![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
A musical weekend and stupid sysadmins
Apr. 30th, 2007 06:58 pmMm, what a weekend. We had another weekend of working out the details of some music for our CD project. Most of the songs are going to debut at a concert we're preparing for right now, so we're meeting every third or fourth weekend in the next few months.
It was totally exhausting but so refreshing. I spent most of today humming the new tunes.
Except for this morning. One of the "sysadmins" of the ever wonderful service provider that runs our company network has managed to bring down our database server for the hr and crm tools we wrote in house. Why am I concerned by it? Well, I ported them to an oracle backend.
Today I had to endure a long argument of "you said oracle was going to be more stable than the old access backend, and now the server has been down after only three months".
Note to self:
- oracle will not be so stable if you install it properly, having security in mind, that is as one non-root user, and run it as another non-root and even less privileged user. It will crash with the accompanying kernel panic "killed: out of memory error"
...
BUT OF COURSE ONLY IF
- Mr. stupid sysadmin logs in as root
- ... but not via ssh (the only other open port on that machine for very important security reasons) but via some remote console system
- ... using X windows
- ... changing your runlevel to 5 to be able to do that, starting all kinds of services that you do not want running on that machine for said security reasons
- ... running *&#@^*&# GNOME as root.
- ... stays logged in for a week
- ... which leads gnome's "gnome-power-manager" (some graphical frontend for hibernate and suspend to disk, which you really can't live without on a database server!!!)
- ... to grow to 2.8 GB in size (2 instances running?)
- ... thereby using up all memory on the server.
and because that is running as root, and oracle is not, the linux kernel very correctly kills that totally unimportant non-root process called "oracle" to free memory.
And, guess what, the sysadmins say it is standard procedure to log in via X-Windows to hosted machines. And "what's wrong with logging in as root".
Anyone have any nice reference to prove to them that no, this is NOT fine? Unfortunately my bosses aren't unix sysadmin gurus, and while they believe me just fine, they will need something written to slap the sysadmins boss around the ears with next time they meet with him...
Grrrr!
It was totally exhausting but so refreshing. I spent most of today humming the new tunes.
Except for this morning. One of the "sysadmins" of the ever wonderful service provider that runs our company network has managed to bring down our database server for the hr and crm tools we wrote in house. Why am I concerned by it? Well, I ported them to an oracle backend.
Today I had to endure a long argument of "you said oracle was going to be more stable than the old access backend, and now the server has been down after only three months".
Note to self:
- oracle will not be so stable if you install it properly, having security in mind, that is as one non-root user, and run it as another non-root and even less privileged user. It will crash with the accompanying kernel panic "killed: out of memory error"
...
BUT OF COURSE ONLY IF
- Mr. stupid sysadmin logs in as root
- ... but not via ssh (the only other open port on that machine for very important security reasons) but via some remote console system
- ... using X windows
- ... changing your runlevel to 5 to be able to do that, starting all kinds of services that you do not want running on that machine for said security reasons
- ... running *&#@^*&# GNOME as root.
- ... stays logged in for a week
- ... which leads gnome's "gnome-power-manager" (some graphical frontend for hibernate and suspend to disk, which you really can't live without on a database server!!!)
- ... to grow to 2.8 GB in size (2 instances running?)
- ... thereby using up all memory on the server.
and because that is running as root, and oracle is not, the linux kernel very correctly kills that totally unimportant non-root process called "oracle" to free memory.
And, guess what, the sysadmins say it is standard procedure to log in via X-Windows to hosted machines. And "what's wrong with logging in as root".
Anyone have any nice reference to prove to them that no, this is NOT fine? Unfortunately my bosses aren't unix sysadmin gurus, and while they believe me just fine, they will need something written to slap the sysadmins boss around the ears with next time they meet with him...
Grrrr!
