将非系统虚拟机从 Debian 11 Bullseye 升级到 Debian 12 Bookworm 后,我开始在启动时看到以下消息:
init: No inittab.d directory found during boot log
该怎么办?
当我向在 Chrome 中使用 Chrome 的同事展示X.509 certificate giving error in Chrome 时,他向我展示了这个问题X.509 certificate giving error in Windows,他向我展示了 Windows 中的 Chrome 正在解释并正确显示“新”X.509 扩展证书透明度,这与 Linux 中的 Chrome 行为相反。
对于示例 SCT 启用域,请说https://www.digicert.com。因此,在 Debian 9 中,在当前生产的 69.0.3497.92、beta 70.0.3538.16 和不稳定的 70.0.3538.16 版本的 Chrome 中,它显示如下:
在 Windows Chrome 69.0.3497.92 中,它显示如下:
这里发生了什么?
RedHat 6.2 VM我刚刚在正在运行的 Apache 2.2中的站点/虚拟主机中更新了 Multicert 颁发的公共 X.509 证书。我们称之为https://www.multicert.com。我使用 Chrome 访问该站点的客户端计算机正在运行Debian 9。
令我惊讶的是,该证书在 Firefox Quantum 60.2.0esr(64 位)和 Safari 中也获得了批准/绿色,但是 Chrome 69.0.3497.92 现在抱怨该站点不安全(而在使用旧证书之前它是好的)。
我检查了 Apache 配置,一切似乎都很好。我还检查了 X.509 证书链和根,一切似乎都正常。
我们还为类似配置的站点同时颁发了另一个公共证书,但是,它是颁发的Comodo而不是颁发Multicert的,并且在这个站点中,Chrome 可以很好地使用该证书,我们称之为https://www.digicert.com
如果我恢复到旧证书,Chrome 会再次工作,但是我不能就这样离开它,因为它可能会在明天被撤销,并且在几天后到期。
我们在带有 Comodo 证书的站点中注意到的唯一变化是在 Chrome 中,当单击证书时lock->Certificate-details,我们在 Extensions 下有一个带有标识符的新字段OID.1.3.6.1.4.1.1.11129.2.4.2
这里发生了什么?
在联想 ThinkPad E560 中运行 amd64 中的 Debian 9.5/Antix 17。
我在apt / apt-get做apt-get download sudo.
有趣的是,它仅在以 root 身份运行命令时发生。
# apt-get download sudo
Get:1 http://ftp.us.debian.org/debian stretch/main amd64 sudo amd64 1.8.19p1-2.1 [1,055 kB]
Fetched 1,055 kB in 2s (352 kB/s)
W: Download is performed unsandboxed as root as file '/home/xdlta55/sudo_1.8.19p1-2.1_amd64.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)
如果 deb 文件已经存在,该错误也不会出现。
我认为apt download应该在它下载 deb 文件后立即完成它的业务,这里发生了什么?
PS。我知道这个命令可以也不应该以 root 身份运行。
聚苯乙烯。strace没有显示任何有意义的东西。
我在这里遇到了一个奇怪的问题——集成的突触鼠标/橡胶鼠标在 Linux 中不起作用。
集成鼠标/鼠标垫仅在 Windows 已首先激活它们时才起作用。我可以在 Linux 中进行多次重新启动,并且它们确实可以继续工作。只要笔记本没有断电,它们就会被识别。
如果笔记本耗尽所有电池,我只能在首先在 Windows 中启动时才能再次使用鼠标垫/鼠标。
因此,我可以在 Linux 运行时轻松重现错误并取出电池。这样,鼠标垫在我再次在 Windows 中启动之前不会被识别。因此,当硬件处于未知(初始化)状态时,开源驱动程序似乎无法识别设备。
我在 2016 Lenovo ThinkPad E560、i7-6500U CPU @ 2.50GHz、16GB RAM 和 SSD 磁盘中使用 Debian 9/Antix 17.1。
这台机器有一个双卡,但是我radeon.modeset=0在内核参数中停用了 radeon。所以相关参数为:
$ lspci | grep VGA
00:02.0 VGA compatible controller: Intel Corporation HD Graphics 520 (rev 07)
我的xserver-xorg相关软件包是:
xserver-xorg - 7.7+19
xserver-xorg-core - 1.19.2-1.0nosystemd2
xserver-xorg-input-libinput - 0.23.0-2
xserver-xorg-input-synaptics - 1.9.0-1+b1
xserver-xorg-video-intel - 2.99.917+git20161206-1
我已经尝试运行 Antix 存储库中存在的 Debian 内核, 4.10.5-antix.3-amd64-smp并且4.18.4-antix.1-amd64-smp症状没有任何变化;正如@StephenKitt 告诉我的那样,新版本的突触处理发生了变化。
我当前的内核参数是:
$ cat /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-4.18.4-antix.1-amd64-smp root=UUID=00c17984-859f-4197-8bd8-b346ddd092bd ro iommu=1 intel_iommu=on iommu=pt ipv6.disable=1 intremap=no_x2apic_optout radeon.modeset=0
我还遵循了一些在线建议,将 xorg 中的鼠标垫处理从 xserver-xorg-input-synaptics 更改为 xserver-xorg-input-libinput,安装后者,然后执行以下操作:
cd /etc/X11/xorg.conf.d
ln -s /usr/share/X11/xorg.conf.d/40-libinput.conf
症状保持不变。
我还在 Windows 10 的设备管理器中查看了设备/驱动程序的名称,它是一个名为“Ultranav”的双鼠标鼠标垫/键盘橡胶。libinput-list-devices也将其命名为“AlpsPS/2 ALPS DualPoint TouchPad”。其他一些人也将这款鼠标 Elantech 称为其他联想型号。
我也安装libinput-tools了调试情况。有趣的是,libinput-list-devices在运行 Windows 之后会看到运行该命令的鼠标,而在它不存在之前。
我已经有了与内核团队一起填补 bug 的建议。
该怎么办?
制造商和型号的相关dmidecode数据为:
# dmidecode -s system-manufacturer
LENOVO
# dmidecode -s system-product-name
20EV000YPG
# dmidecode -s system-version
ThinkPad E560
libunput-list-devices启动 Windows 10 之前和之后的差异。
$ diff libunput-list-devices-before_windows.txt after-windows.txt
2c2
< Kernel: /dev/input/event8
---
> Kernel: /dev/input/event10
20c20
< Kernel: /dev/input/event10
---
> Kernel: /dev/input/event12
38c38
< Kernel: /dev/input/event7
---
> Kernel: /dev/input/event9
128c128
< Kernel: /dev/input/event18
---
> Kernel: /dev/input/event20
163,164c163,164
< Device: ThinkPad Extra Buttons
< Kernel: /dev/input/event9
---
> Device: AlpsPS/2 ALPS DualPoint Stick
> Kernel: /dev/input/event6
165a166,202
> Seat: seat0, default
> Capabilities: pointer
> Tap-to-click: n/a
> Tap-and-drag: n/a
> Tap drag lock: n/a
> Left-handed: disabled
> Nat.scrolling: disabled
> Middle emulation: disabled
> Calibration: n/a
> Scroll methods: *button
> Click methods: none
> Disable-w-typing: n/a
> Accel profiles: flat *adaptive
> Rotation: n/a
>
> Device: AlpsPS/2 ALPS DualPoint TouchPad
> Kernel: /dev/input/event7
> Group: 7
> Seat: seat0, default
> Size: 97.50x53.87mm
> Capabilities: pointer
> Tap-to-click: disabled
> Tap-and-drag: enabled
> Tap drag lock: disabled
> Left-handed: disabled
> Nat.scrolling: disabled
> Middle emulation: disabled
> Calibration: n/a
> Scroll methods: *two-finger edge
> Click methods: *button-areas clickfinger
> Disable-w-typing: enabled
> Accel profiles: none
> Rotation: n/a
>
> Device: ThinkPad Extra Buttons
> Kernel: /dev/input/event11
> Group: 8
我的 Hiri 1.4.0.4 电子邮件客户端在被调用时开始崩溃。
我在带有 i7 6500U CPU @ 2.50GHz 和 16GB RAM 的 Lenovo Thinkpad E560 中使用 Debian Stretch/amd64。运行xserver-xorg7.7+19 和fluxbox1.3.5-2+b2
我刚刚在 GRUB 中禁用了我的 radeon 卡radeon.modeset=0。它现在使用“Intel HD Graphics 520 (rev 07)”
在尝试禁用 Radeon 的过程中,我卸载了 radeon Xorg 驱动程序和台面包驱动程序libgl1-mesa-dri。
现在,当我用 调用我的电子邮件应用程序 Hiri 时hiri.sh,它崩溃了。它会打开初始屏幕,但在启动后会崩溃,并出现以下错误。
我能纠正这个吗?
libEGL warning: DRI2: failed to authenticate
libEGL warning: DRI2: failed to open swrast (search paths /usr/lib/x86_64-linux-gnu/dri:${ORIGIN}/dri:/usr/lib/dri)
libEGL warning: DRI2: failed to authenticate
libEGL warning: DRI2: failed to open swrast (search paths /usr/lib/x86_64-linux-gnu/dri:${ORIGIN}/dri:/usr/lib/dri)
./hiri.sh: line 13: 1369 Aborted "$SCRIPTDIR/hirimain" $@
这些是我关于已删除软件包的日志/var/log/apt/history.log
Start-Date: 2018-08-15 13:42:53
Requested-By: xxxxx (1000)
Remove: xserver-xorg-video-all:amd64 (1:7.7+19), xserver-xorg-video-ati:amd64 (1:7.8.0-1+b1), libgl1-mesa-dri:amd64 (13.0.6-1+b2)
Purge: xserver-xorg-video-radeon:amd64 (1:7.8.0-1+b1), libdrm-radeon1:amd64 (2.4.74-1), radeontool:amd64 (1.6.3-1+b1)
End-Date: 2018-08-15 13:42:55
PS 我还测试了 Hiri 1.4.0.3。行为是相同的。
我有一个禁用 IPv6 的基于 Stretch 的桌面,两者都作为内核中的参数。
我安装了openssh-client包中的 ssh 客户端,版本 1:7.6p1-2.0nosystemd1。
在调试 DNS 解析问题时,我确实注意到 ssh 客户端正在执行与 IPv6 DNS 相关的查询,如包含的tcpdump日志所示。
我的问题是,如何禁用该行为?
