service – ubuntu 18.04: clamav running, tomcat dying

Ubuntu 18.04. 2 GB RAM + 512 MB swap.

When running clamav, it consumes more than 800MB of memory as it loads all the signatures into memory. For this reason, I have configured it to operate everyday at 3 am instead of continuing.

Until now, tomcat and clamav got along very well. At 3 am yesterday evening, the tomcat service was closed when clamav started operating.

(4643256.375812) OOM killed process 8145 (clamscan) total-vm:1149268kB, anon-rss:969476kB, file-rss:4kB
(7667218.452649) OOM killed process 8865 (java) total-vm:4568248kB, anon-rss:1067312kB, file-rss:0kB

Mar 26 03:00:31 user systemd(1): tomcat.service: Main process exited, code=killed, status=9/KILL
Mar 26 03:00:31 user systemd(1): tomcat.service: Failed with result 'signal'.
Mar 26 03:17:08 user systemd(1): Reloading The Apache HTTP Server.
Mar 26 03:17:08 user systemd(1): Reloaded The Apache HTTP Server.

I know the upgrade is an immediate answer, but until then, my questions are:

  1. Is there a way to run clamav without consuming 800 + mb?

  2. Is there a way to automatically restart Tomcat if something like this happens again?

  3. Did Java really take 4,568,248 KB = 4.5 GB or is something missing?

Ubuntu 18.04 English US keyboard incorrect mapping

I have configured my keyboard and my language in American English and nevertheless the keyboard incorrectly affects all the symbols which are in the line of the numbers. For example, when I try to get (with mayus and 8 I get * instead. This is a picture of how my keyboard looks

enter description of image here

I have tried several options like incorrect keyboard mapping on Ubuntu under VirtualBox

but none of them worked

linux – How can I emulate Ubuntu 18.04 on MacOS using qemu?

I'm pretty much a beginner in this stuff, so I thought about asking how to do it here: How can I run Ubuntu 18.04 on my MacBook Air (Mojave) using QEMU? (yes, I need to use QEMU for now.) I got QEMU from here: 8848 & sid = 231f98d16d73cb47e9f5261555fd021f.

I tried to look at the QEMU System Emulation User Guide: but I don't really understand it. I also found a pretty good tutorial which seemed to suit me well: but it doesn't work. I managed to bring up the "Install Ubuntu" menu several times on the screen, but the cursor would not work for some reason.
I first created a qcow2 file like this:

qemu-img create -f qcow2 ~/Desktop/QEMU/ubuntu.qcow2 25G

My qemu.command file is:

  -m 2048 
  -vga virtio 
  -device usb-tablet 
  -cdrom ~/Desktop/QEMU/ubuntu.iso 
  -drive file=~/Desktop/QEMU/ubuntu.qcow2,if=virtio 
  -accel hvf 
  -cpu host

I still don't understand why it worked multiple times, and when it worked, the mouse didn't work.
I reinstalled the iso and created a new .qcow2 file and now, each time, I am greeted first with a sort of command prompt followed by a screen purple, sometimes with the "Language" bar at the top (which I can't interact with) and sometimes without, then afterwards commands that I don't understand (and I can't copy / paste because the mouse does not move, so I have a screenshot).

If someone could explain what I'm doing incorrectly and give me some kind of simple guide, it would be very helpful :). Thank you!

How to secure Apache with Let & # 39; s Encrypt on Ubuntu 18.04 – Low End Box

Apache is a web server developed by the Apache Foundation in 1995. Apache is one of the most used and robust web servers. The Apache web server requires a valid SSL certificate to enable web security between the server and the client by encrypting traffic.

Let’s Encrypt is a certificate authority that provides a free SSL certificate and works immediately with all major web browsers. Certbot is the Let’s Encrypt client developed by Electronic Frontier Foundation (EFF). The Let’s Encrypt SSL certificate will provide better security for Apache and will be easy to integrate using the Certbot tool. In this tutorial, you will secure the Apache web server using Let & # 39; s Encrypt SSL for free on your Ubuntu 18.04 server.


  • It requires a valid domain name to generate Let & # 39; s Encrypt free SSL certificates. You can use a paid domain name or you can use a free domain name from various domain registrars.
  • You must configure your DNS management so that your domain name and subdomain are directed to the IPv4 address of your server.

Step 1: install the required packages

Installing Apache Web Server and Certbot is very simple. The default Ubuntu repository contains all of the Apache and Certbot packages. The Advanced Packaging Tool (APT) is the default package manager for Ubuntu which installs these packages so efficiently.

First delete and empty the old apt repository cache.

sudo apt clean all

Then update the repository to load the latest information about the packages.

sudo apt update

You must perform a full upgrade to update the installed packages.

sudo apt dist-upgrade

As soon as the update is implemented, it's time to install the Apache web server and Certbot (Encrypt client) for Apache using the default apt package installers.

sudo apt install apache2 python-certbot-apache

After successful installation of required packages. Allows you to configure the firewall which is explained in the next step.

Step 2: Configure the UFW Firewall

UFW (Unified Firewall) is the default firewall used by Ubuntu. It is a port-based firewall that is easy to configure and manage. The Apache web server requires both HTTP and HTTPS services to allow regular and encrypted traffic.

In order to enable these services, you need the HTTP (80) and HTTPS (443) ports to be open and required by the Apache web server. So you can allow these ports by implementing port-based rules in the firewall.

sudo ufw allow http
sudo ufw allow https

The SSH port (22) is an important port for connecting to the server, but in terms of security it is therefore preferable to keep this port with limited authorization. This will allow port-based security to secure that port against brute force attacks.

sudo ufw limit ssh

After adding all the rules to the firewall, you need to start the firewall and activate it at startup to survive the firewall services during startup.

sudo ufw enable

When everything is finished, it's time to check if any ports are added.

sudo ufw status

If everything is set up perfectly, it looks like an example of a given output.

Status: active

To Action From
-- ------ ----
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
22/tcp LIMIT Anywhere
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
22/tcp (v6) LIMIT Anywhere (v6)

Once this step is completed, let's move on to the next step.

Step 3: Configure Apache VirtualHost

Apache VirtualHost allows multiple domain names to distribute content on a single Apache web server. It allows a secure mechanism to keep different directories for several domain names. It is the cost effective solution that works out of the box with low traffic. This process will keep multiple websites on one machine as a shared environment.

Note: throughout this tutorial, you should replace with your domain name.

The first thing is to add the virtual host to your domain name. The sample Apache VirtualHost configuration file given will help you get it for free. Let's encrypt the SSL certificate. In Ubuntu, Apache VirtualHost is located at available sites and compatible with sites in the Apache configuration directory.

sudo nano /etc/apache2/sites-available/

Add the given lines to the configuration file and make sure that your domain name must be added to Server name and ServerAlias in order to obtain SSL certificates from Let & # 39; s Encrypt.

DocumentRoot /var/www/html/

Require all granted
AllowOverride None

When finished, press Ctrl + O to save and Ctrl + X to quit the nano editor.

After adding the Apache VirtualHost configuration files, you must create the symbolic link between available sites and compatible with sites phone book. This allows you whenever you make changes to the VirtualHost configuration file inside available sites directory and it will be automatically replicated to compatible with sites using these software links.

sudo ln -s /etc/apache2/sites-available/ /etc/apache2/sites-enabled/

Check if the configuration files are correct and this command will also check the syntax of the Apache configuration files.

sudo apachectl -t

If all goes well, this shows Syntax OK as output. If there is a problem, check the Apache VirtualHost files again. After all, restart the services to make changes to the effect.

sudo systemctl restart apache2

After adding the Apache VirtualHost file, it's time to move forward by generating the free Let’s Encrypt SSL certificate to secure the Apache web server.

Step 4: generation of Let’s Encrypt SSL certificate

Certbot is the Let’s Encrypt client for automated generation of Let’s Encrypt SSL and integration with the Apache web server. This step will explain how to use Certbot using the sub-indicator –Apache for automatic SSL integration with Apache and flag -re for all your domain name that requires an SSL certificate.

sudo certbot --apache -d -d

You must provide several pieces of information during the interactive configuration of the Lets’s Encrypt script. You will provide your email address to receive email notifications with various information relating to your Let & # 39; s Encrypt SSL certificate.

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to

Accept the terms of service and choose if your email address is shared with Electronic Frontier Foundation.

Please read the Terms of Service at You must
agree in order to register with the ACME server at
(A)gree/(C)ancel: A

Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about EFF and
our work to encrypt the web, protect its users and defend digital rights.
(Y)es/(N)o: N

When it's all done, Let’s Encrypt will do some challenges to get Let’s Encrypt’s SSL certificates for free. If everything is set up correctly, you will get the SSL certificates from Let & # 39; s Encrypt after completing all the steps.

Obtaining a new certificate
Performing the following challenges:
http-01 challenge for
http-01 challenge for
Enabled Apache rewrite module
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/apache2/sites-available/000-default-le-ssl.conf
Enabled Apache socache_shmcb module
Enabled Apache ssl module
Deploying Certificate to VirtualHost /etc/apache2/sites-available/000-default-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/000-default-le-ssl.conf

If Certbot cannot find your virtualhost server, it will ask you which configuration file you want to add.

We were unable to find a vhost with a ServerName or Address of
Which virtual host would you like to choose?
(note: conf files with multiple vhosts are not yet supported)
1: 000-default.conf | | | Enabled
2: 000-default-le-ssl.conf | | HTTPS | Enabled
Select the appropriate number (1-2) then (enter) (press 'c' to cancel): 2
Deploying Certificate to VirtualHost /etc/apache2/sites-available/000-default-le-ssl.conf

This step is suitable for redirecting unsecured HTTP traffic to secure HTTPS traffic.

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
Select the appropriate number (1-2) then (enter) (press 'c' to cancel): 2
Enabled Apache rewrite module
Redirecting vhost in /etc/apache2/sites-enabled/000-default.conf to ssl vhost in /etc/apache2/sites-available/000-default-le-ssl.conf

When all the steps have been successfully implemented and the Let & # 39; s Encrypt SSL certificate is finally generated, the information provided is displayed.

Congratulations! You have successfully enabled and

You should test your configuration at:

- Congratulations! Your certificate and chain have been saved at:
Your key file has been saved at:
Your cert will expire on 2019-08-02. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
- If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let's Encrypt:
Donating to EFF:

After successfully generating the Let’s Encrypt certificate, it is automatically added to secure Apache. In the next step, you will configure crontab for the automated renewal of Let’s Encrypt SSL certificates.

Step 5: Automatic renewal of SSL certificates from Let & # 39; s Encrypt

Let’s Encrypt’s SSL certificates are valid for 90 days from the date of issue. It is therefore essential to renew the certificate before its expiration date. The crontab allows you to automatically schedule the renewal task at the scheduled time.

To add the entry to crontab, you need one hour of scheduling and the certbot renewal will run periodically during the configured scheduled time.

sudo crontab -e

When first run, it asks the default editor to select the nano as the text editor.

Select an editor. To change later, run 'select-editor'.
1. /bin/nano <---- easiest
2. /usr/bin/vim.basic
3. /usr/bin/vim.tiny
4. /bin/ed

Choose 1-4 (1): 1

Add the given lines to crontab to activate the automatic renewal of Let & # 39; s Encrypt SSL at 05h00. This will automatically renew the SSL certificates before the expiration date.

0 5 * * * /usr/bin/certbot renew --post-hook "systemctl restart apache2"

When finished, press Ctrl + O to save and Ctrl + X to quit the nano editor.

Check if these entries are added to crontab.

sudo crontab -l

This command displays the output of the added cronjobs. This means that you have successfully added the crontab entries for the automatic renewal of the SSL certificate from Let & # 39; s Encrypt.


Finally, you secured Apache using the SSL certificate from Let’s Encrypt. It will also allow automatic renewal of the SSL certificate of Let & # 39; s Encrypt using crontab. This will secure your web property by implementing the SSL certificate of Let & # 39; s Encrypt. At this point, you are ready to use the secure HTTPS protocol for your website.

terminal – gurobi901 in ubuntu 18.04 grbgetkey: command not found

enter description of image here

I installed gurobi9.0.1_linux64.tar.gz

2. I make a directory called "opt" at home and unzip the gurobi901 there.

3.I added the path to my .bashrc and executed the gurobi_cl and grbgetkey command without luck.

4.I added the path to .profile, and run the command gurobi_cl and grbgetkey again without luck.

Any help is appreciated

Master – Main configuration on Postgresql 10 + Ubuntu 18.04 + Pgpool II

Anyone have experience setting up Pgpool II with Postgresql 10 on Ubuntu 18.04?

I am trying to configure Master – Master setup on Postgresql 10 + Ubuntu. I am trying to use Pgpool II

I will have two or more primary DB servers running on different IPs and my goal is synchronized with each other.

I am looking for open-source solution [s] Your thoughts, suggestions and experiences are welcome.

https – Where to configure SSL on the Nginx reverse proxy or on Apache2 on the Ubuntu 18.04 server?

My question is about SSL / TLS.

I use the Ubuntu 18.04 server with:
Apache2 serving 3 public domains on 1 public IP.

On the same server I am using:
Nginx and will be configured as a reverse proxy for the 3 domains.

I have to secure the sites with SSL / TLS.

In two areas, I use the latest versions of:
The third area contains static data.

I will be using Let & # 39; s Encrypt – Certbot for SSL / TLS.

The question is, should I set SSL / TLS for Nginx reverse proxy only (do not host a domain), for Apache only (host all three domains), or should I run Certbot for Nginx and Apache?

My thinking is that since Nginx does not host a domain, there is no need to use SSL / TLS on it, so I think I should treat SSL / TLS as if Nginx doesn’t ; was not even involved and would only apply it to Apache.

All responses are appreciated.

7 – Migrating the Drupal site from FreeBSD 12 to Ubuntu 18.04 Unknown behavior of the SQL database

I am currently trying to migrate the Drupal site from FreeBSD 12 to Ubuntu 18.04. All configurations are copied and moved to Ubuntu 18.04. Everything seems to be fine and I was able to create the Drupal site with Ubuntu 18.04, but each time I clear the cache on the new site, it seems that the page settings have disappeared and the content goes everywhere . In addition, the most recent content is also deleted. I usually use the mysqldump command line to empty the mysql database and restore the backup with the mysql command line. I have also tried to download phpmyadmin to empty and restore the mysql database, but the problem is still present. This is a critical problem on the site, because installing a new module automatically clears the cache.

Drupal version: 7.59

I assume that when the mysql database is emptied, the most recent content and the page parameters go into the cache ..? I don't really know how mysql saves the database. Any help would be of great help to me to continue the migration. Thank you!

virtualization – The Virsh command does not work to install the Centos 8 virtual machine on Ubuntu 18.04 via qemu / kvm

I am trying to install centos 8 on Ubuntu 18.04 as a virtual machine. I have a wireless connection. When I execute the following command:

chh2@chh2-cpu:~$ sudo virt-install  --name=chris_centos  --ram=2048  --vcpus=2  --cdrom=/var/lib/libvirt/images/CentOS-8.1.1911-x86_64-dvd1.iso --os-type=linux --os-variant=rhel7  --network network=default --graphics=spice  --disk path=/var/lib/libvirt/images/chris_centos.dsk,size=10

I get the following error message:

Starting install...
Allocating 'chris_centos.dsk'                         |  10 GB  00:00     
No protocol specified
Unable to init server: Could not connect: Connection refused

(virt-viewer:16144): Gtk-WARNING **: 16:41:23.769: cannot open display: :0
Domain installation still in progress. You can reconnect to 
the console to complete the installation process.

I don't know why it doesn't work. I'm a bit new to this, so it would be great to get help.

bash – Command works on the terminal but does not work as a server system service Ubuntu 18.04

I checked again and again on the terminal and ./ both running but not able to start as a service.
I know I'm wrong but I don't know what.


cd / root / goweb / bin
echoip -t = / root / goweb / bin / index.html


Description = goweb

[A service]
Type = fork
Restart = always
RestartSec = 5s
ExecStart = / root /

WantedBy =


– The goweb.service unit has started to start.
January 19 7:07:40 p.m. ip [13346]: /root/ line 3: echoip: command not found
January 19 7:07:40 p.m. ip systemd [1]: goweb.service: Control process completed, code = exite
January 19 7:07:40 p.m. ip systemd [1]: goweb.service: failure with result & # 39; exit code & # 39 ;.
January 19 7:07:40 PM ip systemd [1]: Unable to start goweb.
– Subject: goweb.service unit failed
– Defined by: systemd