Bart B's questions

I'm trying to get rsyslog on RHEL 6 to render the time the message was logged at as a unix timestamp. I started by read the documentation at http://www.rsyslog.com/doc/property_replacer.html. Since there are are old-style and new-style property options, I next checked my version number:

[root@sourwood remote]# rpm -qa | grep rsyslog
rsyslog-pgsql-5.8.10-6.el6.x86_64
rsyslog-5.8.10-6.el6.x86_64
[root@sourwood remote]# 

This implies to me that I am using version 5.8. The docs say to use the new-style property options in versions greater than 6, therefore, I should use the old-style property options.

The top of the section describing the old-style options states that the options listed below exist in versions greater than 5.5.3, since 5.8.10 is greater than 5.5.3 that shouldn't be a problem.

Based on the docs I have created the following template (truncated a little for clarity):

$template proxyTemplate,"%timegenerated:::date-unixtimestamp%|%timegenerated:::date-rfc3339%|...\n"

I then use this template in the following way:

if \
        $programname contains 'squid' \
then    /var/log/remote/squid.log;proxyTemplate

The messages from Squid do get logged, and the rfc3339 formatting is working, but the unix timestamp is not. Here is a truncated sample from the logs:

Apr 29 14:59:09|2013-04-29T14:59:09.443172+01:00|...

Am I doing something wrong? Perhaps I've missed some subtlty? Or have I hit upon a bug?

To be sure to be sure I've also tried with the new-style property options, but to no avail.

I'm migrating our rsyslog config from an old server to a new one, and thought I'd use the opportunity to tidy up our config. The old config used "legacy" template definitions, and the rsyslog doc on templates recommend replacing such definitions with the new template syntax, so that's what I tried to do.

I simply cannot get it to work, and the errors I am getting when trying to start rsyslog make no sense. So, it seems like I have fundamentally misunderstood the rsyslog docs, or there is something funny about the rsyslog package included in RHEL6.

This is the legacy template I am trying to update:

$template secureTemplate,"INSERT INTO var_log_secure (received_at, source_ip, source_hostname, logged_at, severity, service, message, severity_int, syslogtag) VALUES ('%timegenerated:::date-rfc3339%', '%fromhost-ip%', '%hostname%', '%timereported:::date-rfc3339%', '%syslogseverity-text%', '%programname%', '%msg%', '%syslogseverity%', '%syslogtag%')",STDSQL

This is my attempt at that same template in the new syntax having read the rsyslog docs:

template(name="secureTemplate" type="string" option.stdsql="on"
  string="INSERT INTO var_log_secure (received_at, source_ip, source_hostname, logged_at, severity, service, message, severity_int, syslogtag) values ('%timegenerated:::date-rfc3339%', '%fromhost-ip%', '%hostname%', '%timereported:::date-rfc3339%', '%syslogseverity-text%', '%programname%', '%msg%', '%syslogseverity%', '%syslogtag%')"
)

These are the errors I get on rsyslog startup:

rsyslogd: [origin software="rsyslogd" swVersion="5.8.10" x-pid="4491" x-info="http://www.rsyslog.com"] start
 rsyslogd-3000:unknown priority name "stdsql="on"" [try http://www.rsyslog.com/e/3000 ]
 rsyslogd:the last error occured in /etc/rsyslog.conf, line 49:"template(name="secureTemplate" type="string" option.stdsql="on""
 rsyslogd:warning: selector line without actions will be discarded
 rsyslogd-3000:unknown priority name "" [try http://www.rsyslog.com/e/3000 ]
 rsyslogd:the last error occured in /etc/rsyslog.conf, line 50:"  string="INSERT INTO var_log_secure (received_at, source_ip, source_hostname, logged_at, severity, service, message, severity_int, syslogtag) values ('%timegenerated:::date-rfc3339%', '%fromhost-ip%', '%hostname%', '%timereported:::date-rfc3339%', '%syslogseverity-text%', '%programname%', '%msg%', '%syslogseverity%', '%syslogtag%')""
 rsyslogd:warning: selector line without actions will be discarded
 rsyslogd-3000:unknown priority name "" [try http://www.rsyslog.com/e/3000 ]
 rsyslogd:the last error occured in /etc/rsyslog.conf, line 51:")"
 rsyslogd:warning: selector line without actions will be discarded
 rsyslogd-3003: Could not find template 'secureTemplate' - action disabled
 [try http://www.rsyslog.com/e/3003 ]
 rsyslogd:the last error occured in /etc/rsyslog.conf, line 55:"then    :ompgsql:127.0.0.1,rsyslog,rsyslog,+Without-Goodbye-22+;secureTemplate"
 rsyslogd:warning: selector line without actions will be discarded
 rsyslogd-2124:CONFIG ERROR: could not interpret master config file '/etc/rsyslog.conf'. [try http://www.rsyslog.com/e/2124 ]
 rsyslogd:EMERGENCY CONFIGURATION ACTIVATED - fix rsyslog config file!

I've been banging my head off NRPE and Perl for weeks now.

I decided to start from absolute first principles, and create a dummy nagios plugin that does nothing but always returns OK. I called it check_true.pl, installed it on the remote server and configured NRPE to serve it out as check_test.

The entire script is just:

#!/usr/bin/perl

print "OK - this dummy test always returns OK\n";
exit 0;

This works over NRPE without problems.

With this as a starting point, I was going to build up the script I want slowly to see at what point it breaks. I didn't get at all far. The follow breaks over NRPE (but works fine with locally and over SSH):

#!/usr/bin/perl

use strict;

print "OK - this dummy test always returns OK\n";
exit 0;

It gives the dreaded error: NRPE: Unable to read output.

I can't include ANYTHING or I get this error. This makes it impossible to do what I actually need to do!

I thought it might be a problem with the perl include path, but running the following over NRPE shows it is not (gives identical include path as when run on the terminal):

#!/usr/bin/perl

print "OK - Perl include path: ".join(q{, }, @INC)."\n";
exit 0;

Does anyone know why NRPE is behaving so badly with Perl? Can anyone recommend a fix? Or even a workaround?

Update 1: The command is defined in NRPE as follows:

command[check_test]=/usr/lib64/nagios/plugins/check_true.pl

Update 2: I've done some more debugging, and by adding the wrapper below around the perl script I was able to capture STDERR.

#!/bin/sh

out=`/usr/lib64/nagios/plugins/check_true.pl 2>&1`
echo $out

The result makes things even more confusing:

Can't locate strict.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /usr/lib64/nagios/plugins/check_true.pl line 3. BEGIN failed--compilation aborted at /usr/lib64/nagios/plugins/check_true.pl line 3.

A quick search shows that strict.pm is located at /usr/share/perl5/strict.pm, and /usr/share/perl5 IS in the listed @INC!

How can Perl fail to find a file that is right there? This works flawlessly when run as the user nagios in a terminal, so what is NRPE doing to the environment to mess up Perl?

I know this is a very common error where RTFM is usually the correct answer, but, I think I've covered all the obvious points.

NRPE is running as the user nagios

When I use sudo su - nagios to become the nagios user, and copy and paste in the command from /etc/nagios/nrpe.conf it works perfectly, generating output as expected.

When I turn on debugging, nothing is logged after the NRPE plugin loads (there are entries logged while the service is restarting).

What can be going on? Surely something should be logged in the debug logs? Is there a way to force more verbose logging (comments in config file suggest not).

SELinux is not logging any issues.

In the general the script is quite normal, with one exception, it shells out to a command using sudo. The nagios user has been granted passwordless access to the command being shelled out to, and that it working when I su to the nagios user.

Update: After re-configuring sudo so it does not insist on a tty, I have my check working successfully over SSH, returning the expected result. It still will not work over NRPE though.

The crontabs on RHEL seem to be duplicated in two places, /etc/cron.d, and /var/spool/cron. I've checked, and neither of these are simlinks to the other, and neither are any of the crons contained in either location.

I guess my most important question is this, which of these two is the authoritative location? If I were to edit a file in only one of these two, which one would I have to make my edit in to get it to execute?

I'm trying to compile a procedure for when ever there is a suspicion, perhaps from netflow data or something like that, that a server could be compromised. The logic being, that you should think about these things coolly and calmly before they happen for real and the pressure is on and the adrenaline flowing.

Can anyone recommend some good resources I should familiarise myself with to help me draft a sensible procedure?

I'm looking for good information on what to do to confirm suspicious, as well as what to do when a hack is discovered.

I'm not sure if this question is best suited here on ServerFault or over on SuperUser. Thinking about it logically I think this is a sysadmin question, so I'm putting it here, and if the mods think it should move, then apologies for guessing wrong!

Anyhow - I have a server off-site, and I'm stuck on a private IP with non access to the net except through an HTTP proxy or a SOCKS 4/5 proxy. I'm running OS X, and I'd like the ssh command from the terminal to somehow work through one of those two proxies to get out to the remote server. The SSH port on the remote server is non-standard, though I doubt that will make much difference.

To kill some possible confusion right form the start, I'm not looking to define me own fields within host definitions, but instead to create a variable that I can use across multiple host definitions to fill in one of the standard fields.

When I add a VM to our Nagios server I add the machines in our virtualisation cluster as the parents of that machine, because if any one of those servers is up, the VM should be accessible. This results in an entry in the definition of each VM of the form:

define host{
        host_name               xxx1
        alias                   xxx1.domain.tld
        address                 xxx.xxx.xxx.xxx
        parents                 dom0_1, dom0_2, dom0_3, dom0_4, dom0_5, dom0_6
        ...
}

The thing is, our cluster keeps changing and expanding, and it's a pain in the backside to have to update this entry in every VM, I want to be able to change it in just one place, and have that change affect the definitions for all our VMs.

I'm running a SAMBA file store for our Windows users, and I'd like to automatically generate windows LNK files linking to other network shares that the user needs access to.

I've done quite a bit of googling and I can't find a way of creating windows links on Linux, or through Perl. I did find a perl module that looked promising in CPAN, but it will only run on Windows unfortunately.

If it's not possible to create .LNK files, perhaps there is an alternative solution people can suggest to allow the users to click on a file in one SAMBA store to be linked to a different SAMBA share?

Thanks,

Bart.

I'm used to Yum on CentOS 5 being a total pig and breaking every other week, but until now I've always been able to fix the problem by simply running:

yum clean all

And then updating normally.

Not working today. I did a lot of googling, and another common piece of advice was to disable fastmirror, tried that too, still to no avail. Here is the error I'm getting:

# yum update
addons                                                                               |  951 B     00:00     
addons/primary                                                                       |  204 B     00:00     
base                                                                                 | 2.1 kB     00:00     
base/primary_db                                                                      | 2.2 MB     00:00     
extras                                                                               | 2.1 kB     00:00     
extras/primary_db                                                                    | 244 kB     00:00     
spacewalk-client-tools                                                               | 1.9 kB     00:00     
spacewalk-client-tools/primary_db                                                    |  15 kB     00:00     
updates                                                                              | 1.9 kB     00:00     
updates/primary_db                                                                   | 603 kB     00:00     
http://ftp.heanet.ie/pub/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.as29550.net/mirror.centos.org/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirrors.melbourne.co.uk/sites/ftp.centos.org/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.ellogroup.com/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.netrino.co.uk/mirror.centos.org/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirrors.coreix.net/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.krystal.co.uk/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirrors.ukfast.co.uk/sites/ftp.centos.org/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://anorien.csc.warwick.ac.uk/mirrors/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.ox.ac.uk/sites/mirror.centos.org/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.bytemark.co.uk/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://ftp.nluug.nl/ftp/pub/os/Linux/distr/CentOS/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.denit.net/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.oxilion.nl/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://ftp.tudelft.nl/centos.org/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.widexs.nl/ftp/pub/os/Linux/distr/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.nl.leaseweb.net/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirrors.supportex.net/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://centos.mirror.evertje.net/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://nl.mirror.eurid.eu/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://ftp.heanet.ie/pub/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.as29550.net/mirror.centos.org/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirrors.melbourne.co.uk/sites/ftp.centos.org/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.ellogroup.com/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.netrino.co.uk/mirror.centos.org/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirrors.coreix.net/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.krystal.co.uk/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirrors.ukfast.co.uk/sites/ftp.centos.org/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://anorien.csc.warwick.ac.uk/mirrors/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.ox.ac.uk/sites/mirror.centos.org/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.bytemark.co.uk/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://ftp.nluug.nl/ftp/pub/os/Linux/distr/CentOS/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.denit.net/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.oxilion.nl/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://ftp.tudelft.nl/centos.org/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.widexs.nl/ftp/pub/os/Linux/distr/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirror.nl.leaseweb.net/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://mirrors.supportex.net/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://centos.mirror.evertje.net/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
updates/primary_db                                                                   | 603 kB     00:00     
http://nl.mirror.eurid.eu/centos/5.6/updates/x86_64/repodata/primary.sqlite.bz2: [Errno -1] Metadata file does not match checksum
Trying other mirror.
Error: failure: repodata/primary.sqlite.bz2 from updates: [Errno 256] No more mirrors to try.
#

Is it possible that every yum mirror being tried has a dead sqlite package? Is there a way to tell yum to ignore sqlite and just update the rest? I tried --skip-broken, but it still errored out with the identical error.

CentOS is so broken these days :(

Bart.

I ran an update on a CentOS server running Nagios, after the update, Nagios failed to start.

The error in the logs was:

Failed to obtain lock on file /var/run/nagios.pid: Permission denied

So, I checked and there was no pid file for Nagios in /var/run. I created one and gave it the following permissions:

-rwxr--r-- 1 nagios nagios 6 May 31 11:58 nagios.pid

Nagios then started and seems to be running normally.

The only problem is, it refuses to stop now, so I can't re-start it to add new servers and services to be monitored!

When I issue the command "service nagios stop", I get [FAILED], but nothing at all gets outputted to the log, and the service remains up.

Any ideas on how I can get the service to stop now?

I'm running the RPM version which was installed via yum from the RPMForge repositories. The server is CenotOS 5.5.

There seems to be some DHCP funnyness going on so I need to run something to show me what's going at a DHCP level. Before I upgraded my machine to Windows 7 I used DHCPloc.exe from the Windows XP support tools, and it worked like a charm.

I can't seem to find Support Tools for Windows 7, and trying to use the XP tools in compatibility mode doesn't work (I tried, it fails to open a receiving socket).

I need a tool to monitor DHCP traffic, and ideally one that lets me filter it to exclude DHCP traffic from our trusted DHCP servers and only show me un-authorised DHCP traffic.

I have a cron job that needs to run every 10 minutes, but should not be run for an hour each night ( from 5 to 6am ) while the system is down for a backup.

As I understand it the following syntax should work in crontab:

*/10 0,1,2,3,4,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23 * * * <command>

This is hardly a nice solution, is there a more efficient way to express my needs to cron?

In case it matters, the server is running RHEL 5.

I'm looking to get Tomcat6 on CentOS 5 in an entirely RPM-based way. JPackage seems to be a great option for this, so I've added the repo and now I'm trying to get it to work.

The instructions say to install the RPM-based JDK download from Sun, so I did that. Then the instructions say to install the appropriate -compat library from JPackage. At this point I get the following error:

[root@localhost bart]# rpm -ivh java-1.6.0-sun-compat-1.6.0.03-1jpp.i586.rpm 
error: Failed dependencies:
    jdk = 2000:1.6.0_03-fcs is needed by java-1.6.0-sun-compat-1.6.0.03-1jpp.i586
    jpackage-utils >= 0:1.7.3 is needed by java-1.6.0-sun-compat-1.6.0.03-1jpp.i586
[root@localhost bart]#

What confuses me in particular is that it seems to be looking for the fedora version of the Sun JVM. The JPAckage instructions do warn that it is vital to use the RPM-based download, so I have been sure to do this.

In case it helps, here is my Java version:

[root@localhost bart]# java -version
java version "1.6.0_18"
Java(TM) SE Runtime Environment (build 1.6.0_18-b07)
Java HotSpot(TM) Server VM (build 16.0-b13, mixed mode)
[root@localhost bart]#

Any ideas what I've missed or done wrong?

Thanks,

Bart.

I have a brand new server running CentOS 5 with 16 cores and 20GB of RAM. In case it's important the machine is a Xen para-virutalised guest, but it's the only guest on the server and the server has 32 cores and 48GB of RAM.

When I issue:

service mysqld start

I get a timeout and it says it failed. However, if I wait about 45 seconds longer the server then comes up. There are no errors listed in the mysqld log file.

I've never seen mysqld behave like this before, and it can't be that it doesn't have enough resources in this case!

Any ideas where I can even begin to debug this since there are no error messages?

Thanks,

Bart.

The title says it all really.

What package do I need to get via yum on CentOS 5 to be able to run the X11 version of system-config-network?

ATM I only have the tui version which is horrific.

Thanks,

Bart.

We have a live server that's being hit hard so we're tying to optimise everything we can. We ran the MySQLTuner script on it (http://mysqltuner.com/) which tells us we should set a value less than 28800 for wait_timeout & interactive_timeout. There's a lot of possible numbers to choose between 1 and 28800!

I looked up the meaning of these variables in the MySQL documentation but that gave only a very basic description and no guidance of choosing a value.

Is there a value that's considered a generally accepted best practice? And what would be the likely outcome of choosing a value that was too low?

Thanks,

Bart.

My requirements are very simple. I need to graph the CPU usage on a remote Linux server. I'm not looking for anything complicated, I just need to be able to plot the CPU usage on a Linux server over a week.

I started down the cacti route - it's not simple, it's not straight forward and it definitely feels like overkill.

Is there a simpler, quicker and more straightforward option?

I've just set up cacti to monitor CPU and memory usage on a server that I think needs to be upgraded, but to be able to make my case for funding I need hard facts.

I figured getting Cacti to monitor the Memory usage and Load Average would do the trick, but the graph being generated seems to bear no correlation to reality.

According to top my load average right now is hovering at around 5, but cacti is graphing it at 0.1!

How can I get cacti to monitor the real load averages on the server? The server to be monitored is running RHEL5 and using net-SNMP as the SNMP deamon.

Thanks,

Bart.

This came up in a comment to another question and I'd love it if someone could explain the reasons for this to me.

I suggested having Apache log the errors for a given VHost to a user's home directory. This was shot down because it was insecure. Why?

I asked for clarification in a reply comment but all I got was that it's insecure to have root writing in a folder not owned by root. Again, could someone explain?

Thanks,

Bart.