Search Results

Search found 15137 results on 606 pages for 'global state'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 156/606 | < Previous Page | 152 153 154 155 156 157 158 159 160 161 162 163  | Next Page >

  • What part of SMF is likely broken by a hard power down?

    - by David Mackintosh
    At one of my customer sites, the local guy shut down their local Solaris 10 x86 server, pulled the power inputs, moved it, and now it won’t start properly. It boots and then presents a prompt which lets you log in. This appears to be single user milestone (or equivalent). Digging into it, I think that SMF isn’t permitting the system to go multi-user. SMF was generating a ton of errors on autofs, after some fooling with it I got it to generate errors on inetd and nfs/client instead. This all tells me that the problem is in some SMF state file or database that needs to be fixed/deleted/recreated or something, but I don’t know what the actual issue is. By “generate errors”, I mean that every second I get a message on the console saying “Method or service exit timed out. Killing contract <#.” This makes interacting with the computer difficult. Running svcs –xv shows the service as “enabled”, in state “disabled”, reason “Start method is running”. Fooling with svcadm on the service does nothing, except confirm that the service is not in a Maintenance state. Logs in /lib/svc/log/$SERVICE just tell you that this loop has been happening once per second. Logs in /etc/svc/volatile/$SERVICE confirm that at boot the service is attempted to start, and immediately stopped, no further entries. Note that system-log isn’t starting because system-log depends on autofs so I have no syslog or dmesg. Googling all these terms ends up telling me how to debug/fix either autofs or nfs/client or inetd or rpc/gss (which was the dependency that SMF was using as an excuse to prevent nfs/client from “starting”, it was claiming that rpc/gss was “undefined” which is incorrect since this all used to work. I re-enabled it with inetadm, but inetd still won’t start properly). But I think that the problem is SMF in general, not the individual services. Doing a restore_repository to the “manifest_import” does nothing to improve, or even detectibly change, the situation. I didn’t use a boot backup because the last boot(s) were not useful. I have told the customer that since the valuable data directories are on a separate file system (which fsck’s as clean so it is intact) we could just re-install solaris 10 on the / partition. But that seems like an awfully windows-like solution to inflict on this problem. So. Any ideas what piece is broken and how I might fix it?

    Read the article

  • How does one check whether the OS X "disabled" flag for launchd services is set?

    - by Charles Duffy
    According to the man page for launchctl (emphasis mine):    -w   Overrides the Disabled key and sets it to false. In previous versions, this option would modify the configuration file. Now the state of the Disabled key is stored elsewhere on-disk. Because the current state of the disabled flag is no longer set in the .plist file itself, checking for the Disabled key is no longer an accurate way to tell if the service will run on next boot. Where is this "elsewhere on-disk"? More to the point (and more importantly), how does one check whether this flag is set? Also, is it possible to set a service to run on next boot without forcing it to start immediately (as with launchctl load -w /Library/LaunchDaemons/my-service.plist)?

    Read the article

  • Odd Suhosin memory alerts

    - by slice
    I am getting a lot of odd suhosin alerts in my syslog. The following are example entries: Jun 9 08:46:11 suhosin[9764]: ALERT - script tried to increase memory_limit to 2145386496 bytes which is above the allowed value (attacker '157.55.39.180', file '/var/www/site/index.php') Jun 9 08:46:11 suhosin[9744]: ALERT - script tried to increase memory_limit to 2145386496 bytes which is above the allowed value (attacker '109.74.2.136', file '/var/www/site/test.php') Jun 9 08:46:13 suhosin[9779]: ALERT - script tried to increase memory_limit to 0 bytes which is above the allowed value (attacker 'REMOTE_ADDR not set', file 'unknown') Jun 9 08:46:13 suhosin[9779]: ALERT - script tried to increase memory_limit to 2145386496 bytes which is above the allowed value (attacker 'REMOTE_ADDR not set', file 'unknown') What is happening here? Why 0 bytes or 2145386496 bytes (2046 GB!!??)? Why does it sometimes state the attacker and the requested script and sometimes state 'REMOTE_ADDR not set' and file 'unknown'? How do I proceed to figure this out?

    Read the article

  • Why did my zpool replace never finish and what should I do now?

