It’s always a good idea to setup a local firewall on hosts that are on unprotected networks. The internet “winds” blow harder and harder each day, and it’s only a matter of time before some daemon has an exploit that gets taken advantage of. I use CentOS 5 for all my web servers, and here [...]
Several weeks ago we started seeing some pretty scary errors showing up on the main system disk for our Blackboard server. We had an extra server hanging around, so we decided to move all the data off the failing disk and onto our spare server. The only question was how to make the new server [...]
Creating a properly offset slab of disk for Linux systems on your CLARiiON is not just a matter of creating a partition using the default fdisk values. The reason for this is that disk management utilities for Intel based systems generally write 63 sectors of metadata directly at the beginning of the LUN. The addressable [...]
Below is a list of RHEL system configuration changes that Oracle 10G requires before it is installed.
First, check the following kernel parameters using the commands below:
/sbin/sysctl -a | grep kernel.shmall
/sbin/sysctl -a | grep kernel.shmmax
/sbin/sysctl -a | grep kernel.shmmni
/sbin/sysctl -a | grep kernel.sem
/sbin/sysctl -a | grep fs.file-max
/sbin/sysctl -a | grep net.ipv4.ip_local_port_range
/sbin/sysctl -a | grep net.core.rmem_default
/sbin/sysctl [...]
At least in RHEL 4, the fdisk command does not support the creation of filesystems larger than 2TB. In order to get around it, you have to use the parted command. I found the basic info here, but this is the long and short of how to cut off a big ol’ slice of disk [...]
I started getting this error:
X11 connection rejected because of wrong authentication
when trying to forward X11 applications from a Linux server to my Mac. I had been forwarding the display on this server for years, so I was a little unsure what could be causing it. In the end, it turned out that I had filled [...]
Unlike other flavors of UNIX, RHEL does not have a command like adduser which walks you through the process step-by-step, so you have to remember the four flags useradd requires, and in what order it expects to receive them. Since I don’t manually add users unless I’m installing a new server, I don’t run the [...]
From time to time, people want me to create LINUX init scripts for them. I usually just take an existing one for another service and change it up to work for my new application, but most of them have become so long these days that I end up having to hack out a ton of [...]
Asterisk is a complete open source software-based IP PBX solution that runs on a variety of platforms. It supports VOIP in several protocols, and can seamlessly integrate with almost any standards-based telephony equipment using relatively inexpensive hardware.
This guide is a quick-start set of notes that should help you get the Asterisk service up and running [...]
For one reason or another RHEL does not disallow incoming ssh connections as root. This is, of course a glaring security problem which should be addressed for all systems that allow ssh connections to be made from any but the most restricted networks.
The best practice, of course, would be to make the initial ssh connection [...]
So you have a RHEL system and you want to authenticate it against your active directory. The good news is that Red Hat has made it easy for you to do this. The bad news is that they only get the most basic structure working for you. Here I will show you how to get [...]
For some reason that is a complete mystery to me, RHEL does not give you the link status when you run # ifconfig -a. This makes it incredibly hard to debug link integrity issues! Buried amongst all of Red Hat’s proprietary commands, however, is a utility called ethtool, which does give you the status of [...]
The e2fsck will regularly force a check of a filesystem even if the filesystem is marked clean. By default, this happens on every twenty mounts or 180 days, whichever comes first.
The ext3 filesystem does this as well, which can be annoying if you have a very large filesystem and a short downtime window. Therefore, it’s [...]
Whenever you go to install applications and services on registered RHEL servers, it’s always nice to use the RPMs because up2date will keep everything current for you. Managing upgrades gets a whole lot easier when you can bring your system up to current with one simple command. Because of this, I decided that I would [...]
When many new servers are delivered from the factory, the system clock is way off. Most UNIX systems run “ntpd” to keep the time in sync with internet time servers, which are, in turn synchronized against an atomic clock. This results in a system time that is very very close to the “actual” time of [...]
