|
I have a volume group that's holding data that doesn't seem to be activating after a reboot. Every time I reboot I have to "vgchange -a y volgroup00" and then mount -a to get the disk back and mounted. Am I missing something stunningly obvious?
|
#
¿
Mar 29, 2007 14:31
|
|
|
|
| # ¿ Apr 27, 2024 18:16 |
|
|
bigperm posted:I get 500 pages of info... and then what do I do? Is there a way to go back to the terminal after using the man command? Iv'e just been closing it and opening a new terminal. Pressing "q" will exit the man pages and dump you back to your prompt. You can also use "/" to search the document (down) for terms, which is incredibly useful. "?" will search the document in reverse.
|
|
#
¿
Mar 29, 2007 22:39
|
|
|
I've recently been tasked with setting up a Linux firewall that will use two providers for load balancing and failover. I did some research and this guide seems to explain it quite well, so I was planning on go ahead and doing such. However, I wasn't sure how dated this was and if there was some newer tool or package that would be better to use than just using ip route. Any suggestions? Its a custom Linux box running Etch, by the way, not a m0n0wall or anything.
|
|
#
¿
Jan 4, 2008 20:40
|
|
|
Catch 22 posted:I blew away the configuration for eth0 and re-added it. This time DHCP. Everything is back to the way it was. Going back to static and trying again. I'm not sure if it matters, but try putting your search statement before the nameservers. Also, again not sure if it matters but in my hosts file all I have is: code:
|
|
#
¿
Dec 5, 2008 17:43
|
|
|
Superdawg posted:Anyone have any good processes they've followed to upgrade a system from debian 32-bit to 64-bit? I've got a server that is hitting out-of-memory issues with the nfs service, which I suspect is because of the 3GB/process limitation of the bigmem kernel. I've (attempted) to do this once, and it's really not worth the hassle. Just do a clean installation of x64 from scratch. It'll save you a lot more time in the long run.
|
|
#
¿
Aug 20, 2013 16:01
|
|
|
My team is mulling over setting up its own internal open-source Certificate Authority instead of getting ours sourced from the corporate mothership all the time. The only requirement is that it's open source since this isn't a funded project, but it'd be nice to have something simple and easy to use, preferably with some manner of web GUI so that our NOC can renew/sign/revoke certificates during off-hours. Anyone have any recommendations? I've looked at Dogtag and TinyCA but I'm sure there's way more out there than I'm aware of.
|
|
#
¿
Sep 17, 2013 22:08
|
|
|
I feel like I just read a usenet post from 1997
|
|
#
¿
Oct 25, 2013 16:57
|
|
|
Baron Bifford posted:It's a Creative Labs Fatal1ty, and the official website lists drivers only for Windows. I've read rumors about beta drivers floating around but I couldn't find them. Oh well, I think I shall ditch CL cards for my next PC. Most audio devices will still have a chipset that somebody has made a generic driver for, even if the vendor doesn't explicitly support it in Linux (which is what Suspicious Dish is trying to help you figure out). But echoing what Misogynist said above - discrete audio is, by and large, a thing of the past. It's typically reserved for audiophiles and people who do audio production for a living.
|
|
#
¿
Oct 25, 2013 17:08
|
|
|
Misogynist posted:People who do audio production for a living typically have something much more advanced than a discrete add-in sound card, though. It would normally be something with at least four XLR inputs, phantom power, and hardware gain controls. Well, sure, if you go that far on the spectrum of professional audio production. I would also include "power users" in my list who do simpler stuff, like people who do podcasts for a living, or someone who reviews mid-tier headphones and have to benchmark frequency ranges and the like. Cidrick fucked around with this message at 19:41 on Oct 25, 2013 |
|
#
¿
Oct 25, 2013 19:38
|
|
|
My Rhythmic Crotch posted:I'm probably preaching to the choir here, but iPXE is awesome. It's much more capable and customizable than normal PXE. We have it fetching customized boot menus which are generated by a bit of python. If you have lots (or even just several) machines network booting, check it out. This is good news, as when I get some breathing room at work I was planning on moving all of our net installs to iPXE (which means I can finally get off this ancient version of pxelinux so I can pxe boot ESXi installs). Any recommendations on documentation aside from the ones on ipxe's site?
|
|
#
¿
Nov 16, 2013 05:06
|
|
|
pliantkitchen posted:I've attached a work in progress python script that I use daily to do this, seems to do the trick for most things. Paramiko can be wily and it hangs or kills the child thread on extremely long-running remote commands - I'm still debugging that issue. I'll put it up on github or sourcefourge... eventually. Comments welcome. I use pliant's script daily as well (we work together - sup bro) for all manner of tasks that are too ad-hoc for Puppet and for things I'd prefer to run via sudo rather than root. Here's an example of me bouncing all five of my Splunk indexers at once code:
|
|
#
¿
Dec 3, 2013 20:39
|
|
|
evol262 posted:I take keybased auth as a given Maybe I'm being naïve, but - is this the case everywhere? I've never been in a shop that has encouraged blasting SSH keys to thousands of boxes just for convenience's sake.
|
|
#
¿
Dec 3, 2013 22:49
|
|
|
SELinux only needs to save your rear end one time for it to be worth the minor hassle of knowing how to run "restorecon" or "setsebool"
|
|
#
¿
Feb 25, 2014 16:30
|
|
|
Bhodi posted:Stop stop stop. For 99% of servers selinux is not only not helpful, but is disadvantageous because of the additional work to administrate. Given a limited amount of hours in a day to work on your enterprise, wanting to implement selinux is a terrible waste of time and resources that could be MUCH better spent doing almost anything else security related. While this was certainly the case in the EL4 days, SELinux has made a lot of progress with various tools and logs and booleans that make typical scenarios a snap. I think the only time in recent memory I've had to get my hands dirty with custom contexts was for veritas volume manager, among other veritas stuff. Everything else is a simple selinux boolean. Like I said, SELinux only has to save your rear end once for it to be worth it. The administrative overhead is minimal nowadays, so it seems like a no brainer to take an hour to figure out the basics instead of just rolling your eyes and turning it off because you don't understand it.
|
|
#
¿
Feb 25, 2014 23:02
|
|
|
Bhodi posted:Well, I got the RHCE, so technically, I learned it, THEN rolled my eyes and turned it off Well, sure, SELinux is just one in a long list of good practices to follow in your environment. I suppose I'm just perplexed that you're running into as many issues as you have. Our environment is a mix of EL5 and EL6 but we have over three thousand nodes, and the only place we have SELinux set to permissive is a couple of legacy MySQL DB hosts. Everything else has, for the most part, Just Worked by keeping selinux-policy updated regularly. I very rarely have to do anything other than slap people's hands when they do something silly like moving files where they shouldn't live instead of copying them to keep context inheritance in place. I also do not remember the vmware-tools RPM issues you're talking about, but it's been a couple of years since we set all of those up, and I wasn't actually the one to put the package into our internal repos so I can't say for sure. Edit: as an aside, when you said Tripwire I reflexively shuddered. We replaced that with ossec three years ago and never looked back. I hated tripwire with a flaming passion.
|
|
#
¿
Feb 25, 2014 23:16
|
|
|
Dish/evol, are either of you going to the Summit this year? I would love to buy you both a beer since I've learned a whole lot from you guys in this thread. My company is paying for me to go this year so I'm pretty excited.
|
|
#
¿
Mar 28, 2014 15:07
|
|
|
Weltmacht posted:Are there any must attend events or sessions? Attending solo, so no guide, and just looking for some advice. Oh hey, me too. If you (or any lurking summit attendees) want a general session buddy, drop me a line via PM or email matt@cidrick.org and we can stare at each other from across the room like Real Internet Nerds.
|
|
#
¿
Apr 14, 2014 23:04
|
|
|
That's showing that nginx was stuck waiting for i/o for at least 120 seconds. My guess is that one of your hard drives is probably going south.
|
|
#
¿
Apr 16, 2014 14:55
|
|
|
Ashex posted:That doesn't make sense though as I just got this SSD. The OS/nginx are running on there. I did a lot more digging and using the sysstat tools I figured out that I was swapping pretty badly, ended up having to reboot. I need to get a PAE kernel built as I've got 8GB of memory on i686. Is the SSD the only hard drive in that machine? Is nginx serving up any content that isn't on that hard drive? What does sar -d show for that time period as far as await and svctime?
|
|
#
¿
Apr 16, 2014 15:18
|
|
|
fatherdog posted:You allowed udp; telnet uses tcp, regardless of the port you're pointing it at, so naturally it's going to be blocked. This. Plus these days everyone should be using netcat anyway $ nc -vuz host 161 Would accomplish what you're looking for.
|
|
#
¿
Apr 16, 2014 20:50
|
|
|
Not that I'm any help whatsever when it comes to snmpd, but if your default iptables policy on input/output/forward are already ACCEPT, then there's no need to set up a special rule to allow it.
|
|
#
¿
Apr 18, 2014 05:56
|
|
|
Is anyone aware of a way to set up some logic in pxelinux (or ipxe, I have that working in our lab) to examine a host's local disks for an MBR, and then handle actions accordingly? I'd like to be able to have a freshly built VM automatically get a lease, boot from pxe, and then start anaconda and pull down a kickstart image if there's an unconfigured, unformatted disk present. If there's already a configured disk (and thus an MBR and partition table) present, then prompt for action, or boot from local disk. Or am I tackling this at the wrong angle and this is logic that should be handled elsewhere?
|
|
#
¿
Jun 6, 2014 20:07
|
|
|
Is anyone aware of a way to view the utilization of a remote NFS mount without actually mounting it? showmount only appears to show you what exported volumes are available to be mounted, and things like nfsstat and nfsiostat give all sorts of interesting metrics that don't really help me. A good old "df" will show it, but it requires mounting, which requires root. Context: I'm trying to find a way for our monitoring environment to query a big NFS appliance that Doesn't Play Nicely With Others so we don't have the normal way of monitoring this stuff (SNMP, ssh, etc) that I would typically use.
|
|
#
¿
Jun 26, 2014 22:28
|
|
|
jaegerx posted:Can you install anything on the NFS box at all? The NFS server? Not unless we pay Hitachi a lot of money, I'm told.
|
|
#
¿
Jun 27, 2014 03:00
|
|
|
Misogynist posted:Can you screen-scrape the GUI? It's ghetto as hell, but probably your best bet if you don't have access to run things on the box. Yeah, I haven't actually looked at it, but maybe it's possible to set up a service account and use curl to POST a login and then scrape screen output or something. I was hoping there was a way via an RPC command or something to remotely query info about an NFS export that I just didn't know about :|
|
|
#
¿
Jun 27, 2014 04:17
|
|
|
jaegerx posted:Ugh maybe windows NFS tools via powershell might be able to but I can't think of anything from the Linux side that's available. Why is there no snmp on this thing? Because apparently HDS wants you to pay for that luxury? Although in some limited research it looks like this guy did some acrobatics to get catci working. I'll pass this onto our monitoring guys.
|
|
#
¿
Jun 27, 2014 04:55
|
|
|
the posted:Edit: Actually, how would I schedule this for every week instead of just tomorrow? Throw your clamscan command into your crontab. Something like this would have it scan every day at 2AM code:
|
|
#
¿
Jul 11, 2014 16:33
|
|
|
evol262 posted:Anyway, Satellite works fine with CentOS and Fedora. Spacewalk won't violate your subscription agreement, either, but I'm not sure about the status of attaching it to RHN. I was told at the Summit when I was making inquiries into Satellite that, while CentOS works with Satellite, you basically are paying per-CentOS-node to attach it to satellite for the licensing, whereas with RHEL it's included in the price you pay Redhat. Our CentOS footprint is pretty big which is why I ended up scrapping that idea and started looking at Spacewalk. This is the first I've heard of Katello, though. I'll go play with that next.
|
|
#
¿
Jul 17, 2014 17:54
|
|
|
hazzlebarth posted:If you tried "sudo echo 3 > ..." then that doesn't work because the redirection is outside of the sudo scope. You can use "echo foo | sudo tee -a /path/to/file" as an alternative if you need elevated privileges to write to the destination. This is pedantic as gently caress but I've always liked "sudo sysctl -w vm.drop_caches=2" (or 3 in your case)
|
|
#
¿
Sep 3, 2014 23:40
|
|
|
evol262 posted:Use AD/IPA. Do this. Agreeing with this. FreeIPA is supposed to be excellent, but I haven't had a chance to implement it myself.
|
|
#
¿
Oct 22, 2014 00:21
|
|
|
Does anyone have any experience with Pulp? I'm going to try and redesign a terrible repo that has been around for 8+ years with awful folder structures and no rhyme or reason as to what goes where, and I'd like to do it over from scratch using something that can mirror upstream repos. I was originally planning to do that using mrepo, but then someone mentioned pulp so I decided to give it a gander, and it seems like it might do everything I need it to do.
|
|
#
¿
Oct 24, 2014 20:10
|
|
|
evol262 posted:Candlepin, Foreman, and Pulp are at the center of Katello. Pulp is a very capable choice which is likely to have a long future. Consider using Katello if you want systems management or easy Foreman integration. Foreman (and Katello) interest me, but I think I'd have a hard time selling it in this environment since we are very entrenched in Chef rather than Puppet - plus we're currently using Cloudstack rather than Openstack, and Chef is the glue that holds them all together. Perhaps we bet on the wrong horses, but I think I'd have an easier time simply selling Pulp instead of a complete package using Foreman/Katello.
|
|
#
¿
Oct 24, 2014 20:25
|
|
|
unruly posted:Yeah. You can do it, but it's a pain. It really depends on how much mail you're hosting for. If it's just for a handful of people it's really not bad - I've been running my own postfix+dovecot setup since 2006 or so, and the only time I ever touch it is to renew SSL certs. Of course, my volume of mail is so low that I've never had to worry about RBLs or anything. As long as you follow some basic best practices - PTR records for your public IP, SPF records, etc - it's really not that bad.
|
|
#
¿
Nov 2, 2014 20:05
|
|
|
evol262 posted:Great that you have backups. You wouldn't need them if you ran ext4+lvm (xfs is still a little picky). Can you elaborate on the xfs comment? I've begun using XFS on all of our EL7 builds and have even begun using it on some EL6 hosts, figuring that if RedHat fully supports it to the point that it's now the default filesystem then I should probably follow suit. So far I, like it's toolset over ext* and like its default mount options (relatime by default is nice), but I haven't played with it for long enough to see any real gotchas for any of my workloads yet. Before I start putting mission-critical stuff on it, I'm curious to hear if anyone has had any poor experiences in using it.
|
|
#
¿
Nov 25, 2014 15:27
|
|
|
Weird Uncle Dave posted:True, but mkfs.xfs isn't. Sure, I could mount it, but how would I have something to mount? Unless I'm missing something, xfsprogs is definitely in the official RH/CentOS EL6 repos.
|
|
#
¿
Nov 25, 2014 18:55
|
|
|
madpanda posted:Are there any decent linux news and discussion podcasts? Seconding this. I listened to This Week in Enterprise Tech a bit, but it's very... broad. I'm still looking for something good and a bit more technically-focused.
|
|
#
¿
Dec 30, 2014 18:14
|
|
|
Misogynist posted:Or finally learn that newfangled circa-1997 POSIX ACL thing I'm not trying to be a smartass - do real production environments ever use ACLs? I've never actually seen one in the wild before, only ever in lab environments. Most people are content with standard unix permissions coupled with audited sudo access. I'm curious what places decided to use ACLs and why they chose to go that route.
|
|
#
¿
Jan 25, 2015 23:28
|
|
|
Tab8715 posted:Why is AIX going away? Cost, mostly. I've seen at least two large companies begin dumping AIX in favor of Linux for enterprise applications, mostly because the pool of talent for developers is larger and Linux is much, much cheaper to support than AIX (especially on POWER hardware). Support contracts with IBM are stupidly expensive.
|
|
#
¿
Feb 10, 2015 15:53
|
|
|
annapacketstormaya posted:I guarantee you there will be at least a few accounts that cling onto their AIX installs until the end of time and continue paying out the rear end for extended life support contracts because they can never make changes to production ever. There are places that still have their IBM mainframes runnning, so why not AIX? Sure, I don't disagree. But my point is that the talent pool for AIX is shrinking. How many existing enterprises have you heard of moving *to* AIX, or new shops deciding "Let's run AIX instead of Linux"? Every instance of it I've seen in the wild has been running on AIX for a very long time, and they're comfortable with it and like the stability of it, and that's their call. For what it's worth, I think AIX is a very stable and reliable OS. I just don't think it's a platform worth learning unless you have a pretty good reason, like - oh poo poo, we merged with another company and firing all their AIX guys, and now I have to support it.
|
|
#
¿
Feb 11, 2015 01:05
|
|
|
|
| # ¿ Apr 27, 2024 18:16 |
|
|
captkirk posted:AIX is still pretty prevalent in healthcare IT, IIRC. I was in an AIX workshop once where the instructor bragged about how the FAA (or at least part of it) was still running AIX 3.1 because it was rock solid and never went down. At first I was baffled as to who at the FAA hadn't retired that could support a (then) 22-year-old operating system, but then I realized that IBM was supporting it all so they just brought in whomever they needed.
|
|
#
¿
Feb 11, 2015 01:12
|
|