Test test

Test test

Tux gets a turn

Well last week I gave BSD's beatie the spot light on my blog. So here is Tux in spotlight, the cake was made by a good friend of mine of mine in the UK.

	Solaris Zones	FreeBSD Jails	Linux/BSD chroot	User Mode Linux	VMware	Why is the question important
Independent File system	Yes if needed	Yes	Yes	Yes	Yes	Uses more Space, but provides more flexibility
Shared read-only immutable Filed System	Yes	Yes, requires complex scripts, or mounting via NFS.	Needs complex Scripts, or NFS needed	Yes, May not notice changes on the underlying file system when changed by the host	Yes	Saves space and is more secure easier to maintain
Can access raw devices	No, requires permission from the host	No	Yes	File systems yes hardware no drivers are in the work but is raw hardware access a good thing.	Yes	Security Problem, but can be a requirement of the task
Access Network resources	Yes	Yes	Yes	Yes	Yes	Required in most tasks
Can create or change Network Devices	No	No	Yes	No hardware devices internally. Virtual devices, devices are more limited.	Yes	Security Risk
Can access hardware devices with out permission	No	No	Yes	No	No	Security Risk
Single Point of Maintenance (kernel and software changes)	Yes	No	No	No	No	Makes Maintaining a breeze
Can send signals and kill processes outside of the zone/jail you are in.	No	No	No	No	No	Security Risk
Run’s a separate kernel	No	No	No	Yes	Yes	Allows for flexibility more secure.
Can monitor Processes and IO using standard tools	Yes	Yes	Yes	Limited with use of Uml_mconsole, tools are lacking to automate this	No
Light weight uses less than 1% CPU overhead	Yes	Yes	Yes	No	No
Can be a NFS server	No	Maybe, requires extra configuration	Yes	Yes	Yes
Host can examine data inside the zone/choot/or UML instance without special tools	Yes	Yes	Yes	No	No
Resource Control outside of the Secure Area	Yes	No	No		Limited	Keep a run away or rogue process from stealing all resources
Simple control interface	Yes	Startup yes, shut down no	No	Yes	Yes	Easy Administration
Configuration Application for simple setup and modification	Yes	No	No	No	Yes, user must still configure host OS.	Easy Administration

My second dtrace script

Okay it was going to be my first but, it turned out more complicated than I ever imagined, but with the help of a couple friends on the Solaris kernel team, and a peek at the source I figured out how to do it, hint don’t start with networking stuff in dtrace if you have never done any socket programming.

This program is like top but monitors sockets, and displays them based on Bytes transferred per PID, and also shows direction and UID that the application is running the sample output is showing the activity from a pair of ssh logins plus 7 copies of wget running grabbing 7 different files from my web/fileserver box, it’s the last second then I hit ctrl-c, to show grand totals. The script is called sock_top.d click the link to download a copy if you have any comments please feel free to leave them, it makes me feel better knowing that someone reads this.

Sample output: ( it looks better on screen )

walltime : 2017 Jan 22 08:36:56
Stats for the active last Second
UID PID diretion Bytes
1000 7723 rcv'd 260
1000 6168 rcv'd 312
1000 7723 sent 660
1000 6168 sent 780
1000 8011 rcv'd 4380
1000 8001 rcv'd 7300
1000 8009 rcv'd 8760
1000 8003 rcv'd 11680
Totals for this second
Data Rcv'd ==23620 Data Sent == 1124 TOTAL 24744
TOTALS
Data Rcv'd == 335672 Data Sent ==33620 Total TRANSFERRED == 369292

Grand Totals
UID PID diretion Bytes
1000 8013 sent 120
1000 8003 sent 120
1000 8005 sent 120
1000 8011 sent 120
1000 8009 sent 120
1000 8001 sent 120
1000 8007 sent 120
1000 6168 rcv'd 3848
1000 7723 rcv'd 4888
1000 7723 sent 11436
1000 8005 rcv'd 17520
1000 8003 rcv'd 20440
1000 6168 sent 21396
1000 8013 rcv'd 21900
1000 8009 rcv'd 23360
1000 8001 rcv'd 64240
1000 8007 rcv'd 67160
1000 8011 rcv'd 112420
TOTALS
Data Rcv'd == 335672 Data Sent ==33620 Total TRANSFERRED == 369292

Special thanks to John Levon and Keith M Wesolowski of the Kernel team.

Adam Leventhal	James Dickens
Al Hopper	Jeff Bonwick
Alan Burlison	Jim Grisanzio
Alan Coopersmith	John Beck
Alan DuBoff	John Gardner
Alan Hargreaves	John Clingan
Alexander Kolbasov	John Weekley
Andrei Dorofeev	Jörg Schilling
Andy Tucker	Keith Wesolowski
Bart Smaalders	Liane Praza
Ben Rockwood	Matthew Ahrens
Bill Bradford	Max Bruning
Bill Sommerfeld	Michael Walker
Bryan Cantrill	Peter Tribble
Casper Dik	Pieter Van den Abeele
Claire Giordano	Raquel Velasco and Bill Buck
Cyril Plisko	Rich Teer
Dan Price	Rod Evans
David Comay	Robert Lunnon
Dennis Clarke	Robert Milkowski
Eric Boutilier	Shanon Loveridge
Eric Schrock	Stephen Hahn
Gary Pennington	Stephen Guidon
Glenn Weinberg	Steve Christensen

test this is just a test

this is a test


test is a this