Usn's IT Blog

During the last days, I have had the opportunity to test and benchmark a data warehousing hardware, that’s really fast for its money. It’s not suitable for real/available production, since it depends on disk striping over a bunch of components, but I considered it as a good way to push the limits a bit.

Result: A throughput of about 1200MB/s and nearly 1200 iops. Period. You may quickly want to see detailed results on the bottom of the page, but for fully understanding of the results look up the setup as well.
Read more…

Hi,

today I tried to start Oracle XE with parameters “pre_paged_sga=true” and “lock_sga=true” on my Debian Lenny toybox. But Lenny has had a rather strict and really sticky value for the user’s maximum amount of pinned memory (ulimit -l) value: 32 (kb).

First attempt, change /etc/security/limits.conf:

oracle                  -       memlock         1073741824

Result: Nothing, “ulimit -l” as user newly logged-in user oracle still shows “32″.

After researching for a while, it became clear that there has to be something fishy with using the “su” command, the “ulimit -a” output has been different in several points, compared with a native console login. Debian project philosophy “make it hard” struck again: Look up /etc/pam.d/su, and find, that there is a block:

# Sets up user limits, please uncomment and read /etc/security/limits.conf
# to enable this functionality.
# (Replaces the use of /etc/limits in old login)
# session    required   pam_limits.so

Needless to say, it worked after uncommenting the last line. And, keep in mind, it depends on a well configured limits.conf. But why, for sake, do I have to change that for my hobby distribution?

With pain in the backside and a bit frustration,
Usn

A nice view:

What’s the story behind?
Read more…

My newly installed Firefox web browser (versions 2 and 3, does not matter) was deadly slow. I don’t mean the display of web sites, no, I am talking about pulldown-menus or opening tabs. (For example, bookmarks folder opens within 6 long seconds.) Several hours I was not able to tell why it acts that way. But now, I found out:

The system is protected with a host firewall. Ruleset:

iptables -t filter -F
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
#mark
iptables -t filter -A INPUT -m state \
   --state ESTABLISHED,RELATED -j ACCEPT
iptables -t filter -A INPUT -j REJECT \
   --reject-with icmp-port-unreachable

But inserting this:

# Firefox seems to do stuff over loopback,
# it's deadly slow without that setting
iptables -t filter -A INPUT -i lo -j ACCEPT

at “#mark” makes it work fast as usual.

Tell me, why are they doing ther menu communication via loopback network socket?

Just in case you might wonder, too.
Usn

Hi,

there will be a talk about IT High Availability for rising IT professionals at Vocational IT School Wiesau on Monday, 10th of March 2008.

The topic:
“Hope is not a startegy” – IT high availability in theory and practical experience

See paper and slides here.

Regards
Martin

EDIT: There has been a nice press publication about this lecture.

Hi friends,

the Linux User Group Mitterteich has a new webpage and a new URI (http://www.linux-mitterteich.de). The old URI (http://www.lug-mitterteich.de.vu) will be redirected from today on.

Well, the page isn’t perfect at the moment – but finally we started working on it:

• The free template (made by Ramin Hossaini) used at the moment will be replaced: Maxi works on a new, customized one.
• I developed the page structure and filled it with first, generic and historical content, most items simply have been migrated it from the old page.
• By and by, the content will come.

Please review the new page, and tell me you opinion. I’d be glad.

Thanks
Usn

Hi,

saw some friends of mine using Gentoo for useful purposes (only had experience with Gentoo users asking useless questions and/or causing deeply clueless arguments about the use of a portage based OS so far), I needed to check it myself.

First thing, loaded a minimalistic Gentoo 2007.0 .iso file onto my VMware server, and created a VM with 512MB of RAM and 8GB of harddisk. Booted the image, had to choose a keyboard language (German = 10, but if you type “1″ you cannot get back to change it, since Backspace is ignored) and saw a beautiful root-prompt. But the NIC has no IP address, but the resolv.conf had the fottprint of my DHCP system. Big questionmark. Shutting and starting the interface solved that. Strange.

Read more…

Hi,

just got a brand-new LG L226 WTQ and it refused to align the picture properly, the auto set feature left a full of 15cm on the left unused and black, and same 15cm on the right hidden. Changing position of the picture manually (by drive down the “HORIZONTAL” value to zero) reduced the black/hidden space to about 15mm, but did not close the gap.
So, some modeline writing is necessary – but since I am no masochist, I preferred the use of “xvidtune” – it’s a nice tool that I did not know so far. If a DISPLAY variable is set, you are able to adjust your xorg modeline values verbosely and well-explained. Quick-check with “apply”, quit the tool and re-run it as “xvidtune -show” to get the new and fitting ModeLine. Become root, edit your “Monitor” and “Modes” section in xorg.conf – make it look like that:
Read more…

Hi,

just a note: Have a look at http://www.grolmsnet.de/kerbtut/

It’s not perfect, but my additions will follow as soon as my prototype here is running well. At the moment it does, but I do not fully understand why :)

Regards
Usn

Hello,

if you want to run the vpnclient as non-root-user (very desirable), you probably will get

privsep: unable to drop privileges: group set failed.

since the cvpnd needs to be run with root privileges.

Just give it the setuid root-Flag:

chmod 4111 /opt/cisco-vpnclient/bin/cvpnd

and have fun with yout user-built VPN tunnel.

Regards,
Usn