Search Results

Search found 9446 results on 378 pages for 'ssh keys'.

Page 349/378 | < Previous Page | 345 346 347 348 349 350 351 352 353 354 355 356  | Next Page >

• ubuntu bind9 AppArmor read permission denied (chroot jail)

  - by Richard Whitman

  I am trying to run bind9 with chroot jail. I followed the steps mentioned at : http://www.howtoforge.com/debian_bind9_master_slave_system I am getting the following errors in my syslog: Jul 27 16:53:49 conf002 named[3988]: starting BIND 9.7.3 -u bind -t /var/lib/named Jul 27 16:53:49 conf002 named[3988]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' Jul 27 16:53:49 conf002 named[3988]: adjusted limit on open files from 4096 to 1048576 Jul 27 16:53:49 conf002 named[3988]: found 4 CPUs, using 4 worker threads Jul 27 16:53:49 conf002 named[3988]: using up to 4096 sockets Jul 27 16:53:49 conf002 named[3988]: loading configuration from '/etc/bind/named.conf' Jul 27 16:53:49 conf002 named[3988]: none:0: open: /etc/bind/named.conf: permission denied Jul 27 16:53:49 conf002 named[3988]: loading configuration: permission denied Jul 27 16:53:49 conf002 named[3988]: exiting (due to fatal error) Jul 27 16:53:49 conf002 kernel: [74323.514875] type=1400 audit(1343433229.352:108): apparmor="DENIED" operation="open" parent=3987 profile="/usr/sbin/named" name="/var/lib/named/etc/bind/named.conf" pid=3992 comm="named" requested_mask="r" denied_mask="r" fsuid=103 ouid=103 Looks like the process can not read the file /var/lib/named/etc/bind/named.conf. I have made sure that the owner of this file is user bind, and it has the read/write access to it: root@test:/var/lib/named/etc/bind# ls -atl total 64 drwxr-xr-x 3 bind bind 4096 2012-07-27 16:35 .. drwxrwsrwx 2 bind bind 4096 2012-07-27 15:26 zones drwxr-sr-x 3 bind bind 4096 2012-07-26 21:36 . -rw-r--r-- 1 bind bind 666 2012-07-26 21:33 named.conf.options -rw-r--r-- 1 bind bind 514 2012-07-26 21:18 named.conf.local -rw-r----- 1 bind bind 77 2012-07-25 00:25 rndc.key -rw-r--r-- 1 bind bind 2544 2011-07-14 06:31 bind.keys -rw-r--r-- 1 bind bind 237 2011-07-14 06:31 db.0 -rw-r--r-- 1 bind bind 271 2011-07-14 06:31 db.127 -rw-r--r-- 1 bind bind 237 2011-07-14 06:31 db.255 -rw-r--r-- 1 bind bind 353 2011-07-14 06:31 db.empty -rw-r--r-- 1 bind bind 270 2011-07-14 06:31 db.local -rw-r--r-- 1 bind bind 2994 2011-07-14 06:31 db.root -rw-r--r-- 1 bind bind 463 2011-07-14 06:31 named.conf -rw-r--r-- 1 bind bind 490 2011-07-14 06:31 named.conf.default-zones -rw-r--r-- 1 bind bind 1317 2011-07-14 06:31 zones.rfc1918 What could be wrong here?

  Read the article

• Windows XP update not working

  - by Josh

  I have a problem with XP updating. It hangs when I try to search for updates on the website. But the automatic updates still work. And it's running IE6, so I'm trying to update to IE8, hoping that will fix the problems with the website. But when installing IE8 it just hangs at Installing Internet Explorer 8 for Windows XP And if I try to install it manually, it hangs when installing the updates for IE8. So looking at these logs, is there anything going wrong with the update process? Here is the end of ie8_main.log: 00:00.547: Started: 2012/09/15 (Y/M/D) 08:14:31.046 (local) 00:00.719: Time Format in this log: MM:ss.mmm (minutes:seconds.milliseconds) 00:00.781: Command line: c:\cac6f883a91a15abdac3e9\update\iesetup.exe /wu-silent 00:00.828: INFO: Checking version for c:\cac6f883a91a15abdac3e9\update\iesetup.exe: 8.0.6001.18702 00:01.047: INFO: Acquired Package Installer Mutex 00:01.078: INFO: Operating System: Windows Workstation: 5.1.2600 (Service Pack 3) 00:01.328: ERROR: Couldn't read value: 'LIPPackage' from [Version] section in update.inf 00:01.359: INFO: Checking Prerequisites 00:01.391: INFO: Prerequisites Satisfied: Yes 00:01.484: INFO: Checking version for C:\Program Files\Internet Explorer\iexplore.exe: 6.0.2900.5512 00:01.516: INFO: C:\Program Files\Internet Explorer\iexplore.exe version: 6.0.2900.5512 00:01.562: INFO: Checking if iexplore.exe's current version is between 8.0.6001.0... 00:01.594: INFO: ...and 8.1.0.0... 00:01.625: INFO: Maximum version on which to run IEAK branding is: 8.1.0.0... 00:01.656: INFO: iexplore.exe version check success. Install can proceed. 00:01.703: INFO: Checking version for C:\Program Files\Internet Explorer\iexplore.exe: 6.0.2900.5512 00:01.719: INFO: Checking version for C:\WINDOWS\system32\mshtml.dll: 6.0.2900.6266 00:01.750: INFO: Checking version for C:\WINDOWS\system32\wininet.dll: 6.0.2900.6254 00:01.906: INFO: EULA not shown in passive or quiet mode. 00:01.984: INFO: Skip directly to Options page. 00:02.078: INFO: |PreInstall >>> CPageProgress::DlgProc: Exiting Phase PH_NONE 00:02.109: INFO: |PreInstall >>> CPageProgress::_ChangeState: Original Phase: 0 00:02.141: INFO: |Initialize >>> CPageProgress::_UpdateDisplay: Actual Phase: 1 00:02.187: INFO: |Initialize >>> >[BEGIN]------------------------------ 00:02.219: INFO: |Initialize >>> CPageProgress::_UpdateDisplay: Actual Phase: 1 00:02.250: INFO: |Initialize >>> SKIP[FALSE]>>Looking for skip clauses 00:02.281: INFO: |Initialize >>> SKIP[FALSE]>>Result: RUNNING This Phase 00:02.312: INFO: |Initialize >>> Calculating bytes needed to install. 00:02.375: INFO: |Initialize >>> Diskspace Required: 151918308 00:02.422: INFO: |Initialize >>> Diskspace Available to user: 223816298496 00:02.453: INFO: WindowsUpdate>>CWindowsUpdateMgr::Initialize: CoCreateInstance.CLSID_UpdateSession: HResult 0x00000000 00:02.484: INFO: WindowsUpdate>>CWindowsUpdateMgr::Initialize: PutClientApplicationID: HResult 0x00000000 00:02.516: INFO: WindowsUpdate>>CWindowsUpdateMgr::Initialize: CreateUpdateSearcher: HResult 0x00000000 00:02.547: INFO: WindowsUpdate>>CWindowsUpdateMgr::Initialize: CreateUpdateDownloader: HResult 0x00000000 00:02.594: INFO: WindowsUpdate>>CWindowsUpdateMgr::Initialize: CreateUpdateInstaller: HResult 0x00000000 00:02.625: INFO: WindowsUpdate>>WindowsUpdateMgr::Initialize: State Change: SS_INITIALIZED. 00:02.656: INFO: |Initialize >>> CStateInitialize::OnInitialize: Windows Update Manager Initialization Result: 0x00000000 00:02.687: INFO: |Initialize >>> CInstallationState::_ExitState: Preparing to Leave State. 00:02.719: INFO: |Initialize >>> CInstallationState::_ExitState: Setting Progress 100. 00:02.766: INFO: |Initialize >>> CInstallationState::_SetProgress: Post Set Progress Message Succeeded. 00:02.797: INFO: |Initialize >>> CInstallationState::_ExitState: Posting Exit Phase Message. 00:02.828: INFO: |Initialize >>> CInstallationState::_ExitState: Post Exit Phase Message Succeeded. 00:02.859: INFO: |Initialize >>> CPageProgress::DlgProc: Received WM_PR_SETPROGRESS, 64, 0 00:02.891: INFO: |Initialize >>> CPageProgress::_UpdateDisplay: Actual Phase: 1 00:02.953: INFO: |Initialize >>> CPageProgress::DlgProc: Received WM_PR_EXITPHASE, 0, 0 00:02.984: INFO: |Initialize >>> CPageProgress::_UpdateDisplay: Actual Phase: 1 00:03.016: INFO: |Initialize >>> <[END]-------------------------------- 00:03.047: INFO: |Initialize >>> CPageProgress::_ChangeState: Original Phase: 1 00:03.078: INFO: |Uninstall Prev. >>> >[BEGIN]------------------------------ 00:03.109: INFO: |Uninstall Prev. >>> CPageProgress::_UpdateDisplay: Actual Phase: 2 00:03.156: INFO: |Uninstall Prev. >>> SKIP[FALSE]>>Looking for skip clauses 00:03.187: INFO: |Uninstall Prev. >>> SKIP[FALSE]>> Adding [FALSE] Condition: !_psdStateData->GetIsInitSuccessful() 00:03.219: INFO: |Uninstall Prev. >>> SKIP[FALSE]>> Adding [TRUE ] Condition: !g_pApp->GetState()->AreWeDoingUninstall() 00:03.250: INFO: |Uninstall Prev. >>> SKIP[TRUE ]>>Result: SKIPPING This Phase 00:03.281: INFO: |Uninstall Prev. >>> CInstallationState::_ExitState: Preparing to Leave State. 00:03.312: INFO: |Uninstall Prev. >>> CInstallationState::_ExitState: Setting Progress 100. 00:03.344: INFO: |Uninstall Prev. >>> CInstallationState::_SetProgress: Post Set Progress Message Succeeded. 00:03.375: INFO: |Uninstall Prev. >>> CInstallationState::_ExitState: Posting Exit Phase Message. 00:03.391: INFO: |Uninstall Prev. >>> CInstallationState::_ExitState: Post Exit Phase Message Succeeded. 00:03.437: INFO: |Uninstall Prev. >>> CPageProgress::DlgProc: Received WM_PR_SETPROGRESS, 64, 0 00:03.469: INFO: |Uninstall Prev. >>> CPageProgress::_UpdateDisplay: Actual Phase: 2 00:03.500: INFO: |Uninstall Prev. >>> CPageProgress::DlgProc: Received WM_PR_EXITPHASE, 0, 0 00:03.531: INFO: |Uninstall Prev. >>> CPageProgress::_UpdateDisplay: Actual Phase: 2 00:03.562: INFO: |Uninstall Prev. >>> <[END]-------------------------------- 00:03.594: INFO: |Uninstall Prev. >>> CPageProgress::_ChangeState: Original Phase: 2 00:03.625: INFO: |WU Download >>> >[BEGIN]------------------------------ 00:03.656: INFO: |WU Download >>> CPageProgress::_UpdateDisplay: Actual Phase: 3 00:03.703: INFO: |WU Download >>> SKIP[FALSE]>>Looking for skip clauses 00:03.734: INFO: |WU Download >>> SKIP[FALSE]>> Adding [FALSE] Condition: !_psdStateData->GetIsInitSuccessful() 00:03.766: INFO: |WU Download >>> SKIP[FALSE]>> Adding [FALSE] Condition: !g_pApp->GetState()->GetOptShouldUpdate() 00:03.781: INFO: |WU Download >>> SKIP[FALSE]>> Adding [FALSE] Condition: g_pApp->GetState()->GetOptIEAKMode()==IEAK_BRANDING 00:03.812: INFO: |WU Download >>> SKIP[FALSE]>> Adding [FALSE] Condition: g_pApp->GetState()->AreWeDoingUninstall() 00:03.859: INFO: |WU Download >>> SKIP[FALSE]>>Result: RUNNING This Phase 00:03.891: INFO: Setting Windows Update Registry Keys: LookingForUpdates=0x00 - ForcePostUpdateDownload=0x00 - ForcePostUpdateInstall=0x00 00:03.953: INFO: Setting Windows Update Registry Keys: LookingForUpdates=0x01 - ForcePostUpdateDownload=0x01 - ForcePostUpdateInstall=0x00 00:03.984: INFO: WindowsUpdate>>Search: Search criteria: 'IsInstalled=0 and Type='Software' and CategoryIDs contains '5312e4f1-6372-442d-aeb2-15f2132c9bd7'' 00:04.031: INFO: |WU Download >>> Looking for Internet Explorer updates... And here is the end of the WindowsUpdate.log: 2012-09-15 08:14:16:109 1168 fc AU ############# 2012-09-15 08:14:16:109 1168 fc AU ## START ## AU: Search for updates 2012-09-15 08:14:16:109 1168 fc AU ######### 2012-09-15 08:14:16:109 1168 fc AU <<## SUBMITTED ## AU: Search for updates [CallId = {92AA8321-2BDA-46EA-828E-52D43F3BD58C}] 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {B4B9471C-1A5E-4D9C-94EF-84B00592946A}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {7F28CDA0-8249-47CA-BD3C-677813249FE9}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {F1B1A591-BB75-4B1C-9FBD-03EEDB00CC9D}.103 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {6384F8AC-4973-4ED9-BC7F-4644507FB001}.102 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {1C81AA3A-6F53-499D-B519-2A81CFBAA1DB}.102 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {7A25C7EC-3798-4413-A493-57A259D18959}.103 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {D6E99F31-FBF4-4DBF-B408-7D75B282D85B}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {1D45A361-56E7-4A3E-8E9F-AE022D050D13}.101 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {AA38D853-2A3E-4F72-86E9-32663D73DC55}.102 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {3ABE760C-4578-4C84-A1CB-BF1DF019EFE4}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {596ADB47-108D-482D-85BA-A513621434B7}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {0F90F2F5-18A2-412C-AEB9-7F027D6C986D}.104 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {7079BEEB-6120-4AFD-AD07-FB4DFA284FBE}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent Update {A566B4B1-D44F-46F8-A862-64EFA6684948}.100 is pruned out due to potential supersedence 2012-09-15 08:14:16:140 1168 2c4 Agent Update {A2E271BC-57AE-44C3-8BFF-919D81299B5D}.100 is pruned out due to potential supersedence 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {DE76AB56-5835-46D4-A6B7-1ABED2572F00}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {C683FDC6-3997-4D12-AABB-49AE57031FE6}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Added update {4C5429B5-22FE-4656-9E82-D80C1B99D73E}.100 to search result 2012-09-15 08:14:16:140 1168 2c4 Agent * Found 16 updates and 69 categories in search; evaluated appl. rules of 1868 out of 3469 deployed entities 2012-09-15 08:14:16:171 1168 2c4 Agent ********* 2012-09-15 08:14:16:171 1168 2c4 Agent ** END ** Agent: Finding updates [CallerId = MicrosoftUpdate] 2012-09-15 08:14:16:171 1168 2c4 Agent ************* 2012-09-15 08:14:16:187 1168 2c4 Agent ************* 2012-09-15 08:14:16:187 1168 2c4 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates] 2012-09-15 08:14:16:187 1168 2c4 Agent ********* 2012-09-15 08:14:16:187 1168 2c4 Agent * Online = No; Ignore download priority = No 2012-09-15 08:14:16:187 1168 2c4 Agent * Criteria = "IsHidden=0 and IsInstalled=0 and DeploymentAction='Installation' and IsAssigned=1 or IsHidden=0 and IsPresent=1 and DeploymentAction='Uninstallation' and IsAssigned=1 or IsHidden=0 and IsInstalled=1 and DeploymentAction='Installation' and IsAssigned=1 and RebootRequired=1 or IsHidden=0 and IsInstalled=0 and DeploymentAction='Uninstallation' and IsAssigned=1 and RebootRequired=1" 2012-09-15 08:14:16:187 1168 2c4 Agent * ServiceID = {7971F918-A847-4430-9279-4A52D1EFE18D} Third party service 2012-09-15 08:14:16:187 1168 2c4 Agent * Search Scope = {Machine} 2012-09-15 08:14:16:203 4000 59c COMAPI >>-- RESUMED -- COMAPI: Search [ClientId = MicrosoftUpdate] 2012-09-15 08:14:16:203 4000 59c COMAPI - Updates found = 16 2012-09-15 08:14:16:203 4000 59c COMAPI --------- 2012-09-15 08:14:16:218 4000 59c COMAPI -- END -- COMAPI: Search [ClientId = MicrosoftUpdate] 2012-09-15 08:14:16:218 4000 59c COMAPI ------------- 2012-09-15 08:14:20:843 1168 69c AU AU received install approval from client for 1 updates 2012-09-15 08:14:20:843 1168 69c AU ############# 2012-09-15 08:14:20:843 1168 69c AU ## START ## AU: Install updates 2012-09-15 08:14:20:859 1168 69c AU ######### 2012-09-15 08:14:20:859 1168 69c AU # Initiating manual install 2012-09-15 08:14:20:859 1168 69c AU # Approved updates = 1 2012-09-15 08:14:20:875 1168 2c4 Agent * Added update {0F90F2F5-18A2-412C-AEB9-7F027D6C986D}.104 to search result 2012-09-15 08:14:20:875 1168 2c4 Agent * Found 1 updates and 69 categories in search; evaluated appl. rules of 1326 out of 3469 deployed entities 2012-09-15 08:14:20:875 1168 2c4 Agent ********* 2012-09-15 08:14:20:875 1168 2c4 Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates] 2012-09-15 08:14:20:875 1168 2c4 Agent ************* 2012-09-15 08:14:20:875 1168 69c AU <<## SUBMITTED ## AU: Install updates / installing updates [CallId = {BB25B2FA-1DA6-46EF-BBAD-93AEC822BD21}] 2012-09-15 08:14:20:890 1168 eac AU >>## RESUMED ## AU: Search for updates [CallId = {92AA8321-2BDA-46EA-828E-52D43F3BD58C}] 2012-09-15 08:14:20:890 1168 eac AU # 1 updates detected 2012-09-15 08:14:20:890 1168 280 Agent ************* 2012-09-15 08:14:20:890 1168 280 Agent ** START ** Agent: Installing updates [CallerId = AutomaticUpdates] 2012-09-15 08:14:20:890 1168 280 Agent ********* 2012-09-15 08:14:20:890 1168 280 Agent * Updates to install = 1 2012-09-15 08:14:20:890 1168 eac AU ######### 2012-09-15 08:14:20:890 1168 eac AU ## END ## AU: Search for updates [CallId = {92AA8321-2BDA-46EA-828E-52D43F3BD58C}] 2012-09-15 08:14:20:890 1168 eac AU ############# 2012-09-15 08:14:20:890 1168 eac AU Featured notifications is disabled. 2012-09-15 08:14:20:906 1168 2c4 Report REPORT EVENT: {F352ECAD-2C8C-4F9A-A225-333B5018F1F0} 2012-09-15 08:13:23:234-0500 1 188 102 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Content Install Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Sunday, September 16, 2012 at 3:00 AM: - Internet Explorer 8 for Windows XP 2012-09-15 08:14:20:906 1168 2c4 Report REPORT EVENT: {707D1D6E-BA62-438F-B704-0CC083B1FB6C} 2012-09-15 08:13:23:234-0500 1 202 102 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Content Install Reboot completed. 2012-09-15 08:14:20:906 1168 2c4 Report REPORT EVENT: {65C04CE5-D046-4B6F-92F1-E2DF36730338} 2012-09-15 08:14:16:156-0500 1 147 101 {00000000-0000-0000-0000-000000000000} 0 0 MicrosoftUpdate Success Software Synchronization Windows Update Client successfully detected 16 updates. 2012-09-15 08:14:20:921 1168 280 Agent * Title = Internet Explorer 8 for Windows XP 2012-09-15 08:14:20:921 1168 280 Agent * UpdateId = {0F90F2F5-18A2-412C-AEB9-7F027D6C986D}.104 2012-09-15 08:14:20:921 1168 280 Agent * Bundles 2 updates: 2012-09-15 08:14:20:921 1168 280 Agent * {114743B0-0F07-4000-8C51-BE808D819516}.104 2012-09-15 08:14:20:921 1168 280 Agent * {81B41B2D-E98D-4DFE-9CB7-E88AE50E9B42}.104 2012-09-15 08:14:25:078 1168 280 Handler Attempting to create remote handler process as RAY\Ray in session 0 2012-09-15 08:14:25:250 1168 280 DnldMgr Preparing update for install, updateId = {114743B0-0F07-4000-8C51-BE808D819516}.104. 2012-09-15 08:14:27:453 1256 528 Misc =========== Logging initialized (build: 7.6.7600.256, tz: -0500) =========== 2012-09-15 08:14:27:453 1256 528 Misc = Process: C:\WINDOWS\system32\wuauclt.exe 2012-09-15 08:14:27:453 1256 528 Misc = Module: C:\WINDOWS\system32\wuaueng.dll 2012-09-15 08:14:27:453 1256 528 Handler ::::::::::::: 2012-09-15 08:14:27:453 1256 528 Handler :: START :: Handler: Command Line Install 2012-09-15 08:14:27:453 1256 528 Handler ::::::::: 2012-09-15 08:14:27:453 1256 528 Handler : Updates to install = 1 2012-09-15 08:14:35:062 676 684 Misc =========== Logging initialized (build: 7.6.7600.256, tz: -0500) =========== 2012-09-15 08:14:35:062 676 684 Misc = Process: c:\cac6f883a91a15abdac3e9\update\iesetup.exe 2012-09-15 08:14:35:062 676 684 Misc = Module: C:\WINDOWS\system32\wuapi.dll 2012-09-15 08:14:35:062 676 684 COMAPI ------------- 2012-09-15 08:14:35:062 676 684 COMAPI -- START -- COMAPI: Search [ClientId = Windows Internet Explorer 8 Setup Utility] 2012-09-15 08:14:35:062 676 684 COMAPI --------- 2012-09-15 08:14:35:078 1168 2c4 Agent ************* 2012-09-15 08:14:35:078 1168 2c4 Agent ** START ** Agent: Finding updates [CallerId = Windows Internet Explorer 8 Setup Utility] 2012-09-15 08:14:35:078 1168 2c4 Agent ********* 2012-09-15 08:14:35:078 1168 2c4 Agent * Online = Yes; Ignore download priority = No 2012-09-15 08:14:35:078 1168 2c4 Agent * Criteria = "IsInstalled=0 and Type='Software' and CategoryIDs contains '5312e4f1-6372-442d-aeb2-15f2132c9bd7'" 2012-09-15 08:14:35:078 1168 2c4 Agent * ServiceID = {00000000-0000-0000-0000-000000000000} Third party service 2012-09-15 08:14:35:078 1168 2c4 Agent * Search Scope = {Machine} 2012-09-15 08:14:35:078 676 684 COMAPI <<-- SUBMITTED -- COMAPI: Search [ClientId = Windows Internet Explorer 8 Setup Utility] 2012-09-15 08:14:35:078 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab: 2012-09-15 08:14:35:093 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:156 1168 2c4 Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80190194 2012-09-15 08:14:35:156 1168 2c4 Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80190194 2012-09-15 08:14:35:156 1168 2c4 Misc WARNING: DownloadFileInternal failed for http://download.windowsupdate.com/v9/1/windowsupdate/redir/muv4wuredir.cab: error 0x80190194 2012-09-15 08:14:35:156 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab: 2012-09-15 08:14:35:171 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:312 1168 2c4 Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80190194 2012-09-15 08:14:35:312 1168 2c4 Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80190194 2012-09-15 08:14:35:312 1168 2c4 Misc WARNING: DownloadFileInternal failed for http://download.microsoft.com/v9/1/windowsupdate/redir/muv4wuredir.cab: error 0x80190194 2012-09-15 08:14:35:312 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab: 2012-09-15 08:14:35:312 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:406 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab: 2012-09-15 08:14:35:421 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:437 1168 2c4 Agent Checking for updated auth cab for service 7971f918-a847-4430-9279-4a52d1efe18d at http://download.windowsupdate.com/v9/1/microsoftupdate/redir/muauth.cab 2012-09-15 08:14:35:437 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\AuthCabs\authcab.cab: 2012-09-15 08:14:35:437 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:578 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\AuthCabs\authcab.cab: 2012-09-15 08:14:35:593 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:687 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\muv4muredir.cab: 2012-09-15 08:14:35:718 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:765 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\muv4muredir.cab: 2012-09-15 08:14:35:781 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:781 1168 2c4 PT +++++++++++ PT: Starting category scan +++++++++++ 2012-09-15 08:14:35:781 1168 2c4 PT + ServiceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, Server URL = https://www.update.microsoft.com/v6/ClientWebService/client.asmx 2012-09-15 08:14:35:906 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\muv4muredir.cab: 2012-09-15 08:14:35:921 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:968 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\muv4muredir.cab: 2012-09-15 08:14:35:984 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:35:984 1168 2c4 PT +++++++++++ PT: Synchronizing server updates +++++++++++ 2012-09-15 08:14:35:984 1168 2c4 PT + ServiceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, Server URL = https://www.update.microsoft.com/v6/ClientWebService/client.asmx 2012-09-15 08:14:37:250 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\muv4muredir.cab: 2012-09-15 08:14:37:265 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:37:312 1168 2c4 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\muv4muredir.cab: 2012-09-15 08:14:37:328 1168 2c4 Misc Microsoft signed: Yes 2012-09-15 08:14:37:328 1168 2c4 PT +++++++++++ PT: Synchronizing extended update info +++++++++++ 2012-09-15 08:14:37:328 1168 2c4 PT + ServiceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, Server URL = https://www.update.microsoft.com/v6/ClientWebService/client.asmx 2012-09-15 08:14:37:453 784 314 DtaStor WARNING: Attempted to add URL http://download.windowsupdate.com/msdownload/update/software/dflt/2010/06/3888874_6c6699387d7465bc17c02cc31a660b216427fc78.cab for file bGaZOH10ZbwXwCzDGmYLIWQn/Hg= when file has not been previously added to the datastore 2012-09-15 08:14:37:468 784 314 DtaStor WARNING: Attempted to add URL http://download.windowsupdate.com/msdownload/update/software/dflt/2011/12/4876484_606d98885a70abb9e5e7f3821682cf5541b17c27.cab for file YG2YiFpwq7nl5/OCFoLPVUGxfCc= when file has not been previously added to the datastore 2012-09-15 08:14:37:468 784 314 DtaStor WARNING: Attempted to add URL http://download.windowsupdate.com/msdownload/update/software/dflt/2012/08/5179550_0e825c9da8f36ff2addcbbf4089e12bff764e0a0.cab for file DoJcnajzb/Kt3Lv0CJ4Sv/dk4KA= when file has not been previously added to the datastore 2012-09-15 08:14:37:937 1168 2c4 Agent * Added update {551EF226-28CF-44D9-B318-4959C2B73B26}.100 to search result 2012-09-15 08:14:37:937 1168 2c4 Agent * Added update {955266A7-6210-4C18-BAEF-0E8244D975A9}.100 to search result 2012-09-15 08:14:37:937 1168 2c4 Agent * Added update {797D3C3F-CFD2-4D26-BB52-BE038205C7C4}.105 to search result 2012-09-15 08:14:37:937 1168 2c4 Agent * Added update {EDB28194-3635-480E-A069-1D1984CCB2AB}.102 to search result 2012-09-15 08:14:37:937 1168 2c4 Agent * Found 4 updates and 5 categories in search; evaluated appl. rules of 52 out of 65 deployed entities 2012-09-15 08:14:37:937 1168 2c4 Agent ********* 2012-09-15 08:14:37:937 1168 2c4 Agent ** END ** Agent: Finding updates [CallerId = Windows Internet Explorer 8 Setup Utility] 2012-09-15 08:14:37:937 1168 2c4 Agent ************* 2012-09-15 08:14:37:953 676 8cc COMAPI >>-- RESUMED -- COMAPI: Search [ClientId = Windows Internet Explorer 8 Setup Utility] 2012-09-15 08:14:37:953 676 8cc COMAPI - Updates found = 4 2012-09-15 08:14:37:953 676 8cc COMAPI --------- 2012-09-15 08:14:37:953 676 8cc COMAPI -- END -- COMAPI: Search [ClientId = Windows Internet Explorer 8 Setup Utility] 2012-09-15 08:14:37:953 676 8cc COMAPI ------------- 2012-09-15 08:14:42:937 1168 2c4 Report REPORT EVENT: {88008109-CF47-404E-940D-6C21A85DFF64} 2012-09-15 08:14:37:937-0500 1 147 101 {00000000-0000-0000-0000-000000000000} 0 0 Windows Internet Explorer 8 Set Success Software Synchronization Windows Update Client successfully detected 4 updates. I could upload the entire WindowsUpdate.log file to dropbox if required.

  Read the article

• using own mail server with external domain and dns. Now have internal dns. dkim test not working

  - by mojotaker

  I am not very knowledgeable in this area, but have been able to make great head way. Now i am stuck I setup my own mail server, e.g mailbox.example.com. I had the domain dns point to my mail server in my office. i was able to set up everything working fine. such as dkim and spf records. Recently i decided to setup an internal dns server in the office so as to resolve some addresses for some development servers internally. Ok the problem now is my mail server is sitting on the internal dns server (the mail server is on the same box as the dns server) its still able to send and receive emails but not sure if dkim is working properly. when i try to do a dkim test "amavisd test keys" i get "invalid (public key: not available)" and i know that that means i have a dns issue. so what should i do? I am currently looking at my internal dns zonefile and i dont know what to do (i am using bind dns server on an ubuntu-server box). do i configure a dkim txt record on the local dns ? or is there a way to forward dkim "request" to the external dns ? or do i have this whole thing done wrong ? To be clear Basically my internal domain name is the same as my external domain name (i.e example.com) i have a mail server within my internal domain mailbox.example.com, that uses my external domain dns (external dns has been setup to point to my emailserver (which of course is now sitting behind my internal dns)) dkim (i dont think its working because it fails the dkim test") Need help in determing the proper setup What is the proper way to set this up ? thank you Update: Here is my local dns zone file ; ; BIND data file for local loopback interface ; $TTL 604800 @ IN SOA webserver.example.com. root.example.com. ( //dns and webserver on the same box 2012030809 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS webserver.example.com. @ IN A 192.168.1.117 @ IN AAAA ::1 ns IN A 192.168.1.117 www IN A xx.xx.xx.xxx // ip of external domain box (bluehost) work around to let local clients access website newsletter IN A xx.xx.xxx.117 // external ip address of local network mailbox.example.com. IN A 192.168.1.111 // internal ip of mailbox (mailserver webserver.example.com. IN A 192.168.1.117 //internal ip of a webserver

  Read the article

• csync2 ERROR: Connection to remote host failed

  - by Emil Salama

  I was unable to find any articles to answer this question, so my best bet was to post this here: Scenario We have 2x application servers in production hosting a PHP website and I would like some folders to be syncronized between the 2, the same was setup for the development environment with no issues, I've followed all instructions from the URL "http://www.cloudedify.com/synchronising-files-in-cloud-with-csync2/", I still seem to have the same result, firewall has been disabled on both boxes for troubeshooting purposes: Config Files: cysnc2.cfg nossl * *; group production { host server1; host server2; key /etc/csync-production-group.key; include /etc/httpd/sites-available; include /xxxxxx/public_html/files include /xxxxxxx/magento/media/catalog/product include /xxxxxxx/magento/media/brands exclude *.log; exclude /xxxx/public_html/file/cache; exclude /xxxxx/public_html/magento/var/cache; exclude /xxxx/public_html/logs; exclude /xxxxx/public_html/magento/var/log; backup-directory /data/sync-conflicts/; backup-generations 2; auto younger; } /etc/xinetd.d/csync2 csync2.cfg service csync2 { disable = no flags = REUSE socket_type = stream wait = no user = root group = root server = /usr/sbin/csync2 server_args = -i -D /data/sync-db/ port = 30865 type = UNLISTED log_type = FILE /data/logs/csync2/csync2-xinetd.log log_on_failure += USERID } I've made sure that the daemon is listening on both server on port 30865 and the keys matched on both servers I've run a tcpdump on each server, output as follows: 12:20:31.366771 IP server1.49919 server2.csync2: Flags [S], seq 445156159, win 14600, options [mss 1460,sackOK,TS val 794864936 ecr 0,nop,wscale 7], length 0 12:20:31.366810 IP server2.csync2 server1.49919: Flags [S.], seq 450593575, ack 445156160, win 14480, options [mss 1460,sackOK,TS val 794798911 ecr 794864936,nop,wscale 7], length 0 12:20:31.367101 IP server1.49919 server2.csync2: Flags [.], ack 1, win 115, options [nop,nop,TS val 794864937 ecr 794798911], length 0 12:20:31.367138 IP server1.49919 server2.csync2: Flags [P.], seq 1:9, ack 1, win 115, options [nop,nop,TS val 794864937 ecr 794798911], length 8 12:20:31.367147 IP server2.csync2 server1.49919: Flags [.], ack 9, win 114, options [nop,nop,TS val 794798912 ecr 794864937], length 0 12:20:31.368625 IP server2.csync2 server1.49919: Flags [R.], seq 1, ack 9, win 114, options [nop,nop,TS val 794798913 ecr 794864937], length 0 Is there anything else i'm missing or should be doing?

  Read the article

• High CPU from httpd process

  - by KHWeb

  I am currently getting high CPU on a server that is just running a couple of sites with very low traffic. One of the sites is in still development going live soon. However, this site is very very slow...When browsing through its pages I can see that the CPU goes from 30% to 100% for httpd (see top output below). I have tuned httpd & MySQL, Apache Solr, Tomcat for high performance, and I am using APC. Not sure what to do from here or how to find the culprit as I have a bunch of messages on the httpd log and have been chasing dead ends for some time...any help is greatly appreciated. Server: AuthenticAMD, Quad-Core AMD Opteron(tm) Processor 2352, RAM 16GB Linux 2.6.27 64-bit, Centos 5.5 Plesk 9.5.4, MySQL 5.1.48, PHP 5.2.17 Apache/2.2.3 (CentOS) DAV/2 mod_jk/1.2.15 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.17 mod_perl/2.0.4 Perl/v5.8.8 Tomcat6-6.0.29-1.jpp5, Tomcat-native-1.1.20-1.el5, Apache Solr top 17595 apache 20 0 1825m 507m 10m R 100.4 3.2 0:17.50 httpd 17596 apache 20 0 1565m 247m 9936 R 83.1 1.5 0:10.86 httpd 17598 apache 20 0 1430m 110m 6472 S 54.5 0.7 0:08.66 httpd 17599 apache 20 0 1438m 124m 12m S 37.2 0.8 0:11.20 httpd 16197 mysql 20 0 13.0g 2.0g 5440 S 9.6 12.6 297:12.79 mysqld 17617 root 20 0 12748 1172 812 R 0.7 0.0 0:00.88 top 8169 tomcat 20 0 4613m 268m 6056 S 0.3 1.7 6:40.56 java httpd error_log [debug] prefork.c(991): AcceptMutex: sysvsem (default: sysvsem) [info] mod_fcgid: Process manager 17593 started [debug] proxy_util.c(1854): proxy: grabbed scoreboard slot 0 in child 17594 for worker proxy:reverse [debug] proxy_util.c(1967): proxy: initialized single connection worker 0 in child 17594 for (*) [debug] proxy_util.c(1854): proxy: grabbed scoreboard slot 0 in child 17595 for worker proxy:reverse [debug] proxy_util.c(1873): proxy: worker proxy:reverse already initialized [notice] child pid 22782 exit signal Segmentation fault (11) [error] (43)Identifier removed: apr_global_mutex_lock(jk_log_lock) failed [debug] util_ldap.c(2021): LDAP merging Shared Cache conf: shm=0x7fd29a5478c0 rmm=0x7fd29a547918 for VHOST: example.com [info] APR LDAP: Built with OpenLDAP LDAP SDK [info] LDAP: SSL support available [info] Init: Seeding PRNG with 256 bytes of entropy [info] Init: Generating temporary RSA private keys (512/1024 bits) [info] Init: Generating temporary DH parameters (512/1024 bits) [debug] ssl_scache_shmcb.c(374): shmcb_init allocated 512000 bytes of shared memory [debug] ssl_scache_shmcb.c(554): entered shmcb_init_memory() [debug] ssl_scache_shmcb.c(576): for 512000 bytes, recommending 4265 indexes [debug] ssl_scache_shmcb.c(619): shmcb_init_memory choices follow [debug] ssl_scache_shmcb.c(621): division_mask = 0x1F [debug] ssl_scache_shmcb.c(623): division_offset = 96 [debug] ssl_scache_shmcb.c(625): division_size = 15997 [debug] ssl_scache_shmcb.c(627): queue_size = 2136 [debug] ssl_scache_shmcb.c(629): index_num = 133 [debug] ssl_scache_shmcb.c(631): index_offset = 8 [debug] ssl_scache_shmcb.c(633): index_size = 16 [debug] ssl_scache_shmcb.c(635): cache_data_offset = 8 [debug] ssl_scache_shmcb.c(637): cache_data_size = 13853 [debug] ssl_scache_shmcb.c(650): leaving shmcb_init_memory()

  Read the article

• Why is Excel 2010/2013 taking 10 seconds open any file?

  - by jbkly

  I have a fast Windows 7 PC with two SSDs and 16GB of RAM, so I'm used to programs loading very fast. But recently, for no reason I can figure out, Excel has started taking way too long to open Excel files (of any size--even blank files). This is occurring with Excel 2010 and with Excel 2013 after I upgraded, hoping to solve the problem. Here a couple scenarios: If I start Excel directly, it opens almost instantly. No problem there. If I start Excel directly, and then open any Excel file (.xls or .xlsx), it loads almost instantly. Still no problem BUT if I attempt to open any Excel file directly, with Excel not running, it consistently takes 10-11 seconds for Excel to start. I get no error messages, just a spinning cursor for 10-11 seconds, and then the file opens. During the delay while Excel is trying to start, I'm not really seeing any discernible spike in CPU or memory usage, other than explorer.exe. This problem is only occurring with Excel, not Word or any other program I'm aware of. I've searched around quite a bit on this question and found various others who have experienced it, but the solutions that worked for them are not working for me. For a few people it was a problem with scanning network drives, but my problem is purely with local files; I have no network drives, and the problem persists even with all network connections disabled. Some people suggested worksheets with corrupted formulas or links, but I'm experiencing this with ANY Excel file: even blank worksheets. Others thought it was a problem with add-ins, but I have all Excel add-ins disabled (as far as I can tell). One person solved it by disabling a "clipboard manager" process that was running in the background, but I don't have that. I've disabled as many startup and background processes as I can, but the problem persists. I've run malware scans, disk cleanup, CCleaner, and installed Excel 2013. I've deleted temporary files, enabled SuperFetch, and edited registry keys. Still can't get rid of the problem. Any ideas? My system details: Windows 7 Professional SP1 64-bit, Excel 2013 32-bit, 16GB RAM, all programs installed on SSD.

  Read the article

• Ububtu server 12.04 auto installation freezes at kickseeding running if ks.cfg has post scripts

  - by john206

  I'm trying to make a custom Ubuntu Server iso file. Kickstart file (ks.cfg) runs smooth when there is no %post in the file and Ubuntu installs correctly with ks configuration. Installation finishes installing base, apt, grub and It echos: Kickseed Running... and it freezes @ 0% I thought may be apt-get update doesnt work in ks file, I tried to install other apps like apache2 but no luck I have created dozen iso images and installed them in Virtual Box.I have been googling for 3 days and checked out ubuntu forums but haven't figured out the issue. I appreciate your help. This is how I made the iso image. My ks.file and txt.cfg files located in isolinux directory: root@ubuntu:/home/work mount -o loop ubuntu-12.04-amd64.iso original-iso/ rsync -a original-iso/ custom-iso/ cp ks.cfg custom-iso/isolinux/ cp txt.cfg custom-iso/isolinux/ chmod -R 777 custom-iso/ #Creating Iso image mkisofs -D -r -V “$IMAGE_NAME” -cache-inodes -J -l -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -o ~/ubuntu-12.04-alternate-custom-amd64.iso custom-iso/ ks.cfg #Generated by Kickstart Configurator #platform=AMD64 or Intel EM64T #System language lang en_US #Language modules to install langsupport en_US #System keyboard keyboard us #System mouse mouse #System timezone timezone America/Los_Angeles #Root password rootpw --iscrypted somethingsomething #Initial user user ubuntu --fullname "ubuntu" --iscrypted --password somethingsomething. #Reboot after installation reboot #Use text mode install text #Install OS instead of upgrade install #Use CDROM installation media cdrom #System bootloader configuration bootloader --location=mbr #Clear the Master Boot Record zerombr yes #Partition clearing information clearpart --all --initlabel #Disk partitioning information part /boot --size 128 --fstype=ext3 --asprimary part / --size 512 --fstype=ext3 --asprimary part swap --size 512 part /tmp --size 512 --fstype=ext3 part /var --size 512 --fstype=ext3 part /usr --size 4096 --fstype=ext3 part /home --size 2048 --fstype=ext3 #System authorization infomation auth --useshadow --enablemd5 #Network information network --bootproto=dhcp --device=eth0 #Firewall configuration firewall --disabled --http --ftp --ssh #X Window System configuration information xconfig --depth=32 --resolution=1024x768 --defaultdesktop=GNOME %post apt-get update mkdir /home/user txt.cfg default autoinstall label autoinstall menu label ^Install Custom Ubuntu Server kernel /install/vmlinuz append file=/cdrom/preseed/ubuntu-server.seed initrd=/install/initrd.gz quiet ks=cdrom:/isolinux/ks.cfg -- label install menu label ^Install Ubuntu Server kernel /install/vmlinuz append file=/cdrom/preseed/ubuntu-server.seed vga=788 initrd=/install/initrd.gz quiet -- label cloud menu label ^Multiple server install with MAAS kernel /install/vmlinuz append modules=maas-enlist-udeb vga=788 initrd=/install/initrd.gz quiet -- label check menu label ^Check disc for defects kernel /install/vmlinuz append MENU=/bin/cdrom-checker-menu vga=788 initrd=/install/initrd.gz quiet -- label memtest menu label Test ^memory kernel /install/mt86plus label hd menu label ^Boot from first hard disk localboot 0x80

  Read the article

• vagrant up command very slow on OS X Lion

  - by Andy Hume

  When I run vagrant up to provision a new VM on Lion it takes an extremely long time, during which the entire Mac is very laggy and unresponsive. The output is as follows, the key point being the "notice: Finished catalog run in 754.28 seconds" > vagrant up [default] Importing base box 'lucid64'... [default] The guest additions on this VM do not match the install version of VirtualBox! This may cause things such as forwarded ports, shared folders, and more to not work properly. If any of those things fail on this machine, please update the guest additions and repackage the box. Guest Additions Version: 4.1.0 VirtualBox Version: 4.1.6 [default] Matching MAC address for NAT networking... [default] Clearing any previously set forwarded ports... [default] Forwarding ports... [default] -- ssh: 22 => 2222 (adapter 1) [default] -- web: 80 => 4567 (adapter 1) [default] Creating shared folders metadata... [default] Running any VM customizations... [default] Booting VM... [default] Waiting for VM to boot. This can take a few minutes. [default] VM booted and ready for use! [default] Mounting shared folders... [default] -- v-root: /vagrant [default] -- v-data: /var/www [default] -- manifests: /tmp/vagrant-puppet/manifests [default] Running provisioner: Vagrant::Provisioners::Puppet... [default] Running Puppet with lucid64.pp... [default] stdin: is not a tty [default] notice: /Stage[main]/Lucid64/Exec[apt-update]/returns: executed successfully [default] [default] notice: /Stage[main]/Lucid64/Package[apache2]/ensure: ensure changed 'purged' to 'present' [default] [default] notice: /Stage[main]/Lucid64/File[/etc/motd]/ensure: defined content as '{md5}a25e31ba9b8489da9cd5751c447a1741' [default] [default] notice: Finished catalog run in 754.28 seconds [default] [default] err: /File[/var/lib/puppet/rrd]/ensure: change from absent to directory failed: Could not find group puppet [default] [default] err: Could not send report: Got 1 failure(s) while initializing: change from absent to directory failed: Could not find group puppet [default] [default] Running provisioner: Vagrant::Provisioners::Puppet... [default] Running Puppet with lucid64.pp... [default] stdin: is not a tty [default] notice: /Stage[main]/Lucid64/Exec[apt-update]/returns: executed successfully [default] [default] notice: Finished catalog run in 2.05 seconds [default] [default] err: /File[/var/lib/puppet/rrd]: Could not evaluate: Could not find group puppet [default] [default] err: Could not send report: Got 1 failure(s) while initializing: Could not evaluate: Could not find group puppet [default] [default] Running provisioner: Vagrant::Provisioners::Puppet... [default] Running Puppet with lucid64.pp... [default] stdin: is not a tty [default] notice: /Stage[main]/Lucid64/Exec[apt-update]/returns: executed successfully [default] [default] notice: Finished catalog run in 1.36 seconds [default] [default] err: /File[/var/lib/puppet/rrd]: Could not evaluate: Could not find group puppet [default] [default] err: Could not send report: Got 1 failure(s) while initializing: Could not evaluate: Could not find group puppet [default] >

  Read the article

• VirtualBox guest responds to ping but all ports closed in nmap

  - by jeremyjjbrown

  I want to setup a test database on a vm for development purposes but I cannot connect to the server via the network. I've got Ubuntu 12.04vm installed on 12.04 host in Virtualbox 4.2.4 set to - Bridged network mode - Promiscuous Allow All When I try to ping the virtual guest from any network client I get the expected result. PING 192.168.1.209 (192.168.1.209) 56(84) bytes of data. 64 bytes from 192.168.1.209: icmp_req=1 ttl=64 time=0.427 ms ... Internet access inside the vm is normal But when I nmap it I get nothin! jeremy@bangkok:~$ nmap -sV -p 1-65535 192.168.1.209 Starting Nmap 5.21 ( http://nmap.org ) at 2012-11-15 18:39 CST Nmap scan report for jeremy (192.168.1.209) Host is up (0.0032s latency). All 65535 scanned ports on jeremy (192.168.1.209) are closed Service detection performed. Please report any incorrect results at http://nmap.org/submit/ Nmap done: 1 IP address (1 host up) scanned in 0.88 seconds ufw and iptables on VM... jeremy@jeremy:~$ sudo service ufw stop [sudo] password for jeremy: ufw stop/waiting jeremy@jeremy:~$ sudo iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination I have scanned around and have no reason to believe that my router is blocking internal ports. jeremy@bangkok:~$ nmap -v 192.168.1.2 Starting Nmap 5.21 ( http://nmap.org ) at 2012-11-15 18:44 CST Initiating Ping Scan at 18:44 Scanning 192.168.1.2 [2 ports] Completed Ping Scan at 18:44, 0.00s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 18:44 Completed Parallel DNS resolution of 1 host. at 18:44, 0.03s elapsed Initiating Connect Scan at 18:44 Scanning 192.168.1.2 [1000 ports] Discovered open port 445/tcp on 192.168.1.2 Discovered open port 139/tcp on 192.168.1.2 Discovered open port 3306/tcp on 192.168.1.2 Discovered open port 80/tcp on 192.168.1.2 Discovered open port 111/tcp on 192.168.1.2 Discovered open port 53/tcp on 192.168.1.2 Discovered open port 5902/tcp on 192.168.1.2 Discovered open port 8090/tcp on 192.168.1.2 Discovered open port 6881/tcp on 192.168.1.2 Completed Connect Scan at 18:44, 0.02s elapsed (1000 total ports) Nmap scan report for 192.168.1.2 Host is up (0.0017s latency). Not shown: 991 closed ports PORT STATE SERVICE 53/tcp open domain 80/tcp open http 111/tcp open rpcbind 139/tcp open netbios-ssn 445/tcp open microsoft-ds 3306/tcp open mysql 5902/tcp open vnc-2 6881/tcp open bittorrent-tracker 8090/tcp open unknown Read data files from: /usr/share/nmap Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds Answer... Turns out all of the ports were open to the network. I installed open ssh and confirmed it. Then I edited my db conf to listen to external IP's and all was well.

  Read the article

• GRUB 2 freezing at OS selection screen, what could be the cause?

  - by Michael Kjörling

  Mains power is somewhat unreliable where I live, so every now and then, the computer gets rebooted when the PSU can't maintain proper voltage during a brown-out or momentary black-out. It's happened a few times recently that when power is restored, the BIOS POST completes successfully, GRUB starts to load and then freezes. I've seen this at the Welcome to GRUB! message, but it seems to happen more often just past the switch to the graphical OS list. At this point, the computer will not respond to anything (arrow keys, control commands, Ctrl+Alt+Del, ...) - it simply sits there displaying this image, seemingly doing nothing more. At that point, turning the computer off using the power button and letting it sit for a while (cooling down?) has allowed it to boot successfully. Turning the computer off and immediately back on seems to give the same result (successful POST then freeze in GRUB). This behavior began recently, although does not seem to be directly correlated with my hard disk woes (although it may be relevant that GRUB resides on that physical disk, I don't know). Once the computer has booted, it runs without a hitch. I know that a "proper" solution would be to invest in a UPS, but what might be causing behavior like this? I was thinking in terms of perhaps the CPU shutting down as a thermal control measure, but if that was the cause then wouldn't I see similar freezes during use (which I do not)? What else could cause freezes apparently closely but not perfectly related to the BIOS handover from POST to OS bootloader? The BIOS settings are to reset to previous power status after a power loss. Since the PC in question is almost always turned on, this means restore to full power status. I have no expansion cards installed that make any BIOS extensions known by screen output during the boot process, at least, but I do have a few expansion cards installed. Haven't made any changes in that regard in a long time, now. I haven't touched GRUB itself for a long time, whether configuration or binaries, so I don't think that's the problem. Also, it doesn't really make sense that a bug in GRUB would manifest itself only once in a blue moon but significantly more often after a power failure.

  Read the article

• LaunchDaemon causing Lion to hang on boot

  - by Brett

  I've got a Mac Mini 2011, which I intend to use for a few tasks such as Plex and running a few VM's. I've installed virtualbox, along with XAMPP and phpvirtualbox, which all worked fine. However, getting this to run on startup is proving a real PITA! I'm at the moment trying to get vboxwebsrv running on boot. I've created a launchd plist within /Library/LaunchDaemons to run it and it works fine... well sort of. Lion when booting will show the spinning wheel and stop, never showing a GUI - however if I remote in via screen sharing or SSH, I can login fine and see that vboxwebsrv has launched successfully. Setting this plist to disabled makes lion boot up fine again. Initially I thought it was due to it staying open, so tried to add -b which causes it to run in the background, this just caused launchd to constantly spawn new processes and didn't even fix my problem of Lion being stuck at the spinning wheel. Does anyone have any ideas? I'm losing my mind here! PLIST: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Disabled</key> <false/> <key>KeepAlive</key> <false/> <key>UserName</key> <string>vbox</string> <key>RunAtLoad</key> <true/> <key>OnDemand</key> <false/> <key>Label</key> <string>org.virtualbox.vboxwebsvc</string> <key>ProgramArguments</key> <array> <string>/Applications/VirtualBox.app/Contents/MacOS/vboxwebsrv</string> </array> </dict> </plist>

  Read the article

• The Cindy Shearin Group: New Scam Targets Renters in the Area

  - by user226089

  MONROE - Craigslist is a popular site when trying to find that perfect deal on a rental home or apartment. Experts warn some of these rental ads aren't what they seem. We decided to take a look. On our Craigslist search we found this house for rent. The problem is this home’s not for rent - it's for sale. “I think it’s a huge deal,” said Shane Wooten, the realtor for this home in Monroe. His properties have become the target of a common scam, aimed at taking your money. "It looks like they're trying to scam them out of their deposit and first months rent," adds Wooten. He says scammers copy and paste the sale ad's from legitimate realtor sites to Craigslist as rental ads. "I can usually tell when one hits craigslist because I’ll usually get 20 to 30 phone calls that day." They then pretend to be out of town on business or personal matters, and give only an email address as a point of contact. Usually they'll ask for money up front on a deal too good to miss. "You'll have a house that's supposed to rent for $950-1000 a month, and they'll have it renting for $600 a month,” says Wooten During our conversation, he shows us text messages from one scammer who says he'll mail the keys to this house if Wooten wires money for a deposit and first months rent. Jo Ann Deal of the Better Business Bureau says scammers are getting better at making themselves out to be realtors. "We’re really concerned for our real estate agents with this scam," says Deal. She says that realtors have to be more on top of their vacant homes in order to protect their businesses. So how can you tell if the house you want is really for rent? She says if the home owner lives out of the country, can't meet face to face or asks for a payment through a money wire it's probably a scam. “There are some catch-lines you watch for,” says Deal. “If the marketing is really good but there's no phone number, no physical address and they will communicate with you only by email and you can do it today, then it's probably a scam." You should always report fishy ad's to Craigslist or the BBB and never send money through a wire transfer.

  Read the article

• Linux Debian Security Breach - what now? [closed]

  - by user897075

  Possible Duplicate: My server's been hacked EMERGENCY I installed Debian (Squeeze) a while back in my home network to host some personal sites (thank god). During the installation it prompted me to enter a user other than root - so in a rush I used my name as user and pass (alex/alex for what its worth). I know it's horrible practice but during the setup of this server I'm always logged in as root to perform configurations, etc. Few days or a week passes and I forget to change the password. Then I finally get my web site finished and I open the port forwarding on my router and DynDNS to point to my server in my home. I've done this many times in the past never had issues but I use a cryptic root password and I guess disabled regular accounts. Today I reformat my Windows 7 and after spending all day tweaking and updating SP1 I look for cloning apps and find clonezilla and see it supports SSH cloning, so I go through the process only to discover I need a user, so I log into my web-server and see I have the user 'alex' already in and realize I don't know the password. So I change the password to something cryptic and visit the directory 'home' only to realize their are contents such as passfile, bengos, etc. My heart sinks, I've been hacked!!! Sure as hell there are all sort of scripts and password files. I run a 'last' command and it seems they last logged in april 3rd. Question: What can I do to see if they did anything destructive? Should I reformat and reinstall? How restrictive is Debian/Squeeze in terms of user permissions out of the box - all my personal website stuff was created using 'root' so changing files does not seem to have occured. How did they determine there was a user 'alex' on the machine? Can you query any machine and figure this out? What the users are? Looks like they tried to run a IP scan...other nodes on the network are running Windows 7. One of which seems a little wonky as of late - is it possible they buggered up that system? What corrective action can I take to avoid this from happening again? And figure out what might have changed or been hacked? I'm hoping debian out of box is fairly secure and at best he managed to read some of my source code. :p Regards, Alex

  Read the article

• How to block subreddits with BIND9?

  - by user1391189

  Please help me block NSFW subreddits like this one (http://www.reddit.com/r/NSFW/) I would like to keep access to SFW subreddits, but block certain subreddits that are distracting or NSFW. I know how to filter domains. (see files below) But how do I apply the filter only to certain subreddits? So far I have set up the following files: blocklist.conf zone "adimages.go.com" { type master; file "dummy-block"; }; zone "admonitor.net" { type master; file "dummy-block"; }; zone "ads.specificpop.com" { type master; file "dummy-block"; }; ... named.conf options { allow-query { 127.0.0.1; }; allow-recursion { 127.0.0.1; }; directory "c:\bind\etc"; notify no; }; zone "." IN { type hint; file "c:\bind\etc\named.root"; }; zone "localhost" IN { allow-update { none; }; file "c:\bind\etc\localhost.zone"; type master; }; zone "0.0.127.in-addr.arpa" IN { allow-update { none; }; file "c:\bind\etc\named.local"; type master; }; key "rndc-key" { algorithm hmac-md5; secret "O5VdbBKKEMzuLYjM60CxwuLLURFA6peDYHCBvZCqjoa6KtL1ggD7OTLeLtnu2jR5I5cwA/MQ8UdHc+9tMJRSiw=="; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; }; //Blocklist include "c:\bind\etc\blocklist.conf"; dummy-block $TTL 604800 @ IN SOA localhost. root.localhost. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS localhost. @ IN A 127.0.0.1 * IN A 127.0.0.1

  Read the article

• What do you use to store all of your personal data?

  - by codeflunky

  I have been on a quest for years to find the perfect tool to store all "my stuff". You know... personal information, code snippets, software keys, people's birthdays, whatever. There are lots of tools out there for this sort of thing, but I've never found any of them quite what I need. Ideally, I would just be able to type some notes, tag them (I don't like the idea of folder organization... too cumbersome) and then easily search and retrieve what I need later. It seems so simple, but for some reason I just can't find it. I currently use Backpack (sometimes), which is OK, but I hate the fact that you always have to create "pages" to store things. I don't want to have to do that. I want to just type some notes, tag it and save. That's it. And Backpack didn't even have search for a long time. What I do like about Backpack is that it's fast and it's web based. I've tried some desktop apps, which probably came closer to the functionality I want, but I just hate being tied to a single machine. I want to be able to get to my stuff anywhere, so the web based thing is a definite requirement. Anyway, I'm thinking about writing my own thing for this if I can't find anything, but before I make the attempt, I was wondering if anyone has any suggestions? I've used Backpack, Zoho Planner, Stikkit and Google Notes so far, and they are not quite to my liking. Anyone? (Sorry if this is off-topic, but I figured you guys might be legitimately into this kind of thing... you know, storing code snippets and such.) UPDATE: I've been using Evernote for a few days, and it is exactly what I've been looking for. It is totally tag based and allows both online and offline usage. The desktop app sits in your system tray and allows you to add whatever you want on the fly either as text notes or clippings from the browser. It also syncs it to the web (if you want) where you can get to it from anywhere using their web client. They even have a mobile client which I haven't used, but I will try it soon. Thanks again 18hrs. I wish I could give you 10 upvotes.

  Read the article

• Using Amazon S3 for multiple remote data site uploads, securely

  - by Aitch

  I've been playing about with Amazon S3 a little for the first time and like what I see for various reasons relating to my potential use case. We have multiple (online) remote server boxes harvesting sensor data that is regularly uploaded every hour or so (rsync'ed) to a VPS server. The number of remote server boxes is growing regularly and forecast to keep growing (hundreds). The servers are geographically dispersed. The servers are also automatically built, therefore generic with standard tools and not bespoke per location. The data is many hundreds of files per day. I want to avoid a situation where I need to provision more VPS storage, or additional servers every time we hit the VPS capacity limit, after every N server deployments, whatever N might be. The remote servers can never be considered fully secure due to us not knowing what might happen to them when we are not looking. Our current solution is a bit naive and simply restricts inbound rsync only over ssh to known mac address directories and a known public key. There are plenty of holes to pick in this, I know. Let's say I write or use a script like s3cmd/s3sync to potentially push up the files. Would I need to manage hundreds of access keys and have each server customized to include this (do-able, but key management becomes nightmarish?) Could I restrict inbound connections somehow (eg by mac address), or just allow write-only to any client that was running the script? ( i could deal with a flood of data if someone got into a system? ) having a bucket per remote machine does not seem feasible due to bucket limits? I don't think I want to use a single common key as if one machine is breached then potentially, a malicious hack could get access to the filestore key and start deleting for ll clients, correct? I hope my inexperience has not blinded me to some other solution that might be suggested! I've read lots of examples of people using S3 for backup, but can't really find anything about this sort of data collection, unless my google terminology is wrong... I've written more than I should here, perhaps it can be summarised thus: In a perfect world I just want to have one of our techs install a new remote server into a location and it automagically starts sending files home with little or no intervention, and minimises risk? Pipedream or feasible? TIA, Aitch

  Read the article

• Assign fixed IP address via DHCP by DNS lookup

  - by Janoszen

  Preface I'm building a virtualization environment with Ubuntu 14.04 and LXC. I don't want to write my own template since the upgrade from 12.04 to 14.04 has shown that backwards compatibility is not guaranteed. Therefore I'm deploying my virtual machines via lxc-create, using the default Ubuntu template. The DNS for the servers is provided by Amazon Route 53, so no local DNS server is needed. I also use Puppet to configure my servers, so I want to keep the manual effort on the deployment minimal. Now, the default Ubuntu template assigns IP addresses via DHCP. Therefore, I need a local DHCP server to assign IP addresses to the nodes, so I can SSH into them and get Puppet running. Since Puppet requires a proper DNS setup, assigning temporary IP addresses is not an option, the client needs to get the right hostname and IP address from the start. Question What DHCP server do I use and how do I get it to assign the IP address based only on the host-name DHCP option by performing a DNS lookup on that very host name? What I've tried I tried to make it work using the ISC DHCP server, however, the manual clearly states: Please be aware that only the dhcp-client-identifier option and the hardware address can be used to match a host declaration, or the host-identifier option parameter for DHCPv6 servers. For example, it is not possible to match a host declaration to a host-name option. This is because the host-name option cannot be guaranteed to be unique for any given client, whereas both the hardware address and dhcp-client-identifier option are at least theoretically guaranteed to be unique to a given client. I also tried to create a class that matches the hostname like this: class "my-client-name" { match if option host-name = "my-client-name"; fixed-address my-client-name.my-domain.com; } Unfortunately the fixed-address option is not allowed in class statements. I can replace it with a 1-size pool, which works as expected: subnet 10.103.0.0 netmask 255.255.0.0 { option routers 10.103.1.1; class "my-client-name" { match if option host-name = "my-client-name"; } pool { allow members of "my-client-name"; range 10.103.1.2 10.103.1.2; } } However, this would require me to administer the IP addresses in two places (Amazon Route53 and the DHCP server), which I would prefer not to do. About security Since this is only used in the bootstrapping phase on an internal network and is then replaced by a static network configuration by Puppet, this shouldn't be an issue from a security standpoint. I am, however, aware that the virtual machine bootstraps with "ubuntu:ubuntu" credentials, which I intend to fix once this is running.

  Read the article

• Issue with Netgear GS108T Managed Switch and Jumbo Frames

  - by Richie086

  I recently purchased a Netgear GS108T managed switch and I am trying to configure jumbo packets between my NAS (Thecus N4100Pro), PC and managed switch. I should mention the fact that I was able to use jumbo frames between my PC and NAS before I purchased the switch without issue. My Desktop has a wired gigabit NIC (Intel 82579V Gigabit) and has the ability to configure jumbo frames (see pic) that are either 9014 bytes or 4088 bytes. I choose 9014 bytes for the jumbo frame size My NAS supports jumbo frames as well, and is configured to use 9014 as the frame size. When I go into my Netgear managed switch and set the frame size to 9014 on the ports I am using for my PC and NAS. See image As soon as I hit apply in the web interface, I loose my connection to the SMB shares on my NAS and I can no longer connect to the web admin interface for my NAS. The really strange thing is I can ping my NAS via the ping command, but when I try to connect to the web interface on port 80 or port 443 the page never loads. I did a scan from my PC to my NAS using nmap and I can see the following ports open PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 139/tcp open netbios-ssn 443/tcp open https 445/tcp open microsoft-ds 631/tcp open ipp 2000/tcp open cisco-sccp 2049/tcp open nfs 3260/tcp open iscsi 49152/tcp open unknown MAC Address: 00:14:FD:15:00:44 (Thecus Technology) Read data files from: C:\Program Files (x86)\Nmap Nmap done: 1 IP address (1 host up) scanned in 211.97 seconds Raw packets sent: 1 (28B) | Rcvd: 1 (28B) Anyone have any idea what is going on here? Why is nmap able to detect the ports are open and listening for http, https and file sharing but I cant connect when all devices have jumbo packets enabled? Stranger still - I did a packet capture using wireshark while the nmap scan was running and filtered so I only saw converstations between my PC and my NAS. Here are the packet details from my scan Only 4 packets over 5k bytes? What is going on here? Do I not need to configure jumbo frame sizes on the switch? I have an internet connection from my pc to the switch to my router - I just cannot connect to my NAS. I just checked on my iPhone and I am able to open my NAS web admin interface without issue on my iPhone! WTF!!!!!! Let me know if you need more details..

  Read the article

• Detecting upload success/failure in a scripted command-line SFTP session?

  - by Will Martin

  I am writing a BASH shell script to upload all the files in a directory to a remote server and then delete them. It'll run every few hours via a CRON job. My complete script is below. The basic problem is that the part that's supposed to figure out whether the file uploaded successfully or not doesn't work. The SFTP command's exit status is always "0" regardless of whether the upload actually succeeded or not. How can I figure out whether a file uploaded correctly or not so that I can know whether to delete it or let it be? #!/bin/bash # First, save the folder path containing the files. FILES=/home/bob/theses/* # Initialize a blank variable to hold messages. MESSAGES="" ERRORS="" # These are for notifications of file totals. COUNT=0 ERRORCOUNT=0 # Loop through the files. for f in $FILES do # Get the base filename BASE=`basename $f` # Build the SFTP command. Note space in folder name. CMD='cd "Destination Folder"\n' CMD="${CMD}put ${f}\nquit\n" # Execute it. echo -e $CMD | sftp -oIdentityFile /home/bob/.ssh/id_rsa [email protected] # On success, make a note, then delete the local copy of the file. if [ $? == "0" ]; then MESSAGES="${MESSAGES}\tNew file: ${BASE}\n" (( COUNT=$COUNT+1 )) # Next line commented out for ease of testing #rm $f fi # On failure, add an error message. if [ $? != "0" ]; then ERRORS="${ERRORS}\tFailed to upload file ${BASE}\n" (( ERRORCOUNT=$ERRORCOUNT+1 )) fi done SUBJECT="New Theses" BODY="There were ${COUNT} files and ${ERRORCOUNT} errors in the latest batch.\n\n" if [ "$MESSAGES" != "" ]; then BODY="${BODY}New files:\n\n${MESSAGES}\n\n" fi if [ "$ERRORS" != "" ]; then BODY="${BODY}Problem files:\n\n${ERRORS}" fi # Send a notification. echo -e $BODY | mail -s $SUBJECT [email protected] Due to some operational considerations that make my head hurt, I cannot use SCP. The remote server is using WinSSHD on windows, and does not have EXEC privileges, so any SCP commands fail with the message "Exec request failed on channel 0". The uploading therefore has to be done via the interactive SFTP command.

  Read the article

• Installing Glassfish 3.1 on Ubuntu 10.10 Server

  - by andand

  I've used the directions here to successfully install Glassfish 3.0.1 on an virtualized (VirtualBox and VMWare) Ubuntu 10.10 Server instance without any real difficulty not resolved by more closely following the directions. However when I try applying them to Glassfish 3.1, I seem to keep getting stuck at section 6. "Security configuration before first startup". In particular, there are some differences I noted: 1) There are two keys in the default keystore. The 's1as' key is still there, but another named 'glassfish-instance' is also there. When I saw this, I deleted and recreated them both along with a 'myAlias' key which I was going to use where needed. 2) When turning the security on it seems like part of the server thinks it's on, but others don't. For instances: $ /home/glassfish/bin/asadmin set server-config.network-config.protocols.protocol.admin-listener.security-enabled=true server-config.network-config.protocols.protocol.admin-listener.security-enabled=true Command set executed successfully. $ /home/glassfish/bin/asadmin get server-config.network-config.protocols.protocol.admin-listener.security-enabled server-config.network-config.protocols.protocol.admin-listener.security-enabled=true Command get executed successfully. $ /home/glassfish/bin/asadmin --secure list-jvm-options It appears that server [localhost:4848] does not accept secure connections. Retry with --secure=false. javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake Command list-jvm-options failed. $ /home/glassfish/bin/asadmin --secure=false list-jvm-options -XX:MaxPermSize=192m -client -Djavax.management.builder.initial=com.sun.enterprise.v3.admin.AppServerMBeanServerBuilder -XX: UnlockDiagnosticVMOptions -Djava.endorsed.dirs=${com.sun.aas.installRoot}/modules/endorsed${path.separator}${com.sun.aas.installRoot}/lib/endorsed -Djava.security.policy=${com.sun.aas.instanceRoot}/config/server.policy -Djava.security.auth.login.config=${com.sun.aas.instanceRoot}/config/login.conf -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Xmx512m -Djavax.net.ssl.keyStore=${com.sun.aas.instanceRoot}/config/keystore.jks -Djavax.net.ssl.trustStore=${com.sun.aas.instanceRoot}/config/cacerts.jks -Djava.ext.dirs=${com.sun.aas.javaRoot}/lib/ext${path.separator}${com.sun.aas.javaRoot}/jre/lib/ext${path.separator}${com.sun.aas.in stanceRoot}/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -DANTLR_USE_DIRECT_CLASS_LOADING=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command -Dosgi.shell.telnet.port=6666 -Dosgi.shell.telnet.maxconn=1 -Dosgi.shell.telnet.ip=127.0.0.1 -Dgosh.args=--nointeractive -Dfelix.fileinstall.dir=${com.sun.aas.installRoot}/modules/autostart/ -Dfelix.fileinstall.poll=5000 -Dfelix.fileinstall.log.level=2 -Dfelix.fileinstall.bundles.new.start=true -Dfelix.fileinstall.bundles.startTransient=true -Dfelix.fileinstall.disableConfigSave=false -XX:NewRatio=2 Command list-jvm-options executed successfully. Also the admin console responds only to http (not https) requests. Thoughts?

  Read the article

• DB2 Integrity Checks and Exception Tables

  - by imthefirestartr

  I am working on planning a migration of a DB2 8.1 database from a horrible IBM encoding to UTF-8 to support further languages etc. I am encountering an issue that I am stuck on. A few notes on this migration: We are using db2move to export and load the data and db2look to get the details fo the database (tablespaces, tables, keys etc). We found the loading process worked nicely with db2move import, however, the data takes 7 hours to load and this was unacceptable downtime when we actually complete the conversion on the main database. We are now using db2move load, which is much faster as it seems to simply throw the data in without integrity checks. Which leads to my current issue. After completing the db2move load process, several tables are in a check pending state and require integrity checks. Integrity checks are done via the following: set integrity for . immediate checked This works for most tables, however, some tables give an error: DB21034E The command was processed as an SQL statement because it was not a valid Command Line Processor command. During SQL processing it returned: SQL3603N Check data processing through the SET INTEGRITY statement has found integrity violation involving a constraint with name "blah.SQL120124110232400". SQLSTATE=23514 The internets tell me that the solution to this issue is to create an exception table based on the actual table and tell the SET INTEGRITY command to send any exceptions to that table (as below): db2 create table blah_EXCEPTION like blah db2 SET INTEGRITY FOR blah IMMEDIATE CHECKED FOR EXCEPTION IN blah USE blah_EXCEPTION NOW, here is the specific issue I am having! The above forces all the rows with issues to the specified exception table. Well that's just super, buuuuuut I can not lose data in this conversion, its simply unacceptable. The internets and IBM has a vague description of sending the violations to the exception tables and then "dealing with the data" that is in the exception table. Unfortunately, I am not clear what this means and I was hoping that some wise individual knows and could help me out and let me know how I can retrieve this data from these tables and place the data in the original/proper table rather than these exception tables. Let me know if you have any questions. Thanks!

  Read the article

• How to iptables forward ppp0 to eth0

  - by HPHPHP2012

  need your help with get it routing properly. I've server with eth0 (external interface) and eth1(internal interface). eth1 is merged into the bridge br0 (172.16.1.1) I've installed the pptp and successfully configured it, so I got ppp0 interface (192.168.91.1) and got my VPN clients successfully connected. So I need your help to manage how to allow my VPN clients use internet connection (eth0). Below my configuration files, any help is much appreciated! Thank you! P.S. VPN clients are Windows Xp, Windows 7, Mac OS X Lion, Ubuntu 12.04, iOS 5.x cat /etc/pptpd.conf #local server ip address localip 192.168.91.1 #remote addresses remoteip 192.168.91.11-254,192.168.91.10 #translating ip addresses on this interface bcrelay br0 cat /etc/ppp/pptpd-options name pptpd refuse-pap refuse-chap refuse-mschap require-mschap-v2 require-mppe-128 ms-dns 8.8.8.8 ms-dns 8.8.4.4 nodefaultroute lock nobsdcomp auth logfile /var/log/pptpd.log cat /etc/nat-up #!/bin/sh SERVER_IP="aaa.aaa.aaa.aaa" LOCAL_IP="172.16.1.1" #eth0 with public ip PUBLIC="eth0" #br0 is internal bridge on eth1 interface INTERNAL="br0" #vpn VPN="ppp0" #local LOCAL="lo" iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT echo 1 > /proc/sys/net/ipv4/ip_forward iptables -A INPUT -i $LOCAL -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -m state --state NEW ! -i $PUBLIC -j ACCEPT ####CLEAR CONFIG#### #iptables -A FORWARD -i $PUBLIC -o $INTERNAL -m state --state ESTABLISHED,RELATED -j ACCEPT #iptables -A FORWARD -i $PUBLIC -o $INTERNAL -j ACCEPT #iptables -A FORWARD -i $INTERNAL -o $PUBLIC -j ACCEPT #iptables -t nat -A POSTROUTING -j MASQUERADE ####THIS PART IS NOT HANDLING IT#### iptables -A FORWARD -i $PUBLIC -o $VPN -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i $PUBLIC -o $VPN -j ACCEPT iptables -A FORWARD -s 192.168.91.0/24 -o $PUBLIC -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.91.0/24 -o $PUBLIC -j MASQUERADE # VPN - PPTPD iptables -A INPUT -p gre -s 0/0 -j ACCEPT iptables -A OUTPUT -p gre -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp -s 0/0 --dport 1723 -j ACCEPT #SSH iptables -A INPUT -p tcp --dport 2222 -j ACCEPT iptables -A OUTPUT -p tcp --sport 2222 -j ACCEPT #BLACKLIST BLOCKDB="/etc/ip.blocked" IPS=$(grep -Ev "^#" $BLOCKDB) for i in $IPS do iptables -A INPUT -s $i -j DROP iptables -A OUTPUT -d $i -j DROP done

  Read the article

• Persuading openldap to work with SSL on Ubuntu with cn=config

  - by Roger

  I simply cannot get this (TLS connection to openldap) to work and would appreciate some assistance. I have a working openldap server on ubuntu 10.04 LTS, it is configured to use cn=config and most of the info I can find for TLS seems to use the older slapd.conf file :-( I've been largely following the instructions here https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html plus stuff I've read here and elsewhere - which of course could be part of the problem as I don't totally understand all of this yet! I have created an ssl.ldif file as follows; dn:cn=config add: olcTLSCipherSuite olcTLSCipherSuite: TLSV1+RSA:!NULL add: olcTLSCRLCheck olcTLSCRLCheck: none add: olcTLSVerifyClient olcTLSVerifyClient: never add: olcTLSCACertificateFile olcTLSCACertificateFile: /etc/ssl/certs/ldap_cacert.pem add: olcTLSCertificateFile olcTLSCertificateFile: /etc/ssl/certs/my.domain.com_slapd_cert.pem add: olcTLSCertificateKeyFile olcTLSCertificateKeyFile: /etc/ssl/private/my.domain.com_slapd_key.pem and I import it using the following command line ldapmodify -x -D cn=admin,dc=mydomain,dc=com -W -f ssl.ldif I have edited /etc/default/slapd so that it has the following services line; SLAPD_SERVICES="ldap:/// ldapi:/// ldaps:///" And everytime I'm making a change, I'm restarting slapd with /etc/init.d/slapd restart The following command line to test out the non TLS connection works fine; ldapsearch -d 9 -D cn=admin,dc=mydomain,dc=com -w mypassword \ -b dc=mydomain,dc=com -H "ldap://mydomain.com" "cn=roger*" But when I switch to ldaps using this command line; ldapsearch -d 9 -D cn=admin,dc=mydomain,dc=com -w mypassword \ -b dc=mydomain,dc=com -H "ldaps://mydomain.com" "cn=roger*" This is what I get; ldap_url_parse_ext(ldaps://mydomain.com) ldap_create ldap_url_parse_ext(ldaps://mydomain.com:636/??base) ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP mydomain.com:636 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 127.0.0.1:636 ldap_pvt_connect: fd: 3 tm: -1 async: 0 TLS: can't connect: A TLS packet with unexpected length was received.. ldap_err2string ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) Now if I check netstat -al I can see; tcp 0 0 *:www *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 *:https *:* LISTEN tcp 0 0 *:ldaps *:* LISTEN tcp 0 0 *:ldap *:* LISTEN I'm not sure if this is significant as well ... I suspect it is; openssl s_client -connect mydomain.com:636 -showcerts CONNECTED(00000003) 916:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188: I think I've made all my certificates etc OK and here are the results of some checks; If I do this; certtool -e --infile /etc/ssl/certs/ldap_cacert.pem I get Chain verification output: Verified. certtool -e --infile /etc/ssl/certs/mydomain.com_slapd_cert.pem Gives "certtool: the last certificate is not self signed" but it otherwise seems OK? Where have I gone wrong? Surely getting openldap to run securely on ubuntu should be easy and not require a degree in rocket science! Any ideas?

  Read the article

• How to configure nginx so it works with Express?

  - by Michal Stefanow

  I'm trying to configure nginx so it proxy_pass requests to my node apps. Question on StackOverflow got many upvotes: http://stackoverflow.com/questions/5009324/node-js-nginx-and-now and I'm using config from there. (but since question is about server configuration it is supposed to be on ServerFault) Here is the nginx configuration: server { listen 80; listen [::]:80; root /var/www/services.stefanow.net/public_html; index index.html index.htm; server_name services.stefanow.net; location / { try_files $uri $uri/ =404; } location /test-express { proxy_pass http://127.0.0.1:3002; } location /test-http { proxy_pass http://127.0.0.1:3003; } } Using plain node: var http = require('http'); http.createServer(function (req, res) { res.writeHead(200, {'Content-Type': 'text/plain'}); res.end('Hello World\n'); }).listen(3003, '127.0.0.1'); console.log('Server running at http://127.0.0.1:3003/'); It works! Check: http://services.stefanow.net/test-http Using express: var express = require('express'); var app = express(); // app.get('/', function(req, res) { res.redirect('/index.html'); }); app.get('/index.html', function(req, res) { res.send("blah blah index.html"); }); app.listen(3002, "127.0.0.1"); console.log('Server running at http://127.0.0.1:3002/'); It doesn't work :( See: http://services.stefanow.net/test-express I know that something is going on. a) test-express is NOT running b) text-express is running (and I can confirm it is running via command line while ssh on the server) root@stefanow:~# service nginx restart * Restarting nginx nginx [ OK ] root@stefanow:~# curl localhost:3002 Moved Temporarily. Redirecting to /index.html root@stefanow:~# curl localhost:3002/index.html blah blah index.html I tried setting headers as described here: http://www.nginxtips.com/how-to-setup-nginx-as-proxy-for-nodejs/ (still doesn't work) proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; I also tried replacing '127.0.0.1' with 'localhost' and vice versa Please advise. I'm pretty sure I miss some obvious detail and I would like to learn more. Thank you.

  Read the article

• Stack-based keyboard delay using Logitech MX3100 keyboard

  - by Mark S. Rasmussen

  I've been using a Logitech Cordless Desktop MX3100 keyboard for quite a while. I've never really had any problems, except for the occasional typo. I noticed however that I tended make the typo "Laod" instead of "Load", quite a bit more often than any other typos. As it started to get on my nerves, I decided to do some testing. What I found out was than when I write lowercase "load", I'd never make the typo. All uppercase, or just uppercase L, I'd make the typo quite often. My actual (very scientific) testing is probably best described by showing the output: moatmoatmoat MoatMoatMoat loatloatloat LaotLaotLaot loafloafloaf LaofLaofLaof hoathoathoat HoatHoatHoat hoadhoadhoad HoadHoadHoad lortlortlort LrotLrotLrot What i found out was that whenever shift was depressed, typing an uppercase "L" would induce a significant lag if the next character was an "o", compared to the lag of the any other key: High "o" lag: LoLoLoLoLoLo No "a" lag: LaLaLaLaLaLa No lag for neither "o" nor "a": lolololololo lalalalalala By realizing this I regained a slight bit of sanity as I knew I wasn't coming down with a case of Parkinsons. I was actually typing correctly, the lag just interpreted it wrongly. Now, what really bugs me is that I can't fathom how this is occurring. What I'm actually typing, in physical order, is this: L - o - a - d, and yet, the "a" is output before the "o", even though "o" was pressed before "a". So while the keyboard is processing the "Lo" combo, the "a" gets prioritized and is inserted before the "o" is done processing, resulting in Laod instead of Load. And this only happens when typing "Lo", not when typing lowercase "lo". This problem could stem from the keyboard hardware, the receiver hardware or the keyboard software driver. No matter the fault location however, I can't imagine how this could be implemented as anything but a FIFO queue. A general delay, sure, I could live with that, albeit I'd be irritated. But a lag affecting different keys differently, and even resulting in unpredictable outcome - that just doesn't make any sense. I've solved the problem by just switching to a wired keyboard. I just can't shake it off me though; what kind of bug/error/scenario would result in a case like this? Edit: It's been suggested that I stop drinking Red Bull and stick to water instead. While that may actually help solve the issue, I'm really not looking for a solution as such. I'm more interested in an explanation of how this could happen, as I can't imagine any viable technical solution that could result in this behavior.

  Read the article

< Previous Page | 345 346 347 348 349 350 351 352 353 354 355 356  | Next Page >