-
Notifications
You must be signed in to change notification settings - Fork 163
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aix /
drive overflowing
#866
Comments
/cc @nodejs/platform-aix |
I can increase the size of / but it may be better to figure out how to move it ? Was it causing failures or did you notice this pro-actively ? |
Not sure about failures, but after a few commands you couldn't even # cd /home/iojs/build/workspace/node-test-commit-aix
ksh: There is not enough space in the file system. |
So a quick look at the IPs in Maybe we need implement some brute force mitigation techniques... |
It's already 18MB after < 24h: bash-4.3# ls -la /etc/security/failedlogin
-rw-r----- 1 root system 18273600 Sep 06 14:01 /etc/security/failedlogin``` |
I added the following two line to
So now
|
only allowing public key auth seems like good security practice to me |
@gibfahn can you forsee any negative repercussions to automation? |
I'm asking as currently the AIX setup is semi-manual, and I didn't know if a password is used in the earlier stages. |
This sounds good to me, I can't foresee any issue with doing this. Any machine has to be prepared to run Ansible by adding some key (there might be ways to run Ansible with passwords, but that'd be more work for nothing). We already have a step to disable sftp, this could be added next to it. |
Seems reasonable to me as well, although I'm not an expert at ssh configuration. I don't think there is any step that needs to login with a password as opposed to ssh key, other than possibly when we first receive the machines and have to add the initial ssh key ( I can't remember as its been a long time since I did that) |
Great. So I'll try to "ansible"ize that. |
Can this issue be closed? theres been no update on it for two years so I assume the problem is fixed? |
Not fixed:
Needs to be added to the manual setup instructions in ansible/aix61-standalone/manualBootstrap.md, and it needs to be done the hosts missing the setup. Can you document, @AshCripps and I'll make the changes? |
On both
test-osuosl-aix61-ppc64_be-1/2
there a file/etc/security/failedlogin
that's 300-400MB and it's on the/
fs which is only 700MB.For now I moved it to
/home/
in case anyone wants to inspect it.Looking for ideas on how to limit its size, or roll it over to a bigger partition.
The text was updated successfully, but these errors were encountered: