Watchdog is a software which resets the machine if the machine is in some of the crash defunct state but the kernel lives somehow. The watchdog can be configured to check if the system is responsive via writting to the /dev/watchdog and some other subsequent check could be set up as well.

Watchdog opens /dev/watchdog and keeps writing to it often enough to keep the kernel from resetting, at least once per minute. Each write delays the reboot time another minute. After a minute of inactivity the watchdog hardware will cause the reset. In the case of the software watchdog the ability to reboot will depend on the state of the machines and interrupts.

# yum install watchdog

watchdog consists of the watchdog daemon and a kernel module softdog.

/lib/modules/2.6.18-238.9.1.el5/kernel/drivers/char/watchdog/softdog.ko

If the watchdog complains the device through which the process comunicates with the module /dev/watchdog is missing you have to create the device

# mknod /dev/watchdog c 10 130

in basic configuration the only change sufficient in /etc/watchdog.conf is to uncomment

file = /var/log/messages
watchdog-device = /dev/watchdog

I do recommend to check the watchdog documentation bundled in /usr/share/doc/watchdog

# rpm -ql watchdog
/etc/rc.d/init.d/watchdog
/etc/sysconfig/watchdog
/etc/watchdog.conf
/usr/sbin/watchdog
/usr/sbin/wd_keepalive
/usr/share/doc/watchdog-5.6
/usr/share/doc/watchdog-5.6/AUTHORS
/usr/share/doc/watchdog-5.6/COPYING
/usr/share/doc/watchdog-5.6/ChangeLog
/usr/share/doc/watchdog-5.6/IAFA-PACKAGE
/usr/share/doc/watchdog-5.6/NEWS
/usr/share/doc/watchdog-5.6/README
/usr/share/doc/watchdog-5.6/README.watchdog.ipmi
/usr/share/doc/watchdog-5.6/TODO
/usr/share/doc/watchdog-5.6/examples
/usr/share/doc/watchdog-5.6/examples/README
/usr/share/doc/watchdog-5.6/examples/another-chance.sh
/usr/share/doc/watchdog-5.6/examples/dbcheck.sh
/usr/share/doc/watchdog-5.6/examples/repair.sh
/usr/share/doc/watchdog-5.6/examples/systemcheck.sh
/usr/share/doc/watchdog-5.6/examples/uptime.sh
/usr/share/man/man5/watchdog.conf.5.gz
/usr/share/man/man8/watchdog.8.gz
/usr/share/man/man8/wd_keepalive.8.gz


[ add comment ] ( 15 views )   |  [ 0 trackbacks ]   |  permalink

---

# tar cz gpgtest | gpg --passphrase-file heslo.txt -c  > gpgtest.tar.gpg
# gpg -d gpgtest.tar.gpg | tar xz

[ add comment ] ( 11 views )   |  [ 0 trackbacks ]   |  permalink

---

Ktctool is a graphical interface for network bandwidth management in Linux. There already exists commandline program tc for this purpose. Ktctool is meant to be a graphical user interface to tc. tc is a part of iproute2 and controls Quality of Service support in Linux (included in kernel).

http://ktctool.berlios.de/


[ add comment ] ( 12 views )   |  [ 0 trackbacks ]   |  permalink

---

DNSSEC jako bezpečné uložiště SSH klíčů
http://www.root.cz/clanky/dnssec-jako-b ... ssh-klicu/

Stavíme tunely v OpenSSH
http://www.root.cz/clanky/stavime-tunely-v-openssh/

Používání klíčů v OpenSSH
http://www.root.cz/clanky/pouzivani-klicu-v-openssh/


[ add comment ] ( 11 views )   |  [ 0 trackbacks ]   |  permalink

---

What the noclobber does?

# echo "hihi" > file
# cat file
hihi
# set -o noclobber
# echo "hihi2you" > file
-bash: file: cannot overwrite existing file
# set +o noclobber
# echo "hihi2you" > file
# cat file
hihi2you

clobber [noun] veci, kramy, hadry, ohoz
clobber [v] bit, tlouci, mlatit, uhodit, postihnout, zasahnout

[ add comment ] ( 11 views )   |  [ 0 trackbacks ]   |  permalink

---

http://ocw.mit.edu/courses/physics/8-01 ... lecture-6/

Topics covered: This lecture is all about Newton's First (inertia), Second (F=ma) and Third (action=-reaction) Laws.

Instructor/speaker: Prof. Walter Lewin

Date recorded: September 20, 1999


http://oyc.yale.edu/philosophy/death/co ... ure05.html

Overview:

Professor Kagan discusses in detail the argument of free will as proof for the existence of an immaterial soul. The argument consists of three premises: 1) We have free will. 2) Nothing subject to determinism has free will. 3) All purely physical systems are subject to determinism. The conclusion drawn from this is that humans are not a purely physical system; but Professor Kagan explains why this argument is not truly compelling. In addition, near-death experiences and the Cartesian argument are discussed at length.


[ 1 comment ] ( 24 views )   |  [ 0 trackbacks ]   |  permalink

---

V kryptografii je X.509 standard pro systémy založené na veřejném klíči (PKI, public key infrastructure) pro jednoduché podepisování. X.509 specifikuje mezi jiným formát certifikátů, seznamy odvolaných certifikátů (CRL, certificate revocation list), parametry certifikátů a metody kontroly platností certifikátů.

http://cs.wikipedia.org/wiki/X.509

OpenSSH secure shell and X.509 v3 certificates

http://roumenpetrov.info/openssh/



[ add comment ] ( 20 views )   |  [ 0 trackbacks ]   |  permalink

---

if the TLS: hostname does not match CN in peer certificate error appears during LDAPS handshake get the LDAP server certificate to check for the servename with command

# openssl s_client -connect ldapserver:port

---
Acceptable client certificate CA names
/C=CZ/CN=I.CA - Standard root certificate/O=Prvni certifikacni autorita a.s.
/O=Sun Microsystems/CN=Directory Server/CN=XXXX/CN=ServerName.Domain.com
---

to avoid certificate check on client modify the /etc/openldap/ldap.conf and add/replace TLS_REQCERT ie

TLS_REQCERT allow

according to man of ldap.conf the level could be one of the following

       TLS_REQCERT <level>
              Specifies  what  checks  to perform on server certificates in a TLS session, if any. The <level> can be
              specified as one of the following keywords:

              never  The client will not request or check any server certificate.

              allow  The server certificate is requested. If no certificate is provided, the  session  proceeds  nor-
                     mally. If a bad certificate is provided, it will be ignored and the session proceeds normally.

              try    The  server  certificate  is requested. If no certificate is provided, the session proceeds nor-
                     mally. If a bad certificate is provided, the session is immediately terminated.

              demand | hard
                     These keywords are equivalent. The server certificate is requested. If no  certificate  is  pro-
                     vided,  or  a  bad  certificate  is provided, the session is immediately terminated. This is the
                     default setting.

[ add comment ] ( 8 views )   |  [ 0 trackbacks ]   |  permalink

---

taken from: http://www.sleuthkit.org/autopsy/help/index.html

Hash databases are used to quickly identify known good and known bad files using the MD5 or SHA-1 checksum value. Autopsy uses three types of hash databases to help the investigator reduce the number of files that they have to look at.
The NIST National Software Reference Library (NSRL) contains hashes of files that are found in operating systems and software distributions. These files are known to be good in that they came from trusted sources and are typically on authorized systems. When processing files in the image, this database can be used to ignore files because they are assumed to be known and therefore uninteresting. The location of this database is configured when Autopsy is installed. The NSRL must be obtained from NIST at www.nsrl.nist.gov.



[ add comment ] ( 20 views )   |  [ 0 trackbacks ]   |  permalink

---

http://www.openldap.org/faq/data/cache/185.html

[ add comment ] ( 19 views )   |  [ 0 trackbacks ]   |  permalink

---

<<First <Back | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | Next> Last>>

(c)2007 - All Photos on the pages by Olympus OM2(50/28mm) - Page Generated in 0.2203 seconds | Site Views: 280333