Search Results

Search found 33182 results on 1328 pages for 'linux port'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 406/1328 | < Previous Page | 402 403 404 405 406 407 408 409 410 411 412 413  | Next Page >

  • Can I get advice on my nginx configuration (as a proxy in front of Jira and Confluence)?

    - by Nate
    I was wondering if I could get some advice on my nginx configuration. The config seems to be working, but I'm unsure if I'm doing everything properly. The basic idea is to have a Jira and Confluence server (in separate Tomcat instances) running on the same machine, with nginx in front to handle SSL for both. I want only SSL connections to be made to Jira/Confluence. Jira is running on 127.0.0.1:9090 and Confluence on 127.0.0.1:8080. Here is my nginx.conf, any advice or tips would be greatly appreciated. user nginx; worker_processes 1; error_log /var/log/nginx/error.log; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] $request ' '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; # Load config files from the /etc/nginx/conf.d directory include /etc/nginx/conf.d/*.conf; # Our self-signed cert ssl_certificate /etc/ssl/certs/fissl.crt; ssl_certificate_key /etc/ssl/private/fissl.key; # redirect non-ssl Confluence to ssl server { listen 80; server_name confluence.example.com; rewrite ^(.*) https://confluence.example.com$1 permanent; } # redirect non-ssl Jira to ssl server { listen 80; server_name jira.example.com; rewrite ^(.*) https://jira.example.com$1 permanent; } # # The Confluence server # server { listen 443; server_name confluence.example.com; ssl on; access_log /var/log/nginx/confluence.access.log main; error_log /var/log/nginx/confluence.error.log; location / { proxy_pass http://127.0.0.1:8080; proxy_set_header X-Forwarded-Proto https; proxy_set_header Host $http_host; } error_page 404 /404.html; location = /404.html { root /usr/share/nginx/html; } redirect server error pages to the static page /50x.html error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } } # # The Jira server # server { listen 443; server_name jira.example.com; ssl on; access_log /var/log/nginx/jira.access.log main; error_log /var/log/nginx/jira.error.log; location / { proxy_pass http://127.0.0.1:9090/; proxy_set_header X-Forwarded-Proto https; proxy_set_header Host $http_host; } error_page 404 /404.html; location = /404.html { root /usr/share/nginx/html; } # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } } }

    Read the article

  • How to diagnose causes of oom-killer killing processes

    - by dunxd
    I have a small virtual private server running CentOS and www/mail/db, which has recently had a couple of incidents where the web server and ssh became unresponsive. Looking at the logs, I saw that oom-killer had killed these processes, possibly due to running out of memory and swap. Can anyone give me some pointers at how to diagnose what may have caused the most recent incident? Is it likely the first process killed? Where else should I be looking?

    Read the article

  • Users database empty after Samba3 to Samba4 migration on different servers

    - by ouzmoutous
    I have to migrate a Samba 3 to a new Samba 4 server. My problem is that the database on the samba 3 server seems a bit empty. The secrets.dtb file is only 20K whereas the “pbedit -L |wc -l”command give me 16970 lines. On my Samba3 /var/lib/samba is 1,5M After I had migrate the databse (following instructions on http://dev.tranquil.it/index.php/SAMBA_-_Migration_Samba3_Samba4), “pdbedit -L” command on the new server give me only : SAMBA4$, Administrator, dns-samba4, krbtgt and nobody. So I tried to create a VM with a Samba3. I added some users, done the same things I did for the migration and now I can see the users created on the VM. It’s like users on the Samba 3 server are in a sort of cache. I already migrate the /etc/{passwd,shadow,group} files and I can see users with the “getent passwd” command. Any ideas why my users are present when I use pdbedit but the database is so empty ? The global part of my smb.conf on the Samba 3 server : [global] workgroup = INTERNET netbios name = PDC-SMB3 server string = %h server interfaces = eth0 obey pam restrictions = Yes passdb backend = smbpasswd passwd program = /usr/bin/passwd %u passwd chat = *new* %n\n *Re* %n\n *pa* username map = /etc/samba/smbusers unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%U max log size = 1000 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 add user script = /usr/sbin/useradd -s /bin/false -m '%u' -g users delete user script = /usr/sbin/userdel -r '%u' add group script = /usr/sbin/groupadd '%g' delete group script = /usr/sbin/groupdel '%g' add user to group script = /usr/sbin/usermod -G '%g' '%u' add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null '%u' -g machines logon script = logon.cmd logon home = \\$L\%U domain logons = Yes os level = 255 preferred master = Yes local master = Yes domain master = Yes dns proxy = No ldap ssl = no panic action = /usr/share/samba/panic-action %d invalid users = root admin users = admin, root, administrateur log level = 2

    Read the article

  • How do I enable write access for an sFTP only user under Ubuntu?

