serverfault.com

I've installed proxmox in a DELL C6400 with a NIC Broadcom BCM57416, using the driver bnxt-en. The ethernet controller is recognized with the command lspci | grep -i ethernet, and I have the interfaces configured but DOWN. The LEDs also doesn't turn on when I connect the ethernet cable, but I'm sure it's not the cable because I exchanged the cables with the iDRAC port and both works correctly. Running the tests ethtool -t nic0 it fails at the Link test (online) and the Ext loopback test (offline). Also I've looked at dmesg and journalctl but I haven't found meaningful information.

I am completely lost now and need help figuring out what's going on. My DigitalOcean droplets keep getting compromised and used for DDoS attacks. This is the third time in a row on completely fresh builds. Each time I destroy the droplet, start from scratch, add more security, and within a day it happens again. Could there be something in my application code itself that's being exploited? Could my GitHub Actions deployment pipeline be compromised? Is there something at the DigitalOcean account level that could be the issue? What am I fundamentally missing here? i am running - Node.js application with Docker containers, PostgreSQL and Redis, Nginx as reverse proxy, Deploying via GitHub Actions Security measures I've implemented (after getting burned twice already): SSH: Disabled password auth, disabled root login, using ED25519 keys only, changed default port, a

This is a Shibboleth question regarding PEM files and Tomcat. I noticed within the Shibboleth Windows installation that there are some PEM files within the ...\shibboleth-sp\etc\shibboleth dir. Do I need to use the Java JDK keytool.exe utility and add these to my keystore for Shibboleth to work properly with Tomcat? EXAMPLE: keytool -import -trustcacerts -file c:\opt\shibboleth-sp\etc\shibboleth\sp-encrypt-cert.pem -keystore cacerts keytool -import -trustcacerts -file c:\opt\shibboleth-sp\etc\shibboleth\sp-encrypt-key.pem -keystore cacerts keytool -import -trustcacerts -file c:\opt\shibboleth-sp\etc\shibboleth\sp-signing-cert.pem -keystore cacerts keytool -import -trustcacerts -file c:\opt\shibboleth-sp\etc\shibboleth\sp-signing-key.pem -keystore cacerts Thanks in advance!

We have physical separation between the internal and external networks, with WSUS servers on both networks. Updates are transferred from the external network to the internal network server using a combination of copying and overwriting the WSUS content and using the wsusutil export/import commands. This process has been working correctly, but recently a strange problem has occurred. Previously, after copying the patch files and metadata to the internal server and the server stabilized, the WSUS overview page showed the status as Download Status: Updates requiring files: 0. Recently it changed to: Download Status: Updates requiring files: 1765, Downloaded 108.34MB, Total 154,393.54MB After two weeks, the screen remains unchanged. Running wsusutil.exe reset several times did not resolve the issue. How can we solve this problem?

I am currently managing a complex Azure subscription that contains a large number of Resource Groups, Resources and various models (mostly AI models/deployments). Navigating through the portal list-view is becoming difficult. I am looking for a way to visualize these components in a hierarchical or graphical representation. How can I visualize the hierarchy of all Azure resource groups, resources and models in my Azure subscription?

I have some issue with DKIM signature of my EXIM4 server. For some domains it works for others it doesn't work and I want to start checking what is wrong. Is there any way to get the output message in testing mode? I could get all debug informations for a delivery but I cannot get the final output message with all its headers. For example if I run: echo -e "Subject: Test01\nno body" | exim -d+all-f [email protected] -N [email protected] How can I see all added headers?

Recently I switched from ufw to firewalld and faced an issue that connected OpenVPN server clients do not have internet access. As I researched it became clear that ufw and firewalld forwarding rules have a great difference and firewalld rules are somehow need to be set up. So in ufw I used before.rules like this: # START OPENVPN RULES # NAT table rules *nat :POSTROUTING ACCEPT [0:0] -A POSTROUTING -s 10.8.0.0/8 -o enp1s0 -j MASQUERADE COMMIT # END OPENVPN RULES listing iptables -L -n -v --line-numbers: Chain FORWARD 1 43059 25M DOCKER-USER all -- * * 0.0.0.0/0 0.0.0.0/0 2 43059 25M DOCKER-FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 3 1030 501K ufw-before-logging-forward all -- * * 0.0.0.0/0 0.0.0.0/0 4 1030 501K ufw-before-forward all -- * * 0.0.0.0/0 0.0.0.0/0 5 32 2027 ufw-after-forward all -- * * 0.0.0.0/0 0.0.0.0/0 iptables -t nat -L POSTROUTING -n -v 0 0 M

The capacity or Tokens Per Minute (TPM) rate limit of the model deployments across in my Azure subscription are a mess: [table is chopped] How can I set the capacity or Tokens Per Minute (TPM) rate limit to the minimum for all model deployments across an entire Azure subscription? I don't want to do it manually one by one.

Issue Receiving an email for an alias, I got those errors: <[email protected]>Recipient address rejected: Unknown user; I realized this happened when postfix queries dovecot about user quota. Basically, what happens is that postfix queries dovecot using the virutal alias as name, not the virtual user. And since dovecot doesn't find a user under that name, it returns an error and postfix rejects the mail. Configuration I followed the docs at https://doc.dovecot.org/latest/core/plugins/quota.html when setting up the server. /etc/postfix/main.cf smtpd_recipient_restrictions = check_policy_service unix:private/quota-status /etc/dovecot/conf.d/90-quota.conf service quota-status { executable = quota-status -p postfix unix_listener /var/spool/postfix/private/quota-s

I am trying to configure PostgreSQL as data source in my new grafana service and get an error: stat /home/grafana/.postgresql/postgresql.crt: permission denied We used to have grafana service on specific AWS ec2 instance, we are in the process of cleaning it and separating the services to multiple machines. I tried to move grafana to a new service, I copied all the data from all the sub folders to new AWS ec2 instance and ran the grafana service and started to get a error and can't find what the source cause of the error. I can't find the file in the source AWS ec2 and provisioning folder is empty, one file and is all commented out '#'. Before you say grafana save all it's inner data in local sqlite3 database (that's located in /etc/grafana/grafana.ini [database] section). I tried to setup a clean Grafana instance and the error persists. I would like to hear any ideas you have, I am totally stuck. Grafana version was the lates