Sysadmin
!sysadmin
@lemmy.ml!sysadmin
@lemmy.mlHello c/sysadmin, and welcome to the Patch Megathread! I'm editing this post and leaving it up as a single catch-all sticky post for patch days for the time being, since we're not seeing enough activity to warrant new threads IMO. If someone wants to help moderate / curate content and actively create new patch day posts, please let me know and I'll add you to the mod team.
This is the place to talk about the latest patches, updates, and releases. We put this thread into place to help gather all the information about this month's updates: What is fixed, what broke, what got released and should have been caught in QA, etc. We do this both to keep clutter out of the community, and provide a singular resource to read.
While this thread is timed to coincide with Microsoft's Patch Tuesday, feel free to discuss any patches, updates, and releases, regardless of the company or product.
Remember the rules of safe patching:
https://arstechnica.com/security/2024/07/secure-boot-is-completely-compromised-on-200-models-from-5-big-device-makers/#p3
Keys were labeled "DO NOT TRUST." Nearly 500 device models use them anyway.
https://www.timesnownews.com/technology-science/latest-crowdstrike-update-causes-blue-screen-of-death-on-microsoft-windows-multiple-users-affected-article-111854018
Latest Crowdstrike Update Issue: The issue seems widespread, affecting machines running various CrowdStrike sensor versions. CrowdStrike has acknowledged the problem and is currently investigating the cause., Technology & Science News - Times Now
https://www.abc.net.au/news/2024-07-19/technology-shutdown-abc-media-banks-institutions/104119960
There are reports of IT outages affecting major institutions in Australia and internationally.
Hello! I am looking for suggestions for Slack alternatives that meet the following (likely impossible) criteria:
Regarding UI, I am hoping to find something with a more streamlined implementation of threaded conversations - this is my primary complaint with Slack.
I know there are tons of articles on Slack alternatives, but I'm hoping for a more technical perspective. Are there any Matrix-based options that are refined enough for a small team to rely on as primary method of communication?
Thank you!
I am working part time for a small company, they have about 40 employees that use the email everyday for work and recently they have acquired a MS account for 10 employees that use it mainly for teams with customers but also sharepoint, etc.
To buy an MS account for each of the 40 would be too expensive and necessary because the other 30 only really use email in the day to day work.
So what I did initially was to follow this Microsoft doc: https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365
So our MX register point to Exchange server and exchange relay it to the secondary email server where all those 30 accounts exists.
It was working fine until I we started to get this "Not delivered message" email returning with this error:
Error: 550 5.7.367 Remote server returned not permitted to relay -> 554 5.7.1 : Relay access denied
I talked to the support of this secondary email server and they told me they do not support this operation.
So I am looking for help in finding some server that would allow me to work like this. Do you happen to know some company you could recommend?
Hi all, I want to setup a fileserver as a KVM which will access a 2TB disk partition to store its data. In order to do this I saw 5 options:
Attach the whole disk to the VM and access the partition as you do in the host machine. -> contraindicated by the RHEL documentation for security reasons.
Attach only the partition to the VM. Inside the VM, the partition appears as a drive which needs a new partition table. This seems good to me (for reasons I'll explain later), but I don't know how the partition-table-inside-a-partition thing works and what implications it comes with.
Create a sparse max-2TB qcow2 image, store it in the physical partition and attach it to the VM. -> rejected by me because the partition inside the qcow2 image needs constant resizing as your storage needs grow.
Create a fully initialized 2TB qcow2 image. -> current way of doing it, no resizes, no security concerns (I guess). The only drawback I perceive is the time required to initialize a 2TB image (~2.5hours in an HDD).
Use the physical partition as NFS. I haven't really investigated this solution -nor am I experienced with NFS- but to me it seems like it will require some configuration in the host too, which is something I want to avoid because I don't want to redeploy the host in case shit hits the fan.
So, why 2 seems good to me? Neither resizes as in 3 nor long setup times (image initializing) as in 4.
Is there any other solution that I have missed? If not, out of these, which should I choose?
Sorry for the long, I tried to be as detailed as possible.
Not sure if this is the right place.
The last few days I've been experiencing a few issues resolving DNS on my home network. Strangely, rebooting the router seemed to fix it for a time. After running into the issue again I decided to investigate further. I'm using a Mikrotik router with my PC wired in with ethernet cable. The router is using DoH to Quad9 (https://dns.quad9.net/dns-query as per their documentation). I've also imported root certificates for validation.
As of right now, my desktop cannot resolve dns against 9.9.9.9, however it can resolve dns against 1.1.1.1 and 8.8.8.8.
$ dig @9.9.9.9 reddit.com
;; communications error to 9.9.9.9#53: timed out
Interestingly also cannot curl the DoH URL (also a timeout). I thought maybe Quad9 is having issues so I jumped over to my EC2 instance, and I can dig/curl just fine.
I also turned on debug logging on the router, the logs indicate the same issue my desktop is having (timeout errors, sometimes and SSL handshake error).
My question to you all is, have I missed something in my testing/setup, or is Comcast blocking Quad9?
Additional info:
The mikrotik is the latest firmware (6.49.10). I can switch to CloudFlare DoH on the router and it works fine. I can remove the DoH setting entirely and it works. I've got 8.8.8.8 as a static DNS server and the 2 comcast dns servers are dynamic (75.75.75.75 and 75.75.76.76). NTP is setup and the router has the correct date/time/timezone.
As of this writing rebooting the router is no longer temporarily fixing the problem.
Edit:
Thanks u/melmi@lemmy.blahaj.zone !
Per their post the status page shows issues in my area: https://uptime.quad9.net/
Not sure if this is the right place to ask, but recommendations for personal and family password management?
I finally switched to Firefox on my phone, because Chrome "privacy". And then when trying to find out how enable password storage, I accidentally set up Microsoft Authenticator as password management phone-wide. Realizing this meant cross-app password management, I finally accepted that my old approach of politely ignoring the problem and manually memorizing algorithmic passwords is no longer tenable. I honestly would prefer the anti-privacy approach where every service just uses oAuth and only one provider has my password, but we're not there today, so time to learn the new tech.
So basically, what's the current OSS best-practice for a one-stop-shop password management software? I know "OSS" and "big safe cloud storage provider" are kind of oxymoronic, but imho encrypted-cloud-storage is the best tradeoff between security and convenience.
And, ideally, something I could get my kids onto as well and manage some shared family-PWs as well, since I assume their password management strategies are either "reset every time" or "just use the same PW everywhere and it's a ticking time-bomb".