Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
Methanar
Sep 26, 2013

by the sex ghost

Agrikk posted:

How do I configure an ubuntu server to register its hostname with windows DNS (serverA) when it receives a DHCP address from a different server (serverB)?

I have control over the DNS server but not the DHCP server and these servers are AWS EC2 servers fwiw. Googling is lousy with answers that have DHCP and DNS on the same windows box but it doesn't seem applicable here.

I don't know how you register to a windows DNS server, but you could write a short shell script and place it under dhclient's exit-hooks and register the IP/hostname combo to your preferred server. The exithook script has a bunch of variables populated into it containing the options set within the dhcp response.


https://netbeez.net/blog/linux-dhcp-hooks-network-engineers/
http://manpages.ubuntu.com/manpages/bionic/man8/dhclient-script.8.html

Adbot
ADBOT LOVES YOU

RFC2324
Jun 7, 2012

http 418

Isn't registering to a dns server an active directory thing? If so its probably a samba thing.

SamDabbers
May 26, 2003



Typically you don't want non-domain-joined client machines to be able to update the DNS zone directly, so the DHCP server itself registers the host name the client provides to it with the DNS server using some sort of shared key authentication. Active Directory does streamline the plumbing between the Windows DHCP server and the AD DNS, but a similar setup is relatively straightforward between e.g. BIND and ISC dhcpd.

Edit: this might help OP
https://ephemeralelectrons.wordpres...ows-dns-server/
https://edico.no/tech/windows-dns-secure-dynamic-updates-with-linux-how/

SamDabbers fucked around with this message at 18:07 on Apr 25, 2021

RFC2324
Jun 7, 2012

http 418

SamDabbers posted:

Typically you don't want non-domain-joined client machines to be able to update the DNS zone directly, so the DHCP server itself registers the host name the client provides to it with the DNS server using some sort of shared key authentication. Active Directory does streamline the plumbing between the Windows DHCP server and the AD DNS, but a similar setup is relatively straightforward between e.g. BIND and ISC dhcpd.

Edit: this might help OP
https://ephemeralelectrons.wordpres...ows-dns-server/

Neat! I need to dig further down this rabbit hole

That first bit is why I assumed you would need to join the linux machine to the domain via samba. I've never actually done that, tho, I just know it can be done.

Agrikk
Oct 17, 2003

Take care with that! We have not fully ascertained its function, and the ticking is accelerating.

SamDabbers posted:

Typically you don't want non-domain-joined client machines to be able to update the DNS zone directly, so the DHCP server itself registers the host name the client provides to it with the DNS server using some sort of shared key authentication. Active Directory does streamline the plumbing between the Windows DHCP server and the AD DNS, but a similar setup is relatively straightforward between e.g. BIND and ISC dhcpd.

Edit: this might help OP
https://ephemeralelectrons.wordpres...ows-dns-server/

Thanks for the response. That was an interesting article as it presents three options:

1. Configure DHCP server to perform DNS registration on behalf of the clients
2. Join the Linux devices to AD domain and configure them to dynamically update
3. Setup a new sub-domain running a dedicated Linux BIND server and configure DNS forwarding on Microsoft DNS server.


A pity I'm looking at option two and the author never explores past the first article. :rolleyes:

Methanar
Sep 26, 2013

by the sex ghost

Agrikk posted:

Thanks for the response. That was an interesting article as it presents three options:

1. Configure DHCP server to perform DNS registration on behalf of the clients
2. Join the Linux devices to AD domain and configure them to dynamically update
3. Setup a new sub-domain running a dedicated Linux BIND server and configure DNS forwarding on Microsoft DNS server.


A pity I'm looking at option two and the author never explores past the first article. :rolleyes:

https://github.com/ajclark/bind-restapi/blob/master/dns.rb

Comedy answer, write a rest API that wraps local powershell commands for creating windows dns records and call that API from your dhclient exit hooks

Methanar fucked around with this message at 18:39 on Apr 25, 2021

RFC2324
Jun 7, 2012

http 418

Methanar posted:

https://github.com/ajclark/bind-restapi/blob/master/dns.rb

Comedy answer, write a rest API that wraps local powershell commands for creating windows dns records and call that API from your dhclient exit hooks

please don't leak my former employers internal technologies

xzzy
Mar 5, 2009

Maybe fire up your own dhcp server with no address pool, parse out the requested host name, then register that in the DNS you control. It could even be a tcpdump process as it will decode dhcp packets into greppable output.

This probably has a bunch of pitfalls and a few trivial exploits, but technically it's possible. :v:

RFC2324
Jun 7, 2012

http 418

xzzy posted:

This probably has a bunch of pitfalls and a few trivial exploits, but technically it's possible. :v:

The Linux Way

rufius
Feb 27, 2011

Clear alcohols are for rich women on diets.

xzzy posted:

:words:

This probably has a bunch of pitfalls and a few trivial exploits, but technically it's possible. :v:

RFC2324 posted:

The Linux Way

New thread title?

“The Linux Questions Thread: a bunch of pitfalls, but technically it’s possible”

RFC2324
Jun 7, 2012

http 418

rufius posted:

New thread title?

“The Linux Questions Thread: a bunch of pitfalls, but technically it’s possible”

reported for having a good idea

Varkk
Apr 17, 2004

rufius posted:

New thread title?

“The Linux Questions Thread: a bunch of pitfalls, but technically it’s possible”

Internet Explorer
Jun 1, 2005





I don't know, I heard SCO was back from the dead for round 2021.

Thanks for the new thread title idea and thanks for the report.

RFC2324
Jun 7, 2012

http 418

Internet Explorer posted:

I don't know, I heard SCO was back from the dead for round 2021.

Thanks for the new thread title idea and thanks for the report.

Pretty sure it's the only time you look at this thread. Why else would you?

Internet Explorer
Jun 1, 2005





I actually used that as an opportunity to bookmark it so I could hopefully learn some through osmosis. :eng99:

xzzy
Mar 5, 2009

That's like the 6th thread title I've managed in the past couple years, I'm getting good at typing stupid poo poo that's unintentionally funny.

It feels weird unseating a SCO meme though.

DerekSmartymans
Feb 14, 2005

The
Copacetic
Ascetic

xzzy posted:

That's like the 6th thread title I've managed in the past couple years, I'm getting good at typing stupid poo poo that's unintentionally funny.

It feels weird unseating a SCO meme though.

Funny, yet humble. :thunk:

How is this possible?

RFC2324
Jun 7, 2012

http 418

I smell a trap

DelphiAegis
Jun 21, 2010
So I have a question. I'm using a Debian10 server hosted by AWS' EC2 platform, to give some context. And if this isn't the right place please feel free to tell me I'm an idiot.

I'm trying to setup a Mercurial repository server for a friend and I. However, I'm running headfirst into a wall and since this is my first linux server, I'm probably doing something stupid and not knowing about it. I'm following the general directions here and have setup Apache2 server, installed Python on the server, installed the mercurial package (pretty sure globally, not 100% on how to check) and have tried to get it running via a .wsgi script, but the Apache2 service won't start if I have "WSGIScriptAlias /foo /home/user/webdir/hgweb.wsgi" in the Apache2.conf file. It puts out an "Invalid Command 'WSGIScriptAlias', perhaps misspelled or defined by a module not included in the server configuration' but ScriptAlias is defined, so it's possible I just didn't get a good package, maybe?

Either way I started forging ahead with just the hgweb.cgi instead, and despite doing chown a+x hgweb.cgi and restarting the server, I still get a 403 when attempting to navigate to the directory on the server that I specified in the apache2.conf file.

The end goal of this is just to be able to securely host a repository, using TortoiseHg workbench as a front-end since that's what my friend has been using for a while now, and hasn't had "proper" repository control since bitbucket discontinued support for Mercurial (and he doesn't want to move to git/new repository management option). Since TortoiseHG workbench supports pushing to a url I also tried pushing via http, though from the errors I was getting, my research pointed me to get the script running on the server and accessible to make that viable.

On the upside I've learned a lot about Linux doing all of these things and it's been fun to learn, and I now have opinions on Vi/Nano which helps my nerd cred, but I'm sort of lost and am thinking I'm doing something dumb here.

RFC2324
Jun 7, 2012

http 418

If you check httpd -M do you see the wgsi module? I'm not sure what its called off the top of my head, but it probably has that 4 letter sequence in it.

DelphiAegis
Jun 21, 2010

RFC2324 posted:

If you check httpd -M do you see the wgsi module? I'm not sure what its called off the top of my head, but it probably has that 4 letter sequence in it.

This server doesn't have an httpd; I'm very confused by that.

Though based on that I found /etc/apache2/mods-available section and successfully used a2enmod proxy_uwsgi which did put proxy_uwsgi.load, and doing the same for cgi gave "Your MPM seems to be threaded. Selecting cgid instead of cgi". Restarting after loading both of those still throws a 403 forbidden error.

Even adding this to the apache2.conf file doesn't resolve the 403:

code:
<Directory /foo>
	Order allow,deny
	Allow from all
</Directory>
I can get a default html page to load from /var/www/html/index.html by navigating in a browser to the server's IP, but anywhere besides there isn't navigable for some reason and I'm probably dumb.

DelphiAegis fucked around with this message at 18:48 on Apr 28, 2021

RFC2324
Jun 7, 2012

http 418

DelphiAegis posted:

This server doesn't have an httpd; I'm very confused by that.

Though based on that I found /etc/apache2/mods-available section and successfully used a2enmod proxy_uwsgi which did put proxy_uwsgi.load, and doing the same for cgi gave "Your MPM seems to be threaded. Selecting cgid instead of cgi". Restarting after loading both of those still throws a 403 forbidden error.

Even adding this to the apache2.conf file doesn't resolve the 403:

code:
<Directory /foo>
	Order allow,deny
	Allow from all
</Directory>
I can get a default html page to load from /var/www/html/index.html by navigating in a browser to the server's IP, but anywhere besides there isn't navigable for some reason and I'm probably dumb.

https://tecadmin.net/install-apache-with-python-mod-wsgi-on-debian-10/

this may help. the step by step nature of it may make it more clear where wgsi is failing, assuming you are using mod_wgsi

tbh my experience with linux is that the real skill comes from googling 15 different almost accurate guides up and following them in a random way til it works, and this is sounding like one of those projects

DelphiAegis
Jun 21, 2010

RFC2324 posted:

https://tecadmin.net/install-apache-with-python-mod-wsgi-on-debian-10/

this may help. the step by step nature of it may make it more clear where wgsi is failing, assuming you are using mod_wgsi

tbh my experience with linux is that the real skill comes from googling 15 different almost accurate guides up and following them in a random way til it works, and this is sounding like one of those projects

Definitely is that type of project, yes. Both the steps in that link were an issue (I didn't properly install wsgi before) and I apparently didn't properly install mercurial either, even though I thought I did. At least, running python didn't throw an error when I did 'import mercurial' so it was probably part of the python package I got, but not specifically installed itself.

Though now the server itself being up is one step, the next is getting TortoiseHg to work with it. Thanks for the help though. :)

Edit: Now I can't even push over http using Tortoise despite specifying in the settings to not use SSL (as a test, to ensure I could). I don't want to learn about certificate chains. :(

DelphiAegis fucked around with this message at 22:11 on Apr 28, 2021

hbag
Feb 13, 2021

alright so im trying to get my plex server to run outside my vpn so i can get remote access set up properly
unfortunately the systemd service for plex was concieved by a loving meth fiend so i cant figure out how to go about overriding it
just loving LOOK at this, man

code:
[Unit]
Description=Plex Media Server
After=network.target network-online.target

[Service]
Environment="PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR=/var/lib/plexmediaserver/Library/Application Support"
Environment=PLEX_MEDIA_SERVER_HOME=/usr/lib/plexmediaserver
Environment=PLEX_MEDIA_SERVER_MAX_PLUGIN_PROCS=6
ExecStartPre=/bin/sh -c '/usr/bin/test -d "${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR}" || /bin/mkdir -p "${PLEX_MEDIA_SERVER_APPLICATION
_SUPPORT_DIR}"'
ExecStart=/bin/sh -c '\
export PLEX_MEDIA_SERVER_INFO_VENDOR="$(grep ^NAME= /etc/os-release | awk -F= "{print \\$2}" | tr -d \\" )"; \
export PLEX_MEDIA_SERVER_INFO_DEVICE="PC"; \
export PLEX_MEDIA_SERVER_INFO_MODEL="$(uname -m)"; \
export PLEX_MEDIA_SERVER_INFO_PLATFORM_VERSION="$(grep ^VERSION= /etc/os-release | awk -F= "{print \\$2}" | tr -d \\" )"; \  
export LD_LIBRARY_PATH=/usr/lib/plexmediaserver/lib; \
exec "/usr/lib/plexmediaserver/Plex Media Server"'
Type=simple
User=plex
Group=plex
Restart=on-failure
RestartSec=5
StartLimitInterval=60s
StartLimitBurst=3
SyslogIdentifier=Plex Media Server
StandardOutput=journal
StandardError=journal

[Install]
WantedBy=multi-user.target
i have a script, novpn.sh that will run whatever command (singular) is given as an argument outside the vpn
so im thinking writing a bash script for novpn to run? but then what goes in the script?

hbag fucked around with this message at 23:50 on Apr 28, 2021

bagual
Oct 29, 2010

inconspicuous
i'd try something like this

quote:

exec "/path/to/novpn.sh /usr/lib/plexmediaserver/Plex Media Server"'

whatever is in exec is what's actually running so you can also make a sh specifically for running plex without the vpn and plug it in there

Methanar
Sep 26, 2013

by the sex ghost

hbag posted:

alright so im trying to get my plex server to run outside my vpn so i can get remote access set up properly
unfortunately the systemd service for plex was concieved by a loving meth fiend so i cant figure out how to go about overriding it
just loving LOOK at this, man

i have a script, novpn.sh that will run whatever command (singular) is given as an argument outside the vpn
so im thinking writing a bash script for novpn to run? but then what goes in the script?

This might work
code:
./novpn.sh plex.sh&

where plex.sh

#!/bin/bash

export "PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR=/var/lib/plexmediaserver/Library/Application Support"
export PLEX_MEDIA_SERVER_HOME=/usr/lib/plexmediaserver
export PLEX_MEDIA_SERVER_MAX_PLUGIN_PROCS=6

/bin/sh -c '/usr/bin/test -d "${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR}" || /bin/mkdir -p "${PLEX_MEDIA_SERVER_APPLICATION
_SUPPORT_DIR}"'

/bin/sh -c '\
export PLEX_MEDIA_SERVER_INFO_VENDOR="$(grep ^NAME= /etc/os-release | awk -F= "{print \\$2}" | tr -d \" )"; \
export PLEX_MEDIA_SERVER_INFO_DEVICE="PC"; \
export PLEX_MEDIA_SERVER_INFO_MODEL="$(uname -m)"; \
export PLEX_MEDIA_SERVER_INFO_PLATFORM_VERSION="$(grep ^VERSION= /etc/os-release | awk -F= "{print \\$2}" | tr -d \" )"; \  
export LD_LIBRARY_PATH=/usr/lib/plexmediaserver/lib; \
exec "/usr/lib/plexmediaserver/Plex Media Server"'

hbag
Feb 13, 2021

Methanar posted:

This might work
code:
./novpn.sh plex.sh&

where plex.sh

#!/bin/bash

export "PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR=/var/lib/plexmediaserver/Library/Application Support"
export PLEX_MEDIA_SERVER_HOME=/usr/lib/plexmediaserver
export PLEX_MEDIA_SERVER_MAX_PLUGIN_PROCS=6

/bin/sh -c '/usr/bin/test -d "${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR}" || /bin/mkdir -p "${PLEX_MEDIA_SERVER_APPLICATION
_SUPPORT_DIR}"'

/bin/sh -c '\
export PLEX_MEDIA_SERVER_INFO_VENDOR="$(grep ^NAME= /etc/os-release | awk -F= "{print \\$2}" | tr -d \" )"; \
export PLEX_MEDIA_SERVER_INFO_DEVICE="PC"; \
export PLEX_MEDIA_SERVER_INFO_MODEL="$(uname -m)"; \
export PLEX_MEDIA_SERVER_INFO_PLATFORM_VERSION="$(grep ^VERSION= /etc/os-release | awk -F= "{print \\$2}" | tr -d \" )"; \  
export LD_LIBRARY_PATH=/usr/lib/plexmediaserver/lib; \
exec "/usr/lib/plexmediaserver/Plex Media Server"'


ill give this a try in the morning
i should note the systemd service has a big ol comment telling me to make an override rather than editing the file itself so updating my server software doesn't overwrite it

syntax should be the same tho

hbag
Feb 13, 2021

e: doublepost

Mr. Crow
May 22, 2008

Snap City mayor for life

hbag posted:

ill give this a try in the morning
i should note the systemd service has a big ol comment telling me to make an override rather than editing the file itself so updating my server software doesn't overwrite it

syntax should be the same tho

This is pretty trivial with systemd, one of its many excellent features: https://wiki.archlinux.org/index.php/Systemd#Drop-in_files

rufius
Feb 27, 2011

Clear alcohols are for rich women on diets.

Mr. Crow posted:

This is pretty trivial with systemd, one of its many excellent features: https://wiki.archlinux.org/index.php/Systemd#Drop-in_files

“Something something systemd is the devil. You’ll never take my sysv-init scripts. Systemd killed my grandma over milk money.”

Thanks for coming to my TED talk.

PS: yes, from my experience now that we’re past the early adoption phase, systemd is pretty nice.

I still prefer OpenBSD’s init system but that’s not relevant here.

xzzy
Mar 5, 2009

I think systemd overrides are super awesome and I've been using them too much to tweak core system services. It feels better to me, copying the original file out of /lib and putting it in /etc worries me that if the package ever updates I'll miss some change in the unit.

I just wish I could get my group to buy in to the timers too. I think they are infinitely better than cron just because you can type one command and get a dump of every job that is scheduled to run.

xtal
Jan 9, 2011

by Fluffdaddy
Counterpoints:
- your drop in changes might still be incompatible with updates in the main file
- it becomes impossible to look at one file to see what's actually used, necessitating systemctl cat & show

RFC2324
Jun 7, 2012

http 418

xtal posted:

Counterpoints:
- your drop in changes might still be incompatible with updates in the main file
- it becomes impossible to look at one file to see what's actually used, necessitating systemctl cat & show

I would never think to check for a drop-in file when troubleshooting, even tho I really like the idea

like, its just one more thing to overlook when something breaks, and there are already so many places to hide configs nowadays with everything having a conf.d

Mr Shiny Pants
Nov 12, 2012

RFC2324 posted:

I would never think to check for a drop-in file when troubleshooting, even tho I really like the idea

like, its just one more thing to overlook when something breaks, and there are already so many places to hide configs nowadays with everything having a conf.d

This. You have one place to change it, so you have one place to look when it breaks.

xtal
Jan 9, 2011

by Fluffdaddy
It makes no sense that a USB 3.1 port would be recognized as USB 2.0 after a kernel upgrade, right? There must be something else going on? (hardware damage?)

xtal fucked around with this message at 14:32 on May 3, 2021

KozmoNaut
Apr 23, 2008

Happiness is a warm
Turbo Plasma Rifle


I have a PCIe USB-C card in my PC, and plug a hub with type-A ports into that (my PC is old, and only has USB 2.0 built in).

It has happened a couple of times that the xHCI driver doesn't catch it, so it falls back to USB 2.0 speeds. Rebooting or replugging the hub usually does the trick.

hbag
Feb 13, 2021

cant install debian on my Dell G3 3500 because lol of course it has a firmware issue so X cant start
does anyone know where i can get the necessary firmware and then, after that, how tf i can get that poo poo to work on my live USB

yes, i have tried using the "non-free firmware" images on their website. they dont work.

CaptainSarcastic
Jul 6, 2013



hbag posted:

cant install debian on my Dell G3 3500 because lol of course it has a firmware issue so X cant start
does anyone know where i can get the necessary firmware and then, after that, how tf i can get that poo poo to work on my live USB

yes, i have tried using the "non-free firmware" images on their website. they dont work.

If I run into something like that I usually try a different distro and see if it holds true there. Is there a reason the install needs to be Debian?

tjones
May 13, 2005

hbag posted:

cant install debian on my Dell G3 3500 because lol of course it has a firmware issue so X cant start
does anyone know where i can get the necessary firmware and then, after that, how tf i can get that poo poo to work on my live USB

yes, i have tried using the "non-free firmware" images on their website. they dont work.

Debian is old and outdated on purpose. You'll run into issues with the software lagging behind from time to time. It's the nature of the distro.

Have you tried updating to a newer kernel through backports? See here: https://backports.debian.org/

You could also try one of the debian based distro boot environments to see if they perform better. Mint, MX, Deepin, Ubuntu, etc. That might give you an idea of what packages you need to look for in order for your hardware to work.

Adbot
ADBOT LOVES YOU

hbag
Feb 13, 2021

tjones posted:

Debian is old and outdated on purpose. You'll run into issues with the software lagging behind from time to time. It's the nature of the distro.

Have you tried updating to a newer kernel through backports? See here: https://backports.debian.org/

You could also try one of the debian based distro boot environments to see if they perform better. Mint, MX, Deepin, Ubuntu, etc. That might give you an idea of what packages you need to look for in order for your hardware to work.

mint worked fine
apparently its more specifically bitching about the framebuffer because lol

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply