I know what it means for code to run in a sandboxed environment, where it can only access a limited set of resources or only have access to virtualized resources.
However, the following sentence in Apple's documentation intrigues me: "...code that runs out of the sandbox.".
Does that mean code that don't run in a sandbox ("out") or code that runs in a sandbox?
What is System Integrity Protection? According to Appleās
documentation:
A new security policy that applies to every running process, including privileged code and code that runs out of the sandbox. The policy extends additional protections to components on disk and at run-time, only allowing system binaries to be modified by the system installer and software updates. Code injection and runtime attachments to system binaries are no longer permitted.
https://chrisshort.net/disabling-mac-os-x-el-capitan-system-integrity-protection/
Related
I am new to Zabbix. I have created monitoring for the cpu and memory. Now, I want to create a template for monitoring storage less than some GB especially for Windows or Linux which are in my network. But creating an OS independent trigger would be great.
I am following this tutorial but I think this is an older version (i am using 5.2) and the triggers are not shown in my inteface:
https://www.youtube.com/watch?v=PS8nE2Zkal8&t=54s&ab_channel=AigarsKadikis
Is there any easy way to make this happen(maybe importing some files).
I would suggest to take advantage of default pre-made templates officially provided by Zabbix SIA:
https://github.com/zabbix/zabbix/tree/master/templates/os/windows_agent
https://github.com/zabbix/zabbix/tree/master/templates/os/linux
as zabbix agent binaries for Windows and Linux are different, mapping for them needs to happen at host level under zabbix web interface.
Changing trigger trasholds can be done on a template level in autodiscovery triggers section or individually directly on the host entity.
Providing a full-fledged tutotial on Zabbix triggers and treasholds is not in scope of StackOverflow answer.
Classical Dynatrace monitoring worked by using an agent for monitoring java processes. You had to add the agent to the monitored VM and it worked.
Dynatrace OneAgent does this without agents. But how does it work. There was no agent added to the Java process. All that is needed is restarting the Java process. Tried it out with Liberty Server and could find two Dynatrace threads called ruxitautosensor and ruxitsubpathsender. But i do not understand how the injection works.
Dynatrace OneAgent changed the "/etc/ld.so.preload" file in OS:
/$LIB/liboneagentproc.so
"/etc/ld.so.preload" and env variable "LD_PRELOAD" are used to preload specified lib when starting new process.
It seems to me they are using standard JVM Tool Interface APIs.
-agentpath:<path-to-agent>=<options> to JVM.
Full documentation here: https://docs.oracle.com/javase/8/docs/platform/jvmti/jvmti.html
Example:
-agentpath:C:/PROGRA~2/DYNATR~1/oneagent/agent/lib64/oneagentloader.dll=isjdwppresent=true,loglevelcon=none,tenant=00000000-0000-0000-0000-000000000000,tenanttoken=XXXXXXXXXXXXXXXX,server=https://10.10.10.10:8443/communication
Note: Some strings have been obfuscated.
On a very high level the installed OS-level agent runs some processes which use OS-level functionality to iterate processes on the machine and inject the agent via various different techniques into all the technologies that are supported for "deep monitoring", e.g. Java, .NET and a number of others.
More details are likely not published for obvious reasons as all this gives a clear advantage compared to the traditional approach for injecting agents manually via adjusting startup scripts, especially if you are deploying into a very large environment.
Is there a way for HTML (a simple page used as UI) to interact with Host operating system?
I specifically mean: Are any engines/frameworks available to achieve following (may be common or independent solution) -
To just run commands on the shell
If certain C/C++ Operating system APIs have to be invoked
If it is a remote system and not a
web server, but has a provision to install any dependencies for
communication.
I have a set of CUDA apps that both write to the console via cout. I have a host machine with VS and NSight plug-in and a target machine with NSight service. However, when I execute the console app, it actually runs on the target machine (literally pops up a console).
So here's the question: how can I get the console to show up on the host and only the GPU stuff to execute on the target? Is this even possible?
Thanks!
The short answer is that it is currently not possible. The application on the target is executed by the Nsight Monitor process but Nsight Monitor currently does not forward the output back to host.
Currently your only option is to take care of it your self by capturing the output of your application on the target and somehow display it on the host.
If this feature is important to you i suggest you file a feature request via your Nvidia developer account.
The CUDA application completely runs on the target machine, so the console or UI for the application will be seen on the target machine only. You can set breakpoints in the GPU code in the VS side (your host machine), and it should break there.
If you feel the application quits too quickly and is not launching the kernels as expected (and you are not hitting the breakpoints), it may be that you have not deployed all the required DLLs on the target machine (e.g. CUDART).
How do I run OpenERP Web 6.1 on a different machine than OpenERP server?
In 6.0 this was easy, there were 2 config files and 2 servers (server and "web client") and they communicated over TCP/IP.
I am not sure how to setup something similar for 6.1.
I was not able to find helpful documentation on this subject. Do they still communicate over TCP/IP? How do I configure the "web client" to use a different server machine? I would like to understand the new concept here.
tl;dr answer
It's meant only for debugging, but you can.
Use the openerp-web startup script that is included in the openerp-web project, which you can install from the source. There's no separate installer for it, as it's not meant for production. You can pass parameters to set the remote OpenERP server to connect to, e.g. --server-host, --server-port, etc. Use --help to see the options.
Long answer
OpenERP 6.1 comes with a series of architectural changes that allow:
running many OpenERP server processes in parallel, thanks to improved statelessness. This makes distributed deployment a breeze, and gives load-balancing/fail-over/high-availability capabilities. It also allows OpenERP to benefit from multi-processor/multi-core hardware.
deploying the web interface as a regular OpenERP module, relieving you from having to deploy and maintain two separate server processes. When it runs embedded the web client can also make direct Python calls to the server API, avoiding unnecessary RPC marshalling, for an extra performance boost.
This change is explained in greater details in this presentation, along with all the technical reasons behind it.
A standalone mode is still available for the web client with the openerp-web script provided in the openerp-web project, but it is meant for debugging purposes rather than production. It runs in mono-thread mode by default (see the --multi-thread startup parameter), in order to serialize all RPC calls and make debugging easier. In addition to being slower, this mode will also break all modules that have a web part, unless all regular OpenERP addons are also copied in the --addons-path of the web process. And even then, some will be broken because they may still partially depend on the embedded mode.
Now if you were simply looking for a distributed deployment model, stop looking: just run multiple OpenERP (server) processes with the full stack. Have a look at the presentation mentioned above to get started with Gunicorn, WSGI, etc.
Note: Due to these severe limitations and its relative uselessness (vs maintenance cost), the standalone mode for the web client has been completely removed (see rev, 3200 on launchpad) in OpenERP 7.0.