Opening SSH to the outside world is a security risk. Here is how to restrict SSH access to certain IP addresses on a machine.
- Edit the /etc/hosts.allow file to include these lines, assuming your machine is on the 192.168.2.x nonrouting IP block, and you want to enable an external address of 217.40.111.121 IP block: Remember to add the period on the end of each incomplete IP number. If you have another complete IP address or range, add a space and that range on the end.
sshd,sshdfwd-X11: 192.168.2. 217.40.111.121
- Edit your /etc/hosts.deny file to include this line:
sshd,sshdfwd-X11:ALL
- These lines refuse SSH connections from anyone not in the IP address blocks listed.
Additionally you can restrict SSH access by username.
- Edit the /etc/ssh/sshd_config file and add the following lines
PermitRootLogin no
AllowUsers user1 user2 user3 etc
PasswordAuthentication yes
Now restart the ssh daemon for these changes to take effect
service sshd restart
If you have a live linux site that is running vmware virtual machines, you can pause the virtual machines when you want to perform a backup, I use acronis for linux which does incremental backups and you can specify a command to run before and after the backup, this allows backups to be performed at scheduled times daily without any intervention. In my examples below, the virtual machine i want to control is in /root/vmware/Recital/Recital.vmx
To pause the virtual machine on linux:
# vmrun pause /root/vmware/Recital/Recital.vmx
and then to unpause after the backup has completed:
# vmrun unpause /root/vmware/Recital/Recital.vmx
That is basicallty it, no need to attend the backup and it can be perfomed at a suitable time so no users are affected.
Incidentally, vmrun lets you startup a virtual machine at system startup too, without needing the GUI:
# vmrun start /root/vmware/Recital/Recital.vmx
Or alternatively stop it:
# vmrun stop /root/vmware/Recital/Recital.vmx
There are lots of other capabilities of this command, running applications inside the virtual machine etc etc. For full details just type vmrun in a terminal window.
Key features of the Recital scripting language include:
What are the key feature of the Recital database?
- High performance database application scripting language
- Modern object-oriented language features
- Easy to learn, easy to use
- Fast, just-in-time compiled
- Develop desktop or web applications
- Cross-platform support
- Extensive built-in functions
- Superb built-in SQL command integration
- Navigational data access for the most demanding applications
// declare some simple procedures
proc display(cArg)
echo "display=" + cArg
endproc
proc show(cArg)
echo "show=" + cArg
endproc
// create an object based on an anonymous class
myobj = new object()
// add some properties
myobj["name"] = "barry"
myobj["company"] = "recital"
// now declare an anonymous method
myobj["mymethod"] = display
// call the method
myobj.mymethod("hello world") // displays "display=hello world"
// redeclare the method
myobj["mymethod"] = show
// call the method
myobj.mymethod("hello world") // displays "show=hello world"
Where this becomes particularly useful is when you have a procedure that calls anonymous methods in order to process data. This technique can be used to call anonymous procedures in your code.
proc processdata(oArg)
oArg.mymethod(oArg.name)
endproc
proc show(cArg)
echo "show=" + cArg
endproc
myobj = new object()
myobj["name"] = "barry"
myobj["mymethod"] = show
processdata(myobj) // displays "show=barry" Specifying this seems to reslove the problem:
-Xmx512m -XX:MaxPermSize=512m
After an extended period of intense software development, we are pleased to announce the release of Recital 10 which is a milestone in our development efforts.
The Recital 10 release notes can be found here.
- Recital
A powerful scripting language with an embedded database used for developing desktop database applications on Linux and Unix.
- Recital Server
A cross-platform SQL database and application server.
- Recital Web
A server-side scripting language with an embedded SQL database for creating web 2.0 web applications.
Recital is a rich and versatile product with many ways to do the same thing. Developers usually write code in the way that they are accustomed to without paying much attention to how this will perform in a multi-user environment with large amounts of users and transactions. The best way to optimize Recital applications is to use the built-in tuning capabilities introduced in Recital 10.
COPY DATABASE <name> TO <name> [ IF [ NOT ] EXISTS ]This command is used to copy an existing database to a new database. By default an error will be returned if the target database already exists. Specifying the optional IF NOT EXISTS keywords no error will be returned if the target database already exists. If the optional IF EXISTS keywords are specified and the target database already exists, then it will be removed before the copy. Both the databases must be closed before they can be copied.
lslk lists information about locks held on files with local inodes on systems running linux.
Install it with:
yum install lslk
[data] oplocks = False level2 oplocks = False
veto oplock files = /*.dbf/*.DBF/*.ndx/*.NDX/*.dbx/*.DBX/*.dbt/*.DBT/
You can further tune samba by following this guide.
mount -t cifs {mount-point} -o username=name,pass=pass,directio
The directio option is used to not do inode data caching on files opened on this mount. This precludes mmaping files on this mount. In some cases with fast networks and little or no caching benefits on the client (e.g. when the application is doing large sequential reads bigger than page size without rereading the same data) this can provide better performance than the default behavior which caches reads (readahead) and writes (writebehind) through the local Linux client pagecache if oplock (caching token) is granted and held. Note that direct allows write operations larger than page size to be sent to the server.
Apr 22 16:57:39 bailey kernel: Status code returned 0xc000006d NT_STATUS_LOGON_FAILURE Apr 22 16:57:39 bailey kernel: CIFS VFS: Send error in SessSetup = -13 Apr 22 16:57:39 bailey kernel: CIFS VFS: cifs_mount failed w/return code = -13The you need to create the Samba user specified on the mount command
smbpasswd -a usernameFYI - Make sure you umount all the Samba {mount-point(s)} before shutting down Samba.