Search Results

Search found 20426 results on 818 pages for 'service packs'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 394/818 | < Previous Page | 390 391 392 393 394 395 396 397 398 399 400 401  | Next Page >

  • Git apache : unable to push via http

    - by GlinesMome
    I have to setup a server which can allow http vcs management (such as git and svn). svn support works well, but I have some trouble with git. Actual configuration: CentOS 5 Apache 2.2.8 Git 1.7.4.1 The /etc/httpd/conf/httpd.conf content: ServerTokens OS ServerRoot "/etc/httpd" PidFile run/httpd.pid Timeout 120 KeepAlive On MaxKeepAliveRequests 100 KeepAliveTimeout 10 <IfModule prefork.c> StartServers 8 MinSpareServers 5 MaxSpareServers 20 ServerLimit 256 MaxClients 256 MaxRequestsPerChild 4000 </IfModule> <IfModule worker.c> StartServers 2 MaxClients 150 MinSpareThreads 25 MaxSpareThreads 75 ThreadsPerChild 25 MaxRequestsPerChild 0 </IfModule> Listen 80 LoadModule auth_basic_module modules/mod_auth_basic.so LoadModule auth_digest_module modules/mod_auth_digest.so LoadModule authn_file_module modules/mod_authn_file.so LoadModule authn_alias_module modules/mod_authn_alias.so LoadModule authn_anon_module modules/mod_authn_anon.so LoadModule authn_dbm_module modules/mod_authn_dbm.so LoadModule authn_default_module modules/mod_authn_default.so LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_user_module modules/mod_authz_user.so LoadModule authz_owner_module modules/mod_authz_owner.so LoadModule authz_groupfile_module modules/mod_authz_groupfile.so LoadModule authz_dbm_module modules/mod_authz_dbm.so LoadModule authz_default_module modules/mod_authz_default.so LoadModule ldap_module modules/mod_ldap.so LoadModule authnz_ldap_module modules/mod_authnz_ldap.so LoadModule include_module modules/mod_include.so LoadModule log_config_module modules/mod_log_config.so LoadModule logio_module modules/mod_logio.so LoadModule env_module modules/mod_env.so LoadModule ext_filter_module modules/mod_ext_filter.so LoadModule mime_magic_module modules/mod_mime_magic.so LoadModule expires_module modules/mod_expires.so LoadModule deflate_module modules/mod_deflate.so LoadModule headers_module modules/mod_headers.so LoadModule usertrack_module modules/mod_usertrack.so LoadModule setenvif_module modules/mod_setenvif.so LoadModule mime_module modules/mod_mime.so LoadModule dav_module modules/mod_dav.so LoadModule status_module modules/mod_status.so LoadModule autoindex_module modules/mod_autoindex.so LoadModule info_module modules/mod_info.so LoadModule dav_fs_module modules/mod_dav_fs.so LoadModule vhost_alias_module modules/mod_vhost_alias.so LoadModule negotiation_module modules/mod_negotiation.so LoadModule dir_module modules/mod_dir.so LoadModule actions_module modules/mod_actions.so LoadModule speling_module modules/mod_speling.so LoadModule userdir_module modules/mod_userdir.so LoadModule alias_module modules/mod_alias.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_balancer_module modules/mod_proxy_balancer.so LoadModule proxy_ftp_module modules/mod_proxy_ftp.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule proxy_connect_module modules/mod_proxy_connect.so LoadModule cache_module modules/mod_cache.so LoadModule suexec_module modules/mod_suexec.so LoadModule disk_cache_module modules/mod_disk_cache.so LoadModule file_cache_module modules/mod_file_cache.so LoadModule mem_cache_module modules/mod_mem_cache.so LoadModule cgi_module modules/mod_cgi.so LoadModule mysql_auth_module modules/mod_auth_mysql.so LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-3.0.2/ext/apache2/mod_passenger.so PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-3.0.2 PassengerRuby /usr/bin/ruby Include conf.d/*.conf User apache Group apache ServerAdmin aedi.admin@domain ServerName s1.domain UseCanonicalName Off DocumentRoot "/data/www/" <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory "/data/www/"> Options -Indexes FollowSymLinks AllowOverride All Order allow,deny Allow from all </Directory> <IfModule mod_userdir.c> UserDir disable </IfModule> DirectoryIndex index.html index.html.var AccessFileName .htaccess <Files ~ "^\.ht"> Order allow,deny Deny from all </Files> TypesConfig /etc/mime.types DefaultType text/plain <IfModule mod_mime_magic.c> MIMEMagicFile conf/magic </IfModule> HostnameLookups Off ErrorLog logs/error_log LogLevel warn LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent CustomLog logs/access_log combined ServerSignature On Alias /icons/ "/var/www/icons/" <Directory "/var/www/icons"> Options Indexes MultiViews AllowOverride None Order allow,deny Allow from all </IfModule> </Directory> <IfModule mod_dav_fs.c> DAVLockDB /var/lib/dav/lockdb ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" <Directory "/var/www/cgi-bin"> AllowOverride None Options None Order allow,deny Allow from all </Directory> IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip AddIconByType (TXT,/icons/text.gif) text/* AddIconByType (IMG,/icons/image2.gif) image/* AddIconByType (SND,/icons/sound2.gif) audio/* AddIconByType (VID,/icons/movie.gif) video/* AddIcon /icons/binary.gif .bin .exe AddIcon /icons/binhex.gif .hqx AddIcon /icons/tar.gif .tar AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip AddIcon /icons/a.gif .ps .ai .eps AddIcon /icons/layout.gif .html .shtml .htm .pdf AddIcon /icons/text.gif .txt AddIcon /icons/c.gif .c AddIcon /icons/p.gif .pl .py AddIcon /icons/f.gif .for AddIcon /icons/dvi.gif .dvi AddIcon /icons/uuencoded.gif .uu AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl AddIcon /icons/tex.gif .tex AddIcon /icons/bomb.gif core AddIcon /icons/back.gif .. AddIcon /icons/hand.right.gif README AddIcon /icons/folder.gif ^^DIRECTORY^^ AddIcon /icons/blank.gif ^^BLANKICON^^ DefaultIcon /icons/unknown.gif ReadmeName README.html HeaderName HEADER.html AddLanguage ca .ca AddLanguage cs .cz .cs AddLanguage da .dk AddLanguage de .de AddLanguage el .el AddLanguage en .en AddLanguage eo .eo AddLanguage es .es AddLanguage et .et AddLanguage fr .fr AddLanguage he .he AddLanguage hr .hr AddLanguage it .it AddLanguage ja .ja AddLanguage ko .ko AddLanguage ltz .ltz AddLanguage nl .nl AddLanguage nn .nn AddLanguage no .no AddLanguage pl .po AddLanguage pt .pt AddLanguage pt-BR .pt-br AddLanguage ru .ru AddLanguage sv .sv AddLanguage zh-CN .zh-cn AddLanguage zh-TW .zh-tw LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW ForceLanguagePriority Prefer Fallback AddDefaultCharset UTF-8 AddType application/x-compress .Z AddType application/x-gzip .gz .tgz AddHandler type-map var AddType text/html .shtml AddOutputFilter INCLUDES .shtml Alias /error/ "/var/www/error/" <IfModule mod_negotiation.c> <IfModule mod_include.c> <Directory "/var/www/error"> AllowOverride None Options IncludesNoExec AddOutputFilter Includes html AddHandler type-map var Order allow,deny Allow from all LanguagePriority en es de fr ForceLanguagePriority Prefer Fallback </Directory> </IfModule> </IfModule> BrowserMatch "Mozilla/2" nokeepalive BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 BrowserMatch "RealPlayer 4\.0" force-response-1.0 BrowserMatch "Java/1\.0" force-response-1.0 BrowserMatch "JDK/1\.0" force-response-1.0 BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully BrowserMatch "MS FrontPage" redirect-carefully BrowserMatch "^WebDrive" redirect-carefully BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully BrowserMatch "^gnome-vfs/1.0" redirect-carefully BrowserMatch "^XML Spy" redirect-carefully BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully NameVirtualHost *:80 NameVirtualHost *:443 <VirtualHost *:80> DocumentRoot /data/www/s1/html ServerName s1.asso.domain ErrorLog logs/s1.error.log </VirtualHost> <VirtualHost *:80> DocumentRoot /data/www/s2/old ServerName s2.domain ErrorLog logs/s2.error.log RailsBaseURI /blog <Directory /data/www/s2/html/blog> Options -MultiViews </Directory> </VirtualHost> <VirtualHost *:443> DocumentRoot /data/www/s2/html ServerName s2.domain ErrorLog logs/s2.error.log RailsBaseURI /blog <Directory /data/www/s2/html/blog> Options -MultiViews </Directory> </VirtualHost> The /etc/httpd/conf.d/git.conf content: Alias /git /data/www/s2/git <Directory /data/www/s2/git> Options +Indexes DAV on SSLRequireSSL </Directory> Fine, every repository are created by the same way: git --bare init "$1.git" && cd "$1.git" && git update-server-info && chmod -R 770 . && cd .. && git clone `pwd`/"$1.git" && cd "$1" && echo 42 > answer && git add . && git commit -m "Initial commit" && git push origin master && git rm answer && git commit -a -m "Clean repository" && git push && cd .. && rm -Rf "$1" Then, on the client side, I try: ~ $ git clone https://s2.domain/git/repo.git Cloning into 'repo'... warning: You appear to have cloned an empty repository. ~ $ cd repo repo $ echo 42 > answer && git add . && git commit -m "init" && git push origin master [master (root-commit) a2aadb1] init 1 file changed, 1 insertion(+) create mode 100644 answer Fetching remote heads... refs/ refs/heads/ refs/tags/ updating 'refs/heads/master' from 0000000000000000000000000000000000000000 to a2aadb1772e12104ce358f7ff9a11db5d93ead7d sending 3 objects MOVE d81cc0710eb6cf9efd5b920a8453e1e07157b6cd failed, aborting (22/502) MOVE 2c186ad49fa24695512df5e41cb5e6f2d33c119b failed, aborting (22/502) MOVE a2aadb1772e12104ce358f7ff9a11db5d93ead7d failed, aborting (22/502) Updating remote server info fatal: git-http-push failed The apache associated logs: my.ip - - [21/Sep/2012:16:19:19 +0200] "GET /git/repo.git/info/refs?service=git-upload-pack HTTP/1.1" 200 - "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:19 +0200] "GET /git/repo.git/HEAD HTTP/1.1" 200 23 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:48 +0200] "GET /git/repo.git/info/refs?service=git-receive-pack HTTP/1.1" 200 - "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "GET /git/repo.git/HEAD HTTP/1.1" 200 23 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "PROPFIND /git/repo.git/ HTTP/1.1" 207 569 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "HEAD /git/repo.git/info/refs HTTP/1.1" 200 - "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "HEAD /git/repo.git/objects/info/packs HTTP/1.1" 200 - "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "MKCOL /git/repo.git/info/ HTTP/1.1" 405 336 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "LOCK /git/repo.git/info/refs HTTP/1.1" 200 475 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "GET /git/repo.git/objects/info/packs HTTP/1.1" 200 1 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "PROPFIND /git/repo.git/refs/ HTTP/1.1" 207 2608 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "PROPFIND /git/repo.git/refs/heads/ HTTP/1.1" 207 941 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "PROPFIND /git/repo.git/refs/tags/ HTTP/1.1" 207 940 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "MKCOL /git/repo.git/refs/ HTTP/1.1" 405 336 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "MKCOL /git/repo.git/refs/heads/ HTTP/1.1" 405 342 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "LOCK /git/repo.git/refs/heads/master HTTP/1.1" 200 475 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "PROPFIND /git/repo.git/objects/a2/ HTTP/1.1" 404 317 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "PROPFIND /git/repo.git/objects/2c/ HTTP/1.1" 207 4565 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "PROPFIND /git/repo.git/objects/d8/ HTTP/1.1" 207 4565 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "PUT /git/repo.git/objects/d8/1cc0710eb6cf9efd5b920a8453e1e07157b6cd_20ca3a58daa09e54112968cbd4e86580b6301074 HTTP/1.1" 201 373 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "MKCOL /git/repo.git/objects/a2/ HTTP/1.1" 201 296 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "PUT /git/repo.git/objects/2c/186ad49fa24695512df5e41cb5e6f2d33c119b_20ca3a58daa09e54112968cbd4e86580b6301074 HTTP/1.1" 201 373 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "MOVE /git/repo.git/objects/d8/1cc0710eb6cf9efd5b920a8453e1e07157b6cd_20ca3a58daa09e54112968cbd4e86580b6301074 HTTP/1.1" 502 341 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "MOVE /git/repo.git/objects/2c/186ad49fa24695512df5e41cb5e6f2d33c119b_20ca3a58daa09e54112968cbd4e86580b6301074 HTTP/1.1" 502 341 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "PUT /git/repo.git/objects/a2/aadb1772e12104ce358f7ff9a11db5d93ead7d_20ca3a58daa09e54112968cbd4e86580b6301074 HTTP/1.1" 201 373 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "MOVE /git/repo.git/objects/a2/aadb1772e12104ce358f7ff9a11db5d93ead7d_20ca3a58daa09e54112968cbd4e86580b6301074 HTTP/1.1" 502 341 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "UNLOCK /git/repo.git/refs/heads/master HTTP/1.1" 204 - "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "PROPFIND /git/repo.git/refs/ HTTP/1.1" 207 2608 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "PROPFIND /git/repo.git/refs/heads/ HTTP/1.1" 207 941 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "PROPFIND /git/repo.git/refs/tags/ HTTP/1.1" 207 940 "-" "git/1.7.11.4" my.ip - - [21/Sep/2012:16:19:49 +0200] "UNLOCK /git/repo.git/info/refs HTTP/1.1" 204 - "-" "git/1.7.11.4" I have tried many configurations (even smart http from progit), but a major part of them consider the fact that they have a dedicated domain, but I'm in a sub-directory, so I can't apply these examples. Have you got an idea of the problem? have you got solutions? have you got configuration example with non-root directory? For your help, In advance, Thanks.

    Read the article

  • mount.nfs: access denied by server while mounting (null), can't find any log information

    - by Mark0978
    Two ubuntu servers: 10.0.8.2 is the client, 192.168.20.58 is the server. Between the 2 machines, Ping works, ssh works (in both directions). From 10.0.8.2 showmount -e 192.168.20.58 Export list for 192.168.20.58: /imr/nfsshares/foobar 10.0.8.2 mount.nfs 192.168.20.58:/imr/nfsshares/foobar /var/data/foobar -v mount.nfs: access denied by server while mounting (null) Found several things online, tried them all and still can't find any log information anywhere. On the server: [email protected]:/var/log# cat /etc/hosts.allow sendmail: all ALL: 10.0.8.2 /etc/hosts.deny is all comments How can I get a trail of log statements to figure this out? What does it take to get some logging so I have some idea of WHY it won't mount? On the server: [email protected]# nmap -sR RPC 192.168.20.58 Starting Nmap 5.21 ( http://nmap.org ) at 2012-07-04 21:16 CDT Failed to resolve given hostname/IP: RPC. Note that you can't use '/mask' AND '1-4,7,100-' style IP ranges Nmap scan report for 192.168.20.58 Host is up (0.0000060s latency). Not shown: 988 closed ports PORT STATE SERVICE VERSION 22/tcp open unknown 80/tcp open unknown 111/tcp open unknown 139/tcp open unknown 445/tcp open unknown 902/tcp open unknown 2049/tcp open unknown 3000/tcp open unknown 5666/tcp open unknown 8009/tcp open unknown 8222/tcp open unknown 8333/tcp open unknown Nmap done: 1 IP address (1 host up) scanned in 3.81 seconds From the client: [email protected]:~$ nmap -sR RPC 192.168.20.58 Starting Nmap 5.21 ( http://nmap.org ) at 2012-07-04 22:14 EDT Failed to resolve given hostname/IP: RPC. Note that you can't use '/mask' AND '1-4,7,100-' style IP ranges Nmap scan report for 192.168.20.58 Host is up (0.73s latency). Not shown: 988 closed ports PORT STATE SERVICE VERSION 22/tcp open unknown 80/tcp open unknown 111/tcp open rpcbind (rpcbind V2) 2 (rpc #100000) 139/tcp open unknown 445/tcp open unknown 902/tcp open unknown 2049/tcp open nfs (nfs V2-4) 2-4 (rpc #100003) 3000/tcp open unknown 5666/tcp open unknown 8009/tcp open unknown 8222/tcp open unknown 8333/tcp open unknown Nmap done: 1 IP address (1 host up) scanned in 191.56 seconds

    Read the article

  • Windows Server 2008 / SQL 2008 Licensing for Authenticated Web Application

    - by MikeM
    Hello, I'm trying to crunch some numbers to see what the software costs involved are for hosting an application we are developing. Users will not be anonymous - they will need to log in. SQL Server 2008: SQL Server licensing is easy - it will be licensed per-processor. No real fuss there. The cost of CALs would be much higher for the number of users as compared to the processor licenses. Windows Server 2008: This is where it gets trickier. We need to license the OS for both the web servers (there will be a couple) plus the database servers (also a couple). The Web Servers could run on the Web Edition without a need for CALs, but if you continue reading, you will see that may not matter much because I will likely have user CALs for each user anyway. We can't use the "External Connector" for any of the Windows licenses, because that doesn't cover customers who are paying to access a hosted application. We can't use the Web Edition for the SQL Servers because that license only allows database running on Web Edition to host data for the local web application (i.e. other web servers can't connect to it). So that leaves us with the "full" editions of Windows Server for the database server OS. I find this a little rediculous, and I feel as though I must be missing something, but it looks to me like I will actually need to buy a CAL for every user who signs up to use our service. I feel like I'm missing something because that means that for every user, I have to shell out $40 for a CAL. That could be one or two years' worth of revenue from each user for an inexpensive service! Is there any way to serve a web application to authenticated users without paying for individual Windows Server CALs, if the web servers and SQL servers are seperate boxes?

    Read the article

  • VMRC equivalent for Hyper-V?

    - by Ian Boyd
    VMRC was the client tool used to connect to virtual machines running on Virtual Server. Upgrading to Windows Server 2008 R2 with the Hyper-V role, i need a way for people to be able to use the virtual machines. Note: not all virtual machines will have network connectivity not all virtual machines will be running Windows some people needing to connect to a virtual machine will be running Windows XP Hyper-V manager, allowing management of the hyper-v server, is less desirable (since it allows management of the hyper-v server (and doesn't work on all operating systems)) What is the Windows Server 2008 R2 equivalent of VMRC; to "vnc" to a virtual server? Update: i think Tatas was suggesting Microsoft System Center Virtual Machine Manager Self-Service Portal 2.0 (?): Which requires SQL Server IIS Installing those would unfortunately violate our Windows Server 2008 R2 license. i might be looking at the wrong product link, since commenter said there is a version that doesn't require "System Center". Update 2: The Windows Server 2008 R2 running HyperV is being licensed with the understanding that it only be used to host HyperV. From the [Windows Server 2008 R2 Licensing FAQ][4]: Q. If I have one license for Windows Server 2008 R2 Standard and want to run it in a virtual operating system environment, can I continue running it in the physical operating system environment? A. Yes, with Windows Server 2008 R2 Standard, you may run one instance in the physical operating system environment and one instance in the virtual operating system environment; however, the instance running in the physical operating system environment may be used only to run hardware virtualization software, provide hardware virtualization services, or to run software to manage and service operating system environments on the licensed server. This is why i'm weary about installing IIS or SQL Server.

    Read the article

  • Avoiding DNS timeouts when a dns server fails

    - by user65124
    Hi there. We have a small datacenter with about a hundred hosts pointing to 3 internal dns servers (bind 9). Our problem comes when one of the internal dns servers becomes unavailable. At that point all the clients that point to that server start performing very slowly. The problem seems to be that the stock linux resolver doesn't really have the concept of "failing over" to a different dns server. You can adjust the timeout and number of retries it uses, (and set rotate so it will work through the list), but no matter what settings one uses our services perform much more slowly if a primary dns server becomes unavailable. At the moment this is one of the largest sources of service disruptions for us. My ideal answer would be something like "RTFM: tweak /etc/resolv.conf like this...", but if that's an option I haven't seen it. I was wondering how other folks handled this issue? I can see 3 possible types of solutions: Use linux-ha/Pacemaker and failover ips (so the dns IP VIPs are "always" available). Alas, we don't have a good fencing infrastructure, and without fencing pacemaker doesn't work very well (in my experience Pacemaker lowers availability without fencing). Run a local dns server on each node, and have resolv.conf point to localhost. This would work, but it would give us a lot more services to monitor and manage. Run a local cache on each node. Folks seem to consider nscd "broken", but dnrd seems to have the right feature set: it marks dns servers as up or down, and won't use 'down' dns servers. Any-casting seems to work only at the ip routing level, and depends on route updates for server failure. Multi-casting seemed like it would be a perfect answer, but bind does not support broadcasting or multi-casting, and the docs I could find seem to suggest that multicast dns is more aimed at service discovery and auto-configuration rather than regular dns resolving. Am I missing an obvious solution?

    Read the article

  • Zscaler. Certs, cookies, and port 80 traffic

    - by 54's_lol
    So I work at HQ for a large company that shall remain nameless. We use Zscaler and I had to roll out a 2048 cert per zscaler's request. People around me at work dont understand the technology and think that the cert's are what is allowing internet connectivity. From my understanding(and please chime in) is the cookie located C:\Users\$$$$$$4$$\AppData\Roaming\Macromedia\Flash Player#SharedObjects\Q3JQJQJV\gateway.zscaler.net\zscaler.swf here that gets created when you provide your creds the first time you use the browser. The cert's are just simply a way of inspecting the SSL traffic as zscaler had no way of doing this before without them. They are essentially using the classic MITM attack to parse your SSL traffic. Gmail is smart enough to recognize this as you get a warning. My question is this, is there a product or service that I can use to verify my web browser when at home(I.E. off company network) isn't still getting routed to zscaler's cloud? If i do a tracert that will work fine. It's the port 80 and 443 web traffic zscaler and my company is after. I would like to verify that when I'm off their premise that my web traffic is using only my isp and the path to whatever content I'm searching for. Do the cert's i'm pushing and browser authentication do something behind the curtain that forces web traffic to get routed to zscaler? I searched quite a bit and would very much like to know if I'm ever off company scrutiny. I do know zscaler offers the service to force the scenario im asking about. Can I prove how my web traffic is getting routed? Thanks for any insight. I've been a fan for a long time and your guy's kung fu is very strong:-)

    Read the article

  • IIS 6.0 Application pool crash

    - by David
    One application pool on one of our webservers crashed and we found this in the Eventlog, where can we find more information about it? Event Type: Error Event Source: W3SVC Event Category: None Event ID: 1101 Date: 11/23/2009 Time: 10:57:55 AM User: N/A Computer: ID-WEB Description: The World Wide Web Publishing Service failed to create app pool 'Global'. The data field contains the error number. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: b7 00 07 80 ·..? Attempting to manually start the application pool gives the following in the event log: Event Type: Error Event Source: W3SVC Event Category: None Event ID: 1107 Date: 11/23/2009 Time: 3:53:13 PM User: N/A Computer: ID-WEB Description: The World Wide Web Publishing Service failed to modify app pool 'Global'. The data field contains the error number. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 05 40 00 80 .@.? We are running IIS 6.0 on a Windows server 2003 R2, 32bits.

    Read the article

  • Commercial SIP Trunking in mainland China [closed]

    - by Patrick
    Is there any regulation preventing the use/sale of SIP trunks in mainland China? I've set up and used commercial-grade SIP trunks in places where previously we would have used ISDN T1/E1 connections. Here in Shanghai I'm looking for a similar service, and while E1 30B+D services are readily available, every telecoms company we speak with says that SIP trunking is not available in China with re-sellers of both China Telecom and China Unicom. But no one seems to know why. It seems logical to me that SIP trunks are cheaper to operate than ISDN services given that the first mile transit can be run over already-existing Internet infrastructure, and SIP signaling reduces the amount of configuration required by subscribers which is why it appeals to me. As such I've come to expect SIP services to be available in modern markets, and I've used them in quite a few countries. For example, one place I know it's not possible is in India. Government regulations in India make it illegal to provide PSTN service using VoIP. (Citations: 1, 2). However it seems this may be changing. Perhaps China has something similar.

    Read the article

  • nginx reload failing: `object version does not match bootstrap parameter`

    - by Jean Jordaan
    I added a server stanza to my virtual.conf, and now nginx seems to have a problem reloading the config. At this point I don't know what exactly is going wrong or how to debug better. Any help would be most appreciated. The config test succeeds: root@server:~# service nginx configtest nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful I'm tailing the logfile. Upon reload, the following error is logged. As far as I can see, the new config is not used. root@server:~# service nginx reload Reloading nginx: [ OK ] root@server:~# ==> /var/log/nginx/error.log <== nginx object version 0.8.54 does not match bootstrap parameter 1.0.15 at /usr/lib64/perl5/XSLoader.pm line 94. Compilation failed in require. BEGIN failed--compilation aborted. 2012/10/18 12:31:07 [alert] 9620#0: perl_parse() failed: 2 This is the version of nginx I'm running: root@server:~# yum info nginx Loaded plugins: fastestmirror, presto Loading mirror speeds from cached hostfile * base: ftp.udc.es * epel: mirror.nl.leaseweb.net * extras: ftp.udc.es * updates: ftp.cica.es Installed Packages Name : nginx Arch : x86_64 Version : 1.0.15 Release : 2.el6 [...] Server OS: CentOS release 6.3 (Final)

    Read the article

  • How to import certificate for Apache + LDAPS?

    - by user101956
    I am trying to get ldaps to work through Apache 2.2.17 (Windows Server 2008). If I use ldap (plain text) my configuration works great. LDAPTrustedGlobalCert CA_DER C:/wamp/certs/Trusted_Root_Certificate.cer LDAPVerifyServerCert Off <Location /> AuthLDAPBindDN "CN=corpsvcatlas,OU=Service Accounts,OU=u00958,OU=00958,DC=hca,DC=corpad,DC=net" AuthLDAPBindPassword ..removed.. AuthLDAPURL "ldaps://gc-hca.corpad.net:3269/dc=hca,dc=corpad,dc=net?sAMAccountName?sub" AuthType Basic AuthName "USE YOUR WINDOWS ACCOUNT" AuthBasicProvider ldap AuthUserFile /dev/null require valid-user </Location> I also tried the other encryption choices besides CA_DER just to be safe, with no luck. Finally, I also needed this with Apache tomcat. For tomcat I used the tomcat JRE and ran a line like this: keytool -import -trustcacerts -keystore cacerts -storepass changeit -noprompt -alias mycert -file Trusted_Root_Certificate.cer After doing the above line ldaps worked greate via tomcat. This lets me know that my certificate is a-ok. Update: Both ldap modules are turned on, since using ldap instead of ldaps works fine. When I run a git clone this is the error returned: C:\Tempgit clone http://eqb9718@localhost/git/Liferay.git Cloning into Liferay... Password: error: The requested URL returned error: 500 while accessing http://eqb9718@loca lhost/git/Liferay.git/info/refs fatal: HTTP request failed access.log has this: 127.0.0.1 - eqb9718 [23/Nov/2011:18:25:12 -0600] "GET /git/Liferay.git/info/refs service=git-upload-pack HTTP/1.1" 500 535 127.0.0.1 - eqb9718 [23/Nov/2011:18:25:33 -0600] "GET /git/Liferay.git/info/refs HTTP/1.1" 500 535 apache_error.log has nothing. Is there any more verbose logging I can turn on or better tests to do?

