Wednesday, November 13, 2013

NCQ in linux

***NCQ referes to native command queuing which vendors claim to enhance disk drive performance.***
To check if your linux system uses it you must first go to your BIOS and see if AHCI (Advance Host Controller Interface) is supported and enabled for your hard disks/ssds.
Besides NCQ enableling AHCI will also allow you hot-plugging on the desired disk drive.

So let's get back to linux and check if it's correctly recognized :

root@server:~# dmesg | grep -i NCQ

[ 0.929873] ahci 0000:00:1f.2: flags: 64bit ncq led clo pio slum part ems apst
[ 1.289978] ata5.00: 5860533168 sectors, multi 16: LBA48 NCQ (depth 31/32), AA
[ 1.290001] ata4.00: 5860533168 sectors, multi 16: LBA48 NCQ (depth 31/32), AA
[ 1.290504] ata3.00: 5860533168 sectors, multi 16: LBA48 NCQ (depth 31/32), AA
[ 1.308894] ata1.00: 117231408 sectors, multi 16: LBA48 NCQ (depth 31/32), AA

and

root@vader:~# cat /sys/block/sd{a,b,c,d}/device/queue_depth
31
31
31
31

The commands above are showing the default behavior of your linux kernel that automatically enables NCQ if your hardware supports it.

If for some reason you want to disable NCQ you may issue the command :

echo 1 > /sys/block/sd{a,b,c,d}/device/queue_depth

Sunday, January 20, 2013

Almost workable Fedora 18 desktop

After about two days of tinkering with the settings of Gnome 3.6 of Fedora 18 I found a set of compromises (fails and wins) that made my desktop experience workable and pleasant.  The result can be viewed in the screenshot below.


Since I'm running Nvidia Optimus I had to install the packages provided by the bumblebee project which surprisingly worked. 


One other thing that I've did was to install all of the Gnome's extension packages provided by Fedora and some from the Gnome website. One mention here is that some of them are not supported by the current version. 


Dash dock can be viewed in the screenshot which reminds of the Ubuntu setup, but the plug-in integrates and adds additional value with the very useful smart autohide option. 
Besides this I used gnome-tweak-tool and gconf-editor to bring back the three very important buttons (minimize,maximize,close), change the default fonts to Dejavu antialiasing and hinting, as well as changing the theme and icons to something more classic.


Tint2 was the second revelation of the setup this small utility provides a almost normal taskbar option to the desktop with small or very little configuration effort.


I also replaced the original alt+tab and alt+F2, for the first I've used the gnome shell extension Alternatab, as for the second I used the well known gnome-do utility.
My software stack used for my job productivity was installed without any issues and can be partly viewed in the Dash Dock .
One thing that I've found very annoying was the lack of nautilus menu bar as well as the nautilus option (as I like the size of all my icons to be at 66%)



As a small conclusion the overall ration between success and effort is acceptable, the stability of the gnome shell needs some more work but the final result is a workable, productive desktop part of good release of Fedora.

Thursday, November 1, 2012

Openvpn over socks5 proxy

This might come in handy to people that tunnel their outside connection with ssh. The settings that you need to add to your openvpn configuration are :
socks-proxy 127.0.0.1 1234

And then make profit.
Thu Nov  1 15:46:02 2012 TCP connection established with [AF_INET]127.0.0.1:1234


Monday, February 13, 2012

Remove http header data

Sometimes I found that it's useful to have set or unset some http headers. Thus in apache 2.x using mod_headers you can do the following magic (in my case inside of a vhost declaration):

1. check the module is loaded :
       httpd -M 
2. edit your config and add :
        Header always unset X-Generator
        Header always unset X-Powered-By

3. test using curl :
        curl -I example.com

 Documentation : http://httpd.apache.org/docs/2.0/mod/mod_headers.html

Sunday, December 18, 2011

I love my computer again - Linux Mint

The new Mate interface in Mint Lisa is really good - almost nice enough to stop you to hate your Linux computer.

Monday, October 10, 2011

Delete un-approved comments in Drupal7

The story is like this, while managing the drupal7 instance for fedoraproject.ro I kinda saw 900+ un-approved comments that where most likely spam. Not wanting to scroll thru all the pages and select/delete each comment I found the below very convenient solution :


1. Backup the drupal7 db table used for comments :
mysqldump -u -p drupal_database comment > comment_table1.sql
or the entire database

mysqldump -u -p drupal_database  > drupal_database.sql

2. Remove all of the un-approved ones :
- additional step here is to check the exact status of what you are deleting : 
select * from comment where status=0 limit =10;
delete from comment where status=0;

3. Check the website, and probably enable/install captcha, or have some notifications setup for each comment added.

Monday, October 3, 2011

Removing comments from configuration files with sed

Using the below one liner I do what the $subject of the post says:

 sed -e '/^;/d' -e '/^$/d' /etc/php.ini > /tmp/php.ini-stripped

-e '/^;/d'     -- deletes the lines starting with ; and this can be changed to # of course;
-e '/^$/d' /  -- deletes the white lines resulted after the above command;

Tuesday, July 19, 2011

Lsof to see who is using a filesystem

As the $subj says :

lsof /srv

Apache Chrootdir

This week I was thing to write about the Apache web server, and things you can do with the version supplied by the rpm package in Centos or Fedora latest.

The feature of the today is Chrootdir available from Apache version 2.2.10 and as the manual says you will need to do some work to get PHP and CGI functional. This directive helps along with mod_evasive, mod_security or mod_selinux (why is this not packaged in Centos ?) in boosting your web services directly exposed to the internet.

First thing check your apache version:
[root@node1 conf]# httpd -v
Server version: Apache/2.2.15 (Unix)
Server built:   Jul  7 2011 11:30:37


Second thing edit the apache configuration file and add the directive Chrootdir and pick a directory like so:
Chrootdir /srv

Now my  httpd.conf file is the basic one so DocumentRoot is /var/www/html thus I would need to create that inside of my /srv directory to get things serving. As root create it:
mkdir -p /srv/var/www/html

To see some php in action with this setup just do the classic index.php with the phpinfo(); inside and place that under /srv/var/www/htm. Ok this would be enough to run php, but after some googeling I found some advices about modifying php.ini moreover session.save_path. So it might worth looking into more php config customizations before going productive.

The last thing is the SELinux config, as just disabling  it would defeat my point, now what I recommend is either to run it in permissive mode or disable it temporarily do the config and enable it. To run SELinux in permissive mode just edit the /etc/selinux/config and reboot, or disable it TEMPORARILY for httpd by setsebool -P httpd_disable_trans 1, or disable it TEMPORARILY altogether with setenforce 0 (not f*** advisable). To get the current status of your SELinux settings just use one of the commands getenforce or sestatus, again I do not understand why we need more than one command to do our SELinux thingies ?

Now as the Fedora wiki page says the label we should apply  to our web content is httpd_sys_content_t, this is done by one or more commands:
chcon -v --type=httpd_sys_content_t /srv/ 
Is the one that makes more sense for me as is similar to the other chmod and chown commands.
The output will be something similar to the one below and sealert/audit log (/var/log/audit/audit.log) should not bitch anymore about any context errors.
changing security context of `/srv/var/www/html/index.php'
changing security context of `/srv/var/www/html'
changing security context of `/srv/var/www'
changing security context of `/srv/var'
changing security context of `/srv/'

Sunday, July 17, 2011

More then basic Centos 6 install

If anyone is still installing Centos 6 boxes in a manual fashion using the dvd or the netinstall isos this article will help with some of the menus of what to select.

1.While booting from your dvd/usb stick the first screen is the following. Just pick the "Install or upgrade an existing system". I do not know why they say upgrade as upgrades from 5 to 6 is not officially supported as far as I know.


Kernel loading screen:



2. Skip the media test dialog screen by choosing "Skip":



3. In my case the media is a dvd iso thus the following screen:


4. Initial menu after everything is loaded, just hit "Next" (doooh):


5. Select the language used for the install process, I normally pick the default here:


6. The keyboard layout, again the default for me:


7. I'm using an internal local disk so "Basic Storage Devices":


8. Confirm the hard drive initialization :


9. In the following screen two very important things can be setup the hostname of the server and the why the network will behave after install. I really hate it that eth0 is not used as default after install both for servers and desktops, the next following screens will detail how to fix that.


Here select "Connect automatically" and "Available to all users"


10. Select your time zone either by using the drop down list or using the map:


11. Type in your root passwords (make it as secure as possible or you will see an warning) :


12. Now the fun part about setting up the partitions:


13. From the full disk space first we will create a /boot partition as grub can only boot your os from standard partitions.



14. Let's make it primary (by default the first four are, but I like to tick that box anyway), ext4 for a filesystem and a fixed size of 250 MB, next two slides:



15. Now if this is going to be a server the real important data will reside on some data storage box (isci, nfs comes to mind here), or even on a spare disk/raid and will get attached later on. The next slide will partition the reaming of the internal OS disk using LVM.


16. Allocate the the maximum amount of availible space to the physical volume.


17. Now normally I create a volume group for the OS and a volume group for the data, this is the first one:


18. As a naming convention is use vg_os or something similar and for the partitions LogVolRoot/Tmp/Swap/Home/Var and so on:



19. The partition sizes here would reflect a normal medium size web server and are just representative and this depends so much on what the server will "serve".


20. This warning is because my disk was really blank:


21. If nothing else comes to mind you can commit the changes made:



22. One interesting setting in the menu below is the grub password you can setup:



 23. Here it comes, the packages that are going to be installed on your system determining your why of using the server:


24. You can customize the package selection:


25. In the "Web Services" group select "PHP Support" and "Web Server":



26. From the "Databases" group pick the mysql client and server:


27. Packages dependencies  are checked in the picture below:


28. The install process:




29. Reboot the server into your newly installed OS:



30. Choosing the "Minimal" installation will save us the first boot menu:


 31. Before doing anything else update your system:




This is the first draft of this article, I will update it with some more comments on the installation process.