Category Archives: Linux

[Solved] mosquitto log Error: SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt error

Problem description

The following errors occurred in the TLS/SSL of mosquitto during the test today, indicating that the error occurred in the TLS version:

I know that the default tls version of mosquitto_pub and mosquitto_sub is tlsv1.2, however, the version of openssl in my virtual machine is 1.1.1, and the tls_version tlsv1.1 is configured in mosquitto.conf (one-way authentication is configured here, two-way authentication is also (here the configuration is one-way authentication, two-way authentication is also applicable), so there will be tls version error.


Solution:

For C programs of mosquitto library
Use the API mosquitto_tls_set() before attaching mosquitto_tls_opts_set(), this API can set the corresponding tls version of the client, note that the tls version defaults to tlsv1.2.

The code is as follows:

int    rc = -1;

rc = mosquitto_tls_opts_set(mosq, 1, "tlsv1.1", NULL);
if( rc != MOSQ_ERR_SUCCESS )
{
    printf("mosquitto_tls_opts_set failure.\n");
    exit(1);
}

rc = mosquitto_tls_set(mosq, CAFILE, CAPATH, CERTFILE, KEYFILE, NULL);
if( rc != MOSQ_ERR_SUCCESS )
{
    printf("mosquitto_tls_set failure.\n");
    exit(1);
}

On the mosquitto command line

The following is the test of one-way authentication (in case of two-way authentication, add the certificate and key by yourself)

mosquitto_ pub -h 192.168.222.130 -p 8884 -t “hello” -m “hi sub” –tls-version tlsv1. 1 –cafile ./ ca/ca.crt

mosquitto_ sub -h 192.168.222.130 -p 8884 -t “hello” –tls-version tlsv1. 1 –cafile ./ ca/ca.crt

If the problem is solved successfully, it can be connected normally:

[Solved] zookeeper Cluster error: Error: JAVA_HOME is not set and java could not be found in PATH.

zookeeper Cluster error: Error: JAVA_HOME is not set and java could not be found in PATH.

When learning to build a zookeeper cluster, you will often start and stop the zookeeper service and check the service status. Starting one by one is very troublesome. It is very convenient to start through a shell script
when the problem comes, there is no problem when starting the zookeeper service alone. An error will be reported when starting it through a script:

Solution:
in the bin directory under the zookeeper directory, there is a zkEnv.sh file, add your own path of JAVA_HOME in front of the code.

export JAVA_HOME=/opt/module/jdk1.8.0_261

 

[Solved] svn: OPTIONS of ‘https://xxx/svn/xxx’: SSL handshake failed: SSL error: Key usage violation in certificate has been detected.

svn SSL handshake failed: SSL error

Use the SVN server for version management, and suddenly use the version browser to report an error. svn: OPTIONS of ‘ https://xxx/svn/xxx ’: SSL handshake failed: SSL error: Key usage violation in certificate has been detected. (https://xxx), Then you cannot export or import files

 

Solution:

1. My is win2012 32-bit English version system. First modify the registry and add a value
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\VisualSVN\VisualSVN Server] "CreateGnuTLSCompatibleCertificate"=dword:00000001

2. VisualSVN Server Manager

Action -> Properties -> Certificate-> Change certificate, and then go to the next step

if it still doesn’t work, change the login method, check HTTPS and then http. Then log in and you can solve the problem

Error: ENOSPC: no space left on device [How to Solve]

In case of the above error, generally speaking, the server cannot create the file. At this time, we can find the problem from two directions

1. The disk is full of blocks or inodes

1. The disk block is full. Check the command df -h

[[email protected] ~]# df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/vda3        35G   28G  5.6G  83% /
tmpfs           504M     0  504M   0% /dev/shm
/dev/vda1       194M   47M  138M  26% /boot
/dev/vdb1       325G  118G  192G  38% /home/wwwroot/vdb1data

2. Disk inode is full. Check the command df -i

[[email protected] ~]# df -i
Filesystem       Inodes    IUsed   IFree IUse% Mounted on
/dev/vda3       2289280  1628394  660886   72% /
tmpfs            128827        1  128826    1% /dev/shm
/dev/vda1         51200       44   51156    1% /boot
/dev/vdb1      21626880 21626880       0  100% /home/wwwroot/vdb1data

We found after comparison that the disk block occupied 38%, but the inode occupied 100%, it can be imagined that the disk fragmentation of small files are particularly large, we can go to the corresponding disk under the deletion of useless small files to solve the problem; we have to keep the following two ideas, of course, to solve the fundamental problem also need to buy mount more disks to solve;

Idea one: inode is full: delete useless small files as much as possible to release enough inode

Idea two: block full: delete as many useless large files as possible to free up enough blocks

 

