I configured some ACL to grant syslog user to read log files that are owned by root under 700 permission directories. I'm able to read them when i logon as syslog. Rsyslog is configured with $PrivDropToUser syslog.
I have this error when i restart rsyslog :
rsyslogd-2433: file '/var/log/containers/default-http-2250134485-3c78s_kube-system_default-http-c8723f65a7a7371374037d7d99abb99ac07d977c792edd79add695392853ba22.log': open error: Permission denied [v8.35.0 try http://www.rsyslog.com/e/2433 ]
This log is a link to /var/lib/docker/containers/DOCKER_ID/DOCKER_ID-json.log
I don't want to mess with kubernetes/docker ownership, that's why i tried with ACL.
Thanks
nevermind, one of my acl wasn't correctly set and it was only working for the file I was testing....
Related
I got a Problem with my Zabbix Server.
He was running the days ago, and then the dashboard shows up:
Zabbix Server is running --> Value NO
And: Zabbix server is not running the information displayed may not be current
I didnt change some configs in the past.
Then I looked in the Zabbix Server Log File in: /var/log/zabbix/zabbix_server.log
And the Error shows up:
15909:20201011:000020.063 [Z3001] connection to database 'zabbix' failed: [1045] Access denied for user 'zabbix'#'localhost' (using password: NO)
15909:20201011:000020.063 database is down: reconnecting in 10 seconds
I already checked the Zabbix Config File in: /etc/zabbix/zabbix_server.conf
DBName, DBUser, DBPassword are all correct
Can someone tell me why the Error shows "(using password: NO)"?
Usually it means that no password was entered for the login?
PROBLEM SOLVED
Solution: I was adding an HP Switch IN THE PAST with the HP Enterprise Switch Template.
When the SNMP Discover was finished, there wore more than 2000 Items.
So it was a Stackoverflow :D
Have a nice day!
Please ensure you have no spaces before or after the PASSWORD line, and that it matches exactly with the following 2 files:
nano /etc/zabbix/zabbix_server.conf
### Option: DBPassword
# Database password.
# Comment this line if no password is used.
#
# Mandatory: no
# Default:
DBPassword=Ex4mmpleT3st!
#
#
AND:
nano /etc/zabbix/web/zabbix.conf.php
$DB['PASSWORD'] = 'Ex4mmpleT3st!';
Verify by checking the RESTARTING and checking the log:
service zabbix-server restart
cat /var/log/zabbix/zabbix_server.log
I've been trying out all solutions mentioned in google for this problem to no avail. This website is built using bitnami wordpress stack in AWS. All I want to do is to log slow query. I only have wp-config user credentials to login in to mysql. But with this access I cannot run SET GLOBAL slow_query_log = 'ON';
as it requires super user privilege.
To my understanding, unless I login as root user and assign the privilege to this user or run the command as root user itself no other workaround to get this sorted.
Problem is, no password for root. Maybe it's configured without password when it was first installed (mysql).
I checked this file for password but found none.
/opt/bitnami/mysql/my.cnf
I can't view the mysql log too (permission denied)
/opt/bitnami/mysql/data/mysqld.log
I dont find the password in aws->instance settings -> get system log
I tried resetting password as mentioned here. https://community.bitnami.com/t/unable-to-reset-mysql-root-password/44360/3
mysql stops but stuck at starting in safe mode forever usin below commands:
$ sudo /opt/bitnami/ctlscript.sh stop mysql
$ sudo /opt/bitnami/mysql/bin/mysqld_safe --skip-grant-tables
How do I enable the slow query log now or get root password or reset it?
Hi Bitnami Engineer here,
The root's password of the database is the same one the instance configures for WordPress during the boot process. That means that if you have not changed the WordPress' admin password, both passwords are the same now.
You can open the bitnami_credentials file in the home folder of the bitnami user to obtain the password the instance used during the configuration process.
cat /home/bitnami/bitnami_credentials
After that, just run the mysql command to access the database
mysql -u root -p
Trying to install plesk on an ec2 (currently 3 sites running) I have. From what i've read plesk will only work on a vanilla server (hoping this is not the case).
Installation crashes on the line:
Synchronizing state of mysql.service with SysV init with /lib/systemd/systemd-
sysv-install...
Executing /lib/systemd/systemd-sysv-install enable mysql
After this the error is:
Trying to establish test connection... mysql: [Warning] World-writable config
file '/root/.my.cnf' is ignored.
ERROR 1045 (28000): Access denied for user 'root'#'localhost' (using password:
NO) failed
One more attempt to connect
ERROR while trying to establish test connection. If you are installing Plesk
on an already configured MySQL server, you need to specify the administrator's
credentials to succeed with the installation. To do this, you need to create a
file - /root/.my.cnf with the 'client' section where you need to provide user
and its password ("user = $admin_name" and "password = $admin_pass"). After
installation is finished, the file /root/.my.cnf will be renamed to
/root/.my.cnf.bak
Check the error reason(see log file:
/var/log/plesk/install/plesk_17.8.11_installation.log), fix and try again
***** problem report *****
ERROR while trying to establish test connection. If you are installing Plesk on
an already configured MySQL server, you need to specify the administrator's
credentials to succeed with the installation. To do this, you need to create a
file - /root/.my.cnf with the 'client' section where you need to provide user
and its password ("user = $admin_name" and "password = $admin_pass"). After
installation is finished, the file /root/.my.cnf will be renamed to
/root/.my.cnf.bak
Check the error reason(see log file:
/var/log/plesk/install/plesk_17.8.11_installation.log), fix and try again
sh: 1: /etc/init.d/psa: not found
I have added the file /root/.my.cnf like so:
Client
User: xyz
Password: xyzxyz
But it still can't pick it up or use it (changed permissions over and over).
Has anyone been able to get past this error?
Cheers
Yes, it's possible to install Plesk on the server where mysql is already installed.
It's needed to create a file /root/.my.cnf with root access to mysql:
# cat /root/.my.cnf
[client]
user = root
password = root_password
But it's not recommended to install Plesk on the server where sites are already running because apache and nginx configuration files can be changed.
I have configured PhpStorm for remote server. But, to write a file I need root access so when I am doing it on server I do sudo su and PhpStorm throws permission denied error !
Any idea how I can configure PhpStorm to handle this scenario?
If you need to be root to write the project files on the server then you're probably doing something wrong.
But you can ssh to the server, use sudo su to elevate to admin then change the owner and/or rights of the project files to allow the non-privileged user you use with phpstorm to upload them.
I have Install SDK then log in (gcloud auth login). I can't log in SSH VM google cloud?
with message "CommandError: Logging into instances as root is not recommended. If you actually wish to log in as root, you must provide the --permit_root_ssh flag."
how to log in SSH root??
I can not log in to the VM Instances. I look login VM Instances https://developers.google.com/compute/docs/quickstart#setup
$gcutil ssh
then message "CommandError: Logging into instances as root is not recommended. If you actually wish to log in as root, you must provide the --permit_root_ssh flag."
I have log in
ssh ..
Massage" Host key verification failed."
So how to log
You usually don't login as root to your GCE instances. Instead, you log in as an unprivileged user, and then use sudo when root privileges are required.
You probably want to run the gcutil tools as a non-privileged (i.e. not root) user on your local machine. The default GCE image is designed to encourage running only the commands you need to as root, and disables root login by default.
If you decide you want to login in directly as root, there are (brief) instructions at the above link.