Archive for May, 2007

Encrypting data with the FUSE encryption module

I use a laptop to conduct most of system administration duties, and periodically need to store sensitive information in my home directory on my laptop. To ensure that this information can’t be used for malicious purposes, I use the FUSE encryption module to encrypt anything I think is sensitive (I probably go overboard when it […]

Generating statistics from the Sun directory server access logs

I have been managing Sun’s directory server for close to four years, and it is one of the few products I use that has all the bells and whistles out of the box. One extremely useful feature is the ability to generate statistics from the server access logs. This capability is built into the logconv.pl […]

Debugging apache article

If you subscribe to SysAdmin magazine, you might be interested in my article Debugging Apache Web Server Problems, which is available in the July issue. Here is the list of topics I covered in the article: – Using single process mode to isolate problems. – Using httpd flags to debug configuration errors. – Debugging CGI […]

Catching SIGSEGVs as they happen

Periodically situations arise where applications will write to memory that isn’t mapped into their address space. On UNIX systems, this results in a SIGSEGV signal being sent to the offending process. If for some reason you can’t get a core file, you can run the application under the control of the catchsegv utility. The following […]

Implementing shared memory resource controls on Solaris hosts

With the availability of the Solaris 10 operating system, the way IPC facilities (e.g., shared memory, message queues, etc.) are managed changed. In previous releases of the Solaris operating system, editing /etc/system was the recommended way to increase the values of a given IPC tunable. With the release of Solaris 10, IPC tunables are now […]

LDAP client deficiencies

I have been spending a bit of time lately configuring Solaris and Linux hosts to authenticate against LDAP. Authentication works well on the surface, but the actual client implementations are somewhat lacking. Let’s take the Linux pam_ldap module for instance. To authenticate a single session, the pam_ldap module performs thirty-three operations, which includes 7 TCP […]

« Older Entries