Questions tagged [pinning]

21 questions
8
votes
3 answers

Install Debian Backports kernel automatically

I've got the following pinnings set: Package: linux-image-amd64 Pin: release a=wheezy-backports Pin-Priority: 1001 Package: * Pin: release a=wheezy-backports Pin-Priority: 499 I get the following error: $ sudo apt-get install…
Tim Stoop
  • 578
  • 5
  • 19
6
votes
2 answers

kvm and qemu host: Is there a limit for max CPUs (Ubuntu 10.04)?

Today we encountered a really strange behaviour on two identical kvm and qemu hosts (Dell R910). The host systems each have 4 x 10 Cores, which means that 40 physical cores are displayed as 80 within the operating system (Ubuntu Linux 10.04 64 Bit,…
PythonLearner
  • 1,022
  • 2
  • 12
  • 29
3
votes
3 answers

Cpu pinning strategy for kvm / centos7

I am migrating from Xen to Kvm. In Xen I was able to easily pin host cpus to guest vms, and also to pin host cpus to the "dom0" . In Kvm I can also easily pin host cpus to guests vms, but, as far as I can I see, nothing prevents application running…
Olivier S
  • 2,719
  • 1
  • 12
  • 14
3
votes
1 answer

Apt Pinning: Pinning based on multiple criteria

I'm attempting to pin a package based on more than one field. In my case, the origin and the version. My specific reasons for doing this is to ping RabbitMQ's Erlang release at a specific version. I want to prevent installation of another version of…
2
votes
3 answers

Remove domain from HPKP preload list

So, this is a fun story regarding HTTP Public Key Pinning (HPKP) and HTTP Strict Transport Security (HSTS). I was playing with the HTST Always and HPKP preload options, not being fully aware of the consequences. About the same time, I discovered…
blade19899
  • 153
  • 13
2
votes
1 answer

Pinning specific subsection in Debian

I'm trying to pin some packages from a specific subsection (gnome in this case) in Debian jessie. For subsection I mean: gnome, admin, x11, etc… This value is showed by apt-cache in the 'Section' field for any package. There are a lot of example…
L. Lopez
  • 93
  • 4
1
vote
1 answer

How to accomplish Server Certificate pinning in Azure?

I have a Web API suite deployed in Azure managed by Azure APIM that transacts with an external API. I need to ensure that the Server Certificate from the external partner is validated and pinned before proceeding with any further transaction with…
1
vote
1 answer

Apt pinning returns error message about package headers

I have a server running Debian Stretch that I need to install PHP 7.1 on, which isn't available in the default repositories of Stretch, but in Testing aka Buster. I tried to use apt pinning to add the Buster repositories with a lower priority, so…
morph
  • 51
  • 6
1
vote
1 answer

How to recreate let's encrypt certificate with public key from the past?

So what we have is an invalid let's encrypt certificate, when we try to renew it, public key changes. Is there a way to preserve the old public key? Our clients have it implemented for SSL pinning purposes. certbot certificates shows: Certificate…
marc_s
  • 153
  • 6
1
vote
2 answers

Virtualization: vCPU pinning with Hyperthreading Host CPU?

I'm using KVM/libvirt on a Linux server with Core i7-2600 CPU, which has the following CPU topology (1 Socket, 4 Cores, 8 Threads): Physical | Logical ---------+-------- Core 0 | 0, 4 Core 1 | 1, 5 Core 2 | 2, 6 Core 3 | 3, 7 I usually run…
lynix
  • 55
  • 2
  • 4
1
vote
2 answers

What does cpu-pinning mean in context of KVM hypervisor with multiple virtual machines

I am looking at configuring a KVM hypervisor to have some virtual machines. THe KVM hypervisor has 8 physical cores (16 with HyperThreading). I want to create 8 virtual machines on it but I am not able to understand what difference will cpu-pinning…
Akshya11235
  • 133
  • 2
  • 5
1
vote
1 answer

Package pinning in Debian lenny

I need your advice as I don't know if I hit a bug, or I am misunderstanding something. On a Debian Lenny, I am trying to prevent the installation of two particular packages, when they are requested as dependencies fromother packages. I am using the…
bronto
  • 121
  • 11
0
votes
1 answer

Is it possible to have a partial hyperthreading with a Linux System?

I have a server with 2*14 cores with Hyperthreading enabled. This means I have (2*14*2=28*2) 56 vCPUs. [root@supervision1 /]# dmidecode -t 4 | egrep 'Socket Designation|Count' Socket Designation: SOCKET 0 Core Count: 14 Thread Count: 28 …
0
votes
1 answer

How to update expired ssl certificate on server with key-pinning (hpkp)

On server with nginx web server was setup ssl section with key-pinning: add_header Public-Key-Pins 'pin-sha256="some-key"; pin-sha256="second-key"; max-age=5184000;' always; now certificate is expired and was reissued, I generate a new base64…
0
votes
3 answers

Ideally, how should HSTS / SSL Everywhere / Let's encrypt work with captive Wifi portals?

Some captive Wifi portals require the ability to 301/302 redirect a user to an authentication / terms of service page before permitting access to the Internet. This is at odds with SSL, which can't be cleanly intercepted by the typical coffee shop…
makerofthings7
  • 8,821
  • 28
  • 115
  • 196
1
2