Best of Tech Support
I want to ask a couple of questions. 1) I was wondering if there was a serious performance impact to formatting a Linux partition with the following commands:
mkfs.ext2 -i 1024 -b 1024 /dev/hda1 mkfs.ext3 -i -1024 -b 1024 /dev/hda2
I know that using the second command would enable the Journal filesystem, but would having so many inodes slow down the system? I'm trying to use this on a firewall system with Squid, INN and qmail services.
2) I have a matching pair of 486DX 66MHz systems and a 486SLC2 50MHz
system, each with 32MB of RAM. Is there any way I could use Linux Rat Hat
9 on them? Or should I install Red Hat 6.2 and use up2date on them?
1) The effect of the size and number of inodes on disk access speed depends on the types of files they are used to reference. The commands given above indeed would yield greater utilization of the hard drive's capacity, and this seems like a good thing. This is especially true on larger hard drives, which multiply the effect of this value.
In practice, however, Web pages and messages have grown beyond 1KB
files. Limiting a filesystem's block size to this value forces Linux to
traverse a much larger tree of inodes to find the relevant entries
and then remember which they are. The more inodes there are in one file, the
longer this takes. Given the cost per megabyte of hard drives today, and the
likelihood that the savings would amount to less than 100MB of space,
might be a more reasonable value.
1) As Chad pointed out, the block size you choose will affect the
performance. If the files you access the most often are over 1KB in
size, you will have to access multiple inodes to retrieve these
files and, thus, incur a performance hit. It's not so much a question
of having a lot of inodes, but rather one of how many inodes will
need to be accessed in order to retrieve the most commonly used files.
That is, the issue is the average inode-to-file-size ratio—the inverse
of the -i parameter in your mkfs command. Take this into consideration
when laying out your filesystem and decide whether you want to optimize for
speed or for total storage capacity. And, take into account what you
predict to be the average size of what will be the most commonly accessed
files. Also, make sure you don't limit yourself to too few inodes. It's
likely that you will end up with significantly more files in the long run
than you originally thought—depending on what you plan to do
with the machine, of course—so make sure to not be too stingy. As for the
performance issues between ext2 and ext3, an additional amount of
overhead is associated with a journaling filesystem, but the performance
hit generally is thought to be minimal, especially when weighed against the
benefit of having a journal.
2) Neither Red Hat 9 nor Red Hat 6.2 is still supported, which means no more security updates. The successor, Fedora, requires a Pentium or better. You'll need to install a distribution such as Gentoo or Debian that has both pre-Pentium CPU support and current security fixes.
No matter what you install, this class of machine
will be too slow for a modern desktop. You can
use them for Web servers, print servers, firewalls
or machines to learn on, though.
I am having a problem with a Red Hat 7.2
installation on a 133MHz PC that I'm using as
a Smoothwall proxy. I successfully installed the
software, but when the computer rebooted and I tried
to log in, I got a message similar to error in
service mode. It's hard to tell because it flashes
on the screen very quickly and then brings me back
to a login screen. I checked the filesystem and made
sure that bash was installed and that the environment
path was set correctly. There still is something wrong
though, because it's not logging me in. Can you
suggest what the problem might be or, even better,
point me toward a solution to this issue? I really
would appreciate it.
When the system is booted up and is showing the login screen, press and
hold the Ctrl-Alt keys and press the F1 function key. This gives you
the command line. You should be able to log in there as the root user
with the root password. You can navigate to console 1 through 6 by using
the Alt-F1 to Alt-F6 key combinations; F7 is graphical display.
As you navigate from console 1 to 6, you may see more details about the
error message and/or the events leading to it. Once you log in, look at
/var/log/messages and other log files in the /var/log directory. This
should get you started.
Usman S. Ansari
Are you running with a graphical login? If so, try disabling it by editing /etc/inittab and changing to runlevel 3 instead of 5. Change the line:
or do it temporarily through your bootloader. If you aren't running xdm,
try examining your log files and searching for errors. Specifically,
look at /var/log/messages and /var/log/secure, and if using X, look in the
X logs as well.
This may be a silly question, but I'm considering
putting Linux on my 80GB HD as a second OS. I'm
looking to use it mainly for media, word processing,
movies and music, as I've heard Linux is resource
efficient. I'll be keeping Windows on mainly for
gaming. I also have an Athlon 64 3500+ and want
to make use of it with a 64-bit build that works
well. Can you direct me to a distro that would allow
me to use my 64-bit processor to its best ability
and that also would allow for easy media playback,
Net surfing and so on? I looked at MandrakeLinux, but
I've been hearing a lot of bad things about its AMD64 build. Thanks for your time, and I look forward
to hearing your response.
If I may shamelessly plug Gentoo (www.gentoo.org), this distribution allows you to get the most out of almost any hardware platform, because you have the option of natively compiling packages for your platform as you install them. This feature also commonly is listed as Gentoo's downside, because this process can be time consuming. However, the Gentoo team has worked hard to provide binary builds for a variety of platforms, including 64-bit, so this is less of an issue today.
Gentoo's installation process can be daunting, and although the
developers are working on a formal installer, you may or may not like
what you see when you start to load it. If you need an alternative,
Red Hat and Novell/SuSE are good places to start. Both provide native
builds and clear, intuitive installers. For a free option, you can't
go wrong with Debian, whose developers call their AMD64 port “the most
complete port after i386”—clearly an in-demand platform. All of the
distributions mentioned here provide package managers that allow you
to keep your system up to date and easily install new applications,
such as the media players and, more important, the codecs you are after.
I am running Red Hat 9.0, kernel 2.4.20-8, and I am
using the supplied Apache server. When I log on to
the server, I see a Test Page. I have my home page
files in /var/local/www/html, as instructed. I am
told to swap the test page for my home page, which
is what I want to do. Have you any idea what file I
should edit to make this happen? I have printed out
the 15 pages of the httpd.conf file and scanned them
for more than a few days, to no avail.
I believe in Red Hat 9's default Apache installation, the test page is
located in /var/www/html/index.html. So if you want to replace it,
back up that file and replace it with yours.
Look for the DocumentRoot line in your Apache configuration file. That's the directory where your home page lives. Now look for the DirectoryIndex line. That's a list of possible names for the file. Before you put too much work into the system, though, you'd be better off to upgrade to a distribution that has current security updates. Red Hat 9 security fixes ended on April 30, 2004.
Is this Red Hat Museum Week or something?
I have been administering Windows servers through a
VPN connection for a long time. Is there a similar way
to administer Linux systems? I realize I can VPN to a
Linux system, but I mean is there a preferred method
to access Linux systems remotely and do administration
work? Could you recommend any books on the subject?
The classic tool for administering Linux systems
remotely is OpenSSH (www.openssh.com).
It comes pre-installed on all the common distributions
and gives you an encrypted way to run commands and
transfer files without setting up a VPN.
If you do want a VPN, Mick Bauer has an overview at
I am trying to configure a bind server for my intranet using a residential cable modem router as the DHCP server. I am interested in having an intranet name to private IP address resolution and have any Internet DNS request forwarded to my ISP's DNS servers. I have been successful with getting the server to respond to an address record request (ls -t), but it won't return individual hostname IP addresses.
I have the root zone configured to point back to the
bind server on the same PC. I also set up the domain
zone ort.cloud containing the bind server host PC,
router IP and hostnames of the individual network
PC's IP to name mapping and canonical name to IP
address mapping. Another zone takes care of the
name to IP address and canonical name to IP address
mapping. I'm not sure whether this redundancy is
necessary or not, but it's kind of working for the
Probably the best source for information on setting up a DNS is the
DNS-HOWTO, www.tldp.org/HOWTO/DNS-HOWTO.html. The author of
that HOWTO, Nicolai Langfeldt, also has written a book entitled
and Bind that claims to offer more details and examples than the HOWTO.
I have a setup similar to the one you are looking to achieve: an
internal DNS that serves the local private domain requests and
connects to an outside server for external translations. If I recall
correctly—it's been a while since I set it up—I found numerous simple
examples and configs for accomplishing what I needed by Googling for
“caching only nameserver”.
For some time I hesitated to forward my problem to you, but I have no
idea how to solve it. My distribution is Slackware 10.0, my kernel 2.6.9,
the compiler 3.3.4, and I am booting from CD with isolinux. The problem is
the modem chip 536EP from Intel is not supported under Linux. The
Intel-provided source code, Intel-536ep-4.69-5.4.src.rpm, is okay and my modem
works. When I use a new kernel, I have to compile it separately. During
the booting process I always get Intel536: module license 'Proprietary'
taints kernel, but the modem works. I use KPPP under KDE 3.2. When
kernel 2.6.10 came, I patched my kernel, compiled it with the same
.config file and compiled the 536ep code again, but the modem doesn't
work. There's no initialization, no waiting for the OK after ATZ and no dial tone. Of
course, the old kernel 2.6.9 still is available and works with my modem.
I would appreciate any help, comments or further assistance from you
regarding this issue.
You are relying on an out-of-the-main-kernel-tree driver to work properly
on future kernel releases. That is almost guaranteed to not work over
time, as kernel apis change and morph due to bug-fixes, security issues
and feature changes. Please see
for details about why the Linux kernel does not have a stable internal
kernel api. I recommend contacting the author of the driver and asking
him for help, as he is the one that knows the code the best.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- BitTorrent Inc.'s Sync
- The Death of RoboVM
- The US Government and Open-Source Software
- New Container Image Standard Promises More Portable Apps
- Open-Source Project Secretly Funded by CIA
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide