AppArmor on CentOS 7 : Last realease in RPMs on stable kernels from kernel.org
Here you can download last version of RPM packages for AppArmor. May be used on any CentOS7 machines.
Everything is checked for original kernels of kernel.org:
– 3.16.62 (kernel compiled via default config and ‘make pkg-rpm’)
Using of build-in kernel of CentOS7 with a lot of patches is not encouraged.
Always better to use original versions of kernels of own compilation (from kernel.org) for any important machines.
Apache 2.4: Getting 408 errors in our log file with no request or user agent
Do you use mpm_event?
DO you still use KeepAlive for all clients event behind of proxy?
Do you see similar messages in logs?
1 2 3 | 154.160.1.199 - - [19/May/2019:10:17:44 +0000] "-" 408 - "-" "-" 154.160.1.199 154.160.1.199 154.160.4.172 - - [19/May/2019:10:17:47 +0000] "-" 408 - "-" "-" 154.160.4.172 154.160.4.172 154.160.3.253 - - [19/May/2019:10:17:48 +0000] "-" 408 - "-" "-" 154.160.3.253 154.160.3.253 |
MDADM: Resize underlying partitions in mdadm RAID1
[Vim] Удаление повторяющихся строк в vim
Попробуй это:
VIRSH:KVM – Запуск удаленного доступа VNC для гостевых операционных систем
Method # 1: Command Line Option
Normally, QEMU (/usr/libexec/qemu-kvm) uses SDL to display the VGA output. With the -vnc option option, you can have QEMU listen on VNC display display and redirect the VGA display over the VNC session. When using the VNC display, you must use the -k parameter to set the keyboard layout if you are not using en-us. Valid syntax for the display is as follows:
VIRSH:KVM – Перемещение дисков в другое хранилище
Migration of disks around is part of the life cycle of a guest. Disks in the storage pools (local or network) may fail or fill up due to bad capacity management. Ordinarily, one would have to shut down the guest, copy the storage volume file elsewhere (if it is a file), wait, update xML configuration, and launch it again. However, in mission-critical enterprises, this may not always be possible.
To get the source path, need check XML configuration file or storage volume. This requires to know which storage pool in use.
LUKS / dm-crypt and FS images
LUKS / dm-crypt is also suitable for creating FS images that can be used to store important information:
Read the rest of this entry »
OpenStack Neutron: How to change the default security rules in neutron during creation of group?
Neutron has commands for updating security groups:
1 2 3 4 5 6 7 8 9 | #security-group-create Create a security group. #security-group-delete Delete a given security group. #security-group-list List security groups that belong to a given tenant. #security-group-rule-create Create a security group rule. #security-group-rule-delete Delete a given security group rule. #security-group-rule-list List security group rules that belong to a given tenant. #security-group-rule-show Show information of a given security group rule. #security-group-show Show information of a given security group. #security-group-update Update a given security group. |
Running VPNC and StrongSwan IPsec together – проблемы с Cisco 1941 ISR
Если в вашей компании или на вашем рабочем месте есть инфраструктура Cisco VPN, но в то же время вам необходимо подключиться к некоторому удаленному сайту с помощью Ipsec, и вы являетесь пользователем Linux на рабочем столе, то это хороший совет, как запустить оба из них на в то же время.
Требования:
– Уже настроен vpnc для подключения к VPN
– Уже настроенный ipsec для подключения к удаленным сайтам
– Уже настроенное подключение к Интернету
Openstack Neutron: again bugs of python coders – ethernet via infiniband
If you want use ethernet network on computation nodes via Infiniband network infrastructure for flat type or for bridges, so you will failed.
Obviously, again low level of coders of python of component Neutron.
All code of Neutron (as and all OpenStack) it is just big set of wrapper python scripts around usual linux tools.
In context Neutron and in this particular case python code of ‘linuxbridge’ script just makes primitive “parsing” of standard output of shell commands – ‘ip link show’!!)) . And this code seeks only small string – ‘link/ether’. But it is not correctly!
As transient variant, in this case of architecture, need check also and ‘link/infiniband’ as minimum.
Below small code of patch ))