Download of the day: Linux Kernel 2.6.28

last updated in Categories Download of the day, kernel, Linux

Linux kernel version 2.6.28 has been released and available for download. The new version includes following stable and new features:

a] ext4 file system – The ext4 filesystem can support volumes with sizes up to 1 exbibyte and files with sizes up to 16 TiB. ext4 removes ext3 64-bit storage limits and adds other performance improvements.

b] Graphics Execution Manager (GEM) – It is a a modern memory manager specialized for use in device drivers for graphics chipsets. It manages graphics memory, controls the execution context and manages the Non-Uniform Memory Access (NUMA) environment on modern graphics chipsets. The “xf86-video-intel” device driver will feature GEM integration.

c] Other features – Stable USB drivers, KVM, bug fixes and other stuff.

=> Download Linux kernel 2.6.28 here. You may also find our kernel compile tutorial useful.

How To Patch Running Linux Kernel Source Tree

last updated in Categories Howto, Linux, Linux distribution, RedHat/Fedora Linux, Security, Sys admin, Tips

Yesterday, I wrote about a serious Linux kernel bug and fix. However, few readers like to know about patching running Linux kernel. Patching production kernel is a risky business. Following procedure will help you to fix the problem.

Step # 1: Make sure your product is affected

First find out if your product is affected by reported exploit. For example, vmsplice() but only affects RHEL 5.x but RHEL 4.x,3.x, and 2.1.x are not affected at all. You can always obtain this information by visiting vendors bug reporting system called bugzilla. Also make sure bug affects your architectures. For example, a bug may only affect 64 bit or 32 bit platform.

Step # 2: Apply patch

You better apply and test patch in a test environment. Please note that some vendors such as Redhat and Suse modifies or backports kernel. So it is good idea to apply patch to their kernel source code tree. Otherwise you can always grab and apply patch to latest kernel version.

Step # 3: How do I apply kernel patch?

WARNING! These instructions require having the skills of a sysadmin. Personally, I avoid recompiling any kernel unless absolutely necessary. Most our production boxes (over 1400+) are powered by mix of RHEL 4 and 5. Wrong kernel option can disable hardware or may not boot system at all. If you don’t understand the internal kernel dependencies don’t try this on a production box.

Change directory to your kernel source code:
# cd linux-2.6.xx.yy
Download and save patch file as fix.vmsplice.exploit.patch:
# cat fix.vmsplice.exploit.patch
Output:

--- a/fs/splice.c
+++ b/fs/splice.c
@@ -1234,7 +1234,7 @@ static int get_iovec_page_array(const struct iovec __user *iov,
                if (unlikely(!len))
                        break;
                error = -EFAULT;
-               if (unlikely(!base))
+               if (!access_ok(VERIFY_READ, base, len))
                        break;

                /*

Now apply patch using patch command, enter:
# patch < fix.vmsplice.exploit.patch -p1
Now recompile and install Linux kernel.

I hope this quick and dirty guide will save someones time. On a related note Erek has unofficial patched RPMs for CentOS / RHEL distros.

Redhat Enterprise Linux securely mount remote Linux / UNIX directory or file system using SSHFS

last updated in Categories Backup, CentOS, File system, Howto, Linux, RedHat/Fedora Linux, Security, Sys admin, Tips

You can easily mount remote server file system or your own home directory using special sshfs and fuse tools.

FUSE – Filesystem in Userspace

FUSE is a Linux kernel module also available for FreeBSD, OpenSolaris and Mac OS X that allows non-privileged users to create their own file systems without the need to write any kernel code. This is achieved by running the file system code in user space, while the FUSE module only provides a “bridge” to the actual kernel interfaces. FUSE was officially merged into the mainstream Linux kernel tree in kernel version 2.6.14.

You need to use SSHFS to access to a remote filesystem through SSH or even you can use Gmail account to store files.

Following instructions are tested on CentOS, Fedora Core and RHEL 4/5 only. But instructions should work with any other Linux distro without a problem.

Step # 1: Download and Install FUSE

Visit fuse home page and download latest source code tar ball. Use wget command to download fuse package:
# wget http://superb-west.dl.sourceforge.net/sourceforge/fuse/fuse-2.6.5.tar.gz
Untar source code:
# tar -zxvf fuse-2.6.5.tar.gz
Compile and Install fuse:
# cd fuse-2.6.5
# ./configure
# make
# make install

Step # 2: Configure Fuse shared libraries loading

You need to configure dynamic linker run time bindings using ldconfig command so that sshfs command can load shared libraries such as libfuse.so.2:
# vi /etc/ld.so.conf.d/fuse.conf
Append following path:
/usr/local/lib
Run ldconfig:
# ldconfig

Step # 3: Install sshfs

Now fuse is loaded and ready to use. Now you need sshfs to access and mount file system using ssh. Visit sshfs home page and download latest source code tar ball. Use wget command to download fuse package:
# wget http://easynews.dl.sourceforge.net/sourceforge/fuse/sshfs-fuse-1.7.tar.gz
Untar source code:
# tar -zxvf sshfs-fuse-1.7.tar.gz
Compile and Install fuse:
# cd sshfs-fuse-1.7
# ./configure
# make
# make install

Mounting your remote filesystem

Now you have working setup, all you need to do is mount a filesystem under Linux. First create a mount point:
# mkdir /mnt/remote
Now mount a remote server filesystem using sshfs command:
# sshfs vivek@rock.nixcraft.in: /mnt/remote
Where,

  • sshfs : SSHFS is a command name
  • vivek@rock.nixcraft.in: – vivek is ssh username and rock.nixcraft.in is my remote ssh server.
  • /mnt/remote : a local mount point

When promoted supply vivek (ssh user) password. Make sure you replace username and hostname as per your requirements.

Now you can access your filesystem securely using Internet or your LAN/WAN:
# cd /mnt/remote
# ls
# cp -a /ftpdata . &

To unmount file system just type:
# fusermount -u /mnt/remote
or
# umount /mnt/remote

Further readings:

nixCraft FAQ Roundup May 06, 2007

last updated in Categories FAQ

Recently updated/posted Linux and UNIX FAQ (mostly useful to Linux/UNIX new administrators or users) :

Enjoy!

How do I forcefully unmount a Linux disk partition?

last updated in Categories CentOS, Data recovery, Debian Linux, File system, Linux, RedHat/Fedora Linux, Security, Storage, Suse Linux, Sys admin, Troubleshooting, Ubuntu Linux

Sometimes you try to unmount a disk partition or mounted CD/DVD disk or device, which is accessed by other users, then you will get an error umount: /xxx: device is busy. However, Linux or FreeBSD comes with the fuser command to kill forcefully mounted partition. For example, you can kill all processes accessing the file system mounted at /nas01 using the fuser command.

Understanding device error busy error

Linux / UNIX will not allow you to unmount a device that is busy. There are many reasons for this (such as program accessing partition or open file) , but the most important one is to prevent the data loss. Try the following command to find out what processes have activities on the device/partition. If your device name is /dev/sdb1, enter the following command as root user:
# lsof | grep '/dev/sda1'
Output:

vi 4453       vivek    3u      BLK        8,1                 8167 /dev/sda1

Above output tells that user vivek has a vi process running that is using /dev/sda1. All you have to do is stop vi process and run umount again. As soon as that program terminates its task, the device will no longer be busy and you can unmount it with the following command:
# umount /dev/sda1

How do I list the users on the file-system /nas01/?

Type the following command:
# fuser -u /nas01/
# fuser -u /var/www/

Sample outputs:

/var/www:             3781rc(root)  3782rc(nginx)  3783rc(nginx)  3784rc(nginx)  3785rc(nginx)  3786rc(nginx)  3787rc(nginx)  3788rc(nginx)  3789rc(nginx)  3790rc(nginx)  3791rc(nginx)  3792rc(nginx)  3793rc(nginx)  3794rc(nginx)  3795rc(nginx)  3796rc(nginx)  3797rc(nginx)  3798rc(nginx)  3800rc(nginx)  3801rc(nginx)  3802rc(nginx)  3803rc(nginx)  3804rc(nginx)  3805rc(nginx)  3807rc(nginx)  3808rc(nginx)  3809rc(nginx)  3810rc(nginx)  3811rc(nginx)  3812rc(nginx)  3813rc(nginx)  3815rc(nginx)  3816rc(nginx)  3817rc(nginx)

The following discussion allows you to unmout device and partition forcefully using mount or fuser Linux commands.

Linux fuser command to forcefully unmount a disk partition

Suppose you have /dev/sda1 mounted on /mnt directory then you can use fuser command as follows:

WARNING! These examples may result into data loss if not executed properly (see “Understanding device error busy error” for more information).

Type the command to unmount /mnt forcefully:
# fuser -km /mnt
Where,

  • -k : Kill processes accessing the file.
  • -m : Name specifies a file on a mounted file system or a block device that is mounted. In above example you are using /mnt

Linux umount command to unmount a disk partition.

You can also try the umount command with –l option on a Linux based system:
# umount -l /mnt
Where,

  • -l : Also known as Lazy unmount. Detach the filesystem from the filesystem hierarchy now, and cleanup all references to the filesystem as soon as it is not busy anymore. This option works with kernel version 2.4.11+ and above only.

If you would like to unmount a NFS mount point then try following command:
# umount -f /mnt
Where,

  • -f: Force unmount in case of an unreachable NFS system

Please note that using these commands or options can cause data loss for open files; programs which access files after the file system has been unmounted will get an error.

See also:

How to compile and install Linux Kernel 4.19.1 from source code

last updated in Categories CentOS, Debian Linux, GNU/Open source, Howto, Linux

Compiling a custom kernel has its advantages and disadvantages. However, new Linux user/admin find it difficult to compile Linux kernel. Compiling kernel needs to understand few things and then type a couple of commands. This step by step howto covers compiling Linux kernel version 4.19.xx under an Ubuntu or Debian Linux. The following instructions successfully tested on an RHEL 7/CentOS 7 (and clones), Debian Linux, Ubuntu Linux and Fedora Linux 28. However, instructions remain the same for any other Linux distribution.