tftd's questions

I have the following DNS configuration:

$ dig +noall +answer -t txt example.com
example.com.    626 IN  TXT "v=spf1 +a +mx include:sendgrid.net include:_spf.google.com -all"

$ dig +noall +answer -t txt google._domainkey.example.com
google._domainkey.example.com.  600 IN TXT "v=DKIM1; k=rsa; ......"

$ dig +noall +answer -t txt _dmarc.example.com
_dmarc.example.com. 300 IN  TXT "v=DMARC1; p=none; pct=100; rua=mailto:report@email; aspf=s; adkim=r;"

$ dig +noall +answer -t txt em1234.example.com
em1234.example.com. 358 IN  CNAME   1234.xyz.sendgrid.net.
1234.xyz.sendgrid.net. 358 IN   TXT "v=spf1 ip4:149.72.253.162 -all"

When I send emails from example.com everything is fine and DMARC are passing. Same goes for emails sent via SendGrid and the subdomain em1234.example.com. However the reporting tool to which the reports are sent is claiming 100% SPF alignment failure which is odd, because Gmail and email headers state quite the opposite:

ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass [email protected] header.s=s1 header.b=Rv669YsQ;
       spf=pass (google.com: domain of bounces+4746099-3d38-recipient_email=recipient.com@em1234.example.com designates 149.72.253.162 as permitted sender) smtp.mailfrom="bounces+4746099-3d38-recipient_email=recipient.com@em1234.example.com";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=example.com

So the question I'm having here is how to SPF align the subdomain that's used by SendGrid? Is the only way to fix this setting aspf to relaxed or is there another way?

At my company we're currently developing a product which will eventually support authentication via OpenLDAP and Active Directory. We have configured a Windows Server 2016 and would like to create an isolated environment via windows containers to test our app in.

Unfortunately I am hitting a wall when it comes to installing/enabling the AD feature in the container. The error I'm receiving is:

Add-WindowsFeature : The request to add or remove features on the specified server failed.
The operation cannot be completed, because the server that you specified requires a restart.
At line:1 char:1
+ Add-WindowsFeature AD-Domain-Services
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : DeviceError: (@{Vhd=; Credent...Name=localhost}:PSObject) [Install-WindowsFeature], Exception
+ FullyQualifiedErrorId : DISMAPI_Error__Failed_Reboot_Required,Microsoft.Windows.ServerManager.Commands.AddWindowsFeatureCommand

Am I missing something or is this just not working?

This is my Dockerfile

FROM microsoft/windowsservercore

RUN powershell Get-WindowsFeature
RUN powershell -Command Add-WindowsFeature AD-Domain-Services 

Full build log:

PS C:\windows-ad> docker build --no-cache -t win-test .
Sending build context to Docker daemon   2.56kB
Step 1/3 : FROM microsoft/windowsservercore
 ---> be84290c2315
Step 2/3 : RUN powershell Get-WindowsFeature
 ---> Running in 5e5f83bb2c86

