Search Results

Search found 5559 results on 223 pages for 'httpd conf'.

Page 149/223 | < Previous Page | 145 146 147 148 149 150 151 152 153 154 155 156 | Next Page >

eXist-db: can't start webstart client on a closed port, reverse proxied via apache

- by rvdb

I am configuring an Apache HTTP server so it reverse proxies requests starting with /app/ to an eXist-db instance running in a Tomcat server, on port 8082. This port has been closed in the firewall and is inaccessible to the outer world. Following the eXist documentation, I have following rules in place in my httpd.conf file: ProxyPass /apps/ http://localhost:8082/ ProxyPassReverse /apps/ http://localhost:8082/ ProxyPassReverseCookiePath /apps/ / All goes well for requests to e.g. 'http://mydomain/apps/exist/index.xml'. Yet, the webstart client (accessible at 'http://localhost:8082/exist/webstart/exist.jnlp' on the web server) doesn't work behind the proxy. While 'http://mydomain/apps/exist/webstart/exist.jnlp' does generate a valid exist.jnlp file, that file can't be executed. The reason seems quite obvious: apparently, the eXist-db instance generating the exist.jnlp file only sees the proxied request as: 'http://localhost:8082/exist/webstart/exist.jnlp'. Yet, since the exist.jnlp file is executed on the client, that reference is meaningless (unless the client computer happens to have an eXist-db instance running on that port). Executing the exist.jnlp file hence fails with a 'connection refused' error. Yet, there's no problem at all connecting a local eXist-db Java client to the proxied eXist instance with the URL xmldb:exist://mydomain/apps/exist/xmlrpc. The problem lies in generating the webstart exist.jnlp file, which seems to need access to a publicly accessible URL. However, opening port 8082 and replacing the Proxy references to 'http://localhost:8082' with 'http://mydomain:8082' IMO rather destroys the point of reverse proxying. Do others have had success reverse proxying eXist-db on a closed port behind Apache? Are there perhaps some Proxy configuration settings I have overlooked (I'm no expert at all) that can make eXist see the original request instead of the proxied one? Kind regards, Ron

Read the article
Kernel Logging disabled?

- by Tiffany Walker

uname -a Linux host 2.6.32-279.9.1.el6.i686 #1 SMP Tue Sep 25 20:26:47 UTC 2012 i686 i686 i386 GNU/Linux And start ups: ls /etc/init.d/ abrt-ccpp certmonger dovecot irqbalance matahari-broker mdmonitor nfs proftpd rpcbind single ypbind abrtd cgconfig functions kdump matahari-host messagebus nfslock psacct rpcgssd smartd abrt-oops cgred haldaemon killall matahari-network mysqld ntpd qpidd rpcidmapd sshd acpid cpuspeed halt ktune matahari-rpc named ntpdate quota_nld rpcsvcgssd sssd atd crond httpd lfd ma tahari-service netconsole oddjobd rdisc rsyslog sysstat auditd csf ip6tables lvm2-lvmetad matahari-sysconfig netfs portreserve restorecond sandbox tuned autofs cups iptables lvm2-monitor matahari-sysconfig-console network postfix rngd saslauthd udev-post But when I installed CSF/LFD I am getting nothing. LFD does not create lfd.log and nor are any blocks being logged in /var/log/messages either from the firewall. This is not natural. I looked for klogd but maybe I am looking in the wrong place for it to see if it is enabled? ls /etc/init.d/syslog ls: cannot access /etc/init.d/syslog: No such file or directory Also noticed no syslog? Also noticed this: csf -d 84.113.21.201 Adding 84.113.21.201 to csf.deny and iptables DROP... iptables: No chain/target/match by that name. iptables: No chain/target/match by that name. I've never seen this before and this is a dedicated box. Also: ./csftest.pl Testing ip_tables/iptable_filter...OK Testing ipt_LOG...OK Testing ipt_multiport/xt_multiport...OK Testing ipt_REJECT...OK Testing ipt_state/xt_state...OK Testing ipt_limit/xt_limit...OK Testing ipt_recent...OK Testing xt_connlimit...OK Testing ipt_owner/xt_owner...OK Testing iptable_nat/ipt_REDIRECT...OK Testing iptable_nat/ipt_DNAT...OK RESULT: csf should function on this server iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination

Read the article
CARP: two machines think they're the master, but only on one interface

- by Conor McDermottroe

I have two machines, each configured identically as a firewall/load balancer for a busy website. I have set them up with CARP and pfsync on both the internal and external interfaces. The internal interface is behaving as expected (primary listed as MASTER and secondary listed as BACKUP) On both machines, the network interfaces are as follows: em0 - External interface bge0 - Internal interface bge1 - Crossover connection between both machines carp0 - Shared external interface for CARP carp1 - Shared internal interface for CARP I've rewritten the IP addresses and MAC addresses below. The networks are as follows: 10.0.1.0/24 - External network 10.0.2.0/24 - Internal network 10.0.3.0/24 - Crossover network Here's the output from ifconfig on the primary: em0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4> ether [SNIP] inet 10.0.1.10 netmask 0xffffff00 broadcast 10.0.1.255 media: Ethernet 100baseTX <full-duplex> status: active bge0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM> ether [SNIP] inet 10.0.2.10 netmask 0xffffff00 broadcast 10.0.2.255 media: Ethernet 1000baseT <full-duplex> status: active bge1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM> ether [SNIP] inet 10.0.3.10 netmask 0xffffff00 broadcast 10.0.3.255 media: Ethernet 1000baseT <full-duplex> status: active lo0: flags=80c9<UP,LOOPBACK,RUNNING,NOARP,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff000000 pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33152 pfsync0: flags=0<> metric 0 mtu 1460 pfsync: syncdev: bge1 syncpeer: 10.0.3.11 maxupd: 128 carp0: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500 inet 10.0.1.5 netmask 0xffffff00 carp: MASTER vhid 1 advbase 1 advskew 0 carp1: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500 inet 10.0.2.5 netmask 0xffffff00 carp: MASTER vhid 2 advbase 1 advskew 0 And here's the /etc/rc.conf excerpt from the primary: defaultrouter="10.0.1.1" network_interfaces="em0 bge0 bge1 lo0 pfsync0" cloned_interfaces="carp0 carp1" ifconfig_em0="inet 10.0.1.10 netmask 255.255.255.0 media 100BaseTX mediaopt full-duplex" ifconfig_bge0="inet 10.0.2.10 netmask 255.255.255.0 media 1000BaseTX mediaopt full-duplex" ifconfig_bge1="inet 10.0.3.10 netmask 255.255.255.0 media 1000BaseTX mediaopt full-duplex" ifconfig_carp0="vhid 1 pass [SNIP] 10.0.1.5/24" ifconfig_carp1="vhid 2 pass [SNIP] 10.0.2.5/24" pfsync_enable="YES" pfsync_syncdev="bge1" pfsync_syncpeer="10.0.3.11" And here's the output on the secondary: em0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4> ether [SNIP] inet 10.0.1.11 netmask 0xffffff00 broadcast 10.0.1.255 media: Ethernet 100baseTX <full-duplex> status: active bge0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM> ether [SNIP] inet 10.0.2.11 netmask 0xffffff00 broadcast 10.0.2.255 media: Ethernet 1000baseT <full-duplex> status: active bge1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM> ether [SNIP] inet 10.0.3.11 netmask 0xffffff00 broadcast 10.0.3.255 media: Ethernet 1000baseT <full-duplex> status: active lo0: flags=80c9<UP,LOOPBACK,RUNNING,NOARP,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff000000 pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33152 pfsync0: flags=0<> metric 0 mtu 1460 pfsync: syncdev: bge1 syncpeer: 10.0.3.10 maxupd: 128 carp0: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500 inet 10.0.1.5 netmask 0xffffff00 carp: MASTER vhid 1 advbase 1 advskew 20 carp1: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500 inet 10.0.2.5 netmask 0xffffff00 carp: BACKUP vhid 2 advbase 1 advskew 20 And here's the /etc/rc.conf excerpt from the secondary: defaultrouter="10.0.1.1" network_interfaces="em0 bge0 bge1 lo0 pfsync0" cloned_interfaces="carp0 carp1" ifconfig_em0="inet 10.0.1.11 netmask 255.255.255.0 media 100BaseTX mediaopt full-duplex" ifconfig_bge0="inet 10.0.2.11 netmask 255.255.255.0 media 1000BaseTX mediaopt full-duplex" ifconfig_bge1="inet 10.0.3.11 netmask 255.255.255.0 media 1000BaseTX mediaopt full-duplex" ifconfig_carp0="vhid 1 pass [SNIP] advskew 20 10.0.1.5/24" ifconfig_carp1="vhid 2 pass [SNIP] advskew 20 10.0.2.5/24" pfsync_enable="YES" pfsync_syncdev="bge1" pfsync_syncpeer="10.0.3.10" What I don't understand is, the carp status on carp0 is MASTER on both machines when the status on carp1 is as it should be (MASTER on the primary and BACKUP on the secondary). What am I missing? Where should I be looking for clues?

Read the article
Apache 2 Fails to Start After Upgrade with No Errors

- by Mark Davidson

Hi all Hoping someone can help me with a server issue. Recently we upgraded to the latest apache on 2 boxes within are organisation. One being the master box the other being for failover. The upgrade went fine on the master box but on the failover box apache fails to start with no errors, being output or logged. Both boxes have the exact same configuration so found this a bit strange. I've reinstalled apache and have been through checking the configs and did not find any obvious errors. Eventally I ran a syntax check on each config file being included and found that one of the files apparently has syntax errors. Invalid command 'Order', perhaps misspelled or defined by a module not included in the server configuration Invalid command 'php_value', perhaps misspelled or defined by a module not included in the server configuration Invalid command 'GeoIPEnable', perhaps misspelled or defined by a module not included in the server configuration I've trippled checked all the modules are enabled but it still fails. I've googled the subject of these errors loads but have been unable to fine a solution. I was wondering if anyone had encountered such a problem before and could point me towards a solution. Thanks for your help in advance. P.s: Apache related versions on server. ii apache2 2.2.3-4+etch10 Next generation, scalable, extendable web se ii apache2-mpm-prefork 2.2.3-4+etch10 Traditional model for Apache HTTPD 2.1 ii apache2-utils 2.2.3-4+etch10 utility programs for webservers ii apache2.2-common 2.2.3-4+etch10 Next generation, scalable, extendable web se ii libapache2-mod-geoip 1.1.8-2 GeoIP support for apache2 ii libapache2-mod-php5 5.2.0+dfsg-8+etch15 server-side, HTML-embedded scripting languag

Read the article
Apache: How to redirect OPTIONS request with .htaccess?

- by Milan Babuškov

I have Apache 2.2.4 server with a lot of messages like this in the access_log: ::1 - - [15/May/2010:19:55:01 +0200] "OPTIONS * HTTP/1.0" 400 543 ::1 - - [15/May/2010:20:22:17 +0200] "OPTIONS * HTTP/1.0" 400 543 ::1 - - [15/May/2010:20:24:58 +0200] "OPTIONS * HTTP/1.0" 400 543 ::1 - - [15/May/2010:20:25:55 +0200] "OPTIONS * HTTP/1.0" 400 543 ::1 - - [15/May/2010:20:27:14 +0200] "OPTIONS * HTTP/1.0" 400 543 These are the "internal dummy connections" as explained on this page: http://wiki.apache.org/httpd/InternalDummyConnection The page also hits my main problem: "In 2.2.6 and earlier, in certain configurations, these requests may hit a heavy-weight dynamic web page and cause unnecessary load on the server. You can avoid this by using mod_rewrite to respond with a redirect when accessed with that specific User-Agent or IP address." Well, obviously I cannot use UserAgent because I minimized the server signature, but I could use IP address. However, I don't have a clue what should the RewriteCond and RewriteRule look for IPv6 address ::1. The website where this runs is using CodeIgniter, so there is already the following .htaccess in place, I just need to add to it: RewriteEngine on RewriteCond %{REQUEST_URI} ^/system.* RewriteRule ^(.*)$ /index.php?/$1 [G] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ /index.php?/$1 [L] Any idea how to write this .htaccess rule?

Read the article
VLC tv card streaming

- by Franco

I'm trying to stream the output of my desktop's tv card to my laptop using vlc without success. I have on both pcs ArchLinux installed. I'm stuck here: $ cvlc v4l2:///dev/video0:norm=pal-nc:frequency=543250:size=640x480:channel=0:input-slave=alsa:///dev/dsp:audio=0 --sout '#transcode{vcodec=mp4v,acodec=mpga,vb=3000,ab=256,vt=800000,keyint=80,deinterlace}:standard{access=http,mux=ogg,dst=192.168.0.2:8080}' --ttl 12 VLC media player 1.1.4 The Luggage (revision exported) Blocked: call to unsetenv("DBUS_ACTIVATION_ADDRESS") Blocked: call to unsetenv("DBUS_ACTIVATION_BUS_TYPE") [0x1c9e480] inhibit interface error: Failed to connect to the D-Bus session daemon: /usr/bin/dbus-launch terminated abnormally with the following error: Autolaunch error: X11 initialization failed. [0x1c9e480] main interface error: no suitable interface module [0x1ca1500] main interface error: no suitable interface module [0x1bb3120] main libvlc error: interface "globalhotkeys,none" initialization failed [0x1c9f940] dummy interface: using the dummy interface module... [0x1ca4850] main access out: creating httpd [0x1ebb340] mux_ogg mux: Open And on my laptop: $ vlc http://192.168.0.2:8080 VLC media player 1.1.4.1 The Luggage (revision exported) Blocked: call to unsetenv("DBUS_ACTIVATION_ADDRESS") Blocked: call to unsetenv("DBUS_ACTIVATION_BUS_TYPE") Blocked: call to setlocale(6, "") Blocked: call to sigaction(17, 0xb25c7058, 0xb25c70e4) Warning: call to signal(13, 0x1) Warning: call to signal(13, 0x1) Blocked: call to setenv("ORBIT_SOCKETDIR", "/tmp/orbit-zf", 1) Warning: call to srand(1287690122) Warning: call to rand() Blocked: call to setlocale(6, "") (process:17933): Gtk-WARNING **: Locale not supported by C library. Using the fallback 'C' locale. Warning: call to signal(13, 0x1) Blocked: call to setlocale(6, "") [0x8af5f04] main stream error: cannot pre fill buffer Any idea why this isn't working?

Read the article
How can I secure Postgres for remote access when not in a private network?

- by orokusaki

I have a database server on a VMWare VM (Ubuntu 12.04.1 LTS server), and it just occurred to me that the server is accessible via the web, since the same physical server contains a VM that hosts public websites. My iptables in the database are such that only SSH traffic, loopback traffic, and TCP on port 5432 are allowed. I will only allow host access to the Postgres server from the IP of the other VM on the same physical machine. Does this seem sufficient for security, assuming there aren't gaping holes in my general OS configuration, or is Postgres one of those services that should never be web facing, (assuming there are some of "those"). Will I need to use hostssl instead of host in my pg_hba.conf, even though the data will travel only on my own network, presumably?

Read the article
Verify client certificate CN in Tomcat(APR)

- by Petter

I'm running a tomcat installation with the APR libraries installed (with the OpenSSL HTTPS stack that comes with it). What I'm trying to do is to lock a specific HTTPS connector down to users of a specific certificate. Adding client certificate verification is no issue, but I can't get it to validate against a specific Common name only. I was perhaps a bit naïve and thought the mod_ssl attribute SSLRequire typically used in Apache Httpd would work, but that property is not recognized by the Tomcat implementation. (http://tomcat.apache.org/tomcat-7.0-doc/config/http.html#SSL%20Support points to some mod_ssl docs, but the Tomcat implementation does not seem to cover all aspects of mod_ssl). I can get this to work by using the Java version of the connector instead of APR (losing some performance) and just add a trust store with that one certificate in it. However, using openssl without the SSLRequire expressions, I'm not sure how to do this with Tomcat7 (on Windows if that matters). <Connector protocol="HTTP/1.1" port="443" maxThreads="150" scheme="https" secure="true" SSLEnabled="true" SSLCertificateFile="mycert.pem" SSLCertificateKeyFile="privkey.pem" SSLCACertificateFile="CABundle.pem" SSLVerifyClient="require" SSLProtocol="TLSv1" SSLRequire="(%{SSL_CLIENT_S_DN_CN} eq "host.example.com")"/> Can you suggest a way to make this work using Tomcat/APR/OpenSSL?

Read the article
How can I disable reverse DNS in Apache 2?

- by Creighton Hale

I want to disable reverse DNS in Apache 2. I have done the following steps: In apache2/apache2.conf file ,HostnameLookups is set as OFF Tcpdump session confirmed thatApache was doing double reverse lookups even though the HostnameLookupsdirective was clearly turned off. No hostnames insites-available. The problem still remains. UPD: version of apache is dpkg -l | grep apache2 ii apache2-mpm-prefork 2.2.16-6+squeeze4 Apache HTTP Server - traditional non-threaded model ii apache2-utils 2.2.16-6+squeeze4 utility programs for webservers ii apache2.2-bin 2.2.16-6+squeeze4 Apache HTTP Server common binary files ii apache2.2-common 2.2.16-6+squeeze4 Apache HTTP Server common files apache2 -l Compiled in modules: core.c mod_log_config.c mod_logio.c prefork.c http_core.c mod_so.c I think mod_security is not present.

Read the article
Postfix tutorial inconsistency

- by Desmond Hume

I'm following this tutorial to setup a Postfix/Dovecot mail server with Postfix Admin as a web front end. As regards directory structure for virtual mail users, the author of the tutorial writes: Virtual mail users are those that do not exist as Unix system users. They thus don't use the standard Unix methods of authentication or mail delivery and don't have home directories. That is how we are managing things here: mail users are defined in the database created by Postfix Admin rather than existing as system users. Mail will be kept in subfolders per domain and account under /var/vmail - e.g. [email protected] will have a mail directory of /var/vmail/example.com/me. But when he gives instructions about configuring Postfix Admin, he suggests this to be contained by Postfix Admin's config.inc.php: // Mailboxes // If you want to store the mailboxes per domain set this to 'YES'. // Examples: // YES: /usr/local/virtual/domain.tld/[email protected] // NO: /usr/local/virtual/[email protected] $CONF['domain_path'] = 'NO'; Is there an inconsistency?

Read the article
Enabling ppolicy in openldap

- by nitins

For enabling ppolicy is in Openldap I am trying to import the policy given below. dn: ou=policies,dc=example,dc=in ou: policies objectClass: top objectClass: organizationalUnit # default, policies, example.in dn: cn=default,ou=policies,dc=example,dc=in objectClass: top objectClass: device objectClass: pwdPolicy cn: default pwdAttribute: userPassword pwdMaxAge: 7776002 pwdExpireWarning: 432000 pwdInHistory: 0 pwdCheckQuality: 1 pwdMinLength: 8 pwdMaxFailure: 5 pwdLockout: TRUE pwdLockoutDuration: 900 pwdGraceAuthNLimit: 0 pwdFailureCountInterval: 0 pwdMustChange: TRUE pwdAllowUserChange: TRUE pwdSafeModify: FALSE But I am getting the error given below. ldapadd -x -D "cn=Manager,dc=example,dc=in" -w xxxxxx -f /tmp/new-policy.ldif adding new entry "cn=default,ou=policies,dc=example,dc=in" ldapadd: Invalid syntax (21) additional info: pwdAttribute: value #0 invalid per syntax Any idea on why I am getting the error ? I have already added the ppolicy schema and module in slapd.conf

Read the article
Should I replace libapache2-mod-php5-filter with libapache2-mod-php5 on Debian 6 Apache 2.2.16?

- by luison

Upgrading various virtual machines we are having an issue with the Debian package upgrade to version 2.2.16 The upgrade (surprisingly) seems to remove libapache2-mod-php5 replacing it with libapache2-mod-php5-filter. This gave us some headache as the php.ini was pointing to the "old" one and some of the apache.conf conditional module rules stopped working. We can fix all those but we can't figure out if there would be any issues if we just "reversed" this and simply install libapache2-mod-php5 again and load that module instead of the "filter" one or in there is anyway to "alias" a module. I tend to think that the change "has a reason" but after reading apache2 and php5: module or filter I understand the module differences are to do with post delivery security issues.

Read the article
Why am I unable to turn off recursion in ISC BIND?

