Re: [CentOS] ionice...
I have good experience with with "ionice -n 7 ...". On 2012-12-06 17:16, John Doe wrote: > anyone has some successful experience with ionice? > I tried it with 'idle' (-c 3) parameter. > When I did a quick test (find /), it seemed to work with frequent pauses (I > guess waiting for idle). > But when I used it on my big tar, it made it worse than without... which > seems counter-intuitive. I have good experience with with "ionice -n 7 ...". -- Paul ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /tmp directory
From: Jerry Geis > Yep - got me. Luckily I had other copied of the items. Just not on the > machine I needed > it at the time. You also have '/var/tmp' that is expected to survive reboots and should be less often (never?) cleared. JD ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ionice...
From: Paul Bijnens > On 2012-12-06 17:16, John Doe wrote: >> anyone has some successful experience with ionice? >> I tried it with 'idle' (-c 3) parameter. >> When I did a quick test (find /), it seemed to work with frequent pauses (I >> guess waiting for idle). >> But when I used it on my big tar, it made it worse than without... which >> seems counter-intuitive. > > I have good experience with with "ionice -n 7 ...". I will try but theoreticaly "best effort" should be more intense than "idle". >From a quick test, it seems to be the case But I am using ionice to replace nice... maybe I need to use both. Thx, JD ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Wacom hotplug Xorg crash
On 07/12/2012 23:09, James Pearson wrote: > We're seeing a number of Xorg crashes with CentOS 6.2 when using a Wacom > tablet shared between two machines (the other machine is running Windows) via > a KVM > > Xorg crashes after switching the KVM back to the CentOS box > > I've tried googling for this issue - and have found: > > https://access.redhat.com/knowledge/solutions/148183 > > Which has a similar backtrace (although not identical) to ones we are seeing > (see below) - but no further info is given on that webpage - but appears to > indicated that more info might (?) be available if I have a Red Hat > Subscription login - which I don't ... > > Would it be possible for someone that does have access to let me know if > there is any more Red Hat Knowledge Base information about this issue? > > A sample backtrace we have seen is: > > Backtrace: > 0: /usr/bin/Xorg (xorg_backtrace+0x28) [0x4546f8] > 1: /usr/bin/Xorg (0x40+0x58429) [0x458429] > 2: /lib64/libpthread.so.0 (0x3db6a0+0xf4a0) [0x3db6a0f4a0] > 3: /usr/lib64/xorg/modules/input/wacom_drv.so (0x7fc69c2c6000+0x48e6) > [0x7fc69c2ca8e6] > 4: /usr/lib64/xorg/modules/input/wacom_drv.so (0x7fc69c2c6000+0x4ac9) > [0x7fc69c2caac9] > 5: /usr/lib64/xorg/modules/input/wacom_drv.so (0x7fc69c2c6000+0x4b2d) > [0x7fc69c2cab2d] > 6: /usr/bin/Xorg (0x40+0x5f077) [0x45f077] > 7: /usr/bin/Xorg (0x40+0x1158b3) [0x5158b3] > 8: /lib64/libpthread.so.0 (0x3db6a0+0xf4a0) [0x3db6a0f4a0] > 9: /lib64/libpthread.so.0 (open64+0x10) [0x3db6a0ed10] > 10: /usr/lib64/xorg/modules/input/wacom_drv.so (0x7fc69c2c6000+0x84ec) > [0x7fc69c2ce4ec] > 11: /usr/bin/Xorg (0x40+0x61f41) [0x461f41] > 12: /usr/lib64/xorg/modules/input/wacom_drv.so (0x7fc69c2c6000+0xd746) > [0x7fc69c2d3746] > 13: /usr/lib64/xorg/modules/input/wacom_drv.so (0x7fc69c2c6000+0x885b) > [0x7fc69c2ce85b] > 14: /usr/bin/Xorg (0x40+0x61f41) [0x461f41] > 15: /usr/bin/Xorg (0x40+0x142099) [0x542099] > 16: /usr/lib64/libhal.so.1 (0x3dc2c0+0xbc08) [0x3dc2c0bc08] > 17: /lib64/libdbus-1.so.3 (dbus_connection_dispatch+0x336) [0x3db82109d6] > 18: /lib64/libdbus-1.so.3 (0x3db820+0x10ca9) [0x3db8210ca9] > 19: /usr/bin/Xorg (0x40+0x13f84b) [0x53f84b] > 20: /usr/bin/Xorg (WakeupHandler+0x4b) [0x42421b] > 21: /usr/bin/Xorg (WaitForSomething+0x1ef) [0x452d5f] > 22: /usr/bin/Xorg (0x40+0x2ccf2) [0x42ccf2] > 23: /usr/bin/Xorg (0x40+0x21ebb) [0x421ebb] > 24: /lib64/libc.so.6 (__libc_start_main+0xfd) [0x3db621ecdd] > 25: /usr/bin/Xorg (0x40+0x21a49) [0x421a49] > Segmentation fault at address (nil) > > Thanks > > James Pearson > > > Hi James, Redhat suggest to update the wdaemon package to version 0.17-2.el6. they also reverence this errata http://rhn.redhat.com/errata/RHEA-2011-1625.html Tris * This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify postmas...@bgfl.org The views expressed within this email are those of the individual, and not necessarily those of the organisation * ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /tmp directory
Am 10.12.2012 um 11:22 schrieb John Doe:
> From: Jerry Geis
>
>> Yep - got me. Luckily I had other copied of the items. Just not on the
>> machine I needed
>> it at the time.
>
> You also have '/var/tmp' that is expected to survive reboots and should be
> less often (never?) cleared.
cat /etc/cron.daily/tmpwatch
flags=-umc
/usr/sbin/tmpwatch "$flags" -x /tmp/.X11-unix -x /tmp/.XIM-unix \
-x /tmp/.font-unix -x /tmp/.ICE-unix -x /tmp/.Test-unix \
-X '/tmp/hsperfdata_*' 240 /tmp
/usr/sbin/tmpwatch "$flags" 720 /var/tmp
for d in /var/{cache/man,catman}/{cat?,X11R6/cat?,local/cat?}; do
if [ -d "$d" ]; then
/usr/sbin/tmpwatch "$flags" -f 720 "$d"
fi
done
720 = 30 days
--
LF
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /tmp directory
Leon Fauster wrote:
> Am 10.12.2012 um 11:22 schrieb John Doe:
>> From: Jerry Geis
>>
>>> Yep - got me. Luckily I had other copied of the items. Just not on the
>>> machine I needed
>>> it at the time.
>>
>> You also have '/var/tmp' that is expected to survive reboots and should be
>> less often (never?) cleared.
>
>
>
> cat /etc/cron.daily/tmpwatch
> flags=-umc
> /usr/sbin/tmpwatch "$flags" -x /tmp/.X11-unix -x /tmp/.XIM-unix \
> -x /tmp/.font-unix -x /tmp/.ICE-unix -x /tmp/.Test-unix \
> -X '/tmp/hsperfdata_*' 240 /tmp
> /usr/sbin/tmpwatch "$flags" 720 /var/tmp
> for d in /var/{cache/man,catman}/{cat?,X11R6/cat?,local/cat?}; do
> if [ -d "$d" ]; then
> /usr/sbin/tmpwatch "$flags" -f 720 "$d"
> fi
> done
>
>
>
> 720 = 30 days
what? you mean this dir called /var/tmp is actually for temporary
stuff?? man, this system is seriously screwed up...
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Advanced Persistent Threats; Why aren't we confining Firefox and Evolution?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/07/2012 04:59 PM, Rob Townley wrote: > Daniel, > > Can the Firefox profile file hierarchy be sandboxed? So everything > downloaded within the profile cache is sandboxed. More like if any > application accesses something in a particular folder, sandboxing > automatically kicks in. > You would need to setup something separately to do this. Sandboxing tool is by user choice. For example in firefox/thunderbird I can specify that any time it downloads content, firefox/thunderbird will run a command to view that content. rather then use evince or ooffice, I have them run sandboxevince and sandboxooffice, which are simple shell scripts wrapping sandbox command. cat ~/bin/sandboxevince #!/bin/sh /usr/bin/sandbox -X /usr/bin/evince "$@" cat ~/bin/sandboxooffice #!/bin/sh /usr/bin/sandbox -w 1400x750 -X ooffice "$@" You can run your entire firefox session within a sandbox. Here is how I do this. cat ~/bin/sandboxfirefox sandbox -i ~/.mozilla -X -t sandbox_web_t -W metacity -w 1000x900 firefox $* Now getting apps to run sandbox when looking at certain content is something you would need to figure out. > On Fri, Dec 7, 2012 at 5:49 AM, Daniel J Walsh wrote: > > On 12/06/2012 09:05 PM, David McGuffey wrote: Moat of the advanced persistent threats (APT) are initiated via e-mail. Opening an attachment or clicking on a web link starts the process. Why isn't Firefox and Evolution confined with SELinux policy in a way > that APT can't damage the rest of the system? Why are we not sandboxing these two apps with SELinux? I've discovered some guidance for sandboxing Firefox using the 'sandbox' command. Once I test it a bit, I'll post the results back here. Seems > to me that if this works, it should be the default. DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos > Very difficult to sandbox thunderbird and firefox. But sandbox tool > actually works well for sandboxing viewers of downloaded data. I sandbox > all content that will be viewed by evince and libreoffice. >> ___ CentOS mailing list >> CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos >> > ___ CentOS mailing list > CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos > -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlDGAdcACgkQrlYvE4MpobNnTACgotqePhY2NY03GEZitDU2job7 Ia0An3YijmST+kuUxxLDPRsBhTzmEM0c =k1X2 -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Advanced Persistent Threats; Why aren't we confining Firefox and Evolution?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/07/2012 06:49 PM, Gordon Messmer wrote: > On 12/06/2012 06:05 PM, David McGuffey wrote: >> Why isn't Firefox and Evolution confined with SELinux policy in a way >> that APT can't damage the rest of the system? Why are we not sandboxing >> these two apps with SELinux? > > Probably mostly because when you sandbox an X11 application, you can't copy > and paste in or out of the application. Most users want to do that. > ___ CentOS mailing list > CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos > Yes when you wrap something in sandbox, you loose the ability for these applications to communicate with the rest of the desktop. In order to secure the desktop in any real way you need to break communications, and this communications break down, hurts usability. I opt for security, and will just run evince outside my session, if I really need copy/paste. Maybe when we get to Wayland, we can make this better. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlDGAnoACgkQrlYvE4MpobPYnQCfct1/1mnGEF7JxYd06ba/00hz qRgAoOQYZjU6ZvoaIk4a2gn9uKjBxsqH =Z6ei -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] what might cause iSCSI connection 1:0 error ISCSI_ERR_CONN_FAILED
Hi, I do have a centos 6.x server which accessed two different iscsistorages for a long time without any trouble. The storage-connection is done by a separate NIC and VLAN. The LAN access is on an other NIC. This weekend something broke and I don't have any clue what might be the problem or what caused it. The storages where mounted RO. In /var/loge/messages there are lot of messages; so from dmesg: Dec 10 17:13:21 richter kernel: connection3:0: ping timeout of 5 secs expired, recv timeout 5, last rx 4324582419, last ping 4324587419, now 4324592419 Dec 10 17:13:21 richter kernel: connection3:0: detected conn error (1011) Dec 10 17:13:22 richter iscsid: Kernel reported iSCSI connection 3:0 error (1011 - ISCSI_ERR_CONN_FAILED: iSCSI connection failed) state (3) From dmesg: connection1:0: ping timeout of 5 secs expired, recv timeout 5, last rx 4324597423, last ping 4324602423, now 4324607423 connection1:0: detected conn error (1011) I restarted the server and the filesystems are back online RW, but there are still that messages. Thanks for any suggestion or hint! Regards . Götz -- Götz Reinicke - IT-Koordinator - Filmakademie Baden-Württemberg GmbH ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /tmp directory
Am 10.12.2012 um 16:05 schrieb Nicolas Thierry-Mieg:
> Leon Fauster wrote:
>> Am 10.12.2012 um 11:22 schrieb John Doe:
>>> From: Jerry Geis
>>>
>>>
>>> You also have '/var/tmp' that is expected to survive reboots and should be
>>> less often (never?) cleared.
>>
>>
>>
>> cat /etc/cron.daily/tmpwatch
>> flags=-umc
>> /usr/sbin/tmpwatch "$flags" -x /tmp/.X11-unix -x /tmp/.XIM-unix \
>> -x /tmp/.font-unix -x /tmp/.ICE-unix -x /tmp/.Test-unix \
>> -X '/tmp/hsperfdata_*' 240 /tmp
>> /usr/sbin/tmpwatch "$flags" 720 /var/tmp
>> for d in /var/{cache/man,catman}/{cat?,X11R6/cat?,local/cat?}; do
>> if [ -d "$d" ]; then
>> /usr/sbin/tmpwatch "$flags" -f 720 "$d"
>> fi
>> done
>>
>>
>>
>> 720 = 30 days
>
> what? you mean this dir called /var/tmp is actually for temporary
> stuff?? man, this system is seriously screwed up...
i am just communicating the actual technical
situation - the meaning depends on the reader.
those directories are cleaned on a regular basis, if
tmpwatch is installed (the code above is from tmpwatch.rpm).
this is said to show a different perspective compared to the
above statement "...should be less often (never?) cleared"
i dont want to discuss the implications of
world writeable/sticky directories :-)
--
LF
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /tmp directory
>>> Am 10.12.2012 um 11:22 schrieb John Doe:
From: Jerry Geis
You also have '/var/tmp' that is expected to survive reboots and should be
less often (never?) cleared.
>>>
>>>
>>>
>>> cat /etc/cron.daily/tmpwatch
>>> flags=-umc
>>> /usr/sbin/tmpwatch "$flags" -x /tmp/.X11-unix -x /tmp/.XIM-unix \
>>> -x /tmp/.font-unix -x /tmp/.ICE-unix -x /tmp/.Test-unix \
>>> -X '/tmp/hsperfdata_*' 240 /tmp
>>> /usr/sbin/tmpwatch "$flags" 720 /var/tmp
>>> for d in /var/{cache/man,catman}/{cat?,X11R6/cat?,local/cat?}; do
>>> if [ -d "$d" ]; then
>>> /usr/sbin/tmpwatch "$flags" -f 720 "$d"
>>> fi
>>> done
>>>
>>>
>>>
>>> 720 = 30 days
>>
>> what? you mean this dir called /var/tmp is actually for temporary
>> stuff?? man, this system is seriously screwed up...
What else do you use it for?
--
Kind Regards
Rudi Ahlers
SoftDux
Website: http://www.SoftDux.com
Technical Blog: http://Blog.SoftDux.com
Cell: 082 554 7532
Fax: 086 268 8492
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Wacom hotplug Xorg crash
Tris Hoar wrote: > > Hi James, > > Redhat suggest to update the wdaemon package to version 0.17-2.el6. they > also reverence this errata http://rhn.redhat.com/errata/RHEA-2011-1625.html > > Tris Many thanks for looking - unfortunately, we're already using wdaemon 0.17-2 (as it was introduced with 6.2) - so I guess the problem we are having may be different Thanks again James ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /tmp directory
Rudi Ahlers wrote:
Am 10.12.2012 um 11:22 schrieb John Doe:
> From: Jerry Geis
>
> You also have '/var/tmp' that is expected to survive reboots and
> should be less often (never?) cleared.
cat /etc/cron.daily/tmpwatch
flags=-umc
/usr/sbin/tmpwatch "$flags" -x /tmp/.X11-unix -x /tmp/.XIM-unix \
-x /tmp/.font-unix -x /tmp/.ICE-unix -x /tmp/.Test-unix \
-X '/tmp/hsperfdata_*' 240 /tmp
/usr/sbin/tmpwatch "$flags" 720 /var/tmp
for d in /var/{cache/man,catman}/{cat?,X11R6/cat?,local/cat?}; do
if [ -d "$d" ]; then
/usr/sbin/tmpwatch "$flags" -f 720 "$d"
fi
done
720 = 30 days
>>>
>>> what? you mean this dir called /var/tmp is actually for temporary
>>> stuff?? man, this system is seriously screwed up...
>
> What else do you use it for?
I think John intended the cmt with
mark "temporary files are temporary? who'd'a thunk it?"
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /tmp directory
On Mon, Dec 10, 2012 at 6:58 PM, wrote:
> Rudi Ahlers wrote:
> Am 10.12.2012 um 11:22 schrieb John Doe:
>> From: Jerry Geis
>>
>> You also have '/var/tmp' that is expected to survive reboots and
>> should be less often (never?) cleared.
>
> cat /etc/cron.daily/tmpwatch
> flags=-umc
> /usr/sbin/tmpwatch "$flags" -x /tmp/.X11-unix -x /tmp/.XIM-unix \
> -x /tmp/.font-unix -x /tmp/.ICE-unix -x /tmp/.Test-unix \
> -X '/tmp/hsperfdata_*' 240 /tmp
> /usr/sbin/tmpwatch "$flags" 720 /var/tmp
> for d in /var/{cache/man,catman}/{cat?,X11R6/cat?,local/cat?}; do
> if [ -d "$d" ]; then
> /usr/sbin/tmpwatch "$flags" -f 720 "$d"
> fi
> done
>
> 720 = 30 days
what? you mean this dir called /var/tmp is actually for temporary
stuff?? man, this system is seriously screwed up...
>>
>> What else do you use it for?
>
> I think John intended the cmt with
>
> mark "temporary files are temporary? who'd'a thunk it?"
>
> ___
Probably. But I've seen people using /tmp to store rather important
stuff, which is why I asked the question - to get clarity.
--
Kind Regards
Rudi Ahlers
SoftDux
Website: http://www.SoftDux.com
Technical Blog: http://Blog.SoftDux.com
Cell: 082 554 7532
Fax: 086 268 8492
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] KDE login screen configuration problems
On Fri, 2012-12-07 at 14:33 -0600, Mike Watson wrote: > It take it back. It worked once. It's now reverted to GDM although > /etc/sysconfig/desktop still reads DISPLAYMANAGER=KDM. > Hello, On our CentOS 6.3 PC we have: DESKTOP="KDE" DISPLAYMANAGER="KDE" in the '/etc/sysconfig/desktop' file. It works with no problems. John. -- John Horne Tel: +44 (0)1752 587287 Plymouth University, UK Fax: +44 (0)1752 587001 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /tmp directory
On 10.12.2012, at 18:01, Rudi Ahlers wrote:
> On Mon, Dec 10, 2012 at 6:58 PM, wrote:
>> Rudi Ahlers wrote:
>> Am 10.12.2012 um 11:22 schrieb John Doe:
>>> From: Jerry Geis
>>>
>>> You also have '/var/tmp' that is expected to survive reboots and
>>> should be less often (never?) cleared.
>>
>> cat /etc/cron.daily/tmpwatch
>> flags=-umc
>> /usr/sbin/tmpwatch "$flags" -x /tmp/.X11-unix -x /tmp/.XIM-unix \
>> -x /tmp/.font-unix -x /tmp/.ICE-unix -x /tmp/.Test-unix \
>> -X '/tmp/hsperfdata_*' 240 /tmp
>> /usr/sbin/tmpwatch "$flags" 720 /var/tmp
>> for d in /var/{cache/man,catman}/{cat?,X11R6/cat?,local/cat?}; do
>>if [ -d "$d" ]; then
>> /usr/sbin/tmpwatch "$flags" -f 720 "$d"
>>fi
>> done
>>
>> 720 = 30 days
>
> what? you mean this dir called /var/tmp is actually for temporary
> stuff?? man, this system is seriously screwed up...
>>>
>>> What else do you use it for?
>>
>> I think John intended the cmt with
>>
>>mark "temporary files are temporary? who'd'a thunk it?"
>>
>> ___
>
>
> Probably. But I've seen people using /tmp to store rather important
> stuff, which is why I asked the question - to get clarity.
Sure. I've also seen people using the Windows trash can for the very same
purpose.
In the IT business, there is a word for that kind of people. We call them
'stupid'.
Cheers,
Peter.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
[CentOS] home directory server performance issues
I’m looking for advice and considerations on how to optimally setup
and deploy an NFS-based home directory server. In particular: (1) how
to determine hardware requirements, and (2) how to best setup and
configure the server. We actually have a system in place, but the
performance is pretty bad---the users often experience a fair amount
of lag (1--5 seconds) when doing anything on their home directories,
including an “ls” or writing a small text file.
So now I’m trying to back-up and determine, is it simply a
configuration issue, or is the hardware inadequate?
Our scenario: we have about 25 users, mostly software developers and
analysts. The users login to one or more of about 40 development
servers. All users’ home directories live on a single server (no
login except root); that server does an NFSv4 export which is mounted
by all dev servers. The home directory server hardware is a Dell R510
with dual E5620 CPUs and 8 GB RAM. There are eight 15k 2.5” 600 GB
drives (Seagate ST3600057SS) configured in hardware RAID-6 with a
single hot spare. RAID controller is a Dell PERC H700 w/512MB cache
(Linux sees this as a LSI MegaSAS 9260). OS is CentOS 5.6, home
directory partition is ext3, with options “rw,data=journal,usrquota”.
I have the HW RAID configured to present two virtual disks to the OS:
/dev/sda for the OS (boot, root and swap partitions), and /dev/sdb for
the home directories. I’m fairly certain I did not align the
partitions optimally:
[root@lnxutil1 ~]# parted -s /dev/sda unit s print
Model: DELL PERC H700 (scsi)
Disk /dev/sda: 134217599s
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Number StartEnd SizeType File system Flags
1 63s 465884s 465822s primary ext2 boot
2 465885s 134207009s 133741125s primary lvm
[root@lnxutil1 ~]# parted -s /dev/sdb unit s print
Model: DELL PERC H700 (scsi)
Disk /dev/sdb: 5720768639s
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Number Start End Size File system Name Flags
1 34s5720768606s 5720768573s lvm
Can anyone confirm that the partitions are not aligned correctly, as I
suspect? If this is true, is there any way to *quantify* the effects
of partition mis-alignment on performance? In other words, what kind
of improvement could I expect if I rebuilt this server with the
partitions aligned optimally?
In general, what is the best way to determine the source of our
performance issues? Right now, I’m running “iostat -dkxt 30”
re-directed to a file. I intend to let this run for a day or so, and
write a script to produce some statistics.
Here is one iteration from the iostat process:
Time: 09:37:28 AM
Device: rrqm/s wrqm/s r/s w/srkB/swkB/s avgrq-sz
avgqu-sz await svctm %util
sda 0.0044.09 0.03 107.76 0.13 607.40
11.27 0.898.27 7.27 78.35
sda1 0.00 0.00 0.00 0.00 0.00 0.00 0.00
0.000.00 0.00 0.00
sda2 0.0044.09 0.03 107.76 0.13 607.40
11.27 0.898.27 7.27 78.35
sdb 0.00 2616.53 0.67 157.88 2.80 11098.83
140.04 8.57 54.08 4.21 66.68
sdb1 0.00 2616.53 0.67 157.88 2.80 11098.83
140.04 8.57 54.08 4.21 66.68
dm-0 0.00 0.00 0.03 151.82 0.13 607.26
8.00 1.258.23 5.16 78.35
dm-1 0.00 0.00 0.00 0.00 0.00 0.00 0.00
0.000.00 0.00 0.00
dm-2 0.00 0.00 0.67 2774.84 2.80 11099.37
8.00 474.30 170.89 0.24 66.84
dm-3 0.00 0.00 0.67 2774.84 2.80 11099.37
8.00 474.30 170.89 0.24 66.84
What I observe, is that whenever sdb (home directory partition)
becomes loaded, sda (OS) often does as well. Why is this? I would
expect sda to generally be idle, or have minimal utilization.
According to both “free” and “vmstat”, this server is not swapping at
all.
At one point, our problems were due to a random user writing a huge
file to their home directory. We built a second server specifically
for people to use for writing large temporary files. Furthermore, for
all the dev servers, I used the following tc commands to rate limit
how quickly any one server can write to the home directory server (8
Mbps or 1 MB/s):
ETH_IFACE=$( route -n | grep "^0.0.0.0" | awk '{ print $8 }' )
IFACE_RATE=1000mbit
LIMIT_RATE=8mbit
TARGET_IP=1.2.3.4 # home directory server IP
tc qdisc add dev $ETH_IFACE root handle 1: htb default 1
tc class add dev $ETH_IFACE parent 1: classid 1:1 htb rate $IFACE_RATE
ceil $IFACE_RATE
tc class add dev $ETH_IFACE parent 1: classid 1:2 htb rate $LIMIT_RATE
ceil $LIMIT_RATE
tc filter add dev $ETH_IFACE parent 1: protocol ip prio 16 u32 match
ip dst $TARGET_IP flowid 1:2
The other interesting thing is that the second server I mentioned—the
one specifically designed for users to
Re: [CentOS] /tmp directory
Rudi Ahlers wrote:
Am 10.12.2012 um 11:22 schrieb John Doe:
> From: Jerry Geis
>
>
> You also have '/var/tmp' that is expected to survive reboots and should
> be less often (never?) cleared.
cat /etc/cron.daily/tmpwatch
flags=-umc
/usr/sbin/tmpwatch "$flags" -x /tmp/.X11-unix -x /tmp/.XIM-unix \
-x /tmp/.font-unix -x /tmp/.ICE-unix -x /tmp/.Test-unix \
-X '/tmp/hsperfdata_*' 240 /tmp
/usr/sbin/tmpwatch "$flags" 720 /var/tmp
for d in /var/{cache/man,catman}/{cat?,X11R6/cat?,local/cat?}; do
if [ -d "$d" ]; then
/usr/sbin/tmpwatch "$flags" -f 720 "$d"
fi
done
720 = 30 days
>>>
>>> what? you mean this dir called /var/tmp is actually for temporary
>>> stuff?? man, this system is seriously screwed up...
>
>
> What else do you use it for?
oh my, I didn't think it would be necessary but I really should have put
a smiley there... the limits of email I guess.
as Mark rightly surmised, yes it was an attempt at humor.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] home directory server performance issues
Matt Garman wrote: > I’m looking for advice and considerations on how to optimally setup > and deploy an NFS-based home directory server. In particular: (1) how > to determine hardware requirements, and (2) how to best setup and > configure the server. We actually have a system in place, but the > performance is pretty bad---the users often experience a fair amount > of lag (1--5 seconds) when doing anything on their home directories, > including an “ls” or writing a small text file. > > So now I’m trying to back-up and determine, is it simply a > configuration issue, or is the hardware inadequate? Without poring over your info, let me give you something that bit us here: our home directory servers are all 5.x (in this case, 5.8). Here's the reason: when we tried 6.x, if you were in an NFS-mounted directory, working from the same, or another NFS-mounted directory, it was *slow*. Unzipping a file that was about 120M or so took 6.5-7 *minutes*, as opposed to 1 min. After extensive testing (the numbers are still on our whiteboard here, from when I did it many months ago), it didn't seem to matter what the workstation was running, but it did matter what the NFS server was. You *can* solve it by changing from sync to async... if you're not worried about possible data loss or corruption. We do have to worry, since in some cases, our researchers might be dumping many gigs of data into their home directories from a job that's been running for days, and no one wants to rerun that. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] home directory server performance issues
On Mon, Dec 10, 2012 at 6:37 PM, Matt Garman wrote: > I’m looking for advice and considerations on how to optimally setup > and deploy an NFS-based home directory server. In particular: (1) how > to determine hardware requirements, and (2) how to best setup and > configure the server. We actually have a system in place, but the > performance is pretty bad---the users often experience a fair amount > of lag (1--5 seconds) when doing anything on their home directories, > including an “ls” or writing a small text file. I know this is the centos forum, however, if you are still in a testing fase, then I can recommend you try solaris derivatives like nexenta or omnios. The NFS server performance in linux is simple not the same as on those using the same hardware. You get too true acls (no posix, but nfsv4 acls, comparable to those in ntfs), deduplication, compression, and snapshots (ZFS!). Nexenta is free as in beer up to 18TB and has a great web interface, omnios is just free but you need to know how to use solaris. If you stay with the linux nfs servers, look into the io scheduler setting of the disks. I managed to double the performance of a proliant raid controller (don't remember which model, sorry) by changing the standard cfq to noop. Shortly after that I came across nexenta and moved all our NFS loads there. Later we got a netapp cluster, but the nexenta filers are still kicking around. -- groet, natxo ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] MD3000i iSCSI issue with V6.3
Hello, I've upgrade from V5.2 to V6.3 and I can not connect to my Dell MD3000i iSCSI configuration. After completing the "*iscsiadm -m discovery -t sendtargets -p"* and "service iscsi restart" commands the block devices are never created. I do see the generic (/dev/sgX) device as being attached but never see the block device (/dev/sdX). Any ideas? Thanks, Lou. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] SOS: Production VM not starting!
I am using a VM with CentOS 5.8 x86_64 under KVM. I only have console access to the VM through a virtual console (web based). Tonight, after a routine "yum update", I did a "shutdown -r now" due to kernel update and the VM won't start. See console screenshot vm1.png: https://vmail.noa.gr/files/vm1.png There is an error (which I haven't seen before): type=1404 audit (...): selinux=0 auid=... ses= ... (see vm1.png above) (The system cannot load even with the old kernel; the same error occurs.) Note that SElinux is disabled on this system. I booted in rescue mode, and auto mount was unsuccessful (see https://vmail.noa.gr/files/vm2.png). The log of the rescue process shows some error (see https://vmail.noa.gr/files/vm4.png) However, later I successfully mounted it using: mount -t ext3 /dev/vda3 /mnt/sysimage I then did a umount and: fsck.ext3 /dev/vda3 which found it clean (see https://vmail.noa.gr/files/vm3.png). What is wrong there? Can you please guide me on how to make it work again? This is a production ftp machine. Please help to revive. Thanks, Nick ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SOS: Production VM not starting!
2012/12/11 Nikolaos Milas : > I am using a VM with CentOS 5.8 x86_64 under KVM. I only have console > access to the VM through a virtual console (web based). > > Tonight, after a routine "yum update", I did a "shutdown -r now" due to > kernel update and the VM won't start. See console screenshot vm1.png: > > https://vmail.noa.gr/files/vm1.png > > There is an error (which I haven't seen before): > > type=1404 audit (...): selinux=0 auid=... ses= ... Is this really error? I > > (see vm1.png above) > > (The system cannot load even with the old kernel; the same error occurs.) > > Note that SElinux is disabled on this system. I booted in rescue mode, > and auto mount was unsuccessful (see maybe you need to disable selinux before trying to mount rescue environment? > https://vmail.noa.gr/files/vm2.png). The log of the rescue process shows > some error (see https://vmail.noa.gr/files/vm4.png) How about installing new vm and just copying files and settings to it? Can you boot this vm to single user mode ? -- Eero ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SOS: Production VM not starting!
On 11/12/2012 1:07 πμ, Eero Volotinen wrote: > > Is this really error? I Thanks for replying. Don't know, but it hangs there forever (at least it appears so - haven't waited more than half an hour, but it's already too much). > > maybe you need to disable selinux before trying to mount rescue environment? Hmm, selinux is already disabled. How can I adjust selinux settings in the rescue environment? > How about installing new vm and just copying files and settings to it? I would like to avoid it, if possible. I would still need to somehow make this one visible on the network, to be able to copy large data files. My next bet would be to restore from backup, but I would rather make the current VM work. > Can you boot this vm to single user mode ? No, it gets stuck at the same point as well. Any ideas why it keeps waiting forever at that point? Thanks, Nick ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SOS: Production VM not starting!
On 11/12/2012 1:24 πμ, Nikolaos Milas wrote: > Any ideas why it keeps waiting forever at that point? After having left it alone for an hour or so, I found it had booted successfully. Didn't find anything serious in /var/log/messages. I still wonder what caused that delay. So, red alarm is over. Regards, NIck ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] SIEM
Any recommendations on a SIEM system? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] trying to get the debug version of httpd so I can use it in conjunction with gdb.
I am trying to get the debug version of httpd so I can use it in conjunction with gdb. I am having a hard time getting them, and they don't seem to be in the standard epel-debuginfo repository. What should I do? > [root@buildbox-rhel6 ~]# debuginfo-install httpd Loaded plugins: fastestmirror, presto enabling epel-debuginfo Loading mirror speeds from cached hostfile epel-debuginfo/metalink | 8.3 kB 00:00 * base: mirrors.cicku.me * epel: mirrors.kernel.org * epel-debuginfo: mirrors.kernel.org * extras: mirrors.arpnetworks.com * updates: linux.mirrors.es.net epel-debuginfo | 3.1 kB 00:00 epel-debuginfo/primary_db | 487 kB 00:01 Checking for new repos for mirrors Could not find debuginfo for main pkg: httpd-2.2.15-15.el6.centos.1.x86_64 Could not find debuginfo pkg for dependency package apr-1.3.9-5.el6_2.x86_64 Could not find debuginfo pkg for dependency package apr-util-1.3.9-3.el6_0.1.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package db4-4.7.25-17.el6.x86_64 Could not find debuginfo pkg for dependency package expat-2.0.1-11.el6_2.x86_64 Could not find debuginfo pkg for dependency package openldap-2.4.23-26.el6_3.2.x86_64 Could not find debuginfo pkg for dependency package openldap-2.4.23-26.el6_3.2.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package pcre-7.8-4.el6.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package libselinux-2.0.94-5.3.el6.x86_64 Could not find debuginfo pkg for dependency package zlib-1.2.3-27.el6.x86_64 No debuginfo packages available to install ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SOS: Production VM not starting!
On 11.12.2012 02:01, Nikolaos Milas wrote: > On 11/12/2012 1:24 πμ, Nikolaos Milas wrote: > >> Any ideas why it keeps waiting forever at that point? > > After having left it alone for an hour or so, I found it had booted > successfully. Didn't find anything serious in /var/log/messages. I had a look at your sreenshot. Output stops at the moment init is taking over. I suspect that console output is going elsewhere, maybe to a serial console. That way it could well be that the machine is doing something but you just can not see it. My first bet would have been a fsck -- Kind Regards, Markus Falb signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SIEM
On Mon, Dec 10, 2012 at 08:10:57PM -0500, TFML wrote: > Any recommendations on a SIEM system? Free? Simple Event Correlator (SEC) is pretty powerful, but obviously has a pretty good learning curve and no GUI. If you have a lot of $$ to spend, ArcSight is probably the industry leader. Ray ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SIEM
Try anyone of these.. http://communities.alienvault.com/ http://www.cyberoam-iview.org/ On Tue, Dec 11, 2012 at 8:31 AM, Ray Van Dolson wrote: > ArcSi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /tmp directory
On 12/10/2012 06:01 PM, Rudi Ahlers wrote: > Probably. But I've seen people using /tmp to store rather important > stuff, which is why I asked the question - to get clarity. What is "important"? I keep a "yum list >/tmp/yum.lst" in /tmp. That's important to me, as I often search for packages. If the file is gone, I know it was too old, and I'll have to redo the yum list. Very practical, as yum list can take a while with additional repositories. Mogens -- Mogens Kjaer, m...@lemo.dk http://www.lemo.dk ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /tmp directory
Hi Mogens, > What is "important"? valid question. I would define 'important' or rather 'valuable' (in a material or non-material sense) in terms of reproducability. If it costs you (personal) time, effort or money to reproduce them, or if the data are irreprocible to reproduce and might be needed later on, /tmp and friends are the wrong place. In addition to that, normally /tmp is not a file system that would be backed up. No place for production data of any kind. > I keep a "yum list >/tmp/yum.lst" in /tmp. > > That's important to me, as I often search for packages. But it's easily reproducable with one command, even in cron. So it's not what I would call 'valuable data'. It's redundant, kind of a cache. By the way, what's wrong with 'yum search'? Too slow? Best regards, Peter. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] home directory server performance issues
On Mon, Dec 10, 2012 at 11:37:50AM -0600, Matt Garman wrote: > OS is CentOS 5.6, home directory partition is ext3, with options > “rw,data=journal,usrquota”. Is the data=journal option really wanted here? Did you try with the other journalling modes available? I also think you are missing the noatime option here. The wiki has some information about raid math and ext3 journalling modes: http://wiki.centos.org/HowTos/Disk_Optimization > At one point, our problems were due to a random user writing a huge > file to their home directory. This is the case in data=journal mode; the server has to write the data twice on disk. -- Nicolas ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
