - by sybreon

  My Acer Aspire 1810TZ laptop suspends fine but wakes up on any slight key-press. I would like to disable this behaviour. I read that it involves disabling something in the /proc/acpi/wakeup but SLPB does not seem to be listed at all. root@1810TZ:/etc# cat /proc/acpi/wakeup Device S-state Status Sysfs node UHC0 S3 disabled pci:0000:00:1d.0 UHC1 S3 disabled pci:0000:00:1d.1 UHC2 S3 disabled pci:0000:00:1d.2 UHCR S3 disabled EHC1 S3 disabled pci:0000:00:1d.7 UHC3 S3 disabled pci:0000:00:1a.0 UHC4 S3 disabled UHC5 S3 disabled EHC2 S3 disabled pci:0000:00:1a.7 EXP1 S4 disabled pci:0000:00:1c.0 PXSX S4 disabled pci:0000:01:00.0 EXP2 S4 disabled PXSX S4 disabled EXP3 S4 disabled PXSX S4 disabled EXP4 S4 disabled pci:0000:00:1c.3 PXSX S4 disabled pci:0000:02:00.0 EXP5 S4 disabled PXSX S4 disabled EXP6 S4 disabled PXSX S4 disabled However, the relevant bits seem to be detected from dmesg. [ 0.357628] ACPI: AC Adapter [ACAD] (on-line) [ 0.357749] input: Power Button as /devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0C:00/input/input0 [ 0.357754] ACPI: Power Button [PWRB] [ 0.357817] input: Lid Switch as /devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0D:00/input/input1 [ 0.359319] ACPI: Lid Switch [LID0] [ 0.359390] input: Sleep Button as /devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0E:00/input/input2 [ 0.359394] ACPI: Sleep Button [SLPB] [ 0.359475] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input3 [ 0.359479] ACPI: Power Button [PWRF] Not quite sure what to do next.

  Read the article

• configure server and create website without any control panel

  - by Emad Ahmed

  i am trying to configure my new server without cpanel i've installed php/mysql/apache And it's now working fine if you visit the server ip http://46.166.129.101/ you'll see the welcome page i've configured my dns too my nameserverips file [root@server]# cat /etc/nameserverips 46.166.129.101=ns1.isellsoftwares.com 46.166.129.101=ns2.isellsoftwares.com if you visit this link http://ns1.isellsoftwares.com you'll see the welcome page too!! but if you visit isellsoftwares.com you'll see ( 'Firefox can't find the server at www.isellsoftwares.com.' ) Now my question is: How to create an account for this domain on the server?? i've tryied to add virtualHost tag in apache <VirtualHost *:80> ServerAdmin [email protected] ServerAlias www.isellsoftwares.com DocumentRoot /var/www/html/issoft ServerName isellsoftwares.com ErrorLog logs/dummy-host.example.com-error_log CustomLog logs/dummy-host.example.com-access_log common </VirtualHost> it still not working ... i've added named file for this domain (( isellsoftwares.com.db )) ; Zone file for isellsoftwares.com $TTL 14400 isellsoftwares.com. 86400 IN SOA ns1.isellsoftwares.com. elsolgan.yahoo.com. ( 2012031500 ;Serial Number 86400 ;refresh 7200 ;retry 3600000 ;expire 86400 ;minimum ) isellsoftwares.com. 86400 IN NS ns1.isellsoftwares.com. isellsoftwares.com. 86400 IN NS ns2.isellsoftwares.com. isellsoftwares.com. 14400 IN A 46.166.129.101 localhost 14400 IN A 127.0.0.1 isellsoftwares.com. 14400 IN MX 0 isellsoftwares.com. mail 14400 IN A 46.166.129.101 www 14400 IN CNAME isellsoftwares.com. ftp 14400 IN A 46.166.129.101 cpanel 14400 IN A 46.166.129.101 whm 14400 IN A 46.166.129.101 webmail 14400 IN A 46.166.129.101 webdisk 14400 IN A 46.166.129.101 ns1 14400 IN A 46.166.129.101 ns2 14400 IN A 46.166.129.101 but it still not working !!!!! So, what else i should do??

