To add to this- I have an error that started appearing after updating their Fedora 29 and 30 instances. Further testing found that the error appears in different regions using their server type template installers or even a custom iso option that I used with net install. All I have to do is deploy, run dnf update and reboot. The error is present in every boot after the update. https://mangolassi.it/topic/19903/fedora-29-and-30-edac-skx-can-t-get-tolm-tohm-error-on-vultr

Vultr support was interested after my previous response. "We understand your concerns and appreciate you bringing issues to our attention, however, we are not seeing this issue with our Fedora 30 build when running updates. It is possible that something is different when upgrading the distribution manually and this is not something we would be able to troubleshoot as we are not seeing the issue. Does the OS itself throw an error when attempting the update? If there is an error being throw by the OS we can try to assist in figuring out what it means and try to point you in the right direction, but as a self-managed service our in depth troubleshooting steps for software issues is extremely limited. Thank you for your understanding." I provided them with specifics on how to produce the error.

@Pete-S said in Wget - Download a Web Dashboard For Local Viewing?: Here is Firefox headless mode: Firefox uses the same browser, just run with the headless switch. Works from version 57 and newer. https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/Headless_mode Thanks. I won't be able to use this with brightsign, but it might work if I have to run windows for a site that I can't view a public dashboard.

I know you were just explaining how to do it but this is a simple task with Ansible. - name: Ensure user exists user: name: Joe state: present password: "password_hash" groups: wheel, libvirt Instead of needing the hash up front you can do things like: {{ Password1234 | password_hash('sha512') }}

Placeholder

@scottalanmiller said in Linux CP command - Estimate MBs: You can use cp and see progress using a separate tool, like progress. But cp itself can't do it. Gotcha.

Okay so figured it out with this guide. From Windows administrative Powershell ssh-keygen type C:\Users\<username>\.ssh\id_rsa.pub | ssh [email protected] 'cat >> .ssh/authorized_keys' Exit administrative Powershell Open Powershell ssh [email protected] Logged in.

@black3dynamite said in Salt - Can't Connect to Minions After Adding Them to Master: I sometimes have to add --timeout 60 so I can see a response salt FP01.domain.local test.ping --timeout 60 Seems to be working. I think that it was the firewall needing the exception AND using the --timeout 60 Thanks!

I've done both. I tend to like MariaDB / MySQL better because that is what I'm more comfy with.

@BraswellJay Just a note for next time, from the installer you can ctrl+alt+F2, this will drop you into a console where you can fix these kinds of issues without needing to boot into another thing.

We got it. Had to open the Nginx logs and noticed too many "posts" in the error log. Dug in and it was three ranges overseas all hitting with a "post timeout attack." It was a light DDoS where sessions were being opened and held causing nginx to wait on a timeout. This caused Apache to just increment forever. Once we blocked those ranges, the Apache thread count started to drop for the first time, and memory started to release. And the continuous flood of nginx error logs ceased. If you are looking at nginx error logs, this is what you look for: upstream timed out (110: Connection timed out) while reading response header from upstream, client: You can use this command to collect the offending IP addresses: grep "upstream timed out" error.log | cut -d' ' -f20 Then use your firewall to shut them down. We are all good now! Woot.

Well let's talk about fedora and updating killing a laptop lol....

@zachary715 said in Linux Options for Dell PowerEdge 2950 II: Just curious what role this server will be playing... Web server

@Dashrender said in Fedora 30 LAMP Web Server Varnish Cache Broken After Update: @scottalanmiller said in Fedora 30 LAMP Web Server Varnish Cache Broken After Update: @Obsolesce said in Fedora 30 LAMP Web Server Varnish Cache Broken After Update: Wow so they just decide to up and change ports? And I thought Windows updates were bad... They accidentally hard coded to the default. did you report it? Unlikely.

So, easy fix, the ca_stag2 was a staging DB that was not needed and was not current. The whole thing appears to have corrupted. So I simply "moved" that entire directory to /tmp (just in case I had to put it back) and then MySQL could fire up.

@scottalanmiller said in Updating to Fedora 30 Gives Pix Error: Doing an upgrade from Fedora 29 to Fedora 30 and you get... Error: Problem: package pix-1.8.2-1.fc29.x86_64 requires libexiv2.so.26()(64bit), but none of the providers can be installed - exiv2-libs-0.26-12.fc29.x86_64 does not belong to a distupgrade repository - problem with installed package pix-1.8.2-1.fc29.x86_64 (try to add '--skip-broken' to skip uninstallable packages) This seems to happen with most normal workstation installs of Fedora. Easiest thing to do is simply remove Pix. sudo dnf remove pix -y Your update should work fine after that. I don't ever use it. But, yeah it is there by default.

@StuartJordan I kinda like the netplan approach (ducks for cover)

@DustinB3403 said in What is the difference between Dead and Failed for service status?: @IRJ Did you look at journalctl to see what the logs say? He doesn't care about why things are failed. He just wants the states. It is for monitoring and automation.

Probably a good thing overall. There are too many distros. The ability to make a distro makes Linux strong. But everyone and their brother making one makes it weak. Scientific was almost exclusively a way to water down CentOS. It just didn't make sense once CentOS became funded.

And it should be noted, that unlike SMB or NFS shares that would be generally frowned upon to use over the Internet, SFTP is heavily encrypted and very secure and is often used over public networks.

Obviously the paths would change based on where they actually live and since I want this to live outside of an individual user, pointing to the user paths would make no sense in a production case. Also on WSL, if you go into /mnt you can get a list of all of the disks that are mounted on your Workstation/Server. In the case of my workstation I only have the 1 disk, so only c is listed. Severs would likely have other drives.

Looks like a bug. You can get it to run correctly from the command line... cd /usr/share/cockpit/ovirt/ chmod +x install.sh ./install.sh https://my.ovirt.com/ovirt-engine 443 Running in this way produces good output. And it creates the necessary /etc/cockpit/machines-ovirt.config file.

@wirestyle22 said in Wazuh Manager Install - Ubuntu: A few things: The manager label is wrong. It says manger instead of manager. @IRJ said in Wazuh Manager Install - Ubuntu: Install Filebeat There are two entries for "Install Filebeat" I tried to install Filebeat going command by command and it can't find it. Thanks I fixed the guide. What you need to do is this: #*********************************************************** #Install GPG keys and add repository #*********************************************************** curl -s https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add - echo "deb https://artifacts.elastic.co/packages/6.x/apt stable main" | tee /etc/apt/sources.list.d/elastic-6.x.list #*********************************************************** # APT Update #*********************************************************** sudo apt update #*********************************************************** #Install Filebeat #*********************************************************** sudo apt install -y filebeat=6.7.1 #*********************************************************** #Download Filebeat config file to forward logs #*********************************************************** sudo curl -so /etc/filebeat/filebeat.yml https://raw.githubusercontent.com/wazuh/wazuh/3.8/extensions/filebeat/filebeat.yml #*********************************************************** #Edit Filebeat config file to point to Elastic Server IP (In this lab environment I am using 127.0.0.1) #*********************************************************** sed -i 's/YOUR_ELASTIC_SERVER_IP/192.168.122.181/' /etc/filebeat/filebeat.yml #*********************************************************** #Start Filebeat service and configure it to automatically start at boot #*********************************************************** sudo systemctl daemon-reload sudo systemctl enable filebeat.service sudo systemctl start filebeat.service make sure to change 192.168.122.181 with your ip or localhost if you are using a single server for wazuh and ELK

@JaredBusch said in Wazuh Agent Install - CentOS: Why are you disabling agent updates? Wazuh doesn't understand how to maintain their own repository, so when OSSIM updates their stuff, it breaks Wazuh. It's silly, easily fixable, and I don't have the time to maintain the thing myself.