    Read the article

  • List of Hidden / Virtual Windows User Accounts

    - by Synetech inc.
    I’m trying to find a way to get a comprehensive list of user accounts on a Windows 7 system, including hidden ones. The User Accounts dialog (>control userpasswords2) only shows the normal user accounts, and even the Local User and Groups editor only shows normal user accounts and standard hidden/disabled ones like Administrator and Guest. The Select Users or Groups dialog has a Find Now button which which combines users and groups, but alas, it has the same contents as the LUG. I’m looking for a more comprehensive list that includes “super-hidden” / virtual user accounts like TrustedInstaller (or to be more accurate, NT Service\TrustedInstaller—notice the different “domain”). I checked HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList, but the SpecialAccounts key does not exist. I also checked HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList, and while it does have the SystemProfile, LocalService, and NetworkService accounts listed, it does not have others (like TrustedInstaller and its ilk). TrustedInstaller specifically is a little confusing because it is a user, a service, and an executable file. I am using it as an example because it is “super hidden” in that it does not seem to be listed in any sort of user list. (As an experiment, I tried searching the whole registry for “trustedinstaller” to see if I could find a place where it is listed as a user, but found none.) To be clear, what I am looking for is a list of all accounts that can be used in a user input-field such as in permissions dialogs or as a runas argument.

    Read the article

  • How do I disable MEDIUM and WEAK/LOW strength ciphers in Apache + mod_ssl?

    - by superwormy
    A PCI Compliance scan has suggested that we disable Apache's MEDIUM and LOW/WEAK strength ciphers for security. Can someone tell me how to disable these ciphers? Apache v2.2.14 mod_ssl v2.2.14 This is what they've told us: Synopsis : The remote service supports the use of medium strength SSL ciphers. Description : The remote host supports the use of SSL ciphers that offer medium strength encryption, which we currently regard as those with key lengths at least 56 bits and less than 112 bits. Solution: Reconfigure the affected application if possible to avoid use of medium strength ciphers. Risk Factor: Medium / CVSS Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) [More] Synopsis : The remote service supports the use of weak SSL ciphers. Description : The remote host supports the use of SSL ciphers that offer either weak encryption or no encryption at all. See also : http://www.openssl.org/docs/apps/ciphers .html Solution: Reconfigure the affected application if possible to avoid use of weak ciphers. Risk Factor: Medium / CVSS Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) [More]

    Read the article

  • svchost consuming more than 50% CPU all the time in windows 7

    - by claws
    Hello, I'm using windows 7 ultimate. svchost containing DCOM Server Process Launcher Plug and Play Power services is consuming more than 50% of CPU for most of the time. I found this blog post: http://blog.hansmelis.be/2007/06/17/windows-vista-long-delay-when-switching-songs-in-media-player/ That process is associated with two services: DCOM Server Process Launcher and Plug and Play. For the Vulcans among us, all logic stops there for a second. What do those two services have to do with WMP? The answer is provided by Vista's new audio engine. The new engine supports several audio "enhancements". But for the enhancements to work, the engine needs to determine if your hardware is up to the task. And when does it check that? Each time a sound output device is accessed. That's pretty nice if you can do a hot swap of sound hardware, but I don't see me doing that anytime soon. Anyways, it does provide us with the link to the correct service because checking hardware is done by the "Plug and Play" service. One might think that deactivating each enhancement would solve the problem, but that's wishful thinking. The configuration of the enhancements is located in the properties of the sound hardware. When opening the tab, I found out that no enhancements were active. Hmmm... so why does it check the hardware? Well, it does that in case you actually enable an enhancement. To completely stop the hardware checking, you have to tick the box labelled Disable all enhancements. As soon as you do that, Vista finally understands you don't want to use them buts thats for vista. Is it the same case with windows 7 too? and I couldn't find any "Disable all enhancements" in my controlpanelsounds (mmsys.cpl). Where can I find this option in windows 7? How to solve this?

    Read the article

  • QoS basics on a Cisco ASA

    - by qbn
    Could someone briefly explain how to use QoS on Cisco ASA 5505? I have the basics of policing down, but what about shaping and priorities? Basically what I'm trying to do is carve out some bandwidth for my VPN subnets (in an object-group called priority-traffic). I've seen this Cisco QoS document, however configuring shaping and priority-queue don't seem to have any effects in my test. A full download of the linux kernel from kernel.org will boost a ping to a server via VPN sky high. Policing has been successful in passing this test, although it doesn't seem as efficient (I cap non-vpn traffic at 3 of my 4.5 megabits of bandwidth). Am I misunderstanding the results of the test? I think there is some simple concept I'm not grasping here. EDIT: Here is my config thus far (I have 4.5 megabits of bandwidth): access-list priority-traffic extended permit ip object-group priority-traffic any access-list priority-traffic extended permit ip any object-group priority-traffic access-list priority-traffic extended permit icmp object-group priority-traffic any access-list priority-traffic extended permit icmp any object-group priority-traffic access-list non-priority-traffic extended deny ip object-group priority-traffic any access-list non-priority-traffic extended deny ip any object-group priority-traffic access-list non-priority-traffic extended permit ip any any priority-queue outside queue-limit 440 class-map non-priority-traffic match access-list non-priority-traffic class-map priority-traffic match access-list priority-traffic class-map inspection_default match default-inspection-traffic policy-map type inspect dns preset_dns_map parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp policy-map outbound-qos-policy class non-priority-traffic police input 2500000 police output 2500000 class priority-traffic priority service-policy global_policy global service-policy outbound-qos-policy interface outside

    Read the article

  • Unable to connect java webservie to android

    - by nag prakash
    This is my android activity. Please help me out. I will send the project completely if you can drop your mail id. package prakash.ws.connectsql; import org.ksoap2.SoapEnvelope; import org.ksoap2.serialization.SoapObject; import org.ksoap2.serialization.SoapPrimitive; import org.ksoap2.serialization.SoapSerializationEnvelope; import org.ksoap2.transport.AndroidHttpTransport; import android.os.Bundle; import android.app.Activity; import android.widget.EditText; import android.widget.TextView; public class MainActivity extends Activity { private static final String Soap_Action="http://testws.ws.prakash/testws"; private static final String Method_Name="testws"; private static final String Name_Space="http://testws.ws.prakash/"; private static final String URI="http://localhost:8045/testws/services/Testws?wsdl"; EditText ET; TextView Tv; @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_main); // Packeting the request SoapObject request=new SoapObject(Name_Space,Method_Name); // pass the parameters to the method.If it has one request.addProperty("name", ET.getText().toString()); //passing the entire request to the envelope SoapSerializationEnvelope soapEnvelope=new SoapSerializationEnvelope(SoapEnvelope.VER11); soapEnvelope.setOutputSoapObject(request); //transporting envelope AndroidHttpTransport aht=new AndroidHttpTransport(URI); try{ aht.call(Soap_Action, soapEnvelope); @SuppressWarnings("deprecation") SoapPrimitive resultString=(SoapPrimitive) soapEnvelope.getResult(); Tv.setText(resultString.toString()); }catch(Exception e) { Tv.setText("error"); } } } This XML file does not appear to have any style information associated with it. The document tree is shown below. <wsdl:definitions xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:ns1="http://org.apache.axis2/xsd" xmlns:ns="http://testws.ws.prakash" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:http="http://schemas.xmlsoap.org/wsdl/http/" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" targetNamespace="http://testws.ws.prakash"> <wsdl:documentation>Please Type your service description here</wsdl:documentation> <wsdl:types> <xs:schema attributeFormDefault="qualified" elementFormDefault="qualified" targetNamespace="http://testws.ws.prakash"> <xs:element name="testws"> <xs:complexType> <xs:sequence> <xs:element minOccurs="0" name="name" nillable="true" type="xs:string"/> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="testwsResponse"> <xs:complexType> <xs:sequence> <xs:element minOccurs="0" name="return" nillable="true" type="xs:string"/> </xs:sequence> </xs:complexType> </xs:element> </xs:schema> </wsdl:types> <wsdl:message name="testwsRequest"> <wsdl:part name="parameters" element="ns:testws"/> </wsdl:message> <wsdl:message name="testwsResponse"> <wsdl:part name="parameters" element="ns:testwsResponse"/> </wsdl:message> <wsdl:portType name="TestwsPortType"> <wsdl:operation name="testws"> <wsdl:input message="ns:testwsRequest" wsaw:Action="urn:testws"/> <wsdl:output message="ns:testwsResponse" wsaw:Action="urn:testwsResponse"/> </wsdl:operation> </wsdl:portType> <wsdl:binding name="TestwsSoap11Binding" type="ns:TestwsPortType"> <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/> <wsdl:operation name="testws"> <soap:operation soapAction="urn:testws" style="document"/> <wsdl:input> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <soap:body use="literal"/> </wsdl:output> </wsdl:operation> </wsdl:binding> <wsdl:binding name="TestwsSoap12Binding" type="ns:TestwsPortType"> <soap12:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/> <wsdl:operation name="testws"> <soap12:operation soapAction="urn:testws" style="document"/> <wsdl:input> <soap12:body use="literal"/> </wsdl:input> <wsdl:output> <soap12:body use="literal"/> </wsdl:output> </wsdl:operation> </wsdl:binding> <wsdl:binding name="TestwsHttpBinding" type="ns:TestwsPortType"> <http:binding verb="POST"/> <wsdl:operation name="testws"> <http:operation location="testws"/> <wsdl:input> <mime:content type="text/xml" part="parameters"/> </wsdl:input> <wsdl:output> <mime:content type="text/xml" part="parameters"/> </wsdl:output> </wsdl:operation> </wsdl:binding> <wsdl:service name="Testws"> <wsdl:port name="TestwsHttpSoap11Endpoint" binding="ns:TestwsSoap11Binding"> <soap:address location="http://localhost:8045/testws/services/Testws.TestwsHttpSoap11Endpoint/"/> </wsdl:port> <wsdl:port name="TestwsHttpSoap12Endpoint" binding="ns:TestwsSoap12Binding"> <soap12:address location="http://localhost:8045/testws/services/Testws.TestwsHttpSoap12Endpoint/"/> </wsdl:port> <wsdl:port name="TestwsHttpEndpoint" binding="ns:TestwsHttpBinding"> <http:address location="http://localhost:8045/testws/services/Testws.TestwsHttpEndpoint/"/> </wsdl:port> </wsdl:service> </wsdl:definitions> this web service is running fine in the server. Manifest File I have added the internet Permission. Now this is the error in the logcat. 07-04 21:31:00.757: E/dalvikvm(375): Could not find class 'org.ksoap2.serialization.SoapObject', referenced from method prakash.ws.connectsql.MainActivity.onCreate 07-04 21:31:00.757: W/dalvikvm(375): VFY: unable to resolve new-instance 481 (Lorg/ksoap2/serialization/SoapObject;) in Lprakash/ws/connectsql/MainActivity; 07-04 21:31:00.757: D/dalvikvm(375): VFY: replacing opcode 0x22 at 0x0008 07-04 21:31:00.757: D/dalvikvm(375): VFY: dead code 0x000a-004e in Lprakash/ws/connectsql/MainActivity;.onCreate (Landroid/os/Bundle;)V 07-04 21:31:00.937: D/AndroidRuntime(375): Shutting down VM 07-04 21:31:00.937: W/dalvikvm(375): threadid=1: thread exiting with uncaught exception (group=0x40015560) 07-04 21:31:00.957: E/AndroidRuntime(375): FATAL EXCEPTION: main 07-04 21:31:00.957: E/AndroidRuntime(375): java.lang.NoClassDefFoundError: org.ksoap2.serialization.SoapObject 07-04 21:31:00.957: E/AndroidRuntime(375): at prakash.ws.connectsql.MainActivity.onCreate(MainActivity.java:30) 07-04 21:31:00.957: E/AndroidRuntime(375): at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1047) 07-04 21:31:00.957: E/AndroidRuntime(375): at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:1611) 07-04 21:31:00.957: E/AndroidRuntime(375): at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:1663) 07-04 21:31:00.957: E/AndroidRuntime(375): at android.app.ActivityThread.access$1500(ActivityThread.java:117) 07-04 21:31:00.957: E/AndroidRuntime(375): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:931) 07-04 21:31:00.957: E/AndroidRuntime(375): at android.os.Handler.dispatchMessage(Handler.java:99) 07-04 21:31:00.957: E/AndroidRuntime(375): at android.os.Looper.loop(Looper.java:123) 07-04 21:31:00.957: E/AndroidRuntime(375): at android.app.ActivityThread.main(ActivityThread.java:3683) 07-04 21:31:00.957: E/AndroidRuntime(375): at java.lang.reflect.Method.invokeNative(Native Method) 07-04 21:31:00.957: E/AndroidRuntime(375): at java.lang.reflect.Method.invoke(Method.java:507) 07-04 21:31:00.957: E/AndroidRuntime(375): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:839) 07-04 21:31:00.957: E/AndroidRuntime(375): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:597) 07-04 21:31:00.957: E/AndroidRuntime(375): at dalvik.system.NativeStart.main(Native Method) 07-04 21:31:05.307: I/Process(375): Sending signal. PID: 375 SIG: 9

    Read the article

  • Key-Based SSH Permission denied (publickey) Ubuntu 12-04

    - by user125176
    I have configured sshd to accept key-based ssh logins with LogLevel on DEBUG, and uploaded my public key to ~/.ssh.authorized_keys, where permissions are set as: 700 ~/.ssh 600 ~/.ssh/authorized_keys From root, I can su - USERNAME. From the client I get Permission denied (publicly). From the server Here's how it is telling me that it "Could not open authorized keys '/home/USERNAME/.ssh/authorized_keys': Permission denied". Client protocol version 2.0; client software version OpenSSH_5.2 match: OpenSSH_5.2 pat OpenSSH* Enabling compatibility mode for protocol 2.0 Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1 permanently_set_uid: 105/65534 [preauth] list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 [preauth] SSH2_MSG_KEXINIT sent [preauth] SSH2_MSG_KEXINIT received [preauth] kex: client->server aes128-ctr hmac-md5 none [preauth] kex: server->client aes128-ctr hmac-md5 none [preauth] SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth] expecting SSH2_MSG_KEX_DH_GEX_INIT [preauth] SSH2_MSG_KEX_DH_GEX_REPLY sent [preauth] SSH2_MSG_NEWKEYS sent [preauth] expecting SSH2_MSG_NEWKEYS [preauth] SSH2_MSG_NEWKEYS received [preauth] KEX done [preauth] userauth-request for user USERNAME service ssh-connection method none [preauth] attempt 0 failures 0 [preauth] PAM: initializing for "USERNAME" PAM: setting PAM_RHOST to "USERHOSTNAME" PAM: setting PAM_TTY to "ssh" userauth_send_banner: sent [preauth] userauth-request for user USERNAME service ssh-connection method publickey [preauth] attempt 1 failures 0 [preauth] test whether pkalg/pkblob are acceptable [preauth] Checking blacklist file /usr/share/ssh/blacklist.RSA-4096 Checking blacklist file /etc/ssh/blacklist.RSA-4096 temporarily_use_uid: 1001/1002 (e=0/0) trying public key file /home/USERNAME/.ssh/authorized_keys Could not open authorized keys '/home/USERNAME/.ssh/authorized_keys': Permission denied restore_uid: 0/0 temporarily_use_uid: 1001/1002 (e=0/0) trying public key file /home/USERNAME/.ssh/authorized_keys2 Could not open authorized keys '/home/USERNAME/.ssh/authorized_keys2': Permission denied restore_uid: 0/0 Failed publickey for USERNAME from IPADDRESS port 57523 ssh2 Connection closed by IPADDRESS [preauth] do_cleanup [preauth] monitor_read_log: child log fd closed do_cleanup PAM: cleanup

    Read the article

  • Linking Linux MIT Kerberos with a Windows 2003 Active Directory

    - by Beerdude26
    Greetings, I was wondering how one might link a Linux MIT Kerberos with a Windows 2003 Active Directory to achieve the following: A user, [email protected], attempts to log in at an Apache website, which runs on the same server as the Linux MIT Kerberos. The Apache module first asks the local Linux MIT Kerberos if he knows a user by that name or realm. The MIT Kerberos finds out it isn't responsible for that realm, and forwards the request to the Windows 2003 Active Directory. The Windows 2003 Active Directory replies positively and gives this information to the Linux MIT Kerberos, which in turn tells this to the Apache module, which grants the user access to its files. Here is an image of the situation: http://img179.imageshack.us/img179/5092/linux2k3.png (I'm not allowed to embed images just yet.) The documentation I have read concerning this issue often differ from this problem: Some discuss linking up a MIT Kerberos with an Active Directory to gain access to resources on the Active Directory server; While another uses the link to authenticate Windows users to the MIT Kerberos through the Windows 2003 Active Directory. (My problem is the other way around.) So what my question boils down to, is this: Is it possible to have a Linux MIT Kerberos server pass through requests for a Active Directory realm, and then have it receive the reply and give it to the requesting service? (Although it's not a problem if the requesting service and the Windows 2003 Active Directory communicate directly.) Suggestions and constructive criticism are greatly appreciated. :)

    Read the article

  • Bind9 configured to start at boot, has to be started manually

    - by antik
    I've configured bind9 on my system and it works great when it runs. It's currently configured to be run at runlevel 2 by setting: $ sudo update-rc.d bind9 enable 2 This appears to have done its work: $ tree -f /etc/rc?.d | grep -e ".*bind9$" |-- /etc/rc0.d/K85bind9 -> ../init.d/bind9 |-- /etc/rc2.d/S15bind9 -> ../init.d/bind9 |-- /etc/rc3.d/S15bind9 -> ../init.d/bind9 |-- /etc/rc4.d/S15bind9 -> ../init.d/bind9 |-- /etc/rc5.d/S15bind9 -> ../init.d/bind9 |-- /etc/rc6.d/K85bind9 -> ../init.d/bind9 Booting the system, I believe I am at runlevel 2: $ runlevel N 2 Given the above configuration, when the system is rebooted, bind does not come up. Only on occasion, for some reason, can I resolve hostnames immediately after startup. Far more often than not however, I cannot. I can interrogate the service's status: $ sudo /etc/init.d/bind9 status * could not access PID file for bind9 When the service doesn't start, I can start it successfully via a terminal by issuing $ sudo /etc/init.d/bind9 start And it works great from then on. Loopback configuration: $ ifconfig lo lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:1872 errors:0 dropped:0 overruns:0 frame:0 TX packets:1872 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:220205 (220.2 KB) TX bytes:220205 (220.2 KB) Do I have my startup misconfigured? (I'm used to Gentoo so Ubuntu's model is still a little new to me) I'm not seeing any log indication of a failed attempt to start at boot in syslog. Is there someplace else I should be looking? What else should I look into to get bind working at startup?

    Read the article

  • Antivirus Configuration for dedicated SQL and dedicated IIS Servers

    - by Wayne Arthurton
    Our corporate standard is McAfee Enterprise, unfortunately this is non-negotiable. On two types of servers I'm responsible for, SQL & Web, we have noticed major performance issues with the corporate standard setup. Max scan time 45sec One policy for all processes Scan ALL files on write, read and open for backup Heuristics: Find unknown programs, trojans and macros Detect unwanted programs Exclude: EVT, LDF, LOG, MDF, VMD, , windows file protection) This of course still causes major slowdowns. IIS .NET recompiles are slow especially with SharePoint, SQL backups and restores, SQL Analysis Services, Integration Services and temp data from them as well. I have looked from time to time, for some best practices on setting up McAfee of SQL & SQL Analysis Service, SQL Integration Service, Visual Studio, Sharepoint, and .NET web servers in general. How do people setup McAfee enterprise on their corporate serves keeping security intact, but affecting performance as minimally as possible? Has anyone run across white papers on these setups? Obviously some are case by case, but there must be some best practices out there somewhere.

    Read the article

  • sftpd: No available certificate or key corresponds to the SSL cipher suites which are enabled?

    - by Arcturus
    Hello. I'm trying to setup vsftpd on Fedora 12. I need to require use of FTPS, and for now need to use a self-signed SSL certificate. I managed to get the vsftpd service running and to connect as my user. I can list the home directory, but as soon as I try to list another directory, download or upload a file, I get this error: No available certificate or key corresponds to the SSL cipher suites which are enabled. And the xfer log is empty. I've been Googling it for a while now, but still can't understand the problem. Here's how I installed vsftpd: su yum install vsftpd chkconfig vsftpd on service vsftpd start I tried to generate the certificate in two ways. Here's the first one: cd /etc/vsftpd openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout vsftpd.pem -out vsftpd.pem Here's the second way: cd /etc/pki/tls/certs make vsftpd.pem Here's my vsftpd configuration: anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_file=/var/log/vsftpd.log xferlog_std_format=YES nopriv_user=ftpsecure chroot_local_user=YES chroot_list_enable=YES chroot_list_file=/etc/vsftpd/chroot_list listen=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES # SSL settings ssl_enable=YES force_local_data_ssl=YES force_local_logins_ssl=YES rsa_cert_file=/etc/pki/tls/certs/vsftpd.pem allow_anon_ssl=NO ssl_tlsv1=YES ssl_sslv2=NO ssl_sslv3=NO Does anyone know what the problem is and how to solve it?

    Read the article

  • System Information (msinfo32.exe) Can't Collect Information

    - by ptanne
    I have Windows XP Pro, service pack 1, IE 6 and 32GB of free space, 75GB total. I have had nothing but trouble after trying to install service pack 2 even though I used System Restore. The installation was incomplete and my computer has never been the same. I attempted to install sp2 four or five times and sp3 once, always with the same result. I've tried reinstalling XP Pro but that didn't fix the problem. My XP Pro disk now has a scratch on it and refuses to work. Dell would not replace it stating that my computer was out of warranty. I'm currently trying Reimage which is supposed to return a computer to the original configuration and replace missing or damaged files. Believe it or not, Ripley, it stops in the middle of the operation and, so far, the Reimage techs haven't been able to figure out why. Of the many problems that I still have is that System Information can't collect information. The Help and Support sections that display system info also don't work. Is there some way that I can fix this? I can't afford to throw my computer away, yet. Thank you for listening, Pam Galvin

    Read the article

  • apache vhost not working consistently

    - by petrus
    I have a vhost on my webserver whose sole and unique goal is to return the client IP adress: petrus@bzn:~$ cat /home/vhosts/domain.org/index.php <?php echo $_SERVER['REMOTE_ADDR']; echo "\n" ?> This helps me troubleshoot networking issues, especially when NAT is involved. As such, I don't always have domain name resolution and this service needs to work even if queried by its IP address. I'm using it this way: petrus@hive:~$ echo "GET /" | nc 88.191.124.41 80 191.51.4.55 petrus@hive:~$ echo "GET /" | nc domain.org 80 191.51.4.55 router#more http://88.191.124.41/index.php 88.191.124.254 However I found that it wasn't working from at least a computer: petrus@seth:~$ echo "GET /" | nc domain.org 80 petrus@seth:~$ petrus@seth:~$ echo "GET /" | nc 88.191.124.41 80 petrus@seth:~$ What I checked: This is not related to ipv6: petrus@seth:~$ echo "GET /" | nc -4 ydct.org 80 petrus@seth:~$ petrus@hive:~$ echo "GET /" | nc ydct.org 80 2a01:e35:ee8c:180:21c:77ff:fe30:9e36 netcat version is the same (except platform, i386 vs x64): petrus@seth:~$ type nc nc est haché (/bin/nc) petrus@seth:~$ file /bin/nc /bin/nc: symbolic link to `/etc/alternatives/nc' petrus@seth:~$ ls -l /etc/alternatives/nc lrwxrwxrwx 1 root root 15 2010-06-26 14:01 /etc/alternatives/nc -> /bin/nc.openbsd petrus@hive:~$ type nc nc est haché (/bin/nc) petrus@hive:~$ file /bin/nc /bin/nc: symbolic link to `/etc/alternatives/nc' petrus@hive:~$ ls -l /etc/alternatives/nc lrwxrwxrwx 1 root root 15 2011-05-26 01:23 /etc/alternatives/nc -> /bin/nc.openbsd It works when used without the pipe: petrus@seth:~$ nc domain.org 80 GET / 2a01:e35:ee8c:180:221:85ff:fe96:e485 And the piping works at least with a test service (netcat listening on 1234/tcp and output to stdout) petrus@bzn:~$ nc -l -p 1234 GET / petrus@bzn:~$ petrus@seth:~$ echo "GET /" | nc domain.org 1234 petrus@seth:~$ I don't know if this issue is more related to netcat or Apache, but I'd appreciate any pointers to troubleshoot this issue ! The IP addresses have been modified but kept consistent for easy reading. bzn is the server, hive is a working client and seth is the client on which I have the issue.

    Read the article

  • nmap on my webserver shows TCP ports 554 and 7070 open

    - by atc
    I have a webserver that hosts various websites for me. The two services that are accessible outside are SSH and Apache2. These are running on a non-standard and standard port, respectively. All other ports are closed explicitly via arno-iptables-firewall. The host is running Debian Testing. I noticed that a scan of the host using nmap produced different results from different PCs. From my laptop on my home network (behind a BT Homehub), I get the following: Not shown: 996 filtered ports PORT STATE SERVICE 80/tcp open http 554/tcp open rtsp 7070/tcp open realserver 9000/tcp open cslistener whereas scanning from a US-based server with nmap 5.00 and a Linux box in Norway running nmap 5.21 I get the following: Not shown: 998 filtered ports PORT STATE SERVICE 80/tcp open http 9000/tcp open cslistener so I hope it's my internal network or ISP that's playing up, but I cannot be sure. Running a netstat -l | grep 7070 produces nothing. Similarly for port 554. Can anyone explain the peculiarities I'm seeing?

    Read the article

  • run script as another user from a root script with no tty stdin

    - by viktor tron
    Using CentOs, I want to run a script as user 'training' as a system service. I use daemontools to monitor the process, which needs a launcher script that is run as root and has no tty standard in. Below I give my four different attempts which all fail. : #!/bin/bash exec >> /var/log/training_service.log 2>&1 setuidgid training training_command This last line is not good enough since for training_command, we need environment for trqaining user to be set. : su - training -c 'training_command' This looks like it (http://serverfault.com/questions/44400/run-a-shell-script-as-a-different-user) but gives 'standard in must be tty' as su making sure tty is present to potentially accept password. I know I could make this disappear by modifying /etc/sudoers (a la http://superuser.com/questions/119376/bash-su-script-giving-an-error-standard-in-must-be-a-tty) but i am reluctant and unsure of consequences. : runuser - training -c 'training_command' This one gives runuser: cannot set groups: Connection refused. I found no sense or resolution to this error. : ssh -p100 training@localhost 'source $HOME/.bashrc; training_command' This one is more of a joke to show desparation. Even this one fails with Host key verification failed. (the host key IS in known_hosts, etc). Note: all of 2,3,4 work as they should if I run the wrapper script from a root shell. problems only occur if the system service monitor (daemontools) launches it (no tty terminal I guess). I am stuck. Is this something so hard to achieve? I appreciate all insight and guidance to best practice. (this has also been posted on superuser: http://superuser.com/questions/434235/script-calling-script-as-other-user)

    Read the article

  • Hudson plugin problem

    - by user27644
    Hi. I've created almost the same plugin as JobTypeColumn. There is only one difference - it shows job description instead of job type. But after i can't add this column to my list view. I have an NullPointerException after i edited my config.xml manually. java.lang.NullPointerException at hudson.model.Descriptor.newInstancesFromHeteroList(Descriptor.java:626) at hudson.util.DescribableList.rebuildHetero(DescribableList.java:164) at hudson.model.ListView.submit(ListView.java:262) at hudson.model.View.doConfigSubmit(View.java:484) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:185) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:101) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:54) at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:74) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:30) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:492) at org.kohsuke.stapler.MetaClass$6.doDispatch(MetaClass.java:180) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:30) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:492) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:408) at org.kohsuke.stapler.Stapler.service(Stapler.java:117) at javax.servlet.http.HttpServlet.service(HttpServlet.java:45) at winstone.ServletConfiguration.execute(ServletConfiguration.java:249) at winstone.RequestDispatcher.forward(RequestDispatcher.java:335) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:378) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:94) at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:304) at org.jvnet.hudson.plugins.monitoring.HudsonMonitoringFilter.doFilter(HudsonMonitoringFilter.java:31) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:97) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:86) at winstone.FilterConfiguration.execute(FilterConfiguration.java:195) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:47) at winstone.FilterConfiguration.execute(FilterConfiguration.java:195) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at winstone.FilterConfiguration.execute(FilterConfiguration.java:195) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368) at winstone.RequestDispatcher.forward(RequestDispatcher.java:333) at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:244) at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150) at java.lang.Thread.run(Unknown Source)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 390 391 392 393 394 395 396 397 398 399 400 401  | Next Page >