Sometimes if you have a missing library or a file you know should be available via an rpm but you're not sure which RPM you have to install you have to look up for library or binary file amongs all available installable r[ms on Redhat Linux / CentOS / Fedora or other RPM based distro.
It is really annoying especially, if you try to install an rpm binary and the package does not install due to missing dependency library. Having a missing dependency package could happen, if you use some custom internal prepared repository that is mirroring from original rpm repositories and the RPM Repositories are situated behind a DMZ firewall network (such scenarios are common for corporations and IT companies).
Finding out which file is provided by which package on Debian / Ubuntu and other deb based linux distributions is easy and done via the
# apt-file search filename
Thus if you're a system administrator coming from a Debian GNU / Linux sysadmin realm into the wonderful world of redhats, you will want to have an alternative to apt-file tool. You will be happy to find out that that this tedious task is easily done in RPM based Linux and is integrated straight into yum package manager too.
The command to search which rpm package provides a file is:
yum whatprovides search_file_name can be also invoked with its shortcut yum provides 'search_file_name'
[root@rhel-server ~]# yum provides '/bin/ls' Loaded plugins: fastestmirror, versionlock Loading mirror speeds from cached hostfile coreutils-8.22-24.el7.x86_64 : A set of basic GNU tools commonly used in shell scripts Repo : base Matched from: Filename : /bin/ls
coreutils-8.22-24.el7_9.2.x86_64 : A set of basic GNU tools commonly used in shell scripts Repo : updates Matched from: Filename : /bin/ls
Here is another example:
[root@rhel-server ~]# yum -q provides '*lesspipe.sh*' less-458-9.el7.x86_64 : A text file browser similar to more, but better Repo : base Matched from: Filename : /usr/bin/lesspipe.sh
source-highlight-3.1.6-6.el7.i686 : Produces a document with syntax highlighting Repo : base Matched from: Filename : /usr/bin/src-hilite-lesspipe.sh
source-highlight-3.1.6-6.el7.x86_64 : Produces a document with syntax highlighting Repo : base Matched from: Filename : /usr/bin/src-hilite-lesspipe.sh
spirv-tools-2019.1-4.el7.x86_64 : API and commands for processing SPIR-V modules Repo : epel Matched from: Filename : /usr/bin/spirv-lesspipe.sh
You can search for any file and if the RPm repository is defined under /etc/yum/repos.d/* and enabled, yum whatprovides command should be able to find it and tell you which RPM package you have to install to have the file installed Redhat way.
You can list all enabled RPM repositories with cmd:
[root@rhel-server ~]# yum repolist enabled Loaded plugins: fastestmirror, versionlock Loading mirror speeds from cached hostfile repo id repo name status 3party Third party packages – x86_64 2,631 base/7/x86_64 CentOS-7 – Base 10,072 cr/7/x86_64 CentOS-7 – CR 0 epel/7/x86_64 EPEL packages for RedCent 7 – x86_64 13,791 extras/7/x86_64 CentOS-7 – Extras 526 updates/7/x86_64 CentOS-7 – Updates 5,802 zabbix-6.0 Zabbix 6.0 repo 429 repolist: 33,251
To list disable RPM repositories:
# yum repolist disabled …
To list all present available repositories that could be enabled and are set via the /etc/yum.repos.d/* configs
The times of the Second Coming of Jesus Christ seem to be really near, this is clear from the facts that the corruption and people's degradation has reached a state, where no truthfulness is existing neither in the worldly organizations Countries, governments, parliaments, courts, institutions, companies and even in the Most Holy Church of Christ which he has consecrated by his Holy Blood, through the Crucifixion and Death on the Cross for our sins.
It seems today, neither the low ordinary people neither the high and eligible and most honored Bishops and even Metropolitans are in a such a bad careless state, that they only care about their own wordly interests and the interests of a few of other servitudes nearby, neglecting the interest of the Holy Church of Christ (which is the Assembly of believers in the Lord Christ Jesus, who breath and live being in the world but , “My kingdom is not of this world. If My kingdom were of this world, My servants would fight, so that I should not be delivered to the Jews; but now My kingdom is not from here.”John 18:36.
What happens now about 2000 years, later in Christ Church is absotely the same. Just like Jesus, his true followers has been rejected to be accepted by his own people. In same way his true people are always, being rejected to take their ruling place, but instead in the world the Lies and manipulations are taking place to crucify the true servents of God.
The Holy Gospel seems to repeat itself again and again all the time through the ages. This time the stage is different this is not ancient Israel with the Assembly of Synodrion and the Old Testament's Church of God and his People the Israelites. But the Holy Synod of the Bulgarian Church and the Bulgarian Orthodox Church with his people the new Israel the Christians.
Get to know the facts on Bulgarian Church Scandal Escalasion for New Metropolitan of Sliven voting – situation as of 24th April 2024
The Holy Synod of the Bulgarian Church has made another and strange untransparent decision once again, right after the Enormous Scandal with the cassation of legal choice of People of Sliven for best candidates Ierotey and Mihail (amongs which Ierotey is preferred), as the Metropolia of Sliven is still mourining on the beloved pontiff his holiness Metropolitan Ioanikij, less than 3 months before his blessed passing to Christ.
Map of Spiritual Eparchies in Bulgaria of Bulgarian Orthodox Church Bulgarian Patriarchy (BPC-BP)
Territorial Map of Sliven Eparchy according to the Local Spiritual districts belonging to Sliven Metropoly
Shortly after, it was decided to stop the legal procedure for choosing between bishop Ierotey and bishop Michail and overwritte the Synod accepted and agreed own legal document to follow on different church casuses, the ' the Church statuses regulations (Устав на БПЦ Българска Патриаршия = Bulgarian Orthodox Church Regulation Rules document decided to be followed by everyone in the Church including the bishops and metropolitans on a National Church Assembly) rightduring a procedure for enthronization of next Metropolitan of Sliven.
The new "regulation" they tried to push "in the shadows (illegally against the Church statues)" was written in a way to make the choice of new Metropolitans to be done only by Metropolitan assembly the Synod, without taking in considerating the christian people preference for such, something scandal as this was not so during the last 150 years since we have restored the Bulgarian Church Excharchy.
Out of this a great number of discussions started by Christian laity in facebook, viber and in the media of multitude of people, priests and cleargy from Sliven Eparchy complaining and protesting first infront of the Metroplitan Palace in Sliven
Sliven Church Priests, Monks and Layman gathered in front of Sliven Eparchy Metropolitan governing building
As this protests were not considered seriously by many of Elders of the Synod, the same protest with much more participant occured in front of Synodal Palace (the ruling ministry of the Bulgarian Church seat place) in Sofia as well as purely physical by presence with Prayer Vigils to the Holy Synod because of their unwillingness to accept the Synod unargumented decision to stop the procedure for choice of new metropolitan.
Peaceful objection Vigil Prayer in front of Holy Synod by Sliven Clergy and Laymen, Poster reads: "Do not exchange our Good shepherd, which gives his soul for the sheep with a mercenary, we do not know !" Second Poster on the background is "Against the New Order", meant the new Order to not venerate People's choice during voting of new Metropolitans
The outcome of the protest in front of the Synodal bulding palace in Sofia, Bulgaria was to cancel the votings for Metropolitan and do the whole voting procedure from the beginning. The people accepted the decision of the Synod even though the synod took this decision to not put in place 'new order' in favour if existing norms of the Churh statuses on the background of multitude of protesting priests, monks and layman from Sliven Eparchy and other eparchies which is well documented well in below video.
Synodal Prayer Vigil against the cassation of choice for future Metropolitan of Sliven
On the protests along with Church people and clergy from Sliven was present people from other Eparchies as well as key well known priests and monks that are from Sofia and the Sofia Metropolitan to tell their unwillingness for overriding the Church established rules "Statuses", as well as to express their support for Sliven Eparchy whose Church people will is to have venerated their up to the rules selection of Bishop Ierotey to become the next Vicar (Metropolitan) of Sliven.
On many TV medias this protest was not shown and the organized fake "contra-protest" of Metropolitan Nikolay and his people who were anti-protesting against people will was shown as it was paid for that (another proof for lack of enough freedom of speech and transparency of Bulgarian mass medias).
The contra-protesters from Plovdvid Eparchy that came with buses from Plovdiv eparchy enforced by Metropolitan Nikolay, very much in the old spirit of manifestations during the totalitarian regime of communism (notice the obviousness of the protest is fake from the exactly same looking slogans held mainly by priests)
As a result people from Sliven Eparchy accepted the fact that the Holy Synod decided to finally cassate (cancel) the procedure for choice of new Sliven Metropolitan and organize a new list of Worthy and dostopochteni (venerable) Bishops among which Sliven's people should make the choice again. The people accepted this as they hoped the Holy Synod elders, might have been misled by the false accusation reports of the two brother priests Silvester and Evgeny Yanakievi (who by the way are very active on facebook) against Ierotey, and thus by organizing the choice once again officially the choice will take case in a transparent way and according to the Church rules statuses and then they can again vote for bishop Ierotey and double verify their initial choice.
However what happened now is far from that. Contrary to any logic (and as provocation), the list of venerable Bishops was made by the Holy Synod, during the Great Lent on 22 of April, a time in which people should concentrate on their repentance and spiritual growing and spiritual preparation to accept the Fest of Feasts, The Resurresction of Christ Easter.
Contrary and again unvenerating the Church clergy and people's will of Sliven the new list of Bishops does not included neither Ierotey nor Mihail and included only 6 Bishops claimed to be venerable !!!
Here is a tiny biographies and only few rumored things about the Bishops, synod have been included and listed them according to seniority on when they become bishops.
1. The first listed Bishop Sionij (Velichki) completed Cherepish Spiritual Seminary (Academy) in 1990. Become monk in 1991. Completed Theology in 1994 in Saint Kliment Ohridski. 1995-1996 specialezed in Erlangen Germany. Become monk from Metropolitan Dometian (Vidinski) in Klisurski Monastery soon after become hieromonk. In 1992 – 1995 has been abbot of Klisura Monastery. In 1996 has become deacon of Sofia's Theological Seminary Saint John of Rila (he was later removed because of scandals, a boy died and accused by pupil parents for pedophilia, a sad fact that was hidden with time, due to many publications you can find online …). In 1998 has been raised to archimandrite by Patriarch Maxim in Dolni Lozen Monastery St. Peter and Paul. In March 2007 has been ordinated as Bishop Velichki in Saint Alexander Nevski Cathedral. In 2009 become vicar of Vidin Metropolitan Dometian In 1 May 2014 become an abbot of Troyan monastery, 3rd April 2019 he has become an abbot also to Bachkovo Monastery. Bishop Sionij is among the most scandalous persons in Bulgarian Orthodox Church, many media scandals assigning his name tо pedophilia and homosexuality through the time. It is claimed by medias he is involved with mafia (and especially with Church mafia). There was even a person who says to have been involved in this affairs with him that publicly has given interview for "Tzanov"'s self financed youtube channel Napred i Nagore" (video titled: "The Church of Sin"). Currently paradoxically he is an abbot of 2 of the biggest and 2 second richest monasteries in Bulgaria Troyanski and Bachkovki.. His family is known in Sofia for years for being one of the most richest people in Sofia. Currently aged 56 yrs.
2. Second one Arsenij gruaded high school 2006 in Stara Zagora in village Osetenovo. Completed Saint John of Rila seminary in 2006, was student in Saint Ohridski Theology and continued his education in Plovdiv University, saint Paisios of Hilendar, said to have graduated 2009. Tonsured monk in 2007, became hierodeacon and consequentially same year 2008 hieromonk. 6th December he was raised by Metr. Nikolay to Bishop. He has been a director of Plovdiv's Orthodox TV since 2009 and Plovdiv Seminary 2010 (seminary initiated again by by Metr. Nikolay). In 2012 he was given to be a head of Metropolitan cathedral in Plovdvid saint Marina. On June 2014 he was raised to bishop after offer was to the Holy Synod, by Metr. Nikolay. Hierotony was made by then very old Metropolitan Ioanikiy of Sliven in collaboration with Metropolitans Dometian of Vidinsky (now deceased), Grigoriy of Velikotarnovsky, Ignatius of Pleven and Nikolay of Plovdiv.
Iinterestingly he is titled as protegee of Metr. Nikolay who orchestrates the decisions in the Holy Synod for the last years (fact known by most people who even had a slight idea of what is going on internally in the Church). The backstage ruling of the Synod and the place is said to be easy for the Metr. Nikolay, since patriarch Neofit was severely sick and in practice inactive as patriarch. According to official information that leaked from Synod, it was exactly Arsenij the choice of Metr. Nikolay and his group of metropolitans (most of whom doesn't have the necessery support from anyone such as DS (Dyrzhavna Sigurnost) to which Metr. Nikolay is said to have the support and in which Metr. Nikolay's father was important ranked person). Thus according to different medias the legative choice of Sliven people was cancelled by the Synod by Metr. Nikolay and his group in attempt to install the already pre-chosen Arsenij in any means.
Bishop Arsenij is known amoung the clergy in Church for becoming a bishop officially against the Church statuses, not having the Statuses set fulfilled years, becoming bishop before his 30s in 28 years, according to Church rules of statuses regulations of BPC-BP he should have had been at least 35 years, 2 more years than Christs age of crucifix. The other break of Church statuses regulations with his hierotony was that he did not have 10 years as a clergy person in Bulgarian Orthodox Church. Currently 37 yrs old (has 10 years served as Bishop)
3. Bishop Gerasim (Melnishki) is famous for having a professional Actors education, before deciding to become monk and start his new career in the Church. He has not have officially any Theological Education diploma till the moment he decided to walk the spiritual path, but received such by specialization in Moscow 2 years in a newly created faculty by Metropolitan Ilarion Alfeev (faculty created 2012) and no longer existing. The Diplomas from Russia are not really considered officially by Bulgarian Government due to legislative reasons. Even though that he managed to be chosen somehow and become the Secretary of Holy Synod, and have signed documents that he has a higher Theological education which he at that time doesn't. He seemed to have served as a head of saint Alexander Nevsky and in this service He is said by some medias to have closed his eyes and signed the documents for requirements of higher education for the job of Synodal Secratary as a preliminary to the function of Secratary. He is known to often serve Liturgy in the Russian Church among which was a lot of scandals last year and which kept closed for quite some time, due to clergy in the Russian Church Clergy in (Sofia) Bulgaria being accused for serving for FSB (Russian Secret Services). He is also accused by medias for organizing an official business dinner for donation to collect money from businessmen for the sake of restoration of Biggest Cathedral in Bulgaria St. Alexander Nevsky. It should be said his service in saint Alexander Nevsky as a head of it for some years was okay, no big scandals like the previous head archim. Dionisij Mishev. Have to say it is strange why such a cathedral as Saint Alexander Nevsky, has to collect donations for its restoration, especially since the Bulgarian church Sofia Metropoly has a lot of land properties and stores on the city center that given for rent and should be bringing money to mitropoly along with the so called "vladichnina" amount of whole profit which every Church on territory of eparchy has to pay to the metropoly, especially as the Church st. Alexander Nevsky is a common tourist destination in Sofia for people all around the world and that should be supposably another way to collect money for its restoration. He is neither famous nor infamous and that is perhaps his main places of service was Saint Alexander Nevsky and as Synodal Secretary. Currently he is aged 44 yrs. Served as Bishop 8 yrs.
4. Bishop Pahomij (Branicki) has been made a monk and hieromonk again by Metr. Nikolay, his elder was proto-abbot Benedict from Holy Mount Athos Zograph in Divotinski Monastery, near Bankya in 2002 in 2004 he become abbot of Divotinsky Monastery. For 2004 till 2010 he had managed to gather brotherhood and helped to recover a Chapel Saint Anna and rerecover the 70 Apostles Church buildings and the Main Church Holy Trinity (which is considered his greatest achievements) his fame amount the Orthodox christian youth has been positive as he managed to have a good charisma and attract young people in his monastery during his abbotship. In 2015 he become hieromonk. bishop (hierotony by current Metropolitan of Vratza and some other bishops who is temporary substitute for patriarch Neofit's passing till the new choice of patriarch completes.). In 12.06.2017 he was made a bishop in Rila Monastery, again – according to some sources he did not have the Higher Theological education at that time for the post of bishopship, requirement according to Statuses of Bulgarian Orthodox Church. Currently he is aged 45 yrs. Served as Bishop 7 yrs
5. bishop Makarij (Glavnicki) has completed Plovdiv's Spiritual Seminary (whose deacan at that time was Bishop Evlogij Adrianopolski), finished Theology school in Bucharest in 2004 and Master degree in Thessaloniki (Solun) completed in 2010. In march 2007 become a novice monk in Rila Monastery Saint John of Rila. In 2008 during Lent become Hierodeacon, by bishop Evlogij. April 2011 become a hieromonk (priest monk). In March 2017 become a bishop. After becoming metropolitan he is now a vicar Bishop of Metropolitan Naum. He is perhaps among the most educated bishops of Bulgarian Church at present. Due to his studies in Greece, some people which play a kind of rloe of 'whisle-blower' but also do distribute some false mirrors, he might be a man of the Ecumenical patriarch. It is interesting fact that his hierotony as bishop did not happen in Saint John of Rila monastery but in Troyan Monastery (The Old Practice of Bulgarian Orthodox Church was to create new bishops in the Capital Sofia in Saint Alexander Nevsky – nowadays changed – some speculate this is done to escape from the anaxios (unworthy) that someone might scream during the services of new hierotony to stop the ceremony). In Troyan monastery as of time of writting this article the abbot is bishop Sionij Velichki. Also it is a bit strange the person who pushed his career forward Bishop Evlogij of Rila Monastery did not take part in the hierotony in Troyan monastery. Current aged 42 yrs. Serves as Bishop 7 yrs
6. Bishop Isaak (Velbyzhdski), started and completed aged 13 in Saint John of Rila seminary in Sofia, which he complated in 2001. In 2001 he started working in Seminary administration. Completed Sofia, Theological School saint Kliment Ohridski in 2008 (Bachelor). In 2009 in Vidin he become monk by Dometian of Vidin under spiritual guidance of Biship Sionij Velichki. In 2010, was raised to hieromonk in Saint Nicolas Church and in parallel works in Sofia Seminary as а tutor (ethnical bulgarians living abroad). In 2011, with blessing of Metr. Dometian he has become episcopal vicar of Lom Spiritual district. In 2012 in Dormition of Theotokos Chapel (which he headed) he was raised to archimandrite. In 2012 he started studying postgraduate studies in Moscow. In June 2023 he was raised to bishop with the title Bishop Velbyzhdski and given the role of second patriarch Neofit's vicar, as first is Bishop Polikarp. According to rumors, he is said according to some media news to have some connections with FSB due to his studies in Russia (and the common Russians practice to try to recruit their students to work for Russian agencies). Also according to some medias he had public appearance speach, staying behind Russia's official position for holy war, held against the evil (Russia as a Third Rome idea which currently Russian Church embraces). Serves as Bishop 1 yr
Bishop Ierotey Agathopolski (Kosakov)
The Seventh Bishop that is excluded from list, Ierotey (Agathopolski) was selected by Sliven Eparchy Priest, Monks and Laity to become the 7th Metropolitan of Sliven is Ierotey (The Voice of the People, The Voice of God) !
Bishop Ierotey (Agathopolski) in 2003 completed, Parallel course of Sofia Theological Seminary. December 22, 2003, Metropolitan Ioannikiy (Nedelchev) of Sliven tonsured him as a monk in brotherhood of the Holy Great Martyr George in the city of Pomorie. Archimandrite Theodosius (abbot of) Pomorie monastery at that time became his spiritual mentor. May 11, 2004, Metropolitan Ioanikiy of Sliven in the Church of Saints Cyril and Methodius in Burgas ordained hierodeacon. On May 16 of the same year, Metropolitan Ioanikiy of Sliven in the Church of the Most Holy Theotokos in Nessebar was ordained to the rank of hieromonk. On January 1, 2005, he was appointed abbot of the Monastery of the Holy Great Martyr George in Pomorie. He made a significant contribution to the development of the Pomorie monastery and its influence on Christian life in the region. Christian children's camps were organized annually at the monastery, a week of Orthodox singing introduced. Many hopeless and lonely and people with problems found a hospitality and spiritual help and resort in the monastery. On May 6, 2008 he was elevated to the rank of archimandrite. In 2010 he graduated Master Degree of Theology of Shumen University, Bishop Konstantin Preslavsky. September 18, 2014, by decision of the Holy Synod of the Bulgarian Orthodox Church, he was elected vicar of the Sliven diocese, bishop with the title of Agathopol (Agathopolski). October 1 was chiratonized to Bishop rank by Metropolitan Ioanikij (Nedelchev) Slivenski, Metropolitan Grogorij (Stefanov) of Tarnovo, Metropolitan Starozagorsky Galaktion (Tabakov), Metropolitan Nikolay Plovdivsky (Sevastyanov), Metropolitan Ambrosij (Ambrosius) Dorostolsky (Parashkevov), Metropolitan of Nevrokop Seraphim (Dinkov), Bishop of Trayanopol Cyprian (Kazandzhiev), Bishop of Znepol Arseniy (Lazarov). Served as Bishop 10 years
I believe there is nearly no person who has even encountered to meet Ierotey (Kosakov) Bishop Ierotey and interacted and doesn't have a good memory of that time, or have some bad impression. Not that I know him presonally but that person has always tried to help everyone in everything, this is really rare in our mostly egoistical world. Perhaps only envious and people obsessed with money or material goods can criticize him for the reason, he lives a true monk, and as every true monk and as Saint John of Rila adviced in His Covenant, "From all the things, most beware of money, for they are the root of all evil.".
It happens Slivens Eparchy is full of material goods due to its strategic location nearby see and due to tourism, and of course this eparchy is interested to be at the hands of businesses who can built freely and sell for cheap to big investors lands for the sake of increasement of tourism in the region, as Bishop Ierotey might be a factor against that (as he has refused to cooparete in building of 200 rooms Hotel accomodation at lands of Pomorie Monastery to Silvester Yanakiev, now there are some people leading fierce company to remove him from the vote and destroy his good name reputation.).
From the Holy Synod, there is no official explanation on why Bishop Ierotey is removed from the vote list during the new choice, but for everyone who has even the slightest idea of what is going on in the Church higher stages of power it is fully clear.
The wing of Metropolitan Nikolay and his protegees Metropolitans has risen their voices against the inclusion of Ierotey in the list. In order to make it not clear that Ierotey is the real target, few others were also removed who were in practice "un-votable" as their personal life has spots.
This just like the first time of decision to halt the process of voting even thugh two candidates for metropolitan were chosen (none of which that seems to fit the desires of the Dark Cardinal of the Bulgarian Church Metr. Nikolay and his synodal group of dependent people who are kept silent and obedient due to compromates against them or with financial donations).
It is not secret and not new the backstage dictation of Metropolitan Nikolay to his band (Synodal wing) of bishops many of whom are known to have a lot of homosexual (homophilia) and even pedophilia and other abnormal sexual activities, as well as activities related to the dark business schemes in bulgarian businesses and money laundary for which people know from mouth to mouth information spreading for years in the Church.
What is now stunning is that these people has become so unscrupulous, that they're ready to get over any person or group of people and even against a whole Eparchy of the Bulgarian Orthodox Church that perhaps nominally might be around 1 million people !!!
These peoples's believe, that us the ordinary believers of the Bulgarian Orthodox Church are stupid and easily managable and they can do with them whatever they want because they're a higher class and very few of people are really regularly going to Church or actively parcipating in the Church Mysteries (Holy Communion and the other 7 sacraments).
What is striking, the Synodal elders are shameless, they think they're the Church, forgetting the word Ecclesia meaning.
"Ecclesia (or Ekklesia) in Christian theology means both: a particular body of faithful people, and the whole body of the faithful."
Seems like now our many of our Synodal Elders understand the Church (Ecclesia) as them and the servitude of faithful to Christ people who should obey them for the only reason, they have taken the seat of the Holy Apostles (that is the metropolitan seat = bishopship seat + administrative obediences).
It is interesting to say the modern understanding of Ecclesia in Western Modern Catholicism does well fit the understanding that the powerful of the day in the Synod that are trying to push out their agendas against the people will and choice, below is a definition.
Christian understanding of Church
If one speaks of the whole body of Christian faithful, then there are included not only the members of the Church who are alive on earth but all who were members of the church before. Some churches therefore describe the Church as being composed of the Church Militant (Christians on Earth) and the Church Triumphant (Christians in Heaven). In Catholic theology, there is also the Church Suffering (Christians still in purgatory).
The Christian family, the most basic unit of Church life, is sometimes called the domestic Church.[2]
Finally, 'The Church' may sometimes be used, especially in Catholic theology, to speak of those who exercise the office of teaching and ruling the faithful, the Ecclesia Docens, or again (more rarely) the governed as distinguished from their pastors, the Ecclesia Discens.
What else is really not Okay with how the selection of Bishops are reduced from 10 to 6 venerable to take the seat of Sliven Metropolitan
All this events happen during the Great Lent and for every True Christian it is well known the old Church practice, that important decisions should not be taken during the great Lent period as usually such decisions are wrong and could create havoc, due to the highest degree of temptations that are let around by the Almighty God for the spiritual grow and healing of his faithful childs the Christians.
It is up to Christian people to now proof them once the Great Lent is over after the Glorious Resurrection Day they're wrong and that people will not let the God given eparchy of Sliven to be ruled by dependent Metropolitan to Metr. Nikolay.
It is up to us to proof we're not sheepsand that people's will on matters of higher hierarchy of Church and their deeds should not be unmonitored and unpunished as it was in a higher degree over the last years !!!
People should rise of their indifference and show they still care about the Pureness of the Church and the legitimity of the Church Law of Selection of new Highest Hierarchical heads of the Church. It is last time and last chances until we still have Church, especially considering the Apocalyptic times in which we seem to be living.
If you dear brothers and sisters in Christ not react and not fight for the truthful selection of a list with really venerable bishops that is transparent and argumented as it should be, another satellite Metropolitan will be installed to fit the plans of the ex-communist DS (Dyrzhavna Sigurnost) and the Ruling elite. If that happens soon we'll not only have a Real Orthodox Church Hierarchy chosen according to canons and due to Church Statues as it should be but an Assembly of Pseudo Hierarchs who acts in secrecy and conspiracy schemes in the same way as any Masonic Lodge.
In other words, we'll have Church but a faked artificial business and party like organization, where decisions are not taken by the Creator of the Church the Lord Jesus Christ and his true followers the Apostles (that are the Bishops and Metropolitans), but we'll have a secular organization with Big beauty Church temple (museums without real cleargy) and a Monasteries full of pedophiles, gays and people who want to live an easy life and enjoy themselves instead of spiritually persevere and lead the hard spiritual fight and pray for the well-being of Bulgarians, Bulgaria and the Rest of the Christians.
Lets pray fervently until the end of the fasting, that the Metropolitans who took that bad decision will change their mind and put back in the list the real venerable people and not have a list of people who are dependent and unworthy due to lack of Higher education, a personal scandals, they were involved like Bishop Sionij or have another kind of spots, that can be easily researched even by a simple few Internet searches in Google.
Nomatter who is worthy or not, the main thing is that Sliven Eparchy should be headed by a person who is wanted in the Eparchy and such person according to the clear votes of Eparchical electors is Ierotey, the problem is that Ierotey is not playing well with the dark businesses and does count the interest of people, and does not randomly do what is being asked for with the only goal to make money and he doesn't follow blindly rules by Metr. Nikolay or whoever else that is not working for the good of True Church of Christ (the assembly of all people believing in Jesus Christ as we theEastern Orthodox believe) and thus he is automatically becoming unworthy. As worthy is considered those who serves the Business and the Internet of the powerful authorities of this day.
Even if you have the background of a Linux system administrator, sooner or later you will have have to deal with some Windows hosts, thus i'll blog in this article shortly on how the established TCP if it happens you will have to administarte a Windows hosts or help a windows sysadmin noobie 🙂
In Linux it is pretty easy to check the number of established conenctions, because of the wonderful command wc (word count). with a simple command like:
$ netstat -etna |wc -l
Then you will get the number of active TCP connections to the machine and based on that you can get an idea on how busy the server is.
But what if you have to deal with lets say a Microsoft Windows 2012 /2019 / 2020 or 2022 Server, assuming you logged in as Administrator and you see the machine is quite loaded and runs multiple Native Windows Administrator common services such as IIS / Active directory Failover Clustering, Proxy server etc. How can you identify the established number of connections via a simple command in cmd.exe?
1.Count ESTABLISHED TCP connections from Windows Command Line
Here is the answer, simply use netstat native windows command and combine it with find, like that and use the /i (ignores the case of characters when searching the string) /c (count lines containing the string) options
Voila, here are number of established connections, only 1268 that is relatively low. However if you manage Windows servers, and you get some kind of hang ups as part of the monitoring, it is a good idea to setup a script based on this simple command for at least Windows Task Scheduler (the equivallent of Linux's crond service) to log for Peaks in Established connections to see whether Server crashes are not related to High Rise in established connections. Even better if company uses Zabbix / Nagios, OpenNMS or other old legacy monitoring stuff like Joschyd even as of today 2024 used in some big of the TOP IT companies such as SAP (they were still using it about 4 years ago for their SAP HANA Cloud), you can set the script to run and do a Monitoring template or Alerting rules to draw you graphs and Trigger Alerts if your connections hits a peak, then you at least might know your Windows server is under a "Hackers" Denial of Service attack or there is something happening on the network, like Cisco Network Infrastructure Switch flappings or whatever.
2. Few Useful netstat options for the Windows system admin
C:\Windows\System32> netstat -bona
Cmd.exe will lists executable files, local and external IP addresses and ports, and the state in list form. You immediately see which programs have created connections or are listening so that you can find offenders quickly.
b – displays the executable involved in creating the connection. o – displays the owning process ID. n – displays address and port numbers. a – displays all connections and listening ports.
As you can see in the screenshot, by using netstat -bona you get which process has binded to which local address and the Process ID PID of it, that is pretty useful in debugging stuff.
3. Use a Third Party GUI tool to debug more interactively connection issues
If you need to keep an eye in interactive mode, sometimes if there are issues CurrPorts tool can be of a great help
CurrPorts Tool own Description
CurrPorts is network monitoring software that displays the list of all currently opened TCP/IP and UDP ports on your local computer. For each port in the list, information about the process that opened the port is also displayed, including the process name, full path of the process, version information of the process (product name, file description, and so on), the time that the process was created, and the user that created it. In addition, CurrPorts allows you to close unwanted TCP connections, kill the process that opened the ports, and save the TCP/UDP ports information to HTML file , XML file, or to tab-delimited text file. CurrPorts also automatically mark with pink color suspicious TCP/UDP ports owned by unidentified applications (Applications without version information and icons).
Sum it up
What we learned is how to calculate number of established TCP connections from command line, useful for scripting, how you can use netstat to display the process ID and Process name that relates to a used Local / Remote TCP connections, and how eventually you can use this to connect it to some monitoring tool to periodically report High Peaks with TCP established connections (usually an indicator of servere system issues).
If you're into IT industry even if you don't like installing frequently Windows or you're completely Linux / BSD user, you will certainly have a lot of friends which will want help from you to re-install or fix their Windows 7 / 8 / 10 OS. At least this is the case with me every year, I'm kinda of obliged to install fresh windowses on new bought friends or relatives notebooks / desktop PCs.
Of course according to for whom the new Windows OS installed the preferrences of necessery software varies, however more or less there is sort of standard list of Windows Software which is used daily by most of Avarage Computer user, such as:
Antivirus ( Avira Antivirus or AVG or Kaspersky, Nod32, McAffee (however rarely install non-freeware AV, usually only for companies or organizations) )
– (WinDirStat or SpaceSniffer – Tools that can show you which is the biggest files and directory inside a directory tree) – WinGrep (Grep: Grep for Windows) – Everest Home Edition ( Hardware System Information – Shows you what is the PC hardware )
Not to forget a good candidate from the list to install on new fresh windows Installation candidates are:
Winrar
PeaZIP
WinZip
GreenShot (to be able to easily screenshot stuff and save pictures locally and to the cloud)
AnyDesk (non free but very functional alternative to TeamViewer) to be able to remotely access remote PC
TightVNC
ITunes / Spotify (for people who have also iPhone smart phone)
DropBox or pCloud (to have some extra cloud free space)
FBReader (for those reading a lot of books in different formats)
Rufus – Rufus is an efficient and lightweight tool to create bootable USB drives. It helps you to create BIOS or UEFI bootable devices. It helps you to create Windows TO Go drives. It provides support for various disk, format, and partition.
Recuva is a data recovery software for Windows 10 (non free)
EaseUS (for specific backup / restore data purposes but unfortunately (non free)
For designers
Adobe Photoshop
Adobe Illustrator
f.lux – to control brightness of screen and potentially Save your eyes
ImDisk virtual Disk Driver
KeePass / PasswordSafe – to Securely store your passwords
Putty / MobaXterm / SecureCRT / mPutty (for system administrators and programmers that has to deal with Linux / UNIX)
I tend to install on New Windows installs and thus I have more or less systematized the process.
I try to usually stick to free software where possible for each of the above categories as a Free Software enthusiast and luckily nowadays there is a lot of non-priprietary or at least free as in beer software available out there.
For Windows sysadmins or College and other public institutions networks including multiple of Windows Computers which are not inside a domain and also for people in computer repair shops where daily dozens of windows pre-installs or a set of software Automatic updates are necessery make sure to take a look atNinite
As official website introduces Ninite:
Ninite – Install and Update All Your Programs at Once
Of course as Ninite is used by organizations as NASA, Harvard Medical School etc. it is likely the tool might reports your installed list of Windows software and various other Win PC statistical data to Ninite developers and most likely NSA, but this probably doesn't much matter as this is probably by the moment you choose to have installed a Windows OS on your PC.
For Windows System Administrators managing small and middle sized network PCs that are not inside a Domain Controller, Ninite could definitely save hours and at cases even days of boring install and maintainance work. HP Enterprise or HP Inc.Employees or ex-employees would definitely love Ninite, because what Ninite does is pretty much like the well known HP Internal Tool PC COE.
Ninite could also prepare an installer containing multiple applications based on the choice on Ninite's website, so that's also a great thing especially if you need to deploy a different type of Users PCs (Scientific / Gamers / Working etc.)
Perhaps there are also other useful things to install on a new fresh Windows installations, if you're using something I'm missing let me know in comments.
I've accidently stubmled on btop a colorful and interactive ncurses like command line utility to provide you a bunch of information about CPU / memory / disks and processes with nice console graphic in the style of Cubic Player 🙂 Those who love htop and like their consoles to be full of shiny colors, will really appreciate those nice Linux monitoring tool. To install btop on latest current stable Debian bullseyes, you will have to install it via backports, as the regular Debian repositories does not have the tool available out of the box.
To Add backports packages support for your Debian 11:
1. Edit /etc/apt/sources.list and include following repositories
# vim /etc/apt/sources.list
deb http://deb.debian.org/debian bullseye-backports main contrib non-free deb-src http://deb.debian.org/debian bullseye-backports main contrib non-free
2. Update the known repos list to include it
# apt update …
3. Install the btop deb package from backports
# apt-cache show btop|grep -A 20 -i descrip Description-en: Modern and colorful command line resource monitor that shows usage and stats btop is a modern and colorful command line resource monitor that shows usage and stats for processor, memory, disks, network and processes. btop features: – Easy to use, with a game inspired menu system. – Full mouse support, all buttons with a highlighted key is clickable and mouse scroll works in process list and menu boxes. – Fast and responsive UI with UP, DOWN keys process selection. – Function for showing detailed stats for selected process. – Ability to filter processes. – Easy switching between sorting options. – Tree view of processes. – Send any signal to selected process. – UI menu for changing all config file options. – Auto scaling graph for network usage. – Shows IO activity and speeds for disks – Battery meter – Selectable symbols for the graphs – Custom presets – And more… btop is written in C++ and is continuation of bashtop and bpytop. Description-md5: 73df6c70fe01f5bf05cca0e3031c1fe2 Multi-Arch: foreign Homepage: https://github.com/aristocratos/btop Section: utils Priority: optional Filename: pool/main/b/btop/btop_1.2.7-1~bpo11+1_amd64.deb Size: 431500 SHA256: d79e35c420a2ac5dd88ee96305e1ea7997166d365bd2f30e14ef57b556aecb36
# apt install -t bullsye-backports btop –yes …
Once I installed it, I can straight use it except on some of my Linux machines, which were having a strange encoding $LANG defined, those ones spitted some errors like:
root@freak:~# btop ERROR: No UTF-8 locale detected! Use –utf-force argument to force start if you're sure your terminal can handle it.
To work around it simply redefine LANG variable and rerun it
his article may be out of date and may be deleted in the future.
This article explains the migration from the previous service "Snoopy" to "Auditd". Only commands that are executed as a user with root rights should be recorded here.
Uninstall/disable snoopy
Configuration of auditd
Files needed Auditd start/stop script
/etc/init.d/auditd
Rules for monitoring by auditd
/etc/audit/audit.rules
Auditd plugin for syslog service
/etc/audisp/plugins.d/syslog.conf
Edit the /etc/audit/audit.rules file Auditd can be specifically configured to capture and exclude messages. The following list is helpful for excluding certain event entries ("msgtype"):
* 1000 – 1099 are for commanding the audit system * 1100 – 1199 user space trusted application messages * 1200 – 1299 messages internal to the audit daemon * 1300 – 1399 audit event messages * 1400 – 1499 kernel SE Linux use * 1500 – 1599 AppArmor events * 1600 – 1699 kernel crypto events * 1700 – 1799 kernel abnormal records * 1800 – 1999 future kernel use (maybe integrity labels and related events) * 2001 – 2099 unused (kernel) * 2100 – 2199 user space anomaly records * 2200 – 2299 user space actions taken in response to anomalies * 2300 – 2399 user space generated LSPP events * 2400 – 2499 user space crypto events * 2500 – 2999 future user space (maybe integrity labels and related events) Adding the rules
In order for auditd to record the desired events, rules must be defined.
List of rules set up Below is a list and explanation of the rules set up:
-a exclude,always -F msgtype>=2400 -F msgtype<=2499 -a exclude,always -F msgtype=PATH -a exclude,always -F msgtype=CWD -a exclude,always -F msgtype=EOE -a exit,always -F arch=b64 -F auid!=0 -F auid!=4294967295 -S execve -a exit,always -F arch=b32 -F auid!=0 -F auid!=4294967295 -S execve
The first rule excludes crypto events in user space – these include, for example, messages about a user logging in. The second through fourth rules remove the information not necessary for monitoring before it is logged. The fifth and sixth rules capture the commands entered by users moving within an interactive shell. Services etc. executed by the system are therefore not recorded. It should be noted here that a separate rule must be created for systems that contain both 32- and 64-bit commands and libraries.
Rule syntax
In general, it makes sense to keep the number of existing rules low in order to reduce the load. Therefore, if possible, several rule fields (-F option) should be combined in one rule. Since Auditd obviously has a problem with multiple event entries that are defined in plain text, these have been created in individual rules. The syntax description of the individual rules is given in the next listing:
-a contains the instructions The action value "exclude" and the list value "always" are specified for rules that should not lead to any log entry The action values "exit" and "always" have been specified for rules that should lead to a log entry "exit" stands for a log entry after the command has been executed -F defines a rules field Depending on the application, the rules defined here filter by event entry ("msgtype"), architecture ("arch") and login UID ("auid"). -S stands for the syscall. In the rules that should lead to a log entry, the value "execve" is monitored – i.e. when commands are executed.
Redirect to syslog
Within the file /etc/audisp/plugins.d/syslog.conf the value
active = no on
active = yes set.
restart auditd with the command
/etc/init.d/auditd restart the settings are accepted.
Additional information
The following man pages can be consulted for more information:
With a standard el5 on a new Dell server, it may be necessary to install the Dell Raid driver, otherwise the OMSA always reports an error and hardware monitoring is therefore obsolete:
Previously, the megaraid_sys package was now called mptlinux
For this we need the following packages in advance:
# yum install gcc kernel-devel Now the driver stuff:
# yum install dkms mptlinux That should have built the new module, better test it:
# modinfo mptsas
# dkms status After a kernel update it may be necessary to build the driver for the new version:
Here is the scenario, lets say you have on your daily task list two Hypervisor (HV) hosts running CentOS or RHEL Linux with KVM or Virutozzo technology and inside the HV hosts you have configured at least 2 pairs of virtual machines one residing on HV Host 1 and one residing on HV Host 2 and you need to constantly keep the hosts to the latest distribution major release security patchset.
The Virtual Machines has been running another set of Redhat Linux or CentOS configured to work in a High Availability Cluster running Haproxy / Apache / Postfix or any other kind of HA solution on top of corosync / keepalived or whatever application cluster scripts Free or Open Source technology that supports a switch between clustered Application nodes.
The logical question comes how to keep up the CentOS / RHEL Machines uptodate without interfering with the operations of the Applications running on the cluster?
Assuming that the 2 or more machines are configured to run in Active / Passive App member mode, e.g. one machine is Active at any time and the other is always Passive, a switch is possible between the Active and Passive node.
In this article I'll give a simple step by step tested example on how you I succeeded to update (for security reasons) up to the latest available Distribution major release patchset on one by one first the Clustered App on Virtual Machines 1 and VM2 on Linux Hypervisor Host 1. Then the App cluster VM 1 / VM 2 on Hypervisor Host 2. And finally update the Hypervisor1 (after moving the Active resources from it to Hypervisor2) and updating the Hypervisor2 after moving the App running resources back on HV1. I know the procedure is a bit monotonic but it tries to go through everything step by step to try to mitigate any possible problems. In case of failure of some rpm dependencies during yum / dnf tool updates you can always revert to backups so in anyways don't forget to have a fully functional backup of each of the HV hosts and the VMs somewhere on a separate machine before proceeding further, any possible failures due to following my aritcle literally is your responsibility 🙂
0. Check situation before the update on HVs / get VM IDs etc.
Check the virsion of each of the machines to be updated both Hypervisor and Hosted VMs, on each machine run:
# cat /etc/redhat-release CentOS Linux release 7.9.2009 (Core)
The machine setup I'll be dealing with is as follows:
To check what is yours check out with virsh cmd –if on KVM or with prlctl if using Virutozzo, you should get something like:
[root@hypervisor-host2 ~]# virsh list Id Name State —————————————————- 1 vm-host1 running 2 virt-mach-centos2running
# virsh list –all
[root@hypervisor-host1 ~]# virsh list Id Name State —————————————————- 1 vm-host2running 3 virt-mach-centos1running
[root@hypervisor-host1 ~]# prlctl list UUID STATUS IP_ADDR T NAME {dc37c201-08c9-589d-aa20-9386d63ce3f3} running – VM virt-mach-centos1 {76e8a5f8-caa8-5442-830e-aa4bfe8d42d9} running – VM vm-host2 [root@hypervisor-host1 ~]#
If you have stopped VMs with Virtuozzo to list the stopped ones as well.
# prlctl list -a
[root@hypervisor-host2 74a7bbe8-9245-5385-ac0d-d10299100789]# vzlist -a CTID NPROC STATUS IP_ADDR HOSTNAME [root@hypervisor-host2 74a7bbe8-9245-5385-ac0d-d10299100789]# prlctl list UUID STATUS IP_ADDR T NAME {92075803-a4ce-5ec0-a3d8-9ee83d85fc76} running – VM virt-mach-centos2 {74a7bbe8-9245-5385-ac0d-d10299100789} running – VM vm-host1
# prlctl list -a
If due to Virtuozzo version above command does not return you can manually check in the VM located folder, VM ID etc.
Another thing to do before proceeding with update is to check and tune if needed the amount of CentOS repositories used, before doing anything with yum.
1. Dump VM definition XMs (to have it in case if it gets wiped during update)
There is always a possibility that something will fail during the update and you might be unable to restore back to the old version of the Virtual Machine due to some config misconfigurations or whatever thus a very good idea, before proceeding to modify the working VMs is to use KVM's virsh and dump the exact set of XML configuration that makes the VM roll properly.
To do so: Check a little bit up in the article how we have listed the IDs that are part of the directory containing the VM.
[root@hypervisor-host1 ]# virsh dumpxml (Id of VM virt-mach-centos1 ) > /root/virt-mach-centos1_config_bak.xml [root@hypervisor-host2 ]# virsh dumpxml (Id of VM virt-mach-centos2) > /root/virt-mach-centos2_config_bak.xml
2. Set on standby virt-mach-centos1 (virt-mach-centos1)
As I'm upgrading two machines that are configured to run an haproxy corosync cluster, before proceeding to update the active host, we have to switch off the proxied traffic from node1 to node2, – e.g. standby the active node, so the cluster can move up the traffic to other available node.
If you're using package locking to prevent some other colleague to not accidently upgrade the machine (if multiple sysadmins are managing the host), you might use the RPM package locking meachanism, if that is used check RPM packs that are locked and release the locking.
+ List actual list of locked packages
[root@hypervisor-host1 ]# yum versionlock list … ….. 0:libtalloc-2.1.16-1.el7.* 0:libedit-3.0-12.20121213cvs.el7.* 0:p11-kit-trust-0.23.5-3.el7.* 1:quota-nls-4.01-19.el7.* 0:perl-Exporter-5.68-3.el7.* 0:sudo-1.8.23-9.el7.* 0:libxslt-1.1.28-5.el7.* versionlock list done
For some clarity if something goes wrong, it is really a good idea to make a dump of the basic packages installed before the RPM package update is initiated, The exact versoin of RHEL or CentOS as well as the list of locked packages, if locking is used.
Enter virt-mach-centos1 (ssh virt-mach-centos1) and run following cmds:
Clear any previous RPM packages – careful with that as you might want to keep the old RPMs, if unsure comment out below line
# yum clean all |tee /root/logs/yumcleanall-$(hostname)-$(date '+%Y-%m-%d_%H-%M-%S').out
Proceed with the update and monitor closely the output of commands and log out everything inside files using a small script that you should place under /root/status the script is given at the end of the aritcle.:
18. Check if everything is running fine after upgrade
Reboot VM
# shutdown -r now
Check hypervisor-host1 all VMs run as expected
19. Check if everything is running fine after upgrade
Reboot VM
# shutdown -r now
Check hypervisor-host2 all VMs run as expected afterwards
20. Check once more VMs and haproxy or any other contained services in VMs run as expected
Login to hosts and check processes and logs for errors etc.
21. Haproxy Unstandby virt-mach-centos1
Assuming that the virt-mach-centos1 and virt-mach-centos2 are running a Haproxy / corosync cluster you can try to standby node1 and check the result hopefully all should be fine and traffic should come to host node2.
[root@hypervisor-host2 ~]# cat /etc/redhat-release CentOS Linux release 7.8.2003 (Core)
Other useful hints
[root@hypervisor-host1 ~]# virsh console dc37c201-08c9-489d-aa20-9386d63ce3f3 Connected to domain virt-mach-centos1 ..
! Compare packages count before the upgrade on each of the supposable identical VMs and HVs – if there is difference in package count review what kind of packages are different and try to make the machines to look as identical as possible !
Packages to update on hypervisor-host1 Count: XXX Packages to update on hypervisor-host2 Count: XXX Packages to update virt-mach-centos1 Count: – 254 Packages to update virt-mach-centos2 Count: – 249
That's all folks, once going through the article, after some 2 hours of efforts or so you should have an up2date machines. Any problems faced or feedback is mostly welcome as this might help others who have the same setup.
I have recently upgraded a number of machines from Debian 10 Buster to Debian 11 Bullseye. The update as always has some issues on some machines, such as problem with package dependencies, changing a number of external package repositories etc. to match che Bullseye deb packages. On some machines the update was less painful on others but the overall line was that most of the machines after the update ended up with one or more failed systemd services. It could be that some of the machines has already had this failed services present and I never checked them from the previous time update from Debian 9 -> Debian 10 or just some mess I've left behind in the hurry when doing software installation in the past. This doesn't matter anyways the fact was that I had to deal to a number of systemctl services which I managed to track by the Failed service mesage on system boot on one of the physical machines and on the OpenXen VTY Console the rest of Virtual Machines after update had some Failed messages. Thus I've spend some good amount of time like an overall of a day or two fixing strange failed services. This is how this small article was born in attempt to help sysadmins or any home Linux desktop users, who has updated his Debian Linux / Ubuntu or any other deb based distribution but due to the chaotic nature of Linux has ended with same strange Failed services and look for a way to find the source of the failures and get rid of the problems. Systemd is a very complicated system and in my many sysadmin opinion it makes more problems than it solves, but okay for today's people's megalomania mindset it matches well.
1. Check the journal for errors, running service irregularities and so on
First thing to do to track for errors, right after the update is to take some minutes and closely check,, the journalctl for any strange errors, even on well maintained Unix machines, this journal log would bring you to a problem that is not fatal but still some process or stuff is malfunctioning in the background that you would like to solve:
root@pcfreak:~# journalctl -x Jan 10 10:10:01 pcfreak CRON[17887]: pam_unix(cron:session): session closed for user root Jan 10 10:10:01 pcfreak audit[17887]: USER_END pid=17887 uid=0 auid=0 ses=340858 subj==unconfined msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_env,pam_permit> Jan 10 10:10:01 pcfreak audit[17888]: CRED_DISP pid=17888 uid=0 auid=0 ses=340860 subj==unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/sbin/cron" > Jan 10 10:10:01 pcfreak CRON[17888]: pam_unix(cron:session): session closed for user root Jan 10 10:10:01 pcfreak audit[17888]: USER_END pid=17888 uid=0 auid=0 ses=340860 subj==unconfined msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_env,pam_permit> Jan 10 10:10:01 pcfreak audit[17884]: CRED_DISP pid=17884 uid=0 auid=0 ses=340855 subj==unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/sbin/cron" > Jan 10 10:10:01 pcfreak CRON[17884]: pam_unix(cron:session): session closed for user root Jan 10 10:10:01 pcfreak audit[17884]: USER_END pid=17884 uid=0 auid=0 ses=340855 subj==unconfined msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_env,pam_permit> Jan 10 10:10:01 pcfreak audit[17886]: CRED_DISP pid=17886 uid=0 auid=33 ses=340859 subj==unconfined msg='op=PAM:setcred grantors=pam_permit acct="www-data" exe="/usr/sbin/c> Jan 10 10:10:01 pcfreak CRON[17886]: pam_unix(cron:session): session closed for user www-data Jan 10 10:10:01 pcfreak audit[17886]: USER_END pid=17886 uid=0 auid=33 ses=340859 subj==unconfined msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_env,pam_permi> Jan 10 10:10:08 pcfreak NetworkManager[696]: [1641802208.0899] device (eth1): carrier: link connected Jan 10 10:10:08 pcfreak kernel: r8169 0000:03:00.0 eth1: Link is Up – 100Mbps/Full – flow control rx/tx Jan 10 10:10:08 pcfreak kernel: r8169 0000:03:00.0 eth1: Link is Down Jan 10 10:10:19 pcfreak NetworkManager[696]: [1641802219.7920] device (eth1): carrier: link connected Jan 10 10:10:19 pcfreak kernel: r8169 0000:03:00.0 eth1: Link is Up – 100Mbps/Full – flow control rx/tx Jan 10 10:10:20 pcfreak kernel: r8169 0000:03:00.0 eth1: Link is Down Jan 10 10:10:22 pcfreak NetworkManager[696]: [1641802222.2772] device (eth1): carrier: link connected Jan 10 10:10:22 pcfreak kernel: r8169 0000:03:00.0 eth1: Link is Up – 100Mbps/Full – flow control rx/tx Jan 10 10:10:23 pcfreak kernel: r8169 0000:03:00.0 eth1: Link is Down Jan 10 10:10:33 pcfreak sshd[18142]: Unable to negotiate with 66.212.17.162 port 19255: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diff> Jan 10 10:10:41 pcfreak NetworkManager[696]: [1641802241.0186] device (eth1): carrier: link connected Jan 10 10:10:41 pcfreak kernel: r8169 0000:03:00.0 eth1: Link is Up – 100Mbps/Full – flow control rx/tx
If you want to only check latest journal log messages use the -x -e (pager catalog) opts
root@pcfreak;~# journalctl -xe … Feb 25 13:08:29 pcfreak audit[2284920]: USER_LOGIN pid=2284920 uid=0 auid=4294967295 ses=4294967295 subj==unconfined msg='op=login acct=28696E76616C> Feb 25 13:08:29 pcfreak sshd[2284920]: Received disconnect from 177.87.57.145 port 40927:11: Bye Bye [preauth] Feb 25 13:08:29 pcfreak sshd[2284920]: Disconnected from invalid user ubuntuuser 177.87.57.145 port 40927 [preauth]
Next thing to after the update was to get a list of failed service only.
2. List all systemd failed check services which was supposed to be running
LOAD = Reflects whether the unit definition was properly loaded. ACTIVE = The high-level unit activation state, i.e. generalization of SUB. SUB = The low-level unit activation state, values depend on unit type. 7 loaded units listed.
3. List all running systemd services for a better overview on what's going on on machine
To get a list of all properly systemd loaded services you can use –state running.
hipo@jeremiah:~$ systemctl list-units –state running|head -n 10 UNIT LOAD ACTIVE SUB DESCRIPTION proc-sys-fs-binfmt_misc.automount loaded active running Arbitrary Executable File Formats File System Automount Point cups.path loaded active running CUPS Scheduler init.scope loaded active running System and Service Manager session-2.scope loaded active running Session 2 of user hipo accounts-daemon.service loaded active running Accounts Service anydesk.service loaded active running AnyDesk apache-htcacheclean.service loaded active running Disk Cache Cleaning Daemon for Apache HTTP Server apache2.service loaded active running The Apache HTTP Server avahi-daemon.service loaded active running Avahi mDNS/DNS-SD Stack
It is useful thing is to list all unit-files configured in systemd and their state, you can do it with:
root@pcfreak:~# systemctl list-units –type service –all UNIT LOAD ACTIVE SUB DESCRIPTION accounts-daemon.service loaded inactive dead Accounts Service acct.service loaded active exited Kernel process accounting ● alsa-restore.service not-found inactive dead alsa-restore.service ● alsa-state.service not-found inactive dead alsa-state.service apache2.service loaded active running The Apache HTTP Server ● apparmor.service not-found inactive dead apparmor.service apt-daily-upgrade.service loaded inactive dead Daily apt upgrade and clean activities apt-daily.service loaded inactive dead Daily apt download activities atd.service loaded active running Deferred execution scheduler auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS avahi-daemon.service loaded active running Avahi mDNS/DNS-SD Stack certbot.service loaded inactive dead Certbot clamav-daemon.service loaded active running Clam AntiVirus userspace daemon clamav-freshclam.service loaded active running ClamAV virus database updater ..
4. Finding out more on why a systemd configured service has failed
Usually getting info about failed systemd service is done with systemctl status servicename.service However, in case of troubles with service unable to start to get more info about why a service has failed with (-l) or (–full) options
Feb 25 00:00:06 pcfreak logrotate[2045577]: 2022/02/25 00:00:06| WARNING: For now we will assume you meant to write /32 Feb 25 00:00:06 pcfreak logrotate[2045577]: 2022/02/25 00:00:06| ERROR: '0.0.0.0/0.0.0.0' needs to be replaced by the term 'all'. Feb 25 00:00:06 pcfreak logrotate[2045577]: 2022/02/25 00:00:06| SECURITY NOTICE: Overriding config setting. Using 'all' instead. Feb 25 00:00:06 pcfreak logrotate[2045577]: 2022/02/25 00:00:06| WARNING: (B) '::/0' is a subnetwork of (A) '::/0' Feb 25 00:00:06 pcfreak logrotate[2045577]: 2022/02/25 00:00:06| WARNING: because of this '::/0' is ignored to keep splay tree searching predictable Feb 25 00:00:06 pcfreak logrotate[2045577]: 2022/02/25 00:00:06| WARNING: You should probably remove '::/0' from the ACL named 'all' Feb 25 00:00:06 pcfreak systemd[1]: logrotate.service: Main process exited, code=exited, status=1/FAILURE Feb 25 00:00:06 pcfreak systemd[1]: logrotate.service: Failed with result 'exit-code'. Feb 25 00:00:06 pcfreak systemd[1]: Failed to start Rotate log files. Feb 25 00:00:06 pcfreak systemd[1]: logrotate.service: Consumed 2.479s CPU time.
systemctl -l however is providing only the last log from message a started / stopped or whatever status service has generated. Sometimes systemctl -l servicename.service is showing incomplete the splitted error message as there is a limitation of line numbers on the console, see below
Feb 25 09:28:33 pcfrxen certbot[290017]: The error was: PluginError('An authentication script must be provided with –manual-auth-hook when using th> Feb 25 09:28:33 pcfrxen certbot[290017]: All renewals failed. The following certificates could not be renewed: Feb 25 09:28:33 pcfrxen certbot[290017]: /etc/letsencrypt/live/mail.pcfreak.org-0003/fullchain.pem (failure) Feb 25 09:28:33 pcfrxen certbot[290017]: /etc/letsencrypt/live/www.eforia.bg-0005/fullchain.pem (failure) Feb 25 09:28:33 pcfrxen certbot[290017]: /etc/letsencrypt/live/zabbix.pc-freak.net/fullchain.pem (failure) Feb 25 09:28:33 pcfrxen certbot[290017]: 3 renew failure(s), 5 parse failure(s) Feb 25 09:28:33 pcfrxen systemd[1]: certbot.service: Main process exited, code=exited, status=1/FAILURE Feb 25 09:28:33 pcfrxen systemd[1]: certbot.service: Failed with result 'exit-code'. Feb 25 09:28:33 pcfrxen systemd[1]: Failed to start Certbot. Feb 25 09:28:33 pcfrxen systemd[1]: certbot.service: Consumed 9.771s CPU time.
5. Get a complete log of journal to make sure everything configured on server host runs as it should
Thus to get more complete list of the message and be able to later google and look if has come with a solution on the internet use:
root@pcfrxen:~# journalctl –catalog –unit=certbot
— Journal begins at Sat 2022-01-22 21:14:05 EET, ends at Fri 2022-02-25 13:32:01 EET. — Jan 23 09:58:18 pcfrxen systemd[1]: Starting Certbot… ░░ Subject: A start job for unit certbot.service has begun execution ░░ Defined-By: systemd ░░ Support: https://www.debian.org/support ░░ ░░ A start job for unit certbot.service has begun execution. ░░ ░░ The job identifier is 5754. Jan 23 09:58:20 pcfrxen certbot[124996]: Traceback (most recent call last): Jan 23 09:58:20 pcfrxen certbot[124996]: File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 71, in _reconstitute Jan 23 09:58:20 pcfrxen certbot[124996]: renewal_candidate = storage.RenewableCert(full_path, config) Jan 23 09:58:20 pcfrxen certbot[124996]: File "/usr/lib/python3/dist-packages/certbot/_internal/storage.py", line 471, in __init__ Jan 23 09:58:20 pcfrxen certbot[124996]: self._check_symlinks() Jan 23 09:58:20 pcfrxen certbot[124996]: File "/usr/lib/python3/dist-packages/certbot/_internal/storage.py", line 537, in _check_symlinks
root@server:~# journalctl –catalog –unit=certbot|grep -i pluginerror|tail -1 Feb 25 09:28:33 pcfrxen certbot[290017]: The error was: PluginError('An authentication script must be provided with –manual-auth-hook when using the manual plugin non-interactively.')
Or if you want to list and read only the last messages in the journal log regarding a service
And you want to clear up any failed service information that is kept in the systemctl service log you can do it with:
root@rhel:~# systemctl reset-failed
Another useful systemctl option is cat, you can use it to easily list a service it is useful to quickly check what is a service, an actual shortcut to save you from giving a full path to the service e.g. cat /lib/systemd/system/certbot.service
After failed SystemD services are fixed, it is best to reboot the machine and check put some more time to inspect rawly the complete journal log to make sure, no error was left behind.
Closure
As you can see updating a machine from a major to a major version even if you follow the official documentation and you have plenty of experience is always more or a less a pain in the ass, which can eat up much of your time banging your head solving problems with failed daemons issues with /etc/rc.local (which I have faced becase of #/bin/sh -e (which would make /etc/rc.local) to immediately quit if any error from command $? returns different from 0 etc.. The logical questions comes then; 1. Is it really worthy to update at all regularly, especially if you don't know of a famous major Vulnerability 🙂 ? 2. Or is it worthy to update from OS major release to OS major release at all? 3. Or should you only try to patch the service that is exposed to an external reachable computer network or the internet only and still the the same OS release until End of Life (LTS = Long Term Support) as called in Debian or End Of Life (EOL) Cycle as called in RPM based distros the period until the OS major release your software distro has official security patches is reached.
Anyone could take any approach but for my own managed systems small network at home my practice was always to try to keep up2date everything every 3 or 6 months maximum. This has caused me multiple days of irritation and stress and perhaps many white hairs and spend nerves on shit.
4. Based on the company where I'm employed the better strategy is to patch to the EOL is still offered and keep the rule First Things First (FTF), once the EOL is reached, just make a copy of all servers data and configuration to external Data storage, bring up a new Physical or VM and migrate the services. Test after the migration all works as expected if all is as it should be change the DNS records or Leading Infrastructure Proxies whatever to point to the new service and that's it! Yes it is true that migration based on a full OS reinstall is more time consuming and requires much more planning, but usually the result is much more expected, plus it is much less stressful for the guy doing the job.
If you have a bunch of servers that needs to have a tight security with multiple Local users superuser accounts that change over time and you need to frequently keep an have a long over time if some new system UNIX local users in /etc/passwd /etc/group has been added deleted e.g. the /etc/passwd /etc/group then you might have the task to have some primitive monitoring set and the most primitive I can think of is simply routinely log users list for historical purposes to a common mailbox over time (lets say 4 times a month or even more frequently) you might send with a simple cron job a list of all existing admin authorized users to a logging sysadmin mailbox like lets say:
Local-unix-users@yourcompanydomain.com
A remark to make here is the common sysadmin practice scenario to have local existing non-ldap admin users group members of whom are authorized to use sudo su – root via /etc/sudoers is described in my previous article how to add local users to admin group superuser access via sudo I thus have been managing already a number of servers that have user setup using the above explained admin group.
Thus to have the monitoring at place I've developed a tiny shell script that does check all users belonging to the predefined user group dumps it to .csv format that starts with a simple timestamp on when user admin list was made and sends it to a predefined email address as well as logs sent mail content for further reference in a local directory.
The task is a relatively easy but since nowadays the level of competency of system administration across youngsters is declinging -that's of course in my humble opinion (just like it happens in every other profession), below is the developed list-admin-users.sh
#!/bin/bash # dump all users belonging to a predefined admin user / group in csv format # with a day / month year timestamp and mail it to a predefined admin # monitoring address TO_ADDRESS="Local-unix-users@yourcompanydomain.com"; HOSTN=$(hostname); # root@server:/# grep -i 1000 /etc/passwd # username:x:username:1000:username,,,:/home/username:/bin/bash # username1:x:username1:1000:username1,,,:/home/username1:/bin/bash # username5:x:username1:1000:username5,,,:/home/username5:/bin/bash
To make the script report you will have to place it somewhere for example in /usr/local/bin/list-admin-users.sh , create its log dir location /var/log/userlist-log-dir/ and set proper executable and user/group script and directory permissions to it to be only readable for root user.
To make the script generate its admin user reports and send it to the central mailbox a couple of times in the month early in the morning (assuming you have a properly running postfix / qmail / sendmail … smtp), as a last step you need to set a cron job to routinely invoke the script as root user.