Display Name                                            Name
------------                                            ----
[ ] Active Directory Certificate Services               AD-Certificate
    [ ] Certification Authority                         ADCS-Cert-Authority
    [ ] Certificate Enrollment Policy Web Service       ADCS-Enroll-Web-Pol
    [ ] Certificate Enrollment Web Service              ADCS-Enroll-Web-Svc
    [ ] Certification Authority Web Enrollment          ADCS-Web-Enrollment
    [ ] Network Device Enrollment Service               ADCS-Device-Enrollment
    [ ] Online Responder                                ADCS-Online-Cert
[ ] Active Directory Domain Services                    AD-Domain-Services
[ ] Active Directory Federation Services                ADFS-Federation
[ ] Active Directory Lightweight Directory Services     ADLDS
[ ] Active Directory Rights Management Services         ADRMS
    [ ] Active Directory Rights Management Server       ADRMS-Server
    [ ] Identity Federation Support                     ADRMS-Identity
[ ] Device Health Attestation                           DeviceHealthAttestat...
[ ] DHCP Server                                         DHCP
[ ] DNS Server                                          DNS
[X] File and Storage Services                           FileAndStorage-Services
    [ ] File and iSCSI Services                         File-Services
        [ ] File Server                                 FS-FileServer
        [ ] BranchCache for Network Files               FS-BranchCache
        [ ] Data Deduplication                          FS-Data-Deduplication
        [ ] DFS Namespaces                              FS-DFS-Namespace
        [ ] DFS Replication                             FS-DFS-Replication
        [ ] File Server Resource Manager                FS-Resource-Manager
        [ ] File Server VSS Agent Service               FS-VSS-Agent
        [ ] iSCSI Target Server                         FS-iSCSITarget-Server
        [ ] iSCSI Target Storage Provider (VDS and V... iSCSITarget-VSS-VDS
        [ ] Server for NFS                              FS-NFS-Service
        [ ] Work Folders                                FS-SyncShareService
    [X] Storage Services                                Storage-Services
[ ] Host Guardian Service                               HostGuardianServiceRole
[ ] Hyper-V                                             Hyper-V
[ ] Network Controller                                  NetworkController
[ ] Print and Document Services                         Print-Services
    [ ] Print Server                                    Print-Server
    [ ] LPD Service                                     Print-LPD-Service
[ ] Remote Access                                       RemoteAccess
    [ ] DirectAccess and VPN (RAS)                      DirectAccess-VPN
    [ ] Routing                                         Routing
    [ ] Web Application Proxy                           Web-Application-Proxy
[ ] Remote Desktop Services                             Remote-Desktop-Services
    [ ] Remote Desktop Connection Broker                RDS-Connection-Broker
    [ ] Remote Desktop Licensing                        RDS-Licensing
    [ ] Remote Desktop Virtualization Host              RDS-Virtualization
[ ] Volume Activation Services                          VolumeActivation
[ ] Web Server (IIS)                                    Web-Server
    [ ] Web Server                                      Web-WebServer
        [ ] Common HTTP Features                        Web-Common-Http
            [ ] Default Document                        Web-Default-Doc
            [ ] Directory Browsing                      Web-Dir-Browsing
            [ ] HTTP Errors                             Web-Http-Errors
            [ ] Static Content                          Web-Static-Content
            [ ] HTTP Redirection                        Web-Http-Redirect
            [ ] WebDAV Publishing                       Web-DAV-Publishing
        [ ] Health and Diagnostics                      Web-Health
            [ ] HTTP Logging                            Web-Http-Logging
            [ ] Custom Logging                          Web-Custom-Logging
            [ ] Logging Tools                           Web-Log-Libraries
            [ ] ODBC Logging                            Web-ODBC-Logging
            [ ] Request Monitor                         Web-Request-Monitor
            [ ] Tracing                                 Web-Http-Tracing
        [ ] Performance                                 Web-Performance
            [ ] Static Content Compression              Web-Stat-Compression
            [ ] Dynamic Content Compression             Web-Dyn-Compression
        [ ] Security                                    Web-Security
            [ ] Request Filtering                       Web-Filtering
            [ ] Basic Authentication                    Web-Basic-Auth
            [ ] Centralized SSL Certificate Support     Web-CertProvider
            [ ] Client Certificate Mapping Authentic... Web-Client-Auth
            [ ] Digest Authentication                   Web-Digest-Auth
            [ ] IIS Client Certificate Mapping Authe... Web-Cert-Auth
            [ ] IP and Domain Restrictions              Web-IP-Security
            [ ] URL Authorization                       Web-Url-Auth
            [ ] Windows Authentication                  Web-Windows-Auth
        [ ] Application Development                     Web-App-Dev
            [ ] .NET Extensibility 3.5                  Web-Net-Ext
            [ ] .NET Extensibility 4.6                  Web-Net-Ext45
            [ ] Application Initialization              Web-AppInit
            [ ] ASP                                     Web-ASP
            [ ] ASP.NET 3.5                             Web-Asp-Net
            [ ] ASP.NET 4.6                             Web-Asp-Net45
            [ ] CGI                                     Web-CGI
            [ ] ISAPI Extensions                        Web-ISAPI-Ext
            [ ] ISAPI Filters                           Web-ISAPI-Filter
            [ ] Server Side Includes                    Web-Includes
            [ ] WebSocket Protocol                      Web-WebSockets
    [ ] FTP Server                                      Web-Ftp-Server
        [ ] FTP Service                                 Web-Ftp-Service
        [ ] FTP Extensibility                           Web-Ftp-Ext
    [ ] Management Tools                                Web-Mgmt-Tools
        [ ] IIS 6 Management Compatibility              Web-Mgmt-Compat
            [ ] IIS 6 Metabase Compatibility            Web-Metabase
            [ ] IIS 6 Scripting Tools                   Web-Lgcy-Scripting
            [ ] IIS 6 WMI Compatibility                 Web-WMI
        [ ] IIS Management Scripts and Tools            Web-Scripting-Tools
        [ ] Management Service                          Web-Mgmt-Service
[ ] Windows Server Essentials Experience                ServerEssentialsRole
[ ] Windows Server Update Services                      UpdateServices
    [ ] WID Connectivity                                UpdateServices-WidDB
    [ ] WSUS Services                                   UpdateServices-Services
    [ ] SQL Server Connectivity                         UpdateServices-DB
[ ] .NET Framework 3.5 Features                         NET-Framework-Features
    [ ] .NET Framework 3.5 (includes .NET 2.0 and 3.0)  NET-Framework-Core
    [ ] HTTP Activation                                 NET-HTTP-Activation
    [ ] Non-HTTP Activation                             NET-Non-HTTP-Activ
[X] .NET Framework 4.6 Features                         NET-Framework-45-Fea...
    [X] .NET Framework 4.6                              NET-Framework-45-Core
    [ ] ASP.NET 4.6                                     NET-Framework-45-ASPNET
    [X] WCF Services                                    NET-WCF-Services45
        [ ] HTTP Activation                             NET-WCF-HTTP-Activat...
        [ ] Message Queuing (MSMQ) Activation           NET-WCF-MSMQ-Activat...
        [ ] Named Pipe Activation                       NET-WCF-Pipe-Activat...
        [ ] TCP Activation                              NET-WCF-TCP-Activati...
        [X] TCP Port Sharing                            NET-WCF-TCP-PortShar...
[ ] Background Intelligent Transfer Service (BITS)      BITS
    [ ] Compact Server                                  BITS-Compact-Server
[ ] BitLocker Drive Encryption                          BitLocker
[ ] BranchCache                                         BranchCache
[ ] Client for NFS                                      NFS-Client
[ ] Containers                                          Containers
[ ] Data Center Bridging                                Data-Center-Bridging
[ ] Enhanced Storage                                    EnhancedStorage
[ ] Failover Clustering                                 Failover-Clustering
[ ] Group Policy Management                             GPMC
[ ] Host Guardian Hyper-V Support                       HostGuardian
[ ] I/O Quality of Service                              DiskIo-QoS
[ ] IIS Hostable Web Core                               Web-WHC
[ ] IP Address Management (IPAM) Server                 IPAM
[ ] iSNS Server service                                 ISNS
[ ] Management OData IIS Extension                      ManagementOdata
[ ] Media Foundation                                    Server-Media-Foundation
[ ] Message Queuing                                     MSMQ
    [ ] Message Queuing Services                        MSMQ-Services
        [ ] Message Queuing Server                      MSMQ-Server
        [ ] Directory Service Integration               MSMQ-Directory
        [ ] HTTP Support                                MSMQ-HTTP-Support
        [ ] Message Queuing Triggers                    MSMQ-Triggers
        [ ] Routing Service                             MSMQ-Routing
    [ ] Message Queuing DCOM Proxy                      MSMQ-DCOM
[ ] Multipath I/O                                       Multipath-IO
[ ] MultiPoint Connector                                MultiPoint-Connector
    [ ] MultiPoint Connector Services                   MultiPoint-Connector...
    [ ] MultiPoint Manager and MultiPoint Dashboard     MultiPoint-Tools
[ ] Network Load Balancing                              NLB
[ ] Peer Name Resolution Protocol                       PNRP
[ ] Quality Windows Audio Video Experience              qWave
[ ] Remote Differential Compression                     RDC
[ ] Remote Server Administration Tools                  RSAT
    [ ] Feature Administration Tools                    RSAT-Feature-Tools
        [ ] BitLocker Drive Encryption Administratio... RSAT-Feature-Tools-B...
        [ ] DataCenterBridging LLDP Tools               RSAT-DataCenterBridg...
        [ ] Failover Clustering Tools                   RSAT-Clustering
            [ ] Failover Cluster Module for Windows ... RSAT-Clustering-Powe...
            [ ] Failover Cluster Automation Server      RSAT-Clustering-Auto...
            [ ] Failover Cluster Command Interface      RSAT-Clustering-CmdI...
        [ ] IP Address Management (IPAM) Client         IPAM-Client-Feature
        [ ] Shielded VM Tools                           RSAT-Shielded-VM-Tools
        [ ] Storage Replica Module for Windows Power... RSAT-Storage-Replica
    [ ] Role Administration Tools                       RSAT-Role-Tools
        [ ] AD DS and AD LDS Tools                      RSAT-AD-Tools
            [ ] Active Directory module for Windows ... RSAT-AD-PowerShell
            [ ] AD DS Tools                             RSAT-ADDS
                [ ] Active Directory Administrative ... RSAT-AD-AdminCenter
                [ ] AD DS Snap-Ins and Command-Line ... RSAT-ADDS-Tools
            [ ] AD LDS Snap-Ins and Command-Line Tools  RSAT-ADLDS
        [ ] Hyper-V Management Tools                    RSAT-Hyper-V-Tools
            [ ] Hyper-V Module for Windows PowerShell   Hyper-V-PowerShell
        [ ] Windows Server Update Services Tools        UpdateServices-RSAT
            [ ] API and PowerShell cmdlets              UpdateServices-API
        [ ] DHCP Server Tools                           RSAT-DHCP
        [ ] DNS Server Tools                            RSAT-DNS-Server
        [ ] Network Controller Management Tools         RSAT-NetworkController
        [ ] Remote Access Management Tools              RSAT-RemoteAccess
            [ ] Remote Access module for Windows Pow... RSAT-RemoteAccess-Po...
[ ] RPC over HTTP Proxy                                 RPC-over-HTTP-Proxy
[ ] Setup and Boot Event Collection                     Setup-and-Boot-Event...
[ ] Simple TCP/IP Services                              Simple-TCPIP
[X] SMB 1.0/CIFS File Sharing Support                   FS-SMB1
[ ] SMB Bandwidth Limit                                 FS-SMBBW
[ ] SNMP Service                                        SNMP-Service
    [ ] SNMP WMI Provider                               SNMP-WMI-Provider
[ ] Software Load Balancer                              SoftwareLoadBalancer
[ ] Storage Replica                                     Storage-Replica
[ ] Telnet Client                                       Telnet-Client
[ ] VM Shielding Tools for Fabric Management            FabricShieldedTools
[X] Windows Defender Features                           Windows-Defender-Fea...
    [X] Windows Defender                                Windows-Defender
[ ] Windows Internal Database                           Windows-Internal-Dat...
[X] Windows PowerShell                                  PowerShellRoot
    [X] Windows PowerShell 5.1                          PowerShell
    [ ] Windows PowerShell 2.0 Engine                   PowerShell-V2
    [ ] Windows PowerShell Desired State Configurati... DSC-Service
    [ ] Windows PowerShell Web Access                   WindowsPowerShellWeb...
[ ] Windows Process Activation Service                  WAS
    [ ] Process Model                                   WAS-Process-Model
    [ ] .NET Environment 3.5                            WAS-NET-Environment
    [ ] Configuration APIs                              WAS-Config-APIs
[ ] Windows Server Backup                               Windows-Server-Backup
[ ] Windows Server Migration Tools                      Migration
[ ] Windows Standards-Based Storage Management          WindowsStorageManage...
[ ] WinRM IIS Extension                                 WinRM-IIS-Ext
[ ] WINS Server                                         WINS
[X] WoW64 Support                                       WoW64-Support


 ---> b891a0f5b277
Removing intermediate container 5e5f83bb2c86
Step 3/3 : RUN powershell -Command Add-WindowsFeature AD-Domain-Services
 ---> Running in 22724bfb2ee4
Add-WindowsFeature : The request to add or remove features on the specified
server failed.
The operation cannot be completed, because the server that you specified
requires a restart.
At line:1 char:1
+ Add-WindowsFeature AD-Domain-Services
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : DeviceError: (@{Vhd=; Credent...Name=localhost}:
   PSObject) [Install-WindowsFeature], Exception
    + FullyQualifiedErrorId : DISMAPI_Error__Failed_Reboot_Required,Microsoft.
   Windows.ServerManager.Commands.AddWindowsFeatureCommand

Success Restart Needed Exit Code      Feature Result
------- -------------- ---------      --------------
False   No             Failed         {}


The command 'cmd /S /C powershell -Command Add-WindowsFeature AD-Domain-Services' returned a non-zero code: 1

I decided to upgrade a machine running 13.2 to the latest Leap 42.1. I started the process and it did the upgrade. After the reboot everything is working except for the redis server service. I can't start the redis service using:

# service redis start

The status is:

# service redis status
redis.target - Redis target allowing to start/stop all [email protected] instances at once
   Loaded: loaded (/usr/lib/systemd/system/redis.target; static)
   Active: active since Fri 2015-11-20 03:47:07 EET; 1s ago

Although it says it's "active", when I check if the process is running it's actually not:

# ps ax | grep -i redis
20892 pts/0    S+     0:00 grep -i redis

The only way I can start the redis server is by manually running:

# redis-server /etc/redis/default.conf

which starts the server without any problems.

I've tried to reinstall the redis package and tried to change the vendor from the "official" to "server:database" repository. None of these seem to be fixing the issue.

My default.conf file is pretty much the "default" template which only has these changed:

daemonize yes #default is no
bind 127.0.0.1 1.2.3.4 #default is 127.0.0.1

The service files:

/usr/lib/systemd/system/redis.target
[Unit]
Description=Redis target allowing to start/stop all [email protected] instances at once

/usr/lib/systemd/system/[email protected]
[Unit]
Description=Redis
After=network.target
PartOf=redis.target

[Service]
Type=simple
User=redis
Group=redis
PrivateTmp=true
PIDFile=/var/run/redis/%i.pid
ExecStart=/usr/sbin/redis-server /etc/redis/%i.conf
Restart=on-failure

#ExecStart=/usr/sbin/openvpn --daemon --suppress-timestamps --writepid /var/run/openvpn/%i.pid --cd /etc/openvpn/ --config %i.conf
#ExecReload=/sbin/killproc -p /var/run/openvpn/%i.pid -HUP /usr/sbin/openvpn

[Install]
WantedBy=multi-user.target redis.target

Any ideas what has changed from 13.2 to 42.1 and why has the service stopped working? Also I don't seem to recall how I previously had the redis listed in chkconfig - after the upgrade it's gone from there, although I'm not quite sure that's part of the problem.

Edit: Here is the log file thanks to @Michael Hampton:

9042:signal-handler (1448036091) Received SIGTERM scheduling shutdown...
                _._
           _.-``__ ''-._
      _.-``    `.  `_.  ''-._           Redis 3.0.4 (00000000/0) 64 bit
  .-`` .-```.  ```\/    _.,_ ''-._
 (    '      ,       .-`  | `,    )     Running in standalone mode
 |`-._`-...-` __...-.``-._|'` _.-'|     Port: 6379
 |    `-._   `._    /     _.-'    |     PID: 9042
  `-._    `-._  `-./  _.-'    _.-'
 |`-._`-._    `-.__.-'    _.-'_.-'|
 |    `-._`-._        _.-'_.-'    |           http://redis.io
  `-._    `-._`-.__.-'_.-'    _.-'
 |`-._`-._    `-.__.-'    _.-'_.-'|
 |    `-._`-._        _.-'_.-'    |
  `-._    `-._`-.__.-'_.-'    _.-'
      `-._    `-.__.-'    _.-'
          `-._        _.-'
              `-.__.-'

9042:M 20 Nov 18:14:51.090 # Server started, Redis version 3.0.4
9042:M 20 Nov 18:14:51.091 * DB loaded from disk: 0.000 seconds
9042:M 20 Nov 18:14:51.091 * The server is now ready to accept connections on port 6379
9042:M 20 Nov 18:14:51.091 # User requested shutdown...
9042:M 20 Nov 18:14:51.091 * Saving the final RDB snapshot before exiting.
9042:M 20 Nov 18:14:51.126 * DB saved on disk
9042:M 20 Nov 18:14:51.126 * Removing the pid file.
9042:M 20 Nov 18:14:51.126 # Redis is now ready to exit, bye bye...

I'm not sure why it decides to spontaneously just quit due to "user requested shutdown".

I'm trying to figure out how to configure a reverse proxy in nginx when the endpoint is in a root context:

http://frontend.com/mylink proxy forwards to http://10.0.0.2:8000/

Unfortunately I can't change the context of the application at http://10.0.0.2:8000, so I'm trying to figure out a workaround in nginx for this issue. The following configuration usually works fine when there is a context, but doesn't work in the situation above:

location /mylink {
    proxy_pass     http://10.0.0.2:8000;
    proxy_redirect http://10.0.0.2:8000 /mylink;
    port_in_redirect off;
}

Any ideas what I'm missing here?

I was looking at this question while I was trying to find a good socks server for linux that would be easy to configure.

The following command works fine:

ssh -f -N -D 0.0.0.0:1080 localhost

I was wondering, though, if it is possible to have some kind of authentication required for the socks proxy to work - i.e. an existing unix user & correct password?

I've created a slackware build script so I could build a specific package and then install it on a couple of servers running identical versions. I'm aware you could use doinst.sh to do things after the package was installed, but is there a similar script that's executed upon uninstall? For example, when the package is installed, in doinst.sh I have a couple of specific environment variables that append to /etc/profile. I'm wondering if it is possible to automatically remove them from /etc/profile if the package gets deleted (i.e. create a douninst.sh that would do that)?

So, I have two interfaces from different ISP's and I'm trying to monitor my connection using mtr. This is the command I'm currently trying to use:

mtr --no-dns --address $MY_REAL_IP_HERE $A_DESTINATION_IP

Unfortunately this is not going though the interface I want it to. At the moment I have eth1 and ppp0, and I would like to monitor only ppp0. Any ideas what I'm doing wrong?

I have configured a squid 3.1 proxy server.
Everything works great except for the X-Requested-With header.
I can't manage to figure out how to pass that header to the site I'm attempting to open via the proxy.

This is my current configuration:

request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access WWW-Authenticate allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Cache-Control allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Cookie allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access User-Agent allow all
request_header_access All deny all #remove all other headers


# delete "x-forwarder-for.." headers
forwarded_for delete
request_header_access Via deny all
request_header_access X-Forwarded-For deny all

I tried to add this line request_header_access X-Requested-With allow all to the configuration but apparently X-Requested-With is an unknown header name... Apparently I'm missing something?

I'm wondering if the following code should be working:

<LocationMatch "/(.*)([/])?(.*)">
    Order allow,deny
    Allow from all

    AuthType Basic
    AuthName "Git"
    AuthUserFile  /git/.htpasswd
    AuthGroupFile /git/.htgroup
    Require group $1
</LocationMatch>

What I am trying to achieve with this is to require a group based on the first regex variable. So if the user goes to http://localhost/a-repository-name he has to be in the group a-repository-name to be able to open the url.

For some reason I can't get this code working and apache returns: Authorization of user **** to access /a-repository-name failed, reason: user is not part of the 'require'ed group(s).
I guess it's not matching against the proper variable at Require group $1.
Is this the right way to be done or I'm missing something?

I'm currently migrating from Apache to nginx. I have a couple of domains that are going to be hosted on the same machine with one IP address. Though I've configured nginx --prefix=/my/path it seems that nginx doesn't include my vhost configuration files.

My current nginx.conf looks like this:

http {
    include       mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    gzip  on;

    # Don't show server version.
    server_tokens off;

    index index.html index.htm index.php;

    # Default server
    server {
        listen          81 default;
        server_name     _;
        access_log      logs/access.log main;
        server_name_in_redirect  off;
        root  html;
    }

    ## Load virtual host conf files. ##
    include conf/vhosts/*/*.conf; # config/vhosts/domain.com/domain.conf ; subodmain.conf and etc

}

And this is the only vhost config I have in config/vhosts/domain.com/domain.com.conf:

server {
    listen          81;
    server_name     domain.com;
    access_log      logs/domain.com.access.log main;

    root            "/www/domain.com/htdocs";
    index           index.html;
}

I also tried to set the absolute path to the config file but it didn't work either. All of the request are landing on the default server. If, though, you insert the content of conf/vhosts/domain.com/domain.com.conf into conf/nginx.conf http{} the domain works just fine.

I've been trying to figure this out for a couple of hours now but I guess I'm doing something wrong?

I'm currently trying to mount a windows shared drive under linux. The machine is using windows 7 and by default it shares all windows drives if you login as an administrator. I've been able to login and list/copy/delete files via my android phone but I'm having a problem with mounting it on a server.

The command I'm trying:
mount -t smbfs -o username=MyUsername //10.0.0.2/$D /mnt/machine_1_d

I think the problem comes from the $ sign in $D. I just can't remember what was the fix for this. I'm sure it was something really simple but I can't find it on the net also.

This may be a really dumb question but how can you open a port on multiple interfaces without defining the interfaces? For example how do I open port 22 on all interfaces?

On my machine I have some interfaces that are dynamic and may or may not be available so I have to set "generic" rules.

This code is not working for me but I can't figure out why:

# My default policy is to drop the input.
# The other policies are required like that.
$IPTABLES -P INPUT DROP
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -P FORWARD ACCEPT
$IPTABLES -t nat -P POSTROUTING ACCEPT
$IPTABLES -t nat -P PREROUTING ACCEPT
$IPTABLES -t mangle -P OUTPUT ACCEPT
$IPTABLES -t mangle -P PREROUTING ACCEPT

#Open port 22 on all interfaces ?
$IPTABLES -A INPUT -p tcp --dport 22 -j ACCEPT

So apparently there's something wrong with the last line... but I can't see it?

Edit: iptables -nvL

root@machine:/etc/rc.d# iptables -nvL
Chain INPUT (policy DROP 22 packets, 1378 bytes)
 pkts bytes target     prot opt in     out     source               destination
   18  1484 ACCEPT     all  --  *      *       192.168.0.0/24     192.168.0.1
    0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0
    4   236 ACCEPT     all  --  eth0   *       0.0.0.0/0            0.0.0.0/0
    0     0 DROP       all  --  eth1   *       0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  192.168.0.1 *       0.0.0.0/0            0.0.0.0/0
   24  1362 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:53
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:53
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:80
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:80
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:443
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:443

Chain FORWARD (policy ACCEPT 490 packets, 194K bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 49 packets, 35544 bytes)
 pkts bytes target     prot opt in     out     source               destination

I've been wondering if there is a way to get apache statistics? I'm looking for something that can show graphs and inform me what's the traffic at certain hours, how is the server performing during those hours and etc. I tried the default Apache Server Status but it didn't fit my needs.

I have this strange and stupid problem I'm trying to resolve for a couple of hours now. I have installed apache 2.2.10 (it was compiled from source a long time ago), and PHP-5.3.6. Both are working just great except for the fact I can't get PHP to load the php.ini file.

This is my config.nice file:

'./configure' \
'--prefix=/usr/local/php-5.3.6' \
'--with-config-file-path=/usr/local/php-5.3.6/lib' \
'--with-apxs2=/usr/local/apache-2.2.10/bin/apxs' \
'--with-curl' \
'--with-mysql' \
'--with-zlib' \
'--with-bz2' \
'--with-gd' \
'--with-jpeg-dir' \
'--with-png-dir' \
'--enable-mbstring' \
'--with-freetype-dir' \
'--with-t1lib' \
'--enable-gd-native-ttf' \
'--enable-gd-jis-conv' \
'--with-openssl' \
'--with-openssl-dir' \
'--enable-pcntl' \
"$@"

I've used this config.nice for all the PHP versions since 5.2 with slight changes and it is working this way on a couple of servers. It's probably something small I'm missing and I can't figure what it is.

I set the '--with-config-file-path' because I though php can't find it's own path or something. In the defined path I have a file called php.ini which is copied from the PHP 5.3.6 tarball (php.ini-development).

The file should be working as it's the original but I can't see because it's not loading - phpinfo() returns:

Configuration File (php.ini) Path:  
/usr/local/php-5.3.6/lib
Loaded Configuration File:  
(none) 

Does anybody have an idea what may be the problem ?

Relevant info:
@Server OS: Slackware 12.2
@Apache Version: 2.2.10
@Apache User / Group: daemon / daemon
@PHP Version: 5.3.6 (Latest)
@PHP ini file: /usr/local/php-5.3.6/lib/php.ini
@PHP ini file perms: 777 (daemon.daemon)

I've recently experimented with the settings in pg_hba.conf. I read the PostgreSQL documentation and I though that the "password" auth method is what I want. There are many people that have access to the server PostgreSQL is working on so I don't want the "trust" method. So I changed it. But then PHP stopped working with the database.

The message I get is "Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL: password authentication failed for user "myuser" in /my/path/to/connection/class.php on line 35". It is kind of strange because I can connect via phppgadmin without any problems and also I can connect from my home computer with psql - again without any problems.

This is my pg_hba.conf:

# TYPE  DATABASE        USER            CIDR-ADDRESS            METHOD
# "local" is for Unix domain socket connections only
local   all             all                                     password
# IPv4 local connections:
host    all             all             127.0.0.1/32            password
# IPv6 local connections:
host    all             all             ::1/128                 password

The connection string I'm using with pg_conenct is:

$connect_string = "host=localhost port=5432 dbname=mydbname user=auser password=apassword";
$dbConnection = pg_connect($connection_string);

Does anybody know why is this happening ? Did I misconfigured something ?

I'm testing an sql code that's meant to be used for searching records. I have database A(my home copy) and database B (a server for a site, the database is an absolute clone of database A). For the purpose of this example let's say I have a table with 3 columns -

1. username
2. firstname
3. lastname

Imagine you have a couple of records in the table that contain the words "test","testing","tester" in all of the columns. Now you'd want to select all the records that contain the word "test" in all of the columns. The appropriate sql query would be:

SELECT * FROM users WHERE username ILIKE $$%test%$$ OR firstname ILIKE $$%test%$$ OR lastname ILIKE $$%test%$$;  

his code returns the correct data on database A but it doesn't return anything on database B. The copies are identical - I've dumped db A (my local machine) and imported it to db B(the server). Only I have access to that server so nobody could have messed up things. Plus, I tried dropping db B and recreating it with the same import just to be sure and again no results after the sql query.

The only difference between db A and db B is that db A is running on a 32bit machine and db B runs on 64 bit machine. The versions are different -db A runs 8.3.5 and db B runs 9.0.2, the configuration is the default which comes when you install PostgreSQL.

Can this be related to the 32/64 bit OS? Is it because of the different versions or it's a setting I need to enable ? I'm 99,999% sure it's the sql I'm executing is the right one so I have ruled out that one..

I've done some reading in google and the only thing I did was get myself confused. Some of the people say that count() is slower with many records, others say you can cache the number or even use sequence...

What's the best way to count many rows in a table with best performance and lowest cpu/ram usage? By many I mean >=500,000 rows.

I want to lock my php configuration and disable loading other php configurations rather than the default (which in my case is located at /usr/local/php/lib/php.ini) I want to disable the "Scan this dir for aditional.ini" or if there's a way to set the vars from php.ini as permanent I would go for it.

Any suggestions ?

Thanks in advance,
Me.

I'm having a problem with configuring my postgresql server. I've installed PostgreSQL 9.0.2 on slackware 13.1x64 and it runs fine but I can't add a IP that could connect to PostgreSQL remotely.

The logs show me this:

LOG:  invalid IP mask "trust": Name or service not known
CONTEXT:  line 83 of configuration file "/usr/local/pgsql-9.0.2/data/pg_hba.conf"
FATAL:  could not load pg_hba.conf

And on that line I have:

host    all         all         **.**.***.*         trust

The ** is my real IP address. But PostgreSQL tells me I need to set ip mask ? What's that I'm doing wrong ?

Thanks in advance,
Me

I'm writing a PHP site that's expected to get about 200-300 concurrent users browsing it. When initializing the application will load about 30 PHP classes, some 10 maybe 15 images and a couple of css files.

So my question is, what else can I do (except optimizing my code and using apc/eaccelerator for PHP) to get as close as possible to those numbers of concurrent users?

Currently we haven't chosen a server for the site to be hosted on but most probably it'll be a VPS Dual core + 2 or maybe 4GB RAM. Is it possible for such a server to handle that load? Also how could I test it myself and be sure that it'll be able to handle it?