Prefetch Technologies // Keeping your cache lines cozy

Archive

Posts from 2006

Using ZFS clones to simplify upgrades

storageDec 29, 2006 3 min read

One cool ZFS feature that was introduced in Solaris 10 11/06 is the ability to clone a file system. This is a truly powerful tool, since it allows admins to create copies of file systems prior to performing upgrades, and a way to roll a file system back to a previous state (this provides a simple lightweight method to back out changes if upgrades go awry). To illustrated just how useful this is, let's create a clone of the file system oradata. To clone oradata, we first need to take a sapshot of the oradata file system: Once a snapshot is created, the zfs utilities' "clone" option can be used to create a clone of the file system from the snaphost we just created: After the clone is created, it can be "promoted" to a file system with the zfs utilities' "promote" option: If everything works correctly (which it should), the clone and the file system the clone was created from will appear in the df output: Now let's pretend that a DBA accidentally deletes the Oracle datafiles in /striped/oradata: Oops…

$ read more →
earlier

Disabling old wordpress comments

webDec 29, 2006 1 min

As with most individuals that manage a blog, I get inundated with comment spam. Based on some research I did, it looks like almost all of the blog spam occurs for older posts, especially those over 30 days old. Based on this information, I decided to disable comments for all old posts older than 30 days. It turns out that you can't do this directly from wordpress without a plugin, so I decided to adjust the "comment_status" column in the wp_posts table directly…

$ read more →

Configuring crontab mail destinations with MAILTO

linuxDec 29, 2006 1 min

When scripts executing from cron write to stdout or stderr, the results are emailed to the user the job is running in the context of. One way to control where the mail is sent is by adding a "MAILTO" line to the top of the crontab entry for the user that is running the cron job. Here is an example: Each time this job runs, the user matty will get emailed with the results of the script. You can also use /etc/aliases to assist with this on a global scale, but sometimes that isn't an option.

$ read more →

Verifying GPG signatures

securityDec 27, 2006 1 min

One of my friends recently asked me how to verify a signature that is distributed with an opensource application. Since I didn't have a machine handy to show him, I thought I would jot this down for him in my blog. The first step in verifying a signature requires locating the public key of the individual who signed the binary. Once you locate the key and validate it's authenticity, you can use the gpg "--import" option to import the key…

$ read more →

Securing CentOS Linux installations by disabling unneeded services

securityDec 27, 2006 3 min

To ensure that my CentOS machines run as efficiently and securely as possible, I disable a number of services after each installation. The end result is a system that accepts ssh connections on TCP port 22, and on one or more service ports that are in use by the applications hosted on the platform. To get to this state, I go through and disable numerous services that come enabled by default. Here is the default list of services that are enabled after a CentOS 4.4 installation: Several of these services are required, but several others serve no purpose in my environment, and use CPU and memory resources that would be better allocated to my applications…

$ read more →