[CentOS-docs] A new look for CentOS (was Re: Italian Translation Team)
After having a talk with Ralph on IRC, I changed a bit my original idea. I started thinking that before having a working centos italian istance on the website, it would be great to give a bit of vitality to the main CentOS website. The point now is: which kind of software should the main website use if the decision would be to give it a new look. Well, IMHO the best solution at the moment would be to use drupal, it's easy to use and it has anything needed to make a website rocking. (I've also been using it for a while and I can tell drupal is a great CMS software) The second point would be to setup a test istance with a CMS software on it to start working on the new website. (unfortunately i don't have any machine or host handy to run it) I can spend some of my time working on it together with Ralph and anyone else willing to help out. It will take time but when finished will definitely give a *new* look to the CentOS website. Count on me for everything you might need Ralph. Andrea P.S Ralph you did *not* keep your word. I was waiting a message from you yesterday night :) ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-virt] Resizing EXT3 partition in guest instance CentOS5
Yes, it will, works all the time with me but using SysrescueCD. But don't forget to backup your data before the resizing, any operation with disk partitions may lost data. 2011/1/26 Poh Yong Hwang yong...@gmail.com Hi, I have two guest vm instance running CentOS 5 with ext3 partition. I will like to reduce 1 VM harddisk space and using the 'release' harddisk space to add onto my second VM. Basically I need to know how can I reduce and increase an ext3 partition in CentOS KVM. I did a search and basically i can do it by booting the VM using Knoppix and use Gparted to reduce and increase the diskspace. I am thinking of the following 1) Boot first VM using Knoppix 2) Reduce the ext3 partition disk size using Gparted 3) Shutdown the VM and resize the diskspace using Virtual Manager 4) Increae the diskspace of the second VM using Virtual Manager 5) Boot up second VM using Knoppix 6) Increase the ext3 partition disk size using Gparted 7) Reboot the second VM As this is the first time i am doing it, will these work? Anyone has experience resiziing their EXT3 partition in KVM environment before? Thanks! Regards yongsan ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt -- Lucas Timm, Goiânia/GO. http://timmerman.wordpress.com (62) 8198-0867 ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Resizing EXT3 partition in guest instance CentOS5
Poh Yong Hwang ha scritto: Hi, I have two guest vm instance running CentOS 5 with ext3 partition. I will like to reduce 1 VM harddisk space and using the 'release' harddisk space to add onto my second VM. Basically I need to know how can I reduce and increase an ext3 partition in CentOS KVM. I did a search and basically i can do it by booting the VM using Knoppix and use Gparted to reduce and increase the diskspace. I am thinking of the following 1) Boot first VM using Knoppix 2) Reduce the ext3 partition disk size using Gparted 3) Shutdown the VM and resize the diskspace using Virtual Manager 4) Increae the diskspace of the second VM using Virtual Manager 5) Boot up second VM using Knoppix 6) Increase the ext3 partition disk size using Gparted 7) Reboot the second VM As this is the first time i am doing it, will these work? Anyone has experience resiziing their EXT3 partition in KVM environment before? Thanks! Regards yongsan I guess it would work, but just in case remember: do backup beforehand :D Regards Lorenzo ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Resizing EXT3 partition in guest instance CentOS5
Hi, Great! Thanks for the quick response. I will try it out then. Yes. I do have backup for the host as well as the guest nodes. :) Regards yongsan On Wed, Jan 26, 2011 at 6:43 PM, Lorenzo Quatrini lorenzo.quatr...@gmail.com wrote: Poh Yong Hwang ha scritto: Hi, I have two guest vm instance running CentOS 5 with ext3 partition. I will like to reduce 1 VM harddisk space and using the 'release' harddisk space to add onto my second VM. Basically I need to know how can I reduce and increase an ext3 partition in CentOS KVM. I did a search and basically i can do it by booting the VM using Knoppix and use Gparted to reduce and increase the diskspace. I am thinking of the following 1) Boot first VM using Knoppix 2) Reduce the ext3 partition disk size using Gparted 3) Shutdown the VM and resize the diskspace using Virtual Manager 4) Increae the diskspace of the second VM using Virtual Manager 5) Boot up second VM using Knoppix 6) Increase the ext3 partition disk size using Gparted 7) Reboot the second VM As this is the first time i am doing it, will these work? Anyone has experience resiziing their EXT3 partition in KVM environment before? Thanks! Regards yongsan I guess it would work, but just in case remember: do backup beforehand :D Regards Lorenzo ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] cluster of virtual machines using libvirt/kvm + Gluster
I gave up to use gluster as storage, now using gfs2+storage everything is working fine... now a question came up, after alter /etc/cluster/cluster.conf, what services need I to reload/restart after add a new vm resource? Thanks - - iarlyy selbir :wq! On Wed, Jan 19, 2011 at 9:49 PM, Dennis Jacobfeuerborn denni...@conversis.de wrote: On 01/19/2011 05:48 PM, compdoc wrote: I once tried moving my qcow2 VM guest files to a zfs-fuse volume, and the VMs refused to boot after. They only ran while on ext3 or ext4. I saw something similar when I put some images on an NTFS volume. This worked under Fedora 11 but when I switched to Fedora 14 the virt-manager refused to read the images. In the end I copied them onto the root ext4 system and then everything was fine. Regards, Dennis ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-es] nagios en centos
Hola Linuxero, en el archivo de configuración que utilices para matricular los hosts a monitorear (puede ser el que viene por default localhost.cfg, coloca una directiva para cada uno de ellos que contenga lo siguiente: notification_optionsd,r Lo anterior le dice a Nagios que cuando el equipo este down d o se recupere (Recovery) r envie notificaciones, si quieres warning agrega seguido de una coma ( , ) w. En el archivo de configuración para los contactos contacts.cfg debes colocar la siguiente directiva: host_notification_options d,r d de down y r de recovery. Saludos. Carlos R. El 25 de enero de 2011 07:49, el linuxero linuxerodep...@hotmail.comescribió: buenos dias, tego instalado nagios en centos ¿saben como desasctivar en el nagios la opcion para que monitoree servicios solo quiero que me muestre el estado de equipos(up o down)? gracias. ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Carlos Restrepo M. Administrador de Sistemas Profesional Linux LPI 101 - 102 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS] how to unmount an NFS share when the NFS server is unavailable?
Hi All, How do I unmount an NFS share when the NFS server is unaivalable? I tried umount /bck but it hangs indefinitely umount -f /bck tells me the mount if busy and I can't unmount it: root@saturn:[~]$ umount -f /bck umount2: Device or resource busy umount: /bck: device is busy umount2: Device or resource busy umount: /bck: device is busy This non-working NFS share is causing problems on the server and I need to unmount it until such a time when the NFS server (faulty NAS) is repaired. -- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog: http://Blog.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to unmount an NFS share when the NFS server is unavailable?
Hi, On 1/26/11 5:23 PM, Rudi Ahlers wrote: Hi All, How do I unmount an NFS share when the NFS server is unaivalable? I tried umount /bck but it hangs indefinitely umount -f /bck tells me the mount if busy and I can't unmount it: Try: umount -f -l /bck HTH, -- - Edwin - mailto:ml2ed...@gmail.com “Happy is the man that has found wisdom ...”—Proverbs 3:13 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to unmount an NFS share when the NFS server is unavailable?
On Wed, Jan 26, 2011 at 10:32 AM, Edo ml2ed...@gmail.com wrote: Hi, On 1/26/11 5:23 PM, Rudi Ahlers wrote: Hi All, How do I unmount an NFS share when the NFS server is unaivalable? I tried umount /bck but it hangs indefinitely umount -f /bck tells me the mount if busy and I can't unmount it: Try: umount -f -l /bck HTH, -- Thanx, that worked :) How does one mount an NFS share, to avoid system timeouts when the remove NFS server is offline? -- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog: http://Blog.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Basic Permissions Questions
Hi List :) So, I have a folder1, its owner is user1 who has r+w on the folder. User2 is the group owner who only has read access (when I say user2, I mean the group called user2, because when you make a new user the OS can make them their own group). You can see these permissions below: [user2@host test]$ ls -l drw-r- 3 user1user2 28 Nov 2 16:17 folder1 How ever user2 can not 'cd' into this directory, and gets the following out put form 'ls -l folder1' [user2@host test]$ ls -l folder1/ total 0 ?- ? ? ? ?? sub-folder And the sub-folder name is written in white text flashing on a red background. So, it seems to me that there is some permissions problems here. What permissions are required on the group settings to allow a group user to browser folder1 and its sub folders and read the files in side if it isn't 'r' ? **Note: I have used sudo to replicate permissions through the directy structure: [user2@host test]$ sudo ls -l folder1/ drw-r- 2 user1 user2 4096 Jan 24 06:49 sub-folder -- Regards, James. http://www.jamesbensley.co.cc/ There are 10 kinds of people in the world; Those who understand Vigesimal, and J others...? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Basic Permissions Questions
Hi :) On Wed, Jan 26, 2011 at 11:12 AM, James Bensley jwbens...@gmail.com wrote: Hi List :) So, I have a folder1, its owner is user1 who has r+w on the folder. User2 is the group owner who only has read access (when I say user2, I mean the group called user2, because when you make a new user the OS can make them their own group). You can see these permissions below: [user2@host test]$ ls -l drw-r- 3 user1 user2 28 Nov 2 16:17 folder1 How ever user2 can not 'cd' into this directory, and gets the following out put form 'ls -l folder1' [user2@host test]$ ls -l folder1/ total 0 ?- ? ? ? ? ? sub-folder And the sub-folder name is written in white text flashing on a red background. So, it seems to me that there is some permissions problems here. What permissions are required on the group settings to allow a group user to browser folder1 and its sub folders and read the files in side if it isn't 'r' ? **Note: I have used sudo to replicate permissions through the directy structure: [user2@host test]$ sudo ls -l folder1/ drw-r- 2 user1 user2 4096 Jan 24 06:49 sub-folder Directories should have +x permissions. Do a: chmod0750/directory And see what happens. HTH Rafa ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Basic Permissions Questions
On 26 January 2011 10:17, Rafa Griman rafagri...@gmail.com wrote: Directories should have +x permissions. Do a: chmod 0750 /directory And see what happens. Hi Rafa, like a fool I sent that email and then worked this out shortly after :) Still, if I hadn't your response was quick so I wouldn't have been waiting long. This leads me onto a new question though; If user1 writes a file in folder1 will user2 be made the default group owner, is there a way of enforcing this and with the required privileges (r for files, rx for directories?). User1 accesses folder1 over smb so I could set up a create mask but other folders accessed by users1 not via smb (ssh, rsync etc) I still want user2 to have read only access. Can you implement smb style create masks at a file system level? -- Regards, James. http://www.jamesbensley.co.cc/ There are 10 kinds of people in the world; Those who understand Vigesimal, and J others...? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to unmount an NFS share when the NFS server is unavailable?
Rudi Ahlers ha scritto: On Wed, Jan 26, 2011 at 10:32 AM, Edo ml2ed...@gmail.com wrote: How does one mount an NFS share, to avoid system timeouts when the remove NFS server is offline? I would use a different approach: use autofs, then the share is mounted on the fly only when needed, and unmounted after a while of not using it anymore. Is this fine with your environment? Regards Lorenzo ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Basic Permissions Questions
Hi :) On Wed, Jan 26, 2011 at 11:31 AM, James Bensley jwbens...@gmail.com wrote: On 26 January 2011 10:17, Rafa Griman rafagri...@gmail.com wrote: Directories should have +x permissions. Do a: chmod 0750 /directory And see what happens. Hi Rafa, like a fool I sent that email and then worked this out shortly after :) I'm glad you worked it out ;) Still, if I hadn't your response was quick so I wouldn't have been waiting long. This leads me onto a new question though; If user1 writes a file in folder1 will user2 be made the default group owner, is there a way of enforcing this and with the required privileges (r for files, rx for directories?). Ownership doesn't change just by creating files. Ownership of a file is set to the user that creates that file, no matter where the file is. Obviously, root can change file ownership ... so treat him well ;) In any case, try it out yourself. Create the files and see what happens ;) User1 accesses folder1 over smb so I could set up a create mask but other folders accessed by users1 not via smb (ssh, rsync etc) I still want user2 to have read only access. Can you implement smb style create masks at a file system level? Samba is a different story (but related), you can create masks, set default permissions, ... I usually recommend O'Reilley's Samba book because it starts off with a very simple config and then complicates it little by little. HTH Rafa ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Basic Permissions Questions
Hi, On Jan 26, 2011, at 7:31 PM, James Bensley jwbens...@gmail.com wrote: On 26 January 2011 10:17, Rafa Griman rafagri...@gmail.com wrote: Directories should have +x permissions. Do a: chmod0750/directory And see what happens. Hi Rafa, like a fool I sent that email and then worked this out shortly after :) Still, if I hadn't your response was quick so I wouldn't have been waiting long. This leads me onto a new question though; If user1 writes a file in folder1 will user2 be made the default group owner, is there a way of enforcing this and with the required privileges (r for files, rx for directories?). Yes. If user1 belongs to the user2 group, that’s how it should [already] work. User1 accesses folder1 over smb so I could set up a create mask but other folders accessed by users1 not via smb (ssh, rsync etc) I still want user2 to have read only access. Can you implement smb style create masks at a file system level? man acl Maybe that’s what you are looking for. HTH, -- - Edwin - mailto:ml2ed...@gmail.com “The wise are the ones that treasure up knowledge, but the mouth of the foolish one is near to ruin itself.”―Proverbs 10:14 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to unmount an NFS share when the NFS server is unavailable?
Hi, On Jan 26, 2011, at 5:50 PM, Rudi Ahlers r...@softdux.com wrote: On Wed, Jan 26, 2011 at 10:32 AM, Edo ml2ed...@gmail.com wrote: Hi, On 1/26/11 5:23 PM, Rudi Ahlers wrote: Hi All, How do I unmount an NFS share when the NFS server is unaivalable? I tried umount /bck but it hangs indefinitely umount -f /bck tells me the mount if busy and I can't unmount it: Try: umount -f -l /bck HTH, -- Thanx, that worked :) How does one mount an NFS share, to avoid system timeouts when the remove NFS server is offline? Mount? Or unmount? If unmount, then, just create a simple script that will ping the server and then run the above command if it doesn’t respond. HTH, -- - Edwin - mailto:ml2ed...@gmail.com “The generous soul will itself be made fat, and the one freely watering [others] will himself also be freely watered.”―Proverbs 11:25 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to unmount an NFS share when the NFS server is unavailable?
On Wed, Jan 26, 2011 at 12:41 PM, Lorenzo Quatrini lorenzo.quatr...@gmail.com wrote: Rudi Ahlers ha scritto: On Wed, Jan 26, 2011 at 10:32 AM, Edo ml2ed...@gmail.com wrote: How does one mount an NFS share, to avoid system timeouts when the remove NFS server is offline? I would use a different approach: use autofs, then the share is mounted on the fly only when needed, and unmounted after a while of not using it anymore. Is this fine with your environment? That won't really work. The NFS clients run cPanel and we need a way for end-users to have full access to their backups all the time. We used to run backup over FTP, but then when a client wanted to restore data one of the techs first had to download it from the backup server and then let the client restore it. So I'm trying to cut down on unnecessary support tasks. -- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog: http://Blog.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Recommendation for a Linux alternative to Centos - ATH9K disaster
On Wed, 2011-01-26 at 18:44 +1100, Les Bell wrote: Paul, if you want a basic explanation of the rationale behind the Linux Filesystem Hierarchy Standard, you might enjoy this article from a course I wrote years ago - it's a little dated, but still applicable today. http://www.lesbell.com.au/Home.nsf/web/What+Goes+Where+on+a+Linux+System?OpenDocument Thanks Les. Am reading it now. Although one does learn a lot by experimentation and intuition, there are always elements one misses which are essential to a good understanding of the subject. -- With best regards, Paul. England, EU. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Basic Permissions Questions
Edo ml2ed...@gmail.com wrote: If user1 writes a file in folder1 will user2 be made the default group owner, is there a way of enforcing this and with the required privileges (r for files, rx for directories?). Yes. If user1 belongs to the user2 group, that’s how it should [already] work. The problem here is the RH User Private Group scheme, which means that user1 is only a member of the group user1 and user2 is only a member of the group user2. So their group memberships, by default, don't intersect and user2's only access to user1's files is by virtue of the other/world permissions, which depend upon the umask (but don't give access, by default). I've written this up (again, for a course I wrote some years ago, but it's still mostly relevant) at http://www.lesbell.com.au/Home.nsf/web/Controlling+Access+to+Files?OpenDocument - see the section near the bottom entitled Red Hat's User Private Group Philosophy which explains how it should be used (the secret is to make the user administrator of their own group with gpasswd -A). The RH approach, imho, is better than a global group, users, as found on other distros, because there's no real difference between users and world. One easy way to allow shared access - and this will work over Samba - is to create a group for the users, e.g. accounts and make the various users members of that group (as a secondary group). Then create a shared directory for them, chown it to be owned by the group (e.g. chown me:accounts /home/accounts) and then set the SGID bit on the directory (chmod 2777 /home/accounts). Now, whenever anybody creates a file in that directory, it will be owned by that user and the shared group accounts, rather than the primary group of the creator. See the section in that article on Permissions on directories. I actually haven't tested that approach with SELinux, but I can't see that it would interfere. Best, --- Les Bell [http://www.lesbell.com.au] Tel: +61 2 9451 1144 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to unmount an NFS share when the NFS server is unavailable?
On Wed, 26 Jan 2011, Rudi Ahlers wrote: That won't really work. The NFS clients run cPanel and we need a way for end-users to have full access to their backups all the time. We used to run backup over FTP, but then when a client wanted to restore data one of the techs first had to download it from the backup server and then let the client restore it. So I'm trying to cut down on unnecessary support tasks. Double check that autofs isn't what you want, as I suspect you're wrong in discounting it. With autofs, a user is free to access files in a currently unmounted nfs path, as autofs will mount it dynamically as required. But it generally copes a lot better than just static NFS mounts. jh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to unmount an NFS share when the NFS server is unavailable?
On 1/26/11 5:35 AM, Rudi Ahlers wrote: On Wed, Jan 26, 2011 at 12:41 PM, Lorenzo Quatrini lorenzo.quatr...@gmail.com wrote: Rudi Ahlers ha scritto: On Wed, Jan 26, 2011 at 10:32 AM, Edoml2ed...@gmail.com wrote: How does one mount an NFS share, to avoid system timeouts when the remove NFS server is offline? I would use a different approach: use autofs, then the share is mounted on the fly only when needed, and unmounted after a while of not using it anymore. Is this fine with your environment? That won't really work. The NFS clients run cPanel and we need a way for end-users to have full access to their backups all the time. We used to run backup over FTP, but then when a client wanted to restore data one of the techs first had to download it from the backup server and then let the client restore it. So I'm trying to cut down on unnecessary support tasks. I don't see why the automounter wouldn't work for this, but you can mount with the soft,bg options to keep from hanging. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Basic Permissions Questions
On 01/26/2011 04:31 AM, James Bensley wrote: On 26 January 2011 10:17, Rafa Grimanrafagri...@gmail.com wrote: Directories should have +x permissions. Do a: chmod0750/directory And see what happens. Hi Rafa, like a fool I sent that email and then worked this out shortly after :) Still, if I hadn't your response was quick so I wouldn't have been waiting long. This leads me onto a new question though; If user1 writes a file in folder1 will user2 be made the default group owner, is there a way of enforcing this and with the required privileges (r for files, rx for directories?). Setting the SETGID bit on the directory (chmod g+s folder1) will cause the GID of that directory to propagate to newly created files and directories therein. -- Bob Nichols NOSPAM is really part of my email address. Do NOT delete it. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to unmount an NFS share when the NFS server is unavailable?
On Wed, 26 Jan 2011, Les Mikesell wrote: That won't really work. The NFS clients run cPanel and we need a way for end-users to have full access to their backups all the time. We used to run backup over FTP, but then when a client wanted to restore data one of the techs first had to download it from the backup server and then let the client restore it. So I'm trying to cut down on unnecessary support tasks. I don't see why the automounter wouldn't work for this, but you can mount with the soft,bg options to keep from hanging. You need to be completely sure that 100% of your apps know how to handle I/O errors before using soft mounts. Errors in hard-mounted NFS filesystems will produce hanging applications, which are admittedly a pain, but the apps will stop issuing i/o calls until the filesystem returns. An app can never be fooled into think a write or read operation succeeded when it didn't. Soft-mounted filesystems, however, return error codes that applications can (and most often do) ignore, resulting in all sorts file corruption. -- Paul Heinlein heinl...@madboa.com http://www.madboa.com/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to unmount an NFS share when the NFS server is unavailable?
On Wed, Jan 26, 2011 at 4:10 PM, Paul Heinlein heinl...@madboa.com wrote: On Wed, 26 Jan 2011, Les Mikesell wrote: That won't really work. The NFS clients run cPanel and we need a way for end-users to have full access to their backups all the time. We used to run backup over FTP, but then when a client wanted to restore data one of the techs first had to download it from the backup server and then let the client restore it. So I'm trying to cut down on unnecessary support tasks. I don't see why the automounter wouldn't work for this, but you can mount with the soft,bg options to keep from hanging. You need to be completely sure that 100% of your apps know how to handle I/O errors before using soft mounts. Errors in hard-mounted NFS filesystems will produce hanging applications, which are admittedly a pain, but the apps will stop issuing i/o calls until the filesystem returns. An app can never be fooled into think a write or read operation succeeded when it didn't. Soft-mounted filesystems, however, return error codes that applications can (and most often do) ignore, resulting in all sorts file corruption. -- Paul Heinlein heinl...@madboa.com http://www.madboa.com/ ___ the problem I'm getting is that the NFS mount is for backups only, so if it's off-line then no backups can be made, which I can live with for the time being while it's being brought online again. But, the problem I sit with is that other regular operations on the local disk hang so to say, untill I manually unmount the NFS mount. How do I get local operations to continue while the NFS mount if faulty, but not unmounted? -- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog: http://Blog.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] libsrtp package anywhere?
On Tue, 2011-01-25 at 17:07 -0500, Bob Beers wrote: It's your build environment that's the problem. They build for el5. Clean out your build root and recreate it and do a fresh .rpmmacros file. John Wrote: /home/ethan/rpmbuild/SRPMS/libsrtp-1.4.4-2.20101004cvs.el5.em2.src.rpm Wrote: /home/ethan/rpmbuild/RPMS/x86_64/libsrtp-1.4.4-2.20101004cvs.el5.em2.x86_64.rpm Wrote: /home/ethan/rpmbuild/RPMS/x86_64/libsrtp-devel-1.4.4-2.20101004cvs.el5.em2.x86_64.rpm Wrote: /home/ethan/rpmbuild/RPMS/x86_64/libsrtp-debuginfo-1.4.4-2.20101004cvs.el5.em2.x86_64.rpm ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Basic Permissions Questions
Thanks to all for your replies; the ability to set the group ID (SGID) was the solution I needed, thanks very much guys :D -- Regards, James. http://www.jamesbensley.co.cc/ There are 10 kinds of people in the world; Those who understand Vigesimal, and J others...? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Recommendation for a Linux alternative to Centos - ATH9K disaster
On Wed, Jan 26, 2011 at 1:01 AM, Always Learning cen...@g7.u22.net wrote: [...] .fs # /bin/bash find /data -iwholename *$1 find /ax -iwholename *$1 find /bx -iwholename *$1 find /cx -iwholename *$1 Obviously with the chmod +x. The last one makes searching times much faster when seeking non-operating system files. [...] Paul. England, EU. You may not be aware of the locate command? Nightly there is a job that runs (updatedb) that scans the disk and saves file locations. Locate searches this database instead of you have to do a 'find'. The only thing it won't get are files that were added since the last 'updatedb' run. You can run that whenever you want to update the db, or use find in those cases. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Recommendation for a Linux alternative to Centos - ATH9K disaster
On Tue, Jan 25, 2011 at 10:55 PM, Always Learning cen...@g7.u22.net wrote: On Tue, 2011-01-25 at 14:25 -0800, Benjamin Smith wrote: On Tuesday, January 25, 2011 11:20:34 am Always Learning wrote: Then one day a big bad wolf called Oracle of very expensive Oracle SQL fame swallowed Red Hat, like they swallowed MySQL, Solaris, Open Office and Visual Box. The long term future for these is uncertain. Whaaa...? Facts would seem otherwise Here's an article from just a few months ago! http://www.glgroup.com/News/Oracle-to-Red-Hat--Its-Not-Your-Fathers-Linux- Market-Anymore-51058.html Thank you. Happily I got the 'swallowed Red Hat' wrong. Sadly the long term future for Red Hat, MySQL, Open Office and Visual Box is certainly uncertain. I've seen the changes in the computer world first-hand for 43 years staring when there were no screens, no keyboards and no disks although one installation, a KDF9, did have a magnetic drum. Everything changes. Computer companies and software change, evolve and then eventually disappear. It's 'computer evolution'. [...] Paul. England, EU. Why does Redhat keep getting thrown into the mix with MySQL, OO.org etc...? It's already been said here that Oracle did not buy and doesn't own anything related to Redhat. Oracle may have relaunched a competitor to Redhat Linux (they had to relaunch because, frankly, no one was using OHEL), but that's not the same at all as the situation with MySQL, OpenOffice, etc... They just don't belong in the same sentence. Oracle now owns Sun, which is the company that sponsored and ran those other projects. Oracle is now actively dismantling many of them. They've already killed a bunch, and the ones that seemed like they might be around for a while now also look somewhat shaky. Nothing is certain in any market, but Redhat is the 900lb gorilla in the Linux market, while Oracle has yet to make any significant inroads as an OS vendor. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] libsrtp package anywhere?
On Wed, 2011-01-26 at 09:38 -0500, JohnS wrote:
On Tue, 2011-01-25 at 17:07 -0500, Bob Beers wrote:
It's your build environment that's the problem. They build for el5.
Clean out your build root and recreate it and do a fresh .rpmmacros
file.
John
Wrote: /home/ethan/rpmbuild/SRPMS/libsrtp-1.4.4-2.20101004cvs.el5.em2.src.rpm
Wrote:
/home/ethan/rpmbuild/RPMS/x86_64/libsrtp-1.4.4-2.20101004cvs.el5.em2.x86_64.rpm
Wrote:
/home/ethan/rpmbuild/RPMS/x86_64/libsrtp-devel-1.4.4-2.20101004cvs.el5.em2.x86_64.rpm
Wrote:
/home/ethan/rpmbuild/RPMS/x86_64/libsrtp-debuginfo-1.4.4-2.20101004cvs.el5.em2.x86_64.rpm
Ahh well that want work for him. My build environment is way different.
You'll have to excuse me.
Magic rpm says this: Box stock CentOS...
[ethan@sylvies SPECS]$ rpm -q rpm
rpm-4.4.2.3-20.el5_5.1
So Bob needs:
[ethan@sylvies SPECS]$ diff -uNr libsrtp.spec.orig libsrtp.spec
--- libsrtp.spec.orig 2011-01-26 10:51:58.0 -0500
+++ libsrtp.spec2011-01-26 10:52:39.0 -0500
@@ -12,6 +12,9 @@
# cvs -d:pserver:anonym...@srtp.cvs.sourceforge.net:/cvsroot/srtp co -P
srtp
# tar cvfj srtp-1.4.4-20101004cvs.tar.bz2 srtp/
Source0: %{shortname}-%{version}-%{cvsver}.tar.bz2
+
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u}
-n)
+
# Pkgconfig goodness
Source1: libsrtp.pc
# Seriously. Who doesn't do shared libs these days?
The problem is RPM is trying to install into the main file system
whereas el5 rpm does not need an incantation like so.
John
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] libsrtp package anywhere?
On Wed, 2011-01-26 at 11:02 -0500, JohnS wrote: The problem is RPM is trying to install into the main file system whereas el5 rpm does not need an incantation like so. I mean el6 sorry.. John ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] libsrtp package anywhere?
On Wed, Jan 26, 2011 at 9:38 AM, JohnS jse...@gmail.com wrote:
Hi John,
Thanks for the response!
On Tue, 2011-01-25 at 17:07 -0500, Bob Beers wrote:
It's your build environment that's the problem. They build for el5.
Clean out your build root and recreate it and do a fresh .rpmmacros
file.
I'm trying to understand your instructions. I think my build environment
is not too bad. I build many other rpms from spec files. Most of those
spec files have a line exactly like or similar to:
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
but this libsrtp.spec file does not. So it appears that at the point where
DESTDIR is specified, the literal value '%{buildroot}' is used.
In my trace ... make install 'DESTDIR=%{buildroot}'
In yours ... make install
DESTDIR=/home/ethan/rpmbuild/BUILDROOT/libsrtp-1.4.4-2.20101004cvs.el5.em2.x86_64
BTW, here is fedoraproject info on BuildRoot:
[url]https://fedoraproject.org/wiki/EPEL/GuidelinesAndPolicies#BuildRoot_tag[/url]
I bet I can make it work by adding a BuildRoot: line to the spec file.
Where/how is %{buildroot} defined in your build environment?
Are you building on a CentOS/RHEL 5.X machine?
I have simplified my ~/.rpmmacros file to just these two lines:
$ cat ~/.rpmmacros
%_topdir/home/bbeers/redhat/
%_smp_mflags -j3
and I still get the same errors.
John
Wrote: /home/ethan/rpmbuild/SRPMS/libsrtp-1.4.4-2.20101004cvs.el5.em2.src.rpm
Wrote:
/home/ethan/rpmbuild/RPMS/x86_64/libsrtp-1.4.4-2.20101004cvs.el5.em2.x86_64.rpm
Wrote:
/home/ethan/rpmbuild/RPMS/x86_64/libsrtp-devel-1.4.4-2.20101004cvs.el5.em2.x86_64.rpm
Wrote:
/home/ethan/rpmbuild/RPMS/x86_64/libsrtp-debuginfo-1.4.4-2.20101004cvs.el5.em2.x86_64.rpm
Glad to see it worked in your environment.
--
Thanks,
-Bob Beers
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] libsrtp package anywhere?
LOL, looks like our messages crossed in the ether,
I applied a patch very similar to your suggestion:
$ diff -pub libsrtp.spec libsrtp.spec.el5
--- libsrtp.spec2010-12-06 11:13:59.0 -0500
+++ libsrtp.spec.el52011-01-26 11:11:45.0 -0500
@@ -18,6 +18,8 @@ Source1: libsrtp.pc
# And how does Chromium always manage to find these projects and use them?
Patch0:libsrtp-1.4.4-shared.patch
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+
%description
This package provides an implementation of the Secure Real-time
Transport Protocol (SRTP), the Universal Security Transform (UST), an
and got this result:
Wrote: /home/bbeers/redhat/SRPMS/libsrtp-1.4.4-1.20101004cvs.el5.src.rpm
Wrote: /home/bbeers/redhat/RPMS/i386/libsrtp-1.4.4-1.20101004cvs.el5.i386.rpm
Wrote:
/home/bbeers/redhat/RPMS/i386/libsrtp-devel-1.4.4-1.20101004cvs.el5.i386.rpm
Wrote:
/home/bbeers/redhat/RPMS/i386/libsrtp-debuginfo-1.4.4-1.20101004cvs.el5.i386.rpm
Only thing I can think still to tweak is perhaps adding '--target
i686' to my rpmbuild command.
Thanks again,
-Bob
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] libsrtp package anywhere?
On Wed, 2011-01-26 at 11:01 -0500, Bob Beers wrote:
DESTDIR=/home/ethan/rpmbuild/BUILDROOT/libsrtp-1.4.4-2.20101004cvs.el5.em2.x86_64
Yea that probally confuses you and a lot of people. Pay that no
mind. :-)
Where/how is %{buildroot} defined in your build environment?
Are you building on a CentOS/RHEL 5.X machine?
lol CentOS 5 RHEL5 EM2-5 They all produce the same binary results. As non-root.
I have a very different build environment than yours also.
I'll send to the build logs for a Box Stock CentOS 5 System.
John
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] pen drive, hard disk, cd not being detected
Among many messages that 'dmesg' displays, the following seems to indicate that something might be wrong: mtrr:type mismatch for c1fe,1 old:write-back new:write-combining I can't understand what does the above mean? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ethernet configuration
'/sbin/ifconfig -a' returns: lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU :16436 Metric:1 RX packets:1489 errors:0 dropped:0 overruns:0 frame:0 TX packets:1489 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2499880 (2.3 MiB) TX bytes:2499880 (2.3 MiB) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] pen drive, hard disk, cd not being detected
The problem occurred after I downloaded and compiled the package for enabling wireless on the laptop from the site ' www.broadcom.com/support/802.11/linux_sta.php' which I got to know from the site 'wiki.centos.org/HowTos/Laptops/Wireless/Broadcom' ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Recommendation for a Linux alternative to Centos - ATH9K disaster
On Wed, Jan 26, 2011 at 05:37:48AM +, Always Learning wrote: On Wed, 2011-01-26 at 13:27 +0800, Christopher Chan wrote: Surely you mean stuff from the rising sun Illumos and OpenIndiana! Nope. Not convinced by what I read about them. Still have my unused Open Solaris disks from 2008.05 and my single CD of Red Hat Linux v.6 from 1999. :-) Well, FreeBSD is still free from corporate control and interference. jerry -- With best regards, Paul. England, EU. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] how to move forward/undo/revert/fix re: a failed CentOS 5.5 to SL 5.5 migration ...
For various reasons which seemingly fail the necessary/sufficient
tests with the benefit of hindsight, I attempted to migrate a shell
machine which is the beach front from which I work (not a production
server) from CentOS 5.5 to Scientific Linux 5.5 yesterday.
Karanbir is quoted on this list as having said something like:
All that you should need to do is install centos-release, remove
redhat-release rpms and just yum update the machine, which should
bring in all packages changed by CentOS ( since they will have a
slightly higher E-V-R ).
In other words, is there a get out of jail card based on Karanbir's
stanza which will return the machine to a consistent state without a
fresh install?
The results from the bad migration are below the sig.
The stanza used was from the SL mailing list, namely:
To be REALLY sure of a full conversion one might try:
yum reinstall $(rpm -qa --qf %{name}.%{arch} %{vendor} \n | \
grep -i centos | cut -d ' ' -f 1 | sort | uniq | grep -v kernel)
Need special handling for kernel and kernel-devel as you will get
messages about multiple versions being allowed, and cutting off the limb
on which you are standing is not recommended.
In short, I pray for the community's thoughts about how to proceed
with either going forward, reverting back to Centos 5.5 or even RHEL
5.5 without having to do a fresh install.
THANKS for your help.
kind regards/ldv
===
[root@shell work-2011-01-25-migrate-centos55-to-scientific-linux55]#
yum list installed | grep -i centos
geronimo-specs.i386 1.0-0.M2.2jpp.12.el5.centosinstalled
geronimo-specs-compat.i386 1.0-0.M2.2jpp.12.el5.centosinstalled
nss.i3863.12.8-1.el5.centosinstalled
nss-devel.i386 3.12.8-1.el5.centosinstalled
nss-tools.i386 3.12.8-1.el5.centosinstalled
[root@shell work-2011-01-25-migrate-centos55-to-scientific-linux55]#
BUT, more devils in the details are:
[root@shell SL-rpms]# rpm -ivh kernel*
warning: kernel-2.6.18-194.32.1.el5.i686.rpm: Header V3 DSA signature:
NOKEY, key ID 192a7d7d
Preparing...### [100%]
package kernel-headers-2.6.18-194.32.1.el5.i386 is already installed
package kernel-2.6.18-194.32.1.el5.i686 is already installed
package kernel-devel-2.6.18-194.32.1.el5.i686 is already installed
file /boot/.vmlinuz-2.6.18-194.32.1.el5.hmac from install of
kernel-2.6.18-194.32.1.el5.i686 conflicts with file from package
kernel-2.6.18-194.32.1.el5.i686
file /boot/System.map-2.6.18-194.32.1.el5 from install of
kernel-2.6.18-194.32.1.el5.i686 conflicts with file from package
kernel-2.6.18-194.32.1.el5.i686
file /boot/config-2.6.18-194.32.1.el5 from install of
kernel-2.6.18-194.32.1.el5.i686 conflicts with file from package
kernel-2.6.18-194.32.1.el5.i686
file /boot/symvers-2.6.18-194.32.1.el5.gz from install of
kernel-2.6.18-194.32.1.el5.i686 conflicts with file from package
kernel-2.6.18-194.32.1.el5.i686
file /boot/vmlinuz-2.6.18-194.32.1.el5 from install of
kernel-2.6.18-194.32.1.el5.i686 conflicts with file from package
kernel-2.6.18-194.32.1.el5.i686
file
/lib/modules/2.6.18-194.32.1.el5/kernel/arch/i386/crypto/aes-i586.ko
from install of kernel-2.6.18-194.32.1.el5.i686 conflicts with file
from package kernel-2.6.18-194.32.1.el5.i686
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] pen drive, hard disk, cd not being detected
On 01/26/11 8:53 AM, Ritika Garg wrote: The problem occurred you need to find a better email program for participating on lists. you posted 3 emails this morning none of which have a Referencers: header, or any quoted context, so they ended up unthreaded. now, my 'Centos folder has 35000 messages in it currently. I don't know many people who would spend the time to figure out what you're talking about unless they were on an hourly retainer. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] libsrtp package anywhere?
On Wed, Jan 26, 2011 at 11:04 AM, JohnS jse...@gmail.com wrote:
On Wed, 2011-01-26 at 11:02 -0500, JohnS wrote:
The problem is RPM is trying to install into the main file system
whereas el5 rpm does not need an incantation like so.
I mean el6 sorry..
John
Yep, that make sense.
For completeness, there is another mod to the spec file that is
required in the %install scriptlet.
patch file fc13-el5 attached.
So final process was:
$ rpm -ivh libsrtp-1.4.4-1.20101004cvs.fc13.src.rpm
patch libsrtp.spec libsrtp.spec.fc13-el5.patch
$ rpmbuild -ba libstrp.spec
$ rpmbuild --rebuild --target i686
~/redhat/SRPMS/libsrtp-1.4.4-1.20101004cvs.el5.src.rpm
Now I have rpms for i686 and i386 for el5. :-D
--
-Bob
--- libsrtp.spec 2010-12-06 11:13:59.0 -0500
+++ libsrtp.spec.el5 2011-01-26 11:22:42.0 -0500
@@ -18,6 +18,8 @@ Source1: libsrtp.pc
# And how does Chromium always manage to find these projects and use them?
Patch0: libsrtp-1.4.4-shared.patch
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+
%description
This package provides an implementation of the Secure Real-time
Transport Protocol (SRTP), the Universal Security Transform (UST), and
@@ -46,6 +48,7 @@ export CFLAGS=%{optflags} -fPIC
make %{?_smp_mflags}
%install
+rm -rf %{buildroot}
make install DESTDIR=%{buildroot}
find %{buildroot} -name '*.la' -exec rm -f {} ';'
pushd %{buildroot}%{_libdir}
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] libsrtp package anywhere?
On Wed, 2011-01-26 at 11:35 -0500, Bob Beers wrote:
On Wed, Jan 26, 2011 at 11:04 AM, JohnS jse...@gmail.com wrote:
+rm -rf %{buildroot}
Now I know you rebuild it more than one time instead of once.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] #!/bin/csh -v not work on CENTOS 5.5
mcclnx mcc mcclnx@... writes: We have several csh batch scripts using #!/bin/csh -v. It work fine, before Centos 5.5. After cenos 5.5, it will NOT execute and only list history. Anyone know why? Thanks. Actually, the script is executed: [dave@fraud ~/bin]# ./ctest.csh echo this is a test. this is a test. ls /tmp gconfd-dave keyring-ws5CGg mapping-dave plugtmpvirtual-dave.9xelPs gconfd-root keyring-WsDO9L mapping-root plugtmp-1 virtual-dave.d8jgGP chmod -R g+rx,o+rx Nelson/ cd cd Nelson/Chap02/ cd /share/dave/cng258/ The history is listed for some reason after the script (in the above example starting with the chmod). This appears to have been fixed with tcsh 6.17.00. The version of tcsh on CentOS is 6.14.00. Cheers, Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] libsrtp package anywhere?
On Wed, Jan 26, 2011 at 1:24 PM, JohnS jse...@gmail.com wrote:
On Wed, 2011-01-26 at 11:35 -0500, Bob Beers wrote:
On Wed, Jan 26, 2011 at 11:04 AM, JohnS jse...@gmail.com wrote:
+rm -rf %{buildroot}
Now I know you rebuild it more than one time instead of once.
Well, it is recommended in the same fedoraproject reference from
earlier in the thread, and I noticed I needed it when I tried to
'rpmbuild --rebuild ...' using my newly constructed el5.src.rpm.
So, another alternative to the spec file modification would be an
update of rpm and rpm-build packages, but I didn't see the 4.6
versions are in the vanilla repos.
-Bob
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ethernet configuration
'/sbin/ifconfig -a' returns: lo Link encap:Local Loopback Your system is not seeing your network cards. It is only seeing your loopback device. I opened system-administration-network-edit-hardware device, and deleted the mac address from the box, and pressed Probe. In less than 1 second it gave the correct mac address in the box. Probe is not the reason your system has no network. What else did you change? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] pen drive, hard disk, cd not being detected
and please switch off HTML, thanks! Kai ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to disable screen locking system-wide?
on 13:11 Fri 21 Jan, Michael Gliwinski (michael.gliwin...@henderson-group.com) wrote: On Thursday 20 Jan 2011 22:26:08 Bob Eastbrook wrote: On Wed, Jan 19, 2011 at 12:18 PM, m.r...@5-cent.us wrote: But the locked screensaver wants the *same* password that you log in with. I'm having trouble understanding the problem... or is it that many of the users *never* log out? Yes, users will sign onto a workstation, and then disappear somewhere in the building. They usually forget that they're logged on, which means the workstation is unusable by anyone else for several days. Restarting the X server is one solution, but it will kill any running jobs. I'm not sure about GNOME or if that's available in version currently shipped in CentOS but in KDE the screensaver allows you to switch user, i.e. leave the currently logged on user's session running and start a new one for another user. That seems like a better solution if possible, no? Or, so long as your graphics card doesn't kill console access, go old school: - Switch to console. - Log into console. - Launch X. The problem here is the hanging console session, which you should kill. Better: Institute a policy that abandoned desktop sessions are fair game to be killed. As with hot stoves and children, the lesson would be learned after a few experiences. Systems work should be handled remotely via ssh (or VNC), within screen session, or via cronjobs. Another useful feature would be to have an auto-logoff set after a certain amount of inactivity. This doesn't seem to be available within GNOME, so you'd probably have to homebrew it. -- Dr. Ed Morbius Chief Scientist Krell Power Systems Unlimited ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] #!/bin/csh -v not work on CENTOS 5.5
On 27/01/2011, at 7:27 AM, David G. Miller wrote: chmod -R g+rx,o+rx Nelson/ cd What is the result of 'cd' (a shell-internal command) in this version of tcsh? It is the same as in sh? The history is listed for some reason after the script (in the above example starting with the chmod). This appears to have been fixed with tcsh 6.17.00. The version of tcsh on CentOS is 6.14.00. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to unmount an NFS share when the NFS server is unavailable?
on 10:23 Wed 26 Jan, Rudi Ahlers (r...@softdux.com) wrote: Hi All, How do I unmount an NFS share when the NFS server is unaivalable? I tried umount /bck but it hangs indefinitely umount -f /bck tells me the mount if busy and I can't unmount it: root@saturn:[~]$ umount -f /bck umount2: Device or resource busy umount: /bck: device is busy umount2: Device or resource busy umount: /bck: device is busy This non-working NFS share is causing problems on the server and I need to unmount it until such a time when the NFS server (faulty NAS) is repaired. The specific solution is 'umount -fl dir|device'. The general solution's a little stickier. I'd suggest the automount route as well (you're only open to NFS issues while the filesystem is mounted), but you then have to maintain automount maps and run the risk of issues with the automounter (I've seen large production environments in which the OOM killer would arbitrarily select processes to kill ). Monitoring of client and server NFS processes helps. If it's the filer heads which are failing, and need warrants it, look into HA failover options. Soft mounts as mentioned won't hange processes, but may result in data loss. This is most critical in database operations (where atomicity is assumed and generally assured by the DBMS). If the issue is one of re-running a backup job, and you can get a clear failure, risk would be generally mitigated. -- Dr. Ed Morbius Chief Scientist Krell Power Systems Unlimited ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to unmount an NFS share when the NFS server is unavailable?
On 1/26/2011 4:55 PM, Dr. Ed Morbius wrote: The specific solution is 'umount -fldir|device'. The general solution's a little stickier. I'd suggest the automount route as well (you're only open to NFS issues while the filesystem is mounted), but you then have to maintain automount maps and run the risk of issues with the automounter (I've seen large production environments in which the OOM killer would arbitrarily select processes to kill ). Monitoring of client and server NFS processes helps. If it's the filer heads which are failing, and need warrants it, look into HA failover options. Soft mounts as mentioned won't hange processes, but may result in data loss. This is most critical in database operations (where atomicity is assumed and generally assured by the DBMS). If the issue is one of re-running a backup job, and you can get a clear failure, risk would be generally mitigated. Actually, since the original question involved access to backups, I should have given my usual answer which is that backuppc is the thing to use for backups and it provides a web interface for restores (you pick the historical version you want and either tell it to put it back to the original host or you can download a tarball through the browser). Very nice for self-serve access. It does want to map complete hosts to owners that have permission to access them but with a little work you make different areas of a shared system look like separate hosts. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Package updates for 5.4?
We're running a large cluster, and are leery of upgrading them all to 5.5, but would like to find the latest security patches. Is there a repo for this? I can't seem to find a 5.4 specific update repo with anything since last March. Is 5.4 EOL'd? Thanks, -- Mitch ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Package updates for 5.4?
On 01/26/11 5:35 PM, Mitch Patenaude wrote: We're running a large cluster, and are leery of upgrading them all to 5.5, but would like to find the latest security patches. Is there a repo for this? I can't seem to find a 5.4 specific update repo with anything since last March. Is 5.4 EOL'd? 5.6+latest *IS* the latest security updates for 5.anything. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Package updates for 5.4?
Can you tell us more about you cluster? Nodes? Purpose? I managed a small 90 node cluster for seismic work. Gene Sent from my iPhone On Jan 26, 2011, at 7:39 PM, John R Pierce pie...@hogranch.com wrote: On 01/26/11 5:35 PM, Mitch Patenaude wrote: We're running a large cluster, and are leery of upgrading them all to 5.5, but would like to find the latest security patches. Is there a repo for this? I can't seem to find a 5.4 specific update repo with anything since last March. Is 5.4 EOL'd? 5.6+latest *IS* the latest security updates for 5.anything. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Package updates for 5.4?
On Wed, Jan 26, 2011 at 5:42 PM, Gene bran...@bellsouth.net wrote: Can you tell us more about you cluster? Nodes? Purpose? I managed a small 90 node cluster for seismic work. 300+ nodes total, 200 in a hadoop cluster used for mapreduce, the rest in a variety of headless datacenter roles (web, mail, database, backup, etc.). They are somewhat sensitive to version updates, so I was hoping to find a way to find the security updates (patch level) without having to change versions. Upgrading to 5.6 would likely involve upgrading several core packages (mysql, ruby, python, bind, even glibc and the kernel). Is this a pipe dream? Thanks, -- Mitch ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Package updates for 5.4?
Our application vendors dictated version an patches. The system did what it was designed. That was its purpose in life. Sent from my iPhone On Jan 26, 2011, at 7:51 PM, Mitch Patenaude mi...@rapleaf.com wrote: On Wed, Jan 26, 2011 at 5:42 PM, Gene bran...@bellsouth.net wrote: Can you tell us more about you cluster? Nodes? Purpose? I managed a small 90 node cluster for seismic work. 300+ nodes total, 200 in a hadoop cluster used for mapreduce, the rest in a variety of headless datacenter roles (web, mail, database, backup, etc.). They are somewhat sensitive to version updates, so I was hoping to find a way to find the security updates (patch level) without having to change versions. Upgrading to 5.6 would likely involve upgrading several core packages (mysql, ruby, python, bind, even glibc and the kernel). Is this a pipe dream? Thanks, -- Mitch ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Help - Seeking recommendations-script to install on CENT OS web server for backup to Network Attached Storage
Hello: I wanted to know if anyone on the list can recommend one or more scripts to install on a CENT OS web server that allows you to back up the entire box to network attached storage? Many thanks, Steve Eisenberg steve.eisenb...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Package updates for 5.4?
On Wed, 26 Jan 2011 17:51:51 -0800 Mitch Patenaude mi...@rapleaf.com wrote: without having to change versions. Upgrading to 5.6 would likely involve upgrading several core packages (mysql, ruby, python, bind, even glibc and the kernel). Is this a pipe dream? Shouldn't be. I never think of point releases as separate versions and always upgrade (after installing on a test box to see everything still works as expected :) ). CentOS/upstream provider ensure that software in point releases are the same major versions. The point releases *are* the security updates. Sometimes upgraded packages are made available, as in the case of php, but the new version has a different package name. ie; the php package is 5.1, but the updated release's package name was php53 (or php52) and I think was only available through the Extras repo. -- Spiro Harvey Knossos Networks Ltd (04) 460-2531 : (021) 295-1923 www.knossos.net.nz signature.asc Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Package updates for 5.4?
On 01/26/11 5:51 PM, Mitch Patenaude wrote: On Wed, Jan 26, 2011 at 5:42 PM, Gene bran...@bellsouth.net mailto:bran...@bellsouth.net wrote: Can you tell us more about you cluster? Nodes? Purpose? I managed a small 90 node cluster for seismic work. 300+ nodes total, 200 in a hadoop cluster used for mapreduce, the rest in a variety of headless datacenter roles (web, mail, database, backup, etc.). They are somewhat sensitive to version updates, so I was hoping to find a way to find the security updates (patch level) without having to change versions. Upgrading to 5.6 would likely involve upgrading several core packages (mysql, ruby, python, bind, even glibc and the kernel). Is this a pipe dream? assuming the mysql, ruby, python, bind you are running are all the stock RHEL5/CentOS5 ones, the updates maintain the same x.y version as whatever was released with 5.0, the upstream vendor backports security fixes. the kernel is still 2.6.18, glibc is still 2.5, etc etc. 5.6 is not a new version, its just a snapshot of updates at that point in time. the version is 5. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Package updates for 5.4?
On 1/26/2011 8:35 PM, Mitch Patenaude wrote: We're running a large cluster, and are leery of upgrading them all to 5.5, but would like to find the latest security patches. Is there a repo for this? I can't seem to find a 5.4 specific update repo with anything since last March. Is 5.4 EOL'd? Thanks, -- Mitch ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos if its a cluster can you take one node offline..update to 5.6 and see if it bombs or not? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Recommendation for a Linux alternative to Centos - ATH9K disaster
On Wed, 2011-01-26 at 09:58 -0500, Brian Mathis wrote: You may not be aware of the locate command? Nightly there is a job that runs (updatedb) that scans the disk and saves file locations. Locate searches this database instead of you have to do a 'find'. The only thing it won't get are files that were added since the last 'updatedb' run. You can run that whenever you want to update the db, or use find in those cases. Thanks for the explanation. Now I know why locate never usually worked for me - it hadn't updated. find is fast, especially when I restrict the search paths. -- With best regards, Paul. England, EU. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Help - Seeking recommendations-script to install on CENT OS web server for backup to Network Attached Storage
On Wed, Jan 26, 2011 at 8:57 PM, Steve Eisenberg steve.eisenb...@gmail.com wrote: Hello: I wanted to know if anyone on the list can recommend one or more scripts to install on a CENT OS web server that allows you to back up the entire box to network attached storage? Many thanks, Steve Eisenberg steve.eisenb...@gmail.com Rsnapshot. Amanda, which is a client/server toolkit and smarter about database backups. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] SSH Automatic Log-on Failure - Centos 5.5
Hallo, I wanted to avoid typing-in my password every occasion I remotely logged-on to a server. I created my SSH keys and copied the public part to the server and renamed it authorized_keys. My command line is: ssh r...@xx.com -p 1234 The output shows the logging-on routine wants 3 types of authentication. Surely one successful authentication is sufficient ? OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to xx [123.123.123.123] port 1234. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: identity file /root/.ssh/id_rsa type 1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: loaded 3 keys debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3 debug1: match: OpenSSH_4.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.3 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server-client aes128-cbc hmac-md5 none debug1: kex: client-server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(102410248192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'xx' is known and matches the RSA host key. debug1: Found key in /root/.ssh/known_hosts:4 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-with-mic,password debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information Unknown code krb5 195 debug1: Unspecified GSS failure. Minor code may provide more information Unknown code krb5 195 debug1: Unspecified GSS failure. Minor code may provide more information Unknown code krb5 195 debug1: Next authentication method: publickey debug1: Trying private key: /root/.ssh/identity debug1: Offering public key: /root/.ssh/id_rsa debug1: Authentications that can continue: publickey,gssapi-with-mic,password debug1: Trying private key: /root/.ssh/id_dsa debug1: Next authentication method: password --- files in client /root/.ssh are:- -rw--- 1 root root 1675 Jan 27 03:11 id_rsa -rw-r--r-- 1 root root 403 Jan 27 03:11 id_rsa.pub -rw-r--r-- 1 root root 2022 Jan 27 03:07 known_hosts - server /root/.ssh id_rsa.authorized_keys -rw The only active lines in /etc/ssh/ssh_config are Host * GSSAPIAuthentication yes SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT SendEnv LC_IDENTIFICATION LC_ALL After commenting-out GSSAPIAuthentication yes in /etc/ssh/ssh_config the remainder of a new debug report is:- ... debug1: Authentications that can continue: publickey,gssapi-with-mic,password debug1: Next authentication method: publickey debug1: Trying private key: /root/.ssh/identity debug1: Offering public key: /root/.ssh/id_rsa debug1: Authentications that can continue: publickey,gssapi-with-mic,password debug1: Trying private key: /root/.ssh/id_dsa debug1: Next authentication method: password All advice most gratefully received. -- With best regards, Paul. England, EU. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to unmount an NFS share when the NFS server is unavailable?
On Thu, Jan 27, 2011 at 1:26 AM, Les Mikesell lesmikes...@gmail.com wrote: On 1/26/2011 4:55 PM, Dr. Ed Morbius wrote: The specific solution is 'umount -fldir|device'. The general solution's a little stickier. I'd suggest the automount route as well (you're only open to NFS issues while the filesystem is mounted), but you then have to maintain automount maps and run the risk of issues with the automounter (I've seen large production environments in which the OOM killer would arbitrarily select processes to kill ). Monitoring of client and server NFS processes helps. If it's the filer heads which are failing, and need warrants it, look into HA failover options. Soft mounts as mentioned won't hange processes, but may result in data loss. This is most critical in database operations (where atomicity is assumed and generally assured by the DBMS). If the issue is one of re-running a backup job, and you can get a clear failure, risk would be generally mitigated. Actually, since the original question involved access to backups, I should have given my usual answer which is that backuppc is the thing to use for backups and it provides a web interface for restores (you pick the historical version you want and either tell it to put it back to the original host or you can download a tarball through the browser). Very nice for self-serve access. It does want to map complete hosts to owners that have permission to access them but with a little work you make different areas of a shared system look like separate hosts. -- Les Mikesell lesmikes...@gmail.com ___ BackupPC doesn't intergrate into cPanel. -- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog: http://Blog.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH Automatic Log-on Failure - Centos 5.5
On Thu, Jan 27, 2011 at 12:15 PM, Always Learning cen...@g7.u22.net wrote: Hallo, I wanted to avoid typing-in my password every occasion I remotely logged-on to a server. you expect Passwordless SSH. If so, On your PC # ssh-keygen -t rsa ( passphrase should be empty ) Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: then, # cd /root/.ssh/ Pls scp id_rsa.pub to the Server # scp id_rsa.pub root@server:/root/.ssh/authorized_keys root@192.1.54.63 then, finally ssh to the server from your PC. it would be passwordless. pls see below # ssh server Pls try -- Thank you Indunil Jayasooriya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to unmount an NFS share when the NFS server is unavailable?
On 01/26/11 10:57 PM, Rudi Ahlers wrote: BackupPC doesn't intergrate into cPanel. cpanel is pure crap. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to unmount an NFS share when the NFS server is unavailable?
On Thu, Jan 27, 2011 at 9:05 AM, John R Pierce pie...@hogranch.com wrote: On 01/26/11 10:57 PM, Rudi Ahlers wrote: BackupPC doesn't intergrate into cPanel. cpanel is pure crap. And you are any better? -- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog: http://Blog.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH Automatic Log-on Failure - Centos 5.5
On 27/01/2011, at 7:45 PM, Always Learning wrote: Hallo, I wanted to avoid typing-in my password every occasion I remotely logged-on to a server. I created my SSH keys and copied the public part to the server and renamed it authorized_keys. - server /root/.ssh id_rsa.authorized_keys -rw Your ~/.ssh/authorized_keys needs to be readable by sshd, your permissions on it are too restrictive (typically, this should be 0644) Also, it should be named authorized_keys, not id_rsa.authorized_keys PS. Coming from a background in other distributions, I find it disturbing that Centos ships with allow_root_login defaulting to yes. If you really need this, ensure that you also restrict access from where people can log in, consider employing dynamic banning, and harden your sshd_config (which, oddly enough, you didn't post). PPS. When diagnosing such faults, it can be useful to run the sshd (ie. the server process) in debugging mode, although this would generally require the server to be temporarily disabled so it can be started in debugging mode. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH Automatic Log-on Failure - Centos 5.5
On Thu, Jan 27, 2011 at 2:03 AM, Indunil Jayasooriya induni...@gmail.com wrote: On Thu, Jan 27, 2011 at 12:15 PM, Always Learning cen...@g7.u22.net wrote: Hallo, I wanted to avoid typing-in my password every occasion I remotely logged-on to a server. you expect Passwordless SSH. If so, On your PC # ssh-keygen -t rsa ( passphrase should be empty ) NO!!! NO!!! NO!!! NO!!! I'm sorry, but this is a far too comon and very, very bad practice. You may as well tape a Post-It note with your password on it under your keyboard, because anyone who can get this un-passphrase protected key will be able to automatically log in as you. The normal approach is to investigate how to use ssh-agent to store your unlocked key in an active session, not use a passphrase-less key. The keychain utiliti is very handy for just this purpose, and it's available in the RPMforge repositories for RHEL 5 and CentOS 5. Far too many people say but you have to trust your own machine!!! and leave these passphrase-less keys lying around, and they're a popular vulnerability for crackers to steal if they can gain *any* access to your systems. It's particularly bad in environments that use NFS and allow local hosts to be run by local users: any such local admin can then su to become other users and access their private keys. Also, there's a stack of reasons that DSA is preferred to RSA for SSH keys these days. When you generate your private keys, use ssh-keygen -t dsa, not rsa. Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: then, # cd /root/.ssh/ Pls scp id_rsa.pub to the Server # scp id_rsa.pub root@server:/root/.ssh/authorized_keys Wrong again. Never use public key access for root accounts, it simply compounds the security risks. Passphrase protected SSH keys can be used, reasonably, for account access on other hosts, but should be avoided for root access. If you *HAVE* to use an SSH key for root, for example for rsync based backup operations, use rssh to restrict its operations or designate a permitted command associated with that key in the target's authorized_keys. then, finally ssh to the server from your PC. it would be passwordless. pls see below Sadly, this will *work*, but so does tying your car keys to your car door so you don't lose them. It's a security issue. Please, read the manual pages on ssh-agent which was designed and built into SSH deployments for just such use. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH Automatic Log-on Failure - Centos 5.5
On Thu, Jan 27, 2011 at 2:35 AM, Cameron Kerr came...@humbledown.org wrote: On 27/01/2011, at 7:45 PM, Always Learning wrote: Hallo, I wanted to avoid typing-in my password every occasion I remotely logged-on to a server. I created my SSH keys and copied the public part to the server and renamed it authorized_keys. - server /root/.ssh id_rsa.authorized_keys -rw Your ~/.ssh/authorized_keys needs to be readable by sshd, your permissions on it are too restrictive (typically, this should be 0644) No, 0600 is *fine* In fact that is the recommended permission from the man page for ssh. OpenSSH does a bit of UID and EUID manipulation to gain permissions to examine that file as the user whose login is being attempted, precisely to deal with NFS mounted home directories which do not allow root direct access to protected files. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH Automatic Log-on Failure - Centos 5.5
On Thu, Jan 27, 2011 at 2:46 AM, Nico Kadel-Garcia nka...@gmail.com wrote: On Thu, Jan 27, 2011 at 2:35 AM, Cameron Kerr came...@humbledown.org wrote: On 27/01/2011, at 7:45 PM, Always Learning wrote: Hallo, I wanted to avoid typing-in my password every occasion I remotely logged-on to a server. I created my SSH keys and copied the public part to the server and renamed it authorized_keys. - server /root/.ssh id_rsa.authorized_keys -rw Your ~/.ssh/authorized_keys needs to be readable by sshd, your permissions on it are too restrictive (typically, this should be 0644) No, 0600 is *fine* In fact that is the recommended permission from the man page for ssh. OpenSSH does a bit of UID and EUID manipulation to gain permissions to examine that file as the user whose login is being attempted, precisely to deal with NFS mounted home directories which do not allow root direct access to protected files. But, the name of the file with a copy of your public key should be $HOME/.ssh/authorized_keys. And the permissions of $HOME/.ssh should be 0700. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to unmount an NFS share when the NFS server is unavailable?
On Wed, 26 Jan 2011, Dr. Ed Morbius wrote: I'd suggest the automount route as well (you're only open to NFS issues while the filesystem is mounted), but you then have to maintain automount maps and run the risk of issues with the automounter (I've seen large production environments in which the OOM killer would arbitrarily select processes to kill ). Once you're into an OOM state, you're screwed anyway. Is turning off overcommit a sane option these days or not? jh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Recommendation for a Linux alternative to Centos - ATH9K disaster
On Thu, 27 Jan 2011, Always Learning wrote: Thanks for the explanation. Now I know why locate never usually worked for me - it hadn't updated. find is fast, especially when I restrict the search paths. But locate is faster still, in all but the smallest of cases. I'd only tend to use find if I had reason to think that changes had made the locate database invalid. locate with a regexp is plain good and fast. jh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH Automatic Log-on Failure - Centos 5.5
On Thu, 27 Jan 2011, Nico Kadel-Garcia wrote: Wrong again. Never use public key access for root accounts, it simply compounds the security risks. Passphrase protected SSH keys can be used, reasonably, for account access on other hosts, but should be avoided for root access. If you *HAVE* to use an SSH key for root, for example for rsync based backup operations, use rssh to restrict its operations or designate a permitted command associated with that key in the target's authorized_keys. Is this actually current doctrine for typical machines? I thought plenty of people advocated restricting ssh to AllowRoot without-password. What exactly is your security concern with having password protected key access to a machine's root account? I'll agree Using command= for things like rsync backups is definitely a good idea, as it means you can put ssh keys on machines that only grant them single command access. jh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
