Re: [CentOS] NUMA split mode?
On 10/1/2017 9:10 PM, hw wrote: I´m trying to download the PDF you pointed me to, but the download is stalled. I´m running Centos 7.4, but perhaps there´s an explanation in the PDF that might tell me what NUMA split mode is supposed to be. it loaded fine here again tonight. huh. the gist of the article is that they got at best 2-4% improvements with RHEL 6/SLES 6 on dual nehalem/westmere Xeon's when NUMA was enabled. I see no mention of NUMA Split mode -- john r pierce, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] NUMA split mode?
John R Piercewrites: > On 10/1/2017 8:38 AM, hw wrote: >> HP says that what they call "NUMA split mode" should be disabled in the >> BIOS of the Z800 workstation when running Linux. They are reasoning >> that Linux kernels do not support this feature and even might not boot >> if it´s enabled. > > hmm, that workstation is a dual Xeon 56xx (Westmere-EP, derived from > Nehalem), new in 2010 > >> Since it apparently was years ago since they made this statement, I´m >> wondering if I should still leave this feature disabled or not. More >> recent kernels might support it, and it´s supposed to improve >> performance. >> >> Could someone explain what this feature actually is or does, and if >> Centos kernels support it? > > > On these sorts of dual socket hardware architectures, half of the > memory is directly attached to each CPU, and the two CPUs are linked > with a QPI bus. All the memory appears in one unified address space, > but the memory belonging to the 'other' CPU has a little higher > latency to access since it has to go across the QPI. In non-NUMA > mode, this is ignored, and all memory is treated as equal from the OS > perspective. in NUMA mode, an attempt is made to keep process memory > on one CPU's memory, and to prefer scheduling those processes on the > cores of that CPU. This can get messy, say you have a process running > on core 0 (in cpu0) which allocates a big block of shared memory, then > spawns 8 worker threads which all run concurrently and use this same > shared working memory space. there's only 4 or 6 cores on each of > the two CPUs, so either these worker threads have to wait for an > available core on the same CPU as the memory allocation, or some of > them end up running across the QPI bus anyways. > > I believe Linux, even RHEL 6, does support NUMA configurations, but > its very questionable if a random typical workload would actually gain > much from it, and it adds significant overhead in keeping track of all > this. Is it possible that you are confusing enabling/disabling NUMA with NUMA split mode? It is possible to disable/enable NUMA, and when NUMA is enabled, you can also enable the mysterious NUMA split mode. I´m trying to download the PDF you pointed me to, but the download is stalled. I´m running Centos 7.4, but perhaps there´s an explanation in the PDF that might tell me what NUMA split mode is supposed to be. So far, I found out that KSM is disabled by default and would probably be a disadvantage here, so I´m using numad and probably gain something from most, if not all, things using local memory instead of going across nodes. This will need some further investigation, though. -- "Didn't work" is an error. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] MP4/H.264 codec for Firefox?
On 10/01/17 20:47, Frank Cox wrote: > On Sun, 1 Oct 2017 20:02:08 -0400 > Mark LaPierre wrote: > >> What repo did you find ffmpeg-libs in? > > Version : 2.6.8 > Release : 3.el7.nux > Architecture: x86_64 > Install Date: Wed 27 Apr 2016 06:23:09 PM CST > Group : Unspecified > Size: 13562904 > License : GPLv2+ > Signature : RSA/SHA1, Wed 27 Apr 2016 06:35:00 AM CST, Key ID > e98bfbe785c6cd8a > Source RPM : ffmpeg-2.6.8-3.el7.nux.src.rpm > Build Date : Wed 27 Apr 2016 06:33:00 AM CST > Build Host : rpmbuilder > Relocations : (not relocatable) > Packager: http://li.nux.ro/ > Vendor : Nux! > URL : http://ffmpeg.org/ > Summary : Libraries for ffmpeg > Description : > FFmpeg is a complete and free Internet live audio and video > broadcasting solution for Linux/Unix. It also includes a digital > VCR. It can encode in real time in many formats including MPEG1 audio > and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. > This package contains the libraries for ffmpeg > > Thank you. I can now view all three of the video types on the referenced page. -- _ °v° /(_)\ ^ ^ Mark LaPierre Registered Linux user No #267004 https://linuxcounter.net/ ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] MP4/H.264 codec for Firefox?
On Sun, 1 Oct 2017 20:02:08 -0400 Mark LaPierre wrote: > What repo did you find ffmpeg-libs in? Version : 2.6.8 Release : 3.el7.nux Architecture: x86_64 Install Date: Wed 27 Apr 2016 06:23:09 PM CST Group : Unspecified Size: 13562904 License : GPLv2+ Signature : RSA/SHA1, Wed 27 Apr 2016 06:35:00 AM CST, Key ID e98bfbe785c6cd8a Source RPM : ffmpeg-2.6.8-3.el7.nux.src.rpm Build Date : Wed 27 Apr 2016 06:33:00 AM CST Build Host : rpmbuilder Relocations : (not relocatable) Packager: http://li.nux.ro/ Vendor : Nux! URL : http://ffmpeg.org/ Summary : Libraries for ffmpeg Description : FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. This package contains the libraries for ffmpeg -- MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] compile webkit
On 09/30/2017 10:33 AM, Jerry Geis wrote: I am trying to compile webkitgtk I downloaded the webkit source, extracted CMake Error at Source/cmake/OptionsGTK.cmake:12 (message): GCC 4.9.0 is required to build WebKitGTK+, use a newer GCC version or clang I downloaded 2.14.7 - just like CentOS 7.4 has, how can I be getting a GCC error ? Jerry, it looks to me like cmake wants gcc v.4.9.0, but you've got v.2.14.7. You could find and download gcc v.4.9.0 and install it, say, to /usr/local/bin/ and adjust the makefile or args to cmake accordingly... or maybe it wouldn't even need any of that. My goal is to get the MediaSource package in webkit working. It seems to not be enabled. Is there a better way ? There might be, but I have no idea even what webkit does... and I've even got webkitgtk3 installed and didn't know it was there... looking around in the "Applications" menu and in the files included in the package, I couldn't find a way to launch it or any documentation about it. Unless somebody argues really good with me, I'll probably think I don't need it. :) So better way for what? Thanks, No charge, it's open source. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] MP4/H.264 codec for Firefox?
On 10/01/17 12:13, Roman Kennke wrote: > Am 01.10.2017 um 12:28 schrieb hw: >> Roman Kennkewrites: >> >>> Hello, >>> >>> I am trying to get MP4/H.264 playback in Firefox to work on my CentOS >>> laptop (for vimeo). >>> >>> I installed the gstreamer plugins as described here: >>> >>> https://wiki.centos.org/TipsAndTricks/MultimediaOnCentOS7 >>> >>> (No, I did not install Flash, VLC and all the other stuff. I only want >>> HTML5 MP4 playback..) >>> >>> I enabled the nux repos. I did install all available gstreamer >>> plugins, i.e. -good -bad -ugly -ffmpeg etc. No success. >>> >>> Has anybody got mp4 playback working? >>> >>> Here's a test page: >>> >>> https://www.quirksmode.org/html5/tests/video.html >> All movies on that page play without having taken any particular >> precautions in Seamonkey (I dislike Firefox). >> >> However, I have ffmpeg and mplayer installed (compiled from source >> because there aren´t packages for those). I don´t know if any of them >> are being used by Seamonkey. >> >> >> yum list installed | grep gstream >> gstreamer.x86_64 0.10.36-7.el7 >> @base >> gstreamer-plugins-base.x86_64 0.10.36-10.el7 >> @base >> gstreamer-tools.x86_64 0.10.36-7.el7 >> @base >> gstreamer1.x86_64 1.10.4-2.el7 >> @base >> gstreamer1-plugins-base.x86_64 1.10.4-1.el7 >> @base >> >> >> Those must have been installed for dependencies; I didn´t install them >> explicitly. > > Installing ffmpeg-libs solved it for me. I suspect that FF links against > ffmpeg-libs or via gstreamer-ffmpeg or some such. > > Thanks, Roman What repo did you find ffmpeg-libs in? -- _ °v° /(_)\ ^ ^ Mark LaPierre Registered Linux user No #267004 https://linuxcounter.net/ ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] prevent users from fiddling with network?
From: CentOSon behalf of Valeri Galtsev Sent: Thursday, September 21, 2017 9:10 AM To: centos@centos.org Subject: [CentOS] prevent users from fiddling with network? Dear Experts, "this is system from the hell!" Than was my first reaction when I realized that logged in with GUI (X11) user can turn off (and on) network interfaces. Without being in sudoers file. Wow, this is scary to see on workstations I manage centrally. Even though I did consider local user to be able to execute the command "shutdown" (which distinguished RedHat and CentOS from other Linux flavors: after all local user can yank power cord off the wall). Sorry about my little rant above. Could someone point me into right direction as to how do I disable the ability of (local, logged in through X11) users to fiddle with network interfaces. Even worse, they can create new profile and define for interfaces to behave differently... In the past I could just add USERCTL="no" into interface ifcfg-... file inside /etc/sysconfig/network-scripts which doesn't seen to have any effect on latest CentOS 7. What is my pilot error here? (Ignorant in new shiny extremely MS Windows like for _ignorant_ person - me - system). Thanks a lot for all your help! Valeri Didn't see any more ideas in this thread. The way I solved this was to use policykit. Created the file /etc/polkit-1/rules.d/20-networkmanager.rules with the following content /* require authentication to modify network settings */ polkit.addRule(function(action, subject) { if (action.id.indexOf("org.freedesktop.NetworkManager." ) == 0 ) { return polkit.Result.AUTH_ADMIN; } }); That will require someone with admin privileges to authenticate for NetworkManager actions to succeed. regards, Thomas ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] NUMA split mode?
On 10/1/2017 9:39 AM, John R Pierce wrote: I believe Linux, even RHEL 6, does support NUMA configurations, but its very questionable if a random typical workload would actually gain much from it, and it adds significant overhead in keeping track of all this. a technical paper examining exactly this, on exactly the sort of architecture you have, using RHEL 6. http://iopscience.iop.org/article/10.1088/1742-6596/664/9/092010/pdf -- john r pierce, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] NUMA split mode?
On 10/1/2017 8:38 AM, hw wrote: HP says that what they call "NUMA split mode" should be disabled in the BIOS of the Z800 workstation when running Linux. They are reasoning that Linux kernels do not support this feature and even might not boot if it´s enabled. hmm, that workstation is a dual Xeon 56xx (Westmere-EP, derived from Nehalem), new in 2010 Since it apparently was years ago since they made this statement, I´m wondering if I should still leave this feature disabled or not. More recent kernels might support it, and it´s supposed to improve performance. Could someone explain what this feature actually is or does, and if Centos kernels support it? On these sorts of dual socket hardware architectures, half of the memory is directly attached to each CPU, and the two CPUs are linked with a QPI bus. All the memory appears in one unified address space, but the memory belonging to the 'other' CPU has a little higher latency to access since it has to go across the QPI. In non-NUMA mode, this is ignored, and all memory is treated as equal from the OS perspective. in NUMA mode, an attempt is made to keep process memory on one CPU's memory, and to prefer scheduling those processes on the cores of that CPU. This can get messy, say you have a process running on core 0 (in cpu0) which allocates a big block of shared memory, then spawns 8 worker threads which all run concurrently and use this same shared working memory space. there's only 4 or 6 cores on each of the two CPUs, so either these worker threads have to wait for an available core on the same CPU as the memory allocation, or some of them end up running across the QPI bus anyways. I believe Linux, even RHEL 6, does support NUMA configurations, but its very questionable if a random typical workload would actually gain much from it, and it adds significant overhead in keeping track of all this. -- john r pierce, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] MP4/H.264 codec for Firefox?
Am 01.10.2017 um 12:28 schrieb hw: Roman Kennkewrites: Hello, I am trying to get MP4/H.264 playback in Firefox to work on my CentOS laptop (for vimeo). I installed the gstreamer plugins as described here: https://wiki.centos.org/TipsAndTricks/MultimediaOnCentOS7 (No, I did not install Flash, VLC and all the other stuff. I only want HTML5 MP4 playback..) I enabled the nux repos. I did install all available gstreamer plugins, i.e. -good -bad -ugly -ffmpeg etc. No success. Has anybody got mp4 playback working? Here's a test page: https://www.quirksmode.org/html5/tests/video.html All movies on that page play without having taken any particular precautions in Seamonkey (I dislike Firefox). However, I have ffmpeg and mplayer installed (compiled from source because there aren´t packages for those). I don´t know if any of them are being used by Seamonkey. yum list installed | grep gstream gstreamer.x86_64 0.10.36-7.el7 @base gstreamer-plugins-base.x86_64 0.10.36-10.el7 @base gstreamer-tools.x86_64 0.10.36-7.el7 @base gstreamer1.x86_64 1.10.4-2.el7@base gstreamer1-plugins-base.x86_64 1.10.4-1.el7@base Those must have been installed for dependencies; I didn´t install them explicitly. Installing ffmpeg-libs solved it for me. I suspect that FF links against ffmpeg-libs or via gstreamer-ffmpeg or some such. Thanks, Roman ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] NUMA split mode?
Hi, HP says that what they call "NUMA split mode" should be disabled in the BIOS of the Z800 workstation when running Linux. They are reasoning that Linux kernels do not support this feature and even might not boot if it´s enabled. Since it apparently was years ago since they made this statement, I´m wondering if I should still leave this feature disabled or not. More recent kernels might support it, and it´s supposed to improve performance. Could someone explain what this feature actually is or does, and if Centos kernels support it? -- "Didn't work" is an error. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Intel turbo mode
Hi, is there a way in Centos to find out if the Intel turbo mode will be used? Using the 'stress' utility and checking the frequency with cpupower tells me that a CPU is running at it´s maximum frequency as reported by cpupower --- and this frequency is less than the frequency it would run at if it used the turbo mode. All the other CPUs are at their minimum frequency. I have verified that turbo mode is enabled in the BIOS. Is cpupower unable to report frequencies used in turbo mode despite it always says it gets its information from the hardware? -- "Didn't work" is an error. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to prevent files and directories from being deleted?
Am 01.10.2017 um 17:21 schrieb hw: Hi, how can I prevent files/directories like /var/run/mariadb from being deleted on reboot? Lighttpd has the same problem. This breaks services and makes servers non-restartable by anyone else but the administrator who needs to re-create the needed files and directories every time and has to figure out what selinux labels they need. This causes unnecessary downtimes. This is entirely inacceptable. This totally sucks. See https://developers.redhat.com/blog/2016/09/20/managing-temporary-files-with-systemd-tmpfiles-on-rhel7/ how to manage tmpfiles. Curious, how did you install MariaDB that you have such a problem? The package shipping with CentOS does not create such issue. Alexander ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] how to prevent files and directories from being deleted?
Hi, how can I prevent files/directories like /var/run/mariadb from being deleted on reboot? Lighttpd has the same problem. This breaks services and makes servers non-restartable by anyone else but the administrator who needs to re-create the needed files and directories every time and has to figure out what selinux labels they need. This causes unnecessary downtimes. This is entirely inacceptable. This totally sucks. -- "Didn't work" is an error. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [Fwd: Re: [HEADS UP] Default value of SELinux boolean httpd_graceful_shutdown will changed.]
m.r...@5-cent.us writes: > Original Message > Subject: Re: [HEADS UP] Default value of SELinux boolean > httpd_graceful_shutdown will changed. > From:"Lukas Vrabec"> Date:Fri, September 29, 2017 10:26 > To: de...@lists.fedoraproject.org > "Selinux List at Fedora Project" > -- > > On 09/29/2017 03:57 PM, Alexander Bokovoy wrote: >> On pe, 29 syys 2017, Lukas Vrabec wrote: >>> I'm planning change the default value of httpd_graceful_shutdown >>> boolean in Fedora Rawhide because of improving SELinux configuration. >>> Rawhide builds with this change will be available in ~5 days. >>> >>> Together with Dan Walsh, we agreed on that httpd_graceful_shutdown >>> boolean should be by default turned off. This boolean allows HTTPD to >>> connect to port 80 for graceful shutdown, but it's breaking the >>> functionality of another boolean called: httpd_can_network_connect. >>> This boolean allows HTTPD scripts and modules to connect to the >>> network using TCP and it's turned off by default. >>> >>> Turning this boolean off can cause some troubles, on web-servers where >>> processes with httpd_t SELinux domain connecting to tcp ports: 80, 81, >>> 443, 488, 8008, 8009, 8443, 9000 >>> >>> If you would like to turn in on again, use semanage command: >>> # semanage boolean -m --on httpd_graceful_shutdown >> In FreeIPA we have httpd_can_network_connect enabled. I just checked a F26 >> system and I have both booleans enabled. >> >> # getsebool -a|egrep 'httpd_graceful_shutdown|httpd_can_network_connect ' >> httpd_can_network_connect --> on >> httpd_graceful_shutdown --> on >> >> So I'm a bit confused: disabling httpd_graceful_shutdown will have or >> wouldn't have an effect on httpd_can_network_connect being enabled? >> > > httpd_graceful_shutdown is subset of httpd_can_network_connect. > > Turning on httpd_graceful_shutdown you allow httpd_t domain connecting > just to ports labeled as httpd_port_t. > Turning on httpd_can_network_connect you allow httpd_t domain connecting > to all ports from SELinux POV. > > Right now, we ship selinux-policy with httpd_graceful_shutdown turned on > and httpd_can_network_connect turned off. But it's confusing for users > because they have httpd_can_connect turned off but httpd_t domain can > still connect co http_port_t ports becuase of httpd_gracefull_shudown. I would think it´s confusing because the names of these booleans do not indicate their purpose very well. I didn´t question what httpd_can_network_connect is supposed to mean, and I wasn´t aware that there is a distinction between ports. I also didn´t know that an httpd would require to connect to ports it genuinely connects to to serve its purpose just to shut down itself. How does that make sense, and who would want to prevent their httpd from shutting down gracefully? Since httpd usually connects to the network to be useful, I wouldn´t expect that httpd_graceful_shutdown has anything to do with allowing it to connect to some ports. So unless you do not want to use any of the standard ports for http, httpd_graceful_shutdown would be enabled unless this boolean particularly refers to connecting to the standard ports *only* during shutdown while httpd_can_network_connect does *not* apply during shutdown. I somehow doubt that this is so. Perhaps it would better to rename these booleans like httpd_can_connect_default_ports httpd_can_connect_all_ports and have a third one like httpd_can_connect_sql_ports. That last one would have to somehow take encrypted connections into account. You´d still have to make a general design decision whether a permission that is broader than another one overrides the narrower permission. I would vote for broader permissions to always override narrower ones and to issue a warning when someone sets a permission which overrides any that are narrower. In case you want to do it the other way round, always give a warning when a narrower permission is enabled but remains defeated by a broader one. Not doing that requires users to figure out the effects of permissions by themselves. How are they supposed to do that? That must already have been thought about. What is the general decision here, and the reasoning behind it? Is there some query program that tells us in more detail what a particular boolean means? How would a user --- and probably most of them are having a hard time already to get around selinux when it gets into their way yet again --- ever figure out what these booleans mean other than by making assumptions based on how they are called, and by experimenting? I´m always tempted to turn selinux off because it´s ridiculously difficult to figure out what you need to do to be able to do what you need. I might have to turn it off even because I can´t have a samba share that
Re: [CentOS] MP4/H.264 codec for Firefox?
Roman Kennkewrites: > Hello, > > I am trying to get MP4/H.264 playback in Firefox to work on my CentOS > laptop (for vimeo). > > I installed the gstreamer plugins as described here: > > https://wiki.centos.org/TipsAndTricks/MultimediaOnCentOS7 > > (No, I did not install Flash, VLC and all the other stuff. I only want > HTML5 MP4 playback..) > > I enabled the nux repos. I did install all available gstreamer > plugins, i.e. -good -bad -ugly -ffmpeg etc. No success. > > Has anybody got mp4 playback working? > > Here's a test page: > > https://www.quirksmode.org/html5/tests/video.html All movies on that page play without having taken any particular precautions in Seamonkey (I dislike Firefox). However, I have ffmpeg and mplayer installed (compiled from source because there aren´t packages for those). I don´t know if any of them are being used by Seamonkey. yum list installed | grep gstream gstreamer.x86_64 0.10.36-7.el7 @base gstreamer-plugins-base.x86_64 0.10.36-10.el7 @base gstreamer-tools.x86_64 0.10.36-7.el7 @base gstreamer1.x86_64 1.10.4-2.el7@base gstreamer1-plugins-base.x86_64 1.10.4-1.el7@base Those must have been installed for dependencies; I didn´t install them explicitly. -- "Didn't work" is an error. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos