[OT] best (Linux based!) all-in-one NAS-VPN-firewall?
by M. Fioretti
Greetings,
One of my jobs in the next months will be Free Software teaching/
consulting for a small private school. Part of the consulting consists
of helping the school to evaluate how to set up some infrastructure,
using Linux/Free Software as much as possible.
I have been just asked to, quoting, "suggest an all-in-one
NAS-VPN-firewall for the school". We are talking ~80 students in the
8/13 years age range, maybe more after summer, plus teachers and
administration. The "all-in-one" part is the key requirement, and also
the reason why I am asking for recommendations based on your
real-world experience. I know how to handle this stuff the 100%
DIY/hacker way, but that is not an option in this case. Me, I wouldn't
mind but, while the school would like to use more FOSS also for
administration and internal services, actual teaching has much higher
priority this year.
Thanks in advance for any feedback,
Marco
--
M. Fioretti http://mfioretti.com http://stop.zona-m.net
Your own civil rights and the quality of your life heavily depend on how
software is used *around* you
4 years, 8 months
UDEV RULES
by Angelo Moreschini
Hi,
in order to backing up data when I connect to computer an USB HD, I wrote
the follow UDEV rule :
------------------------------------------------------------------
SUBSYSTEM=="block", ACTION=="add", ATTRS{vendor}=="152d",
ATTRS{model}=="0578", SYMLINK+="external%n",
RUN+="/usr/bin/mrs-auto_backup.sh"
-------------------------------------------------------------------
the rule is the content of the file :*
/etc/udev/rules.d/10.autobackup.rules *
that I self created .
I learned this method at the link :
https://www.tecmint.com/auto-backup-files-to-usb-media-in-linux/ *("How to
backup files to USB media when connected*")
As well I tried in many different combinations and parameters values, never
I was able to execute the script inside the rule.
-----
In order to get the USB HD characteristic of the USB Hard Disk to use for
backing-up the data I used the command :
*<sudo udevadm info -q all -n /dev/sdc>*
and its output is transcribed below
Could someone help me to understand because this rule doesn't works ?
thank you
regards
Angelo
-------------------
*features (attributes) of the USB Hrd Disk that I got with the above
command *:
[angelo_dev@localhost ~]$ sudo udevadm info -q all -n /dev/sdc
*P:
/devices/pci0000:00/0000:00:14.0/usb3/3-5/3-5.1/3-5.1.2/3-5.1.2:1.0/host6/target6:0:0/6:0:0:0/block/sdcN:
sdcL: 0S: externalS:
disk/by-path/pci-0000:00:14.0-usb-0:5.1.2:1.0-scsi-0:0:0:0S:
disk/by-id/usb-JMicron_Tech_DB12345681BC-0:0E:
DEVPATH=/devices/pci0000:00/0000:00:14.0/usb3/3-5/3-5.1/3-5.1.2/3-5.1.2:1.0/host6/target6:0:0/6:0:0:0/block/sdcE:
DEVNAME=/dev/sdcE: DEVTYPE=diskE: MAJOR=8E: MINOR=32E: SUBSYSTEM=blockE:
USEC_INITIALIZED=11404758453E: ID_VENDOR=JMicronE:
ID_VENDOR_ENC=JMicron\x20E: ID_VENDOR_ID=152dE: ID_MODEL=TechE:
ID_MODEL_ENC=Tech\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20E:
ID_MODEL_ID=0578E: ID_REVISION=0203E:
ID_SERIAL=JMicron_Tech_DB12345681BC-0:0E: ID_SERIAL_SHORT=DB12345681BCE:
ID_TYPE=diskE: ID_INSTANCE=0:0E: ID_BUS=usbE:
ID_USB_INTERFACES=:080650:080662:E: ID_USB_INTERFACE_NUM=00E:
ID_USB_DRIVER=uasE: ID_PATH=pci-0000:00:14.0-usb-0:5.1.2:1.0-scsi-0:0:0:0E:
ID_PATH_TAG=pci-0000_00_14_0-usb-0_5_1_2_1_0-scsi-0_0_0_0E:
ID_PART_TABLE_UUID=0007fd62E: ID_PART_TABLE_TYPE=dosE:
DEVLINKS=/dev/external
/dev/disk/by-path/pci-0000:00:14.0-usb-0:5.1.2:1.0-scsi-0:0:0:0
/dev/disk/by-id/usb-JMicron_Tech_DB12345681BC-0:0E: TAGS=:systemd:*
4 years, 8 months
Qemu also out of memory overnight
by Robert Moskowitz
And the Fedora21 image is limited to 1GB:
Jun 30 01:53:35 lx140e kernel: [ 13357] 107 13357 884212 215032
3043328 72575 0 qemu-system-x86
Jun 30 01:53:35 lx140e kernel:
oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/machine.slice/machine-qemu\x2d3\x2dfedora21.scope,task=qemu-system-x86,pid=13357,uid=107
Jun 30 01:53:35 lx140e kernel: Out of memory: Killed process 13357
(qemu-system-x86) total-vm:3536848kB, anon-rss:860128kB, file-rss:0kB,
shmem-rss:0kB
Jun 30 01:53:35 lx140e kernel: oom_reaper: reaped process 13357
(qemu-system-x86), now anon-rss:0kB, file-rss:12kB, shmem-rss:0kB
Jun 30 01:53:36 lx140e journal[878]: internal error: End of file from
qemu monitor
Jun 30 01:53:36 lx140e systemd[1]: machine-qemu\x2d3\x2dfedora21.scope:
Succeeded.
Jun 30 01:53:36 lx140e systemd-machined[760]: Machine qemu-3-fedora21
terminated.
A new kernel came out today, and I installed that and rebooted. So
let's see what happens tonight...
4 years, 9 months
Disable Caps Lock -
by Bob Goodwin
.
J am a poor typist and usually disable Caps Lock in a script with:
/usr/bin/xmodmap -e 'keycode 66=Shift_L'
That no longer works as it should in Fedora-30 for whatever reason, now
it just locks Caps Lock on and all I can get is caps unless I hold a
Shift key which is inconvenient to say the least ...
What can I use instead of "Shift_L" to make it simply do nothing?
Bob
--
Bob Goodwin - Zuni, Virginia, USA
http://www.qrz.com/db/W2BOD
box83 FEDORA-30/64bit LINUX XFCE Fastmail POP3
4 years, 9 months
Can't start hp-toolbox (hplip) with or without GUI
by Jon Ingason
When I try to start hp-toolbox I get following error:
error: Unable to load DBus libraries. Please check your installation and
try again.
error: Please upgrade your python installation to the latest available
version.
I am using Fedora 29 Linux lea 5.1.11-200.fc29.x86_64 #1 SMP Mon Jun 17
19:30:44 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux and hplip-3.18.12-9.fc29
What is the problem?
--
Regards
Jon Ingason
4 years, 9 months
Weird kex_exchange_identification log messages [SOLVED]
by Tom Horsley
I keep getting these errors showing up in the log from sshd:
error: kex_exchange_identification: banner line contains invalid characters
I finally tracked them down and understand the nonsense that
is happening:
For historical reasons (having to do with butthead IT people
at work deciding outgoing sshd should be blocked by firewall),
I listen on the https port (443) as well as the normal 22 on my
sshd at home.
Apparently "helpful" web browsers on my android devices and
wot-not decide they ought to probe connections to see if https
is possible before falling back to http, so they all probe
my ssh daemon :-).
The error has been happening forever, but the latest sshd
now logs it (it previously just ignored it).
4 years, 9 months
F30 - Firefox dying overnight
by Robert Moskowitz
I woke up this morning, and Firefox was gone!
Friday morning this happened as well (Friday night system was in suspend
mode).
Here is what I see in messages:
Jun 28 01:13:57 lx140e kernel: [ 2545] 1000 2545 780500 103687
4698112 231023 0 firefox
Jun 28 01:13:57 lx140e kernel:
oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=vcpu0,mems_allowed=0,global_oom,task_memcg=/user.slice/user-1000.slice/session-2.scope,task=firefox,pid=2545,uid=1000
Jun 28 01:13:57 lx140e kernel: Out of memory: Killed process 2545
(firefox) total-vm:3122000kB, anon-rss:412084kB, file-rss:0kB,
shmem-rss:2672kB
Jun 28 01:13:57 lx140e kernel: oom_reaper: reaped process 2545
(firefox), now anon-rss:0kB, file-rss:0kB, shmem-rss:2492kB
Jun 28 15:20:58 lx140e kernel: [ 2234] 1000 2234 743016 171693
3813376 49412 0 firefox
Jun 29 22:40:28 lx140e kernel: [ 2234] 1000 2234 695486 83746
3575808 60327 0 firefox
Jun 30 01:53:35 lx140e kernel: [ 2234] 1000 2234 702265 79566
3653632 67283 0 firefox
Jun 30 04:40:30 lx140e kernel: [ 2234] 1000 2234 868665 178572
4984832 139543 0 firefox
Jun 30 04:40:30 lx140e kernel:
oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/user.slice/user-1000.slice/session-2.scope,task=firefox,pid=2234,uid=1000
Jun 30 04:40:30 lx140e kernel: Out of memory: Killed process 2234
(firefox) total-vm:3474660kB, anon-rss:711064kB, file-rss:0kB,
shmem-rss:3224kB
Jun 30 04:40:30 lx140e kernel: oom_reaper: reaped process 2234
(firefox), now anon-rss:0kB, file-rss:0kB, shmem-rss:3056kB
Config issue or bug? I could not find anything about this in bugzilla.
4 years, 9 months
F30 - Grub error message
by Robert Moskowitz
Right at boot a message flashes on the screen. Something about an error.
All I can see for the brief time it is on the screen are the words in a
path of grub and I think loader
I do not see any messages in /var/log/messages that include 'grub' that
look anything like an error.
This comes before the IRQ messages which stay on the screen for long
enough to easily read them.
Is there some way to catch this message so I can figure out what is the
problem?
thanks
4 years, 9 months
GDM Login Screen Doesn't Show Primary User After F30 Upgrade
by Tim Evans
I have experienced similar issues with two different F29->F30 upgrades
via dnf. Although what happened wasn't identical on both upgrades, the
results were the same: After upgrade/reboot, the GDM login screen does
not show the primary (previously existing) user name (UID 1000).
In the first upgrade, I was forced to create a new user after the
upgrade on first boot, as if this was a new install, despite the
existing userid. The previously existing user name does not show up on
the GDM login screen. Instead, only the *newly* created username (UID
1001) shows.
In the second upgrade, the firstboot-create-a-new-user didn't occur, but
the previously existing primary user name (also UID 1000) does not show
on the GDM login screen. Instead, only secondary username (UID 1001) shows.
In both cases, the primary userid can be accessed by clicking the "not
show" link on the GDM login screen and manually entering userid and
password. Of course, this is a fairly simple workaround, but is
nevertheless an inconvenience.
Where does the GDM login screen pull the info for the primary userid?
/etc/passwd and /etc/group don't show anything that looks like a flag
for this.
The files in /var/lib/AccountsService/users/ appear to contain some sort
of flag, but they are apparently created on login, rather than being
permanent. On both systems the primary userid (UID 1000) is shown as:
SystemAccount=true
While the file for UID 1002 is:
SystemAccount=false
Modification time on these files is same as the userid's last login, and
manually changing the SystemAccount flag has no effect; it's set back on
next login.
--
Tim Evans |5 Chestnut Court
443-394-3864 |Owings Mills, MD 21117
4 years, 9 months
nvidia-kmod Build Fails on Recent F30 Debug Kernels
by Tim Evans
Failure appears to occur only with debug kernels. For example, from
/var/cache/akmods/nvidia/430.26-1-for-5.1.15-300.fc30.x86_64+debug.failed.log
019/06/29 11:04:41 akmodsbuild: FATAL: modpost: GPL-incompatible module
nvidia.ko uses GPL-only symbol 'mutex_destroy'
2019/06/29 11:04:41 akmodsbuild: make[2]: ***
[scripts/Makefile.modpost:91: __modpost] Error 1
2019/06/29 11:04:41 akmodsbuild: make[1]: *** [Makefile:1579: modules]
Error 2
2019/06/29 11:04:41 akmodsbuild: make[1]: Leaving directory
'/usr/src/kernels/5.1.15-300.fc30.x86_64+debug'
2019/06/29 11:04:41 akmodsbuild: make: *** [Makefile:81: modules] Error 2
2019/06/29 11:04:41 akmodsbuild: error: Bad exit status from
/var/tmp/rpm-tmp.1KXnFB (%build)
2019/06/29 11:04:41 akmodsbuild:
2019/06/29 11:04:41 akmodsbuild:
2019/06/29 11:04:41 akmodsbuild: RPM build errors:
2019/06/29 11:04:41 akmodsbuild: user mockbuild does not exist - using root
2019/06/29 11:04:41 akmodsbuild: group mock does not exist - using root
2019/06/29 11:04:41 akmodsbuild: user mockbuild does not exist - using root
2019/06/29 11:04:41 akmodsbuild: group mock does not exist - using root
2019/06/29 11:04:41 akmodsbuild: Bad exit status from
/var/tmp/rpm-tmp.1KXnFB (%build)
Non-debug kernel mod build looks ok; but journalctl reports:
Jun 29 11:11:23 osprey kernel: NVRM: loading NVIDIA UNIX x86_64 Kernel
Module 4
30.26 Tue Jun 4 17:40:52 CDT 2019
Jun 29 11:11:23 osprey kernel: nvidia-uvm: Loaded the UVM driver in 8
mode, majo
r device number 235
Jun 29 11:11:23 osprey kernel: nvidia-modeset: Loading NVIDIA Kernel
Mode Settin
g Driver for UNIX platforms 430.26 Tue Jun 4 17:45:09 CDT 2019
Jun 29 11:11:23 osprey kernel: [drm] [nvidia-drm] [GPU ID 0x00000100]
Loading dr
iver
Jun 29 11:11:23 osprey kernel: [drm] Initialized nvidia-drm 0.0.0
20160202 for 0000:01:00.0 on minor 0
Jun 29 11:11:22 osprey systemd-udevd[774]: Process '/usr/bin/bash -c
'/usr/bin/mknod -Z -m 666 /dev/nvidiactl c 195 255'' failed with exit
code 1.
Yet:
# ls -l /dev/nvidiactl
crw-rw-rw- 1 root root 195, 255 Jun 29 11:11 /dev/nvidiactl
Continuing:
Jun 29 11:11:22 osprey systemd-udevd[774]: Process '/usr/bin/bash -c
'for i in $(cat /proc/driver/nvidia/gpus/*/information | grep Minor |
cut -d \ -f 4); do /usr/bin/mknod -Z -m 666 /dev/nvidia${i} c 195 ${i};
done'' failed with exit code 1.
I think this message indicates there is only one GPU in the Nvidia
adaptor. lspci reports the adaptor is GeForce GT 730
Finally:
Jun 29 11:12:07 osprey systemd[1]: Condition check resulted in Fallback
to nouveau as nvidia did not load being skipped.
What does that last message say? The fallback was skipped or the
condition check was skipped?
Thanks.
--
Tim Evans | 5 Chestnut Court
| Owings Mills, MD 21117
| 443-394-3864
4 years, 9 months