    - by Josh
    I have a ZFS zpool with two disks in a mirror configuration, da0 and da1. da1 failed, and so I replaced it with da2 using zpool replace BearCow da1 da2 This ran for a few hours, during which zpool status showed that the array was being resilvered. When that finished, zpool status showed that the resilver was completed, but the array was still degraded... I tried a zpool scrub and a zpool clear, but the array still shows as degraded: [root@chef] ~# zpool status BearCow pool: BearCow state: DEGRADED scrub: scrub completed after 0h20m with 0 errors on Tue Oct 9 16:13:27 2012 config: NAME STATE READ WRITE CKSUM BearCow DEGRADED 0 0 0 mirror DEGRADED 0 0 0 da0 ONLINE 0 0 0 replacing DEGRADED 0 0 0 da1 OFFLINE 0 0 0 da2 ONLINE 0 0 0 errors: No known data errors I can't zpool replace BearCow da1 da2 anymore because da2 is already a member of BearCow... This is FreeBSD (FreeNAS) running ZFS pool version 15. How do I get my array to show as healthy again?

    Read the article

  • vsFTPd and iptables - how to configure them in CentOS 5.5?

    - by Vincenzo
    I've installed vsFTPd in CentOS 5.5, on TWO servers, and added this rule to their iptable-s: -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT Looks like this is not enough, since when I'm trying to upload a file from one server to another, I'm getting this result (IP address is masked): # ftp 99.99.99.99 Connected to …com (99.99.99.99). 220 (vsFTPd 2.0.5) Name (99.99.99.99:root): vinny 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 227 Entering Passive Mode (99,99,99,99,107,74) ftp: connect: No route to host I've found a few articles in the net about the second rule I have to add to iptables, but I didn't find the right syntax for it. Could you please help?

    Read the article

  • iptables question

    - by RubyFreak
    i have a small network, with one valid IP and a firewall with 3 network interfaces (LAN, WAN, DMZ). I want to enable PAT on this valid IP to redirect http traffic to a server in my DMZ. (done) I want to enable MASQ on this ip from traffic that comes from my LAN (done) I want from my LAN as well to access my http server at DMZ. (partially) Question: in the above scenario, i cannot from my LAN, to access my http server in the DMZ, since it has the IP used by the MASQ (the only valid ip that i have). What would be the best option to solve this problem? network interfaces: eth0 (WAN) eth1 (DMZ) eth2 (LAN) /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE /sbin/iptables -A FORWARD --o eth1 -d 2.2.2.2 -p tcp --dport 80 -j ACCEPT /sbin/iptables -t nat -A PREROUTING -i eth0 -d 1.1.1.1 -p tcp --dport 80 -j DNAT --to 2.2.2.2 /sbin/iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT /sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT /sbin/iptables -A FORWARD -i eth2 -o eth0 -j ACCEPT

    Read the article

  • Laptop changes closing lid power options based on media/music playing

    - by Backdraft
    Hi, This is on a Lenovo X60 running Windows 7 Professional. This is just a pet peeve of mine, but I was wondering if it were somehow possible to have my laptop autodetect whether any media/music is playing on and change/switch the "Close lid" options under Power Options, ie. when something is playing change state to "Do Nothing" otherwise change state to "Sleep". I guess I can probably set a some key combo up with AutoHotKey to do it, but was hoping Windows could detect and switch my Power Options automatically. Thanks.

    Read the article

  • How can I keep gnu screen from becoming unresponsive after losing my SSH connection?

    - by Mikey
    I use a VPN tunnel to connect to my work network and then SSH to connect to my work PC running cygwin. Once logged in I can attach to a screen session and everything works great. Now, after a while, I walk away from my computer and sooner or later, the VPN tunnel times out. The SSH connection on each end eventually times out and then I eventually come back to my computer to do some work. Theoretically, this should be a simple matter of just restarting the VPN, reconnecting via SSH, and then running "screen -r -d". However apparently when the sshd daemon times out on the cygwin PC, it leaves the screen session in some kind of hung state. I can reproduce a similar hung state by clicking the close box on a cygwin bash shell window while it's running a screen session. Is there any way to get the screen session to recover once this has happened, so that I don't lose anything?

    Read the article

  • 404 when doing safe-upgrade in lucid 64 box?

    - by Millisami
    Why I see 404 when doing sudo aptitude safe-upgrade in my lucid 64 box? deploy@li167-251:~$ sudo aptitude safe-upgrade Reading package lists... Done Building dependency tree Reading state information... Done Reading extended state information Initializing package states... Done The following packages will be upgraded: apache2 apache2-mpm-prefork apache2-threaded-dev apache2-utils apache2.2-bin apache2.2-common apt apt-utils base-files binutils bzip2 dpkg dpkg-dev gzip ifupdown krb5-multidev language-pack-en language-pack-en-base language-selector-common libatk1.0-0 libatk1.0-dev libavahi-client3 libavahi-common-data libavahi-common3 libbz2-1.0 libc-bin libc-dev-bin libc6 libc6-dev libc6-i686 libcups2 libfreetype6 libfreetype6-dev libglib2.0-0 libglib2.0-dev libgssapi-krb5-2 libgssrpc4 libgtk2.0-0 libgtk2.0-common libgtk2.0-dev libk5crypto3 libkadm5clnt-mit7 libkadm5srv-mit7 libkdb5-4 libkrb5-3 libkrb5-dev libkrb5support0 libldap-2.4-2 libldap2-dev libmysqlclient-dev libmysqlclient16 libnotify-dev libnotify1 libpam-modules libpam-runtime libpam0g libparted0debian1 libpng12-0 libpng12-dev libpq-dev libpq5 libssl-dev libssl0.9.8 libtiff4 libudev0 libusb-0.1-4 linux-libc-dev mountall mysql-client mysql-client-5.1 mysql-client-core-5.1 mysql-common mysql-server mysql-server-5.1 mysql-server-core-5.1 openssh-client openssh-server openssl parted python-apt sudo tzdata udev upstart ureadahead wget xulrunner-1.9.2 xulrunner-1.9.2-dev The following packages are RECOMMENDED but will NOT be installed: colibri debhelper fakeroot hicolor-icon-theme libatk1.0-data libglib2.0-data libgtk2.0-bin libhtml-template-perl manpages-dev notification-daemon notify-osd ssl-cert xauth xfce4-notifyd 88 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 85.8MB of archives. After unpacking 1712kB will be used. Do you want to continue? [Y/n/?] y Writing extended state information... Done Get:1 http://security.ubuntu.com/ubuntu/ lucid-updates/main libpam-modules 1.1.1-2ubuntu5 [358kB] Get:2 http://security.ubuntu.com/ubuntu/ lucid-updates/main base-files 5.0.0ubuntu20.10.04.2 [70.2kB] Get:3 http://security.ubuntu.com/ubuntu/ lucid-updates/main gzip 1.3.12-9ubuntu1.1 [102kB] Err http://security.ubuntu.com/ubuntu/ lucid-updates/main libc-bin 2.11.1-0ubuntu7.2 404 Not Found [IP: 91.189.88.37 80] Err http://security.ubuntu.com/ubuntu/ lucid-updates/main libc6 2.11.1-0ubuntu7.2 404 Not Found [IP: 91.189.88.37 80] Err http://security.ubuntu.com/ubuntu/ lucid-updates/main libc6-i686 2.11.1-0ubuntu7.2 .........

    Read the article

  • Pygrub with DRBD on Xen 3.2

    - by Joril
    Hi all, we have a two-node cluster using DRBD 8.2 on CentOS 5.2 64bit. The cluster runs a few VMs on top of Xen 3.2.1, here's the configuration for an Ubuntu Jaunty VM: name = 'dev' bootloader = '/usr/bin/pygrub' memory = '512' vif = [ 'ip=192.168.1.217,mac=00:16:3E:CD:60:80' ] disk = [ 'phy:/dev/drbd24,xvda1,w', 'phy:/dev/drbd25,xvda2,w' ] As you can see, the disks are specified like "phy:", and as such pygrub doesn't know a thing about the underlying drbd device... So my problem is that even though the VM boots just fine, it doesn't handle the state of the drbd device. As a result, when for some reason the device gets to a secondary/secondary state, the VM won't boot, and I have to manually specify which node is primary. I read that starting with Xen 3.3 pygrub understands the "drbd:" specification, and I think that it would fix my problem, but I can't upgrade Xen at the moment... Is there a workaround? For example, could I use the 3.3 version of pygrub? Thanks!

    Read the article

  • Software Engineer's explanation of Facebook photo privacy, with UML diagram?

    - by Alex R
    Facebook photo privacy is more complex than most people think - including the bloggers who fill the Internet trying to explain it in simple terms. Not only there is the basic album-level privacy setting to consider, but also what happens with Tagging (and related privacy settings) as well as the Share button when clicked by a Friend. Has anybody seen a good, engineering-type (e.g. UML) diagram? I envision it should include the various privacy "states" a photo can be in, what causes state transitions, and the characteristics of each state? Thanks

    Read the article

  • "log on as a batch job" user rights removed by what GPO?

    - by LarsH
    I am not much of a server administrator, but get my feet wet when I have to. Right now I'm running some COTS software on a Windows 2008 Server machine. The software installer creates a few user accounts for running its processes, and then gives those users the right to "log on as a batch job". Every so often (e.g. yesterday at 2:52pm and this morning at 7:50am), those rights disappear. The software then stops working. I can verify that the user rights are gone by using secedit /export /cfg e:\temp\uraExp.inf /areas USER_RIGHTS and I have a script that does this every 30 seconds and logs the results with a timestamp, so I know when the rights disappear. What I see from the export is that in the "good" state, i.e. after I install the software and it's working correctly, the line for SeBatchLogonRight from the secedit export includes the user accounts created by the software. But every few hours (sometimes more), those user accounts are removed from that line. The same thing can be seen by using the GUI tool Local Security Policy > Security Settings > Local Policies > User Rights Assignment > Log on as a batch job: in the "good" state, that policy includes the needed user accounts, and in the bad state, the policy does not. Based on the above-mentioned logging script and the timestamps at which the user rights are being removed, I can see clearly that some GPOs are causing the change. The GPO Operational log shows GPOs being processed at exactly the right times. E.g.: Starting Registry Extension Processing. List of applicable GPOs: (Changes were detected.) Local Group Policy I have run GPOs on demand using gpupdate /force, and was able to verify that this caused the User Rights to be removed. We have looked over local group policies till our eyes are crossed, trying to figure out which one might be stripping these User Rights to "log on as a batch job." We have not configured any local group policies on this machine, that we know of; so is there a default local group policy that might typically do such a thing? Are there typical domain policies that would do this? I have been working with our IT staff colleagues to troubleshoot the problem, but none of them are really GPO experts... They wear many hats, and they do what they need to do in order to keep most things running. Any suggestions would be greatly appreciated!

    Read the article

  • ARR servers in the Load Balancing pool automatically go from unavailable to available

    - by Chris
    I have 3 IIS web servers in an ARR web farm. When we do rolling releases, we take one server offline as a backup server and move it into an "Unavailable State" I have noticed that with ARR, servers will not stay in this state...they come back online automatically hours or days later. Does anyone know how to remedy this situation? This is very bad as the server that is down is typically not running the correct version of our code. I need to keep a server unavailable until i tell it otherwise.

    Read the article

  • How can we monitor a HTTPS URL?

    - by Animesh
    A couple of our recent customers have had their applications configured for HTTPS only. Currently we are using a tool which does a good job of monitoring customers' app-server state. For the existing customers, HTTP URLs also work, so the tool can monitor the health. But the recent one have only the HTTPS enabled so the tool fails automatically. To this end, I am looking for a tool which would monitor the app-server state and send email to the group. Simple monitoring like checking to see if the app-server is up or not is all I would need. But more features are also definitely helpful. Thanks!

    Read the article

  • Xen 4.1 host (dom0) with blktap disks ("tap:aio:") not connecting

    - by Manwe
    Problem using blktap with xen-4.1 running Ubuntu Precise stock kernel with dom0 xen-4.1. I get: [ 5.580106] XENBUS: Waiting for devices to initialise: 295s...290s. ... [ 300.580288] XENBUS: Timeout connecting to device: device/vbd/51713 (local state 3, remote state 1) And some syslog lines: May 17 13:07:30 localhost logger: /etc/xen/scripts/blktap: add XENBUS_PATH=backend/tap/10/51713 May 17 13:07:31 localhost logger: /etc/xen/scripts/blktap: Writing backend/tap/10/51713/hotplug-status connected to xenstore. with tap:aio: disk lines. file:/ works. disk = [ 'tap:aio:/data/root.img,xvda1,w', ] Problem exists with lucid and precises domU kernels and both guests work in Ubuntu hardy dom0 Host 64bit 2.6.24-28-xen xen-3.3 3.2.0-24-generic #37-Ubuntu SMP Wed Apr 25 08:43:22 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 12.04 LTS Release: 12.04 Codename: precise

    Read the article

  • ipconfig /release not working, why?

    - by barlop
    ipconfig /release is not working, why is that? here is a sequence where I put my cable in get an IP, try ipconfig /release and it tells me it can't release wireless, but there is no wireless connection. i'm just trying to release the wired one. C:\>ipconfig Windows IP Configuration Ethernet adapter Wireless Network Connection: Media State . . . . . . . . . . . : Media disconnected Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Fine so I plug my cable in C:\>ipconfig Windows IP Configuration Ethernet adapter Wireless Network Connection: Media State . . . . . . . . . . . : Media disconnected Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . . . . : 0.0.0.0 Default Gateway . . . . . . . . . : C:\>ipconfig Windows IP Configuration Ethernet adapter Wireless Network Connection: Media State . . . . . . . . . . . : Media disconnected Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 192.168.1.8 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.254 Fine so from above, it clearly has an iP C:\>ipconfig /release Windows IP Configuration No operation can be performed on Wireless Network Connection while it has its me dia disconnected. C:\>

    Read the article

  • curl can't verify cert using capath, but can with cacert option

    - by phylae
    I am trying to use curl to connect to a site using HTTPS. But curl is failing to verify the SSL cert. $ curl --verbose --capath ./certs/ --head https://example.com/ * About to connect() to example.com port 443 (#0) * Trying 1.1.1.1... connected * Connected to example.com (1.1.1.1) port 443 (#0) * successfully set certificate verify locations: * CAfile: none CApath: ./certs/ * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS alert, Server hello (2): * SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed * Closing connection #0 curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed More details here: http://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. I know about the -k option. But I do actually want to verify the cert. The certs directory has been properly hashed with c_rehash . and it contains: A Verisign intermediate cert Two self-signed certs The above site should be verified with the Verisign intermediate cert. When I use the --cacert option instead (and point directly to the Verisign cert) curl is able to verify the SSL cert. $ curl --verbose --cacert ./certs/verisign-intermediate-ca.crt --head https://example.com/ * About to connect() to example.com port 443 (#0) * Trying 1.1.1.1... connected * Connected to example.com (1.1.1.1) port 443 (#0) * successfully set certificate verify locations: * CAfile: ./certs/verisign-intermediate-ca.crt CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using RC4-SHA * Server certificate: * subject: C=US; ST=State; L=City; O=Company; OU=ou1; CN=example.com * start date: 2011-04-17 00:00:00 GMT * expire date: 2012-04-15 23:59:59 GMT * common name: example.com (matched) * issuer: C=US; O=VeriSign, Inc.; OU=VeriSign Trust Network; OU=Terms of use at https://www.verisign.com/rpa (c)10; CN=VeriSign Class 3 Secure Server CA - G3 * SSL certificate verify ok. > HEAD / HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-pc-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15 > Host: example.com > Accept: */* > < HTTP/1.1 404 Not Found HTTP/1.1 404 Not Found < Cache-Control: must-revalidate,no-cache,no-store Cache-Control: must-revalidate,no-cache,no-store < Content-Type: text/html;charset=ISO-8859-1 Content-Type: text/html;charset=ISO-8859-1 < Content-Length: 1267 Content-Length: 1267 < Server: Jetty(7.2.2.v20101205) Server: Jetty(7.2.2.v20101205) < * Connection #0 to host example.com left intact * Closing connection #0 * SSLv3, TLS alert, Client hello (1): In addition, if I try hitting one of the sites using a self signed cert and the --capath option, it also works. (Let me know if I should post an example of that.) This implies that curl is finding the cert directory, and it is properly hash. Finally, I am able to verify the SSL cert with openssl, using its -CApath option. $ openssl s_client -CApath ./certs/ -connect example.com:443 CONNECTED(00000003) depth=3 /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority verify return:1 depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 verify return:1 depth=1 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 verify return:1 depth=0 /C=US/ST=State/L=City/O=Company/OU=ou1/CN=example.com verify return:1 --- Certificate chain 0 s:/C=US/ST=State/L=City/O=Company/OU=ou1/CN=example.com i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 --- Server certificate -----BEGIN CERTIFICATE----- <cert removed> -----END CERTIFICATE----- subject=/C=US/ST=State/L=City/O=Company/OU=ou1/CN=example.com issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 --- No client certificate CA names sent --- SSL handshake has read 1563 bytes and written 435 bytes --- New, TLSv1/SSLv3, Cipher is RC4-SHA Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : RC4-SHA Session-ID: D65C4C6D52E183BF1E7543DA6D6A74EDD7D6E98EB7BD4D48450885188B127717 Session-ID-ctx: Master-Key: 253D4A3477FDED5FD1353D16C1F65CFCBFD78276B6DA1A078F19A51E9F79F7DAB4C7C98E5B8F308FC89C777519C887E2 Key-Arg : None Start Time: 1303258052 Timeout : 300 (sec) Verify return code: 0 (ok) --- QUIT DONE How can I get curl to verify this cert using the --capath option?

