2008-06-20 Fri

11:39 Summit link round-up: Day 3 (2861 Bytes) » Red Hat Magazine

In the news:

Red Hat in Boston, Part 2.1: Fixing Patent Failure Without A Bulldozer (Serdar Yegulalp for Information Week)
Red Hat, Amazon Team Up in the Cloud (Dan Berthiaume for eWeek)
A new virtualizer for Red Hat (Gordon Haff for CNet News.com)
Red Hat debuts new hypervisor, open-sources Linux management platform (Jon Brodkin for Network World)
Red Hat chief: We are hard to do business with (Andrew Donoghue for ZDNet.co.uk
Red Hat to embrace virtualisation (Egan Orion for The Inquirer)
Red Hat Summit: Single sign-on via IPA server (from heise online)

Other voices:

Paul Frields (Fedora Project Leader): Saturday Morning Fever (FUDCon info)
Jeremy Katz (Red Hat engineer): Jim Whitehurst at FUDcon (including a summary of his Q&A)
Jesse Keating (Red Hat): FUDcon

10:04 My Blog is 1 year old! 8-) (1 Bytes) » Tanel Poder's blog: Core IT for geeks and pros

09:46 Another use case for WaitProf - diagnosing “events in waitclass Other” (1 Bytes) » Tanel Poder's blog: Core IT for geeks and pros

09:33 Log Buffer #102: a Carnival of the Vanities for DBAs (10451 Bytes) » Pythian Group Blog » Log Buffer

Welcome to the 102^nd edition of Log Buffer, the weekly review of database blogs.

Since it was DB2’s 25^th birthday this week, as Anant Jhingran reports, let’s start with it.

From ZDNet this week came a story that IBM was considering the open-sourcing of DB2 — big news, naturally, whether true or not. Matthew Aslett of 451 CAOS Theory says, Open source DB2? I don’t think so, suggesting that it was merely theorizing on the part of one IBM executive, and hype on the part of ZDNet. “Then of course,” Matthew continues, “there is the issue of why IBM would open source DB2. Where is the business driver? Despite solid competition from Oracle and Microsoft, the company is doing pretty well with DB2 as it stands, thanks very much, and open source databases have had minimal impact on the established vendors.”

Matt Asay of The Open Road likewise comes down on the uh-uh side of this. “It was . . . no surprise to see IBM quickly follow up ZDNet’s article with a blunt statement: ‘IBM has no plans to open source DB2.’ Of course it doesn’t. . . . The day that it needs DB2 to undermine Oracle’s database, however, we may see IBM making a similarly bald statement…in the other direction.”

On An Expert’s Guide to DB2 Technology, Chris Eaton offers some news on DB2 videos, including ChannelDB2’s video tutorials, IDUG’s video competition, and a funny video from IBM on the making of a “viral” industrial video. Such as itself.

On to MySQL now. Keith Murphy made his debut on the Pythian blog this week, with a link to some video tutelage of his own — his presentation to the Boston MySQL Users Group on backups. Jay Pipes also offers the slides for his address on Join-Fu: The Art of SQL (I and II). (I rarely cover presentation materials when I do Log Buffer, but these ones of Jay’s looks fantastic.)

Mark Schoonover reports that Keith’s and his 2008 MySQL Magazine survey is officially closed, adding, “Now the fun begins compiling all the data and pretty charts made. We’ve had 432 responses!”

Baron Schwartz of xaprb describes how to write a lazy UNION in MySQL. No, it doesn’t deal with posting a complaint about undefended job benefits. Baron explains: “Something occurred to me a couple of weeks ago: why not write a UNION that stops executing as soon as one part of it finds a row? Then you can UNION to your heart’s content and not incur the overhead of that second lookup unless you need it. For lack of a better term, I’m calling this a lazy UNION.”

(more…)

These icons link to social bookmarking sites where readers can share and discover new web pages.

08:52 当众演讲时紧张怎么办？ (5098 Bytes) » 存储部落

偶尔看到这篇文章，感觉对自己对单位里的同事都很有作用，就转载过来让大家共勉。

对于在公众场合演讲，我想大部分人都会面临一个最大的问题，那就是紧张。一旦紧张，就会导致不自信，很多问题就会出现，心跳加速，呼吸沉重，结巴，忘词，语速过快等等。对于如何克服紧张我也经过了一个过程，最早的时候每当当众发言就会紧张，刚才提到的演讲中的问题都会出现，但现在不管是在公司内部会议上，客户报告讲演，还是给别人提供培训，我已经能做不错的演讲了。

我是如何克服紧张的呢？实际上即使是最好的演讲者都会紧张的，问题是你如何控制紧张。如果你不能控制你的紧张，那糟糕的演讲不可避免，颤抖的声音甚至会让你的听众都觉得非常费劲。如果控制得好，紧张可以让你更加集中注意力，思维更清晰，眼见更流利。所以，记住了，面对紧张不要害怕，因为每个人都会紧张，关键是你如何控制它。以下是我控制紧张的小窍门：

不停的告诉自己，你准备的很好，一切尽在掌握中，完全不必要紧张
上台前深呼吸
上台前紧握自己的拳头然后松开，这样重复几次可以转移你的注意力

另外，从我自己的经验来说，要做一个好的演讲，还要注意以下几点：

注意仪表着装，好的仪表给你自信，如果现场灯光较暗，最好选择亮色衣服，这样可以吸引听众注意力
用眼光和你的听众交流
语速要适中，不能过慢，也不能过快，过快和过慢都是不自信的表现
正面面对你的听众，不要侧身或者背身
加一些手势或身体语言能让你的演讲更有感染力

记住，只要你准备充分，完全可以做一次出色的演讲，你所要做的就是要控制你的紧张，记住是控制而非消除。

转载地址：http://www.ideatalks.cn

08:01 ORA-600(2662)错误的重现和解决（二） (699 Bytes) » yangtingkun

前两天同事在测试DATA GUARD的时候将主库的ONLINE日志意外覆盖，造成数据库无法打开，采用隐含参数的方法打开又碰到ORA-600错误，最后采用设置EVENTS的方式解决。由于是在别人的机器上操作，而且很多操作都是摸索进行，因此没有将操作记录下来。现在打算重现一下问题并简单记录解决过程。上篇已经描述了问题的产生步骤，下面描述解决这个问题的方法。ORA-600(2662)错误的重现和解决（一）：http://yangtingkun.itpub.net/post/468/464682产生问题的根源在于启动STANDBY数据库的时候，覆盖了PRIMARY数据库的在线LOGFILE。尝试恢复数据库：S...

07:56 Movable Type Security Update (6494 Bytes) » Fenng's shared items in Google Reader

Today we are releasing Movable Type 4.01b and Movable Type 4.12. These are free mandatory security updates for all Movable Type 4.x users. These updates resolve a vulnerability which has not been exploited, but was reported to us by a third party on June 15 16 (correction). We have addressed the issue with these updates, and are providing new, fully-tested versions for all affected versions of Movable Type in all supported configurations. A detailed description of the vulnerability can be found below, but in short a cross-site scripting (XSS) vulnerability has been found in Movable Type's built-in search feature, which could be exploited by malicious parties to execute javascript without permission. We have no record of a user having been affected by this vulnerability, and there are no known public exploits. The release candidates of Movable Type 4.2, currently in testing, Movable Type 3.36 and Movable Type Enterprise 1.5 are all unaffected by this issue. Here's the Update Advisor, which summarizes the issues found and provides a guide for updating your installation of Movable Type.

Movable Type Update Advisor: Version 4.01b and 4.12:

Release Type: Security Release. The potential vulnerability has not yet been exploited in the wild.
Mandatory? This is a mandatory update for all users of Movable Type 4.0 and later.
Performance Implications: None.
Plugins Affected: None.
Templates Affected: No changes in your templates are required.
System Requirements: This release has no new or additional system requirements.
Licensing considerations: None. MT 4.01b and MT 4.12 are free updates for users of any version of MT 4.
Upgrade Fatigue: No planned updates are scheduled until the release of MT4.2, which is currently in the final stages of release. There will be no further releases before MT 4.2 unless significant security issues are found which require additional 4.x releases. It has been 152 days since the last recommended update to MT4.

Downloads are available in your account for current customers or through the download page.
Downloads are available through the channel where you received Movable Type: Paying users can find the update by logging in to your Movable Type account, and users of Movable Type Open Source or the free personal license can get the update from the download page. In addition to the updates to Movable Type 4.01b and 4.12 for MT4 users, we have issued updates to the Movable Type Community Solution and Enterprise Solution. If you are on one of these platforms, you should have already been contacted by your account representative about these updates.

