I see the following error, while trying to compile kernel with grsec.
WARNING: No module mptscsi found for kernel 2.6.22.9-grsec, continuing anyway
how to fix this or is it ok to reboot?
More details ################# [root@server3 linux-2.6.22.9]# make install sh /usr/src/kernels/linux-2.6.22.9/arch/i386/boot/install.sh 2.6.22.9-grsec arch/i386/boot/bzImage System.map "/boot" WARNING: No module mptscsi found for kernel 2.6.22.9-grsec, continuing anyway
[root@server3 linux-2.6.22.9]# cat /etc/modprobe.conf alias eth0 tg3 alias eth1 tg3 alias scsi_hostadapter mptbase alias scsi_hostadapter1 mptscsi alias scsi_hostadapter2 mptspi alias scsi_hostadapter3 mptsas alias scsi_hostadapter4 mptscsih alias scsi_hostadapter5 sata_svw alias usb-controller ehci-hcd alias usb-controller1 ohci-hcd
Tried building a grsec patched kernel as I don't fancy getting that rootkit thats going around for a second time
it was linux-2.6.23.9 which was the latest one there was a grsec patch for.
compiled ok as a monolithic kernel however on reboot I was not able to get anything but a ping from the server, Figured that the kernel had paniced and not booted.
However the tech who rebooted the server for me and selected the other kernel (a standard centos kernel) said that the system had booted but was not responding to tcp traffic.
So its either a case of
1) I missed something important when configuring the kernel.
2) perhaps a problem with APF it does warn enabling Monolithic kernel support is unsupported in the config file (although it seems to work fine with the centos stock kernel)...
I'm wandering what the best next course of action is i'd quite like to be able to run a kernel that doesn't allow write access to /dev/kmem if possible.
I installed latest kernel ( 2.6.24.4 or 2.6.24.3 ) with grsec which either panics or hang on reboot before reaching boot prompt, just when /sbin/init runs. Experienced the same with grsec patched kernel 2.6.22.9 on several servers with the same hardware.
On server with AMD Operton, I was able to successfully compile 2.6.24.4 with grsec and boot into.
Server hardware details --------------------------
[root@server kernels]# cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 15 model name : Intel(R) Xeon(R) CPU 5148 @ 2.33GHz stepping : 6 cpu MHz : 2333.469 cache size : 4096 KB physical id : 0 siblings : 2 core id : 0 cpu cores : 2 fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 10 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca lahf_lm bogomips : 4670.51
processor : 1 vendor_id : GenuineIntel cpu family : 6 model : 15 model name : Intel(R) Xeon(R) CPU 5148 @ 2.33GHz stepping : 6 cpu MHz : 2333.469 cache size : 4096 KB physical id : 0 siblings : 2 core id : 1 cpu cores : 2 fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 10 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca lahf_lm bogomips : 4667.16
[root@server kernels]#
[root@server ~]# uname -a Linux server.name 2.6.19.2-grsec #1 SMP Tue Jan 15 07:08:50 CST 2008 i686 i686 i386 GNU/Linux [root@server ~]#
[root@server ~]# cat /etc/modprobe.conf alias scsi_hostadapter usb-storage alias eth0 e1000 alias eth1 e1000 alias scsi_hostadapter1 aacraid alias scsi_hostadapter2 ata_piix alias scsi_hostadapter3 usb-storage alias usb-controller ehci-hcd alias usb-controller1 uhci-hcd [root@server ~]#
Last year I ordered a new server with Centos 4.3 and it had the kernel kernel 2.6.9-34.0.2ELsmp installed. It runned fine and I didn't update any packages since then.
Today I started getting a problem where both mysqld and kswapd0 uses very high amounts of CPU, spiking up to 100% and my memory usage is at 99% all the time. The problem seems exactly the same as the one mentioned in this thread.
In that thread the exact same kernel is said to be insecure and to cause this problem. I also came across a centOS bug that reports this problem with high cpu, mem usage and mysql & kswapd0 consuming all resources.
In the linked thread the person solved the problem by upgrading to kernel 2.6.9-42 using rpms but others recommended a newer kernel or a custom compiled kernel for CentOS.
Apparently when they used yum it said 34.0.2 was the latest kernel.
What should I do to upgrade the kernel, which version should i upgrade to, and where do I get it from? I won't be able to compile a custom kernel and I've only installed basic rpm packages before.
i have a 32bit centos running with 8 gigs, but only 7 is registering when i contacted support they told me
Your server does in fact have 8GB of physical memory however the reason it is not being recognized is due to the fact that you are using a 32 bit operating system. By default, the 8GB would be recognized if it were a 64 bit OS however on a 32 bit operating system, you must install and boot into the PAE kernel (physical address extension) for the 8GB to be recognized and utilized. The PAE kernel can be installed through yum when connected to your server as root over SSH. Once you have installed the kernel, you will need to reboot the server for these changes to take effect
i tried
yum pae install
yum pae kernel install
both didnt work can anyone give me a quick step by step guide on how to go about this.
I was wondering how I would go about ensuring my kernel is up to date on my vps. I am running centos and I have cpanel, so I am not sure if there is anything special that has to be done or avoided when running cpanel.
(The box, 2 years now, never had issues before all you will read...)
I do have a box at the IP xxx.xxx.xxx.xxx, which on 15th Nov. was: AMD 4200+ with 300 GB hdd for OS, and CentOS 4.5 on it...
Because the system was facing few load problems of wrong installed applications, we decided to do a fresh OS reload to the latest OS version and cPanel.
on 16th Nov, the box was up and running with CentOS 5, and cPanel 11.
the kernel is: 2.6.18-8.1.15.el5
After few hrs the box was done and IO restored all backups in it anbd all worked fine, I realized that I couldnt access cPanel, page was blank for everything.
Also, most pages (except simple html) where showing internal error 500.
I did a reboot. probelm was fixed.
After few hrs, problem came up again...
I left ssh logged in to see whats wrong.
I found out that every few hrs, that issue was happening:
Message from syslogd@server at Sun Nov 16 11:47:21 2007 ... server kernel: journal commit I/O error
Then, we had techs to check HDD for errors. they did fsck, and said disk has to be replaced (at this point, without wanting to offend anyone, I have to state that 90% of techs in datacenters, or at least at mine --won't name them, 99% you guess which DC it is...-- are just low paid students that don't know SIMPLE things...) so we told them to replace the HDD and do OS reload in new drive...
So, on 17th Nov. we had online a new HDD, 400 GB with CentOS 5 loaded in it, and cPanel 11...
After few hrs and all working and backups recovered, the issue came up again!
This time, with exactly same error, techs told us it may be RAM, so they replaced the RAM and we waited...
In 2,5 hrs, bang, it happens again, same error.
They say, it might be the sata cable...
we replace it...
AGAIN ERROR.
we ask them to loook at it seriously, and after lot pressure, to avoid case that mo/bo or controller is wrong, they do upgrade us in a BRAND NEW colocated box, which was this time: Intel Core 2 DUO, 6300, with brand new 500 GB HDD and new RAM.
We recover in the new box the backups.
Box is online today at 18th Nov...
and the issue comes up again!
Message from syslogd@server at Sun Nov 18 11:47:21 2007 ... server kernel: journal commit I/O error
I ask them what the **** is going on now and why after having all hardware replaced with new, and all OS reinstalled clean on new drives and new devices, 3 times, why we have again the same error...
And their response: power cable was loose, we replaced power cable...
Guys, sorry, this is really DUMP... loose cable cannot give that error...
and the error... continues!
Also, at this point, I have to let you know, that when this error comes up, (Message from syslogd@server at Sun Nov 18 11:47:21 2007 ...
server kernel: journal commit I/O error) the filesystem becomes READ-ONLY and nothing gets affected, if we do a cold reboot by reset button, it comes up again and all work PERFECT, until the issue comes back again.....
I am desperate with that, let me know what I have to do!
Just to make things clear, i am not new at setting up VPS nodes, i have set up all of my servers with the HyperVM/OpenVZ setup and they work perfectly, but im having a problem with a new server.
Just received my new server, installed HyperVM-Slave, rebooted but the OpenVZ kernel was not installed for some reason, so i manually installed the OpenVZ Kernel using the RPM as yum seemed to install the wrong kernel.
I then installed the kernel using RPM and got this error at the end of installation:
grubby: unable to open /dev/hda: No such file or directory grubby: unable to open /boot/boot.b: No such file or directory grubby fatal error: unable to find a suitable template
I have never encountered this error with any of my other servers before...
Also after installation everything seems to be correct. /etc/grub.conf has the new OpenVZ kernel displayed, and default is set to 0, so upon startup it should be booting the correct kernel, but the thing is, when i reboot the machine the default kernel is loaded even though the grub.conf is configured to load the OpenVZ Kernel.
Im thinking that this may be due to the error i got when installing the kernel.
I'm not sure if anyone else has come across this but I'm sure you are all aware that CentOS 5.3 default kernel comes with realtek support.
But the default realtek drivers have a bug in them when it slows down upload and downloads drastically and shows ping times above 2000+ ms in the same datacenter.
A fix for this is simply upgrading the kernel to the latest version available (2.6.29) with realtek driver support.
I tried to 'google' they to find the solution, but now i still not find out ... I'll try to reload OS. After reload OS, if i dont have floppy disk, how can i update kernel with no error?
this server is crashing after a few hours... it just got frozen... and after rebooted the server, i was looking at the /var/log/message logs and saw this ( you will see when system restart after the crash ):
Code: Feb 20 17:35:04 server kernel: grsec: signal 11 sent to /usr/www/htdocs/mywebsite.com_cgi/script/out.cgi[out.cgi:13280] uid/euid:48/48 gid/egid:48/48, parent /us r/sbin/httpd[httpd:6180] uid/euid:48/48 gid/egid:48/48 Feb 20 17:41:40 server kernel: grsec: From 190.73.138.68: signal 11 sent to /usr/www/htdocs/mywebsite.com_cgi/script/out.cgi[out.cgi:27459] uid/euid:48/48 gid/eg id:48/48, parent /usr/sbin/httpd[httpd:20166] uid/euid:48/48 gid/egid:48/48 Feb 20 17:45:03 server kernel: grsec: signal 7 sent to /usr/bin/php[php:31710] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:8963] uid/euid:0/0 gid/egid:0/0 Feb 20 17:48:41 server kernel: grsec: From 87.219.205.218: signal 11 sent to /usr/www/htdocs/mywebsite.com_cgi/script/out.cgi[out.cgi:11897] uid/euid:48/48 gid/e gid:48/48, parent /usr/sbin/httpd[httpd:8152] uid/euid:48/48 gid/egid:48/48 Feb 20 17:51:04 server kernel: grsec: From 85.58.139.135: signal 11 sent to /usr/www/htdocs/mywebsite.com_cgi/script/out.cgi[out.cgi:28508] uid/euid:48/48 gid/eg id:48/48, parent /usr/sbin/httpd[httpd:19918] uid/euid:48/48 gid/egid:48/48 Feb 20 17:51:58 server kernel: grsec: signal 11 sent to /usr/www/htdocs/mywebsite.com_cgi/script/out.cgi[out.cgi:15615] uid/euid:48/48 gid/egid:48/48, parent /us r/sbin/httpd[httpd:2482] uid/euid:48/48 gid/egid:48/48 Feb 20 17:52:08 server kernel: grsec: From 166.114.104.42: signal 11 sent to /usr/www/htdocs/mywebsite.com_cgi/script/out.cgi[out.cgi:4662] uid/euid:48/48 gid/eg id:48/48, parent /usr/sbin/httpd[httpd:24468] uid/euid:48/48 gid/egid:48/48 Feb 20 17:52:38 server kernel: grsec: From 189.175.50.103: signal 11 sent to /usr/www/htdocs/mywebsite.com_cgi/script/out.cgi[out.cgi:12497] uid/euid:48/48 gid/e gid:48/48, parent /usr/sbin/httpd[httpd:32213] uid/euid:48/48 gid/egid:48/48 Feb 20 17:54:32 server kernel: grsec: From 83.53.142.7: signal 11 sent to /usr/www/htdocs/mywebsite.com_cgi/script/out.cgi[out.cgi:18556] uid/euid:48/48 gid/egid :48/48, parent /usr/sbin/httpd[httpd:22809] uid/euid:48/48 gid/egid:48/48 Feb 20 17:55:04 server kernel: grsec: signal 7 sent to /usr/bin/php[php:29694] uid/euid:502/502 gid/egid:502/502, parent /bin/bash[sh:30003] uid/euid:502/502 gid /egid:502/502 Feb 20 18:00:54 server kernel: grsec: From 189.141.26.82: signal 11 sent to /usr/www/htdocs/mywebsite.com_cgi/script/out.cgi[out.cgi:10817] uid/euid:48/48 gid/eg id:48/48, parent /usr/sbin/httpd[httpd:13549] uid/euid:48/48 gid/egid:48/48 Feb 20 18:01:07 server kernel: grsec: signal 7 sent to /usr/bin/php[php:20901] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:12242] uid/euid:0/0 gid/egid:0/0 Feb 20 18:03:06 server kernel: grsec: signal 7 sent to /usr/bin/php[php:9696] uid/euid:502/502 gid/egid:502/502, parent /bin/bash[sh:23721] uid/euid:502/502 gid/ egid:502/502 Feb 20 18:03:29 server kernel: grsec: From 68.26.197.159: signal 11 sent to /usr/www/htdocs/mywebsite.com_cgi/script/out.cgi[out.cgi:917] uid/euid:48/48 gid/egid :48/48, parent /usr/sbin/httpd[httpd:20771] uid/euid:48/48 gid/egid:48/48 Feb 20 18:04:43 server kernel: grsec: From 87.219.88.132: signal 11 sent to /usr/www/htdocs/mywebsite.com_cgi/script/out.cgi[out.cgi:10750] uid/euid:48/48 gid/eg id:48/48, parent /usr/sbin/httpd[httpd:4130] uid/euid:48/48 gid/egid:48/48 Feb 20 18:05:04 server kernel: grsec: From 189.167.128.26: signal 11 sent to /usr/www/htdocs/mywebsite.com_cgi/script/out.cgi[out.cgi:14515] uid/euid:48/48 gid/e gid:48/48, parent /usr/sbin/httpd[httpd:2598] uid/euid:48/48 gid/egid:48/48 Feb 20 18:07:05 server kernel: grsec: signal 7 sent to /usr/bin/php[php:29589] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:7958] uid/euid:0/0 gid/egid:0/0 Feb 20 18:08:31 server kernel: grsec: From 88.64.181.89: signal 11 sent to /usr/www/htdocs/mywebsite.com_cgi/script/out.cgi[out.cgi:15335] uid/euid:48/48 gid/egi d:48/48, parent /usr/sbin/httpd[httpd:27788] uid/euid:48/48 gid/egid:48/48 Feb 20 18:08:43 server kernel: grsec: From 201.244.116.46: signal 11 sent to /usr/www/htdocs/mywebsite.com_cgi/script/out.cgi[out.cgi:15217] uid/euid:48/48 gid/e gid:48/48, parent /usr/sbin/httpd[httpd:29545] uid/euid:48/48 gid/egid:48/48 Feb 20 18:17:34 server syslogd x.x.x: restart. Feb 20 18:17:34 server syslog: Iniciaci� de syslogd succeeded Feb 20 18:17:34 server kernel: klogd x.x.x, log source = /proc/kmsg started. Feb 20 18:17:34 server kernel: Linux version 2.x.xxgrs-bipiv-ipv4 (root@kernel.myserver.net) (gcc version xxxx) #1 SMP Tue Jan 31 17:34:40 CET 2006 Feb 20 18:17:34 server kernel: BIOS-provided physical RAM map: Feb 20 18:17:34 server kernel: BIOS-e820: 0000000000000000 - 000000000009c400 (usable) Feb 20 18:17:34 server kernel: BIOS-e820: 000000000009c400 - 00000000000a0000 (reserved) Feb 20 18:17:34 server kernel: BIOS-e820: 00000000000ea070 - 0000000000100000 (reserved) Feb 20 18:17:34 server kernel: BIOS-e820: 0000000000100000 - 000000007 Bold date are ( I think ) the crash, and the system booting... Any ideas about what can be causing the crash.. ? Is this kernel compiled with GRSecurity ? may that affect cgis ?
This is a fedora core server, xeon 3.2 GHZ x 4 procs using about 25 MBits per day.
we have one box in hivelocity.net that has been down so many times this month that we were forced to remove links to siteuptime where we were once so proud of having a 99.7% uptime for 3 years in theplanet.
syslog shows that just before crashing, these entries were made:
kernel: kernel BUG at mm/rmap.c:479 kernel: invalid operand:0000 [#1]
dmesg also shows this:
... Brought up 2 CPUs zapping low mappings. checking if image is initramfs... it is Freeing initrd memory: 482k freed NET: Registered protocol family 16 PCI: PCI BIOS revision 2.10 entry at 0xf9f20, last bus=1 PCI: Using configuration type 1 mtrr: v2.0 (20020519) mtrr: your CPUs had inconsistent fixed MTRR settings mtrr: probably your BIOS does not setup all CPUs. mtrr: corrected configuration. ...
i've googled these messages and they point to ram problems.
hivelocity.net claims to have done diagnostics on the box and that there were no problems reported.
they said this is a result of a sys configuration problem made by us.
here is what I seen when I installed kernel-2.6.20-1.2948.fc6.src.rpm
rpm -ivh kernel-2.6.20-1.2948.fc6.src.rpm 1:kernel warning: user brewbuilder does not exist - using root warning: group brewbuilder does not exist - using root warning: user brewbuilder does not exist - using root ########################################### [100%] warning: user brewbuilder does not exist - using root warning: group brewbuilder does not exist - using root
then when I ran: rpmbuild -bp --target=$(uname -m) /usr/src/redhat/SPECS/kernel-2.6.spec
I seen this error: + Arch=x86_64 + make ARCH=x86_64 nonint_oldconfig In file included from /usr/include/sys/socket.h:35, from /usr/include/netinet/in.h:24, from /usr/include/arpa/inet.h:23, from scripts/basic/fixdep.c:117: /usr/include/bits/socket.h:310:24: error: asm/socket.h: No such file or directory make[1]: *** [scripts/basic/fixdep] Error 1 make: *** [scripts_basic] Error 2 error: Bad exit status from /var/tmp/rpm-tmp.93770 (%prep)
I need to have this installed to get a app installed etc... suggestions or ideas? thanks
I have a Xen VPS. I started with a Debian 4 image and have since upgraded to Debian 5. Firstly was this advisable? Secondly what Kernel version should I be running, or rather is it set by my installation or by the Xen server?
as part of a project I have lately been looking into various aspects of kernel tuning. Most notably lately tuning the TCP stack for more efficient memory usage/throughput.
Thought I would start this thread to mention some of the tools I'd found for doing testing and see what anyone else had to recommend.
So far my favorite of the bunch is nuttcp. Its easy to use and gives a very good idea of how much of your bandwidth you are able to utilize.
A few interesting web pages are as follows for anyone interested in the topic:
[url]- Tuning TCP for High Bandwidth Delay networks
[url]- TCP Tuning Cook book, some interesting information in there as well
[url]...formanceTuning - Performance Tuning TWiki. Has a list of useful tools, flags for existing tools and ways to monitor network performance from a system level, along with some suggestions of things to correct
