Missing privilege separation directory: /run/sshd
Traceback (most recent call last):
File “./status_checks.py”, line 1080, in
run_checks(False, env, ConsoleOutput(), pool)
File “./status_checks.py”, line 51, in run_checks
if not run_services_checks(env, output, pool):
File “./status_checks.py”, line 91, in run_services_checks
ret = pool.starmap(check_service, ((i, service, env) for i, service in enumerate(get_services())), chunksize=1)
File “./status_checks.py”, line 34, in get_services
{ “name”: “SSH Login (ssh)”, “port”: get_ssh_port(), “public”: True, },
File “./status_checks.py”, line 72, in get_ssh_port
output = shell(‘check_output’, [‘sshd’, ‘-T’])
File “/root/mailinabox/management/utils.py”, line 123, in shell
ret = getattr(subprocess, method)(cmd_args, **kwargs)
File “/usr/lib/python3.6/subprocess.py”, line 356, in check_output
**kwargs).stdout
File “/usr/lib/python3.6/subprocess.py”, line 438, in run
output=stdout, stderr=stderr)
subprocess.CalledProcessError: Command ‘[‘sshd’, ‘-T’]’ returned non-zero exit status 255.
Traceback (most recent call last):
File “./status_checks.py”, line 1080, in
run_checks(False, env, ConsoleOutput(), pool)
File “./status_checks.py”, line 51, in run_checks
if not run_services_checks(env, output, pool):
File “./status_checks.py”, line 96, in run_services_checks
output2.playback(output)
File “./status_checks.py”, line 1070, in playback
getattr(output, attr)(*args, **kwargs)
File “./status_checks.py”, line 1013, in print_error
self.print_block(message, first_line="\u2716 ")
File “./status_checks.py”, line 1019, in print_block
print(first_line, end=‘’, file=self.buf)
UnicodeEncodeError: ‘ascii’ codec can’t encode character ‘\u2716’ in position 0: ordinal not in range(128)
Have you considered including information in your post, such as current version of MiaB, whether or not you’ve modified any files, the server environment, etc?
Good questions are what usually get good attention and good answers.
The main difference between the KVM virtualization and Linux Containers is that virtual machines require a separate kernel instance to run on, while containers can be deployed from the host operating system. This significantly reduces the complexity of container creation and maintenance. Also, the reduced overhead lets you create a large number of containers with faster startup and shutdown speeds. Both Linux Containers and KVM virtualization have certain advantages and drawbacks that influence the use cases in which these technologies are typically applied:
KVM virtualization
KVM virtualization lets you boot full operating systems of different kinds, even non-Linux systems. However, a complex setup is sometimes needed. Virtual machines are resource-intensive so you can run only a limited number of them on your host machine.
Running separate kernel instances generally means better separation and security. If one of the kernels terminates unexpectedly, it does not disable the whole system. On the other hand, this isolation makes it harder for virtual machines to communicate with the rest of the system, and therefore several interpretation mechanisms must be used.
Guest virtual machine is isolated from host changes, which lets you run different versions of the same application on the host and virtual machine. KVM also provides many useful features such as live migration. For more information on these capabilities, see Red Hat Enterprise Linux 7 Virtualization Deployment and Administration Guide.
Linux Containers:
The current version of Linux Containers is designed primarily to support isolation of one or more applications, with plans to implement full OS containers in the near future. You can create or destroy containers very easily and they are convenient to maintain.
System-wide changes are visible in each container. For example, if you upgrade an application on the host machine, this change will apply to all sandboxes that run instances of this application.
Since containers are lightweight, a large number of them can run simultaneously on a host machine. The theoretical maximum is 6000 containers and 12,000 bind mounts of root file system directories. Also, containers are faster to create and have low startup times.
This domain’s DNSSEC DS record is not set. The DS record is optional. The DS record activates DNSSEC. See below for instructions.
Follow the instructions provided by your domain name registrar to set a DS record. Registrars support different sorts of DS records. Use the first option that works:
here’s how to understand which of the 6 options is suitable for me?