A Commitment to Security

We take Movable Type's security very seriously, especially as we know many of you choose Movable Type for its security track record. In addition to issuing fixes to affected versions of Movable Type, we have also amended our development and testing processes internally to help better detect these types of vulnerabilities in the future. As InformationWeek just noted, Movable Type has "a fraction of the security incidents of its peers". That means we take this update, and all security concerns extremely seriously out of commitment to you as a Movable Type user, out of our desire to uphold our reputation, and out of responsibility to the entire web to try to ensure technology platforms are as secure as possible.

Detailed Description

When conducting a tag search in Movable Type, the application is not properly escaping the optional IncludeBlogs query string parameter. As a result, one could construct an exploit whereby a user could click on a link that conducts a tag search and unbeknownst to them also execute malicious javascript code embedded by the third party. Malicious javascript code could be used to transmit sensitive information about the user's active session.

Versions Affected

Only the following versions of Movable Type are affected by this issue.

Movable Type 4.0, 4.01, 4.01a (Personal and Commercial)
Movable Type 4.1 (Open Source, Personal and Commercial)
Movable Type Community Solution 1.0, 1.0a
Movable Type Community Solution 1.5
Movable Type Enterprise Solution 1.0

All other versions of Movable Type, including the 4.2 release candidates, are not affected by this issue.

Applying the Fix

Users of Movable Type 4.0, 4.01 and 4.01a can install the updated Movable Type 4.01b, or they can replace the file lib/MT/App/Search.pm file found in their distribution with an updated version.
Users of Movable Type 4.1 and 4.1a can install the updated Movable Type 4.12, or they can replace the lib/MT/App/Search.pm file found in their distribution with an updated version.

Learn more about Upgrading Movable Type 4 in the MT documentation. As always, thank you so much for choosing Movable Type and we sincerely apologize for the inconvenience of having to upgrade your software, and are committed to making such updates as infrequent as possible.

07:24 Now open: Red Hat Network Satellite 5.1.0 (6381 Bytes) » Red Hat Magazine

With this announcement at the Summit, Red Hat® Network® enters a new, more open era. We caught up with Mike McCune from the RHN team, and he sent us this quick run-down of the new release and the project’s decision to go open source.

Intro

Responsible for 1,000 systems? One hundred systems? Ten? If so, you likely have processes in place for maintaining these systems, if only to preserve your sanity! Perhaps you have custom ssh scripts to command the systems remotely, or maybe you have your own yum repositories to maintain software patches critical to your systems. If the burden of maintaining these systems causes you a headache or your needs go beyond the methods you use today, Red Hat has tools available to make your life as a system administrator easier.

Satellite

Red Hat Network Satellite is a systems management platform that will make the deployment of your Linux systems easier, faster, and more scalable. Satellite automates many of the day-to-day operations that would otherwise require manual script writing, remote ssh execution, and a considerable amount of human effort. Satellite can centralize the storage and deployment of Red Hat products alongside your own custom software content in one server for easy and controlled distribution to as many systems as you desire.
Users deploy Satellite in environments ranging from tens to tens of thousands of Linux systems.

If any of the features below sound useful to you, give Red Hat Network Satellite a try:

One-click software updates in an easy-to-use web interface
Role-based administration
Flexible delivery architectures - Satellite, Proxy, and Hosted
Virtual Machine Management - Provision, control, and configure virtual machines
System grouping for easier administration
Automation of previously manual tasks
Life-cycle management of your entire Linux infrastructure
Performance tracking for your Linux systems

Latest features in Satellite 5.1.0

With the latest release of Red Hat Network Satellite, 5.1.0, we introduced some excellent new features to help Satellite better integrate with your environments. The most notable feature we introduced in the release is the Multiple Organizations feature, sometimes referred to as ‘Multi-Org.’ This feature allows you to partition your servers, users, software, and configuration into separate ‘Organizations’ within the Satellite. Each organization can manage their own sets of users and systems allowing you to control access to your data without having to install and maintain separate Satellite servers.

An example usage of this feature would be a user that wants a Satellite for managing systems in a multi-departmental organization. Each department would be given its own separate Organization within the Satellite: one organization for Finance, one for IT, one for Engineering, and so on. Each organization would then be granted a set amount of licenses (’entitlements’) to Red Hat Enterprise Linux as determined by a central Satellite administrator. Likewise, the Satellite Administrator would create administrators for each Department within the Satellite. Each department would then have rights to register and administer their
systems without fear of users in other departments seeing or manipulating their systems.

Other exciting features in 5.1.0 include:

API Call enhancements: Vastly expanded set of XML-RPC APIs to help you better automate your experience with RHN Satellite.
Satellite support for x86 64-bit (Intel/AMD) and z390/x (IBM) platforms. You can run your Satellite on more hardware than ever before!
Provisioning support for Power PC (PPC) platform: Kickstart your PPC boxes from Satellite.
Apache 2.0 support for Satellite and Proxy on RHEL4
Exporter tool for moving RHN configuration information
Web User Interface (UI) enhancements: Expanded CSV export support and performance enhancements.

Last but not least

Big news in the world of RHN Satellite: We are going open source! Our development, source code, and communications will all be done in the open with GPLv2 licensing. Much more information at our website:

http://spacewalk.redhat.com/

Attend one of our Satellite lab sessions to talk one-on-one with developers on our team and get the latest information.

More information

Red Hat press release webcast

Red Hat press blog announcement

Developer Blogs: Jesus Rodriguez, Devan Goodwin

Red Hat Delivers on Linux Automation with Identity Management and Open Source Systems Management Solutions

Red Hat Network to Be Open-sourced

06:39 转载：恕道 (3863 Bytes) » NinGoo@Net

Author:NinGoo posted on NinGoo.net

作者：王鼎均

你必须有理想，但是不要公然鄙视那些鼠目寸光的人。你必须有操守，但是不要公然抨击那些蝇营狗苟的人。你必须培养高尚的趣味，但是不要公然与那些逐臭之夫为敌。

我们做好事，别勉强别人也照着我们的样子去做，别责备别人也照着我们的样子去做，别责备他们为什么不做。道德是一种修养，不是一种权力，道德最适合拿来约束自己，不适合拿来压制别人。道德如果成为运动，也是“自己做”运动。

“恃清傲浊”比恃才傲物的后果更坏。人们之所以尊重道德，就是因为道德对他们无害。如果道德成为他们毡上的针、背上的刺，他们就要设法拔去。人们之所以提倡道德，是因为道德可以增进社会的安宁和谐，不希望引起纠纷、造成风波。否则，他们就要对不道德的分子加以安抚了。

这就是以道德自命的人应该守的分寸。

—————转载的分割线———————————————————————-

范美忠，郭松民，余秋雨，大地震后红遍全国(当然余大师成名已久，这次只能算友情演出)，但是范美忠你最多不欣赏不赞同，最多去指责去批判，于你本人不会有大多危害，甚至还能让你带一点优越感。而后面两位，却让我觉得就像在黑夜里地球突然沉向宇宙深处一样无助，恐惧感四面八方汹涌而来。尤其是看了余大师blog上的那些转载的帖子，才发现二三十年来时差一直没有倒过来。

正是：皇帝可以穿新衣，小民切勿做童声；大师含泪劝世人，和谐盛世迎奥运。

Related Articles

PermLink: http://www.ningoo.net/html/2008/zz_shu_dao_and_earthquake.html

Add Comments(0) | Follow NinGoo@Twitter | Google Reader

05:43 2008年6月20日 (1768 Bytes) » Chanel [K]

生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。
生日快乐。

05:31 Summit expert Q&A (4840 Bytes) » Red Hat Magazine

This morning instead of a keynote, experts from throughout Red Hat gathered for a Q&A panel:
- Craig Muzilla
- Iain Gray
- Paul Cormier
- Katrinka McCallum
- Brian Stevens
- Scott Crenshaw

We’ll be posting video soon of this session along with the other keynotes. Until then, here’s a quick summary of what the experts had to say on a few of the questions:

On Red Hat’s patent policy
Paul: We won’t protect patents for our own good. We do it for the upstream, and we do it for the proliferation of open source.

The Iced Tea project recently passed Sun’s compliance test. How does Red Hat look to use open Java with no encumbrances?
Craig: We’ve been an active member in OpenJDK because it’s right for the industry. Sun has done the right thing by opening it. We are actively looking at using it within the JBoss product line and leveraging the Red Hat Enterprise Linux side of the business to make them work together, making it more attractive for our customers.

What is the most interesting question or discussion you’ve had at the Summit?
Iain: At Iain’s Booth, many people were asking about new products, esp MRG. Some of the questions were from beta customers. Many had just come from sessions about new technology, and they were interested in finding out about using those things. And there were a lot of questions about virtualization.

Paul: The thing I’ve heard over and over: “We didn’t realize how many open source projects beyond the operating system were ready for prime time.” Also a lot of questions about where we’re going next and the products we’re bringing to market.

Katrinka: The most popular question I’ve heard: How do I find the Spacewalk site? (It’s spacewalk.redhat.com–the open source Satellite project we announced this week.)

What’s the demand for virtualization? What is Red Hat seeing in that area?
Scott: It’s one of the hottest topics in enterprises, and even mid-size organizations. There is a wave of production use around server consolidation, and a lot of interest in wider deployment. Companies are grappling with the ramifications of security, risk policy, management, balancing workloads. So we have rich conversations with customers who deploy virtualization, and almost every one has plans to make it a core part of their IT architecture.

Paul: One of the things I see frequently in the press that limits the picture–the biggest use case you see is server consolidation. And I think people aren’t really seeing that that’s just one of many. Others include high availability, virtual desktop, cloud computing. Virtualization is the foundation to enable that style of comptuing. Many uses are in their infancy; many haven’t been implemented yet. I think it’s going to be the mainstream. It’s the next generation of the operating system.

Scott: One of the impediments is economic. If you have to pay so much to virtualize a server, there’s only so much you can do with it. So our solution is to build it in–it’s available on every server. Think to when we used to buy TCP stacks separately. When they were integrated, new use cases, new paradigms came up. So I think we’re on the verge of transformation as virtualization is implemented ubiquitously without the barriers that were there a year or two ago.

The video will be posted to the Summit homepage.

01:48 结束山东国税Oracle高级培训课程 (2652 Bytes) » Oracle Life

©作者：eygle 发布在 eygle.com

这一周的周一到周四，为山东国税做了一次为期四天的 Oracle数据库高级技术培训，昨晚回到北京。

培训地点在山东潍坊，第一次到这个中国的风筝之都，感觉环境与气候都不错。
整个培训进展的很顺利，结识了很多朋友，相处尤为融洽，所以讲课也轻松愉快。

感谢山东国税的朋友们：）这次培训，山东每个地市都有人来参加，是一次全省同行的聚会。
感谢老杨同志，在火车站他给我上了堂税务知识课，让我学到了不少Oracle之外的知识。

最满意的是山东的饮食，第一次到一个地方吃饭可以明目张胆的来一盘大葱、上一碟大蒜，痛快啊。
当然，山东朋友的酒量实在是太厉害了，而且喝酒的算法极其复杂，主席副主席、领3杯喝几次、啤酒白酒换算关系，总之比Oracle要复杂。没研究明白。

从北京到潍坊，坐动车组，不到5个小时，想想这个速度可以接受，以后去山东玩，也许周末就可以。

对于课程我的要求是：把我讲的记住50%就可以，明年我再讲一次，再记住50%，大家就和我一样了。哈哈！

这一次是来去匆匆，希望下一次能够在山东多做停留，那里还是我祖上的故乡。

-The End-

相关文章|Related Articles

评论数量(6)|Add Comments

本文网址：http://www.eygle.com/archives/2008/06/train_at_weifang.html

01:26 Memcache的备忘 (3277 Bytes) » Fenng's shared items in Google Reader

把memcache使用时的一些细节记录下来.

memcache每一个item上限是1M，注意不要超出上限
memcache本身并不支持namespace，但是可以通过一些手段模拟出namespace的效果来，见Memcache 中模拟 namespace
刚接触memcache的时候，可能会写出这样的代码来
PLAIN TEXT
CODE:
1. $zhang = $memcache->get('key1');
2. $li = $memcache->get('key2');
3. $wang = $memcache->get('key3');
这种写法实际运行效果是
- get(key1) - 客户端发出请求 - 服务器端查询 - 客户端获取
- get(key2) - 客户端 - 服务器端 - 客户端
- get(key3) - 客户端 - 服务器端 - 客户端
- ...
如此一来，会有三次客户端和服务器端交互的过程。但是如果用批量查询的方法，就只有一次交互的过程。比如:
PLAIN TEXT
CODE:
1. $all = $memcache->get(array('key1', 'key2', 'key3'));
这样性能会有一些提升。对于其它程序语言来说，也封装了类似get_multi这样的方法。
从数据库从查询获得一个列表，放到memcache里面保存起来是一个不错的主意，但是不要忘记memcache有1m限制。如果列表太大，可以考虑把数据分割开来，然后用key序列来保存这个列表数据，比如event_0_500来保存前500行,用event_0_1000保存500-1000行，在获取的时候可以用前面说的批量get来一次性得到这个列表。
经常观察memcache的大小，以及命中率，方便调整缓存策略