While trying to configure ntp server on SUSE Linux 10 ,ntp log message is reported as
18 Aug 23:15:40 ntpd[4972]: trusted key trustedkey unlikely
18 Aug 23:15:40 ntpd[4972]: trusted key 0 unlikely
18 Aug 23:15:40 ntpd[4972]: can't open key file /etc/ntp.keys: Permission denied
18 Aug 23:15:40 ntpd[4972]: getconfig: Couldn't generate a valid random key!
While checking the permission for the file its permission is -rwxrwxrwx
ntp.conf file contains statements
keys /etc/ntp.keys
enable auth
trusted key 0 2 4
and ntp.keys is also valid file
2 M AAAAAA
4 A ZZZZZZ
While trying to sync the time without authentication it is ok, but with authentication it is not working.
Related
I created a machine with 6 GB of memory, using Ubuntu 20, and installed the latest version of SQL Server Microsoft SQL Server:
(RTM-CU8) (KB4577194) - 15.0.4073.23 (X64)
Sep 23 2020 16:03:08
Copyright (C) 2019 Microsoft Corporation
Express Edition (64-bit) on Linux (Ubuntu 20.04.1 LTS)
Exporadically the system suffers a fatal failure and restarts, taking almost a minute to return. I cannot detect the real reason for the failure and what I could do to resolve it.
I already set the maximum memory limit to 4gb thinking that the system was overflowing the machine's limit. Help me please
This program has encountered a fatal error and cannot continue running
at Mon Dec 21 14:31:38 2020 The following diagnostic information is
available:
Reason: 0x00000006
Message: Kernel bug check
Address: 0x3fff86a3be90
Parameters: 0xca6e6e240
Stack Trace:
file://package4/windows/system32/sqlpal.dll+0x000000000030E7D9
file://package4/windows/system32/sqlpal.dll+0x000000000030C769
file://package4/windows/system32/sqlpal.dll+0x000000000023BEEB
file:///windows/System32/Drivers/Afd.sys+0x0000000000006385
file:///windows/System32/Drivers/Afd.sys+0x000000000000686F
file:///windows/System32/Drivers/Afd.sys+0x000000000000631A
file://package4/windows/system32/sqlpal.dll+0x00000000002412B6
file://package4/windows/system32/sqlpal.dll+0x0000000000202FE2
file://package4/windows/system32/sqlpal.dll+0x0000000000347898
file:///Windows/system32/mswsock.dll+0x00000000000015EC
file:///Windows/SYSTEM32/WS2_32.dll+0x000000000000A6BE
file:///binn/sqllang.dll+0x00000000003C90B6
file:///binn/sqllang.dll+0x00000000003C9854
file:///binn/sqllang.dll+0x00000000000149CD
file:///binn/sqllang.dll+0x0000000000014DBA
file:///binn/sqllang.dll+0x00000000001FA73B
file:///binn/sqllang.dll+0x00000000001FA663
file:///binn/sqllang.dll+0x00000000001FA0EF
file:///binn/sqldk.dll+0x0000000000009FF3
file:///binn/sqldk.dll+0x000000000000A92D
file:///binn/sqldk.dll+0x000000000000A51E
file:///binn/sqldk.dll+0x00000000000217F2
file:///binn/sqldk.dll+0x000000000002215C
file:///binn/sqldk.dll+0x0000000000021F53
file:///Windows/SYSTEM32/KERNEL32.DLL+0x0000000000014414
file:///windows/system32/ntdll.dll+0x0000000000075541
+0x00000000E7E27000
Process: 90917 - sqlservr
Thread: 99182 (application thread 0x2c34)
Instance Id: 8638650d-adf3-4e7e-8b1b-6cdecd05544c
Crash Id: 43334ff2-47c7-4fb5-a22e-16f4e0728252
Build stamp: 98b2cf08cbfec4dc5f2c5d0e2a892c88d339a4da408744f2baf39941a977fa3c
Distribution: Ubuntu 20.04.1 LTS
Processors: 4 Total Memory: 6234537984 bytes
Timestamp: Mon Dec 21 14:31:38 2020
Last errno: 11 Last errno text: Resource temporarily unavailable Ubuntu 20.04.1 LTS Capturing core dump and information to
/var/opt/mssql/log... #033[0;1;39mHint: You are currently not seeing
messages from other users and the system.#033[0m #033[0;1;39m
Users in groups 'adm', 'systemd-journal' can see all messages.#033[0m
#033[0;1;39m Pass -q to turn off this notice.#033[0m #033[0;1;31mNo journal files were opened due to insufficient permissions.#033[0m #033[0;1;39mHint: You are currently not seeing
messages from other users and the system.#033[0m #033[0;1;39m
Users in groups 'adm', 'systemd-journal' can see all messages.#033[0m
#033[0;1;39m Pass -q to turn off this notice.#033[0m #033[0;1;31mNo journal files were opened due to insufficient permissions.#033[0m /usr/bin/tail: cannot open '/var/log/syslog' for
reading: Permission denied Mon 21 Dec 2020 02:31:40 PM -03 Capturing
program information Mon 21 Dec 2020 02:31:42 PM -03 Attempting to
capture a dump with paldumper for pid 90917
I'm trying to connect to an Oracle Cloud Database using the instant client from a CentOS 7 machine.
I created the databases in the OCI interface, I downloaded the wallet files and created one user with the DWROLE role.
I installed the bellow packages on the system
oracle-instantclient19.8-basic-19.8.0.0.0-1.x86_64.rpm
oracle-instantclient19.8-devel-19.8.0.0.0-1.x86_64.rpm
oracle-instantclient19.8-sqlplus-19.8.0.0.0-1.x86_64.rpm
oracle-instantclient19.8-tools-19.8.0.0.0-1.x86_64.rpm
I created set the bellow folders and set the env vars
export ORACLE_HOME=/usr/lib/oracle/19.8/client64
export TNS_ADMIN=$ORACLE_HOME/network/admin
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$ORACLE_HOME/lib
export PATH=$PATH:$ORACLE_HOME/bin
then I unzipped the wallet files to TNS_ADMIN
[root#workvm admin]# ll
total 40
-rw-r--r-- 1 root root 6733 Sep 17 2020 cwallet.sso
-rw-r--r-- 1 root root 6688 Sep 17 2020 ewallet.p12
-rw-r--r-- 1 root root 3276 Sep 17 2020 keystore.jks
-rw-r--r-- 1 root root 691 Sep 17 2020 ojdbc.properties
-rw-r--r-- 1 root root 317 Sep 17 2020 README
-rw-r--r-- 1 root root 114 Sep 17 2020 sqlnet.ora
-rw-r--r-- 1 root root 1813 Sep 16 14:18 tnsnames.ora
-rw-r--r-- 1 root root 3336 Sep 17 2020 truststore.jks
[root#workvm admin]# pwd
/usr/lib/oracle/19.8/client64/network/admin
The tnsnames.ora files have some autogenerated services defined
otakudb_high = (description= (retry_count=20)(retry_delay=3)(address=(protocol=tcps)(port=1522)(host=...)
otakudb_low = (...)
otakudb_medium = (...)
According to what I have read, I should be able to connect to the database by executing
sqlplus metalbob#otakudb_high
However, when I run it the connection halts and then errors out with the following message
[donhk#workvm ~]$ sqlplus metalbob#otakudb_high
SQL*Plus: Release 19.0.0.0.0 - Production on Wed Sep 16 14:01:52 2020
Version 19.8.0.0.0
Copyright (c) 1982, 2020, Oracle. All rights reserved.
Enter password:
ERROR: ORA-28791: certificate verification failure
[donhk#workvm ~]$
What is the correct procedure to connect to the remote database?
Edit after Joe answer:
This is how my sqlnet.ora file was prior to the changes
WALLET_LOCATION = (SOURCE = (METHOD = file) (METHOD_DATA = (DIRECTORY="?/network/admin")))
SSL_SERVER_DN_MATCH=yes
This is how I changed to make it work after joe answer
NAMES.DIRECTORY_PATH= (TNSNAMES)
WALLET_LOCATION = (SOURCE = (METHOD = file) (METHOD_DATA = (DIRECTORY="?/network/admin")))
SSL_SERVER_DN_MATCH=yes
There is no need to change the DIRECTORY, the trick was this
NAMES.DIRECTORY_PATH= (TNSNAMES)
Hope this helps someone!
Edit 2
I realized that after I bounced the machine, I was able to connect, maybe it was a network problem on the machine or a library not properly loaded
I wrote this up last week in How to connect to Oracle Autonomous Cloud Databases.
You can edit sqlnet.ora if you don't have the config files in the default network/admin directory. If they are in that directory then you don't need to edit it, because the pre-supplied path "?/network/admin" maps to the network/admin subdirectory under where the libclntsh.so file is.
The other alternative is to use "Easy Connect Plus" syntax like:
tcps://adb.ap-sydney-1.oraclecloud.com:1522/abc_cjjson_high.adb.oraclecloud.com?wallet_location=/Users/cjones/Cloud/CJJSON
Extract cwallet.so from the wallet zip, and stick it in a directory (I used /Users/cjones/Cloud/CJJSON). Then find the host, servicename, port etc from the wallet tnsnames.ora file and build up your easy connect string. Then you can 'throw away' the zip file since it is not needed :)
I am trying to use the device provisioning service from my device to connect to the hub, using the c SDK. I am using individual enrollment and X.509. I created an individual enrollment on the hub using a certificate I generated using the "dice_device_enrollment" tool of the SDK. I also installed the certificate on the device. When I run the code I get (OpenSSL) errors when executing the Prov_Device_LL_DoWork() function. When I call Prov_Device_LL_DoWork() the second time, the program seg faults.
Output:
08:11:25 10-10-2018 [info] Prov_Device_LL_DoWork
Error: Time:Wed Oct 10 08:11:25 2018 File:/home/tijmen/azure-iot-sdk-c/c-utility/adapters/x509_openssl.c Func:log_ERR_get_error Line:29 Failure creating private key evp_key
Error: Time:Wed Oct 10 08:11:25 2018 File:/home/tijmen/azure-iot-sdk-c/c-utility/adapters/x509_openssl.c Func:log_ERR_get_error Line:36 [0] error:0906D06C:PEM routines:PEM_read_bio:no start line
Error: Time:Wed Oct 10 08:11:25 2018 File:/home/tijmen/azure-iot-sdk-c/c-utility/adapters/x509_openssl.c Func:log_ERR_get_error Line:36 [1] error:0906D064:PEM routines:PEM_read_bio:bad base64 decode
Error: Time:Wed Oct 10 08:11:25 2018 File:/home/tijmen/azure-iot-sdk-c/c-utility/adapters/tlsio_openssl.c Func:log_ERR_get_error Line:428 unable to use x509 authentication
Error: Time:Wed Oct 10 08:11:25 2018 File:/home/tijmen/azure-iot-sdk-c/c-utility/adapters/tlsio_openssl.c Func:tlsio_openssl_open Line:1251 Failed creating the OpenSSL instance.
Error: Time:Wed Oct 10 08:11:25 2018 File:/home/tijmen/azure-iot-sdk-c/umqtt/src/mqtt_client.c Func:mqtt_client_connect Line:1000 Error: io_open failed
Error: Time:Wed Oct 10 08:11:25 2018 File:/home/tijmen/azure-iot-sdk-c/provisioning_client/src/prov_transport_mqtt_common.c Func:create_connection Line:567 Failure connecting to mqtt server
Error: Time:Wed Oct 10 08:11:25 2018 File:/home/tijmen/azure-iot-sdk-c/provisioning_client/src/prov_transport_mqtt_common.c Func:prov_transport_common_mqtt_dowork Line:874 unable to create amqp connection
08:11:25 10-10-2018 [info] Prov_Device_LL_DoWork
Segmentation fault
The same code does work on my dev machine, but using slightly different version of OpenSSL:
On the dev machine OpenSSL 1.0.1t 3 May 2016
On the device OpenSSL 1.0.2d 9 Jul 2015
Are there requirements on the OpenSSL version I missed?
It turns out that upgrading OpenSSL solves this problem.
