date:20110630

Keith Keller wrote:
 On Thu, Jun 30, 2011 at 11:56:07AM +1200, Smithies, Russell wrote:
 This may be more of a general linux question but is there a simple way of 
 preventing users from creating symlinks to or from certain directories?
 I have a /scratch dir that's a single 27TB volume and I don't want users 
 linking their home dirs as there's a chance it will screw up our external 
 backups.
 
 Can't your backups simply ignore symlinks?  Or (more sensibly) backup
 the symlinks as links, instead of dereferencing them?
 
 Perhaps SELinux can do what you want, but it seems like overkill
 compared to telling the backup program what to backup (and what not).
 
+10
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Anyway to ensure SSH availability?

Robert Heller wrote:
 If the machine is a public-facing smtp server, I would look first to see
 if you are getting the problem I was having.  Maybe looking at the
 maillog to see if the volume of incoming mail is just overwhelming the
 system. In which case you need to do things to keep sendmail from
 running to many processes, either by throttling the connection rate and/or
 be using the accessdb to discard or reject connection from known problem
 networks. 
 

Very simple solution is to implement Reverse DNS check. My Postfix mail 
server refuses to accept any mail from FQDN without valid reverse DNS. I 
(was?) also use graylisting and few other measures, but Reverse DNS 
helped immensely in lowering SPAM that comes to my mailboxes. I would 
say that reduction is some 70-80%.

Ljubomir
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Anyway to ensure SSH availability?

Steve Barnes wrote:
 I'd be interested to hear thoughts on this. We have a small 1U test server 
 with 2 entry-level SATA drives that was brought to its knees twice this week 
 by an overzealous Java process. Load averages were up around 60+ and as a 
 result, SSH access would timeout. I don't know if this behaviour is typical 
 across operating systems, but it's frustrating to find yourself locked out a 
 server just because a single process went to town on the i/o subsystem.
 
that privileged SSH process should be spawned on RAM disk to avoid being 
caught up by I/O problems.

Another solution would be to have core root directory (no var/log's and 
similar) in RAM disk (either as cache or duplicated files) so important 
processes are independent from I/O problems.

Or maybe having that core root tree on separate HDD and separate HDD 
controller.

Ljubomir
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] centos 5.6 and intel MHD4500 graphics card

Hüvely Balázs wrote:
 
 I tried to manually edit the xorg.conf, but the result is the same blank 
 screen.
 
 I think that the problem is depending by the resolution.
 
 Any clue?

Have you tried with nomodeset option in grub's kernel options? It helped 
me with my older Intel graphics on RHEL 6 Beta.

Ljubomir
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Anyway to ensure SSH availability?

2011-06-30 Thread rainer

 Steve Barnes wrote:

[...]

 Or maybe having that core root tree on separate HDD and separate HDD
 controller.



Unfortunately, all this does not matter at all.
The problem is: sshd is swapped out and the system needs to swap-out
something else first, before it can take sshd back in.


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Anyway to ensure SSH availability?

2011-06-30 Thread Eero Volotinen

2011/6/30  rai...@ultra-secure.de:
 Steve Barnes wrote:

 [...]

 Or maybe having that core root tree on separate HDD and separate HDD
 controller.



 Unfortunately, all this does not matter at all.
 The problem is: sshd is swapped out and the system needs to swap-out
 something else first, before it can take sshd back in.

How about buying more memory and faster harddisks?

--
Eero
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Anyway to ensure SSH availability?

On 6/30/11, Devin Reade g...@gno.org wrote:
 I don't recall you mentioning which VM solution you're using.

KVM :)

 Some problematic areas that I've seen when using VMs:

 + memory ballooning sometimes causes problems (I've not actually seen
   it, but I've seen various warnings about having it enabled and
   resultant flakiness, and I run with it disabled)

This might be one of the problems, because I just realized while the
swap used is still pretty small at around 200MB, it's about 5x the
normal amount of about 40MB. But since I set an initial 1GB with an
upper limit of 1.5GB, I'll expect the amount of memory available to be
1.5GB at least when swap usage goes up. However, this isn't the case,
the ballooning doesn't seem to be happening so maybe that's part of
the problem: one of them just wanted to use a bit more memory for
whatsoever reasons but didn't get it and start hitting swap and the
i/o starts going crazy.


 + I/O stacks not doing TCP segment offload correctly.  This is an ugly
   one that bit me hard and took a while to track down.  It's happened in
   both ESXi and Xen (and I'm not saying that KVM isn't affected, either).

   The symptoms of this is things seem to be fine under low load, but as
   network traffic starts to increase TCP sessions start stalling out
   or dying.  I've seen it to the point where I can't even maintain an
   ssh session long enough to get a login prompt.

This might be possible but at the moment I'll consider it unlikely
since the problem don't usually happen during low load periods i.e.
not when the users are connecting to the email or app service during
working hours.

So I'll KIV this first and see if simply setting the max/current
memory without relying on ballooning works.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Anyway to ensure SSH availability?

On 6/30/11, rai...@ultra-secure.de rai...@ultra-secure.de wrote:
 Unfortunately, all this does not matter at all.
 The problem is: sshd is swapped out and the system needs to swap-out
 something else first, before it can take sshd back in.

There appears to be some functions available to programs to lock their
process pages in memory, mlock and mlockall. But I can't seem to find
a command line equivalent that might be able to keep sshd locked into
memory.

In any case, I've ionice and renice sshd and see if that would help.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Anyway to ensure SSH availability?

On 6/30/11, Simon Matter simon.mat...@invoca.ch wrote:
 Hm, I thought the problem was I/O, not memory? If memory is not the
 problem then it has nothing to do with swapping (more correctly paging).

After looking through the various replies here and rechecking whatever
logs I managed to get, it might in a way be related to swapping, not
on the host which I am trying to get into but the guest.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] centos 5.6 and intel MHD4500 graphics card

2011-06-30 Thread Hüvely Balázs

Hi.

I tried your advice, but still no luck.

my grub.conf: (menu.lst)
default=0
timeout=0
splashimage=(hd0,0)/boot/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-238.12.1.el5)
 root (hd0,0)
 kernel /boot/vmlinuz-2.6.18-238.12.1.el5 ro root=LABEL=/ nomodeset
 initrd /boot/initrd-2.6.18-238.12.1.el5.img

I erased the rhgb and quite flag.

The screen blank again. I write a xorg.conf, which seems to be ok, the 
resolution is 1360x768 for a 15,6 display. I think this is the max and 
correct.

Bye

2011.06.30. 10:56 keltezéssel, Ljubomir Ljubojevic írta:
 Hüvely Balázs wrote:
 I tried to manually edit the xorg.conf, but the result is the same blank
 screen.

 I think that the problem is depending by the resolution.

 Any clue?
 Have you tried with nomodeset option in grub's kernel options? It helped
 me with my older Intel graphics on RHEL 6 Beta.

 Ljubomir
 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] raid1: solve smart error

2011-06-30 Thread Helmut Drodofsky

In a server with raid1 a  first smart error was reported. 
 
Smart attributes:
SMART Attributes Data Structure revision number: 16
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME  FLAG VALUE WORST THRESH TYPE  UPDATED  
WHEN_FAILED RAW_VALUE
  1 Raw_Read_Error_Rate 0x000f   200   200   051Pre-fail  Always   
-   0
  3 Spin_Up_Time0x0003   185   183   021Pre-fail  Always   
-   7750
  4 Start_Stop_Count0x0032   100   100   000Old_age   Always   
-   20
  5 Reallocated_Sector_Ct   0x0033   200   200   140Pre-fail  Always   
-   0
  7 Seek_Error_Rate 0x000e   200   200   000Old_age   Always   
-   0
  9 Power_On_Hours  0x0032   075   075   000Old_age   Always   
-   18868
 10 Spin_Retry_Count0x0012   100   253   000Old_age   Always   
-   0
 11 Calibration_Retry_Count 0x0012   100   253   000Old_age   Always   
-   0
 12 Power_Cycle_Count   0x0032   100   100   000Old_age   Always   
-   18
192 Power-Off_Retract_Count 0x0032   200   200   000Old_age   Always   
-   10
193 Load_Cycle_Count0x0032   200   200   000Old_age   Always   
-   28
194 Temperature_Celsius 0x0022   121   115   000Old_age   Always   
-   31
196 Reallocated_Event_Count 0x0032   200   200   000Old_age   Always   
-   0
197 Current_Pending_Sector  0x0012   200   200   000Old_age   Always   
-   1
198 Offline_Uncorrectable   0x0010   200   200   000Old_age   Offline  
-   0
199 UDMA_CRC_Error_Count0x003e   200   200   000Old_age   Always   
-   0
200 Multi_Zone_Error_Rate   0x0008   200   200   000Old_age   Offline  
-   0
 
 
I assume, raw read error rate is ok. So I would use the same disk for resyncing 
the raid.
 
Other recommendations?
 
Helmut
 ___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Anyway to ensure SSH availability?

2011-06-30 Thread Les Mikesell

On 6/30/11 6:11 AM, Emmanuel Noobadmin wrote:
 On 6/30/11, Simon Mattersimon.mat...@invoca.ch  wrote:
 Hm, I thought the problem was I/O, not memory? If memory is not the
 problem then it has nothing to do with swapping (more correctly paging).

 After looking through the various replies here and rechecking whatever
 logs I managed to get, it might in a way be related to swapping, not
 on the host which I am trying to get into but the guest.

Again, fixable by not sharing the disk the guest uses with the disk the host 
needs to load programs from... The disk head is always going to be in the wrong 
place.

But, odds are that the source of the problem is starting too many mail delivery 
programs, especially if they, or the user's local procmail, starts a 
spamassassin instance per message.  Look at the mail logs for a problem time to 
see if you had a flurry of messages coming in.  Sendmail/MimeDefang is fairly 
good at queuing the input and controlling the processes running at once but 
even 
with that you may have to throttle the concurrent sendmail processes.

-- 
   Les Mikesell
 lesmikes...@gmail.com


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Anyway to ensure SSH availability?

2011-06-30 Thread Steven Tardy

On 06/29/11 14:50, Emmanuel Noobadmin wrote:
 I was having problems with the same server locking up to the point I
 can't even get in via SSH.

investigate instead of band-aiding...

1) syslog to a remote host.
remote syslogging rarely stops when the system is disk/iowait bound.

2) log diving.
is there anything in the logs around the time of the incidents?

large emails(100MB+ body, not attachment) can freak out versions of spam 
assassin...
  server load would reach 300+ which timed out SSH connections.
syslogs took time to wade through, but pinpointed the recurring issue.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Anyway to ensure SSH availability?

2011-06-30 Thread John Hodrien

On Thu, 30 Jun 2011, rai...@ultra-secure.de wrote:

 Steve Barnes wrote:

 [...]

 Or maybe having that core root tree on separate HDD and separate HDD
 controller.



 Unfortunately, all this does not matter at all.
 The problem is: sshd is swapped out and the system needs to swap-out
 something else first, before it can take sshd back in.

Reduce your chances of it being kicked out into swap as a result of i/o:

sysctl -q vm.swappiness=0

If that improves things, add an appropriate line into sysctl.conf.

jh
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] mounting a CentOS 5.5-based NFS partitions from a Mac OS X machine

2011-06-30 Thread Boris Epstein

 As Tom mentioned, you need the insecure exports option on the NFS server
 side, otherwise I don't do anything special on the client. I'm sourcing
 the automount maps through LDAP. Try mounting via IP address rather than
 NFS server name; I've had some issues with this on Mac clients.

 Steve
 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos

I wish this could help but I am exporting with insecure already...

Boris.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum update - [Errno 4] Socket Error: timed out - More info

On 06/29/2011 07:58 AM ken wrote:
 Trying to update a second CentOS box, I'm getting this error repeatedly:
 
 [Errno 4] Socket Error: timed out
 
 I'm getting this on every mirror and have gone through the list of
 mirrors more than a dozen times.
 
 Oddly, the RPMs I'm trying to upgrade I upgraded just yesterday without
 a problem on another machine on the same LAN with no problems
 whatsoever.  I can ping mirrors fine.
 
 There were a spate of these errors back in 2006.  The fix for many was
 to add this line to yum.conf:
 
 timeout=300
 
 So I did that on the machine where yum is having the problem, but the
 same errors are returned.
 
 Anyone else seeing this?  Anyone know what the problem is?

So I tried using wget to download RPMs from a few mirrors.  I was able
to successfully one whose size is about 5.5M, but the others all stop
downloading around 1M.  Then I tried ftp... same deal.  This might be
the reason for the socket error in yum.

I don't have quotas set on this machine.  selinux is on, but it's been
on for years... why should it start interfering now?  I'm downloading
into /tmp where security settings are standard (user_u:object_r:tmp_t).

Any ideas?

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum update - [Errno 4] Socket Error: timed out - More info

2011-06-30 Thread Giovanni Tirloni

On Thu, Jun 30, 2011 at 12:06 PM, ken geb...@mousecar.com wrote:

 On 06/29/2011 07:58 AM ken wrote:
  Trying to update a second CentOS box, I'm getting this error repeatedly:
 
  [Errno 4] Socket Error: timed out
 
  I'm getting this on every mirror and have gone through the list of
  mirrors more than a dozen times.
 
  Oddly, the RPMs I'm trying to upgrade I upgraded just yesterday without
  a problem on another machine on the same LAN with no problems
  whatsoever.  I can ping mirrors fine.
 
  There were a spate of these errors back in 2006.  The fix for many was
  to add this line to yum.conf:
 
  timeout=300
 
  So I did that on the machine where yum is having the problem, but the
  same errors are returned.
 
  Anyone else seeing this?  Anyone know what the problem is?

 So I tried using wget to download RPMs from a few mirrors.  I was able
 to successfully one whose size is about 5.5M, but the others all stop
 downloading around 1M.  Then I tried ftp... same deal.  This might be
 the reason for the socket error in yum.

 I don't have quotas set on this machine.  selinux is on, but it's been
 on for years... why should it start interfering now?  I'm downloading
 into /tmp where security settings are standard (user_u:object_r:tmp_t).


Fire up tcpdump/wireshark and record the TCP connection then analyze it with
Wireshark and you can check for retransmissions, etc.

A while ago I had to add the following to my Fedora 13/14 system to download
from some sites.

/etc/sysctl.conf:
net.ipv4.tcp_timestamps = 0

-- 
Giovanni Tirloni
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum update - [Errno 4] Socket Error: timed out - More info

2011-06-30 Thread John Doe

From: ken geb...@mousecar.com

 So I tried using wget to download RPMs from a few mirrors.  I was able
 to successfully one whose size is about 5.5M, but the others all stop
 downloading around 1M.  Then I tried ftp... same deal.  This might be
 the reason for the socket error in yum.

When you say stop downloading, what do you mean?
Clean stop?  Network error message?  Filesystem?
Maybe you could try to wget to /dev/null and see if it goes further?
Or try to strace a wget to see what happens...

JD
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum update - [Errno 4] Socket Error: timed out - More info

On 06/30/2011 11:21 AM John Doe wrote:
From: ken geb...@mousecar.com

When you say stop downloading, what do you mean?
Clean stop? Network error message? Filesystem?
Maybe you could try to wget to /dev/null and see if it goes further?
Or try to strace a wget to see what happens...

Sorry, I should have been clearer. What happens is that the download
simply hangs. Doing ftp I turn on the 'hash' option so the ftp server
prints a # for every 1k (or something?). It'll print a half a screen
full of #s then stop; and I won't get the ftp prompt back, even
should I wait a half hour for it.

Using wget it's pretty much the same idea. On the left of the display
it'll show something like this:

---
# wget
http://ftp.linux.ncsu.edu/pub/CentOS/5.6/updates/i386/RPMS/glibc-common-2.5-58.el5_6.4.i386.rpm
--2011-06-30 11:35:44--
http://ftp.linux.ncsu.edu/pub/CentOS/5.6/updates/i386/RPMS/glibc-common-2.5-58.el5_6.4.i386.rpm
Resolving ftp.linux.ncsu.edu... 152.1.2.172
Connecting to ftp.linux.ncsu.edu|152.1.2.172|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 17244521 (16M) [application/octet-stream]
Saving to: `glibc-common-2.5-58.el5_6.4.i386.rpm'

5% [= ] 1,029,216 --.-K/s eta 23m 10s
---

and just freeze there... except the right two numbers (following eta)
will continue to climb higher... it stays at 5% and 1,029,216
doesn't change, and there's no activity between those two numbers. In
short, the download just stops or freezes.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum update - [Errno 4] Socket Error: timed out - More info

On 06/30/2011 11:40 AM ken wrote:
On 06/30/2011 11:21 AM John Doe wrote:
From: ken geb...@mousecar.com

So I tried using wget to download RPMs from a few mirrors. I was able
to successfully one whose size is about 5.5M, but the others all stop
downloading around 1M. Then I tried ftp... same deal. This might be
the reason for the socket error in yum.
When you say stop downloading, what do you mean?
Clean stop? Network error message? Filesystem?
Maybe you could try to wget to /dev/null and see if it goes further?
Or try to strace a wget to see what happens...

Using wget it's pretty much the same idea. On the left of the display
it'll show something like this:

5% [= ] 1,029,216 --.-K/s eta 23m 10s
---

One more thing: To exit from the wget above, I have to do a Ctrl-C.
Then I get this error code:

# echo $?
130

It might just mean user hit Ctrl-C, I don't know, haven't tried to
look it up yet.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum update - [Errno 4] Socket Error: timed out - More info

ken wrote:
 # wget
 http://ftp.linux.ncsu.edu/pub/CentOS/5.6/updates/i386/RPMS/glibc-common-2.5-58.el5_6.4.i386.rpm
 --2011-06-30 11:35:44--
 http://ftp.linux.ncsu.edu/pub/CentOS/5.6/updates/i386/RPMS/glibc-common-2.5-58.el5_6.4.i386.rpm
 Resolving ftp.linux.ncsu.edu... 152.1.2.172
 Connecting to ftp.linux.ncsu.edu|152.1.2.172|:80... connected.
 HTTP request sent, awaiting response... 200 OK
 Length: 17244521 (16M) [application/octet-stream]
 Saving to: `glibc-common-2.5-58.el5_6.4.i386.rpm'
 
  5% [= ] 1,029,216   --.-K/s  eta 23m 10s
 ---
 
 and just freeze there... except the right two numbers (following eta)
 will continue to climb higher... it stays at 5% and 1,029,216
 doesn't change, and there's no activity between those two numbers.  In
 short, the download just stops or freezes.
 

Have you checked your network interface on your network connection in 
general? First try the same PC in different network environment (home, 
another location?) and then try to setup another PC with the same IP in 
the same network environment as original PC.

Ljubomir
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum update - [Errno 4] Socket Error: timed out - More info

2011-06-30 Thread m . roth

ken wrote:
 On 06/30/2011 11:21 AM John Doe wrote:
 From: ken geb...@mousecar.com

 So I tried using wget to download RPMs from a few mirrors.  I was able
 to successfully one whose size is about 5.5M, but the others all stop
 downloading around 1M.  Then I tried ftp... same deal.  This might be
 the reason for the socket error in yum.

 When you say stop downloading, what do you mean?
 Clean stop?  Network error message?  Filesystem?
 Maybe you could try to wget to /dev/null and see if it goes further?
 Or try to strace a wget to see what happens...

 Sorry, I should have been clearer.  What happens is that the download
 simply hangs.  Doing ftp I turn on the 'hash' option so the ftp server
 prints a # for every 1k (or something?).  It'll print a half a screen
 full of #s then stop; and I won't get the ftp prompt back, even
 should I wait a half hour for it.

 Using wget it's pretty much the same idea.  On the left of the display
 it'll show something like this:
snip
 and just freeze there... except the right two numbers (following eta)
 will continue to climb higher... it stays at 5% and 1,029,216
 doesn't change, and there's no activity between those two numbers.  In
 short, the download just stops or freezes.

Consider attaching strace, and see what it's waiting for?

mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Anyway to ensure SSH availability?

2011-06-30 Thread Giovanni Tirloni

On Thu, Jun 30, 2011 at 4:38 AM, Alexander Dalloz ad+li...@uni-x.orgwrote:

 Am 30.06.2011 08:36, schrieb Steve Barnes:
  Although it would really be interesting to me to see scheduler settings
 that would indeed allow something of a 'privileged' ssh or an OOB console
 that would be responsive even under a punishing load with lots of swapping,
 which is what the OP originally asked about.
 
  I'd be interested to hear thoughts on this. We have a small 1U test
 server with 2 entry-level SATA drives that was brought to its knees twice
 this week by an overzealous Java process. Load averages were up around 60+
 and as a result, SSH access would timeout. I don't know if this behaviour is
 typical across operating systems, but it's frustrating to find yourself
 locked out a server just because a single process went to town on the i/o
 subsystem.
 
  Cheers
 
  Steve

 CentOS 6 will support cgroups, by which you can control cpu, memory and
 I/O.

 http://www.mjmwired.net/kernel/Documentation/cgroups.txt

 http://www.mjmwired.net/kernel/Documentation/cgroups/blkio-controller.txt


Just tried the disktop.stp script on a Linux 2.6.38 and it looks nice. The
possibilities! :)

http://sourceware.org/systemtap/examples/io/disktop.stp

-- 
Giovanni Tirloni
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum update - [Errno 4] Socket Error: timed out - More info

2011-06-30 Thread Eero Volotinen

Reboot your firewall and os?
30.6.2011 19.11 m.r...@5-cent.us kirjoitti:
 ken wrote:
 On 06/30/2011 11:21 AM John Doe wrote:
 From: ken geb...@mousecar.com

 So I tried using wget to download RPMs from a few mirrors. I was able
 to successfully one whose size is about 5.5M, but the others all stop
 downloading around 1M. Then I tried ftp... same deal. This might be
 the reason for the socket error in yum.

 When you say stop downloading, what do you mean?
 Clean stop? Network error message? Filesystem?
 Maybe you could try to wget to /dev/null and see if it goes further?
 Or try to strace a wget to see what happens...

 Sorry, I should have been clearer. What happens is that the download
 simply hangs. Doing ftp I turn on the 'hash' option so the ftp server
 prints a # for every 1k (or something?). It'll print a half a screen
 full of #s then stop; and I won't get the ftp prompt back, even
 should I wait a half hour for it.

 Using wget it's pretty much the same idea. On the left of the display
 it'll show something like this:
 snip
 and just freeze there... except the right two numbers (following eta)
 will continue to climb higher... it stays at 5% and 1,029,216
 doesn't change, and there's no activity between those two numbers. In
 short, the download just stops or freezes.

 Consider attaching strace, and see what it's waiting for?

 mark

 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] network hang [was: Re: yum update - [Errno 4] Socket Error: timed out - More info]

On 06/30/2011 11:57 AM Ljubomir Ljubojevic wrote:
ken wrote:
# wget
http://ftp.linux.ncsu.edu/pub/CentOS/5.6/updates/i386/RPMS/glibc-common-2.5-58.el5_6.4.i386.rpm
--2011-06-30 11:35:44--
http://ftp.linux.ncsu.edu/pub/CentOS/5.6/updates/i386/RPMS/glibc-common-2.5-58.el5_6.4.i386.rpm
Resolving ftp.linux.ncsu.edu... 152.1.2.172
Connecting to ftp.linux.ncsu.edu|152.1.2.172|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 17244521 (16M) [application/octet-stream]
Saving to: `glibc-common-2.5-58.el5_6.4.i386.rpm'

5% [= ] 1,029,216 --.-K/s eta 23m 10s
---

Have you checked your network interface on your network connection in
general? First try the same PC in different network environment (home,
another location?) and then try to setup another PC with the same IP in
the same network environment as original PC.

Ljubomir
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

In the last half hour I successfully used yum to download and install
strace, krb5-workstation and krb5-libs... for this and other reasons I'm
pretty sure I don't have a network problem. yum and wget and ftp all
seem to have a problem downloading
glibc-common-2.5-58.el5_6.4.i386.rpm... perhaps because it's rather
large (16M), or simply larger than 1M. But then I was able to ftp one
file which was 5M.

Ljubomir, you are correct in that it's some kind of network problem--
well, it could have something to do with limits or some extra-weird
permissions thing I don't know about. You'll see I've amended the
Subject line to indicate it's probably a network problem.

So, shifting into work-around mode... I used wget to download
glibc-common (the troublesome file) to another machine. No problem.
Then I scp'd it to the problem machine-- again no problem-- and
successfully installed it there using rpm.

Now that everything's been upgraded, the urgency has gone out of the
situation. I had thought to use strace and/or tcpdump as was suggested
(thanks for those suggestions), but I've found those utilities give a
lot of output and take a lot of time to analyze (for me anyway). With
other things I need to get to today, I'll be saving those small projects
for another day.

But just one other quick test: I used scp on the problem box to download
that same glibc-common rpm file from the local machine (residing on the
same LAN and in the same network block) mentioned above. It worked
fine, even downloading to the same directory (/tmp). And, yes, rpm
verified that the file was complete and uncorrupted. This narrows the
problem down to a couple pockets.

If I find anything more, I'll post back.

Thanks for all the suggestions, everyone.

--
When a society comes together and makes decisions in harmony,
when it respects its most noble traditions, cares for its most
vulnerable members, treats its forests and lands with respect,
then it will prosper and not decline.
--Buddha, Mahaparinirvana Sutra
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] network hang [was: Re: yum update - [Errno 4] Socket Error: timed out - More info]

2011-06-30 Thread m . roth

ken wrote:
snip
 So, shifting into work-around mode... I used wget to download
 glibc-common (the troublesome file) to another machine.  No problem.
 Then I scp'd it to the problem machine-- again no problem-- and
 successfully installed it there using rpm.

A strong recommendation: rpm -e, then yum localinstall. That way, yum's
d/b will be correct.

 mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Anyway to ensure SSH availability?

On 6/30/11, Les Mikesell lesmikes...@gmail.com wrote:
 Again, fixable by not sharing the disk the guest uses with the disk the host
 needs to load programs from... The disk head is always going to be in the
 wrong place.

Well, let's just say my original recommendation specifications for
this particular set was a HP ML110G6 with 8GB, 2x 250GB for the host
and 2x1.5TB storage drives, told them the extra memory and drives
could be bought OTS so they don't have to pay HP prices for that.

What I end up working with is a no-brand desktop quad core with a pair
of 500GB... so the chances of convincing them to fork out extra for
hardware isn't good. Unfortunately I'm stuck with making things work
because managing the server was part of the contract sold with the
apps.


 But, odds are that the source of the problem is starting too many mail
 delivery programs, especially if they, or the user's local procmail, starts a
 spamassassin instance per message.  Look at the mail logs for a problem time
 to see if you had a flurry of messages coming in.  Sendmail/MimeDefang is
 fairly good at queuing the input and controlling the processes running at 
 once but
 even  with that you may have to throttle the concurrent sendmail processes.

Does it make a difference if I'm running Exim instead of sendmail/MimeDefang?
Right now it doesn't look like an mail run, more like a httpd run
because it's starting to look like a large number of httpd threads was
spawned just before that.

Unfortunately, I also discovered that logrotate was wrongly configured
and I only have daily logs. Fixed that, hopefully, and shall see if I
get something better to work on if it strikes again.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] network hang [was: Re: yum update - [Errno 4] Socket Error: timed out - More info]