DHCP relaying is used to forward DHCP requests to a DHCP server if the client and the server are not on the same network. One standard implementation of this is isc-dhcp-relay which is part of the isc-dhcp package. Problem: The dhcrelay is forwarding the dhcp request to the dhcp server and the dhcp server is …
After Devuan 3 update ls output showed characters, that are not really in the directory listing. The reason is that “ls” draws quotes around filenames with spaces. This is a bug from my point of view, ls should never change the actual filenames. If a filename has quotes or double quotes it’s even weirder . …
Continue reading ‘LS Style After Devuan 3 or Debian 10 Update’ »
After updating to Devuan 3 the date command shows 12hours am/pm but my days have 24 hours. The locale was always en_US.UTF8 to keep sane command and error output. Debian 10 thinks they had to fix the correct hour display to the complicated one. Therefor all sysadmins like me have to apply the following workaround, …
Continue reading ‘Time Format after Devuan 3 and Debian 10 Update’ »
Problem: A Linux box with Debian 9 (kernel 4.9) on a HP server with Intel i40e (X710) network cards, is not reachable from neighbor machines, because ARP does not work. Discussion: while testing with tcpdump ARP worked, but later ARP stopped working again. When tcpdump is used with “-p” (non promiscuous mode) you can see …
Problem: if you want to debug a IOS app with MITMProxy, the iPhone needs to trust the MITMProxy CA. This is done by going to http://mitm.it/ and clicking on the apple symbol. Then you have to accept the “profile” in Settings “downloaded profiles”. Then you have to trust this new CA cert in “Settings” “General” …
Problem: after updating from Debian 8 to Devuan 2 the overlay live-boot failes with “no such device” Discussion: I use a bootable USB stick combined with live-boot. In this case the USB stick partition 3 is a normal ext4 file system used as read only “plainroot” filesystem. Live-boot overlays this with an ramfs.As I don’t …
Continue reading ‘Linux Live-boot Fails after Debian/Devuan Update’ »
Problem: after upgrading vom greenlock-express v2.0 to v2.5 and switching from acme-v1 to acme-v2 every attempt to register a new TLS cert with Letsencrypt fails with “ECONNRESET” Discussion: the new version of greenlock tries to validate the .well-known/acme-challenge file before asking letsencrypt for the certificate.If your webserver is behind a loadbalancer or firewall and the …
Continue reading ‘Greenlock(-express) Letsencrypt Fails with ECONNRESET’ »
Problem: Apache needs very long to start on a virtual server running on a KVM/QEMU virtual maschine. Solution: Apache needs a RNG (random number generator) for startup, probably because of TLS. A pure virtual maschine has no RNG device per default. If you add an RNG device to the virtual maschine configuration, apache startup is …
Continue reading ‘Apache Start Hangs during Reboot of a KVM Virtual Server’ »
Unix file systems like ext3/4 can store files which are partly empty more efficiently by not storing blocks with all zeros. These files are called sparse files. When reading these files every things works as normal but “all zero” blocks don’t wast space on the drive. This can be useful for different application. For example …
If you like to block network access for certain users on a linux box it’s as simple as that: /sbin/iptables -I OUTPUT -m owner –uid-ower <USERNAME> -j DROP Username might also be the username of a running service.