    Read the article

  • SSH stops at "using username" with IPTables in effect

    - by Rautamiekka
    We used UFW but couldn't make the Source Dedicated ports open, which was weird, so we purged UFW and switched to IPTables, using Webmin to configure. If the inbound chain is on DENY and SSH port open [judged from Webmin], PuTTY will say using username "root" and stops at that instead of asking for public key pw. Inbound chain on ACCEPT the pw is asked. This problem didn't happen with UFW. Picture of IPTables configuration in Webmin: http://s284544448.onlinehome.us/public/PlusLINE%20Dedicated%20Server,%20Webmin,%20IPTables,%200.jpgThe address is to the previous rautamiekka.org. iptables-save when on INPUT DENY: # Generated by iptables-save v1.4.8 on Wed Apr 11 16:09:20 2012 *mangle :PREROUTING ACCEPT [1430:156843] :INPUT ACCEPT [1430:156843] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1415:781598] :POSTROUTING ACCEPT [1415:781598] COMMIT # Completed on Wed Apr 11 16:09:20 2012 # Generated by iptables-save v1.4.8 on Wed Apr 11 16:09:20 2012 *nat :PREROUTING ACCEPT [2:104] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] COMMIT # Completed on Wed Apr 11 16:09:20 2012 # Generated by iptables-save v1.4.8 on Wed Apr 11 16:09:20 2012 *filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1247:708906] -A INPUT -i lo -m comment --comment "Machine-within traffic - always allowed" -j ACCEPT -A INPUT -p tcp -m comment --comment "Services - TCP" -m tcp -m multiport --dports 22,80,443,10000,20,21 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m comment --comment "Minecraft - TCP" -m tcp --dport 25565 -j ACCEPT -A INPUT -p udp -m comment --comment "Minecraft - UDP" -m udp --dport 25565 -j ACCEPT -A INPUT -p tcp -m comment --comment "Source Dedicated - TCP" -m tcp --dport 27015 -j ACCEPT -A INPUT -p udp -m comment --comment "Source Dedicated - UDP" -m udp -m multiport --dports 4380,27000:27030 -j ACCEPT -A INPUT -p udp -m comment --comment "TS3 - UDP - main port" -m udp --dport 9987 -j ACCEPT -A INPUT -p tcp -m comment --comment "TS3 - TCP - ServerQuery" -m tcp --dport 10011 -j ACCEPT -A OUTPUT -o lo -m comment --comment "Machine-within traffic - always allowed" -j ACCEPT COMMIT # Completed on Wed Apr 11 16:09:20 2012 iptables --list when on INPUT DENY: Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere /* Machine-within traffic - always allowed */ ACCEPT tcp -- anywhere anywhere /* Services - TCP */ tcp multiport dports ssh,www,https,webmin,ftp-data,ftp state NEW,ESTABLISHED ACCEPT tcp -- anywhere anywhere /* Minecraft - TCP */ tcp dpt:25565 ACCEPT udp -- anywhere anywhere /* Minecraft - UDP */ udp dpt:25565 ACCEPT tcp -- anywhere anywhere /* Source Dedicated - TCP */ tcp dpt:27015 ACCEPT udp -- anywhere anywhere /* Source Dedicated - UDP */ udp multiport dports 4380,27000:27030 ACCEPT udp -- anywhere anywhere /* TS3 - UDP - main port */ udp dpt:9987 ACCEPT tcp -- anywhere anywhere /* TS3 - TCP - ServerQuery */ tcp dpt:10011 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere /* Machine-within traffic - always allowed */ The UFW rules prior to purging on INPUT DENY: 127.0.0.1 ALLOW IN 127.0.0.1 3306 DENY IN Anywhere 20,21/tcp ALLOW IN Anywhere 22/tcp (OpenSSH) ALLOW IN Anywhere 80/tcp ALLOW IN Anywhere 443/tcp ALLOW IN Anywhere 989 ALLOW IN Anywhere 990 ALLOW IN Anywhere 8075/tcp ALLOW IN Anywhere 9987/udp ALLOW IN Anywhere 10000/tcp ALLOW IN Anywhere 10011/tcp ALLOW IN Anywhere 25565/tcp ALLOW IN Anywhere 27000:27030/tcp ALLOW IN Anywhere 4380/udp ALLOW IN Anywhere 27014:27050/tcp ALLOW IN Anywhere 30033/tcp ALLOW IN Anywhere

    Read the article

  • Win Server 2008: Task Scheduler runs programs twice or late

    - by SomeName
    Hi, I need to restart a service every day. I have logon hours restricted at 3:00 am, and the server will logout existing TS connections. I have two tasks scheduled: "Daily At 3:20 am every day" "start a program" "c:\windows\system32\sc.exe stop myservice" "Daily At 3:22 am every day" "start a program" "c:\windows\system32\sc.exe start myservice" I came in today to notice that the service wasn't running. I've been digging in logs, and found these entries: For stop task, history: a) 3:29:35 am: Action Completed (sc result code 0) b) 3:20:00 am: Action Completed (sc result code 0) For start task, history: a) 3:29:35 am: Action Completed (sc result code ERROR_SERVICE_ALREADY_RUNNING 1056 (0x420)) b) 3:22:01 am: Action Completed (sc result code 0) Checking event logs shows me: a) 3:29:35 am, Application log, Source myservice, "The service was stopped" b) 3:29:25 am, System log, Source Service Control Manager, "The myservice service entered the stopped state" So, What would have caused both tasks to run at 3:29 am? Why don't I see a message from the SCM saying that the service entered the running state? Is this the preferred way to do this? Thanks!

    Read the article

  • Windows Server 2003 guest on Xen frequently stops responding

    - by smokris
    I'm running a Windows Server 2003 guest instance in Xen 3.x. This DomU runs fine for a day or two, then stops responding — I don't get any network response, and I can no longer connect to Xen's VNC console for this DomU. xm list shows this: Name ID Mem VCPUs State Time(s) Domain-0 0 6508 8 r----- 1161159.4 [A working Linux DomU] 1 512 1 -b---- 68711.1 [The hung Windows DomU] 5 512 1 ------ 67234.2 [Another working Linux DomU] 3 512 1 -b---- 163036.4 (What does the ------ mean? The xm manual explains what each of the six states mean, but not what no-state means.) If I xm destroy and then xm create the Windows DomU again, it boots right back up (with the Windows alert The previous system shutdown at [...] was unexpected.), and then stops responding after another day or two. I checked /var/log/xen/*.log, but no log messages are generated at the time the server stops responding. How should I proceed in troubleshooting this?

    Read the article

  • Windows 2008 Server SP2 64bit - TCP Connections never releasing after TIME_WAIT

    - by Peco
    Hello fellow admins :) We have an issue with Windows 2008 Datacenter edition SP2 64bit. We have a process that is polling very frequently and establishing new TCP connections. The system gets in a state where we end up with over 16k connections in TIME_WAIT state. The default OS timeout is 120 seconds after which these connections should go away, but that never happens. These connections persist and never get cleaned up even after the originating process has long terminated (we are still at 16k connections two days after the process was killed). The OS is supposed to time them out but it doesn't. Has anyone else seen this behavior and if so what was done to resolve it. We are aware of how to tune the tcp stack to make the timeout shorter or allow more connections but this is not the issue here. Thanks!

    Read the article

  • where does picasa save the edits i make to images?

    - by kacalapy
    I am using picasa to edit my images. after I fixed a bunch of images I looked at them by browsing my file system and find they are all in their original state. I wanted to find them in their altered state with the edits I made in picasa. I want to back them up as well as send them for printing. but I dont want to do this with the originals, only the edited up versions. how do I access the edited versions of the images?

    Read the article

  • CentOS 6 - iptables preventing web access via port 80

    - by bsod99
    I'm setting up a new web server with CentOS 6.2 and am not able to connect via the web. Everything looks set up correctly in httpd.conf and Apache is running, so I'm assuming it's an iptables issue. Is there anything in the following which could be causing the issue? # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh REJECT all -- anywhere anywhere reject-with icmp-host-prohibited ACCEPT tcp -- anywhere anywhere tcp dpt:http Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT)

    Read the article

  • Firewall still blocking port 53 despite listing otherwise?

    - by Tom
    I have 3 nodes with virtually the same iptables rules loaded from a bash script, but one particular node is blocking traffic on port 53 despite listing it's accepting it: $ iptables --list -v Chain INPUT (policy DROP 8886 packets, 657K bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- lo any anywhere anywhere 2 122 ACCEPT icmp -- any any anywhere anywhere icmp echo-request 20738 5600K ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- eth1 any anywhere node1.com multiport dports http,smtp 0 0 ACCEPT udp -- eth1 any anywhere ns.node1.com udp dpt:domain 0 0 ACCEPT tcp -- eth1 any anywhere ns.node1.com tcp dpt:domain 0 0 ACCEPT all -- eth0 any node2.backend anywhere 21 1260 ACCEPT all -- eth0 any node3.backend anywhere 0 0 ACCEPT all -- eth0 any node4.backend anywhere Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 15804 packets, 26M bytes) pkts bytes target prot opt in out source destination nmap -sV -p 53 ns.node1.com // From remote server Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2011-02-24 11:44 EST Interesting ports on ns.node1.com (1.2.3.4): PORT STATE SERVICE VERSION 53/tcp filtered domain Nmap finished: 1 IP address (1 host up) scanned in 0.336 seconds Any ideas? Thanks

    Read the article

  • Raid 5 with 4 disks on Debian automatically creates a spare drive

    - by Razer
    I'm trying to to create a RAID 5 with 4x 2TB disks on Debian 6. I followed the instructions from: http://zackreed.me/articles/38-software-raid-5-in-debian-with-mdadm I created the raid with following command: sudo mdadm --create --verbose /dev/md0 --auto=yes --level=5 --raid-devices=4 /dev/sdb1 /dev/sdc1 /dev/sdd1 /dev/sde1 After creating the RAID mdadm --detail /dev/md0 shows me: /dev/md0: Version : 1.2 Creation Time : Mon Jun 11 18:14:26 2012 Raid Level : raid5 Array Size : 5860535808 (5589.04 GiB 6001.19 GB) Used Dev Size : 1953511936 (1863.01 GiB 2000.40 GB) Raid Devices : 4 Total Devices : 4 Persistence : Superblock is persistent Update Time : Mon Jun 11 18:14:26 2012 State : clean, degraded Active Devices : 3 Working Devices : 4 Failed Devices : 0 Spare Devices : 1 Layout : left-symmetric Chunk Size : 512K Name : rsserver:0 (local to host rsserver) UUID : a68c3c99:1ef865e9:5a8a7bdc:64710ed8 Events : 0 Number Major Minor RaidDevice State 0 8 17 0 active sync /dev/sdb1 1 8 33 1 active sync /dev/sdc1 2 8 49 2 active sync /dev/sdd1 3 0 0 3 removed 4 8 65 - spare /dev/sde1 Why is there a spare drive? I didn't create one. I don't want to use a spare drive.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 152 153 154 155 156 157 158 159 160 161 162 163  | Next Page >