Writing to a disk even when df says zero available space

Just a quick note to remind myself: There’s a gap between the size of a disk, the used space and the available space. It’s quite well-known that a certain percentage of the disk (that’s 200 GB on a 3.6 TB backup disk) is saved for root-only writes. So the reminder is: No problem filling the [...]

Root over NFS remains read only with Linux v5.7

Upgrading the kernel should be quick and painless… After upgrading the kernel from v5.3 to 5.7, a lot of systemd services failed (Debian 8), in particular systemd-remount-fs: ● systemd-remount-fs.service – Remount Root and Kernel File Systems Loaded: loaded (/lib/systemd/system/systemd-remount-fs.service; static) Active: failed (Result: exit-code) since Sun 2020-07-26 15:28:15 IDT; 17min ago Docs: man:systemd-remount-fs.service(8) http://www.freedesktop.org/wiki/Software/systemd/APIFileSystems Process: [...]

Turning off DSN on sendmail to prevent backscatter

I sent that? One morning, I got a bounce message from my own mail sendmail server, saying that it failed to deliver a message I never sent. That’s red alert. It means that someone managed to provoke my mail server to send an outbound message. It’s red alert, because my mail server effectively relays spam [...]

When umount says target is busy, but no process can be blamed

A short one: What to do if unmount is impossible with a # umount /path/to/mount umount: /path/to/mount: target is busy but grepping the output of lsof for the said path yields nothing. In other words, the mount is busy, but no process can be blamed for accessing it (even as a home directory). If this [...]

Firejail: Putting a program in its own little container

Introduction Firejail is a lightweight security utility which ties the hands of running processes, somewhat like Apparmor and SELinux. However it takes the mission towards Linux kernel’s cgroups and namespaces. It’s in fact a bit of a container-style virtualization utility, which creates sandboxes for running specific programs: Instead of a container for an entire operating [...]

Microsoft’s outlook.com servers and the art of delivering mails to them

Introduction Still in 2020, it seems like Microsoft lives up to its reputation: Being arrogant, thinking that anyone in business must be a huge corporate, and in particular ending up completely ridiculous. Microsoft’s mail servers, which accept on behalf of Hotmail, MSN, Office 365, Outlook.com, or Live.com users are no exception. This also affects companies [...]

MySQL, OOM killer, overcommitting and other memory related issues

It started with an error message This post is a bit of a coredump of myself attempting to resolve a sudden web server failure. And even more important, understand why it happened (check on that) and try avoiding it from happening in the future (not as lucky there). I’ve noticed that there are many threads [...]

Linux: Command-line utilities for obtaining information

There are many ways to ask a Linux machine how it’s doing. I’ve collected a few of them, mostly for my own reference. I guess I’ll add more items as I run across new ones. General Info inxi -Fxxxz (neat output, but makes the system send me security “password required” alert mails because of attempts [...]

Setting up your own authoritative DNS server jots

What’s this? These are somewhat random jots I made while setting up an authoritative BIND server, so that a simple VPS machine can function standalone. Well, almost standalone, as it takes some help from a slave DNS to supply the second DNS entry. But even if that slave goes away suddenly, the show will go [...]

The art of setting up a sendmail server on Debian 8

But why? Fact number one: Running your own mail server is the most likely cause for messing up, and that can mean an intrusion to the server or just turning it into a public toilet for spam. Nevertheless, if mail delivery is important to you, there’s probably no way around. And I’m not talking about [...]