I came across a couple of super useful DTrace links, and thought I would pass them on:
Brendan Gregg’s DTrace presentation in London:
http://www.context-switch.com/performance/dtrace_workshop01_slides.pdf
Opensolaris student guide (the chapter on using DTrace to debug device drivers is awesome):
http://opensolaris.org/os/community/documentation/files/studentguide.pdf
This week I needed to install a few Perl modules on a Solaris 10 host. I didn’t want to download and install a fourth perl interpreter (Solaris 10 comes with 5.6.1, 5.8.3 and 5.8.4 for some reason), since Solaris 10 comes with a relatively recent version of Perl (5.8.4). To build the module in question (DBD::mysql), I downloaded the module from CPAN, verified that the MD5 checksum was correct, and used the following steps to compile the module:
$ perl Makefile.PL
$ make
$ make install
The ‘make Makefile.PL’ completed succesfully, but the make failed with the following errors:
$ make
cp lib/DBD/mysql.pm blib/lib/DBD/mysql.pm
cp lib/DBD/mysql/GetInfo.pm blib/lib/DBD/mysql/GetInfo.pm
cp lib/Mysql.pm blib/lib/Mysql.pm
cp lib/DBD/mysql/INSTALL.pod blib/lib/DBD/mysql/INSTALL.pod
cp lib/Mysql/Statement.pm blib/lib/Mysql/Statement.pm
cp lib/Bundle/DBD/mysql.pm blib/lib/Bundle/DBD/mysql.pm
cc -c -I/usr/perl5/site_perl/5.8.4/i86pc-solaris-64int/auto/DBI -I/home/apps/mysql/mysql/include/mysql -DDBD_MYSQL_INSERT_ID_I
S_GOOD -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -D_TS_ERRNO -xO3 -xspace -xildoff -DVERSION="3.0006" -DXS_VERSION=
"3.0006" -KPIC "-I/usr/perl5/5.8.4/lib/i86pc-solaris-64int/CORE" dbdimp.c
cc: unrecognized option `-KPIC'
cc: language ildoff not recognized
cc: dbdimp.c: linker input file unused because linking not done
/usr/bin/perl -p -e "s/~DRIVER~/mysql/g" /usr/perl5/site_perl/5.8.4/i86pc-solaris-64int/auto/DBI/Driver.xst > mysql.xsi
/usr/bin/perl /usr/perl5/5.8.4/lib/ExtUtils/xsubpp -typemap /usr/perl5/5.8.4/lib/ExtUtils/typemap mysql.xs > mysql.xsc && mv
mysql.xsc mysql.c
Warning: duplicate function definition 'do' detected in mysql.xs, line 224
Warning: duplicate function definition 'rows' detected in mysql.xs, line 567
cc -c -I/usr/perl5/site_perl/5.8.4/i86pc-solaris-64int/auto/DBI -I/home/apps/mysql/mysql/include/mysql -DDBD_MYSQL_INSERT_ID_I
S_GOOD -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -D_TS_ERRNO -xO3 -xspace -xildoff -DVERSION="3.0006" -DXS_VERSION=
"3.0006" -KPIC "-I/usr/perl5/5.8.4/lib/i86pc-solaris-64int/CORE" mysql.c
cc: unrecognized option `-KPIC'
cc: language ildoff not recognized
cc: mysql.c: linker input file unused because linking not done
Running Mkbootstrap for DBD::mysql ()
chmod 644 mysql.bs
rm -f blib/arch/auto/DBD/mysql/mysql.so
LD_RUN_PATH="/home/apps/mysql/mysql/lib/mysql:/lib:/usr/lib" /usr/bin/perl myld cc -G dbdimp.o mysql.o -o blib/arch/auto/DBD
/mysql/mysql.so -L/home/apps/mysql/mysql/lib/mysql -lmysqlclient -lz -lposix4 -lcrypt -lgen -lsocket -lnsl -lm
cc: dbdimp.o: No such file or directory
cc: mysql.o: No such file or directory
Error code 1
make: Fatal error: Command failed for target `blib/arch/auto/DBD/mysql/mysql.so'
Since I was building the module with gcc, the compiler and linker got a bit confused when they were passed Sun studio compiler flags (i.e., -KPIC in this example). There are two fixes for this problem. If you want to build a single module with gcc, you can edit the Makefile that was produced by ‘perl Makefile.PL’, and remove the “-KPIC” and “-xO3 -xspace -xildoff” values from the following variables:
$ egrep '(KPIC|O3)' Makefile
CCCDLFLAGS = -KPIC
OPTIMIZE = -xO3 -xspace -xildoff
If you want to use gcc to build all Perl modules on a system, you can permanently* remove the Sun Studio compiler references by adjusting the “cccdlflags” and “optimize” variables in /usr/perl5/5.8.4/lib/sun4-solaris-64int/Config.pm:
$ egrep '(KPIC|O3)' Config.pm
cccdlflags='-KPIC'
optimize='-xO3 -xspace -xildoff'
Since I don’t want to support two compiler packages, I decided to use option #2 since gcc comes on the Solaris installation CDs.
If you edit Config.pm, you should be aware that Solaris Perl patches will overwrite this file.
It looks like a nasty security bug was discovered in the Apache mod_rewrite module, and new versions of Apache were released to address the problem. For those folks using mod_rewrite, it’s time to patch.
I recently came across Colm MacCarthaigh’s Apache tuning presentation and technical white paper:
Tuning Apache and Linux for performance presentation:
http://www.stdlib.net/~colmmacc/Apachecon-EU2005/scaling-apache-presentation.pdf
Tuning Apache and Linux for performance paper:
http://www.stdlib.net/~colmmacc/Apachecon-EU2005/scaling-apache-handout.pdf
Colm is an admin at heanet, which runs some of the busiest web servers in the world. The presentation and white paper cover the entire software stack, which includes kernel, file system and of course Apache web server tuning. These are must reads for website administrators.
There are several solutions available to securely erase a hard disk drive, but I haven’t found all that many tools to securely erase individual files. While reading through the coreutils documentation, I came across a reference to the shred utility. Shred allows you to securely erase files, and has several options to control the secure erase process:
$ shred --help
Usage: shred [OPTIONS] FILE [...]
Overwrite the specified FILE(s) repeatedly, in order to make it harder
for even very expensive hardware probing to recover the data.
Mandatory arguments to long options are mandatory for short options too.
-f, --force change permissions to allow writing if necessary
-n, --iterations=N Overwrite N times instead of the default (25)
-s, --size=N shred this many bytes (suffixes like K, M, G accepted)
-u, --remove truncate and remove file after overwriting
-v, --verbose show progress
-x, --exact do not round file sizes up to the next full block;
this is the default for non-regular files
-z, --zero add a final overwrite with zeros to hide shredding
- shred standard output
--help display this help and exit
--version output version information and exit
To securely erase the file named foo by writing garbage to the file 10 times, we can run shred with the “-n” (number of interations) option and the file to erase:
$ shred -v -n 10 foo
shred: foo: pass 1/10 (random)...
shred: foo: pass 2/10 (000000)...
shred: foo: pass 3/10 (ffffff)...
shred: foo: pass 4/10 (b6db6d)...
shred: foo: pass 5/10 (555555)...
shred: foo: pass 6/10 (random)...
shred: foo: pass 7/10 (aaaaaa)...
shred: foo: pass 8/10 (492492)...
shred: foo: pass 9/10 (924924)...
shred: foo: pass 10/10 (random)...
The shred utility doesn’t work reliably on log structured and journaled file systems, as noted in the help screen:
CAUTION: Note that shred relies on a very important assumption: that the filesystem overwrites data in place. This is the traditional way to do things, but many modern filesystem designs do not satisfy this assumption. The following are examples of filesystems on which shred is not effective:
In addition, file system backups and remote mirrors may contain copies of the file that cannot be removed, and that will allow a shredded file to be recovered later.
That said, this is still a nifty utility, and can be useful in some situations.