I have a primary and a backup windows 2008 server, and a bunch of windows XP clients that map a drive to a share on the primary server. If the primary server goes down, I want those client machines to automatically re-map their drive to the backup server, so they can continue to access the files. Should I try to write a vbscript or python script or something that detects if the primary server is down and issues the appropriate "net use m: \server\share ..." but I need that script to run every minute, no matter who is logged in. Can I do that with windows "scheduled tasks" ? I'm a Unix guy, and could use any tips you have to offer on accomplishing this. Is there a better solution? many thanks, -Ian

I have a primary and a backup windows 2008 server, and a bunch of windows XP clients that map a drive to a share on the primary server. If the primary server goes down, I want those client machines to automatically re-map their drive to the backup server, so they can continue to access the files. Should I try to write a vbscript or python script or something that detects if the primary server is down and issues the appropriate "net use m: \server\share ..." but I need that script to run every minute, no matter who is logged in. Can I do that with windows "scheduled tasks" ? I'm a Unix guy, and could use any tips you have to offer on accomplishing this. Is there a better solution? many thanks, -Ian

I'm trying to figure out why is kjournald going crazy on my machine. It's an 8-core box with loads of memory. It's got ~50% cpu load. The iotop doesn't seem to point at any specific processes - some bursts of writes here and there (mostly cron starting, some monitoring stats generated, etc.) When I used sys/vm/block_dump to gather the write statistics, I got lists like this: kjournald(1352): 1909 sendmail(28934): 13 cron(28910): 12 cron(28912): 11 munin-node(29015): 3 cron(28913): 3 check_asterisk_(28917): 3 sh(28917): 2 munin-node(29022): 2 munin-node(29021): 2 Where kjournald actions are just WRITEs. Why is that happening? What else should I look at to limit the kjournald activity a bit? It seems disproportionate to what's actually being written.

I'm trying to figure out why is kjournald going crazy on my machine. It's an 8-core box with loads of memory. It's got ~50% cpu load. The iotop doesn't seem to point at any specific processes - some bursts of writes here and there (mostly cron starting, some monitoring stats generated, etc.) When I used sys/vm/block_dump to gather the write statistics, I got lists like this: kjournald(1352): 1909 sendmail(28934): 13 cron(28910): 12 cron(28912): 11 munin-node(29015): 3 cron(28913): 3 check_asterisk_(28917): 3 sh(28917): 2 munin-node(29022): 2 munin-node(29021): 2 Where kjournald actions are just WRITEs. Why is that happening? What else should I look at to limit the kjournald activity a bit? It seems disproportionate to what's actually being written.

I have a small modest CentOS server at home. I run it headless because anytime I access it, it's always via SSH. Anyways, tonight it became unresponsive to the network. I could not connect to it to investigate. In this case, I have to hook up a keyboard and monitor to see the problem. I ended up just rebooting it. But after this experience, I was wondering if it's possible to configure the hardware buttons on the CPU case to perform a graceful reboot or graceful power cycle in Linux. Even though the server becomes unresponsive once in a blue moon, it would be nice to simply press a button and have it shutdown all services and gracefully reboot. Anyone know how this could be accomplished?

I have a small modest CentOS server at home. I run it headless because anytime I access it, it's always via SSH. Anyways, tonight it became unresponsive to the network. I could not connect to it to investigate. In this case, I have to hook up a keyboard and monitor to see the problem. I ended up just rebooting it. But after this experience, I was wondering if it's possible to configure the hardware buttons on the CPU case to perform a graceful reboot or graceful power cycle in Linux. Even though the server becomes unresponsive once in a blue moon, it would be nice to simply press a button and have it shutdown all services and gracefully reboot. Anyone know how this could be accomplished?

itemprop="text"> I have an Ubuntu server running a LAMP stack, and set up the permissions on /var/www such that all developers in our organisation are members of the www-data group, and the directory permissions are 2775 ( rwxrwsr-x ), file permissions should all be 664 - I've also set the default umask in /etc/profile to be 0002. This all works great, except that any file created by PHP on the server only has permissions 644 ( rw-r--r-- )... I'm trying to find something in PHP or Apache configuration (probably PHP) that sets new files to be 664 by default - is there such a beast? Update: I found the following information at href="http://ubuntuforums.org/showthread.php?t=549457" rel="nofollow noreferrer">http://ubuntuforums.org/showthread.php?t=549457 Adding

