This issue affects all products which use the Bash shell and parse values of environment variables. This issue is especially dangerous as there are many possible ways Bash can be called by an application. Quite often if an application executes another binary, Bash is invoked to accomplish this. Because of the pervasive use of the Bash shell, this issue is quite serious and should be treated as such.

All versions prior to those listed as updates for this issue are vulnerable to some degree.

My infected OS version is CentOS-6 and bash version 4.1.2

[root@host75 ~]# lsb_release -a
lsb_release -a
LSB Version: :base-4.0-amd64:base-4.0-noarch:core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch
Distributor ID: CentOS
Description: CentOS release 6.4 (Final)
Release: 6.4
Codename: Final

[root@host75 ~]# bash --version
bash --version
GNU bash, version 4.1.2(1)-release (x86_64-redhat-linux-gnu)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later

This is free software; you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Diagnostic Steps:

To test if your version of Bash is vulnerable to this issue, run the following command:

$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If the output of the above command looks as follows:

vulnerable
this is a test

hmm, I got infected!

[root@host75 ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
vulnerable
this is a test

You are using a vulnerable version of Bash. The patch used to fix this issue ensures that no code is allowed after the end of a Bash function. Thus, if you run the above example with the patched version of Bash, you should get an output similar to:

$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test

If your system is vulnerable, update to the most recent version of the Bash package by running the following command:

$yum update bash

This fix my bash ??????

[root@host75 ~]# yum update bash
Loaded plugins: fastestmirror, security, tmprepo
Loading mirror speeds from cached hostfile
epel/metalink | 15 kB 00:00
* base: centos.eecs.wsu.edu
* epel: mirrors.kernel.org
* extras: centos.chi.host-engine.com
* updates: mirror.raystedman.net
base | 3.7 kB 00:00
epel | 4.4 kB 00:00
epel/primary_db | 6.3 MB 00:05
extras | 3.3 kB 00:00
updates | 3.4 kB 00:00
updates/primary_db | 5.3 MB 00:04
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package bash.x86_64 0:4.1.2-14.el6 will be updated
---> Package bash.x86_64 0:4.1.2-15.el6_5.1 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================================================================================
Package Arch Version Repository Size
================================================================================================================================================
Updating:
bash x86_64 4.1.2-15.el6_5.1 updates 905 k

Transaction Summary
================================================================================================================================================
Upgrade 1 Package(s)

Total download size: 905 k
Is this ok [y/N]: y
Downloading Packages:
bash-4.1.2-15.el6_5.1.x86_64.rpm | 905 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : bash-4.1.2-15.el6_5.1.x86_64 1/2
Cleanup : bash-4.1.2-14.el6.x86_64 2/2
Verifying : bash-4.1.2-15.el6_5.1.x86_64 1/2
Verifying : bash-4.1.2-14.el6.x86_64 2/2

Updated:
bash.x86_64 0:4.1.2-15.el6_5.1

Complete!

Test if update fixed to patch your bash

[root@host75 ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test

How does this impact systems:
This issue affects all products which use the Bash shell and parse values of environment variables. This issue is especially dangerous as there are many possible ways Bash can be called by an application. Quite often if an application executes another binary, Bash is invoked to accomplish this. Because of the pervasive use of the Bash shell, this issue is quite serious and should be treated as such.

All versions prior to those listed as updates for this issue are vulnerable to some degree.

See the appropriate remediation article for specifics.

Functions written in Bash itself do not need to be changed, even if they are exported with “export -f”. Bash will transparently apply the appropriate naming when exporting, and reverse the process when importing function definitions.

Ref:
http://www.bbc.com/news/technology-29361794
https://www.us-cert.gov/ncas/current-activity/2014/09/24/Bourne-Again-Shell-Bash-Remote-Code-Execution-Vulnerability
https://access.redhat.com/articles/1200223
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
http://lists.gnu.org/archive/html/bug-bash/2014-09/threads.html
https://rhn.redhat.com/errata/RHSA-2014-1306.html

(0) Comments    Read More   
Feb
06
Posted on 06-02-2012
Filed Under (Linux commands, Redhat & Fedora, UNIX/Linux) by Arun Bagul

Introduction –
Sometime to gain performance, physical ram can be used as disk space which is very fast compare to normal hard disk.
So, how I can use RAM is disk ? go through this steps.

Step 1) Create directory as shown below where you want to mount RAM as disk

root@arunbagul:~# mkdir -p /tmp/ram
root@arunbagul:~# ls /tmp/ram
root@arunbagul:~#

Step 2) mount RAM ie tmpfs at mount point “/tmp/ram” directory-

root@arunbagul:~#  mount -t tmpfs -o size=10M tmpfs /tmp/ram/

* check mounted on not ?

root@arunbagul:~# df -h
Filesystem            Size  Used Avail Use% Mounted on
tmpfs                  10M     0   10M   0% /tmp/ram

** to mount this permanently add entry in /etc/fstab as shown below.

root@arunbagul:~#  cat /etc/fstab

….

tmpfs        /tmp/ram    tmpfs    defaults,size=10m    0    0

root@arunbagul:~#

– To mount this use mount command (this will mount all mount points mentioned in fstab)

root@arunbagul:~# mount -a

Thank you,
Arun Bagul

(0) Comments    Read More   

mtime, ctime, and atime
Unix keeps 3 timestamps for each file: mtime, ctime, and atime. Most people seem to understand atime (access time), it is when the file was last read. There does seem to be some confusion between mtime and ctime though. ctime is the inode change time while mtime is the file modification time. “Change” and “modification” are pretty much synonymous. There is no clue to be had by pondering those words. Instead you need to focus on what is being changed. mtime changes when you write to the file. It is the age of the data in the file. Whenever mtime changes, so does ctime. But ctime changes a few extra times. For example, it will change if you change the owner or the permissions on the file.

Let’s look at a concrete example. We run a package called Samba that lets PC’s access files. To change the Samba configuration, I just edit a file called smb.conf. (This changes mtime and ctime.) I don’t need to take any other action to tell Samba that I changed that file. Every now and then Samba looks at the mtime on the file. If the mtime has changed, Samba rereads the file. Later that night our backup system runs. It uses ctime, which also changed so it backs up the file. But let’s say that a couple of days later I notice that the permissions on smb.conf are 666. That’s not good..anyone can edit the file. So I do a “chmod 644 smb.conf”. This changes only ctime. Samba will not reread the file. But later that night, our backup program notices that ctime has changes, so it backs up the file. That way, if we lose the system and need to reload our backups, we get the new improved permission setting.

Here is a second example. Let’s say that you have a data file called employees.txt which is a list of employees. And you have a program to print it out. The program not only prints the data, but it obtains the mtime and prints that too. Now someone has requested an employee list from the end of the year 2000 and you found a backup tape that has that file. Many restore programs will restore the mtime as well. When you run that program it will print an mtime from the end of the year 2000. But the ctime is today. So again, our backup program will see the file as needing to be backed up.

Suppose your restore program did not restore the mtime. You don’t want your program to print today’s date. Well no problem. mtime is under your control. You can set it to what ever you want. So just do:
$ touch -t 200012311800 employees.txt
This will set mtime back to the date you want and it sets ctime to now. You have complete control over mtime, but the system stays in control of ctime. So mtime is a little bit like the date on a letter while ctime is like the postmark on the envelope.

==========================

find command -mtime -ctime -atime
The find command uses arguments like:
-mtime -2
-mtime +2
-mtime 2

There are -ctime and -atime options as well. Since we now understand the differences among mtime, ctime, and atime, by understanding how find uses the -mtime option, the other two become understood as well. So I will describe find’s use of the -mtime option.

As you probably know, the find command can run for minutes or hours depending on the size of the filesystem being searched. The find command makes a note of its own start time. It then looks at a file’s mtime and computes how many seconds ago the file was modified. By dividing the seconds by 86,400 (and discarding any remainder), it can calculate the file’s age in days:
Code:

0 days in seconds:       0  –   86399
1 day in seconds:    86400  –  172799
2 days in seconds:  172800  –  259159

So now that we know how many days ago a file was modified, we can use stuff like “-mtime 2” which specifies files that are 172800 to 259159 seconds older than the instant that the find command was started.

“-mtime -2” means files that are less than 2 days old, such as a file that is 0 or 1 days old.

“-mtime +2” means files that are more than 2 days old… {3, 4, 5, …}

It may seem odd, but +0 is supposed to work and would mean files more than 0 days old. It is very important to recognize that find’s concept of a “day” has nothing to do with midnight.

 

================================================================================

mohit##find /var/lib/ganglia/rrds/* ! \( -name “__SummaryInfo__” -prune  \)  -mmin +30

(4) Comments    Read More   

Steps needed to create LUN and to make accessible by windows ISCSI initiators.

  • mohit_netapp02*> lun setup

This setup will take you through the steps needed to create LUNs
and to make them accessible by initiators. You can type ^C (Control-C)
at any time to abort the setup and no unconfirmed changes will be made
to the system.

  • Do you want to create a LUN? [y]: y
  • Multiprotocol type of LUN (solaris/windows/hpux/aix/linux/netware/vmware/windows_gpt)[linux]: windows

A LUN path must be absolute. A LUN can only reside in a volume or
qtree root. For example, to create a LUN with name “lun0” in the
qtree root /vol/vol1/q0, specify the path as “/vol/vol1/q0/lun0”.

  • Enter LUN path: /vol/test_vol/test_lun0

A LUN can be created with or without space reservations being enabled.
Space reservation guarantees that data writes to that LUN will never
fail.

  • Do you want the LUN to be space reserved? [y]: Object action: admin.util.true

Size for a LUN is specified in bytes. You can use single-character
multiplier suffixes: b(sectors), k(KB), m(MB), g(GB) or t(TB).

  • Enter LUN size: 55g

You can add a comment string to describe the contents of the LUN.
Please type a string (without quotes), or hit ENTER if you don’t
want to supply a comment.

  • Enter comment string:

The LUN will be accessible to an initiator group. You can use an
existing group name, or supply a new name to create a new initiator
group. Enter ‘?’ to see existing initiator group names.

  • Name of initiator group [windows]: Test_windows

Type of initiator group Test_windows (FCP/iSCSI) [iSCSI]: iSCSI
An iSCSI initiator group is a collection of initiator node names.Each
node name can begin with either ‘eui.’ or ‘iqn.’ and should be in the
following formats: eui.{EUI-64 address} or iqn.yyyy-mm.{reversed domain
name}:{optional string composed of alphanumeric characters, ‘-‘, ‘.’
and ‘:’}
Eg: iqn.2001-04.com.acme:storage.tape.sys1.xyz or eui.02004567A425678D
You can separate node names by commas. Enter ‘?’ to display a list of
connected initiators. Hit ENTER when you are done adding node names to
this group.

  • Enter comma separated nodenames: ?

Initiators connected on adapter ism_sw1:
iSCSI Initiator Name                  Group
iqn.1991-05.com.microsoft:appoms2   windows
iqn.1991-05.com.microsoft:colodc1.projecty.com   windows
iqn.1991-05.com.microsoft:appoff1
Enter comma separated nodenames: iqn.1991-05.com.microsoft:appoms2
Enter comma separated nodenames:
The initiator group has an associated OS type. The following are
currently supported: solaris, windows, hpux, aix, linux, netware
or vmware.

  • OS type of initiator group “Test_windows” [windows]: windows

The LUN will be accessible to all the initiators in the
initiator group. Enter ‘?’ to display LUNs already in use
by one or more initiators in group “Test_windows”.

  • LUN ID at which initiator group “Test_windows” sees “/vol/test_vol/test_lun0” [0]: 1

LUN 1 is already mapped to by initiator iqn.1991-05.com.microsoft:appoms2
in group windows
LUN ID at which initiator group “Test_windows” sees “/vol/test_vol/test_lun0” [0]: 2
LUN Path                : /vol/test_vol/test_lun0
OS Type                 : windows
Size                    : 55.0g (59057510400)
Initiator Group         : Test_windows
Initiator Group Type    : iSCSI
Initiator Group Members : iqn.1991-05.com.microsoft:appoms2
Mapped to LUN-ID        : 2

  • Do you want to accept this configuration? [y]: y
  • Do you want to create another LUN? [n]: n
  • mohit_netapp02*> lun showq

lun: unrecognized command “showq”
The following commands are available; for more information
type “lun help <command>”
aluadb              destroy             move                set
attribute           df                  offline             setup
clone               geometry            online              share
comment             help                rescan              show
config              hist                resize              snap
config_check        map                 select              stats
create              maxsize             serial              unmap
dbedit

  • mohit_netapp02*> lun show

/vol/bod_iscsi/asm1            5g (5368709120)    (r/w, online, mapped)
/vol/mohitsnap/lun0         502.0g (539019048960)  (r/w, online, mapped)
/vol/test_vol/test_lun0     55.0g (59057510400)   (r/w, online, mapped)

 

 

Maximum LUN resize limits on NetApp

Be aware there are some limits to resize the Netapp size. Due to the geometry of the LUN at the time it was created it can only be resized to a maximum of ~10 times the original size of the LUN.

One way to see this is at the command line, for the command to be available you need to run ‘priv set diag‘ and then you will have access to the ‘lun geometry‘ command. From there you can see the LUN size as well as the maximum LUN size that is available.

 

Here is a table of some of the results:

LUN Size Maximum Resize
< 50g 502g
51-100g 1004g
101-150g 1506g
151-200g 2008g
201-251g 2510g
252-301g 3012g
302-351g 3514g
352-401g 4016g

etc..

(1) Comment    Read More   

Hello Everyone,
In day to day System Admin activities many times, you stuck to connect to any remote server, due to non-supporting timeout setting, here is the perfect solution for that ‘hatools’ – Thanks ‘MARKUS WINAND’, You can find this tool at http://www.fatalmind.com/software/hatools/

This tool will help you to manage your application and code with the specific timeout and lock, and you will be assure and go for sleep  😀

Download hatools from www.fatalmind.com (http://www.fatalmind.com/software/hatools/hatools-2.14.tar.bz2)

[root@testbed ~]# wget http://www.fatalmind.com/software/hatools/hatools-2.14.tar.bz2

[root@testbed ~]# tar xjvf hatools-2.14.tar.bz2 && cd hatools-2.14

The installation should be very seamless by just doing (Find the doc ‘README’)

[root@testbed hatools-2.14]# ./configure
[root@testbed hatools-2.14]#  make && make install

Now test the hatimerun command

[root@testbed ~]# hatimerun -h
usage: hatimerun [-a] [-e exitcode] [-k signame] -t secs command [args]
hatimerun [-l|-h|-?]
Options:
-a           Async mode. Starts hatimerun in the background
-e exitcode  Changes the exitcode returned by hatimerun on fail
-k signame   Specifies the signal witch will be sent to the process group
if a timeout occures
-t secs      Specifies the timeout in seconds
-l           Print list of available signals on this platform and exit.

Version:
V2.00
Copyright (c) 2001,2003,2005-2007 by Markus Winand <mws@fatalmind.com>
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

[root@testbed ~]# hatimerun -k TERM -t 15 -t 1 ssh testbed140 uptime
04:36:23 up  3:24,  0 users,  load average: 0.51, 0.40, 0.31

Check with wrong or any ssh port blocked server and get timeout watch. 🙂

Here I am written small script for testing purpose, you can change and use as you want.

#!/bin/bash

# if you want to check and debug , run this script in following way
# bash -x script name <servername> <cmd>

server=$1  # server name or IP
cmd=$2   # command
sec=15      #Timeout seconds change as per your need

test -z $server && echo “server not found ” && echo “Usage: $0 {servername} {command}” && exit 1
test -z $cmd &&  echo “command not found ” && echo “Usage: $0 {servername} {command}” && exit 1
echo “connecting to $server, timewait set for connection is $sec Sec…….”

hatimerun -k TERM -t $sec -t 1 ssh $server $cmd
if [ $? != 0 ] ; then
echo “$server connection timeout …”
fi

 

 

-Ravi

(0) Comments    Read More   

Yesterday, I experienced very strange problem, that comes first time (for me), so checked things with apache and modules as diff way, but at the end got it fixed with the help of apache wiki 🙂  Thanks to make it perfect !!

There was something bad going with the apache and I was trying to fix it, as I need to restart it to first fix, but It can’t started, just popup message “[FAILED]”, surprised, ran twice to start it, then checked the error logs for debugging it and found the new error logged into messages.

[Thu Mar 10 00:58:59 2011] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Mar 10 00:58:59 2011] [error] (28)No space left on device: Cannot create SSLMutex
Configuration Failed

I found the page where all the related errors are listed by Apache http://wiki.apache.org/httpd/Logs , this helps me to fix this error.

“This error indicates that the server has run out of available slots for “inter-process communication“. This can occur when a process crashes before cleaning up after itself.The ipcs command will list semaphores and shared memory slots in use. If there is a large number of entries in use by the apache user use ipcrm to remove them. Then, check your server’s error log (possibly with LogLevel debug set) to figure out why it’s crashing, or see: http://httpd.apache.org/dev/debugging.html

[root@testbed ~]# ipcs -s |grep apacheuser
—— Semaphore Arrays ——–
key        semid      owner      perms      nsems
0x00000000 26836992   apacheuser 600        1
0x00000000 26902529   apacheuser 600        1
0x00000000 26935298   apacheuser 600        1
0x00000000 27361283   apacheuser 600        1
0x00000000 27426820   apacheuser 600        1
0x00000000 27459589   apacheuser 600        1
0x00000000 22937608   apacheuser 600        1
0x00000000 23003145   apacheuser 600        1
0x00000000 23035914   apacheuser 600        1
0x00000000 33456140   apacheuser 600        1
0x00000000 34308109   apacheuser 600        1
0x00000000 34340878   apacheuser 600        1
0x00000000 48791567   apacheuser 600        1
0x00000000 49053712   apacheuser 600        1
0x00000000 49086481   apacheuser 600        1

[root@testbed ~]# ipcs -s |grep apacheuser | awk ‘{print $2}’
26836992
26902529
26935298
27361283
27426820
27459589
22937608
23003145
23035914
33456140
34308109
34340878
48791567
49053712
49086481

[root@testbed ~]# ipcs -s |grep apacheuser | awk ‘{print $2}’| xargs ipcrm sem
resource(s) deleted

[root@testbed ~]# /etc/init.d/httpd start
Starting httpd:                                            [  OK  ]

Ref:
http://wiki.apache.org/httpd/Logs
http://wiki.apache.org/httpd/IPCExhaustion

-Ravi

(0) Comments    Read More   

Hello Guy’s,

Every System Admin and technical person who is working or doing any kind of High Availability stuff, He really needs bench marking to check and verify system health under development, here I am very beginner in this kind of system benchmarking to know how server/CPU/memory and network reacts when doing this and given load (purposely) on system to use or run the service or process. I will explain how I have done this in the part -2 😉

Memory Util

 

CPU Util

 

-Ravi

(1) Comment    Read More   
Jan
08
Posted on 08-01-2011

** What is oprofile

In short “oprofile is a system-wide profiler”
need to profile an application and its shared libraries, examine hardware effects such as cache misses and capture the performance behaviour of entire system, then surely you need go with oprofile.

There is to many options and conditions spcefied, where we use only simple and easy one for further details, Please Read Man Pages 😉

Many CPUs provide “performance counters”, hardware registers that can count “events”; for example, cache misses, or CPU cycles. OProfile provides profiles of code based on the number of these occurring events: repeatedly, every time a certain (configurable) number of events has occurred, the PC value is recorded. This information is aggregated into profiles for each binary image.

Some hardware setups do not allow OProfile to use performance counters: in these cases, no events are available, and OProfile operates in timer/RTC mode

** All Docs, Examples and Bugs you will find @ http://oprofile.sourceforge.net

# download tar from http://oprofile.sourceforge.net/download/ or you can install it using yum also

[root@ravi.com ~]# yum install oprofile

Before you can use OProfile, you must set it up. The minimum setup required for this is to tell OProfile where the vmlinux file corresponding to the running kernel is, for example :

[root@ravi.com ~]#  opcontrol –vmlinux=/boot/vmlinux-`uname -r`

If you don’t want to profile the kernel itself, you can tell OProfile you don’t have a vmlinux file :

[root@ravi.com ~]# opcontrol –no-vmlinux

Here we used –no-vmlinux and specified other session directory than default location (/var/lib/oprofile)

[root@ravi.com ~]# opcontrol –no-vmlinux –session-dir=/home/prod/tmpsession

Now we are ready to start the daemon (oprofiled) which collects the profile data :

[root@ravi.com ~]# opcontrol –start –session-dir=/home/prod/tmpsession
Using default event: GLOBAL_POWER_EVENTS:100000:1:1:1
Using 2.6+ OProfile kernel interface.
Using log file /home/prod/tmpsession/samples/oprofiled.log
Daemon started.
Profiler running.

When I want to stop profiling, I can do so with :
(Here I have ran opcontrol only 1 min)
[root@ravi.com ~]# opcontrol –shutdown
Stopping profiling.
Killing daemon.

Lets see what your system & apps tell you 🙂
ophelp : This utility lists the available events and short descriptions.

[root@ravi.com ~]# opreport –session-dir=/home/prod/tmpsession
CPU: P4 / Xeon with 2 hyper-threads, speed 2992.73 MHz (estimated)
Counted GLOBAL_POWER_EVENTS events (time during which processor is not stopped) with a unit mask of 0x01 (mandatory) count 100000
GLOBAL_POWER_E…|
samples|      %|
——————
1109031 51.2560 no-vmlinux
479089 22.1420 libc-2.5.so
207263  9.5791 libperl.so
97973  4.5280 libpython2.4.so.1.0
91993  4.2516 nagios
35979  1.6628 php
35765  1.6529 libz.so.1.2.3
25203  1.1648 ld-2.5.so
21412  0.9896 mysqld
11566  0.5345 libgd.so.2.0.0
10008  0.4625 oprofiled
7661  0.3541 libpthread-2.5.so
6736  0.3113 libnetsnmp.so.10.0.3
5698  0.2633 libpng12.so.0.10.0
4488  0.2074 rateup
3500  0.1618 libcrypto.so.0.9.8e
2138  0.0988 bash
1556  0.0719 libm-2.5.so
1234  0.0570 libmysqlclient.so.15.0.0
606  0.0280 libpcre.so.0.0.1
328  0.0152 mysql.so
316  0.0146 librrd.so.4.1.3
290  0.0134 atop
272  0.0126 sendmail.sendmail
243  0.0112 grep
176  0.0081 nscd
172  0.0079 ping
153  0.0071 nebmodBY0Y2I (deleted)
144  0.0067 libgnutls.so.13.0.6
121  0.0056 init
106  0.0049 gawk

with using symbols you can simply find which apps supporting module takes high load
[root@ravi.com ~]#  opreport –exclude-dependent –symbols –long-filenames –session-dir=/home/prod/tmpsession
CPU: P4 / Xeon with 2 hyper-threads, speed 2992.73 MHz (estimated)
Counted GLOBAL_POWER_EVENTS events (time during which processor is not stopped) with a unit mask of 0x01 (mandatory) count 100000
samples  %        app name                 symbol name
1109031  51.2560  /no-vmlinux              /no-vmlinux
209506    9.6827  /lib64/libc-2.5.so       _int_free
207263    9.5791  /usr/lib64/perl5/5.8.8/x86_64-linux-thread-multi/CORE/libperl.so /usr/lib64/perl5/5.8.8/x86_64-linux-thread-multi/CORE/libperl.so
97973     4.5280  /usr/lib64/libpython2.4.so.1.0 /usr/lib64/libpython2.4.so.1.0
91993     4.2516  /usr/local/nagios/bin/nagios /usr/local/nagios/bin/nagios
44574     2.0601  /lib64/libc-2.5.so       free
35765     1.6529  /usr/lib64/libz.so.1.2.3 /usr/lib64/libz.so.1.2.3
35032     1.6191  /lib64/libc-2.5.so       vfprintf
22061     1.0196  /lib64/libc-2.5.so       _IO_vfscanf
21412     0.9896  /usr/libexec/mysqld      /usr/libexec/mysqld
16883     0.7803  /lib64/libc-2.5.so       _int_malloc
13631     0.6300  /lib64/libc-2.5.so       memcpy
13165     0.6084  /lib64/libc-2.5.so       _IO_file_xsputn@@GLIBC_2.2.5
1560      0.0721  /lib64/ld-2.5.so         _dl_relocate_object
1462      0.0676  /usr/bin/php             lstep
1385      0.0640  /usr/bin/php             zend_do_fcall_common_helper_SPEC
1258      0.0581  /lib64/libc-2.5.so       rawmemchr
1234      0.0570  /usr/lib64/mysql/libmysqlclient.so.15.0.0 /usr/lib64/mysql/libmysqlclient.so.15.0.0
1226      0.0567  /lib64/libc-2.5.so       realloc
1180      0.0545  /lib64/libc-2.5.so       __tzfile_compute
1156      0.0534  /lib64/ld-2.5.so         check_match.8509
1146      0.0530  /usr/bin/php             _zend_mm_free_int
1084      0.0501  /usr/bin/php             zend_hash_quick_find
1029      0.0476  /lib64/libc-2.5.so       __mpn_mul_1
747       0.0345  /lib64/libc-2.5.so       fgets
738       0.0341  /usr/bin/php             _zval_ptr_dtor

Ref: http://oprofile.sourceforge.net/doc/index.html

-Ravi

(0) Comments    Read More   
Dec
15
Posted on 15-12-2010
Filed Under (Linux commands, Redhat & Fedora, UNIX/Linux) by Ravi Bhure

Introduction –

Here we are going to create 4G swap file using cmd ‘dd’, later we will activate it.
we are named and create ‘/extraswap’ swap file for additional swap

dd command options
if = input file (read from FILE instead of stdin)
of = output file name (write to FILE instead of stdout)
bs = BYTES rate
count = BLOCKS (copy only number of block)

dd if=/dev/zero of=/extraswap bs=1024 count=4096000

***Adding extraswap Swap file

[root@ravi ~]# dd if=/dev/zero of=/extraswap bs=1024 count=4096000
4096000+0 records in
4096000+0 records out
4194304000 bytes (4.2 GB) copied, 162.277 seconds, 25.8 MB/s

Set up a Linux swap area using ‘mkswap’ command

[root@ravi ~]# mkswap /extraswap
Setting up swapspace version 1, size = 4194299 kB

Activate swap using ‘swapon’ command

[root@ravi ~]# swapon /extraswap

[root@ravi ~]# free -m
total       used       free     shared    buffers     cached
Mem:         16053       6148       9905          0        293       5488
-/+ buffers/cache:        367      15686
Swap:         3999          0       3999

Edit /etc/fstab and put below entry into it to swap on automatic after reboot server

/extraswap              none                    swap    defaults        0 0

*** Remove /extraswap file

[root@ravi ~]# swapoff /extraswap

Remove /extraswap swap file entry from /etc/fstab and run ‘mount -a

Delete /extraswap

[root@ravi ~]# rm /extraswap


-Ravi

(1) Comment    Read More   
Oct
11

Introduction –

Network latency
and Bandwidth are the two metrics most likely to be of interest when you benchmark a network. Even though most service and product advertising focuses on bandwidth, at times the latency can be a more important metric.

** What is Bandwidth?

Bandwidth (BW) in computer networking refers to the data rate supported by a network connection or interface. BW is measured in terms of bits per second (bps).

** What is Network latency?

Latency is a measure of time delay experienced in a system. Network latency is simply defined as the time delay observed as data transmits from one point to another. There are a number of factors that contribute to network latency. These include transmission(medium of connectivity), Distance, Routers and computer hardware delays.

List of Projects used to test Network performance and Bandwidth –

1) bmon – Bandwidth monitor and rate estimator, it is console based,live BW
2) bwbar – Bandwidth usage in Text and Graphical format
3) bwm-ng – Bandwidth Monitor NG (Next Generation, live BW, console based
4) dstat – Dstat is a replacement for vmstat, iostat and ifstat.
5) iftop – Bandwidth usage on an interface, console based
6) iperf – Perform Network throughput tests bet two host
7) ifstat – Report InterFace STATistics
8) cbm – Color Bandwidth Meter ,console based
9) etherape – Graphical network traffic browser
10) iptraf – Interactive Colorful IP LAN Monitor, console and GUI based
11) netmrg – It is daemon based, mySQL support, Gathers data from devices.
12) nuttcp – Network performance measurement tool
13) nepim – network performance

NOTE ~ For some of them rpm or deb packages are not available!

Step 1] How to install on Redhat/RHCE,CentOS based system and Dibian based system –

root@me:~# yum install netperf iperf nuttcp nepim lmbench

** Ubuntu –

root@me:~# apt-get install  bmon bwbar bwm-ng dstat cbm etherape iftop iperf ifstat iptraf netmrg

Step 2] How to use – bmon, bwm-ng, dstat, ifstat –

root@me:~# bmon
interface: lo at me.arun.host
#   Interface                RX Rate         RX #     TX Rate         TX #
────────────────────────────────────────
me.arun.host (source: local)
0   lo                         0.00B            0       0.00B            0
1   eth0                       0.00B            0       0.00B            0
2   eth2                       0.00B            0       0.00B            0
3   vboxnet0                   0.00B            0       0.00B            0
4   pan0                       0.00B            0       0.00B            0
5   ppp0                      69.39KiB         61       7.49KiB         44

root@me:~# bwm-ng

bwm-ng v0.6 (probing every 0.500s), press ‘h’ for help
input: /proc/net/dev type: rate
\         iface                   Rx                   Tx                Total
==============================================================================
lo:           0.00 KB/s            0.00 KB/s            0.00 KB/s
eth0:           0.00 KB/s            0.00 KB/s            0.00 KB/s
eth2:           0.00 KB/s            0.00 KB/s            0.00 KB/s
ppp0:          64.39 KB/s            7.92 KB/s           72.31 KB/s
——————————————————————————
total:          64.39 KB/s            7.92 KB/s           72.31 KB/s

root@me:~# dstat
—-total-cpu-usage—- -dsk/total- -net/total- —paging– —system–
usr sys idl wai hiq siq| read  writ| recv  send|  in   out | int   csw
7   4  85   4   0   0| 281k  110k|   0     0 |   0     0 | 865  3013
8   4  88   0   0   0|   0     0 |7027B 1261B|   0     0 | 956  4505
8   5  86   0   0   0|   0     0 |  14k 1867B|   0     0 |1144  3332
9   5  86   0   1   0|   0     0 |  79k 2496B|   0     0 |1360  3366
18   8  74   0   0   0|   0     0 |  52k 6511B|   0     0 |1299  3618
8   6  85   0   1   0|   0     0 |  35k 5339B|   0     0 |1094  4231
6   4  90   0   0   0|   0     0 |   0  3164B|   0     0 | 953  2750 ^C
root@me:~#

root@me:~# ifstat
eth0                eth2                ppp0
KB/s in  KB/s out   KB/s in  KB/s out   KB/s in  KB/s out
0.00      0.00      0.00      0.00     95.73      4.31
0.00      0.00      0.00      0.00     67.93      8.17
0.00      0.00      0.00      0.00    106.77     13.70

** start “iperf” server on one host(A) and client on another host(B)- to measure Network throughput between two hosts.

* Host -A

root@me:~# iperf -s
————————————————————
Server listening on TCP port 5001
TCP window size: 85.3 KByte (default)
————————————————————
[  4] local 192.168.0.1 port 5001 connected with 192.168.0.2 port 56171
[ ID] Interval       Transfer     Bandwidth
[  4]  0.0-10.0 sec  9.11 GBytes  7.82 Gbits/sec

* Host -B
test@hostB:~$ iperf -c 192.168.0.1
————————————————————
Client connecting to 192.168.0.1, TCP port 5001
TCP window size: 49.5 KByte (default)
————————————————————
[  3] local 192.168.0.2 port 56171 connected with 192.168.0.1 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec  9.11 GBytes  7.82 Gbits/sec
test@hostB:~$

root@me:~# iftop
root@me:~# cbm

Thank you,
Arun Bagul

(1) Comment    Read More   

www.flickr.com
arunbagul's photos More of arunbagul's photos
Get Adobe Flash player
-->