Issue #17 March 2006

Tips & tricks

Red Hat's customer service team receives technical support questions from users all over the world. As they are received, Red Hat technicians add the questions and answers to the Red Hat Knowledgebase on a daily basis. Every month, Red Hat Magazine offers a preview into the Red Hat Knowledgebase by highlighting some of the most recent entries.

Tips from RHCEs


Python developers: You probably know that the python interpreter can be run in interactive mode, allowing you to quickly try out an approach or prototype a script. Fedora includes an even more powerful version of this tool from an unlikely source. The wxPython-common-gtk2-unicode package provides files related to the wxWindows widget set and, more-or-less unrelated to the rest of the package's contents, a tool called pyshell.

Pyshell performs the same basic function as the interactive-mode python interpreter, but with a lot of great bells and whistles. Try importing a module, such as "os" and then referencing an element of the module:

>>> import os
>>> os.

When "." is typed, up pops a list of every property and method within the "os" module. You can use the mouse or arrow keys (plus tab-completion) to select what you want. If you select a method, begining the argument list with "(" pops up a list of the method's accepted arguments and its pydoc string, where applicable. The best part is that, since pyshell reads the pydoc information for each module as it is loaded, this works for any module, including those you've written yourself.

Moving around within pyshell can take some getting used to. The up arrow moves you up line by line instead of moving through the interpreter's history like it does in the basic interpreter. Ctrl+Up moves through the history. However, the history is in blocks, not lines. So, for example, if you'd defined a class earlier on and then pressed Ctrl+Up, when you reached the class in your history, its whole defnition would come up. You could then use the arrow keys to move around the definition, making changes. Ctrl+Enter even allows you to insert new lines into the definition. When you're done, press Enter and the class is re-defined according to your revised code.

pyshell makes it even easier than before to write and test small applications on-the-fly. Once you've got the hang of it, try out the even fancier alternative, pycrust, which integrates a number of tools for browsing structures within the interpreter's memory, viewing output, etc into pyshell. Want more? Try pyalamode, which has all the features of pycrust, plus an integrated version of the pyalacarte text editor, for all your cut-and-pasting needs (cutting and pasting into any other editor works fine too).

How do I set my SSH server to accept only protocol 2 connections?

Release Found: Red Hat Enterprise Linux 3 and 4 as well as the updated version of Red Hat Enterprise Linux 2.1

The ssh daemon in Red Hat Enterprise Linux uses the configuration file /etc/ssh/sshd_config. The daemon is set by default to accept both SSH protocol versions 2 and 1, and has an entry in the configuration file:

# Protocol 2,1

To force the SSH daemon to accept only protocol version 2, change the line to:

Protocol 2

Then restart the server with the command:

service sshd restart

How do I create an LDIF file containing LDAP backed NIS Netgroup information?

NIS Netgroup is useful in controlling login and service level authentication. By configuring LDAP to use NIS Netgroups its possible to selectively allow ldap users to have access to certain systems.

The NIS netgroup ldif needs the objectClass type nisNetgroup. Listed below is an example LDIF file:

dn: cn=trustedusers,ou=Netgroup,dc=ldap,dc=company,dc=org
objectClass: nisNetgroup
objectClass: top
cn: trustedusers
nisNetgroupTriple: (,bryce,)
nisNetgroupTriple: (,mikel,)
nisNetgroupTriple: (,misyel,)
description: Trusted users

The nisNetgroupTriple is used to describe the user, system name and domain names in that order. The configuration above is similar to the the "triples" in a netgroup NIS map.

trustedusers (,bryce,) (,mikel,) (,misyel,)

Once the netgroup LDIF is created, proceed in uploading it to the LDAP database:

ldapadd -x -D "cn=Manager,dc=ldap,dc=company,dc=org" -W -f /tmp/trustedusers.ldif

Execute the sample command below to verify that the netgroup user is uploaded in the LDAP database:

ldapsearch -LL -H ldap:// -b "dc=ldap,dc=company,dc=org" -x "(cn=trustedusers)"

Note: Substitute the correct basedn and FQDN to the commands listed above.

Do I need to reboot the machine after increasing the maximum number of open files at /etc/security/limits.conf?

To increase the maximum number of open files add the following line in file /etc/security/limits.conf while logged in as root. If this line already exists then modify the number to the desired value.

* - nofile 2048

In the above example the limit has been set to 2048. Save the file.

Log out and log back in to the account to allow this change to take effect. No reboot is necessary.

Verify this with the following command:

ulimit -n


ulimit -a

Look for line:

open files                      (-n) 2048

Why does the installation process sometimes hang part way though installing packages on an iSeries Legacy systems where the LPAR is configured to use partial processors?

Release Found: Red Hat Enterprise Linux 4

During installation via the network (NFS or HTTP for example), an IBM iSeries Legacy system configured to use partial processors and using a pcnet32 adapter may hang during package installation.

Both Red Hat and IBM are working on finding the cause and resolving this issue in a future update. Please use one of the following workarounds:

Configure the iSeries LPAR to use at least 1 entire processor for installation, then change back to a partial processor configuration once the installation is complete.

Do the installation via kickstart and specify the kernel command line option of eth0_ethtool="-G rx 256 tx 256"like so:

boot: linux eth0_ethtool="-G rx 256 tx 256

Once the installation is complete, edit the file /etc/sysconfig/network-scripts/ifcfg-[ifname] and add the line:

ETHTOOL_OPTS="-G rx 256 tx 256

What is the maximum size and number of swap space or partitions on Red Hat Enterprise Linux?

Until Red Hat Enterprise Linux 2.1 there was a limitation on the partition size of 2GB for each swap space. This was due to the mkswap command not supporting creation of a swap partition larger than 2GB. If the system requires more than 2GB of swap space, work around this limitation by creating multiple swap partitions.

In Red Hat Enterprise Linux 3 and above, the mkswap command allows the creation of a swap partition of a larger size than 2GB.

To summarize:

Red Hat Enterprise Linux 2.1 supports upto 32 swap partitions, each can be a maximum size of 2GB. Maximum total swap size is 64GB.

Red Hat Enterprise Linux 3 and higher supports larger swap partitions, each can be of maximum size set by the file size limit and the block device limit for swap partitions on that platform. Red Hat Enterprise Linux 3 has a 1TB limitation as maximum size of block devices, so it's 1TB.

While larger swap partitions are permitted, one large swap partition could affect system performance. For better performance it is recommended to split swap space to multiple discs. Separating swap partitions to different disk could reduce the load on a single disk.

Red Hat is working to update this information in the installation guide.

The information provided in this article is for your information only. The origin of this information may be internal or external to Red Hat. While Red Hat attempts to verify the validity of this information before it is posted, Red Hat makes no express or implied claims to its validity.

This article is protected by the Open Publication License, V1.0 or later. Copyright © 2004 by Red Hat, Inc.