My current kernel version is "2.6.9-42.0.10.ELsmp #1 SMP Fri Feb 16 17:17:21 EST 2007 i686 athlon i386 GNU/Linux". I want it to be upgraded since it is old. I have been told by our server management company that the latest kernel distributed from yum is kernel.i686 0:2.6.9-78.0.22.E. Can anyone tell me if this version is safe and secure enough? It is a CentOS release 4.7 (Final) server with cPanel installed.
View 2 RepliesLast year I ordered a new server with Centos 4.3 and it had the kernel kernel 2.6.9-34.0.2ELsmp installed. It runned fine and I didn't update any packages since then.
Today I started getting a problem where both mysqld and kswapd0 uses very high amounts of CPU, spiking up to 100% and my memory usage is at 99% all the time. The problem seems exactly the same as the one mentioned in this thread.
In that thread the exact same kernel is said to be insecure and to cause this problem. I also came across a centOS bug that reports this problem with high cpu, mem usage and mysql & kswapd0 consuming all resources.
In the linked thread the person solved the problem by upgrading to kernel 2.6.9-42 using rpms but others recommended a newer kernel or a custom compiled kernel for CentOS.
Apparently when they used yum it said 34.0.2 was the latest kernel.
What should I do to upgrade the kernel, which version should i upgrade to, and where do I get it from? I won't be able to compile a custom kernel and I've only installed basic rpm packages before.
I am using centos 4.6 on 2.6.9-67smp kernel
I need to update the kernel to 2.6.25.3
is that possible ?
I have VPS in Linux server.XXXXX 2.6.9-023stab044.4-enterprise
ITs Very OLD!
For More Security! can i Upgrade Kernel of my vps to latest Version ?
or Higher Version?
Security Is Very Important For Me!
I'm going to add a second AMD opteron 270 dual core processor + 2 GB DDR ram to my server this week, but do i have to recompile the kernel after i've installed the second processor? Or change something in grub?
setup:
1 X AMD dual core opteron 270 ( + 1 X AMD dual core opteron 270 )
2 X 1 GB DDR ECC registered ( + 1 X 2 GB DDR ECC registered)
Tyan thunder 8kse motherboard
# uname -a
Linux srv01.xx*********** 2.6.16.17 #1 SMP Mon May 22 04:13:34 EDT 2006 x86_64 x86_64 x86_64 GNU/Linux
to upgrade the kernel on a Debian 3.1 server from a 2.4 kernel to the latest 2.6 kernel.
View 2 Replies View RelatedWe upgraded our kernel 2.6 based servers in the network, one of them didnt came back online after rebooting the system, it seems that the network module cant be loaded.
[root@server.hostname.com:~]/etc/init.d/network start
Configuring.. : [ OK ]
Activating ... loopback: [ OK ]
Activating... eth0: device tg3 eth0 does not seem to be present, delaying initialization [FAILED]
I tried booting with older kernels but the error stills
I have a server running Fedora 4 and WHM/cPanel. I would like to upgrade the linux kernel to the latest version, so mosey in via SSH and type "yum -y upgrade". It downloads a few things and tells me everything is hunky dory.
Now, the version it says it is currently running is: 2.6.17-1.2142_FC4 #1 Tue Jul 11 22:41:14 EDT 2006
Is that the really the newest version available? Maybe I'm confused as to how this works, but if I go to kernel.org it tells me the most recent stable version of the kernel is 2.6.24.3. Is this because I am running FC4?
we have one box in hivelocity.net that has been down so many times this month that we were forced to remove links to siteuptime where we were once so proud of having a 99.7% uptime for 3 years in theplanet.
syslog shows that just before crashing, these entries were made:
kernel: kernel BUG at mm/rmap.c:479
kernel: invalid operand:0000 [#1]
dmesg also shows this:
...
Brought up 2 CPUs
zapping low mappings.
checking if image is initramfs... it is
Freeing initrd memory: 482k freed
NET: Registered protocol family 16
PCI: PCI BIOS revision 2.10 entry at 0xf9f20, last bus=1
PCI: Using configuration type 1
mtrr: v2.0 (20020519)
mtrr: your CPUs had inconsistent fixed MTRR settings
mtrr: probably your BIOS does not setup all CPUs.
mtrr: corrected configuration.
...
i've googled these messages and they point to ram problems.
hivelocity.net claims to have done diagnostics on the box and that there were no problems reported.
they said this is a result of a sys configuration problem made by us.
any ideas?
running centos/virtuozzo 2.6.18-028stab062.3
when i configure vmware it asks at one point for kernel header files. where would i find them to match the current kernel?
i asked at parallels forums but help there is very scarce. i checked openVZ repositories and they dont yet have headers for this version.
what are my options? i have one last windows machine left and want to run it in VMware.
I have a server running cPanel.
At the moment, I am been hosted on an unmanaged server (dedicated).
My server provider is offering $25/hour for managed support.
My Kernal and Centos have not been updated for a while and I am looking to upgrade both of them. I am wondering how long would these 2 jobs normally take?
I am trying to install the kernel source.
I have downloaded kernel-2.6.20-1.2948.fc6.src.rpm
I am using fedora 6 64bit.
here are my current kernels:
kernel-headers-2.6.20-1.2948.fc6
kernel-devel-2.6.20-1.2944.fc6
yum-kernel-module-1.0.3-1.fc6
kernel-2.6.20-1.2944.fc6
kernel-devel-2.6.20-1.2948.fc6
kernel-2.6.20-1.2948.fc6
here is what I seen when I installed kernel-2.6.20-1.2948.fc6.src.rpm
rpm -ivh kernel-2.6.20-1.2948.fc6.src.rpm
1:kernel warning: user brewbuilder does not exist - using root
warning: group brewbuilder does not exist - using root
warning: user brewbuilder does not exist - using root
########################################### [100%]
warning: user brewbuilder does not exist - using root
warning: group brewbuilder does not exist - using root
then when I ran:
rpmbuild -bp --target=$(uname -m) /usr/src/redhat/SPECS/kernel-2.6.spec
I seen this error:
+ Arch=x86_64
+ make ARCH=x86_64 nonint_oldconfig
In file included from /usr/include/sys/socket.h:35,
from /usr/include/netinet/in.h:24,
from /usr/include/arpa/inet.h:23,
from scripts/basic/fixdep.c:117:
/usr/include/bits/socket.h:310:24: error: asm/socket.h: No such file or directory
make[1]: *** [scripts/basic/fixdep] Error 1
make: *** [scripts_basic] Error 2
error: Bad exit status from /var/tmp/rpm-tmp.93770 (%prep)
I need to have this installed to get a app installed etc...
suggestions or ideas?
thanks
I have a Xen VPS. I started with a Debian 4 image and have since upgraded to Debian 5. Firstly was this advisable? Secondly what Kernel version should I be running, or rather is it set by my installation or by the Xen server?
View 3 Replies View RelatedDoes it take 2 hours to have a new kernel up and running? The tech is taking forever to finish.
View 11 Replies View Relatedas part of a project I have lately been looking into various aspects of kernel tuning. Most notably lately tuning the TCP stack for more efficient memory usage/throughput.
Thought I would start this thread to mention some of the tools I'd found for doing testing and see what anyone else had to recommend.
So far my favorite of the bunch is nuttcp. Its easy to use and gives a very good idea of how much of your bandwidth you are able to utilize.
A few interesting web pages are as follows for anyone interested in the topic:
[url]- Tuning TCP for High Bandwidth Delay networks
[url]- TCP Tuning Cook book, some interesting information in there as well
[url]...formanceTuning - Performance Tuning TWiki. Has a list of useful tools, flags for existing tools and ways to monitor network performance from a system level, along with some suggestions of things to correct
What is the best way to find out which filesystems and harddrive drivers you can remove? Obviously, i need ext2,3 but how do you find which HD you only need?
View 1 Replies View Relatedrecently,my dedicated server down frequently,
i can not find any important info from /var/log/messages
but i find some records many time on it,those like
----------------------------------
Jun 15 05:30:40 server kernel: ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
Jun 15 05:30:40 server kernel: ata1.00: (irq_stat 0x40000001)
Jun 15 05:30:40 server kernel: ata1.00: cmd 25/00:08:42:23:d2/00:00:2c:00:00/e0 tag 0 cdb 0x0 data 4096 in
Jun 15 05:30:40 server kernel: res 51/40:00:42:23:d2/00:00:2c:00:00/e0 Emask 0x9 (media error)
Jun 15 05:30:40 server kernel: ata1.00: configured for UDMA/133
Jun 15 05:30:40 server kernel: ata1: EH complete
Jun 15 05:30:42 server kernel: ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
Jun 15 05:30:42 server kernel: ata1.00: (irq_stat 0x40000001)
Jun 15 05:30:42 server kernel: ata1.00: cmd 25/00:08:42:23:d2/00:00:2c:00:00/e0 tag 0 cdb 0x0 data 4096 in
Jun 15 05:30:42 server kernel: res 51/40:00:42:23:d2/00:00:2c:00:00/e0 Emask 0x9 (media error)
Jun 15 05:30:42 server kernel: ata1.00: configured for UDMA/133
Jun 15 05:30:42 server kernel: ata1: EH complete
Jun 15 05:30:44 server kernel: ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
Jun 15 05:30:51 server kernel: ata1.00: (irq_stat 0x40000001)
Jun 15 05:30:51 server kernel: ata1.00: cmd 25/00:08:42:23:d2/00:00:2c:00:00/e0 tag 0 cdb 0x0 data 4096 in
Jun 15 05:30:51 server kernel: res 51/40:00:42:23:d2/00:00:2c:00:00/e0 Emask 0x9 (media error)
Jun 15 05:30:51 server kernel: ata1.00: configured for UDMA/133
Jun 15 05:30:51 server kernel: ata1: EH complete
Jun 15 05:30:51 server kernel: ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
Jun 15 05:30:51 server kernel: ata1.00: (irq_stat 0x40000001)
Jun 15 05:30:51 server kernel: ata1.00: cmd 25/00:08:42:23:d2/00:00:2c:00:00/e0 tag 0 cdb 0x0 data 4096 in
Jun 15 05:30:51 server kernel: res 51/40:00:42:23:d2/00:00:2c:00:00/e0 Emask 0x9 (media error)
Jun 15 05:30:51 server kernel: ata1.00: configured for UDMA/133
Jun 15 05:30:51 server kernel: ata1: EH complete
Jun 15 05:30:51 server kernel: ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
Jun 15 05:30:51 server kernel: ata1.00: (irq_stat 0x40000001)
Jun 15 05:30:51 server kernel: ata1.00: cmd 25/00:08:42:23:d2/00:00:2c:00:00/e0 tag 0 cdb 0x0 data 4096 in
Jun 15 05:30:51 server kernel: res 51/40:00:42:23:d2/00:00:2c:00:00/e0 Emask 0x9 (media error)
Jun 15 05:30:51 server kernel: ata1.00: configured for UDMA/133
Jun 15 05:30:52 server kernel: ata1: EH complete
Jun 15 05:31:26 server kernel: ata1.00: configured for UDMA/133
Jun 15 05:31:30 server kernel: sd 0:0:0:0: SCSI error: return code = 0x08000002
Jun 15 05:31:33 server kernel: sda: Current [descriptor]: sense key: Medium Error
Jun 15 05:31:36 server kernel: Add. Sense: Unrecovered read error - auto reallocate failed
Jun 15 05:31:36 server kernel:
Jun 15 05:31:39 server kernel: Descriptor sense data with sense descriptors (in hex):
Jun 15 05:31:46 server kernel: 72 03 11 04 00 00 00 0c 00 0a 80 00 00 00 00 00
Jun 15 05:31:51 server kernel: 2c d2 23 42
Jun 15 05:31:56 server kernel: end_request: I/O error, dev sda, sector 751969090
Jun 15 05:31:57 server kernel: ata1: EH complete
Jun 15 05:31:57 server kernel: SCSI device sda: 976773168 512-byte hdwr sectors (500108 MB)
Jun 15 05:31:58 server kernel: sda: Write Protect is off
Jun 15 05:31:58 server kernel: SCSI device sda: drive cache: write back
Jun 15 05:31:59 server kernel: SCSI device sda: 976773168 512-byte hdwr sectors (500108 MB)
Jun 15 05:32:03 server kernel: sda: Write Protect is off
Jun 15 05:32:04 server kernel: SCSI device sda: drive cache: write back
-------------------
is it safe ? or any hardware error?
can i upgrade my kernel?
yum cant find any new update but my kernel version is 2.6.18-128.1.1.el5.028stab062.3PAE
I have following error in kernel update with yum:
Downloading Packages:
Running rpm_check_debug
ERROR with rpm_check_debug vs depsolve:
Package kernel conflicts with ecryptfs-utils < 44.
Complete!
So kernel not updated yet.
I copied the default config file and renamed it as .config but I get this:
Code:
WARNING: No module dm-mem-cache found for kernel 2.6.27.10-grsec, continuing anyway
WARNING: No module dm-region_hash found for kernel 2.6.27.10-grsec, continuing anyway
WARNING: No module dm-message found for kernel 2.6.27.10-grsec, continuing anyway
WARNING: No module dm-raid45 found for kernel 2.6.27.10-grsec, continuing anyway
i have a dedicated server with Centos 5.2 32bit.
my cpu is 64bit but for some software, datacenter install 32bit for me.
i need more ram and order to datacenter, before my ram was 4 Gig and now my ram is 6 gig . but cpu just use 3 gig of ram.
i install kernel-PAE with "yum install kernel-PAE " command and my ram down to 2.5 Gig. now my server used just 2.5 gig of ram.
i can not reformat server because of i have some vps in this server ( Xen vps )
when doing 2.6.26+ or w/e it is, how do you enable conntrack, what options do i need to enable under make menuconfig?
net.netfilter.nf_conntrack_acct = 1
net.netfilter.nf_conntrack_generic_timeout = 120
error: "net.netfilter.nf_conntrack_icmp_timeout" is an unknown key
error: "net.netfilter.nf_conntrack_tcp_timeout_close" is an unknown key
error: "net.netfilter.nf_conntrack_tcp_timeout_time_wait" is an unknown key
error: "net.netfilter.nf_conntrack_tcp_timeout_last_ack" is an unknown key
error: "net.netfilter.nf_conntrack_tcp_timeout_close_wait" is an unknown key
error: "net.netfilter.nf_conntrack_tcp_timeout_fin_wait" is an unknown key
error: "net.netfilter.nf_conntrack_tcp_timeout_established" is an unknown key
error: "net.netfilter.nf_conntrack_tcp_timeout_syn_recv" is an unknown key
error: "net.netfilter.nf_conntrack_tcp_timeout_syn_sent" is an unknown key
error: "net.netfilter.nf_conntrack_udp_timeout" is an unknown key
error: "net.netfilter.nf_conntrack_udp_timeout_stream" is an unknown key
net.netfilter.nf_conntrack_max = 262144
and how do i know which hardware/devices that i can remove?
I have a FreeBSD server crashing a few times per week sometimes 2 or 3 times in one day, then 3 days fine sometimes each other day...
/var/log/messages shows nothing related to the reboot when looking at the server screen after a crash, it showed kernel panic
any ideas on how to troubleshoot that with the minimum downtime possible? DC already tried swapping memory, but it didn't solve
I've never actually compiled a kernel before, and wanted to know the basics when it comes to compiling for a standard CPanel/Centos 32bit system.
View 10 Replies View Relatedi compiled my kernel and i have problem.. i dont have lilo on my server so i dont know how to change the grub.conf file to boot my new kernel..
View 7 Replies View RelatedHow Can i translate An Kernel Exploit to secure my server like that
[url]
how can i now what i do to my server if i see any exploit
I have always used RPM kernels from the RedHat Network, in this time I need to compile an SMP kernel in a server that is used to serve common webhosting traffic (web, ftp, email, etc) with cPanel.
I have compiled kernels from source in desktops stations, but never in remote servers.. do you have any recommendations to do this at a Dual Xeon 3.2 RHE 5 + cPanel server? Oh.. almost forgot.. I will also compile it with GRsecurity.
Should I use a src kernel from RedHat, or a kernel.org latest kernel?
I installed CentOS 5 on a server with 2 quad core CPU's and 4GB of RAM. After the installation is done and during boot I see a warning that says "Warning only 3GB will be used".
So, just to check, I installed CentOS 4.4 and it sees all 4GB of RAM.
Are there any memory limitations on the distro? or could it be that the desktop kernels made their way into the iso's from upstream?
I am recompiling the kernel with the src rpm. I haven't been able to get any kernel to boot properly since i got this server.
I really could use some help, below i posted lspci, lsmod and cat interrupts. What I really need help with is which kernel modules are necessary for my server.
lspci: [url]
lsmod: [url]
interrupts: [url]
I have already tried a kernel with ext3, and sata support compiled in but it never boots.
For everyone out there who have dedicated servers with linux kernel, do you use a kernel patch like GrSecurity for extra security and piece of mind or not and why?
I am using mostly VPS with huge resources for hosting sites because I didn't have the budget for Raid 5, Data Redundancy and managed servers. But now I just leased my first Dedicated running Centos (for better compatibility with CPanel) and I am concerned about the kernel's security issues.
I am using Grsecurity on a labrat (home server) for testing purposes but I dont know if it is the right option for a Production Live server.
I just got 2 'kernel panic' crashes in a row (about 1 hr between them). During that time
I cannot access ssh, I need to contact the datacenter for manual reboot.
I checked logs, and I cannot see anything abnormal. I am also not sure what I should be looking for.
I'm really scarred that this is going to keep hapening.
I actually may have found something in logs:
Nov 1 13:20:43 punky kernel: audit(:0): major=252 name_count=0: freeing multiple contexts (1)
lov 1 13:20:43 punky kernel: audit(:0): major=316 name_count=0: freeing multiple contexts (2)
lov 1 13:20:50 punky pure-ftpd: (shont@84.201.220.8) [INFO] Logout.
Nov 1 13:45:04 punky syslogd 1.4.1: restart.
But I still don't know what this means.
I use CentOS.