TLS Monitoring Script
The other day, when I upgraded some packages on my box, apparently and upgrade to libc was there that I didn't see. Having /lib/tls on my box again killed performance, so I wrote up a little script to help monitor, and I'm sharing it here.
This script will write a syslog entry everytime it runs, saying whether or not /lib/tls exists, and if it finds a /lib/tls directory, it will remove it and email the address specified.
Basically, you copy the script to /usr/local/bin/ and add a cronjob to run it.
Edit: It occured to me that my script should delete /lib/tls, instead of poking me to do it. Edited version below and uploaded. Cronjob: (in /etc/crontab format)
00 1 * * * root /usr/local/bin/check_tls >/dev/null 2>/dev/null
Script: (can also be downloaded from http://j.oldos.org/check_tls.sh
#!/bin/bash
# check_tls.sh
#
# Script to see if TLS exists. If it exists, email $email
#
# Released into Public Domain 3/12/2008 by Jason Faulkner
#
# Put your email address here
email="nobody@example.com"
if [[ -d /lib/tls ]]; then
echo "TLS Exists at /lib/tls on `hostname -f`. Removing." \
| mail -s "TLS Exists" $email
rm -rf /lib/tls
logger -i -t "check_tls" "TLS Check: /lib/tls exists, removing and emailing $email"
else
logger -i -t "check_tls" "TLS Check: /lib/tls does not exist, not emailing $email"
fi
**
3 Replies
caker
Linode Staff
@Xan:
I was under the impression that UML had fixed the issue where TLS caused such performance problems.
Me too:) . I've never heard of anyone else hitting problems with NPTL/TLS.
Anyone want to test?
-Chris