- by nbolton

Here's my named.conf.options file: options { directory "/var/cache/bind"; dnssec-enable yes; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; # disable recursion recursion no; }; I've tried adding allow-recursion { "none"; } before recursion but this also has no effect; I'm testing it by using nslookup on Windows, and using google.com. as the query (and it returns an IP, so I assume recursion is on). This issue occurs on two servers with similar setups.

Read the article
Postfix smtp error 450 (failed to add recipient)

- by culter

I have debian server with postfix and roundcube. After an attack we are on 2 blacklists, but I don't think that this is the main problem. I can't send mail to any address. I tried to find the cause...I checked var/spool/postfix/etc/resolv.conf and resolv.etc and they're the same with this content: nameserver 127.0.0.1 nameserver localhost In var/log/mail.err I found: cyrus/imap[25452]: DBERROR: opening /var/lib/cyrus/user/m/[email protected]: cyrusdb error cyrus/imap[25452]: DBERROR: skiplist recovery /var/lib/cyrus/user/m/[email protected]: ADD at 1FC0 exists When I try to send email from roundcube, I get the message from title. When I send it within opera or any other mail client, It gives nothing, but email is'nt sended. Thank you for any advice.

Read the article
vsftpd chroot_local_user does nothing

- by Reinderien

I'm setting up a vsftpd server on: Linux 2.6.32-26-server #48-Ubuntu SMP Wed Nov 24 10:28:32 UTC 2010 x86_64 GNU/Linux When I set chroot_local_user=YES, there is no effect (I can still see / when I log in). There is nothing in syslog or /var/log/vsftpd.log to indicate what's wrong. I know that I'm editing the right conf file and that other settings do come into effect when I restart the daemon, because these work: ssl_enable=YES force_local_data_ssl=YES force_local_logins_ssl=YES Any idea what's wrong? Thanks. Edit: I've touched /etc/vsftpd.chroot_list for it to be empty (no chroot-denied users), and have added: chroot_list_enable=YES chroot_list_file=/etc/vsftpd.chroot_list Then to restart: sudo /etc/init.d/vsftpd restart Rather than invoking init scripts through /etc/init.d, use the service(8) utility, e.g. service vsftpd restart Since the script you are attempting to invoke has been converted to an Upstart job, you may also use the restart(8) utility, e.g. restart vsftpd vsftpd start/running, process 5606 Still no effect.

Read the article
Exim queue in WHM

- by Xobb

Hi fellas, I've got the centos server with WHM. The mail server is exim. I need exim put all messages in queue and not sending directly.Though I've added the queue_only option to exim configuration and the messages are collected in the queue now. Afterwards I've found out that someone is calling exim -q to process the queue every once in a while. I've found the following cron job: 0 6 * * * /scripts/exim_tidydb > /dev/null 2>&1 which I beleive has been used to process the exim queue. Also I suspect that script was installed alongside with WHM. Surely I've commented it out and was expecting everything to work just fine. But that didn't happen. I still get the exim queue processed once in a while. Am I missing anything? What may cause my exim queue to process? Here is cat /etc/exim.conf | grep queue queue_only deliver_queue_load_max = 3 Thanks

Read the article
How to create public html (apache2) with LDAP authentication?

- by borjamf

Im running Apache2 on Ubuntu 12.04 Server because I want to create a home directory for each ldap user. I'm using LDAP for authentication and it's working ok. Also I've done some tests with LDAP module for Apache2 and it's working ok. The problem with this LDAP authentication is that any success login can access to ~user/public_html, even if the user is not the owner of that home. I dont know how to control that, for example, userldap2 access to userldap1/public_html. I want that only the userldap1 access to userldap1. Could anybody tell me how to control that with LDAP authentication? I hope that you'll understand me. My config (auth_ldap.conf) <Directory /home/disco2/*/public_html> AuthName "Authentication" AuthType basic AuthBasicProvider ldap AuthzLDAPAuthoritative off AuthLDAPURL ldap://prueba.borja/dc=prueba,dc=borja?uid? Require ldap-filter objectClass=posixAccount </Directory>

Read the article
Remote logging for multiple Apache virtual hosts using syslog-ng

- by James

I'm running a couple Apache web servers that each have 4-8 separate virtual hosts on each of them. I'm trying to setup a dedicated log server that stores each virtual host access and errors logs in a separate directory for that virtual host. For example on the logging server, /var/log/remove/10.0.0.2/virtualhost1 contains access_log and error_log /var/log/remove/10.0.0.2/virtualhost2 contains access_log and error_log /var/log/remove/10.0.0.3/virtualhost3 contains access_log and error_log and so on... Right now I have it split up by host but I can't figure out how to do it additionally by virtual host. Here are the relevant lines from the logging server's syslog-ng.conf source r_src { tcp(ip("0.0.0.0") port(5140)); }; destination r_all { file("/opt/splunk/logs/$HOST"); }; log { source(r_src); destination(r_all); }; Any help would be appreciated. Thanks!

Read the article
apache tomcat loadbalancing clustering on ubuntu

- by user740010

i am facing a problem in clustering the tomcat with apache as a loadbalancer using mod_jk on ubuntu. i have install apache2 on my ubuntu 11.04 and i have downloaded tomcat7 created two copies and kept them at two different location. 1st one is at /home/net4u/vishal/test/tomcatA 2nd one is at /home/net4u/vishal/test1/tomcatB i have made following changes to server.xml file in /conf folder 1. <Server port="8205" shutdown="SHUTDOWN"> 2. <Connector port="8280" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> 3.<Connector port="8209" protocol="AJP/1.3" redirectPort="8443" /> <Engine name="Catalina" defaultHost="localhost" jvmRoute="tomcatB"> 4. <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/> similarly i have modified other tomcat i.e tomcatA server.xml content of the server.xml is as follow: --    <Connector port="8280" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />      <Connector port="8109" protocol="AJP/1.3" redirectPort="8443" />   <Engine name="Catalina" defaultHost="localhost" jvmRoute="tomcatB">   <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>  <Realm className="org.apache.catalina.realm.LockOutRealm">  <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/> </Realm> <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true">    <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log." suffix=".txt" pattern="%h %l %u %t "%r" %s %b" resolveHosts="false"/> </Host> </Engine> i have install libapache2-mod-jk step 1. i have Created jk.load file in /etc/apache2/mods-enabled/jk.load content is as follows: LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so Create /etc/apache2/mods-enabled/jk.conf: JkWorkersFile /etc/apache2/workers.properties JkLogFile /var/log/apache2/jk.log JkMount /ecommerce/* worker1 JkMount /images/* worker1 JkMount /content/* worker1 step 2. Created workers.properties file in /etc/apache2/workers.properties content is as follows: workers.tomcat_home=/home/vishal/Desktop/test/tomcatA workers.java_home=/usr/lib/jvm/default-java ps=/ worker.list=tomcatA,tomcatB,loadbalancer worker.tomcatA.port=8109 worker.tomcatA.host=localhost worker.tomcatA.type=ajp13 worker.tomcatA.lbfactor=1 worker.tomcatB.port=8209 worker.tomcatB.host=localhost worker.tomcatB.type=ajp13 worker.tomcatB.lbfactor=1 worker.loadbalancer.type=lb worker.loadbalancer.balanced_workers=tomcatA,tomcatB worker.loadbalancer.sticky_session=1 i tried the same thing on the windows machine it is working.

Read the article
Touch Screen Ubuntu 10.04LTS

- by WalterJ89

I'm trying to get a touch screen working with Ubuntu 10.04LTS (64bit) -it is a serial touchsceen, connected at /dev/ttyS0 ,i know that works because I get garbage in the terminal when I enable it. -before the screen used a 3m driver (I believe) in XP. My knowledge of Linux is passive so I generally pick up something when I need it. To get this working I came accross a lot of tutorials (a lot outdated a bit), I'm still at a loss to get this work. I'm not sure where to put linux drivers (/usr/ or /dev/?) most tutorials kind of skip over that part. I have tried editing the /etc/X11/xorg.conf unsuccessfully. I'm not sure what the syntax for that is supposed to be. Thank You

