Kerberos and LDAP are today’s way of single sign on. It is platform independent and supported by a wide range of applications. Together with the Red Hat Directory Server (also available as CentOS Directory Server and 389 Directory Server from Fedora) you can build a neat identity management infrastructure. Setting up the Directory Server However ….Read More
Year: 2009
Managing CentOS with Spacewalk
Red Hat RHN Satellite In 2003 Red Hat released its RHN Satellite server as a closed source management tool for RHEL and only for RHEL (okay, a legacy support for managing Solaris is available). The satellite is very useful tool for managing systems. Unfortunately it has a quite expensive price tag on it. According to ….Read More
Confused about write barriers on file systems…
As ext3 is already known as a very robust file system why is the default mount option still barrier=0? The problem is LVM and the device mapper. They do not support barriers. When mounting ext3 on a LV, the option barrier=1 it should be ignored and a warning written. So far so good. Trying this brings ….Read More
Ready to upstart?
It is time to replace the aged SysV init system with someting better At the time when SysV init (pronounced “System five”) appeared, hardware configurations have been quite static, no hot plug and similar fancy stuff. SysV init is started after the kernel is loaded. The init process reads /etc/inittab and walks trough the runcontrol ….Read More
How are jornaling options affect performance of the ext3 filesystem
The need for speed Everyone looks for the optimum of speed in its servers. Todays servers have plenty of spare CPU power and RAM is dirty cheap. Todays common bottleneck is storage. One way to solve the bottleneck is trowing money on it, the other smarter way is choosing the best matching file system and ….Read More
Directory services and Linux
LDAP is interesting, but not that easy to set up, at least not the server part. I made different approaches to install OpenLDAP without success, the problem was always the schemas and initial data load. With Red Hat Directory Server and its open source pendant CentOS Directory Server I was able to successfully install and ….Read More
302 Redirects behind SSL-terminating proxies
You have a web site all with SSL. There is a reverse proxy or load balancer that acts as SSL termination point. Behind that reverse proxy you have an Apache web server running plain http.
Your application uses 302 redirects to announce new URLs or whatever the reason is for doing so. Since the web server does not know that https URLs should be announced the response header looks like following:
Location
http://www.example.com/your-fancy-url
The browser interprets that location header and send a request to this non-SSL URL instead of https:///www.example.com/your-fancy-url
Starting with my own blog
Since a long time I wanted to start with my own blog. Why? Actually I’m not sure… I’m working in the IT industry facing strange problems in my job as a Linux system engineer. The most difficult problems are not documented anywhere, I’ll start to post solutions for such usually non-googable problems. From time to ….Read More