$ uname -a
Linux labBrix 4.19.10-300.fc29.x86_64 #1 SMP Mon Dec 17 15:34:44 UTC 2018
x86_64 x86_64 x86_64 GNU/Linux
# dnf list kernel
The first two kernel packages are highlighted. What is the significance of
The last package, 4.19.13-300 isn't highlighted. It also doesn't show in
the grub menu when the computer boots. Why ?
I have installed a fresh F29 while keeping /home as it was from F28. I
am using the KDE Spin.
Empty directories with very strange names are created in home folders:
ls gives the following names:
# ls -1
On another account I have:
# ls -1
Just to record that this happened:
Ran a DNF update. All the normal stuff appeared, plus
Exception ignored in: <function SwdbInterface.__del__ at 0x7f22c9e07488>
Traceback (most recent call last):
File "/usr/lib/python3.7/site-packages/dnf/db/history.py", line 262,
File "/usr/lib/python3.7/site-packages/dnf/db/history.py", line 305,
File "/usr/lib/python3.7/site-packages/dnf/db/history.py", line 291,
self._swdb = libdnf.transaction.Swdb(self.dbpath)
File "/usr/lib64/python3.7/site-packages/libdnf/transaction.py", line
729, in __init__
this = _transaction.new_Swdb(*args)
RuntimeError: Exec failed: database is locked
How do I configure apache to allow PHP scripts write access to a
document root without compromising security?
I have a fedora29 system with php-7.2.13 and trying to get joomla
installed properly and having some trouble. I'm an experienced Linux
admin, but I'm not very familiar with php applications and how to
manage permissions of them. I don't entirely understand the
relationship between php, apache, and mod_fcgi. I fully understand how
filesystem permissions and ownership works.
I have all files at 644 and all directories at 755 in the document
root, owned by my ftpuser account. selinux is disabled because this
server does so much other stuff.
The problem is that joomla fails to run properly because the document
root isn't entirely owned by the apache user. What is the best method
for managing permissions with apache so we don't have to have all
files owned by the user which is running the apache process?
I'm also confused on the relationship between mod_fcgid, fpm-fcgi and
suexec. I've configured php-fpm and mod_fcgid according to this doc
I've also set SuexecUserGroup to the user I'd like to use for ftp/sftp access:
SuexecUserGroup ftpuser ftpuser
but I don't understand how that ties in with the filesystem and
allowing apache to write the joomla files it needs, like the cache
directory and perform extension updates, while also allowing access to
the ftpuser to read and write the same files.
I believe I want to use mod_fcgi instead of loading PHP into apache
directly with mod_php. Do I need to create a wrapper script, or is one
already included with fedora?
It appears fedora is already loading php7_module with the php package.
Do I need to disable that prior to using mod_fcgid?
journalctl -f shows the following lines appearing in the log every five
seconds. Can anyone tell me whether this is important, and if so how to
fix it, and if not, how to stop this noise filling the journal up?
Jan 13 17:12:13 woody systemd: tpm2-abrmd.service: Service RestartSec=5s expired, scheduling restart.
Jan 13 17:12:13 woody systemd: tpm2-abrmd.service: Scheduled restart job, restart counter is at 45627.
Jan 13 17:12:13 woody systemd: Stopped TPM2 Access Broker and Resource Management Daemon.
Jan 13 17:12:13 woody audit: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=tpm2-abrmd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Jan 13 17:12:13 woody audit: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=tpm2-abrmd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Jan 13 17:12:13 woody systemd: Starting TPM2 Access Broker and Resource Management Daemon...
Jan 13 17:12:13 woody tpm2-abrmd: ERROR:tcti:src/tss2-tcti/tcti-device.c:319:Tss2_Tcti_Device_Init() Failed to open device file /dev/tpm0: Permission denied
Jan 13 17:12:13 woody tpm2-abrmd: failed to initialize device TCTI context: 0xa000a
Jan 13 17:12:13 woody tpm2-abrmd: TCTI initialization failed: 0xa000a
Jan 13 17:12:13 woody systemd: tpm2-abrmd.service: Main process exited, code=exited, status=1/FAILURE
Jan 13 17:12:13 woody systemd: tpm2-abrmd.service: Failed with result 'exit-code'.
Jan 13 17:12:13 woody systemd: Failed to start TPM2 Access Broker and Resource Management Daemon.
Jan 13 17:12:13 woody audit: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=tpm2-abrmd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
# ls -ld /dev/tpm0
crw-------. 1 root root 10, 224 Jan 3 18:49 /dev/tpm0
"There's something wrong with our bloody ships today, Chatfield."
-- Admiral Beatty at the Battle of Jutland, 31st May 1916.
Testing using Fedora Desktops w/ FreeIPA server and found that
plugging in domain and username for my FreeIPA server resulted in
error of " Couldn't connect to the ipa.xxxxxxx.xxx domain: Cannot find
KDC for realm "IPA.XXXXXXX.XXX".
Since F29 no longer gives option to give password for root in
Anaconda.(Yet another follow the Ubuntu-ites, like getting rid of the
mail server instead of configuring it for local mail, and configuring
the first user to get get system mails in Evolution), I had to create
an account just to install freeipa-client.
So Fedora cannot connect to FreeIPA ( ie Redhat IdM) out of the box.
Seems to me that there is an issue here.