Read the article
CentOS PAM+LDAP login and host attribute

- by pianisteg

My system is CentOS 6.3, openldap is configured well, PAM authorization works fine. But after turning pam_check_host_attr to yes, all LDAP-auths fail with message "Access denied for this host". hostname on the server returns correct value, the same value is listed in user's profile. "pam_check_host_attr no" works fine and allows everyone with correct uid/password a piece of /var/log/secure: Sep 26 05:33:01 ldap sshd[1588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=my-host user=my-username Sep 26 05:33:01 ldap sshd[1588]: Failed password for my-username from 77.AA.BB.CC port 58528 ssh2 Sep 26 05:33:01 ldap sshd[1589]: fatal: Access denied for user my-username by PAM account configuration Another two servers (CentOS 5.7 Debian) authorizes on this LDAP server correctly. Even with pam_check_host_attr yes! I didn't edit /etc/security/access.conf, it is empty, only default comments. I don't know what to do! How to fix this?

Read the article
SVN check out to samba directory

- by Jon H

I'm trying to svn co to a directory on Ubuntu, shared via samba, to OS X, but I get the following error (in OS X). svn: In directory 'site/product/tests' svn: Can't open file 'site/product/tests/.svn/tmp/text-base/._base.py.svn-base': No such file or directory My smb.conf file includes the following changes: unix extensions = no browseable = yes public = yes writable = yes delete readonly = yes create mask = 0775 directory mask = 0775 valid users = %S read only = no The checkout works fine locally (on the Ubuntu machine). What am I missing? More detail: Later inspection showed that the svn error couldn't find the file with 3, then 2 underscores: .___init__.py.svn-base Whereas listing the directory in OS X showed 2, then 2 underscores: __init__.py.svn-base And listing the same directory in a successful checkout on Ubuntu shows nothing (because it's a temporary directory?) I've tried the mangled = no setting in share settings, to no effect.

Read the article
Is there any way to use arrays in a puppet module (not in template)?

- by KARASZI István

I want to use puppet to manage a hadoop cluster. On the machines we have several directories which must be created and set permissions. But i'm unable to add array values for defined methods. define hdfs_site( $dirs ) { file { $dirs: ensure => directory, owner => "hadoop", group => "hadoop", mode => 755; } file { "/opt/hadoop/conf/hdfs-site.xml": content => template("hdfs-site.xml.erb"), owner => "root", group => "root", mode => 644; } } define hadoop_slave( $mem, $cpu, $dirs ) { hadoop_base { mem => $mem, cpu => $cpu, } hdfs_site { dirs => $dirs, } } hadoop_base is similar to hdfs_site. Thanks!

Read the article
Linux Bridge, Samba netbios name/hostname access

- by Christopher Wilson

I am currently running a linux bridge in the following configuration ADSL Modem: 192.168.1.1 Linux Bridge: eth0: 192.168.1.2 eth1: no address Wireless Router: 192.168.0.1 My issue is that i cannot access the "Linux Bridge" shares using the WINS name of the server via client systems (yes i understand it is a transparent bridge but i can access it via the 192.168.1.2 address this is not on the same subnet as the client systems). This is the global section of my SMB.CONF [global] unix extensions = off os level = 20 netbios name = server guest account = nobody server string = 447 Server security = share #unix extensions = no #wins support = yes #wins server = 192.168.0.1 name resolve order = wins lmhosts hosts bcast interfaces bridge1 eth0 eth1 lo bind interfaces only = yes Can i access a bridged server using it's WINS name to access samba shares? Cheers Chris

Read the article
Making lighttpd redirect from www.exampe.com to www.example.com/cgi-bin/index.pl

- by jarmund

What the title says.. www.example.com is defined in lighttpd.conf as a virtual host: $HTTP["host"] =~ "(^|\.)example.com$" { server.document-root = "/usr/www/example.com/http" accesslog.filename = "/var/log/www/example.com/access.log" $HTTP["url"] =~ ".pl$" { cgi.assign = (".pl" => "/usr/bin/perl" ) } } However, instead of going by the files listed in index-file.names (the usual index.html, default.html, etc), i want all requests to the root of the virtual host to be forwarded to /cgi-bin/index.pl. What's the easiest/best way of doing this? This need is a special case, and will only apply to this virtualhost. Is it possible to have that particular virtualhost send a redirect in the header?

Read the article

< Previous Page | 145 146 147 148 149 150 151 152 153 154 155 156 | Next Page >