We have a perl cgi script that accepts uploaded files and runs
clamscan on them. While observing the system performance I noticed
that each clamscan process consumes up to 250MB of RAM. Is this
normal for ClamAV? This seems like an enormous amount of RAM, for
simply scanning one file for
I'm monitoring some CentOS 5 servers running Sun Java. We have set things
up so 2048 MB of RAM are available for the base operating system, taking
into account the xMx and permgen settings. What we're seeing is the swap
space getting used up, and not released. Is this normal behavior?
I think Xms/x is java's heap space for program object storage. It doesn't
take
into account the space needed for the JVM itself. Top should show you the
actual memory usage - along with any other programs that might be using a lot.
One of our java developers indicated that the heap space
I'm pretty sure that's not true. Permgen is just part of the heap space and
none of that accounts for the executing part of the JVM. In any case, you
probably want to allow some free memory to be used for filesystem cache.
I'll read up on this some more. I'm not a java expert.
Are there
What am I doing wrong here? I need to be able to write to /var/cvs.
This used to work before I moved these groups into an LDAP directory
instead of /etc/group:
[scaro...@watcher:/var/cvs]$ touch test.txt
touch: cannot touch `test.txt': Permission denied
[scaro...@watcher:/var/cvs]$ ls -ld
What is the output of 'ls -l /var/cvs/test.txt' ?
Marko
No, it doesn't exist. Oddly I have another user called cfmaster who
can write files in there just fine:
[cfmas...@watcher cvs]$ pwd
/var/cvs
[cfmas...@watcher cvs]$ touch test.txt
[cfmas...@watcher cvs]$ id cfmaster
uid=5101(cfmaster)
having a group with the same name in both /etc/group and LDAP groups
would be the surest path to insanity. Likewise, for /etc/passwd and LDAP
users.
I just needed to log out and back in again. Thanks for all your help!
___
CentOS mailing list
On some systems, reboot is required? to access disk from SAN device.
This turned out to be a zoning issue. Although I had properly created the
zone, I had to add it to our Prod configuration to make it live. Once
that was done, the virtual tape library was recognized right away:
kernel:
On some systems, reboot is required? to access disk from SAN device.
At least this issue is on my Hitachi AMS san system.
Yes, we've tried a few reboots. I'll bet the testing on this d2d
device did not get as thorough QA on Linux as it did on Windows. I'll
post the solution here if HP is
Did you check the output of /proc/scsi/scsi?
Yea, it's empty.
I would do a SCSI rescan using
echo - - - /sys/class/scsi_host/hostX/scan
Tried this and also:
echo 1 /sys/class/fc_host/host0/issue_lip
Still, nothing is seen by the host. We have also tried changing the
port settings
Maybe one of you has experienced something like this before.
I have a host running CentOS5.3, x86_64 version with the standard
qla2xxx driver. Both ports are recognized and show output in dmesg
but they never find my storage device:
qla2xxx :07:00.1: LIP reset occured (f700).
qla2xxx
I believe you will need:
syslogd -a /home/username01/dev/log -a /home/username02/dev/log
-a /home/username03/dev/log -a /home/username04/dev/log - or
something like this. I don't know the syntax for multiples -a...
This seems very impractical, both from a security standpoint and the
fact
Maybe one of you can help. We have set up a CentOS server so that
each user who logs in via sftp will be jailed in their home directory.
Here's the relevant sshd_config:
# override default of no subsystems
Subsystem sftpinternal-sftp -f LOCAL2 -l INFO
Match Group sftponly
I solved a similar issue with jail and syslog adding a -a
/home/jail/dev/log parameter to syslog startup.
In our environment the chroot jail is /home/username. Does this mean
we need a /home/username/dev/log for each and every user? If the
daemon is chroot'd to /home/username wouldn't this
?
Thanks
Sean
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
If your script change passwords via ssh and usermod, why not at
the same time do a chage -d number username?
Thank you, I may end up doing it this way at least until we can
configure AD or LDAP authentication.
___
CentOS mailing list
CentOS@centos.org
# Turn off SACK
net.ipv4.tcp_sack = 0
and execute sysctl -p to apply it. You can also use sysctl -w
net.ipv4.tcp_sack=0 to turn it off temporarily. Our file transfers worked
just fine after the change.
I realize there are differences our situation and yours and this might not
work in
I'm not sure what would cause that, but I'd use rsync over ssh instead of sftp
anyway - and use the -P option to permit restarting.
If it were up to me, we'd take that route. The software the client is
using is WinSCP which does have a restart feature, however it's not
working for us. I'm
Tell him to switch WinSCP to SCP mode.
Kai
Tried that, it still fails the same way. Here's the short list of
what I've tried to troubleshoot this:
Used SCP via the gui and command line
Used SFTP via the gui and command line
Ran yum update to bring all packages up to date
Tried stock CentOS
Just an idea or thought on it. You never said what the file size was or did
you? My idea is that is, there not a file size limitation on transfer to
and from the server? I thought there was? Check you vsftpd.conf out or
what ever ftp server your running for the size limitation. Maybe some
Load balancer... is that set up to maintain connections, or will it, like
IBM's
WebSeal, go to whichever server is next/least used in the middle of a
connection?
It's set to use least connection but there is only one server behind
the virtual IP at the moment.
I'm reasonably sure at this
I have an SSH server that was set up for a client, and every time we
try to upload large files via SFTP or scp, the transfers speed quickly
slows to zero and gives a - stalled - status message, then
disconnects. Here is an example:
ftp put iTunesSetup.exe iTunesSetup.exe
Uploading
On Mon, Dec 21, 2009 at 7:06 PM, 唐建伟 myh...@gmail.com wrote:
I met the same as you, but always due to the bad network connection.
I should probably provide some more information, the server is a VMware
guest running CentOS 5.3. It's using the vmxnet driver for the eth0
connection. IPv6 is
I have an odd situation here, maybe one of you can help. We have a
script that runs via a cron job. It's purpose is to decrypt
PGP-encrypted files in a certain directory. I have tried the command
two different ways, both fail with the same error message:
gpg --decrypt $file
On Mon, Oct 19, 2009 at 2:41 PM, Spiro Harvey sp...@knossos.net.nz wrote:
Is the cron job running as a different user? eg; are you running gpg as
a non-privileged user and the cronjob as root?
The cronjob script runs from /etc/crontab. Let me try root's personal
crontab instead.
Typically this type of problem is caused by environment variables
that are set in a login shell, but are missing or different than
those set for jobs running under cron.
You nailed it, Bill. Running the cron from root's personal crontab
worked fine. Must have been environment variable
While having hard limits makes it safer, wouldn't it be better to control the
memory usage of the script instead of setting limits that would trigger an
out of memory...?
How would you control the memory usage of the script if it's run by
the root user?
But what if the program's memory use is dependent on lots of factors
which are not easily predictable.
And you want to avoid bringing the whole system to it's knees while swapping
and killing arbritrary other programs while one program is consuming all
of ram and swap.
In that case it's
I have a perl script which runs from a cron job. How would you limit
the amount of RAM that this script is allowed to consume? Is there a
ulimit setting that will accomplish this? If so does ulimit have to
be run each time the script is run, or is there a way to set it
permanently?
If you run it as a regular user, then maybe you can check out
/etc/security/limits.conf
Currently the script runs as the root user. I may be able to change
this, but wanted to find out whether there was some other way first.
Would it be possible to use a ulimit command within the perl script
First, install the perl module BSD::Resource
yum install perl-BSD-Resource
Then use it in your program like:
#!/usr/bin/perl
use BSD::Resource;
setrlimit(RLIMIT_VMEM, 1_000_000, 1_000_000);
# rest of the program that is limited to 1MByte now
Thanks, Paul. I knew I'd find an
/dev/sdb1 976760032 97808 976662224 1% /mnt/usbdrive
I am thinking of having three partitions instead of just one whole big 1 TB
thing, and then format all three partitions in ext3. I tried doing
fdisk, but cylinders are always confusing for me. Is there any GUI
tool that
I have a server that is undergoing some patching soon and would like
to make note of any files that have changed after the patching is
complete. Can you recommend a tool that uses md5sum snapshots to do a
quick before and after test, showing anything that's changed on a
particular file system?
Ralph Angenendt wrote:
Sean Gilligan wrote:
I've created an outline for the article and labeled it as DRAFT, but
probably won't have time to do any more work till this weekend.
Are you still with us?
Yeah, I'm still here. I've just gotten real busy. I have some really
basic
You are missing the point, imho. I think the real issue, for me anyway,
is that Amazon is actively discouraging what is essentially a community,
in spite of the fact that they and many of their users rely on the
community to get things done, both work and play.
Indeed. The entire
So, unless they are happy to come back and start talking to us again I
highly recommend everyone not bother using EC2.
- KB
I had the exact same experience when trying to get a sales rep to talk
to me about hosting an application for my company. We need to know
that someone will be there to
Ralph Angenendt wrote:
Sean Gilligan wrote:
the Java section or sub-tree should start with
two articles to keep it simple and not create too much work (for me).
Do you have a suggestion for page URLs?
For the new article:
http://wiki.centos.org/HowTos/Java/OpenJDKOnCentOS
.
-- Sean
___
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman/listinfo/centos-docs
support:
http://www.flickr.com/photos/56083...@n00/3335201114/ -- but hopefully
with a fold-up keyboard)
But, I'll try the free version of TouchTerm in the meantime.
Thanks,
Sean
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman
What have people's experiences with CentOS 5.3 and OpenJDK for server
apps (e.g. Tomcat) been so far? Has anyone found they've had to install
the Sun JDK? If so, what was broken?
Thanks,
Sean
___
CentOS mailing list
CentOS@centos.org
http
I've been waiting for iPhone OS 3.0 before trying SSH (for Bluetooth
keyboard support:
http://www.flickr.com/photos/56083...@n00/3335201114/ -- but hopefully
with a fold-up keyboard)
Oh, an Iphone with a bluetooth keyboard would be perfect. One of the
main reasons I've stayed away from the
On Mon, May 4, 2009 at 1:41 PM, ja...@aers.ca wrote:
Touchterm is nice as it can be configured to launch screen (provided
your host has it installed) on connect so that if you switch away from
ssh on your iphone you don't have to start completely over when you
switch back.
Yes, a sucky
keyboard.
-- Sean
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
I'm up for a cell phone contract renewal and am considering upgrading
my handset. I looked at some devices at my local ATT store but
nothing really jumped out at me. I'm particularly interested in a
cell phone that has a reliable ssh client, with ssh-agent and public
key authentication
I use ConnectBot (http://code.google.com/p/connectbot/) on Android (I
have a T-Mobile G1). I absolutely recommend it. I have used it several
times in emergency situations.
Looks cool, if I wasn't stuck with ATT I would consider getting a G1.
Perhaps Samsung will come out with their Android
.
http://bugs.centos.org/view.php?id=3574
Thanks for the information. The OpenJDK HowTo should have a section
that addresses browser plugin issues.
-- Sean
___
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman
R P Herrold wrote:
Sean, I think you are on the right track; I would refactor
the java articles into a couple of them in a sub-tree, with
a chooser at the head, probably forming on pre/post 5.3, and
on Method A and Method B, to better handle sub issues, and aid
maintenance.
Thanks
Sean Gilligan wrote:
I just setup a personal home page and the template had a section that
I edited to look like this:
[[MailTo(sean AT SPAMFREE msgilligan DOT com)]]
I assumed it would use JavaScript to protect my e-mail address, but
when I view source on the page it's right there:
p
Karanbir Singh wrote:
'must contain a banner on the top indicating its a draft
article'
As I'm gearing up to write some docs, I've been thinking some kind of
'draft' indication would be a good idea. Perhaps draft docs could even
be placed in a separate directory.
-- Sean
Karanbir Singh wrote:
I think you should use cobbler for a bit :)
I see. I'll be in touch as I move forward.
-- Sean
___
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman/listinfo/centos-docs
.
Phil and I were actually talking about me making changes to
CreateLocalMirror, not CreateLocalRepos. Can I get write access to that
one, too?
As for the Java stuff, I would like to re-organize things a little and
I'll start a new thread for that proposal.
-- Sean
new Java developers into the CentOS community.
Regards,
Sean
___
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman/listinfo/centos-docs
Hi Ralph,
In reviewing the wiki editing guidelines, I see that I'm supposed to
setup a Personal Homepage, but I'm not allowed to edit that page.
Thanks,
Sean
___
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman
I just setup a personal home page and the template had a section that I
edited to look like this:
[[MailTo(sean AT SPAMFREE msgilligan DOT com)]]
I assumed it would use JavaScript to protect my e-mail address, but when
I view source on the page it's right there:
p class=line862Email: a class
Phil Schaffner wrote:
On Fri, 2009-04-24 at 12:25 -0700, Sean Gilligan wrote:
...
I noticed this wiki page
(http://wiki.centos.org/HowTos/CreateLocalMirror) was recently added.
I believe using Cobbler is a valid alternative approach for this,
right?
Please feel free to add a Cobbler
) a unified directory and/or search utility.
Of course, I'm willing to help update pages once I get wiki write access
-- Sean
Alan Bartlett wrote:
On 25/04/2009, Sean Gilligan s...@msgilligan.com wrote:
The 'contrib' repository is mentioned on FAQ/General #13:
http://wiki.centos.org
the documentation either directly or by posting on this list.
yum search package_name --enablerepo=*\repo_name
Thanks, I didn't know about the --enablerepo option to yum.
-- Sean
___
CentOS-docs mailing list
CentOS-docs@centos.org
http
Karanbir Singh wrote:
On 04/24/2009 08:05 PM, Sean Gilligan wrote:
In addition to Java, I have an interest in virtualization and also
Cobbler (https://fedorahosted.org/cobbler/) and at some point I might
want to create a Cobbler How To (I've set Cobbler up on Fedora in the
past, but want
Karanbir Singh wrote:
On 04/24/2009 08:25 PM, Sean Gilligan wrote:
That's really cool! I'd love to help with testing and documentation. I'm
also interested in sharing Cobbler configurations publicly, but I'm not
sure what that entails.
There is a small app I wrote many years back
Last time I looked at it, I described the installation process as
only slightly less complicated than building a Saturn-V rocket out of
1960's era TV parts.
You were not kidding - I some how managed to get netdisco installed
using the CentOS installer script but there were several points where
I'll repeat my recommendation for OpenNMS. Getting started is as easy
as 'yum install' (almost...). And it can do about anything you'd want
in a monitoring system - including matching up those switch ports with
the connected devices.
Les, at first I didn't heed your advice because I figured
Back to my first email message when I thought you were already using
OpenNMS... You have to uncomment the Linkd service in
etc/service-configuration.xml, then restart opennms and give it some
time to probe. Then it should show from the 'View Node Link Detailed
Info' at the top left of a
I have a Cisco 6509 switch that I'm monitoring with SNMP from a
CentOS5 machine. SNMP polls are the only access I have to this
device, we are not allowed to log on via telnet.
How can I find out which port on the switch a particular server is
connected to? I was hoping that this is somehow
We have a six- or seven- year old cisco 3750 which is running an IOS
which doesn't have the newer MIB; for this switch, we must explicitly
query the MIB-II Bridge for each VLAN. I would hope that newer
relesaes of IOS wouldn't have this limitation.
This is exactly what I was missing. Thank
My notes: http://wiki.xdroop.com/space/snmp/Switching+Tables
Hi Dave, so using the example from your site above I tested a mac
address against one of our switches:
[scaro...@host:~]$ snmpwalk -v1 -c pub...@200 10.100.3.6
.1.3.6.1.2.1.17.4.3 | grep `hexmac2decoid 00:B0:D0:E1:BF:52`
I have always handled the build errors as they come for the particular
package ...
if someone has a better method, I'd love to hear it too!
Sean
2009/4/3 Jerry Geis ge...@pagestation.com
Hi all - Since upstream patches the stock 2.6.18 kernel into something
that is not 2.6.18 (for the rest
I am trying to upgrade Php 5.1 to 5.2, I have added a few repos for yum,
but I end up getting two errors:
Missing Dependency: libldap-2.3.so.0 is needed by package php-ldap
Missing Dependency: liblber-2.3.so.0 is needed by package php-ldap
I have openldap 2.4 installed, libldap-2.4.so.2.2.0 and
None of our data center machines are
able to connect so perhaps this is a firewall or NAT issue? Anyway
here is the very un-descriptive error message:
SSL_connect: error::lib(0):func(0):reason(0)
Closing control socket
`ls' at 0 [Delaying before reconnect: 18]
Further
I am unable to find any documentation about this error message,
perhaps one of you has experienced this as well. We have an FTP
server that is configured to accept FTP transactions over SSL. The
server is working fine, as I am able to log in with lftp from my test
linux machine in the office.
I don't use it as my desktop system anymore, but I recall having encountered
this problem on 5.2 as well
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
What would be the recommended practise for moving files own by a
different user to another user if not via su and cp/mv?
rarely do we have root access to the machines, and make frequent use of scp
a group directory is really handy too
___
CentOS
I like Gnu screen, but the choice of CTRL-A as the command sequence is
extremely unfortunate. Like many other bash users, I use CTRL-A to
get back to the beginning of the line (emacs editing mode).
How do you all get around this problem? Also, I'm wondering if there
is an easy way to get mouse
Also, I'm wondering if there
is an easy way to get mouse scrolling to work when reviewing terminal
history in screen. It's a pain in the arse to CTRL-A then ESC to be
able to scroll back.
If anyone else is looking for mouse wheel scrolling in GNU screen,
here's the solution I found. I added
Anyone know if this is possible with GNU screen?
I would like to have a macro or keyboard shortcut whereby the
following actions are performed:
1. Open new screen window (CTRL-A C)
2. ssh to some $host
3. Rename current screen as $host (CTRL-A A $host)
I can see that typing screen while
On Mon, Feb 23, 2009 at 11:53 AM, Don Harper d...@duckland.org wrote:
Under bash, I have a function defined like so:
function ss () {
screen -t $1 ssh $*
}
Then, I simply type:
ss hostname
Nice, this is helpful. I used ssc instead because there appears to
be a built in ss command.
What do you use to keep your environment files like .bashrc,
.bash_profile, etc. synchronized across all your servers?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
solution. Unfortunately the check_jmx plugin
listed on the Nagios exchange doesn't seem to work properly, being
unable to monitor Heap Memory Usage over 2Gb.
Does anyone else have a dependable nagios plugin for keeping tabs on
Nagios? If not we will write our own.
thanks
Sean
What do you use for monitoring your Apache Tomcat servers? I have used
jconsole to manually connect and look at the statistics. I'm wondering if
there are any standard tools for watching the health of the java process.
___
CentOS mailing list
Anyone have a function or script for uploading files from a web
browser with a bash script? I know this is possible to do with Perl,
I'm wondering if the same is possible using only bash.
___
CentOS mailing list
CentOS@centos.org
I think he wants to have a shell-script that can process upload-file-
forms, displayed in browsers.
AFAIK, the general rule is: don't do that (CGI programming with shell-
scripts).
Use something else (PHP as CGI, if you don't want to have mod_php).
Good to know, thanks for the info. I
I'm a bit baffled by this problem. Maybe there's a sendmail guru out there
who can help me out here. We have some end-users who need to receive
system-generated mail that originates from a java-based application on our
network. The java app sends the mail through our sendmail cluster, which
I'm a bit baffled by this problem. Maybe there's a sendmail guru out
there who can help me out here. We have some end-users who need to
receive system-generated mail that originates from a java-based
application on our network. The java app sends the mail through our
sendmail cluster, which
#1 - turn your sendmail logging/debugging setting up as high as
it will go for just long enough to capture some of these events.
(then turn it back to its previous setting)
#2 - try using script and then telnet to capture an SMTP session
(Done by hand) with the MTA at the receiving end.
Is there an easy way to configure sendmail to only send mail to
addresses in one particular domain?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
If it is 'your' domain, configure the sender(s) to use the intended
receiving server as the SMART_HOST but don't give it RELAY permissions in
the receiving access file. That way it can attempt to send to other
addresses but only ones local to the receiving machine will be accepted.
Thanks,
Ok this is kind of a goofy question but I want to make sure I get it
right. Suppose we have a 25 mb video, that is 117 seconds long. If we
wish for this streaming video to play smoothly with no compression,
buffering or skipping, the following bandwidth requirements must be
met:
25 megabytes =
Don't forget that the data speed != line speed.
A line will only carry about 70% of the line
speed as data because of packet overheads.
Thanks for pointing this out. I believe I have enough information to
make my case. My guesstimate before seeing the actual file sizes was
that this would
The size of the file doesn't make much difference. What matters is the
resolution and framerate of the vide
For a back-of-the napkin calculation can we not assume that data equal
to the entire size of the file will be streamed to the client during
playback? I understand that frame rate, etc.
I have an init script that after running, causes my terminal not to
log out cleanly. Here's what i mean:
# /etc/init.d/script restart this runs fine, returns my shell prompt
# exitWhen I enter this command, my shell window just stays
stuck and actually won't close down.
Anyone know why
# /etc/init.d/script restart this runs fine, returns my shell prompt
# exitWhen I enter this command, my shell window just stays
stuck and actually won't close down.
Anyone know why this happens?
Are you spawning/backgrounding jobs in the script?
Here is the script, it is a fairly
You might try to change the script in init.d to append /dev/null
/dev/null 21 at the line that starts the daemon, this might force
it to detach itself from the terminal.
This appears to have corrected the issue, thank you very much for the reply.
___
We have several dozen production Linux servers and I would like to
have better control over what files are changed, by whom, when they
were changed, etc. Because these are all production servers that are
in use 24x7, we do not have the luxury of simply doing a clean build,
taking md5sums of each
We have an issue with some customers who refuse to accept ICMP traffic
to their mail servers. It seems that they have put Mordac, preventer
of information services in charge of their firewall policy
(http://en.wikipedia.org/wiki/List_of_minor_characters_in_Dilbert#Mordac).
My mail logs are
There was nothing out of the ordinary in /var/log/messages. The
logging just stops after the network card drops offline. dmesg also
shows nothing out of the ordinary when the driver is loaded. The
network card works fine until it is under heavy load.
Since you are running CentOS 3 I am
Thanks for the information. If I understand this correctly, the
client would have to convince the owner of each and every router hop
along the way to disable PMTU discovery if he insists on dropping all
ICMP packets?
And Scott hit the nail on the head with this comment:
Sometimes you can't be
why don't you start with the kernel version and architecture?
- uname -a
This server is running centos 3.9
Linux server.domain.com 2.4.21-57.ELsmp #1 SMP Wed May 7 06:10:55 EDT
2008 i686 i686 i386 GNU/Linux
- /var/log/messages relevant lines?
There was nothing out of the ordinary in
We have an HP DL360 server with dual on-board Tigon3 ethernet cards.
We are using eth0, eth1 is unused at the moment. Sometimes when the
network interface is under heavy load, for example moving large file
transfers over rsync or NFS, the network interface stops working and
we lose all connection
Set Enable=true under XDMCP section on /usr/share/gdm/defaults.conf
and relogin it will work you out.
I thought about this until I read the directions in the defaults.conf file:
# This file should not be updated by hand. Since GDM 2.13.0.4,
# configuration choices in the
I'm having trouble getting the GDM login screen to show up when I
connect from a remote host. I'm using Xming on the local Windows
machine, but every time I connect to the remote server all I get is a
gray window with the X cursor. I have Enable=true in the [xdmcp]
section of
On Wed, Oct 1, 2008 at 6:04 PM, Sean Carolan [EMAIL PROTECTED] wrote:
I'm having trouble getting the GDM login screen to show up when I
connect from a remote host.
I should add to this that I'm able to run X-windows programs on my
local workstation, such as gnome-terminal, xclock, etc. Xming
101 - 200 of 286 matches
Mail list logo