Re: [CentOS] find with -mtime and -print0 = inaccurate results

2012-10-25 Thread Sean Carolan
> Order of operations
>   find /path/to/files/ -type f -mtime -2 -name *.xml.gz -print0

Thanks!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] find with -mtime and -print0 = inaccurate results

2012-10-25 Thread Sean Carolan
If I run this:

find /path/to/files/ -type f -mtime -2 -name *.xml.gz

I get the expected results, files with modify time less than two days old.

But, if I run it like this, with the print0 flag:

find /path/to/files/ -print0 -type f -mtime -2 -name *.xml.gz

I get older files included as well.  Anyone know why?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Rsync - include only files containing matching string

2012-10-17 Thread Sean Carolan
I have a string, "2012_10_16"; let's call this $YESTERDAY

How can I rsync a file tree from a remote machine to the local one,
including *only* filenames that contain the matching string?  I've
read the man page and googled around but can't seem to get the syntax
right.  I either end up syncing all the files, or none of them.
Here's how the code looks now (I will remove the dry run once it is
working):

rsync -avz --dry-run --include=*$YESTERDAY* remotehost:remotedir/
localdir/transfer/
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Gradually adjust NTP sync over time?

2012-09-04 Thread Sean Carolan
> What I'm trying to avoid is abruptly resetting the clock from 12:06 to
> 12:05 all at once.  Instead we want to slowly turn the clock back that
> one minute, but spread the changes across several hours or days.

I think the "-x" option may be our solution; I R'd the FM and it says:

"...If the -x option is included on the command line, the clock will
never be stepped and only slew corrections will be used."
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Gradually adjust NTP sync over time?

2012-09-04 Thread Sean Carolan
> This is already how ntpd works.  When you first start the service
> (usually upon reboot), it will use 'ntpdate' to do a hard set of the
> clock, then ntpd picks up and adjusts the clock back and forth to keep
> it correct.

My understanding was that ntpd will use "slewing" for adjustments of
less than ~120ms or so, but for adjustments between 120ms and 17
minutes it will use "stepping" instead, making an abrupt and immediate
adjustment of the entire delta.

What I'm trying to avoid is abruptly resetting the clock from 12:06 to
12:05 all at once.  Instead we want to slowly turn the clock back that
one minute, but spread the changes across several hours or days.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Gradually adjust NTP sync over time?

2012-09-04 Thread Sean Carolan
Suppose you have server A and server B.  Server B is running 60
seconds too fast, while server A is accurate.  Is there a way to
gradually move server B's time back into sync with server A, without
making a drastic, immediate change to the clock?  In other words, we
would like to 'smear' the difference across several hours or days to
ensure there are no drastic changes in timestamps, etc.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Optimizing grep, sort, uniq for speed

2012-06-28 Thread Sean Carolan
>> *sigh*
>> awk is not "cut". What you want is
>> awk '{if (/[-\.0-9a-z][-\.0-9a-z]*.com/) { print $9;}}' | sort -u

I ended up using this construct in my code; this one fetches out
servers that are having issues checking in with puppet:

awk '{if (/Could not find default node or by name with/) { print
substr($15, 2, length($15)-2);}}' ${TMPDIR}/* | sort -u

Thanks again, your knowledge and helpfulness is much appreciated.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Optimizing grep, sort, uniq for speed

2012-06-28 Thread Sean Carolan
> *sigh*
> awk is not "cut". What you want is
> awk '{if (/[-\.0-9a-z][-\.0-9a-z]*.com/) { print $9;}}' | sort -u
>
> No grep needed; awk looks for what you want *first* this way.

Thanks, Mark.  This is cleaner code but it benchmarked slower than awk
then grep.

real3m35.550s
user2m7.186s
sys 0m27.793s

I'll run it a few more times to make sure that it wasn't some other
process slowing it down.

I really need to brush up some more on my awk skills!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Optimizing grep, sort, uniq for speed

2012-06-28 Thread Sean Carolan
Thank you Mark and Gordon.  Since the hostnames I needed to collect
are in the same field, at least in the lines of the file that are
important.  I ended up using suggestions from both of you, the code is
like this now.  The egrep is there to make sure whatever is in the 9th
field looks like a domain name.

for host in $(awk '{ print $9 }' ${TMPDIR}/* | egrep
"[-\.0-9a-z][-\.0-9a-z]*.com" | sort -u); do
HOSTS+=("$host")
done

Original script:
real28m11.488s
user26m57.043s
sys 0m30.634s

Using awk instead of grepping the entire batch:
real6m14.949s
user5m0.629s
sys 0m26.914s

Using awk and with export LANG=C
real2m50.611s
user1m20.849s
sys 0m27.366s

Awesome, thanks for the tips!



> For one, do the sort in one step: sort -u. For another, are the hostnames
> always the same field? For example, if they're all /var/log/messages, I'd
> do awk '{print $4;}' | sort -u

> You have two major performance problems in this script.  First, UTF-8
> processing is slow.  Second, wildcards are EXTREMELY SLOW!

> You'll get a HUGE performance boost from prefixing your search with some
> known prefix to your regex.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Optimizing grep, sort, uniq for speed

2012-06-28 Thread Sean Carolan
This snippet of code pulls an array of hostnames from some log files.
It has to parse around 3GB of log files, so I'm keen on making it as
efficient as possible.  Can you think of any way to optimize this to
run faster?

HOSTS=()
for host in $(grep -h -o "[-\.0-9a-z][-\.0-9a-z]*.com" ${TMPDIR}/* |
sort | uniq); do
HOSTS+=("$host")
done
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] sar -n DEV does not show bonded interfaces

2012-02-08 Thread Sean Carolan
> Anyone know how to get statistics on bonded interfaces?  I have a
> system that does not use eth0-3, rather we have bond0, bond1, bond2.
> The members of each bond are not eth0-3, rather they are eth6, eth7,
> etc.  I didn't see anything in the man page about forcing sar to
> collect data on specific network interfaces.

Oops, you can disregard this one...user error.  I was looking at the
wrong host.  Nothing to see here, please move along  ;-)
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] sar -n DEV does not show bonded interfaces

2012-02-08 Thread Sean Carolan
Anyone know how to get statistics on bonded interfaces?  I have a
system that does not use eth0-3, rather we have bond0, bond1, bond2.
The members of each bond are not eth0-3, rather they are eth6, eth7,
etc.  I didn't see anything in the man page about forcing sar to
collect data on specific network interfaces.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Convert RTF to ANSI color codes

2011-11-10 Thread Sean Carolan
Anyone have a script or utility to convert an RTF file to ANSI?  The
main idea here is to preserve the color codes that are specified in
the RTF file, so they can be displayed easily in a terminal window.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Variable assigned to grep output - missing letter n!

2011-07-20 Thread Sean Carolan
> (No, I don't advocate perl for everything, but knowing more about the
> problem can
> help in determining a suitable solution.)

You're right, I gave up and used python instead.  The basic idea here
was to gather together a long list of hostnames by grepping through a
few hundred files, check the list for duplicates, and alert someone if
duplicates were found.  I had a nifty one-liner using grep, sort, and
uniq -c that basically spat out a list of hosts with duplicate
entries, but in the end it was easier to manipulate the data (at least
for me) using python.

thanks

Sean
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Variable assigned to grep output - missing letter n!

2011-07-20 Thread Sean Carolan
> [scarolan@server:~]$ echo $myvar
> Lorem ipsum dolor sit amet, co sectetur adipisci g elit.
> lots of letter  !
>
> Weird huh?

Ok, I'm a bonehead; I had this in my bash history:

IFS='\n'

That seems to have been the cause of the missing n's.  Now the next
question would be, how can I include the \n characters in my variable
string, without fudging with $IFS?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Variable assigned to grep output - missing letter n!

2011-07-20 Thread Sean Carolan
2011/7/20 Lamar Owen :
> On Wednesday, July 20, 2011 03:23:58 PM Sean Carolan wrote:
> [snip]
>> Where did all the letter n's go?
>
> I can't duplicate the problem here on a CentOS 5.6 box.  What locale are you 
> set to?  Here's what I get (note that a copy from the e-mail you sent 
> embedded newlines, which had to be stripped out (one of the many things xargs 
> makes trivially easy) to get the result):

Here's a simpler example, with a single line in the file:

[scarolan@server:~]$ cat loremipsum.txt
Lorem ipsum dolor sit amet, consectetur adipiscing elit. n n n n n
lots of letter n!

[scarolan@server:~]$ myvar=$(grep Lorem loremipsum.txt)

[scarolan@server:~]$ echo $myvar
Lorem ipsum dolor sit amet, co sectetur adipisci g elit.
lots of letter  !

Weird huh?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Variable assigned to grep output - missing letter n!

2011-07-20 Thread Sean Carolan
This is kind of odd.

[scarolan@host:~]$ cat loremipsum.txt
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec quis
ipsum sed elit laoreet malesuada. Quisque rhoncus dui vitae eros
euismod fermentum sollicitudin sem scelerisque. Nulla facilisi.
Maecenas mollis pulvinar euismod. Duis viverra pharetra turpis eget
feugiat. Nulla facilisi. Nullam facilisis, felis vitae lacinia
fermentum, enim erat placerat erat, vel imperdiet lorem velit et
ligula. Nam congue est in nisl lacinia lobortis. Vivamus elementum
lacinia sodales. Curabitur commodo risus tincidunt augue pulvinar
vehicula. Morbi eget velit sollicitudin nibh porta molestie. Maecenas
in augue id quam ullamcorper rutrum.

[scarolan@host:~]$ vi loremipsum.txt
[scarolan@host:~]$ myvar=$(grep lorem loremipsum.txt)
[scarolan@host:~]$ echo $myvar
Lorem ipsum dolor sit amet, co sectetur adipisci g elit. Do ec quis
ipsum sed elit laoreet malesuada. Quisque rho cus dui vitae eros
euismod ferme tum sollicitudi  sem scelerisque. Nulla facilisi. Maece
as mollis pulvi ar euismod. Duis viverra pharetra turpis eget feugiat.
Nulla facilisi. Nullam facilisis, felis vitae laci ia ferme tum, e im
erat placerat erat, vel imperdiet lorem velit et ligula. Nam co gue
est i   isl laci ia lobortis. Vivamus eleme tum laci ia sodales.
Curabitur commodo risus ti cidu t augue pulvi ar vehicula. Morbi eget
velit sollicitudi   ibh porta molestie. Maece as i  augue id quam
ullamcorper rutrum.

Where did all the letter n's go?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Deleting a KVM virtual machine from the command line

2011-07-11 Thread Sean Carolan
> Did you try:
>
> virsh undefine  domain-id
>
> where domain-id is your vm name

Perfect, thanks Earl!  Here's the script in case anyone else might
find it useful.  Please post any improvements if you can see a way to
improve it.

#!/bin/bash
# Removes all KVM virtual machines from this host

# First destroy all running VMs
for i in $(virsh -q list | awk '{ print $2 }'); do
  virsh destroy $i;
  virsh undefine $i;
done;

# Next we delete their virtual disk images
rm -rf /var/lib/libvirt/images/*.img
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Deleting a KVM virtual machine from the command line

2011-07-11 Thread Sean Carolan
I am working on a sandbox machine that will allow users to play around
with building virtual machines, then blow them all away each night
with a cron job.  I wrote a small script that uses the virsh command
to destroy the VMs, then remove the storage.  For some reason the vm
name still shows up in the virt-manager GUI.  Anyone have an idea how
you delete it from there as well, without using the GUI?

thanks

Sean
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] /etc/hosts - hostname alias for 127.0.0.1

2011-03-07 Thread Sean Carolan
> (Make sure you pick .dummy so as not to interfere with any other DNS.)
>
> In theory you could leave off .dummy, but then you risk hostname being
> completed with the search domain in resolv.conf, which creates the
> problems already mentioned with putting hostname.domain.com in
> /etc/hosts.  (I have not tested this at all!)

I will probably just leave this decision to the application
architects, with the recommendation that we should simply use DNS as
intended...
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] /etc/hosts - hostname alias for 127.0.0.1

2011-03-07 Thread Sean Carolan
> First, if your host is actually communicating with any kind of ip-based
> network, it is quite certain, that 127.0.0.1 simply isn't his IP
> address. And, at least for me, that's a fairly good reason.

Indeed.  It does seem like a bad idea to have a single host using
loopback, while the rest of the network refers to it by it's real IP
address.

> Second, sendmail had the habit of breaking if your hostname was mapped
> to 127.0.0.1, but I stopped using sendmail a decade ago, so I can't
> verify this. :)

The reason this came up is because one of our end-users requested such
a setup in the /etc/hosts file, and I didn't think it was a good idea.
 Seems it would be better to fix the application(s) that require the
data to use the real network IP address.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] /etc/hosts - hostname alias for 127.0.0.1

2011-03-07 Thread Sean Carolan
Can anyone point out reasons why it might be a bad idea to put this
sort of line in your /etc/hosts file, eg, pointing the FQDN at the
loopback address?

127.0.0.1hostname.domain.com hostname   localhost localhost.localdomain
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Gnu Screen - terminal issues

2011-03-06 Thread Sean Carolan
>> The remote host's $TERM variable is in fact xterm.  When I connect to
>> the screen session the $TERM variable is 'screen'.
>
> Are you running screen locally or remotely?

Remotely.  My work machine is a laptop, which is not powered on all
the time.  Hence I use a remote box as a jumping-off point, and run my
screen sessions there.

> Or you could write a script, scp it to the hosts you want to run it on
> (testing first, natch), and exec it:
>
>   for host in ; do scp myscript $host:.; done
>
>   [fiddle around with tests or verification as necessary]
>
>   for host in ; do echo "** $host **"; ssh $host ./myscript; done

Yes, I do this quite a bit.  But there are often times when I have to
do interactive work, running different commands on various hosts.

> As I mentioned earlier, dsh (distributed ssh) is a very powerful tool
> for running multiple remote commands.  Puppet, cfengine, and other tools
> may also be useful.

Yes, thank you for the pointers.  I'm familiar with both puppet and
cfengine.  The GNU screen sessions are mainly used during the build
process, before a server has puppet or cfengine up and running.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Gnu Screen - terminal issues

2011-03-04 Thread Sean Carolan
> In this case, you might want to conditionally assign some reasonable
> value on failure.  Say:
>
>    tput -T $TERM init >/dev/null 2>&1 || export TERM=xterm
>
> 'tset -q' is another test which can be used.

The remote host's $TERM variable is in fact xterm.  When I connect to
the screen session the $TERM variable is 'screen'.  I think it's
because I'm opening a new ssh session in each screen window.  Not a
huge deal; I mainly use this for short commands, and if I need to run
something longer I just write it all out in a text editor and paste it
into the terminal.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Gnu Screen - terminal issues

2011-03-03 Thread Sean Carolan
> I tried to forget the incompatibilities in different old terminal types
> after about everything settled on xterm compatibility.  Instead of
> running screen, can you run a desktop session under freenx on a server
> somewhere and run everything in terminal windows there (even ssh
> sessions that go elsewhere)?  If you haven't tried it, the NX client has
> great performance with freenx, even remotely, and lets you
> disconnect/reconnect with everything still running.  Assuming you have
> something locally that can run the NX client (windows/mac/linux) you
> also get mouse based cut/paste and the only down side is a slightly
> longer time to do the initial screen refresh when you connect.

Hmm, this sounds like an interesting possibility.  I don't think we
have x-windows installed on any of our server machines but I can look
into it.  You have gotten the gist of my thoughts here though; being
able to return to something I was working on before, without having to
log onto every machine again!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Gnu Screen - terminal issues

2011-03-03 Thread Sean Carolan
> You wouldn't by any chance be using PuTTY to access the session?  If
> so, you may need to play around with the terminal settings including
> the scroll type so that it displays correctly.  I don't recall the
> specifics but a similar thing happened to me.

Actually, no I'm using gnome-terminal on Ubuntu 10.10.  I wonder if
it's due to the fact that I'm ssh-ing to other machines within each
screen window?  Sometimes I will do this if I have a dozen servers to
work on at the same time, I have a little script that spawns a new ssh
session to each box in separate windows.  Here's a little tidbit that
I just learned; you can send the same command to all windows at the
same time:

[CTRL-A] :at \# stuff "pwd; hostname; uptime^M"

That will send the pwd, hostname, and uptime commands to all windows.  YMMV.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Gnu Screen - terminal issues

2011-03-03 Thread Sean Carolan
I really like gnu screen and use it everyday but there's one thing
that is a bit inconvenient, and that's the odd line wrapping and
terminal size issues that seem to pop up.  The problem crops up when I
type or paste a really long command, and then go back and try to edit
it; the text starts to wrap over itself and you have no idea what you
are editing.  Any fixes for this?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Possible to reboot a system after kickstart installation without pressing a key?

2010-10-31 Thread Sean Carolan
On Sun, Oct 31, 2010 at 6:07 AM, Sean Carolan  wrote:
>> Use the 'reboot' option in your kickstart.
>
> Isn't this the default anyway?  I will try to specify it explicitly
> and see how it works...

Looks like that did the trick, thanks Markus!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Possible to reboot a system after kickstart installation without pressing a key?

2010-10-31 Thread Sean Carolan
> Use the 'reboot' option in your kickstart.

Isn't this the default anyway?  I will try to specify it explicitly
and see how it works...
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Possible to reboot a system after kickstart installation without pressing a key?

2010-10-31 Thread Sean Carolan
The subject just about says it all - I'm wondering if there is a way
to do a completely hands-off installation, including the reboot at the
end, without "Press any key to continue"?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Sendmail - block mail based on recipient address?

2010-10-25 Thread Sean Carolan
> One silly thing (but needs to be asked):
>
> Did you rebuild access.db after editing access?

Yes, the rebuild command is built into my init script.  I just double
checked it.

I'm getting better results having changed the setting to REJECT
instead of DISCARD.  I will investigate a bit further when I have some
spare time.  For now I have verified that the mail server is rejecting
all mails to the problem addresses.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Sendmail - block mail based on recipient address?

2010-10-25 Thread Sean Carolan
> lefgifu with: sendmail access TO
>
> http://www.feep.net/sendmail/tutorial/anti-spam/access_db.html
>
> 'The left hand side of each entry can optionally be prefixed
> with one of the tags To:, From:, or Connect:.'

Yes, I have tried this.  I have entries like this in my access file:

To:staff...@unwantedcompany.comDISCARD

Yet mail to staff...@unwantedcompany.com goes through just fine.  I
think I may be missing something here.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Sendmail - block mail based on recipient address?

2010-10-25 Thread Sean Carolan
Maybe someone can help me sort this out.  I want to block outbound
mail from my network based upon the recipient address.  Internal
servers should still be allowed to send emails, but not to a few
specific addresses.  I've tried creating some rules in
/etc/mail/access but to no avail.  Is it possible to do this?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] e2fsck with millions of files

2010-09-18 Thread Sean Carolan
> I'm not sure how much 64-bit support the kernel expects so there might be some
> complications going that direction, but you can certainly install a 64-bit
> system and run the 32-bit versions of the apps and have both versions of most
> libraries available.

To bring some closure to this thread, I ended up using a 64 bit Ubuntu
Desktop Live CD which comes with e2fsck version 1.41.  Here are the
steps required:

sudo /bin/su - root
modprobe dm_mod
apt-get install lvm2
vgscan
vgchange -a y
lvscan
e2fsck /dev/path/to/partition

This worked and the fsck completed within a few hours.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] e2fsck with millions of files

2010-08-31 Thread Sean Carolan
According to the release notes this bug has been fixed in version 1.40:

http://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.40
E2fsprogs 1.40 (June 29, 2007)
There was a floating point precision error which could cause e2fsck to
loop forever on really big filesystems with a large inode count.
(Addresses Debian Bug: #411838)

What are the odds of this getting included in CentOS 5.6?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] e2fsck with millions of files

2010-08-31 Thread Sean Carolan
> To extend his comment: There is a bug in e2fsck for filesystems with
> many hardlinks.  It could take *weeks* or longer, if it finishes at all,
> to run on a large filesystem with lots of hardlinks.
>
> http://www.mail-archive.com/scientific-linux-us...@listserv.fnal.gov/msg02180.html

Awesome.  This happens to be our exact situation - this partition is
used for BackupPC which heavily relies on hard links.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] e2fsck with millions of files

2010-08-31 Thread Sean Carolan
On Tue, Aug 31, 2010 at 8:49 AM, Brent L. Bates  wrote:
>     Use the XFS file system and never have to worry about fsck again.  You'll
> have a fast, more reliable, and more robust file system with over a decade and
> exabytes of use under its belt that you will never have to wait for fsck
> again.

When this server gets rebuilt this is probably the path we will take.
Thanks for the tip.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] e2fsck with millions of files

2010-08-31 Thread Sean Carolan
> Yep, same answer here, I had RHEL4.8 on a 2.6 TB MSA, and you just leave it 
> going over the weekend.

I kind of figured as much; we're letting ours run during the week so
that hopefully the partition will be ready for weekend backup jobs.
Thanks for the feedback.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] e2fsck with millions of files

2010-08-31 Thread Sean Carolan
I have a large (1.5TB) partition with millions of files on it.  e2fsck has
been running nearly 12 hours and is still on "Checking directory structure".
 Any tips for speeding this along?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] "Cannot allocate memory" java exception - apache still returns "200 OK"

2010-07-20 Thread Sean Carolan
I'm configuring some monitoring for a particular java/tomcat
application.  We have noticed the occasional "Cannot allocate memory"
error.  When this occurs apache still seems to return a "200 OK"
status code.  Anyone know how to configure this so that when java has
an error, apache will also return some kind of error?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] ClamAV "clamscan" command using huge amount of RAM

2010-04-14 Thread Sean Carolan
> Change to clamd (use clamdscan). Yes, clamscan needs quite a bit of RAM.
>
> Kai

Thank you Kai, our performance looks a lot better now.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] ClamAV "clamscan" command using huge amount of RAM

2010-04-13 Thread Sean Carolan
We have a perl cgi script that accepts uploaded files and runs
clamscan on them.  While observing the system performance I noticed
that each clamscan process consumes up to 250MB of RAM.  Is this
normal for ClamAV?  This seems like an enormous amount of RAM, for
simply scanning one file for viruses.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] CentOS server running java - won't let go of swap

2010-03-07 Thread Sean Carolan
> I'm pretty sure that's not true.  Permgen is just part of the heap space and
> none of that accounts for the executing part of the JVM.  In any case, you
> probably want to allow some free memory to be used for filesystem cache.

I'll read up on this some more.  I'm not a java expert.

>> Are there any tools that let you look inside  the swap disk or file
>> and see exactly what is being placed there?
>
> In top, hit 'f', then 'p' to add a column to show swap usage by process.

Well, looks like java is the culprit.  I'll work with the devs and QA
people some more to see if we can track down the source, maybe it's a
memory leak...
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] CentOS server running java - won't let go of swap

2010-03-07 Thread Sean Carolan
> I think Xms/x is java's heap space for program object storage.  It doesn't 
> take
> into account the space needed for the JVM itself.  Top should show you the
> actual memory usage - along with any other programs that might be using a lot.

One of our java developers indicated that the heap space plus permgen
should approximate the total memory required by the JVM.  HP's system
management homepage that eats up nearly 500MB by itself.

Are there any tools that let you look inside  the swap disk or file
and see exactly what is being placed there?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] CentOS server running java - won't let go of swap

2010-03-07 Thread Sean Carolan
I'm monitoring some CentOS 5 servers running Sun Java.  We have set things
up so 2048 MB of RAM are available for the base operating system, taking
into account the xMx and permgen settings.  What we're seeing is the swap
space getting used up, and not released.  Is this normal behavior?
 Performance doesn't seem to be affected, however I'm a bit concerned that
the swap file is completely full:

free -m
 total   used   free sharedbuffers cached
Mem:  9993   9945 48  0174   1695
-/+ buffers/cache:   8074   1919
Swap: 2047   2033 14

Here are the xMx and permgen settings:
-Xms7177m -Xmx7177m -XX:MaxPermSize=768m

Apart from Java/Tomcat/Apache and some HP hardware monitoring tools we are
not running anything else on this server.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Permissions problem

2010-03-04 Thread Sean Carolan
> having a group with the same name in both /etc/group and LDAP groups
> would be the surest path to insanity. Likewise, for /etc/passwd and LDAP
> users.

I just needed to log out and back in again.  Thanks for all your help!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Permissions problem

2010-03-04 Thread Sean Carolan
> What is the output of 'ls -l /var/cvs/test.txt' ?
>
> Marko

No, it doesn't exist.  Oddly I have another user called "cfmaster" who
can write files in there just fine:

[cfmas...@watcher cvs]$ pwd
/var/cvs
[cfmas...@watcher cvs]$ touch test.txt
[cfmas...@watcher cvs]$ id cfmaster
uid=5101(cfmaster) gid=10001(cvsgrp) groups=10001(cvsgrp)
[cfmas...@watcher cvs]$ ls -l test.txt
-rw-r--r-- 1 cfmaster cvsgrp 0 Mar  4 13:24 test.txt
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Permissions problem

2010-03-04 Thread Sean Carolan
What am I doing wrong here?  I need to be able to write to /var/cvs.
This used to work before I moved these groups into an LDAP directory
instead of /etc/group:

[scaro...@watcher:/var/cvs]$ touch test.txt
touch: cannot touch `test.txt': Permission denied

[scaro...@watcher:/var/cvs]$ ls -ld
drwxrwsr-x 4 cvs cvsgrp 4096 May 18  2008 .

[scaro...@watcher:/var/cvs]$ id scarolan
uid=4002(scarolan) gid=4002(scarolan)
groups=1(operations),10001(cvsgrp),4002(scarolan)
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] CentOS 5.3 host not seeing storage device

2010-02-23 Thread Sean Carolan
>
> > On some systems, reboot is required? to access disk from SAN device.
>

This turned out to be a zoning issue.  Although I had properly created the
zone, I had to add it to our "Prod" configuration to make it live.  Once
that was done, the virtual tape library was recognized right away:

kernel:   Vendor: HPModel: MSL G3 Series Rev: EL21
kernel:   Type:   Medium Changer ANSI SCSI revision: 03
kernel: scsi 0:0:0:0: Attached scsi generic sg0 type 8
kernel:   Vendor: HPModel: Ultrium 4-SCSIRev: ED41
kernel:   Type:   Sequential-Access  ANSI SCSI revision: 03
kernel: scsi 0:0:1:0: Attached scsi generic sg1 type 1
kernel: st: Version 20070203, fixed bufsize 32768, s/g segs 256
kernel: st 0:0:1:0: Attached scsi tape st0
kernel: st0: try direct i/o: yes (alignment 512 B)
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] CentOS 5.3 host not seeing storage device

2010-02-22 Thread Sean Carolan
> On some systems, reboot is required? to access disk from SAN device.
>
> At least this issue is on my Hitachi AMS san system.

Yes, we've tried a few reboots.  I'll bet the testing on this d2d
device did not get as thorough QA on Linux as it did on Windows.  I'll
post the solution here if HP is able to help me fix it.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] CentOS 5.3 host not seeing storage device

2010-02-20 Thread Sean Carolan
> Did you check the output of "/proc/scsi/scsi"?

Yea, it's empty.

> I would do a SCSI rescan using
>
>   echo "- - -" > /sys/class/scsi_host/hostX/scan

Tried this and also:

echo 1 > /sys/class/fc_host/host0/issue_lip

Still, nothing is seen by the host.  We have also tried changing the
port settings from Loop, to NPIV, to Auto on the d2d device but the
results are the same.  Unfortunately all HP's documentation is
directed towards windows users, who simply use a GUI to discover the
virtual drive.

> To configure (i.e. speed and connection type) and control the QLogic FC
> HBA I recommend to install the QLogic SANsurfer CLI.

Ok, I may try this but I had hoped the default settings would work.
We have no problem talking to our SAN on the same fabric, from other
hosts with Qlogic HBAs.

> Do you use port zoning or WWN zoning? The switch sees the attached WWNs of
> both the server and the tape library?

WWN zoning, and yes, the switch can see the host HBA, the virtual tape
library and the tape changer.  I've double-checked the zone and
refreshed it several times but no dice.

I have a ticket open with HP, but their support folks seemed a bit
stumped as well.  /sigh...
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] CentOS 5.3 host not seeing storage device

2010-02-17 Thread Sean Carolan
Maybe one of you has experienced something like this before.

I have a host running CentOS5.3, x86_64 version with the standard
qla2xxx driver.  Both ports are recognized and show output in dmesg
but they never find my storage device:

qla2xxx :07:00.1: LIP reset occured (f700).
qla2xxx :07:00.1: LIP occured (f700).
qla2xxx :07:00.1: LIP reset occured (f7f7).
qla2xxx :07:00.0: LOOP UP detected (4 Gbps).
qla2xxx :07:00.0: SNS scan failed -- assuming zero-entry result...
qla2xxx :07:00.1: LOOP UP detected (4 Gbps).
qla2xxx :07:00.1: SNS scan failed -- assuming zero-entry result...

The storage device is a virtual tape library on an HP d2d server.  On
the storage device I have configured the virtual tape drive and
controller. I've also added the WWNs from the server and storage into
a zone on our fiber switch, and made the zone config live.

Anyone have some suggestions where I can start troubleshooting this?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Syslog for chroot-jailed SFTP users?

2010-02-11 Thread Sean Carolan
> I believe you will need:
> syslogd -a "/home/username01/dev/log"  -a "/home/username02/dev/log"
> -a "/home/username03/dev/log"  -a "/home/username04/dev/log" - or
> something like this. I don't know the syntax for multiples "-a"...

This seems very impractical, both from a security standpoint and the
fact that you are limited to only 19 users.   Is there any other means
to accomplish detailed sftp logging while users are chroot'd to their
home directories?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Syslog for chroot-jailed SFTP users?

2010-02-10 Thread Sean Carolan
> I solved a similar issue with jail and syslog adding a "-a
> /home/jail/dev/log" parameter to syslog startup.

In our environment the chroot jail is /home/username.  Does this mean
we need a /home/username/dev/log for each and every user?   If the
daemon is chroot'd to /home/username wouldn't this be the case?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Syslog for chroot-jailed SFTP users?

2010-02-10 Thread Sean Carolan
Maybe one of you can help.  We have set up a CentOS server so that
each user who logs in via sftp will be jailed in their home directory.
 Here's the relevant sshd_config:

# override default of no subsystems
Subsystem   sftpinternal-sftp -f LOCAL2 -l INFO

Match Group sftponly
ChrootDirectory /home/%u
ForceCommand internal-sftp

This actually works great, but none of the activities of sftponly
group members is getting logged.  The man page for sftp-server says:

"For logging to work, sftp-server must be able to access /dev/log.
Use of sftp-server in a chroot configuation therefore requires that
syslogd(8) establish a logging socket inside the chroot directory."

How do I establish a logging socket inside the chroot directory, when
the chroot directory is different depending on which user is logging
in at any given time?  I don't want to run separate sockets in every
customer's chroot directory, this is not practical.

Any ideas?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] /usr/sbin/usermod -p doesn't update MAX_DAYS - workaround?

2010-01-28 Thread Sean Carolan
> If your script change passwords via ssh and usermod, why not at
> the same time do a chage -d number username?

Thank you, I may end up doing it this way at least until we can
configure AD or LDAP authentication.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] /usr/sbin/usermod -p doesn't update MAX_DAYS - workaround?

2010-01-28 Thread Sean Carolan
I have a large group of Linux servers that I inherited from a previous
administrator.  Unfortunately there is no single sign-on configured so
each server has it's own local accounts with local authentication.
Normally I use ssh keys and a handy shell script to change passwords
on all these machines with the usermod -p command.  We are able to
update the password on on one server and push the encrypted password
out to all the others.

If, however, we turn on password aging with "chage -M 90 username"
then try to update passwords with usermod, the aging info for the
account is not updated even though the password has been changed.
Apparently this must be done manually for each and every server with
the passwd command.  This is not practical.

In the long run we're going to try and get some kind of centralized
authentication, but in the meantime does anyone have an idea for a
workaround?

Thanks

Sean
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] SFTP - stalled - on large files

2009-12-27 Thread Sean Carolan
>> # Turn off SACK
>> net.ipv4.tcp_sack = 0
>
> and execute "sysctl -p" to apply it.  You can also use "sysctl -w
> net.ipv4.tcp_sack=0" to turn it off temporarily.  Our file transfers worked
> just fine after the change.
>
> I realize there are differences our situation and yours and this might not
> work in your case.  Given the length of this thread, though, it might be
> worth a try!

It appears that the Netscaler load balancer was the problem.  We
turned off TCP buffering (TCPB) on the netscaler for this particular
virtual server, and I was immediately able to transfer a 95MB file
with no issues.  Citrix has acknowledged that there may be some issues
with the tcp stack on this device, which they think have been resolved
in more recent versions of the Netscaler OS.

Hopefully if anyone else experiences this issue, they'll be able to
Google it via the CentOS list archives.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] SFTP - stalled - on large files

2009-12-22 Thread Sean Carolan
> Load balancer... is that set up to maintain connections, or will it, like 
> IBM's
> WebSeal, go to whichever server is next/least used in the middle of a 
> connection?

It's set to use "least connection" but there is only one server behind
the virtual IP at the moment.

I'm reasonably sure at this point that the Netscaler is causing the
problem, because file transfers inside the LAN work fine, and we see
this same issue on both physical and virtual servers.  I just tested
with a physical box to verify, and the same thing happens, transfer
speed quickly drops to zero and stalls.

I've got a ticket open with Citrix to hopefully get to the bottom of
this.  It wouldn't be the first time we've seen the Netscaler muck up
a TCP connection from a client.  The last time I dealt with this it
was sending unwanted FIN packets to mail servers.  Fun stuff.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] SFTP - stalled - on large files

2009-12-22 Thread Sean Carolan
> Just an idea or thought on it.  You never said what the file size was or did
> you?  My idea is that is, there not a file size limitation on transfer to
> and from the server?  I thought there was?  Check you vsftpd.conf out or
> what ever ftp server your running for the size limitation.  Maybe some help
> or maybe not?

The problem is with SFTP, so I'm afraid that vsftpd.conf isn't the culprit here.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] SFTP - stalled - on large files

2009-12-22 Thread Sean Carolan
> Tell him to switch WinSCP to SCP mode.
>
> Kai

Tried that, it still fails the same way.  Here's the short list of
what I've tried to troubleshoot this:

Used SCP via the gui and command line
Used SFTP via the gui and command line
Ran yum update to bring all packages up to date
Tried stock CentOS sshd daemon (version 4.3), as well as sshd built
from source (version 5.3)
Adjusted MTU settings
Reinstalled virtual network card
Updated vmware tools and network card driver
Tried vmxnet as well as e1000 drivers

At this point I don't know what else to try.  I'm thinking that it's
either a problem with VMWare, or perhaps our load balancer that is
routing the packets back and forth.  Hopefully one of the vendors will
be able to help solve the problem.  In the meantime we are building
out a physical server to test whether vmware is the issue or not.

If anyone else has seen this problem before or has suggestions please
post them here.  Thanks.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] SFTP - stalled - on large files

2009-12-22 Thread Sean Carolan
> I'm not sure what would cause that, but I'd use rsync over ssh instead of sftp
> anyway - and use the -P option to permit restarting.

If it were up to me, we'd take that route.  The software the client is
using is WinSCP which does have a restart feature, however it's not
working for us.  I'm wondering if this is somehow caused by the vmware
network driver?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] SFTP - stalled - on large files

2009-12-21 Thread Sean Carolan
On Mon, Dec 21, 2009 at 7:06 PM, 唐建伟  wrote:

>  I met the same as you, but always due to the bad network connection.
>

I should probably provide some more information, the server is a VMware
guest running CentOS 5.3.  It's using the vmxnet driver for the eth0
connection.  IPv6 is disabled.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] SFTP - stalled - on large files

2009-12-21 Thread Sean Carolan
I have an SSH server that was set up for a client, and every time we
try to upload large files via SFTP or scp, the transfers speed quickly
slows to zero and gives a - stalled - status message, then
disconnects.  Here is an example:

ftp> put iTunesSetup.exe iTunesSetup.exe
Uploading iTunesSetup.exe to /home/scarolan/iTunesSetup.exe
iTunesSetup.exe 0%  704KB   0.0KB/s -
stalled -debug1: channel 0: free: client-session, nchannels 1
Read from remote host ftp.authoria.net: Connection reset by peer
debug1: Transferred: stdin 0, stdout 0, stderr 66 bytes in 203.9 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.3
debug1: Exit status -1
Connection closed

I have no idea why this is happening.  Can anyone point me in the
right direction?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] gpg command works fine from login shell, not from cron script

2009-10-19 Thread Sean Carolan
> Typically this type of problem is caused by environment variables
> that are set in a login shell, but are missing or different than
> those set for jobs running under cron.

You nailed it, Bill.  Running the cron from root's personal crontab
worked fine.  Must have been environment variable related.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] gpg command works fine from login shell, not from cron script

2009-10-19 Thread Sean Carolan
On Mon, Oct 19, 2009 at 2:41 PM, Spiro Harvey  wrote:

> Is the cron job running as a different user? eg; are you running gpg as
> a non-privileged user and the cronjob as root?

The cronjob script runs from /etc/crontab.  Let me try root's personal
crontab instead.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] gpg command works fine from login shell, not from cron script

2009-10-19 Thread Sean Carolan
I have an odd situation here, maybe one of you can help.  We have a
script that runs via a cron job.  It's purpose is to decrypt
PGP-encrypted files in a certain directory.  I have tried the command
two different ways, both fail with the same error message:

gpg --decrypt $file > ${file%.txt}.decrypted.txt
gpg --output ${file%.txt}.decrypted.txt --decrypt $file

(Don't even ask about the name substitution.  The end-user insists
they MUST submit files with a .txt extension, and not .pgp or .gpg)

Anyway, I can run the script fine from a login shell.  It works
beautifully.  But when it runs from a cron job two things happen:

1.  A file of zero size is created called file.decrypted.txt
2.  The error message in the cron email I get says:

gpg: encrypted with ELG-E key, ID 
gpg: decryption failed: secret key not available

Why does it say "secret key not available"?  The output of gpg -K
shows that the key is in fact available, and this is further confirmed
when I run the script manually and the files are decrypted just fine.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Anyone know a good VMWare hosting provider?

2009-08-30 Thread Sean Carolan
Thank you to everyone who replied to my request.  In the end we
decided to simply lease a server from Server Beach and install VMWare
ourselves.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] "gpg --verify-files" fails on some files, works on others

2009-08-28 Thread Sean Carolan
I have a very strange situation where the gpg command will fail to
verify whether there is valid PGP data in some files.  Decrypting
these files works flawlessly.  Here is an example:

[r...@server autoimport]# gpg -vv --verify-files 01UserEnumswValues.txt.asc.txt
gpg: armor: BEGIN PGP MESSAGE
gpg: armor header: Version: GnuPG v1.4.7 (MingW32)
:pubkey enc packet: version 3, algo 16, keyid F0682D87CF4ED243
data: [1022 bits]
data: [1024 bits]

[r...@server autoimport]# gpg -vv --verify-files 03users.txt.asc.txt
gpg: armor: BEGIN PGP MESSAGE
gpg: armor header: Version: GnuPG v1.4.7 (MingW32)
:pubkey enc packet: version 3, algo 16, keyid F0682D87CF4ED243
data: [1021 bits]
data: [1023 bits]
gpg: no valid OpenPGP data found.

Note that the first file is correctly identified as OpenPGP encrypted
data, and has exit status of 0.

The second file gives the error "no valid OpenPGP data found", even
though I'm able to decrypt the file with no problems.  Both these
files were encrypted with the same key, and both contain plain text
CSV data.

Any ideas why this is failing on some files and not others?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Anyone know a good VMWare hosting provider?

2009-08-27 Thread Sean Carolan
I've got a custom VMWare image that I need to find a host for.  Anyone
know of a good ISP that offers VMWare hosting packages?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Limit RAM used by a perl script

2009-07-21 Thread Sean Carolan
> But what if the program's memory use is dependent on lots of factors
> which are not easily predictable.
> And you want to avoid bringing the whole system to it's knees while swapping
> and killing arbritrary other programs while one program is consuming all
> of ram and swap.
> In that case it's easier to limit the memory of that program to e.g. 1 GByte 
> RAM,
> in which normal input usually can be processed without any trouble.  And then,
> when someone feeds the program some bad data which uses exponentially more 
> memory,
> then it gracefully stops, giving a clear error message that this input 
> results in
> too much memory use.
>
> Lots of scenario's for a valid use of such a limit exist.

I'm using the perl-BSD-Resource module, with the script confined to
512MB of RAM. So far it's working fine.  I'm not terribly worried
about the script failing, it's much more important that the server
stay up and running since it is also a production mail server.  If the
script crashes, we can deal with that separately.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Limit RAM used by a perl script

2009-07-21 Thread Sean Carolan
> While having hard limits makes it safer, wouldn't it be better to control the 
> memory usage of the script instead of setting limits that would trigger an 
> "out of memory"...?

How would you control the memory usage of the script if it's run by
the root user?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Limit RAM used by a perl script

2009-07-20 Thread Sean Carolan
> First, install the perl module BSD::Resource
>
>   yum install perl-BSD-Resource
>
> Then use it in your program like:
>
>   #!/usr/bin/perl
>
>   use BSD::Resource;
>   setrlimit(RLIMIT_VMEM, 1_000_000, 1_000_000);
>
>   # rest of the program that is limited to 1MByte now

Thanks, Paul.  I knew I'd find an answer if I posted my question here.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Limit RAM used by a perl script

2009-07-20 Thread Sean Carolan
> If you run it as a regular user, then maybe you can check out
> /etc/security/limits.conf

Currently the script runs as the root user.  I may be able to change
this, but wanted to find out whether there was some other way first.

Would it be possible to use a "ulimit" command within the perl script
itself to accomplish this?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Limit RAM used by a perl script

2009-07-20 Thread Sean Carolan
I have a perl script which runs from a cron job.  How would you limit
the amount of RAM that this script is allowed to consume?  Is there a
ulimit setting that will accomplish this?  If so does ulimit have to
be run each time the script is run, or is there a way to set it
permanently?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] External USB Drive partitioning and formatting

2009-06-28 Thread Sean Carolan
> /dev/sdb1            976760032     97808 976662224   1% /mnt/usbdrive
>
> I am thinking of having three partitions instead of just one whole big 1 TB
> thing, and then format all three partitions in ext3. I tried doing
> fdisk, but cylinders are always confusing for me. Is there any GUI
> tool that could help me achieve this as I am newbie to Linux and not
> very confident with commands. Any suggestions would be greatly appreciated.

Don't be afraid of fdisk, it's really an easy tool to use.  From your
output above it's quite apparent that your USB drive is located at
/dev/sdb.  First unmount your drive (umount /dev/sdb1) and then run
this command as root:

fdisk /dev/sdb

Then hit "d" to blow away that big vfat partition.  Then you hit "n"
to create a new partition.  You don't have to know anything about
cylinders, as fdisk will allow you to specify your partition sizes in
megabytes.  Create your three partitions, hit the 'w' key to write out
the new partition table and you're almost done.  Once the partition
table is written you can format your shares like this:

mkfs -text3 /dev/sdb1
mkfs -text3 /dev/sdb2
mkfs -text3 /dev/sdb3

Easy.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Good md5sum snapshot tool?

2009-06-03 Thread Sean Carolan
I have a server that is undergoing some patching soon and would like
to make note of any files that have changed after the patching is
complete.  Can you recommend a tool that uses md5sum snapshots to do a
quick before and after test, showing anything that's changed on a
particular file system?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Adding an 'official' CentOS image to the Amazon EC2(Electronic Compute Cloud)

2009-05-08 Thread Sean Carolan
> You are missing the point, imho. I think the real issue, for me anyway,
> is that Amazon is actively discouraging what is essentially a community,
> in spite of the fact that they and many of their users rely on the
> community to get things done, both work and play.

Indeed.  The entire infrastructure is built on Linux and Xen virtual
machines.  One would think they'd be a bit more friendly and
communicative to the CentOS organization.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Adding an 'official' CentOS image to the Amazon EC2 (Electronic Compute Cloud)

2009-05-07 Thread Sean Carolan
> So, unless they are happy to come back and start talking to us again I
> highly recommend everyone not bother using EC2.
>
> - KB

I had the exact same experience when trying to get a sales rep to talk
to me about hosting an application for my company.  We need to know
that someone will be there to pick up the phone when there are
problems, and I couldn't get anyone to call me back to answer my
questions.  I guess Amazon doesn't care too much about the customer
service end of AWS.  We'd feel a lot more confident about putting our
application onto their cloud if someone would at least return my phone
calls and emails.  So not too surprising that they gave you the
brush-off, given that they won't even call back a customer with
dollars in hand, ready to spend.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Adding an 'official' CentOS image to the Amazon EC2 (Electronic Compute Cloud)

2009-05-06 Thread Sean Carolan
> Interestingly one is available from Amazon for both Fedora and Windows.

I would also like to see a plain vanilla, minimal 64 bit centos image
on Amazon AWS.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Best mobile SSH client?

2009-05-04 Thread Sean Carolan
On Mon, May 4, 2009 at 1:41 PM,   wrote:
> Touchterm is nice as it can be configured to launch screen (provided
> your host has it installed) on connect so that if you switch away from
> ssh on your iphone you don't have to start completely over when you
> switch back.

Yes, a sucky "feature" of the iPhone seems to be that it can't run
more than one app concurrently...
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Best mobile SSH client?

2009-05-04 Thread Sean Carolan
> I've been waiting for iPhone OS 3.0 before trying SSH (for Bluetooth
> keyboard support:
> http://www.flickr.com/photos/56083...@n00/3335201114/  -- but hopefully
> with a fold-up keyboard)

Oh, an Iphone with a bluetooth keyboard would be perfect.  One of the
main reasons I've stayed away from the iphone is because there's no
keyboard, and the on-screen keyboard is a PITA to use.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Best mobile SSH client?

2009-05-03 Thread Sean Carolan
> I use ConnectBot (http://code.google.com/p/connectbot/) on Android (I
> have a T-Mobile G1).  I absolutely recommend it.  I have used it several
> times in emergency situations.

Looks cool, if I wasn't stuck with AT&T I would consider getting a G1.
 Perhaps Samsung will come out with their Android phone soon!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Best mobile SSH client?

2009-05-03 Thread Sean Carolan
I'm up for a cell phone contract renewal and am considering upgrading
my handset.  I looked at some devices at my local AT&T store but
nothing really jumped out at me.  I'm particularly interested in a
cell phone that has a reliable ssh client, with ssh-agent and public
key authentication abilities.  Those of you who administer systems
remotely, what mobile ssh client do you recommend?  What phone would
you recommend?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] One for the Cisco experts...

2009-04-22 Thread Sean Carolan
> Back to my first email message when I thought you were already using
> OpenNMS...  You have to uncomment the Linkd service in
> etc/service-configuration.xml, then restart opennms and give it some
> time to probe.  Then it should show from the 'View Node Link Detailed
> Info' at the top left of a node page.  The weakest part of the program
> is the web admin section.  While it does a lot, there is much more that
> you can control via the xml config files.

Thanks again, Les, this is going to be a very useful tool for us!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] One for the Cisco experts...

2009-04-22 Thread Sean Carolan
> It was somewhat difficult to install on Centos (mostly just getting a
> Sun JVM installed sanely) until they added the yum repository.  It is
> still somewhat complicated to deal with all of the things it can do so
> I'd suggest joining the mailing list if you haven't already.  It does
> support many more devices out of the box than netdisco, including hosts
> as well as network equipment. If you want it to collect snmp data for
> graphs on the switch ports that don't have addresses you can set
> collection manually for each one or just change snmpStorageFlag to "all'
> in datacollection-config.xml.

OpenNMS is now crawling my network and discovering all the servers.
I'm not seeing how to find which switch and port each device is
plugged into.  If I browse to a node and click on it's network
interface, it says this:

--
Link Node/Interface
No link information has been collected for this interface.
--

Is that where the port and switch information is supposed to show up?
Or am I looking in the wrong place?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] One for the Cisco experts...

2009-04-22 Thread Sean Carolan
> I'll repeat my recommendation for OpenNMS.  Getting started is as easy
> as 'yum install' (almost...).  And it can do about anything you'd want
> in a monitoring system - including matching up those switch ports with
> the connected devices.

Les, at first I didn't heed your advice because I figured it would be
another ten hour battle to get opennms installed.  I was pleasantly
surprised to find that that it installed in ten minutes using yum on
my CentOS 5 box.  Much slicker interface than netdisco, and it
discovered all the ports on my switches on the first try.  Thanks for
the suggestion!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] One for the Cisco experts...

2009-04-22 Thread Sean Carolan
> Last time I looked at it, I described the installation process as
> only slightly less complicated than building a Saturn-V rocket out of
> 1960's era TV parts.

You were not kidding - I some how managed to get netdisco installed
using the CentOS installer script but there were several points where
I had to install things by hand.  Unfortunately it's not discovering
my devices properly, I will take that up on the netdisco mailing list.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] One for the Cisco experts...

2009-04-21 Thread Sean Carolan
> My notes: http://wiki.xdroop.com/space/snmp/Switching+Tables
>

Hi Dave, so using the example from your site above I tested a mac
address against one of our switches:

[scaro...@host:~]$ snmpwalk -v1 -c pub...@200 10.100.3.6
.1.3.6.1.2.1.17.4.3 | grep `hexmac2decoid 00:B0:D0:E1:BF:52`
SNMPv2-SMI::mib-2.17.4.3.1.1.0.176.208.225.191.82 = Hex-STRING: 00 B0
D0 E1 BF 52
SNMPv2-SMI::mib-2.17.4.3.1.2.0.176.208.225.191.82 = INTEGER: 389
SNMPv2-SMI::mib-2.17.4.3.1.3.0.176.208.225.191.82 = INTEGER: 3

Does this mean that the machine is plugged into port 389?  I didn't
think there were 389 ports on the switch.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] One for the Cisco experts...

2009-04-21 Thread Sean Carolan
> We have a six- or seven- year old cisco 3750 which is running an IOS
> which doesn't have the newer MIB; for this switch, we must explicitly
> query the MIB-II Bridge for each VLAN.  I would hope that newer
> relesaes of IOS wouldn't have this limitation.

This is exactly what I was missing.  Thank you, I am now able to track
down which port each device is on.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] One for the Cisco experts...

2009-04-21 Thread Sean Carolan
I have a Cisco 6509 switch that I'm monitoring with SNMP from a
CentOS5 machine.  SNMP polls are the only access I have to this
device, we are not allowed to log on via telnet.

How can I find out which port on the switch a particular server is
connected to?  I was hoping that this is somehow possible using the
mac address and the data gathered from snmpwalk/snmpget requests but
I'm not having much luck.  How would you tackle this problem?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] lftp SSL_connect error

2009-03-29 Thread Sean Carolan
> None of our data center machines are
> able to connect so perhaps this is a firewall or NAT issue?  Anyway
> here is the very un-descriptive error message:
>
>  SSL_connect: error::lib(0):func(0):reason(0)
>  Closing control socket
> `ls' at 0 [Delaying before reconnect: 18]

Further investigation reveals that this is probably due to a firewall
issue, where the client may not be able to connect to the control
channel due to the encryption.

Anyone have a workaround or solution to this problem?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] lftp SSL_connect error

2009-03-27 Thread Sean Carolan
I am unable to find any documentation about this error message,
perhaps one of you has experienced this as well.  We have an FTP
server that is configured to accept FTP transactions over SSL.  The
server is working fine, as I am able to log in with lftp from my test
linux machine in the office.  None of our data center machines are
able to connect so perhaps this is a firewall or NAT issue?  Anyway
here is the very un-descriptive error message:

 SSL_connect: error::lib(0):func(0):reason(0)
 Closing control socket
`ls' at 0 [Delaying before reconnect: 18]

It just sits there trying to reconnect over and over again.  Any ideas?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] GNU Screen - emacs mode frustration

2009-02-25 Thread Sean Carolan
> Also, I'm wondering if there
> is an easy way to get mouse scrolling to work when reviewing terminal
> history in screen.  It's a pain in the arse to CTRL-A then ESC to be
> able to scroll back.

If anyone else is looking for mouse wheel scrolling in GNU screen,
here's the solution I found.  I added this to my .screenrc and it
works quite well:

termcapinfo xterm|xterms|xs|rxvt ti@:te@
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] GNU Screen - emacs mode frustration

2009-02-25 Thread Sean Carolan
I like Gnu screen, but the choice of CTRL-A as the command sequence is
extremely unfortunate.  Like many other bash users, I use CTRL-A to
get back to the beginning of the line (emacs editing mode).

How do you all get around this problem?  Also, I'm wondering if there
is an easy way to get mouse scrolling to work when reviewing terminal
history in screen.  It's a pain in the arse to CTRL-A then ESC to be
able to scroll back.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] GNU Screen Macro?

2009-02-23 Thread Sean Carolan
On Mon, Feb 23, 2009 at 11:53 AM, Don Harper  wrote:
> Under bash, I have a function defined like so:
>  function ss () {
>screen -t $1 ssh $*
>  }
>
> Then, I simply type:
>  ss hostname

Nice, this is helpful.  I used "ssc" instead because there appears to
be a built in ss command.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] GNU Screen Macro?

2009-02-23 Thread Sean Carolan
Anyone know if this is possible with GNU screen?

I would like to have a macro or keyboard shortcut whereby the
following actions are performed:

1.  Open new screen window (CTRL-A C)
2.  ssh to some $host
3.  Rename current screen as $host (CTRL-A A $host)

I can see that typing "screen" while within a screen session opens a
new window, however I'm not clear on how to automate steps 2 and 3.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Consistent .bashrc, .bash_profile, and .aliases across all machines

2009-02-08 Thread Sean Carolan
What do you use to keep your environment files like .bashrc,
.bash_profile, etc. synchronized across all your servers?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


Re: [CentOS] Tomcat Monitoring

2009-01-20 Thread Sean Carolan
> > You can use snmp and cacti to monitor some of the tomcat information.
> > You simply need to add a few configuration modifications.
> >
> > See http://java.sun.com/j2se/1.5.0/docs/guide/management/SNMP.html\

Thank you all for the replies.  We already use Nagios so I'm hoping
for a nagios-friendly solution.  Unfortunately the check_jmx plugin
listed on the Nagios exchange doesn't seem to work properly, being
unable to monitor Heap Memory Usage over 2Gb.

Does anyone else have a dependable nagios plugin for keeping tabs on
Nagios?  If not we will write our own.

thanks

Sean
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Tomcat Monitoring

2009-01-19 Thread Sean Carolan
What do you use for monitoring your Apache Tomcat servers?  I have used
jconsole to manually connect and look at the statistics.  I'm wondering if
there are any standard tools for watching the health of the java process.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


  1   2   3   >