PS。我不是在问这是一个好主意还是坏主意,只是问如何在一个已经禁用所有 IPv6 服务的系统中做到这一点。
tcpdump执行命令时的日志ssh server1 ; ssh server2。
# tcpdump -n port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on wlan0, link-type EN10MB (Ethernet), capture size 262144 bytes
02:53:37.479073 IP 192.168.1.5.58296 > 192.168.1.1.53: 61011+ A? server1.home. (30)
02:53:37.479100 IP 192.168.1.5.58296 > 192.168.1.1.53: 4719+ AAAA? server1.home. (30)
02:53:37.487504 IP 192.168.1.1.53 > 192.168.1.5.58296: 61011 NXDomain* 0/1/0 (69)
02:53:37.493279 IP 192.168.1.1.53 > 192.168.1.5.58296: 4719 NXDomain* 0/1/0 (69)
02:53:37.493428 IP 192.168.1.5.60276 > 192.168.1.1.53: 31390+ A? server1. (25)
02:53:37.493455 IP 192.168.1.5.60276 > 192.168.1.1.53: 50392+ AAAA? server1. (25)
02:53:37.527879 IP 192.168.1.1.53 > 192.168.1.5.60276: 31390 NXDomain 0/1/0 (100)
02:53:37.535417 IP 192.168.1.1.53 > 192.168.1.5.60276: 50392 NXDomain 0/1/0 (100)
02:53:38.447390 IP 192.168.1.5.36155 > 192.168.1.1.53: 39363+ A? server1.home. (30)
02:53:38.447412 IP 192.168.1.5.36155 > 192.168.1.1.53: 4430+ AAAA? server1.home. (30)
02:53:38.455743 IP 192.168.1.1.53 > 192.168.1.5.36155: 39363 NXDomain* 0/1/0 (69)
02:53:38.461492 IP 192.168.1.1.53 > 192.168.1.5.36155: 4430 NXDomain* 0/1/0 (69)
02:53:38.461606 IP 192.168.1.5.39311 > 192.168.1.1.53: 45400+ A? server1. (25)
02:53:38.461631 IP 192.168.1.5.39311 > 192.168.1.1.53: 872+ AAAA? server1. (25)
02:53:38.493714 IP 192.168.1.1.53 > 192.168.1.5.39311: 45400 NXDomain 0/1/0 (100)
02:53:38.500353 IP 192.168.1.1.53 > 192.168.1.5.39311: 872 NXDomain 0/1/0 (100)
证明 IPv6 在内核/grub 中被禁用:
$ cat /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-4.10.5-antix.3-amd64-smp root=UUID=00c17984-859f-4197-8bd8-b346ddd092bd ro iommu=1 intel_iommu=on iommu=pt ip6.disable=1 intremap=no_x2apic_optout radeon.pcie_gen2=0
还有在sysctl:
$ cat /etc/sysctl.conf | grep ipv6
net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6=1
也/etc/gai.conf更改为优先考虑 IPv4。
在此处运行最新版本的 antiX 17。
在进行一轮升级并为专有 VPN 客户端安装 32 位软件包后,我在执行例程时遇到依赖项错误apt upgrade。
错误是:
The following packages have been kept back:
xserver-xorg-core
尝试执行apt-get install xserver-xorg-core返回以下消息:
# apt-get install xserver-xorg-core
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming.
The following information may help to resolve the situation:
The following packages have unmet dependencies:
xserver-xorg-core : Depends: libeudev1 but it is not going to be installed
E: Unable to correct problems, you have held broken packages.
为了aptitude install xserver-xorg-core进一步调试问题,我得到了这些更有意义的消息:
....
Accept this solution? [Y/n/q/?] n
The following actions will resolve these dependencies:
Remove the following packages:
1) libudev-dev [220:3.2-4.0nosystemd1 (now)]
2) libudev1 [220:3.2-4.0nosystemd1 (now)]
3) udev [220:3.2-4.0nosystemd1 (now)]
Install the following packages:
4) eudev:i386 [232:3.2.5.3 (stretch)]
5) libblkid1:i386 [2.29.2-1+deb9u1 (stable)]
6) libeudev1 [232:3.2.5.3 (stretch)]
7) libeudev1:i386 [232:3.2.5.3 (stretch)]
8) libkmod2:i386 [23-2 (stable)]
9) libpcre3:i386 [2:8.39-3 (stable)]
10) libselinux1:i386 [2.6-3+b3 (stable)]
Keep the following packages at their current version:
11) libxfont2 [1:2.0.1-3+deb9u1 (now, stable)]
Upgrade the following packages:
12) xserver-xorg-core [2:1.19.2-1.0nosystemd1 (now) -> 2:1.19.2-1.0nosystemd2 (stretch)]
Downgrade the following packages:
13) libblkid1 [2.29.2-1.0nosystemd1 (now, stretch) -> 2.29.2-1+deb9u1 (stable)]
该怎么办?
