Re: [CentOS] headless VirtualBox on Centos
I am wondering if there is a set of scripts/utilities for automatically starting and running headless (no X11) VM's using VirtualBox omn a CentOS 6 server. VNC/RDP access to the VM's would be fine. You can also get access to a headless VM console via RDP with VRDE (VBox Remote Desktop Extension) available from VBox Extension Pack. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] headless VirtualBox on Centos
I was looking more or less at the same options. Just was wondering if there was a ready-made set of scripts somewhere to set all of this in motion to save me a little time - but if not, I will just make one. You can use vboxmanage modifyvm VM name --autostart-enabled on and enable vboxautostart-service. However I had to tweak the script to suspend VMs on system reboot/shutdown. Don't know if this works out of the box with newer VBox versions. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] headless VirtualBox on Centos
Awesome! Thanks for your replies everybody. I was looking more or less at the same options. Just was wondering if there was a ready-made set of scripts somewhere to set all of this in motion to save me a little time - but if not, I will just make one. Cheers, Boris. On Fri, Mar 27, 2015 at 3:16 AM, Александр Кириллов nevis...@infoline.su wrote: I am wondering if there is a set of scripts/utilities for automatically starting and running headless (no X11) VM's using VirtualBox omn a CentOS 6 server. VNC/RDP access to the VM's would be fine. You can also get access to a headless VM console via RDP with VRDE (VBox Remote Desktop Extension) available from VBox Extension Pack. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Netflix
Liam O'Toole liam.p.otoole@... writes: I doubt it. As you say, the NSS version is the blocker. Maybe that number will get bumped in a future 6.x release. Maybe. Centos-7 would probably do the job but this machine is 32-bit so it's a non-starter AFAIK. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] headless VirtualBox on Centos
On Fri, Mar 27, 2015 at 6:32 AM, Boris Epstein borepst...@gmail.com wrote: Awesome! Thanks for your replies everybody. I was looking more or less at the same options. Just was wondering if there was a ready-made set of scripts somewhere to set all of this in motion to save me a little time - but if not, I will just make one. I think it depends on which stage you want automated. o If you built a vm client and just want to fire it up as needed, the vbox command line should suffice. Just tell it to start headless. Remember you can later on connect to its console using rdesktop if you configured it. o If you want to create the vm from scratch, you can create the vm itself using vboxmanage (a biased example is shown at http://unixwars.blogspot.com/2012/01/creating-virtualbox-vms-command-line.html). Then you could do the initial disk partitioning and installing using, say, kickstart. o Another way to do the previous suggestion is to use packer. or JuJu. Or Vagrant. Of the 3, I myself have more experience with packer. Cheers, Boris. On Fri, Mar 27, 2015 at 3:16 AM, Александр Кириллов nevis...@infoline.su wrote: I am wondering if there is a set of scripts/utilities for automatically starting and running headless (no X11) VM's using VirtualBox omn a CentOS 6 server. VNC/RDP access to the VM's would be fine. You can also get access to a headless VM console via RDP with VRDE (VBox Remote Desktop Extension) available from VBox Extension Pack. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Netflix
On 2015-03-27, Bob Hepple bob.hep...@gmail.com wrote: Now that netflix is in Australia, I wouldn't mind giving it a burl. It's working fine on my fedora-21 lappy with chrome-40 but not on our centos-6 mythtv setup even with chrome-41. I understand the difference might be the version of NSS - fedora-21 has 3.17 while centos is stuck at 3.16. Other than that, I'm flumoxed. Anyone got netflix running on centos-6? I doubt it. As you say, the NSS version is the blocker. Maybe that number will get bumped in a future 6.x release. -- Liam ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Netflix
- Oorspronkelijk bericht - Van: Liam O'Toole liam.p.oto...@gmail.com Aan: centos@centos.org Verzonden: Vrijdag 27 maart 2015 12:49:38 Onderwerp: Re: [CentOS] Netflix On 2015-03-27, Bob Hepple bob.hep...@gmail.com wrote: Liam O'Toole liam.p.otoole@... writes: I doubt it. As you say, the NSS version is the blocker. Maybe that number will get bumped in a future 6.x release. Maybe. Centos-7 would probably do the job but this machine is 32-bit so it's a non-starter AFAIK. There was some talk on this list of a 32-bit build of CentOS 7, but nothing has come of it yet. -- Liam ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Hello I spent considerable time getting Netflix to work on Centos6/Firefox, and I couldn't get it to work. Luckily along came Centos7, on which it is easy to install Chrome. But I would still prefer to run it in Firefox. Greetings, Johan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Netflix
On 2015-03-27, Bob Hepple bob.hep...@gmail.com wrote: Liam O'Toole liam.p.otoole@... writes: I doubt it. As you say, the NSS version is the blocker. Maybe that number will get bumped in a future 6.x release. Maybe. Centos-7 would probably do the job but this machine is 32-bit so it's a non-starter AFAIK. There was some talk on this list of a 32-bit build of CentOS 7, but nothing has come of it yet. -- Liam ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS-announce Digest, Vol 121, Issue 11
Send CentOS-announce mailing list submissions to
centos-annou...@centos.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ...@centos.org
You can reach the person managing the list at
centos-announce-ow...@centos.org
When replying, please edit your Subject line so it is more specific
than Re: Contents of CentOS-announce digest...
Today's Topics:
1. CEBA-2015:0747 CentOS 6 scl-utils BugFix Update (Johnny Hughes)
2. CESA-2015:0729 Important CentOS 6 setroubleshoot Security
Update (Johnny Hughes)
3. CESA-2015:0729 Important CentOS 5 setroubleshoot Security
Update (Johnny Hughes)
--
Message: 1
Date: Thu, 26 Mar 2015 23:21:08 +
From: Johnny Hughes joh...@centos.org
To: centos-annou...@centos.org
Subject: [CentOS-announce] CEBA-2015:0747 CentOS 6 scl-utils BugFix
Update
Message-ID: 20150326232108.ga42...@n04.lon1.karan.org
Content-Type: text/plain; charset=us-ascii
CentOS Errata and Bugfix Advisory 2015:0747
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0747.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
f245f627da322adb2d8745086b7e5b81c95cc6d79e460a8f1975d745e3c4d14c
scl-utils-20120927-27.el6_6.i686.rpm
4fcf535dfdc64b868cdfd727b614677318dc2412d3150a8446817396679bdc15
scl-utils-build-20120927-27.el6_6.i686.rpm
x86_64:
b01a9bfa9332d48e950e4ff36976f7b7d72573fae13708b30993907b7773f7e4
scl-utils-20120927-27.el6_6.x86_64.rpm
829156e2443e46055a58c49456e880d2a0ebbd035369016b6a848b468b23391e
scl-utils-build-20120927-27.el6_6.x86_64.rpm
Source:
413167a88247d96e3c410fe12f640a7ad214327144372d28b318442b52186fae
scl-utils-20120927-27.el6_6.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
--
Message: 2
Date: Thu, 26 Mar 2015 23:21:26 +
From: Johnny Hughes joh...@centos.org
To: centos-annou...@centos.org
Subject: [CentOS-announce] CESA-2015:0729 Important CentOS 6
setroubleshoot Security Update
Message-ID: 20150326232126.ga42...@n04.lon1.karan.org
Content-Type: text/plain; charset=us-ascii