I have an Ubuntu server running a LAMP stack, and set up the permissions on /var/www such that all developers in our organisation are members of the www-data group, and the directory permissions are 2775 ( rwxrwsr-x ), file permissions should all be 664 - I've also set the default umask in /etc/profile to be 0002. This all works great, except that any file created by PHP on the server only has permissions 644 ( rw-r--r-- )... I'm trying to find something in PHP or Apache configuration (probably PHP) that sets new files to be 664 by default - is there such a beast? Update: I found the following information at http://ubuntuforums.org/showthread.php?t=549457 Adding the line: umask 0002 to /etc/apache2/envvars and restarting the server should work. I restarted, without error, but it doesn't seem to have changed a thing. My PHP-generated files are still not group writeable. Answer Have you tried using PHP's umask() function ? It's very possible that PHP

itemprop="text"> I'm running a 2GB Centos 5.9 server with the standard LAMP setup. I'm running a wordpress website so it's nothing to demanding performance wise. However the MySQL server seems to keep crashing as I get an Error Connecting To Database when I try to access my wordpress site. I checked the CPU and it's running at 100% and the RAM is also at 100%. I've tried service mysqld restart and everything goes back to normal for about 10 minutes and then it crashes again. I've also tried adjusting the my.cnf file and also httpd.conf file but this hasn't fixed it. When I run netstat -ntu | awk '{print $5}' | cut -d':' -f1 | grep "^[0-9]" | sort -g | uniq -c I get the following output: 1 31.222.135.11 1

I'm running a 2GB Centos 5.9 server with the standard LAMP setup. I'm running a wordpress website so it's nothing to demanding performance wise. However the MySQL server seems to keep crashing as I get an Error Connecting To Database when I try to access my wordpress site. I checked the CPU and it's running at 100% and the RAM is also at 100%. I've tried service mysqld restart and everything goes back to normal for about 10 minutes and then it crashes again. I've also tried adjusting the my.cnf file and also httpd.conf file but this hasn't fixed it. When I run netstat -ntu | awk '{print $5}' | cut -d':' -f1 | grep "^[0-9]" | sort -g | uniq -c I get the following output: 1 31.222.135.11 1 50.56.142.152 1 50.57.61.11 1 78.136.44.13 2 78.19.241.93 201 127.0.0.1 Why are there 201 connections on my loopback address? Thanks for your help in advance. Answer First of all, you should check if you are able to con

We are about to deploy shared storage researching for ultra-fast storage to implement Microsoft SQL Server Failover Cluster (FCI). So far the project goes, we would to start with 500K IOPS and have ability of grows up to 2M IOPS in a year or so, due to the SQL server growing expectations. For the purpose of the project, we are going to deploy 4-node cluster of Microsoft Storage Spaces Direct (S2D). Microsoft recommends going with NVMe or NVMe + SSD to obtain maximum performance. Therefore, after some research, Samsung SSDs are good to go with. The setup we consider is following: Samsung 960 EVO NVMe + Samsung 960 PRO SSD. href="https://www.starwindsoftware.com/blog/benchmarking-samsung-nvme-ssd-960-evo-m-2" rel="nofollow noreferrer">https://www.starwindsoftware.com/blog/benchmarking-samsung-nvme-ssd-960-evo-m-2 href="

We are about to deploy shared storage researching for ultra-fast storage to implement Microsoft SQL Server Failover Cluster (FCI). So far the project goes, we would to start with 500K IOPS and have ability of grows up to 2M IOPS in a year or so, due to the SQL server growing expectations. For the purpose of the project, we are going to deploy 4-node cluster of Microsoft Storage Spaces Direct (S2D). Microsoft recommends going with NVMe or NVMe + SSD to obtain maximum performance. Therefore, after some research, Samsung SSDs are good to go with. The setup we consider is following: Samsung 960 EVO NVMe + Samsung 960 PRO SSD. https://www.starwindsoftware.com/blog/benchmarking-samsung-nvme-ssd-960-evo-m-2 http://www.storagereview.com/samsung_960_pro_m2_nvme_ssd_review Would S2D deliver 500k-2M IOPS to SQL FCI if the setup of S2D is Samsung 960 EVO NVMe + Samsung 960 Pro?

itemprop="text"> Recently I've set up a new Ubuntu Server 10.04 and noticed my UDP server is no longer able to see any multicast data sent to the interface, even after joining the multicast group. I've got the exact same set up on two other Ubuntu 8.04.4 LTS machines and there is no problem receiving data after joining the same multicast group. The ethernet card is a Broadcom netXtreme II BCM5709 and the driver used is: b $ ethtool -i eth1 driver: bnx2 version: 2.0.2 firmware-version: 5.0.11 NCSI 2.0.5 bus-info: 0000:01:00.1 I'm using smcroute to manage my multicast registrations. b$ smcroute -d b$ smcroute -j eth1 233.37.54.71 After joining the group ip maddr shows the newly added registration. b$ ip maddr 1: lo inet 224.0.0.1 inet6 ff02::1 2:

Recently I've set up a new Ubuntu Server 10.04 and noticed my UDP server is no longer able to see any multicast data sent to the interface, even after joining the multicast group. I've got the exact same set up on two other Ubuntu 8.04.4 LTS machines and there is no problem receiving data after joining the same multicast group. The ethernet card is a Broadcom netXtreme II BCM5709 and the driver used is: b $ ethtool -i eth1 driver: bnx2 version: 2.0.2 firmware-version: 5.0.11 NCSI 2.0.5 bus-info: 0000:01:00.1 I'm using smcroute to manage my multicast registrations. b$ smcroute -d b$ smcroute -j eth1 233.37.54.71 After joining the group ip maddr shows the newly added registration. b$ ip maddr 1: lo inet 224.0.0.1 inet6 ff02::1 2: eth0 link 33:33:ff:40:c6:ad link 01:00:5e:00:00:01 link 33:33:00:00:00:01 inet 224.0.0.1 inet6 ff02::1:ff40:c6ad inet6 ff02::1 3: eth1 link 01:00:5e:25:36:4

itemprop="text"> We're acquiring several 1U servers with (8) 2.5" drive slots. Although we can use either SATA or SAS, there is a large price variance as soon as you order 16 or 24 of these drives, so we are looking at the 2.5" SATA interfaced drives. I know that Seagate and WD both make "Enterprise" 2.5" drives, which are fast (10k and 15k RPM), but are also fairly expensive. What issues would we run into using 7200RPM 2.5" non-Enterprise drives? By the way, these will be hooked up to a RAID controller (though, they may just be configured as JBOD). These drives are almost $100 lower in price, per drive. class="post-text" itemprop="text"> class="normal">Answer In addition to the problems above, you may have additional issue running these drives in

We're acquiring several 1U servers with (8) 2.5" drive slots. Although we can use either SATA or SAS, there is a large price variance as soon as you order 16 or 24 of these drives, so we are looking at the 2.5" SATA interfaced drives. I know that Seagate and WD both make "Enterprise" 2.5" drives, which are fast (10k and 15k RPM), but are also fairly expensive. What issues would we run into using 7200RPM 2.5" non-Enterprise drives? By the way, these will be hooked up to a RAID controller (though, they may just be configured as JBOD). These drives are almost $100 lower in price, per drive. Answer In addition to the problems above, you may have additional issue running these drives in RAID configuration due to the lack of TLER. (If you are considering a model without.) This quote references desktops and the RAID Edition drives but I imagine the same to be true in the 2.5" line if you substitute in "notebook" and "enterp

itemprop="text"> I managed to messed up server permissions on entire server chown root:root -R / chmod 777 -R / How to fix it? I can't login as root using terminal on that machine it show error "Invalid password" and SSH shows error "connection reset by remote server" Note: I try to reinstall CentOS 7 using USB. but got stuck during Select disk stage as it will not let me select / without formating it. This question explains what my commands did. href="https://serverfault.com/questions/364677/why-is-chmod-r-777-destructive">Why is "chmod -R 777 /" destructive? class="post-text" itemprop="text"> class="normal">Answer I managed to Solve it, here are the steps i followed. To fix the issue of

I managed to messed up server permissions on entire server chown root:root -R / chmod 777 -R / How to fix it? I can't login as root using terminal on that machine it show error "Invalid password" and SSH shows error "connection reset by remote server" Note: I try to reinstall CentOS 7 using USB. but got stuck during Select disk stage as it will not let me select / without formating it. This question explains what my commands did. Why is "chmod -R 777 /" destructive? Answer I managed to Solve it, here are the steps i followed. To fix the issue of root login using terminal. boot using bootable USB/CD select recover and mound disk go to mounted folder and run chown root -R / and chmod 755 -R / chmod 0700 -R /root/.ssh reboot normally Ignore SElinux contexts warnings and let it re-store contexts After this you will be able to login to machine using root To fix file permission and owners info use these commands rpm --setperms {packagename} a

itemprop="text"> Many small businesses would prefer to let their server drop on power failure than to pay even $100 for a cheap UPS. It's often difficult to convince them of the value of something like that; it's why they like ESXi. It's free, they can save a lot of cash by putting a bunch of linux servers on one machine, and then I get paid. :) If the ESXi server experiences a power outage, it is set to come back on automatically when power is restored. What happens with the guest OS's? Ideally I would like them to all come online again as well, assuming they were on when power was lost, but I see no option for choosing this. I don't want to yank power to the system just to try it out, of course. I'm sure someone knows what happens by default, and perhaps how to make my system to work as I would wish. Answ

Many small businesses would prefer to let their server drop on power failure than to pay even $100 for a cheap UPS. It's often difficult to convince them of the value of something like that; it's why they like ESXi. It's free, they can save a lot of cash by putting a bunch of linux servers on one machine, and then I get paid. :) If the ESXi server experiences a power outage, it is set to come back on automatically when power is restored. What happens with the guest OS's? Ideally I would like them to all come online again as well, assuming they were on when power was lost, but I see no option for choosing this. I don't want to yank power to the system just to try it out, of course. I'm sure someone knows what happens by default, and perhaps how to make my system to work as I would wish. Answer You can set the guest virtual machines to start up in a specific or general order... This is under the Configuration -> Virtual Machine Startup/Shutdown

I'm using Pingdom's DNS tools to check up on my DNS. I'm getting these Errors: Too few IPv4 name servers (1). Only one IPv4 name server was found for the zone. You should always have at least two IPv4 name servers for a zone to be able to handle transient connectivity problems. Inconsistent glue for name server ns2.domain.com The address of a name server differed from the child and the parent. This is a configuration error and should be corrected as soon as possible. Name server ns2.domain.com does not answer queries over TCP. My domain registrar is set to ns1.domain.com and ns2.domain.com (example). EDIT: My Questions How do I enable TCP on my nameservers? What is 'Inconsistent Glue'? I have two Name Servers, but I'm gettin

I'm using Pingdom's DNS tools to check up on my DNS. I'm getting these Errors: Too few IPv4 name servers (1). Only one IPv4 name server was found for the zone. You should always have at least two IPv4 name servers for a zone to be able to handle transient connectivity problems. Inconsistent glue for name server ns2.domain.com The address of a name server differed from the child and the parent. This is a configuration error and should be corrected as soon as possible. Name server ns2.domain.com does not answer queries over TCP. My domain registrar is set to ns1.domain.com and ns2.domain.com (example). EDIT: My Questions How do I enable TCP on my nameservers? What is 'Inconsistent Glue'? I have two Name Servers, but I'm getting the "Too Few IPv4" error, what am I doing wrong here? (P.S: First Rev of post was bad, sorry, early morning post).. Edit: I've seem to fixed the First and Second Error by adding "A Reco

itemprop="text"> A few of us at my company have root access on production servers. We are looking for a good way to make it exceedingly clear when we have ssh'd in. A few ideas we have had are: Bright red prompt Answer a riddle before getting a shell Type a random word before getting a shell What are some techniques you guys use to differentiate production systems? Answer The red prompt is a good idea, which I also use. Another trick is to put a large ASCII-art warning in the /etc/motd file. Having something like this greet you when you log in should get your attention: _______ _ _ _____ _____ _____ _____ |__ __| | | |_ _|/ ____| |_ _|/ ____| /\ | | | |__| | | | | (___ | | | (___ / \ | | | __ | | | \___ \ | | \___ \ / /\ \ | | | | | |_| |_ ____) | _

A few of us at my company have root access on production servers. We are looking for a good way to make it exceedingly clear when we have ssh'd in. A few ideas we have had are: Bright red prompt Answer a riddle before getting a shell Type a random word before getting a shell What are some techniques you guys use to differentiate production systems? Answer The red prompt is a good idea, which I also use. Another trick is to put a large ASCII-art warning in the /etc/motd file. Having something like this greet you when you log in should get your attention: _______ _ _ _____ _____ _____ _____ |__ __| | | |_ _|/ ____| |_ _|/ ____| /\ | | | |__| | | | | (___ | | | (___ / \ | | | __ | | | \___ \ | | \___ \ / /\ \ | | | | | |_| |_ ____) | _| |_ ____) | / ____ \ |_| |_| |_|_____|_____/ |_____|_____/ /_/ \_\ _____ _____ ____ _____ _ _ _____ _______ _____ ____ _ _ | __ \| __ \ / __

itemprop="text"> Recently (but it is also a recurrent question) we saw 3 interesting threads about hacking and security: href="https://serverfault.com/questions/218005/my-servers-been-hacked-emergency">How do I deal with a compromised server? . href="https://serverfault.com/questions/218138/finding-how-a-hacked-server-was-hacked">Finding how a hacked server was hacked href="https://serverfault.com/questions/218164/file-permissions-question">File permissions question The last one isn't directly related, but it highlights how easy it is to mess up with a web server administration. As there are several things, that can be done, before something bad happens, I'd like to have your suggestions in terms of good practices to limit backside effec

Recently (but it is also a recurrent question) we saw 3 interesting threads about hacking and security: How do I deal with a compromised server? . Finding how a hacked server was hacked File permissions question The last one isn't directly related, but it highlights how easy it is to mess up with a web server administration. As there are several things, that can be done, before something bad happens, I'd like to have your suggestions in terms of good practices to limit backside effects of an attack and how to react in the sad case will happen. It's not just a matter of securing the server and the code but also of auditing, logging and counter measures. Do you have any good practices list or do you prefer to rely on software or on experts that continuously analyze your web server(s) (or nothing at all)? If yes, can you share your list and your ideas/opinions? UPDATE I received several good and interesting feedback. I'd like to have a simple list, so that can be hand

itemprop="text"> We're running an in house dedicated server with 100's of sites on it. Some of these sites were very insecure and the box was not managed very well. Some one got in, messed up a bunch of stuff and is pestering us by defacing some of the sites, asking for money etc. We made a lot of fixes but there is still some sort of backdoor through which he can get in. We found and deleted a few files that were a kind of hacker control panel but since the file was just called contactUs.php, it's impossible to know that all instances of these kinds of files were removed. I realise this is a very broad subject and a question that may be difficult to answer but what steps would one undertake to find out how this person is getting in to the system? It's a Fedora machine running mainly PHP sites.

We're running an in house dedicated server with 100's of sites on it. Some of these sites were very insecure and the box was not managed very well. Some one got in, messed up a bunch of stuff and is pestering us by defacing some of the sites, asking for money etc. We made a lot of fixes but there is still some sort of backdoor through which he can get in. We found and deleted a few files that were a kind of hacker control panel but since the file was just called contactUs.php, it's impossible to know that all instances of these kinds of files were removed. I realise this is a very broad subject and a question that may be difficult to answer but what steps would one undertake to find out how this person is getting in to the system? It's a Fedora machine running mainly PHP sites. Answer Honestly, if you're running a business I wouldn't try to study the attacker, I'd just lock them out and move on. It's just not worth the time, hassle, and fr

itemprop="text"> We are about to deploy shared storage researching for ultra-fast storage to implement Microsoft SQL Server Failover Cluster (FCI). So far the project goes, we would to start with 500K IOPS for 8k blocks about 70r/30w pattern. Also we would like to have an ability to encrease pefromance up to 2M IOPS (for same pattern) in a year or so, due to the SQL server growing expectations. For the purpose of the project, we are going to deploy 4-node cluster of Microsoft Storage Spaces Direct (S2D). As for hardware we already have 2x Dell rack servers R730xd with 2x E5-2697 and 512GB RAM and we are ready to get 2 more. As for storage, Microsoft recommends going with NVMe or NVMe + SSD to obtain maximum performance ( href="https://technet.microsoft.com/en-us/windows-server-docs/storage/storage-spaces/choosing-drives"

We are about to deploy shared storage researching for ultra-fast storage to implement Microsoft SQL Server Failover Cluster (FCI). So far the project goes, we would to start with 500K IOPS for 8k blocks about 70r/30w pattern. Also we would like to have an ability to encrease pefromance up to 2M IOPS (for same pattern) in a year or so, due to the SQL server growing expectations. For the purpose of the project, we are going to deploy 4-node cluster of Microsoft Storage Spaces Direct (S2D). As for hardware we already have 2x Dell rack servers R730xd with 2x E5-2697 and 512GB RAM and we are ready to get 2 more. As for storage, Microsoft recommends going with NVMe or NVMe + SSD to obtain maximum performance ( source ). Therefore, after some research, Samsung SSDs are good to go with. https://www.starwindsoftware.com/blog/benchmarking-samsung-nvme-ssd-960-evo-m-2 http://www.storagereview.com/samsung_960_pro_m2_nvme_ssd_review The setup we consider is following: 1x Samsung 960 EVO NVMe + 4x