    - by Jon Cage
    I'm running Ubuntu 12.04 and am trying to configure a user to allow chroot'd sFTP connections to another section of the filesystem. I've added the following to my /etc/ssh/sshd_config file: Match Group mygroup X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp ChrootDirectory /home/%u I've set their home directory so that it's owned by root but has their group. I've created a mount --bind from /home/myuser/transfers to /my/filesystem which appears to be navigable. The problem I'm having is that I'm not able to write to any part of the filesystem which makes this pretty useless as an FTP server. What am I missing? What can I check?

    Read the article

  • Ubuntu not installed-Please Remove installation media and close tray and press enter

    - by Ram
    I have downloaded Ubuntu 12.04.1 LTS 32 bit, burned it on DVD and tried to install it on my PC. My PC is running in Windows 7 Ultimate 32 bit mounted on the C: drive. Now I want install Ubuntu along with my Windows 7. When I boot Ubuntu through the CD, It boots and the Ubuntu install windows opens It offers "Try Ubuntu" and "Install Ubuntu". I choose "Install Ubuntu" Then I go on to install Ubuntu with Windows(First Option)-install It shows some blank screen with some lines, and says "Please Remove installation media and close tray and press enter" Then the PC restarts and runs Windows 7 same as before normally. But Ubuntu is not installed. How to solve this problem and install Ubuntu on my PC properly? Note: I am an Android Developer. So I need to install Ubuntu for my Android Development purpose.

    Read the article

  • Concerns about Apache per-Vhost logging setup

    - by etienne
    I'm both senior developer and sysadmin in my company, so i'm trying to deal with the needs of both activities. I've set up our apache box, wich deals with 30-50 domains atm (and hopefully will grow larger) and hosts both production and development sites, with this directory structure: domains/ domains/domain.ext/ #FTPS chroot for user domain.ext domains/domain.ext/public #the DocumentRoot of http://domain.ext domains/domain.ext/logs domains/domain.ext/subdomains/sub.domain.ext domains/domain.ext/subdomains/sub.domain.ext/public #DocumentRoot of http://sub.domain.ext Each domain.ext Vhost runs with his dedicated user and group via mpm-itk, umask being 027, and the logs are stored via a piped sudo command, like this: ErrorLog "| /usr/bin/sudo -u nobody -g domain.ext tee -a domains/domain.ext/logs/sub.domain.ext_error.log" CustomLog "| /usr/bin/sudo -u nobody -g domain.ext tee -a domains/domain.ext/logs/sub.domain.ext_access.log" combined Now, i've read a lot about not letting the logs out of a very restricted directory, but the developers often need to give a quick look to a particular subdomain error log, and i don't really want to give them admin rights to look into /var/logs. Having them available into the ftp account is REALLY handy during development stages. Do you think this setup is viable and safe enough? To me it is apparently looking good, but i'm concerned about 3 security issues: -is the sudo pipe enough to deal with symlink exploits? Any catches i'm missing? -log dos: logs are in the same partition of all domains. got hundreds of gigs, but still, if one get disk-space dos'd, everything will break. Any workaround? Will a short timed logrotate suffice? -file descriptors limits: AFAIK the default limit for Apache on Ubuntu Server is currently 8192, which should be plenty enough to handle 2 log files per subdomain. Is it? Am i missing something? I hope to read some thoughts on the matter!

    Read the article

  • Apache2 BufferedLogs On - anybody using it ?

    - by Qiqi
    Greetings, I am wondering, whether anybody is using BufferedLogs On with Apache2 and found any issues ? Feature is marked as experimental, but for many years now, so I guess it's rather pretty stable. I am running some servers with constrained disk IO capacity at the moment, so I turned it on hoping that even a small benefit could help in the long run ;-) I do have several to several hundreds requests per seconds so by my thoughts there is really no need to write to log after each request, cause honestly I don't think that my filesystem is the best handler for many unnecessary writes. (OCFS2 shared among several DomUs in the Xen)

    Read the article

  • How to mirror filesystems with millions of hardlinks?

    - by Thomas Berger
    We have one big problem at the moment: We need to mirror a filesystem for one of our customers. Thats usual not really a problem, but here it is: On this filesystem there is one folder with millions of hardlinks (yes! MILLIONS!). rsync requires more then 4 days to just build the filelist. We use the following rsync options: rsync -Havz --progress serverA:/data/cms /data/ Has anyone a idea how to speed up this rsync, or use alternatives? We could not use dd as the target disk is smaller then the source.

    Read the article

  • How to upgrade XBMC Live from 9.04.1 to 9.11?

    - by sunpech
    I've been unable to do a fresh install of XBMC Live 9.11 to my hard drive. Everytime it fails at the Install System step. But I am able to get XBMC Live 9.04.1 to install successfully. How do I upgrade XBMC Live 9.04.1 to 9.11? I understand that Ctrl+Shift+F2 brings up the command line, but what are the next set of commands to run?

    Read the article

  • Cannot Boot - Ubuntu 9.10

    - by c00lryguy
    I installed Ubuntu 9.10 from my laptop onto a HDD in an external harddrive enclosure. I could not connect online so I plugged it into another computer and updated the system. Now when I plugged it back into my laptop, I cannot boot. It says "ALERT! /dev/sdd1 does not exist. Dropping to shell!" and has a shell that says (initramfs)

    Read the article

  • ignore ipv6 router advertisements for static addresses with bonded interfaces

    - by boran
    I need to attribute static IPv6 addresses (not use autoconfigured addresses, and ignore router advertisements). This can be done as follows for a standard interface like eth0 iface eth0 inet6 static address myprefix:mysubnet::myip gateway myprefix:mysubnet::mygatewayip netmask 64 pre-up /sbin/sysctl -q -w net.ipv6.conf.$IFACE.autoconf=0 pre-up /sbin/sysctl -q -w net.ipv6.conf.$IFACE.accept_ra=0 However, how can this be done for bonded interfaces? using the "all" interface does not work. Systems is Ubuntu 10.04, 2.6.24-24-server. If one uses the above sysctl command for the bond0, the networking hangs on boot, because /proc/sys/net/ipv6/conf/bond0 does not yet exist and cannot be written to. One the system has booted /proc/sys/net/ipv6/conf/bond0 exist, so one solution after booting is to add the following to /etc/rc.local: /sbin/sysctl -q -w net.ipv6.conf.bond0.autoconf=0 /sbin/sysctl -q -w net.ipv6.conf.bond0.accept_ra=0 /etc/init.d/networking restart and this has the desired effect, the autoconfig v6 address disappears. Seems like a bit of a hack though, are there better solutions?

    Read the article

  • Restrict SSH user to connection from one machine

    - by Jonathan
    During set-up of a home server (running Kubuntu 10.04), I created an admin user for performing administrative tasks that may require an unmounted home. This user has a home directory on the root partition of the box. The machine has an internet-facing SSH server, and I have restricted the set of users that can connect via SSH, but I would like to restrict it further by making admin only accessible from my laptop (or perhaps only from the local 192.168.1.0/24 range). I currently have only an AllowGroups ssh-users with myself and admin as members of the ssh-users group. What I want is something that works like you may expect this setup to work (but it doesn't): $ groups jonathan ... ssh-users $ groups admin ... ssh-restricted-users $ cat /etc/ssh/sshd_config ... AllowGroups ssh-users [email protected].* ... Is there a way to do this? I have also tried this, but it did not work (admin could still log in remotely): AllowUsers [email protected].* * AllowGroups ssh-users with admin a member of ssh-users. I would also be fine with only allowing admin to log in with a key, and disallowing password logins, but I could find no general setting for sshd; there is a setting that requires root logins to use a key, but not for general users.

    Read the article

  • What do I need to do to set my computer as Default Gateway?

    - by Vaibhav
    We are trying to put together a box with dual LAN cards (let's say Outer and Inner), where the Inner LAN card is supposed to act as a default gateway on the network it is connected to. This box is running Ubuntu. The basic purpose for this box is to take messages generated on the inner network, do some work with them and forward them out the Outer LAN card to a server. The inner network is completely isolated with simply a regular switch connecting the Inner LAN Card with two other boxes. These other boxes either throw out multi-cast messages (which the Inner LAN Card is listening to), or send out unicast messages meant for the server which is not on this inner network. So, we need the Inner LAN Card to act as a default gateway, where these unicast messages will then be sent, and the code on the dual-LAN Card box can then intercept and forward these messages to the server. Question: 1. How do we setup the LAN Card to be default gateway (does it need some configuration on Ubuntu)? 2. Once we have this setup, is it a simple matter of listening to the interface to intercept the incoming messages? Any help (pointers in the right direction) is appreciated. Thanks.

    Read the article

  • Start multiple instances of Firefox; Xephyr rootless mode

    - by Vi
    How can I have multiple independent instances of Mozilla Firefox 3.5 on the same X server, but started from different user accounts (consequently, different profiles)? Limited success was only with Xephyr :1, DISPLAY=:1 /usr/local/bin/firefox, but Xephyr has no Cygwin/X's "rootless" mode so it's not comfortable. The idea is to have one Firefox instance for various "Serious Business" things and the other for regular browsing with dozens of add-ons securely isolated.

    Read the article

  • Missing NFS service link?

    - by Recc
    # ps ax | grep nfs 1108 ?        S<     0:00 [nfsd4] 1109 ?        S<     0:00 [nfsd4_callbacks] 1110 ?        S      0:00 [nfsd] 1111 ?        S      0:00 [nfsd] 1112 ?        S      0:00 [nfsd] 1113 ?        S      0:00 [nfsd] 1114 ?        S      0:00 [nfsd] 1115 ?        S      0:00 [nfsd] 1116 ?        S      0:00 [nfsd] 1117 ?        S      0:00 [nfsd] 4437 ?        S<     0:00 [nfsiod] 16799 ?        S      0:00 [nfsv4.0-svc] 18091 pts/1    S+     0:00 grep nfs But # service nfs status nfs: unrecognized service That'll be on Ubuntu 11.04 am I missing a sym link or something? How can I fix this quickly?

    Read the article

  • How to make Shared Keys .ssh/authorized_keys and sudo work together?

    - by farinspace
    I've setup the .ssh/authorized_keys and am able to login with the new "user" using the pub/private key ... I have also added "user" to the sudoers list ... the problem I have now is when I try to execute a sudo command, something simple like: $ sudo cd /root it will prompt me for my password, which I enter, but it doesn't work (I am using the private key password I set) Also, ive disabled the users password using $ passwd -l user What am I missing? Somewhere my initial remarks are being misunderstood ... I am trying to harden my system ... the ultimate goal is to use pub/private keys to do logins versus simple password authentication. I've figured out how to set all that up via the authorized_keys file. Additionally I will ultimately prevent server logins through the root account. But before I do that I need sudo to work for a second user (the user which I will be login into the system with all the time). For this second user I want to prevent regular password logins and force only pub/private key logins, if I don't lock the user via" passwd -l user ... then if i dont use a key, i can still get into the server with a regular password. But more importantly I need to get sudo to work with a pub/private key setup with a user whos had his/her password disabled. Edit: Ok I think I've got it (the solution): 1) I've adjusted /etc/ssh/sshd_config and set PasswordAuthentication no This will prevent ssh password logins (be sure to have a working public/private key setup prior to doing this 2) I've adjusted the sudoers list visudo and added root ALL=(ALL) ALL dimas ALL=(ALL) NOPASSWD: ALL 3) root is the only user account that will have a password, I am testing with two user accounts "dimas" and "sherry" which do not have a password set (passwords are blank, passwd -d user) The above essentially prevents everyone from logging into the system with passwords (a public/private key must be setup). Additionally users in the sudoers list have admin abilities. They can also su to different accounts. So basically "dimas" can sudo su sherry, however "dimas can NOT do su sherry. Similarly any user NOT in the sudoers list can NOT do su user or sudo su user. NOTE The above works but is considered poor security. Any script that is able to access code as the "dimas" or "sherry" users will be able to execute sudo to gain root access. A bug in ssh that allows remote users to log in despite the settings, a remote code execution in something like firefox, or any other flaw that allows unwanted code to run as the user will now be able to run as root. Sudo should always require a password or you may as well log in as root instead of some other user.

    Read the article

  • Installing Midnight Commander from sources (no root privileges)

    - by ouroboros
    I tried to configure ./configure --prefix=/localfolder glib-2.26.1/ make make install but it fails at make stage. trying to configure mc-4.6.1/ and make doesn't obviously work. What are the steps I need to make in order to install midnight comander for my local user in a custom folder? Make for glib gives me these errors /usr/bin/msgfmt: found 2 fatal errors cp: cannot stat `test.mo': No such file or directory gmake[4]: *** [test.mo] Error 1 gmake[4]: Leaving directory `/remote/folder/mc/glib-2.26.1/gio/tests' gmake[3]: *** [all-recursive] Error 1 gmake[3]: Leaving directory `/remote/folder/mc/glib-2.26.1/gio' gmake[2]: *** [all] Error 2 gmake[2]: Leaving directory `/remote/folder/mc/glib-2.26.1/gio' gmake[1]: *** [all-recursive] Error 1 gmake[1]: Leaving directory `/remote/folder/mc/glib-2.26.1' gmake: *** [all] Error 2

    Read the article

  • Sharing hp Deskjet F380 using cups via http driver issues with xp client

    - by ageis23
    Hi the problem is xp doesn't have built in drivers for my printer but vista does. On vista it works perfectly without any issues. However when I try using xp, it insists that I select a driver from the selection xp offers by default. The drivers I've downloaded from HP don't support networking. Hp have stated they're non networkable. Is there anything I can do about this? Any help is greatly appreciated and would save me getting ear ache!

    Read the article

  • Dedicated server automatic backup solution

    - by Luigi
    I have a dedicated Ubuntu web server in a cloud environment, and I am looking for a nice way to do automated backups. I would like to backup some directories with web apps, and all my MySql databases. As for destination: make snapshots every two hours localy, and every six hours to a remote ftp server. Also delete backup archives older than seven days(localy + ftp), and notify on any problems by email. Now to achieve some of this functionality I use cron + shell script, and http://www.mysqldumper.net/, but really that doesn't answer my needs. Mysqldumper doesn't know automaticly about new databases, and shell script does not notify on problems. It's something I have to check out from time to time, and i don't have trust for. I googled a while, and seems like most people solve this stuff with shell scripts. Is this a method you can trust? Are there any web-gui tools, I'm missing? Maybe there is a smarter startegy for doing this? I'm a little bit confused.

    Read the article

  • Windows clients not using NTP server provided via DHCP

    - by gencha
    I have a network consisting mostly of Windows Vista and 7 clients and an Ubuntu server. The server provides both the DHCP and NTP services through dhcp3-server and openntpd. In my dhcpd.conf, the subnet is declared as follows: subnet 10.10.10.0 netmask 255.255.255.0 { range 10.10.10.10 10.10.10.200; option broadcast-address 10.10.10.255; option routers 10.10.10.1; option ntp-servers 10.10.10.1; } The clients don't seem to be using the NTP server though. When I capture the network traffic with Wireshark during the DHCP process, I also see no mention of the NTP option in the DHCP offer message. I am not quite sure if the clients would have to specifically request that option to receive it or if I have to make another configuration to offer the option.

    Read the article

  • Running multiple sites on a LAMP with secure isolation

    - by David C.
    Hi everybody, I have been administering a few LAMP servers with 2-5 sites on each of them. These are basically owned by the same user/client so there are no security issues except from attacks through vulnerable deamons or scripts. I am builing my own server and would like to start hosting multiple sites. My first concern is... ISOLATION. How can I avoid that a c99 script could deface all the virtual hosts? Also, should I prevent that c99 to be able to write/read the other sites' directories? (It is easy to "cat" a config.php from another site and then get into the mysql database) My server is a VPS with 512M burstable to 1G. Among the free hosting managers, is there any small one which works for my VPS? (which maybe is compatible with the security approach I would like to have) Currently I am not planning to host over 10 sites but I would not accept that a client/hacker could navigate into unwanted directories or, worse, run malicious scripts. FTP management would be fine. I don't want to complicate things with SSH isolation. What is the best practice in this case? Basically, what do hosting companies do to sleep well? :) Thanks very much! David

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 402 403 404 405 406 407 408 409 410 411 412 413  | Next Page >