analytic

Thursday, 20 June 2013

Increasing the maximum processes value in Linux

The maximum number of processes which can be running concurrently on a Linux Server is 32768 (value of short int). Which means at any given time a 32768 processes can exist concurrently on a Linux Server.  However this value can be increased to a larger number by modifying pid_max parameter under /proc/sys/kernel/ folder.  The setting can be made permanent by adding this parameter to /etc/sysctl.conf. To increase the number in realtime, execute following command : echo 33000 > /proc/sys/kernel/pid_max.  Replace...

Wednesday, 29 May 2013

Authentication refused: bad ownership or modes for file

This is one of the common error many system administrators face after configuring password-less ssh (key based authentication between two unix servers. The password-less ssh does not work and (ssh asks for the user password) and /var/log/messages file would show an error message “sshd[15426]:Authentication refused: bad ownership or modes for file”. Most of the times this error comes due to incorrect permissions on $HOME/.ssh/authorized_keys file. Make sure the permissions of $HOME/.ssh/authorized_keys file and other important files is as given...

Immutable Files in Linux

Recently I came across a situation. I was trying to delete a configuration file in Linux and got error “rm: cannot remove `path/filename’: Operation not permitted”.  I was logged in as root but even though I was neither able to change the contents of file nor able to delete it.  I checked the ownership and permissions on the file and found that the file is owned by root user and permissions are 644 which are the default permission when you create a new file. [root@vcsnode1 ~]# ls -l /etc/configfile-rw-r–r– 1 root root 0 Jan 26 08:45...

Sunday, 3 March 2013

Securing JBOSS JMX and Web Console

After installing the JBOSS Application Server, the jmx console can be accessed by anybody without providing any username/password. This is a big security risk as anybody can perform changes though the jmx and web console. Setting up basic username/password security for the jboss jmx/web console can be accomplished by performing the following steps on the JBOSS Application Server. 1. Edit $JBOSS_HOME/server/all/conf/props/jmx-console-users.properties to add jmx console users. Replace all with your JBOSS profile name. The syntax to...

Sharing Keyboard and Mouse without KVM Switch using Synergy

Synergy is an open source platform independent application which allows you to control two system using the same Keyboard and Mouse without using a KVM Switch and help the organization save few dollars Latest release of Synergy supports almost all Windows Platforms and Unix platforms with X Windows Version 11 revision 4 or up. Synergy uses the network to share keyboard and mouse hence, all the systems must support TCP/IP Networking . Synergy...

Setting up slewing NTP option in Linux

Many times while installing/configuring Oracle Cluster, DBA’s receive the following error message. Checking NTP daemon command line for slewing option “-x” Check: NTP daemon command line Node Name   Slewing Option Set? vcsnode1 no vcsnode2 no Result:NTP daemon slewing option check failed on some nodes PRVF-5436 : The NTP daemon running on one or more nodes lacks the slewing option “-x”Result: Clock synchronization check using Network Time Protocol(NTP) failed To fix this error, slewing needs to be configured. Follow...