我在 VirtualBox 中使用 Debian Buster VM 作为 Windows 10 笔记本的路由器。[这里不值一提的原因]
它已经运行了几天,但昨天和今天的流量变得异常缓慢且不可靠 - 在我家相对稳定的网络中。包括主机在内的其他设备工作正常。重新启动虚拟机(并且只有虚拟机)会在一段时间内修复它,但问题很快就会令人恼火地回来。
仔细检查后,我在控制台和/var/log/syslog.
出现类似问题/错误的 eth0 和 eth1 接口是虚拟网络接口卡。
真正的设备主机是带有 Intel Dual Band Wireless-AC 3165 的 Lenovo ThinkPad E560 Intel i7,这是 eth0 NAT 后面的真正 NIC。
但是,eth1 是内部网络的虚拟网络接口,它只与 windows 主机上的另一个虚拟网络接口通信,并且与真实网络接口卡或外部流量无关。因此,该问题似乎不仅与(外部/真实)网络或主机的物理接口相关。
Virtual Box 版本是 5.2.12 r122591 (Qt5.6.2)。我还在有问题的 VM 中安装了 Virtual Box 工具。
怎么了?
有问题的接口:
# ip a
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 08:00:27:f6:32:22 brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 08:00:27:82:0f:24 brd ff:ff:ff:ff:ff:ff
inet 4.1.1.1/24 brd 4.1.1.255 scope global eth1
valid_lft forever preferred_lft forever
lspci有问题的 VM 的输出。
$ lspci
00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02)
00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
00:01.1 IDE interface: Intel Corporation 82371AB/EB/MB PIIX4 IDE (rev 01)
00:02.0 VGA compatible controller: InnoTek Systemberatung GmbH VirtualBox Graphics Adapter
00:03.0 Ethernet controller: Intel Corporation 82540EM Gigabit Ethernet Controller (rev 02)
00:04.0 System peripheral: InnoTek Systemberatung GmbH VirtualBox Guest Service
00:06.0 USB controller: Apple Inc. KeyLargo/Intrepid USB
00:07.0 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 08)
00:08.0 Ethernet controller: Intel Corporation 82540EM Gigabit Ethernet Controller (rev 02)
00:0d.0 SATA controller: Intel Corporation 82801HM/HEM (ICH8M/ICH8M-E) SATA Controller [AHCI mode] (rev 02)
eth0 的错误。Eth1 也出现了同样的错误。
Jun 25 08:32:22 rui kernel: [31950.194099] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:32:25 rui kernel: [31952.306456] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:32:54 rui kernel: [31981.448886] e1000 0000:00:03.0 eth0: Detected Tx Unit Hang
Jun 25 08:32:59 rui kernel: [31987.206829] e1000 0000:00:03.0 eth0: Detected Tx Unit Hang
Jun 23 20:40:58 rui systemd[1]: Started ifup for eth0.
Jun 23 20:40:58 rui kernel: [ 1.671922] e1000 0000:00:03.0 eth0: (PCI:33MHz:32-bit) 08:00:27:f6:32:22
Jun 23 20:40:58 rui kernel: [ 1.672229] e1000 0000:00:03.0 eth0: Intel(R) PRO/1000 Network Connection
Jun 23 20:40:59 rui ifup[570]: /sbin/ifup: waiting for lock on /run/network/ifstate.eth0
Jun 23 20:40:59 rui kernel: [ 4.760724] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 23 20:40:59 rui dhclient[581]: Listening on LPF/eth0/08:00:27:f6:32:22
Jun 23 20:40:59 rui sh[563]: Listening on LPF/eth0/08:00:27:f6:32:22
Jun 23 20:40:59 rui dhclient[581]: Sending on LPF/eth0/08:00:27:f6:32:22
Jun 23 20:40:59 rui sh[563]: Sending on LPF/eth0/08:00:27:f6:32:22
Jun 23 20:40:59 rui dhclient[581]: DHCPREQUEST of 10.0.2.15 on eth0 to 255.255.255.255 port 67 (xid=0x1211b42a)
Jun 23 20:40:59 rui sh[563]: DHCPREQUEST of 10.0.2.15 on eth0 to 255.255.255.255 port 67 (xid=0x1211b42a)
Jun 23 20:40:59 rui sh[563]: ifup: interface eth0 already configured
Jun 25 08:33:16 rui dhclient[644]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 3 (xid=0xac0f1c44)
Jun 25 08:33:16 rui dhclient[644]: DHCPREQUEST of 10.0.2.15 on eth0 to 255.255.255.255 port 67 (xid=0x441c0fac)
Jun 25 08:33:45 rui kernel: [ 38.195899] e1000 0000:00:03.0 eth0: Detected Tx Unit Hang
Jun 25 08:34:23 rui kernel: [ 76.277453] e1000 0000:00:03.0 eth0: Detected Tx Unit Hang
Jun 25 08:34:37 rui kernel: [ 89.824132] NETDEV WATCHDOG: eth0 (e1000): transmit queue 0 timed out
Jun 25 08:34:37 rui kernel: [ 89.831381] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:34:39 rui kernel: [ 92.002061] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:37:59 rui kernel: [ 292.064298] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:38:01 rui kernel: [ 294.148491] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:38:12 rui kernel: [ 304.388066] e1000 0000:00:03.0 eth0: Detected Tx Unit Hang
Jun 25 08:38:37 rui kernel: [ 329.952311] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:38:39 rui kernel: [ 332.064828] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:38:56 rui kernel: [ 349.313777] e1000 0000:00:03.0 eth0: Detected Tx Unit Hang
Jun 25 08:39:01 rui kernel: [ 354.242015] e1000 0000:00:03.0 eth0: Detected Tx Unit Hang
Jun 25 08:39:03 rui kernel: [ 356.258135] e1000 0000:00:03.0 eth0: Detected Tx Unit Hang
Jun 25 08:39:04 rui kernel: [ 357.298945] e1000 0000:00:03.0 eth0: Detected Tx Unit Hang
Jun 25 08:39:05 rui kernel: [ 357.857091] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:39:07 rui kernel: [ 359.968627] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:40:45 rui kernel: [ 457.982736] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:40:47 rui kernel: [ 460.132984] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:41:28 rui kernel: [ 500.480653] e1000: eth0 NIC Link is Down
Jun 25 08:41:28 rui kernel: [ 500.480767] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:41:30 rui kernel: [ 502.755753] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:41:40 rui kernel: [ 512.834548] e1000: eth0 NIC Link is Down
Jun 25 08:41:40 rui kernel: [ 512.834570] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:41:42 rui kernel: [ 515.008848] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:41:52 rui kernel: [ 525.031738] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:41:55 rui kernel: [ 527.668391] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:42:21 rui kernel: [ 553.953056] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:42:23 rui kernel: [ 556.033233] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:42:38 rui kernel: [ 570.848721] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:42:40 rui kernel: [ 573.025803] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:42:55 rui kernel: [ 588.001188] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:42:58 rui kernel: [ 590.402069] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:43:18 rui kernel: [ 611.040602] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:43:20 rui kernel: [ 613.153379] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:43:41 rui kernel: [ 633.825059] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:43:43 rui kernel: [ 635.936611] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:43:58 rui kernel: [ 650.980297] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:44:01 rui kernel: [ 653.377622] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:44:06 rui kernel: [ 658.918888] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:44:09 rui kernel: [ 661.319139] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:44:24 rui kernel: [ 676.832703] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:44:26 rui kernel: [ 678.944975] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:44:46 rui kernel: [ 698.848483] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:44:48 rui kernel: [ 701.024837] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 08:44:52 rui kernel: [ 705.056365] e1000: eth0 NIC Link is Down
Jun 25 08:44:52 rui kernel: [ 705.056391] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 08:44:54 rui kernel: [ 707.174980] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 09:28:15 rui kernel: [ 3308.128693] e1000: eth0 NIC Link is Down
Jun 25 09:28:15 rui kernel: [ 3308.128863] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 09:28:17 rui kernel: [ 3310.241091] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 09:28:28 rui kernel: [ 3321.056739] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 09:28:30 rui kernel: [ 3323.297966] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 09:28:41 rui kernel: [ 3333.856657] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 09:28:43 rui kernel: [ 3336.001892] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 09:29:08 rui kernel: [ 3360.993029] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 09:29:10 rui kernel: [ 3363.105257] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 09:29:26 rui kernel: [ 3378.912149] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 09:29:28 rui kernel: [ 3381.007439] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 09:29:40 rui kernel: [ 3393.088355] e1000: eth0 NIC Link is Down
Jun 25 09:29:40 rui kernel: [ 3393.088381] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 09:29:42 rui kernel: [ 3395.170789] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 09:39:25 rui kernel: [ 3978.160481] e1000: eth0 NIC Link is Down
Jun 25 09:39:25 rui kernel: [ 3978.160521] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 09:39:28 rui kernel: [ 3980.353067] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 09:39:38 rui kernel: [ 3991.008647] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 09:39:40 rui kernel: [ 3993.184977] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 09:40:02 rui kernel: [ 4015.073022] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 09:40:04 rui kernel: [ 4017.249472] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 09:40:15 rui kernel: [ 4027.872558] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 09:40:17 rui kernel: [ 4029.956157] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 09:40:42 rui kernel: [ 4055.008653] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 09:40:44 rui kernel: [ 4057.091571] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 09:41:06 rui kernel: [ 4079.074864] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 09:41:08 rui kernel: [ 4081.191157] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 09:41:29 rui kernel: [ 4101.856291] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 09:41:31 rui kernel: [ 4103.968708] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 09:41:51 rui kernel: [ 4123.872855] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 09:41:53 rui kernel: [ 4125.985169] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 09:42:13 rui kernel: [ 4145.888157] e1000 0000:00:03.0 eth0: Reset adapter
Jun 25 09:42:15 rui kernel: [ 4147.968831] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Jun 25 09:43:10 rui kernel: [ 4202.976829] e1000 0000:00:03.0 eth0: Reset adapter
VirtualBox 虚拟机配置参数
C:\Program Files\Oracle\VirtualBox>VBoxManage.exe showvminfo 9806a7eb-0045-4373-bf64-1f5d6c895041
Name: Debian
Groups: /
Guest OS: Debian (64-bit)
UUID: 9806a7eb-0045-4373-bf64-1f5d6c895041
Config file: C:\Users\Rui\VirtualBox VMs\Debian\Debian.vbox
Snapshot folder: C:\Users\Rui\VirtualBox VMs\Debian\Snapshots
Log folder: C:\Users\Rui\VirtualBox VMs\Debian\Logs
Hardware UUID: 9806a7eb-0045-4373-bf64-1f5d6c895041
Memory size: 8192MB
Page Fusion: off
VRAM size: 10MB
CPU exec cap: 100%
HPET: off
Chipset: piix3
Firmware: BIOS
Number of CPUs: 2
PAE: on
Long Mode: on
Triple Fault Reset: off
APIC: on
X2APIC: on
CPUID Portability Level: 0
CPUID overrides: None
Boot menu mode: message and menu
Boot Device (1): HardDisk
Boot Device (2): DVD
Boot Device (3): Not Assigned
Boot Device (4): Not Assigned
ACPI: on
IOAPIC: on
BIOS APIC mode: APIC
Time offset: 0ms
RTC: UTC
Hardw. virt.ext: on
Nested Paging: on
Large Pages: on
VT-x VPID: on
VT-x unr. exec.: on
Paravirt. Provider: Default
Effective Paravirt. Provider: KVM
State: powered off (since 2018-06-27T15:10:06.000000000)
Monitor count: 1
3D Acceleration: off
2D Video Acceleration: off
Teleporter Enabled: off
Teleporter Port: 0
Teleporter Address:
Teleporter Password:
Tracing Enabled: off
Allow Tracing to Access VM: off
Tracing Configuration:
Autostart Enabled: off
Autostart Delay: 0
Default Frontend:
Storage Controller Name (0): SATA
Storage Controller Type (0): IntelAhci
Storage Controller Instance Number (0): 0
Storage Controller Max Port Count (0): 30
Storage Controller Port Count (0): 2
Storage Controller Bootable (0): on
Storage Controller Name (1): IDE
Storage Controller Type (1): PIIX4
Storage Controller Instance Number (1): 0
Storage Controller Max Port Count (1): 2
Storage Controller Port Count (1): 2
Storage Controller Bootable (1): on
SATA (0, 0): C:\Users\Rui\VirtualBox VMs\Debian\Debian.vmdk (UUID: 934dc586-67a5-45c9-b548-90b4f1f7bda0)
NIC 1: MAC: 080027F63222, Attachment: NAT, Cable connected: on, Trace: off (file: none), Type: 82540EM , Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: deny, Bandwidth group: none
NIC 1 Settings: MTU: 0, Socket (send: 64, receive: 64), TCP Window (send:64, receive: 64)
NIC 1 Rule(0): name = Rule 1, protocol = tcp, host ip = , host port = 22, guest ip = , guest port = 22
NIC 2: MAC: 080027820F24, Attachment: Host-only Interface 'VirtualBox Host-Only Ethernet Adapter #2', Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: deny, Bandwidth group: none
NIC 3: disabled
NIC 4: disabled
NIC 5: disabled
NIC 6: disabled
NIC 7: disabled
NIC 8: disabled
Pointing Device: USB Tablet
Keyboard Device: PS/2 Keyboard
UART 1: disabled
UART 2: disabled
UART 3: disabled
UART 4: disabled
LPT 1: disabled
LPT 2: disabled
Audio: disabled
Audio playback: disabled
Audio capture: enabled
Clipboard Mode: Bidirectional
Drag and drop Mode: disabled
VRDE: disabled
USB: enabled
EHCI: disabled
XHCI: disabled
USB Device Filters:
<none>
Bandwidth groups: <none>
Shared folders: <none>
Capturing: not active
Capture audio: not active
Capture screens: 0
Capture file: C:\Users\Rui\VirtualBox VMs\Debian\Debian.webm
Capture dimensions: 1024x768
Capture rate: 512 kbps
Capture FPS: 25
Capture options: ac_enabled=false
Guest:
Configured memory balloon size: 0 MB
虚拟机内存使用:
$ free -m
total used free shared buff/cache available
Mem: 7976 68 7780 2 128 7711
Swap: 2047 0 2047
虚拟机负载:
xxxx@rui:~$ uptime
16:28:27 up 17 min, 1 user, load average: 0,00, 0,00, 0,00
CheckPoint 提供的用于设置 SSL 网络扩展器 VPN 的官方 Checkpoint out 命令行工具不再在 Linux 命令行中工作。CheckPoint 也不再积极支持它。
但是,有一个很有前途的项目,它试图复制 Java 小程序以进行身份验证,它与snx名为snxconnect.
我试图让snxconnect文本实用程序在 Debian Buster 中工作,这样做:
sudo pip install snxvpn
和
export PYTHONHTTPSVERIFY=0
snxconnect -H checkpoint.hostname -U USER
但是,它大多死于以下 HTTP 错误:
HTTP/1.1 301 Moved Permanently:
或者:
Got HTTP response: HTTP/1.1 302 Found
或者:
Unexpected response, try again.
该怎么办?
PS。EndPoint Security VPN 官方客户端在 Mac High Sierra 和 Windows 10 Pro 中运行良好。
我需要从 Debian Stretch amd64 VM 连接到 CheckPoint 公司 VPN。
我是从客户的角度使用它,对服务器端的技术细节了解不多。我将它与 Windows 中的 CheckPoint Mobile 客户端一起使用,并且我知道它接受与 Firefox+Java aka SSL Network Extender 的 Web VPN 连接。
我曾尝试在 Linux 的 Firefox 中打开它,但没有成功。我还研究了文本模式替代方案,即snx命令行客户端,但是 CheckPoint 文献明确指出snx,不再支持从命令行直接登录。
我做了几次测试,包括安装snxlinux 客户端snxconnect和openconnect/vpncVPN 客户端,但都没有成功。除了已经很复杂的过程之外,我还有些怀疑 CheckPoint 方面正在对用户代理进行双重检查,至少在我的情况下是这样。
该怎么办?
我需要BIND 中的dnstap支持,以便对查询答案进行一些调试,并可能在不久的将来进行统计。
如何检查 Debian9 中的bind9软件包是否在编译时支持dnstap?
请参阅相关:DNS 查询响应日志记录
我看到一些奇怪的 DNS 查询。他们似乎有来自我网络中机器的随机混合情况。
我有可能有恶意软件吗?
$ sudo tcpdump -n port 53
16:42:57.805038 192.168.5.134.47813 > 192.168.5.2.53: 27738+ A? Www.sApO.PT. (29)
16:42:57.826942 192.168.5.2.53 > 192.168.5.134.47813: 27738 1/0/0 A 213.13.146.142 (45)
16:43:02.813782 192.168.5.2.53 > 192.168.5.134.12193: 17076 1/0/0 A 213.13.146.142 (45)
16:43:06.232232 192.168.5.134.44055 > 192.168.5.2.53: 28471+ A? www.SaPo.pt. (29)
16:43:06.253887 192.168.5.2.53 > 192.168.5.134.44055: 28471 1/0/0 A 213.13.146.142 (45)
16:45:22.135751 192.168.5.134.11862 > 192.168.5.2.53: 48659+ A? wwW.cnn.COm. (29)
16:45:22.190254 192.168.5.2.53 > 192.168.5.134.11862: 48659 2/0/0 CNAME turner-tls.map.fastly.net., (84)
16:45:27.142154 192.168.5.134.34929 > 192.168.5.2.53: 25816+ A? wWw.cnN.com. (29)
16:45:27.168537 192.168.5.2.53 > 192.168.5.134.34929: 25816 2/0/0 CNAME turner-tls.map.fastly.net., (84)
16:45:32.150473 192.168.5.134.29932 > 192.168.5.2.53: 40674+ A? wWw.cnn.cOM. (29)
16:45:32.173422 192.168.5.2.53 > 192.168.5.134.29932: 40674 2/0/0 CNAME turner-tls.map.fastly.net., (84)
我在 VMWare Fusion 10 + Vagrant + High Sierra 中同时部署了 FreeBSD 10.3 和 OpenBSD 6.2 VM。
但是,它们在运行时都挂起:
sudo tcpdump -n port 53
这里发生了什么?
我正在使用 VMWare Fusion 10 + vagrant + High Sierra。
我提供了一个流浪的 FreeBSD 盒子:
$ vagrant init freebsd/FreeBSD-10.3-RELEASE
$ vagrant up --provider vmware_fusion
然后我犯了一个愚蠢的错误,失去了对虚拟机的控制/崩溃。
两者vagrant ssh和vagrant halt都vagrant destroy default不起作用。
$ vagrant halt
==> default: Attempting graceful shutdown of VM...
^C==> default: Waiting for cleanup before exiting...
^C==> default: Exiting immediately, without cleanup!
$
$ vagrant destroy default
default: Are you sure you want to destroy the 'default' VM? [y/N] y
==> default: Stopping the VMware VM...
^C==> default: Waiting for cleanup before exiting...
该怎么办?
我刚刚在 Vagrant 中安装了 HashiCorp 的 'vagrant-vmware-fusion' 5.0.4 官方插件。
我正在使用 Vagrant 和在 High Sierra 中运行的 VMWare Fusion 10。
但是,在vagrant up为 VM 执行此操作时,我遇到了错误。
正如错误消息中所建议的,我已经重新启动,但是错误仍然存在。
该怎么办?
$ vagrant up --provider vmware_fusion
Bringing machine 'default' up with 'vmware_fusion' provider...
==> default: Box 'hashicorp/precise64' could not be found. Attempting to find and install...
default: Box Provider: vmware_desktop, vmware_fusion, vmware_workstation
default: Box Version: >= 0
==> default: Loading metadata for box 'hashicorp/precise64'
default: URL: https://vagrantcloud.com/hashicorp/precise64
==> default: Adding box 'hashicorp/precise64' (v1.1.0) for provider: vmware_fusion
default: Downloading: https://vagrantcloud.com/hashicorp/boxes/precise64/versions/1.1.0/providers/vmware_fusion.box
==> default: Successfully added box 'hashicorp/precise64' (v1.1.0) for 'vmware_fusion'!
==> default: Cloning VMware VM: 'hashicorp/precise64'. This can take some time...
==> default: Checking if box 'hashicorp/precise64' is up to date...
==> default: Verifying vmnet devices are healthy...
The VMware "vmnet" devices are failing to start. The most common
reason for this is collisions with existing network services. For
example, if a hostonly network space collides with another hostonly
network (such as with VirtualBox), it will fail to start. Likewise,
if forwarded ports collide with other listening ports, it will
fail to start.
Vagrant does its best to fix these issues, but in some cases it
cannot determine the root cause of these failures.
Please verify you have no other colliding network services running.
As a last resort, restarting your computer often fixes this issue.
我在网页中的某些字符上遇到了一些问题,我们在 UTF8 中经常遇到这些问题。
我正在使用 Debian 9 运行 MySQL 5.7。我的数据库正在使用utf8字符集。
今天在调试一个mysql查询的时候,跑到SHOW WARNINGS;Message字段中看到:
Incorrect string value: '\xF0\x9D\x8C\x86' for column `xxxx`;
怎么了?
我被要求解决从已死的旧服务器恢复电子邮件备份的情况。
拥有 Maildir 文件和一些标头数据,我可以通过一些侦探工作轻松确定服务器用于运行 postfix+dovecot 的组合,这与我所说的 postfix+courier 相反。
所以我用 Postfix 3.1.6 和 dovecot-imapd 2.2.27 设置了一个 Debian 9 服务器。
经过几次调整,我们已经看到了这些文件夹,但是电子邮件看起来是乱码。
检查 cur 和 new 目录,电子邮件文件看起来是正常的 Maildir 格式,但打开它们似乎是乱码。
运行命令file以查找消息均采用 gzip 压缩格式。
这里发生了什么,我是否给了我一个备份,管理员在备份之前压缩了所有邮箱消息文件?
我尝试sha256sum在 High Sierra 中使用;我试图用 安装它MacPorts,如:
sudo port install sha256sum
那没起效。
该怎么办?
我在这里有一个 POSIX tar 存档调用Debian9.ova。
有趣的是,tar在 MacOS High Sierra 中列出它,显示:
$ tar -tvf Debian9.ova
-rw-r--r-- 0 someone someone 5344 26 Feb 13:57 Debian9.ovf
-rw-r--r-- 0 someone someone 179 26 Feb 13:57 Debian9.mf
-rw-r--r-- 0 someone someone 2113245184 26 Feb 13:59 Debian9-disk1.vmdk
现在有趣的一点是,我没有someone用户和组。
$ id someone
id: someone: no such user
用 列出它--numeric-owner,它显示为uid64 和gid64,这显然不存在于我的系统中。
$ tar -tvf Debian9.ova --numeric-owner
-rw-r--r-- 0 64 64 5344 26 Feb 13:57 Debian9.ovf
-rw-r--r-- 0 64 64 179 26 Feb 13:57 Debian9.mf
-rw-r--r-- 0 64 64 2113245184 26 Feb 13:59 Debian9-disk1.vmdk
列出系统中的用户没有找到somebody用户:
dscl . list /Users | grep someone
那么someone从哪里来?当它发现一个未知的和时,它是一个tar“特征”吗?uidgid
PS。在debian中只是为了比较:
$ tar -tvf a.tar
-rw-r--r-- 64/64 3212 2018-02-27 02:01 dead.letter
$ bsdtar -tvf a.tar
-rw-r--r-- 0 64 64 3212 Feb 27 02:01 dead.letter