Re: MySQL Max connections?
Am Dienstag, den 07.12.2004, 11:47 -0600 schrieb Jacob S: Hello list, I am having a problem with mysql refusing connections intermittently on a webserver. It acts like an invisible limit has been hit on the maximum number of connections. Not finding any info in the config files about the max number of connections allowed, I did some googling. This url is the closest I can find, though I notice their syntax seems to be a lot different from the standard mysql config file in Debian. Not to mention that the page was last updated 09/2003. http://www-css.fnal.gov/dsg/external/freeware/mysqlTuning.html Can anyone tell me if this is the correct way to increase the max number of connections, or how to do it if it's not? I would try to test it myself, but it is a bit hard to do on a busy server and when I would need a huge number of connections. There are tow ways to set the limit of maximium connections at one time: - connect to mysql as root and type: mysql set global max_connections=xxx; you can check your vars with: mysql show variables; -- after restart of mysqld the default value is back. - edit /etc/my.cnf and add max_connections = xxx to the [mysqld] section -- this would cause mysqld to use this var after next restart good luck, Achim TIA, Jacob -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: MySQL Max connections?
Am Dienstag, den 07.12.2004, 13:07 -0600 schrieb Jacob S: Do you or anybody else know what the default number is for max_connections? 100 is the default-value for max_connections I suppose it could be system load causing my problem, since top usually shows an average of 4.0 or 5.0 when the problem occurs. It seems like the whole mysql server or apache would be killed though if that were the case. (Server is a 2.2Ghz P4 with 512MB of ram.) just took a look and our primary webserver - it's running 185 mysqld and 36 httpd processes - load average is 0.11, 0.19, 0.18 on a 1.8 ghz celeron with 1.5 gb of physical ram. perhaps some more ram whould help fixing your problem - afaik mysql is getting much faster and efficient as more ram it can use. Achim -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Reports on Postfix + Amavis + SpamAssassin
Am Mi, 2004-10-27 um 14.56 schrieb Federico Lazcano: Hello everyone: I need an advice on reporting in web pages (MRTG-Like) the activities of a mail system build on Postfix + Amamisd-new + Spamassassin. Any clue? I'm using Debian Sarge. $ apt-cache show mailgraph Package: mailgraph Architecture: all Version: 1.8-1 Depends: debconf, libfile-tail-perl, librrds-perl Recommends: httpd Filename: pool/main/m/mailgraph/mailgraph_1.8-1_all.deb Size: 15130 MD5sum: aae91b2657e84379624e9ebdf9fc5503 Description: Mail statistics RRDtool frontend for Postfix Mailgraph is a very simple mail statistics RRDtool frontend for Postfix that produces daily, weekly, monthly and yearly graphs of received/sent and bounced/rejected mail. As you can read, I'm not a native speaker. ;-) Saludos, Federico Lazcano - Soporte Técnico [EMAIL PROTECTED] -- Hardtec S.R.L. Dorrego 2406 - Rosario TE: 0341-486 http://www.hardtec.com.ar http://www.hardtec.com.ar/
Re: include the mcrypt module of php
What about: - apt-get install php4-mcrypt - check if extension=mcrypt.so was added to /etc/php4/apache/php.ini - restart apache now your php should know of mcrypt functions. good luck, achim Am Sa, 2004-10-23 um 17.32 schrieb Francisco Castillo: Hello, I has try to call the mcrypt functions on a my PHP Version 4.3.7-dotdeb + APACHE + DEBIAN WOODY System. $td = mcrypt_module_open('tripledes', '', 'ecb', ''); $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND); mcrypt_generic_init($td, $llave, $iv); $datos_cifrados = mcrypt_generic($td, $entrada); mcrypt_generic_deinit($td); mcrypt_module_close($td); But the execution of this script give me the error Fatal error: Call to undefined function: mcrypt_module_open() in It seems that my php has no mcrypt module linked, so php.net saids me to : ..To use it, download libmcrypt-x.x.tar.gz .. and then .. You need to compile PHP with the --with-mcrypt[=DIR] parameter to enable this extension. DIR is the mcrypt install directory. Make sure you compile libmcrypt with the option --disable-posix-threads. .. So i do a apt-get install libmcrypt4 and installed the libmcrypt in the system and then i has seen on my phpinfo() that Configure Command ..--with-mcrypt=shared,/usr'.. but the problem go on. So I ask to resolver my problem : Should i recompile my php in order to support mcrypt using the--with-mcrypt[=DIR] ? How could i do this recompile procedure, could i do it with apt? Is there another way to resolve my problem? Thanks in advance, Francisco Castillo. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: include the mcrypt module of php
So you should search the corresponding php4-mcrypt-package from http://www.dotdeb.org/packages.php and install that (it seems, that you installed the package from standard-woody). good luck, achim Am Sa, 2004-10-23 um 18.00 schrieb Francisco Castillo: Hey.. I has do a morpheo:~# find / -name mcrypt.so /usr/lib/php4/20010901/mcrypt.so morpheo:~# cd /usr/lib/php4/200 20010901 20020429 morpheo:~# cd /usr/lib/php4/20020429/ morpheo:/usr/lib/php4/20020429# cp ../20010901/mcrypt.so . but now it seems to be another problem morpheo:/usr/lib/php4/20020429# cp ../20010901/mcrypt.so . morpheo:/usr/lib/php4/20020429# /etc/init.d/apache restart Reloading apache modulesPHP Warning: Unknown(): mcrypt: Unable to initialize module Module compiled with module API=20010901, debug=0, thread-safety=0 PHPcompiled with module API=20020429, debug=0, thread-safety=0 These options need to match in Unknown on line 0 . Thanks in advance Francisco Castillo. - Original Message - From: Francisco Castillo [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, October 23, 2004 5:54 PM Subject: Re: include the mcrypt module of php Ok thanks, it seems to be the correct way, but i when i has do it i has now the problem: /etc/init.d/apache restart Reloading apache modulesPHP Warning: Unknown(): Unable to load dynamic library '/usr/lib/php4/20020429/mcrypt.so' - /usr/lib/php4/20020429/mcrypt.so: cannot open shared object file: No such file or directory in Unknown on line 0 So, i has do a locate mcrypt.so but i has not found it, why do not has been installed this library on my system with the apt-get install php4-mcrypt? Thanks in advance. Francisco Castillo. - Original Message - From: Achim Schmidt [EMAIL PROTECTED] To: Francisco Castillo [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Saturday, October 23, 2004 5:40 PM Subject: Re: include the mcrypt module of php What about: - apt-get install php4-mcrypt - check if extension=mcrypt.so was added to /etc/php4/apache/php.ini - restart apache now your php should know of mcrypt functions. good luck, achim Am Sa, 2004-10-23 um 17.32 schrieb Francisco Castillo: Hello, I has try to call the mcrypt functions on a my PHP Version 4.3.7-dotdeb + APACHE + DEBIAN WOODY System. $td = mcrypt_module_open('tripledes', '', 'ecb', ''); $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND); mcrypt_generic_init($td, $llave, $iv); $datos_cifrados = mcrypt_generic($td, $entrada); mcrypt_generic_deinit($td); mcrypt_module_close($td); But the execution of this script give me the error Fatal error: Call to undefined function: mcrypt_module_open() in It seems that my php has no mcrypt module linked, so php.net saids me to : ..To use it, download libmcrypt-x.x.tar.gz .. and then .. You need to compile PHP with the --with-mcrypt[=DIR] parameter to enable this extension. DIR is the mcrypt install directory. Make sure you compile libmcrypt with the option --disable-posix-threads. .. So i do a apt-get install libmcrypt4 and installed the libmcrypt in the system and then i has seen on my phpinfo() that Configure Command ..--with-mcrypt=shared,/usr'.. but the problem go on. So I ask to resolver my problem : Should i recompile my php in order to support mcrypt using the--with-mcrypt[=DIR] ? How could i do this recompile procedure, could i do it with apt? Is there another way to resolve my problem? Thanks in advance, Francisco Castillo. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Intel SR1325TP1-E 3ware 9xxx RAID thoughts
Hi Simon, We recently installed a intel SR1325TP1-E with a 3ware 7000-SATA-RAID running sarge - no problems with RAID - 3ware-software (RAID-cli and management via webserver works fine) - but unfortunatelly Intels Server Management 5.* does not support debian (better said no other linux than rh) - this means you will not be able to monitor fan-speeds and temperatures using lm_sensors/i2c - if we had the chance again we would purchase some other server/board (e.g. tyan) Achim Am Fr, 2004-10-15 um 10.20 schrieb Simon Buchanan: Hi There, I am looking to deploy some 1U rack servers based on the Intel Entry Server Platform SR1325TP1-E, but using a 3ware Escalade 9500S-4LP hardware raid with 3 x SATA 200GB drives (RAID 5) instead of the onboard stuff (as i have heard there are some problems with compatability here)... Does anyone have any comments, thoughts or ideas on the above? PS: Would be using Sarge. Regards, Simon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Intel SR1325TP1-E 3ware 9xxx RAID thoughts
Am Do, 2004-10-14 um 22.01 schrieb Franz Georg Köhler: Isn't i2c supposed to be standardized? today i had to speak to their support and the hint given was to take the redhats rpm and create a own deb using alien :/ Further i was told using lm_senors or other tools using i2c won't work because the board is optimized for ISM... We are running a lot of boxes with 3ware 7000 series SATA-RAID without experiencing any difficulties (as we did with mylex). Where did you get the 3ware utilities for linux? http://www.3ware.com/support/download.asp?code=8 Does the software keep up with icp's icpcon? sorry - never used icp contollers. Achim
Re: mysql refusing access from other machines
You are sure mysql is listening on all interfaces and not only lo ? perhaps take a look to my.cnf and check if skip-networking is active - if yes simply comment it and restart mysqld. -achim Am Mo, 2004-08-02 um 11.47 schrieb Shannon R.: good day all! i'm getting really confused with how to properly allow users to access mysql from other machines. (on debian woody, using all stable packages) that is, i tried this as mysql root user: GRANT SELECT, INSERT, UPDATE, DELETE ON my_sql_db.* TO [EMAIL PROTECTED] IDENTIFIED BY 'password'; after this, i can access mysql as 'dbuser' from the localhost. the mysql servers ip add by the way is 192.168.1.1, and since i also want that user to be able to access from 192.168.1.2, i also did this command: GRANT SELECT, INSERT, UPDATE, DELETE ON my_sql_db.* TO [EMAIL PROTECTED] IDENTIFIED BY 'password'; that should have been it but whenever i try to access mysql from 192.168.1.2, i keep getting an Can't connect to MySQL server error. im pretty sure i did this right, but it just wont work. did i do anything wrong? what could i possible have overlooked? i even tried installing phpmyadmin and using it to add users, even going as far as adding users with host '%' but i just can't connect to mysql from another machine. anybody have any idea what could be going on here? thanks! shannon __ Do you Yahoo!? Yahoo! Mail is new and improved - Check it out! http://promotions.yahoo.com/new_mail -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Reverse dns?
Hi Daniel, to check if your reverse zone registered: $ whois -hwhois.ripe.net 28.129.82.in-addr.arpa to check if your reverse delegation is working inside nameservice: $ dig @ns.ripe.net any in 28.129.82.in-addr.arpa - zone is registered, but the not (yet) active in ripes nameservice... cheers, - Achim Schmidt Am Don, 2004-01-01 um 22.18 schrieb Daniel Holze: Hello debian-isp, i have a /24 and i have reverse delegations on this IP-Space. So i have i file it calls: 28.129.82.in-addr.arpa i put in the File following text: $TTL 12h $ORIGIN 28.129.82.in-addr.arpa. @ IN SOA ns1.dwl-dns.de. hostmaster.dwleasing.de. ( 2003123101 ; serial number 3h ; refresh 15m; update retry 3w ; expiry 24h ; minimum ) IN NS ns1.dwl-dns.de. IN NS ns2.dwl-dns.de. 1 IN PTR gateway.dwleasing.de. Our ISP said that it must be work but it didnt. Maybe i think ripe didnt know my Nameservers. Anyone know how i can ask Ripe if my NameServer accepted for rdns? -- Best wishes, DWL-Deutsche Webleasing oHG Daniel Holze Technical Director Hanauer Landstrasse 320 D-60314 Frankfurt Telefon: +49 (0)69 403 57 990 Telefax: +49 (0)69 403 57 991 http://www.dwleasing.de mailto:[EMAIL PROTECTED]
Re: Server hacked - next...?
Hi Jason, a good programm to check for rootkits can be found here: http://www.chkrootkit.org/ - Achim Am Son, 2003-06-29 um 15.47 schrieb Jason Lim: Hi Russell, Well, SE Linux certainly seems like something that needs to be installed. Most annoying is that all the recent security updates were already done! The user CGIs run as the user's UID... suexec. Re-installing from scratch would be a real pain... the server runs on a 3ware array, and has hundreds of users, all active :-/ Is there any way to verify the Integrity of the files somehow, and download/re-install any binaries that do not match the checksums or something? Does dpkg or some other Debian tool have this ability? If just a list of packages could be shown that do not match what is actually on the disk, those could be re-downloaded and re-installed, so at least the system can start working (right now, just typing gcc produces garbage on the screen, no doubt because some libraries have been replaced). Is there any tool that could search the system for root suid scripts (so the hacker can login again and gain root easily)? Hope you can shed some light on the above, so at least the system can get back up and running, then we can even setup a new server (with SE Linux and various others) and migrate the accounts over. Thanks in advance!!! Sincerely, Jason - Original Message - From: Russell Coker [EMAIL PROTECTED] To: Jason Lim [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: 29 June, 2003 4:02 PM Subject: Re: Server hacked - next...? On Sun, 29 Jun 2003 17:12, Jason Lim wrote: The box is a very recently updated stable box... virtually every other date apt-get is update/upgrade. The box is setup very secure... the usual things were done... like ensuring no unused services are running and things like that. So does that mean stable is actually vulnerable to something we all don't know about??? That could be the case. Or it could be some issue of your configuration. Maybe you have Apache set to run customer cgi-bin scripts under the same UID and a customer uploaded an insecure or hostile cgi-bin script. Have you considered using SE Linux? -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Server hacked - next...?
Hi Jason, a good programm to check for rootkits can be found here: http://www.chkrootkit.org/ - Achim Am Son, 2003-06-29 um 15.47 schrieb Jason Lim: Hi Russell, Well, SE Linux certainly seems like something that needs to be installed. Most annoying is that all the recent security updates were already done! The user CGIs run as the user's UID... suexec. Re-installing from scratch would be a real pain... the server runs on a 3ware array, and has hundreds of users, all active :-/ Is there any way to verify the Integrity of the files somehow, and download/re-install any binaries that do not match the checksums or something? Does dpkg or some other Debian tool have this ability? If just a list of packages could be shown that do not match what is actually on the disk, those could be re-downloaded and re-installed, so at least the system can start working (right now, just typing gcc produces garbage on the screen, no doubt because some libraries have been replaced). Is there any tool that could search the system for root suid scripts (so the hacker can login again and gain root easily)? Hope you can shed some light on the above, so at least the system can get back up and running, then we can even setup a new server (with SE Linux and various others) and migrate the accounts over. Thanks in advance!!! Sincerely, Jason - Original Message - From: Russell Coker [EMAIL PROTECTED] To: Jason Lim [EMAIL PROTECTED]; debian-isp@lists.debian.org Sent: 29 June, 2003 4:02 PM Subject: Re: Server hacked - next...? On Sun, 29 Jun 2003 17:12, Jason Lim wrote: The box is a very recently updated stable box... virtually every other date apt-get is update/upgrade. The box is setup very secure... the usual things were done... like ensuring no unused services are running and things like that. So does that mean stable is actually vulnerable to something we all don't know about??? That could be the case. Or it could be some issue of your configuration. Maybe you have Apache set to run customer cgi-bin scripts under the same UID and a customer uploaded an insecure or hostile cgi-bin script. Have you considered using SE Linux? -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
Re: HTTP execute
try this: lynx --source http://my_url/my.php /dev/null - Achim Am Die, 2003-06-17 um 02.55 schrieb Rudi Starcevic: Hi, I'd like to exeute a php script on Apache via a cron job. All I want to do is execute the file not download it. So far I've tried wget and lynx without the results I'd like. Wget downloads the file and the lynx commnad opens up lynx in a terminal. Any tips ? Thank you kindly Best regards Rudi. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: HTTP execute
try this: lynx --source http://my_url/my.php /dev/null - Achim Am Die, 2003-06-17 um 02.55 schrieb Rudi Starcevic: Hi, I'd like to exeute a php script on Apache via a cron job. All I want to do is execute the file not download it. So far I've tried wget and lynx without the results I'd like. Wget downloads the file and the lynx commnad opens up lynx in a terminal. Any tips ? Thank you kindly Best regards Rudi.
Re: Max. File Size
Hi, this means your system can handle a maximum of 8192 file-handles at one time. - Achim Am Mon, 2003-06-02 um 06.56 schrieb Rudi Starcevic: Hi, cat /proc/sys/fs/file-max 8192 Is that how I can see what the current max file size is for my system ? If so is that saying ? 8192 what ? Thanks Rudi. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Max. File Size
Hi Rudi, see this page for the whole story about your problem: http://www.faqchest.com/prgm/pgsql-l/pgsql-99/pgsql-9908/pgsql-990810/pgsql99081523_36142.html or: http://www.linuxgazette.com/issue42/tag/18.html or: http://www.google.com/search?q=maximum+filesize+debianie=UTF-8oe=UTF-8hl=debtnG=Google+Suchemeta= kind regards, - Achim Am Mon, 2003-06-02 um 07.59 schrieb Rudi Starcevic: Achim, Thanks for your reply, How can I see the maximum file size allowed ? I'd like to know what's the largest file I can create and/or if I can increase/decrease this size. Thanking you .. Best Regards Rudi. Achim Schmidt wrote: Hi, this means your system can handle a maximum of 8192 file-handles at one time. - Achim Am Mon, 2003-06-02 um 06.56 schrieb Rudi Starcevic: Hi, cat /proc/sys/fs/file-max 8192 Is that how I can see what the current max file size is for my system ? If so is that saying ? 8192 what ? Thanks Rudi. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Max. File Size
Hi, this means your system can handle a maximum of 8192 file-handles at one time. - Achim Am Mon, 2003-06-02 um 06.56 schrieb Rudi Starcevic: Hi, cat /proc/sys/fs/file-max 8192 Is that how I can see what the current max file size is for my system ? If so is that saying ? 8192 what ? Thanks Rudi.
Re: Max. File Size
Hi Rudi, see this page for the whole story about your problem: http://www.faqchest.com/prgm/pgsql-l/pgsql-99/pgsql-9908/pgsql-990810/pgsql99081523_36142.html or: http://www.linuxgazette.com/issue42/tag/18.html or: http://www.google.com/search?q=maximum+filesize+debianie=UTF-8oe=UTF-8hl=debtnG=Google+Suchemeta= kind regards, - Achim Am Mon, 2003-06-02 um 07.59 schrieb Rudi Starcevic: Achim, Thanks for your reply, How can I see the maximum file size allowed ? I'd like to know what's the largest file I can create and/or if I can increase/decrease this size. Thanking you .. Best Regards Rudi. Achim Schmidt wrote: Hi, this means your system can handle a maximum of 8192 file-handles at one time. - Achim Am Mon, 2003-06-02 um 06.56 schrieb Rudi Starcevic: Hi, cat /proc/sys/fs/file-max 8192 Is that how I can see what the current max file size is for my system ? If so is that saying ? 8192 what ? Thanks Rudi.