Monthly Archives: August 2013

Hard link vs. Soft link

Hard link vs. Soft link in Linux or UNIX

  • Hard links cannot link directories.
  • Cannot cross file system boundaries.

Soft or symbolic links are just like hard links. It allows to associate multiple filenames with a single file. However, symbolic links allows:

  • To create links between directories.
  • Can cross file system boundaries.

These links behave differently when the source of the link is moved or removed.

  • Symbolic links are not updated.
  • Hard links always refer to the source, even if moved or removed.

A bit more:

Hard links are useful when the original file is getting moved around. For example, moving a file from /bin to /usr/bin or to /usr/local/bin. Any symlink to the file in /bin would be broken by this, but a hardlink, being a link directly to the inode for the file, wouldn’t care.

Hard links may take less disk space as they only take up a directory entry, whereas a symlink needs its own inode to store the name it points to.

Hard links also take less time to resolve – symlinks can point to other symlinks that are in symlinked directories. And some of these could be on NFS or other high-latency file systems, and so could result in network traffic to resolve. Hard links, being always on the same file system, are always resolved in a single look-up, and never involve network latency (if it’s a hardlink on an NFS filesystem, the NFS server would do the resolution, and it would be invisible to the client system). Sometimes this is important. Not for me, but I can imagine high-performance systems where this might be important.

I also think things like mmap(2) and even open(2) use the same functionality as hardlinks to keep a file’s inode active so that even if the file gets unlink(2)ed, the inode remains to allow the process continued access, and only once the process closes it does the file really go away. This allows for much safer temporary files (if you can get the open and unlink to happen atomically, which there may be a POSIX API for that I’m not remembering, then you really have a safe temporary file) where you can read/write your data without anyone being able to access it. Well, that was true before /proc gave everyone the ability to look at your file descriptors, but that’s another story.

Speaking of which, recovering a file that is open in process A, but unlinked on the file system revolves around using hardlinks to recreate the inode links so the file doesn’t go away when the process which has it open closes it or goes away.

FreeRADIUS

FreeRADIUS is a fully GPLed RADIUS server implementation. It supports a wide range of authentication mechanisms, but PEAP is used for the example in this document.

There is numerous ways of using and setting up FreeRADIUS to do what you want: i.e., fetch user information from LDAP, SQL, PDC, Kerberos, etc. In this document, user information from a plain text file, users, is used.

More:

http://tldp.org/HOWTO/html_single/8021X-HOWTO/

Fluxbox on Centos

Install X:

yum -y groupinstall “X Window System”

Install Fluxbox:

yum -y install fluxbox thunar thunar-volman rxvt wget alsa-utils pciutils usbutils xdg-utils fuse fuse-ntfs-3g ntfs-3g ntfsprogs parted udisks gvfs yum-utils bind-utils lsb wireless-tools gdm gtk2-devel zlib-devel glibc glib2 glib2-devel vim-enhanced vim-X11 rpm-build gettext-devel perl-XML-Parser xarchiver p7zip

this will install and gives you a basic desktop with window manager, file manager, text editor and a terminal emulator, also you can add other packets

change inittab 3 to 5

show hidden files: Alt+F2 to run Thunar, check the ‘show hidden files, then you should look for some folders like .fluxbox and there you can found keys file, where you can set some key shortcuts.

F9 : ExecCommand google-chrome or F2 : ExecCommand rxvt

also look for Desktop folder where you can add some shortcuts with linux symlink on your desktop.

alsactl init                           sets up sound
alsamixer                              adjust levels

 

OpenVZ installation

wget -P /etc/yum.repos.d/ http://ftp.openvz.org/openvz.repo

rpm --import http://ftp.openvz.org/RPM-GPG-Key-OpenVZ

OpenVZ kernel:
yum install vzkernel

sysctl options:
net.ipv4.ip_forward = 1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0

Disable selinux:

echo "SELINUX=disabled" > /etc/sysconfig/selinux

OpenVZ user level tools: yum install vzctl vzquota ploop

And reboot.

Squid Proxy CentOS

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools.

yum install squid

vi /etc/squid/squid.conf

You should add your IP to ACL.

ECC or nonECC memory on your server

Non ECC or nonParity memory with have either 2, 4, 8, 16, or 32 chips on the memory module.

ECC or Parity memory will have either 3, 6, 9, 12, 18, or 36 chips on the memory module.

you can check if your ram support ECC with dmidecode:

dmidecode -t memory | grep -i ecc
Error Correction Type: Single-bit ECC

ECC memory maintains a memory system immune to single-bit errors: the data that is read from each word is always the same as the data that had been written to it, even if a single bit actually stored, or more in some cases, has been flipped to the wrong state. Some non-ECC memory with parity support allows errors to be detected, but not corrected; otherwise errors are not detected.

OMG: Call Trace

Oops your kernel is panic everyday and your RAM don’t support ECC? So its time to change your server RAM and check for errors.

Aug 13 15:51:29 hst-169-212 kernel: swap_free: Bad swap offset entry 80000000
Aug 13 15:51:29 hst-169-212 kernel: BUG: Bad page map in process httpd pte:10000000000 pmd:2df7a1067
Aug 13 15:51:29 hst-169-212 kernel: addr:00007f549842f000 vm_flags:08000070 anon_vma:(null) mapping:ffff8804162fcde0 index:89
Aug 13 15:51:29 hst-169-212 kernel: vma->vm_ops->fault: filemap_fault+0x0/0x500
Aug 13 15:51:29 hst-169-212 kernel: vma->vm_file->f_op->mmap: ext4_file_mmap+0x0/0x60 [ext4]
Aug 13 15:51:29 hst-169-212 kernel: Pid: 22657, comm: httpd Tainted: G B ————— 2.6.32-358.14.1.el6.x86_64 #1
Aug 13 15:51:29 hst-169-212 kernel: Call Trace:
Aug 13 15:51:29 hst-169-212 kernel: [<ffffffff8113eda8>] ? print_bad_pte+0x1d8/0x290
Aug 13 15:51:29 hst-169-212 kernel: [<ffffffff811555ef>] ? swap_info_get+0xbf/0xe0
Aug 13 15:51:29 hst-169-212 kernel: [<ffffffff81141614>] ? unmap_vmas+0x604/0xc30
Aug 13 15:51:29 hst-169-212 kernel: [<ffffffff81147567>] ? exit_mmap+0x87/0x170
Aug 13 15:51:29 hst-169-212 kernel: [<ffffffff8106b42c>] ? mmput+0x6c/0x120
Aug 13 15:51:29 hst-169-212 kernel: [<ffffffff8107304b>] ? exit_mm+0x12b/0x180
Aug 13 15:51:29 hst-169-212 kernel: [<ffffffff810733ff>] ? do_exit+0x15f/0x870
Aug 13 15:51:29 hst-169-212 kernel: [<ffffffff811474be>] ? remove_vma+0x6e/0x90
Aug 13 15:51:29 hst-169-212 kernel: [<ffffffff81073b68>] ? do_group_exit+0x58/0xd0
Aug 13 15:51:29 hst-169-212 kernel: [<ffffffff81073bf7>] ? sys_exit_group+0x17/0x20
Aug 13 15:51:29 hst-169-212 kernel: [<ffffffff8100b072>] ? system_call_fastpath+0x16/0x1b