[CentOS-virt] Using md0 as a virtio block device
Hi all, can I use /dev/md0 (raid1 configured under centos kvm host) as a virtio block device under a Centos 5.4 kvm guest?? Thanks. -- CL Martinez carlopmart {at} gmail {d0t} com ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-es] Resumen de CentOS-es, Vol 40, Env ío 37
hola amigos me pudiera ayudar como puedo abilitar y desabilitar los puertos en mi servidor linux centos tengo configurado el squid pero no e asinado restringiones pero el servidor lo realiza por defaul como controlo esto _ Connect to the next generation of MSN Messenger http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-ussource=wlmailtagline___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] Problema con shutdown
Hola, tengo CentOS 5.3 instalado en un servidor HP ML110. Cloné la instalación con Clonezilla, y a partir de eso, al ejecutar shutdown -h (o cualquier otra orden de apagado como init 0 o poweroff) en vez de apagarse el sistema reinicia. He buscado en google pero no he encontrado nada sobre esto. ¿A alguien le ha pasado antes? ¿Alguna idea de cual puede ser la causa? -- Enrique Verdes ever...@conatel.com.uy Depto. de Ingeniería - CONATEL S.A. Este mensaje es privado y confidencial y tiene como único destinatario la persona a la que va dirigida. La responsabilidad de su contenido es del remitente y no de CONATEL. Si usted ha recibido este mensaje por error, tenga presente que le está prohibido revelarlo, copiarlo o distribuirlo, debiendo avisar de inmediato al remitente y borrarlo de su sistema. El error de transmisión no implica renuncia a la privacidad y confidencialidad. This email is private and confidential and intended solely for the use of the individual to whom it is addressed. The responsibility of its content is the sender's and not CONATEL'S. If you have received this email by mistake please notify the sender immediately and delete it from your system. Its disclosure, copy or distribution is absolutely forbidden. The transmission error does not imply a waiver of privacy and confidentiality. ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS] iSCSI / GFS shared web server file system
my impression is GFS requires shared storage, I believe there are ways around it, but take a look at this for setting up GFS for use with NFS iSCSI provides the basic foundation needed by GFS for shared storage, so the OP is good for that. GFS, however, is not exactly a simple technology to deploy. NFS is better for more standardized infrastructures where resources and time may be limited. GFS and other shared/clustering filesystems are great, but don't underestimate the resources needed to feed and care for them. OCSF2 over iSCSI is a good option to look at, too. There is also gluster. But NFS is going to be the mainstream approach with the best support and administration options unless the OP is running into some technical limitations. - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: Caching synchronous writes
Ray Van Dolson wrote: I think what you want is a proper storage array with mirrored write cache. When ext3 came into widespread use, a popular method to cache frequent fsyncs was to run it in a full data journaling mode, with external journal on a separate disk. This turned all random writes to a sequential write, limited to a very small piece of disk and a periodical journal flush to the real file system. This worked amazingly well for busy mail queues - throughput went up 10x and more. People were also reporting improvements in NFS scenarios. Don't know how this is relevant today in times of SSD, but it should be worth to test it. -- Jure Pečar http://jure.pecar.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iSCSI / GFS shared web server file system
On Fri, Apr 23, 2010 at 8:10 AM, Geoff Galitz ge...@galitz.org wrote: OCSF2 over iSCSI is a good option to look at, too. There is also gluster. But NFS is going to be the mainstream approach with the best support and administration options unless the OP is running into some technical limitations. I have a number of OCFS2 over plain old SCSI with MD3000 setups. The older versions have a couple of stupid bugs so it's always better to move to the most upto date version of the module from Oracle. I haven't tried it with iSCSI. I haven't tried Gluster yet but I find OCFS2 quite maintenance-free until you hit the damn bug! :) -- Hakan (m1fcj) - http://www.hititgunesi.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rpm -U query
On 22 April 2010 22:18, Steve Thompson s...@vgersoft.com wrote: CentOS, RHEL, all versions. Suppose I am upgrading a package foo-1.0 to foo-2.0 (assume foo is not relocatable), and both packages have %preun sections in their .spec files. It appears that foo-1.0's %preun is run after foo-2.0 has been installed. So what happens if foo-1.0 needs to run a binary that was provided as part of foo-1.0 during its %preun stage, and a binary of the same name is provided with foo-2.0? The installed binary is now foo-2.0's, right? So how to run foo-1.0's binaries during its %preun stage? Is the old binary available under a different name before it gets erased? -steve ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Correct... the order in an upgrade is... new %pre new %install new %post old %preun old %files removed old %postun Check the rpm spec documentation online for the specific details but the four % scripts have a single argument supplied to them which you can test. It is a numerical value equivalent to the number of times a package appears in the RPM database after the package is installed/erased at that point. So on a fresh install %pre $1 = 1 %post $1 = 1 %preun and %postun unused On an upgrade... %pre $1 = 2 %post $1 = 2 %preun $1 = 1 %postun $1 = 1 On a remove %pre and %post not used %preun $1 = 0 %postun $1 = 0 If you have an old package without tests and you are concerned that the scripts will conflict with each other you can always do... rpm -e --nodeps pacakage rpm -i package That will remove and install in an order you might prefer for the scripts until they are fixed... See: http://www.rpm.org/max-rpm/s1-rpm-inside-scripts.html James ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rpm -U query
On 22 April 2010 22:18, Steve Thompson s...@vgersoft.com wrote: CentOS, RHEL, all versions. Suppose I am upgrading a package foo-1.0 to foo-2.0 (assume foo is not relocatable), and both packages have %preun sections in their .spec files. It appears that foo-1.0's %preun is run after foo-2.0 has been installed. So what happens if foo-1.0 needs to run a binary that was provided as part of foo-1.0 during its %preun stage, and a binary of the same name is provided with foo-2.0? The installed binary is now foo-2.0's, right? So how to run foo-1.0's binaries during its %preun stage? Is the old binary available under a different name before it gets erased? -steve ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Err misread the question a bit there... The new binary will be there You can always copy the old binary in %pre to /tmp something to have in %preun and then remove it afterwards... %pre is before files get replaced... James ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] IPV6 and DNS...
Hi, I keep getting entries like these in my logs: network unreachable resolving '0.centos.pool.ntp.org//IN': 2001:500:40::1#53: 1 Time(s) network unreachable resolving '0.centos.pool.ntp.org//IN': 2001:500:e::1#53: 1 Time(s) network unreachable resolving '0.centos.pool.ntp.org//IN': 2001:dc3::35#53: 1 Time(s) I don't see any IPV6 parameters to disable in named.conf, apart from the 'listen-on-v6' which I commented, and the 'query-source-v6' which is commented by default... I disabled IPV6 in the sysconfig files; but not in the modprobe.conf though... Can I just ignore these errors? Thx, JD ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] scripting CPAN installs
On 15 April 2010 21:23, Alan McKay alan.mc...@gmail.com wrote: Hey folks, Maybe there is a Perl/CPAN list that is a better place to ask this? If so, maybe someone can point me to it. Anyway, I want to be able to script the installation of a bunch of CPAN modules, and the first basic problem I am coming up against is that the cpan command seems to always return 0 regardless of whether or not the install completed. I don't know if this will solve your problem, but I'm surprised to hear about people still using the cpan command-line program. The CPANPLUS module has been included with Perl for several years and I recommend investigating its cpanp command-line program instead of cpan. And if you want something even more up to date, you can look at cpanminus - which is packaged as perl-App-cpanminus at my CPAN/RPM repository (http://rpm.mag-sol.com/). Finally, can I repeat the advice that other people have hinted at. Mixing CPAN-installed modules and RPM-installed modules in a single Centos installation is a really bad idea. I highly recommend using only RPM-packaged modules (and learning to build your own[1] for ones that you can't find elsewhere). Cheers, Dave... [1] http://www.slideshare.net/davorg/perl-in-rpmland-presentation ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 6 Beta available for public download
Timo Schoeler a écrit : -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 http://press.redhat.com/2010/04/21/red-hat-enterprise-linux-6-beta-available-today-for-public-download/ ...says it all. Have phun! I just gave it a spin on two of my machines, two NEW Powermates which I use to test all kinds of distros and setups on. I've got Ghost images of about a dozen different distros on each. So let's see what RHEL6b gives. Machine 1 : DVD boots correctly, asks for the language and then tells me it can't find the DVD. (I double-checked if the DVD was burnt correctly.) Machine 2 : installer goes a little further, asks about the storage, and when I choose the default, it freezes. So, the RHEL6 experience will have to wait a little further. Niki ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Adding ps2pdf support on centos
Hi, I wanted to install the ghostscript for ps2pdf support. I wanted to know the required rpms for this and also the order of installation. As of now i don't have this support on my system. Please provide me with information on this. Disclaimer : This message is proprietary to Smartlink Network Systems Ltd. and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. The company accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus. __ This email has been scrubbed for your protection by SecureMX. For more information visit http://securemx.in __ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Adding ps2pdf support on centos
Hi, I wanted to install the ghostscript for ps2pdf support. I wanted to know the required rpms for this and also the order of installation. As of now i don't have this support on my system. Please provide me with information on this. rant Have you considered RTFM? Do you understand Linux, and more specifically CentOS, at any level, other than following someone's notes? /rant man yum mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Adding ps2pdf support on centos
From: premr...@digilink.in premr...@digilink.in I wanted to install the ghostscript for ps2pdf support. I wanted to know the required rpms for this and also the order of installation. As of now i don't have this support on my system. yum install ghostscript JD ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: Caching synchronous writes
Jure Pečar wrote: Ray Van Dolson wrote: I think what you want is a proper storage array with mirrored write cache. When ext3 came into widespread use, a popular method to cache frequent fsyncs was to run it in a full data journaling mode, with external journal on a separate disk. This turned all random writes to a sequential write, limited to a very small piece of disk and a periodical journal flush to the real file system. This worked amazingly well for busy mail queues - throughput went up 10x and more. People were also reporting improvements in NFS scenarios. Don't know how this is relevant today in times of SSD, but it should be worth to test it. separate disk only? Don't forget nvram sticks or bbu ramdrives. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] vmcore on 5.4
Information: 5.4 kernel (2.6.18-164.el5). I have a vmcore (from kdump), if the developers are interested, let me know a place to upload the vmcore file. I used the crash command to do a backtrace. I manage to get machines with later 5.4 and 5.5 to panic the same way. Broadcom or Intel NICs panic the same way. This is an NFS client where the NFS server is restarting several times; NFSv3, mount it with defaults,noatime. The client was busy writing things on NFS-mounted space while the NFS servers was restarting several times. So far, if I mount it with udp option, I've not managed to panic the machines. The bad news is that NFSv4 is strictly TCP, if I were to go down that route. From the backtrace, it seems the crash is TCP-related. I'll be trying couple Linux TCP settings changes. It's a possibility that the issues are with TCP in general (not NFS). I would like to enlist community's help in further understanding this and potential work-arounds with this TCP issues. crash sys KERNEL: vmlinux DUMPFILE: vmcore CPUS: 4 DATE: Tue Apr 20 15:04:09 2010 UPTIME: 18:55:25 LOAD AVERAGE: 0.13, 0.09, 0.03 TASKS: 340 RELEASE: 2.6.18-164.el5 VERSION: #1 SMP Thu Sep 3 03:28:30 EDT 2009 MACHINE: x86_64 (2660 Mhz) MEMORY: 23.6 GB PANIC: Oops: [1] SMP (check log for details) crash bt -a PID: 0 TASK: 802ffae0 CPU: 0 COMMAND: swapper #0 [8043ef20] crash_nmi_callback at 8007a3bf #1 [8043ef40] do_nmi at 8006585a #2 [8043ef50] nmi at 80064ebf [exception RIP: acpi_processor_idle+579] RIP: 8019765e RSP: 803f1f48 RFLAGS: 0093 RAX: 0073111a RBX: 0073111a RCX: 0808 RDX: 0815 RSI: 0003 RDI: RBP: 81063e480100 R8: 803f R9: 804b5e2c R10: 0046 R11: 0046 R12: R13: 81063e48 R14: R15: ORIG_RAX: CS: 0010 SS: 0018 --- exception stack --- #3 [803f1f48] acpi_processor_idle at 8019765e #4 [803f1f90] cpu_idle at 8004939e PID: 0 TASK: 810115f11100 CPU: 1 COMMAND: swapper #0 [810115f38f20] crash_nmi_callback at 8007a3bf #1 [810115f38f40] do_nmi at 8006585a #2 [810115f38f50] nmi at 80064ebf [exception RIP: acpi_processor_idle+579] RIP: 8019765e RSP: 810115f2fea8 RFLAGS: 0093 RAX: 00731145 RBX: 00731145 RCX: 0808 RDX: 0815 RSI: 0003 RDI: RBP: 81063f173900 R8: 810115f2e000 R9: 804b5e2c R10: 0046 R11: 0046 R12: 00ff R13: 81063f173800 R14: 0100 R15: 803ea280 ORIG_RAX: CS: 0010 SS: 0018 --- exception stack --- #3 [810115f2fea8] acpi_processor_idle at 8019765e #4 [810115f2fef0] cpu_idle at 8004939e PID: 0 TASK: 810115f20080 CPU: 2 COMMAND: swapper #0 [810115f6bbc0] crash_kexec at 800ac5b9 #1 [810115f6bc80] __die at 80065127 #2 [810115f6bcc0] do_page_fault at 80066da7 #3 [810115f6bdb0] error_exit at 8005dde9 [exception RIP: pskb_copy+307] RIP: 8022486b RSP: 810115f6be60 RFLAGS: 00010282 RAX: 81062cd5f540 RBX: 81062cac3980 RCX: 81046fb1e550 RDX: RSI: 81062cd5f550 RDI: 0004 RBP: 810466f54a80 R8: 081f02b4 R9: R10: 81062cac3980 R11: 00c8 R12: 0220 R13: 810466f54a80 R14: 0002 R15: 803ea2a0 ORIG_RAX: CS: 0010 SS: 0018 #4 [810115f6be78] tcp_transmit_skb at 800217b7 #5 [810115f6bec8] tcp_retransmit_skb at 80250ccd #6 [810115f6bf08] tcp_write_timer at 80252652 #7 [810115f6bf28] run_timer_softirq at 800968be #8 [810115f6bf58] __do_softirq at 8001235a #9 [810115f6bf88] call_softirq at 8005e2fc #10 [810115f6bfa0] do_softirq at 8006cb14 #11 [810115f6bfb0] apic_timer_interrupt at 8005dc8e --- IRQ stack --- #12 [810115f67df8] apic_timer_interrupt at 8005dc8e [exception RIP: acpi_processor_idle+628] RIP: 8019768f RSP: 810115f67ea8 RFLAGS: 0282 RAX: 810115f67fd8 RBX: 81063f173100 RCX: 80184973 RDX: 81063f173000 RSI: 0082 RDI: 804b5e2c RBP: 810115f67ee8 R8: 810115f66000 R9: 810115f67ecc R10: 0046 R11: 810115f67ee8 R12: 81063f6e1180 R13: 10008040 R14: 81063f6e1180 R15: 81063f6e1180 ORIG_RAX: ff10 CS: 0010 SS:
Re: [CentOS] Adding ps2pdf support on centos
At Fri, 23 Apr 2010 18:21:26 +0530 CentOS mailing list centos@centos.org wrote: Hi, I wanted to install the ghostscript for ps2pdf support. I wanted to know the required rpms for this and also the order of installation. As of now i don't have this support on my system. Please provide me with information on this. yum install ghostscript Disclaimer : This message is proprietary to Smartlink Network Systems Ltd. and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. The company accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus. __ This email has been scrubbed for your protection by SecureMX. For more information visit http://securemx.in __ MIME-Version: 1.0 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Robert Heller -- Get the Deepwoods Software FireFox Toolbar! Deepwoods Software-- Linux Installation and Administration http://www.deepsoft.com/ -- Web Hosting, with CGI and Database hel...@deepsoft.com -- Contract Programming: C/C++, Tcl/Tk ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: Caching synchronous writes
On Fri, Apr 23, 2010 at 10:20:01AM +0200, Jure Pečar wrote: Ray Van Dolson wrote: I think what you want is a proper storage array with mirrored write cache. When ext3 came into widespread use, a popular method to cache frequent fsyncs was to run it in a full data journaling mode, with external journal on a separate disk. This turned all random writes to a sequential write, limited to a very small piece of disk and a periodical journal flush to the real file system. This worked amazingly well for busy mail queues - throughput went up 10x and more. People were also reporting improvements in NFS scenarios. Don't know how this is relevant today in times of SSD, but it should be worth to test it. Interesting. As long as the requirements of O_SYNC are met once the data is written to the journal (I imagine it would be), then I could definitely see this speeding up NFS... On the other hand, if no write confirmation is sent until the data actually flushes out of the journal and onto disk, then the wins probably aren't as significant. Sounds like it'd be worth trying though, thanks. Ray ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Can no longer print
My server has CentOS 5.4. I had hplip-2.7.12 installed and running, as earlier versions didn't work with my printers, and was able to print to a networked printer. As far as I'm aware, that's the version that was still running last time I printed. Recently I decided to add a local USB printer, and at that point discovered that I can no longer print. I've no idea how long this has been so. Rightly or wrongly, I decided that something must have seriously upset hplip, so I removed it and re-installed it. Unfortunately it hasn't cured anything. I have the correct ppd files for both printers, and CUPS lists them. If I step through the CUPS Modify Printer pages everything looks correct, but when I try to send a test page I see usr/lib/cups/filter/foomatic-rip failed. Running 'hp-check -t' tells me that libcrypto is a required dependency and I don't have it. 'rpm --redhatprovides libcrypto' says that no package provides it, and no package of that name is listed. Where can I get it? Similarly, ppdev and ReportLab are essential but missing. I have printed from this server in the past, but I can't get it sorted this time. I can't even find any uninstall file for hplip, and it doesn't appear in the rpm database. Is there any way I can get this working again? Thanks Anne signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: Caching synchronous writes
On 4/23/2010 11:17 AM, Ray Van Dolson wrote: On Fri, Apr 23, 2010 at 10:20:01AM +0200, Jure Pečar wrote: Ray Van Dolson wrote: I think what you want is a proper storage array with mirrored write cache. When ext3 came into widespread use, a popular method to cache frequent fsyncs was to run it in a full data journaling mode, with external journal on a separate disk. This turned all random writes to a sequential write, limited to a very small piece of disk and a periodical journal flush to the real file system. This worked amazingly well for busy mail queues - throughput went up 10x and more. People were also reporting improvements in NFS scenarios. Don't know how this is relevant today in times of SSD, but it should be worth to test it. Interesting. As long as the requirements of O_SYNC are met once the data is written to the journal (I imagine it would be), then I could definitely see this speeding up NFS... On the other hand, if no write confirmation is sent until the data actually flushes out of the journal and onto disk, then the wins probably aren't as significant. Do any linux filesystems actually get this right now? In the past, the filesystem cache was somewhat divorced from file writes so fsync() and probably any write with O_SYNC would wait until the entire filesystem cache was flushed to disk, not just the related file buffer. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iSCSI / GFS shared web server file system
http://sources.redhat.com/cluster/doc/nfscookbook.pdf I think it'd be much easier if you just replicate the data between the servers with rsync or something. GFS sounds like way overkill for a couple of web servers. Maybe you're right that GFS would be overkill -- I know you have to setup the whole clustering environment before it will work. Even though NFS would be easy to setup, it seems like it would just add more servers into the mix. We really want to achieve automatic failover at all levels and setting up NFS to replicate in real time and run the extra servers for that seems like it would require more resources. I'd rather put the time into understanding the complexities of the clustering environment setup and management and save some server sprawl I'll look into OCFS2 and gluster to see if those are good options. Thanks for those suggestions. nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Can no longer print
On Fri, Apr 23, 2010 at 9:19 AM, Anne Wilson cannewil...@googlemail.com wrote: : Running 'hp-check -t' tells me that libcrypto is a required dependency and I don't have it. 'rpm --redhatprovides libcrypto' says that no package provides it, and no package of that name is listed. Where can I get it? Have you checked any of the hits in Google? There are many of them HTH. mhr ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Can no longer print
Reply to All / Reply to List On Friday 23 April 2010 18:30:40 MHR wrote: On Fri, Apr 23, 2010 at 9:19 AM, Anne Wilson cannewil...@googlemail.com wrote: Running 'hp-check -t' tells me that libcrypto is a required dependency and I don't have it. 'rpm --redhatprovides libcrypto' says that no package provides it, and no package of that name is listed. Where can I get it? Have you checked any of the hits in Google? There are many of them I've checked quite a few. None of them I've found so far were about these missing dependencies, but I'll read some more. Anne signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Can no longer print
On Apr 23, 2010, at 10:45 AM, Anne Wilson wrote: Reply to All / Reply to List On Friday 23 April 2010 18:30:40 MHR wrote: On Fri, Apr 23, 2010 at 9:19 AM, Anne Wilson cannewil...@googlemail.com wrote: Running 'hp-check -t' tells me that libcrypto is a required dependency and I don't have it. 'rpm --redhatprovides libcrypto' says that no package provides it, and no package of that name is listed. Where can I get it? Have you checked any of the hits in Google? There are many of them I've checked quite a few. None of them I've found so far were about these missing dependencies, but I'll read some more. Anne libcrypto is part of openssl. Weird that whatprovides is useless on this.. [r...@cartman ~]# rpm -qf /lib/libcrypto.so.6 openssl-0.9.8e-12.el5_4.6 [r...@cartman ~]# rpm --redhatprovides libcrypto no package provides libcrypto [r...@cartman ~]# -- Don Krause Head Systems Geek, Waver of Deceased Chickens. Optivus Proton Therapy, Inc. P.O. Box 608 Loma Linda, California 92354 909.799.8327 Tel 909.799.8366 Fax dkra...@optivus.com www.optivus.com This message represents the official view of the voices in my head. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Can no longer print
Don Krause wrote: [r...@cartman ~]# rpm -qf /lib/libcrypto.so.6 openssl-0.9.8e-12.el5_4.6 [r...@cartman ~]# rpm --redhatprovides libcrypto no package provides libcrypto [r...@cartman ~]# fwiw, yum provides libcrypto.so.6 does tell you what RPMs. ditto... $ rpm -q --whatprovides libcrypto.so.6 openssl-0.9.8e-12.el5 (but only if its already installed) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Can no longer print
On Fri, Apr 23, 2010 at 10:53:00AM -0700, Don Krause wrote: libcrypto is part of openssl. Weird that whatprovides is useless on this.. [r...@cartman ~]# rpm -qf /lib/libcrypto.so.6 openssl-0.9.8e-12.el5_4.6 [r...@cartman ~]# rpm --redhatprovides libcrypto no package provides libcrypto [r...@cartman ~]# Use yum: yum whatprovides '*libcrypto*' -- rgds Stephen ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] iptables
how could i add / remove iptable rules on cet os 5.4 final for tcp / udp base on ports ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iptables
Am 23.04.2010 20:31, schrieb cahit Eyigünlü: how could i add / remove iptable rules on cet os 5.4 final for tcp / udp base on ports http://wiki.centos.org/HowTos/Network/IPTables Alexander ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iptables
how could i add / remove iptable rules on cet os 5.4 final for tcp / udp base on ports Wow Cahit, you are a sucker for punishment buddy:) First, post in text, then do a smidge of reading first... `man iptables` or google? I am guessing your iptables are stock as install left them? You might try `system-config-security-level-tui` which can actually be scripted, or you can issue low level commands like: iptables -I RH-Firewall-1-INPUT -m state --state NEW -m multiport -p tcp -s 10.0.0.0/24 -d 10.0.0.0/24 --dports xxx,yyy,zzz -j ACCEPT etc etc etc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] [Fwd: Re: iptables]
---BeginMessage--- cahit Eyigünlü a écrit : how could i add / remove iptable rules on cet os 5.4 final for tcp / udp base on ports If you don't want to mess with iptables, take a look at the firewall configuration tool system-config-securitylevel-tui. I think there's a graphical app also, but I've never used it. If you only need to open/close ports on a tcp/udp basis, this tool will do the job. Right now looking for an example. In my own documentation, I have some screenshots of the tool. Here, for example (second screenshot), opening port 67 for UDP requests : http://www.microlinux.fr/doc_en_stock/dhcp.html Or here (first screenshot), opening port 53 for both TCP and UDP requests : http://www.microlinux.fr/doc_en_stock/dns.html If you want more complicated stuff, you'll have to dive into iptables, though. Cheers, Niki ---End Message--- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [Fwd: Re: iptables]
Thanks also i found this editinig the : edit /etc/sysconfig/iptables is a good way for solution problem solved thanks for everybody's attention 2010/4/23 Niki Kovacs cont...@kikinovak.net cahit Eyigünlü a écrit : how could i add / remove iptable rules on cet os 5.4 final for tcp / udp base on ports If you don't want to mess with iptables, take a look at the firewall configuration tool system-config-securitylevel-tui. I think there's a graphical app also, but I've never used it. If you only need to open/close ports on a tcp/udp basis, this tool will do the job. Right now looking for an example. In my own documentation, I have some screenshots of the tool. Here, for example (second screenshot), opening port 67 for UDP requests : http://www.microlinux.fr/doc_en_stock/dhcp.html Or here (first screenshot), opening port 53 for both TCP and UDP requests : http://www.microlinux.fr/doc_en_stock/dns.html If you want more complicated stuff, you'll have to dive into iptables, though. Cheers, Niki ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [Fwd: Re: iptables]
Thanks also i found this editinig the : edit /etc/sysconfig/iptables is a good way for solution problem solved thanks for everybody's attention I guess you missed the second line of text in that file, so probably you will be oblivious to it having changed when it does:) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [Fwd: Re: iptables]
cahit Eyigünlü a écrit : Thanks also i found this editinig the : edit /etc/sysconfig/iptables is a good way for solution problem solved thanks for everybody's attention Your attention has to come back. Editing /etc/sysconfig/iptables is *not* the solution. Just! Read! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [Fwd: Re: iptables]
how or why i have redesigned it to this and it seems like worked : [r...@lin ~]# vi /etc/sysconfig/iptables # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -i eth0 -j ACCEPT -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8443 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT /etc/sysconfig/iptables 40L, 1617C 2010/4/23 Niki Kovacs cont...@kikinovak.net cahit Eyigünlü a écrit : Thanks also i found this editinig the : edit /etc/sysconfig/iptables is a good way for solution problem solved thanks for everybody's attention Your attention has to come back. Editing /etc/sysconfig/iptables is *not* the solution. Just! Read! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [Fwd: Re: iptables]
how or why i have redesigned it to this and it seems like worked : Post your ip and root user/pass, we'll fix that and your mail client:P ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] [Fwd: Re: iptables]
On Fri, 23 Apr 2010, Joseph L. Casale wrote: how or why i have redesigned it to this and it seems like worked : Post your ip and root user/pass, we'll fix that and your mail client:P ** please ** take this catfight offlist -- Russ herrold ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Problem shuting down server.
Have Centos 5.3 installed in a HP ML110 server. After cloning disk using Clonezilla, if I issue a shutdown -h now, or any other command to shut down the server (i.e. init 0 or poweroff), instead of shutting down the server reboots. I googled but could't find any answer. ¿Does anybody has a clue about why this is happening? -- Enrique Verdes ever...@conatel.com.uy Depto. de Ingeniería - CONATEL S.A. Este mensaje es privado y confidencial y tiene como único destinatario la persona a la que va dirigida. La responsabilidad de su contenido es del remitente y no de CONATEL. Si usted ha recibido este mensaje por error, tenga presente que le está prohibido revelarlo, copiarlo o distribuirlo, debiendo avisar de inmediato al remitente y borrarlo de su sistema. El error de transmisión no implica renuncia a la privacidad y confidencialidad. This email is private and confidential and intended solely for the use of the individual to whom it is addressed. The responsibility of its content is the sender's and not CONATEL'S. If you have received this email by mistake please notify the sender immediately and delete it from your system. Its disclosure, copy or distribution is absolutely forbidden. The transmission error does not imply a waiver of privacy and confidentiality. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] USB keys
Well, we wanted to put an install on a USB key. Neither I nor the other admin was amused by the singing and dancing that the wiki offers - and just *why* is it that syslinux is broken? At any rate, I did some googling, and found http://www.pendrivelinux.com/, and I ran this installer. Ok, it has some bugs: a) I had several .isos, and it *insisted* on grabbing the first one, alphabetically, no matter that I put in the full name. It also takes for-bloody-ever - 4.5 *hours* for the 4G DVD. However, it finished, I stuck it into a laptop, told it to boot from the USB, and there was the begin install screen. *shrug* Looks good to me. I just do not understand why it's such a song and dance, rather than, say, syslinux /dev/sdb1 mount /dev/sdb1 /tmp/mnt mount -o loop CentOSiso /mnt cp -pr /mnt/ /tmp/mnt mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 6 Beta available for public download
On Fri, Apr 23, 2010 at 1:52 PM, Niki Kovacs cont...@kikinovak.net wrote: Timo Schoeler a écrit : -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 http://press.redhat.com/2010/04/21/red-hat-enterprise-linux-6-beta-available-today-for-public-download/ ...says it all. Have phun! I just gave it a spin on two of my machines, two NEW Powermates which I use to test all kinds of distros and setups on. I've got Ghost images of about a dozen different distros on each. So let's see what RHEL6b gives. Machine 1 : DVD boots correctly, asks for the language and then tells me it can't find the DVD. (I double-checked if the DVD was burnt correctly.) Machine 2 : installer goes a little further, asks about the storage, and when I choose the default, it freezes. So, the RHEL6 experience will have to wait a little further. Niki ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Niki, You should still be able to experience it a virtual machine; at least this is how I did it and it worked great. Maybe you should submit a bug report at redhat regarding your install issues. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] USB keys
m.r...@5-cent.us wrote on 04/23/2010 03:49 PM: Well, we wanted to put an install on a USB key. Neither I nor the other admin was amused by the singing and dancing that the wiki offers - and just *why* is it that syslinux is broken? Sorry you were unamused. Song and dance has never been my forte. One characteristic of *nix is that there are generally many ways to accomplish a job. Added your recommendation under Alternatives on http://wiki.centos.org/HowTos/InstallFromUSBkey You are also free to contribute your article to the Wiki. http://wiki.centos.org/HowToContribute Phil ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] USB keys
m.r...@5-cent.us wrote on 04/23/2010 03:49 PM: Well, we wanted to put an install on a USB key. Neither I nor the other admin was amused by the singing and dancing that the wiki offers - and just *why* is it that syslinux is broken? Sorry you were unamused. Song and dance has never been my forte. One characteristic of *nix is that there are generally many ways to accomplish a job. Added your recommendation under Alternatives on http://wiki.centos.org/HowTos/InstallFromUSBkey You are also free to contribute your article to the Wiki. http://wiki.centos.org/HowToContribute Wasn't really an article, just an FYI. I'd still like to know why syslinux is broken mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [Fwd: Re: iptables]
On Friday 23 April 2010 15:20, cahit Eyigünlü wrote: how or why i have redesigned it to this and it seems like worked : See big problems in your future. :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] Anyone with a little bit of security awareness would never set the default policy to ACCEPT and the reason is below. You would think RH would know better. -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -i eth0 -j ACCEPT With this rule above you just opened up you complete system to what ever it is connected to. That is why it is working. I am hoping this box doesn't have Internet access. -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8443 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT /etc/sysconfig/iptables 40L, 1617C Even if you didn't have the line with '-i eth0 -j ACCEPT' you system was still open to everyone because at this point if none of the rules apply and the firewall falls back to the policy setting to decide what to do with a packet. Since all your policies are set to ACCEPT the packet is accepted and the hacker is in. For this reason one would think RH would do a little more and set the default policies to DROP. It is so easy to miss the reject or drop statements at the end and the policy would catch them for you. I know some will argue that RH did what they needed to do, but they could go that extra step don't you think. -- Regards Robert Linux User #296285 http://counter.li.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iptables
Have a look at shorewall (google it) for the best thing I've ever seen for managing a Linux firewall 2010/4/23 cahit Eyigünlü cahit.eyigu...@gmail.com: how could i add / remove iptable rules on cet os 5.4 final for tcp / udp base on ports ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- “Don't eat anything you've ever seen advertised on TV” - Michael Pollan, author of In Defense of Food ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iptables
On Fri, 23 Apr 2010, Alan McKay wrote: Have a look at shorewall (google it) for the best thing I've ever seen for managing a Linux firewall +1 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iptables
On Fri, 2010-04-23 at 18:16 -0400, Alan McKay wrote: Have a look at shorewall (google it) for the best thing I've ever seen for managing a Linux firewall I agree about Shorewall. I've been using it for several years, and it does take a lot of the pain out of managing iptables. That being said, I will add my voice to the others on this list that point out that the OP's mods to /etc/sysconfig/iptables are very dangerous, and indicate a lack of understanding of how iptables and network security actually operate. Some study of basic principles and best practices is essential to managing a firewall configuration, regardless of the tool that is used. My $0.02 (US) worth for today. 2010/4/23 cahit Eyigünlü cahit.eyigu...@gmail.com: how could i add / remove iptable rules on cet os 5.4 final for tcp / udp base on ports -- Ron Loftin relof...@twcny.rr.com God, root, what is difference ? Piter from UserFriendly ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iptables
Wow i see it is very cool, and now i am starting to use it also :) +1 from me too :) thanks to every body for all help 2010/4/24 Ron Loftin relof...@twcny.rr.com On Fri, 2010-04-23 at 18:16 -0400, Alan McKay wrote: Have a look at shorewall (google it) for the best thing I've ever seen for managing a Linux firewall I agree about Shorewall. I've been using it for several years, and it does take a lot of the pain out of managing iptables. That being said, I will add my voice to the others on this list that point out that the OP's mods to /etc/sysconfig/iptables are very dangerous, and indicate a lack of understanding of how iptables and network security actually operate. Some study of basic principles and best practices is essential to managing a firewall configuration, regardless of the tool that is used. My $0.02 (US) worth for today. 2010/4/23 cahit Eyigünlü cahit.eyigu...@gmail.com: how could i add / remove iptable rules on cet os 5.4 final for tcp / udp base on ports -- Ron Loftin relof...@twcny.rr.com God, root, what is difference ? Piter from UserFriendly ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 6 Beta available for public download
On Fri, 2010-04-23 at 21:19 +0100, Lucian wrote: ... You should still be able to experience it a virtual machine; at least this is how I did it and it worked great. Maybe you should submit a bug report at redhat regarding your install issues. Works pretty well on VirtualBox 3.1.6 on CentOS 5.4 and Mac OS-X hosts. Problems with display resolution limited to 800x600 and can't get NFS client to mount shares. See the Forum topic on RHEL6 beta for more experiences: https://www.centos.org/modules/newbb/viewtopic.php?topic_id=25876forum=14 Phil ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos