We had an incident on our storage array recently, that caused random (but not fatal) corruption in a number of LUNs used by our Oracle databases. Some database files were in a state where the database could access them, but any filesystem or app operations that attempted to read a certain block on the file, would result in I/O errors. Our current action plan has been to take each DB down, and run a badblocks scan on the affected filesystems. In our first case, we ran fsck with badblocks enabled, performing a full read-write test (fsck -cc -v /path/to/screwed/volume).
The scan found and repaired a number of blocks, which made the affected files readable again at the filesystem level- but the test took 18 hours to complete, which freaked out management. Some of our other affected database LUNs are much larger, and they don't like the idea of multi-day business impact while we perform filesystem scans.
When discussing the incident with our storage vendor, their SME mentioned that we shouldn't have to perform a full read-write test on the LUN's (logical) blocks, and that a read-only test would be good enough. To paraphrase, he said: "If you can't write to the (logical) block on your filesystem, you wouldn't be able to read from it either... so there is no point spending the time to test for writes against our LUN."
This just doesn't sound right to me. It seemed like he was suggesting that a write test on the logical blocks would be redundant, if the underlying physical blocks are writable according to the storage array. I was interested if anyone else had experiences / opinions on this? Some of our database LUNs are very large, and I don't want to run a check that requires multiple days of downtime if it isn't necessary. In those cases, I would likely do something different, like creating another LUN + filesystem, and using dd to export the files into a new, clean filesystem.submitted by /u/feistypenguin
When organizational rules exist, people will try to game them.
Quickserve is a simple http server that allows you to share files quickly between Arch Linux systems and/or other operating systems.
So here is a weird thing. I'm running Fedora 24 with kernel 4.79.200fc24x86_64. This morning I launched terminal to see steve@renees-iphone instead of steve@home the same thing has changed when I log in as root.
My problem is I have no idea what renees-iphone is, how it got there and what would have installed it. Other than deleting some cache a few days ago I have not logged in as root, and I have not made any changes to the system or installed any software in weeks. Other than switching to Xfinity wifi yesterday, nothing has changed with my computer, and even then I simply connected to a different network.
Any help would be greatly appreciatedsubmitted by /u/vertdeferk
- IAM, Greased up by the EPO, Continues Lobbying by Shaming Tactics for the UPC, Under the Guise of ‘News’
- Patent Scope Gone Awry: European Vegetable Patents Office?
- Yes, There is Definitely Brain Drain (Experience Deficit) at the European Patent Office and Stakeholders Feel It
- Links 24/2/2017: Ubuntu 17.04 Beta, OpenBSD Foundation Nets $573,000 in Donations
LinuXatUSIL – Previas 2 for #LinuxPlaya
Damian from GNOME Argentina explained us some code based on this tutorial and the widgets in Glade were presented.
RancherOS v0.8.0 released! [Ed: and a bugfix release, 0.8.1, out today]
RancherOS v0.8.0 is now available! This release has taken a bit more time than prior versions, as we’ve been laying more groundwork to allow us to do much faster updates, and to release more often.
- The Technicals For Red Hat, Inc. (RHT) Tell An Interesting Tale
Ubuntu 17.04 Beta 1 Released | New Features And Download
Ubuntu 17.04 Zesty Zapus Beta 1 release is finally here. If you’re interested, you can go ahead and download the ISO images of the participating flavors, which are, Lubuntu, Kubuntu, Xubuntu, Ubuntu Budgie, Ubuntu GNOME, Ubuntu Kylin, and Ubuntu Studio. Powered by Linux kernel 4.10, these releases feature the latest stable versions of their respective desktop environments. This release will be followed by the Final Beta release on March 23 and final release on April 13.
Ubuntu 17.04 Beta 1 Now Available to Download
The first beta releases in the Ubuntu 17.04 development cycle are ready for testing, with Xubuntu, Ubuntu GNOME and Ubuntu Budgie among the flavors taking part.
- Defense Department Launches Open Source Code.mil Initiative For Software Collaboration
New Open Source License Compatibility Company Debuts with a Bang
When I heard about FOSSA, my first thought was, “Don’t Black Duck and Palamida already have the FOSS license compatibility thing pretty well sewed up? Do we really need another company doing it?”
Open Data Policies Necessary for Open Government
Open data is an important concept at Code for America, which addresses the widening gap between the public and private sectors in their effective use of technology and design.
OpenBSD Foundation 2016 Fundraising
The OpenBSD Foundation is happy to report that the 2016 fundraising goal of $250,000 has been more than met with a final donation total of $573,000!
What happened to my vlan?
A long term goal of the effort I'm driving to unlock OpenBSD's Network Stack is obviously to increase performances. So I'd understand that you find confusing when some of our changes introduce performance regressions.
- "Convincing a Linux guy to use FreeBSD" - Lunduke Hour - Feb 9, 2017
Stop using SHA1 encryption: It’s now completely unsafe, Google proves
Security researchers have achieved the first real-world collision attack against the SHA-1 hash function, producing two different PDF files with the same SHA-1 signature. This shows that the algorithm's use for security-sensitive functions should be discontinued as soon as possible.
SHA-1 (Secure Hash Algorithm 1) dates back to 1995 and has been known to be vulnerable to theoretical attacks since 2005. The U.S. National Institute of Standards and Technology has banned the use of SHA-1 by U.S. federal agencies since 2010, and digital certificate authorities have not been allowed to issue SHA-1-signed certificates since Jan. 1, 2016, although some exemptions have been made.
However, despite these efforts to phase out the use of SHA-1 in some areas, the algorithm is still fairly widely used to validate credit card transactions, electronic documents, email PGP/GPG signatures, open-source software repositories, backups and software updates.
First and foremost I have to pay respect to PGP, it was an important weapon in the first cryptowar. It has helped many whistleblowers and dissidents. It is software with quite interesting history, if all the cryptograms could tell... PGP is also deeply misunderstood, it is a highly successful political tool. It was essential in getting crypto out to the people. In my view PGP is not dead, it's just old and misunderstood and needs to be retired in honor.
However the world has changed from the internet happy times of the '90s, from a passive adversary to many active ones - with cheap commercially available malware as turn-key-solutions, intrusive apps, malware, NSLs, gag orders, etc.
Cloudflare’s Cloudbleed is the worst privacy leak in recent Internet history
Cloudflare revealed today that, for months, all of its protected websites were potentially leaking private information across the Internet. Specifically, Cloudflare’s reverse proxies were dumping uninitialized memory; that is to say, bleeding private data. The issue, termed Cloudbleed by some (but not its discoverer Tavis Ormandy of Google Project Zero), is the greatest privacy leak of 2017 and the year has just started.
For months, since 2016-09-22 by their own admission, CloudFlare has been leaking private information through Cloudbleed. Basically, random data from random sites (again, it’s worth mentioning that every site that used CloudFlare in the last half year should be considered to having fallen victim to this) would be randomly distributed across the open Internet, and then indefinitely cached along the way.
Serious Cloudflare bug exposed a potpourri of secret customer data
Cloudflare, a service that helps optimize the security and performance of more than 5.5 million websites, warned customers today that a recently fixed software bug exposed a range of sensitive information that could have included passwords and cookies and tokens used to authenticate users.
A combination of factors made the bug particularly severe. First, the leakage may have been active since September 22, nearly five months before it was discovered, although the greatest period of impact was from February 13 and February 18. Second, some of the highly sensitive data that was leaked was cached by Google and other search engines. The result was that for the entire time the bug was active, hackers had the ability to access the data in real-time by making Web requests to affected websites and to access some of the leaked data later by crafting queries on search engines.
"The bug was serious because the leaked memory could contain private information and because it had been cached by search engines," Cloudflare CTO John Graham-Cumming wrote in a blog post published Thursday. "We are disclosing this problem now as we are satisfied that search engine caches have now been cleared of sensitive information. We have also not discovered any evidence of malicious exploits of the bug or other reports of its existence."