Login to the server as root and install vsftpd with yum install vsftpd ftp -y Use vi editor to open /etc/vsftpd/vsftpd.conf [vi /etc/vsftpd/vsftpd.conf] and add/change following options: anonymous_enable=NO ascii_upload_enable=YES ascii_download_enable=YES use_localtime=YES Enable and start the vsftpd service. systemctl enable vsftpd systemctl start vsftpd Allow the ftp service and port 21 via firewall. firewall-cmd --permanent --add-port=21/tcp …

Read more

After error IOError: [Errno 1] Operation not permitted: '/etc/pam.d/system-auth' , the server drops to emergency mode. To resolve this issue, Unset the immutable bit on system-auth-ac [This is symlink to /etc/pam.d/password-auth] with chattr -i /etc/pam.d/system-auth-ac

Read more

Use podman to create new network podman network create Check under /etc/cni/net.d/ you will find file /etc/cni/net.d/cni-podman-2.conflist In your favorite file editor open /usr/share/containers/libpod.conf Change line cni_default_network = "podman" in configuration file /usr/share/containers/libpod.conf to cni_default_network = "cni-podman2" Reboot server Restart container with podman start discovery dsc-db Check the network status. A new network cni-podman2 will be …

Read more

The server crashes due to an invalid pointer when executing an I/O generating from the aio code. A discrepancy with how the kernel updates the tail pointer with memory-mapped aio queues can corrupt the tracking of aio I/O operations. This causes aio queues killed prematurely while I/O operations are still active. To resolve this error, …

Read more

Add following settings in /etc/multipath.conf defaults { polling_interval 5 no_path_retry 4 find_multipaths yes checker_timeout 5 max_fds 8192 fast_io_fail_tmo 4 dev_loss_tmo 19 user_friendly_names yes } Reload multipath service with service multipathd reload

Read more

This article will discuss, where the Ansible configuration files are located and how Ansible selects them and how we can edit default settings. Configuring Ansible: The Ansible behavior can be customized by modifying settings in the Ansible configuration files. Ansible chooses its configuration file from one of many locations on the control node.  /etc/ansible/ansible.cfg This …

Read more

Multiple bonding modes in a Linux operating system are given below: balance-alb (fault tolerance and load balancing) balance-tlb (fault tolerance and load balancing) active-backup (fault tolerance) broadcast (fault tolerance) balance-rr (fault tolerance and load balancing) 802.3ad (fault tolerance and load balancing) balance-xor (fault tolerance and load balancing) We will use Network Manager CLI to add …

Read more

Mount NFS share on NFS clients without cache. First, unmount NFS share and then remount NFS share with noac and lookupcache=none

Read more

The kickstart automatic installation of the Linux operating system fails but the normal install is successful. To resolve this issue follow the steps given below: Add clearpart --all --drives=${devname} --initlabel in kickstart disk section. This will delete partition table of disk. If the above option does not resolve the issue add zerombr option above clearpart …

Read more

Add -w /NFS-MOUNT/ -p wa -k NFS-MOUNT line at the end of file /etc/audit/audit.rules [root@COMPUTE ~]# cat /etc/audit/audit.rules ## This file is automatically generated from /etc/audit/rules.d -D -b 8192 -f 1 -w /NFS-MOUNT/ -p wa -k NFS-MOUNT Execute the following command to restart auditd service service auditd restart

Read more

This error is resolved by upgrading the directory server base package in your Linux operating system. The issue arises because of an unindexed search. Check directory server logs for details.

Read more

In spite of /usr/lib/cups/daemon/cups-lpd denial to read access sock_file cups.sock, cups-lpd will successfully migrate print jobs received via LPD to the local CUPS server. You can either ignore this issue or create a custom SELinux policy module. The steps to create a custom SELinux policy module are listed below: yum -y install setools-console yum-utils policycoreutils-devel …

Read more

If attackers request using your CGI script open an outgoing network connection than this can be redirected to attackers controlled proxy. This can lead to denial of service and potentially occurs while using httpd mod_cgi This issue can be resolved via mod_header in httpd configuration. RequestHeader unset Proxy early

Read more

IPv6 requires ICMPv6 neighbour solicitation and neighbour advertisement packets to create IPv6 connectivity. These packets are used to resolve IPv6 addresses to link-layer (ethernet). Add new icmptypes for neighbour solicitation and neighbour advertisement firewall-cmd --permanent --new-icmptype=neighbour-solicitation firewall-cmd --permanent --new-icmptype=neighbour-advertisement Remove destination IPv4 firewall-cmd --permanent --icmptype=neighbour-solicitation --remove-destination=ipv4 firewall-cmd --permanent --icmptype=neighbour-advertisement --remove-destination=ipv4 Attach icmptypes to the –zone=drop …

Read more