Header Shadow Image


Archive for the 'NIX Posts' Category

Zabbix: cannot start preprocessing service: Cannot bind socket to “/var/run/zabbix/zabbix_server_preprocessing.sock”: [98] Address already in use.

Zabbix error:  10272:20190212:003104.073 cannot start preprocessing service: Cannot bind socket to "/var/run/zabbix/zabbix_server_preprocessing.sock": [98] Address already in use.  10239:20190212:003104.078 One child process died (PID:10272,exitcode/signal:1). Exiting … related to: # cat ../audit/audit.log|grep -Ei denied|tail type=AVC msg=audit(1549949530.062:12551): avc:  denied  { unlink } for  pid=10521 comm="zabbix_server" name="zabbix_server_preprocessing.sock" dev="tmpfs" ino=3998803 scontext=system_u:system_r:zabbix_t:s0 tcontext=system_u:object_r:zabbix_var_run_t:s0 tclass=sock_file is solved by: # grep AVC /var/log/audit/audit.log* […]

Zabbix: cannot set resource limit: [13] Permission denied

Zabbix error:  10587:20190212:003514.676 using configuration file: /etc/zabbix/zabbix_server.conf  10587:20190212:003514.676 cannot set resource limit: [13] Permission denied relates to: [root@host01 zabbix]# cat ../audit/audit.log|grep -Ei denied|tail type=AVC msg=audit(1549949714.675:12570): avc:  denied  { setrlimit } for  pid=10587 comm="zabbix_server" scontext=system_u:system_r:zabbix_t:s0 tcontext=system_u:system_r:zabbix_t:s0 tclass=process [root@host01 zabbix]# and is solved by: [root@host01 zabbix]# grep AVC /var/log/audit/audit.log* | audit2allow -M systemd-allow; semodule -i systemd-allow.pp Cheers, […]

tcpdump

This is how to get detailed TCP dumps of your network traffic while avoiding your own PuTTY traffic in the output: tcpdump -w trace.dat -s 0 port not 22 tcpdump -r trace.dat -nnvvveXXS > trace.dat.txt Cheers, TK

mount.nfs: mount(2): Permission denied

You're getting this message: [root@mysql01 /]# mount -v nfs03:/n /m mount.nfs: timeout set for Thu Nov  8 23:37:04 2018 mount.nfs: trying text-based options 'vers=4.1,addr=192.168.0.125,clientaddr=192.168.0.126' mount.nfs: mount(2): No such file or directory mount.nfs: trying text-based options 'addr=192.168.0.125' mount.nfs: prog 100003, trying vers=3, prot=6 mount.nfs: trying 192.168.0.125 prog 100003 vers 3 prot TCP port 2049 mount.nfs: prog […]

Postgres SQL HA Cluster ( Quick Start Guide )

We will be keeping the Postgres SQL HA Cluster configuration / setup very very brief using only the bare essentials to get it up and running. Before we begin, we need to plan things out on our CentOS 7.X servers.  First, fill in this table of what your cluster is supposed to look like when […]

Forbidden You don’t have permission to access /repos/ on this server.

So you get the following message when installing and configuring your HTTPD server?  Despite the right configuration you still receive the following: Forbidden You don't have permission to access /repos/ on this server.

1765328228 Cannot contact any KDC for realm

When seeing this: krb5_child.log:(Tue May 22 02:06:15 2018) [[sssd[krb5_child[1605]]]] [map_krb5_error] (0x0020): 1657: [-1765328228][Cannot contact any KDC for realm ‘MDS.XYZ’] Access denied Using keyboard-interactive authentication. Password: reverse the order of your DNS hosts in /etc/resolv.conf to this: [root@cm-r01dn07 sssd]# cat /etc/resolv.conf search mds.xyz nix.mds.xyz nameserver 192.168.0.224 nameserver 192.168.0.44 nameserver 192.168.0.45 [root@cm-r01dn07 sssd]# from this: [root@cm-r01dn07 sssd]# […]

sssd krb5_child Key table entry not found

When you get this message: May 21 00:13:31 nfs03.nix.mds.xyz [sssd[krb5_child[1822]]][1822]: Key table entry not found followed by: [[sssd[krb5_child[1752]]]] [k5c_setup_fast] (0x0020): 2628: [-1765328203][Key table entry not found] or similar, dig into the logs further to see this: (Mon May 21 00:13:33 2018) [[sssd[krb5_child[1824]]]] [find_principal_in_keytab] (0x0400): No principal matching host/nfs02.nix.mds.xyz@NIX.MDS.XYZ found in keytab. (Mon May 21 00:13:33 […]

Saving random seed failed. / No kdump initial ramdisk found. / Failed to run mkdumprd

Kdump doesn't start? [root@mbpc-pc grub]# service kdump restart Memory for crashkernel is not reserved Please reserve memory by passing "crashkernel=X@Y" parameter to the kernel Stopping kdump:                                            [FAILED] No kdump initial ramdisk found.      […]

NFS reply xid 3844308326 reply ERR 20: Auth Rejected Credentials (client should begin new session)

Getting this? Mounts freezing?  Final verified solution is at the bottom but this can be for any number of reasons.  Keep reading: tcpdump -i eth0 -s 0 -w dump.dat tcpdump -r dump.dat |grep -Ei "psql02|nfs-c01" 02:55:48.731360 IP psql02.nix.mds.xyz.33991 > nfs-c01.nix.mds.xyz.nfs: Flags [P.], seq 1:693, ack 1, win 229, options [nop,nop,TS val 166990 ecr 5681495], length […]


     
  Copyright © 2003 - 2013 Tom Kacperski (microdevsys.com). All rights reserved.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 Unported License