问题[directory](server)

我已将Mautic安装在子文件夹中，例如：example.com/m
大多数 Mautic 在我的配置（管理面板，使用 Mautic 等）中运行良好，但对于我的子文件夹中的一些重定向，我得到404：

example.com/m 200
example.com/m/form/9 200
example.com/m/form/generate.js?id=9 404

（/form 不存在 - 它应该由 Mautic 动态重定向/生成）

文件系统上的所有文件都属于 www-data。

我的主机 nginx conf：

server {
    server_name www.example.com;
    rewrite_log on;

    root /var/www/example.com/www.example.com;
    index index.php index.html index.htm;

    access_log /var/log/nginx/example.com_access.log;
    error_log /var/log/nginx/example.com_error.log notice;

    #######################################
    ##  Start Mautic Specific config #####
    #######################################

    location /m {
        # Working despite forms:
        try_files $uri $uri/ /m/?q=$uri&$args;
    }

    #######################################
    ##  End Mautic Specific config #####
    #######################################

    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
    }

    # A long browser cache lifetime can speed up repeat visits to your page
    location ~* \.(jpg|jpeg|gif|png|webp|svg|woff|woff2|ttf|css|js|ico|xml)$ {
       access_log        off;
       log_not_found     off;
       expires           360d;
    }

    # disable access to hidden files
    location ~ /\.ht {
      access_log off;
      log_not_found off;
      deny all;
    }

    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/stats.example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/stats.example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server {
    listen 443 ssl;
    server_name example.com;
    listen [::]:443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/stats.example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/stats.example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
    return 301 https://www.example.com$request_uri;

}

server {
    if ($host = example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = www.example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    server_name example.com www.example.com;
    listen 80;
    listen [::]:80;
    return 301 https://$host$request_uri;
    #return 404; # managed by Certbot

}

我究竟做错了什么？

我只需要从文件路径中获取最近的子目录和文件名，如下所示。

前任：-

(1)E:\Dump\DumpText-1.txt - Dump\DumpText-1.txt

(2)E:\Dump\SubDump1\DumpText-1.txt - SubDump1\DumpText-1.txt

(3)E:\Dump\SubDump3\Sub_SubDump1\DumpText-1.txt -Sub_SubDump1\DumpText-1.txt

我的 PowerShell 脚本如下：

Get-ChildItem $directoryPath -Recurse | ForEach-Object -Process {if (!$_.PSIsContainer) {$_.FullName; $_.FullName -replace "^.*?\\"; " "}}

我有一个关于 Openldap 的问题。我正在使用从 openldap 获取错误的解决方案（PingFederate）根据过滤器执行不同的操作。例如我可以说：检测无效的 DN 错误，当你得到它时做一些事情。

我在 ppolicy 中将 olcPPolicyUseLockout 设置为 true，以便在凭据无效时获取更多信息；这样 Pingfederate 就会抓住它。但它不起作用

当我将 ldapwhoami 与 -e ppolicy 一起使用时，我得到以下信息： ldap_bind: Invalid credentials (49); 密码过期 ldap_bind：凭据无效 (49)；帐户被锁定

所以我的问题如下：Openldap 中的分号是什么意思？是否考虑分号后的消息？Openldap 是否将整个错误传达给与其集成的其他解决方案？

使用 Ubuntu 18.04

我有我的主要网站www.example.com，所有文件都托管在/var/www/html/其中，并且按预期工作。我现在想在子域中创建一个新网站www.blog.example.com。

我在我的网络主机上为子域创建了一个新的 dns 记录，并确认它正在工作，当我 ping 时，www.blog.example.com我看到了正确的服务器 IP 地址。

我的目录结构如下所示；

• /var/www/html（包含www.example.com的所有文件）
• /var/www/blog.example.com（包含用于测试的单个 index.html 文件）

我有每个域的虚拟主机，内容如下；

/etc/apache2/sites-available/example.com.conf

<VirtualHost *:80>
    ServerName example.com
    DocumentRoot /var/www/html
    <Directory /var/www/html/rascal.ac.uk>
        AllowOverride all
        Order allow,deny
        allow from all
        Require all granted
    </Directory>
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    Include conf-available/serve-cgi-bin.conf
</VirtualHost>

/etc/apache2/sites-available/blog.example.com.conf

<VirtualHost *:80>
    ServerName blog.example.com
    DocumentRoot /var/www/blog.example.com
    <Directory /var/www/blog.example.com/>
        AllowOverride all
        Order allow,deny
        allow from all
        Require all granted
    </Directory>
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

也有/etc/apache2/sites-available/000-default.conf这样的；

<VirtualHost *:80>
    DocumentRoot /var/www/html
    <Directory "/var/www/html">
        AllowOverride All
    </Directory>
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

所有站点均已启用，并且我已多次重新加载/重新启动 apache。

当我访问时，www.example.com我看到了我的主要网站，正如预期的那样。当我访问www.blog.example.com我的主要网站时，我应该看到我的index.html文件中的内容。

如果我禁用 000-default.conf两个 url 显示的内容blog.example.com，问题可能出在这个文件中吗？

我有一个要在 /opt/ 中删除的目录

[user /] $ sudo su
[root /] # cd /opt
[root opt] # rm -rf tomcat9
[root opt] # ls
[root opt] # ls
tomcat9

但我似乎仍然无法删除 tomcat9 目录。在 tomcat9 (/opt/tomcat9/openam/openam/debug/SystemCore) 中仍然有嵌套目录，但rm -rf tomcat9作为 root 应该删除它。

删除时没有错误。它确实删除了，但几秒钟后，tomcat9目录再次出现。这是为什么？

我在 Windows Server 中创建了一个新用户组 [ Group A ]，创建一个新用户 [ User 1 ] 作为 [ Group A ] 的成员。

如果我由用户 [ User 1 ] 将文件夹安全设置为 [ Allow ] ，则该设置将起作用，[ User 1 ] 可以访问该文件夹。

如果我通过用户组 [ Group A ] 将文件夹安全设置为 [ Allow ] ，则设置不起作用，即使 [ User 1 ] 是 [ Group A ]的成员，[ User 1 ] 也无法访问该文件夹

我期望的是我应该能够通过 [用户组] 设置文件夹安全性，而不是通过 [用户]设置

我遗漏或错误的任何步骤？

提前致谢

我在 CentOS 8 上有一个 rsyslog，我用这部分配置将几个系统配置到子文件夹

$template RemoteLogs,"/var/log/hosts/%HOSTNAME%/%$YEAR%/%$MONTH%/%$DAY%/syslog.log"
*.* ?RemoteLogs

这工作正常，但来自远程系统的所有日志都被写入 /var/log/messages。我怎么能在他们自己的子文件夹中有远程日志而不被写入/var/log/messages？

这是我的配置文件。

# rsyslog configuration file

# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html
# or latest version online at http://www.rsyslog.com/doc/rsyslog_conf.html
# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html

#### MODULES ####

module(load="imuxsock"    # provides support for local system logging (e.g. via logger command)
       SysSock.Use="off") # Turn off message reception via local log socket;
              # local messages are retrieved through imjournal now.
module(load="imjournal"         # provides access to the systemd journal
       StateFile="imjournal.state") # File to store the position in the journal
module(load="imklog") # reads kernel messages (the same are read from journald)
#module(load"immark") # provides --MARK-- message capability

# Provides UDP syslog reception
# for parameters see http://www.rsyslog.com/doc/imudp.html
module(load="imudp") # needs to be done just once
input(type="imudp" port="514")

# Provides TCP syslog reception
# for parameters see http://www.rsyslog.com/doc/imtcp.html
#module(load="imtcp") # needs to be done just once
#input(type="imtcp" port="514")

$template RemoteLogs,"/var/log/hosts/%HOSTNAME%/%$YEAR%/%$MONTH%/%$DAY%/syslog.log"
*.* ?RemoteLogs

#
# Set the default permissions for all log files.
#
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022

# These may require root
$FileOwner syslog
$FileGroup syslog
$PrivDropToUser syslog
$PrivDropToGroup syslog

#### GLOBAL DIRECTIVES ####

# Where to place auxiliary files
global(workDirectory="/var/lib/rsyslog")

# Use default timestamp format
module(load="builtin:omfile" Template="RSYSLOG_TraditionalFileFormat")

# Include all config files in /etc/rsyslog.d/
include(file="/etc/rsyslog.d/*.conf" mode="optional")

#### RULES ####

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
kern.*                                                 /var/log/messages

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none                /var/log/messages

# The authpriv file has restricted access.
authpriv.*                                              /var/log/secure

# Log all the mail messages in one place.
mail.*                                                  -/var/log/maillog


# Log cron stuff
cron.*                                                  /var/log/cron

# Everybody gets emergency messages
*.emerg                                                 :omusrmsg:*

# Save news errors of level crit and higher in a special file.
uucp,news.crit                                          /var/log/spooler

# Save boot messages also to boot.log
local7.*                                                /var/log/boot.log


# ### sample forwarding rule ###
#action(type="omfwd"
# An on-disk queue is created for this action. If the remote host is
# down, messages are spooled to disk and sent when it is up again.
#queue.filename="fwdRule1"       # unique name prefix for spool files
#queue.maxdiskspace="1g"         # 1gb space limit (use as much as possible)
#queue.saveonshutdown="on"       # save messages to disk on shutdown
#queue.type="LinkedList"         # run asynchronously
#action.resumeRetryCount="-1"    # infinite retries if host is down
# Remote Logging (we use TCP for reliable delivery)
# remote_host is: name/ip, e.g. 192.168.0.1, port optional e.g. 10514
#Target="remote_host" Port="XXX" Protocol="tcp")
[root@rsyslog log]#
[root@rsyslog log]# cat /etc/rsyslog.conf
# rsyslog configuration file

# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html
# or latest version online at http://www.rsyslog.com/doc/rsyslog_conf.html
# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html

#### MODULES ####

module(load="imuxsock"    # provides support for local system logging (e.g. via logger command)
       SysSock.Use="off") # Turn off message reception via local log socket;
              # local messages are retrieved through imjournal now.
module(load="imjournal"         # provides access to the systemd journal
       StateFile="imjournal.state") # File to store the position in the journal
module(load="imklog") # reads kernel messages (the same are read from journald)
#module(load"immark") # provides --MARK-- message capability

# Provides UDP syslog reception
# for parameters see http://www.rsyslog.com/doc/imudp.html
module(load="imudp") # needs to be done just once
input(type="imudp" port="514")

# Provides TCP syslog reception
# for parameters see http://www.rsyslog.com/doc/imtcp.html
#module(load="imtcp") # needs to be done just once
#input(type="imtcp" port="514")

$template RemoteLogs,"/var/log/hosts/%HOSTNAME%/%$YEAR%/%$MONTH%/%$DAY%/syslog.log"
*.* ?RemoteLogs

#
# Set the default permissions for all log files.
#
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022

# These may require root
$FileOwner syslog
$FileGroup syslog
$PrivDropToUser syslog
$PrivDropToGroup syslog

#### GLOBAL DIRECTIVES ####

# Where to place auxiliary files
global(workDirectory="/var/lib/rsyslog")

# Use default timestamp format
module(load="builtin:omfile" Template="RSYSLOG_TraditionalFileFormat")

# Include all config files in /etc/rsyslog.d/
include(file="/etc/rsyslog.d/*.conf" mode="optional")

#### RULES ####

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
kern.*                                                 /var/log/messages

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none                /var/log/messages

# The authpriv file has restricted access.
authpriv.*                                              /var/log/secure

# Log all the mail messages in one place.
mail.*                                                  -/var/log/maillog


# Log cron stuff
cron.*                                                  /var/log/cron

# Everybody gets emergency messages
*.emerg                                                 :omusrmsg:*

# Save news errors of level crit and higher in a special file.
uucp,news.crit                                          /var/log/spooler

# Save boot messages also to boot.log
local7.*                                                /var/log/boot.log


# ### sample forwarding rule ###
#action(type="omfwd"
# An on-disk queue is created for this action. If the remote host is
# down, messages are spooled to disk and sent when it is up again.
#queue.filename="fwdRule1"       # unique name prefix for spool files
#queue.maxdiskspace="1g"         # 1gb space limit (use as much as possible)
#queue.saveonshutdown="on"       # save messages to disk on shutdown
#queue.type="LinkedList"         # run asynchronously
#action.resumeRetryCount="-1"    # infinite retries if host is down
# Remote Logging (we use TCP for reliable delivery)
# remote_host is: name/ip, e.g. 192.168.0.1, port optional e.g. 10514
#Target="remote_host" Port="XXX" Protocol="tcp")

我有以下问题。

在我的本地测试配置中，当我尝试访问https://www.testdomain.local/admin它时，它总是会将我重定向到https://www.testdomain.local:8443/admin/我的系统中无法解决的问题。

我的 nginx 在 Docker 容器中运行，该容器将请求转发到端口 443 到端口 8443，nginx 正在监听该端口。

admin 文件夹是根文件夹的子目录。

root -> /application/public/testdomain
root/admin -> /application/public/testdomain/admin

当前行为如下所示：

https://www.testdomain.local -> https://www.testdomain.local (correct)
https://www.testdomain.local/ -> https://www.testdomain.local (correct)
https://www.testdomain.local/admin/ (with trailing slash) -> https://www.testdomain.local/admin/ (correct)
https://www.testdomain.local/admin (without trailing slash) -> https://www.testdomain.local:8443/admin/ (incorrect)

对于最后一种情况，我的首选行为是：

https://www.testdomain.local/admin -> https://www.testdomain.local:8443/admin or https://www.testdomain.local/admin/

我尝试了许多通过 Google 或 ServerFault 找到的解决方案，但无法获得所需的行为。

server {
    listen 8443 ssl;

    server_name www.testdomain.local;
    
    client_max_body_size 108M;

    access_log /var/log/nginx/testdomain.access.log anonymized;

    ssl_certificate /application/common/certificate.crt;
    ssl_certificate_key /application/common/privatekey.key;

    root /application/public/testdomain;
    index index.php;
    
    if (!-e $request_filename) {
        rewrite ^.*$ /index.php last;
    }
    
    location ~ \.php$ {
        fastcgi_pass php:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PHP_VALUE "error_log=/var/log/nginx/application_php_errors.log";
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        include fastcgi_params;
    }
    
}

我需要查询哪些过滤用户的密码设置不会过期。

我有这样的事情：

(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=65536))

它可以工作，但甚至会显示禁用的帐户和一些系统帐户，例如 (HealthMailbox)。

我可以以某种方式过滤以仅显示活跃用户吗？

我试过了，但它不起作用：

(&(&(&(objectCategory=person)(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=65536)))))

我有一个在 Ubuntu 18.04 下运行的重复备份脚本，它备份了我的 /etc 目录的内容，如下所示：

duplicity --archive-dir=/home/bkp/.cache /etc rsync://backup.host::/bkp/etc

我现在想从中恢复 /etc/postfix 目录。但是当我尝试使用以下方法恢复它时：

duplicity restore rsync://backup.host::/bkp/etc/postfix ./postfix.restored

它说：

rsync: change_dir "/etc/postfix" (in bkp) failed: No such file or directory (2)

如果我在 /etc 备份上做 duplicity list-current-files 我可以看到它在那里。不过，我在手册页中看不到任何关于此的内容。