How to Mirror a SVN Repository

http://wordaligned.org/articles/how-to-mirror-a-subversion-repository

http://journal.paul.querna.org/articles/2006/09/14/using-svnsync/

atom vs rss2

A comparison can be found here.

Build a Website Free

http://www.synthasite.com
http://members.freewebs.com/index.jsp

Cache-Control Header: ie7

Not all the combinations of Cache-Control headers are supported by ie7. See

http://faindu.wordpress.com/2008/04/18/ie7-ssl-xml-flex-error-2032-stream-error/

Apache Server Variable Definition

http://www.zytrax.com/tech/web/env_var.htm

Create a sitemap

http://www.xml-sitemaps.com/
http://www.dmoz.org/Computers/Internet/Searching/Search_Engines/Sitemaps/

Pulseaudio Preferences (paprefs)

yum install paprefs

svn undo last change

Suppose we want to undo the last ci (revision 100) back to 99 for the changes in current directory.

svn merge --revision 100:99 .

or

svn merge -c -100

Apache2 mod_rewrite module

The environment variables and syntax are documented here. $N are the regexp matches on RewriteRule and %N are the ones from RewriteCond.

Apache2 mod_cache

The setup instructions can be found here. However, I noticed my CacheRoot is always empty. After I turned on Loglevel debug. I notice there was a permission problem "mod_cache.c: (13)Permission denied". Just have to make the permission corrent and it then worked...

# chown apache.apache /tmp/cache/httpd/
# chcon -t httpd_sys_content_t /tmp/cache/httpd/ 

Apache2 Connection Timeout

Sometimes I can not connect to my server, I found out that it is related to net.ipv4.tcp_tw_recycle=1. I do not understand why as this is recommended setting for server....

Here says it should be disabled http://kbase.redhat.com/faq/FAQ_80_6180.shtm

Enable mod_dumpio on Apache2

Use the following configuration:

LoadModule dumpio_module modules/mod_dumpio.so
LogLevel debug
DumpIOInput On
DumpIOOutput On
#DumpIOLogLevel can be set optionally
#DumpIOLogLevel debug

Check Apache2 Config Syntax

# httpd -t
Syntax OK

tcpdump http traffic

tcpdump  -s 0 -i eth0 dst or src host mydomain.com  and port 80
tcpdump  -A -s 0 -i eth0 dst or src host mydomain.com  and port 80

other commands

tcpdump src 192.168.11.200
tcpdump src 192.168.11.200 and port tftp
tcpdump -n dst 192.168.11.1 and udp
tcpdump -n dst 192.168.0.1 or  dst 192.168.0.10 and udp # display ip
tcpdump -nn dst 192.168.0.1 or  dst 192.168.0.10 and udp # display both ip and port
tcpdump -nn ip multicast  and not broadcast

see also http://www.rationallyparanoid.com/articles/tcpdump.html

Free DNS server

http://theos.in/windows-xp/free-fast-public-dns-server-list/

Slow ssh login

Originally, I thought it was the sshd DNS configuration (i.e. UseDNS) which is already set to no. It turns out that the first domain server in /etc/resolv.conf on the server is slow. After switching the order of the servers, ssh become fast again... This is related to the entries I added to hosts.deny.

Add SSL Certificate from Startcom to Apache

Get free certificates(3 files) from Startssl.com and modify the following:

SSLCertificateFile /etc/pki/tls/certs/mydomain.com.crt      #generated by startcom
SSLCertificateKeyFile /etc/pki/tls/private/mydomain.com.key #generated by startcom
SSLCACertificateFile /etc/pki/tls/certs/startcom.bundle.crt #downloaded from startcom

Assign Multiple IP's on Single NIC

Restart the network after creating the following file:

# cat /etc/sysconfig/network-scripts/ifcfg-eth0-range0 
IPADDR_START=192.168.1.2
IPADDR_END=192.168.1.3
CLONENUM_START=0

Reverse DNS Lookup

Use nslookup or host command:

nslookup ipaddr
host ipaddr

tcpwrapper: hosts.allow / hosts.deny

hosts.allow will overide hosts.deny.
Below is a configuration I use for my home computer that can not be connected directly from outside:

hosts.allow:
sshd: 192.168.0.0/255.255.255.224 except 192.168.0.1
hosts.deny:
sshd: ALL

The Below is a machine that can be connected from outside:

hosts.allow:
sshd: 192.168.0.0/255.255.255.224 except 192.168.0.1
hosts.deny:
sshd: PARANOID,UNKNOWN
sshd: *.com.mx,*.com.ar,*.it, *.ro

ssh session stuck

press ~ tehn . to send a break/recover.

Redirect kern.warn iptables log

add the following lines to /etc/syslog.conf

kern.warning /var/log/iptables.log

Configuring Postfix with SASL

See Postfix SASL Howto and www.mysql-apache-php.com/.

This is for CentOS 4 http://www.hughesjr.com/content/view/14/29/

Here is another one with TLS http://wiki.centos.org/HowTos/postfix_sasl

When using TLS for postfix, make sure master.cf has

smtps     inet  n       -       n       -       -       smtpd
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_tls_wrappermode=yes

Configure Squirrelmail

Change domain in /etc/squirrelmail/config.php:

$domain = 'mydomain.com';

so the email received will have user@mydomain.com

To use https on apache, add the following to /etc/httpd/conf.d/squirrelmail.conf:

<Location /webmail>RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{HTTP_HOST}:443%{REQUEST_URI} [QSA,R=permanent,L]
</Location>

Finally, selinux settings:

setsebool -P httpd_can_network_connect=1

Dovecot Imaps Server setup

You can do this for pop/pops/imap as well, here I only wanted to configure imaps. Make the following changes to /etc/dovecot.conf:

protocols = imaps
login_process_size = 64  # for x86_64
imap_client_workarounds = delay-newmail outlook-idle netscape-eoh

.
Also remember to open the port 993 for imaps in the iptable configuration.

Configure postfix

If this is a web server, make sure you changed MX record with dns provider to point to your server (or you will not be able to receive mail). I have modified the following is /etc/postfix/mail.cf:

myhostname = mydomain.com
myorigin = $myhostname
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost

Use http://pingability.com to check your DNS setup.

Free Unix Account

You can get a temporary unix account by

telnet sdf.lonestar.org

Though this you can not telnet out out the box. For that, you can try http://www.bshellz.net/register

Tunnel VNC over ssh

This will be faster than using VNC over X over ssh (i.e., ssh -X). Let us say we want to tunnel vnc from remote to local and the vncserver on remote is started on port 2 (5092).

local$ ssh -C -L 5902:127.0.0.1:5902  uid@remote

Then on remote start vncserver if it is not started

remote$ vncserver :2

Now on start vncviewer on local to connect to remote vnc server:

local$ vncviewer locathost:2

X over ssh

Use either -X or -Y option with ssh.

localhost$ ssh -X remotehost
remotehost$ xterm     # this remotehost xterm will show on your local machine

svn ignore a file

The property is set on a directory. Below I created a file abc.txt and set svn:ignore on it:

$ touch abc.txt
$ svn propset svn:ignore abc.txt .
property 'svn:ignore' set on '.'
$ svn propget svn:ignore .
abc.txt

$ svn status --no-ignore
I      abc.txt
 M     .

Add with an editor:

svn propedit svn:ignore .

Ssh Read from remote host remote.com: Connection reset by peer

My hosting company firewall seems to drop idle connections. When I do a who on the server, there are many ssh sessions that are already dropped on the client side. I add the following to the /etc/ssh/sshd_config, then restarted the sshd. Connection reset does not happen anymore. Had to adjust ClientAliveInterval a few times to half of the firewall's timeout value.

TCPKeepAlive yes
ClientAliveInterval 240

Also you can change this in the kernel:

# cat /proc/sys/net/ipv4/tcp_keepalive_time
7200
# echo 240 > /proc/sys/net/ipv4/tcp_keepalive_time

And make changes to /etc/sysctl.conf permanently.

net.ipv4.tcp_keepalive_time = 180

svn 1.4 compression

SVN 1.4 has compression support (use ldd to see if it is linked with libz). If use svn+ssh, enable ssh compression actually slows down the svn in my tests.

ldd /usr/bin/svn
...
libz.so.1 => /lib64/libz.so.1 (0x0000000020802000)
... 

groupadd and useradd

Add a group 'friend' with a specific gid 600:

groupadd --gid 600 friend

Create a user with a specific gid 'friend':

useradd -g friend -m username

Add a existing user 'username' to a group 'friend'

usermod -a -G friend username

Change username's primary group to 'friend'

 usermod -g friend username

Emacs Ediff Lose Focus

This seems to happen in emacs-21 and emacs-22, when I type next in the control panel, the cursor focus changes from control panel to one of the emacs diff buffers. I am not sure if this is relate to window manager (xfce) or emacs configuration. I have to change to it 'always on top' to fix the problem.

How to Undelete a Removed File on a NTFS File System

This is the instruction to recover a deleted file on a NTFS partition mounted on Linux. For windows, there are commerical software you can use to do the undelete. But if you have a Linux partition installed on your computer, you can recover/undelete the file in the NTFS partition under Linux for free.

To recover a deleted file on a NTFS partition use ntfsundelete (yum install ntfsprogs). For example, to recover abc.xls. First check the file deleted within a day (assume you deleted the file today, then recover the file with inode specified(in this case 106).

# ntfsundelete /dev/sda5 -t 1d
Inode    Flags  %age  Date           Size  Filename
---------------------------------------------------------------
106      FN..   100%  2008-10-14     14848  
4477     FN..   100%  2008-10-14     14848  

Files with potentially recoverable content: 2

# ntfsundelete /dev/sda5 -u -i 106 -o abc.xls
Inode    Flags  %age  Date            Size  Filename
---------------------------------------------------------------
106      FN..     0%  2008-10-14     14848  

Undeleted '(null)' successfully.

Also see instruction for undeleting a file on an ext3 file system.

How to Undelete a Removed File on an ext3 File System

If you accidentally delete a file on ext3, you can recover it using ext3grep. Below is an example where I am trying to restore the file test/tt.

# ext3grep  --dump-names /dev/sda10
Running ext3grep version 0.8.0
WARNING: I don't know what EXT3_FEATURE_COMPAT_EXT_ATTR is.
WARNING: EXT3_FEATURE_INCOMPAT_RECOVER is set. This either means that your partition is still mounted, and/or the file system is in an unclean state.
Number of groups: 258
Minimum / maximum journal block: 1546 / 35888
Loading journal descriptors... sorting... done
....

test
test/.tt.swp
test/tt

# ext3grep  --restore-file 'test/tt' /dev/sda10
Running ext3grep version 0.8.0
WARNING: I don't know what EXT3_FEATURE_COMPAT_EXT_ATTR is.
WARNING: EXT3_FEATURE_INCOMPAT_RECOVER is set. This either means that your partition is still mounted, and/or the file system is in an unclean state.
Number of groups: 258
Loading group metadata... done
Minimum / maximum journal block: 1546 / 35888
Loading journal descriptors... sorting... done
The oldest inode block that is still in the journal, appears to be from 1223927674 = Mon Oct 13 13:54:34 2008
Number of descriptors in journal: 25686; min / max sequence numbers: 198274 / 210642
Writing output to directory RESTORED_FILES/
Loading sda10.ext3grep.stage2... done
Restoring test/tt
# cat RESTORED_FILES/test/tt 
abc

Also see instruction on how to undelete a file on NTFS partition.

Also, you can try foremost and scalpel packages.

How to Undelete a File on Reiserfs and XFS

There are more work to recover a file on Reiserfs and XFS than either NTFS or ext3.

For reiserfs, see http://antrix.net/journal/techtalk/reiserfs_data_recovery_howto.comments

For xfs, see http://linuxwebdev.blogspot.com/2005/06/xfs-undelete-howto-how-to-undelete.html

Apache2 and Lighttpd

Which one should I use? Use lighttpd for static content like .html and apache for dynamic content like php.

Static Contents:
In my testing, lighttpd (1.4.19) can support at least 1.5 times as many connectoins as apache2 (2.2.9) could.

Dynamic Contents:
With php, they are about the same.

Configurations:
I found apache2 easier to configure than lighttpd. Compression support is better with apache2 than lighttpd.

EMail

Sendmail/postfix
Mail server like Microsoft Exchange Server. It supports SMTP to accept from and deliver to other servers. Postfix is easier to set up.

If your ISP blocks the SMTP port (25), you can not send/receive. But you can use postfix relayhost to send through a remote SMTP server (from your ISP). Instructions can be found here.

IMAP/POP
Protocols allow user to download email from a remote server. These are daemon as well.

Text Based Mail User Agent (MUA)
The two most popular ones are pine (alpine) or mutt (new elm). pine/alpine does not come with Centos. Alpine comes with at least Fedora 9.

Simple Security Set up

Disable ftp and telnet, use ssh instead. This is default on Redhat family. Use iptable and selinux. In addition:

1. Disable ssh login for root, add the following line to /etc/ssh/sshd_config:

   PermitRootLogin no

2. Use protocol 2 in ssh

   protocol 2

3. Reduce the number of retries

   MaxAuthTries 1

4. Slow down sshd brute force attack with iptables (twice/min)

   -A RH-Firewall-1-INPUT -p tcp --dport 22 --syn -m limit --limit 1/m --limit-burst 2 -j ACCEPT
   -A RH-Firewall-1-INPUT -p tcp --dport 22 --syn -j DROP

5. Install pam_abl to auto blacklisting hosts.
6. Create nologin account for emails.
7. Use AllowUsers in sshd_config

   AllowUsers userid1 userid2

8. If tried ssh more than 6 times in a second, it is rejected for one hour:

   -N SSH
   -N SSH_ABL
   -A SSH -m recent --name SSH_ABL --update --seconds 3600 -j REJECT
   -A SSH -m recent --name SSH --rcheck --seconds 60 --hitcount 6 -j SSH_ABL
   -A SSH_ABL -m recent --name SSH_ABL --set -j LOG --log-level warn --log-prefix "ABL: +SSH: "
   -A SSH_ABL -j REJECT
   # two second pause enforced between accesses
   -A SSH -m recent --name SSH --rcheck --seconds 2 -j LOG --log-level warn --log-prefix "RATE: "
   -A SSH -m recent --name SSH --update --seconds 2 -j REJECT
   -A SSH -m recent --name SSH_ABL --remove -j LOG --log-level warn --log-prefix "ABL: -SSH: "
   -A SSH -m recent --name SSH --set -j ACCEPT
   -A RH-Firewall-1-INPUT -m state --state NEW -p tcp -m tcp --dport 22 -j SSH

9. tcpwrapper hosts.allow and hosts.deny.

Swappiness

Desktop with 3G RAM: vm.swappiness = 10
Laptop with 1G RAM: vm.swappiness = 0
Server with 1G RAM: vm.swappiness = 50

Domain Ownership Lookup with whois command

$ whois somedomain.com

Monitoring Network Stats with vnstat

$ vnstat
Database updated: Tue Oct  7 14:30:01 2008

 eth0

    received:      13.54 MB (81.2%)
 transmitted:       3.67 MB (18.8%)
       total:      17.20 MB

                 rx     |     tx     |  total
 -----------------------+------------+-----------
     today     13.54 MB |    3.67 MB |   17.20 MB
 -----------------------+------------+-----------
 estimated        21 MB |       4 MB |      25 MB

To enable the monitoring, uncomment the following line from /etc/cron.d/vnstat

 */5 * * * *  vnstat /usr/sbin/vnstat.cron

crontab

User create crontab files to be executed by crond:
crontab -l: list current crontab entries.
crontab -e: edit crontab entries
crontab -r: remove the crontab file

crontab files are located in /var/spool/cron

cron will also run scripts in
cron.monthly/ cron.daily/ cron.hourly/ cron.weekly/

fuser: check who is using a tcp/udp port

# fuser 702/tcp
702/tcp:              4336
# ps -ef |grep 4336
rpcuser   4336     1  0 Sep26 ?        00:00:00 rpc.statd
root      7692  7458  0 15:46 pts/0    00:00:00 grep 4336

nmap

To check machine 192.168.0.22, run nmap remotely from another machine.

# nmap -sT -sU -p 1-1023 192.168.0.22
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2008-10-05 15:44 MDT
Interesting ports on (192.168.0.22):
Not shown: 2040 filtered ports
PORT    STATE         SERVICE
22/tcp  open          ssh
25/tcp  closed        smtp
80/tcp  closed        http
443/tcp closed        https
631/tcp closed        ipp
631/udp open|filtered unknown

RPM

Querying

Command	Description
rpm -q	query all installed packages
rpm -q firefox	query firefox installed
rpm -ql firefox	query list of files in firefox package
rpm -qid firefox	query package information including documentation files
rpm -qf /usr/bin/ab	which package that owns ab
rpm -qdf /usr/bin/ab	list document comes with package that owns ab
rpm -V package	verify an installed package
rpm -Va	verify all installed package
rpm -Vf /usr/bin/ab	verify the package that owns ab
rpm -qa --qf "%-10{SIZE} %-30{NAME}\n" | sort -n | less	sort all installed packages by size
rpm -qa --qf "%{n}-%{v}-%{r}.%{arch}\n"	:list architecture
rpm -qpR package	list package dependencies
rpm -qp --scripts package	list package pre and post scripts
rpm -qa --queryformat '%{SIZE}\n' | awk '{sum += $1} END {printf("Total size in packages = %4.1f GB\n", sum/1024**3)}'	total size of all rpms installed
rpm -q --changelog package	package change log
rpm -q --provides package	what the package provides
rpm -q --qf '[%{obsoletes}\n]' package	show obsolete tags
rpm -K package.rpm	verify package integrity

1. rpm -qa: query all installed packages
2. rpm -q firefox: query firefox installed
3. rpm -ql firefox: query list of files in firefox package
4. rpm -qpl name.rpm query list files in name.rpm
5. rpm -qid firefox: query package information including documentation files
6. rpm -qf /usr/bin/ab: which package that owns ab
7. rpm -qdf /usr/bin/ab: list document comes with package that owns ab
8. rpm -V package: verify a package
9. rpm -Va: verify all installed package
10. rpm -Vf /usr/bin/ab: verify the package that owns ab.
11. rpm -qa --qf "%-10{SIZE} %-30{NAME}\n" | sort -n | less: sort all installed packages by size.
12. rpm -qa --qf "%{n}-%{v}-%{r}.%{arch}\n"    :list architecture
13. rpm -qpR package:    list package dependencies
14. rpm --test -e package: list what requires this package
15. rpm -qp --scripts package:   list package pre and post scripts
16. rpm -q --changelog package: package change log
17. rpm -qa --queryformat '%{SIZE}\n' | awk '{sum += $1} END {printf("Total size in packages = %4.1f GB\n", sum/1024**3)}':  total size of all rpms installed
18. rpm -q --provides  package:  what the package provides
19. rpm -q --qf '[%{obsoletes}\n]' package: show obsolete tags
20. rpm -K package.rpm: verify package integrity

Installing

1. rpm -ivh package.rpm: installing, verbose and show progress with ###
2. rpm -Uvh package.rpm: updating a package
3. rpm -Fvh *.rpm: updating the packages only if an earlier version is present

Uninstalling

1. rpm -e package
2. rpm -e --nodeps package

Check Dependency

$ rpm --test -ivh package.rpm

Rebuild RPM db (when it is corrupted or yum stuck)

# rm /var/lib/rpm/__db*
# rpm --rebuilddb

Auto Reboot after Kernel Panic

Add panic=5 to the kernel boot parameter in grub. Kernel will reboot 5 secs after kernel panic. For example,

kernel /vmlinuz-2.6.26.5-45.fc9.x86_64 ro root=LABEL=/1 rhgb quiet panic=5

Alternatively, add kernel.panic=5 in /etc/sysctl.conf. This will be loaded after next reboot or you can manually load it sysctl -p. To check,

# sysctl -a |grep kernel.panic
kernel.panic_on_unrecovered_nmi = 0
kernel.panic_on_oops = 1
kernel.panic = 5

.

Monitor and Restart Processes

monit can be used to monitor and restart server processes such as apache. See the link below for more info:

Monitor and restart Apache or lighttpd webserver when daemon is killed

RHEL and CentOS monit rpm can be downloaded here. Install on CentOs:

# rpm -Uvh monit-4.10.1-7.el5.i386.rpm
# vi /etc/monit.conf
# chkconfig --level 345 monit on
# /etc/init.d/monit start

Fedora: 64 bit vmware error

Error

unable to change virtual machine power state: failed to connect to peer process

run vmware-config.pl and get the following warning:

$ sudo vmware-config.pl 
The following libraries could not be found on your system:
libXtst.so.6

Install libXtst.so.6 and problem fixed.

yum install libXtst-1.0.3-3.fc9.i386

Fedora 9 x86_64: use flash-plugin with firefox.i386 ro firefox.x86_64

I tried both firefox.i386 and firefox.x86_64 with flash-plugin from Adobe. I prefer the x86_64, because I found it:

• it runs faster than i386 version.
• it pulls in fewer i386 packages (61 vs 78).
• I had issues update firefox.i386 once in a while due to the mixed i386 and x86_64 repos.

Here are the instructions on

Installing firefox.i386 on FC9 x86_64 and adding flash-plugin to both firefox.i386 and firefox.x64_64.

However there seems to be a memory leak with the npviewer.bin that comes with one of the nspluginwrapper.

Vmware Guest Clock Issue

The following article explains how to correct it.

Host Power Management Causes Problems with Guest Timekeeping on Linux Hosts

1. turn on sync time with host in vmware tools

2. add the following lines in /etc/vmware/config (2000000 is my machine's highest CPU frequency).

host.cpukHz = 2000000
hostinfo.noTSC = TRUE
tools.syncTime = TRUE

Sample .conkyrc good with xfce

A conkyrc file used my my dell laptop.

alignment top_right
background no
border_width 2
update_interval  5
no_buffers yes
out_to_console no
own_window yes
own_window_type desktop
own_window_hints below,skip_taskbar
own_window_transparent yes
stippled_borders 0
uppercase no
use_spacer no
show_graph_scale no
show_graph_range no
pad_percents  3
gap_x   10
gap_y   10
use_xft yes

TEXT
${color grey}Frequency (in MHz):$color $freq
${color grey}RAM Usage:$color $memperc% ${membar 6}
CPU Usage:$color $cpu% ${cpubar 7}
${color #cccccc}Batt:$color ${battery_bar 6,72 BAT0} $color ${battery_bar 6,72 BAT1} ${color grey}Temp:$color $i8k_cpu_temp
$hr
${color grey}Name                PID   CPU%   MEM%
${color lightgrey} ${top name 1} ${top pid 1} ${top cpu 1} ${top mem 1}
${color lightgrey} ${top name 2} ${top pid 2} ${top cpu 2} ${top mem 2}
${color lightgrey} ${top name 3} ${top pid 3} ${top cpu 3} ${top mem 3}
${color lightgrey} ${top name 4} ${top pid 4} ${top cpu 4} ${top mem 4}
$hr
Eth0  Up:$color ${upspeed eth0} k/s${color grey} - Down:$color ${downspeed eth0} k/s
Wifi0 Up:$color ${upspeed wifi0} k/s${color grey} - Down:$color ${downspeed wifi0} k/s

Fedora 9: Mixed fc7 and fc8 Packages

When upgraded from fc7 to fc8, there were hundreds of packages still there from fc7 and some from fc6. Most of the them are duplicated. I had several repo's, and upgraded one by one. I wonder if that was the problem.

For fc9, I update all the yum repo's to release 9 before running yum update.
Right now for fc9, I only have handful of fc7 and fc8 packages.

Also run:

package-cleanup --cleandupes

CPU Speed Governor and Stepping

cpufreq-info      cpufreq-selector  cpufreq-set       cpuspeed
$ cpufreq-info 
cpufrequtils 003: cpufreq-info (C) Dominik Brodowski 2004-2006
Report errors and bugs to cpufreq@lists.linux.org.uk, please.
analyzing CPU 0:
  driver: powernow-k8
  CPUs which need to switch frequency at the same time: 0 1
  hardware limits: 1000 MHz - 2.00 GHz
  available frequency steps: 2.00 GHz, 1.80 GHz, 1000 MHz
  available cpufreq governors: ondemand, userspace, performance
  current policy: frequency should be within 1000 MHz and 2.00 GHz.
                  The governor "ondemand" may decide which speed to use
                  within this range.
  current CPU frequency is 2.00 GHz (asserted by call to hardware).
analyzing CPU 1:
  driver: powernow-k8
  CPUs which need to switch frequency at the same time: 0 1
  hardware limits: 1000 MHz - 2.00 GHz
  available frequency steps: 2.00 GHz, 1.80 GHz, 1000 MHz
  available cpufreq governors: ondemand, userspace, performance
  current policy: frequency should be within 1000 MHz and 2.00 GHz.
                  The governor "ondemand" may decide which speed to use
                  within this range.
  current CPU frequency is 2.00 GHz (asserted by call to hardware).

$ cat /etc/sysconfig/cpuspeed
### SCALING THRESHOLDS ###
# Busy percentage threshold over which to scale up to max frequency
# default value: empty (use governor default)
UP_THRESHOLD=50
# Busy percentage threshold under which to scale frequency down
# default value: empty (use governor default)
DOWN_THRESHOLD=

Cpu Temperature, Fan speed

$ sensors
k8temp-pci-00c3
Adapter: PCI adapter
Core0 Temp:  +36.0°C                                    
Core1 Temp:  +44.0°C                                    

dme1737-i2c-0-2e
Adapter: SMBus nForce2 adapter at 4c00
V5stby:      +0.01 V  (min =  +0.00 V, max =  +6.64 V)   ALARM
Vccp:        +1.36 V  (min =  +0.00 V, max =  +2.99 V)   
V3.3:        +3.31 V  (min =  +0.00 V, max =  +4.38 V)   
V5:          +4.98 V  (min =  +0.00 V, max =  +6.64 V)   
V12:        +11.86 V  (min =  +0.00 V, max = +15.94 V)   
V3.3stby:    +3.36 V  (min =  +0.00 V, max =  +4.38 V)   
Vbat:        +0.00 V  (min =  +0.00 V, max =  +4.38 V)   
CPU_Fan:    2671 RPM  (min =    0 RPM)
Fan2:       1208 RPM  (min =    0 RPM)
Fan4:          0 RPM  (min =    0 RPM)
RD1 Temp:    +38.5°C  (low  = -127.0°C, high = +84.0°C)  
Int Temp:    +41.2°C  (low  = -127.0°C, high = +84.0°C)  
CPU Temp:    +41.6°C  (low  = -127.0°C, high = +84.0°C)  
cpu0_vid:   +1.550 V

Fedora: lose my mouse with NODUSM3 SR2177CL

Can not remember if it is related to the motherboard or the graphics card which is GeForce 6150 LE. Add the following line in xorg.conf fixed it

Section "Device"
    Identifier     "Generic Video Card"
    Driver         "nvidia"
EndSection

Section "Screen"
    Identifier     "Default Screen"
    Device         "Generic Video Card"
    Monitor        "SyncMaster"
    DefaultDepth    24
    Option         "UseDisplayDevice" "DFP"
    Option         "OnDemandVBlankInterrupts" "True"  #power saving
    Option         "Coolbits" "1"                     #enable overclocking
    Option         "HWCursor" "Off"
    SubSection     "Display"
        Depth       24
        Modes      "1680x1050"
    EndSubSection
EndSection

Note: HWCursor OFF is no longer required in Fedora 10, in fact it cause problem with the cursor with compiz.

For compiz, I added the following lines:

    ModulePath "/usr/lib64/xorg/modules/extensions/nvidia"
    ModulePath "/usr/lib64/xorg/modules/extensions"
    ModulePath "/usr/lib64/xorg/modules"

Option "XAANoOffscreenPixmaps"
Option "AddARGBVisuals" "True"
Option "AddARGBGLXVisuals" "True"
Option "AllowGLXWithComposite" "true"

CentOS 5: install GeForce4 440 GO on Inspiron 8200

The nv driver from CentOS is very slow, firefox 3 is almost unusable. Xorg spikes the CPU up and the fan is going crazy. The driver from nvidia speed it up significantly. Here is how to install.
1.

sudo ./NVIDIA-Linux-x86-96.43.07-pkg1.run

2. add Option "UseDisplayDevice" "DFP" in /etc/X11/xorg.conf to fix the black screen problem, looks like (note the line option "NvAGP "1" enables suspend and hibernate, with agpart it does not wake up correctly)

Section "Device"
Identifier     "Videocard0"
Driver         "nvidia"
  Option "UseDisplayDevice" "DFP"
Option         "NvAGP"  "1"
EndSection

If you get an error like below, you can blacklist agpgart or in newer kernel pass agp=off in the kernel parameter.

Kernel: NVRM: not using NVAGP, an AGPGART backend is loaded!
$cat /proc/driver/nvidia/agp/status
Status:   Disabled

There is a performance difference when NvAGP is enabled (glxgears -info):

    Option         "NvAGP" "0"
6991 frames in 5.1 seconds = 1382.975 FPS

   Option         "NvAGP" "1"
9940 frames in 5.0 seconds = 1987.856 FPS

options nvidia NVreg_EnableAGPFW=1 NVreg_EnableAGPSBA=1  in modprobe.conf (breaks suspend to ram)
28095 frames in 5.0 seconds = 5618.965 FPS

Finally, cpu load is much lower, would not spike as before (even idling). The load average was 0.3 even when idling.

