Linux: Monitor Hard Disks Temperature With hddtemp

Posted on in Categories CentOS, Debian Linux, Hardware, Howto, Linux, Monitoring, RedHat/Fedora Linux, Suse Linux, Tips, Troubleshooting, Tuning, Ubuntu Linux last updated June 25, 2017

There is a nice utility to monitor hard drive temperature. Most modern x86 computer hard disk comes with S.M.A.R.T (Self-Monitoring, Analysis, and Reporting Technology). It is a monitoring system for computer hard disks to detect and report on various indicators of reliability, in the hope of anticipating failures.

Force BIND DNS Server to take full advantage of Dual Core Multiple Intel / AMD Cpu

Posted on in Categories CentOS, Debian Linux, Gentoo Linux, Howto, Linux, RedHat/Fedora Linux, Sys admin, Tips, Troubleshooting, Tuning, Ubuntu Linux, UNIX last updated September 7, 2007

One of my client runs dedicated NS1 and NS2 to host more than 3000+ domains. Recently they upgraded their servers to latest Dual Core Dual AMD server with CentOS 5.0 and BIND server.

By default BIND / named will try to determine the number of CPUs present and create one thread per CPU. If it is unable to determine the number of CPUs, a single worker thread will be created. However due to some reason the BIND server failed to automatically utilize all of the system’s available CPUs. So how do you force DNS Server to take advantage of multiple CPUs under CentOS Linux?

After a little investigation, named man page pointed out me in right direction ~ -n #CPU option, which creates #cpus worker threads to take advantage of multiple CPUs.

Force BIND DNS Server to take advantage of multiple CPUs

In order to enable multiple CPU open /etc/sysconfig/named file under CentOS / RHEL / Fedora Linux:
# vi /etc/sysconfig/named
To force bind to take advantage of 4 CPUs, add / modify as follows:
OPTIONS="-n 4"
Save and close the file. Restart named service:
# /etc/init.d/named restart

A note about Debian / Ubuntu Linux user

If you are a Debian / Ubuntu Linux modify /etc/defaults/bind9 file:
$ sudo vi /etc/defaults/bind9
Append config line:
OPTIONS="-n 4"
Please note append -n 4 to the end of other options (if any), for example:
OPTIONS="-4 -6 -n 4"
Save and close the file. Restart BIND server:
$ sudo /etc/init.d/bind9 restart

More more information read named man page.

Howto: Redhat Enterprise Linux SELinux policy guide

Posted on in Categories CentOS, Howto, Linux, Linux distribution, RedHat/Fedora Linux, Security, Sys admin, Troubleshooting, Tuning last updated August 22, 2007

Security-Enhanced Linux (SELinux) is a Linux mandatory access controls, through the use of Linux Security Modules (LSM) in the Linux kernel. SELinux is enabled by default in RHEL 5 / CentOS 5 / Fedora etc. But many admin disabled it due to troubles and hard configuration options. So if you are afraid of SELinux, try new GUI tools to customizing your system’s protection by creating new policy modules is easier than ever. In this article, Dan Walsh gently walks you through the policy module creation process:

A lot of people think that building a new SELinux policy is magic, but magic tricks never seem quite as difficult once you know how they’re done. This article explains how I build a policy module and gives you the step-by-step process for using the tools to build your own.

=> A step-by-step guide to building a new SELinux policy module

Howto Use SSH To Run Command On A Remote Machine

Posted on in Categories Automation, CentOS, Debian Linux, FreeBSD, Gentoo Linux, High performance computing, Howto, Linux, Shell scripting, Sys admin, Tuning, Ubuntu Linux, UNIX last updated August 17, 2007

This article examined a simple, but powerful, method to run commands on a remote machine using combination of ssh and a shell script:

Use Secure Shell (SSH) to run commands on remote UNIX systems and, with some simple scripts, put together a system that enables you to manage many systems simultaneously from one machine without having to log in directly to the machines themselves. Also examine the basics of a distributed management system and some scripts and solutions using the technique.

I have already covered how to execute commands on multiple Linux or UNIX servers via a shell script. The disadvantage of shell script is commands do not run in parallel on all servers. However, several tools exist to automate this procedure in parallel. With the help of tool called tentakel (highly recommended) , you run distributed command execution. Also, you can execute commands on multiple Linux or UNIX servers using special tools such as multixterm from expect project.

=> Distributed administration using SSH

Lighttpd block wget useragent for specific urls

Posted on in Categories Ask nixCraft, lighttpd, Linux, Security, Tips, Tuning, UNIX last updated August 12, 2007

One of regular reader asks a question:

My website powered by Lighttpd web server. I’d like to block Wget useragent for entire my domain.com site except for /downloads/ url section. How do I configure lighttpd?

You need to use $HTTP filed useragent and url combination. Just open your lighttpd.conf file and append code as follows.

Lighttpd block useragent wget configuration

# vi /etc/lighttpd/lighttpd.conf
Append config directive as follows:

$HTTP["useragent"] =~ "Wget" {
        $HTTP["url"] !~ "^/download($|/)" {
                url.access-deny = ( "" )
        }
  }

Where,

  • $HTTP[“useragent”] : Match on useragent i.e. Wget
  • $HTTP[“url”] : Match on url section such as /download/*. If there are nested blocks, this must be the most inner block.
  • =~ : Perl style regular expression match
  • !~ : Perl style regular expression not match

Just restart the webserver, enter:
# /etc/init.d/lighttpd restart

Now user can run wget on http://domain.com/download/* urls but not on http://domain.com/file.html or http://domain.com/dir/file

AIX UNIX: File auditing to track reads and writes changes

Posted on in Categories Monitoring, Security, Sys admin, Troubleshooting, Tuning, UNIX last updated August 12, 2007

I’ve already writing about Linux file auditing to track who made changes to a file. In this article, you will learn how to track several events on AIX with auditing, a major feature of AIX security, and learn how to use auditing to keep track of the read and write operations on a file. Also examine commands, such as ls or istat, to check a file’s time stamp:

AIX UNIX provides easy ways to track the last time a file was accessed. The ls command is one example. But sometimes you want to know who, or which process, accessed the file. You might need such information for debugging or keeping track of important files. You can track information related to read and write operations on a file with the help of auditing.

In AIX, auditing systems are intended to record security-related information and to alert administrators about security breaches. You can customize the configuration and objects files, which are used by the auditing subsystem to keep track of any file you want. You can also use the real-time monitoring feature of auditing to keep track of some processes and files that are being modified randomly by unidentified processes.

AIX File Auditing Howto

MySQL Proxy Load balancing and Failover Tutorial

Posted on in Categories CentOS, Debian Linux, Download of the day, High performance computing, Howto, Linux, Monitoring, MySQL, RedHat/Fedora Linux, Suse Linux, Tuning, Ubuntu Linux, UNIX last updated August 10, 2007

MySQL Proxy is a simple and new program that sits between your client and MySQL server(s) that can monitor, analyze or transform their communication. Its flexibility allows for a wide variety of use cases, including:
a) Load balancing
b) Failover
c) Query analysis
d) Query filtering and modification
e) and many more…

MySQL Proxy tutorial

Oreilly has published a nice tutorial using MySQL proxy application:

MySQL Proxy is a lightweight binary application standing between one or more MySQL clients and a server. The clients connect to the Proxy with the usual credentials, instead of connecting to the server. The Proxy acts as man-in-the-middle between client and server.

In its basic form, the Proxy is just a redirector. It gets an empty bucket from the client (a query), takes it to the server, fills the bucket with data, and passes it back to the client.

If that were all, the Proxy would just be useless overhead. There is a little more I haven’t told you yet. The Proxy ships with an embedded Lua interpreter. Using Lua, you can define what to do with a query or a result set before the Proxy passes them along.

MySQL Proxy Load balancing and Failover Tutorial - Logo

Download MySQL proxy

You can download MySQL proxy here