Search Results

Search found 13776 results on 552 pages for 'password reset'.

Page 335/552 | < Previous Page | 331 332 333 334 335 336 337 338 339 340 341 342  | Next Page >

• Update get's stuck unpacking bad package, won't continue without it

  - by Shazzner

  Removing the package from cache, and disabling Recommended Updates in Software Sources gives me an error saying I need to install this package. I've tried to update several times, but it keeps hanging on unpacking the ubuntu-sso-client package. Which forces me to hard-reset to unlock the package manager. I've tried: sudo dpkg --configure -a No errors sudo apt-get upgrade --fix-broken Wants me to reinstall said package, resulting in it hanging Removing the package: sudo rm -f /var/cache/apt/archives/ubuntu-sso-client_1.0.8-0ubuntu1_all.deb Results in the same effect, it re-downloads then hangs I can de-select Recommended Updates but I get error messages when I try to update again: E: The package ubuntu-sso-client needs to be reinstalled, but I can't find an archive for it. Which won't let me continue Finally re-enabling the source, I try to remove ubuntu-sso sudo apt-get remove ubuntu-sso-client It removes a bunch of other packages but complains about the package: dpkg: error processing ubuntu-sso-client (--remove): Package is in a very bad inconsistent state - you should reinstall it before attempting a removal. Reinstalling ubuntu-sso-client hangs :( I'm at my wits end, any ideas? I would be nice to install all the other updates but this one is preventing it.

  Read the article

• how to get wireless to work on my HP Compaq nx6325 Notebook on 12.04

  - by user211487

  When my laptop ran XP, the wireless worked perfectly. Now the only way I get internet is having it wired in my living room - which is MASSIVELY inconvenient for me seeing as my room is outside. I have downloaded the driver from 'Additional Drivers', reset my computer (with difficulty, it also doesn't seem to like turning off, so I have to 'kill' it) and still nothing! I have looked all over the internet trying to find solutions but I just cant seem to get it to work. I have a USB wireless stick but I can't load the driver from the CD. I got this comment on a previous question: "Using either Snaptic Package Manager or Ubuntu's own Software Centre, remove "bcmwl-kernel-source" if it's already installed. Next, search for "firmware-b43-installer” and “b43-fwcutter” and install both. Finally, running Software Sources and checking the Additional Drivers tab you should find Broadcom STA Wireless Driver that you can select, install and on reboot hopefully have wireless working ok..." Which I replied: "Right, so I tried to find/remove "bcmwl-kernel-source" but couldn't find anything. I managed to install both "firmware-b43-installer” and “b43-fwcutter” using terminal, after finding out how it worked. And lastly, I couldn't figure out how to find 'Broadcom STA Wireless Driver' - still no more additional drivers. And my wireless is still not working. My laptop has a button that turns wifi on and off and since I put Ubuntu on it, it hasn't worked. And also, my computer still doesn't seem to restart properly - it just gets stuck on the ubuntu loading screen." - hope that helps, somewhat I am VERY new to Linux, not very technical and in need of help! -Running Ubuntu 12.04 32bit on a HP Compaq nx6325 Notebook Thank you to anyone who replies, its much appreciated

  Read the article

• menu not showing in apps when maximized 12.10

  - by chazdg

  I have removed the Global App Menu as I prefer to have the minimize, maximize, close buttons on the right side of each app. I did this with no problem in 12.04. I did an upgrade to 12.10 and noticed that Chrome, Chromium and Firefox all use the Global Menu. I have done the following: sudo apt-get autoremove appmenu-gtk appmenu-gtk3 appmenu-qt I have disabled the Firefox extension. I removed the corresponding Firefox package but still only have a global menu. I tried Gconf but apparently that does not work in 12.10. I then tried Dconf and found this fix on Google: org gnome desktop wm preferences, look for "button_layout" on the right panel. Here is the problem, after desktop, I do not have wm. I reset Unity and got a message saying something about wm is missing. I rebooted and opened Chrome and still no fix. I then clicked maximize and once Chrome was not maximized anymore, the minimize, maximize, close buttons show up in Chrome. Same with Firefox! Any ideas? I am truly stumped. Firefox and Chrome work fine in KDE Plasma and Gnome when maximized.

  Read the article

• Javascript storing data

  - by user985482

  Hi I am a beginner web developer and am trying to build the interface of a simple e-commerce site as a personal project.The site has multiple pages with checkboxes.When someone checks an element it retrives the price of the element and stores it in a variable.But when I go to the next page and click on new checkboxes products the variable automaticly resets to its original state.How can I save the value of that variable in Javascript? This is the code I've writen using sessionStorage but it still dosen't work when I move to next page the value is reseted. How can I wright this code so that i dosen't reset on each page change.All pages on my website use the same script. $(document).ready(function(){ var total = 0; $('input.check').click(function(){ if($(this).attr('checked')){ var check = parseInt($(this).parent().children('span').text().substr(1 , 3)); total+=check; sessionStorage.var_name=0 + total; alert(sessionStorage.var_name); }else{ var uncheck = parseInt($(this).parent().children('span').text().substr(1 , 3)); total-=uncheck; } })

  Read the article

• nVidia 9800 GTX+ X11 fails to initialize. no unity or lightdm

  - by rlemon

  I have just upgraded my work pc to 12.04 (not upgrade, fresh install), installing updates during the install, and after everything has loaded (with no errors) and I restart I get brought to console 1 tty login. Console 7 looks like this: IIRC I did not have to finagle with my drivers on 11.10 to get this card working. If this is in fact a driver bug I will remove this post and submit the bug but i'm not 100% confident that it is. I attempted to run unity --reset and got this: Lastly I tried $ sudo apt-get install nvidia-current which tells me nvidia-current is already the newest version. so I ran $ sudo dpkg-reconfigure nvidia-current which says /usr/sbin/dpkg-reconfigure: nvidia-current is broken or not fully installed. Anything I can try from here would be awesome. Currently the only way to get the system up and running was to shut down, plug one of my monitors into the onboard video, enable the onboard video card from the BIOS, then boot back up (and on my single monitor everything is fine). update So I have been able to boot fresh with the ext card plugged in as long as I don't take the updates with the install. past this if I only install the nvidia drivers (nvidia-current or nvidia-current-updates) from the main server (or canadian) I then get the problems.. My proposal; which I don't know where to look for: Can I try installing the previous version of this driver? In the past, on another machine I had issues with my NIC driver being funky... downgraded to the previous driver and bam everything was merry and well.

  Read the article

• Application that provides unique keys to multiple threads

  - by poly

  Thanks all for your help before. So, this is what I came up with so far, the requirements are, application has two or more threads and each thread requires a unique session/transaction ID. is the below considered thread safe? thread 1 will register itself with get_id by sending it's pid thread 2 will do the same then thread 1 & 2 will call the function to get a unique ID function get_id(bool choice/*register thread or get id*/, pid_t pid) { static int pid[15][1]={0};//not sure if this work, anyway considor any it's been set to 0 by any other way than this static int total_threads = 0; static int i = 0; int x=0,y=0; if (choice) // thread registeration part { for(x=0;x<15;x++) { if (pid[x][0]==0); { pid[x][0] = (int) pid; pid[x][1] = (x & pidx[x][1]) << 24;//initiate counter for this PID by shifting x to the 25th bit, it could be any other bit, it's just to set a range. //so the range will be between 0x0000000 and 0x0ffffff, the second one will be 0x1000000 and 0x1ffffff, break; } total_threads++; } } //search if pid exist or not, if yes return transaction id for(x=0;x<15;x++) { if (pid[x][0]==pid); { pid[x][1]++;//put some test here to reset the number to 0 if it reaches 0x0ffffff return pid[x][1]; break; } } }