  Read the article

• SSH freeze when UFW is enabled

  - by Cristian Vrabie

  I have a small Ubuntu 10.10 server and i recently noticed a weird behavior (not sure if it was happening before). If I have ufw enabled (with default deny all in, allow all out, allow all http, allow all on a random port i use for ssh) when i perform some actions in a ssh sesion, the ssh console completely freezes. The server continues to work and if i close the console i can start another ssh session. This happens no matter from where I log in (tried from another ubuntu and a mac). The actions are fairly reproducible, for example vim some config files (though vim-ing other files works), cat some other file, etc. The freeze never happens if ufw is disabled. Any idea what's going on? Thanks! Cristian Addition: if you're wondering, yes, I have TcpKeepAlive on yes and I doubt is related (it would happen with ufw disabled too) As requested: my ufw conf below. Also, i don't know if it has something to do but the server has 2 ips. On one is configured the ssh domain, and on one to serve hhtp (via apache2) Status: active Logging: on (low) Default: deny (incoming), allow (outgoing) New profiles: skip To Action From -- ------ ---- 19922/tcp ALLOW IN Anywhere 9418/tcp ALLOW IN Anywhere 80/tcp ALLOW IN Anywhere 443/tcp ALLOW IN Anywhere

  Read the article

• Why won't this script accept any arguments?

  - by Nate Wagar

  I'm trying to write an SVN post-commit hook and, strangely, am getting hung up on what should be the easiest part. The Script: set REPO="$1" set REV="$2" set SVNBIN="/opt/CollabNet_Subversion/bin/" set SSHBIN="/usr/bin/ssh" set HOST="staging.domain.net" set timeout=30 set USERNAME="svn-usr" set E_NO_CONNECT=2 set E_WRONG_PASS=3 set E_UNKOWN=25 set CHANGED=`"$SVNBIN"svnlook changed --revision $REV $REPOS` echo "Here are changes: $CHANGED" >> /var/svn/repos/www/logs/testing echo "Command: $0; Repo: $REPO; Rev: $REV; Total: $#" >> /var/svn/repos/www/logs/testing set PROJECT "" Yet when I call it, it doesn't seem to be seeing the arguments I pass to it: /var/svn/repos/www/logs> sudo ../hooks/post-commit /var/svn/repos/www 33 svnlook: missing argument: --revision Type 'svnlook help' for usage. /var/svn/repos/www/logs> cat testing Here are changes: Command: ../hooks/post-commit; Repo: ; Rev: ; Total: 1 This is on a Solaris 10 SPARC box. I'm a bit of a script newbie, but shouldn't this be really easy??

  Read the article

• Truncated content with Apache on Vagrant VM

  - by Nev Stokes

  I'm using Vagrant to run a CentOS VM in order to try and achieve local development parity with our live servers. I've symlinked /var/www/html with the /vagrant shared directory and am forwarding port 80 for viewing at http://localhost:4567. I'm developing using SublimeText 2 on OS X Mountain Lion. Once I figured that iptables was tripping me up, all was well and good. Until I noticed something strange. I have a sample HTML page consisting of several paragraphs of lorem copy. I can view this fine in a browser on OS X. But when I make an edit, for example removing a paragraph, and refresh the content is truncated with the paragraph I deleted still visible. When I cat the files on the server I can see the changes I made but these aren't even reflected when I curl localhost. I strongly suspect that it's a problem with my Apache settings — with which I didn't really tinker — as the issue doesn't arise when I stop Apache and run sudo python -m SimpleHTTPServer 80 in the directory to view pages instead. What gives?

  Read the article

< Previous Page | 73 74 75 76 77 78 79 80 81 82 83 84  | Next Page >