CentOS Errata and Security Advisory 2015:0729 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0729.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
337223226372dd0f7c8738eb4a42146bcbe5a7e73be7554b8a50dfbc56e33f23
setroubleshoot-3.0.47-6.el6_6.1.i686.rpm
ce36a08a17208670740cb124c1fabb0b17a89bf13c1004d5fb0158d5e77e6ba5
setroubleshoot-doc-3.0.47-6.el6_6.1.i686.rpm
0cd4337b7828b5997a1558eb2d7484c9fa9934ff7789025d4bfb65470c4e2d89
setroubleshoot-server-3.0.47-6.el6_6.1.i686.rpm
x86_64:
337aafbc28969e98620bf26da2102884f6d735ec66faa4bfe7f519dfa8801a6c
setroubleshoot-3.0.47-6.el6_6.1.x86_64.rpm
b95ccd8ae276646ed59f31eff82d6a3719c8a6f61408accaaf6b48c8a75827ed
setroubleshoot-doc-3.0.47-6.el6_6.1.x86_64.rpm
4854d7c15952b1ce3d3969cd92d62d07c6a0b882a698553abffb66dba1ada470
setroubleshoot-server-3.0.47-6.el6_6.1.x86_64.rpm
Source:
ba337022d7a8e593c4123db3531a4633267d71d392b1d1101aab9a0cafcdf6a5
setroubleshoot-3.0.47-6.el6_6.1.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
--
Message: 3
Date: Thu, 26 Mar 2015 23:28:25 +
From: Johnny Hughes joh...@centos.org
To: centos-annou...@centos.org
Subject: [CentOS-announce] CESA-2015:0729 Important CentOS 5
setroubleshoot Security Update
Message-ID: 20150326232825.ga31...@chakra.karan.org
Content-Type: text/plain; charset=us-ascii
CentOS Errata and Security Advisory 2015:0729 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0729.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
216f2cf3534c6a8f8e1be41f68d5f5259b03bfacdbaeaa7b325db24b44c04888
setroubleshoot-2.0.5-7.el5_11.noarch.rpm
04bc3a794631aec3b87d0c433f4d06169cc289293d1a070747d808c57bc98f7e
setroubleshoot-server-2.0.5-7.el5_11.noarch.rpm
x86_64:
216f2cf3534c6a8f8e1be41f68d5f5259b03bfacdbaeaa7b325db24b44c04888
setroubleshoot-2.0.5-7.el5_11.noarch.rpm
04bc3a794631aec3b87d0c433f4d06169cc289293d1a070747d808c57bc98f7e
setroubleshoot-server-2.0.5-7.el5_11.noarch.rpm
Source:
5ded827483a0f9bb0b7cd24a9d99974f036945c4041afd440aa9721c0b9215e7
setroubleshoot-2.0.5-7.el5_11.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
--
___
CentOS-announce mailing list
centos-annou...@centos.org
Re: [CentOS-es] Problemas con SPAM
Hola David:Lo tuyo es una infección el cual según leí se aplica cada cierto tiempo, tuve un problema similar hace mucho y bueno te ayudo en algo, antes necesitas ubicar algunas cosas: Ubicar al usuario o equipo que este mandando el SPAM (no me refiero físicamente)En el servidor mira la salida e ingreso de correos con : tail -f /var/log/maillogFácilmente notaras el correo SPAM ya que te fijaras de lineas repetidasSi ubicaste el usuario hay dos cosas por hacer y lo mas común es que dovecot este infectado y lo mas rápido haz una copia de los correos del usuario pero de esta carpeta (/home/user/Maildir/cur) del CUR.Elimina al usuario, verifica con el tail -f /var/log/maillog si persiste la salidaSi es así entonces la infección se fue al directorio /var/spool/postfixAhora allí es cuestión de volver a ubicar a ese usuario ya que se quedo la infección de forma automática y lo ubicas así :find /var/spool/postfix -name user -print o bien locate userubicas y borras reinicias servicios y lamentablemente para que te borren de las listas RBL tienes que esperar mas de 24 horasEspero te ayude estimado. Saludos. Luis Román ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS] Netflix
Install Docker, then install Chrome in a Debian or Ubuntu container. e.g. http://fabiorehm.com/blog/2014/09/11/running-gui-apps-with-docker/ HTH Lucian -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro - Original Message - From: Bob Hepple bob.hep...@gmail.com To: centos@centos.org Sent: Friday, 27 March, 2015 01:41:14 Subject: [CentOS] Netflix Now that netflix is in Australia, I wouldn't mind giving it a burl. It's working fine on my fedora-21 lappy with chrome-40 but not on our centos-6 mythtv setup even with chrome-41. I understand the difference might be the version of NSS - fedora-21 has 3.17 while centos is stuck at 3.16. Other than that, I'm flumoxed. Anyone got netflix running on centos-6? Cheers Bob ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-es] Problemas con SPAM
y no tienes un IDS en tu red? un snort te puede ayudar a descubrir o tcpdump y mirar quien ocupa el puerto 25. Saludos El 27 de marzo de 2015, 10:56, Luis Alberto Roman Aguirre luisroma...@hotmail.com escribió: Hola David:Lo tuyo es una infección el cual según leí se aplica cada cierto tiempo, tuve un problema similar hace mucho y bueno te ayudo en algo, antes necesitas ubicar algunas cosas: Ubicar al usuario o equipo que este mandando el SPAM (no me refiero físicamente)En el servidor mira la salida e ingreso de correos con : tail -f /var/log/maillogFácilmente notaras el correo SPAM ya que te fijaras de lineas repetidasSi ubicaste el usuario hay dos cosas por hacer y lo mas común es que dovecot este infectado y lo mas rápido haz una copia de los correos del usuario pero de esta carpeta (/home/user/Maildir/cur) del CUR.Elimina al usuario, verifica con el tail -f /var/log/maillog si persiste la salidaSi es así entonces la infección se fue al directorio /var/spool/postfixAhora allí es cuestión de volver a ubicar a ese usuario ya que se quedo la infección de forma automática y lo ubicas así :find /var/spool/postfix -name user -print o bien locate userubicas y borras reinicias servicios y lamentablemente para que te borren de las listas RBL tienes que esperar mas de 24 horasEspero te ayude estimado. Saludos. Luis Román ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS] Netflix
On Thu, Mar 26, 2015 at 8:41 PM, Bob Hepple bob.hep...@gmail.com wrote: Now that netflix is in Australia, I wouldn't mind giving it a burl. It's working fine on my fedora-21 lappy with chrome-40 but not on our centos-6 mythtv setup even with chrome-41. I understand the difference might be the version of NSS - fedora-21 has 3.17 while centos is stuck at 3.16. Other than that, I'm flumoxed. Anyone got netflix running on centos-6? The Ubuntu or Mint distos are probably the least painful path to facebook/chrome on 32 bit hardware. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS-announce] CEBA-2015:0748 CentOS 6 amanda BugFix Update
CentOS Errata and Bugfix Advisory 2015:0748
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0748.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
6028eb7fd61883f440b98464a64e4ea9046b940fb71ca21910403d76d1ec1f9a
amanda-2.6.1p2-9.el6_6.i686.rpm
2c557073b814d230142f85675e1c78ba67fec4183e992cccff4162b93c966eee
amanda-client-2.6.1p2-9.el6_6.i686.rpm
e5570b2e80028795ed5f268dcb34a3b5022e7465fe47c66895b68e36a8af0ef7
amanda-devel-2.6.1p2-9.el6_6.i686.rpm
8a5e03ecf50c24896af164da8b36d5bf78b04691b2f85ba6a85a04d6f22f5d47
amanda-server-2.6.1p2-9.el6_6.i686.rpm
x86_64:
6028eb7fd61883f440b98464a64e4ea9046b940fb71ca21910403d76d1ec1f9a
amanda-2.6.1p2-9.el6_6.i686.rpm
d19eaa701f1fe55b3c0033f8f4414df1dbe8c5ae8ee32506bf5ac3e5af9003f3
amanda-2.6.1p2-9.el6_6.x86_64.rpm
86e3197db4736f91e94fdf0f08680ca033702a20f782a56749c4075c6cd48689
amanda-client-2.6.1p2-9.el6_6.x86_64.rpm
e5570b2e80028795ed5f268dcb34a3b5022e7465fe47c66895b68e36a8af0ef7
amanda-devel-2.6.1p2-9.el6_6.i686.rpm
68795396230ee7a605494eee4d313c7e801cbd4f633f8c94857c876876be6323
amanda-devel-2.6.1p2-9.el6_6.x86_64.rpm
f20dfaf4ef7d20e3047b6ce595bfa79322480b361579a165c49d6449e11fd9fb
amanda-server-2.6.1p2-9.el6_6.x86_64.rpm
Source:
f90d2d6f8ae8b0b8acd9be349b67bb3f94dc898aa353a263c4306ff261de333f
amanda-2.6.1p2-9.el6_6.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
___
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS] kmod-fglrx not available on CentOS 7?
Hi, The subject says it all. I'm currently busy installing a CentOS 7 based desktop on a client's machine, an HP Compaq with an ATI video card. # lspci | grep -i vga 01:05.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] RS780C [Radeon 3100] I wanted to give the proprietary video driver a spin, so I configured ELRepo, but curiously enough, there seems to be no kmod-fglrx driver available. Why is that so? Cheers, Niki -- Microlinux - Solutions informatiques 100% Linux et logiciels libres 7, place de l'église - 30730 Montpezat Web : http://www.microlinux.fr Mail : i...@microlinux.fr Tél. : 04 66 63 10 32 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] headless VirtualBox on Centos
On 03/26/2015 10:40 PM, Bob Hepple wrote: Boris Epstein borepstein@... writes: a set of scripts/utilities for automatically starting and running headless (no X11) VM's using VirtualBox omn a CentOS 6 server. VNC/RDP access to the VM's would be fine. vagrant? ___ I'm unfamiliar with vagrant, but it's pretty easy to roll your own. email me off list if you'd like a copy of my Frankenstein scripts. -- public gpg key id: AE60F64C ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
Mark Haney wrote: I installed CentOS 7 late last year to use as my Nagios/Cacti Monitoring server. Clean install, nothing real complicated just the server version with no GUI, just command line/SSH. I have noticed over the last 3 months that I've not had ANY updates when I run 'yum update'. I have run 'yum clean all' to see if that might be a problem, and I've made sure the updates repo is enabled (it is), but I'm getting no CentOS updates. Did something change that I'm not aware of? I'm even clueless how to being debugging this. I'm no noob to RPM based systems as I run Fedora pretty much everywhere else. Ideas? There's been a bunch. Two ideas: first, are the repos enabled (check in /etc/yum.repos.d, and make sure enabled=1, and second, do you have any excludes (and wildcards count) in /etc/yum.conf? mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
I have no excludes in yum.conf. But I noticed something odd in the CentOS-Base.repo file. The [updates] section didn't have an explicit 'enabled=1' in it. Though, when I added it in, it made no difference. I have noticed that I do have some updated packages (like httpd) that are from February and appear to be the most recent based on the mirrors, but every mirror I hit I see no updated packages listed for this month. Maybe there's just not been any and I'm overreacting. But to give an example, we run several Ubuntu 14.04 LTS virtual machines and I've have a dozen or so security related updates that I've not seen for CentOS, like openssl (which I do have installed on it) and gnutls. I know package names don't always match up, but these are recent known vulnerabilities and I don't like the feeling I'm not securing my systems properly. Does that makes sense? On Fri, Mar 27, 2015 at 2:58 PM, m.r...@5-cent.us wrote: Mark Haney wrote: I installed CentOS 7 late last year to use as my Nagios/Cacti Monitoring server. Clean install, nothing real complicated just the server version with no GUI, just command line/SSH. I have noticed over the last 3 months that I've not had ANY updates when I run 'yum update'. I have run 'yum clean all' to see if that might be a problem, and I've made sure the updates repo is enabled (it is), but I'm getting no CentOS updates. Did something change that I'm not aware of? I'm even clueless how to being debugging this. I'm no noob to RPM based systems as I run Fedora pretty much everywhere else. Ideas? There's been a bunch. Two ideas: first, are the repos enabled (check in /etc/yum.repos.d, and make sure enabled=1, and second, do you have any excludes (and wildcards count) in /etc/yum.conf? mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Mark Haney Sr. Systems Engineer, VIF International Education mark.ha...@vifprogram.com 919-265-5006 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
On 3/27/2015 12:30 PM, Mark Haney wrote: I have no excludes in yum.conf. But I noticed something odd in the CentOS-Base.repo file. The [updates] section didn't have an explicit 'enabled=1' in it. Though, when I added it in, it made no difference. I have noticed that I do have some updated packages (like httpd) that are from February and appear to be the most recent based on the mirrors, but every mirror I hit I see no updated packages listed for this month. Maybe there's just not been any and I'm overreacting. indeed, odd. I just looked at my local mirror of a mirror, and I'm not seeing anything in /7/ newer than Jan 20 -- john, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
Le 27/03/2015 20:30, Mark Haney a écrit : But to give an example, we run several Ubuntu 14.04 LTS virtual machines and I've have a dozen or so security related updates that I've not seen for CentOS, like openssl (which I do have installed on it) and gnutls. I know package names don't always match up, but these are recent known vulnerabilities and I don't like the feeling I'm not securing my systems properly. I've just setup a few CentOS 7 machines, using the minimal CD. After the initial reboot, I have 78 MB worth of updates. Everything looks quite normal. Niki -- Microlinux - Solutions informatiques 100% Linux et logiciels libres 7, place de l'église - 30730 Montpezat Web : http://www.microlinux.fr Mail : i...@microlinux.fr Tél. : 04 66 63 10 32 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] xfs_quotas, [SOLVED]
Y'all know I've been fighting this, on and off, for months. The last few days, I've done a *lot* of googling, and finally got a clue in a reply in a thread I found, where someone noted that you CANNOT enable things like pquotas on an XFS filesystem with mount -o remount, you *MUST* umount it, then mount it. In spite of mount showing the quota for the filesystem, it never worked. I turned down NFS, umounted the filesystem, mounted it - I'd had the pquota as one of the options in fstab for weeks - and *poof*, I could add hard and soft pquotas with no errors. Nasty gotcha. Side note: yesterday, I was getting so frustrated that I ran strace xfs_quota..., and found this interesting tidbit: it was looking for some message files, libc.mo and xfsprogs.mo. And they don't exist in /usr/share/locale/en_US. libc.mo is in /usr/share/local/en_GB. And it's in most of the other languages, but not US English. Then, the xfsprogs.mo *only* exist in Polish and German support, and nowhere else. Gotta file a bug report, there. Hope this helps others trying to implement quotas. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
Yeah, I just don't get it. I've looked at several mirrors and haven't found /any/ updates dated this month. That's really odd, I would think. I'm not talking installed updates on my system, ANY updated packages on the mirrors from 3/2015. Has anyone else updated packages this month? Also, as an aside, what's the difference between CentOS 7 and CentOS 7.1406? And does that make a difference? I know I don't have a ton of actual packages on this machine, it doesn't really need any more than what I have on it, which is pretty minimal, but I'm worried I'm missing security updates for some reason, and I don't want to have this system vulnerable even if it isn't accessible from outside my office. On Fri, Mar 27, 2015 at 2:52 PM, Les Mikesell lesmikes...@gmail.com wrote: On Fri, Mar 27, 2015 at 1:45 PM, Mark Haney mark.ha...@vifprogram.com wrote: I installed CentOS 7 late last year to use as my Nagios/Cacti Monitoring server. Clean install, nothing real complicated just the server version with no GUI, just command line/SSH. I have noticed over the last 3 months that I've not had ANY updates when I run 'yum update'. I have run 'yum clean all' to see if that might be a problem, and I've made sure the updates repo is enabled (it is), but I'm getting no CentOS updates. Did something change that I'm not aware of? I'm even clueless how to being debugging this. I'm no noob to RPM based systems as I run Fedora pretty much everywhere else. Ideas? Try something like yum info kernel. It should show the repos it is checking, the installed version and the repo it is from, plus available newer versions. If your installed version isn't from anaconda, maybe you have automatic updates enabled and there is nothing newer when you check. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Mark Haney Sr. Systems Engineer, VIF International Education mark.ha...@vifprogram.com 919-265-5006 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
On Fri, Mar 27, 2015 at 2:30 PM, Mark Haney mark.ha...@vifprogram.com wrote: I have no excludes in yum.conf. But I noticed something odd in the CentOS-Base.repo file. The [updates] section didn't have an explicit 'enabled=1' in it. Though, when I added it in, it made no difference. I have noticed that I do have some updated packages (like httpd) that are from February and appear to be the most recent based on the mirrors, but every mirror I hit I see no updated packages listed for this month. Maybe there's just not been any and I'm overreacting. I think all of the current work is being held in the cr repo while they are scrambling to get a full 7.1 release completed. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
Am 27.03.15 um 20:30 schrieb Mark Haney: But to give an example, we run several Ubuntu 14.04 LTS virtual machines and I've have a dozen or so security related updates that I've not seen for CentOS, like openssl (which I do have installed on it) and gnutls. I know package names don't always match up, but these are recent known vulnerabilities and I don't like the feeling I'm not securing my systems properly. Does that makes sense? yes it does - take a look at the centos announce mailinglist and see that the last update for centos 7 was pushed out on feb 25 you might want to have a look at the archives... http://lists.centos.org/pipermail/centos-announce/ or the announcement regarding the CR repo: http://lists.centos.org/pipermail/centos-announce/2015-March/020980.html ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
On 3/27/2015 12:36 PM, John R Pierce wrote: On 3/27/2015 12:30 PM, Mark Haney wrote: I have no excludes in yum.conf. But I noticed something odd in the CentOS-Base.repo file. The [updates] section didn't have an explicit 'enabled=1' in it. Though, when I added it in, it made no difference. I have noticed that I do have some updated packages (like httpd) that are from February and appear to be the most recent based on the mirrors, but every mirror I hit I see no updated packages listed for this month. Maybe there's just not been any and I'm overreacting. indeed, odd. I just looked at my local mirror of a mirror, and I'm not seeing anything in /7/ newer than Jan 20 oh. is /7/ supposed to be a symlink to /7.0.1406/ or a separate directory ? it appears my mirroring of the mirror may be broken if its supposed to be a symlink. in /7.0.1406/, I'm seeing files up to Feb 22. fyi, I'm using... $ more ~/lftp.sh #!/bin/sh echo = $HOME/lftp.log date -R $HOME/lftp.log /usr/local/bin/lftp -c 'open ftp://mirrors.sonic.net lcd /mnt/zbig/mirror mirror --continue --verbose=1 -x ia64 -x s390 -x s390x -x alpha -x SRPMS centos' $HOME/lftp.log on a freebsd (freenas) box to do the mirror. $ lftp --version LFTP | Version 4.6.1 | Copyright (c) 1996-2014 Alexander V. Lukyanov -- john, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
On Fri, Mar 27, 2015 at 12:46:20PM -0700, John R Pierce wrote: On 3/27/2015 12:36 PM, John R Pierce wrote: On 3/27/2015 12:30 PM, Mark Haney wrote: I have no excludes in yum.conf. But I noticed something odd in the CentOS-Base.repo file. The [updates] section didn't have an explicit 'enabled=1' in it. Though, when I added it in, it made no difference. I have noticed that I do have some updated packages (like httpd) that are from February and appear to be the most recent based on the mirrors, but every mirror I hit I see no updated packages listed for this month. Maybe there's just not been any and I'm overreacting. indeed, odd. I just looked at my local mirror of a mirror, and I'm not seeing anything in /7/ newer than Jan 20 oh. is /7/ supposed to be a symlink to /7.0.1406/ or a separate directory ? it appears my mirroring of the mirror may be broken if its supposed to be a symlink. in /7.0.1406/, I'm seeing files up to Feb 22. /7/ is a link to the latest release, which at this point in timeis 7.0.1406. Once 7.1 is released, the 7 symlink will point to it. -- --- .Fred Smith / ( /__ ,__. __ __ / __ : / // / /__) / / /__) .+' Home: fre...@fcshome.stoneham.ma.us // (__ (___ (__(_ (___ / :__ 781-438-5471 Jude 1:24,25 - ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Not getting updates?
I installed CentOS 7 late last year to use as my Nagios/Cacti Monitoring server. Clean install, nothing real complicated just the server version with no GUI, just command line/SSH. I have noticed over the last 3 months that I've not had ANY updates when I run 'yum update'. I have run 'yum clean all' to see if that might be a problem, and I've made sure the updates repo is enabled (it is), but I'm getting no CentOS updates. Did something change that I'm not aware of? I'm even clueless how to being debugging this. I'm no noob to RPM based systems as I run Fedora pretty much everywhere else. Ideas? -- Mark Haney Sr. Systems Engineer, VIF International Education mark.ha...@vifprogram.com 919-265-5006 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
On Fri, Mar 27, 2015 at 1:45 PM, Mark Haney mark.ha...@vifprogram.com wrote: I installed CentOS 7 late last year to use as my Nagios/Cacti Monitoring server. Clean install, nothing real complicated just the server version with no GUI, just command line/SSH. I have noticed over the last 3 months that I've not had ANY updates when I run 'yum update'. I have run 'yum clean all' to see if that might be a problem, and I've made sure the updates repo is enabled (it is), but I'm getting no CentOS updates. Did something change that I'm not aware of? I'm even clueless how to being debugging this. I'm no noob to RPM based systems as I run Fedora pretty much everywhere else. Ideas? Try something like yum info kernel. It should show the repos it is checking, the installed version and the repo it is from, plus available newer versions. If your installed version isn't from anaconda, maybe you have automatic updates enabled and there is nothing newer when you check. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
On 3/27/2015 1:56 PM, Johnny Hughes wrote: It is indeed a symlink ... and it will indeed be shifted. People also really should use rsync with the -H option for hardlinks as that will save much space between releases as well. (Almost all the items in the 'cr' repo, 'os' repo, and 'fasttrack' repo from the 7.0.1406 tree will make up the new os repo in the newer 7.1.1503 tree.) If you are not using -H, you have to download each RPM more than once. rsync from $job is incredibly slow and unreliable and frequently errored out partway through the process. I switched to lftp some time ago but just realized that it wasn't handling symlinks properly (although all indications are that it should be). A possible complication may be that I just moved my local mirror from a old Solaris 10 system to a new FreeNAS (FreeBSD) system, and am using the lftp from freeBSD 9.3 'ports', whihc is lftp version 4.6.1. The old solaris system had LFTP 4.0.10 -- john, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
On 3/27/2015 1:27 PM, Fred Smith wrote: oh. is /7/ supposed to be a symlink to /7.0.1406/ or a separate directory ? it appears my mirroring of the mirror may be broken if its supposed to be a symlink. in /7.0.1406/, I'm seeing files up to Feb 22. /7/ is a link to the latest release, which at this point in timeis 7.0.1406. Once 7.1 is released, the 7 symlink will point to it. ah, then my mirroring is broken. I'm using... /usr/local/bin/lftp -c 'open ftp://mirrors.sonic.net lcd /mnt/zbig/mirror mirror --continue --verbose=1 -x ia64 -x s390 -x s390x -x alpha -x SRPMS centos' (mirrors.sonic.net is relatively close to $job's main internet gateway). -- john, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
On 03/27/2015 03:27 PM, Fred Smith wrote: On Fri, Mar 27, 2015 at 12:46:20PM -0700, John R Pierce wrote: On 3/27/2015 12:36 PM, John R Pierce wrote: On 3/27/2015 12:30 PM, Mark Haney wrote: I have no excludes in yum.conf. But I noticed something odd in the CentOS-Base.repo file. The [updates] section didn't have an explicit 'enabled=1' in it. Though, when I added it in, it made no difference. I have noticed that I do have some updated packages (like httpd) that are from February and appear to be the most recent based on the mirrors, but every mirror I hit I see no updated packages listed for this month. Maybe there's just not been any and I'm overreacting. indeed, odd. I just looked at my local mirror of a mirror, and I'm not seeing anything in /7/ newer than Jan 20 oh. is /7/ supposed to be a symlink to /7.0.1406/ or a separate directory ? it appears my mirroring of the mirror may be broken if its supposed to be a symlink. in /7.0.1406/, I'm seeing files up to Feb 22. /7/ is a link to the latest release, which at this point in timeis 7.0.1406. Once 7.1 is released, the 7 symlink will point to it. It is indeed a symlink ... and it will indeed be shifted. People also really should use rsync with the -H option for hardlinks as that will save much space between releases as well. (Almost all the items in the 'cr' repo, 'os' repo, and 'fasttrack' repo from the 7.0.1406 tree will make up the new os repo in the newer 7.1.1503 tree.) If you are not using -H, you have to download each RPM more than once. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
ah, then my mirroring is broken. I'm using... /usr/local/bin/lftp -c 'open ftp://mirrors.sonic.net lcd /mnt/zbig/mirror mirror --continue --verbose=1 -x ia64 -x s390 -x s390x -x alpha -x SRPMS centos' (mirrors.sonic.net is relatively close to $job's main internet gateway). ok, I deleted all the folders that were supposed to be symlinks on my mirror, and restarted the lftp job and NOW its creating symlinks. maybe I screwed up when I rsync'd my old solaris-based mirror to my new freenas/freebsd based mirror. -- john, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
Johnny Hughes wrote: On 03/27/2015 03:27 PM, Fred Smith wrote: On Fri, Mar 27, 2015 at 12:46:20PM -0700, John R Pierce wrote: On 3/27/2015 12:36 PM, John R Pierce wrote: On 3/27/2015 12:30 PM, Mark Haney wrote: snip oh. is /7/ supposed to be a symlink to /7.0.1406/ or a separate directory ? it appears my mirroring of the mirror may be broken if its supposed to be a symlink. in /7.0.1406/, I'm seeing files up to Feb 22. /7/ is a link to the latest release, which at this point in timeis 7.0.1406.Once 7.1 is released, the 7 symlink will point to it. It is indeed a symlink ... and it will indeed be shifted. People also really should use rsync with the -H option for hardlinks as that will save much space between releases as well. (Almost all the items in the 'cr' repo, 'os' repo, and 'fasttrack' repo from the 7.0.1406 tree will make up the new os repo in the newer 7.1.1503 tree.) If you are not using -H, you have to download each RPM more than once. Absolutely, what Johnny said. We *always* use hard links for our backups, which is the only way we could (most of the time) keep 5 weeks of b/u of our home and project directories. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
On Fri, Mar 27, 2015 at 3:43 PM, John R Pierce pie...@hogranch.com wrote: On 3/27/2015 1:27 PM, Fred Smith wrote: oh. is /7/ supposed to be a symlink to /7.0.1406/ or a separate directory ? it appears my mirroring of the mirror may be broken if its supposed to be a symlink. in /7.0.1406/, I'm seeing files up to Feb 22. /7/ is a link to the latest release, which at this point in timeis 7.0.1406. Once 7.1 is released, the 7 symlink will point to it. ah, then my mirroring is broken. I thought Centos repos always worked that way - mostly so the mirrors only had to hold the updates for the latest release, whatever that might be. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Netflix
On 03/27/2015 09:02 AM, Nux! wrote: Install Docker, then install Chrome in a Debian or Ubuntu container. e.g. http://fabiorehm.com/blog/2014/09/11/running-gui-apps-with-docker/ For the record ... using the latest Google Chrome on CentOS-7.1503 (our 7.1 release in testing right now), allows Netflix to play just fine on CentOS-7. What I have installed when I tested it: nss-3.16.2.3-5.el7.i686 nss-3.16.2.3-5.el7.x86_64 google-chrome-stable-41.0.2272.101-1.x86_64 (from google) That obviously does not work on 32 bit .. it does work inside a docker container containing CentOS-7 on CentOS-6 though. No need to use Debian or Ubuntu in the Docker container :) Thanks, Johnny Hughes - Original Message - From: Bob Hepple bob.hep...@gmail.com To: centos@centos.org Sent: Friday, 27 March, 2015 01:41:14 Subject: [CentOS] Netflix Now that netflix is in Australia, I wouldn't mind giving it a burl. It's working fine on my fedora-21 lappy with chrome-40 but not on our centos-6 mythtv setup even with chrome-41. I understand the difference might be the version of NSS - fedora-21 has 3.17 while centos is stuck at 3.16. Other than that, I'm flumoxed. Anyone got netflix running on centos-6? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] xfs_quotas, [SOLVED]
On Mar 27, 2015, at 1:41 PM, m.r...@5-cent.us wrote: it was looking for some message files, libc.mo and xfsprogs.mo. And they don't exist in /usr/share/locale/en_US. libc.mo is in /usr/share/local/en_GB. And it's in most of the other languages, but not US English. I don’t know what i18n system they’re using for that, but some of them build one language’s strings into the shipping binary, then use that unique string as a key into a dictionary for looking up other languages’ strings. So, the en_US strings may be built into xfs_quota. Use strings(1) to confirm. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-docs] Docs strategy and tactics [RFC]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/25/2015 01:19 AM, kunaal jain wrote: Hi Kartsen, you'll have my proposal by the end of the day. I am not good at writing content. :( I have sorted out all the technicalities though. Regards, Kunal Jain Thanks, we'll start working on the proposal with you and other interested mentors now that the initial deadline is here. - - Karsten On Tue, Mar 24, 2015 at 5:48 AM, Karsten Wade kw...@redhat.com wrote: Kunaal: I know you are still researching, but I think you may have enough to write up your proposal in the Melange tool. The deadline for applications to be input is 27 March at 19:00 UTC. However, that is followed by a few more weeks for you to work with me and other mentors/helpers to refine the application. So your next step is to work on and submit that proposal. https://www.google-melange.com/gsoc/profile/register/student/google/gsoc 2015 Once we have you (and any others) in the Melange system, I'm going to work with Shaun and any others to help narrow my scope to something that is and doable in a summer's time. Shaun's warnings about the difficulties of syncing with an upstream are really important, and we may want to think of a way to loosely couple rather than try to solve the problem in general. If folks don't mind, I'd appreciate continuing at least some of this discussion on this list -- we need to make sure that this toolchain lines up with our process, and that process is itself sane and doable. Regards, - Karsten On 03/17/2015 03:21 AM, kunaal jain wrote: On Tue, Mar 17, 2015 at 3:30 AM, Shaun McCance sha...@redhat.com wrote: Just to throw another wrench in: I don't know what DigitalOcean's docs are like, but Linode generally provides their guides for Ubuntu, Debian, and CentOS. However, for whatever reason, they tend to do Ubuntu first. So there are bunches of guides without CentOS versions. They do allow people outside Linode to submit guides. So outside of normal CentOS docs, a useful exercise would be for people to port non-CentOS guides on Linode (and other places) to CentOS. It would increase mindshare for CentOS. I think with porting of content, main focus should be on new content. If we create the complete documentation procedure i.e. automating this long procedure writing content in markup language - pull request - discussion - changes - Identify the module and upstream - converting content in relevant design, style - pushing to upstream - updating CentOS docs - update website. If this toolchain becomes friendly, I am sure even the normal CentOS user, if learns new thing, would happy to write a document about it and push it to us. Even upstream software benefit with this documentation . Sure. I've dealt with quite a bit of this while working on GNOME docs. It's challenging, but mostly enjoyably so. I mentioned to Karsten off-list that, if you want a usable system at the end, it's important to really define the workflow and what tools are needed. I've had quite a Hence this thread comes into existence on this mailing list to discuss the workflow and tools with those people who actually deal with this on frequently basis. This was my attempt to start discussion on technical aspect of this. http://lists.centos.org/pipermail/centos-docs/2015-March/005594.html few GSoC projects that just ended up as interesting experiments, but never got used. Interesting experiments can be fine, but not if your documentation strategy depends on them. I agree. But as Jason said we need to experiment, give people this new option. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs - -- Karsten 'quaid' Wade.^\ CentOS Doer of Stuff http://TheOpenSourceWay.org\ http://community.redhat.com @quaid (identi.ca/twitter/IRC) \v' gpg: AD0E0C41 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iEYEARECAAYFAlUV0w4ACgkQ2ZIOBq0ODEEK3gCfW4XCPi4lQ2ACy9mvAcbEY4Q6 3kkAn3NUiG+VIcAWNeaU6XYrQ0t4pE4s =rcTM -END PGP SIGNATURE- ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
[CentOS] Inheriting Xauthority
On some of my machines, when I run su - in a terminal to get a root shell, an XAUTHORITY file is automatically generated to give display access to GUI programs spawned by that shell, i.e., # set | grep XAUTH XAUTHORITY=/root/.xauthayZmdH That file contains a copy of the MIT-MAGIC-COOKIE from my original X session. On other machines with the same installed OS (CentOS 6.6) that does not happen. What the heck is the difference? I have done nothing with my own xauth or xhost to permit or deny this on any of the machines. -- Bob Nichols NOSPAM is really part of my email address. Do NOT delete it. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-es] Problemas con SPAM
YO te aconsejo aprendas a programar y coloques tu script en el master.cnf para que desde que entre a la cola de correos de postfix, tu lo registres. Al menos asi lo resolveria yo :D Saludos ! El 27 de marzo de 2015, 20:38, angel jauregui darkdiabl...@gmail.com escribió: a mi tambien me llego a SPAM este correo :S El 27 de marzo de 2015, 20:36, Diego Sanchez dieg...@gmail.com escribió: http://www.postfix.org/TUNING_README.html#conn_limit En postfix, utiliza postqueue -p para ver quien es el usuario más activo Utiliza SPF/DKIM los correos salientes. Chequea los correos salientes con AV/AS. 2015-03-26 19:02 GMT-03:00 Peter Q. btove...@gmail.com: Mas bien tú estas haciendo spam, ya que tú correo me llegó en la carpeta spam y si en los miembros de la lista también les llegó en spam, nadien va a poder ayudarte. On Mar 26, 2015 3:39 PM, David González Romero dgrved...@gmail.com wrote: Hola Lista!! Ya me volvieron a listar. No se que puedo hacer. Alguna ayuda para saber que me pasa dentro de la red? Algunas ideas o software que me ayuden a buscar quien está haciendo SPAMER dentro de mi red. Saludos, David El día 26 de marzo de 2015, 7:55, David González Romero dgrved...@gmail.com escribió: Hola Lista!!! Desde el sábado pasado me están listado como SPAM en diferentes servidores. La verdad es que ya no se que hacer. SPAMHAUS es uno de los que me lista con frecuencia. Este es el mensaje que me da, claro que esto es solo una traducción: - Dirección IP 201.217.51.105 no aparece en el CBL. Fue enumerado anteriormente, pero se retiró a 03.25.2015 22:21 GMT (hace 1 hora) En el momento de la eliminación, esta fue la explicación para este listado: Esta IP está infectada (o natting para un equipo que está infectado) con el Conficker A o B Conficker botnet. Más información acerca de Conficker se puede obtener de Wikipedia Recuerde: Conficker es no una botnet envío de spam. No , no enviar correo electrónico o correo no deseado. No , no utilice el puerto 25. Por favor, siga estas instrucciones. ... - Y sigue un texto muy largo de recomendaciones. Ya he buscado con todas las herramientas el tema del famoso Conficker. Amén que todos mis Winrus están actualizados y creo que tengo corregido esa vulnerabilidad. Pero en fin siguiendo recomendaciones endurecí mi firewall, que por desgracia no es un Linux; pues heredé algo ya hecho. Pero si un UNIX (pfSense) en ese sentido denegué el acceso a los IP que CBL me informa. Además denegué el acceso a los puertos externos 25, 465 y 587. Y sobre todo eliminé todos los NAT que podía eliminar, incluido de servidores Winroses dentro de la red que precisaban esto. Ahora ya no aparezco listado en CBL, aunque los Chilenos DNSBL me tienen apuntado... una cagada... Existe alguna forma de yo saber con certeza quien me lista en esos servidores antispam? Ellos dicen que usan trampas antispam, pero uno de los mismos administradores de de DNSBL de chile me dijo y cito: - Hola, Nuestras trampas son absolutamente confidenciales. Nuestros registros indican que la IP 201.217.51.105 fue encontrada en xbl.spamhaus.org y por eso la solicitud de eliminacion fue rechazada. La IP debe estar absolutamente limpia para poder ser eliminada de este DNSBL. Sugerimos hacer esta pregunta a spamhaus.org. Saludos, - Lo que significa que evidentemente no usan ninguna trampa, sino que porque uno me lista, ellos me listan. Por favor alguna ayuda, porque este tema de eliminarme de las listas y que me vuelvan a poner, es una jodedera tramenda. Mi servidor de correo es Postfix, las configuraciones básicas. -- queue_directory = /var/spool/postfix command_directory = /usr/sbin daemon_directory = /usr/libexec/postfix mail_owner = postfix #Importante este es el nombre que recupera el DNS myhostname = mx.midominio.com #Aqui debes poner TODOS los dominios para los que tu recibes correos mydomain = midominio.com myorigin = $mydomain inet_interfaces = all mydestination = $myhostname, localhost, $mydomain unknown_local_recipient_reject_code = 550 mynetworks = 192.168.30.0/24, 127.0.0.1 relay_domains = $mydestination #Esto creo que es redundante, pero así venía. alias_maps = hash:/etc/aliases
Re: [CentOS] Upgrade centos 6 to 7
On 03/13/2015 06:50 AM, Timothy Murphy wrote: I read at http://wiki.centos.org/TipsAndTricks/CentOSUpgradeTool Warning: use of this tool is currently not recommended as several system-critical packages are of a higher version number in CentOS 6.6 than they are in CentOS 7 so those do not get upgraded correctly. This renders yum and several other system tools non-functional. Is that still the position? If so, is it likely to change in the near future? I would never, ever personally use this tool on a production server of any kind. That is a personal opinion. I would also never, ever upgrade a Windows server from one major version to another, etc. I would always do a new install and migrate things to the new server. Just too many possible issues otherwise. I feel that the same is true for major Linux OS upgrades as well. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-es] [IPTables] Opinion sobre un Firewall con DROP por defecto ?
jajajajaja la volvi a regar hay va de nuez: # denegamos todo iptables -P INPUT DROP# cancelamos entrada iptables -P OUTPUT DROP # cancelamos salidas iptables -P FORWARD DROP # cancelamos reencios iptables -t nat -P PREROUTING DROP# cancelamos nat prerouting iptables -t nat -P POSTROUTING DROP # cancelamos nat postrouting echo 1 /proc/sys/net/ipv4/ip_forward # activamos bit de reenvio iptables -A INPUT -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 80 -j ACCEPT iptables -A INPUT -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 443 -j ACCEPT iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT El 27 de marzo de 2015, 20:37, angel jauregui darkdiabl...@gmail.com escribió: Rayos... se copio y pego doble :S... hay va corregido: # denegamos todo iptables -P INPUT ACCEPT# cancelamos entrada iptables -P OUTPUT ACCEPT # cancelamos salidas iptables -P FORWARD ACCEPT # cancelamos reencios iptables -t nat -P PREROUTING ACCEPT# cancelamos nat prerouting iptables -t nat -P POSTROUTING ACCEPT # cancelamos nat postrouting echo 1 /proc/sys/net/ipv4/ip_forward # activamos bit de reenvio iptables -A INPUT -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 80 -j ACCEPT iptables -A INPUT -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 443 -j ACCEPT iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT El 27 de marzo de 2015, 20:36, angel jauregui darkdiabl...@gmail.com escribió: Buen dia lista :D Quiero montar un firewall configurado por defecto en DROP y abrir solo los puertos que quiero, pero como el servidor esta EN LINEA, no quiero cagarla y quedarme sin conexion jejejej :D Es simple, solo voy a tener el servicio HTTP (puerto 80) abierto, de modo que *hice las siguientes reglas* las cuales quiero ver si pueden checarlas y me den sus criticas: iptables -F iptables -X iptables -Z iptables -t nat -F # denegamos todo iptables -P INPUT ACCEPT# cancelamos entrada iptables -P OUTPUT ACCEPT # cancelamos salidas iptables -P FORWARD ACCEPT # cancelamos reencios iptables -t nat -P PREROUTING ACCEPT#iptables -F iptables -X iptables -Z iptables -t nat -F # denegamos todo iptables -P INPUT ACCEPT# cancelamos entrada iptables -P OUTPUT ACCEPT # cancelamos salidas iptables -P FORWARD ACCEPT # cancelamos reencios iptables -t nat -P PREROUTING ACCEPT# cancelamos nat prerouting iptables -t nat -P POSTROUTING ACCEPT # cancelamos nat postrouting echo 1 /proc/sys/net/ipv4/ip_forward # activamos bit de reenvio iptables -A INPUT -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 80 -j ACCEPT iptables -A INPUT -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 443 -j ACCEPT iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT Saludos ! -- M.S.I. Angel Haniel Cantu Jauregui. Celular: (011-52-1)-899-871-17-22 E-Mail: angel.ca...@sie-group.net Web: http://www.sie-group.net/ Cd. Reynosa Tamaulipas. -- M.S.I. Angel Haniel Cantu Jauregui. Celular: (011-52-1)-899-871-17-22 E-Mail: angel.ca...@sie-group.net Web: http://www.sie-group.net/ Cd. Reynosa Tamaulipas. -- M.S.I. Angel Haniel Cantu Jauregui. Celular: (011-52-1)-899-871-17-22 E-Mail: angel.ca...@sie-group.net Web: http://www.sie-group.net/ Cd. Reynosa Tamaulipas. ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] [IPTables] Opinion sobre un Firewall con DROP por defecto ?
Buen dia lista :D Quiero montar un firewall configurado por defecto en DROP y abrir solo los puertos que quiero, pero como el servidor esta EN LINEA, no quiero cagarla y quedarme sin conexion jejejej :D Es simple, solo voy a tener el servicio HTTP (puerto 80) abierto, de modo que *hice las siguientes reglas* las cuales quiero ver si pueden checarlas y me den sus criticas: iptables -F iptables -X iptables -Z iptables -t nat -F # denegamos todo iptables -P INPUT ACCEPT# cancelamos entrada iptables -P OUTPUT ACCEPT # cancelamos salidas iptables -P FORWARD ACCEPT # cancelamos reencios iptables -t nat -P PREROUTING ACCEPT#iptables -F iptables -X iptables -Z iptables -t nat -F # denegamos todo iptables -P INPUT ACCEPT# cancelamos entrada iptables -P OUTPUT ACCEPT # cancelamos salidas iptables -P FORWARD ACCEPT # cancelamos reencios iptables -t nat -P PREROUTING ACCEPT# cancelamos nat prerouting iptables -t nat -P POSTROUTING ACCEPT # cancelamos nat postrouting echo 1 /proc/sys/net/ipv4/ip_forward # activamos bit de reenvio iptables -A INPUT -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 80 -j ACCEPT iptables -A INPUT -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 443 -j ACCEPT iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT Saludos ! -- M.S.I. Angel Haniel Cantu Jauregui. Celular: (011-52-1)-899-871-17-22 E-Mail: angel.ca...@sie-group.net Web: http://www.sie-group.net/ Cd. Reynosa Tamaulipas. ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Problemas con SPAM
a mi tambien me llego a SPAM este correo :S El 27 de marzo de 2015, 20:36, Diego Sanchez dieg...@gmail.com escribió: http://www.postfix.org/TUNING_README.html#conn_limit En postfix, utiliza postqueue -p para ver quien es el usuario más activo Utiliza SPF/DKIM los correos salientes. Chequea los correos salientes con AV/AS. 2015-03-26 19:02 GMT-03:00 Peter Q. btove...@gmail.com: Mas bien tú estas haciendo spam, ya que tú correo me llegó en la carpeta spam y si en los miembros de la lista también les llegó en spam, nadien va a poder ayudarte. On Mar 26, 2015 3:39 PM, David González Romero dgrved...@gmail.com wrote: Hola Lista!! Ya me volvieron a listar. No se que puedo hacer. Alguna ayuda para saber que me pasa dentro de la red? Algunas ideas o software que me ayuden a buscar quien está haciendo SPAMER dentro de mi red. Saludos, David El día 26 de marzo de 2015, 7:55, David González Romero dgrved...@gmail.com escribió: Hola Lista!!! Desde el sábado pasado me están listado como SPAM en diferentes servidores. La verdad es que ya no se que hacer. SPAMHAUS es uno de los que me lista con frecuencia. Este es el mensaje que me da, claro que esto es solo una traducción: - Dirección IP 201.217.51.105 no aparece en el CBL. Fue enumerado anteriormente, pero se retiró a 03.25.2015 22:21 GMT (hace 1 hora) En el momento de la eliminación, esta fue la explicación para este listado: Esta IP está infectada (o natting para un equipo que está infectado) con el Conficker A o B Conficker botnet. Más información acerca de Conficker se puede obtener de Wikipedia Recuerde: Conficker es no una botnet envío de spam. No , no enviar correo electrónico o correo no deseado. No , no utilice el puerto 25. Por favor, siga estas instrucciones. ... - Y sigue un texto muy largo de recomendaciones. Ya he buscado con todas las herramientas el tema del famoso Conficker. Amén que todos mis Winrus están actualizados y creo que tengo corregido esa vulnerabilidad. Pero en fin siguiendo recomendaciones endurecí mi firewall, que por desgracia no es un Linux; pues heredé algo ya hecho. Pero si un UNIX (pfSense) en ese sentido denegué el acceso a los IP que CBL me informa. Además denegué el acceso a los puertos externos 25, 465 y 587. Y sobre todo eliminé todos los NAT que podía eliminar, incluido de servidores Winroses dentro de la red que precisaban esto. Ahora ya no aparezco listado en CBL, aunque los Chilenos DNSBL me tienen apuntado... una cagada... Existe alguna forma de yo saber con certeza quien me lista en esos servidores antispam? Ellos dicen que usan trampas antispam, pero uno de los mismos administradores de de DNSBL de chile me dijo y cito: - Hola, Nuestras trampas son absolutamente confidenciales. Nuestros registros indican que la IP 201.217.51.105 fue encontrada en xbl.spamhaus.org y por eso la solicitud de eliminacion fue rechazada. La IP debe estar absolutamente limpia para poder ser eliminada de este DNSBL. Sugerimos hacer esta pregunta a spamhaus.org. Saludos, - Lo que significa que evidentemente no usan ninguna trampa, sino que porque uno me lista, ellos me listan. Por favor alguna ayuda, porque este tema de eliminarme de las listas y que me vuelvan a poner, es una jodedera tramenda. Mi servidor de correo es Postfix, las configuraciones básicas. -- queue_directory = /var/spool/postfix command_directory = /usr/sbin daemon_directory = /usr/libexec/postfix mail_owner = postfix #Importante este es el nombre que recupera el DNS myhostname = mx.midominio.com #Aqui debes poner TODOS los dominios para los que tu recibes correos mydomain = midominio.com myorigin = $mydomain inet_interfaces = all mydestination = $myhostname, localhost, $mydomain unknown_local_recipient_reject_code = 550 mynetworks = 192.168.30.0/24, 127.0.0.1 relay_domains = $mydestination #Esto creo que es redundante, pero así venía. alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases recipient_delimiter = + smtpd_banner = $myhostname ESMTP $mail_name local_destination_concurrency_limit = 2 default_destination_concurrency_limit = 20 debug_peer_level = 2 debugger_command =
Re: [CentOS-es] [IPTables] Opinion sobre un Firewall con DROP por defecto ?