  Read the article

• Create Adjustable Depth of Field Photos with a DSLR

  - by Jason Fitzpatrick

  If you’re fascinating by the Lytro camera–a camera that let’s you change the focus after you’ve taken the photo–this DSLR hack provides a similar post-photo focus processing without the $400 price tag. Photography tinkers at The Chaos Collective came up with a clever way of mimicking the adjustable depth-of-field adjustment effect from the Lytro camera. The secret sauce in their technique is setting the camera to manual focus and capturing a short 2-3 second video clip while they rotate the focus through the entire focal range. From there, they use a simple applet to separate out each frame of the video. Check out the interactive demo below: Anywhere you click in the photo shifts the focus to that point, just like the post processing in the Lytro camera. It’s a different approach to the problem but it yields roughly the same output. Hit up the link below for the full run down on their technique and how you can get started using it with your own video-enabled DLSR. Camera HACK: DOF-Changeable Photos with an SLR [via Hack A Day] Secure Yourself by Using Two-Step Verification on These 16 Web Services How to Fix a Stuck Pixel on an LCD Monitor How to Factory Reset Your Android Phone or Tablet When It Won’t Boot

  Read the article

• Need help with the naming convention for an incremental variable [closed]

  - by iStryker

  I am using a voting module, that allows you vote either up or down [or reset]. If you vote up, the value is +1. If you vote down, the value is -1. If you vote up then down, the value is -1. I want to extend this module to allow you to vote multiple times, and the votes to be incremental. Examples Up, Up = +1, +1 = +2 Up, Up, Down = +1, +1, -1 = +1 I want to create a new boolean variable. If FALSE/NULL then use the old system +1/-1. If TRUE, voting will be incremental. What should be the name of this variable be? I feel 'incremental' is not the correct name. This module is part of an open-source project and is used on 3,177+ websites, so I want to get the naming convention right. Naturally, I'll be setting an upper and lower limit the variable be. [ie 5 & 0] Side-question: Is there a mathematics term to describe something being either +1/-1?

  Read the article

• How can I use an object pool for optimization in AndEngine?

  - by coder_For_Life22

  I have read up on a tutorial that allows you to reuse sprites that are re-added to the scene such as bullets from a gun or any other objects using an ObjectPool. In my game i have a variation of sprites about 6 all together with different textures. This is how the object pool is set up with its own class extending Java's GenericPool class public class BulletPool extends GenericPool<BulletSprite> { private TextureRegion mTextureRegion; public BulletPool(TextureRegion pTextureRegion) { if (pTextureRegion == null) { // Need to be able to create a Sprite so the Pool needs to have a TextureRegion throw new IllegalArgumentException("The texture region must not be NULL"); } mTextureRegion = pTextureRegion; } /** * Called when a Bullet is required but there isn't one in the pool */ @Override protected BulletSprite onAllocatePoolItem() { return new BulletSprite(mTextureRegion); } /** * Called when a Bullet is sent to the pool */ @Override protected void onHandleRecycleItem(final BulletSprite pBullet) { pBullet.setIgnoreUpdate(true); pBullet.setVisible(false); } /** * Called just before a Bullet is returned to the caller, this is where you write your initialize code * i.e. set location, rotation, etc. */ @Override protected void onHandleObtainItem(final BulletSprite pBullet) { pBullet.reset(); } } As you see here it takes a TextureRegion parameter. The only problem i am facing with this is that i need to have 6 different sprites recycled and reused in the ObjectPool. This ObjectPool is set up to only use one TextureRegion. Any idea's or suggestions on how to do this?

  Read the article

• Which jar has JBox2d's p5 package

  - by Brantley Blanchard

  Using eclipse, I'm trying to write a simple hello world program in processing that simply draws a rectangle on the screen then has gravity drop it as seen in this Tutorial. The problem is that when I try to import the p5 package, it's not resolving so I can't declare my Physics object. I tried two things. Download the zip, unzip it, then import the 3 jars (library, serialization, & testbed) a. import org.jbox2d.p5.*; doesn't resolve but the others do b. Physics physics; doesn't resolve Download the older standalone testbed jar then import it a. Physics physics; doesn't resolve; Here is basically where I'm starting import org.jbox2d.util.nonconvex.*; import org.jbox2d.dynamics.contacts.*; import org.jbox2d.testbed.*; import org.jbox2d.collision.*; import org.jbox2d.common.*; import org.jbox2d.dynamics.joints.*; import org.jbox2d.p5.*; import org.jbox2d.dynamics.*; import processing.core.PApplet; public class MyFirstJBox2d extends PApplet { Physics physics; public void setup() { size(640,480); frameRate(60); initScene(); } public void draw() { background(0); if (keyPressed) { //Reset everything physics.destroy(); initScene(); } } public void initScene() { physics = new Physics(this, width, height); physics.setDensity(1.0f); physics.createRect(300,200,340,300); } }

  Read the article

• Ubuntu 13.04 Sound Problem after following weird commands

  - by user206356

  After launching a few commands : echo autospawn = no >> ~/.config/pulse/client.conf #use ~/.pulse/client.conf on Ubuntu <= 12.10 killall pulseaudio $LANG=C pulseaudio -vvvv --log-time=1 > ~/pulseverbose.log 2>&1 My sound does not work. (just with the speakers, with headphones it works but I can not change the volume) The sound icon on the top right corner does show a speaker with a single non continuous line. I can not change the volume; it is frozen. There can be an extremely low output of the sound (I hear something but I am not sure...) It does not show a single output device that is avalaible, not even the "dummie". I have tried to reset pulseaudio, alsa, remove it, purging it, reinstalling it, without having success. EDIT: I have tried launching pulseaudio via the terminal. It worked :D However, I am very surprised why it does not automatically start at the start of the computer. Any ideas ? Here the console output : W: [pulseaudio] authkey.c: Failed to open cookie file '/home/simonm/.config/pulse/cookie': No such file or directory W: [pulseaudio] authkey.c: Failed to load authorization key '/home/simonm/.config/pulse/cookie': No such file or directory W: [pulseaudio] authkey.c: Failed to open cookie file '/home/simonm/.pulse-cookie': No such file or directory W: [pulseaudio] authkey.c: Failed to load authorization key '/home/simonm/.pulse-cookie': No such file or directory

  Read the article

• Scaling sprite velocity / co-ordinatesin Android

  - by user22241

  I'm trying to find the answer to a question that I've had for a long time, but am having trouble finding it! I hope someone can help :-) I'm trying to find information on how to scale sprite velocity / movement / co-ordinates. What I mean by this is how do I get a sprite to move at the same speed relative to the screen size / DPI so that it takes the same amount of real-time to get from one side of the screen to the other? All of the posts pertaining to sprite scaling that I can find on the various forums relate to the size of the sprite, but this part of it I'm OK with so far, it's just that when I move a sprite, it kind of gets there at different speed depending on the dpi / resolution of the device. I hope I'm making sense. This is the code I have so far, instead of using explicit amounts, like 1, I'm using something like the following: platSpeedFloat= (1 * (dpi/160)); //Use '1' so on an MDPI screen, the sprite will move by 1 physical pixel Then basically what I'm doing is something like this: (all varialble previously declared) platSpeedSave+=platSpeedFloat; //Add the platSpeedFloat value to the current platSpeedSave value platSpeed=(int) platSpeedSave; //Cast to int so it can be checked in the following statement if (platSpeed==platSpeedSave) //Check the casted int value to float value stored previoiusly {floorY=floorY-platSpeed; //If they match then change the Y value platSpeedSave=0;} //Reset Would be grateful if someone could assists - hope I'm making sense. The above doesn't seems to work the sprite moves 'faster' on lower DPI screens. Thanks

  Read the article

• Best practice for storing information from a php script for future use

  - by tRudgeF3llow

  My employer uses forms to help people search for products. The product lists can change from time to time and the forms need to be updated again. The product information can be accessed through a third party API which I started tinkering with, I've recently built a script that retrieves the information with PHP and creates and populates a form dynamically with Javascript. So far so good, but... There are limitations to the API, mainly it can only be accessed a certain number of times per hour, it is probably more than my form/script would use but I want to create a script that is minimally intrusive. My main question is... What is the best practice for accessing the information once and storing it long enough to let the API reset? I was wondering about creating a cookie but there is the possibility of users that have them disabled. (Also, I am doing this as a personal project but I like the people I work for and I think this would help them out.) Thanks in advance.

  Read the article

• Object array updates one instance repeatedly [on hold]

  - by MGN001

  I'm making a 2D shooter, and the player object holds an array of bullets that represent how many shots the player can have on screen at once. At least, this is what I'm trying for. What's happening is that each time any of the objects in the array is called, it seems to update a single object in memory. So, if I fire and then fire again, the object "starts over" from where I shot from and moves twice as fast. I've spent weeks trying to fix this and I've managed nothing. Hopefully another pair of eyes will see something I've missed. Player.cpp #include "Player.h" const int startLives = 3; const int maxHealth = 2; const float speed = 1; const int maxVelocity = 500; const int topBound = WINDOW_HEIGHT / 5 * 3; const int slowRate = 500; const int accRate = 1000; const int maxBullets = 5; const float spriteWidth = 99; const float spriteHeight = 75; const Vector2f startPosition = { (WINDOW_WIDTH / 2) - (spriteWidth / 2), (WINDOW_HEIGHT / 4 * 3) - (spriteHeight / 2) }; Bullet bullets[maxBullets]; Bullet * bulletPointers[maxBullets]; SDL_Texture * playerHealthy; SDL_Texture * playerDamaged; SDL_Texture * currentSprite; SDL_Rect * rect; Vector2f position; Vector2f velocity; int Health; int Lives; Player::Player() { rect = new SDL_Rect(); } Player::~Player() { SDL_DestroyTexture(playerHealthy); SDL_DestroyTexture(playerDamaged); SDL_DestroyTexture(currentSprite); rect = NULL; } void Player::Initialize(SDL_Renderer * renderer) { SDL_Surface * temp; temp = IMG_Load(".\\Sprites\\player.png"); if (temp == NULL) { printf("Initialization Error: %s\n", IMG_GetError()); exit(PLAYER_INITIALIZATION_ERROR); } playerHealthy = SDL_CreateTextureFromSurface(renderer, temp); temp = IMG_Load(".\\Sprites\\playerDamaged.png"); if (temp == NULL) { printf("Initialization Error: %s\n", IMG_GetError()); exit(PLAYER_INITIALIZATION_ERROR); } playerDamaged = SDL_CreateTextureFromSurface(renderer, temp); temp = IMG_Load(".\\Sprites\\laserGreen.png"); if (temp == NULL) { printf("Initialization Error: %s\n", IMG_GetError()); exit(PLAYER_INITIALIZATION_ERROR); } SDL_Texture * bullet = SDL_CreateTextureFromSurface(renderer, temp); temp = IMG_Load(".\\Sprites\\laserGreenShot.png"); if (temp == NULL) { printf("Initialization Error: %s\n", IMG_GetError()); exit(PLAYER_INITIALIZATION_ERROR); } SDL_Texture * explosion = SDL_CreateTextureFromSurface(renderer, temp); for (int i = 0; i < maxBullets; i++) { bullets[i].Initialize(renderer, bullet, explosion); bulletPointers[i] = NULL; } temp = NULL; rect->h = spriteHeight; rect->w = spriteWidth; Reset(); } void Player::Update(Input input, float deltaTime) { if (abs(velocity.x) < slowRate * deltaTime) { velocity.x = 0; } else if (velocity.x > 0) { velocity.x -= slowRate * deltaTime; } else if (velocity.x < 0) { velocity.x += slowRate * deltaTime; } if (abs(velocity.y) < slowRate * deltaTime) { velocity.y = 0; } if (velocity.y > 0) { velocity.y -= slowRate * deltaTime; } else if (velocity.y < 0) { velocity.y += slowRate * deltaTime; } if (Health <= 0) { --Lives; Spawn(); } velocity.x += UnitVector(input.InputNew.movement).x * accRate * deltaTime; velocity.y += UnitVector(input.InputNew.movement).y * accRate * deltaTime; if (Magnitude(velocity) > maxVelocity) { velocity.x = UnitVector(velocity).x * maxVelocity; velocity.y = UnitVector(velocity).y * maxVelocity; } position.x += velocity.x * deltaTime * speed; position.y += velocity.y * deltaTime * speed; if (input.InputNew.JumpLeft && !input.InputOld.JumpLeft) { position.x -= spriteWidth; } if (input.InputNew.JumpRight && !input.InputOld.JumpRight) { position.x += spriteWidth; } Boundaries(); rect->x = position.x; rect->y = position.y; if (input.InputNew.Fire && !input.InputOld.Fire) { Fire(); } for (int i = 0; i < maxBullets; ++i) { if (bulletPointers[i] != NULL) { bullets[i].Update(deltaTime); if (bullets[i].getPosition().y < -33) { bulletPointers[i] = NULL; } } } } void Player::Draw(SDL_Renderer * renderer) { for (int i = 0; i < maxBullets; ++i) { if (bulletPointers[i] != NULL) { bullets[i].Draw(renderer); } } SDL_RenderCopy(renderer, currentSprite, NULL, rect); } void Player::Spawn() { position = startPosition; Health = maxHealth; currentSprite = playerHealthy; rect->x = position.x; rect->y = position.y; } void Player::Boundaries() { if (position.x < 0) { position.x = 0; velocity.x *= -1; } else if (position.x > WINDOW_WIDTH - spriteWidth) { position.x = WINDOW_WIDTH - spriteWidth; velocity.x *= -1; } if (position.y < topBound) { position.y = topBound; velocity.y *= -1; } else if (position.y > WINDOW_HEIGHT - spriteHeight) { position.y = WINDOW_HEIGHT - spriteHeight; velocity.y *= -1; } } int Player::getLives() { return Lives; } void Player::Reset() { Lives = startLives; Spawn(); } void Player::Fire() { for (int i = 0; i < maxBullets; ++i) { if (bulletPointers[i] == NULL) { bulletPointers[i] = &bullets[i]; bullets[i].Fire(position,velocity.x/2); break; } } } Bullet.cpp #include "Bullet.h" const int speed = 500; Vector2f bulletVelocity; float ExplosionMax = 0.5f; float ExplosionTimer; const Vector2f fireOffset = { 45.5f, 10.0f }; const Vector2f explosionOffset = { 23.5f, -27.0f }; const Vector2i bulletSize = { 9, 33 }; const Vector2i explosionSize = { 56, 54 }; Vector2f bulletPosition; SDL_Texture * bulletSprite; SDL_Texture * explosionSprite; SDL_Texture * bulletCurrentSprite; SDL_Rect * bulletRect; Bullet::Bullet() { } Bullet::~Bullet() { } void Bullet::Initialize(SDL_Renderer * renderer, SDL_Texture * bullet, SDL_Texture * explosion) { bulletSprite = bullet; explosionSprite = explosion; bulletRect = new SDL_Rect(); } void Bullet::Update(float deltaTime) { bulletPosition.y -= bulletVelocity.y * deltaTime; bulletPosition.x += bulletVelocity.x * deltaTime; bulletRect->x = static_cast<int>(bulletPosition.x); bulletRect->y = static_cast<int>(bulletPosition.y); } void Bullet::Draw(SDL_Renderer * renderer) { SDL_RenderCopy(renderer, bulletCurrentSprite, NULL, bulletRect); } void Bullet::Fire(Vector2f pos, float xSpeed) { bulletPosition.x = pos.x + fireOffset.x; bulletPosition.y = pos.y + fireOffset.y; bulletVelocity.x = xSpeed; bulletVelocity.y = speed; bulletCurrentSprite = bulletSprite; bulletRect->h = bulletSize.y; bulletRect->w = bulletSize.x; bulletRect->x = static_cast<int>(bulletPosition.x); bulletRect->y = static_cast<int>(bulletPosition.y); } Vector2f Bullet::getPosition() { return bulletPosition; } void Bullet::Hit() { bulletCurrentSprite = explosionSprite; bulletVelocity = { 0.0f, 0.0f }; ExplosionTimer = ExplosionMax; bulletPosition.x += explosionOffset.x; bulletPosition.y += explosionOffset.y; bulletRect->w = explosionSize.x; bulletRect->h = explosionSize.y; }

  Read the article

• When should I decline to make a requested change?

  - by reuscam

  I work on the software side of a company that provides custom hardware with software running on top of it. Often times the hardware is not engineered well. In those cases, I am often asked first to troubleshoot the problem - of course the symptom is always "your software crashed" or something along those lines. Just recently we had another one of these incidents where power on a USB line is not reliable, and it causes a USB device to fail. This causes a usability problem in one of our applications. I have been asked by upper management to handle this better - continually monitor the USB device, and if it disappears, then reboot, or try to reset it. Doing either of these is not guaranteed to fix anything. Ultimately, the real fix is to correct the reliability of the device from the hardware side. I could improve performance, but not to 100%, and of course I would be using my already limited time to bloat code and add yet another device monitoring thread. So with all that said, how do I make a good decision about when to say that this needs to be a hardware fix, and only a hardware fix? Can I approach this quantitatively, and come up with some sort of definitive yes/no test? I'm sure its not that easy.

  Read the article

• Apache SSO through Kerberos using Machine Account

  - by watkipet

  I'm attempting to get Apache on Ubuntu 12.04 to authenticate users via Kerberos SSO to a Windows 2008 Active Directory server. Here are a few things that make my situation different: I don't have administrative access to the Windows Server (nor will I ever have access). I also cannot have any changes to the server made on my behalf. I've joined Ubuntu server to the Active Directory using PBIS open. Users can log into the Ubuntu server using their AD credentials. kinit also works fine for each user. Since I can't change AD (except for adding new machines and SPNs), I cannot add a service account for Apache on Ubuntu. Since I can't add I service account, I have to use the machine keytab (/etc/krb5.keytab), or at least use the machine password in another keytab. Right now I'm using the machine keytab and giving Apache readonly access (bad idea, I know). I've already added the SPN using net ads keytab add HTTP -U Since I'm using Ubuntu 12.04, the only encoding types that get added during "net ads keytab add" are arcfour-hmac, des-cbc-crc, and des-cbc-md5. PBIS adds the AES encoding types to the host and cifs principals when it joins the domain, but I have yet to get "net ads keytab add" to do this. ktpass and setspn are out of the question because of #1 above. I've configured (for Kerberos SSO) and tested both IE 8 Firefox. I'm using the following configuration in my Apache site config: <Location /secured> AuthType Kerberos AuthName "Kerberos Login" KrbMethodNegotiate On KrbMethodK5Passwd On KrbAuthRealms DOMAIN.COM Krb5KeyTab /etc/krb5.keytab KrbLocalUserMapping On require valid-user </Location> When Firefox tries to connect get the following in Apache's error.log (LogLevel debug): [Wed Oct 23 13:48:31 2013] [debug] src/mod_auth_kerb.c(1628): [client 192.168.0.2] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos [Wed Oct 23 13:48:31 2013] [debug] mod_deflate.c(615): [client 192.168.0.2] Zlib: Compressed 477 to 322 : URL /secured [Wed Oct 23 13:48:37 2013] [debug] src/mod_auth_kerb.c(1628): [client 192.168.0.2] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos [Wed Oct 23 13:48:37 2013] [debug] src/mod_auth_kerb.c(994): [client 192.168.0.2] Using HTTP/[email protected] as server principal for password verification [Wed Oct 23 13:48:37 2013] [debug] src/mod_auth_kerb.c(698): [client 192.168.0.2] Trying to get TGT for user [email protected] [Wed Oct 23 13:48:37 2013] [debug] src/mod_auth_kerb.c(609): [client 192.168.0.2] Trying to verify authenticity of KDC using principal HTTP/[email protected] [Wed Oct 23 13:48:37 2013] [debug] src/mod_auth_kerb.c(652): [client 192.168.0.2] krb5_rd_req() failed when verifying KDC [Wed Oct 23 13:48:37 2013] [error] [client 192.168.0.2] failed to verify krb5 credentials: Decrypt integrity check failed [Wed Oct 23 13:48:37 2013] [debug] src/mod_auth_kerb.c(1073): [client 192.168.0.2] kerb_authenticate_user_krb5pwd ret=401 user=(NULL) authtype=(NULL) [Wed Oct 23 13:48:37 2013] [debug] mod_deflate.c(615): [client 192.168.0.2] Zlib: Compressed 477 to 322 : URL /secured When IE 8 tries to connect I get: [Wed Oct 23 14:03:30 2013] [debug] src/mod_auth_kerb.c(1628): [client 192.168.0.2] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos [Wed Oct 23 14:03:30 2013] [debug] mod_deflate.c(615): [client 192.168.0.2] Zlib: Compressed 477 to 322 : URL /secured [Wed Oct 23 14:03:30 2013] [debug] src/mod_auth_kerb.c(1628): [client 192.168.0.2] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos [Wed Oct 23 14:03:30 2013] [debug] src/mod_auth_kerb.c(1240): [client 192.168.0.2] Acquiring creds for HTTP@apache_server [Wed Oct 23 14:03:30 2013] [debug] src/mod_auth_kerb.c(1385): [client 192.168.0.2] Verifying client data using KRB5 GSS-API [Wed Oct 23 14:03:30 2013] [debug] src/mod_auth_kerb.c(1401): [client 192.168.0.2] Client didn't delegate us their credential [Wed Oct 23 14:03:30 2013] [debug] src/mod_auth_kerb.c(1420): [client 192.168.0.2] GSS-API token of length 9 bytes will be sent back [Wed Oct 23 14:03:30 2013] [debug] src/mod_auth_kerb.c(1101): [client 192.168.0.2] GSS-API major_status:000d0000, minor_status:000186a5 [Wed Oct 23 14:03:30 2013] [error] [client 192.168.0.2] gss_accept_sec_context() failed: Unspecified GSS failure. Minor code may provide more information (, ) [Wed Oct 23 14:03:30 2013] [debug] mod_deflate.c(615): [client 192.168.0.2] Zlib: Compressed 477 to 322 : URL /secured Let me know if you'd like additional log and config files--the initial question is getting long enough.

  Read the article

• Can't get MySQL to install

  - by James Marthenal

  I'd like to think I know what I'm doing in a Unix shell but maybe not. I made a mistake in a configuration file for MySQL, so I decided to just uninstall it and then reinstall it, so I did: sudo apt-get --purge remove mysql-server mysql-server-5.0 mysql-client The files were deleted, so I then tried to install it, but it didn't ask me for a root password or anything else, so I uninstalled it using the above command again and then did sudo rm -rf /etc/mysql sudo rm /etc/init.d/mysql sudo rm -rf /var/lib/mysql* I then restarted the computer then installed it again: sudo apt-get install mysql-server mysql-client It asked for a root password, and everything looked like it would work, until I saw this: $ sudo apt-get install mysql-server mysql-client Reading package lists... Done Building dependency tree Reading state information... Done The following extra packages will be installed: mysql-server-5.0 Suggested packages: tinyca The following NEW packages will be installed: mysql-client mysql-server mysql-server-5.0 0 upgraded, 3 newly installed, 0 to remove and 1 not upgraded. Need to get 0B/27.4MB of archives. After this operation, 86.7MB of additional disk space will be used. Do you want to continue [Y/n]? y WARNING: The following packages cannot be authenticated! mysql-server-5.0 mysql-client mysql-server Authentication warning overridden. Preconfiguring packages ... Can't exec "/tmp/mysql-server-5.0.config.28101": Permission denied at /usr/share/perl/5.10/IPC/Open3.pm line 168. open2: exec of /tmp/mysql-server-5.0.config.28101 configure failed at /usr/share/perl5/Debconf/ConfModule.pm line 59 mysql-server-5.0 failed to preconfigure, with exit status 255 Selecting previously deselected package mysql-server-5.0. (Reading database ... 160284 files and directories currently installed.) Unpacking mysql-server-5.0 (from .../mysql-server-5.0_5.0.51a-24+lenny5_amd64.deb) ... Selecting previously deselected package mysql-client. Unpacking mysql-client (from .../mysql-client_5.0.51a-24+lenny5_all.deb) ... Selecting previously deselected package mysql-server. Unpacking mysql-server (from .../mysql-server_5.0.51a-24+lenny5_all.deb) ... Processing triggers for man-db ... Setting up mysql-server-5.0 (5.0.51a-24+lenny5) ... Stopping MySQL database server: mysqld. /var/lib/dpkg/info/mysql-server-5.0.postinst: line 144: /etc/mysql/conf.d/old_passwords.cnf: No such file or directory dpkg: error processing mysql-server-5.0 (--configure): subprocess post-installation script returned error exit status 1 Setting up mysql-client (5.0.51a-24+lenny5) ... dpkg: dependency problems prevent configuration of mysql-server: mysql-server depends on mysql-server-5.0; however: Package mysql-server-5.0 is not configured yet. dpkg: error processing mysql-server (--configure): dependency problems - leaving unconfigured Errors were encountered while processing: mysql-server-5.0 mysql-server E: Sub-process /usr/bin/dpkg returned an error code (1) Now I can't seem to figure out what to do. I just want to get a clean MySQL installation at this point. I'm running the latest stable release of Debian. All help is appreciated—thanks! Edit: I looked at this similar question, which suggests that I uninstall mysql-common, but when I try to do so I see: The following packages will be REMOVED: apache2 apache2-mpm-prefork apache2-utils apache2.2-common git-svn libapache2-mod-php5 libapache2-mod-python libapache2-svn libaprutil1 libdbd-mysql-perl libdbd-mysql-rubygem libmysql-ruby libmysql-ruby1.8 libmysql-rubygem libmysqlclient15-dev libmysqlclient15off librdf-perl librdf0 libserf-0-0 libsvn-perl libsvn1 mysql-client-5.0 mysql-common mytop ndn-apache22-php5 ndn-apache22-svn ndn-interpreters ndn-lighttpd ndn-netsaint-plugins ndn-perl-modules ndn-php5-cgi ndn-php5-xcache ndn-php53 ndn-php53-suhosin ndn-rubygems php5 php5-mcrypt php5-mysql proftpd proftpd-mod-mysql python-django python-mysqldb python-subversion python-svn subversion subversion-tools trac zendoptimizer 0 upgraded, 0 newly installed, 48 to remove and 1 not upgraded. Eeek! Any suggestions?

  Read the article

• Configuring Cisco 877W router from scratch for DHCP, WiFi, ADSL2+, NAT

  - by David M Williams

  Hi all, I apologise if this is a BIG question but I am quite lost with the Cisco IOS. I know what I want to achieve just not how to do it :( I have a Cisco 877W router with 4 FastEthernet interfaces, 1 ATM interface and 1 802.11 Radio. I want to set it up for a small network and am trying to construct a configuration below. I was using Google to try and flesh it out but I think I need help and guidance from actual experts! If it helps, output from show ver says Cisco IOS software, C870 software (C870-ADVSECURITYK9-M), version 12.4(4)T7, release software (fc1) ROM: System bootstrap, version 12.3(8r)YI4, release software Here's what I have so far, which hopefully outlines clearly enough what I am wanting to do. The bits in angle brackets are placeholders (eg the secret password). ! ! Set router hostname ! hostname Shazam ! ! Set usernames and passwords ! username david privilege 15 secret 0 <PASSWORD> enable secret <SECRETPASSWORD> ! ! Configure SSH and telnet access ! line vty 0 4 privilege level 15 login local transport input telnet ssh ! ! Local logging ! logging buffered 51200 warning ! ! Set date and time for NSW, Australia (GMT +10h) ! ! ! Set router IP address to 192.168.1.1 on FastEthernet0 port ! interface FastEthernet0 ip address 192.168.1.1 255.255.255.0 no shut ip nat inside ! ! Forward any unknown DNS requests to Google ! ip dns server ip name-server 8.8.8.8 ip name-server 8.8.4.4 ! ! Set up DHCP ! DHCP pool covers 192.168.1.100 - .199 ! Set gateway and DNS server to be the router, ie 192.168.1.1 ! service dhcp ip routing ip dhcp excluded-address 192.168.1.1 192.168.1.99 ip dhcp excluded-address 192.168.1.200 192.168.1.255 ip dhcp pool <DHCPPOOLNAME> network 192.168.1.0 255.255.255.0 default-router 192.168.1.1 dns-server 192.168.1.1 lease 7 ! ! DHCP reservations ! ! Assign IP address 192.168.1.105 to MAC address 00-21-5D-2F-58-04 ! ! Configure ADSL2 connection details ! interface atm dsl operating-mode adsl2+ ! ! Set up NAT rules ! ! Forward port 35394 to 192.168.1.105 ! ! Set up WiFi ! ! SSID visible, WPA2 security, Pre-shared key I'm hoping most of this is boiler-plate stuff to you guys. I'm keen to not just get a working script but to actually understand it also. Unfortunately, I'm finding the Cisco reference material online very complex. Thank you!

  Read the article

• Windows 7 Samba issue

  - by abduls85

  We have a strange samba issue affecting only one user. Our samba setup is as follow : Red Hat Enterprise Linux Server release 5.4 (Tikanga) - Samba Server Samba version 3.0.33-3.14.el5 - Samba version Domain Controller WIN2008R2 Standard - Windows DC Windows 7 64 bit - Client PCs User mentioned that he faced this problem after he force shutdown his PC few weeks ago. By right, for all users when we access \\sambaservername in windows it will show all the shares in the samba server but for this user once he startup his PC he will not be able to access \\sambaservername, Error message Windows cannot access \\sambaservername Current workaround to solve the problem : Try to access one share in \\sambaservername for instance \\sambaservername\sharedfolder1. But even when doing so, it will first prompt an error in the beginning, error message is as follows Logon failure: unknown user name or bad password. user need to enter the credentials again and he can access the share. Thereafter, he will be able to access \\sambaservername without any issues. But once he reboots his computer the problem will persists. Troubleshooting done so far: Ensure the following settings: Go to: Control Panel → Administrative Tools → Local Security Policy Select: Local Policies → Security Options "Network security: LAN Manager authentication level" → Send LM & NTLM responses "Minimum session security for NTLM SSP" → uncheck: Require 128-bit encryption Advise user to reset his password and try again but problem still persists Tried my account on users' PC, there is no issues. Tried user account on serveral other Windows 7 PC including mine but problem still persists. Windows XP does not have this problem. Ensure that there is no stored crendentials on the windows 7 PC. Checked the credentials manager in Control Panel as well as typing this command rundll32.exe keymgr.dll, KRShowKeyMgr Restart winbindd daemon on samba server but to no avail. I suspect this is due to some caching issue but not sure where is the issue. Whenever the user has error accessing \\sambaservername, the following errors will be logged in the samba server : [2012/10/10 17:10:26, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! But after workaround, there will be no more errors. I suspect after reading the article listed below some amendments need to be made to the \var\samba\cache directory : http://www.linuxquestions.org/questions/linux-server-73/getent-passwd-dont-show-ad-groups-and-users-745829/ http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/tdb.html http://lists.samba.org/archive/samba/2010-May/155521.html http://lists.samba.org/archive/samba/2011-March/161912.html http://lzeit.blogspot.sg/2009/10/samba-shares-inaccessible-after-power.html There are several users using the samba server and i would like to solve this problem without any impacts. I saw the following article : http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#WINBINDCACHETIME "winbind offline logon (G) This parameter is designed to control whether Winbind should allow to login with the pam_winbind module using Cached Credentials. If enabled, winbindd will store user credentials from successful logins encrypted in a local cache. Default: winbind offline logon = false Example: winbind offline logon = true " Any idea on how to delete the entry for one user in the local cache ?

  Read the article

• Permissions restoring from Time Machine - Finder copy vs "cp" copy

  - by Ben Challenor

  Note: this question was starting to sprawl so I rewrote it. I have a folder that I'm trying to restore from a Time Machine backup. Using cp -R works fine, but certain folders cannot be restored with either the Time Machine UI or Finder. Other users have reported similar errors and the cp -R workaround was suggested (e.g. Restoring from Time Machine - Permissions Error). But I wanted to understand: Why cp -R works when the Finder and the Time Machine UI do not. Whether I could prevent the errors by changing file permissions before the backup. There do indeed seem to be some permissions that Finder works with and some that it does not. I've narrowed the errors down to folders with the user ben (that's me) and the group wheel. Here's a simplified reproduction. I have four folders with the owner/group combinations I've seen so far: ben ~/Desktop/test $ ls -lea total 16 drwxr-xr-x 7 ben staff 238 27 Nov 14:31 . drwx------+ 17 ben staff 578 27 Nov 14:29 .. 0: group:everyone deny delete -rw-r--r--@ 1 ben staff 6148 27 Nov 14:31 .DS_Store drwxr-xr-x 3 ben staff 102 27 Nov 14:30 ben-staff drwxr-xr-x 3 ben wheel 102 27 Nov 14:30 ben-wheel drwxr-xr-x 3 root admin 102 27 Nov 14:31 root-admin drwxr-xr-x 3 root wheel 102 27 Nov 14:31 root-wheel Each contains a single file called file with the same owner/group: ben ~/Desktop/test $ cd ben-staff ben ~/Desktop/test/ben-staff $ ls -lea total 0 drwxr-xr-x 3 ben staff 102 27 Nov 14:30 . drwxr-xr-x 7 ben staff 238 27 Nov 14:31 .. -rw-r--r-- 1 ben staff 0 27 Nov 14:30 file In the backup, they look like this: ben /Volumes/Deimos/Backups.backupdb/Ben’s MacBook Air/Latest/Macintosh HD/Users/ben/Desktop/test $ ls -leA total 16 -rw-r--r--@ 1 ben staff 6148 27 Nov 14:34 .DS_Store 0: group:everyone deny write,delete,append,writeattr,writeextattr,chown drwxr-xr-x@ 3 ben staff 102 27 Nov 14:51 ben-staff 0: group:everyone deny add_file,delete,add_subdirectory,delete_child,writeattr,writeextattr,chown drwxr-xr-x@ 3 ben wheel 102 27 Nov 14:51 ben-wheel 0: group:everyone deny add_file,delete,add_subdirectory,delete_child,writeattr,writeextattr,chown drwxr-xr-x@ 3 root admin 102 27 Nov 14:52 root-admin 0: group:everyone deny add_file,delete,add_subdirectory,delete_child,writeattr,writeextattr,chown drwxr-xr-x@ 3 root wheel 102 27 Nov 14:52 root-wheel 0: group:everyone deny add_file,delete,add_subdirectory,delete_child,writeattr,writeextattr,chown Of these, ben-staff can be restored with Finder without errors. root-wheel and root-admin ask for my password and then restore without errors. But ben-wheel does not prompt for my password and gives the error: The operation can’t be completed because you don’t have permission to access “file”. Interestingly, I can restore the file from this folder by dragging it directly to my local drive (instead of dragging its parent folder), but when I do so its permissions are changed to ben/staff. Here are the permissions after the restore for the three folders that worked correctly, and the file from ben-wheel that was changed to ben/staff. ben ~/Desktop/test-restore $ ls -leA total 16 -rw-r--r--@ 1 ben staff 6148 27 Nov 14:46 .DS_Store drwxr-xr-x 3 ben staff 102 27 Nov 14:30 ben-staff -rw-r--r-- 1 ben staff 0 27 Nov 14:30 file drwxr-xr-x 3 root admin 102 27 Nov 14:31 root-admin drwxr-xr-x 3 root wheel 102 27 Nov 14:31 root-wheel Can anyone explain this behaviour? Why do Finder and the Time Machine UI break with the ben / wheel permissions? And why does cp -R work (even without sudo)?

  Read the article

• Initial Cisco ASA 5510 Config

  - by Brendan ODonnell

  Fair warning, I'm a but of a noob so please bear with me. I'm trying to set up a new ASA 5510. I have a pretty simple set up with one /24 on the inside NATed to a DHCP address on the outside. Everything on the inside works and I can ping the outside interface from external devices. No matter what I do I can't get anything internal to route across the border to the outside and back. To try and eliminate ACL issues as a possibility I added permit any any rules to the incoming access lists on the inside and outside interfaces. I'd appreciate any help I can get. Here's the sh run. : Saved : ASA Version 8.4(3) ! hostname gateway domain-name xxx.local enable password xxx encrypted passwd xxx encrypted names ! interface Ethernet0/0 nameif outside security-level 0 ip address dhcp setroute ! interface Ethernet0/1 nameif inside security-level 100 ip address 10.x.x.x 255.255.255.0 ! interface Ethernet0/2 shutdown no nameif no security-level no ip address ! interface Ethernet0/3 shutdown no nameif no security-level no ip address ! interface Management0/0 nameif management security-level 100 ip address 192.168.1.1 255.255.255.0 management-only ! ftp mode passive dns domain-lookup inside dns server-group DefaultDNS name-server 10.x.x.x domain-name xxx.local same-security-traffic permit inter-interface same-security-traffic permit intra-interface object network inside-network subnet 10.x.x.x 255.255.255.0 object-group protocol TCPUDP protocol-object udp protocol-object tcp access-list outside_access_in extended permit ip any any access-list inside_access_in extended permit ip any any pager lines 24 logging enable logging buffered informational logging asdm informational mtu management 1500 mtu inside 1500 mtu outside 1500 no failover icmp unreachable rate-limit 1 burst-size 1 icmp permit any inside icmp permit any outside no asdm history enable arp timeout 14400 ! object network inside-network nat (any,outside) dynamic interface access-group inside_access_in in interface inside access-group outside_access_in in interface outside timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy user-identity default-domain LOCAL aaa authentication ssh console LOCAL aaa authentication http console LOCAL http server enable http 192.168.1.0 255.255.255.0 management http 10.x.x.x 255.255.255.0 inside http authentication-certificate management http authentication-certificate inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart telnet timeout 5 ssh 192.168.1.0 255.255.255.0 management ssh 10.x.x.x 255.255.255.0 inside ssh timeout 5 ssh version 2 console timeout 0 dhcp-client client-id interface outside dhcpd address 192.168.1.2-192.168.1.254 management dhcpd enable management ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept webvpn username xxx password xxx encrypted ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options inspect icmp ! service-policy global_policy global prompt hostname context no call-home reporting anonymous Cryptochecksum:fe19874e18fe7107948eb0ada6240bc2 : end no asdm history enable

  Read the article

• Cisco ASA 5505 site to site IPSEC VPN won't route from multiple LANs

  - by franklundy

  Hi I've set up a standard site to site VPN between 2 ASA 5505s (using the wizard in ASDM) and have the VPN working fine for traffic between Site A and Site B on the directly connected LANs. But this VPN is actually to be used for data originating on LAN subnets that are one hop away from the directly connected LANs. So actually there is another router connected to each ASA (LAN side) that then route to two completely different LAN ranges, where the clients and servers reside. At the moment, any traffic that gets to the ASA that has not originated from the directly connected LAN gets sent straight to the default gateway, and not through the VPN. I've tried adding the additional subnets to the "Protected Networks" on the VPN, but that has no effect. I have also tried adding a static route to each ASA trying to point the traffic to the other side, but again this hasn't worked. Here is the config for one of the sites. This works for traffic to/from the 192.168.144.x subnets perfectly. What I need is to be able to route traffic from 10.1.0.0/24 to 10.2.0.0/24 for example. ASA Version 8.0(3) ! hostname Site1 enable password ** encrypted names name 192.168.144.4 Site2 ! interface Vlan1 nameif inside security-level 100 ip address 192.168.144.2 255.255.255.252 ! interface Vlan2 nameif outside security-level 0 ip address 10.78.254.70 255.255.255.252 (this is a private WAN circuit) ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! passwd ** encrypted ftp mode passive access-list inside_access_in extended permit ip any any access-list outside_access_in extended permit icmp any any echo-reply access-list outside_1_cryptomap extended permit ip 192.168.144.0 255.255.255.252 Site2 255.255.255.252 access-list inside_nat0_outbound extended permit ip 192.168.144.0 255.255.255.252 Site2 255.255.255.252 pager lines 24 logging enable logging asdm informational mtu inside 1500 mtu outside 1500 icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-603.bin no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 0.0.0.0 0.0.0.0 access-group inside_access_in in interface inside access-group outside_access_in in interface outside route outside 0.0.0.0 0.0.0.0 10.78.254.69 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout uauth 0:05:00 absolute dynamic-access-policy-record DfltAccessPolicy aaa authentication ssh console LOCAL http server enable http 0.0.0.0 0.0.0.0 outside http 192.168.1.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto map outside_map 1 match address outside_1_cryptomap crypto map outside_map 1 set pfs crypto map outside_map 1 set peer 10.78.254.66 crypto map outside_map 1 set transform-set ESP-3DES-SHA crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 no crypto isakmp nat-traversal telnet timeout 5 ssh 0.0.0.0 0.0.0.0 outside ssh timeout 5 console timeout 0 management-access inside threat-detection basic-threat threat-detection statistics port threat-detection statistics protocol threat-detection statistics access-list group-policy DfltGrpPolicy attributes vpn-idle-timeout none username enadmin password * encrypted privilege 15 tunnel-group 10.78.254.66 type ipsec-l2l tunnel-group 10.78.254.66 ipsec-attributes pre-shared-key * ! ! prompt hostname context

  Read the article

• iptables DNS resolution

  - by Favolas

  I have a virtual machine with Fedora 19 acting as a router. This machine as an interface (p8p1) with the IP 172.16.1.254 that is connected to another machine (IP 172.16.1.1) that's simulating the external network. I've installed snort 2.9.2.2, applied the snortsam-2.9.2.2.diff.gz patch and installed snortsam 2.70 on the routermachine In snort.conf besides altering some RULE_PATH I believe I've only added the following line to the file. output alert_fwsam: 127.0.0.1:898/password After doing this two comands: ifconfig p8p1 promisc /usr/local/snort/bin/snort -v -i p8p1 If I ping from the external network to the router IP, I can see the info about the pings. One of the rules that I have is icmp-info.rules that as this single line: alert icmp $EXTERNAL_NET any -> $HOME_NET any (msg:"ICMP-INFO Echo Reply"; icode:0; itype:0; classtype:misc-activity; sid:408; rev:6;fwsam: src, 5 minutes;) snortsam.conf as this data: defaultkey password accept localhost keyinterval 30 minutes dontblock 192.168.1.1 # rede local rollbackhosts 50 rollbackthreshold 20 / 30 secs rollbacksleeptime 1 minute logfile /var/log/snort/snortsam.log loglevel 3 daemon nothreads # linha importante para gerar os bloqueios via iptables iptables p8p1 LOG bindip 127.0.0.1 Now I run this command: /usr/local/snort/bin/snort -u snort -i p8p1 -c /etc/snort/snort.conf -l /var/log/snort -Dq Terminal gives this message: Spawning daemon child... My daemon child 2080 lives... Daemon parent exiting (0) and when I runsnortsam in terminal i got this: SnortSam, v 2.70. Copyright (c) 2001-2009 Frank Knobbe . All rights reserved. Plugin 'fwsam': v 2.5, by Frank Knobbe Plugin 'fwexec': v 2.7, by Frank Knobbe Plugin 'pix': v 2.9, by Frank Knobbe Plugin 'ciscoacl': v 2.12, by Ali Basel <[email protected]> Plugin 'cisconullroute': v 2.5, by Frank Knobbe Plugin 'cisconullroute2': v 2.2, by Wouter de Jong <[email protected]> Plugin 'netscreen': v 2.10, by Frank Knobbe Plugin 'ipchains': v 2.8, by Hector A. Paterno <[email protected]> Plugin 'iptables': v 2.9, by Fabrizio Tivano <[email protected]>, Luis Marichal <[email protected]> Plugin 'ebtables': v 2.4, by Bruno Scatolin <[email protected]> Plugin 'watchguard': v 2.7, by Thomas Maier <[email protected]> Plugin 'email': v 2.12, by Frank Knobbe Plugin 'email-blocks-only': v 2.12, by Frank Knobbe Plugin 'snmpinterfacedown': v 2.3, by Ali BASEL <[email protected]> Plugin 'forward': v 2.8, by Frank Knobbe Parsing config file /etc/snortsam.conf... Linking plugin 'iptables'... Checking for existing state file "/var/db/snortsam.state". Found. Reading state file. Starting to listen for Snort alerts. and snortsam.log as an entry like this 2013/10/25, 10:15:17, -, 1, snortsam, Starting to listen for Snort alerts. Now, from the external machine I do ping 172.16.1.254 and it starts showing the info and an alert file is created in /var/log/snort/ that as the info about the PINGS. Something like: [**] [1:408:6] ICMP-INFO Echo Reply [**] [Classification: Misc activity] [Priority: 3] 10/25-10:35:16.061319 172.16.1.254 -> 172.16.1.1 ICMP TTL:64 TOS:0x0 ID:38720 IpLen:20 DgmLen:84 Type:0 Code:0 ID:1389 Seq:1 ECHO REPLY Also, if I run instead /usr/local/snort/bin/snort snort -v -i p8p1 i got this message: Running in packet dump mode --== Initializing Snort ==-- Initializing Output Plugins! Snort BPF option: snort pcap DAQ configured to passive. The DAQ version does not support reload. Acquiring network traffic from "p8p1". ERROR: Can't set DAQ BPF filter to 'snort' (pcap_daq_set_filter: pcap_compile: syntax error)! Fatal Error, Quitting.. So, this are my questions: Shouldn't snortsam block the PING? Is that DAQ error causing the problem? If so, How can I solve it?

  Read the article

• Troubleshooting PHP email sending?

  - by darkAsPitch

  I created a website that occasionally emails users when they register/change their password/etc. Every other person however cannot or does not receive the emails. They are telling me that they are not even hitting their spam folders. I don't know a ton about MX records or email sending, but when I "Edit DNS Zone" for this domain in particular there is 1 MX record listed there. How do you go about troubleshooting botched PHP mail actions? UPDATE: Here is my super-simple php mailing code: $subject = "Subject Here"; $message = "Emails Message"; $to = $verified_user_data["email_address"]; $headers = "From: [email protected]\r\n" . "Reply-To: [email protected]\r\n" . "X-Mailer: PHP/" . phpversion(); //returns true on success, false on failure $email_result = mail($to, $subject, $message, $headers); re: "are you saying that some do and some do not?" @ Jacob Yes, basically. I send the emails containing the user's login username/password using similar code above. And I sell to fairly tech-savvy people. About 50% of the time, my customers claim they cannot find their welcome emails in their inbox OR in their spam box. It's as if it never arrived. I have the largest problem with Yahoo email addresses accepting my emails or so it seems. re: "The MX record at your end doesn't factor in, although the SPF record (or lack of it) will. How much access and control do you have on the server itself?" @ John Gardeniers I rent a dedicated server from Codero. Running CentOS 5, WHM + cPanel. I have full root access to the entire thing. Don't know much about MX records and/or SPF records. I just want the PHP mail function to work. It doesn't say much about that on the php mail function's help page. re: "What are you using for the SMTP server?" @ JonLim No idea. I use the code above when I need to fire off an email to a loyal customer, and that's it. Do I need to be worrying about SMTP servers? re: "Could be many, many things. Can you describe how you're sending mail in your code? i.e. are you relaying off of another mail server somewhere, using the local sendmail or postfix? Any consistency in domains that can/cannot receive email? Do you have a PTR record setup from the IP address that you're sending mail out as? What about SPF records?" @ gravyface I just described my simple code above! I believe I have been having the most trouble with Yahoo domains, however "independent" domains (probably running spamassasin) ex. [email protected] as opposed to [email protected] seem to give a lot of trouble as well. I do not know if I have a PTR record setup from the IP address I'm sending my mail from. It's probably the same IP address that I setup my domain on, because I didn't do anything extra special. No idea about SPF records either, where can I go to create one? Side Note: It's a crying shame what havoc the spammers have brought upon our beloved email system.

  Read the article

• Tomcat dying silently on regular basis

  - by Hendrik

  My tomcat (6.0.32, Java Sun 1.6.0_22-b04 on Ubuntu 10.04) keeps crashing multiple times daily without any specific output in catalina.out. This usually happens on high load (see top output). Update: The pid-file is properly removed when this happens. Update 2: No CATALINA_OPTS set, _JAVA_OPTS are: export _JAVA_OPTIONS="-Xms128m -Xmx1024m -XX:MaxPermSize=512m \ -XX:MinHeapFreeRatio=20 \ -XX:MaxHeapFreeRatio=40 \ -XX:NewSize=10m \ -XX:MaxNewSize=10m \ -XX:SurvivorRatio=6 \ -XX:TargetSurvivorRatio=80 \ -XX:+CMSClassUnloadingEnabled \ -Djava.awt.headless=true \ -Dcom.sun.management.jmxremote \ -Dcom.sun.management.jmxremote.port=37331 \ -Dcom.sun.management.jmxremote.ssl=false \ -Dcom.sun.management.jmxremote.authenticate=true \ -Djava.rmi.server.hostname=(myhostname) \ -Dcom.sun.management.jmxremote.password.file=/etc/java-6-sun/management/jmxremote.password \ -Dcom.sun.management.jmxremote.access.file=/etc/java-6-sun/management/jmxremote.access" Top: top - 12:40:03 up 9 days, 12:15, 3 users, load average: 30.00, 22.39, 21.91 Tasks: 89 total, 4 running, 85 sleeping, 0 stopped, 0 zombie Cpu(s): 53.2%us, 9.7%sy, 0.0%ni, 34.7%id, 1.5%wa, 0.0%hi, 0.8%si, 0.0%st Mem: 4194304k total, 3311304k used, 883000k free, 0k buffers Swap: 4194304k total, 0k used, 4194304k free, 0k cached PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 25850 tomcat6 20 0 1981m 1.2g 11m S 161 29.6 11:41.56 java 12632 mysql 20 0 393m 97m 4452 S 141 2.4 1690:05 mysqld 14932 nobody 20 0 253m 44m 9152 R 56 1.1 3:26.57 php-cgi 7011 nobody 20 0 241m 31m 9124 S 30 0.8 1:35.96 php-cgi 10093 nobody 20 0 228m 18m 8520 S 25 0.5 2:29.97 php-cgi 27071 nobody 20 0 237m 28m 8640 S 11 0.7 3:13.72 php-cgi 3306 nobody 20 0 227m 16m 6736 R 7 0.4 2:29.83 php-cgi 7756 nobody 20 0 261m 58m 15m R 5 1.4 2:22.33 php-cgi 7129 www-data 20 0 3646m 7228 1896 S 2 0.2 0:36.65 nginx 2657 nobody 20 0 228m 18m 8540 S 1 0.5 1:59.51 php-cgi 7131 www-data 20 0 3645m 6464 1960 S 1 0.2 0:34.13 nginx 7140 www-data 20 0 3652m 12m 1896 S 1 0.3 0:35.80 nginx 619 nobody 20 0 231m 29m 15m S 0 0.7 2:33.46 php-cgi 16552 nobody 20 0 250m 41m 8784 S 0 1.0 2:48.12 php-cgi 17134 nobody 20 0 239m 37m 16m S 0 0.9 2:32.86 php-cgi 21004 nobody 20 0 243m 34m 8700 S 0 0.8 1:19.85 php-cgi 26105 root 20 0 19220 1392 1060 R 0 0.0 0:00.82 top 32430 nobody 20 0 256m 47m 9196 S 0 1.2 2:19.01 php-cgi 314 nobody 20 0 256m 47m 8804 S 0 1.1 1:46.00 php-cgi 2111 nobody 20 0 253m 44m 9196 S 0 1.1 3:01.14 php-cgi 2142 root 20 0 26452 2564 868 S 0 0.1 0:00.56 screen 2144 root 20 0 19484 2012 1368 S 0 0.0 0:00.00 bash 2333 nobody 20 0 249m 41m 9160 S 0 1.0 1:10.33 php-cgi 2552 root 20 0 19484 2260 1620 S 0 0.1 0:00.01 bash 2587 nobody 20 0 258m 49m 9192 S 0 1.2 2:04.50 php-cgi 2684 root 20 0 4092 652 540 S 0 0.0 0:00.00 xvfb-run 2696 root 20 0 60720 13m 2352 S 0 0.3 0:09.12 Xvfb 2759 root 20 0 617m 12m 4676 S 0 0.3 0:00.66 node 3514 nobody 20 0 270m 61m 9216 S 0 1.5 3:13.69 php-cgi 5270 root 20 0 25164 1324 1036 S 0 0.0 0:00.01 screen 5402 nobody 20 0 227m 16m 8032 S 0 0.4 1:33.61 php-cgi 5765 root 20 0 81180 3820 3028 S 0 0.1 0:00.31 sshd 5798 nobody 20 0 242m 32m 9124 S 0 0.8 1:52.08 php-cgi 5856 root 20 0 19496 2292 1636 S 0 0.1 0:00.03 bash 6442 root 20 0 62332 20m 1960 S 0 0.5 0:30.58 mrtg 7082 root 20 0 88992 1916 1636 S 0 0.0 0:00.00 PassengerWatchd I can't find any concrete reason for it, no Exceptions or messages of a shutdown in catalina.out (and no other logs in tomcat's log dir). I can start up the service and it will run for a few days or just minutes before dying again. Is there somewhere else i could look for output? Could the kernel start killing threads due to a lack of ressources and by that bring the VM down?

  Read the article

< Previous Page | 331 332 333 334 335 336 337 338 339 340 341 342  | Next Page >