$ uptime
09:36:32 up 35 min,  3 users,  load average: 0.00, 0.02, 0.07

Also download the driver from Nvidia and ftp://download.nvidia.com/XFree86/

Here is a FAQ for Inspiron 8200.

Below is the complete working xorg.conf

# nvidia-xconfig: X configuration file generated by nvidia-xconfig
# nvidia-xconfig:  version 1.0  (buildmeister@builder57)  Wed Jul  2 12:30:48 PDT 2008

# Xorg configuration created by pyxf86config

Section "ServerLayout"
    Identifier     "Default Layout"
    Screen      0  "Screen0" 0 0
    InputDevice    "Keyboard0" "CoreKeyboard"
    InputDevice    "Synaptics" "CorePointer"
EndSection

Section "InputDevice"
    Identifier     "Keyboard0"
    Driver         "kbd"
    Option         "XkbModel" "pc105"
    Option         "XkbLayout" "us"
EndSection

Section "InputDevice"
    Identifier     "Synaptics"
    Driver         "synaptics"
    Option         "Device" "/dev/input/mice"
    Option         "Protocol" "auto-dev"
    Option         "Emulate3Buttons" "yes"
    Option         "LeftEdge" "120"
    Option         "RightEdge" "830"
    Option         "TopEdge" "120"
    Option         "BottomEdge" "650"
    Option         "FingerLow" "14"
    Option         "FingerHigh" "15"
    Option         "MaxTapMove" "110"
    Option         "VertScrollDelta" "20"
    Option         "HorizScrollDelta" "20"
    Option         "MinSpeed" "0.3"
    Option         "MaxSpeed" "0.75"
EndSection

Section "Monitor"
    Identifier     "Monitor0"
    VendorName     "Unknown"
    ModelName      "Unknown"
    HorizSync       30.0 - 110.0
    VertRefresh     50.0 - 150.0
    Option         "DPMS"
EndSection

Section "Device"
    Identifier     "Videocard0"
    Driver         "nvidia"
EndSection

Section "Screen"
    Identifier     "Screen0"
    Device         "Videocard0"
    Monitor        "Monitor0"
    DefaultDepth    24
    Option         "UseDisplayDevice" "DFP"
    Option         "NvAGP" "1"
    SubSection     "Display"
        Viewport    0 0
        Depth       24
    EndSubSection
EndSection

CentOS 5: Install i8kutils

Install i8kutils and gkrellm from fc6.

$ sudo rpm -ivh i8kutils-1.25-11.fc6.i386.rpm gkrellm-2.2.9-10.fc6.i386.rpm 


$ cat ~/.i8kmon
              set config(0) {{0 0}  -1  68 -1  70}
              set config(1) {{1 1}  55  75  55  75}
              set config(2) {{2 1}  65  85  65  85}
              set config(3) {{2 2}  75 128  75 128}


$ i8kctl 
1.0 A08 757JG21 61 1 0 6180 0 1 0
$ i8kctl temp
62
$ i8kctl fan
1 0
$ i8kctl speed
6180 0

$ i8kmon -t 10 -d &

manual fan control
$ i8kfan 2 2

CentOS Selinux

Install setroubleshoot.noarch to show selinux error messages:

 yum install setroubleshoot-server.noarch setroubleshoot.noarch

Allow Apache to listen to a different port and check which port is selinux allowed:

semanage port -a -t http_port_t -p tcp 81 

semanage port -l

selinux also prevent mysqld to start after relocate /var/lib/mysql to /home/mysql:

 chcon -R -t mysqld_var_run_t /home/mysql 
ll -Z .
-rw-rw----  mysql mysql user_u:object_r:mysqld_var_run_t ibdata1
-rw-rw----  mysql mysql user_u:object_r:mysqld_var_run_t ib_logfile0
-rw-rw----  mysql mysql user_u:object_r:mysqld_var_run_t ib_logfile1
drwx------  mysql mysql user_u:object_r:mysqld_var_run_t mysql
drwx------  mysql mysql user_u:object_r:mysqld_var_run_t test

Allow mysqld to use /home/mysql

# cat /tmp/avc
host=tortoise type=AVC msg=audit(1221459330.317:413): avc: denied { create } for pid=7642 comm="mysqld" name="forum_db" scontext=system_u:system_r:mysqld_t:s0 tcontext=system_u:object_r:mysqld_var_run_t:s0 tclass=dir 
# audit2allow -M local < /tmp/avc 
******************** IMPORTANT ***********************
To make this policy package active, execute:

semodule -i local.pp

# semodule -i local.pp

#audit2allow -M local  -i /var/log/audit/audit.log

httpd access denial, change type to httpd_sys_content_t

chcon -R -t httpd_sys_content_t /var/www/html/

CentOS 5: Grub problem after installing

A black screen with a blinking cursor. It was working previously with Fedora 9. Late found that the boot order was changed in the BIOS, the hd1 was in front was hd0, but hd1 does not have a boot sector. It works after I changed boot order to boot from hd0 first. But I do not understand how the boot order was altered during the installation.

MySQL

Show Databases

mysql> show databases;

Show Status/variables

mysql> show status;

mysql> show variables;

$ mysqladmin variables

$ mysqladmin processlist extended-status -i5

Delete database

mysql> drop database vanilla_db;

Change default mysql database location.

 /etc/my.cnf

Backup

mysqldump -u root -p my_db > my_db.sql

Restore

mysql -p -u root  my_db < my_db.sql

QCache and exam qcache_lowmem_prunes

show  status like "ques%";

show  status like "qcache%";

Installing Vanilla Forum

First set up mysql, follow the instructions here.

MySQL Server:  localhost
MySQL Database:  vanilla_db
MySQL User:      guest
MySQL Password:  XXXXXXX

Cookie Domain: www.server.com

Set up mysql server

Installing:

yum install mysql mysql-server php-mysql

Chkconfig

chkconfig --level 345 mysqld on

Manual start

/etc/init.d/mysqld start
 ...
 PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
 To do so, start the server, then issue the following commands:
  /usr/bin/mysqladmin -u root password 'new-password'
 /usr/bin/mysqladmin -u root -h tortoise password 'new-password'

 Alternatively you can run:
  /usr/bin/mysql_secure_installation
 ...

Run /usr/bin/mysql_secure_installation and accept all defaults.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!


By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n]
... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n]
... Success!

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n]
- Dropping test database...
ERROR 1010 (HY000) at line 1: Error dropping database (can't rmdir './test', errno: 13)
... Failed!  Not critical, keep moving...
- Removing privileges on test database...
... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n]
... Success!

Cleaning up...



All done!  If you've completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!

Add vanilla_db and guest user (used for vanilla forum):

mysql -u root -p

mysql> create database vanilla_db;
Query OK, 1 row affected (0.00 sec)

mysql> grant all privileges on vanilla_db.* to guest@localhost identified by 'XXXXXXXX';
Query OK, 0 rows affected (0.00 sec)

Slow Internet / DNS with Fedora

Generally disabling IPv6 should fix it.

In
my case, it did not. Later, I found out that it was a problem with my
DSL 604+ router (with DSN relay enabled that causes cache overflow).
After I disabled DNS relay on the router or add the DNS servers
manually to /etc/resolv.conf, the browser and internet connection
became very fast.

Fedora 9: pirut

It is replaced with packagekit in fc9. When I upgrade to fc9, pirut
stayed in fc8. When I removed it and reinstalled it, packagekit got
installed instead.

Fedora 9: WPC 11 v3 (ver 3)

Should use the orinoco_cs driver (works in F13).

/sbin/lspcmcia
Socket 0 Bridge:    [yenta_cardbus]  (bus ID: 0000:02:01.0)
Socket 0 Device 0: [orinoco_cs]  (bus ID: 0.0)
Socket 1 Bridge:    [yenta_cardbus]  (bus ID: 0000:02:01.1)

manually bring it up, and other useful commands (as root)

ifup eth0
iwconfig eth0
iwlist eth0 scan

I found fedora 9 is somewhat slow on this dell inspiron 8200 pentium 4 1.8G. (This is related to nv driver issue I found later, see my other post here for detail).

Fedora 9: scim not working in XFCE after upgrading

scim was working in XFCE when I upgraded from fc6 to fc7, and from fc7 to fc8. But is not working when I upgraded to fc9.

solution:

yum install imsettings-xfce

General scim setup help, check out http://runab.livejournal.com/9375.html

Yum Slow or timeout?

Install yum-fastestmirror.noarch which sorts each repository's mirrorlist by connection speed:

 yum install yum-fastestmirror.noarch

Fedora 9: Upgrade with PreUpgrade

I have had two Linux machines running Fedora 8 for a while now. I decided to upgrade them to Fedora 9 so I can get firefox 3. In the past, I did this with yum. After I read a couple of articles on PreUpgrade, I wanted to give it a try.

I followed the instruction on Upgrade Your Desktop From Fedora 8 To Fedora 9 With PreUpgrade, everything went well until after the reboot. It failed to start X server. Yum also fails with error message about loading libnss3.so (cannot open shared object file: No such file or directory), I could not find this library in /lib.

After a couple of hours trying different things, I fixed it with the following procedure.

1. Download Fedora 9 distribution disk (Fedora 8 would not work).
2. Boot with Fedora 9 distribution disk to rescue mode (choose to enable network for yum upgrade, but you can always do this later).
3. Do the following after you get to the shell prompt:

   cp /lib/* /mnt/sysimage/lib/
   chroot /mnt/sysimage
   yum -y update
   reboot

Everything worked fine afterwards.