Category: Linux

  • Out Of Memory (OOM) Error

    Out Of Memory (OOM) Error

    OOM (Out Of Memory) error happens when a server run out of Memory. When a server runs out of memory, processes get randomly killed to free up memory. This will result in the service that gets killed stop functioning.

    How to avoid OOM Error

    Here are a few things you can do to avoid server running out of memory.

    • Reduce memory usage by your application if possible. Poorly coded applications can use a lot of memory, and cause memory leaks.
    • Upgrade Memory (RAM). Adding more RAM to the server helps.
    • Add Virtual Memory. You can add swap, this will use your disk as memory, it is slower than RAM, but help to avoid OOM when the server runs out of memory.

    To see if your server had OOM error, run

    Debian/Ubuntu

    grep -i oom /var/log/syslog*
    

    RHEL/AlmaLinux

    grep -i oom /var/log/messages*
    cat /var/log/messages* | grep 'Out of memory'
    

    Back to Errors

  • odoo Unable to find Wkhtmltopdf on this system

    odoo Unable to find Wkhtmltopdf on this system

    On an odoo installation, I got the error “Unable to find Wkhtmltopdf on this system”, when generating reports.

    odoo Wkhtmltopdf error

    This error was because server had old version of wkhtmltopdf installed.

    You can download and install latest version of wkhtmltopdf from

    https://wkhtmltopdf.org/downloads.html

    On Ubuntu 20.04, the error is fixed by

    Remove currently installed wkhtmltox

    apt remove --purge wkhtmltox
    

    Install newer version

    wget https://github.com/wkhtmltopdf/packaging/releases/download/0.12.6.1-2/wkhtmltox_0.12.6.1-2.jammy_amd64.deb
    dpkg -i wkhtmltox_0.12.6.1-2.jammy_amd64.deb
    

    Create a symlink

    rm -f /usr/bin/wkhtmltopdf
    ln -s /usr/local/bin/wkhtmltopdf /usr/bin/wkhtmltopdf
    

    Restart odoo

    systemctl restart odoo
    
  • apt error doesn’t support architecture ‘i386’

    apt error doesn’t support architecture ‘i386’

    On an Ubuntu server, when running “apt update” command, I got the following error message

    root@s196379:~# apt update
    Hit:1 http://mirror.fcix.net/ubuntu focal InRelease
    Hit:2 http://mirror.fcix.net/ubuntu focal-updates InRelease                
    Hit:3 http://security.ubuntu.com/ubuntu focal-security InRelease           
    Hit:4 https://mirror.rackspace.com/mariadb/repo/10.5/ubuntu focal InRelease
    Reading package lists... Done
    Building dependency tree       
    Reading state information... Done
    All packages are up to date.
    N: Skipping acquire of configured file 'main/binary-i386/Packages' as repository 'https://mirror.rackspace.com/mariadb/repo/10.5/ubuntu focal InRelease' doesn't support architecture 'i386'
    root@s196379:~# 
    

    This error is because the repository do not support i386. To fix the error, edit the file

    vi /etc/apt/sources.list
    

    Find

    deb https://mirror.rackspace.com/mariadb/repo/10.5/ubuntu focal main
    

    Replace with

    Find

    deb [arch=amd64] https://mirror.rackspace.com/mariadb/repo/10.5/ubuntu focal main
    

    Solution 2: Remove i386 support

    Check your architecture

    dpkg --print-architecture 
    

    If you are using 64 bit OS, you will see amd64.

    Check if multiarch is enabled

    dpkg --print-foreign-architectures
    

    If you get “i386”, you have multiarch enabled.

    If you don’t have any i386 applications running, you can remove i386 support with

    dpkg --remove-architecture i386
    

    If you want to enable i386 support, you can run

    dpkg --add-architecture i386
    

    Back to apt

  • Failed to mount /sysroot XFS Boot failure

    Failed to mount /sysroot XFS Boot failure

    On an Amazon EC2 server, the server won’t boot. On checking the serial console, the server was stuck with an error message

    [FAILED] Failed to mount /sysroot
    See 'systemctl status sysroot.mount' for details.
    

    Failed to mount /sysroot

    I created a new EC2 instance in the same region as the current server, detached the disk, and attached it to the new EC2 instance. When I try to mount the disk, it just hangs and i have to reboot the EC2 instance.

    Used parted -l command to see the disk details.

    parted command

    The disk file system is XFS. Checked the disk with the command

    xfs_repair -v DEVICE_NAME_HERE
    

    In this case DEVICE_NAME is /dev/nvme1n1p1.

    xfs_repair command

    The disk has errors. Fixed it by running the command

    xfs_repair -v -L /dev/nvme1n1p1
    

    See HDD

  • How to install PPTP VPN on Rocky Linux 8

    How to install PPTP VPN on Rocky Linux 8

    PPTP on Rocky Linux is provided by the EPEL repository, so enable EPEL repo by running

    dnf install epel-release -y
    

    Install the pptpd package

    dnf install -y pptpd
    

    Edit file

    vi /etc/pptpd.conf
    

    At end of the file, add

    localip 10.0.0.1
    remoteip 10.0.0.100-200
    

    Edit file

    vi /etc/ppp/options.pptpd
    

    At the end, add

    ms-dns 1.1.1.1
    ms-dns 8.8.8.8
    

    Start PPTPD VPN

    To set PPTPD VPN server to start on boot, run

    systemctl enable pptpd
    

    To start VPN

    systemctl start pptpd
    

    To stop VPN

    systemctl stop pptpd
    

    To check status, run

    systemctl status pptpd
    

    Create a VPN user

    To create a VPN user, edit the file

    vi /etc/ppp/chap-secrets
    

    Inside you can add your VPN user and password. For example

    serverok   pptpd   ooyeegei8Ienai      *
    

    This will create a VPN user with the username “serverok” and password “ooyeegei8Ienai”.

    After adding a user you need to restart the PPTPD service with the command

    systemctl restart pptpd
    

    Confire firewall to allow VPN connection

    Install firewalld with command

    dnf install firewalld -y
    

    Enable and start firewalld

    systemctl enable firewalld
    systemctl start firewalld
    systemctl status firewalld
    

    Open ports needed for PPTPD VPN on the firewall

    firewall-cmd --permanent --zone=public --add-port=1723/tcp
    firewall-cmd --permanent --add-rich-rule='rule protocol value="gre" accept'
    firewall-cmd --permanent --zone=public --add-masquerade
    firewall-cmd --reload
    

    Enable IP forwarding by editing the file

    vi /etc/sysctl.conf
    

    In the file, add

    net.ipv4.ip_forward = 1
    

    Run

    sysctl -p
    

    See PPTPD VPN

  • Allow PPTP VPN connection on firewalld

    Allow PPTP VPN connection on firewalld

    To allow PPTP VPN connection when using firewalls, run the following commands.

    Allow 1723/tcp

    sudo firewall-cmd --permanent --zone=public --add-port=1723/tcp
    

    Allow gre protocol

    firewall-cmd --permanent --add-rich-rule='rule protocol value="gre" accept'
    

    or

    sudo firewall-cmd --permanent --zone=public --direct --add-rule ipv4 filter INPUT 0 -p gre -j ACCEPT
    sudo firewall-cmd --permanent --zone=public --direct --add-rule ipv6 filter INPUT 0 -p gre -j ACCEPT
    

    Enable IP masquerade

    sudo firewall-cmd --permanent --zone=public --add-masquerade
    

    Reload firewall.

    sudo firewall-cmd --reload
    

    See firewalld

  • DevOps

    DevOps

    Autodeploy

    https://www.cyclic.sh
    https://tekton.dev/docs/getting-started/ – CI/CD

    CircleCI

    It is a cloud-based CI/CD service that can be used to build, test, and deploy applications. CircleCI supports multiple programming languages and platforms. Free plan allow up to 6,000 build minutes and 5 active users per month. Build for Docker, Windows, Linux, Arm, and macOS or on your own compute with self-hosted runners.

    https://circleci.com

  • How to take screenshot with ffmpeg

    How to take screenshot with ffmpeg

    ffmpeg provides x11grab driver that can be used to take screenshots.

    You can use the following command to take screenshots, you can run it manually on the terminal or using cronjob

    export DISPLAY=:1
    ffmpeg -f x11grab -video_size 1920x1080 -i $DISPLAY -vframes 1 image.png
    

    If you want to make a thumbnail from a video, you can use

    ffmpeg -ss 00:01:00 -i video.mp4 -vframes 1 image.png
    

    You can change 00:01:00 to whatever time you need to generate a thumbnail.

    See ffmpeg

  • pvcreate Device /dev/sdb excluded by a filter

    pvcreate Device /dev/sdb excluded by a filter

    When creating LVM physical volume with the command “pvcreate”, I got the following error

    root@sok1 ~ # pvcreate /dev/sdb
      Device /dev/sdb excluded by a filter.
    root@sok1 ~ #
    

    This disk was previously used as a software raid.

    To fix the error message, run

    wipefs -a /dev/sdX
    

    Example

    root@sok1 ~ # pvcreate /dev/sdb
      Device /dev/sdb excluded by a filter.
    root@sok1 ~ # wipefs -a /dev/sdb
    /dev/sdb: 8 bytes were erased at offset 0x00000200 (gpt): 45 46 49 20 50 41 52 54
    /dev/sdb: 8 bytes were erased at offset 0xe8d7ffffe00 (gpt): 45 46 49 20 50 41 52 54
    /dev/sdb: 2 bytes were erased at offset 0x000001fe (PMBR): 55 aa
    /dev/sdb: calling ioctl to re-read partition table: Success
    root@sok1 ~ # pvcreate /dev/sdb
      Physical volume "/dev/sdb" successfully created.
    root@sok1 ~ # 
    

    pvcreate mdadm error

    See HDD, pvcreate

  • SSH Server refused our key

    SSH Server refused our key

    I got the following error when logging in to a server using SSH key authentication.

    Server refused our key
    

    I checked the log file

    tail /var/log/secure
    

    found following error

    May 11 17:45:31 server58 sshd[18483]: Authentication refused: bad ownership or modes for file /home/video/.ssh/authorized_keys
    

    The problem is fixed by setting proper permission for the .ssh folder and key file.

    chmod 600 ~/.ssh
    chmod 600 ~/.ssh/authorized_keys
    

    See SSH

  • How to create public key from SSH private key?

    How to create public key from SSH private key?

    Lost SSH public key, don’t worry, you can generate it from your private key file. If you have an SSH private key, you can generate the public key using the ssh-keygen command.

    ssh-keygen -f PRIVATE_KEY_HERE -y
    

    -y option will read a private OpenSSH format file and print an OpenSSH public key to stdout.
    -f specifies the location of your private key file.

    Example

    ssh-keygen generate public key

    If you have passphrase set, ssh-keygen will prompt for the password.

    root@ee:~/my-key# ssh-keygen -f boby.pem -y
    Enter passphrase: 
    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDAEF0dvZOurGujYDucipjXjM2mHE+BFO91HGZKRU/RkpS1ZDzQiA164yev9eoxZRTHHnxb46TWfoLeHy8nEwa+BkijxBnaCkU2GlC9oFInSnCHLUuas87c/EBJ4KTcjfoZ+Ocxjn0MP0T4YsSzwIU1v8deH7t7/zQJW733DyVls0wDlRTgHGzlldBnrzF9dSNMRMXQuhl+rcQtIapfrjVPZGlkQfh7yCUJf2oK10l9I01zrITdwlzqao1732AtdXt6GlHz6016mWfzjLGX/RGnkj1+5XEYYa9IIQRN7IXhNwcgzDybI0OLsioeKapSprWhs9Ftx14csyC/7PXHuf+50vDOs26NM3BsFuwUB6R0Tkm88uJeDj/HAwlDlowFk8GIYU4WIZr85g1TUeV0eXwjFc3wEgLBO7b6VbBXDRpnhOec8Lnmpj1BUK4Bp4z27PuxhGj5CUnc096ZDOit3EzOeOfAzanFrtlT+td/GmS0GJ0hhBs+6u9aLdiKE28Oies= root@ee
    root@ee:~/my-key# 
    

    See SSH, ssh-keygen

  • How to check if ImageMagick is installed?

    How to check if ImageMagick is installed?

    How to find ImageMagick is installed on the server, run

    which convert
    

    Usually, it will be installed at – /usr/bin/convert

    ImageMagick convert  location
    On Ubuntu/Debian, you can run the command

    dpkg -l | grep imagemagick
    

    ImageMagic Ubuntu dpkg

    On RHEL/CentOS/AlmaLinux, use the command

    yum list | grep -i image 
    

    To find the version of ImageMagick installed on your computer, run

    convert -version
    

    ImageMagick find version

    Back to ImageMagick