Archive for the ‘Server’ Category

« Previous Entries
Next Entries »

Here is a plot showing the iperf results for some of our linux computers.

Iperf Results

Posted by maryh on January 16, 2008 at 3:05 pm under Clients, Server, Tuning.
Comments Off on Iperf Tests.

I decided to take all the old scsi disks that I have and attach them to an old pc and use the setup as a backup computer. I’ll put as many disks as I can into a software raid to use for backups and then put a dvd writer in the computer to use to write dvds.

Here is the scsi stuff attached:

Host: scsi0 Channel: 00 Id: 01 Lun: 00
  Vendor: SEAGATE  Model: ST3146807LW      Rev: 0007
  Type:   Direct-Access                    ANSI SCSI revision: 03
Host: scsi0 Channel: 00 Id: 02 Lun: 00
  Vendor: SEAGATE  Model: ST336607LW       Rev: 0006
  Type:   Direct-Access                    ANSI SCSI revision: 03
Host: scsi0 Channel: 00 Id: 03 Lun: 00
  Vendor: SEAGATE  Model: ST336607LW       Rev: 0006
  Type:   Direct-Access                    ANSI SCSI revision: 03
Host: scsi0 Channel: 00 Id: 04 Lun: 00
  Vendor: SEAGATE  Model: ST336607LW       Rev: 0006
  Type:   Direct-Access                    ANSI SCSI revision: 03
Host: scsi0 Channel: 00 Id: 08 Lun: 00
  Vendor: SONY     Model: SDT-11000        Rev: 0200
  Type:   Sequential-Access                ANSI SCSI revision: 02
Host: scsi0 Channel: 00 Id: 09 Lun: 00
  Vendor: SEAGATE  Model: ST336607LW       Rev: 0007
  Type:   Direct-Access                    ANSI SCSI revision: 03
Host: scsi0 Channel: 00 Id: 11 Lun: 00
  Vendor: SEAGATE  Model: ST373307LW       Rev: 0007
  Type:   Direct-Access                    ANSI SCSI revision: 03

I’m going to combine all the ST336607LW disks into a software raid. First, create a new partition on each of these disks. Then create the raid.

# mdadm --create --verbose /dev/md0 --level=5 --raid-devices=4 /dev/sdb1 /dev/sdc1 /dev/sdd1 /dev/sde1
# mkfs.ext3 -m0 -j -O dir_index,resize_inode,sparse_super /dev/md0
# tune2fs -c0 -i0 /dev/md0

After mounting, I have a 109GB drive mounted as the raid. Not much, but it’s a little more disk space to use. I’ll also mount the other disks, which are a little bigger to give me a bit more space.

Posted by maryh on January 2, 2008 at 11:06 am under Hardware, Server.
Comments Off on New System with Software Raid.

Cronjobs for users who exist only in the ldap database were not being run. The crond log file was showing entries like this:

Dec 27 13:42:01 server crond[2781]: (arthur) ORPHAN (no passwd entry)

To fix this, make sure that nscd is running (I didn’t have it started) and restart crond.

Posted by maryh on December 27, 2007 at 2:52 pm under Installation, Ldap, Server, Software.
Comments Off on LDAP & Cron.

I’m having some very strange problems with ldap and samba. Some users work fine in samba and others not at all. First, I found the /etc/pam.d/system-auth problem again, where the uid must be at least 500 for it to work. I changed that to 200 and it still doesn’t work.

I also found that each time you run authconfig-tui, /etc/pam.d/system-auth-ac gets rewritten and my 200 would go back to a 500. (system-auth is just a symlink to system-auth-ac.) I fixed this by creating system-auth-EDG and linking system-auth to that. The link does not change whenever authconfig is run, so the 200/500 uid problem looks to be solved.

But why am I running authconfig-tui so much? Because I am unable to start ldap on the server when “Use LDAP” is checked under the User Information and the Authentication sections. I uncheck them, then restart ldap successfully, then go back and recheck them. If things are checked, the ldap restart command just hangs, until I press Ctrl-C a few times. Then, it gives me errors like:

Session terminated, killing shell.......killed.
/etc/pki/tls/certs/slapd.pem is not readable by "ldap" [WARNING]
Checking configuration files for slapd: config file testing succeeded [OK]
Starting slapd:  [OK]

But it’s not really started. I have to undo the authconfig stuff, restart again (at which time it restarts in about a second) and then redo the authconfig stuff.

I’ve changed the ldap user to have a login shell and have logged in and read the slapd.pem file without a problem, so I don’t really know why it complains that it can’t be read. And since the ldap user is not in the ldap database, but it /etc/passwd, I don’t understand at all why this is a problem.

Posted by maryh on December 27, 2007 at 11:59 am under Installation, Ldap, Samba, Server, Software.
Comments Off on Ldap and Samba.

I was getting some strange errors in my maillog when an ldap user would try to call spamassassin on incoming mail. This was fixed by adding the “–ldap-config” option to the spamassassin startup script. The line in the file that I changed, no looks like this:

SPAMDOPTIONS="-d -c -m5 -H --ldap-config"

Posted by maryh on December 24, 2007 at 11:42 am under Ldap, Mail, Server.
Comments Off on LDAP and SpamAssassin.

I’m slowly moving all of our users out of /etc/passwd to the ldap directory. One problem that I found was that users’ personal websites weren’t coming up. For example, user arthur, can make a directory called public_html in their home area and it would be accessible at server.uchicago.edu/~arthur. But for accounts that are only in the ldap database, it was as if these accounts didn’t exist.

To get the accounts to show, add the following to /etc/httpd/conf/httpd.conf:

< IfModule mod_ldap_userdir.c >
	LDAPUserDirServer	server.uchicago.edu
	LDAPUserDirSearchScope	subtree
	LDAPUserDirBaseDN	ou=people,dc=server,dc=uchicago,dc=edu
	LDAPUserDir		public_html
< /IfModule >

Posted by maryh on December 21, 2007 at 5:56 pm under Installation, Ldap, Server, Software.
Comments Off on LDAP and Apache.

I thought I’d be smart and upgrade our server to the 64-bit version of RHEL5. Well, after upgrading I had many problems. A big one was this error:

[root@edg ~]# su - maryh
/bin/hostname: error while loading shared libraries: libc.so.6: wrong ELF class: ELFCLASS32

If I can’t run a simple hostname command, then there are probably lots of other issues. Thus, I’m reinstalling again with the 32-bit version.

Posted by maryh on December 19, 2007 at 7:46 pm under Installation, Server, Software.
Comments Off on Upgrading to RHEL5 Server.

Since roaming profiles is what’s causing our windows logins to take minutes instead of seconds, I want to make all profiles be local. To do this, run gpedit.msc.

Local Computer Policy
.Computer Configuration
..Administrative Templates
…System
….User Profiles
Check only allow local user profiles
Check Prevent Roaming Profile changes from Propagating to the server

Posted by maryh on December 18, 2007 at 3:36 pm under Installation, Server, Software.
Comments Off on To Disable Roaming Profiles.

I had a problem where I couldn’t send mail with squirrelmail. Whenever I hit the send button, I got an error that said:

Server replied: 71 Can't execute command '/usr/sbin/sendmail -i -t -fmailaddress@someone.com'.

So, I then tried to run the command as a regular user at the command line and I got this error:

NOQUEUE: SYSERR(): can not write to queue directory
> /var/spool/clientmqueue/ (RunAsGid=0, required=25): Permission denied

It turns out that my smmsp user had uid=51 and gid=51, but in /etc/group, the smmsp group was gid=25. To fix this, I simply changed the gid of the smmsp user to 25 and restarted sendmail. That fixed things.

Posted by maryh on November 28, 2007 at 9:55 am under Mail, Server, Software.
Comments Off on Problem with Squirrelmail.

If the install script has a problem registering, try this:

sudo rpm -Uvh \
http://rhn.uchicago.edu/pub/rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm

Then make sure your trusted sslCACert entry in
/etc/sysconfig/rhn/up2date looks like:

sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT

Then run:

rhnreg_ks --activationkey=4615db501bffebd96009bb81b065c015
rhn_check

Get the proper key from the rhn website.

Posted by maryh on November 2, 2007 at 9:43 am under Installation, Server, Software.
Comments Off on Registering with UC RHN.

« Previous Entries
Next Entries »