serverfault.com

I'm developing a daemon that runs under control of systemd, and that has a feature to reload code that's inbetween "systemctl reload" and "systemctl restart". Unlike "systemctl reload" that sends a signal to re-read just the configuration, it also reloads the code, but unlike "systemctl restart" it's not a true hard restart that forgets all the state, but instead the state is written to a file and a signal causes the daemon to replace its code with execve() and then it reads the old state from the file. Is there any feature in systemd that would allow me to add some custom command to systemctl that would be inbetween reload and restart, just for this daemon? Technically the feature would be implemented by some signal such as SIGUSR1 or SIGUSR2. I'm expecting that there could be cases where a hard restart will be done instead of the lighterweight "dump state + execve + reload state", so it would be useful to have

I've got a storage server with some NVMe SSDs for system and metadata cache and 24 3.5" HDDs for storing historic data. Since this data is very infrequently accessed (at least once per day for synchronization, often that is the only access at all for several days), it would be good to spin down the drives during the remaining time to conserve power. The system is running Debian (actually Proxmox, but no VMs there) and ZFS. The storage pool is made up of 3x 8-way raidz1, with a mirrored special device on NVMes for metadata storage. The disks are Seagate Exos SAS drives. My questions: Will the drive lifetime decrease (or increase) if they are only active maybe 1/4 of the time, but with at least one spin-down/spin-up every day? Can or do I need to tell ZFS about this behavior, so that it isn't confused by very long initial access times when a drive needs to spin up first? Does ZFS even let a drive go to sleep, or does

What are the use cases for libnss-extrausers? I've seen a couple of examples but the details are lacking. If you use libnss-extrausers, don't you have to change all user and group IDs to keep from colliding with the corresponding /etc files? If this is done then effectively only files with "world" access in directories with "world" access are available. What about home directories, do you use a common directory such as /tmp or what do you do? This is why I'm asking about the use cases to better understand the benefit.

I have several java webapps running on 2 tomcat servers--with various JDK (17 and 25) and Tomcat versions (9 and 11), in a test/development environment--where the server is configured to request a client certificate. When the browser prompts me, I select my CAC card certificate on the browser popup and then am prompted to enter my pin. The prompts for certificate selection and pin entry have always occurred immediately after navigating to the url (so there is no post-handshake authentication). Unfortunately, this stopped working for me; one day it was working and another day it totally stopped. I am 100% certain that no server nor personal configurations changed since the time it was working; no server, connector, JDK, or any other settings were manually changed. And even more strange, it is very inconsistent between users: it still works 100% for one team member, it works only on Firefox for another team member, a third memeber can only get it to sometimes work in Chrome's p

I have a fleet of Dell OptiPlex 3000 machines that were purchased due to one reason only: legal license for Windows 10 IoT Enterprise LTSC. I am getting very strange set of permissions on a clean re-install on certain folders that relate to the shared Start Menu: C:\Users\All Users\Start Menu\Programs S-1-5-21-3671523672-3566060235-3176437112-1000:(I)(OI)(CI)(DE,DC) DESKTOP-UROR7BK\admin:(I)(OI)(CI)(DE,DC) NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F) BUILTIN\Administrators:(I)(OI)(CI)(F) BUILTIN\Users:(I)(OI)(CI)(RX) Everyone:(I)(OI)(CI)(RX) C:\Users\All Users\Start Menu Everyone:(DENY)(S,RD) Everyone:(RX) NT AUTHORITY\SYSTEM:(F) BUILTIN\Administrators:(F) C:\Users\All Users NT AUTHORITY\SYSTEM:(OI)(CI)(F) BUILTIN\Administrators:(OI)(CI)(F) CREATOR OWNER:(OI)(CI)(IO)(F) BUILTIN\Users:(OI)(CI)(RX) BUILTIN\Users:(CI)(WD,AD,WEA,WA) C:\Users NT AUTHORITY\SYSTEM:(OI)(CI)(F) BUILTIN\Administrators:(OI)(CI)(F) BUILTIN\Users:(RX) BUILTIN\Users:(OI)(CI)(IO)(

I have a windows NFS setup with AD and on mounting it in linux vm. I’m able to create and edit the files but not able to delete the files. The user seems to be correctly mapped but delete fails. I have even given full control to the user but it still doesn’t work. Can someone help me understand the possible causes for this? The delete works correctly on the windows machine.

We have a pair of Windows Server 2019 servers running Microsoft Exchange 2019 called mail01 and mail02. I recently noticed that browsing to https://mail01.domain.com/ gives a 500 error (well actually it gives Server Error in '/' Application but the logs show the 500 error). However, browsing to https://mail01.domain.com/owa or ecp works fine. Additionally, browsing to https://mail02.domain.com/ also works fine. So it is something in the standard root URL redirection on that one server. The event viewer has the following error: Could not load file or assembly 'Microsoft.Exchange.HttpUtilities, Version=15.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. Event code: 3008 Event message: A c

I'm experiencing an intermittent IPv6 connectivity issue on an Oracle Cloud Infrastructure (OCI) instance after migrating my firewall from ufw to nftables. Environment: OS: Ubuntu 24.04 Cloud Provider: Oracle Cloud (OCI) Local Network: Dual-stack (IPv4 and IPv6 available) The Problem: My SSH connection to the server via IPv6 is intermittent, while SSH via IPv4 remains perfectly stable. Upon investigation, I noticed that when the connection fails, the IPv6 address completely disappears from the network interface (checked via ip addr). When the connection is working, the IPv6 address is present. Troubleshooting Steps Taken: I have already allowed all ICMPv6 traffic in the Oracle Cloud Web Console (Security Lists). If I change my local nftables input chain default policy to accept, the IPv6 address reappears in ip addr after a few minutes, and SSH via IPv6 works perfectly again. However, if I change the nftables defa

I am sending Cisco ISE logs to an end receiver. Problem is that some of the logs are across multiple lines This causes it be considered as a new log event by the end system. For example below log get broken up into multiple log events :- <181> CISE_RADIUS_Accounting 0015021690 1 0 2020-03-01 09:36:46.766 +01:00 0376002501 3002 NOTICE Radius-Accounting: RADIUS Accounting watchdog update, ConfigVersionId=261, xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, cisco-av-pair=lldp-tlv=lldpSystemDescription=Cisco AP Software\, ap3g3-k9w8 Version: 8.10.130.0\ <13> Support: http://www.cisco.com/techsupport\ <13> (c) 1986-2020 by Cisco Systems\, Inc.\ <13> Wed Jul 29 00:28:31 PDT 2020 by aut, cisco-av-pair=lldp-tlv=lldpSystemName=sw-14, xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Type=Device Type#All Device Types#Switch#DynamiskNett, #015 1st part <181> CISE_RADIUS_Accounting 0015021690 1 0 2021-03-01

I've setup a kvm host using a vlan trunk (using 2 bonded nics) and then created several vms on the host. The host is configured with an IP in the native VLAN. Some of the vms are connected to vlan 1, the native vlan, others are connected to VLAN 20 and VLAN 50. I have communication between all the VMs, regadless of which VLAN they are connected to and other devices on the network can communicate with all the VMs and with the host server. The host server and vms connected to VLAN 20 or 50 can also communicate. However there is no communication between the host server and the vms connected to the native vlan. I've setup the kvm host using as follows, (using https://intelligentsysadmin.wordpress.com/2023/01/24/bridged-vlans-with-networkmanager/ as a general guide): Create the bond interface connection: nmcli con add type bond con-n