Tag Archives: linux

The request was rejected because the URL contained a potentially malicious String “//“

Problem description

After the introduction of spring security, there is no problem using Vue proxy locally. There is a problem using nginx. The problem is located in the nginx configuration

Solution:

# rewrite ^(/api/?.*)$ /$1 break;  // old
 rewrite ^/api/(.*)$ /$1 break;    // modified

Explanation
take blog.lhuakai.top/api/getxxx as an example

nginx found /API , replaced the match to /api.getxxx/ with $1 (the content in the first group) getxxx and finally became blog.lhuakai.top/getxxx

Prompt when executing sh file in Linux: nohup: unable to run command “. / startup. Sh”: insufficient permissions

Scene

Linux server, when running the started. Sh file

nohup ./startup.sh &

Tips

Nohup: cannot run command ‘./startup. Sh’: insufficient permissions

Note:

Blog:
https://blog.csdn.net/badao_ liumang_ Qizhi
is concerned about the official account of
‘s overbearing program
, which is programmed to get e-books, tutorial push and free download.

realization

This is because the permission is not enough. First enter the bin directory and execute in the bin directory

chmod u+x *.sh

Then run it again

Solution of apt unable to update in the docker container of raspberry pie

Today, apt failed to update when building the image with dockerfile on raspberry pie

...
 ---> Running in 05393fa6f242
Get:1 http://ports.ubuntu.com/ubuntu-ports focal InRelease [265 kB]
Get:2 http://ports.ubuntu.com/ubuntu-ports focal-updates InRelease [114 kB]
Err:1 http://ports.ubuntu.com/ubuntu-ports focal InRelease
  At least one invalid signature was encountered.
Err:2 http://ports.ubuntu.com/ubuntu-ports focal-updates InRelease
  At least one invalid signature was encountered.
Get:3 http://ports.ubuntu.com/ubuntu-ports focal-backports InRelease [101 kB]
Err:3 http://ports.ubuntu.com/ubuntu-ports focal-backports InRelease
  At least one invalid signature was encountered.
Get:4 http://ports.ubuntu.com/ubuntu-ports focal-security InRelease [114 kB]
Err:4 http://ports.ubuntu.com/ubuntu-ports focal-security InRelease
  At least one invalid signature was encountered.
Reading package lists...
W: GPG error: http://ports.ubuntu.com/ubuntu-ports focal InRelease: At least one invalid signature was encountered.
E: The repository 'http://ports.ubuntu.com/ubuntu-ports focal InRelease' is not signed.
W: GPG error: http://ports.ubuntu.com/ubuntu-ports focal-updates InRelease: At least one invalid signature was encountered.
E: The repository 'http://ports.ubuntu.com/ubuntu-ports focal-updates InRelease' is not signed.
W: GPG error: http://ports.ubuntu.com/ubuntu-ports focal-backports InRelease: At least one invalid signature was encountered.
E: The repository 'http://ports.ubuntu.com/ubuntu-ports focal-backports InRelease' is not signed.
W: GPG error: http://ports.ubuntu.com/ubuntu-ports focal-security InRelease: At least one invalid signature was encountered.
E: The repository 'http://ports.ubuntu.com/ubuntu-ports focal-security InRelease' is not signed.
...

The solution is:
in http://ftp.debian.org/debian/pool/main/libs/libseccomp/ Download the latest version of libseccomp2. The current version is libseccomp2_ 2.5.1-1_ Armhf. DEB
install on raspberry pie

>>> sudo dpkg -i libseccomp2_2.5.1-1_armhf.deb

“20999;” 21448;”

[br] https://askubuntu.com/a/1264921/685786
https://stackoverflow.com/a/64463211/7151777

How to Fix No default.conf file in conf.d after Installing Nginx

In the process of learning nginx, the default.conf file in the conf.d directory cannot be found after installing nginx. The reason is that the EPEL source under the operating system is downloaded by default, which is the Fedora operating system

Scheme I

resolvent

Reinstall nginx and modify the EPEL image source address of nginx

Reinstall

sudo yum install yum-utils

Create a new nginx.repo file

sudo vim /etc/yum.repos.d/nginx.repo

add to

[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

By default, a stable repository of nginx packages is used. If you want to use the mainline nginx package, run the following command:

sudo yum-config-manager --enable nginx-mainline

Installing nginx

sudo yum install nginx

This is the information I found on the Internet. I see that many people have handled this problem according to this scheme, but like me, there is still no default.conf file under scheme 1 conf.d, so you can try the second method.

Scheme II

Because the default.conf itself is a configuration file, my idea is to directly create one since there is no one, and see if it works. So I created an empty file with VI default.conf, and then found the contents of the default.conf file on the Internet and put it in.

server {
    listen       80;
    server_name  localhost;


    #charset koi8-r;
    #access_log  /var/log/nginx/host.access.log  main;

    location /mystatus {
        stub_status;
    }

    location/{
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }


    #error_page  404              /404.html;


    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  404 /50x.html;//Modify the 404 status code of the corresponding pointed to the access directory, and restart the server after modification.
    location = /50x.html {
        root   /usr/share/nginx/html;
    }


    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}


    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
    #    include        fastcgi_params;
    #}


    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
}

Finally, we changed the configuration according to the project requirements we deployed. Let’s also start nginx to have a look. We can see that there is no error after starting nginx, and we can also see the process of nginx, which shows that this method is feasible and simpler than scheme 1.

[Solved] websocket error in Linux service: / lib64 / libc. So. 6: version ` glibc_2.17‘ not found

1.Error reporting
after the websocket service is installed on the server,
when viewing the log, the following error messages are found:
/lib64/libc. So. 6: version ` glibc_ 2.17’ not found (required by ./node)

It shows that the version of a plug-in in the Lib library does not exist

2.Solution
1. View the glibc version available in the system

// Use the strings command to view
strings /lib64/libc.so.6 |grep GLIBC_
// View the results as follows.
GLIBC_2.2.5
GLIBC_2.2.6
GLIBC_2.3
GLIBC_2.3.2
GLIBC_2.3.3
GLIBC_2.3.4
GLIBC_2.4
GLIBC_2.5
GLIBC_2.6
GLIBC_2.7
GLIBC_2.8
GLIBC_2.9
GLIBC_2.10
GLIBC_2.11
GLIBC_2.12
GLIBC_2.13
GLIBC_2.14
GLIBC_2.15
GLIBC_2.16
GLIBC_PRIVATE

As can be seen from the figure, there is no glibc_ Version 2.17 of glibc library, so you need to download a newer version of glibc library.

2. Download a new version of glibc library
https://ftp.gnu.org/gnu/glibc/glibc-2.17.tar.gz
Or through

wget https://ftp.gnu.org/gnu/glibc/glibc-2.17.tar.gz
# Unpack the tarball
tar -xvf glibc-2.17.tar.gz

3. Compile and install

# 1. Go to the glibc-2.17 directory
cd glibc-2.17
# 2. Create the build directory
mkdir build
# 3. Go into the build directory
cd build
# 4, execute . /configure
... /configure --prefix=/usr --disable-profile --enable-add-ons --with-headers=/usr/include --with-binutils=/usr/bin
# 5. Install
make && make install

4. View shared libraries

ls -l /lib64/libc.so.6
=====================
// You can see that the soft link has been created
lrwxrwxrwx. 1 root root 12 Jan 13 01:49 /lib64/libc.so.6 -> libc-2.17.so

5. Review the glibc version in the system again

[root@localhost ~]# strings /lib64/libc.so.6 |grep GLIBC_
GLIBC_2.2.5
GLIBC_2.2.6
GLIBC_2.3
GLIBC_2.3.2
GLIBC_2.3.3
GLIBC_2.3.4
GLIBC_2.4
GLIBC_2.5
GLIBC_2.6
GLIBC_2.7
GLIBC_2.8
GLIBC_2.9
GLIBC_2.10
GLIBC_2.11
GLIBC_2.12
GLIBC_2.13
GLIBC_2.14
GLIBC_2.15
GLIBC_2.16
GLIBC_2.17
GLIBC_PRIVATE

It can be found that it is the latest version

6. Check the log again and find that the original error has been solved ~

[Solved] error while loading shared libraries: libmpc.so.3: cannot open shared object file

1. You can try to install this dependency first, and then try to compile whether it can be compiled normally

apt-get --reinstall install libmpc3

2. If it still doesn’t work, you can check whether there is this file in your compilation package path, or whether there is this file in other paths. If so, open the file with VI and insert a line below your path

sudo vi /etc/ld.so.conf

For example, mine is/opt/usr/lib

and then refresh

sudo ldconfig

Initializing the Kubernetes master node ERROR: failed to pull image registry.aliyuncs.com/google_containers/coredns:v1.8.0

run kubeadm init –config=kubeadm.yml –upload-certs | tee kubeadm-init.log command error: failed to pull image registry.aliyuncs.com/google_containers/coredns:v1.8.0
full error message as below:

kubeadm init --config=kubeadm.yml --upload-certs | tee kubeadm-init.log

[init] Using Kubernetes version: v1.21.2
[preflight] Running pre-flight checks
        [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
        [WARNING Hostname]: hostname "node" could not be reached
        [WARNING Hostname]: hostname "node": lookup node on 127.0.0.53:53: server misbehaving
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
error execution phase preflight: [preflight] Some fatal errors occurred:
        [ERROR ImagePull]: failed to pull image registry.aliyuncs.com/google_containers/coredns:v1.8.0: output: Error response from daemon: manifest for registry.aliyuncs.com/google_containers/coredns:v1.8.0 not found: manifest unknown: manifest unknown
, error: exit status 1
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or higher

Prompt to pull registry.aliyuncs.com/google_ Containers/coredns: v1.8.0 this image failed
use kubedm config images list — config kubedm.yml to query the image to be downloaded

kubeadm config images list --config kubeadm.yml

registry.aliyuncs.com/google_containers/kube-apiserver:v1.21.2
registry.aliyuncs.com/google_containers/kube-controller-manager:v1.21.2
registry.aliyuncs.com/google_containers/kube-scheduler:v1.21.2
registry.aliyuncs.com/google_containers/kube-proxy:v1.21.2
registry.aliyuncs.com/google_containers/pause:3.4.1
registry.aliyuncs.com/google_containers/etcd:3.4.13-0
registry.aliyuncs.com/google_containers/coredns:v1.8.0

Use the docker images command to query images

docker images

registry.aliyuncs.com/google_containers/kube-apiserver            v1.21.2    106ff58d4308   3 weeks ago     126MB
registry.aliyuncs.com/google_containers/kube-controller-manager   v1.21.2    ae24db9aa2cc   3 weeks ago     120MB
registry.aliyuncs.com/google_containers/kube-scheduler            v1.21.2    f917b8c8f55b   3 weeks ago     50.6MB
registry.aliyuncs.com/google_containers/kube-proxy                v1.21.2    a6ebd1c1ad98   3 weeks ago     131MB
registry.aliyuncs.com/google_containers/pause                     3.4.1      0f8457a4c2ec   6 months ago    683kB
registry.aliyuncs.com/google_containers/etcd                      3.4.13-0   0369cf4303ff   10 months ago   253MB

It is found that there is no registry.aliyuncs.com/google in the downloaded image_ Containers/coredns: v1.8.0
use the docker command to pull the image

docker pull registry.aliyuncs.com/google_containers/coredns:1.8.0

Kubernetes needs registry.aliyuncs.com/google_ Containers/coredns: v1.8.0, rename the image with the docker tag command

# rename
docker tag registry.aliyuncs.com/google_containers/coredns:1.8.0 registry.aliyuncs.com/google_containers/coredns:v1.8.0
# detele all mirror
docker rmi registry.aliyuncs.com/google_containers/coredns:1.8.0

Run the initialization command again

kubeadm init --config=kubeadm.yml --upload-certs | tee kubeadm-init.log

Prompt success

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Follow the above prompts to configure kubectl

mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

# NOT ROOT 
chown $(id -u):$(id -g) $HOME/.kube/config

Verify success

kubectl get node

# The ability to print out node information indicates success
NAME   STATUS     ROLES                  AGE   VERSION
node   NotReady   control-plane,master   31m   v1.21.2

PHP file download, download failed, nginx open() nginx / fastcgi_ temp/2/10/0000000102“ failed (13: Permission denied)

summary

The file download failed when testing the project

Check the problem

After investigation, it is found that nginx gives error information
open() "/ home/server/nginx/fastcgi_ Temp/2/10/0000000102 "failed (13: permission denied) while reading upstream
nginx prompts us that we do not have permission to operate

and then we enter the directory /home/server/nginx to check fastcgi_ Temp file owner, our name is the root user of root group we will check the user group and user name of nginx worker again

ps -ef | grep nginx
# We can see that the worker process of nginx is the www user
root 80246 1 0 10:37 ?       00:00:00 nginx: master process /home/server/nginx/sbin/nginx
www 80247 80246 0 10:37 ?       00:00:00 nginx: worker process
root 82877 82840 0 13:56 pts/7 00:00:00 grep --color=auto nginx
# View the group that the www user is in, and the members of the group
groups www
# Ours is the www user of the www user group
www:www

solve the problem

When we download, the nginx worker process is sending the fastcgi_ Temp does not have permission to write to the cache
so we just need to give fastcgi_ The start-up user with the permission of nginx to modify the temp directory WWW: www

chown -R www:www fastcgi_temp/

Linux solves nohup: ignoring input and appending output to “nohup. Out” and nohup: ignoring input redirection error to standard output

1. Direct execution document

nohup ./test.sh

Prompt appears:

 Ignore the input and append the output to the "nohup.out"

And input the output result into the default file nohup. Out

2. Redirecting standard output to a file

nohup ./test.sh > a.txt

Prompt appears:

 nohup: Ignore input redirection errors to the standard output

Output the result to the specified file a.txt

3. Redirecting standard error output to a file

nohup ./test.sh > a.txt 2>&1 &

No hint

[Solved] Linux VI Error: Can‘t open file for writing

Error: Can‘t open file for writing

How to Solve:

the current path does not exist (there is no file, but there is no middle folder) and the permission is insufficient. Multiple users can use this file at the same time

To solve the problem that deep in 20.2 system cannot save and transform the format of typora, and provide an effective installation method of typora

Background: deep in 20.2 system app store can only edit files after downloading typora, but can’t save files and convert file formats (such as exporting PDF, word, etc.) without any error prompt, just can’t convert.

Cause analysis: the typora downloaded from the deep in app store comes with its own pandoc plug-in, so there is no problem that there is no pandoc; The deepin version of TA is 20.0, but it can be used normally. I use the command line to run typora for operation, and there is no error related to file conversion or saving. Subjective conjecture is that the latest version of deepin is incompatible with the app store’s typora version.

resolvent:

Uninstall the app store, and download and install it from the official website https://www.typora.io/ (just use the operation method of Linux system on the official website)

Actual operation:

The following is the official website installation operation and possible errors, I give my own solution:

1. Get the key

wget -qO – https://typora.io/linux/public-key.asc | sudo apt-key add –

2. Add the repository of typora

sudo add-apt-repository ‘deb https://typora.io/linux ./’
sudo apt-get update

in this step, you may report an error of “unable to find the repository command”

Try some methods on the network is not feasible, so directly add violence!

3. Install typora

sudo apt-get install typora

Debugging failed under vscode Ubuntu, unable to open libc-start. C raise. C, etc

sudo apt install glibc-source
cd /usr/src/glibc/
sudo tar -xvf glibc-[VERSION].tar.xz

"sourceFileMap": {
      "/build/glibc-S7xCS9": "/usr/src/glibc"
}

Pay attention to the modification S& xCS9 Is the glibc file name that appears in the error prompt.

ProgrammerAH

Programmer Guide, Tips and Tutorial