Got two drives on this server, which one is ssd again ?
# cat /sys/block/sda/queue/rotational 1 # cat /sys/block/sdb/queue/rotational 0
sdb 🙂
Linux
Varnish won’t start with unused backends defined
Unused backend somebackend, defined:
Is solved with
-p vcc_err_unref=off
In CentOS / RHEL you can add that to
/etc/sysconfig/varnish
You’d also have to pass that option if you’re testing your vcl config
varnishd -p vcc_err_unref=off -C -f /etc/varnish/default.vcl
Inspect values in memcached with memcdump
You can dump stuff from memcached with memcdump
$ memcdump --servers=127.0.0.1
Drown security vulnerability
Protect yourself from drown attack by updating your openssl package.
Redhat patched openssl 1.0.1e
# rpm -q --changelog openssl-1.0.1e-51.el7_2.4.x86_64 | head * Wed Feb 24 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.4 - fix CVE-2016-0702 - side channel attack on modular exponentiation - fix CVE-2016-0705 - double-free in DSA private key parsing - fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn * Tue Feb 16 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.3 - fix CVE-2015-3197 - SSLv2 ciphersuite enforcement - disable SSLv2 in the generic TLS method
goto https://drownattack.com/ for more info
Reset owncloud admin password
I lost password for my owncloud admin account .
In owncloud 7 / 8 you have an occ command you can use to fix that ( requires root access to the server ) .
sudo -u apache php /path/to/webroot/owncloud/occ user:resetpassword [you admin username]
Thank you 2daygeek.com
Cluster ssh with nice fonts !
Cluster ssh is super nice, but out of the box it got ugly and small fonts.
Here’s my Cluster ssh config, which I respectfully ripped from the net:
# $HOME/.clusterssh/config terminal_args=-fa 'DejaVu Sans Mono:style=Book' -fs 11 # note these are not consistent with the TTF font selection, so have to 'adjust' accordingly #terminal_size=80x24 # for terminal_args=-fa 'DejaVu Sans Mono:style=Book' -fs 12: #terminal_size=133x36 # for terminal_args=-fa 'DejaVu Sans Mono:style=Book' -fs 11 terminal_size=120x34
Thank you dansnotebook.blogspot.no
CentOS 7 firewall-cmd
Current zone
# firewall-cmd --get-active-zones public interfaces: eth0
What’s active in this zone ?
# firewall-cmd --zone=public --list-all public (default, active) interfaces: eth0 sources: services: dhcpv6-client http https ssh ports: masquerade: no forward-ports: icmp-blocks: rich rules:
puppet 2.7.x complaining about “err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not parse YAML data for node”
You’ll probably find numerous links that tell you to delete
/var/lib/puppet/yaml/[fqdn].yaml
in puppetmaster, node or both.
None of those solved my problem.
Upgradeing to puppet-2.7.25 didn’t help either .
On my puppet client, in /var/lib/puppet deleting
rm -fr state/ lib/ facts/ client*
at least let me run puppet again, but next run gives that 400 error again …
note to self: get back to this post when I get time to further debugging this really annoying issue
tcpdump tip
As I was debugging an issue at work related to http headers being forwarded by haproxy I used a couple tcpdump commands that was great, storing here for future reference .
tcpdump -s 1024 -l -A | grep X-Forwarded-For tcpdump -s 1024 -l -A src 192.168.9.56 or dst 192.168.9.56
First one will print lines containing X-Forwarded-For, second one let you filter on src and/or destination .
Note that tcpdump by default does not include 127.0.0.1 or ::1 ( lo ) .
CentOS 7 dhcp + custom ‘search domain’
I’m running CentOS 7 on my workstation these days, like it a lot.
At work our dhcp setup dns search for the domain containing our windows hosts but the Unix and Linux hosts I work with are in an other domain.
In the network manager gui in gnome3 I can’t seem to figure out where to add this second search domain, so I’ve been adding it manually to resolv.conf after each boot …
Got tired of that so i added:
DOMAIN='myDomain.no'
in /etc/sysconfig/network-scripts/ifcfg-eno1 and did a
systemctl restart network.service
problem solved.
thnx superuser.com
UPDATE 30th october 2015:
This does not work at all at my workstation at my new job.
I’m not using NetworkManager any more, not sure if that’s the reason though.
By setting SEARCH in /etc/sysconfig/network instead things got a lot better:
# /etc/sysconfig/network SEARCH='example.com sub.example.com'