Re: [CentOS-virt] OT: adding a wifi adapter to openvswitch

[Dmitry E. Mikhailov]

On 09/24/2015 01:59 PM, C.L. Martinez wrote:

  I will do some tests using openvswitch bridges to my KVM machines. One
of these tests is to add a wlan0 adapter from comandline but only when
this wlan0 is associated with a ssid without assign an IP.

  Is this posible?

Usually it's not.

When you connect as a station to the infrastructure (AP) - e.g without 
WDS or proprietary extensions enabled, every frame transmitted in 
between has three addresses: your station MAC, BSSID (AP MAC for 
simplicity), destination MAC.


WPA(2) PSK encryption is using your station MAC. So if you try to 
transmit a packet with MAC address other than yours, it won't be 
decrypted thus no transmission.


To cut the long story short AFAIK you can't bridge on WiFi client side 
with WPA(2) PSK encryption. But you can using WEP (or no encryption at 
all). Beware - WEP is as insecure as no encryption - it's cracked 
literally in minutes.


You could run WDS in AP-AP mode with the help of hostap suite or have a 
proprietary solution (WNIC and/or driver).


Otherwise you can NAT/route it.

Best regards,
Dmitry Mikhailov
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] OT: adding a wifi adapter to openvswitch

[Alvin Starr]

Actually I do a similar thing.

I use a VM as my home/office firewall.

It works quite well and I would argue it is as secure as your standard 
firewall based on something like openWRT running on dedicated hardware.


I also run a wireless AP in bridged mode to allow local network access 
on an appliance.


There should be no reason that you could not put both on the same 
physical hardware.


As for the openvswitch original question.
Openvswitch has an API that you can access to manage your traffic along 
with supporting Openflow.
If you can get events from your wireless interface then you could write 
some programs to connect to the switch API.


I am not sure the overall result is worth the effort but it will teach 
you lots about your wifi interface and Openvswitch.



On 09/24/2015 06:59 AM, Dmitry E. Mikhailov wrote:

On 09/24/2015 03:21 PM, C. L. Martinez wrote:

Thanks Dimitry, but I use wlan0 or eth0 to connect my laptop to
different networks. I use a vm as fw and I would like to have all vms
and laptop behind this fw vm guest.

Another option is to assign an IP to these interfaces and natting all
to this fw vm ... but I don't like this option


It isn't going to be safe, simple and reliable. You won't have 
anything like 'NetworkManager' on the laptop host OS. It either should 
be heavily scripted or not done at all.


You could write some fancy ebtables rules to do one-to-one MAC mapping 
between the fw VM interface and host interface and run DHCP client on 
the fw VM.


On the host you'd have static route to another fw VM interface.

But I can't imagine all the hotplug event scripting. How could fw VM 
find out if it's time to (re-)run DHCP client? How would you configure 
WPA keys on the host. How would find out if WiFi is disconnected, 
cable is connected and it's time to redo MAC mapping with another MAC 
address?


Without some real effort it's going to be fully(partly?) manual config 
with wpa_supplicant, ebtables and ssh'ing to fw VM involved. I doubt I 
would like to change from NetworkManager to this stuff instead.


That's why they do https://www.anonabox.com/
Otherwise you can get some OpenWRT on a commodity router to run some 
VPN or T#r or some other funny stuff


___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt



--
Alvin Starr   ||   voice: (905)513-7688
Netvel Inc.   ||   Cell:  (416)806-0133
al...@netvel.net  ||

___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] OT: adding a wifi adapter to openvswitch

[Dmitry E. Mikhailov]

Followup

On 09/24/2015 01:59 PM, C.L. Martinez wrote:

https://wiki.debian.org/BridgeNetworkConnections#Bridging_with_a_wireless_NIC?

They are doing an interesting Ethernet NAT with the following idea:

Your wireless station has MAC "A" and IP "X"
The virtual machine on the wireless station has MAC "B" and IP "Y"

1) To the outside world both your wireless station and virtual machine 
IPs would share the same MAC:

Arp:
IP "X": MAC "A"
IP "Y": MAC "A" (translated from "B")

2) Every ingress packet coming to your wireless station with the VM's IP 
"Y" would have it's MAC changed back


This scheme could provide you connectivity but it's hacky and it 
requires you to know the MAC and IP address combination of VM. So IMHO 
it's not really everyday mess-free usable.


I'd prefer to have a real routing set up. Simple, fast and reliable.
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] OT: adding a wifi adapter to openvswitch

[C. L. Martinez]

On Thu, Sep 24, 2015 at 11:28 AM, Dmitry E. Mikhailov
 wrote:
> Followup
>
> On 09/24/2015 01:59 PM, C.L. Martinez wrote:
>>
>>
>> https://wiki.debian.org/BridgeNetworkConnections#Bridging_with_a_wireless_NIC?
>
> They are doing an interesting Ethernet NAT with the following idea:
>
> Your wireless station has MAC "A" and IP "X"
> The virtual machine on the wireless station has MAC "B" and IP "Y"
>
> 1) To the outside world both your wireless station and virtual machine IPs
> would share the same MAC:
> Arp:
> IP "X": MAC "A"
> IP "Y": MAC "A" (translated from "B")
>
> 2) Every ingress packet coming to your wireless station with the VM's IP "Y"
> would have it's MAC changed back
>
> This scheme could provide you connectivity but it's hacky and it requires
> you to know the MAC and IP address combination of VM. So IMHO it's not
> really everyday mess-free usable.
>
> I'd prefer to have a real routing set up. Simple, fast and reliable.

Thanks Dimitry, but I use wlan0 or eth0 to connect my laptop to
different networks. I use a vm as fw and I would like to have all vms
and laptop behind this fw vm guest.

Another option is to assign an IP to these interfaces and natting all
to this fw vm ... but I don't like this option
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

[CentOS] x2go on CentOS6

[isdtor]

Has anyone managed to get the x2go server working on CentOS 6.7?

I started testing x2go from EPEL under 6.6, and it worked well. Then I didn't 
use it in 6 months plus, eventually upgraded the machine to 6.7, and it's no 
longer working. Both Windows and Linux clients error out with "Connection 
failed. 0: Event not found."

A Linux client run with the debug option reports:

x2go-DEBUG-../x2goclient-4.0.3.2/sshmasterconnection.cpp:963> Password 
authentication

x2go-DEBUG-../x2goclient-4.0.3.2/sshmasterconnection.cpp:654> user auth OK

x2go-DEBUG-../x2goclient-4.0.3.2/onmainwindow.cpp:2797> SSH connection 
established.
x2go-DEBUG-../x2goclient-4.0.3.2/onmainwindow.cpp:3060> Continue normal x2go 
session
x2go-DEBUG-../x2goclient-4.0.3.2/sshprocess.cpp:189> executing remote command 
via SshProcess object (0): "export HOSTNAME && x2golistsessions"

x2go-DEBUG-../x2goclient-4.0.3.2/sshmasterconnection.cpp:1434> creating new 
channel

x2go-DEBUG-../x2goclient-4.0.3.2/sshmasterconnection.cpp:1438> new 
channel:0x7efd94013740

x2go-DEBUG-../x2goclient-4.0.3.2/sshmasterconnection.cpp:1469> executing 
remote: "sh -c 'echo X2GODATABEGIN:a469c6c6-254d-431e-94ac-b30785359dbc; 
PATH=/usr/local/bin:/usr/bin:/bin export HOSTNAME && x2golistsessions; echo 
X2GODATAEND:a469c6c6-254d-431e-94ac-b30785359dbc;'"

x2go-DEBUG-../x2goclient-4.0.3.2/sshmasterconnection.cpp:1492>  new exec 
channel created

x2go-DEBUG-../x2goclient-4.0.3.2/sshmasterconnection.cpp:1596> EOF ON CHANNEL 
0x7efd94013740 (SshProcess: 0)

x2go-DEBUG-../x2goclient-4.0.3.2/sshmasterconnection.cpp:1664> eof sent

x2go-DEBUG-../x2goclient-4.0.3.2/sshmasterconnection.cpp:1668> channel closed

x2go-DEBUG-../x2goclient-4.0.3.2/sshprocess.cpp:444> have only stderr, 
something must be wrong

x2go-DEBUG-../x2goclient-4.0.3.2/sshprocess.cpp:449> ssh finished: false - "0: 
Event not found.
" (0).

x2go-DEBUG-../x2goclient-4.0.3.2/onmainwindow.cpp:3404> "0: Event not found.
"

This is potentially similar to 
http://bugs.x2go.org/cgi-bin/bugreport.cgi?bug=800, which hasn't been updated 
since March.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Logrotate problems

[Andrew Holway]

Actually, doing what logrotate suggests causes other problems. We don't
have this problem on any other system so I am keen to understand the root
of the issue rather than start messing around with the default permissions
of the log directories.

logrotate only matches /var/log/nginx/*log -  /var/log/nginx/access.log &
/var/log/nginx/error.log

On the server where we have problems we have
/var/log/nginx/subdirectory/some.other.log



On 24 September 2015 at 09:34, Jo Rhett  wrote:

> On Sep 24, 2015, at 12:18 AM, Andrew Holway 
> wrote:
> > error: skipping "/var/log/nginx/access.log" because parent directory has
> > insecure permissions (It's world writable or writable by group which is
> not
> > "root") Set "su" directive in config file to tell logrotate which
> > user/group should be used for rotation.
>
> Right there ^^^ it is telling you what is wrong and how to fix it.
>
> --
> Jo Rhett
> Net Consonance : net philanthropy to improve open source and internet
> projects.
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-virt] OT: adding a wifi adapter to openvswitch

[Dmitry E. Mikhailov]

On 09/24/2015 03:21 PM, C. L. Martinez wrote:

Thanks Dimitry, but I use wlan0 or eth0 to connect my laptop to
different networks. I use a vm as fw and I would like to have all vms
and laptop behind this fw vm guest.

Another option is to assign an IP to these interfaces and natting all
to this fw vm ... but I don't like this option


It isn't going to be safe, simple and reliable. You won't have anything 
like 'NetworkManager' on the laptop host OS. It either should be heavily 
scripted or not done at all.


You could write some fancy ebtables rules to do one-to-one MAC mapping 
between the fw VM interface and host interface and run DHCP client on 
the fw VM.


On the host you'd have static route to another fw VM interface.

But I can't imagine all the hotplug event scripting. How could fw VM 
find out if it's time to (re-)run DHCP client? How would you configure 
WPA keys on the host. How would find out if WiFi is disconnected, cable 
is connected and it's time to redo MAC mapping with another MAC address?


Without some real effort it's going to be fully(partly?) manual config 
with wpa_supplicant, ebtables and ssh'ing to fw VM involved. I doubt I 
would like to change from NetworkManager to this stuff instead.


That's why they do https://www.anonabox.com/
Otherwise you can get some OpenWRT on a commodity router to run some VPN 
or T#r or some other funny stuff


___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS] x2go on CentOS6

[Scott Robbins]

On Thu, Sep 24, 2015 at 10:50:08AM +0100, isdtor wrote:
> Has anyone managed to get the x2go server working on CentOS 6.7?

Worked out of the box for me.
Actually, I probably had it on 6.6 and then upgraded, but no issues since
then.
I have a fairly  simple setup. 

http://srobb.net/nxreplace.html
(I don't know if that will help at all though).

-- 
Scott Robbins
PGP keyID EB3467D6
( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 )
gpg --keyserver pgp.mit.edu --recv-keys EB3467D6

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-docs] How GSoC project can fit in to CentOS Docs

[kunaal jain]

On Thu, Sep 24, 2015 at 1:46 PM, Brian (bex) Exelbierd  wrote:
> On 08/20/2015 02:57 AM, Karsten Wade wrote:
>>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> On 08/03/2015 12:52 PM, Fabian Arrotin wrote:
>>>
>>> On 03/08/15 18:23, kunaal jain wrote:
>
>
>>> Is that possible to  have an overview of the infra and goals (aka
>>> the architecture) of this GSoC doc project ? that would help
>>> understanding, as I agree that I'm currently lost, and I'm
>>> probably not the only one, also the reason for that thread :-)
>>
>>
>> I'd be totally happy to do this, what's the best medium? I could get
>> on a public Google Hangout with you, and then we could write up a
>> document from that?
>>
>> There is a bit of infra that needs to be brought up and maintained --
>> that /should/ be written in to any documentation that Kunaal and Lei
>> have written, which is due by this week. Likely we'll need to take
>> their developer specs and convert them to operational specs.
>
>
> Did this documentation get written?  Can I get the repo for the source that
> drives the toolchain/workflow?
>

Brian, sorry for delay. I got tied up in college. We started working
on documentation again yesterday.

Regarding source code:

https://github.com/yangl1996/docs-toolchain -- The server code
https://github.com/kunaaljain/test-centos-docs -- The example
repository holding docs currently deployed at
http://clown-olga-13325.bitballoon.com/

> regards,
>
> bex
> ___
> CentOS-docs mailing list
> CentOS-docs@centos.org
> https://lists.centos.org/mailman/listinfo/centos-docs



-- 
Regards,
Kunaal Jain
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs

[CentOS-virt] OT: adding a wifi adapter to openvswitch

[C.L. Martinez]

Hi all,

 Finally, I have installed openvswitch from source to two CentOS hosts: 
one 6.x and other 7.x.


 I will do some tests using openvswitch bridges to my KVM machines. One 
of these tests is to add a wlan0 adapter from comandline but only when 
this wlan0 is associated with a ssid without assign an IP.


 Is this posible? Do I nees to add some ebtables like, for example, 
Debian's wiki says here: 
https://wiki.debian.org/BridgeNetworkConnections#Bridging_with_a_wireless_NIC?


Thanks
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

[CentOS-virt] Fwd: xen-4.4.3-1 packages released

[Keith Roberts]

Forwarding this to the list as I had a problem with our domain being 
blacklisted:

: host mail.centos.org[72.26.200.203] said: 554 5.7.1
   Service unavailable; Client host [62.208.144.128] blocked using
   ix.dnsbl.manitu.net; Your e-mail service was detected by mx-ha.web.de (NiX
   Spam) as spamming at Thu, 24 Sep 2015 05:14:02 +0200.

Begin forwarded message:

> From: Keith Roberts 
> Subject: Re: [CentOS-virt] xen-4.4.3-1 packages released
> Date: 24 September 2015 09:45:32 BST
> To: Discussion about the virtualization on CentOS 
> 
> On 23 Sep 2015, at 21:54, Johnny Hughes  wrote:
> 
>> I have signed and released the xen4centos CentOS-6 packages to our main
>> mirrors, the following are released:
>> 
>> x86_64:
>> xen-4.4.3-1.el6.x86_64.rpm
>> xen-devel-4.4.3-1.el6.x86_64.rpm
>> xen-doc-4.4.3-1.el6.x86_64.rpm
>> xen-hypervisor-4.4.3-1.el6.x86_64.rpm
>> xen-libs-4.4.3-1.el6.x86_64.rpm
>> xen-licenses-4.4.3-1.el6.x86_64.rpm
>> xen-ocaml-4.4.3-1.el6.x86_64.rpm
>> xen-ocaml-devel-4.4.3-1.el6.x86_64.rpm
>> xen-runtime-4.4.3-1.el6.x86_64.rpm
>> 
>> src:
>> xen-4.4.3-1.el6.src.rpm
> 
> Hi Johnny.
> 
> That’s great news and thanks for all the effort with this.
> 
> I currently have issues with upgrading a xen VM host server from openSUSE 
> 12.3 to 13.1 and one of the options I’d like to consider
> is installing Centos 6 or 7 using xen on the VM host.
> 
> I only want to replace the xen VM host server OS with another Linux distro 
> with LTS that also uses the xen hypervisor.
> 
> So not having a 64 bit base installation of xen on Centos 6 or 7 has been a 
> blocker for me doing this.
> 
> I’m watching the mailing list like a hawk now, (and have been for some time) 
> for when xen is available for production use on Centos 6 or 7.
> 
> Thanks again Johnny for all your effort with this.
> 
> Kind Regards,
> 
> Keith Roberts

___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS] Logrotate problems

[Jo Rhett]

On Sep 24, 2015, at 12:18 AM, Andrew Holway  wrote:
> error: skipping "/var/log/nginx/access.log" because parent directory has
> insecure permissions (It's world writable or writable by group which is not
> "root") Set "su" directive in config file to tell logrotate which
> user/group should be used for rotation.

Right there ^^^ it is telling you what is wrong and how to fix it.

-- 
Jo Rhett
Net Consonance : net philanthropy to improve open source and internet projects.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Logrotate problems

[Andrew Holway]

Hi Y'all,

We have nginx set up and we are having problems with logrotate. The
permissions and users do not seem to be any different from other machines
that are working ok however the /var/log/nginx does have a directory in
there that we are using to collect some special log stuff.

Could this subdirectory be interfering with the logrotate process?

ta

Andrew



[root@ ~]# logrotate -d /etc/logrotate.d/nginx

reading config file /etc/logrotate.d/nginx

Handling 1 logs

rotating pattern: /var/log/nginx/*log  after 1 days (10 rotations)

empty log files are not rotated, old logs are removed

considering log /var/log/nginx/access.log

error: skipping "/var/log/nginx/access.log" because parent directory has
insecure permissions (It's world writable or writable by group which is not
"root") Set "su" directive in config file to tell logrotate which
user/group should be used for rotation.

considering log /var/log/nginx/error.log

error: skipping "/var/log/nginx/error.log" because parent directory has
insecure permissions (It's world writable or writable by group which is not
"root") Set "su" directive in config file to tell logrotate which
user/group should be used for rotation.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-docs] How GSoC project can fit in to CentOS Docs

[Brian (bex) Exelbierd]

On 08/20/2015 02:57 AM, Karsten Wade wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 08/03/2015 12:52 PM, Fabian Arrotin wrote:

On 03/08/15 18:23, kunaal jain wrote:



Is that possible to  have an overview of the infra and goals (aka
the architecture) of this GSoC doc project ? that would help
understanding, as I agree that I'm currently lost, and I'm
probably not the only one, also the reason for that thread :-)


I'd be totally happy to do this, what's the best medium? I could get
on a public Google Hangout with you, and then we could write up a
document from that?

There is a bit of infra that needs to be brought up and maintained --
that /should/ be written in to any documentation that Kunaal and Lei
have written, which is due by this week. Likely we'll need to take
their developer specs and convert them to operational specs.


Did this documentation get written?  Can I get the repo for the source 
that drives the toolchain/workflow?


regards,

bex
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs

Re: [CentOS-virt] OT: adding a wifi adapter to openvswitch

[Dmitry E. Mikhailov]

On 09/24/2015 04:47 PM, Alvin Starr wrote:

Actually I do a similar thing.

Do you?


I use a VM as my home/office firewall.
If your laptop/server/smth is permanently wired to the internet, there's 
no problem to bridge this interface to the VM.


But the topic starter wants to connect to the cable or wifi and still 
have a firewall VM. WiFi client connection with WPA(2) PSK encryption 
does allow only the station's MAC in the air.


Thus topic starter needs some hotplug event scripting, wpa_supplicant 
being started manually, fancy ebtables rules to make it work, some way 
to notice the fw WM that network config changed so it would rerun 
dhclient. Yea, and he should have some GUI/TUI to have it managed. No 
NetworkManager GUI here.




It works quite well and I would argue it is as secure as your standard
firewall based on something like openWRT running on dedicated hardware.
As aforementioned, it's a bit complicated setup. And if you're thinking 
security-wise, imagine you need T#r or some fancy VPN to get your job 
done AND due to some miniscule scripting glitch a SINGLE packet would 
fly out of your real IP address - you're busted.


To be self-assured during such an intimate workout, you'd want to have a 
physical cable to the physical router that's perforing the encryption 
job. No VPN/T#r/smth - no juice. Simple, bulletproof.



I also run a wireless AP in bridged mode to allow local network access
on an appliance.
Do you connect to the AP wirelessly as the client to have a firewall VM 
running over that WiFi?


Or have you connected the AP via cable to the server/router with fw VM 
to provide connectivity to other clients?



There should be no reason that you could not put both on the same
physical hardware.
You could. But it's hard to use in everyday life of typical usage. If 
the user is a sysadm/hacker who doesn't mind issuing several commands 
from the console upon every succesful wifi/wired connection - then welcome!



As for the openvswitch original question.
Openvswitch has an API that you can access to manage your traffic along
with supporting Openflow.
If you can get events from your wireless interface then you could write
some programs to connect to the switch API.

I do want to see a neat solution please. May be I'm just too lazy.

___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

[CentOS] decode http hack attempt?

[James B. Byrne]

Can anyone de-cypher the second entry for me?

- httpd Begin 


 Requests with error response codes
403 Forbidden
   /: 9 Time(s)
   /?c=4e5e5d7364f443e28fbf0d3ae744a59a: 3 Time(s)

I have found the string via Google but have not located any explanation.

-- 
***  e-Mail is NOT a SECURE channel  ***
Do NOT transmit sensitive data via e-Mail
James B. Byrnemailto:byrn...@harte-lyne.ca
Harte & Lyne Limited  http://www.harte-lyne.ca
9 Brockley Drive  vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada  L8E 3C3

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] decode http hack attempt?

[Tony Mountifield]

In article ,
James B. Byrne  wrote:
> Can anyone de-cypher the second entry for me?
> 
> - httpd Begin 
> 
> 
>  Requests with error response codes
> 403 Forbidden
>/: 9 Time(s)
>/?c=4e5e5d7364f443e28fbf0d3ae744a59a: 3 Time(s)
> 
> I have found the string via Google but have not located any explanation.

It appears to be something to do with a PHP framework called ThinkPHP.
One of the hits when searching for it is for ThinkPHP on Google Code.

Perhaps there is a vulnerability in ThinkPHP, and this access is from
a machine scanning for vulnerable sites? Just a guess.

I don't think it has a meaning - it's just a 128-bit number expressed in hex.

Cheers
Tony

-- 
Tony Mountifield
Work: t...@softins.co.uk - http://www.softins.co.uk
Play: t...@mountifield.org - http://tony.mountifield.org
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-virt] Fwd: xen-4.4.3-1 packages released

[Johnny Hughes]

On 09/24/2015 04:11 AM, Keith Roberts wrote:
> Forwarding this to the list as I had a problem with our domain being
> blacklisted:
> 
> >:
> host mail.centos.org [72.26.200.203] said: 554 5.7.1
>Service unavailable; Client host [62.208.144.128] blocked using
>ix.dnsbl.manitu.net ; Your e-mail service
> was detected by mx-ha.web.de  (NiX
>Spam) as spamming at Thu, 24 Sep 2015 05:14:02 +0200.
> 
> Begin forwarded message:
> 
>> *From: *Keith Roberts > >
>> *Subject: **Re: [CentOS-virt] xen-4.4.3-1 packages released*
>> *Date: *24 September 2015 09:45:32 BST
>> *To: *Discussion about the virtualization on CentOS
>> >
>>
>> On 23 Sep 2015, at 21:54, Johnny Hughes > > wrote:
>>
>>> I have signed and released the xen4centos CentOS-6 packages to our main
>>> mirrors, the following are released:
>>>
>>> x86_64:
>>> xen-4.4.3-1.el6.x86_64.rpm
>>> xen-devel-4.4.3-1.el6.x86_64.rpm
>>> xen-doc-4.4.3-1.el6.x86_64.rpm
>>> xen-hypervisor-4.4.3-1.el6.x86_64.rpm
>>> xen-libs-4.4.3-1.el6.x86_64.rpm
>>> xen-licenses-4.4.3-1.el6.x86_64.rpm
>>> xen-ocaml-4.4.3-1.el6.x86_64.rpm
>>> xen-ocaml-devel-4.4.3-1.el6.x86_64.rpm
>>> xen-runtime-4.4.3-1.el6.x86_64.rpm
>>>
>>> src:
>>> xen-4.4.3-1.el6.src.rpm
>>
>> Hi Johnny.
>>
>> That’s great news and thanks for all the effort with this.
>>
>> I currently have issues with upgrading a xen VM host server from
>> openSUSE 12.3 to 13.1 and one of the options I’d like to consider
>> is installing Centos 6 or 7 using xen on the VM host.
>>
>> I only want to replace the xen VM host server OS with another Linux
>> distro with LTS that also uses the xen hypervisor.
>>
>> So not having a 64 bit base installation of xen on Centos 6 or 7 has
>> been a blocker for me doing this.
>>
>> I’m watching the mailing list like a hawk now, (and have been for some
>> time) for when xen is available for production use on Centos 6 or 7.
>>
>> Thanks again Johnny for all your effort with this.
>>
>> Kind Regards,
>>
>> Keith Roberts

We have released xen (4.4.x) for CentOS-6 in production and we maintain
it via the Virtualization SIG, which uses this list.  The released
version lives on mirror.centos.org and the RPMs are here:

http://mirror.centos.org/centos/6/xen4/x86_64/

We also have a TESTING branch of xen 4.4 and 4.6rc for CentOS-7 in our
Community Build System (CBS) here:

4.4:
http://cbs.centos.org/repos/virt7-xen-44-testing/x86_64/os/

4.6rc:
http://cbs.centos.org/repos/virt7-xen-46-testing/x86_64/os/

Those are not really production ready .. but do currently work.

Thanks,
Johnny Hughes



signature.asc
Description: OpenPGP digital signature
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS] amanda-client does not recognise 'dump'

[Johnny Hughes]

On 09/23/2015 05:48 PM, Tom Robinson wrote:
> CentOS Linux release 7.1.1503 (Core)
> amanda-3.3.3-13.el7.x86_64
> amanda-client-3.3.3-13.el7.x86_64
> amanda-libs-3.3.3-13.el7.x86_64
> dump-0.4-0.22.b44.el7.x86_64
> 
> Hi,
> 
> I have been using amanda backup for quite a long time now. I'm busy migrating 
> some older hosts to
> CentOS 7 but have found that the available amanda packages (see above) have 
> not been compiled on a
> host that has the 'dump' program installed. Is this just an oversight or are 
> we trying to not use
> 'dump' anymore? If the former, who is responsible for re-compiling this on a 
> host that has 'dump'
> installed.
> 
> Please see http://archives.zmanda.com/amanda-archives/viewtopic.php?t=7390 
> for more details
> 
> Kind regards,
> Tom


Our builds are done in mock and the only packages installed are the ones
called out in the SRPM .. this is a known upstream issue, see this link
for info:


https://lists.centos.org/pipermail/centos/2015-March/150446.html

I created a version that has dump enabled as well in that mail.



signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Logrotate problems

[Andrew Holway]

Hmm, so it seems that logrotate might be broken for nginx on Centos7. I
filed a bug with epel.

https://bugzilla.redhat.com/show_bug.cgi?id=1266105

On 24 September 2015 at 11:49, Andrew Holway 
wrote:

> Actually, doing what logrotate suggests causes other problems. We don't
> have this problem on any other system so I am keen to understand the root
> of the issue rather than start messing around with the default permissions
> of the log directories.
>
> logrotate only matches /var/log/nginx/*log -  /var/log/nginx/access.log &
> /var/log/nginx/error.log
>
> On the server where we have problems we have
> /var/log/nginx/subdirectory/some.other.log
>
>
>
> On 24 September 2015 at 09:34, Jo Rhett  wrote:
>
>> On Sep 24, 2015, at 12:18 AM, Andrew Holway 
>> wrote:
>> > error: skipping "/var/log/nginx/access.log" because parent directory has
>> > insecure permissions (It's world writable or writable by group which is
>> not
>> > "root") Set "su" directive in config file to tell logrotate which
>> > user/group should be used for rotation.
>>
>> Right there ^^^ it is telling you what is wrong and how to fix it.
>>
>> --
>> Jo Rhett
>> Net Consonance : net philanthropy to improve open source and internet
>> projects.
>>
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
>
>
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] decode http hack attempt?

[Eero Volotinen]

See:
http://code.taobao.org/p/tpbase/diff/2/trunk/ThinkPHP/Library/Think/App.class.php

if(!$module) {

+if('4e5e5d7364f443e28fbf0d3ae744a59a' == CONTROLLER_NAME) {

+header("Content-type:image/png");

+exit(base64_decode(App::logo()));

+}


I think it's way to detect if system is running vulnerable version of
ThinkPHP?


--

Eero

2015-09-24 16:53 GMT+03:00 Tony Mountifield :

> In article <
> e4bd3a73fc95477064436043eb8a37ed.squir...@webmail.harte-lyne.ca>,
> James B. Byrne  wrote:
> > Can anyone de-cypher the second entry for me?
> >
> > - httpd Begin 
> >
> >
> >  Requests with error response codes
> > 403 Forbidden
> >/: 9 Time(s)
> >/?c=4e5e5d7364f443e28fbf0d3ae744a59a: 3 Time(s)
> >
> > I have found the string via Google but have not located any explanation.
>
> It appears to be something to do with a PHP framework called ThinkPHP.
> One of the hits when searching for it is for ThinkPHP on Google Code.
>
> Perhaps there is a vulnerability in ThinkPHP, and this access is from
> a machine scanning for vulnerable sites? Just a guess.
>
> I don't think it has a meaning - it's just a 128-bit number expressed in
> hex.
>
> Cheers
> Tony
>
> --
> Tony Mountifield
> Work: t...@softins.co.uk - http://www.softins.co.uk
> Play: t...@mountifield.org - http://tony.mountifield.org
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-virt] xen-4.4.3-1 packages released

[Keith Roberts]

On 24 Sep 2015, at 14:38, Johnny Hughes  wrote:

> On 09/24/2015 04:11 AM, Keith Roberts wrote:
>> Forwarding this to the list as I had a problem with our domain being
>> blacklisted:
>> 
>> >:
>> host mail.centos.org [72.26.200.203] said: 554 5.7.1
>>   Service unavailable; Client host [62.208.144.128] blocked using
>>   ix.dnsbl.manitu.net ; Your e-mail service
>> was detected by mx-ha.web.de  (NiX
>>   Spam) as spamming at Thu, 24 Sep 2015 05:14:02 +0200.
>> 
>> Begin forwarded message:
>> 
>>> *From: *Keith Roberts >> >
>>> *Subject: **Re: [CentOS-virt] xen-4.4.3-1 packages released*
>>> *Date: *24 September 2015 09:45:32 BST
>>> *To: *Discussion about the virtualization on CentOS
>>> >
>>> 
>>> On 23 Sep 2015, at 21:54, Johnny Hughes >> > wrote:
>>> 
 I have signed and released the xen4centos CentOS-6 packages to our main
 mirrors, the following are released:
 
 x86_64:
 xen-4.4.3-1.el6.x86_64.rpm
 xen-devel-4.4.3-1.el6.x86_64.rpm
 xen-doc-4.4.3-1.el6.x86_64.rpm
 xen-hypervisor-4.4.3-1.el6.x86_64.rpm
 xen-libs-4.4.3-1.el6.x86_64.rpm
 xen-licenses-4.4.3-1.el6.x86_64.rpm
 xen-ocaml-4.4.3-1.el6.x86_64.rpm
 xen-ocaml-devel-4.4.3-1.el6.x86_64.rpm
 xen-runtime-4.4.3-1.el6.x86_64.rpm
 
 src:
 xen-4.4.3-1.el6.src.rpm
>>> 
>>> Hi Johnny.
>>> 
>>> That’s great news and thanks for all the effort with this.
>>> 
>>> I currently have issues with upgrading a xen VM host server from
>>> openSUSE 12.3 to 13.1 and one of the options I’d like to consider
>>> is installing Centos 6 or 7 using xen on the VM host.
>>> 
>>> I only want to replace the xen VM host server OS with another Linux
>>> distro with LTS that also uses the xen hypervisor.
>>> 
>>> So not having a 64 bit base installation of xen on Centos 6 or 7 has
>>> been a blocker for me doing this.
>>> 
>>> I’m watching the mailing list like a hawk now, (and have been for some
>>> time) for when xen is available for production use on Centos 6 or 7.
>>> 
>>> Thanks again Johnny for all your effort with this.
>>> 
>>> Kind Regards,
>>> 
>>> Keith Roberts
> 
> We have released xen (4.4.x) for CentOS-6 in production and we maintain
> it via the Virtualization SIG, which uses this list.  The released
> version lives on mirror.centos.org and the RPMs are here:
> 
> http://mirror.centos.org/centos/6/xen4/x86_64/
> 
> We also have a TESTING branch of xen 4.4 and 4.6rc for CentOS-7 in our
> Community Build System (CBS) here:
> 
> 4.4:
> http://cbs.centos.org/repos/virt7-xen-44-testing/x86_64/os/
> 
> 4.6rc:
> http://cbs.centos.org/repos/virt7-xen-46-testing/x86_64/os/
> 
> Those are not really production ready .. but do currently work.


Hi Johnny.

It’s nice to know Centos 6 is production ready now.

I might give it a spin on another OS partition, and see what results I get on a 
test server.

Kind Regards,

Keith










___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

[CentOS] Bug in init scripts for ipset?

[Tony Mountifield]

I've just started experimenting with ipset under CentOS 6, and have
found what appears to be a bug (or poor design) in the init scripts
for ipset, /etc/rc.d/init.d/ipset

In stop(), save() and status(), it does lsmod to check for the
existence of the ip_set module. If the module is not found, it
exits without performing any action.

This doesn't take account of a kernel where the ip_set code is compiled
in instead of being a loadable module. An example would be my CentOS 6
virtual machine at Linode. It has a Linode-compiled kernel 4.1.0 with
no separately-loaded modules. It certainly supports ipset, as I have
successfully tried some test rules. However, I wondered why giving the
command "service ipset save" didn't result in /etc/sysconfig/ipset being
written, and discovered the cause I described above.

Surely there should be a better way of determining whether the kernel
includes ipset support than just looking for a module?

Cheers
Tony
-- 
Tony Mountifield
Work: t...@softins.co.uk - http://www.softins.co.uk
Play: t...@mountifield.org - http://tony.mountifield.org
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Logrotate problems

[Jo Rhett]

It’s interesting in your world, where “broken” is “functions exactly as it is 
documented to work”

If you want it to match subdirectories then you should add to the logrotate, or 
add another one yourself for each subdirectory. It’s not hard, and it’s 
certainly not broken. It does what you tell it to do.

On Sep 24, 2015, at 6:33 AM, Andrew Holway  wrote:
> Hmm, so it seems that logrotate might be broken for nginx on Centos7. I
> filed a bug with epel.
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=1266105
> 
> On 24 September 2015 at 11:49, Andrew Holway 
> wrote:
> 
>> Actually, doing what logrotate suggests causes other problems. We don't
>> have this problem on any other system so I am keen to understand the root
>> of the issue rather than start messing around with the default permissions
>> of the log directories.
>> 
>> logrotate only matches /var/log/nginx/*log -  /var/log/nginx/access.log &
>> /var/log/nginx/error.log
>> 
>> On the server where we have problems we have
>> /var/log/nginx/subdirectory/some.other.log
>> 
>> 
>> 
>> On 24 September 2015 at 09:34, Jo Rhett  wrote:
>> 
>>> On Sep 24, 2015, at 12:18 AM, Andrew Holway 
>>> wrote:
 error: skipping "/var/log/nginx/access.log" because parent directory has
 insecure permissions (It's world writable or writable by group which is
>>> not
 "root") Set "su" directive in config file to tell logrotate which
 user/group should be used for rotation.
>>> 
>>> Right there ^^^ it is telling you what is wrong and how to fix it.
>>> 
>>> --
>>> Jo Rhett
>>> Net Consonance : net philanthropy to improve open source and internet
>>> projects.
>>> 
>>> ___
>>> CentOS mailing list
>>> CentOS@centos.org
>>> https://lists.centos.org/mailman/listinfo/centos
>>> 
>> 
>> 
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos

-- 
Jo Rhett
Net Consonance : net philanthropy to improve open source and internet projects.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-virt] OT: adding a wifi adapter to openvswitch

[Nux!]

http://linux.die.net/man/8/networkmanager search for "dispatcher.d".

What he wants is entirely possible AFAIK, I've done it on a Rpi (Raspbian) at 
home, I'm sure it can't be too hard in CentOS.

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

- Original Message -
> From: "Dmitry E. Mikhailov" 
> To: "Discussion about the virtualization on CentOS" 
> Sent: Thursday, 24 September, 2015 16:31:16
> Subject: Re: [CentOS-virt] OT: adding a wifi adapter to openvswitch

> On 09/24/2015 08:22 PM, Nux! wrote:
>> I know people used Parprouted to help with bridging wired with wireless. 
>> Have a
>> look at it.
> Somebody already automated the ARP mangling. Brilliant.
> 
> I wonder if there's a way to run a script upon every NetworkManager
> connection event.
> 
> Topic starter wrote me that he bridged wired and wireless on Windows
> Server 2012 and it works for Hyper-V VM OOTB.
> 
> Still hoping to get the ARP table I asked to confirm.
> 
> ___
> CentOS-virt mailing list
> CentOS-virt@centos.org
> https://lists.centos.org/mailman/listinfo/centos-virt
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS] Logrotate problems

[Andrew Holway]

I don't want it to match subdirectories. I just want it to rotate the
standard, default, access and error logs which in this setup is not working
correctly.

 If you don't have anything useful to add other than trolling then please
keep it to yourself.



On 24 September 2015 at 16:53, Jo Rhett  wrote:

> It’s interesting in your world, where “broken” is “functions exactly as it
> is documented to work”
>
> If you want it to match subdirectories then you should add to the
> logrotate, or add another one yourself for each subdirectory. It’s not
> hard, and it’s certainly not broken. It does what you tell it to do.
>
> On Sep 24, 2015, at 6:33 AM, Andrew Holway 
> wrote:
> > Hmm, so it seems that logrotate might be broken for nginx on Centos7. I
> > filed a bug with epel.
> >
> > https://bugzilla.redhat.com/show_bug.cgi?id=1266105
> >
> > On 24 September 2015 at 11:49, Andrew Holway 
> > wrote:
> >
> >> Actually, doing what logrotate suggests causes other problems. We don't
> >> have this problem on any other system so I am keen to understand the
> root
> >> of the issue rather than start messing around with the default
> permissions
> >> of the log directories.
> >>
> >> logrotate only matches /var/log/nginx/*log -  /var/log/nginx/access.log
> &
> >> /var/log/nginx/error.log
> >>
> >> On the server where we have problems we have
> >> /var/log/nginx/subdirectory/some.other.log
> >>
> >>
> >>
> >> On 24 September 2015 at 09:34, Jo Rhett 
> wrote:
> >>
> >>> On Sep 24, 2015, at 12:18 AM, Andrew Holway 
> >>> wrote:
>  error: skipping "/var/log/nginx/access.log" because parent directory
> has
>  insecure permissions (It's world writable or writable by group which
> is
> >>> not
>  "root") Set "su" directive in config file to tell logrotate which
>  user/group should be used for rotation.
> >>>
> >>> Right there ^^^ it is telling you what is wrong and how to fix it.
> >>>
> >>> --
> >>> Jo Rhett
> >>> Net Consonance : net philanthropy to improve open source and internet
> >>> projects.
> >>>
> >>> ___
> >>> CentOS mailing list
> >>> CentOS@centos.org
> >>> https://lists.centos.org/mailman/listinfo/centos
> >>>
> >>
> >>
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > https://lists.centos.org/mailman/listinfo/centos
>
> --
> Jo Rhett
> Net Consonance : net philanthropy to improve open source and internet
> projects.
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-virt] OT: adding a wifi adapter to openvswitch

[Dmitry E. Mikhailov]

On 09/24/2015 08:31 PM, C. L. Martinez wrote:

Simple, Windows 2012 creates a virtual bridge with the same MAC
address as wlan has.
Ok. Windows does just the same. Thanks for the ARP table. [For ML 
readers - it was sent directly]. Now we know what the money are paid for :)



But, I think it could not be possible to bridge
wlan interfaces with brctl or openvswitch according what I am. seeing
and reading

Quite possible with the invalulable help of Nux:
Parprouted + NetworkManager scripting should do the trick.


Ok, I will try a different approach. I can see two possible solutions:

a) Pass wlan via PCI-Passthrough to fw vm

Would work even better but I don't think the laptop would suspend.


b) Using iptables+iproute2 rules in laptop and redirect/nat all
traffic from/to fw vm.


I will try b) option first. I know what type of iptables I need to use
and what type of config I need to do to iproute2 works as I need.

But I see one problem: I need to redirect ALL traffic from outside to
inside: ip, ipv6, tcp, tcp6, igmp, etc ... and I don't know what type
of iptables I need to configure.

Any tip??
Try the aforementioned unnumbered option first. Can't say anything about 
IPv6 - sadly not proficient. For IPv4 you won't need iptables, only iproute:


1)save and delete the current wireless default gateway IP
2)create a source-based policy routing rule so traffic from the fw VM IP 
address would have the earlier saved IP as a gateway IP
3)set the default gateway IP to the another interface's (it's a 
requirement) IP address of a fw VM.



___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] OT: adding a wifi adapter to openvswitch

[Nux!]

I know people used Parprouted to help with bridging wired with wireless. Have a 
look at it.

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

- Original Message -
> From: "C. L. Martinez" 
> To: "Discussion about the virtualization on CentOS" 
> Sent: Thursday, 24 September, 2015 14:52:56
> Subject: Re: [CentOS-virt] OT: adding a wifi adapter to openvswitch

> On Thu, Sep 24, 2015 at 2:08 PM, Dmitry E. Mikhailov
>  wrote:
>> On 09/24/2015 04:47 PM, Alvin Starr wrote:
>>>
>>> Actually I do a similar thing.
>>
>> Do you?
>>
>>> I use a VM as my home/office firewall.
>>
>> If your laptop/server/smth is permanently wired to the internet, there's no
>> problem to bridge this interface to the VM.
>>
>> But the topic starter wants to connect to the cable or wifi and still have a
>> firewall VM. WiFi client connection with WPA(2) PSK encryption does allow
>> only the station's MAC in the air.
>>
>> Thus topic starter needs some hotplug event scripting, wpa_supplicant being
>> started manually, fancy ebtables rules to make it work, some way to notice
>> the fw WM that network config changed so it would rerun dhclient. Yea, and
>> he should have some GUI/TUI to have it managed. No NetworkManager GUI here.
>>
>>>
>>> It works quite well and I would argue it is as secure as your standard
>>> firewall based on something like openWRT running on dedicated hardware.
>>
>> As aforementioned, it's a bit complicated setup. And if you're thinking
>> security-wise, imagine you need T#r or some fancy VPN to get your job done
>> AND due to some miniscule scripting glitch a SINGLE packet would fly out of
>> your real IP address - you're busted.
>>
>> To be self-assured during such an intimate workout, you'd want to have a
>> physical cable to the physical router that's perforing the encryption job.
>> No VPN/T#r/smth - no juice. Simple, bulletproof.
>>
>>> I also run a wireless AP in bridged mode to allow local network access
>>> on an appliance.
>>
>> Do you connect to the AP wirelessly as the client to have a firewall VM
>> running over that WiFi?
>>
>> Or have you connected the AP via cable to the server/router with fw VM to
>> provide connectivity to other clients?
>>
>>> There should be no reason that you could not put both on the same
>>> physical hardware.
>>
>> You could. But it's hard to use in everyday life of typical usage. If the
>> user is a sysadm/hacker who doesn't mind issuing several commands from the
>> console upon every succesful wifi/wired connection - then welcome!
>>
>>> As for the openvswitch original question.
>>> Openvswitch has an API that you can access to manage your traffic along
>>> with supporting Openflow.
>>> If you can get events from your wireless interface then you could write
>>> some programs to connect to the switch API.
>>
>> I do want to see a neat solution please. May be I'm just too lazy.
>>
> 
> Thank you both for your help, I have done another test. I have setup
> another laptop with windows 2012 R2 Hyper-V and I have bridged
> wireless interface and assigned this bridge to a vm guest, and voila!!
> works without problem. Using some powershell scripts, I can change
> between SSID's without problems. Easy, really easy. And I don't need
> to use WDS features,
> 
> I don't understand why it doesn't works with CentOS using the same
> approach. I am trying using brctl commands, but it doesn't works also
> because wlan0 can't authenticate with AP ...
> ___
> CentOS-virt mailing list
> CentOS-virt@centos.org
> https://lists.centos.org/mailman/listinfo/centos-virt
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-virt] OT: adding a wifi adapter to openvswitch

[Dmitry E. Mikhailov]

On 09/24/2015 08:22 PM, Nux! wrote:

I know people used Parprouted to help with bridging wired with wireless. Have a 
look at it.

Somebody already automated the ARP mangling. Brilliant.

I wonder if there's a way to run a script upon every NetworkManager 
connection event.


Topic starter wrote me that he bridged wired and wireless on Windows 
Server 2012 and it works for Hyper-V VM OOTB.


Still hoping to get the ARP table I asked to confirm.

___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS] x2go on CentOS6

[isdtor]

> http://srobb.net/nxreplace.html
> (I don't know if that will help at all though).
 
No joy, unfortunately. Even reinstalling x2go from scratch doesn't help.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] x2go on CentOS6

[Akemi Yagi]

On Thu, Sep 24, 2015 at 8:31 AM, isdtor  wrote:
>
>> http://srobb.net/nxreplace.html
>> (I don't know if that will help at all though).
>
> No joy, unfortunately. Even reinstalling x2go from scratch doesn't help.

It did work out of the box for me, too. If I remember correctly, I
installed x2goserver on a CentOS 6.6 system and then updated it to
6.7.

The errors you posted were from the client. Assuming you can ssh into
the remote machine without a problem, do you see error messages there
on the server?

Akemi
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] x2go on CentOS6

[isdtor]

> The errors you posted were from the client. Assuming you can ssh into
> the remote machine without a problem, do you see error messages there
> on the server?

Thanks, Akemi, you have hit the nail on the head!

The spurious error message was caused by a statement in .cshrc that created 
output, a stray unescaped exclamation mark in an alias definition. And that 
with me preaching to my users for years about cleaning up their init files ...

I feel stupid now. But not contagious, thankfully.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] x2go on CentOS6

[Akemi Yagi]

On Thu, Sep 24, 2015 at 9:13 AM, isdtor  wrote:
>
>> The errors you posted were from the client. Assuming you can ssh into
>> the remote machine without a problem, do you see error messages there
>> on the server?
>
> Thanks, Akemi, you have hit the nail on the head!
>
> The spurious error message was caused by a statement in .cshrc that created 
> output, a stray unescaped exclamation mark in an alias definition. And that 
> with me preaching to my users for years about cleaning up their init files ...

Glad to hear you've identified the cause. By the way I love that
"stray unescaped exclamation mark in an alias definition" ;-)

Akemi
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Bug in init scripts for ipset?

[Jonathan Billings]

On Thu, Sep 24, 2015 at 02:43:42PM +, Tony Mountifield wrote:
> I've just started experimenting with ipset under CentOS 6, and have
> found what appears to be a bug (or poor design) in the init scripts
> for ipset, /etc/rc.d/init.d/ipset

I suggest filing a bug against RHEL6 in https://bugzilla.redhat.com/
if you think it needs to be fixed.  CentOS just rebuilds the RHEL
sources. 

-- 
Jonathan Billings 
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] php DOMDocument and entities

[Alice Wonder]

This is not CentOS specific but I hope someone here knows so I do not 
have to subscribe to another list.


I'm using php DOMDocument to create an XSL that needs a non-breaking 
space between two values.


Basically:

$xslvalueof = $dom->createElement('xsl:value-of');
$xslvalueof->setAttribute('select', '../@month');
$caption->appendChild($xslvalueof);
$nbsp = $dom->createTextNode('');
$caption->appendChild($nbsp);
$xslvalueof = $dom->createElement('xsl:value-of');
$xslvalueof->setAttribute('select', '../@year');
$caption->appendChild($xslvalueof);

That's what I am trying to do.

createTextNode() however tries to protect the users, and automatically 
turns any & into 


So I tried

$nbsp = $dom->createEntityReference('#160');

That however gives a dom error, it seems createEntityReference only 
works with named entities.


$nbsp = $dom->createEntityReference('nbsp');

works, but then I would have to modify the DTD for both XSL and the 
target XML because neither have nbsp defined.


How can I create the literal string '' using DOMDocument as a text 
node between two other nodes?


This is driving me nuts.

I could I suppose put it inside a span

 = $dom->createElement('span', '');

That works but is hackish. It seems to work though by generating the 
actual UTF8 character itself.


I really wish the XML spec itself had named entities for the various 
whitespace characters that tend to get eaten by XML parsers if not done 
as a numbered entity. Ah well.


Using  works just fine when the XSL is a text file. It is 
dynamically creating it via DOMDocument where I have a problem.


Thanks for any suggestions.

--
-=-
Sent my from my laptop, may not be able to respond timely
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos