[SLUG] Best of breed LDAP/directory servers in 2008?
Hello, Does anyone have any recent experience with LDAP deployments across reasonably large environments (we have 1000+ hosts)?We use LDAP for traditional Unix host authentication/authorization, as well as various other web apps. We currently use Fedora Directory Server but are having many problems with its multimaster replication, and have hit some walls in troubleshooting it. While I believe we probably can fix it, management has asked for us to consider other directory server products (including commercial ones), if they would offer better features and long-term support. I'm wondering if anyone can offer their recent LDAP deployment experiences? Our requirements: * Multimaster replication (or similar) for cluster deployment across diverse geographical sites * Scalability to 1000's of hosts * Some sort of GUI administration (I guess web-based would be preferred; Fedora DS's Java-based admin tool is acceptable but painful to set up, and very slow over LANs) * Runs on RHEL, preferably playing nice with other apps on the same host(s) * Sane backup, disaster recovery, and upgrade procedures Commercial support availability is not a specific requirement, but is something we'd consider if it has good cost/benefit so I'd be interested in any thoughts on that also. (Note: head office is in the US, so AU-based support not really necessary) Thanks, --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Re: search engine for company network (OT)
rich wrote: Hello all, Richard here - been lurking for a while, first post. Seb, If you only have a few users to deal with then I concur with the Rev, Google Desktop is a great solution; it's simple and it will meet your users needs. There are alternatives, I actually use one called Copernic Desktop myself (although mostly for mail) - it works for me. If you are looking for something for more than a handful of users, then I'd seriously consider spending $$ on a Google mini appliance. They are about $6k for two years, which includes maintenance and support (and you get to keep the box at the end). We've used these search applicances at my company. The PTB liked them so much that we bought one of the Enterprise versions. You're compeltely right about Google's algorithms being so far above anything else possible. They're not open source, but at least open-friendly. --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] SIM cards as cheap data storage?
Peter Howard wrote: On Tue, 2008-04-15 at 15:44 +1000, Sridhar Dhanapalan wrote: It looks to me that the Octopus card still requires a connection back to a remote server somewhere to run the transaction. It's also geared more as an ID device rather than a data storage medium. Nope, it can be synchronised to the main servers later. In the case of bus travel the details from the box in the bus gets uploaded at the end of the day. T-card was working that way too. But in the case of T-cards and buses in Sydney, there's a pretty high likelihood of the bus getting back to the depot and the data being uploaded safely (assuming the NSW government hasn't canceled the contract while the bus was out driving around!). In the scenario discussed here it seems like the motorcycle rider disappear if he decided his motorcycle and handheld reader is worth more on the black market than his job. Wouldn't the data be lost in your scenario, since the card is just an ID mechanism, without record of the actual transaction? It seems that's part of the important requirement for read-write capability. --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] SIM cards as cheap data storage?
Sridhar Dhanapalan wrote: I am looking for a cheap data storage solution for many people. The requirements are as follows: How many is many? That can really affects the cost issue quite a bit. Are we talking a hundred, a thousand, ten thousand, what? --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Oracle 9i database and samba
Joel Heenan wrote: Network filesystems are not normally used for database files. I work for an ASP that has all of its Oracle databases (hundreds of them) mounted via NFS. It works just fine. The database servers are running Red Hat Enterprise Linux 4 and 5, and the NFS mount points are NetApp filers. Now, this is a bit tangential to the original question, which was about Windows and samba. SMB/CIFS is not at all the same thing as NFS. But it's worth pointing out that Oracle on network filesystems is perfectly doable - and NFS is fully supported by Oracle, given certain conditions. An important way that we meet those conditions is that all NFS traffic for Oracle is in a physically separate network from all other traffic, and is managed very carefully to avoid congestion. --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Mass converting Gigabites of wma to mp3
Sonia Hamilton wrote: On Tue, 2008-01-22 at 01:52 +1100, Sam Gentle wrote: Oh, and as always, man find will bring great enlightenment and happiness. Don't use 'man find' - 'info find' is better. And if you don't like the emacs-y navigation/keybindings of "info" - checkout the "pinfo" client that accesses the same information, but with more standard PC keybindings - e.g. the pgup, pgdown, and arrow keys actually work as you might expect. Sometimes "pinfo" isn't installed by default, but it's provided in most distributions. --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Domain Name Servers
Rick Phillips wrote: I have always thought that DNS servers for a domain may reside totally outside the domain. i.e. server.main.domain has no dns server running but has DNS servers other.server.com and another.server.com act authoritatively for server.main.domain. That is correct. We have a server with very sensitive information and the boss does not want anything other than a web port open to the world. Okay, that is fine and fits in with your previous statement. > My experience has always been that the server in question is at least the primary DNS. This seems to contradict your previous statement. If you don't wish this "server in question" with the sensitive information, to run DNS services, why not set up the configuration that you already established as probable, with the DNS hosted entirely by different servers? I don't understand why the current configuration of some particular server should rule out the possibility of a different configuration being possible? Perhaps I misunderstand. Thanks, Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Quick and dirty mail/spam server
Jeff Waugh wrote: Here, here. itym "hear, hear"... Or are you referring to the previous poster as a dog? ;-) Heel, heel? ;-) --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Renting Dell servers for benchmarks?
Amos Shapira wrote: Hello, We'd like to try to assess our hardware requirements for a network server and for this need access to a large-ish configuration (lots of RAM, lots of disks, strong CPU's). We are a small ISV and so I though that maybe Dell (with whom our hosting provider in the US works) might provide such access as part of a "partners program" but so far I failed to draw their attention (they keep bouncing me back and forth among technical people with long waiting times and difficult accent). Does anyone know what are my options to access such hardware? (The server will run CentOS 5, so that's the connection to Linux :). Dell definitely does offer such services, we have used them extensively at my company (a US-based ISV). Our requirements have been somewhat larger however (clusters of up to a dozen servers), so therefore more likely to attract their attention. But I am not certain of the best method to get in touch with this department, however, as all my contact is second-hand through our performance testing director in the US. But I would recommend working through the Dell sales organization (if you buy any significant amount of hardware, you should have a dedicated sales rep), or attempt to get a contact from your hosting provider. We now have dedicated testing labs because we've found the need for performance testing was significant and Intel hardware is still relatively cheap. Our software runs on Solaris also and for that we continue to use Sun testing labs, due to the extreme expense of high-performance Sun hardware. --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] tip: how to renumbber screens in gnu screen
Simon Wong wrote: The hardest thing about finding tip for screen is that typing screen into Google is not exactly definitive! I've found that using "GNU screen" in quotes is useful when Googling. This only finds hits where people have used that terminology, but Sonia did above, indicating it's reasonably common, and hopefully people will continue that convention. :-) --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] unwired and linux
Christopher Vance wrote: On Nov 13, 2007 3:20 PM, Dean Hamstead <[EMAIL PROTECTED]> wrote: How does unwired know who you are if it is using dhcp? do they want your MAC address? Unless things have changed since a friend got rid of his, the Unwired modem is your dhcp server. I've used unwired as recently as 2 months ago (with the Ethernet version), and it was a standard DHCP server. It operates like a hotel wifi gateway in that it "redirects" all web requests to an activation site. Once you activate the modem, it just operates as a standard DHCP/NAT gateway. There shouldn't be an issues with Linux. Can't speak for the PC Card version. I have the Ethernet modem still if you want to buy one cheap -it works fine. I'm not sure if the same modem is used for prepaid (I had the month-to-month service), but I would expect it is. (I switched to Optus DSL to get better latency and higher download limits.) --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] restoring scren handling in terminal ?
Voytek Eymont wrote: On Sat, November 10, 2007 11:14 am, Scott Ragen wrote: [EMAIL PROTECTED] wrote on 10/11/2007 10:47:42 AM: what's a way out of that ? Typing 'reset' should correct this. thanks, Scott, yes, fixed when I 'man reset', some of the output, specifically quotes around some words do not print correctly, does that mean I have some wrong terminal specification somewhere...? I think that means your terminal (or screen or something) doesn't support Unicode. You can get around this by specifying the environment variable LANG to use an older format. The following should work: bash$ LANG=C man screen or to set it for all future commands bash$ export LANG=C bash$ man screen That tells it to use the default "C" locale which is really old-fashioned, but should be compatible with just about anything. (C as in the programming language.) Hope this helps, Jeremy Portzer -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] installing 'file': edit Makefile.am or Makefile.in ?
Voytek Eymont wrote: thanks, Matthew so where do I identify changelog /url for RH73 'file' ? You mean Red Hat Linux (RHL) 7.3, right? To get the changelog of the currently installed version, you can run "rpm -q --changelog file" this is the same as the previously-mentioned command, but getting its information from the local RPM database, instead of using the "-p" (package file) option. But surely you must know that Red Hat Linux 7.3 received its last security updates many years ago - a quick Google search shows it was 31 December 2003, almost four years go. While I applaud your effort in keeping things up to date manually, many programs are much harder to build and configure than "file" - and many many security issues exist in software from 2003, especially in the kernel. If you care anything about security, I think you would be better served by migrating away from RHL 7.3 to a much newer distribution that has current updates. --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] installing 'file': edit Makefile.am or Makefile.in
Voytek Eymont wrote: On Mon, October 15, 2007 11:37 am, jam wrote: thanks, James should I use '--exec-prefix' or '--prefix' ? is it just like below: ./configure --prefix= usr/bin -- Installation directories: --prefix=PREFIX install architecture-independent files in PREFIX [/usr/local] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX [PREFIX] As noted, --exec-prefix will default to the same thing as --prefix. So you only need to use --prefix. If you only set --exec-prefix, then --prefix will remain at the default (/usr/local) which in this case probably means the magic files will end up there. That's a bit confusing. I think --exec-prefix is designed for complex scenarios where you have multiple architectures supported in the same install tree, something that likely doesn't apply to you. If it were up to me, I would use the default --prefix (/usr/local ) and install everything there. This way, the files in /usr/bin will remain "owned" by the package management system, and be updated when a fix comes out for the security issue you are trying to patch. Generally, /usr/local should be positioned before /usr/bin in your PATH (if not, you should fix this). Hope this helps, Jeremy Portzer -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Aust Govt Netalert - Not for Linux
bill wrote: Just received the Aust Govt booklet "Netalert- protecting Australian Families OnLine". Checked out their comparison table of internet filters. (http://www.netalert.gov.au/filters/Compare_internet_content_filters.html#Comparisontable) Gotta love how the "Safe Eyes (Mac version)" is ticked as certified for IE6 and IE7. Huh? The latest (and no longer supported) version of IE for Mac is 5.2. Where "The Australian Government has undertaken a detailed assessment process to provide Australian households with access to the best available filters through the /National Filter Scheme."/ Seems like the Govt has missed the boat again Re Linux, or maybe Linux users are considered intelligent enough not to need Govt assistance? What percentage of Australian home users are using Linux on the desktop? Despite the advocacy of many here, I doubt the number is large enough to be worth spending money on. This program is costly enough as it is. --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] X-client software.
Hasnain wrote: Hi, Is there anyone knows about any x-client software like humminbird exceed for free to use x11 under ssh tunnelling. i used to use any gui to run on putty setting the display into localhost and exceed used to pipe those displays into local computers. Hello, I assume since you mention putty you're talking about running X applications displayed on MS-Windows? Note that this type of software is technically called an "X server" - not client. (The client is the program you're actually running on the remote system.) The meanings of server and client are slightly backwards when it comes to the X Window system. I typically used Cygwin and Cygwin/X . It is free software and easy to install. You can do exactly as you say and forward the displays using putty (or just use the cygwin ssh client which is easy to install once you have the cygwin environment configured). --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Newlines - was Re: Comsec behaving badly
Jamie Wilkinson wrote: Jeremy Portzer wrote: Common confusion/misconception is that \n refers to LF only. This is not always the case-usually it refers to the portable "newline" that gets expanded to the proper characters depending on platform or context. Over the wire, it is just newline, no carriage return. No, using your definition of "newline = LF", this is incorrect. Standard TCP/IP protocols like SMTP and HTTP use CR+LF ! The \r component of the CRLF bog is only a problem when you're doing file IO. For a wire protocol it's the \n that counts. You are still confusing the issue by using the semi-portable notation of "\n" (newline) to refer interchangeably to the LF (linefeed) character, ASCII 10. This is imprecise - but you're not the first to be tripped up by this. As I stated, \n (or "newline") and LF (ASCII 10) are NOT precisely the same thing. They are equivalent when dealing with Unix files, yes - so many people with Unix/Linux background tend to think of them interchangeably, but this isn't the case on other platforms. Yes, if you write a C or Perl program on Unix and want to make a DOS compatible file, you can use \r\n and it will work - because in Unix, \n becomes the ASCII 10, so the combined sequence is chr(13) then chr(10), or CR+LF. But if you compile that same program on Windows you will end up with the sequence CR+CR+LF since \n on Windows means CR+LF. This make sense?Again, \n is supposed to mean "the newline character sequence on the relevant platform" - and this ONLY equates to LF on some platforms, like Unix. When dealing with TCP/IP protocols, the newline (\n) sequence is typically expanded to CRLF, just like Windows/DOS files. I have not done C socket programming so I don't know whether \n automatically expands to CR+LF in standard socket libraries, or whether it is the responsibility of the programmer. But certainly, user-land utilities like "netcat" or "telnet" take care of this translation for you, as do Perl, PHP, and similar scripting languages. References: http://en.wikipedia.org/wiki/Newline talks about the general problem of the definition of "newline" http://www.faqs.org/rfcs/rfc822.html - clearly defines the line separator as "CRLF" for Internet messages (email) http://www.faqs.org/rfcs/rfc1945.html (HTTP 1.0) uses the same definition for protocol elements Background for those who aren't familiar: CR is "carriage return" - which on an old teletype/typewriter, means to move the carriage head back to the start. LF, or line feed, advances the paper one line. You need both of these to start a new line, so the DOS/Windows or TCP/IP interpretation is more technically correct for a teletype system. I guess Unix tried to simplify things by only using LF, trying to get away from physical aspects of the device. The wikipedia article has more on this esoterica. Hope this helps, Jeremy Portzer newline pedant -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Comsec behaving badly, how to talk to a big business
Amos Shapira wrote: On 07/10/2007, Alex Samad <[EMAIL PROTECTED]> wrote: On Sun, Oct 07, 2007 at 01:09:50AM +, Amos Shapira wrote: DATA: malformed address: <[EMAIL PROTECTED]>\n may not follow [EMAIL PROTECTED] : failing address in "To:" header is: [EMAIL PROTECTED] <[EMAIL PROTECTED] It might be the @ Yes it might be, I now see that it isn't included in the definition of "atext" (under 3.2.4 "Atom" in http://tools.ietf.org/html/rfc2822#page-12). Maybe they should put this text in a comment ("()"). Also the "\n" looks a bit suspicious - maybe there is a missing "\r" there somewhere? \n just means "newline" - which can either be CRLF (usual format for Internet communications; Windows/DOS format) or LF-only (Unix text files), or even CR-only (old Macintosh). Common confusion/misconception is that \n refers to LF only. This is not always the case-usually it refers to the portable "newline" that gets expanded to the proper characters depending on platform or context. --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] fun with sed
[EMAIL PROTECTED] wrote: On Thursday 27 September 2007 10:00:03 [EMAIL PROTECTED] wrote: man doesn't mention delimiter options, but info does. looks like I need to get familiar with info man is easy to use. info is abominable. In fact I have done 'info info' more times than 'info any_thing_else'. Yet another case of 'look how clever I am' (not). One day I will take on making man pages out of info. Meanwhile quite a useable tool is info2html which presents the info stuff as a hyperlinked web page. I second the recommendation for "pinfo" instead of "info" to read info pages. It is straightforward to use and has an attractive ncurses interface. Much less hassle than converting to HTML. I have never used info again since someone told me about pinfo. --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Re. Changes to cdrecord (etc.) ..
Adam Bogacki wrote: Got it ! It's working. Sometimes the act of writing down (& sending) the problems gives me the answer. Can you explain the fix please, for the benefit of the list membership and the archives? Thanks, JP -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Printer
Glen Turner wrote: There are a lot of "personal laser printers" out there, the B&W models of those are cheap to run and cheap to buy. You are looking at about $100 to $200. Toner is about $90 -- I use one a year in a household with three people printing uni and school assignments. Beware that some printers come with a half-full toner and no USB cable. You know, in the days of parallel printers it always used to seem really silly to me that printers never came with interface cables, and they claimed it was because there were different types of parallel interfaces, even well after DB25 parallel connectors became fully standardized. I can't believe they're still pulling this ruse when EVERY computer in the last 4-5 (6-8?) years has USB. --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] undocumented null cipher for ssh?
Scott Ragen wrote: [EMAIL PROTECTED] wrote on 20/09/2007 01:10:02 PM: Someone mentioned on list a while ago about using an undocumented feature of ssh that allows a null cipher (in order to speed up large file transfers). Does anyone remember the option? The cipher name is "none". Regards, Scott Are you sure this is a standard option? I've tried this in the past and never been able to make it work, and on my current system it just gives: $ ssh -c none localhost No valid ciphers for protocol version 2 given, using defaults. $ ssh -V OpenSSH_4.3p2 Debian-8ubuntu1, OpenSSL 0.9.8c 05 Sep 2006 Maybe the null cipher is available if you use SSH protocol version 1, but I don't have any servers that support ssh v1 anymore. --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] ssh questions
Zhasper wrote: Or, change your log level so they don't get logged. Or, have logrotate gzip your archives (which it probably does anyway) so that logging repeated patterns like that takes insignificant amounts of space. Or use the "logwatch" utility to read your logs which can summarize these authentication attempts in a way that is reasonably easy to scroll through, while still pointing out any other oddities. --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] migrating pasword file ?
Voytek Eymont wrote: I'm transferring web users from RH73 to Centos on new server; is there a way to transfer users' unknown passwords to the new server ? this is just for ftp access, that's the only access users have (or do I just ask them 'what password you desire?') Assuming you are using standard Unix authentication, and not something like LDAP, the passwords are stored in /etc/shadow, and you should be able to migrate the user database entries from /etc/passwd and /etc/shadow to the new server. You will need to copy/paste the appropriate lines (entries) from both files into the new server's files. Be careful not to cause any conflicts of UID or GID (the third and fourth fields in /etc/passwd). Do not migrate over system or daemon accounts - only the ones that correspond to your actual users. You will need to complete the same migration on /etc/group and /etc/gshadow for the group and group shadow files, since Red Hat Linux by default creates personal groups for every user (though the entries in /etc/gshadow are usually trivial). If you have to change any UIDs or GIDs to avoid conflict, be sure to change the ownership of all files in the home directories, and any other files like mail spools, with "chown" and "chgrp". I am not sure if there are any utilities to help automate this; I've always done this on a small scale and with care. --Jeremy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] recommendations for SATA RAID controllers?
On Thu, 10 May 2007, Howard Lowndes wrote: > Amos Shapira wrote: > > > I was thinking of using Linux software RAID (Debian Etch) but was very > > sternly warned not to do that on a production system. > > I don't know why not. I have had far more problems with SATA, esp mobo > integrated, when running in RAID mode than when running in IDE mode and > using software RAID. > Software RAID 5 uses a lot of CPU cycles that are best left to a hardware device. But software RAID 1 or 1+0 on a modern Linux system of any type should be fine in my opinion. If you do go with HW RAID, keep in mind you also want a card that interfaces well with Linux not just for the drive contorller itself, but also the management interface for detecting failed drives, rebuilding arrays, etc. This is of course much easier with Linux software raid. --Jeremy -- /---------\ | Jeremy Portzer[EMAIL PROTECTED] trilug.org/~jeremy | | GPG Fingerprint: 712D 77C7 AB2D 2130 989F E135 6F9F F7BC CC1A 7B92 | \-/ -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Oddball memory usage?
On Thu, 22 Feb 2007, Peter Hardy wrote: > I'm a little puzzled by this: > > total used free sharedbuffers cached > Mem:50050844816352 188732 0 1566443165540 > -/+ buffers/cache: 14941683510916 > Swap: 10526161052616 0 > > Is this sort of usage normal? Filling a gigabyte of swap space while > just under 1.5GB of memory is going towards buffers seems odd to me. And > vmstat reports no usage of this swap space over a 15 minute period. > > What sort of utilities are around to analyse swap space? I'd like to get > an idea of exactly what's using all of that memory. If a background daemon loads a bunch of stuff into memory, but then never accesses those pages, it can get swapped out, in favor of buffering files that *are* being used. This does improve overall performance and is normally useful, though counterintuitive at first. --Jeremy -- /---------\ | Jeremy Portzer[EMAIL PROTECTED] trilug.org/~jeremy | | GPG Fingerprint: 712D 77C7 AB2D 2130 989F E135 6F9F F7BC CC1A 7B92 | \-/ -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html