Hi All,
Could anybody point me in the right direction for setting the kernel
parameter, max_stack_depth, to 10240 for database tuning?
I have currently set it by running 'ulimit -s 10240' but this does not
survive a reboot.
I've Googled plenty and can't find any solution,
thanks
Michael
Hi Thomas,
Could anybody point me in the right direction for setting the kernel
parameter, max_stack_depth, to 10240 for database tuning?
I have currently set it by running 'ulimit -s 10240' but this does not
survive a reboot.
Thanks for the response, I've been nosing around that file rece
Hi Jason,
On 14/08/15 16:45, Jason Warr wrote:
On Fri, 2015-08-14 at 16:31 +0100, Michael H wrote:
Hi Thomas,
Could anybody point me in the right direction for setting the kernel
parameter, max_stack_depth, to 10240 for database tuning?
I have currently set it by running 'ulimit -s
Just a quick addition -
On 17/08/15 08:40, Michael H wrote:
Hi Jason,
On 14/08/15 16:45, Jason Warr wrote:
On Fri, 2015-08-14 at 16:31 +0100, Michael H wrote:
Hi Thomas,
Could anybody point me in the right direction for setting the kernel
parameter, max_stack_depth, to 10240 for database
Hi All,
Could anybody point me in the right direction for setting the kernel
parameter, max_stack_depth, to 10240 for database tuning?
I have currently set it by running 'ulimit -s 10240' but this does not
survive a reboot.
Thanks for the response, I've been nosing around that file recently
Hi Gordon,
On 17/08/15 19:07, Gordon Messmer wrote:
On 08/17/2015 03:34 AM, Michael H wrote:
the [Service] section -
[Service]
LimitSTACK=12288
...
By the errors I will assume that it should be in the [Service] section.
I couldn't find confirmation of this online...
Yes, it belongs i
Hi List,
I'm tuning up a new database server and I'm finding very mixed
information online.
Here are the default shmmax and shmall from my new system
cat /proc/sys/kernel/shmmax
4294967295
cat /proc/sys/kernel/shmall
268435456
SHMALL is close enough to being SHMMAX / 16.
Now, everything I'
Hi All,
I've been tuning a server recently and just today this has started to
appear in my top/htop output.
[root@db1 ~]# ps -aux | grep kernel
root 1011 0.0 0.0 212048 4532 ? Ss 13:34 0:00 /usr/bin/abrt-watch-log -F
BUG: WARNING: at WARNING: CPU: INFO: possible recursive locking detected
er
Hi All,
I'm trying to disable USB storage devices in Centos7.1.1503.
I've setup udev rules to block all usb devices and then additional rules
to allow specific vendors / products to be used (mainly keyboards and
mice). This is all working perfectly.
cat /etc/udev/rules.d/01-usblockdown.rules
# B
Hi,
Posting this again as it has been drowned. can anybody assist?
--
Hi All,
I'm trying to disable USB storage devices in Centos7.1.1503.
I've setup udev rules to block all usb devices and then additional rules
to allow specific
On 10/12/15 10:02, Leon Fauster wrote:
> Am 10.12.2015 um 09:37 schrieb Michael H :
>>
>> I'm trying to disable USB storage devices in Centos7.1.1503.
>
> on EL6 we use:
>
> # cat /etc/modprobe.d/usb-disabled.conf
> install usb-storage /bin/
yum -y install x11vnc
x11vnc -display :0 -forever -bg
firewall-cmd --add-port=5900/tcp --permanent
You should look into VNC passwords, I use the above command in a shell
script for each user in ~/.kde/Autostart
I believe the viewer I'm using is krdc?
Michael
On 10/12/15 11:49, Hersh wrote:
>
Please read my entire post! I need to allow specific devices, I am
trying to combat PTP mounting. not completely disable all USB devices.
On 10/12/15 15:17, Wes James wrote:
>
>> On Dec 10, 2015, at 1:37 AM, Michael H wrote:
>>
>> Hi,
>> Posting this again as it ha
On 10/12/15 15:49, Leon Fauster wrote:
> Am 10.12.2015 um 11:11 schrieb Michael H :
>>
>>
>> On 10/12/15 10:02, Leon Fauster wrote:
>>> Am 10.12.2015 um 09:37 schrieb Michael H :
>>>>
>>>> I'm trying to disable USB storage devices in
Probably worth a read...
http://www.openssh.com/txt/release-7.1p2
> Important SSH patch coming soon. For now, everyone on all operating
> systems, please do the following:
>
> Add undocumented "UseRoaming no" to ssh_config or use "-oUseRoaming=no"
> to prevent upcoming #openssh client bug CVE-20
On 29/01/16 16:35, reynie...@gmail.com wrote:
> I have Apache/2.4.6 installed in a minimal CentOS 7 VM. I am trying to
> access the default page when Apache is installed by accessing the CentOS IP
> as http://192.168.3.130 (is a host only interface) but I got "This webpage
> is not available: ERR_C
On 29/01/16 16:45, reynie...@gmail.com wrote:
> On Fri, Jan 29, 2016 at 11:41 AM, Michael H wrote:
>
>> setsebool -P httpd_can_network_connect on
>> firewall-cmd --add-service=http --permanent
>>
>
> I have ran those two and still can't access. I have rest
On 29/01/16 16:52, reynie...@gmail.com wrote:
> On Fri, Jan 29, 2016 at 11:48 AM, Michael H wrote:
>
>> Selinux has been around for a while.
