|
Softpanorama
(slightly skeptical)
Open Source Software Educational Society |
May the
source be with you,
but remember the KISS principle ;-)
|
Novell OpenSUSE and Enterprise Edition
I know that suesse means sweet in German,
but the name is just abbreviation. It is one of two major enterprise
version of Linux which can run of cheap but high quality
Intel-based hardware provided by Dell and HP.
In a sense that makes it sweet. Also we cannot deny that graphically Suse 10 is very appealing. But appearance is deceptive and
inside it is a pretty complicated and capricious monster with a lot of non-server component
present on the server and some Novell products that are included just because of
previous stupid acquisitions (Red Carpet, etc). According to Novell there will
be a JeOS version of Suse (See press-release
Novell Announces SUSE Appliance Program and
LimeJeos - openSUSE) .
Novell is one of the few linux vendors that
provides manuals which try to help users beyond installing the product. The following
manuals are available for OpenSuse 10.2 (OpenSuse manuals are different then
SLES):
The online versions of the manuals are updated regularly, even after your version
of the distribution is current, so check for updates at least a couple times a year
to be sure you have the latest version.
Like with Red Hat registration process is horrible. In
the initial version of Suse 10 the registration software that comes on CD/DVD was
seriously buggy. Quality of Suse 10 was dramatically improved after
SP1 so using Suse 10 without SP1 or SP2 (currently in beta) is not recommended.
SUSE Linux Enterprise patching is difficult to configure but after configuration
works more or less OK.
SUSE Linux Enterprise can work with Microsoft Active Directory but I did not
check that.
SUSE Linux Enterprise includes
Novell AppArmor
application-level security which is vastly superior to Red Hat solution based on
SE-linux. AppArmore works by enforcing of a set of application-based file permissions
(which is a pretty elegant idea). Because each application can have different
set of permissions such a system tremendously helps to protect
against typical attacks as assumptions about system file permissions used by the
attacker became invalid. The latter alone makes
it much more difficult to explore application flaws as well as packaging flaws.
Many network application security solutions never meet the purposes for which
they were designed because they are too complex or require too much maintenance. AppArmor, on the other hand, is designed to get you started quickly with minimal
investment in time and resources. Its name-based access-control method does
not require relabeling of the file system as other methods do, and applications
don't have to be modified to benefit from AppArmor protection. In addition,
the default configuration of AppArmor includes a number of predefined profiles
for common Linux programs like Web, e-mail and remote-login servers that can
be deployed immediately. Security profiles for custom or third-party applications
can be developed using the included wizard-based tools, which also make policy
updates simple as your environment change.
SUSE Linux Enterprise includes AutoYast, a tool similar to Jumpstart in Solaris
and Kickstart in Red Hat. It can help to deploy a custom configuration across multiple
machines. Documentation for AutoYast is weak and inconsistent. Even Yast documentation
is not that good probably because this is a moving target.
OpenSuse is essentially an open beta of enterprise desktop. It is adequate as
pilot/experimentation OS and does not require a Novell license. Free security patches
are provided for two years which is a serious advantage over Fedora. You can
configure automatic patching or download patches manually from
http://download.suse.com/update/10.2/ See also
Package Repositories - OpenSuse
YAST2 is dual purpose software.
It is simultaneously GUI installer and configuration tool. As a configuration tool
it looks superficially similar to Microsoft control Panel: a single application
that supposedly can help to configure almost any aspect of the system, including
such things as software installation, services configuration, sharing files or configuring
the external devices.
When it works it's OK (and actually hardware detection is really good -- no complain
here -- and this really matters). Interface (not mix with functionality) is another
story and it can be better. But when it does not the quality of diagnostics is sometimes
problematic. In a few cases is can be misleading. My recommendation would be to
try command line version of YAST which sometimes provides more helpful diagnostics.
There is also a X-Window configuration tool — SaX2. It gives ability to choose
graphic card, set resolution, color depth etc. Please note that Suse sometimes
set refresh rate for monitors too high.
Kernel v2.6.9 /Documentation/filesystems/ext3.txt
2.6.9
Documentation
filesystems
ext3.txt
diff -Nru a/Documentation/filesystems/ext3.txt b/Documentation/filesystems/ext3.txt
--- a/Documentation/filesystems/ext3.txt 2004-10-18 14:56:28 -07:00
+++ b/Documentation/filesystems/ext3.txt 2004-10-18 14:56:28 -07:00
@@ -22,6 +22,63 @@
the inode which will represent the ext3 file
system's journal file.
+noload Don't load the journal on mounting.
+
+data=journal All data are committed into the journal prior
+ to being written into the main file system.
+
+data=ordered (*) All data are forced directly out to the main file
+ system prior to its metadata being committed to
+ the journal.
+
+data=writeback Data ordering is not preserved, data may be
+ written into the main file system after its
+ metadata has been committed to the journal.
+
+commit=nrsec (*) Ext3 can be told to sync all its data and metadata
+ every 'nrsec' seconds. The default value is 5 seconds.
+ This means that if you lose your power, you will lose,
+ as much, the latest 5 seconds of work (your filesystem
+ will not be damaged though, thanks to journaling). This
+ default value (or any low value) will hurt performance,
+ but it's good for data-safety. Setting it to 0 will
+ have the same effect than leaving the default 5 sec.
+ Setting it to very large values will improve
+ performance.
+
+barrier=1 This enables/disables barriers. barrier=0 disables it,
+ barrier=1 enables it.
+
+orlov (*) This enables the new Orlov block allocator. It's enabled
+ by default.
+
+oldalloc This disables the Orlov block allocator and enables the
+ old block allocator. Orlov should have better performance,
+ we'd like to get some feedback if it's the contrary for
+ you.
+
+user_xattr (*) Enables POSIX Extended Attributes. It's enabled by
+ default, however you need to confifure its support
+ (CONFIG_EXT3_FS_XATTR). This is neccesary if you want
+ to use POSIX Acces Control Lists support. You can visit
+ http://acl.bestbits.at to know more about POSIX Extended
+ attributes.
+
+nouser_xattr Disables POSIX Extended Attributes.
+
+acl (*) Enables POSIX Access Control Lists support. This is
+ enabled by default, however you need to configure
+ its support (CONFIG_EXT3_FS_POSIX_ACL). If you want
+ to know more about ACLs visit http://acl.bestbits.at
+
+noacl This option disables POSIX Access Control List support.
+
+reservation
+
+noreservation
+
+resize=
+
bsddf (*) Make 'df' act like BSD.
minixdf Make 'df' act like Minix.
@@ -30,8 +87,6 @@
debug Extra debugging information is sent to syslog.
-noload Don't load the journal on mounting.
-
errors=remount-ro(*) Remount the filesystem read-only on an error.
errors=continue Keep going on a filesystem error.
errors=panic Panic and halt the machine if an error occurs.
@@ -48,17 +103,6 @@
sb=n Use alternate superblock at this location.
-data=journal All data are committed into the journal prior
- to being written into the main file system.
-
-data=ordered (*) All data are forced directly out to the main file
- system prior to its metadata being committed to
- the journal.
-
-data=writeback Data ordering is not preserved, data may be
- written into the main file system after its
- metadata has been committed to the journal.
-
quota Quota options are currently silently ignored.
noquota (see fs/ext3/super.c, line 594)
grpquota
@@ -114,7 +158,7 @@
-------------
Ext2 partitions can be easily convert to ext3, with `tune2fs -j <dev>`.
- Ext3 is fully compatible with Ext2. Ext3 partitions can easily be
+Ext3 is fully compatible with Ext2. Ext3 partitions can easily be
mounted as Ext2.
External Tools
"Barriers do provide a greater degree of performance for journaling file
systems and help ensure data is correctly written out to the disk so this patch
can degrade filesystem performance. " So disabling them due to the bug described
in Novell support note 3605538
Ext3 filesystem goes read-only without the underlying
storage reporting errors can degrade performance
This document (3907838) is provided
subject to the disclaimer at the end
of this document.
environment
Novell SUSE Linux Enterprise
Server 10
Novell SUSE Linux Enterprise Server 9
Novell Open Enterprise Server (Linux based)
Novell SUSE Linux Enterprise Desktop 10
situation
ERROR:
JBD: barrier-based sync
failed on sda1 - disabling barriers"
or, in general:
JBD: barrier-based sync
failed on storage_device
- disabling barriersresolution
This message is primarily an informational message; it does not
indicate a problem.
Suppress
this message globally
Please note: This method is only available for
SUSE Linux Enterprise Server /
Desktop (SLES/SLED) up to version 9 and for
Open Enterprise Server (OES)
version 1. From SLES/SLED 10 and OES2 on it is not possible to
suppress the message globally. Instead use the solution in the
section "Suppress this message for one filesystem".
To suppress this message globally, pass the parameter
barrier=off
to the kernel when booting (e.g., when using the GRUB boot
loader, through /boot/grub/menu.lst). This will cause the kernel not to
attempt to use the transaction barrier mechanism.
Suppress
this message for one filesystem
To suppress this message for
one particular ext3 filesystem, use the mount option
barrier=0 when
mounting the filesystem.
Additional notes
Background
By default, the Linux kernel will try to use transaction
barriers. Transaction barriers are an additional mechanism to
help maintain data integrity. In general, modern storage
subsystems may cache writes and may occasionally reorder pending
writes in order to increase write performance. While this is
fine in general, it is not desirable when handling journal data
for journaled filesystems. With journal data, metadata updates,
that is updates to the journal, should be written out to the
storage prior to the regular data they are associated with, to
make true crash recovery possible.
The informational message indicates that the storage driver
and/or the storage device do not support transaction barriers.
Under normal operation, this does not compromise data integrity.
However, barriers do provide a greater degree of performance for
journaling file systems and help ensure data is correctly
written out to the disk.
"JBD" in this
message refers to the Journaling Block Device, an abstraction
that was developed to provide the journaling capabilities of the
ext3 filesystem on top of the infrastructure of the ext2
filesystem on which ext3 is based. JBD is now used by the OCFS2
filesystem as well.document
| Document ID: |
3907838 |
| Creation Date: |
2008-02-01 05:33:00.0 |
| Modified Date: |
2008-02-01 05:32:20.0 |
| Novell Product: |
Open Enterprise Server |
| Novell Product: |
SUSE Linux Enterprise Desktop |
| Novell Product: |
SUSE Linux Enterprise Server |
| Novell Product: |
SUSE Linux |
This was the first serious problem with Suse 10 that we faced since Feb 2007.
It proved to be quite
critical for us. Now it is described in
Novell support note 3605538
Ext3 filesystem goes read-only without the underlying
storage reporting errors The frequency of experiencing of
this bug on production servers diminished after installation of SP1 but it did
not went away. As of Feb 2008 it still exists as we were never informed
about workaround proposed (may be the workaround was created only in Feb 2008;
we discovered the document only in May 2008)
Status(Last
updated: 2008-02-25)
This issue is not yet
fixed in a maintenance update of the kernel. Root cause analysis
has been performed and it is expected that a fix for this issue
will be included in the next maintenance update of the kernel.
Workaround
Explicitly disable barrier
support for the affected filesystems, e.g. by specifying
barrier=0
in
/etc/fstab's
mount options field for the affected filesystems.
JeOS is the abbreviation (pronounced "juice") for the
concept of Just Enough Operating System as it applies
to a
software appliance.JeOS is not a generic,
one-size-fits-all operating system. Rather, it refers to a
customized operating system that precisely fits the needs of
a particular application. The application's OS requirements
can be determined manually, or with an analytical tool, such
as
rPath's
rBuilder.
Therefore, JeOS includes only the pieces of an
operating system (often
Linux) required to support a particular application and
any other third-party components contained in the appliance.
This makes the appliance more efficient, smaller, more
secure and higher performing than an application running
under a full general purpose OS.
The program will enable ISVs to create appliances
combining their applications with Suse Linux Enterprise
in an integrated package.
Novell also announced the beta release of Suse Linux
Enterprise JeOS, a minimized version of the Suse Linux
Enterprise platform that ISVs can use for creating
appliances
... ... ...
Novell also announced Wednesday that it will
officially participate in the
LimeJeOS project, which is an existing community-led
project building a minimized version of the openSuse
Linux distribution. Novell will release
several new components of the Suse Appliance Program,
including an automated tool to build appliances, it
added.
Microsoft will deliver more than 1,000 support subscription certificates for
Suse Linux Enterprise Server to French automaker Renault, under an agreement announced
by Microsoft and Novell on Wednesday.
Renault will receive priority support subscriptions to Novell's Suse Linux distribution.
Renault plans to consolidate existing Linux distributions to Suse Linux Enterprise
Server with the intent of improving interoperability and taking better advantage
of virtualization, Microsoft and Novell said.
Through a 2006 agreement between Novell and Microsoft, Microsoft has purchased
support certificates to Suse Linux, with Novell to provide the support.
The package also contain Solaris binary of
chpasswd clone, which is extremely
useful for mass changes of passwords in corporate environments which include Solaris
and other Unixes that does not have chpasswd utility (HP-UX is another example in
this category). Version 1.3.2 now includes Solaris binary of
chpasswd which works on Solaris 9 and
10.
cgipaf is a combination of three CGI programs.
- passwd.cgi, which allow users to
update their password,
- viewmailcfg.cgi, which allows users
to view their current mail configuration,
- mailcfg.cgi, which updates the mail
configuration.
All programs use PAM for user authentication. It is possible to run a script
to update SAMBA passwords or NIS configuration when a password is changed. mailcfg.cgi
creates a .procmailrc in the user's home directory. A user with too many invalid
logins can be locked. The minimum and maximum UID can be set in the configuration
file, so you can specify a range of UIDs that are allowed to use cgipaf.
October 27, 2005 |
All about Linux
For logging on to the net or for attaching as a node on a LAN, your computer
needs a network card. The network card forms the interface between your
computer and the network. There are different kinds of network cards available
in the market depending on its speed and other features. Here is a tip to
find out the characteristics of your network card.
If you want to find what type of network card is used, its speed, on
which IRQ
it is listed, and the chip type used, you use the following command :
# dmesg |grep eth0
Here eth0
is the first network card. If you have additional cards, it will be named
eth1,
eth2 and so on. And here is
the output of the above command :
divert: allocating divert_blk for eth0
eth0: RealTek RTL8139 at 0xd800, 00:80:48:34:c2:84, IRQ 9
eth0: Identified 8139 chip type 'RTL-8100B/8139D'
divert: freeing divert_blk for eth0
divert: allocating divert_blk for eth0
eth0: RealTek RTL8139 at 0xd800, 00:90:44:34:a5:33, IRQ 9
eth0: Identified 8139 chip type 'RTL-8100B/8139D'
eth0: link up, 100Mbps, full-duplex, lpa 0x41E1
eth0: no IPv6 routers present
...
The important things to note here are those highlighted in colour. As you
can see from the above listing, my ethernet card is a
RealTek RTL8139 chipset based
card on IRQ 9 (Interrupt Request).
Its speed is 100 Mbps and
is a full-duplex card. And
the link is up.
... ... ...
Another tool which also does the same thing is
ethtool.
Try the following command on your machine to see the output.
# ethtool eth0
Settings for eth0:
Supported ports: [ TP MII ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Advertised auto-negotiation: Yes
Speed: 100Mb/s
Duplex: Full
Port: MII
PHYAD: 32
Transceiver: internal
Auto-negotiation: on
Supports Wake-on: pumbg
Wake-on: p
Current message level: 0x00000007 (7)
Link detected: yes
Here full duplex, half duplex and auto-negotiation have the following meanings.
Full Duplex
- Logic that enables concurrent sending and receiving. This is usually desirable
and enabled when your computer is connected to a switch.
Half Duplex
- This logic requires a card to only send or receive at a single point of
time. When your machine is connected to a Hub, it auto-negotiates itself
and uses half duplex to avoid collisions.
Auto-negotiation
- This is the process of deciding whether to work in full duplex mode or
half duplex mode. An ethernet card supporting autonegotiation will decide
for itself which mode is the optimal one depending on the network it is
attached to.
[Dec 21, 2007]
LXER interview with
John Hull - the manager of the Dell Linux engineering team
The original sales estimates for Ubuntu computers was around 1% of the
total sales, or about 20,000 systems annually. Have the expectations been met
so far? Will Dell ever release sales figures for Ubuntu systems?
The program so far is meeting expectations. Customers are certainly showing
their interest and buying systems preloaded with Ubuntu, but it certainly won't
overtake Microsoft Windows anytime soon. Dell has a policy not to release sales
numbers, so I don't expect us to make Ubuntu sales figures available publicly.
"When you take them out of the big buildings, without the imprimatur of Hewlett-Packard,
IBM and Oracle, or HP around them, they just didn't hold up."
Szulik, who took over as CEO from Bob
Young in 1999 just a few months
after its initial public offering, said
he's stepping down because of family
health issues.
"For the last nine months, I've struggled
with health issues in my family," and
that priority couldn't be balanced with
work, Szulik said in an interview. "This
job requires a 7x24, 110 percent commitment."
Szulik, who remains chairman of the
board, praised Whitehurst in a statement,
saying he's a "hands-on guy who will
be a strong cultural fit at Red Hat"
and "a talented executive who has successfully
led a global technology-focused organization
at Delta."
On a conference call, Szulik said
Whitehurst stood "head and shoulders"
above other candidates interviewed in
a recruiting process.
He was a
programmer earlier in his career and
runs four versions of Linux at home,
he said.
Moreover, Szulik said he wasn't satisfied
with more traditional tech executives
who were interviewed.
"What we encountered was in many
cases was a lack of understanding of
open-source software development and
of our model," he said. During the interview,
he added about the tech industry candidates,
"When you take them out of the big buildings,
without the imprimatur of Hewlett-Packard,
IBM and Oracle, or HP around them, they
just didn't hold up."
The surprise move was announced as
the leading Linux seller announced results
for its third quarter of fiscal 2008.
Its revenue increased 28 percent to
$135.4 million and net income went up
12 percent to $20.3 million, or 10 cents
per share. The company also raised estimates
for full-year results to revenue of
$521 million to $523 million and earnings
of about 70 cents per share.
December 12, 2007 |
Yahoo! Finance
...Office Depot ... has chosen SUSE® Linux Enterprise Server as a core operating
platform for the company's global servers. The goal of the standardization is
to reduce complexity and control costs while maintaining superior stability
and performance for Office Depot's end-user applications.
There are some errors. Not having swap doesn't mean that your kernel will crash.
Recommendation of allocating 1 GB swap for 128 MB of RAM is questionable. The swap
management needs physical RAM, and the more swap you have, the more RAM you need.
Linus have said that you should generally aviod hving more than twice your amount
of RAM for swap partition. And for most application servers (for example Oracle
application server) half-memory swap is adequate.
December 03, 2007 |
Linux.comLinux has two
forms of swap space: the swap partition and the swap file. The swap partition
is an independent section of the hard disk used solely for swapping; no other
files can reside there. The swap file is a special file in the filesystem that
resides amongst your system and data files.
To see what swap space you have, use the command swapon -s.
The output will look something like this:
Filename Type Size Used Priority
/dev/sda5 partition 859436 0 -1
Each line lists a separate swap space being used by the system. Here, the
'Type' field indicates that this swap space is a partition rather than a file,
and from 'Filename' we see that it is on the disk sda5. The 'Size' is listed
in kilobytes, and the 'Used' field tells us how many kilobytes of swap space
has been used (in this case none). 'Priority' tells Linux which swap space to
use first. One great thing about the Linux swapping subsystem is that if you
mount two (or more) swap spaces (preferably on two different devices) with the
same priority, Linux will interleave its swapping activity between them, which
can greatly increase swapping performance.
To add an extra swap partition to your system, you first need to prepare
it. Step one is to ensure that the partition is marked as a swap partition and
step two is to make the swap filesystem. To check that the partition is marked
for swap, run as root:
fdisk -l /dev/hdb
Replace /dev/hdb with the device of the hard disk on your system with the
swap partition on it. You should see output that looks like this:
Device Boot Start End Blocks Id System
/dev/hdb1 2328 2434 859446 82 Linux swap / Solaris
If the partition isn't marked as swap you will need to alter it by running
fdisk and using the 't' menu option. Be careful when working with partitions
-- you don't want to delete important partitions by mistake or change the id
of your system partition to swap by mistake. All data on a swap partition will
be lost, so double-check every change you make. Also note that Solaris uses
the same ID as Linux swap space for its partitions, so be careful not to kill
your Solaris partitions by mistake.
Once a partition is marked as swap, you need to prepare it using the mkswap
(make swap) command as root:
mkswap /dev/hdb1
If you see no errors, your swap space is ready to use. To activate it immediately,
type:
swapon /dev/hdb1
You can verify that it is being used by running swapon -s. To
mount the swap space automatically at boot time, you must add an entry to the
/etc/fstab file, which contains a list of filesystems and swap spaces that need
to be mounted at boot up. The format of each line is:
<file system> <mount point> <type> <options> <dump> <pass>
Since swap space is a special type of filesystem, many of these parameters
aren't applicable. For swap space, add:
/dev/hdb1 none swap sw 0 0
where /dev/hdb1 is the swap partition. It doesn't have a specific mount point,
hence none. It is of type swap with options of sw,
and the last two parameters aren't used so they are entered as 0.
To check that your swap space is being automatically mounted without having
to reboot, you can run the swapoff -a command (which turns off
all swap spaces) and then swapon -a (which mounts all swap spaces
listed in the /etc/fstab file) and then check it with swapon -s.
... ... ...
How big should my swap space be?
It is possible to run a Linux system without a swap space, and the system
will run well if you have a large amount of memory -- but if you run out of
physical memory then the system will crash, as it has nothing else it can do,
so it is advisable to have a swap space, especially since disk space is relatively
cheap.
A rule of thumb is as follows:
- For a desktop system, use a swap space of double system memory,
as it will allow you to run a large number of applications (many of which
may will be idle and easily swapped), making more RAM available for the
active applications;
- For a server, have a smaller amount of swap available (say half
of physical memory) so that you have some flexibility for swapping when
needed, but monitor the amount of swap space used and upgrade your RAM if
necessary;
... ... ...
The Linux 2.6 kernel added a new kernel parameter called swappiness
to let administrators tweak the way Linux swaps. It is a number from 0 to 100.
In essence, higher values lead to more pages being swapped, and lower values
lead to more applications being kept in memory, even if they are idle. Kernel
maintainer Andrew Morton has said that he runs his desktop machines with a swappiness
of 100, stating that "My point is that decreasing the tendency of the kernel
to swap stuff out is wrong. You really don't want hundreds of megabytes of BloatyApp's
untouched memory floating about in the machine. Get it out on the disk, use
the memory for something useful."
One downside to Morton's idea is that if memory is swapped out too quickly
then application response time drops, because when the application's window
is clicked the system has to swap the application back into memory, which will
make it feel slow.
The default value for swappiness is 60. You can alter it temporarily (until
you next reboot) by typing as root:
echo 50 > /proc/sys/vm/swappiness
If you want to alter it permanently then you need to change the vm.swappiness
parameter in the /etc/sysctl.conf file.
Conclusion
Managing swap space is an essential aspect of system administration. With
good planning and proper use swapping can provide many benefits. Don't be afraid
to experiment, and always monitor your system to ensure you are getting the
results you need.
| |
F**king Beagle on Suse 10
|
|
| Ron Albright
2006-03-25, 10:19 am
|
|
How do I stop it,
forever. I figured out how to kill the Beagle process
that were taking up 500MB of my
memory
but there are still process
starting every night by root and suing to another uid and they
never exit.
What is starting these things and how do I stop them? I can't
find
anything in the rc scripts or crontabs. Short of uninstalling
it where can
I find
information
on what's starting anything related to Beagle? I can
find all kinds of information on installing and using it but
nothing on
stopping it. Any pointers would be greatly appreciated.
|
|
| Nico Kadel-Garcia
2006-03-25, 10:19 am
|
|
Ron Albright wrote:
> How do I stop it, forever. I figured out how to kill the Beagle
> process that were taking up 500MB of my memory but there are
still
> process starting every night by root and suing to another
uid and
> they never exit. What is starting these things and how do
I stop
> them? I can't find anything in the rc scripts or crontabs.
Short of
> uninstalling it where can I find information on what's starting
> anything related to Beagle? I can find all kinds of information
on
> installing and using it but nothing on stopping it. Any pointers
> would be greatly appreciated.
rpm -e beagle? It seems to be an RPM package.
|
|
| J. Clarke
2006-03-25, 10:19 am
|
|
Ron Albright wrote:
> How do I stop it, forever. I figured out how to kill the Beagle
process
> that were taking up 500MB of my memory but there are still
process
> starting every night by root and suing to another uid and
they never exit.
> What is starting these things and how do I stop them? I can't
find
> anything in the rc scripts or crontabs. Short of uninstalling
it where can
> I find information on what's starting anything related to
Beagle? I can
> find all kinds of information on installing and using it but
nothing on
> stopping it. Any pointers would be greatly appreciated.
You need to find what is starting beagled and either induce
it to quit
starting beagled or have it start beagled with "beagled
--disable-scheduler". Once beagled is running it does its own
scheduling.
Best thing to do about it IMO is remove the whole package.
--
--John
to email, dial "usenet" and validate
(was jclarke at eye bee em dot net)
|
|
Troubleshooting is a near-science by itself on which I could spend many articles,
but I'll try to keep it brief. During the system boot procedure, several phases
occur, starting in GRUB, the Linux boot loader. Roughly, these are the following:
- GRUB loads the kernel
- GRUB loads the initrd
- The root file system is accessed by the kernel
- The /sbin/init process takes over.
- The initial boot stage happens
- The default runlevel is activated
- A login prompt occurs.
When a problem occurs, try to pin-point it to
any of these seven phases. In some cases it is possible to tell
exactly what happens, more often you will see that you can only give a rough
indication of what is happening. In the case of a kernel panic, you can be sure
about one thing: GRUB has loaded successfully and you are not yet at phase 4
of the boot procedure where the init process takes over. If a kernel panic occurs
immediately after a driver installation, this is often caused by an error in
the initrd.
How can we be sure? Sometimes it is quite obvious that the error is in initrd,
as GRUB tells you that it failed to load the file /boot/initrd, in other cases
some forensic work is needed as only a vague driver error message is generated.
In the latter case, you have to check if the driver that fails is included in
the initrd, as this helper file is used by the kernel to include drivers that
are needed immediately. On SUSE Linux Enterprise, the file
/etc/sysconfig/kernel contains
a list of all drivers that should be included in the initrd. When you run the
mkinitrd command, these drivers are written to your new initrd. When this happens
automatically, something could go wrong.
Step 2: Fixing it
If an error occurs in the initrd, you will not be able to boot your server anymore.
So, to fix it, you need the rescue system that is available from the installation
dvd. This rescue system loads a complete Linux system off of the installation
media. The next step is to mount all your Linux file systems off of that disk.
Next, you need to run mkinitrd. You can only do this once the local file systems
are all mounted, because the initrd has to be written to the local file systems.
However, there is a caveat.
The problem with this approach is in the disk devices access in combination
with the necessary use of a chroot environment. To start, you need to mount
your server's file systems on a temporary mount point like /mnt. Let's say that
you have the /boot directory on /dev/sda1 and your / directory on /dev/sda2.
To mount them, you need the following two commands:
- mount /dev/sda2 /mnt
- mount /dev/sda1 /mnt/boot
Since the mkinitrd command wants to write the new initrd in /boot and the
/boot on your hard drive is now in /mnt/boot, you need to change the root directory
to be set to /mnt. You can use chroot to do that:
chroot /mnt
The contents of /mnt now becomes /, so all path references are OK. But we
still have a problem. If you look in the /proc and /dev directory on your new
root environment, you'll see that /proc is empty and /dev is as good as empty.
Both are dynamically created file systems and they are created at the moment
that your server boots. This means that they were created in / when the server
booted from the rescue cd. Now, since the new root is in /mnt, you cannot access
them anymore. We need to fix this.
- Type exit to exit from the chroot environment. You'll now get back to
the original /mnt under which your servers local file systems where mounted.
- Use mount -t proc none /mnt/proc
to make the proc file system available from the /mnt environment.
- Use mount -o bind /dev /mnt/dev
which will make the original /dev which was filled by the udev process when
booting available from /mnt/dev.
Now that you have the repair environment all in place, you need to check
that the line in /etc/sysconfig/kernel that is used to generate a new initrd
is as it should be. You are looking for the following line:
INITRD_MODULES="ata_piix processor thermal fan jbd ext3 dm_mod edd pciback"
This line will be different on every server, so check to make sure that all
modules are included that are necessary to start your server (your server's
documentation will help you with that.)
Now under /mnt you have the complete environment that is needed to repair
your server, so take the following two steps to fix your server.
- Activate /mnt using cd /mnt and make it your new root environment using
chroot .
- Issue the command mkinitrd to write the new initrd to /boot.
You have now fixed the initrd. Reboot your server and check that everything
is working all right.
Introduction to Linux Kernel Management
At the heart of the SLES operating system is the Linux kernel. As mentioned
in the "SLES
Startup Procedures" section of this chapter, the Linux kernel is found in
the /boot directory and is typically named vmlinuz-<kernel
version>. The default kernel with an OES Linux installation
is version 2.6.5-7.112-default. The kernel version number can actually be divided
into the following three important numbers:
-
Major Number—
This number represents the current major version number of the Linux kernel.
The Linux kernel is currently at a major number of 2.
-
Minor Number—
This number represents the minor version number of the Linux kernel. Modern
distributions are based on either minor number 4 or 6 of the Linux kernel.
SLES9 uses a kernel with a minor number of 6. This kernel is commonly referred
to as the 2.6 kernel.
The minor number can also be used to represent the status
of the kernel version. If the minor number is an odd number (such as in
kernel version 2.5), that version of the kernel is a non-stable or developmental
release of the kernel. Minor numbers using an even number (such as 2.6)
are known as production or stable versions of the kernel.
-
Revision Number—
The final number of the Linux kernel version is the revision number of the
kernel. SUSE also adds some information to this field to indicate the build
of the kernel, as well as the specific environment the kernel was intended
for. In the OES kernel version number 2.6.5-7.112-default, the revision
number is 5-7 and the SUSE build number and environment designations are
112-default.
NOTE
The uname -r command can be used to display
the version of the currently running kernel.
The most common administrative task relating to the kernel is most likely applying
kernel updates to resolve security issues. Applying kernel updates through the
YaST Online Update or Red-Carpet tools is a very straightforward process, but
if problems are encountered, you may need to know more details regarding the
layout of the kernel-related files.
Table 6.5 outlines
the important kernel-related files found within the /boot directory.
