Archive for the ‘linux’ Category
Today I spend my day at the Red Hat Open Cloud Tour, this is what happened today:
Just heard the opening by Rajiv Sodhi, who is here despite having a baby due any moment.
Margaret J. Rimmler’s keynote was interesting. One of the key takeaways being openness RedHat customers should have the choice to remain portable and replace RedHat, if that is what they want. Read the rest of this entry »
I prefer Linux-VServer, and consider that I have a reasonable amount of knowledge of the codebase. Enough at least that I’ve written a few patches for a VServer-openMosix kernel.1 There’s just one thing that I haven’t been able to do yet, set up a VServer on a remote host. So how can I do that?
Firstly I had to have a remote machine, so I couldn’t cheat. It’s easier to cheat if you have physical access to the machine. So I borrowed a virtual machine (VMware ) running on the server of a friend, he started up a vanilla Ubuntu Edgy 6.10, which is based on debian. Which is where I would be faced with my first problem, Linux Logical Volume Manager (LVM). It’s not that something like that would be such a problem – usually – I just hadn’t build one before, so I was unsure how to configure and use it. Luckily I found an article on O’Reilly‘s LinuxDevCenter called “Managing Disk Space with LVM.“
I must say LVM was slightly difficult to get setup, just recompiling a vanilla ubuntu kernel with “Multiple devices driver support (RAID and LVM)” and “Device mapper support” in addition to the VServer patches wasn’t possible. I soon found out that couldn’t patch the debian kernel as it produced too many errors. And the vanilla kernel was giving me problems as I just wasn’t able to mount the “[…] several nicely named logical volumes […]” Even the article “Linux-Vserver With LVM And Quotas” wasn’t helping me.
My main problem was that it didn’t boot from the LVM partition. I’ll have to explain, debian seems to boot from the LVM partition by default and uses an initrd to boot from, it means that you have to create an image which is loaded during boot. This image contains a root partition with lvm tools and busybox to supply the mount and boot programs. The initrd was the actual problem, I was just getting the following message:
unpacking initramfs...... <0> Kernel panic - not syncing : no cpio magic
I asked my friend to reinstall without lvm. And obviously the vanilla kernel worked fine when compiled, although I got some errors with my vserver partition:
Checking file systems.......
Fsck 1.39 ..........
Fsck.ing.ext3 Bad magic number in super-block while trying to open /dev/hda6
The super block could not be read or does not describe a correct ext2 file system.
If the device is valid and it really contains an ext2 filesystem (and not swap or ufs or some thing else ), then the superblock is corrupt, and you might try running e2fsck with an alternate superblock:
E2fsck ..b 8193 <device>
Fsck died with exit status 8
.. File system check failed.
A log is being saved in /var/log/fsck/checkfs if that location is writable.
Please repair the file system manually.
.. A maintainance shell will now be started.
.. CONTROL-D will terminate this shell and resume system boot.
That was just a spelling mistake in
As I look back – this was in December – I should have spend more time on the initrd. I would have loved to get it working, but under the pressure of time it wasn’t possibe. I wanted to use a second machine to create a serial connection to the first. (Remote Serial Console HOWTO)
Originally posted here.
On Dark Reading site editor Tim Wilson attacks Linus Torvalds for making the comment “To me, security is important. But it’s no less important than everything else that is also important!” He is correct in his arguments against Linus’ point of view with the exception of his statement:
If I build a house that is unsafe, it threatens the inhabitants. If I build a bank that is insecure, it threatens not only the welfare of the business, but the lives of thousands of customers.
This is really a fallacious statement, an insecure bank is far less of a problem than he thinks.
Consider the current banking crisis and the number of times security problems have dumped large quantities of credit card numbers on the street, most reasonable banks have a number of backups. And when they didn’t national banks have bailed them out. Much of the risk a bank’s customers face are mitigated, transferred, and even budgeted. How can you transfer the risk of shoddy construction once the building has collapsed on top of you? An unsafe house is almost always more of a hazard than bank insecurity, just ask the Chinese earthquake victims.
Tim, if you are going to use a metaphor try to use one that isn’t so obviously flawed.
I was reading my backlog from LinuxDevices and came across a Windows firewall squeezed into USB key. It works by placing a driver between the Windows TCP/IP stack and the device driver; wifi, ethernet, tokenring, etc. The data is routed through the USB key as is goes to and from the internet to the pc.
- Parent control system
- Transparent email proxies (POP3; SMTP)
- Transparent web proxies (HTTP; FTP)
- Intrusion detection system
- Intrusion prevention system
- Adaptive security policy
- Multi-layer security agent (Patent pending)
- “Layer-8” security engine (Patent pending)
I mentioned Gnip before, and this afternoon I was browsing the API definition and wanted to see if I could add my own publisher.
First I wanted to see how the messages are polled, so I crafted a
wget command to retrieve some example data:
wget -nv --http-user="*username*" --http-passwd="*password*"
Read the rest of this entry »