Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > The Linux Questions Thread: a bunch of pitfalls, but technically it's possible
«1040 »
 
  • Post
  • Reply
Kilson
Jan 16, 2003

I EAT LITTLE CHILDREN FOR BREAKFAST !!11!!1!!!!111!
I'm not even sure what the gateway is. Route shows a bunch of crap:

code:
[root@dut ~]# ip -6 route
unreachable ::/96 dev lo  metric 1024  error -101 mtu 65536 advmss 65476 hoplimit 4294967295
unreachable ::ffff:0.0.0.0/96 dev lo  metric 1024  error -101 mtu 65536 advmss 65476 hoplimit 4294967295
unreachable 2002:a00::/24 dev lo  metric 1024  error -101 mtu 65536 advmss 65476 hoplimit 4294967295
unreachable 2002:7f00::/24 dev lo  metric 1024  error -101 mtu 65536 advmss 65476 hoplimit 4294967295
unreachable 2002:a9fe::/32 dev lo  metric 1024  error -101 mtu 65536 advmss 65476 hoplimit 4294967295
unreachable 2002:ac10::/28 dev lo  metric 1024  error -101 mtu 65536 advmss 65476 hoplimit 4294967295
unreachable 2002:c0a8::/32 dev lo  metric 1024  error -101 mtu 65536 advmss 65476 hoplimit 4294967295
unreachable 2002:e000::/19 dev lo  metric 1024  error -101 mtu 65536 advmss 65476 hoplimit 4294967295
2600:c12:6002:6::/64 dev eth0  proto kernel  metric 256  expires 2591588sec mtu 1500 advmss 1440 hoplimit 4294967295
unreachable 3ffe:ffff::/32 dev lo  metric 1024  error -101 mtu 65536 advmss 65476 hoplimit 4294967295
fe80::/64 dev eth0  proto kernel  metric 256  mtu 1500 advmss 1440 hoplimit 4294967295
default via fe80::a64c:11ff:fee4:dac0 dev eth0  proto kernel  metric 1024  expires 1782sec mtu 1500 advmss 1440 hoplimit 64
default via fe80::ea04:62ff:fe1d:8400 dev eth0  proto kernel  metric 1024  expires 1782sec mtu 1500 advmss 1440 hoplimit 64
Also, it seems I can only ping a couple of the Google IPv6 addresses, all the others just timeout. 2607:f8b0:4003:c05::64 and 2607:f8b0:4003:c05::66 work, whereas ::65, ::8b, ::8a and others do not. Not sure what to make of that.

* # ? Jan 26, 2016 23:55
  • Quote
Adbot
ADBOT LOVES YOU

# ? Jun 6, 2024 11:48
  • Quote
Thanks Ants
May 21, 2004

#essereFerrari


 It looks like you've got two things on your network that are presenting themselves as gateways (the fe80 link-local addresses). Can you browse to either of them and get a web page up to see what's going on?

* # ? Jan 27, 2016 00:41
  • Quote
evol262
Nov 30, 2010
#!/usr/bin/perl

Kilson posted:

I'm not even sure what the gateway is. Route shows a bunch of crap:

Beyond what Thanks Ants said, "default via..." is the gateway, generally.

* # ? Jan 27, 2016 01:47
  • Quote
Bearnt!
Feb 6, 2004

No onions, no onions
Excuse my ignorance with this. I am trying to give an FTP user access to a directory outside of their home by doing the following...

code:
mkdir share/homes/user1/files/
mount --bind share/homes/administrator/website/user1/files share/homes/user1/files/
Logging in as the admin FTP this works exactly as it should. I am able to navigate to their folder and read/write the directory and files. When I login as the users FTP account I am able to view the directory but attempting to open it returns a "Error: Failed to retrieve directory listing" from the FTP client. Some kind of permissions error I'm guessing and I probably missed a step somewhere. Using proftpd if that makes a difference. Any help would be greatly appreciated, thanks!

edit: Yep permissions, sorted out

Bearnt! fucked around with this message at 07:43 on Jan 27, 2016

* # ? Jan 27, 2016 02:49
  • Quote
Kilson
Jan 16, 2003

I EAT LITTLE CHILDREN FOR BREAKFAST !!11!!1!!!!111!

Thanks Ants posted:

It looks like you've got two things on your network that are presenting themselves as gateways (the fe80 link-local addresses). Can you browse to either of them and get a web page up to see what's going on?

I can't even ping them, it says they're invalid for some reason.

[root@dut ~]# ping6 fe80::a64c:11ff:fee4:dac0
connect: Invalid argument

Trying to browse to them comes up with nothing, and they don't seem to respond to ssh either. No idea what those are or where they came from.

* # ? Jan 27, 2016 16:34
  • Quote
evol262
Nov 30, 2010
#!/usr/bin/perl
fe80 is link-local. You need to ping with -I $dev to ping them. It's possibly (probably) the link-local address of your router. How are you configuring ipv6? 6to4? ISP-provided?

* # ? Jan 27, 2016 16:42
  • Quote
Kilson
Jan 16, 2003

I EAT LITTLE CHILDREN FOR BREAKFAST !!11!!1!!!!111!

evol262 posted:

fe80 is link-local. You need to ping with -I $dev to ping them. It's possibly (probably) the link-local address of your router. How are you configuring ipv6? 6to4? ISP-provided?

Ahh, I see, I can ping them when I do that. I think we're supposed to have some ISP-provided global IPv6 address, not 6to4 or any kind of translation.

* # ? Jan 27, 2016 16:53
  • Quote
thebigcow
Jan 3, 2001

Bully!

Kilson posted:

Ahh, I see, I can ping them when I do that. I think we're supposed to have some ISP-provided global IPv6 address, not 6to4 or any kind of translation.

I think he means is it configured through SLAAC, DHCPv6., or are you punching in numbers. Link local addresses for routers is normal.

* # ? Jan 27, 2016 17:49
  • Quote
Kilson
Jan 16, 2003

I EAT LITTLE CHILDREN FOR BREAKFAST !!11!!1!!!!111!

thebigcow posted:

I think he means is it configured through SLAAC, DHCPv6., or are you punching in numbers. Link local addresses for routers is normal.

I really have no idea how it happens. I've tried IPV6_AUTOCONF=yes and let it get/generate(?) its own address, and I've tried IPV6_AUTOCONF=no and putting in an address manually. Either one seems like it can work in a limited fashion, but I have weird inconsistent results trying to reach external addresses and I've had problems with external entities reaching my machine, regardless of which configuration options I choose.

Sorry if I'm not answering the questions very well, my knowledge with IPv6 is quite limited. I know that in Windows, IPv6 just works - not sure why it's proving to be so difficult in Linux. :(


edit: My guess is that it's using SLAAC when I set it to autoconfigure. It's generating an address based on the prefix we're supposed to have, given by the ISP, and the MAC address of the interface.

Kilson fucked around with this message at 18:05 on Jan 27, 2016

* # ? Jan 27, 2016 18:02
  • Quote
evol262
Nov 30, 2010
#!/usr/bin/perl
You have two default routes on the same interface. This is ok if you have multiple interfaces (or multiple addresses on the same link), since the kernel is smart enough to respond based on the source. It's not ok if they're on the same NIC (you'll have ARP problems)

Please paste "ip -6 addr show dev eth0"

You should probably also try checking for router advertisements with tcpdump or wireshark (they come in 2-3 times per minute, so it shouldn't take long). It's ok to get multiple SLAAC addresses. It's not ok to have multiple gateways. Try connecting to each to see which is the router you want and block the other one, then find the rogue system with radvd or whatever's advertising.

* # ? Jan 27, 2016 18:23
  • Quote
Kilson
Jan 16, 2003

I EAT LITTLE CHILDREN FOR BREAKFAST !!11!!1!!!!111!
code:
[root@dut ~]# ip -6 addr show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
    inet6 2600:c12:6002:6:250:56ff:fe87:4b47/64 scope global dynamic
       valid_lft 2591773sec preferred_lft 604573sec
    inet6 fe80::250:56ff:fe87:4b47/64 scope link
       valid_lft forever preferred_lft forever
Here's some traffic:

code:
[root@dut ~]# tcpdump -i eth0 -vv -A ip6
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
11:39:06.904500 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::250:56ff:fe87:4b47 > fe80::a64c:11ff:fee4:dac0: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fe80::a64c:11ff:fee4:dac0
          source link-address option (1), length 8 (1): 00:50:56:87:4b:47
            0x0000:  0050 5687 4b47
`.... :..........PV...KG.........L.......................L.........PV.KG
11:39:06.905012 IP6 (class 0xe0, hlim 255, next-header ICMPv6 (58) payload length: 24) fe80::a64c:11ff:fee4:dac0 > fe80::250:56ff:fe87:4b47: [icmp6 sum ok] ICMP6, neighbor advertisement, length 24, tgt is fe80::a64c:11ff:fee4:dac0, Flags [router, solicited]
n.....:..........L...............PV...KG...'.............L......
11:39:11.957046 IP6 (class 0xe0, hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::a64c:11ff:fee4:dac0 > fe80::250:56ff:fe87:4b47: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fe80::250:56ff:fe87:4b47
          source link-address option (1), length 8 (1): a4:4c:11:e4:da:c0
            0x0000:  a44c 11e4 dac0
n.... :..........L...............PV...KG.................PV...KG...L....
11:39:11.957081 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 24) fe80::250:56ff:fe87:4b47 > fe80::a64c:11ff:fee4:dac0: [icmp6 sum ok] ICMP6, neighbor advertisement, length 24, tgt is fe80::250:56ff:fe87:4b47, Flags [solicited]
`.....:..........PV...KG.........L........c.@............PV...KG
11:39:51.905502 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::250:56ff:fe87:4b47 > fe80::a64c:11ff:fee4:dac0: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fe80::a64c:11ff:fee4:dac0
          source link-address option (1), length 8 (1): 00:50:56:87:4b:47
            0x0000:  0050 5687 4b47
`.... :..........PV...KG.........L.......................L.........PV.KG
11:39:51.909582 IP6 (class 0xe0, hlim 255, next-header ICMPv6 (58) payload length: 24) fe80::a64c:11ff:fee4:dac0 > fe80::250:56ff:fe87:4b47: [icmp6 sum ok] ICMP6, neighbor advertisement, length 24, tgt is fe80::a64c:11ff:fee4:dac0, Flags [router, solicited]
n.....:..........L...............PV...KG...'.............L......
11:39:56.969670 IP6 (class 0xe0, hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::a64c:11ff:fee4:dac0 > fe80::250:56ff:fe87:4b47: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fe80::250:56ff:fe87:4b47
          source link-address option (1), length 8 (1): a4:4c:11:e4:da:c0
            0x0000:  a44c 11e4 dac0
n.... :..........L...............PV...KG.................PV...KG...L....
11:39:56.969703 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 24) fe80::250:56ff:fe87:4b47 > fe80::a64c:11ff:fee4:dac0: [icmp6 sum ok] ICMP6, neighbor advertisement, length 24, tgt is fe80::250:56ff:fe87:4b47, Flags [solicited]
`.....:..........PV...KG.........L........c.@............PV...KG
I guess based on this that the gateway should be this :dac0 address? However, if I try to set either one of the supposed gateway addresses manually as the default, then ip -6 route just shows it duplicated in that section:
code:
default via fe80::a64c:11ff:fee4:dac0 dev eth0  metric 1  mtu 1500 advmss 1440 hoplimit 4294967295
default via fe80::ea04:62ff:fe1d:8400 dev eth0  proto kernel  metric 1024  expires 1792sec mtu 1500 advmss 1440 hoplimit 64
default via fe80::a64c:11ff:fee4:dac0 dev eth0  proto kernel  metric 1024  expires 1792sec mtu 1500 advmss 1440 hoplimit 64
Also, when I do this, then I can't reach anything external at all.


edit: If I manually remove the extra entries from the routing table, to leave only one default, the behavior seems identical with either address. I can only ping some of the ipv6.google.com addresses, and I can't reach other external addresses I need to access.

Kilson fucked around with this message at 19:23 on Jan 27, 2016

* # ? Jan 27, 2016 18:54
  • Quote
evol262
Nov 30, 2010
#!/usr/bin/perl
Those are only neighbors. dac0 isn't sending router adverts (that I see here)

And you only have one link-local address, which is good.

Try:

tcpdump -i eth0 ip6 and icmp6

And look for router advertisements. Not neighbors.

You can restrict this with:

tcpdump -i eth0 ip6 and icmp6 and ip6[40] == 134

Are you sure your router is configured correctly? Is it a consumer thing, or can you actually log in and check it there?

* # ? Jan 27, 2016 19:36
  • Quote
Kilson
Jan 16, 2003

I EAT LITTLE CHILDREN FOR BREAKFAST !!11!!1!!!!111!

evol262 posted:

Those are only neighbors. dac0 isn't sending router adverts (that I see here)

And you only have one link-local address, which is good.

Try:

tcpdump -i eth0 ip6 and icmp6

And look for router advertisements. Not neighbors.

You can restrict this with:

tcpdump -i eth0 ip6 and icmp6 and ip6[40] == 134

Are you sure your router is configured correctly? Is it a consumer thing, or can you actually log in and check it there?

I assumed that the packets that had flag [router, solicited] meant it was some kind of router.

This is a machine at some datacenter, so I don't have any access to any of the routing infrastructure. I would have to assume they've set it up correctly, but who knows.

I don't receive any packets at all when I use the second dump, and with the first one I don't see anything that says it's a router advertisement.

* # ? Jan 27, 2016 20:01
  • Quote
salisbury shake
Dec 27, 2011
 Ran into a permission or possible disk error.

Bash code:
root@my_hostname:/mnt/Storage/BitTorrent/.incomplete$ chown -R my_username:my_group Warpaint\ -\ The\ Fool\ -\ 2010\ v0/
root@my_hostname:/mnt/Storage/BitTorrent/.incomplete$ ls -lah Warpaint\ -\ The\ Fool\ -\ 2010\ v0/
total 78M
drw-rw-rw- 1 my_username  334 Mar 14  2014 ./
drwxrwxr-x 1 my_username 6.1K Jan 26 13:46 ../
-rw-rw-rw- 1 my_username 8.4M Jan 21 03:55 01 - Set Your Arms Down.mp3
-rw-rw-rw- 1 my_username  11M Jan 21 03:55 02 - Warpaint.mp3
-rw-rw-rw- 1 my_username  11M Jan 21 03:55 03 - Undertow.mp3
-rw-rw-rw- 1 my_username 7.3M Jan 21 03:55 04 - Bees.mp3
-rw-rw-rw- 1 my_username 6.2M Jan 21 03:55 05 - Shadows.mp3
-rw-rw-rw- 1 my_username 7.7M Jan 21 03:55 06 - Composure.mp3
-rw-rw-rw- 1 my_username 8.3M Jan 21 03:55 07 - Baby.mp3
-rw-rw-rw- 1 my_username  11M Jan 21 03:55 08 - Majesty.mp3
-rw-rw-rw- 1 my_username 8.7M Jan 21 03:55 09 - Lissie's Heart Murmur.mp3

root@my_hostname:/mnt/Storage/BitTorrent/.incomplete$ su my_username
my_username@my_hostname:/mnt/Storage/BitTorrent/.incomplete$ ls -lah Warpaint\ -\ The\ Fool\ -\ 2010\ v0/
ls: cannot access Warpaint - The Fool - 2010 v0/.: Permission denied
ls: cannot access Warpaint - The Fool - 2010 v0/..: Permission denied
ls: cannot access Warpaint - The Fool - 2010 v0/01 - Set Your Arms Down.mp3: Permission denied
ls: cannot access Warpaint - The Fool - 2010 v0/02 - Warpaint.mp3: Permission denied
ls: cannot access Warpaint - The Fool - 2010 v0/08 - Majesty.mp3: Permission denied
ls: cannot access Warpaint - The Fool - 2010 v0/03 - Undertow.mp3: Permission denied
ls: cannot access Warpaint - The Fool - 2010 v0/07 - Baby.mp3: Permission denied
ls: cannot access Warpaint - The Fool - 2010 v0/05 - Shadows.mp3: Permission denied
ls: cannot access Warpaint - The Fool - 2010 v0/04 - Bees.mp3: Permission denied
ls: cannot access Warpaint - The Fool - 2010 v0/09 - Lissie's Heart Murmur.mp3: Permission denied
ls: cannot access Warpaint - The Fool - 2010 v0/06 - Composure.mp3: Permission denied
total 0
d????????? ? ? ?            ? ./
d????????? ? ? ?            ? ../
-????????? ? ? ?            ? 01 - Set Your Arms Down.mp3
-????????? ? ? ?            ? 02 - Warpaint.mp3
-????????? ? ? ?            ? 03 - Undertow.mp3
-????????? ? ? ?            ? 04 - Bees.mp3
-????????? ? ? ?            ? 05 - Shadows.mp3
-????????? ? ? ?            ? 06 - Composure.mp3
-????????? ? ? ?            ? 07 - Baby.mp3
-????????? ? ? ?            ? 08 - Majesty.mp3
-????????? ? ? ?            ? 09 - Lissie's Heart Murmur.mp3

my_username@my_hostname:/mnt/Storage/BitTorrent/.incomplete$ ls -lah .
total 0
drwxrwxr-x 1 my_username 6.1K Jan 26 13:46 ./
drwxrwxrwx 1 my_username  17K Jan 22 07:17 ../
drw-rw-rw- 1 my_username  334 Mar 14  2014 Warpaint - The Fool - 2010 v0/

root@my_hostname:/mnt/Storage/BitTorrent/.incomplete$ mount | grep /mnt/Storage
/dev/sdc2 on /mnt/Storage type btrfs (rw,relatime,compress=lzo,space_cache,autodefrag)

root@my_hostname:/mnt/Storage/BitTorrent/.incomplete$ btrfs scrub status /mnt/Storage/BitTorrent
scrub status for my_disk_uuid
        scrub started at Wed Jan 27 14:23:56 2016 and finished after 2906 seconds
        total bytes scrubbed: 356.89GiB with 0 errors
Any idea what I could be doing wrong here?

* # ? Jan 27, 2016 22:10
  • Quote
Saukkis
May 16, 2003

Unless I'm on the inside curve pointing straight at oncoming traffic the high beams stay on and I laugh at your puny protest flashes.
I am Most Important Man. Most Important Man in the World.

salisbury shake posted:

my_username@my_hostname:/mnt/Storage/BitTorrent/.incomplete$ ls -lah .
total 0
drwxrwxr-x 1 my_username 6.1K Jan 26 13:46 ./
drwxrwxrwx 1 my_username 17K Jan 22 07:17 ../
drw-rw-rw- 1 my_username 334 Mar 14 2014 Warpaint - The Fool - 2010 v0/


Any idea what I could be doing wrong here?

Directories need the x permission. Try 'chmod 777 "Warpaint - The Fool - 2010 v0"'.

* # ? Jan 27, 2016 22:44
  • Quote
Curdy Lemonstan
Jan 25, 2012

by zen death robot
Hollllyy shiit. Ive been fighting with my computer for 7 hourd trying to install ubuntu on a newly aquired lovely aspire ES 13 (ES1-331-C5M9) and it is like trying to shove a spoonful of porridge in your spoiled bratty childs mouth. I'm also retarded. Usually a kernel panic error pops up as a passive aggressive gently caress you from the boot log. Something about IO-APIC + timer not working. Is there anyway to fix it before I go all "office space" on this bitch?

* # ? Jan 27, 2016 22:46
  • Quote
evol262
Nov 30, 2010
#!/usr/bin/perl

Kilson posted:

I assumed that the packets that had flag [router, solicited] meant it was some kind of router.

This is a machine at some datacenter, so I don't have any access to any of the routing infrastructure. I would have to assume they've set it up correctly, but who knows.

I don't receive any packets at all when I use the second dump, and with the first one I don't see anything that says it's a router advertisement.

Neighbor advertisements could be the router, but may not be. Router adverts are more reliable. Do any other addresses show up? Can you tcpdump a ping that's half-working?

Curdy Lemonstan posted:

Hollllyy shiit. Ive been fighting with my computer for 7 hourd trying to install ubuntu on a newly aquired lovely aspire ES 13 (ES1-331-C5M9) and it is like trying to shove a spoonful of porridge in your spoiled bratty childs mouth. I'm also retarded. Usually a kernel panic error pops up as a passive aggressive gently caress you from the boot log. Something about IO-APIC + timer not working. Is there anyway to fix it before I go all "office space" on this bitch?

Try noapic

* # ? Jan 27, 2016 23:09
  • Quote
Kilson
Jan 16, 2003

I EAT LITTLE CHILDREN FOR BREAKFAST !!11!!1!!!!111!

evol262 posted:

Neighbor advertisements could be the router, but may not be. Router adverts are more reliable. Do any other addresses show up? Can you tcpdump a ping that's half-working?

No other addresses that I've seen show up in tcpdump. When I did the one with "and ip6[40] == 134", I got zero packets in over an hour.

I tried pinging Google repeatedly until one of the addresses was reachable. It's mostly just sending packets into the void, until it picks an address I can reach, then I get immediate responses.

code:
[root@dut ~]# tcpdump -n -i eth0 ip6 and icmp6
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
17:05:34.547499 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::71: ICMP6, echo request, seq 1, length 64
17:05:35.547507 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::71: ICMP6, echo request, seq 2, length 64
17:05:36.555737 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::8a: ICMP6, echo request, seq 1, length 64
17:05:37.555522 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::8a: ICMP6, echo request, seq 2, length 64
17:05:45.649875 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::8a: ICMP6, echo request, seq 1, length 64
17:05:46.649526 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::8a: ICMP6, echo request, seq 2, length 64
17:05:47.171330 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::8a: ICMP6, echo request, seq 1, length 64
17:05:48.434681 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::71: ICMP6, echo request, seq 1, length 64
17:05:49.578278 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::8a: ICMP6, echo request, seq 1, length 64
17:05:50.544530 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::71: ICMP6, echo request, seq 1, length 64
17:05:51.473871 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::8a: ICMP6, echo request, seq 1, length 64
17:05:52.473517 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::8a: ICMP6, echo request, seq 2, length 64
17:05:52.921272 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::71: ICMP6, echo request, seq 1, length 64
17:05:53.920507 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::71: ICMP6, echo request, seq 2, length 64
17:05:54.338382 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::64: ICMP6, echo request, seq 1, length 64
17:05:54.347326 IP6 2607:f8b0:4003:c14::64 > 2600:c12:6002:6:250:56ff:fe87:4b47: ICMP6, echo reply, seq 1, length 64
17:05:55.339428 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::64: ICMP6, echo request, seq 2, length 64
17:05:55.348364 IP6 2607:f8b0:4003:c14::64 > 2600:c12:6002:6:250:56ff:fe87:4b47: ICMP6, echo reply, seq 2, length 64
17:05:56.340480 IP6 2600:c12:6002:6:250:56ff:fe87:4b47 > 2607:f8b0:4003:c14::64: ICMP6, echo request, seq 3, length 64
17:05:56.349406 IP6 2607:f8b0:4003:c14::64 > 2600:c12:6002:6:250:56ff:fe87:4b47: ICMP6, echo reply, seq 3, length 64
I'm leaning toward this being some sort of non-local problem, based on some other stuff that's happened today. These are two Google addresses, but we can see the traceroutes diverging at hop 8 (which itself seems to be a Google-owned address). Then one of them succeeds and one fails. I can't think of any reason this should occur.

code:
[root@dut ~]# traceroute6 -n 2607:f8b0:4003:c14::66 traceroute to 2607:f8b0:4003:c14::66 (2607:f8b0:4003:c14::66), 30 hops max, 80 byte packets
 1  2600:c12:6002:6::1  0.353 ms  0.345 ms  0.369 ms
 2  * * *
 3  2001:48c8::912  0.565 ms  0.238 ms  0.523 ms
 4  * * *
 5  * * *
 6  2001:4860::1:0:57f  17.661 ms  17.616 ms  17.389 ms
 7  * 2001:4860::8:0:2c9d  1.872 ms  1.767 ms
 8  * * *
 9  * * *
10  2607:f8b0:4003:c14::66  8.819 ms  8.759 ms  8.477 ms

[root@dut ~]# traceroute6 -n 2607:f8b0:4003:c14::65 traceroute to 2607:f8b0:4003:c14::65 (2607:f8b0:4003:c14::65), 30 hops max, 80 byte packets
 1  2600:c12:6002:6::1  0.462 ms  0.424 ms  0.397 ms
 2  * * *
 3  2001:48c8::912  0.373 ms  0.394 ms  0.319 ms
 4  * * *
 5  * * *
 6  2001:4860::1:0:57f  1.920 ms * *
 7  2001:4860::8:0:2c9d  4.752 ms  1.748 ms *
 8  * 2001:4860::8:0:bb12  9.036 ms  9.268 ms
 9  * * *
10  * * *
11  * * *
12-30 * * *
Attempting to connect to other things shows that I can always reach some external entity before the routing inexplicably fails to reach the destination.

Furthermore, I started receiving incoming IPv6 traffic from the endpoint I really need to be able to connect to. Unfortunately, I still can't successfully send anything in the reverse direction.

Is there any local reason these things could happen? It all just seems super strange to me.

* # ? Jan 28, 2016 00:12
  • Quote
salisbury shake
Dec 27, 2011

Saukkis posted:

Directories need the x permission. Try 'chmod 777 "Warpaint - The Fool - 2010 v0"'.

So I'm retarded. Thanks for the solution.

* # ? Jan 28, 2016 01:54
  • Quote
evol262
Nov 30, 2010
#!/usr/bin/perl

Kilson posted:

Is there any local reason these things could happen? It all just seems super strange to me.
Not a good one that I can think of. Is this interface VLANed?

You can try disabling arp_filter for eth0, though

* # ? Jan 28, 2016 02:25
  • Quote
Kilson
Jan 16, 2003

I EAT LITTLE CHILDREN FOR BREAKFAST !!11!!1!!!!111!

evol262 posted:

Not a good one that I can think of. Is this interface VLANed?

You can try disabling arp_filter for eth0, though

I'm pretty sure it's not VLANed, but I can't say with 100% certainty. Doesn't arp_filter only apply to ipv4? At least it doesn't seem to be an option for ipv6. In any case, it seems to be already turned off:

[root@dut ~]# cat /proc/sys/net/ipv4/conf/eth0/arp_filter
0

* # ? Jan 28, 2016 16:35
  • Quote
Neslepaks
Sep 3, 2003

 Any hardware suggestions for a small home Linux server?

I need something smaller and quieter to take over the reins from the HP9000 that's been my trusty server for 10 years or so. Requirements are so modest that I could almost get away with an RPi or something, but I'd like something that's more reliable and has some real storage. Intel NUCs look juicy but are quite pricey. There are similar cheaper things from Acer or whatever, but I'm not sure I could necessarily count on them to run Linux well? They typically come preloaded with some Windows version that it irritates me to pay for, however little. Also, these media server type things are not exactly meant for the purpose of headless server, but I don't suppose that'd be a problem as long as they don't have some weird destabilizing hardware.

* # ? Jan 28, 2016 22:47
  • Quote
Twerk from Home
Jan 17, 2009

This avatar brought to you by the 'save our dead gay forums' foundation.

Neslepaks posted:

Any hardware suggestions for a small home Linux server?

I need something smaller and quieter to take over the reins from the HP9000 that's been my trusty server for 10 years or so. Requirements are so modest that I could almost get away with an RPi or something, but I'd like something that's more reliable and has some real storage. Intel NUCs look juicy but are quite pricey. There are similar cheaper things from Acer or whatever, but I'm not sure I could necessarily count on them to run Linux well? They typically come preloaded with some Windows version that it irritates me to pay for, however little. Also, these media server type things are not exactly meant for the purpose of headless server, but I don't suppose that'd be a problem as long as they don't have some weird destabilizing hardware.

What about the atom NUCs, $130 for dual core and $170 for quad core? Something like this

* # ? Jan 28, 2016 22:57
  • Quote
DeaconBlues
Nov 9, 2011
 I run Xubuntu on a J1800 Celeron ITX board. It only has two SATA ports and I have 2x 2.5" mechanical HDD plugged in. One for the OS and storage and the other has a weekly cron job to rsync sda to sdb.

It's pretty basic for a home server but it runs nfs, Plex (1080p!) and samba no problem. It's powered by a 90W PicoPSU and last time I plugged in a power meter it was sipping about 12W from the mains. It's been solid for at least 18 months. The J1800 is just about at its limit streaming 1080p with Plex, so luckily the system meets its requirements perfectly with minimum overkill.

* # ? Jan 28, 2016 23:28
  • Quote
Neslepaks
Sep 3, 2003

Twerk from Home posted:

What about the atom NUCs, $130 for dual core and $170 for quad core? Something like this

Perfect. Ordered, thanks.

* # ? Jan 29, 2016 00:05
  • Quote
Vulture Culture
Jul 14, 2003

I was never enjoying it. I only eat it for the nutrients.

Twerk from Home posted:

What about the atom NUCs, $130 for dual core and $170 for quad core? Something like this
Can confirm that the N3700 NUC is a powerhouse relative to the 6W TDP

* # ? Jan 29, 2016 00:47
  • Quote
Twerk from Home
Jan 17, 2009

This avatar brought to you by the 'save our dead gay forums' foundation.

Vulture Culture posted:

Can confirm that the N3700 NUC is a powerhouse relative to the 6W TDP

You have one? It does plex transcoding? drat, I should have gotten one. I found it way more interesting an idea to have 4 very slow cores, but I picked up a refurb Haswell i5-4250u for $150 on ebay 6 months ago instead. The Haswell NUCs aren't as nice as the Broadwell / Braswell ones though.

* # ? Jan 29, 2016 02:08
  • Quote
evol262
Nov 30, 2010
#!/usr/bin/perl

Kilson posted:

I'm pretty sure it's not VLANed, but I can't say with 100% certainty. Doesn't arp_filter only apply to ipv4? At least it doesn't seem to be an option for ipv6. In any case, it seems to be already turned off:

[root@dut ~]# cat /proc/sys/net/ipv4/conf/eth0/arp_filter
0

Long day. I meant privacy extensions.

* # ? Jan 29, 2016 17:12
  • Quote
Vulture Culture
Jul 14, 2003

I was never enjoying it. I only eat it for the nutrients.

Twerk from Home posted:

You have one? It does plex transcoding? drat, I should have gotten one. I found it way more interesting an idea to have 4 very slow cores, but I picked up a refurb Haswell i5-4250u for $150 on ebay 6 months ago instead. The Haswell NUCs aren't as nice as the Broadwell / Braswell ones though.
The Haswell NUCs aren't without their problems, but seemed to do much better after the ~June firmware updates. I like my i7 a lot. The Braswell SoC is just so goddamn cheap and cool and quiet that I would not hesitate to recommend it to anyone looking for a very inexpensive home server.

* # ? Jan 29, 2016 17:51
  • Quote
ToxicFrog
Apr 26, 2008


 I've had good results turning decomissioned laptops into home servers. If it's just obsolete, you now have a server with a built in keyboard and screen for troubleshooting and a built in UPS. If someone stepped on the screen or something, it's no worse than a normal headless and you still get the built-in battery. They tend to be compact and power-efficient, too.

Biggest problem is lack of storage, but that's easy to address with eSATA or USB3 external enclosures.

Obviously this is pretty price-inefficient if you're getting a new server, but if you have an unused laptop lying around already it's great.

* # ? Jan 29, 2016 18:09
  • Quote
Highblood
May 20, 2012

Let's talk about tactics.
So I've got some linux experience, probably ran every distro worth mentioning for some time at some point in my life. The thing is I feel like I don't actually know anything about it. I can hack my way around pretty much every problem I encounter, but it usually ends up being just that, a hack and a half-assed one at that. Google is usually my best friend, I can't actually do poo poo on my own. This works great on the short-term, after a while though my system usually turns into an unworkable mush.

What are good resources I can use to learn linux from A to Z, leaving no stones unturned. I want to know everything. No more googling of config files and copy pasting someone else's work because I can't figure it out for myself. Help me RTFM

* # ? Jan 29, 2016 22:11
  • Quote
thebigcow
Jan 3, 2001

Bully!

Highblood posted:

So I've got some linux experience, probably ran every distro worth mentioning for some time at some point in my life. The thing is I feel like I don't actually know anything about it. I can hack my way around pretty much every problem I encounter, but it usually ends up being just that, a hack and a half-assed one at that. Google is usually my best friend, I can't actually do poo poo on my own. This works great on the short-term, after a while though my system usually turns into an unworkable mush.

What are good resources I can use to learn linux from A to Z, leaving no stones unturned. I want to know everything. No more googling of config files and copy pasting someone else's work because I can't figure it out for myself. Help me RTFM

Find evol262, kill him, and eat his heart. This will get you half way there, then use the knowledge you absorbed to find the head developer of every project and do the same.

Alternatively, use it every day.

* # ? Jan 29, 2016 22:58
  • Quote
evol262
Nov 30, 2010
#!/usr/bin/perl
I'm OK with Linux (there are much more knowledgeable people at Red Hat, and both Suspicious Dish and telcoM are probably more knowledgeable than I am), but I'd suggest doing "real things" with it.

Pick a distro and stick with that. Configure services you want. Nobody can keep the syntax of every config file in their head, but that's what Google and manpages are for. You can learn the ones you use often, though


Get good at root cause analysis. When you find a bug, don't just hack it. See if there's a patch on a bug tracker or git for it. Build a package with that and test it. If there isn't one, read the code and see if you can figure out what's happening. Write a patch and submit it. Don't get emotional about code review if they ask for it to be reworked.

Isolate services you want in VMs or containers. Learn to write systemd unit files to get the things you want running.

I think the big question is "what are you using Linux for?" To be honest, if you're a hobbyist, you may never get "good", or beyond "competent", but it never hurts to read the docs (security/deployment guides, rhce study material, docs for things you find interesting, learning to script/program in a "real" non-shell language)

* # ? Jan 29, 2016 23:25
  • Quote
DeaconBlues
Nov 9, 2011
 I have a passing interest in running Firefox sandboxed in Fedora.

My question is whether this a good idea?

if $question ; then
echo 'Are there any recommendations for doing so?'
fi

DeaconBlues fucked around with this message at 07:57 on Jan 30, 2016

* # ? Jan 30, 2016 07:53
  • Quote
Vulture Culture
Jul 14, 2003

I was never enjoying it. I only eat it for the nutrients.

DeaconBlues posted:

I have a passing interest in running Firefox sandboxed in Fedora.

My question is whether this a good idea?

if $question ; then
echo 'Are there any recommendations for doing so?'
fi
Sandboxing onto a separate X server is probably way overkill but Jessie Frazelle posted a Dockerfile for Firefox (see the .dockerfunc for how to launch).

* # ? Jan 30, 2016 18:04
  • Quote
mystes
May 31, 2006

DeaconBlues posted:

I have a passing interest in running Firefox sandboxed in Fedora.

My question is whether this a good idea?

if $question ; then
echo 'Are there any recommendations for doing so?'
fi
I'm on Ubuntu, but I'm currently using firejail with the "private" option to restrict firefox to a specific directory (this allows it to see the root filesystem but replaces your home directory with an overlay), and I have a separate directory and profile for normal browsing and for email. I don't know how much I actually trust firejail to provide real security, but at least way if there's another bug like the pdf reader one, a malicious website won't be able to look around my actual home directory or steal my gmail cookie without some sort of firejail specific exploit or privilege escalation.

* # ? Jan 30, 2016 18:17
  • Quote
DeaconBlues
Nov 9, 2011
 Thanks. I'll check both of those ideas out.

* # ? Jan 30, 2016 18:33
  • Quote
fuf
Sep 12, 2004

haha
hello I'm trying to run a backup script on my debian server via cron.

I have a little shell script that runs rsync to do the backup, based on this: https://aaronparecki.com/articles/2010/07/09/1/how-to-back-up-dropbox-automatically-daily-weekly-monthly-snapshots

I put the script in /usr/local/bin and it works fine when I run it manually with:
$ backup daily go

I edited my crontab ($ crontab -e) so it looks like this:
code:
0 3 * * * backup daily go
0 4 4,12,20,28 * * backup weekly go
0 5 1 * * backup monthly go
In my syslog I see:
code:
Jan 30 03:00:01 fuf-server CRON[29044]: (fuf) CMD (backup daily go)
But the backup doesn't actually run (there's no new directory containing the backup).

What am I doing wrong? Is there a separate error log somewhere that might show an error?

* # ? Jan 30, 2016 20:35
  • Quote
evol262
Nov 30, 2010
#!/usr/bin/perl
Cron needs the full path. Give it /usr/local/bin/backup

* # ? Jan 30, 2016 20:59
  • Quote
Adbot
ADBOT LOVES YOU

# ? Jun 6, 2024 11:48
  • Quote
Saukkis
May 16, 2003

Unless I'm on the inside curve pointing straight at oncoming traffic the high beams stay on and I laugh at your puny protest flashes.
I am Most Important Man. Most Important Man in the World.

fuf posted:

hello I'm trying to run a backup script on my debian server via cron.


I would suspect that "cron" doesn't have the same $PATH as when you run it interactively. Edit crontab to use the full path /usr/local/bin/backup and possibly edit the script to use the full path for rsync-command.

Additional error messages may be in root's mail, check the contents of /var/spool/mail/root.

* # ? Jan 30, 2016 21:02
  • Quote
  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > The Linux Questions Thread: a bunch of pitfalls, but technically it's possible
«1040 »