我已经安装fail2ban在 Debian Jessie LXC 容器上,目前它失败的原因是:
Starting authentication failure monitor: fail2ban
ERROR No file(s) found for glob /var/log/auth.log
ERROR Failed during configuration: Have not found any log file for ssh jail
系统上没有syslogor rsyslog,因此/var/log/auth.log不会生成。有没有办法如何告诉fail2ban使用输出journalctl _COMM=sshd?
I'd like to redirect local requests to port which is translated with NAT. I have following rules:
iptables -t nat -A PREROUTING -p tcp --dport 9020 -j DNAT --to 10.0.3.11:80
however request coming from localhost are rejected:
wget http://127.0.0.1:9020
Connecting to 127.0.0.1:9020... failed: Connection refused.
当我从任何其他计算机连接时,它可以工作。有没有办法在不重新编译内核的情况下做到这一点CONFIG_IP_NF_NAT_LOCAL=y?https://wiki.debian.org/Firewalls-local-port-redirection(似乎已过时)。
更新:
iptables -L -v -n --line-numbers -t nat:
Chain PREROUTING (policy ACCEPT 26 packets, 3230 bytes)
num pkts bytes target prot opt in out source destination
4 0 0 …我有一个主bind9DNS 服务器和 2 个在 IPv4(Debian Jessie)上运行的从服务器,使用/etc/bind/named.conf:
listen-on-v6 { none; };
当我尝试从不同的服务器连接时,每个连接至少需要 5 秒(我使用Joseph 的时间信息进行调试):
$ curl -w "@curl-format.txt" -o /dev/null -s https://example.com
time_namelookup: 5.512
time_connect: 5.512
time_appconnect: 5.529
time_pretransfer: 5.529
time_redirect: 0.000
time_starttransfer: 5.531
----------
time_total: 5.531
根据curl,查找需要大部分时间,但是标准nslookup非常快:
$ time nslookup example.com > /dev/null 2>&1
real 0m0.018s
user 0m0.016s
sys 0m0.000s
强制curl使用 IPv4 后,情况变得更好:
$ curl -4 -w "@curl-format.txt" -o /dev/null -s https://example.com
time_namelookup: 0.004
time_connect: 0.005
time_appconnect: …我正在尝试设置备份和恢复并确保它有效。
请注意,数据库大小ldap.old比ldap. 这/var/lib/ldap.old是我现有的数据库。我已重命名/var/lib/ldap以进行备份/恢复测试。
恢复时出现以下错误。因此,我不确定我是否已成功恢复所有内容。
...
added: "uid=user11123,ou=Abcd,ou=Industry Professional,dc=testdomain,dc=org" (0001cc9f)
added: "uid=user13123,ou=Abcd,ou=Industry Professional,dc=testdomain,dc=org" (0001cca0)
Error, entries missing!
entry 79870: ou=industryprofessional,dc=testdomain,dc=org
entry 79871: ou=abcd professional,ou=industryprofessional,dc=testdomain,dc=org
[root@openldap]# du -khs ldap ldap.old/
3.3G ldap
4.0G ldap.old/
这是我的备份/恢复过程:
slapcat -v -l backup_openldap.ldif
/etc/init.d/ldap stop
mv /var/lib/ldap /var/lib/ldap.old
mkdir /var/lib/ldap
chmod go-rwx /var/lib/ldap
cp –rfp /var/lib/ldap.old/DB_CONFIG /var/lib/ldap
slapadd –v –l backup_openldap.ldif
chown ldap:ldap /var/lib/ldap
/etc/init.d/ldap start
如何验证我已成功恢复所有记录?
我想设置x11vnc(或任何其他 vnc 服务器)在启动时启动。显示管理器是kdm,发行版是 Ubuntu 12.04.2 LTS。
当我尝试启动 x11vnc 时,出现以下错误:
$ x11vnc -rfbauth /var/run/xauth/A:0-crWk72 -rfbport 5901
passing arg to libvncserver: -rfbauth
passing arg to libvncserver: /var/run/xauth/A:0-crWk72
passing arg to libvncserver: -rfbport
passing arg to libvncserver: 5901
x11vnc version: 0.9.12 lastmod: 2010-09-09 pid: 2828
XOpenDisplay("") failed.
Trying again with XAUTHLOCALHOSTNAME=localhost ...
*** XOpenDisplay failed. No -display or DISPLAY.
*** Trying ":0" in 4 seconds. Press Ctrl-C to abort.
*** 1 2 3 4
XOpenDisplay(":0") failed.
Trying again with …我有一个 Debian Jessie ( 3.16.7-ckt20-1+deb8u3) 系统,在 2x 3TB 硬盘上带有 RAID1。Grub 无法安装到大于 2TB 的驱动器上的 MBR,因此我有一个带有 1MB bios 分区的 GPT:
Device Start End Sectors Size Type
/dev/sda1 2048 4095 2048 1M BIOS boot
/dev/sda2 4096 1953128447 1953124352 931.3G Linux RAID
/dev/sda3 1953128448 5860532223 3907403776 1.8T Linux RAID
重新启动后(内核升级deb8u2-> deb8u3)系统最终进入initramfs救援:
Loading, please wait...
mdadm: No device listed in conf file were found.
Gave up waiting for root device. Common problems:
- Boot args (cat /proc/cmdline)
- Check …