[data] oplocks = False level2 oplocks = False
veto oplock files = /*.dbf/*.DBF/*.ndx/*.NDX/*.dbx/*.DBX/*.dbt/*.DBT/
You can further tune samba by following this guide.
mount -t cifs {mount-point} -o username=name,pass=pass,directio
The directio option is used to not do inode data caching on files opened on this mount. This precludes mmaping files on this mount. In some cases with fast networks and little or no caching benefits on the client (e.g. when the application is doing large sequential reads bigger than page size without rereading the same data) this can provide better performance than the default behavior which caches reads (readahead) and writes (writebehind) through the local Linux client pagecache if oplock (caching token) is granted and held. Note that direct allows write operations larger than page size to be sent to the server.
Apr 22 16:57:39 bailey kernel: Status code returned 0xc000006d NT_STATUS_LOGON_FAILURE Apr 22 16:57:39 bailey kernel: CIFS VFS: Send error in SessSetup = -13 Apr 22 16:57:39 bailey kernel: CIFS VFS: cifs_mount failed w/return code = -13The you need to create the Samba user specified on the mount command
smbpasswd -a usernameFYI - Make sure you umount all the Samba {mount-point(s)} before shutting down Samba.
Another useful article on IBM developerworks shows how to build PHP extensions using SWIG. You can find the article here.
SE Linux is a feature of the Linux kernel that provides mandatory access control. This policy based access control system grants far greater control over the resources on a machine than standard Linux access controls such as permissions.
Many modern Linux distributions are shipping with SELinux enabled by default, Fedora 14 and Rhel 6 both install with it enabled.
When you run Recital Web on a SELinux enabled machine and navigate to the default.rsp page you will see something similar to the screen shot below.
If you launch the SELinux troubleshooter you will see the following problem.
SELinux is blocking the apache server from accessing the Recital server running on port 8001.
To manage you SELinux policy you must have the policycoreutils package group installed. The policycoreutils contains the policy core utilities that are required for basic operation of a SELinux system.
If you wish to use a GUI tool, you must install the policycoreutils-gui package.
At the command prompt execute the following:
As root
$ yum install policycoreutils
$ semanage port -a -t http_port_t -p tcp 8001
$ service recital restart
$ service httpd restart
We use the semanage command here to allow the http server access to port 8001. Once you have completed the steps detailed above you can go and navigate back to the default.rsp page in your borwser, where you will find the permission denied message is now replaced by the default.rsp page.
SELinux does a great job of restricting services and daemons so rather than simply disabling it, why not work with it!
When it comes to security, every little bit helps...
Many motherboards nowadays have integrated gigabit ethernet that use the Realtek NIC chipset.
The Realtek r8168B network card does not work out of the box in Redhat/Centos 5.3: instead of loading the r8168 driver, modprobe loads the r8169 driver, which is broken as can be seen with ifconfig which shows large amounts of dropped packets. A solution is to download the r8168 driver from the Realtek website and install it using the following steps:
Check whether the built-in driver, r8169.ko (or r8169.o for kernel 2.4.x), is installed.
# lsmod | grep r8169
If it is installed remove it.
# rmmod r8169
Download the R8168B linux driver from here into /root.
Unpack the tarball :
# cd /root
# tar vjxf r8168-8.012.00.tar.bz2
Change to the directory:
# cd r8168-8.012.00
If you are running the target kernel, then you should be able to do :
# make clean modules
# make install
# depmod -a
# insmod ./src/r8168.ko (or r8168.o in linux kernel 2.4.x)
make sure modprobe knows not to use r8169, and that depmod doesn’t find the r8169 module.
# echo "blacklist r8169" >> /etc/modprobe.d/blacklist
# mv /lib/modules/`uname -r`/kernel/drivers/net/r8169.ko \ /lib/modules/`uname -r`/kernel/drivers/net/r8169.ko.bak
You can check whether the driver is loaded by using the following commands.
# lsmod | grep r8168
# ifconfig -a
If there is a device name, ethX, shown on the monitor, the linux driver is loaded. Then, you can use the following command to activate it.
# ifconfig ethX up
After this you should not see any more dropped packets reported.
Here's how to set up field validation based on dynamic values from another table.
Using the products.dbf table from the southwind sample database, validation can be added to the categoryid field to ensure it matches an existing categoryid from the categories.dbf table.
open database southwindThe rlookup() function checks whether an expression exists in the index (master or specified) of the specified table . An attempt to update categoryid with a value not in the list will give an error: Validation on field 'CATEGORYID' failed.
alter table products add constraint;
(categoryid set check rlookup(products.categoryid,categories))
If you have access to the Recital Workbench, you can use the modify structure worksurface to add and alter your dictionary entries, including a customized error message if required.
Occasionally as a Linux administrator you will be in the situation where working on a remote server and you are left with no option but to force a reboot the system. This may be for a number of reasons, but where I have found it most frequent is when working on Linux clusters in a remote location.
When the "reboot" or "shutdown" commands are executed daemons are gracefully stopped and storage volumes unmounted.
This is usually accomplished via scripts in the /etc/init.d directory which will wait for each daemon to shut down gracefully before proceeding on to the next one. This is where a situation can develop where your Linux server fails to shutdown cleanly leaving you unable to administer the system until it is inspected locally. This is obviously not ideal so the answer is to force a reboot on the system where you can guarantee that the system will power cycle and come back up. The method will not unmount file systems nor sync delayed disk writes, so use this at your own discretion.
To force the kernel to reboot the system we will be making use of the magic SysRq key.
The magic_SysRq_key provides a means to send low level instructions directly to the kernel via the /proc virtual file system.
To enable the use of the magic SysRq option type the following at the command prompt:
echo 1 > /proc/sys/kernel/sysrq
Then to reboot the machine simply enter the following:
echo b > /proc/sysrq-trigger
Voilà! Your system will instantly reboot.
{linkr:related;keywords:linux;limit:5;title:Related Articles}
{linkr:bookmarks;size:small;text:nn;separator:%20;badges:2,1,18,13,19,15,17,12}
On entry to the .rsp page.
IF type( _session["state"] ) != "U"m_state = _session["state"]RESTORE DATASESSION FROM m_state
ELSE
// open up your tables for the first timeENDIF
SAVE DATASESSION TO m_state_SESSION["state"] = m_state