Tag Archives: Most Popular

39

Swap Space

|

There is a wide-spread myth that swap space should be twice the size of RAM. This might have provided some benefit when 16M of RAM was a lot and disks had average access times of 20ms. Now disks can have average access times less than 10ms but RAM has increased to 1G for small machines and 8G or more for large machines. Multiplying the seek performance of disks by a factor of two to five while increasing the amount of data stored by a factor of close to 1000 is obviously not going to work well for performance.

A Linux machine with 16M of RAM and 32M of swap MIGHT work acceptably for some applications (although when I was running Linux machines with 16M of RAM I found that if swap use exceeded about 16M then the machine became so slow that a reboot was often needed). But a Linux machine with 8G of RAM and 16G of swap is almost certain to be unusable long before the swap space is exhausted. Therefore giving the machine less swap space and having processes be killed (or malloc() calls fail – depending on the configuration and some other factors) is probably going to be a better situation.

There are factors that can alleviate the problems such as RAID controllers that implement write-back caching in hardware, but this only has a small impact on the performance requirements of paging. The 512M of cache RAM that you might find on a RAID controller won’t make that much impact on the IO requirements of 8G or 16G of swap.

I often make the swap space on a Linux machine equal the size of RAM (when RAM is less than 1G) and be half the size of RAM for RAM sizes from 2G to 4G. For machines with more than 4G of RAM I will probably stick to a maximum of 2G of swap. I am not convinced that any mass storage system that I have used can handle the load from more than 2G of swap space in active use.

The reason for the myths about swap space size are due to some old versions of Unix that used to allocate a page of disk space for every page of virtual memory. Therefore having swap space less than or equal to the size of RAM was impossible and having swap space less than twice the size of RAM was probably a waste of effort (see this reference [1]). However Linux has never worked this way, in Linux the virtual memory size is the size of RAM plus the size of the swap space. So while the “double the size of RAM” rule of thumb gave virtual memory twice the size of physical RAM on some older versions of Unix it gave three times the size of RAM on Linux! Also swap spaces smaller than RAM have always worked well on Linux (I once ran a Linux machine with 8M of RAM and used a floppy disk as a swap device).

As far as I recall some time ago (I can’t remember how long) the Linux kernel would by default permit overcommitting of memory. For example if a program tried to malloc() 1G of memory on a machine that had 64M of RAM and 128M of swap then the system call would succeed. However if the program actually tried to use that memory then it would end up getting killed.

The current policy is that /proc/sys/vm/overcommit_memory determines what happens when memory is overcommitted, the default value 0 means that the kernel will estimate how much RAM and swap is available and reject memory allocation requests that exceed that value. A value of 1 means that all memory allocation requests will succeed (you could have dozens of processes each malloc 2G of RAM on a machine with 128M of RAM and 128M of swap). A value of 2 means that a different policy will be followed, incidentally my test results don’t match the documentation for value 2.

Now if you run a machine with /proc/sys/vm/overcommit_memory set to 0 then you have an incentive to use a moderately large amount of swap, safe in the knowledge that many applications will allocate memory that they don’t use, so the fact that the machine would deliver unacceptably low performance if all the swap was used might not be a problem. In this case the ideal size for swap might be the amount that is usable (based on the storage speed) plus a percentage of the RAM size to cater for programs that allocate memory and never use it. By “moderately large” I mean something significantly less than twice the size of RAM for all machines less than 7 years old.

If you run a machine with /proc/sys/vm/overcommit_memory set to 1 then the requirements for swap space should decrease, but the potential for the kernel to run out of memory and kill some processes is increased (not that it’s impossible to have this happen when /proc/sys/vm/overcommit_memory is set to 0).

The debian-administration.org site has an article about a package to create a swap file at boot [2] with the aim of making it always be twice the size of RAM. I believe that this is a bad idea, the amount of swap which can be used with decent performance is a small fraction of the storage size on modern systems and often less than the size of RAM. Increasing the amount of RAM will not increase the swap performance, so increasing the swap space is not going to do any good.

Related posts:

  1. Hot-swap Storage I recently had to decommission an old Linux server and...
  2. Bizarre “No space left on device” error from Xen What should have been a routine “remove DIMMs and run...
  3. installing Xen domU on Debian Etch I have just been installing a Xen domU on Debian...
  4. Xen Saves A couple of days ago the hardware that is used...
13

Google Earth – Almost a Great Program

|

My mother just asked me to get Google Earth (link to download page [1]) working on her machine so she can see where my sister [2] lives.

So I download all 20 megs of the sucker (of course it had a horrible license agreement that precludes packaging for Debian or any other sane distribution) and ran it (under a different account of course because I don’t trust non-free software). It’s unfortunate that Google weren’t prepared to put in the extra effort of making Debian and RPM packages for it. When I examined the contents of the file there were sym-links from FreeBSD, NetBSD, and OpenBSD to Linux and from amd64 and x86_64 to x86. So much for portability, just assume that everything is an i386 running Linux!

The first problem I encountered is that it doesn’t support installing in text mode and demands X access, have the Google people never heard of sys-admins who do their work over low-bandwidth links and don’t use X? What happens if your sys-admin is using a braille terminal?

When I enabled X by “ssh -X” I encountered the error below (Error 1). It seems that the installation program was not written with the X11 Security Restrictions in mind and only works with “ssh -Y“. The same applies to actually running the program once it’s installed.

Finally it gave me a GNOME error dialogue about the Bitstream Vera Sans font not being installed. If they had made a Debian package then it could have depended on the package that provides the font in question. Now I’m left wondering which package provides it, and whether it’s even available (maybe they depend on non-free fonts).

Once I got it working I found it to be incredibly slow on my Pentium-M laptop with 1.5G of RAM. I ran it on a Pentium-D desktop system in a Xen DomU (it’s only 32bit and I couldn’t figure out how to get the AMD64 version of Debian to run i386 programs without a chroot or a Xen instance). But it still wasn’t particularly fast. One problem is that the GUI is not well written, so I drag the Earth to rotate it from the initial view and the Earth moves slowly long after I have released my mouse button. Another is that my X server started using significantly more memory while it was running (and has not returned to it’s previous size).

Google Earth is a really neat program that does some nice things. But I’m not going to buy a new Thinkpad to run it, and the experience of running it on a Pentium-D server is not that great either. I’ve just rm’d it from my laptop, I’ll leave it installed on the server but probably won’t run it often.

I’ll try installing it on my mother’s computer (Celeron 2.4GHz with 512M of RAM) but I am not expecting it to run well. The machine is still new to her, I replaced her Pentium3 800MHz with 384M of RAM about a week ago. She never found the Pentium3 to be slow (and I don’t think that Google Earth is a good reason for an upgrade).

Continue reading

Related posts:

  1. google reader From a suggestion on my previous blog entry I decided...
  2. A Great Advertising Web Site The site noonebelongsheremorethanyou.com is an advert for a book of...
  3. Debian and Google Summer (Winter) Of Code Debian is participating in the Google Summer Of Code (or...
  4. siteminder – what you expect from CA Recently I’ve been unfortunate enough to be the sys-admin of...
  5. google-bank Currently many people have Google advertising on their web sites,...
5

Comparing Debian and Fedora

|

A common question is how to compare Fedora [1] and Debian [2] in terms of recent updates and support. I think that Fedora Rawhide and Debian/Unstable are fairly equivalent in this regard, new upstream releases get packaged quickly, and support is minimal. They are both aimed at developers only, but it seems that a reasonable number of people are running servers on Debian/Unstable.

Fedora releases (previously known as “Fedora Core” and now merely as “Fedora”) can be compared to Debian/Testing. The aim is that Fedora releases every 6 months and each release is supported until a release two versions greater is about to be released (which means that it’s about a year of support). The support however often involves replacing the upstream version of the program used to make a package (EG Fedora Core 5 went from kernel 2.6.15 to kernel 2.6.20). I believe that the delays involved in migrating a package from Debian/Unstable to Debian/Testing as well as the dependency requirements mean that you can get a similar experience running Debian/Testing as you might get from Fedora.

Stable releases of Debian are rare and the updates are few in number and small in scope (generally back-porting fixes not packaging new upstream versions). This can be compared to Red Hat Enterprise Linux (RHEL) [3] or CentOS [4] (a free re-compile of RHEL with minor changes).

Regarding stability and support (in terms of package updates) I think that Debian/Stable, RHEL, and CentOS are at about the same level. RHEL has some significant benefits in terms of phone support (which is of very high quality). But if you don’t want to pay for phone support then CentOS and Debian/Stable are both good choices. Recently I’ve been rolling out a bunch of CentOS 5 machines for clients who don’t want to pay for RHEL and don’t want to pay for extensive customisation of the installation (a quick kickstart install is what they want). The benefit of Fedora and Debian/Testing over RHEL, CentOS, and Debian/Stable is that they get newer packages sooner. This is significant when using programs such as OpenOffice which have a steady development upstream that provides features that users demand.

If you want to try new features then Fedora and Debian/Testing are both options that will work. One reason I had been avoiding serious use of Debian/Testing is that it had no strategy for dealing with security fixes, but it seems that there are now security updates for Testing [5] (I had not realised this until today).

References:

  1. http://fedoraproject.org/
  2. http://www.debian.org/
  3. http://www.redhat.com/rhel/
  4. http://www.centos.org/
  5. http://secure-testing-master.debian.net/

Related posts:

  1. more about Fedora In a comment on a previous blog entry I was...
  2. encryption speed – Debian vs Fedora I’m in the process of converting my Fedora/rawhide laptop to...
  3. installing Debian Etch A few days ago I installed Debian/Etch on my Thinkpad....
  4. Modules and NFS for Xen I’m just in the process of converting a multi-user system...
  5. SE Linux in Debian I have now got a Debian Xen domU running the...

Duplicating a Xen DomU

|

A fairly common request is to be able to duplicate a Xen instance. For example you might have a DomU for the purpose of running WordPress and want another DomU to run MediaWiki. The difference in configuration between two DomU’s for running web based services that are written in PHP and talking to a MySQL back-end is quite small, so copying the configuration is easier than a clean install.

It is a commonly held opinion that a clean install should be done every time and that Kickstart on Red Hat, FAI on Debian and comparable technologies on other distributions can be used for a quick automatic install. I have not yet got FAI working correctly or got Kickstart working on Xen (it’s on my todo list – I’ll blog about it when it’s done).

Regardless of whether it’s a good idea to copy a Xen DomU, there are often situations where clients demand it or when it’s impractically difficult to do a fresh install.

I believe that the most sensible way to store block devices with Xen is to use LVM. It is a requirement for a Xen system that you can easily create new block devices while the machine is running and that the size of block devices can be changed with minimal effort. This rules out using Linux partitions and makes it unreasonably difficult to use LUNs on a fiber-channel SAN or partitions on a hardware RAID. LVM allows creating new block devices and changing the size of block devices with minimal effort. Another option would be to use files on a regular filesystem to store the filesystem data for Xen DomU’s, if choosing this option I recommend using XFS [1] filesystem (which delivers good performance with large filesystems and large files).

If you use XFS to store the block devices for the DomU that you want to copy then you will need to halt the DomU for the duration of the copy as there is no other way of getting an atomic copy of the filesystem while it’s in use. The way of doing this would be to run the command “xm console foo ; cp /mnt/whatever/foo-root /mnt/whatever/bar-root ; xm create -c foo” where “foo” is the name of the DomU and “/mnt/whatever/foo-root” is the file that is used to store the root device for the DomU (note that multiple cp commands would be needed if there are multiple block devices). The reason for having the two xm commands on the one line is that you initially login to the DomU from the console and type halt and then the xm command will terminate when the DomU is destroyed. This means that there is no delay from the time the domain is destroyed to the time that the copy starts.

If you use LVM to store the block device then things are a little easier (and you get no down-time). You simply run the command “lvcreate -s -L 300m -n foo-snap /dev/V0/foo-root” to create a snapshot with the device name /dev/V0/foo-snap which contains a snapshot the of the LV (Logical Volume) /dev/V0/foo-root. The “-L 300m” option means to use 300Meg of storage space for the snapshot – if the writes to /dev/V0/foo-root exceed 300Meg of data then your snapshot breaks. There is no harm in setting the allocated space for the snapshot to be the same as the size of the volume that you are going to copy – it merely means that more disk space is reserved and unavailable for other LVM operations. Note that V0 needs to be replaced by the name of the LVM VG (Volume Group) Once you have created the snapshot you can create a new LV with the command “lvcreate -n new-root -L X /dev/V0” where X is the size of the device (must be at least as big as the device you are copying) and then copy the data across with a command similar to “dd if=/dev/V0/foo-snap of=/dev/V0/new-root bs=1024k“. After the copy is finished you must remove the snapshot with the command “lvremove /dev/V0/foo-snap” (please be very careful when running this command – you really don’t want to remove an LV that has important data). Note that in normal operation lvremove will always give a prompt “Do you really want to remove active logical volume“. If you made the new device bigger then you must perform the operations that are appropriate for your filesystem to extend it’s size to use the new space.

There is no need to copy a swap device, it’s easier to just create a new device and run mkswap on it.

After copying the data you will need to create the new Xen config (by copying /etc/xen/foo to the new name). Make sure that you edit the Xen config file to use the correct block devices and if you are specifying the MAC address [2] by a “vif” line in the config file make sure that you change them to unique addresses for your LAN segment (reference [2] has information on how to select addresses).

Now you must mount the filesystem temporarily to change the IP address (you really don’t want two DomU’s with the same IP address). If your Dom0 has untrusted users or services that are accessed by untrusted users (IE any Internet facing service) then you want to mount the filesystem in question with the options nosuid and nodev so that if the DomU has been cracked it won’t allow cracking of the Dom0. After changing the configuration files to change the IP address(es) of the DomU you can then umount the filesystem and start it with the xm create command.

If instead of creating the clone DomU on the same Dom0 you want to put it on a different system you can copy the block devices to files on a regular filesystem on removable media (EG an IDE disk with USB attachment). When copying the block devices you also need to copy the Xen configuration and edit it to reflect the new paths to block devices for the data once it’s copied to the new server, but you won’t necessarily need to change the MAC address if you are copying it to a different LAN segment.

References:

  1. http://en.wikipedia.org/wiki/XFS
  2. http://en.wikipedia.org/wiki/MAC_address

Related posts:

  1. installing Xen domU on Debian Etch I have just been installing a Xen domU on Debian...
  2. first look at CentOS 5 Xen I have just installed a machine running CentOS 5 as...
  3. Xen and Bridging In a default configuration of Xen there will be a...
  4. A Support Guide for Xen Here’s a guide to supporting Xen servers for people who...
  5. Red Hat virt-install and Partitions I have recently been using virt-install on CentOS 5 to...
7

Citing References in Blog Posts

|

A significant problem with the old-fashioned media is that as a general rule they don’t cite references for anything. Some of the better TV documentaries and non-fiction books cite references, but this is the exception not the norm. Often documentaries only cite references in DVD extras which are good for the people who like the documentary enough to buy it but not for people who want to rebut it (few people will pay for a resource if they doubt the truth and accuracy of it’s claims).

I can understand newspapers not wanting to publish much in the way of background information in the paper version as every extra line of text in an article is a line of advertising that they can’t sell. So they have financial pressure to produce less content, and the number of people like me who want to check the facts and figures used in articles is probably a small portion of the readership. Another issue with newspapers is that they are often considered as primary authoritative sources (by themselves and by the readers). It is often the case that journalists will interview people who have first-hand knowledge of an issue and the resulting article will be authoritative and a primary source in which case all they need to do is to note that they interviewed the subject. However the majority of articles published will be sourced from elsewhere (news agencies [ http://en.wikipedia.org/wiki/News_agency ] such as Reuters are commonly used). Also articles will often be written based on press releases – it is very interesting to read press releases and see how little work is done by some media outlets to convert them to articles, through a well written press release a corporation or interest group can almost write it’s own articles for publication in the old media.

One way of partially addressing the problem of citing references in old media would be to create a web site of references, then every article could have a URL that is a permanent link to the references and calculations to support the claims and numbers used. Such a URL could be produced by any blogging software, and a blog would be an ideal way of doing this.

For bloggers however it’s much easier to cite references and readers have much higher expectations of links to other sites to support claims and of mathematical calculations shown to indicate how numbers are determined. But there is still room for improvement. Here are some of the most common mistakes that I see in posts by people who are trying to do the right thing:

  1. Indirect links. When you refer to a site you want to refer to it directly. In email (which is generally considered a transient medium) a service such as TinyURL [ www.TinyURL.com ] can be used to create short URLs to refer to pages that have long URLs. This is really good for email as there are occasions when people will want to write the address down and type it in to another computer. For blogging you should assume that your reader has access to browse the web (which is the case most of the time). Another possibility is to have the textual description of a link include a reference to the TinyURL service but to have the HREF refer to the real address. Any service on the net may potentially go away at some future time. Any service on the net may have transient outages, and any reader of your blog may have routing problems that make parts of the net unavailable to them. If accessing a reference requires using TinyURL (or a similar service) as well as the target site then there are two potential things that might break and prevent your readers from accessing it.
    One situation where indirect links are acceptable is for the printed version. So you could have a link in the HTML code for readers to click on to get to the reference page directly and a TinuURL link for people who have a printed version and need to type it in.
    Also when linking to a blog it’s worth considering the fact that a track-back won’t work via TinyURL and track-backs may help you get more readers…
  2. Links that expire. For example never say “there’s a good article on the front page of X” (where X is a blog or news site). Instead say “here’s a link to a good article which happens to be on the front page now” so that someone who reads your post in a couple of years time can see the article that you reference.
    Another problem is links to transient data. For example if you want to comment on the features of a 2007 model car you should try to avoid linking to the car manufacturer page, next year they will release a new car and delete the old data from their site.
    A potential problem related to this is the Google cache pages which translate PDF to HTML and high-light relevant terms and can make it much easier to extract certain information from web pages. It can provide value to readers to use such links but AFAIK there is no guarantee that they will remain forever. I suggest that if you use them you should also provide the authoritative link so that if the Google link breaks at some future time then the reader will still be able to access the data.
  3. Not giving the URLs of links in human readable form. Print-outs of blog pages will lose links and blog reading by email will also generally lose links (although it would be possible to preserve them). This counts for a small part of your readership but there’s no reason not to support their needs by also including links as text (either in the body or at the end of the post). I suggest including the URL in brackets, the most important thing is that no non-URL text touch the ends of the URL (don’t have it in quotes and have the brackets spaced from it). Email clients can generally launch a web browser if the URL is clear. Note that prior to writing this post I have done badly in this regard, while thinking about the best advice for others I realised that my own blogging needed some improvement.
    I am not certain that the practice I am testing in this post of citing URLs inline will work. Let me know what you think via comments, I may change to numbering the citations and providing a list of links in the footer.
  4. Non-specific links. For example saying “Russell Coker wrote a good post about the SE Linux” and referring to my main blog URL is not very helpful to your readers as I have written many posts on that topic and plan to write many more (and there is a chance that some of my future posts on that topic may not meet your criteria of being “good”). Saying “here is a link to a good post by Russell Coker, his main blog URL is here” is more useful, it gives both the specific link (indicating which post you were referring to) and the general information (for people who aren’t able to find it themselves, for the case of deleted/renamed posts, and for Google). The ideal form would be “<a href=”http://etbe.coker.com.au/whatever”>here is a link to a good post by Russell Coker [ http://etbe.coker.com.au/whatever ]</A>, his main blog URL is <a href=”http://etbe.coker.com.au/”> [ http://etbe.coker.com.au ]</A>” (note that this is an example of HTML code as a guide for people who are writing their own HTML, people who use so-called WYSIWYG editors will need to do something different).
  5. Links that are likely to expire. As a rule of thumb if a link is not human readable then the chance of it remaining long-term is low. Companies with content management systems are notorious for breaking links.
  6. Referencing data that you can’t find. If you use data sourced from a web site and the site owner takes it down then you may be left with no evidence to support your assertions. If data is likely to be removed then you should keep a private copy off-line (online might be an infringement of copyright) for future reference. It won’t let you publish the original data but will at least let you discuss it with readers.
  7. Referencing non-public data. The Open Access movement [ http://en.wikipedia.org/wiki/Open_access ] aims to make scholarly material free for unrestricted access. If you cite papers that are not open access then you deny your readers the ability to verify your claims and also encourage the companies that deny access to research papers.
    An insidious problem is with web sites such as the New York Times [ www.nytimes.com ] which need a login and store cookies. As I have logged in to their site at some time in the past I get immediate access to all their articles. But if I reference them in a blog post many readers will be forced to register (some readers will object to this). With the NYT this isn’t such a problem as it’s free to register so anyone who is really interested can do so (with a fake name if they wish). But I still have to keep thinking about the readers for such sites.
    I should probably preview my blog posts from a different account without such cookies.
  8. Failing to provide calculations. My current procedure is to include the maths in my post, for example if you have a 32bit data type used to store a number of milliseconds then it can store 2^32/1000 seconds which is 2^32/1000/60/60/24 = 49.7 days, in this example you can determine with little guessing what each of the numbers represent. For more complex calculations an appendix could be used. A common feature of blogs is the ability to have a partial post sent to the RSS feed and the user has the ability to determine where the post gets cut. So you could cut the post before the calculations, the people who want to see them will find it’s only one click away, and the people who are happy to trust you will have a shorter post.
  9. Linking with little reason. Having a random word appear highlighted with an underline in a blog post is often not very helpful for a reader. It sometimes works for Wikipedia links where you expect that most readers will know what the word means but you want to link to a reference for the few who don’t (my link for the word Wikipedia is an example). In the case where most readers are expected to know what you are referring to then citing the link fully (with a description of the link and a human-readable form for an email client) is overkill and reduces the readability of the text.
    The blogging style of “see here and here for examples” does not work via email and does not explain why a reader should visit the sites. If you want to include random links in a post then having a section at the footer of related links would probably be best.
  10. Linking to a URL as received. Many bloggers paste URLs from Google, email, and RSS feeds into their blog posts. This is a bad idea because it might miss redirection to a different site. If a Google search or an email gives you a URL that is about to go away then it might redirect to a different site. In that case citing the new URL instead of the old one is a service to your readers and will decrease the number of dead-links in your blog over the long-term. Also using services such as www.feedburner.com may cause redirects that you want to avoid when citing a blog post, see my previous post about Feedburner [ http://etbe.coker.com.au/2007/08/20/feedburner-item-link-clicks/ ].

Here are some less common problems in citing posts:

  1. Inappropriately citing yourself. Obviously if there is a topic that you frequently blog about then there will be benefit to linking to old posts instead of covering all the background material, and as long as you don’t go overboard there should not be any problems (links to your own blog are assumed to have the same author so there is no need for a disclaimer). If you write authoritative content on a topic that is published elsewhere then you will probably want to blog about it (and your readers will be interested). But you must mention your involvement to avoid giving the impression that you are trying to mislead anyone. This is particularly important if you are part of a group that prepares a document, your name may not end up on the list of authors but you have a duty to your readers to declare this.
    Any document that you helped prepare can not be used by itself as a support of claims that you make in a blog post. You can certainly say “I have previously demonstrated how to solve this problem, see the following reference”. But links with comments such as “here is an example of why X is true” are generally interpreted to be partly to demonstrate the popular support for an idea.
  2. Citing secret data. The argument “if you knew what I know then you would agree with me” usually won’t be accepted well. There are of course various levels of secrecy that are appropriate. For example offering career advice without providing details of how much money you have earned (evidence of one aspect of career success) is acceptable as the readers understand the desire for some degree of financial secrecy (and of course in any game a coach doesn’t need to be a good player). Arguing the case for a war based on secret data (as many bloggers did) is not acceptable (IMHO), neither is arguing the case for the use of a technology without explaining the science or maths behind it.
  3. Not reading the context of a source. For example I was reading the blog of a well regarded expert in an area of computer science, and he linked to another blog to support one of his claims. I read the blog in question (more than just the post he cited) and found some content that could be considered to be racially offensive and much of the material that I read contained claims that were not adequately supported by facts or logic. I find it difficult to believe that the expert in question (for whom I have a great deal of respect) even casually inspected the site in question. In future I will pay less attention to his posts because of this. I expect a blogger to pay more attention to the quality of their links than I do as a reader of their blog.

While writing this post I realised that my own blogging can be improved in this regard. Many of my older posts don’t adequately cite references. If you believe that any of my future posts fail in this regard then please let me know.

Related posts:

  1. reviewing blog comments and links It seems that the swik.net site is mirroring all my...
  2. lemonup and blog license I have just updated my previous post about licenses and...
  3. Popular Posts I’ve just reviewed my web stats from last month. Here...
  4. Advogato and Hateful/Divisive Posts Firstly for the benefit of people who haven’t heard of...
  5. Feedburner Item Link Clicks For a while I used the Item Link Clicks feature...
8

Is SE Linux only for Linux?

|

I have just been asked for advice on whether SE Linux is Linux specific, and therefore whether code related to SE Linux should always be stored with other Linux specific code instead of being in the main branch of certain free software projects.

One example of SE Linux access controls being implemented on a different OS is the work to port SE Linux to Mac OS/X. Here is a paper on the topic presented at the SE Linux Symposium 2007, and the main site is at http://sedarwin.org. One thing I have been doing is trying to get some friends interested in doing similar work for GNU Hurd (there are some similarities between Darwin and HURD so the work done on Mac OS/X “Darwin” will help the HURD effort). I believe that The HURD has the potential to offer significant security benefits due to the micro-kernel design. One significant problem area in computer security is kernel security flaws, if the kernel can be split into a set of independent processes that run with minimal privileges then the scope of such problems is dramatically decreased – and the possibility of upgrading parts of a kernel on a live machine is provided. As people such as Linus point out there is a performance overhead to micro-kernels, but most machines are idle most of the time anyway. I believe that reliability and security are more important than getting the last 10% of system performance for most machines. The success of Xen is evidence that features other than maximum performance are desired.

Another example of SE Linux access controls on a non-Linux platform is the MAC framework in the TrustedBSD project. This implements SE Linux access controls on top of FreeBSD. From reading the documentation it seems that the amount of changes required to the SE Linux code base for implementation on TrustedBSD was significantly smaller than the changes required for Darwin.

Sun is also apparently considering adding type-enforcement to Solaris. It’s yet to be seen whether this happens and if so whether it is compatible with SE Linux.

So it seems that a significant portion of the SE Linux code base is portable, and in particular the user-space code should port well. The interfaces for and methods labelling files etc should port well between platforms. Therefore I recommend not having SE Linux code split into Linux specific trees and instead having a compile option to enable SE Linux support.

Related posts:

  1. When to Use SE Linux Recently someone asked on IRC whether they should use SE...
  2. SE Linux vs chroot A question that is often asked is whether to use...
  3. SE Linux in Debian I have now got a Debian Xen domU running the...
  4. SE Linux on Debian in 5 minutes Following from my 5 minute OSDC talk yesterday on 5...
  5. SE Linux on /. The book SE Linux by Example has been reviewed on...
82

Hydrogen Powered Cars Will Never Work

|

One of the most important issues for a commodity fuel for vehicles is that it be convenient and safe to transport. For quite a while LP Gas has been available as a cheaper car fuel. Even with increasing petrol prices it’s acceptance is well below 100% due to extra expense in storing the fuel (high pressure and more insulation are required), the more expensive technology in the engine to heat the fuel before injecting it into the engine, and the extreme difficulty in creating something as convenient as a Jerry Can for transporting LPG.

LPG is mostly comprised of Propane and Butane. Propane has the lower boiling point of -42.09C. Hydrogen however has a boiling point of -252.87C and therefore is much more difficult to store and transport.

The next problem with hydrogen as a fuel is that it has a very low density. The energy density per volume of liquid hydrogen is 10.1MJ/L while the energy density of petrol/gasoline is 34.6MJ/L. Not only is liquid hydrogen difficult to transport but the vessels you transport it in need to be 3.4 times the size! Having a 3.4x larger fuel tank in a car may not be a huge obstacle, but then there is the issue of trucks used to transport it to fuel stations which are already at maximum size so the truck fleet will need to be 3.4x larger with more people driving them etc.

Once these problems are solved there are a variety of safety issues. Hydrogen burns with an almost invisible flame, sustains a fire when at a concentration of between 4% and 75% of the air and ignites at a low temperature. For an explosion you need a concentration of between 18.3% and 59%. I won’t risk promoting foolish behaviour by describing details, but when younger I have performed experiments with ethanol and witnessed experiments with petrol that demonstrate that they are both far less dangerous. Page 22 of this document by the US Bureau of Transportation and Statistics gives more information about the fire risks posed by hydrogen fuel. Page 35 of the same document describes fuel cells as being 45% efficient and an internal combustion engine for methane gas as being 30% efficient thus giving overall efficiencies of 33% and 29.5% respectively. Of course using an Atkinson Cycle engine will give a significant efficiency benefit over an Otto Cycle engine and outweigh this. Also it should be noted that fuel cells tend to require expensive materials such as Platinum in their manufacture.

Hydrogen is promoted by clean-coal advocates (not that any form of coal power is clean) and the nuclear industry (electrolysis is one way of using a huge amount of electricity). But there are many better options for powering cars that are available right now at minimal cost, these include bio-Diesel, ethanol, and plug-in hybrid or electric vehicles.

Related posts:

  1. clean energy There are many people claiming that nuclear power will solve...
  2. worse than fossil fuel? I just read an interesting blog post from December 2005...
  3. costs of driving to work Mark Greenaway expresses surprise that someone could spend $8000 per...
  4. more on clean energy One new technology for saving fuel in cars is the...
  5. IEA predicts global oil crisis The ABC reports that an oil shortage is predicted soon....
7

LED Headlights in Audi Sports Car

|

It’s interesting to see that Audi is releasing a car with LEDs for all lights including the headlights. This is being promoted as an environmental benefit, however a quick google search revealed that my Volkswagen Passat apparently takes 55W headlights (giving a total of 110W of electricity used). Even allowing for some inefficiency in the alternator this would make a very small impact on the fuel use of a engine rated at 140KW. The Audi in question is the R8 (wikipedia link because the Audi web site is badly broken) and has a 300KW engine…

A simple implementation of LED headlights will do some good for plug-in hybrid cars and all-electric vehicles where saving power is more important – when the technology filters down to cheaper vehicles. Also one possible use for the technology is to dim the headlights by turning off some of the LEDs in the bank (according to the LED Wikipedia page it is currently impossible to create a single LED that takes more than 1W of power, so a bank of LEDs would be used). Currently you have a choice of using “parking lights” or “head-lights” when driving, and when driving just before sun-set or at night in the city (where the street lights are bright) you need head-lights to allow other drivers to clearly see you but don’t need them as bright as they have to be when driving at night in the country. So a range of levels of luminosity could be effectively used in headlights to increase efficiency in some situations and increase light levels in others.

According to the Luminous efficiency Wikipedia page current LEDs are up to three times as efficient as quartz halogen incandescent globes and future developments are likely to increase that to six times the efficiency. Combine that with more effective use of headlights to provide the light at the location and level that’s needed and the result could be using at little as 10% of the electricity for headlights on average!

Another thing that I would like to see is the Adaptive Headlights feature of the better BMWs (which I referenced in a previous post about the BM 5 and 7 series) implemented in a cheaper and more reliable manner. The feature in question is that the headlights will turn when driving around a corner to show the road ahead instead of just shining off the edge of the corner. Implementing such a feature with incandescent lights is difficult because they have to be physically turned and moving parts tend to break (which increases maintenance costs and decreases the overall reliability of the vehicle). An obvious alternate design is to have a set of LEDs pointing in different directions and which LEDs get power would determine where the light goes (this would also react faster than physically moving a light). Once LED headlights become common the Adaptive Headlights feature could be implemented in the cheapest cars on the road with minimal extra cost – currently it’s a feature that would be expensive to implement and would increase the sale price of a small car and probably the service price too.

Related posts:

  1. power saving Adrian von Bidder made an interesting post in response to...
  2. Prius vs small non-hybrid car In response to my comment and post about the cost...
  3. fluorescent lights and why it’s worth saving resources A common criticism of fluorescent lights is the inability to...
  4. Mercedes S class and car safety The S Class Mercedes has some really interesting safety features,...
  5. features of BMW 5 and 7 series I was reading the brochure about the BMW 530i Touring...
8

Ethernet Bonding and a Xen Bridge

|

After getting Ethernet Bonding working (see my previous post) I tried to get it going with a bridge for Xen.

I used the following in /etc/network/interfaces to configure the bond0 device and to make the Xen bridge device xenbr0 use the bond device:

iface bond0 inet manual
pre-up modprobe bond0
pre-up ifconfig bond0 up
hwaddress ether 00:02:55:E1:36:32
slaves eth0 eth1

auto xenbr0
iface xenbr0 inet static
pre-up ifup bond0
address 10.0.0.199
netmask 255.255.255.0
gateway 10.0.0.1
bridge_ports bond0

But things didn’t work well. A plain bond device worked correctly in all my tests, but when I had a bridge running over it I had problems every time I tried pulling cables. My test for a bond is to boot the machine with a cable in eth0, then when it’s running switch the cable to eth1. This means there is a few seconds of no connectivity and then the other port becomes connected. In an ideal situation at least one port would work at all times – but redundancy features such as bonding are not for an ideal situation! When doing the cable switching test I found that the bond device would often get into a state where it every two seconds (the configured ARP ping time for the bond) it would change it’s mind about the link status and have the link down half the time (according to the logs – according to ping results it was down all the time). This made the network unusable.

Now I have deided that Xen is more important than bonding so I’ll deploy the machine without bonding.

One thing I am considering for next time I try this is to use bridging instead of bonding. The bridge layer will handle multiple Ethernet devices, and if they are both connected to the same switch then the Spanning Tree Protocol (STP) is designed to work in this way and should handle it. So instead of having a bond of eth0 and eth1 and running a bridge over that I would just bridge eth0, eth1, and the Xen interfaces.

Related posts:

  1. Ethernet Bonding on Debian Etch I have previously blogged about Ethernet bonding on Red Hat...
  2. Ethernet bonding Bonding is one of the terms used to describe multiple...
  3. multiple ethernet devices in Xen It seems that no-one has documented what needs to be...
  4. Xen and Bridging In a default configuration of Xen there will be a...
  5. Xen and eth device renaming Recently I rebooted one of my Debian Xen servers and...
15

Ethernet Bonding on Debian Etch

|

I have previously blogged about Ethernet bonding on Red Hat Enterprise Linux. Now I have a need to do the same thing on Debian Etch – to have multiple Ethernet links for redundancy so that if one breaks the system keeps working.

The first thing to do on Debian is to install the package ifenslave-2.6 which provides the utility to manage the bond device. Then create the file /etc/modprobe.d/aliases-bond with the following contents for a network that has 10.0.0.1 as either a reliable host or important router. Note that this will use ARP to ping the router every 2000ms, you could use a lower value for a faster failover or a higher value
alias bond0 bonding
options bond0 mode=1 arp_interval=2000 arp_ip_target=10.0.0.1

If you want to monitor link status then you can use the following options line instead, however I couldn’t test this because the MII link monitoring doesn’t seem to work correctly on my hardware (there are many Ethernet devices that don’t work well in this regard):
options bond0 mode=0 miimon=100

Then edit the file /etc/network/interfaces and inset something like the following (as a replacement for the configuration of eth0 that you might currently be using). Note that XX:XX:XX:XX:XX:XX must be replaced by the hardware address of one of the interfaces that are being bonded or by a locally administered address (see this Wikipedia page for details). If you don’t specify the Ethernet address then it will default to the address of the first interface that is enslaved. This might not sound like a problem, however if the machine boots and a hardware failure is experienced which makes the primary Ethernet device not visible to the OS (IE the PCI card is dead but not killing the machine) then the hardware address of the bond would change, this might cause problems with other parts of your network infrastructure.
auto bond0
iface bond0 inet static
pre-up modprobe bond0
hwaddress ether XX:XX:XX:XX:XX:XX
address 10.0.0.199
netmask 255.255.255.0
gateway 10.0.0.1
up ifenslave bond0 eth0 eth1
down ifenslave -d bond0 eth0 eth1

There is some special support for bonding in the Debian ifup and ifdown utilities. The following will give the same result as the above in /etc/network/interfaces:
auto bond0
iface bond0 inet static
pre-up modprobe bond0
hwaddress ether 00:02:55:E1:36:32
address 10.0.0.199
netmask 255.255.255.0
gateway 10.0.0.1
slaves eth0 eth1

The special file /proc/net/bonding/bond0 can be used to view the current configuration of the bond0 device.

In theory it should be possible to use bonding on a workstation with DHCP, but in my brief attempts I have not got it working – any comments from people who have this working would be appreciated. The first pre-requisite of doing so is to use either MII monitoring or broadcast (mode 3), I experimented with using options bond0 mode=3 in /etc/modprobe.d/aliases-bond but found that it took too long to get the bond working and dhclient timed out.

Thanks for the howtoforge.com article and the linuxhorizon.ro article that helped me discover some aspects of this.

Update: Thanks to Guus Sliepen on the debian-devel mailing list for giving an example of the slaves directive as part of an example of bridging and bonding in response to this question.

Related posts:

  1. Ethernet bonding Bonding is one of the terms used to describe multiple...
  2. multiple ethernet devices in Xen It seems that no-one has documented what needs to be...
  3. installing Xen domU on Debian Etch I have just been installing a Xen domU on Debian...
  4. Xen and Bridging In a default configuration of Xen there will be a...
  5. installing Debian Etch A few days ago I installed Debian/Etch on my Thinkpad....