I am running CrunchBang based on Debian 6. I can't do anything printer related. It is saying I am unauthenticated. I have tried: family@familydesktop:~$ sudo lppasswd -a family Enter password: Enter password again: family@familydesktop:~$ sudo lppasswd -a root Enter password: Enter password again: Yet I still can't add a printer. What do I do?

If there is some data in the file system does it has to be moved?

I have a system I'm managing (running RHEL 8) that has multiple users in our small office, who log into it in various ways -- locally at the console, remotely via SSH and NoMachine Workstation. When I do updates that include a new kernel, or for some other reason I need to reboot the machine, I'd like to make sure there are no currently logged-in users, so I'm not interrupting users who are running software on the machine. So what I'd like to have is a command that lists all currently logged in users. I've done quite a bit of searching on this topic, and the methods I've found in response to this question are simply wrong, in the sense that they provably do not work. The commands who, w, and users do **NOT** list **all logged-in users**. As I'm writing this there are three users currently logged in to the computer in question, including myself. These commands list only one of these three (incidentally, I'm not one of them). The one user who is listed by these commands is logged in via SSH and has an open terminal. Another user who has no TTY but has several GUI applications open with their X displays piped to his laptop through SSH does not appear, and neither do I (I have a graphical login via NoMachine). In fact, who -m returns no output when I run it. I can use ps -ef to list all processes and find processes currently running for all these users. The command last | grep 'still logged in' (suggested here ) results in the same incomplete list as above (it's getting its information from the same source). So, repeating the question -- what is the definitive method to get a list of all logged in users (users who have authenticated via the normal mechanisms, and have interactive processes currently running under their user IDs) ? I'd like to do this without searching through the output of ps. EDIT -- The users on this workstation are all authenticating via LDAP, however I've verified that this is not related to the question. I have created a local user account, which also does not show up in response to who or users when logged in by the same means as described above.

A security rule of RHEL 8 must disable the use of user namespaces. states > Discussion: It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors. > > Fix Text: user.max_user_namespaces = 0 in a sysctl.conf followed by sysctl --system - Does using user namespaces, for what I think is an unlimited (65535) value from a clean default install from rhel-8.10.iso, cause an *increased risk as an additional attack vector* ? - Is User Namespaces an *unnecessary capability* ? - Can the rationale behind user namespaces be stated here in layman's terms? Why is it a [good?] thing ?

A security guideline makes this statement >The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness. The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems. > > The SSH implementation in RHEL8 uses the OPENSSL library, which does not use high-entropy sources by default. By using the SSH_USE_STRONG_RNG environment variable the OPENSSL random generator is reseeded from /dev/random. **This setting is not recommended** on computers without the hardware random generator because insufficient entropy causes the connection to be blocked until enough entropy is available. > > Configure the operating system SSH server to use strong entropy with `SSH_USE_STRONG_RNG=32 in /etc/sysconfig/sshd` That second paragraph having *not recommended* is more or less taken from https://linux.die.net/man/8/sshd a clean install of Linux from *rhel-8.10-x86_64-dvd.iso* has SSH_USE_STRONG_RNG=0 set in /etc/sysconfig/sshd with the comment of ***Do not change this option unless you have hardware random generator and you REALLY know what you are doing*** - can someone explain all this in simple terms? Is the claim of OpenSSL not using high-entropy true and is it a real problem to worry about or is this taken out of context and nit picking? - for my home pc an asrock mobo bought ~ 2015, does it have a hdwr rng ? - for a dell r740 server, would that have a hdwr rng? - how can you tell if your system has a hdwr rng? - can someone explain in detail what it means to *really know what you are doing* regarding this?

at https://www.man7.org/linux/man-pages/man5/login.defs.5.html > With a lot of rounds, it is more difficult to brute force thepassword. But note also that more CPU resources will be needed to authenticate users. If not specified, the libc will choose the default number of rounds (5000), **which is orders of magnitude too low for modern hardware** - this item is not mentioned in the /etc/login.defs from a clean install from rhel-8.10-x86_64-dvd.iso - github mentions using at least 10000 - at least 210000 mentioned by here: https://medium.com/@crypticrisk/increase-red-hat-enterprise-linux-hashing-rounds-996394a24a30 - as well as saying as high as feasibly possible is there a way to check and observe the number of rounds in operation? anyone have first hand experience setting this value, what is highest feasibly possible? And what should one expect to happen if it is set too high? Is it a one-time thing per user when they first log in, like instant vs 2 second delay... ? second delay?

Using RHEL-8.10 Linux servers in combination with Microsoft Windows 11 workstations in a work environment, samba server is being used with security = user and passdb backend = tdbsam. Doing a simple smbpasswd -a and if the samba password matches the WindowsNT of `` then everything works nicely. Problem arises when a user successfully changes their WindowsNT password (when they are forced to) and then when updating their Linux login password [and their samba password which has login password rules applied to it] they fail because it is not complex enough or does not have enough difference from the old one. Is there an [acceptable] solution to this? *I can't just put zeros in for everything in /etc/security/pwquality.conf* This is my pwquality.conf minlen = 15 difok = 8 dcredit = -1 lcredit = -1 ocredit = -1 ucredit = -1 minclass = 4 maxrepeat = 3 maxclassrepeat = 4 dictcheck = 1 retry = 3 is their a corresponding set of settings in Windows 11 ? what is the **complexity algorithm** used in Linux and in Windows? That seems to be the biggest problem, as Windows will generally take a word combination for example something like *KeyboardMouse1!* whereas Linux will say that's not complex enough.

Am I being a curmudgeon, or should /etc/default be reserved to settings for the operating system? I'm seeing systems show up with /etc/default/{company}-environment. The file is typically Tomcat data, but not always. I've also seen setup data for Mqueue. One objection I've heard that makes sense on a technical level is that it does not allow applications to migrate to Containers. Beyond that, am I just carping? I posted this question over in ServerFault, but it isn't getting any answers. What does the group assembled here think? I've looked in the local Confluence docs and it's been this way for like ten years. The technical curmudgeon in me just objects because /etc should not have anything but operating system components. I'd be interested in others' thoughts.

I have a cluster with a single server running rhel-8 as the head node and then 10 compute node servers also running rhel-8. There are two networks: a 1gbps network on conventional cat6 cables and then a mellanox infiniband network which has opensm running on the head node. The 1gbps network is on network port eno2 on the head node and compute nodes, and the infiniband network is on port ib0. Is there a way to see or observe network traffic? When analysis is run users can tell their software to use either network - obviously using the faster infiniband network *should* be better - is there a way in Linux I can validate **where** network traffic is happening whether it's on eno2 or ib0? And then is it possible to correlate however much traffic I am witnessing how it relates to overall bandwidth / capacity of the given network?

Are basic system administrator utilities such as useradd or adduser standardized? If so, where can I find the specs? (POSIX doesn't seem to encompass those, but I might need to take a better look).

When moving from md-raid to btrfs raid, I am missing one feature from mdadm.conf:

PROGRAM /sbin/mdadm-alert.sh

This will trigger a script on any md-raid issues or important events. I use this in combination with my telemetry and monitoring agents. How can I trigger monitoring events for btrfs raid?

By default, systemd drops to an emergency shell at the slightest error. For example, if one of the mounts at fstab fails for some reason the system becomes unbootable immediately. I manage dozens of diverse production systems, and I've found this behavior very damaging. (Actually, I think it's a major design failure, but that's a personal opinion). I'd like to increase the system boot resilience. Optimally the system should always boot up, missing drivers, mounts, etc. shouldn't drop emergency shell, (just show warning instead) unless the given error would render console login absolutely impossible. What can be run, that should be run. I know systemd automatically generates *.mount files from /etc/fstab and I could use the nofail option with small x-systemd.device timeout (or define the relevant .mount files myself). However, it wouldn't solve my problem. I want to make the system more resilient, "patching" fstab every time is not very convenient, and I'm not sure how many other possible "problems" exist which would render my system unbootable just because some developer somewhere thought it's important enough. In sort, I'd like to regain the control over my machine and not let systemd decide what problem is serious enough to crush the boot process. Is it possible?

We are facing a problem with managing cron jobs over multiple servers with dependencies. I hope there is an opensource central management project that I can be used to handle that and report the status of each job. I found a project called chronos that runs on a top of mesos, but is there any alternative?

In Linux, RHEL-8.10 or later if it matters, I would like to write some C code that takes in various parameters and upon a certain condition issues a system("init 0") to shutdown the system. Before issuing the shutdown, I would like to throw a one line message into /var/log/messages that states *system being shut down by ron's code* so that I have a record of when that has happened. How do you properly write into /var/log/messages? *Obviously I can do an fopen("/var/log/messages, "a") and a simple fprintf but that seems like a bit of a hack.*

I am building a home server just for fun and for the learning experience. This is my first time, so I am relatively new to all of this. The plan is to run things like pi-hole and Nextcloud and a few other things. For that, I decided to try to run everything inside its own Podman container on my alma linux server. At first, I tried to install everything directly on the server, but then I got into trouble because multiple services wanted to use the same port (after I found out what all these things are ;) ), and then I read about Podman and thought that might solve my problems. I followed a tutorial online and installed pi-hole via

podman run -d --name pihole -e TZ="Europe/Zurich" -e WEBPASSWORD="********"  -p 192.168.0.188:5300:53/tcp -p 192.168.0.188:5300:53/udp -p 192.168.0.188:8000:80 -v "/srv/pi-hole:/root:z" --restart=on-failure pihole/pihole:latest

I can then access pihole via 192.168.0.188:8000/admin from my browser. But now I am stuck, because I don't know how to connect for example my phone to it. My router does not allow using my own dns, so I figured that I had to connect all my devices by myself to the pihole. I can do this if I just install the pi-hole directly on my server (go to settings and put my server ip there), but I don't know how to do this when I install it in the podman container (putting server ip in settings does not work). Does anybody know how I can solve this? Ps: This is my first time using such a forum, so please give me your feedback on whether I use it correctly. Thanks **Solved:** I maped the 53 udp/tcp from the server directly to 53 inside of the container. Now everything works fine.

So i just now tried to update my installed packages in order to upgrade my Debian version and 'apt-get update -y' threw me this error: apt-get update -y Hit:1 http://security.debian.org buster/updates InRelease Hit:2 http://deb.debian.org/debian buster InRelease Hit:3 http://deb.debian.org/debian buster-updates InRelease Ign:4 http://deb.debian.org/debian buster-backports InRelease Err:5 http://deb.debian.org/debian buster-backports Release 404 Not Found [IP: 199.232.150.132 80] Get:6 https://download.docker.com/linux/debian buster InRelease [53.9 kB] Get:7 https://deb.nodesource.com/node_12.x buster InRelease [4,584 B] Get:8 https://download.mono-project.com/repo/debian stable-buster InRelease [5,874 B] Get:9 https://packages.microsoft.com/debian/10/prod buster InRelease [6,538 B] Ign:10 https://packages.cloud.google.com/apt kubernetes-xenial InRelease Err:12 https://packages.cloud.google.com/apt kubernetes-xenial Release 404 Not Found [IP: 216.58.214.174 443] Get:11 https://adoptopenjdk.jfrog.io/adoptopenjdk/deb buster InRelease [11.5 kB] Err:11 https://adoptopenjdk.jfrog.io/adoptopenjdk/deb buster InRelease Clearsigned file isn't valid, got 'NOSPLIT' (does the network require authentication?) Hit:13 https://packagecloud.io/ookla/speedtest-cli/debian buster InRelease Get:14 https://packages.microsoft.com/debian/10/prod buster/main amd64 Packages [223 kB] Reading package lists... Done E: The repository 'http://deb.debian.org/debian buster-backports Release' no longer has a Release file. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. E: The repository 'https://apt.kubernetes.io kubernetes-xenial Release' no longer has a Release file. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. E: Failed to fetch https://adoptopenjdk.jfrog.io/adoptopenjdk/deb/dists/buster/InRelease Clearsigned file isn't valid, got 'NOSPLIT' (does the network require authentication?) E: The repository 'https://adoptopenjdk.jfrog.io/adoptopenjdk/deb buster InRelease' is no longer signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. Is there any way to fix this mess without reinstalling the server?

**Scenario:** - Linux server, allowing users to connect via SSH using the putty-0.80.exe ssh client on Windows 10. - Work environment, 100+ users mostly NOT computer savvy - Linux Server updated from Redhat-7 to Redhat-8, as such the SSH host key legitimately changes. - When users go to log in for the first time on the server having been updated to RHEL-8, they get the Putty Security Breach Warning, SSH host key has changed - *the host key does not match the one putty has cached for this server; this means either the admin has changed the host key or you have actually connected to another computer pretending to be the server; the new ecdsa-sha2-nistp256 key fingerprint is ...* **What is the *correct* way to handle this situation?** - Am I the only one who ignores this whenever this putty warning pops up and just clicks accept and tells everyone else to just click accept and ignore it? What do you do? - Is maintaining my previous key from the RHEL-7 installation and then importing it into the RHEL-8 installation acceptable (so users never see this warning in putty) ? - With the new SSH host key created from the RHEL-8 installation (upgrade) how would you disseminate that to 100+ users who don't understand any of this? The update from RHEL 7 to 8 was entirely transparent to users except for this.

on a Redhat 8.9 system built from rhel-8.9-x86-64.iso as *Server with GUI*, I have the following rpm's installed (see below) by default I assume. The folder /var/log/pcp/pmlogger// has around 200 files that are mostly all compressed to .xz but this folder size is 2 gb. - what is pcp and do I really need it installed? What function might it be doing that I can't live without? - Is there a way to prevent the pmlogger folder size from growing so large? Is it ok to remove the contents of this folder? - With the yum remove pcp results show below, is there anything that stands out as being a problem if I go ahead with the removal of pcp? . # yum remove pcp ================================================================================ Package Arch Version Repository Size ================================================================================ Removing: pcp x86_64 5.3.7-18.el8 @AppStream 4.9 M Removing dependent packages: pcp-export-pcp2elasticsearch x86_64 5.3.7-18.el8 @AppStream 22 k pcp-export-pcp2graphite x86_64 5.3.7-18.el8 @AppStream 19 k pcp-export-pcp2influxdb x86_64 5.3.7-18.el8 @AppStream 22 k pcp-export-pcp2json x86_64 5.3.7-18.el8 @AppStream 23 k pcp-export-pcp2spark x86_64 5.3.7-18.el8 @AppStream 21 k pcp-export-pcp2xml x86_64 5.3.7-18.el8 @AppStream 25 k pcp-export-pcp2zabbix x86_64 5.3.7-18.el8 @AppStream 25 k pcp-gui x86_64 5.3.7-18.el8 @AppStream 2.5 M pcp-libs-devel x86_64 5.3.7-18.el8 @AppStream 196 k pcp-pmda-apache x86_64 5.3.7-18.el8 @AppStream 31 k pcp-pmda-bash x86_64 5.3.7-18.el8 @AppStream 37 k pcp-pmda-bcc x86_64 5.3.7-18.el8 @AppStream 291 k pcp-pmda-bpftrace x86_64 5.3.7-18.el8 @AppStream 66 k pcp-pmda-cifs x86_64 5.3.7-18.el8 @AppStream 57 k pcp-pmda-cisco x86_64 5.3.7-18.el8 @AppStream 79 k pcp-pmda-denki x86_64 5.3.7-18.el8 @AppStream 53 k pcp-pmda-dm x86_64 5.3.7-18.el8 @AppStream 129 k pcp-pmda-elasticsearch x86_64 5.3.7-18.el8 @AppStream 78 k pcp-pmda-gfs2 x86_64 5.3.7-18.el8 @AppStream 92 k pcp-pmda-gluster x86_64 5.3.7-18.el8 @AppStream 17 k pcp-pmda-haproxy x86_64 5.3.7-18.el8 @AppStream 37 k pcp-pmda-infiniband x86_64 5.3.7-18.el8 @AppStream 44 k pcp-pmda-json x86_64 5.3.7-18.el8 @AppStream 71 k pcp-pmda-libvirt x86_64 5.3.7-18.el8 @AppStream 60 k pcp-pmda-lio x86_64 5.3.7-18.el8 @AppStream 18 k pcp-pmda-lmsensors x86_64 5.3.7-18.el8 @AppStream 13 k pcp-pmda-logger x86_64 5.3.7-18.el8 @AppStream 42 k pcp-pmda-lustrecomm x86_64 5.3.7-18.el8 @AppStream 28 k pcp-pmda-mailq x86_64 5.3.7-18.el8 @AppStream 25 k pcp-pmda-mic x86_64 5.3.7-18.el8 @AppStream 27 k pcp-pmda-mongodb x86_64 5.3.7-18.el8 @AppStream 29 k pcp-pmda-mounts x86_64 5.3.7-18.el8 @AppStream 25 k pcp-pmda-mssql x86_64 5.3.7-18.el8 @AppStream 80 k pcp-pmda-netcheck x86_64 5.3.7-18.el8 @AppStream 66 k pcp-pmda-nfsclient x86_64 5.3.7-18.el8 @AppStream 67 k pcp-pmda-nvidia-gpu x86_64 5.3.7-18.el8 @AppStream 78 k pcp-pmda-openmetrics x86_64 5.3.7-18.el8 @AppStream 76 k pcp-pmda-openvswitch x86_64 5.3.7-18.el8 @AppStream 24 k pcp-pmda-perfevent x86_64 5.3.7-18.el8 @AppStream 194 k pcp-pmda-podman x86_64 5.3.7-18.el8 @AppStream 92 k pcp-pmda-postgresql x86_64 5.3.7-18.el8 @AppStream 75 k pcp-pmda-rabbitmq x86_64 5.3.7-18.el8 @AppStream 25 k pcp-pmda-roomtemp x86_64 5.3.7-18.el8 @AppStream 37 k pcp-pmda-sendmail x86_64 5.3.7-18.el8 @AppStream 49 k pcp-pmda-shping x86_64 5.3.7-18.el8 @AppStream 43 k pcp-pmda-smart x86_64 5.3.7-18.el8 @AppStream 104 k pcp-pmda-sockets x86_64 5.3.7-18.el8 @AppStream 73 k pcp-pmda-statsd x86_64 5.3.7-18.el8 @AppStream 173 k pcp-pmda-summary x86_64 5.3.7-18.el8 @AppStream 35 k pcp-pmda-systemd x86_64 5.3.7-18.el8 @AppStream 33 k pcp-pmda-trace x86_64 5.3.7-18.el8 @AppStream 56 k pcp-pmda-unbound x86_64 5.3.7-18.el8 @AppStream 67 k pcp-pmda-weblog x86_64 5.3.7-18.el8 @AppStream 161 k pcp-pmda-zswap x86_64 5.3.7-18.el8 @AppStream 10 k pcp-system-tools x86_64 5.3.7-18.el8 @AppStream 959 k pcp-zeroconf x86_64 5.3.7-18.el8 @AppStream 14 k python3-pcp x86_64 5.3.7-18.el8 @AppStream 359 k Removing unused dependencies: HdrHistogram_c x86_64 0.9.13-2.el8 @AppStream 45 k bcc x86_64 0.25.0-5.el8 @AppStream 3.5 M bcc-tools x86_64 0.25.0-5.el8 @AppStream 1.8 M bpftrace x86_64 0.16.0-4.el8 @AppStream 11 M chan x86_64 0.0.4-3.el8 @AppStream 32 k clang-libs x86_64 16.0.6-2.module+el8.9.0+19521+190d7aba @AppStream 108 M clang-resource-filesystem x86_64 16.0.6-2.module+el8.9.0+19521+190d7aba @AppStream 0 compiler-rt x86_64 16.0.6-3.module+el8.9.0+20599+53352ad4 @rhel-8-for-x86_64-appstream-rpms 26 M gcc-toolset-13-gcc-c++ x86_64 13.1.1-4.3.el8 @AppStream 36 M gcc-toolset-13-libstdc++-devel x86_64 13.1.1-4.3.el8 @AppStream 22 M libomp x86_64 16.0.6-3.module+el8.9.0+19397+8ad4a755 @AppStream 2.4 M libomp-devel x86_64 16.0.6-3.module+el8.9.0+19397+8ad4a755 @AppStream 17 M libpfm x86_64 4.13.0-4.el8 @AppStream 2.6 M libpq x86_64 13.11-1.el8 @AppStream 728 k lm_sensors x86_64 3.4.0-23.20180522git70f7e08.el8 @anaconda 445 k python3-bcc x86_64 0.25.0-5.el8 @AppStream 391 k python3-jsonpointer noarch 1.10-11.el8 @AppStream 32 k python3-libvirt x86_64 8.0.0-2.module+el8.9.0+18724+20190c23 @AppStream 2.0 M python3-netaddr noarch 0.7.19-8.el8 @AppStream 8.4 M python3-psycopg2 x86_64 2.7.5-7.el8 @AppStream 544 k python3-pyodbc x86_64 4.0.30-2.el8 @AppStream 172 k unixODBC x86_64 2.3.7-1.el8 @AppStream 1.5 M Transaction Summary ================================================================================ Remove 80 Packages

I am facing an issue where the overlay and /dev/vda1 filesystems on my server are both completely utilized, showing 100% usage. This scenario has led to operational challenges, and I am seeking advice on how to effectively free up space or manage storage to mitigate this issue. Here is the output of df -h for context: Filesystem Size Used Avail Use% Mounted on overlay 97G 97G 0 100% / tmpfs 64M 0 64M 0% /dev tmpfs 111G 0 111G 0% /sys/fs/cgroup /dev/vdb 393G 65G 329G 17% /root/easymaker tmpfs 222G 12K 222G 1% /dev/shm 198.18.32.36:/GJ_SHARE_FS11/8683766f-1a8c-4531-87ba-2370c3ff2ad3 20T 0 20T 0% /root/backup 198.18.32.7:/GJ_SHARE_FS9/5470219b-58ed-4a37-9de0-1788451ad4b4 49T 16M 49T 1% /root/data /dev/vda1 97G 97G 0 100% /etc/hosts tmpfs 222G 12K 222G 1% /run/secrets/kubernetes.io/serviceaccount As you can see, both the overlay and /dev/vda1 filesystems are at full capacity. I am currently running a cloud environment, which may be contributing to the rapid space utilization on these filesystems. I have looked into common solutions such as pruning unused Docker images and containers, but I am cautious and seeking guidance on best practices, especially considering the operational importance of the data and applications running on this server. Could anyone provide insights or recommended strategies for safely freeing up space or preventing such issues in Docker environments? Are there specific logs, temporary files, or data that can be safely removed or moved to other storage without disrupting ongoing operations? 1. Attempted to identify large files or directories consuming disk space using du -ah / | sort -rh | head -20. - Expected: To list the top 20 largest files or directories. - Actual: Received an error message "sort: write failed: /tmp/sortVOhsjQ: No space left on device." 2. Tried to remove large files or directories to free up disk space using rm -rf /overlay/*. - Expected: To delete files or directories within the specified path. - Actual: Received an error message indicating that the path does not exist. 3. Attempted to remove the /etc/hosts file to free up space on the /dev/vda1 filesystem. - Expected: To successfully remove the file. - Actual: Received an error message "rm: cannot remove '/etc/hosts': Device or resource busy." 4. Tried to update the package repositories using apt-get update. - Expected: To update the package repositories successfully. - Actual: Received errors due to lack of disk space, such as "Splitting up /var/lib/apt/lists/developer.download.nvidia.com_compute_cuda_repos_ubuntu2204_x86%5f64_InRelease into data and signature failed." 5. Attempted to clean up unused Docker resources using docker network rm cw-net. - Expected: To remove the specified Docker network. - Actual: Received an error message "bash: docker: command not found." 6. Tried to identify large files or directories within the /overlay directory using du -ah /overlay | sort -rh | head -n 20. - Expected: To list the top 20 largest files or directories within the specified path. - Actual: Received an error message "du: cannot access '/overlay': No such file or directory." Overall, despite various attempts to free up disk space and identify large files or directories, encountered limitations due to lack of available disk space and inability to execute certain commands. Additional solutions or assistance may be required to address the underlying issue effectively.

What is the best way to get the correct value of *total bytes written* to disk per day? My goal is to log it over time, so as an admin you can gain some sense of activity on a Linux Server and have a metric first hand that I can use to somewhat predict an SSD life expectancy... if cheaper consumer grade 1-DWPD can be used or for what you are doing you need to be using 3-DWPD enterprise class ssd's for example. I am interested in the difference between XFS, EXT4, BTFS file system choices, as well as extra software/services installed in Linux, that might have an effect on SSD life. **is there a better command than smartctl to capture the information I am looking for?** I can write code to deal with this --xall extended output, or it there a better more specific smartctl option? based on this output, what would value should I use to determine drive writes accurately? I would do the following for disks 0..7 via -d megaraid,#. This on on RHEL 8.9. smartctl --xall -d megaraid,0 /dev/sda smartctl 7.1 2019-12-30 r5022 [x86_64-linux-4.18.0-513.11.1.el8_9.x86_64] (local build) Copyright (C) 2002-19, Bruce Allen, Christian Franke, www.smartmontools.org === START OF INFORMATION SECTION === Vendor: TOSHIBA Product: KPM5WRUG3T84 Revision: B318 Compliance: SPC-4 User Capacity: 3,840,755,982,336 bytes [3.84 TB] Logical block size: 512 bytes Physical block size: 4096 bytes LU is resource provisioned, LBPRZ=1 Rotation Rate: Solid State Device Form Factor: 2.5 inches Logical Unit id: 0x58ce38ee20abca55 Serial number: abc123 Device type: disk Transport protocol: SAS (SPL-3) Local Time is: Thu Mar 7 13:55:22 2024 EST SMART support is: Available - device has SMART capability. SMART support is: Enabled Temperature Warning: Disabled or Not Supported Read Cache is: Enabled Writeback Cache is: Enabled === START OF READ SMART DATA SECTION === SMART Health Status: OK Percentage used endurance indicator: 0% Current Drive Temperature: 29 C Drive Trip Temperature: 70 C Manufactured in week 33 of year 2019 Elements in grown defect list: 2 Error counter log: Errors Corrected by Total Correction Gigabytes Total ECC rereads/ errors algorithm processed uncorrected fast | delayed rewrites corrected invocations [10^9 bytes] errors read: 0 0 0 0 0 27081.068 0 write: 0 0 0 0 0 8041.818 0 verify: 0 0 0 0 0 23058.613 0 Non-medium error count: 87 SMART Self-test log Num Test Status segment LifeTime LBA_first_err [SK ASC ASQ] Description number (hours) # 1 Background long Completed - 38 - [- - -] # 2 Background short Completed - 37 - [- - -] # 3 Background long Completed - 14 - [- - -] # 4 Background short Completed - 14 - [- - -] Long (extended) Self-test duration: 300 seconds [5.0 minutes] Background scan results log Status: no scans active Accumulated power on time, hours:minutes 1169:17 [70157 minutes] Number of background scans performed: 0, scan progress: 0.00% Number of background medium scans performed: 0 Protocol Specific port log page for SAS SSP relative target port id = 1 generation code = 4 number of phys = 1 phy identifier = 0 attached device type: SAS or SATA device attached reason: unknown reason: loss of dword synchronization negotiated logical link rate: phy enabled; 12 Gbps attached initiator port: ssp=1 stp=1 smp=1 attached target port: ssp=0 stp=0 smp=0 SAS address = 0x58ce38ee20abca56 attached SAS address = 0x52cea7f048bd6b07 attached phy identifier = 1 Invalid DWORD count = 12 Running disparity error count = 12 Loss of DWORD synchronization = 3 Phy reset problem = 0 relative target port id = 2 generation code = 4 number of phys = 1 phy identifier = 1 attached device type: no device attached attached reason: unknown reason: unknown negotiated logical link rate: phy enabled; unknown attached initiator port: ssp=0 stp=0 smp=0 attached target port: ssp=0 stp=0 smp=0 SAS address = 0x58ce38ee20abca57 attached SAS address = 0x0 attached phy identifier = 0 Invalid DWORD count = 0 Running disparity error count = 0 Loss of DWORD synchronization = 0 Phy reset problem = 0