Is it possible to disallow remote servers from writing to a sshfs mounted folder, either on server or client side?
OS: Ubuntu 16.04
I have installed the quota commandline tool from apt and found some instructions to enable quota on the root partition by appending rootflags=uquota,gquota to GRUB_CMDLINE_LINUX within the file /etc/default/grub followed by update-grub and rebooting.
This seems to only effect my root partition as repquota -a gives the following output.
*** Report for user quotas on device /dev/sda5
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
User used soft hard grace used soft hard grace
----------------------------------------------------------------------
root -- 2791432 0 0 176163 0 0
daemon -- 52 0 0 1 0 0
etc.
etc.
As i would like to check the /var (/dev/sda6) partition aswel i tried to fill in either of ,usrjquota=quota.user,grpjquota=quota.group or ,uquota,gquota to /etc/fstab for /var but mount keeps outputting noquota:
(rw,noatime,attr2,inode64,noquota)
Rebooting with either of those mount options leaves me with a boot error when trying to mount /var.
How can i achieve quota control on my other partitions?
OS: Ubuntu 14.04, partition table:
Model: VMware Virtual disk (scsi)
Disk /dev/sda: 37.6GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Number Start End Size Type File system Flags
1 1049kB 200MB 199MB primary xfs boot
2 200MB 1201MB 1000MB primary linux-swap(v1)
3 1201MB 2201MB 1000MB primary xfs
4 2202MB 26.8GB 24.6GB extended
5 2202MB 8201MB 5999MB logical xfs
6 8202MB 26.8GB 18.6GB logical xfs
I'm trying to expand one (#6) of the partitions on a virtual machine. The VM is located on an ESXi where i raised the current disk with 10GB of diskspace. parted recognises the new space but when I try to resize the partition it gives me:
(parted) resizepart 6
End? [26.8GB]? 37.6GB
Error: Can't have overlapping partitions.
If I instead try to remove and create a new partition in its place, I recieve the below message as if it's remembering the previous partition?:
(parted) rm 6
(parted) mkpart
Partition type? [logical]?
File system type? [ext2]? xfs
Start? 8202MB
End? 37.6GB
Warning: You requested a partition from 8202MB to 37.6GB.
The closest location we can manage is 8202MB to 26.8GB.
Is this still acceptable to you?
Yes/No?
I'm not sure how to get the new space allocated to my partition 6? Let me know if any details are necessary.
I'm running a virtual machine (Ubuntu 14.04 LTS) on VMware ESXi. The virtual machines needed extra storage as to why i raised the disk size in ESXi, and ran pationing etc. from the virtual machine itself. All was fine (i thought) as both the df -h and df -i reported lots of diskspace and inodes left. But when i hit the partition's old limit i was faced by "no space left on device". As the case was very urgent i decided to reboot the machine which solved the problem and let new data be written to the partition.
My question: Is reboot of the virtual machine necessary or could it be avoided somehow?
Quick summary:
- Raise disk size in ESXi
- Repartition using
parted - Grow filesystem (xfs)
- Verify with
df
OS: Ubuntu 10.04
I have saved my partition layout from sda and want to restore it to my new disk sdb. I have used the following command to save the layout, but how can i restore it to my new disk using parted?
parted -ms /dev/sda print > sda.parted
I'm having a problem trying to look up a certain DNS name on the internet. For some reason I keep facing a SERVFAIL thought the correct result is displayed - like the DNS name is being resolved twice (external/local?).
I have no trouble looking up anything else, but this single DNS name gives me a headache. Other servers within my farm do lookups fine on this domain.
Let me give you some informations.
OS: Ubuntu 14 (with bind9 installed)
/etc/resolv.conf:
nameserver 208.67.222.222 # opendns
nameserver 127.0.0.1
The faulty lookup:
# host whois.verisign-grs.com
whois.verisign-grs.com has address 199.7.48.74
whois.verisign-grs.com has IPv6 address 2001:503:5419:1000::74
Host whois.verisign-grs.com not found: 2(SERVFAIL)
If i did not have the opendns entry in my resolv.conf, the error would either be a timeout (usually the first answer) or the SERVFAIL.
Could the local lookup tools be broken, or could it happen that my DNS lookups are blocked on some level?
I'm running an older Postfix and Courier mailserver with virtual domains. I recently experienced that local delivery (using webmail) to a not existing mailbox would result in that actual mailbox to be created - like /var/vmail/domain/notexistinguser - containing the email. In my opinion that mail should have bounced to the sender. Email from external system does trigger bounces.
I'm not quite sure if this problem is related to Postfix, Courier or other services running on my server. Therefore I am willing to send any config, logs etc. you might need, to help me solving the matter.
Some additional information
Output postconf -n (hostnames have been replaced for privacy):
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
anvil_rate_time_unit = 43200
append_dot_mydomain = no
biff = no
body_checks = regexp:/etc/postfix/body_checks
bounce_queue_lifetime = 1
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
header_checks = regexp:/etc/postfix/header_checks
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
maximal_queue_lifetime = 1
message_size_limit = 0
mime_header_checks = regexp:/etc/postfix/mime_header_checks
mydestination = example.com, localhost, localhost.localdomain
myhostname = example.com
mynetworks = 127.0.0.0/8 [::1]/128
myorigin = /etc/mailname
nested_header_checks = regexp:/etc/postfix/nested_header_checks
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
receive_override_options = no_address_mappings
recipient_delimiter = +
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_connection_count_limit = 5
smtpd_client_connection_rate_limit = 1000
smtpd_client_message_rate_limit = 1000
smtpd_client_recipient_rate_limit = 1000
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
smtpd_error_sleep_time = 2s
smtpd_hard_error_limit = 20
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination, reject_non_fqdn_sender, check_policy_service inet:127.0.0.1:10023, reject_rbl_client cbl.abuseat.org, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_soft_error_limit = 10
smtpd_tls_CAfile = /etc/ssl/local/ca-certs
smtpd_tls_cert_file = /etc/ssl/local/certificate
smtpd_tls_key_file = /etc/ssl/local/key
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_transport = maildrop
virtual_uid_maps = static:5000
Sending a mail from commandline gives me the following in the mail log (hostname and domain replaced for privacy):
Jan 26 13:33:01 myhost postfix/smtpd[25786]: 0F29E41134A62: client=localhost[127.0.0.1]
Jan 26 13:33:01 myhost postfix/cleanup[8531]: 0F29E41134A62: message-id=<[email protected]>
Jan 26 13:33:01 myhost postfix/qmgr[26331]: 0F29E41134A62: from=<[email protected]>, size=755, nrcpt=1 (queue active)
Jan 26 13:33:01 myhost amavis[18765]: (18765-09) Passed CLEAN, <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: jgU7IihKWNMv, Hits: 1.044, size: 310, queued_as: 0F29E41134A62, 3470 ms
Jan 26 13:33:01 myhost postfix/smtp[14895]: A808940E253C9: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.5, delays=0.04/0/0/3.5, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=18765-09, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 0F29E41134A62)
Jan 26 13:33:01 myhost postfix/qmgr[26331]: A808940E253C9: removed
Jan 26 13:33:02 myhost postfix/pipe[10437]: 0F29E41134A62: to=<[email protected]>, relay=maildrop, delay=1.3, delays=0.09/0/0/1.2, dsn=2.0.0, status=sent (delivered via maildrop service)
Jan 26 13:33:02 myhost postfix/qmgr[26331]: 0F29E41134A62: removed
Looking in /var/vmail/example.com reveals that the user has been created at the same timestamp. This user DID NOT exist before sending the test email.
drwx------ 5 vmail vmail 61 2015-01-26 13:33 unknown01
Product name: LSI SAS3041E
Is it possible to check the status of the rebuild? At the moment I only see that the raid is rebuilding/syncing from the lsi_log script, /var/log/vmkernel.log and vSphere status page. But i wonder how far that process is, and if it's somehow stuck somewhere. I would be nice to see the status in percentage.
I have a server with a 3ware 9690sa-i8 raid card installed. I have configured a raid with a size of 12TB which i would like to use for Windows. It seems whenever the partition table is MSDOS the limit of a partiton is 2TB. Changing to the GPT partiton table under a live cd with parted lets me instead create a partiton containing all the available disk space. But when trying to install Windows on that partion, it complains about the GPT partition table and will not continue.
How could i overcome this, and why did I not experience any troubles installing Ubuntu on the same setup/hardware?
I'm trying setup the HTTP_TOO_MANY_REQUESTS status code (429) for Apache, but it doens't seems to be supported by my version of Apache when i run a configtest:
Unsupported HTTP response code 429
- OS: Ubuntu 12.04.2
- Apache/2.2.22 (Ubuntu)
How can this be implemented?
I've build a two node storage setup with OCFS on top of DRBD to provide storage for a couple of ESXi servers. Will it be possible to setup iSCSI targets on both storage nodes and make one of the nodes take over the other in case of server failure?
If any other similar setups would let me achieve this, please let me know.
Howto's are very welcome.
I've installed targetcli from repo on my Ubuntu 14.04 server. I'm trying to figure out how to make the service listen on any (0.0.0.0) address.
Trying to setup 0.0.0.0 specific gives me an error:
IP address does not exist: 0.0.0.0
Is it possible to configure targetcli to listen on any address? Alternatively, would it be achievable by iptables?
I run a webserver under Apache with several virtual hosts. I would like to prohobit the access to certain file names, but instead of using a deny rule on each vh I would like to know if I can achieve this with global configuration?
Update
I found the following to suit my needs.
<FilesMatch "myfile.ext">
Require all denied
</FilesMatch>
I'm having a problem sending newsletters to certain domains/servers, like yahoo or minor network providers. It's like I'm spamming their servers with connections and they tell me to stop after a short while. I do get a bunch of emails through, but then I'm faced with messages like the below for a period of time (an hour or so) until the connection is reopened:
status=deferred (delivery temporarily suspended: lost connection with mx-eu.mail.am0.yahoodns.net[188.125.69.79]
I'm not interested in spamming their servers with connections and have tried various of different parameters in order to tune postfix to my needs. What I've tried so far in short:
- Reducing concurrent connections globally
- Inserting a delay of 1 second globally
- Reduced the number of processes to as low as 2
- Created specific policies for the domains in question (source: http://steam.io/2013/04/01/postfix-rate-limiting)
Does any of you have experience in this matter? And would it be possible to create policies for these specific recipient servers for instance yahoo?
Configuration examples will be appreciated.