2. Error: ENOSPC: no space left on device, watch

node project reactnative Error: Error: ENOSPC: no space left on device, watch

[[email protected] JFReactNativeProject]# npm start
 
> [email protected] start /app/jenkins_workspace/workspace/JFReactNativeProject
> react-native start
 
┌──────────────────────────────────────────────────────────────────────────────┐
│                                                                              │
│  Running Metro Bundler on port 8081.                                         │
│                                                                              │
│  Keep Metro running while developing on any JS projects. Feel free to        │
│  close this tab and run your own Metro instance if you prefer.               │
│                                                                              │
│  https://github.com/facebook/react-native                                    │
│                                                                              │
└──────────────────────────────────────────────────────────────────────────────┘
 
Looking for JS files in
   /app/jenkins_workspace/workspace/JFReactNativeProject
 
Loading dependency graph...fs.js:1413
    throw error;
    ^
 
Error: ENOSPC: no space left on device, watch '/app/jenkins_workspace/workspace/JFReactNativeProject/node_modules/.staging/react-native-ddd311e5/ReactAndroid/src/androidTest/java/com/facebook/react/testing/idledetection'
    at FSWatcher.start (fs.js:1407:26)
    at Object.fs.watch (fs.js:1444:11)
    at NodeWatcher.watchdir (/app/jenkins_workspace/workspace/JFReactNativeProject/node_modules/[email protected]@sane/src/node_watcher.js:159:22)
    at Walker.<anonymous> (/app/jenkins_workspace/workspace/JFReactNativeProject/node_modules/[email protected]@sane/src/common.js:109:31)
    at Walker.emit (events.js:182:13)
    at /app/jenkins_workspace/workspace/JFReactNativeProject/node_modules/[email protected]@walker/lib/walker.js:69:16
    at go$readdir$cb (/app/jenkins_workspace/workspace/JFReactNativeProject/node_modules/[email protected]@graceful-fs/graceful-fs.js:187:14)
    at FSReqWrap.oncomplete (fs.js:169:20)
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! [email protected] start: `react-native start`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the [email protected] start script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
 
npm ERR! A complete log of this run can be found in:
npm ERR!     /root/.npm/_logs/2019-09-25T06_57_58_754Z-debug.log

Solution:

Enospc means error no more hard disk space available

First, use df -hTto find that there is still a lot of disk space

Then find FSWatcher and Object.fs.watch field, and then view the contents related to the number of files that the system allows users to listen to

#Indicates the number of watches that can be added by the same user at the same time (watches are generally directory-specific and determine the number of directories that can be monitored by the same user at the same time)
[[email protected] JFReactNativeProject]# cat /proc/sys/fs/inotify/max_user_watches
8192
[[email protected] JFReactNativeProject]# echo 100000 > /proc/sys/fs/inotify/max_user_watches
[[email protected] JFReactNativeProject]# cat /proc/sys/fs/inotify/max_user_watches
100000

The permanent effective method is as follows: (this method is recommended)

vim /etc/sysctl.conf
fs.inotify.max_user_watches = 100000(The latter value can be adjusted according to the actual situation)
Just add and run /sbin/sysctl -p 

Start validation:

Restart, normal

[Solved] FTP Setup Error: Job for vsftpd.service failed because the control process exited with error code…

Error in setting up FTP: job for vsftpd service failed because the control process exited with error code. See “systemctl status vsftpd.service” and “journalctl -xe” for details.


Solution:

First check whether our port 21 is occupied:

[[email protected] lighthouse]# lsof -i:21
COMMAND     PID USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME
pure-ftpd 16235 root    4u  IPv4 1014289      0t0  TCP *:ftp (LISTEN)
pure-ftpd 16235 root    5u  IPv6 1014290      0t0  TCP *:ftp (LISTEN) 

We need to kill the process pure-ftpd with process number 16235:

[[email protected] lighthouse]# kill -9 16235 
[[email protected] lighthouse]# lsof -i:21

If there is no prompt, it means that kill is successful!

The next step is to solve the vsftpd configuration file:

[[email protected] lighthouse]# sudo vim /etc/vsftpd/vsftpd.conf

The content of vsftpd configuration file is, which can be copied directly. Just change the IP:

# Example config file /etc/vsftpd/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP?(Beware - allowed by default if you comment this out).
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
# When SELinux is enforcing check for SE bool ftp_home_dir
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
# When SELinux is enforcing check for SE bool allow_ftpd_anon_write, allow_ftpd_full_access
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# You may override where the log file goes if you like. The default is shown
# below.
#xferlog_file=/var/log/xferlog
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode. The vsftpd.conf(5) man page explains
# the behaviour when these options are disabled.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd/banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
# the user does not have write access to the top level directory within the
# chroot)
chroot_local_user=YES
chroot_list_enable=YES
# (default follows)
chroot_list_file=/etc/vsftpd/chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
#
# When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
listen=YES
#
# This directive enables listening on IPv6 sockets. By default, listening
# on the IPv6 "any" address (::) will accept connections from both IPv6
# and IPv4 clients. It is not necessary to listen on *both* IPv4 and IPv6
# sockets. If you want that (perhaps because you want to listen on specific
# addresses) then you must run two copies of vsftpd with two configuration
# files.
# Make sure, that one of the listen options is commented !!
#listen_ipv6=YES

pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
local_root=/var/ftp/test
allow_writeable_chroot=YES
pasv_enable=YES
pasv_address=xxx.xxx.xxx.xxx#Please change it to the public IP of your lightweight application server, you need to change it yourself
pasv_min_port=40000
pasv_max_port=45000

Finally, take a look at your vsftp on state:

[[email protected] lighthouse]# systemctl status vsftpd.service

[Solved] CentOS Start Neo4j Database Error: Error: A JNI error has occurred, please check your installation and try again

CentOS Start Neo4j Database Error: Error: A JNI error has occurred, please check your installation and try again

This is because when installing neo4j, it comes with:

java-11-openjdk-headless-11.0.15.0.9-2.el7_9.x86_64
java-11-openjdk-11.0.15.0.9-2.el7_9.x86_64

This is caused by a conflict with the version of JDK previously installed on the server

So now you just need to uninstall all JDK versions and reinstall neo4j
check the existing JDK

rpm -qa | grep jdk

Uninstall all jdks (it’s easy to uninstall some files in CUDA, but it doesn’t affect deep learning and GPU training model)

yum -y remove(Uninstall all the packages that appear above)

Reinstall neo4j

sudo yum install neo4j

[Solved] Error: X_LINK_COMMUNICATION_NOT_OPEN or X_LINK_ERROR

Error: X_LINK_COMMUNICATION_NOT_OPEN or X_LINK_ERROR

Error message:
couldn’t read data from stream: ‘RGB’ (x_link-error)

or couldn’t read data from stream: ‘Preview’ (x_link-error)

Solution:
possible causes:
1 The connection is unstable. Try another cable or computer
2. Linux uses dmesg – w to check whether the oak is connected normally. If the device is connected, you will see the following similar results:

/~$ dmesg -w

[223940.862544] usb 1-3.2: new high-speed USB device number 120 using xhci_hcd
[223940.963357] usb 1-3.2: New USB device found, idVendor=03e7, idProduct=2485, bcdDevice= 0.01
[223940.963364] usb 1-3.2: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[223940.963368] usb 1-3.2: Product: Movidius MyriadX
[223940.963371] usb 1-3.2: Manufacturer: Movidius Ltd.
[223940.963373] usb 1-3.2: SerialNumber: 03e72485

3. Pipeline setting error, please check whether the input and output are set correctly
4. You have not set udev rules.

5. If the oak device cannot be connected yet, please execute: lsusb | grep 03e7 . If it is connected, you will see the following similar results:

$ lsusb | grep 03e7
Bus 001 Device 120: ID 03e7:2485 Intel Movidius MyriadX

[Solved] sed -i error: sed: -e expression #1, char 44: invalid reference \1 on `s’ command’s RHS

How to Solve sed -i error:

sed -i.bak '/.*CMDLINE_LINUX.*/s#(.*)"#\1 net.ifnames=0"#' /etc/default/grub

always report the error: sed: -e expression #1, char 44: invalid reference \1 on `s’ command’s RHS

sed -i -r '/.*CMDLINE_LINUX.*/s#(.*)"#\1 net.ifnames=0"#' /etc/default/grub

Later we know that you need to add -r, because there is a backward reference – \1, and -i and -r should be written separately

[Solved] shell Error: Syntax error: “(“ unexpected (expecting “}“)

The hard disk is damaged and the system is reinstalled. An error is reported when executing the previous script

Syntax error: “(” unexpected (expecting “}”)

Troubleshooting:

ls -l /bin/sh

The default link is dash

Knowledge supplement

Bash: Unix shell written for GNU Project

SH: equivalent to /bin/bash –posix. It is bash that opens POSIX standard

Dash: it has faster execution speed than bash, but supports fewer statement leaves

Solution:

Here, I have no requirements for the speed of script execution, only that it can be used, so I can change it to bash

cd /bin/; ln -sf bash /bin/sh

l

Problem-solving.

[Solved] SecureCRT Connect Error: The server has disconnected with an error…..

1. Problem environment
virtual machine: VMware 16
Windows system: Windows 10
linux system: CentOS 7.6
interactive software: SecureCRT 8.7
2. Prompt

3. Solution
click “options”, select “session options”, as shown in the figure below, click “SSH2”, then modify “username”, and click “OK”

4. reconnect

connect successfully