I built OpenSSL version 1.0.2q from https://github.com/openssl/openssl/tree/OpenSSL_1_0_2-stable and linked it to my app. This solved the error. It seems the SDK, at least X.509 functionality requires an higher version of OpenSSL than 1.0.2d 9 Jul 2015.
I'm running a brand new installed VPS with CentOS 6.6 and Plesk 12.0.18. I created a subscription and by default a FTP user is created. However, I cannot login with these credentials. I also created a new user but the same problem presists. I'm 100% sure that the username and password is correct.
Filezilla gives me and 530 Login incorrect. But if I look at the /var/log/secure file, I see this odd message (FTP username = test):
Jan 30 16:01:45 transip proftpd: PAM unable to dlopen(/lib64/security/pam_stack.so): /lib64/security/pam_stack.so: cannot open shared object file: No such file or directory
Jan 30 16:01:45 transip proftpd: PAM adding faulty module: /lib64/security/pam_stack.so
Jan 30 16:01:45 transip proftpd: pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers
Jan 30 16:01:45 transip proftpd[18085]: 127.0.0.1 (x.x.x.x[x.x.x.x]) - USER test (Login failed): No such user found
No such user found, although it is created with Plesk. How can I fix this?
i had the following curl headers, and i still could install the libcurl4 packages mentioned above-
kafka#metamorphosis:~$ ll /usr/include/curl/
total 200
drwxr-xr-x 2 root root 4096 Jan 16 13:29 ./
drwxr-xr-x 51 root root 20480 Jan 16 13:29 ../
-rw-r--r-- 1 root root 7303 Dec 18 01:11 curlbuild.h
-rw-r--r-- 1 root root 83928 Dec 18 01:11 curl.h
-rw-r--r-- 1 root root 8934 Dec 18 01:11 curlrules.h
-rw-r--r-- 1 root root 2741 Dec 18 01:11 curlver.h
-rw-r--r-- 1 root root 3472 Dec 18 01:11 easy.h
-rw-r--r-- 1 root root 2790 Dec 18 01:11 mprintf.h
-rw-r--r-- 1 root root 13836 Dec 18 01:11 multi.h
-rw-r--r-- 1 root root 1330 Dec 18 01:11 stdcheaders.h
-rw-r--r-- 1 root root 36918 Dec 18 01:11 typecheck-gcc.h
How are libcurl4-openssl-dev and libcurl4-nss-dev different from each other and from these curl.h files?
i noticed the following files after i installed the two packages using apt-get in ubuntu-
/usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.3
/usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4.3.0
/usr/lib/x86_64-linux-gnu/libcurl.so.4.3.0
/usr/lib/x86_64-linux-gnu/libcurl.so.4
/usr/lib/x86_64-linux-gnu/libcurl.la
/usr/lib/x86_64-linux-gnu/libcurl.so.3
/usr/lib/x86_64-linux-gnu/libcurl.a
/usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4
/usr/lib/x86_64-linux-gnu/libcurl.so
/usr/lib/x86_64-linux-gnu/pkgconfig/libcurl.pc
Now if i have a program with a line like- #include<curl/curl.h> , how do i go about compiling it?
gcc -L /usr/include/curl/ -lcurl nginx-isolated.c doesn't seem to work.
The different libcurl4-*-dev packages are libcurl built to use different TLS backends. They all still provide (almost) the same API. They are mutually exclusive and you link with libcurl with "-lcurl" no matter which of these packages you install.
curl/curl.h is a header file and is the same no matter which TLS backend you use.
libcurl is the name of the library.
When you communicate using HTTPS, FTPS or other TLS-using servers using certificates that are signed by CAs present in the store, you can be sure that the remote server really is the one it claims to be. this way you validate trust sites.
LibCurl have three flavours of TLS Backends.
Certificate Verification with NSS
Certificate Verification with OpenSSL
Certificate Verification with GnuTLS
The three of them are libraries for establish a secure link and validate trust CA Certificates but each library has is own features, pros and cons.
OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, and other required structures.
Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.
Something very important is that when programming you must select a single library to work with since it is not possible to combine them.