Table 6.5. Important Kernel-Related Files
in /boot
|
FILE |
DESCRIPTION |
|
vmlinuz-2.6.5-7.112-default |
The 2.6.5-7.112-default version of the Linux kernel. |
|
vmlinuz |
A symbolic link that points to the current version
of the Linux kernel. The /boot/grub/menu.lst file typically
configures GRUB to reference this vmlinuz file rather than
the actual vmlinuz-<version
number> file. |
|
initrd-2.6.5-7.112-default |
Initialization RAM Disk used by the startup routine
to provide required hardware drivers to the initialized kernel.
This is used prior to the root filesystem being mounted. |
|
initrd |
Symbolic link that points to the current version
of the initrd file. The /boot/grub/menu.lst file
typically configures GRUB to reference this initrd file
rather than the actual initrd-<version
number> file. |
|
config-2.6.5-7.112-default |
Configuration file used for the compiling of the
current kernel. |
|
kerntypes-2.6.5-7.112-default |
File containing information about data structures
within the Linux kernel—used by the Linux Kernel Crash Dump facility
for debugging purposes. |
|
system.map-2.6.5-7.112-default |
Map file containing address of symbols for the
current kernel. |
NOTE
As mentioned in
Table 6.5,
the GRUB bootloader is typically configured to load both the kernel and
the initrd image using the symbolic links rather than the actual
filenames. This is normally a good thing, but if a kernel patch fails to
properly configure these links, the bootloader process will be unable to
locate these important files and the boot process will fail.
Kernel SourcesCompiling your own Linux kernel is not necessarily
a difficult process, but because of the potential for misuse and catastrophic
side effects, Novell does not support compiling your own kernel. As a matter
of fact, if you do require support by Novell and you're running a custom kernel,
the first question you will likely hear is "Does this problem occur when using
the default kernel?"
Even though compiling a custom kernel is not a good idea
for a production server, there are a number of reasons why you might want to
install the kernel source code. One example might be that a custom program you
need to compile requires the kernel source to be installed. An even better example
is the potential ability to look through the kernel source code to help track
down error messages and their causes.
Using the grep command to search for a specific
error message within the kernel source code tree can often lead to the exact
error message. When you find the code surrounding the error message, you can
analyze it and the root cause of your problem may be apparent.
In order to use kernel sources in this manner, the kernel-source
package must be installed. This package is not typically selected for installation
using the default configurations, but can be easily installed after the initial
installation. When installed, the Linux kernel source code is located in the
/usr/src/linux directory structure.
Working with Kernel Modules
When the Linux kernel is built, it must be built in such
a way as to support as much third-party hardware as possible. There are essentially
two ways to accomplish this. The first is to compile the kernel with specific
drivers for all third-party hardware as part of the kernel itself. Although
this type of kernel does work, it is generally not considered an efficient method
of building the kernel as any one server really only needs a somewhat limited
number of third-party drivers loaded.
The second and more common method of building the kernel
is compiling a kernel with internal support for common hardware components (such
as PCI support) and providing third-party hardware support through the use of
external modules. This type of modular kernel is what is available with SLES.
When using external modules, the system must be configured
to load the appropriate hardware modules upon system startup. During the installation
of SLES, the installation routine will scan and detect hardware devices and
build the initrd image with the required modules. However, when adding
hardware after the installation or when installing proprietary drivers for unsupported
hardware, it may be necessary to configure the server manually.
Table 6.6 lists
commands used to manage kernel modules.
Table 6.6. Commands and Files Used with Kernel
Modules
|
COMMAND OR FILE
|
DESCRIPTION
|
|
lsmod |
Lists all currently loaded kernel modules. |
|
rmmod |
Removes the specified kernel module from memory. |
|
insmod |
Inserts a specific kernel module into the running
kernel. |
|
modprobe |
Inserts a specific kernel module into the running
kernel. If the specified module is dependent on other kernel modules,
additional required modules will be dynamically loaded. |
|
/etc/modprobe.conf |
Configuration file used to load and alias kernel
modules at system initialization. Additions to this file should
be placed in /etc/modprobe.conf.local. |
|
/etc/sysconfig/kernel |
Configuration file used by the kernel during system
initialization. The MODULES_LOADED_ON_BOOT directive can
be edited to load specific modules at system startup. |
After you have used the utilities listed in
Table 6.6 to
load and test a required hardware module, you must configure your server to
automatically load the module upon server restart. This can be accomplished
by adding the module to the MODULES_LOADED_ON_BOOT directive of the
/etc/sysconfig/kernel file, or the module can be added to the /etc/modprobe.conf.local
file.
NOTE
If you have a complex loading requirement, such as the
specific ordering of more than one module, the /etc/modprobe.conf.local
file is much more flexible than /etc/sysconfig. For more information
on the syntax of this file, please see the man page for modprobe.conf(5).
Op is a tool for allowing users to run root privileged commands without
the root password. It is described in detail in "Op: A Flexible Tool for Restricted
Superuser Access" by Tom Christiansen. From this description Dave Koblas produced
an impementation of op in C. Tom's original paper is included in this distribution
in the file "op.paper". Differences between that design and the current implementation
are noted in the file "op.changes".
Oracle Enterprise Linux became more compatible with Suse. Suse users can use
Oracle version as an upgrade.
Yet Another Setup Tool. Yast helps make system administration easier by providing
a single utility for configuring and maintaining Linux systems. The version
of Yast available here
is modified to work with all Enterprise Linux distributions including Enterprise
Linux and SuSE.
Special note to
Oracle
Management Pack for Linux users:
Xen: Ready for OES2’s launch?
With the launch of OES2, Novell is trying really
hard to entice those last few NetWare shops to make
the leap to Linux. They’re doing this by enticing them
with virtual NetWare servers running in Xen. That said,
was Xen mature enough for First American’s mission critical
NetWare applications? Would it perform as well?
At first glance, things were not looking too good.
Kurt Johnston, a lead engineer on the First American
migration, wasn’t optimistic. “I did not have high expectations
for Xen,” Johnston told me in a call last week.
“With Xen being as young as it is, I was expecting it
to be very difficult to install and configure a new
domU onto dom0.” Johnston and
his boss, IT director Dan McDougall, were also wary
of performance issues they had read about in trade magazines
and had heard from other users throughout the year.
But they were soon pleasantly
surprised, and so was I. Xen wasn’t VMware ESX Server,
but it was close enough–at least for First American.
