Category Archives: Red Hat Enterprise Linux

Oracle removes gnome packages from its database requirements

As a sysadmin I try to make sure my servers will have the minimal installation needed in order for them to work. In most cases this policy works fine, but some applications depend on too much unneeded software like GUI or sound packages.

Two years ago I wrote about “Why does Oracle’s applications needs xscreensaver in order to run ?“. It seems that finally things have changed.

In it’s latest version of the 10g r2 release notes (B15666-14), Oracle dropped the control-center and gnome-libs packages from the software requirements. This change is only relevant for RHEL5, as the list for RHEL4 (x86_64) haven’t changed except from dropping xscreensaver and adding some other packages.

Notice that for RHEL5, 3 packages were added in order to let the installer display it’s graphical interface:

  • libXp-1.0.0 (i386)
  • libXt-1.0.2 (i386)
  • libXtst-1.0.1 (i386)

I’m glad to see Oracle update it’s software requirements as a lot of people in the databases world are afraid to make changes which are against the official documentation, regardless of how wrong it might be.

Leave a comment

Filed under Proprietary software, Red Hat Enterprise Linux, System Administration

Doing a minimal installation for RHEL 5.3 with kickstart

When installing RHEL 5, it doesn’t matter if you deselect all the packages during the installation. You’ll still end with the @dialup and @java groups.

If you do a kickstart installation, you can set your %packages to

This also might save you the disks changes (all or some). This will result with about 900+ MB for / (not including /boot). If you want something even more minimal (e.g. only for firewall) you can choose the “%packages –nobase” option.

Leave a comment

Filed under Red Hat Enterprise Linux

Red Hat Enterprise Linux Life Cycle

Last month RHEL 4.8 was released (see release notes). With this release RHEL 4 is entering phase 2 of it’s life cycle. During this phase only urgent software updates will be done and important or critical security issues will be handled.

During the Production 2 life cycle phase, at a minimum, qualified security errata of important or critical impact, as well as, urgent priority bug-fix errata may be released independent of minor releases.

If available, refreshed hardware enablement that does not require substantial software changes may be provided at the discretion of Red Hat via minor releases. New software functionality is not available during this phase. All available and qualified errata will be provided via the minor releases. The focus for minor releases during this life cycle phase lies on resolving defects with a minimum priority of high.

Updated install images will only be provided for minor releases during the Production 2 life cycle phase if required due to installer changes at Red Hat’s discretion.

Regrading RHEL 4, it seems the the release of 4.9 somewhere around Q1 2010, will end the 2nd phase, and the start of the 3rd one. It in the 3rd phase no new hardware is supported, and only mission critical bugs fixes are done. Security bug fixes has the same police like the second phase.

If you’re running RHEL version prior to version 4, notice that RHEL 2.1 just finished it’s 7 years life cycle on may 31st, and RHEL 3 will end it’s life cycle in October 31st, 2010. Details are available at Red Hat Enterprise Linux Life Cycle page.

1 Comment

Filed under Fedora, Red Hat Enterprise Linux

Working for Free? – Motivations of Participating in Open Source Projects

I’ve been asked to summarize an article by Alexander Hars & Shaosong Ou about motivations of participating in open source projects written in 2000 for a psychology course. It was very interested to see how many things can motivate one to invest in open source.

Although none of the motivators was new to me, I still found the article very interesting. In fact, during the presentation of the article to the class I added my point of view and the reasons I participate in open source. I realized that, although not intentionally, I enjoyed every motivator mentioned in the article, except “selling related products and services”.

It would be quite interesting to have this article done again, as the open source world became bigger and has more payed people working on free software. Any volunteers ?


Filed under Debian GNU/Linux, Fedora, Mozilla,, Red Hat Enterprise Linux, Ubuntu

Network bonding types and configuration in Linux

A few days after the first time I created a network bonding device in Linux, I had to create two network bonding on the same machine.

Sounds simple, but it seems that be default you can create only one device. As I tried to figure how to create two devices, I had a chance to investigate a bit on the issue of network bonding.

While the setting in /etc/sysconfig/network-scripts are quite simple and straight forward (see the RHEL References guide – Channel Bonding Interfaces), the settings in /etc/modules.conf hold some options to choose from.

First, we need to have a line the says that the device is a bonding device, so the the bonding module will manage it: alias bondX bonding

Most how-to also sugget to add the following line: options bond0 mode=0 miimon=100 or options bond0 mode=1 miimon=100

But the mode parameter has a meaning that the system administrator should choose:

  • Mode 0 or balance-rr is the Round-robin policy which gives fault tolerance and load balancing. This mode sends are receives package on each node in a sequential order. So the load is distributed on all NICs.
  • Mode 1 or active-backup which gives only fault tolerance without load balancing. This modes sends all packets through the one active slave. The slave changes only if the active slave fails.

Other, more advanced modes are documented in the Kernel documentation at Documentation/networking/bonding.txt and the RHEL References guide – bonding Module Directives.

Returning to my original issue – creating two network boding devices. By default the bonding module let you create only one bonding device, adding the line options bonding max_bonds=2 to /etc/modules.conf lets you (after reloading the driver) to make two bonding devices.

Notice that this time the options are for the bond module and not for a specific alias of the module.

RHEL5, lets you change the bonding options in the bond config file (e.g. /etc/sysconfig/network-scripts/ifcfg-bondo), with the BONDING_OPTS variable: BONDING_OPTS="mode=1 miimon=100".

On RHEL4, you can achive the same goal with these settings in /etc/modules.conf:

alias bond0 bonding
options bond0 -o bond0 mode=1 miimon=100
alias bond1 bonding
options bond1 -o bond1 mode=0 miimon=50

as it causes the bonding module to be loaded twice and alias each one of the differently.

On RHEL machines you’ll need the iputils packages, which has /sbin/ifenslave to add the slaves to the bond when the are configured.


Filed under Red Hat Enterprise Linux, System Administration

When LVM volume groups collide

I took my hard drive and connected it to another computer with Linux installed. Both HDs had a PV which contained a VG named “vg00”. This collistion was the first time I had encounterd this situation and had to solve it to get access to files on both VGs.

During boot I noticed messages saying there two vg00 on the machine and one is taken precedence over the other. Example message:

[lvm] WARNING: Duplicate VG name vg00: Existing
K0qKAk-Ph5i-BcAX-y4yp-SPF3-TZgj-DufR3L (created here) takes precedence
over K0qKAk-Ph5i-BcAX-y4yp-SPF3-TZgj-DufR3L

The trivial solution is to rename the extra VG to something different and get the access I want to the files. But there are two problems:

  1. As the first vg00 has precedence, I can’t do actions on the second one. The LVM commands ignore the second one.
  2. I can’t act on the first VG as it’s active for most of the system’s file systems.

Trying vgrename command with the second VG UUID didn’t work. I had to deactivate the first VG first (luckily I have the root FS outside of LVM), rename it, and rename the second VG and then rename the first VG again.

This resulted in having vg00 and vg01. And now I could activate them both and access the files.

I hope to have the time to reproduce the problem on another distro to make sure that’s a general LVM2 problem. Having renmae by UUID would save time to fix the problem and help people who need to boot from CD just to get their VG deactivated (since root FS is on LVM).


Filed under Debian GNU/Linux, Red Hat Enterprise Linux

Risk report: Three years of Red Hat Enterprise Linux 4

Mark J Cox, the Director of the Red Hat Security Response Team, published an update to RHEL 4 risk report:

Red Hat® Enterprise Linux® 4 was released on February 15th, 2005. This report takes a look at the state of security for the first three years from

Two of the lines in the conclusion are:

A default installation of Enterprise Linux 4 AS was vulnerable to seven critical security issues over the first three years.

A customised installation of Enterprise Linux 4, selecting every package, would have been vulnerable to 76 critical browser security issues, and 11 in non-browser packages in the three years.

But I doubt how many people use the default installation “as is” or are fulish enough in install everything. I would like to know the security effect of RHEL4 minimal installation, as this my way to install RHEL.

It will also be interesting to see similar reports from other distributions, especially on the response times, as I guess most security issues are common anyway due to shared applications.

Leave a comment

Filed under Red Hat Enterprise Linux

The benefits of working with GPL drivers

For the last few day I’m having problem with the tg3 driver for Broadcom’s NetXtreme Ethernet NIC on an IBM System x3850 machine with RHEL4 update 4.

The problem was that the tg3 driver recognizes only one NIC and ignores the other, although lspci / lshw can show there are two on board NICs. The weird thing is that I couldn’t find reference to such a problem on google.

IBM’s technical people suggested that I should use an updated driver, a change I’m usually reluctant to do, as some hardware requires proprietary drivers which come as a “black box”. But this time, the driver is licensed under the GPL and is also available in latest kernel releases.

IBM provides a set of pre-built RPMs for RHEL4, but it only covers old updates for RHEL (which also represent minor changes to the kernel installed). With this set IBM also provides a source RPM to build the module yourself. That was easy enough to do, just install rpmbuild, the right kernel development package (usually kernel-`uname -`-devel), install the source RPM and build the custom RPM for your kernel.

I fail to understand why IBM also provides a few more scripts and tools to build the rpm and install the pre-built ones. Every system administrator should be comfortable with using RPMs directly instead of using scripts to run a lot of other stuff before the actual RPM commands.

The updated driver did solve the problem, and I finally can use both NICs.

Having IBM’s stuff is nice, but I wanted to know what options do people have, without using their wrapping over the original driver. So I went to see what Broadcom have to offer.

On their FAQ, Broadcom declare:

To better support users, Broadcom has been actively supporting, maintaining, and testing the in-kernel Linux drivers for the NetXtreme, NetXtreme II, NetLink and 4401 product lines.

I found that Broadcom offer an updated version for the tg3 driver (comparing to RHEL4 update 4) on their NetXtreme Server Drivers page. Clicking the download page showed this message:

The Broadcom Linux Ethernet drivers are licensed under the GNU GPL. The full text of the license is available in the driver archive.

That’s must be a good start (:

Broadcom doesn’t give you pre-built RPMs, but they do provide a source RPM to ease your job. I actually preferred their simple spec file over IBM’s complex spec file.

To conclude, having GPL drivers enable system administrator to build the drivers specifically for their system (operating system, distribution and kernel version), and lower the pressure (or necessity) for vendors to offer pre-built packages for each possible combination.

1 Comment

Filed under Proud to use free software, Red Hat Enterprise Linux

My thoughts on RHEL 5.1 installation

I decided to test RHEL 5.1 to check what changed since RHEL 4. As I usually do a network installation, I had a few surprises.

The installation was done with qemu (with kqemu module) on an AMD Athlon(tm) XP 1800+ processor. The virtual ram was set to 256MB. The installation was done an an LVM LV, and took 25 minutes (pretty good I believe).

I tried to do a minimal installation, so I deselected all the available packages from the list. I ended up with 366 rpms and 935 MB on the disk (excluding /boot).

Look back in the anaconda-ks.cfg seems like that not the minimal installation as this is the %packages section:


I couldn’t find on the CDs a file to explain each of the groups here. The manuals talk about comps.xml for this info, but there is no such file on the 5 CDs. Such files are available for the extra software on the CDs like the cluster / virtualization software.

I also was surprised to see that I needed 3 CDs for the minimal installation. Although cd #2 was needed only for:

  • libgcj
  • java-1.4.2-gcj-compat
  • gjdoc
  • jpackage-utils

and cd #3 only for:

  • wvdial
  • isdn4k
  • minicom
  • lrzsz
  • libwvstreams
  • antlr

I guess these could easily be moved to the first CD and save people the CD changes which wastes time while babysitting the installation instead of doing it completely unattended. Also, seems like by removed the @dialup and @java groups we can be satisfied with only the #1 CD.

This also brought to my attention the method red hat choose on which CD each RPM will be placed. I’m sure doing a popularity contest like Debian is hard for a commercial distribution, but still knowing the method behind the CDs will be useful.

Generaly speaking, the installation went fine. I can start testing the system itself. about testing the


Filed under Red Hat Enterprise Linux

Why does Oracle’s applications needs xscreensaver in order to run ?

Working with some of Oracle’s products, made me wonder about their installation requirements as appears in the documentation.

Let start with Oracle® Database 10g Release 2. The installation guide for linux x86 says under “Checking the Software Requirements” it needs the following RPMs for RHEL 4.0:

  • binutils
  • compat-db
  • compat-libstdc++-296
  • control-center
  • gcc
  • gcc-c++
  • glibc
  • glibc-common
  • gnome-libs
  • libstdc++
  • libstdc++-devel
  • make
  • pdksh
  • sysstat
  • xscreensaver
  • setarch

Most of them are valid requirements when needing to compile C/C++ code (as it may be done inside the database). But why do I need to install gnome’s libraries, gnome’s control-center and xscreensaver?

I fail to see how are these 3 are related to running a database. It is reasonable to require these packages for running a graphical installation, but that’s not a runtime requirement! I even tested that with checking the database opened files while it’s been running.

I really don’t want to have these packages installed on servers unless I must, as I believe server should contain the minimal software required on top of the distribution default installation.

Another funny (and weird) fact is that for SELS 9.0 there isn’t any requirement for gnome’s control-center. For RHEL 3.0 there aren’t any requirements for the 3 packages…

Mentioning optional requirements are probably the best why to solve this, unless there’s some real requirement that eludes me. John Smiley’s “Installing Oracle Database 10g Release 2 on Linux x86″ has this for openmotif21 which is mentioned as needed only for Oracle demos.

The same happens for Oracle® Enterprise Manager in installation guide for linux x86 10g Release 2 (10.2), but this time the package requirements for RHEL 3.0 and SELS 9.0 don’t mention any of the 3 packages, whilst they are required for RHEL 4.0. Very weird.

The status for Oracle Application Server 10g Release 3 is similar.

I would be happy if someone could shed some light on the issue.


Filed under Proprietary software, Red Hat Enterprise Linux