Re: [CentOS-es] Bloqueo https
*::Prueba con esto: *-A INPUT -p tcp -m tcp -m multiport -m string -j DROP --dports 80,443 --string facebook --algo bm *** Fin del mensaje *** Saludos Salvador Guzman Salman PSL Vigo, Galicia, España +34 986.21.30.27 +34 679-725-626 Salman.EU http://salman.es/ El 13/09/2014 3:10, César Martinez escribió: Saludos amigos, tengo un servidor centos 6.5 el cuál hace proxy con restricciones encontré un artículo que Epe habla para bloqueo de facebook donde aplca esta regla iptables -I FORWARD -p tcp --dport 443 -m string --string 'facebook' --algo bm -j DROP lo he probado y funciona al 100%, ahora hago lo mismo para bloquear youtube en vez de colocar facebook pongo youtube pero es como que carga un tiempo el sitio y después de unos segundos se abre, alguien sabe porque o tienen alguna sugerencia para bloquear youtube, lo he probado con twitter hotmail y funciona super bien solo con youtube nada que ver. Gracias a todos ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS] SAMBA as AD DC
Hi Rob, Rob Kampen wrote: Would this be due to not starting the nmb service? Samba provide two services smb AND nmb, you want to ensure both are running. HTH Well, for AC DC mode, starting samb and/or nmbd ussues an error saying you would have to start samba instead - in this mode smbd and nmbd are not supposed to be started directly. And ps xa shows identical process lists for the working variant startet by /usr/sbin/samba and for the non working variant /service samba start. But I also had an idea what to check: Turning selinux off did fix the samba started by systemd. So it is a selinux issue. Greetings Markus Steinborn ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SAMBA as AD DC
Hi Miguel Miguel Medalha schrieb: Why don't you use Sernet Enterprise Samba? They provide precompiled packages for a bunch of distros. I've read in this list recently ( archived at http://lists.centos.org/pipermail/centos/2014-September/145681.html )that they do not provide RPMs for RHEL/CentOS 7. So this seems not to be an option. Greetings Markus ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] default devtools enabled for users
Hi! I want to make the default environment for users the environment of devtoolset .. and i am thinking to do it this way: 1. make /bin/bash-devtools with the content scl enable devtoolset-2 bash $@ 2. change for the prospective users the shell from /bin/bash to /bin/bash-devtoolset Is this the best way? Do anyone see or know of any pitfalls with this? Thanks a lot! Adrian ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Linux Guest in KVM - Best Display Resolution
Dear All, what settings do you use in KVM for Linux guests? The resolution with VNC / VGA is 1024x768 only. If I choose Spice / QXL the resolution is better, but colors aren't displayed properly and some letters are missing! In the Debian guest I installed the packages xserver-xspice and spice-client-gtk, but it wasn't better. So how do you configure KVM-guests with graphical interface? -- Gruß, Christian ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] nouveau crash on centos 6.5
On 09/12/2014 04:33 PM, Valeri Galtsev wrote: Yes, it seems to be about time for Linux folks to stop liking NVIDIA (and being stuck with proprietary binary drivers) and start liking more others who provide more documentation about their card internals thus giving open source teams enough information to maintain decently working open source drivers. I'm also using proprietary NVIDIA drivers. [ - The one who favored ATI some 12 years back at the peak of Linux love to NVIDIA ;-)] Which graphics board would you recommend? -- Gruß, Christian ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SAMBA as AD DC
On 14 September 2014 09:01, Markus Steinborn mar...@msteinborn.de wrote: Hi Miguel Miguel Medalha schrieb: Why don't you use Sernet Enterprise Samba? They provide precompiled packages for a bunch of distros. I've read in this list recently ( archived at http://lists.centos.org/ pipermail/centos/2014-September/145681.html )that they do not provide RPMs for RHEL/CentOS 7. So this seems not to be an option. There's no 'need' to be on C7 right now ... If your requirement is runs sernet samba for AD services then C7 does not meet that requirement at this time ... C6 is supported till 2020 ... there's no hurry here. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] C5 : Deleting un-deletable files ?
On Sun, Sep 14, 2014, Always Learning wrote: Thank you to Steven and to Valeri for an excellent idea. The fsck cured the problem. The problem files were removed by fsck during its recovery/rectification. The first thing you should do when you find files or directories is use 'lsattr' to check the attributes. In particular look for the 'i' attribute which marks the entry as immutable. A favorite trick of crackers is to put their own versions of commands such as /bin/ps, /bin/ls, /usr/bin/find, etc. to hide their activity. You can use the 'chattr' command to change the attributes with something like 'chattr -i /bin/ps' to remove immutable attribute. If there are multiple attributes shown by the 'lsattr' command, simply add them like 'chattr -iAs /bin/ps'. It also takes the -R option to run recursively through a directory. Bill -- INTERNET: b...@celestial.com Bill Campbell; Celestial Software LLC URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way Voice: (206) 236-1676 Mercer Island, WA 98040-0820 Fax:(206) 232-9186 Skype: jwccsllc (206) 855-5792 The government is like a baby's alimentary canal, with a happy appetite at one end and no responsibility at the other. -- Ronald Reagan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] C5 : Deleting un-deletable files ?