That, at least to me, was the surprise.
It’s been a 24 hour VMware lovefest for the past two
years or so, and I hadn’t been up on the subject enough
to see any changes in that dynamic. When I talked with
analysts in 2006 and ‘07 I had always heard Xen had
plenty of potential, but like any new technology it
needed work. Illuminata senior analyst Gordon Haff,
speaking to me for the same article, told me that much
of the work needed to prove that potential had been
completed throughout 2007. It was a collection of hard
work and bug fies; not any single thing, he said.
“The fact is, [Xen] was
rather simple to install. It was the ease of installation
and configuration that surprised me. I was expecting
to use quite a bit of [a command line interface],” Johnston
said. Fortunately for First American, there was very
little CLI, if any. No headaches, no problems–save one.
There was one issue worth noting about Xen, according
to Johnson. He said one thing he would like to see in
Xen is in “the paravirtualization side of things”:
“I’d like to be able to somehow mask certain virtual
machines and only allow certain LUNs [logical unit numbers]
on the SAN [storage area network] to serve and see certain
virtual machines, via Xen. I’d like to be able
to build in a limit to the different servers to see
only specific LUNs on the SAN.”
He went on to say that having the ability to visualize
the host bus adapter (HBA) and use Xen to manage virtual
Fibre Channel ports would allow LUN masking of these
ports and give the ability to grant access to only specified
LUNs.
This capability is also still an issue in VMware
environments as well, but a support update for N_Port
ID Virtualization (NPIV) in VMware ESX 3.5 was announced
earlier this month.
Fixes from XenSource, Novell
But what about XenSource, the corporate entity behind
the Xen hypervisor? Or Novell, which was the first commercial
Linux OS vendor to bake Xen into its OS? Was a fix forthcoming
for those Novell OES2 customers, like Johnston and McDougall,
that wanted the same functionality in their environments?
Simon Crosby, CTO of XenSource, responded to that question
regarding support for N_Port ID Virtualization (NPIV)
via email this morning. He said:
“It’s planned ASAP for XenSource products (Q1 08).
The Xen project doesn’t have a storage roadmap - just
the hypervisor. Whether any vendor puts a particular
storage technology into its product is up to that vendor.”
Novell is working on a multi-vendor fix: “We are
working on N_Port Virtualization together with Qlogic
and Emulex,” said Holger Dryoff, vice president of management
and marketing at Novell. “This will be available in
one of the future service packs of SUSE Linux Enterprise
Server 10 and therefore to OES 2 customers as well.”
I find all of this interesting because it will mean
more choices. More choices means competition, and competition
means happier customers. Happier customers are more
apt to speak to the press and tell their stories. Whether
the technology ultimately makes the customers happy,
well, that’s what we’re here to find out.
|
Desktop oriented and very superficial comparison. Deeper issues like packages
availability are not covered.
| |
| openSUSE 10.3 |
| Mandriva 2008.0 |
| Boot up |
38 |
52 |
| KDE |
10 |
12 |
| GNOME |
25 |
7 |
| OpenOffice.org |
7 |
7 |
| Firefox |
3 |
5 |
| The GIMP |
3 |
4 |
| Shut down |
17 |
19 |
A lot of pictures: might be useful for those who does it the first time. From
the 10.3 announcement:
The package management team have been working hard on improving the new
openSUSE package management, and there is a lot to show for it now. It is reliable,
more mature, and an awful lot faster. There is no more parsing during startup,
greater compatibility with tools like yum and smart,
and increased speed for the most common use-case: installing a package.
HowtoForge
This tutorial is also available in German:
Der perfekte Server - OpenSUSE 10.3 (32-bit)
This is a detailed description about how to set up an OpenSUSE 10.3
server that offers all services needed by ISPs and hosters: Apache web server
(SSL-capable), Postfix mail server with SMTP-AUTH and TLS, BIND DNS server,
Proftpd FTP server, MySQL server, Dovecot POP3/IMAP, Quota, Firewall, etc.
This tutorial is written for the 32-bit version of OpenSUSE 10.3, but should
apply to the 64-bit version with very little modifications as well.
I will use the following software:
- Web Server: Apache 2.2
- Database Server: MySQL 5.0
- Mail Server: Postfix
- DNS Server: BIND9
- FTP Server: proftpd (ISPConfig
will not work with vsftpd on OpenSUSE 10.3)
- POP3/IMAP: I will use Maildir format and therefore install Courier-POP3/Courier-IMAP.
- Webalizer for web site statistics
In the end you should have a system that works reliably, and if you like
you can install the free webhosting control panel
ISPConfig (i.e., ISPConfig runs on it out of the box).
Device drivers from Novell and Intel allow unmodified Windows
Server 2000/2003/XP to run in Xen virtual environments on SUSE Linux Enterprise
Server 10 and Intel® Virtualization Technology
SAN FRANCISCO (InfoWorld Virtualization Executive Forum)— 12 Feb 2007—
Novell and Intel Corporation today announced the availability of paravirtualized
network and block device drivers that will allow Microsoft* Windows* Server
2000/2003/XP to run unmodified in Xen* virtual environments on SUSE® Linux Enterprise
Server 10 from Novell®, operating on Intel-based server platforms featuring
Intel® Virtualization Technology. Combined with the existing ability to host
unmodified Linux* on SUSE Linux Enterprise Server, these new drivers will let
customers confidently migrate to newer and fewer energy-efficient servers, consolidating
legacy Windows or Linux solutions onto virtual servers.“With our SUSE Linux
Enterprise 10 platform launch in July 2006, Novell became the first major Linux
distributor to integrate Xen virtualization into a Linux distribution,” said
Jeff Jaffe, Novell executive vice president and chief technology officer. “In
September, we became the first distribution to support virtualized Linux workloads
on Xen, and today we are the first distributor to support virtualized Windows
workloads on Linux. Our commitment to innovation to solve customer problems
has never been greater.”
“Intel has been working with the open source community to enable Linux virtualization
solutions to take advantage of Intel Virtualization Technology, so that guest
OS and applications can run unmodified,” said Doug Fisher, Intel vice president
of Software and Solutions Group. “In addition, our Quad-Core Intel Xeon Processor-based
platform with its outstanding performance, energy efficiency and reliability
provides unparalleled headroom for multiple Virtual Machines running varied
data center workloads. Getting Windows to run with Linux unmodified and vice
versa will bring an immense confidence boost to IT managers in making decisions
on corporate platform standardization and refresh.”
In addition to providing cost savings when virtualizing Windows on SUSE Linux
Enterprise Server, these drivers can improve the availability of Windows- and
Linux-based workloads via clustered virtual systems and help IT staff respond
faster to business needs by easily creating and provisioning services on virtual
systems.
Novell is sponsoring a virtualization pilot program for customers, providing
enterprise-level support for running fully virtualized Windows 2000/2003/XP
workloads on SUSE Linux Enterprise Server. The paravirtualized
device drivers are now available to members of the pilot program. General availability
is scheduled for later this year. For more information on the
pilot program and Novell virtualization solutions, visit
www.novell.com/virtualization.
For more about SUSE Linux Enterprise offerings from Novell, visit
www.novell.com/linux. For more information
about Intel Virtualization Technology, visit
www.intel.com/business/technologies/virtualization.htm.
Here is good news for SLES users. I'm happy to report that the OpenVZ team
resumed working on the SLES10-based OpenVZ kernel a few months ago, and we now
have pretty stable SLES10
OpenVZ kernel. I encourage all SLES users to try it out.
The SLES10 kernel itself is based on the Linux kernel 2.6.16, and until SLES11
comes out, it remains the most "enterprise" (read stable and supported) kernel
coming from Novell/SUSE. So, what we did is we took that kernel and ported our
OpenVZ patchset to it. The only feature missing is I/O priority support, which
is because the disk CFQ scheduler used in 2.6.16 is way too old. Other than
that, it's a pretty decent kernel, and while we haven't declared it as stable
yet we will do so really soon.
Here is a summary for all the other branches we develop/support as of now, with
download links:
Stable: 2.6.9 (rhel4 based),
2.6.18 (rhel5 based),
2.6.18 (vanilla based).
SLES10 will be added
to this list soon.
Development: 2.6.22 (vanilla).
Some recommendations are plain wrong. For example Nvu is too primitive
and buggy to use for serious work. So sound and video recommendations should be
taken with a grain of salt:
Sound & Video:
- Amarok - audio player
- Audacity - free, open source, cross platform digital audio editor
- Banshee - audio player, can encode/decode various formats and synchronize
music with Apple iPods
- MPlayer - media player (video/audio), supports WMA
- Rhythmbox Music Player - audio player, similar to Apple's iTunes,
with support for iPods
- gtkPod - software similar to Apple's iTunes, supports iPod, iPod
nano, iPod shuffle, iPod photo, and iPod mini
- XMMS - audio player similar to Winamp
- dvd::rip - full featured DVD copy program
- Sound Juicer CD Extractor - CD ripping tool, supports various audio
codecs
- VLC Media Player - media player (video/audio)
- Real Player
- Totem - media player (video/audio)
- Xine - media player, supports various formats; can play DVDs
- Brasero - CD/DVD burning program
- GnomeBaker - CD/DVD burning program
- K3B - CD/DVD burning program
- Multimedia-Codecs
Programming:
- Nvu - WYSIWYG HTML editor, similar to Macromedia Dreamweaver, but
not as feature-rich (yet)
- Quanta Plus - web development environment, including a WYSIWYG editor
"With the one CD media the install downloads over 600MB. Didn't they manage
to put it all on CD?"
The one CD install media contain a complete functional desktop, either KDE
or GNOME, which can be installed offline. If you compare you will actually notice
that we managed to fit more applications on it than most other CD distros which
often miss bigger stuff like OpenOffice.org, Firefox, Gimp or games. openSUSE
10.3 introduces the new concept of registering online repositories before the
installation starts. On the screen where you choose whether to install or upgrade,
there is
a checkbox "Add online repositories before installation" which is enabled
by default. If you want a quick offline installation, or an 'unbloated' installation,
disable this option. Keeping it enabled will give you the default installation
like you would get from the release DVD for one desktop, including eg translations
and more games. And yes, we didn't manage to fit the DVD content on a single
CD.
"openSUSE is bloated"
This couldn't be further away from truth. openSUSE 10.3 has actually the
most lean footprint of all recent releases. All patterns have been reworked
and packages more splitted, eg you can install a very small base system or basic
X window. The desktop CD installations are coercively optimized for size. You
can call a full DVD or CD+online repos installation bloated but then you opted
for the wide range of applications option.
A nice example how a somewhat incompetent/incoherent review can hurt important
effort. There is a whole gender of such reviews by people who generally has
no use for the system after install :-). The guy definitely does not understand
that Suse is not for suckers; this is a distribution oriented on professional sys
admins who either work or plan to work with an enterprise edition ;-). Note that
he has nothing to say about quality of distribution per se, only about extremely
superficial things like time of download, time of installation and problem with
online install he encounter (as if installation from DVD is such a problem).
We also need to distinguish between flows in the interface (and YAST is far from
being perfect here) from flaws in functionally -- and YAST does extremely good job
with detecting hardware and other non-trivial installation issues.
There was a choice
of downloads and I chose the CD which had KDE as its desktop environment;
KDE is one of the two main desktop environments for Linux users, the other being
GNOME.
The download appeared to be a full CD, coming in at around 690MB. Normally,
when one downloads a full CD one expects that it can be used on its own to effect
a full installation. I noticed an Add-ons CD, but since this was said to contain
software which was licensed under terms other than those of the General Public
Licence, I reasoned that this wasn't really necessary.
After booting up, one of the first things one has to do is to agree to a long
licence. This is reminiscent of that other system called Windows - maybe Novell's
deal with Microsoft has been influential in this design.
After a few more screens, online repositories start getting downloaded. This
took me by surprise; with a full CD, I did not think that I needed anything
more from the worldwide web. I did not expect that the choice of downloading
repositories would be selected by default.
I expected there would be fair warning - something like "do you want to add
other software from online repositories?" or "do you want to download security
updates?" But these minor courtesies appear to be unimportant for the openSUSE
people so a few minutes went by with lists being downloaded.
Then up came a list of software which had been selected for installation - a
total of 2.2 GB! Does one really need all that software? Anyway, I went on and
after some software had been installed from the CD which I had created, the
downloading began.
It took around half an hour in all for the software installation to end - and
then up flashed a screen which informed |
