Blog about usage of Oracle's Enterprise Linux (OEL) aka "Unbreakable Linux" in a data center. Installation, configuration, tweaks, hacks, tips and tricks... whatever and all of the above, as we deploy Linux servers as the choice for all non-Microsoft services
Oracle's licensing terms have recently changed. The Standard Edition is now way, waaay, cheaper to deploy than the Enterprise Edition. Of course, you'll have to do without certain enterprise-level features"." But the question is: do you really need and/or use them? Many people think they need the enterprise features, but their actual application doesn't use them. Perhaps the development guys weren't familiar with it or didn't know about them and so on. So it makes sense to check and make sure. In the meam time, check out a comparison of Oracle Standard and Enterprise Edition's features...
I've been playing a bit with the nscd now and want to share some tips related to tuning the nscd.conf file.
To see how the DNS cache is doing, use nscd -g.
0 server debug level 26m 57s server runtime 5 current number of threads 32 maximum number of threads 0 number of times clients had to wait yes paranoia mode enabled 3600 restart internal
passwd cache: no cache is enabled [other zero output removed] group cache: no cache is enabled [other zero output removed]
yes cache is enabled yes cache is persistent yes cache is shared 211 suggested size <==== 216064 total data pool size 1144 used data pool size 3600 seconds time to live for positive entries <==== 20 seconds time to live for negative entries 66254 cache hits on …
Just found a great tip to prevent timeouts of PuTTY sessions. I'm fine with timeouts by the host, but in our case the firewall kills sessions after 30 minutes of inactivity... When using PuTTY to ssh to your Linux/Unix servers, be sure to use the feature to send NULL packets to prevent a timeout. I've set it to once every 900 seconds, i.e. 15 minutes... See screenshot on the right.
Often, when getting started using sudo and /etc/sudoers on a Linux system to authorize users to do something somewhere, you would like to debug sudoers and see why things fail when you think it should work.
First, try sudo -l on any system as any user and get a list of things (if any) that you are allowed to do. Check and see if anything is missing.
The sudo mailing list also hinted to a way to parse the sudoers file to see if anything is malformed. This can verify at the sudoers does not contain any typos or syntax errors.
Finally, and most importantly, know this: "When multiple entries match for a user, they are applied in order. Where there are multiple matches, the last match is used (which is not necessarily the most specific match)."
So order matters!!! Start with general rules and become most specific towards the end of the sudoers file. If you grant something at the top and deny it at the bottom, sudo won't allow it for the reason above. In that case, change the order…