[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[LDM #TCW-702523]: downstream LDM server not receiving all data (e.g. nexrad) from local LDM/NOAAPORT ingest systems

Subject: [LDM #TCW-702523]: downstream LDM server not receiving all data (e.g. nexrad) from local LDM/NOAAPORT ingest systems
Date: Sat, 05 Sep 2020 10:16:53 -0600

Jay & Gregg,

> The kernel.sched_rt_runtime_us is set at 950000. We tried setting it to -1
> briefly to see if noaaportIngester runs.

So disabling cgroup scheduling worked but disabling insights-client was a 
better solution.

Another security-related hoop to jump through. Sigh.

We run CentOS here rather than RHEL and don't have insights-client. Can you 
find anything in the insights-client documentation that would allow 
noaaportIngester(1) to work?

> I talked to Jay and learned insights-client is part of Red Hat Security
> recently installed automatically.  I believe once a system reboots then LDM
> will run into problems when it is stopped and LDM will not start.
> Apparently the insights-client doesn't log anything about how it prevented
> the noaaportIngester process from starting or the user (i.e. in this case
> ldmcp) was trying to do something that insights-client prevented.

Of course it didn't log anything. That would have been helpful. :-)

> Perhaps it would be good to somehow annotate this for users who use RedHat
> Enterprise Linux (e.g. NWS AWIPS program).  It would be interesting to know
> if CentOS will eventually receive this security feature as well.

Yeah. Besides modifying the documentation, I'll communicate with our AWIPS 
people to see if they know who I should communicate with in NOAA.

Do you have any suggestions on the appropriate NOAA personel?

> Appreciate everyone working on this and may we all have a great long
> weekend, hopefully IT trouble free as well :)

That *would* be nice!

You all have fun and stay safe. (And see about configuring insights-client. 
PLEASE!)

Regards,
Steve Emmerson

Ticket Details
===================
Ticket ID: TCW-702523
Department: Support LDM
Priority: Normal
Status: Closed
===================
NOTE: All email exchanges with Unidata User Support are recorded in the Unidata 
inquiry tracking system and then made publicly available through the web.  If 
you do not want to have your interactions made available in this way, you must 
let us know in each email you send to us.

Prev by Date: [LDM #TCW-702523]: downstream LDM server not receiving all data (e.g. nexrad) from local LDM/NOAAPORT ingest systems
Next by Date: [LDM #TCW-702523]: downstream LDM server not receiving all data (e.g. nexrad) from local LDM/NOAAPORT ingest systems
Previous by thread: [LDM #TCW-702523]: downstream LDM server not receiving all data (e.g. nexrad) from local LDM/NOAAPORT ingest systems
Next by thread: [LDM #TCW-702523]: downstream LDM server not receiving all data (e.g. nexrad) from local LDM/NOAAPORT ingest systems
Index(es):
- Date
- Thread