On 2014-09-14, Bill Campbell cen...@celestial.com wrote: On Sun, Sep 14, 2014, Always Learning wrote: The fsck cured the problem. The problem files were removed by fsck during its recovery/rectification. The first thing you should do when you find files or directories is use 'lsattr' to check the attributes. The OP already did that. You can use the 'chattr' command to change the attributes with something like 'chattr -i /bin/ps' to remove immutable attribute. The OP tried chattr, and reported that it failed for certain files. This is why other people suggested an fsck; these are both indicators of a damaged filesystem. --keith -- kkel...@wombat.san-francisco.ca.us ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SAMBA as AD DC
Why don't you use Sernet Enterprise Samba? (...) they do not provide RPMs for RHEL/CentOS 7. So this seems not to be an option. As someone said before, you don't need to use the latest and greatest to run a functional service... On a production environment that is even often undesirable until things settle down... Anyway, Sernet also provides a source rpm. Why not build up from that base? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] default devtools enabled for users
On Sep 14, 2014, at 10:57 AM, Adrian Sevcenco adrian.sevce...@cern.ch wrote: Hi! I want to make the default environment for users the environment of devtoolset .. and i am thinking to do it this way: 1. make /bin/bash-devtools with the content scl enable devtoolset-2 bash $@ 2. change for the prospective users the shell from /bin/bash to /bin/bash-devtoolset Is this the best way? Do anyone see or know of any pitfalls with this? Hi, I suspect that'll break a couple things. Off the top of my head, you'll need to add it to /etc/shells. You might get more milage out of putting the scl command in an /etc/profile.d/*.sh script. You could put some logic in it so non-root or certain user/groups are the only ones that load it. -- Jonathan Billings billi...@negate.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] nouveau crash on centos 6.5
On Sun, September 14, 2014 10:08 am, Chris wrote: On 09/12/2014 04:33 PM, Valeri Galtsev wrote: Yes, it seems to be about time for Linux folks to stop liking NVIDIA (and being stuck with proprietary binary drivers) and start liking more others who provide more documentation about their card internals thus giving open source teams enough information to maintain decently working open source drivers. I'm also using proprietary NVIDIA drivers. [ - The one who favored ATI some 12 years back at the peak of Linux love to NVIDIA ;-)] Which graphics board would you recommend? I'm not an expert to recommend something. I myself am using ATI usually (even after they were bought out by AMD). Usually Dell workstations (Desktops actually) have ATI card as one of choices. These cards are good ones, with discrete video memory (to the contrary to some video chips with shared memory, and yes, there are ATI videochips like with shared memory found in some laptops). So basically, if I'm awfully cautious I double check that it is discrete video memory. You know what shared memory is, right? It is portion of main RAM that that bad chip uses as its video memory. In addition to the fact that you are not getting some hardware (video RAM) that is implied by specifications, there is architecturally awful thing about that: you have video traffic (60 video frames per second worth, or 50 frames in Europe) on the memory bus. The traffic that doesn't belong there in the first place, as video RAM is used for your screen content always. And portion of your RAM bandwidth is stolen as well. I would void computer science degree of the idiot who invented that. But its continuing existence is due to sad fact that mass customer is basing the choice in pricegrabber results to the contrary to technical worthiness.. Just my 2 c. Valeri Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SAMBA as AD DC
On Mon, Sep 15, 2014 at 4:07 AM, Miguel Medalha miguelmeda...@sapo.pt wrote: Why don't you use Sernet Enterprise Samba? (...) they do not provide RPMs for RHEL/CentOS 7. So this seems not to be an option. As someone said before, you don't need to use the latest and greatest to run a functional service... On a production environment that is even often undesirable until things settle down... Anyway, Sernet also provides a source rpm. Why not build up from that base? +1 However, the init scripts from the built RPMs may not be compatible with C7 (systemd). I believe the OP is having problems with starting the daemons not building the Samba4. The Sernet Samba4 packages work like a champ on C6.5. -- Arun Khan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] nouveau crash on centos 6.5
On 09/15/2014 04:02 AM, Valeri Galtsev wrote: I myself am using ATI usually (even after they were bought out by AMD). I used to use ATI. Accidentally, the last computers I bought had a NVIDIA card. I heard Linux support of both boards would be similar. When I bought a new notebook, I tested it with a live linux CD at the shop. I didn't want to compare all hardware components with internet lists and search for drivers. Graphics worked, WIFI also out of the box! My desktop is a Dell machine. Linux support is flawless. Later I read in a computer magazine, that there are Dell machines where you hardly get the right drivers. That's why I wouldn't order a machine by mail-order anymore. Linux isn't supported by Dell, they recommend Windows, at least in Germany. Usually Dell workstations (Desktops actually) have ATI card as one of choices. These cards are good ones, with discrete video memory (to the contrary to some video chips with shared memory, and yes, there are ATI videochips like with shared memory found in some laptops). Oh, shared memory! That's a good aspect. -- Gruß, Christian ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] ZFS
On 09/08/2014 09:00 PM, Andrew Holway wrote: Try ZFS http://zfsonlinux.org/ Maybe you can tune ZFS further, but I tried it in userspace (with FUSE) and reading was a almost 5 times slower than MDADM. -- Gruß, Christian ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
