Best posts made by momurda

Running updates on some servers with
yum update would return
Illegal Instruction
There is answer here:
https://www.centos.org/forums/viewtopic.php?t=58002
And this works.
However, another fix for this is to update the xenserver tools package on these servers.
One server in particular here with this error was still running version 6.1 of the guest-tools package for xenserver guests!
Updating to version 7.1 of the utility, rebooting, then running updates again, you should see your available updates and should be able to update.

@ccwtech said in What Are You Doing Right Now:

Reading this email from a user...

"So the clinic bought two laptops from the pawn shop and they definitley have a virus or something. The history on one of them is pretty amusing but basically I need to get them scanned and the virus protection put on them. They can have (Redacted) put on them but (Redacted) is not necessary. The computer I have ready is called Laptop-97hj0gjg. Do I need to install anything on the computer for you to log onto it?"

SMH...

Why is someone who writes emails like this allowed to buy a computer, or log into one for that matter.

Install debian 9.1. I used netinstall image.
when that is done get some basic admin stuff. debian netinstall comes with just about nothing. Not even sudo, which i havent installed here either, you can if you want.
#apt-get install glances sysstat net-tools dnsutils ufw
Configure ufw
#ufw allow https
#ufw allow http
#ufw allow mysql
#ufw allow ssh
#ufw enable
Install your lamp.
#apt-get install apache2 mariadb-server libapache2-mod-php7.0

#apt-get install php7.0-gd php7.0-json php7.0-mysql php7.0-curl php7.0-mbstring php7.0-intl php7.0-mcrypt php-imagick php7.0-xml php7.0-zip
Now setup mariadb
#mysql_secure_installation
Set root pw, answer questions.
Now is a good time to setup a db, user, pw for nextcloud on mariadb
You all know how to do that probably.

Download nextcloud 12.0.3
#wget https//download.nextcloud.com/server/releases/nextcloud-12.0.3.zip
Unzip
#unzip nextcloud 12.0.3.zip
copy to DocumentRoot
cp -r nextcloud /var/www

Next i just copied the info from nextcloud's instructions, replacing what i need to with my own config.
https://docs.nextcloud.com/server/12/admin_manual/installation/source_installation.html#apache-web-server-configuration

Enable the required modules in the instructions above. Depending on your situation maybe you need other things.
Once those are enabled, you should be able to get to the Nextcloud initialization page. Here you enter a nextcloud admin username/pw, your mariadb db, user, pw that you made earlier.
Change owner on /var/www/ to www-data

#chown -R www-data:www-data /var/www

Now you have nextcloud working on http
Now setup https. This is getting too easy.
I found this blog post, thanks dude!
https://vroomtech.io/installing-nextcloud-on-ubuntu-16-04-lts-with-apache2-lets-encrypt-redis-and-apcu/
I just used the part for https setup. Not the rest, but i am sure you could do that as well if you dont like my instructions.
apt install letsencrypt python-certbot-apache
The package on blog python-letsencrypt-apache doesnt exist, it asks if you want to use python-certbot-apache instead. Do it.
Get a cert.
letsencrypt --apache --agree-tos --email your-email-address -d nextcloud.your-domain.com
Answer 2 to the question it asks.
Now you have https nextcloud.
edit: You might get a warning on https://nextcloud.yourdomain.com page that you need to add nextcloud.yourdomain.com to trusted_domains in config.php
#nano /var/www/nextcloud/config/config.php
find trusted_domains section.
add your server there
'trusted_domains' =>
array (
0 => 'ip.ad.dr.ess.'
1 => 'hostname.domain.com',

What about restores?

This morning i had no Nextcloud sync, could not login to my Nextcloud through web interface as my AD user either. Internal Server Error when logging in.
Was working great yesterday.
I then tried logging in to web interface as ncadmin, this worked.
Goto the LDAP users section, try the ldap query i made for users, Success.
I then notice my NC sync client is green, and my AD user can login through the web interface again.
Is there some sort of issue where ncadmin user needs to login occasionally? All i did to fix this was log in as ncadmin and things just started working again. I probably had not used ncadmin login in at least a month.

The cumulative update for Windows 10 1803 has caused some of the machines here to lose network connectivity after rebooting.

Attempts to renew ip address with ipconfig /renew fail with an error like
An attempt was made to access a socket in a way forbidden by its access permissions

Running netsh int ip reset then rebooting again will solve the issue. Has happened on many computers here, but not all and not sure if it happens to others.

Arrgh, you have to change the Chassis type to

There is also the fake display of progress of updates, the fake download status of updates, the fake installation status of updates. It is always wrong. You also cant scroll down the list of installing updates if the list is long, it just starts from the top of update list every time a fake progress indicator changes a % or goes from initializing, preparing, updating, etc.

Got these this morning.

https://www.us-cert.gov/ncas/alerts/TA18-276A-- Using Rigorous Credential Control to Mitigae Trusted Network Exploitation
https://www.us-cert.gov/ncas/alerts/TA18-276B -- APT Activity Exploiting Managed Service Providers.
https://www.us-cert.gov/APTs-Targeting-IT-Service-Provider-Customers

These documents have tons of info including mitigations and howtos, including some tools that orgs may use.

Why is the USAF even outsourcing this job? Do they not have a sysadmin? Oh right, the entire DoD is overpaid 3rd party contractors now, from the likes of Lockheed, Siemens, GA, GD, SRA International and various other nincompoops.

12 years. In the last 12 years Lockheed has been paid hundreds of billions of dollars by you and me and 300 million other people in the US. This is what happens.
Lockheed gets paid no matter whether the solution works or not. The USAF cant cancel contracts with Lockheed, who else is going to do it? Boeing? doubt it, theyre too busy getting paid gobs of money to build refueling tankers and various other machines for killing people.
Not only should Lockheed lose most of their DoD contracts, the USAF personnel who have been bribed for decades to choose them for bids should probably be put on trial.

Of course not. There is that fable about a scorpion and a goat that need to cross a river...
I am saying that out of tens of millions of man beach hours per year, only half a dozen people are attacked. You are more likely to be killed by police, or a lightning bolt in a given year.

Slow day, was going to go home early. Decided not to. About 30 seconds after i was looking at flights to Rochester from Seattle, i start hearing users mumbling about things not working.
My stuff seems to be working fine, but i go out and see whats happening. Sure enough, people's Outlook is disconnected. then their phones stop working(voip). I go back into my office and suddenly nothing works. I mean nothing. Cant ping any device at all. However, our wifi network is working well. It is on a different vlan and subnet, gets its dhcp from Watchguard.

I go in server room, check to make sure everything is still on. It is, so i then move my pc's network port to a different switch. Success, i can ping our exchange, firewall, and google... for about 3 seconds. Then nothing again.
I log into our sole remaining physical Domain Controller, take a look at dhcp, dns, network traffic. Something is sending out a ton of traffic from 192.168.xxx.255 "WTF" i said very loudly. Perhaps we got hit with a virus of some kind.

I think to go downstairs and ask if the engineers have plugged anything into the network(we make network monitoring equipment). At any given time the engineers and tech support folks have at least half a dozen devices plugged in, mostly to unmanaged switch devices. Not ideal, but it has been like that for at least a decade and i just started here. I go to this one gal's workstation,

ping google
No resources.
No resources.
No resources.
No resources.

Been doing this quite a while, never seen ping return that result. As such it give me an idea; i unplug the unmanaged switch at her desk. 30 seconds later, everything is back to normal. Got a bit lucky that i went to this engineers station first and did a ping test and saw something id never seen before, or I would probably be still be pulling hair out.
It's a good thing i didnt decide to go home early, or the office might have caught on fire or something else like that.

@dafyre
Let me fix that statement for you
Just goes to show you... most people who work for the FBI should be fired and imprisoned.

Clap-on, Clap-off

Fixed it. the local server lvm service was 'stealing' the block device before iscsi could get it and serve it out. I ended up going into lvm.conf and adding a global filter option.
Would be nice if the novel of commented lines in lvm.conf would have mentioned when this could/should be used. A normal filter option didnt ever work. But it was a redhat doc i found with a sentence that mentions iscsi devices for vms might have to use the global filter option.

Should be a big B instead of a meaningless M.

@RojoLoco Yes cats can eat pancakes. Mine used to love french toast or donuts.

Pretty happy about that.

This is while moving a vm in xenserver to new storage.

iostat -dmx 2 222

I don't trust hardware manufacturers to write good software. I trust them to make good hardware.

A life without cake is a life without living.