Peter Turner's questions

We're trying to rewrite a draconian screen session killer for users who leave their screen sessions up for an inordinate amount of time and have in some way or other circumvented our session timeouts.

The current method is to find the pid for screen and kill it, it it looks like the screen program is written in a way that you can hook into other users sessions, but when I try to do anything as root, the screen directory is a different directory. Guessing this is for security reasons, but is there anyway to intentionally override this so that I can just do something like screen -r somedude/33333 -d -X quit? as root?

I'm running Ansible 2.0, and I could just run this, but I could also be tricked in to believing something that isn't true by my empirical tests and I can find no documentation to tell me when handlers are supposed to be ran.

If handlers aren't ran at the end of their tasks, this is my conundrum. I've got a playbook with 5 roles in it, I want to add a 6 role to the end that needs to have the handlers of the 4th role completed before it can start.

Is there any way to run Ansible to rely on a handler being completed (i.e. a role being completely completed) before doing something else or am I using handlers wrong?

I've got HotAdd set to true and a bit less memory than I wanted allocated to a VM. I've got this in the vmx file:

memsize = "192"

mem.hotadd = "TRUE"

But, I've cut out my legs to get on the vcenter console of this esxi server (barring lots of port forwards), is there a way to change the memory size with vim-cmd. I didn't see anything obvious, I think I can edit the vmx file and restart the vm, but since I'm logged on to the console of the esxi server through the VM, I don't really want to do that!

So, is there a way to change memory or "hot reload" settings using vim-cmd?

I've got a script that pulls down an entire SLES11 OS from a remote machine. These are my include and exclude directories

--include=/bin --include=/etc --include=/lib --include=/lib64 --include=/opt --include=/sbin --include=/usr --include=/var

--exclude=/boot --exclude=/etc/sysconfig/network --exclude=/media --exclude=/mnt --exclude=/proc --exclude=/selinux --exclude=/lost+found --exclude=/dev --exclude=/sys --exclude=/var/lib/ntp/proc --exclude=/var/cache/yum {...and some proprietary stuff}

Problem is, when I reboot my computer, the working nic in the rsynced machine shows up as eth2 instead of eth0 (which throws off everything).

All other rsync problems that I'm probably going to run in to aside and ask about here or at unix.se, what other files should I be avoiding to not have my machine reboot with a new nic?

I'm running Ansible 2.0 on SLES 11 SP4 against about 430 machines and it is very slow, I can't really tell why it is so slow, but it goes much faster if I limit the number of machines in the inventory. It took about 7 hours to run a 3 task playbook (including gathering facts) and the 3rd task was a local action. It takes about as much time to gather 2 machines facts files when I'm running inventory of all 430 as it does to fully process 6 machines.

And it uses 99.9% of the CPU right off the bat:

root     11646 99.8  0.4 220188 61016 pts/1    Rl+  07:24   6:41                          \_ /usr/bin/python /usr/bin/ansible-playbook /etc/ansible/playbooks/checkhostnames.yml ...
root     11651  0.1  0.4 187396 58828 pts/1    Sl+  07:24   0:00                          \_ /usr/bin/python /usr/bin/ansible-playbook /etc/ansible/playbooks/checkhostnames.yml ...
root     11652  0.1  0.4 187812 59216 pts/1    Sl+  07:24   0:00                          \_ /usr/bin/python /usr/bin/ansible-playbook /etc/ansible/playbooks/checkhostnames.yml ...
root     11653  0.1  0.4 188052 59428 pts/1    Sl+  07:24   0:00                          \_ /usr/bin/python /usr/bin/ansible-playbook /etc/ansible/playbooks/checkhostnames.yml ...
root     11654  0.1  0.4 186148 57496 pts/1    Sl+  07:24   0:00                          \_ /usr/bin/python /usr/bin/ansible-playbook /etc/ansible/playbooks/checkhostnames.yml ...
root     11655  0.1  0.4 186552 57924 pts/1    Sl+  07:24   0:00                          \_ /usr/bin/python /usr/bin/ansible-playbook /etc/ansible/playbooks/checkhostnames.yml ...
root     11656  0.4  0.2 154948 25828 pts/1    Sl+  07:24   0:01                          \_ /usr/bin/python /usr/bin/ansible-playbook /etc/ansible/playbooks/checkhostnames.yml ...

Which is scary since I was really hoping that this would optimize our serialized ssh processes, looks like it's just gonna suck up all the resources.

when I strace the main pid, it just appears to be running stat on the inventory file over and over and over again.

I'm keeping all my host vars in one inventory file that I generate from a database. I tried using a dynamic inventory, but that took too long to even initialize (I'm guessing it's hitting the sql query over and over again)

So, is there a trick to running it against lots of machines?

I have already tried all the tricks in https://www.ansible.com/blog/ansible-performance-tuning

I've also tried breaking it up by putting host_vars for each host in their own file - I figured strace was telling me that it was parsing my 500k inventory file constantly. But that didn't help too much.

I switched my playbook to just echo hello, no gathering facts

when I run an inventory file with only 3 hosts in it I get

real    0m1.996s
user    0m0.400s
sys     0m0.112s

when I run an inventory file with all 430 hosts and limit to just the first 3 I get it done in (note, these are different hosts - but the same make of machine):

real    0m11.989s
user    0m13.693s
sys     0m0.552s

and when I run an inventory file with all 430 hosts with no limit (and ctrl-c after the 3rd one, I get:

real    2m50.961s
user    2m56.495s
sys     0m0.764s

So, it makes me think that not a lot is really going on behind the scenes and something is intensely blocking.

If I've got an entry in syslog-ng

log {
  source (src);
  filter (filter1);
  filter (filter2);
  filter (filter3);
  filter (filter4);
  destination (all_log)
 }

And, say filter4 is a very permissive filter and filter3 is a filter to eradicate a couple irksome hosts. If filter2 and/or filter1 allow one of those irksome hosts, will it get logged?

I've got a client running Terminal Server 2008 R2, connecting from Windows XP terminal services client (not sure of the local RDP version, I think they've got all their service packs though) and whenever they copy text from the terminal server and paste it back on their machine, all they get is 5 Squares (regardless of what they copy or where they copy it from).

I'm debugging this for an application I am responsible for, but I get the same problem from Notepad as I do for my program, so I think it's a server problem (still my problem, eh?).

The option to use clipboard resources is checked.

Something has been happening on my company's network at 9:30 every day. I'm not the sysadmin but he's not a ServerFault guy so I'm not privy to every aspect of the network but I can ask questions if follow up is needed.

The symptoms are the following :

1. Sluggish network and download speed (I don't notice it, but others do)
2. 3Com phones start ringing without having people on the other end.

We've got the following ports exposed to the public for a web server, a few other ports for communicating with our clients for tech support and a VPN. We've got a Cisco ASA blocking everything else. We've got a smallish network (less than 50 computers/vms on at any time). An Active Directory server and a few VM servers. We host our own mail server too.

I'm thinking the problem is internal, but what's a good way to figure out where it's coming from?

For some reason, it's not the first thing I think of when diagnosing very strange table errors. I had an issue when doing an order by I'd wind up with only one record. Explain said I should have 28 rows, if I take out the order by I have 28 rows. Well, the problem was table corruption, but unlike some errors where MySQL goes right out and tells you your table is corrupt, I didn't know until I checked it.

I was just wondering if there is a list, or we could make a list of all the times when a MySQL database is corrupted, but you might not necessarily know it is.

I'd like to keep this strictly technical, don't care too much about whether it's legal or not because I'm assuming a reputable Chinese company wouldn't do anything to undermine the interests of a reputable American company.

I'm just wondering what happens to the searchability of my company if our domain is registered in Asia? We've at least got the market covered in direct searching our domain name, it would be a pity to lose that.

We are the department of registration service in China. We have something need to confirm with you. We formally received an application on October 30, 2009, One company which is called "Some Awesome Technologies Corp" is registering "xyz" as brand name and domain names as below:

• xyz.asia
• xyz.cn
• xyz.com.cn
• xyz.com.hk
• xyz.com.tw
• xyz.hk
• xyz.in
• xyz.net.cn
• xyz.org.cn
• xyz.tw

After our initial checking, we found the brand name and these domain names being applied are as same as your company's, so we need to confirm with your company. If the aforesaid company is your business partner or your subsidiary company, please DO NOT reply us, we will approve the application automatically. If you have no any relationship with this company, please contact us within 3-7 workdays. If out of the deadline, we will approve the application submitted by "Some Awesome Technologies Corp" unconditionally.

[Then there's a signature block that looks official]

Also, it would be good to know if this is a hoax. We actually have our firewall set up to block all incoming and outgoing traffic from the Eastern Hemisphere (nothing personal). I guess I can browse to the address they sent the email from, but I'm still not sure if it's legit.

The Magnetic Stripe Reader that I'm using and testing is just supposed to be sending keystrokes. Unfortunately, it seems to randomly be sending upper case and lower case keystrokes, sometimes substituting % for 5 and ^ for 6 and vice versa. (If you've ever programmed for a magnetic strip reader, you know that's not a good thing.)

Is there something in the RDP protocol that causes this? I've got kind of a convoluted system, running XP inside virtualbox on Fedora 11 RDP'ed into a win2k3 server. It works on the XP VM and it doesn't work on the RDP'ed one.

What's weirder, is that I'm not even emulating the USB drivers for my Mag Card Reader. Linux is sending keystrokes straight in to windows, and MSTSC on windows XP is sending crap to the Win2k3 server. I'm 99% certain this isn't a problem with the card reader, it has nothing to do with my programming either. (I get the same junk coming into notepad that I get coming into our software [that's why I didn't ask on SO]).

And, it works with rdesktop programs other than MSTSC.exe!

Needless to say, I'm in need of some RDP Guruship.

I want to added public_html and private_html folders for users of my web server (Fedora 8 or 10 or something). Where is the script that will create those folders for them when they log on? Is there one script for first logon and a different script for subsequent logons? What is the normal way this is accomplished?

We've been lusting after a dashless domain name for a long time. It's registered to someone else who doesn't use it as a public website, the whois data says it expires in a few years.

What should I do to acquire this domain, what should I avoid doing so as not to shoot myself in the foot or jack the price up and what does a domain backordering service do?

Apparently we've been restricted (though packet filtering) to some arbitrarily small and untenable number of emails a day by some bankrupt ISP (and they say that's how it's always been chortle). We've been using our own mail server for the last 15 years, and only recently they've been giving us guff.

Is there a way for a legitimate business to email their clients, who really want to receive these emails, by bypassing the ISP? The way we've been doing it is by breaking up into 20 or 30 emails, but that gets complicated and requires a lot of manual labor by the receptionist, and unless she's really careful we wind up emailing lots of people twice.

So what are my options (Hosted Email, Lithuanian Proxy Server, Different ISP, not writing awful PHP that sends out zillions of emails and gets us blacklisted)?

I always forget how to do this, how to I change the inittab run level of a server/daemon?

I originally titled this "how to tell if your internet is down or your network is just screwed up" and Jeff's AI said that this questioned would probably be closed.

Nevertheless, someone here is always on the phone with the ISP and it's usually our fault. What are some of the best techniques for telling whether you've got an issue or they've got an issue.

I know this might be too much of a blanket question, but in a case where there's intermittent latency and disconnects (not just overall outages [i.e. can't ping google.com]) what do you do before calling the ISP?

This question is asked out of total ignorance and no access to a 64 bit windows machine, but I would like to know whether there is anything special that needs to be taken into account regarding a 64-bit registry and whether there is a regedit64 the way there was a regedit32.

What's the command to find the name of a computer given its IP address?

I always forget what this command is, but I know it exists in Windows and I assume it exists on the *nix command-line.

We got nailed two weeks ago by Conficker, I ran through the 26 step checklist from Mircrosoft on my own computer, as well as on our domain server. It says near the end to reverse all the changes, but I kinda like the changes (Disables Autorun and some other settings).

Is there anything in that fix that'll come back to haunt me down the road?

Also, maybe the group policy never took effect, I couldn't quite tell. Do your policies have to be placed on computers or users (or does it matter?) for this fix?

We've been using XRDP which was developed by one of the fellows who used to work at my company, but I'm pretty sure it's not being too actively developed any more and we're running out of people who care enough to administer Linux (except for me).
So I was wondering whether Terminal Server Gateway can do the same thing, XRDP can connect me via VNC or RDesktop to any machine inside the network it's running on. It seems utterly insecure as a replacement for a VPN, but it works and is pretty cool. Is a terminal server gateway pretty much the same thing? and could someone show me where the stinking control panel is?