I have rsyslog setup to log to a central server over TCP. I'd prefer for it to log locally if the network or remote server is not available, but otherwise omit local logs. It's straight forward to log to both but I haven't seen a way to log to either/or.
We're using db2 9.5 and on rare occasions get the following error when attempting to connect to the database. The program is forked from another process and trying a second time always succeeds.
[IBM][CLI Driver] SQL30082N Attempt to establish connection failed with security reason "26" ("SERVER SECURITY PLUGIN ERROR"). SQLSTATE=08001
We use Kerberos, password-less authentication.
I'm using postfix, and have setup spf, dkim, and domainkeys. I can get my email to go to Yahoo, but not gmail. Here's the headers from an email send to Yahoo. Yahoo reports the email as domain key verified.
X-Apparently-To: brianegge at yahoo.com via 68.142.206.167; Sat, 20 Mar 2010 05:29:19 -0700
Return-Path: <domains at theeggeadventure.com>
X-YahooFilteredBulk: 67.207.137.114
X-YMailISG: x7_Rl9EWLDuugoqPcORhih0FeQMOaIIpz4qfuu9ttx1xbo3uKI2kz.CLUy2cJ1BTtHAwuJtrsGRsveHIx.Dx95avNGlPPGWy_cSpnEwWLXGxBciO.YgtSQxdURQiWLCLvbHej0QPjQIHFjAFjdeGhJd2Y8NgTW1wcExq45Sb7LMlOGvtGMjSQuc8QazwXUxpZrQbIxgSQUTmzQO1x30xaZ2Us6TQTab7Wpya6OgAX.emKOM3phfS5kfhYj9FLQ.qi32sFNWnAoFdVK596OTP2F63PAJOVM5qPsM2jIAbJylIBmnj94LO7hOVr3KOS6XLtCPRn2Oe
X-Originating-IP: [67.207.137.114]
Authentication-Results: mta1055.mail.mud.yahoo.com from=theeggeadventure.com; domainkeys=pass (ok); from=theeggeadventure.com; dkim=pass (ok)
Received: from 127.0.0.1 (EHLO mail.theeggeadventure.com) (67.207.137.114) by mta1055.mail.mud.yahoo.com with SMTP; Sat, 20 Mar 2010 05:29:19 -0700
Received: by mail.theeggeadventure.com (Postfix, from userid 1003) id BB5B01C16A4; Sat, 20 Mar 2010 12:29:16 +0000 (UTC)
DomainKey-Signature: a=rsa-sha1; s=2010; d=theeggeadventure.com; c=simple; q=dns; b=JHbK9VhqyQTfpQFqaXxJrKpEG9h9H0IZ0LdWoBooJEA7hv3SYWmFUtyE247EuwoaG gzApKJ1DuRhwESZ7PswrbzuaUL8poAUO8LmMvZ+OqnDolgNSJUYWu0FcO+fe3H4m9ZD grkj0xMpHw+uFjXV4plKO+sa8olJXJAmP+9cMEo=
X-DKIM: Sendmail DKIM Filter v2.8.2 mail.theeggeadventure.com BB5B01C16A4
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=theeggeadventure.com; s=2010; t=1269088156; bh=bUlMldcnzFCmCmNT8qjpRl6fiY1YyjiZiC9jhCXASOw=; h=Subject:To:Message-Id:Date:From; b=EVNolTlh4Gch5/HIrrHaRQvcApl7wkB42gB44NsPcLZD2QrhuOvnhanhnEB4UbV0e A+3dAOjhX7LKzgGrn11jXNTiEjNX1vQDsX3HyG0fNra73aWiGTzr1nHJfnuEJ7Ph0j 5tp0HRL5jjikD1XJcvmsYzTpT22mxuz60HXYRB1s=
Subject: cron
To: <brianegge at yahoo.com>
X-Mailer: mail (GNU Mailutils 1.2)
Message-Id: <[email protected]>
Date: Sat, 20 Mar 2010 12:29:16 +0000 (UTC)
From: This sender is DomainKeys verified [email protected] (domains) View contact details
Content-Length: 818
When I send to gmail, I see the following in my server log, but the message doesn't even reach my spam folder.
Mar 20 12:59:12 Everest postfix/pickup[27802]: C81C61C16A4: uid=1000 from=<egge>
Mar 20 12:59:12 Everest postfix/cleanup[27847]: C81C61C16A4: message-id=<[email protected]>
Mar 20 12:59:13 Everest postfix/qmgr[27801]: C81C61C16A4: from=<[email protected]>, size=2784, nrcpt=1 (queue active)
Mar 20 12:59:14 Everest postfix/smtp[27849]: C81C61C16A4: to=<brianegge at gmail.com>, relay=gmail-smtp-in.l.google.com[209.85.223.24]:25, delay=2.1, delays=0.39/0.28/0.13/1.3, dsn=2.0.0, status=sent (250 2.0.0 OK 1269089954 32si4566750iwn.51)
Mar 20 12:59:14 Everest postfix/qmgr[27801]: C81C61C16A4: removed
I've send to email to test services, and the report everything verifies ok. I've also checked all the RBL lists, and I'm not on any of them.
When I execute the following whois command on my Ubuntu server, I get all sorts of other domains which contain google.com in the name, but clearly aren't owned by google. As this appears to be some sort of spam, I won't paste the output here. I'd like to check for exactly the name I typed in. I thought the following would work, but it doesn't. What is the proper way to do an exact match?
whois -Hx google.com
Update: I found a work around by using a Ruby whois script: http://www.ruby-whois.org/
GNU's grep has the option --only-matching, which prints just the matching region of a regular expression. I'm on a Solaris 5.10 box without any GNU tools installed, and I'm trying to achieve the same thing. Example:
grep -Eo "[0-9]+ ms" *.log
Is there a sed or awk expression that can do the same thing?
I'm attempting to connect to a Vista machine running RealVNC from a Mac. I've tried using both the applet and Chicken of the VNC to connect. The following is the traffic between the two PCs:
balance -pf 5900 41.193.x.x
-< 12
RFB 003.008\0A
-> 12
RFB 003.008\0A
-< 2
\01\02
-> 1
\02
-< 16
\9CaZH^B,\B5M\11\1A\CD\87Ibm
-> 16
\C8\DE\CF\92\FA\CF\CBe\D0\B0\A1A\9D\8F\0C6
-< 4
\00\00\00\00
-> 1
\00
-< 0
The applet log displays the following:
CConn: connected to host 41.193.x.x port 5900
CConnection: Server supports RFB protocol version 3.8
CConnection: Using RFB protocol version 3.8
main: rdr.EndOfStream: EndOfStream
What are the things I can check. I'm reasonably certain I'm passing the correct password and obviously the ports are open.
My home directory is mounted on an NFS mount. The commands I use on one machine are usually quite different to those on another. Is it possible to have easy host write to it's own history file?
I have Apache running Solaris using the mpm module, and it listens on port 8080. Every once in a while, someone will start up a Tomcat instance on the same host. The has the affect of directing all the traffic to Tomcat. Once Tomcat is shutdown, traffic resumes to Apache. I'd like for Apache to bind this socket exclusively, so other processes get an error. Is this possible?
Note, this is a dev box, so it's not possible to restrict who logs on, or what programs they run. Yes, it is possible, and quite easy to change the Tomcat port. The problem is this is the default tomcat port. So a developer untar's Tomcat, starts it up, and then I notice I'm getting Tomcat 404 errors instead of Apache content. This leads me to tracking down the developer and telling them to change their default port. Ideally, Tomcat would just fail.
When Java binds a port, it binds it in exclusive mode, and another process cannot listen on the same port. Apache seems to bind the port in shared mode. I wouldn't think this would be required with the mpm module, but it seems to be the default. I'm looking for a compiler option or config option that will bind the port in exclusive mode.
I have a Solaris 5.8 machine without OpenSSL. This platform is a real pain to get OpenSSL compiled for, and getting Mordac, our unix admin, to install the Solaris package isn't an option.
I'd like to run the Mercurial client, but this seems to require the Python _ssl module, which in turn requires OpenSSL or equivalent. Is there a way to get Mercurial running without these libraries?
I need to have a script periodically rsync files from a remote host via ssh. The account which the script runs under does not have home directory on the remote host, so I'm not able to store my public key on the remote host. I'm happy to store my password in a file on my local host, but I can't seem to get rsync to use the password.
The --password-file option is only an option for connecting to an rsync daemon, and the password prompt does not read from stdin.
I'd like to build and install fortune into my home directory on Solaris 10. Can someone recommend a version that's easy to build on Solaris and comes with a good set of fortune files. In reading about fortune, it seems I need to first find and choose my source, and then I have to get some fortune files. I like the version which is bundled with Cygwin. I'm hoping I can find a single tarball which I can simple make/make install.
The IBM RedBook instructions didn't help.
I need to give a script a queue manager and a queue/topic name, and have it return the number of messages queued up.
I've installed an SSL cert onto an Apache2 server which serves intranet content. Internet Explorer 6/7 and Safari 4 can connect to the site just fine. However, when I attempt to access the site with Firefox, I get the following error:
An error occurred during a connection to intranet:8080.
SSL peer reports incorrect Message Authentication Code.
(Error code: ssl_error_bad_mac_alert)
I'm running a standard Apache2/OpenSSL setup on Solaris 10. I tried enabling the SSLSessionCache, but that did not fix the problem.
We're using an internal CA, which is trusted by IE.
I can also reproduce the problem with curl:
* About to connect() to intranet port 8080 (#0)
* Trying x.x.x.x... connected
* Connected to intranet (x.x.x.x) port 8080 (#0)
* successfully set certificate verify locations:
* CAfile: /usr/share/curl/curl-ca-bundle.crt
CApath: none
* SSLv2, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS alert, Server hello (2):
* error:140943FC:SSL routines:SSL3_READ_BYTES:sslv3 alert bad record mac
* Closing connection #0
curl: (35) error:140943FC:SSL routines:SSL3_READ_BYTES:sslv3 alert bad record mac
I've recently upgrade my Ubuntu server install to 9.04. I'd like to install and use ufw. Is there a way to import my existing iptables into ufw? I'm worried about switching it on, and having all my ports closed. I'd like to open up a single additional tcp port, but don't want to go through the complicated process of changing my iptable rules.
I'd prefer for logadm to name files with a YYYYMMDD extensions, instead of the standard .0, .1, .2 ... I'd still want log admin to keep the last 'n' log rotations.
Is this possible, or am using the wrong tool for application log rotation? I'm rotating files only based on date, and not by size.