There is one thing I particularly like, but it is possible that we find people who say that if the database performance is greatly improved with raw redo in front of a filesystem (ext4 for example).
To find out for sure we can work with RAW mode redologs very easily. Let’s take an example made in Red Hat 4, with a test BDD with 3 redologs of 51 MB each:
[oracle@clu01 DBU]$ ls -l
-rw-r----- 1 oracle oinstall 9748480 Jun 25 20:38 control01.ctl
-rw-r----- 1 oracle oinstall 9748480 Jun 25 20:38 control02.ctl
-rw-r----- 1 oracle oinstall 7061504 Jun 12 11:36 control03.ctl
-rw-r----- 1 oracle oinstall 52429312 Jun 25 11:06 redo01.log
-rw-r----- 1 oracle oinstall 52429312 Jun 25 10:39 redo02.log
-rw-r----- 1 oracle oinstall 52429312 Jun 25 10:39 redo03.log
-rw-r----- 1 oracle oinstall 545267712 Jun 25 20:38 sysaux01.dbf
-rw-r----- 1 oracle oinstall 744497152 Jun 25 20:38 system01.dbf
-rw-r----- 1 oracle oinstall 20979712 Jun 23 21:22 temp01.dbf
-rw-r----- 1 oracle oinstall 36708352 Jun 25 20:38 undotbs01.dbf
-rw-r----- 1 oracle oinstall 5251072 Jun 25 20:38 users01.dbf
If we add disks in hot (from any system virtualization) it is possible that the OS does not know until we do a rescan of the SCSI bus, this can be done with the tool:
To install RedHat/Centos:
The LVM volumes have many advantages but when you connect a hard drive (with LVM) to an operating system (for example via USB) and want to access the data, we see that is not automatic.
To access the data directly we can mount the volume because the device simply does not exist, this can be easily solved. The sequence of actions is:
1- Connect the HD (logically)
2- Perform vgscan
3- Perform lvscan
4- Enable LVM volume desired
5- Mount the device and access the data
To extract HDD must:
On this occasion we will see how to regenerate a software RAID in Linux.
Detected by SMART error type:
[root@simba ~]# smartctl -H /dev/sda
smartctl 5.42 2011-10-20 r3458 [x86_64-linux-2.6.32-279.el6.x86_64] (local build)
Copyright (C) 2002-11 by Bruce Allen, http://smartmontools.sourceforge.net
=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: FAILED!
Drive failure expected in less than 24 hours. SAVE ALL DATA.
ID# ATTRIBUTE_NAME FLAG VALUE WORST THRESH TYPE UPDATED WHEN_FAILED RAW_VALUE
1 Raw_Read_Error_Rate 0x002f 001 001 051 Pre-fail Always FAILING_NOW 330223
Let’s see how to obtain the status of a HDD using SMART technology (monitoring and analyzing HD http://es.wikipedia.org/wiki/S.M.A.R.T.).
First we need to install is the smartmontools package (in Red Hat or CentOS so, in other distributions command different):
yum install smartmontools
We can get information from a disk:
Recently has contacted me a companion called Miguel Angel (greetings) to see if he could help out with attacks that are suffering. Obviously I will not use your data for anything in this entry.
In this post we will make a more accurate filtering of incoming communications, to prevent DOS attacks.
In the previous post “iptables ddos limit configuration, prevent denial of service attacks on Linux (Match extension limit)” is shown as filter limiting the number of hits. The great improvement in recent vs limit extension is that recent maintains a list of source IPs communication and limits are set by source IP. The limits imposed limit extension regardless of origin, is an overall limit.
Almost everyone knows how to add an automatic mounting /etc/fstab, perhaps not used as it should the mounting is using UUIDs.
The UUID (Universally Unique Identifier) is a unique identifier for each file system. It is very interesting because it allows use as a reference for installation, ie instead of using /dev/sdb1 (physical connection reference) may use UUID and thus could change the connections of the discs without the mount points they saw affected.
The tool to know the UUID of the discs is:
[root@test ~]# blkid
/dev/sdb1: UUID="a210f4aa-0333-4827-b4f0-4a987c3364cf" TYPE="ext4"
/dev/sdb2: UUID="2133ef48-5eb9-4413-8b42-2f5f023a765b" TYPE="ext4"
/dev/sda1: UUID="0cdd3b92-349c-407f-87d2-63242782b531" TYPE="ext4"
/dev/sda2: UUID="rNf0sI-d44o-5c3f-VJMJ-zdhk-eT4q-Lc8xXT" TYPE="LVM2_member"
/dev/mapper/vg_test-lv_root: UUID="6c9fa623-8bc4-4143-b8a5-f7d0966980c9" TYPE="ext4"
/dev/mapper/vg_test-lv_swap: UUID="b382f6a5-0a63-4ab8-aaf4-8b8c1c0b969d" TYPE="swap"
In this post we will create an encrypted volume, which is useful if you work with a laptop and want to ensure your data against theft.
You can do interesting things, as we ask the key to start or hold the key for example in a USB. It seems to me very good choice of a USB device with the key to start.
Let the matter, the steps are:
1- make sure we have the kernel module loaded with dm_crypt :
[root@test ~]# lsmod | grep dm_crypt
dm_crypt 10848 2
dm_mod 63859 11 dm_crypt
IPTABLES is the firewall kernel-level included in Linux distributions, it’s very powerful (once understood its operation), very useful and flexible. This post has been made on a CentOS 6 (clone of RedHat), almost all should be able to apply to any distribution.
The basic operation of iptables is the following:
- Exist chains of rules. Basically 3: INPUT, OUTPUT and FORWARD.
- The rules within a chain are evaluated in order. This is where there is a multitude of filtering options.
- When a rule is evaluated positively, it is directed at a TARGET. It can be accepted, rejected, deleted, written in a log or other much more (see man TARGET EXTENSIONS iptables).
We can list the current rules:
In linux you can assign attributes to files, this allows to increase the security level. It is possible for example, to protect a file so that can not be removed.
To view the attributes of a file:
[root@tester1 prueba]# lsattr