>>
>
> Yes, I know this but ...
>
>
>>
>> setsebool - set selinux boolean
>>
>
> What I am ask
On 17/02/16 13:01, Johnny Hughes wrote:
> I normally just let the daily announce post to this list show what
> is available for updates, but there is a CVE (CVE-2015-7547) that
> needs a bit more attention which will be on today's announce list
> of updates.
>
> We released a new glibc yesterday f
> The easy answer is yes .. glibc requires so many things to be restarted,
> that is the best bet. Or certainly the easiest.
>
> Note: in CentOS 7, there is also a kernel update which is rated as
> Important .. so you should boot to that anyway:
> https://lists.centos.org/pipermail/centos-announc
Hi, re-posting this with a more appropriate subject for my reply;
> The easy answer is yes .. glibc requires so many things to be restarted,
> that is the best bet. Or certainly the easiest.
>
> Note: in CentOS 7, there is also a kernel update which is rated as
> Important .. so you should boot
On 17/02/16 14:32, Michael H wrote:
> Hi, re-posting this with a more appropriate subject for my reply;
>
>> The easy answer is yes .. glibc requires so many things to be restarted,
>> that is the best bet. Or certainly the easiest.
>>
>> Note: in CentOS 7, there is
On 17/02/16 14:39, Johnny Hughes wrote:
> On 02/17/2016 08:10 AM, Michael H wrote:
>>> The easy answer is yes .. glibc requires so many things to be
>>> restarted, that is the best bet. Or certainly the easiest.
>>>
>>> Note: in CentOS 7, there is als
On 17/02/16 14:44, Johnny Hughes wrote:
> On 02/17/2016 08:39 AM, Johnny Hughes wrote:
>> On 02/17/2016 08:10 AM, Michael H wrote:
>>>> The easy answer is yes .. glibc requires so many things to be restarted,
>>>> that is the best bet. Or certainly the easiest.
&
> Should my output from ulimit -a not correspond to my sysctl.conf
> parameters?
>
> This server was tested heavily and rebooted tens of times before it
> moved into production, I can't understand what has changed other than
> now I get inconsistent output from
>
> sysctl -a and ulimit -a. I am q
Hi All,
I had my database fall over earlier, Initially I thought it was due to a
change in the OS but the postgresql update overwrote my systemd service
file.
How can I create a file for my postgresql service that will not be
overwritten when updates are applied?
Am I correct in thinking it will
On 17/02/16 19:55, John R Pierce wrote:
> On 2/17/2016 6:39 AM, Michael H wrote:
>> Some additional information;
>>
>> sysctl -a | grep kernel.shm
>> kernel.shmall = 8650752
>> kernel.shmmax = 35433480192
>> kernel.shmmni = 4096
>>
>> which
On 10/03/16 14:47, Leonardo Oliveira Ortiz wrote:
> Hello.
>
> I think Centos are affected, right?
>
> Some update from Centos?
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>
Sure looks that way...
Hi List,
[root@mail1 ~]# systemctl enable httpd
Failed to execute operation: Invalid argument
I can disable and re-enable other services without issue, I'm also
seeing the same error when I run
[root@mail1 ~]# systemctl enable mailman
Failed to execute operation: Invalid argument
Any suggestion
On 28/04/16 13:29, Michael H wrote:
> Hi List,
>
> [root@mail1 ~]# systemctl enable httpd
> Failed to execute operation: Invalid argument
>
> I can disable and re-enable other services without issue, I'm also
> seeing the same error when I run
>
> [root@ma
On 17/06/16 15:46, James B. Byrne wrote:
>
> On Thu, June 16, 2016 13:53, Walter H. wrote:
>> On 15.06.2016 16:17, Warren Young wrote:
>>> but it also affects the other public CAs: you can’t get a
>>> publicly-trusted cert for a machine without a publicly-recognized
>>> and -visible domain name
Hi List,
I have several workstations all with exactly the same OS versions,
kernels + yum versions;
CentOS Linux release 7.2.1511 (Core)
kernel.x86_64 3.10.0-327.28.3.el7
yum.noarch 3.4.3-132.el7.centos.0.1
running a 'yum history list' command produces different outputs on
On 12/09/16 13:05, Michael H wrote:
> Hi List,
>
> I have several workstations all with exactly the same OS versions,
> kernels + yum versions;
>
> CentOS Linux release 7.2.1511 (Core)
> kernel.x86_64 3.10.0-327.28.3.el7
> yum.noarch 3.4.3-132.el7.c
hout tunneling.
But, IPsec is a tunnel. At least is has a "tunnel mode" (and I advise
against transport mode in any case).
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
t directory of one server to another over internet. I was
> >>> looking to NFS4, but there are no security mechanisms. I need
> >>> encrypted connection using private key (something like SFTP).
> >>>
> >>> Or - if there is in CentOS repo (or EPEL) package,
messages to the console.
> Thanks for any hint or help.
>
>
> Dirk
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | [EMAIL PROTECTED]
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes
On Mon, 2008-10-20 at 12:51 +0200, Sorin Srbu wrote:
> Michael H. Warfield <> scribbled on Friday, October 17, 2008 4:45 PM:
>
> > setterm --msg off
> >
> > man setterm:
> >
> >-msg [on|off] (virtual consoles only)
> >
l look into this again. Thx.
> >
> > I have the following in my /etc/sysctl.conf file;
> >
> > # Stop logging to console
> > kernel.printk = 3 4 1 7
> The setterm-command I tried yesterday didn't work. I'll give your setting a
> go.
Make sure you
call my script .arin
>
> .arin 64.64.64.64
>
> produces a normal output.
>
>
>
> Paul.
>
> _______
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
--
Michael H. Warfie
lemented if at all possible.
Routing issues and BCP38 aside, you really should separate your
authoritative an recursive name servers if at all possible.
https://isc.sans.edu/diary/Where+Were+You+During+the+Great+DDoS
+Cybergeddon+of+2013+/15496
http://news.cnet.com/8301-1009_3-57576947-83/how-
On Mon, 2013-04-01 at 11:17 -0700, John R Pierce wrote:
> On 4/1/2013 6:11 AM, Michael H. Warfield wrote:
> > it's also very important to implement BCP (Best Common Practice) 38.
> > BCP 38 recommends router egress filtering. That is, you only route out
> > what will rou
I am not sounding alarms.
> I'm just trying to get a sense of where this is happening.
> And is there a reliable source of information.
> Much thanks
> Max Pyziur
> p...@brama.com
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com
/\/\|=mh
ecommendations on
what you really should chose (generally a random number for
fdxx::::/48 before your SLA). Since you've got 2 routers,
you'll need three network prefixes, which I see you have. Generally,
you'll want to manipulate that fourth field as your SLA (Site Local
Addr
Slight Clarification on v6 addressing...
On Thu, 2013-04-11 at 15:38 -0400, Michael H. Warfield wrote:
> Those may be routed between your machines but may not be routed on the
> global net either as a source or destination address. Your machines
> should also be given "link lo
On Fri, 2013-04-12 at 09:28 +0800, Jaze Lee wrote:
> 2013/4/12 Michael H. Warfield
>
> > Hello,
> >
> > I may be totally off base here but...
> >
> > On Thu, 2013-04-11 at 18:06 +0800, Jaze Lee wrote:
> > > hello,
> > >i met a problem
On Fri, 2013-04-12 at 11:38 +0800, Jaze Lee wrote:
> 2013/4/12 Michael H. Warfield
Big snip...
> > You are, none the less, not suppose to use addresses in that block for
> > ANYTHING. The fc00::/7 block is intended for what you want to do. Even
> > if they happen
rte & Lyne Limited http://www.harte-lyne.ca
> 9 Brockley Drive vox: +1 905 561 1241
> Hamilton, Ontario fax: +1 905 561 0757
> Canada L8E 3C3
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com
/\/\|=mhw=|\/\/ |
1 dev eth0
>
>
> Note that the "from 10.0.0.0/29" clause is missing. With the addition of
> a second default route on my firewall/gateway without any restriction on
> which traffic should go that way, my whole network, of course, tanks.
>
> I'm surpri
On Wed, 2013-05-01 at 17:52 -0400, Michael Mol wrote:
> On 05/01/2013 05:15 PM, Michael H. Warfield wrote:
> > On Wed, 2013-05-01 at 16:05 -0400, Michael Mol wrote:
> >> I'm attempting to configure source-specific routing so that my servers
> >> can exist on multipl
dule (tamperproofed so if its unplugged, it erases) on most
> server motherboards, you initialize it with your OWN security keys if
> you want to use it, Microsoft has nothing to do with it. TPM has been
> around since 2006 or earlier.
>
>
>
>
> --
> john
ce), which is NOT support by Remmina.
Someone told me that Spice was only usable for host to VM remote
desktops but, the last I heard, it looks like it's approaching a general
purpose remote desktop that can outperform NX. But it's really hard to
beat NX.
> --
> Les Mike
51 matches
Mail list logo