Rayos... se copio y pego doble :S... hay va corregido: # denegamos todo iptables -P INPUT ACCEPT# cancelamos entrada iptables -P OUTPUT ACCEPT # cancelamos salidas iptables -P FORWARD ACCEPT # cancelamos reencios iptables -t nat -P PREROUTING ACCEPT# cancelamos nat prerouting iptables -t nat -P POSTROUTING ACCEPT # cancelamos nat postrouting echo 1 /proc/sys/net/ipv4/ip_forward # activamos bit de reenvio iptables -A INPUT -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 80 -j ACCEPT iptables -A INPUT -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 443 -j ACCEPT iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT El 27 de marzo de 2015, 20:36, angel jauregui darkdiabl...@gmail.com escribió: Buen dia lista :D Quiero montar un firewall configurado por defecto en DROP y abrir solo los puertos que quiero, pero como el servidor esta EN LINEA, no quiero cagarla y quedarme sin conexion jejejej :D Es simple, solo voy a tener el servicio HTTP (puerto 80) abierto, de modo que *hice las siguientes reglas* las cuales quiero ver si pueden checarlas y me den sus criticas: iptables -F iptables -X iptables -Z iptables -t nat -F # denegamos todo iptables -P INPUT ACCEPT# cancelamos entrada iptables -P OUTPUT ACCEPT # cancelamos salidas iptables -P FORWARD ACCEPT # cancelamos reencios iptables -t nat -P PREROUTING ACCEPT#iptables -F iptables -X iptables -Z iptables -t nat -F # denegamos todo iptables -P INPUT ACCEPT# cancelamos entrada iptables -P OUTPUT ACCEPT # cancelamos salidas iptables -P FORWARD ACCEPT # cancelamos reencios iptables -t nat -P PREROUTING ACCEPT# cancelamos nat prerouting iptables -t nat -P POSTROUTING ACCEPT # cancelamos nat postrouting echo 1 /proc/sys/net/ipv4/ip_forward # activamos bit de reenvio iptables -A INPUT -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 80 -j ACCEPT iptables -A INPUT -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 443 -j ACCEPT iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT Saludos ! -- M.S.I. Angel Haniel Cantu Jauregui. Celular: (011-52-1)-899-871-17-22 E-Mail: angel.ca...@sie-group.net Web: http://www.sie-group.net/ Cd. Reynosa Tamaulipas. -- M.S.I. Angel Haniel Cantu Jauregui. Celular: (011-52-1)-899-871-17-22 E-Mail: angel.ca...@sie-group.net Web: http://www.sie-group.net/ Cd. Reynosa Tamaulipas. ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Problemas con SPAM
http://www.postfix.org/TUNING_README.html#conn_limit En postfix, utiliza postqueue -p para ver quien es el usuario más activo Utiliza SPF/DKIM los correos salientes. Chequea los correos salientes con AV/AS. 2015-03-26 19:02 GMT-03:00 Peter Q. btove...@gmail.com: Mas bien tú estas haciendo spam, ya que tú correo me llegó en la carpeta spam y si en los miembros de la lista también les llegó en spam, nadien va a poder ayudarte. On Mar 26, 2015 3:39 PM, David González Romero dgrved...@gmail.com wrote: Hola Lista!! Ya me volvieron a listar. No se que puedo hacer. Alguna ayuda para saber que me pasa dentro de la red? Algunas ideas o software que me ayuden a buscar quien está haciendo SPAMER dentro de mi red. Saludos, David El día 26 de marzo de 2015, 7:55, David González Romero dgrved...@gmail.com escribió: Hola Lista!!! Desde el sábado pasado me están listado como SPAM en diferentes servidores. La verdad es que ya no se que hacer. SPAMHAUS es uno de los que me lista con frecuencia. Este es el mensaje que me da, claro que esto es solo una traducción: - Dirección IP 201.217.51.105 no aparece en el CBL. Fue enumerado anteriormente, pero se retiró a 03.25.2015 22:21 GMT (hace 1 hora) En el momento de la eliminación, esta fue la explicación para este listado: Esta IP está infectada (o natting para un equipo que está infectado) con el Conficker A o B Conficker botnet. Más información acerca de Conficker se puede obtener de Wikipedia Recuerde: Conficker es no una botnet envío de spam. No , no enviar correo electrónico o correo no deseado. No , no utilice el puerto 25. Por favor, siga estas instrucciones. ... - Y sigue un texto muy largo de recomendaciones. Ya he buscado con todas las herramientas el tema del famoso Conficker. Amén que todos mis Winrus están actualizados y creo que tengo corregido esa vulnerabilidad. Pero en fin siguiendo recomendaciones endurecí mi firewall, que por desgracia no es un Linux; pues heredé algo ya hecho. Pero si un UNIX (pfSense) en ese sentido denegué el acceso a los IP que CBL me informa. Además denegué el acceso a los puertos externos 25, 465 y 587. Y sobre todo eliminé todos los NAT que podía eliminar, incluido de servidores Winroses dentro de la red que precisaban esto. Ahora ya no aparezco listado en CBL, aunque los Chilenos DNSBL me tienen apuntado... una cagada... Existe alguna forma de yo saber con certeza quien me lista en esos servidores antispam? Ellos dicen que usan trampas antispam, pero uno de los mismos administradores de de DNSBL de chile me dijo y cito: - Hola, Nuestras trampas son absolutamente confidenciales. Nuestros registros indican que la IP 201.217.51.105 fue encontrada en xbl.spamhaus.org y por eso la solicitud de eliminacion fue rechazada. La IP debe estar absolutamente limpia para poder ser eliminada de este DNSBL. Sugerimos hacer esta pregunta a spamhaus.org. Saludos, - Lo que significa que evidentemente no usan ninguna trampa, sino que porque uno me lista, ellos me listan. Por favor alguna ayuda, porque este tema de eliminarme de las listas y que me vuelvan a poner, es una jodedera tramenda. Mi servidor de correo es Postfix, las configuraciones básicas. -- queue_directory = /var/spool/postfix command_directory = /usr/sbin daemon_directory = /usr/libexec/postfix mail_owner = postfix #Importante este es el nombre que recupera el DNS myhostname = mx.midominio.com #Aqui debes poner TODOS los dominios para los que tu recibes correos mydomain = midominio.com myorigin = $mydomain inet_interfaces = all mydestination = $myhostname, localhost, $mydomain unknown_local_recipient_reject_code = 550 mynetworks = 192.168.30.0/24, 127.0.0.1 relay_domains = $mydestination #Esto creo que es redundante, pero así venía. alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases recipient_delimiter = + smtpd_banner = $myhostname ESMTP $mail_name local_destination_concurrency_limit = 2 default_destination_concurrency_limit = 20 debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id sleep 5 sendmail_path = /usr/sbin/sendmail.postfix newaliases_path = /usr/bin/newaliases.postfix mailq_path = /usr/bin/mailq.postfix
