[CentOS] BCP 47 support in CentOS 7 PHP

2015-10-31 Thread Alice Wonder 

This is something I would like to share, and if possible, get feedback.

I am working on a calendar webapp - something to replace Google Calendar 
for webmasters that do not like the idea of their users being tracked.


Part of that project involves time zone selection, and time zone 
selection I want internationalized, and I found the existing functions 
in PHP to be extremely poor.


As in the php function for getting the preferred language from the 
browser was often flat out incorrect.


That led me to creating my own class for BCP 47 support :

https://calendar.librelamp.com/BCP47

Not perfect yet (er, probably never will be perfect) but at least the 
bugs I find are my bugs so I can figure out how to fix them.


Just found one - with perfectly valid language tag es-419 when the class 
attempts to create a glibc language tag, it uses es_ES.utf8 which is 
obviously wrong. I didn't take into account UN region codes when it 
tries to find a glibc match.


But anyway, I know it is asking a lot, but I want to get this right and 
would love feedback from anyone who deals with internationalizing php 
web applications.


Thanks,

Alice
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Disaster recovery recommendations

2015-10-31 Thread Valeri Galtsev 

On Fri, October 30, 2015 9:31 pm, Mark LaPierre wrote:
> On 10/30/15 17:30, Max Pyziur wrote:
>>
>> Greetings,
>>
>> I have three drives; they are all SATA Seagate Barracudas; two are
>> 500GB; the third is a 2TB.
>>
>> I don't have a clear reason why they have failed (possibly due to a
>> deep, off-brand, flakey mobo; but it's still inconclusive, but I would
>> like to find a disaster recovery service that can hopefully recover the
>> data.
>>
>> Much thanks for any and all suggestions,
>>
>> Max Pyziur
>> p...@brama.com
>
> If you can get them mounted on a different machine, other than the one
> with the problem mother board, then I suggest giving SpinRite a try.
>
> https://www.grc.com/sr/spinrite.htm

I listened to guy's video. Pretty much sounds like what command line utility

badblocks

does. The only viable I hear is its latest addition when this utility
flips all bits and writes into the same location. In fact it is anything
(containing both 0's and 1's) that is to be written to the sector, then on
write the drive firmware kicks in as the drive itself on write operation
reads written sector and compared to what was sent to it and if it differs
it labels sector, or rather block I used wrong term just after this guy as
I was listening while typing. Anyway this forces discovery and
re-allocation of bad blocks. Otherwise bad blocks are discovered on some
read operation, if CRC (cyclic redundancy check sum) on read doesn't
match, the firmware reads the block many times and superimposes the read
results, if it finally gets CRC match it happily writes what it came with
to the bad block relocation area, and adds block to bad block
re-allocation table. After some number of reads if firmware doesn't come
up with CRC match it gives up, writes whatever superimposed data is. So
these data are under suspicion as even CRC match doesn't mean the data is
correct. This is why there are filesytems (ZFS to name one) that store
really sophisticated checksums for each of files.

Two things can be mentioned here.

1. If you notice that sometimes the machine (I/O actually) freezes on
access of some file(s), it most likely means the drive firmware is
struggling to do its magic on recovery of content and re-allocation of
newly discovered bad blocks. Time to check and maybe replace the drive.

2. Hardware RAIDs (and probably software RAIDs - someone chime in, I'm
staying away from software RAIDs) have the ability to schedule "verify"
task. This basically goes over all sectors (or blocks) of all drives thus:
a. forcing drive firmware to discover newly developed bad blocks; b. as
drives when working on badblock will often time out, then RAID firmware
will kick this drive out, and will start rebuilding RAID, thus re-writing
content of bad block on the drive developed bad block. In this case the
information comes from good drives, thus less likely to be corrupted. What
I described is best case scenario, not always drive will time out... so
even hardware RAIDS are prone to actual data corruption, Bottom line, it
is good to migrate to something like ZFS.

Thanks.
Valeri

>
> It's inexpensive which makes it a low risk and not much of a loss if it
> doesn't work.
>
> Also consider this a lesson learned.  The cost of a second low capacity
> machine, including the electric bill to run it, is insignificant
> compared to paying for data recovery.
>
> http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=7841915=J001-10169
>
> If you insist on keeping personal control of your data, like I do, then
> that is the best way to go about it.  Use the second machine as your
> backup.  Set it up as a NAS device and use rsync to keep your data
> backed up.  If you're paranoid you could even locate the old clunker off
> site at a family/friend's home and connect to it using ssh over the
> internet.
>
> Your other option is to use a cloud storage service of some kind.  Be
> sure to encrypt anything you store on the cloud on your machine first,
> before you send it to the cloud, so that your data will be secure even
> if someone hacks your cloud service.  There's another drawback to using
> a cloud as your backup.  The risk is small, but you do have to realize
> that the cloud could blow away along with your data.  It's happened
> before.
>
> --
> _
>°v°
>   /(_)\
>^ ^  Mark LaPierre
> Registered Linux user No #267004
> https://linuxcounter.net/
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-virt] Libvirt enhancement requests

2015-10-31 Thread Jean-Marc LIGER 

Hi Lucian,

It seems to be upstream libvirt-1.2.15-2 with options with_xen and 
with_libxl enabled.

http://cbs.centos.org/koji/buildinfo?buildID=1348

Regards,
Jean-Marc

Le 28/10/2015 09:38, Nux! a écrit :

Pasi,

Where are these RPMs, how are they built, what exactly are the differences vs 
the stock ones?

Regards,
Lucian

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

- Original Message -

From: "Pasi Kärkkäinen" 
To: "Discussion about the virtualization on CentOS" 
Sent: Wednesday, 28 October, 2015 08:36:18
Subject: Re: [CentOS-virt] Libvirt enhancement requests
On Tue, Oct 27, 2015 at 05:19:16PM +, Nux! wrote:

To clarify my own request:

RBD (for CEPH) support is available in the version bundled in RHEL 7.2 Beta, so
we'll have it in CentOS 7.2 (or whatever will be the identifying number).

The hooks seems just like a matter of creating files in the correct location.

..So, all is good in the world once again.


Except the VirtSIG provides a different version/build of libvirt rpms, so we
still need to enable RBD/Ceph support separately in VirtSIG provided version..


-- Pasi


Regards,
Lucian

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

- Original Message -

From: "Nux!" 
To: "Discussion about the virtualization on CentOS" 
Sent: Tuesday, 27 October, 2015 15:22:27
Subject: Re: [CentOS-virt] Libvirt enhancement requests
So... how exactly do we proceed?

Anyone from the Virt SIG, please stand up?

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

- Original Message -

From: "Pasi Kärkkäinen" 
To: "Discussion about the virtualization on CentOS" 
Sent: Sunday, 25 October, 2015 11:02:22
Subject: Re: [CentOS-virt] Libvirt enhancement requests
On Wed, Oct 21, 2015 at 05:44:20PM +0100, Nux! wrote:

Hi folks,


Hi,


I know you're rebuilding livbirt for the SIG. Would it be possible to enable RBD
support in it?


Yes, we should definitely enable RBD / Ceph support in libvirt!




I know quite a few cases (in the Cloudstack community) that switched to Ubuntu
particularly because CEPH support was missing.
The recommendation is to rebuild the rpms, but this is not a viable thing for
everyone. E.g.
http://blog.widodh.nl/2015/04/rebuilding-libvirt-under-centos-7-1-with-rbd-storage-pool-support/

Another thing that I noticed on the CentOS ml recently is an alleged lack of
hooks, https://www.libvirt.org/hooks.html

And last but not least, where could I find the libvirt (s)rpms that the SIG
produces?

Lucian



-- Pasi

___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt


___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS] Disaster recovery recommendations

2015-10-31 Thread Keith Keller 
On 2015-10-31, Valeri Galtsev  wrote:
>
> 2. Hardware RAIDs (and probably software RAIDs - someone chime in, I'm
> staying away from software RAIDs) have the ability to schedule "verify"
> task.

Linux mdraid can do verifies.  Recent versions of CentOS should have a
cron job that does this.  Check out /usr/sbin/raid-check.

--keith

-- 
kkel...@wombat.san-francisco.ca.us


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] use pssh to restart a service

2015-10-31 Thread Tim Dunphy 
Hi all,

 I need to restart a service on a few elasticsearch nodes. I'm trying to do
it with pssh.

 I'm getting this error when I try to do that:

pssh -h es_list   "/bin/sudo -S /bin/systemctl restart elasticsearch"
[1] 17:01:50 [FAILURE] bluethu...@es2.example.com Exited with error code 1
[2] 17:01:51 [FAILURE] bluethu...@es3.example.com Exited with error code 1
[3] 17:01:51 [FAILURE] bluethu...@es1.example.com Exited with error code 1

I have to sudo up from my user account as root logins are disallowed.

However a simple 'echo hello' command that doesn't require sudo works fine:

#pssh -h es_list   "/bin/echo hello"
[1] 17:00:40 [SUCCESS] bluethu...@es1.example.com
[2] 17:00:41 [SUCCESS] bluethu...@es3.example.com
[3] 17:00:41 [SUCCESS] bluethu...@es2.example.com

What am I doing wrong?

Thanks,
Tim


-- 
GPG me!!

gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] use pssh to restart a service

2015-10-31 Thread Nux! 
Tim,

What does the sudo log say?

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

- Original Message -
> From: "Tim Dunphy" 
> To: "CentOS mailing list" 
> Sent: Saturday, 31 October, 2015 21:22:28
> Subject: Re: [CentOS] use pssh to restart a service

>>
>> Have you tried running the command from a conventional login?
>> sudo -S
>> expects a password from stdin, where is that being supplied?
> 
> 
> Yep! That works fine.
> 
> #ssh -qt  bluethu...@es1.example.com "/bin/sudo -S /bin/systemctl restart
> elasticsearch"
> #ssh -qt  bluethu...@es1.example.com "/bin/echo $?"
> 0
> 
> And the user has 'NOPASSWD' access.
> 
> Any ideas?
> 
> Thanks,
> Tim
> 
> On Sat, Oct 31, 2015 at 5:09 PM, Tony Schreiner 
> wrote:
> 
>> On Sat, Oct 31, 2015 at 5:04 PM, Tim Dunphy  wrote:
>>
>> > Hi all,
>> >
>> >  I need to restart a service on a few elasticsearch nodes. I'm trying to
>> do
>> > it with pssh.
>> >
>> >  I'm getting this error when I try to do that:
>> >
>> > pssh -h es_list   "/bin/sudo -S /bin/systemctl restart elasticsearch"
>> > [1] 17:01:50 [FAILURE] bluethu...@es2.example.com Exited with error
>> code 1
>> > [2] 17:01:51 [FAILURE] bluethu...@es3.example.com Exited with error
>> code 1
>> > [3] 17:01:51 [FAILURE] bluethu...@es1.example.com Exited with error
>> code 1
>> >
>> > I have to sudo up from my user account as root logins are disallowed.
>> >
>> > However a simple 'echo hello' command that doesn't require sudo works
>> fine:
>> >
>> > #pssh -h es_list   "/bin/echo hello"
>> > [1] 17:00:40 [SUCCESS] bluethu...@es1.example.com
>> > [2] 17:00:41 [SUCCESS] bluethu...@es3.example.com
>> > [3] 17:00:41 [SUCCESS] bluethu...@es2.example.com
>> >
>> > What am I doing wrong?
>> >
>> > Thanks,
>> > Tim
>> >
>> >
>> Have you tried running the command from a conventional login?
>>
>> sudo -S
>> expects a password from stdin, where is that being supplied?
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
> 
> 
> 
> --
> GPG me!!
> 
> gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] use pssh to restart a service

2015-10-31 Thread Gordon Messmer 

On 10/31/2015 02:04 PM, Tim Dunphy wrote:

pssh -h es_list   "/bin/sudo -S /bin/systemctl restart elasticsearch"


The default configuration prohibits use if input echo can't be 
disabled.  That means no "-S".


I modify that for users where necessary:

/etc/sudoers.d/myuser:
Defaults:myuser!requiretty, visiblepw


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Disaster recovery recommendations

2015-10-31 Thread Nux! 
Mark,

What you're describing sounds like "ddrescue" which is free and open source.
https://www.gnu.org/software/ddrescue/

It's in EPEL.

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

- Original Message -
> From: "Mark LaPierre" 
> To: centos@centos.org
> Cc: "Mark LaPierre" 
> Sent: Saturday, 31 October, 2015 20:30:54
> Subject: Re: [CentOS] Disaster recovery recommendations

> On 10/31/15 15:17, Valeri Galtsev wrote:
>> 
>> On Fri, October 30, 2015 9:31 pm, Mark LaPierre wrote:
>>> On 10/30/15 17:30, Max Pyziur wrote:

 Greetings,

 I have three drives; they are all SATA Seagate Barracudas; two are
 500GB; the third is a 2TB.

 I don't have a clear reason why they have failed (possibly due to a
 deep, off-brand, flakey mobo; but it's still inconclusive, but I would
 like to find a disaster recovery service that can hopefully recover the
 data.

 Much thanks for any and all suggestions,

 Max Pyziur
 p...@brama.com
>>>
>>> If you can get them mounted on a different machine, other than the one
>>> with the problem mother board, then I suggest giving SpinRite a try.
>>>
>>> https://www.grc.com/sr/spinrite.htm
>> 
>> I listened to guy's video. Pretty much sounds like what command line utility
>> 
>> badblocks
>> 
>> does. The only viable I hear is its latest addition when this utility
>> flips all bits and writes into the same location. In fact it is anything
>> (containing both 0's and 1's) that is to be written to the sector, then on
>> write the drive firmware kicks in as the drive itself on write operation
>> reads written sector and compared to what was sent to it and if it differs
>> it labels sector, or rather block I used wrong term just after this guy as
>> I was listening while typing. Anyway this forces discovery and
>> re-allocation of bad blocks. Otherwise bad blocks are discovered on some
>> read operation, if CRC (cyclic redundancy check sum) on read doesn't
>> match, the firmware reads the block many times and superimposes the read
>> results, if it finally gets CRC match it happily writes what it came with
>> to the bad block relocation area, and adds block to bad block
>> re-allocation table. After some number of reads if firmware doesn't come
>> up with CRC match it gives up, writes whatever superimposed data is. So
>> these data are under suspicion as even CRC match doesn't mean the data is
>> correct. This is why there are filesytems (ZFS to name one) that store
>> really sophisticated checksums for each of files.
>> 
>> Two things can be mentioned here.
>> 
>> 1. If you notice that sometimes the machine (I/O actually) freezes on
>> access of some file(s), it most likely means the drive firmware is
>> struggling to do its magic on recovery of content and re-allocation of
>> newly discovered bad blocks. Time to check and maybe replace the drive.
>> 
>> 2. Hardware RAIDs (and probably software RAIDs - someone chime in, I'm
>> staying away from software RAIDs) have the ability to schedule "verify"
>> task. This basically goes over all sectors (or blocks) of all drives thus:
>> a. forcing drive firmware to discover newly developed bad blocks; b. as
>> drives when working on badblock will often time out, then RAID firmware
>> will kick this drive out, and will start rebuilding RAID, thus re-writing
>> content of bad block on the drive developed bad block. In this case the
>> information comes from good drives, thus less likely to be corrupted. What
>> I described is best case scenario, not always drive will time out... so
>> even hardware RAIDS are prone to actual data corruption, Bottom line, it
>> is good to migrate to something like ZFS.
>> 
>> Thanks.
>> Valeri
>> 
>>>
>>> It's inexpensive which makes it a low risk and not much of a loss if it
>>> doesn't work.
>>>
>>> Also consider this a lesson learned.  The cost of a second low capacity
>>> machine, including the electric bill to run it, is insignificant
>>> compared to paying for data recovery.
>>>
>>> http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=7841915=J001-10169
>>>
>>> If you insist on keeping personal control of your data, like I do, then
>>> that is the best way to go about it.  Use the second machine as your
>>> backup.  Set it up as a NAS device and use rsync to keep your data
>>> backed up.  If you're paranoid you could even locate the old clunker off
>>> site at a family/friend's home and connect to it using ssh over the
>>> internet.
>>>
>>> Your other option is to use a cloud storage service of some kind.  Be
>>> sure to encrypt anything you store on the cloud on your machine first,
>>> before you send it to the cloud, so that your data will be secure even
>>> if someone hacks your cloud service.  There's another drawback to using
>>> a cloud as your backup.  The risk is small, but you do have to realize
>>> that the cloud could blow away along with your

Re: [CentOS] C7: screensaver locks screen

2015-10-31 Thread Rob Kampen 



On 10/31/2015 01:47 AM, Fred Smith wrote:

On Thu, Oct 29, 2015 at 09:28:02PM -0400, Jonathan Billings wrote:

On Oct 29, 2015, at 4:44 PM, Fred Smith  wrote:

Can you remind me how to switch from one DM to another? I know I
used to know, but right now cannot recall the proper incantations.

systemctl disable gdm.service
systemctl enable lightdm.service
(reboot or stop gdm and start lightdm from a VT)

--
Jonathan Billings 

Thanks for the reminder!

unfortunately, the problem still exists: after standby, when waking up
I still get a prompt for my password.

Surely that's desired behaviour. I always want my machine to wake up 
locked - who knows who is in front of the screen - password check 
ensures I get to choose.
The alternative (say a public facing machine kiosk) would be to make 
sure there is no password set.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Disaster recovery recommendations

2015-10-31 Thread Mark LaPierre 
On 10/31/15 15:17, Valeri Galtsev wrote:
> 
> On Fri, October 30, 2015 9:31 pm, Mark LaPierre wrote:
>> On 10/30/15 17:30, Max Pyziur wrote:
>>>
>>> Greetings,
>>>
>>> I have three drives; they are all SATA Seagate Barracudas; two are
>>> 500GB; the third is a 2TB.
>>>
>>> I don't have a clear reason why they have failed (possibly due to a
>>> deep, off-brand, flakey mobo; but it's still inconclusive, but I would
>>> like to find a disaster recovery service that can hopefully recover the
>>> data.
>>>
>>> Much thanks for any and all suggestions,
>>>
>>> Max Pyziur
>>> p...@brama.com
>>
>> If you can get them mounted on a different machine, other than the one
>> with the problem mother board, then I suggest giving SpinRite a try.
>>
>> https://www.grc.com/sr/spinrite.htm
> 
> I listened to guy's video. Pretty much sounds like what command line utility
> 
> badblocks
> 
> does. The only viable I hear is its latest addition when this utility
> flips all bits and writes into the same location. In fact it is anything
> (containing both 0's and 1's) that is to be written to the sector, then on
> write the drive firmware kicks in as the drive itself on write operation
> reads written sector and compared to what was sent to it and if it differs
> it labels sector, or rather block I used wrong term just after this guy as
> I was listening while typing. Anyway this forces discovery and
> re-allocation of bad blocks. Otherwise bad blocks are discovered on some
> read operation, if CRC (cyclic redundancy check sum) on read doesn't
> match, the firmware reads the block many times and superimposes the read
> results, if it finally gets CRC match it happily writes what it came with
> to the bad block relocation area, and adds block to bad block
> re-allocation table. After some number of reads if firmware doesn't come
> up with CRC match it gives up, writes whatever superimposed data is. So
> these data are under suspicion as even CRC match doesn't mean the data is
> correct. This is why there are filesytems (ZFS to name one) that store
> really sophisticated checksums for each of files.
> 
> Two things can be mentioned here.
> 
> 1. If you notice that sometimes the machine (I/O actually) freezes on
> access of some file(s), it most likely means the drive firmware is
> struggling to do its magic on recovery of content and re-allocation of
> newly discovered bad blocks. Time to check and maybe replace the drive.
> 
> 2. Hardware RAIDs (and probably software RAIDs - someone chime in, I'm
> staying away from software RAIDs) have the ability to schedule "verify"
> task. This basically goes over all sectors (or blocks) of all drives thus:
> a. forcing drive firmware to discover newly developed bad blocks; b. as
> drives when working on badblock will often time out, then RAID firmware
> will kick this drive out, and will start rebuilding RAID, thus re-writing
> content of bad block on the drive developed bad block. In this case the
> information comes from good drives, thus less likely to be corrupted. What
> I described is best case scenario, not always drive will time out... so
> even hardware RAIDS are prone to actual data corruption, Bottom line, it
> is good to migrate to something like ZFS.
> 
> Thanks.
> Valeri
> 
>>
>> It's inexpensive which makes it a low risk and not much of a loss if it
>> doesn't work.
>>
>> Also consider this a lesson learned.  The cost of a second low capacity
>> machine, including the electric bill to run it, is insignificant
>> compared to paying for data recovery.
>>
>> http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=7841915=J001-10169
>>
>> If you insist on keeping personal control of your data, like I do, then
>> that is the best way to go about it.  Use the second machine as your
>> backup.  Set it up as a NAS device and use rsync to keep your data
>> backed up.  If you're paranoid you could even locate the old clunker off
>> site at a family/friend's home and connect to it using ssh over the
>> internet.
>>
>> Your other option is to use a cloud storage service of some kind.  Be
>> sure to encrypt anything you store on the cloud on your machine first,
>> before you send it to the cloud, so that your data will be secure even
>> if someone hacks your cloud service.  There's another drawback to using
>> a cloud as your backup.  The risk is small, but you do have to realize
>> that the cloud could blow away along with your data.  It's happened
>> before.
>>
>> --
>> _
>>°v°
>>   /(_)\
>>^ ^  Mark LaPierre
>> Registered Linux user No #267004
>> https://linuxcounter.net/
>> 
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
> 
> 
> 
> Valeri Galtsev
> Sr System Administrator
> Department of Astronomy and Astrophysics
> Kavli Institute for Cosmological Physics
> University of Chicago
> Phone: 773-702-4247
>

Re: [CentOS] Disaster recovery recommendations

2015-10-31 Thread Valeri Galtsev 

On Sat, October 31, 2015 3:30 pm, Mark LaPierre wrote:
> On 10/31/15 15:17, Valeri Galtsev wrote:
>>
>> On Fri, October 30, 2015 9:31 pm, Mark LaPierre wrote:
>>> On 10/30/15 17:30, Max Pyziur wrote:

 Greetings,

 I have three drives; they are all SATA Seagate Barracudas; two are
 500GB; the third is a 2TB.

 I don't have a clear reason why they have failed (possibly due to a
 deep, off-brand, flakey mobo; but it's still inconclusive, but I would
 like to find a disaster recovery service that can hopefully recover
 the
 data.

 Much thanks for any and all suggestions,

 Max Pyziur
 p...@brama.com
>>>
>>> If you can get them mounted on a different machine, other than the one
>>> with the problem mother board, then I suggest giving SpinRite a try.
>>>
>>> https://www.grc.com/sr/spinrite.htm
>>
>> I listened to guy's video. Pretty much sounds like what command line
>> utility
>>
>> badblocks
>>
>> does. The only viable I hear is its latest addition when this utility
>> flips all bits and writes into the same location. In fact it is anything
>> (containing both 0's and 1's) that is to be written to the sector, then
>> on
>> write the drive firmware kicks in as the drive itself on write operation
>> reads written sector and compared to what was sent to it and if it
>> differs
>> it labels sector, or rather block I used wrong term just after this guy
>> as
>> I was listening while typing. Anyway this forces discovery and
>> re-allocation of bad blocks. Otherwise bad blocks are discovered on some
>> read operation, if CRC (cyclic redundancy check sum) on read doesn't
>> match, the firmware reads the block many times and superimposes the read
>> results, if it finally gets CRC match it happily writes what it came
>> with
>> to the bad block relocation area, and adds block to bad block
>> re-allocation table. After some number of reads if firmware doesn't come
>> up with CRC match it gives up, writes whatever superimposed data is. So
>> these data are under suspicion as even CRC match doesn't mean the data
>> is
>> correct. This is why there are filesytems (ZFS to name one) that store
>> really sophisticated checksums for each of files.
>>
>> Two things can be mentioned here.
>>
>> 1. If you notice that sometimes the machine (I/O actually) freezes on
>> access of some file(s), it most likely means the drive firmware is
>> struggling to do its magic on recovery of content and re-allocation of
>> newly discovered bad blocks. Time to check and maybe replace the drive.
>>
>> 2. Hardware RAIDs (and probably software RAIDs - someone chime in, I'm
>> staying away from software RAIDs) have the ability to schedule "verify"
>> task. This basically goes over all sectors (or blocks) of all drives
>> thus:
>> a. forcing drive firmware to discover newly developed bad blocks; b. as
>> drives when working on badblock will often time out, then RAID firmware
>> will kick this drive out, and will start rebuilding RAID, thus
>> re-writing
>> content of bad block on the drive developed bad block. In this case the
>> information comes from good drives, thus less likely to be corrupted.
>> What
>> I described is best case scenario, not always drive will time out... so
>> even hardware RAIDS are prone to actual data corruption, Bottom line, it
>> is good to migrate to something like ZFS.
>>
>> Thanks.
>> Valeri
>>
>>>
>>> It's inexpensive which makes it a low risk and not much of a loss if it
>>> doesn't work.
>>>
>>> Also consider this a lesson learned.  The cost of a second low capacity
>>> machine, including the electric bill to run it, is insignificant
>>> compared to paying for data recovery.
>>>
>>> http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=7841915=J001-10169
>>>
>>> If you insist on keeping personal control of your data, like I do, then
>>> that is the best way to go about it.  Use the second machine as your
>>> backup.  Set it up as a NAS device and use rsync to keep your data
>>> backed up.  If you're paranoid you could even locate the old clunker
>>> off
>>> site at a family/friend's home and connect to it using ssh over the
>>> internet.
>>>
>>> Your other option is to use a cloud storage service of some kind.  Be
>>> sure to encrypt anything you store on the cloud on your machine first,
>>> before you send it to the cloud, so that your data will be secure even
>>> if someone hacks your cloud service.  There's another drawback to using
>>> a cloud as your backup.  The risk is small, but you do have to realize
>>> that the cloud could blow away along with your data.  It's happened
>>> before.
>>>
>>> --
>>> _
>>>°v°
>>>   /(_)\
>>>^ ^  Mark LaPierre
>>> Registered Linux user No #267004
>>> https://linuxcounter.net/
>>> 
>>> ___
>>> CentOS mailing list
>>> CentOS@centos.org
>>> https://lists.centos.org/mailman/listinfo/centos
>>>
>>
>>
>>

Re: [CentOS] use pssh to restart a service

2015-10-31 Thread Tony Schreiner 
On Sat, Oct 31, 2015 at 5:04 PM, Tim Dunphy  wrote:

> Hi all,
>
>  I need to restart a service on a few elasticsearch nodes. I'm trying to do
> it with pssh.
>
>  I'm getting this error when I try to do that:
>
> pssh -h es_list   "/bin/sudo -S /bin/systemctl restart elasticsearch"
> [1] 17:01:50 [FAILURE] bluethu...@es2.example.com Exited with error code 1
> [2] 17:01:51 [FAILURE] bluethu...@es3.example.com Exited with error code 1
> [3] 17:01:51 [FAILURE] bluethu...@es1.example.com Exited with error code 1
>
> I have to sudo up from my user account as root logins are disallowed.
>
> However a simple 'echo hello' command that doesn't require sudo works fine:
>
> #pssh -h es_list   "/bin/echo hello"
> [1] 17:00:40 [SUCCESS] bluethu...@es1.example.com
> [2] 17:00:41 [SUCCESS] bluethu...@es3.example.com
> [3] 17:00:41 [SUCCESS] bluethu...@es2.example.com
>
> What am I doing wrong?
>
> Thanks,
> Tim
>
>
Have you tried running the command from a conventional login?

sudo -S
expects a password from stdin, where is that being supplied?
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] use pssh to restart a service

2015-10-31 Thread Tim Dunphy 
>
> Have you tried running the command from a conventional login?
> sudo -S
> expects a password from stdin, where is that being supplied?


Yep! That works fine.

#ssh -qt  bluethu...@es1.example.com "/bin/sudo -S /bin/systemctl restart
elasticsearch"
#ssh -qt  bluethu...@es1.example.com "/bin/echo $?"
0

And the user has 'NOPASSWD' access.

Any ideas?

Thanks,
Tim

On Sat, Oct 31, 2015 at 5:09 PM, Tony Schreiner 
wrote:

> On Sat, Oct 31, 2015 at 5:04 PM, Tim Dunphy  wrote:
>
> > Hi all,
> >
> >  I need to restart a service on a few elasticsearch nodes. I'm trying to
> do
> > it with pssh.
> >
> >  I'm getting this error when I try to do that:
> >
> > pssh -h es_list   "/bin/sudo -S /bin/systemctl restart elasticsearch"
> > [1] 17:01:50 [FAILURE] bluethu...@es2.example.com Exited with error
> code 1
> > [2] 17:01:51 [FAILURE] bluethu...@es3.example.com Exited with error
> code 1
> > [3] 17:01:51 [FAILURE] bluethu...@es1.example.com Exited with error
> code 1
> >
> > I have to sudo up from my user account as root logins are disallowed.
> >
> > However a simple 'echo hello' command that doesn't require sudo works
> fine:
> >
> > #pssh -h es_list   "/bin/echo hello"
> > [1] 17:00:40 [SUCCESS] bluethu...@es1.example.com
> > [2] 17:00:41 [SUCCESS] bluethu...@es3.example.com
> > [3] 17:00:41 [SUCCESS] bluethu...@es2.example.com
> >
> > What am I doing wrong?
> >
> > Thanks,
> > Tim
> >
> >
> Have you tried running the command from a conventional login?
>
> sudo -S
> expects a password from stdin, where is that being supplied?
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



-- 
GPG me!!

gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Broadcom BCM4313 support broken with kernel 2.6.32-573.7.1.el6.centos.plus.x86_64?

2015-10-31 Thread Akemi Yagi 
On Sat, Oct 31, 2015 at 7:17 AM, wwp  wrote:
> Hello,
>
>
> I noticed that with latest kernel (2.6.32-573.7.1.el6.centos.plus.x86_64),
> my laptop's Wifi doesn't work, whereas with previous kernel
> (2.6.32-504.30.3.el6.centos.plus.x86_64), it works fine.
>
> Is this a known issue or did I miss something new?
>
> BTW, `lspci`  says:
> Broadcom Corporation BCM4313 802.11bgn Wireless Network Adapter (rev 01)

On your previous kernel, I believe you built/installed kmod-wl by
following this ELRepo article:

http://elrepo.org/tiki/wl-kmod

I suggest you do the same with the latest version of the wl driver. As
noted in that article, the kmod-wl binary packages built from the same
SRPM for the latest EL point releases are now available from the
nux-dextop repo.

Akemi
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-es] Fail2Ban quitar notificacion por correo ?

2015-10-31 Thread angel jauregui 
Recientemente instale ayer un nuevo server, le monte fail2ban y resulta que
levanta todo bien pero a la hora de hacer intentos fallidos de conexion ssh
NO me agrega esa IP al DROP/REJECT del IPTABLES ???, lo unico que veo es
que *imprime en /var/log/messages* que va a bannear esa IP, pero en el
IPTABLES no veo nada :(, ni tampoco veo que se volque dicha IP a mi *archivo
ip.blacklist*.

shell# tail -f /var/log/messages
Oct 31 10:09:49 linux fail2ban.filter[55486]: INFO [ssh-iptables] Found
11.22.33.44
Oct 31 10:09:50 linux fail2ban.actions[55486]: NOTICE [ssh-iptables]
11.22.33.44 already banned

shell# iptables -L -n
Chain fail2ban-SSH (4 references)
target prot opt source   destination
RETURN all  --  0.0.0.0/00.0.0.0/0
RETURN all  --  0.0.0.0/00.0.0.0/0
RETURN all  --  0.0.0.0/00.0.0.0/0
RETURN all  --  0.0.0.0/00.0.0.0/0

shell# cat /etc/fail2ban/ip.blacklist
shell#

Que sera ?

Saludos !




El 22 de octubre de 2015, 16:26, angel jauregui 
escribió:

> Gracias por su respuesta David, verificare lo que comentas porque
> actualmente si le muevo a la parte de "sendmail" dentro de jail.conf,
> simplemene sale error al reiniciar el servicio, como que la sintaxis
> necesita otro parametro :S, y tengo que regresarlo a como lo tenia con las
> notificaciones al mail.
>
> Saludos !
>
> El 22 de octubre de 2015, 14:08, David González Romero <
> dgrved...@gmail.com> escribió:
>
>> Yo mismo me respondo:
>>
>> Al actualizar a la ultima versión y leer el Changelog vi esto:
>> * action.d/iptables-common.conf - All calls to iptables command now
>> use -w switch introduced in iptables 1.4.20 (some distribution could
>> have patched their earlier base version as well) to provide this
>> locking mechanism useful under heavy load to avoid contesting on
>> iptables calls. If you need to disable, define
>> 'action.d/iptables-common.local' with empty value for 'lockingopt' in
>> `[Init]` section.
>>
>> Lo que hice fue:
>> - cp /etc/fail2ban/action.d/iptables-common.conf
>> /etc/fail2ban/action.d/iptables-common.local
>> - vim /etc/fail2ban/action.d/iptables-common.local
>> Y el parametro que esta asi
>> lockingopt = -w
>> Lo puse así:
>> lockingopt =
>> - Despues: service fail2ban reload
>>
>> Angel chequea no sea que tu Fail2ban precisa de modificaciones en la
>> configuración debido a estos upgrades.
>>
>> Saludos,
>> David
>>
>> El día 22 de octubre de 2015, 15:31, David González Romero
>>  escribió:
>> > A mi desde que se upgradeo la ultima vez que no me muestra las reglas
>> > del Iptables. Estaba pensando en hacer un post a la lista, y ahora con
>> > tu mail ya me anime a soltar la duda si alguien se ha enfrentado a
>> > problemas con Fail2ban
>> >
>> > Saludos,
>> > David
>> >
>> > El día 22 de octubre de 2015, 14:22, angel jauregui
>> >  escribió:
>> >> Buen dia.
>> >>
>> >> Estoy recibiendo mas de 100 correos diarios se intentos de conexion a
>> mi
>> >> puerto SSH, al principio eran pocos y pasaba :D... pero ahora han
>> >> incrementado y me estan fastidiando.
>> >>
>> >> Intente editar mi configuracion omitiendo el correo, pero falla el
>> reinicio.
>> >>
>> >> Les indico mi actual config. de fail2ban para el ssh:
>> >>
>> >> *shell# cat /etc/fail2ban/jail.conf*
>> >> [ssh-iptables]
>> >>
>> >> enabled  = true
>> >> filter   = sshd
>> >> action   = iptables-multiport[name=SSH, port=ssh, protocol=tcp]
>> >>sendmail-whois[name=SSH, dest=micor...@gmail.com, sender=
>> >> fail2...@midominio.com, sendername="Fail2Ban $
>> >> logpath  = /var/log/secure
>> >> maxretry = 3
>> >>
>> >> Saludos !
>> >>
>> >> --
>> >> M.S.I. Angel Haniel Cantu Jauregui.
>> >>
>> >> Celular: (011-52-1)-899-871-17-22
>> >> E-Mail: angel.ca...@sie-group.net
>> >> Web: http://www.sie-group.net/
>> >> Cd. Reynosa Tamaulipas.
>> >> ___
>> >> CentOS-es mailing list
>> >> CentOS-es@centos.org
>> >> https://lists.centos.org/mailman/listinfo/centos-es
>> ___
>> CentOS-es mailing list
>> CentOS-es@centos.org
>> https://lists.centos.org/mailman/listinfo/centos-es
>>
>
>
>
> --
> M.S.I. Angel Haniel Cantu Jauregui.
>
> Celular: (011-52-1)-899-871-17-22
> E-Mail: angel.ca...@sie-group.net
> Web: http://www.sie-group.net/
> Cd. Reynosa Tamaulipas.
>



-- 
M.S.I. Angel Haniel Cantu Jauregui.

Celular: (011-52-1)-899-871-17-22
E-Mail: angel.ca...@sie-group.net
Web: http://www.sie-group.net/
Cd. Reynosa Tamaulipas.
___
CentOS-es mailing list
CentOS-es@centos.org
https://lists.centos.org/mailman/listinfo/centos-es

[CentOS] Broadcom BCM4313 support broken with kernel 2.6.32-573.7.1.el6.centos.plus.x86_64?

2015-10-31 Thread wwp 
Hello,


I noticed that with latest kernel (2.6.32-573.7.1.el6.centos.plus.x86_64),
my laptop's Wifi doesn't work, whereas with previous kernel
(2.6.32-504.30.3.el6.centos.plus.x86_64), it works fine.

Is this a known issue or did I miss something new?

BTW, `lspci`  says:
Broadcom Corporation BCM4313 802.11bgn Wireless Network Adapter (rev 01)


Regards,

-- 
wwp


pgpIth7Obc1Ni.pgp
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C7: screensaver locks screen

2015-10-31 Thread Fred Smith 
On Sun, Nov 01, 2015 at 08:49:03AM +1300, Rob Kampen wrote:
> 
> 
> On 10/31/2015 01:47 AM, Fred Smith wrote:
> >On Thu, Oct 29, 2015 at 09:28:02PM -0400, Jonathan Billings wrote:
> >>On Oct 29, 2015, at 4:44 PM, Fred Smith  
> >>wrote:
> >>>Can you remind me how to switch from one DM to another? I know I
> >>>used to know, but right now cannot recall the proper incantations.
> >>systemctl disable gdm.service
> >>systemctl enable lightdm.service
> >>(reboot or stop gdm and start lightdm from a VT)
> >>
> >>--
> >>Jonathan Billings 
> >Thanks for the reminder!
> >
> >unfortunately, the problem still exists: after standby, when waking up
> >I still get a prompt for my password.
> >
> Surely that's desired behaviour. I always want my machine to wake up
> locked - who knows who is in front of the screen - password check
> ensures I get to choose.

while that is true, it hasn't done it until this past week, and I cannot
find any setting to control it.

Good practice or not, I'd like to know why it is doing it and how to
control it.

Fred
-- 
 Fred Smith -- fre...@fcshome.stoneham.ma.us 
Do you not know? Have you not heard? 
The LORD is the everlasting God, the Creator of the ends of the earth. 
  He will not grow tired or weary, and his understanding no one can fathom.
- Isaiah 40:28 (niv) -
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] About ecryptfs-utils

2015-10-31 Thread Akemi Yagi 
On Sat, Oct 31, 2015 at 3:24 PM, Sergio Belkin  wrote:
> Hi folks,
>
> I've found ecryptfs module into kernel-plus, but ecryptfs-utils is missing:
>
> [root@centos7 ecryptfs-utils-108]# uname -r
> 3.10.0-229.14.1.el7.centos.plus.x86_64
> [root@centos7 ecryptfs-utils-108]# lsmod | grep ecryptfs
> ecryptfs   85424  0
>
> [root@centos7 ecryptfs-utils-108]# LANG=C yum -q search ecryptfs-utils
> Warning: No matches found for: ecryptfs-utils
>
> Just I wonder why these package is not included in any CentOS repo (I guess
> because is not included in upstream), do you know why?

ecryptfs is enabled in the C7 plus kernel because of this request:

https://bugs.centos.org/view.php?id=7369

Note that ecryptfs is in el5 and el6 but only as a "tech preview" and
did not make it into el7. So, it is not supported by RH (therefore
CentOS).

Akemi
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] use pssh to restart a service

2015-10-31 Thread Tim Dunphy 
>
> What does the sudo log say?


This is all the secure logs say about the ssh session:

[root@logs:~] #tail -f /var/log/secure
Oct 31 19:15:20 logs sshd[24407]: Accepted publickey for bluethundr from
47.18.111.100 port 47469 ssh2: RSA
ae:62:1f:de:54:89:af:2c:10:16:0e:fd:8d:7e:81:06
Oct 31 19:15:21 logs sshd[24407]: pam_unix(sshd:session): session opened
for user bluethundr by (uid=0)
Oct 31 19:15:21 logs sshd[24410]: Received disconnect from 47.18.111.100:
11: disconnected by user
Oct 31 19:15:21 logs sshd[24407]: pam_unix(sshd:session): session closed
for user bluethundr

No change in the logs after making the suggested change to disable tty:

[root@logs:~] #cat /etc/sudoers.d/bluethundr
Defaults:myuser!requiretty, visiblepw

Got the same exact message!

Anything else I can try?

Thanks

On Sat, Oct 31, 2015 at 5:34 PM, Gordon Messmer 
wrote:

> On 10/31/2015 02:04 PM, Tim Dunphy wrote:
>
>> pssh -h es_list   "/bin/sudo -S /bin/systemctl restart elasticsearch"
>>
>
> The default configuration prohibits use if input echo can't be disabled.
> That means no "-S".
>
> I modify that for users where necessary:
>
> /etc/sudoers.d/myuser:
> Defaults:myuser!requiretty, visiblepw
>
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



-- 
GPG me!!

gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] About ecryptfs-utils

2015-10-31 Thread Sergio Belkin 
Hi folks,

I've found ecryptfs module into kernel-plus, but ecryptfs-utils is missing:

[root@centos7 ecryptfs-utils-108]# uname -r
3.10.0-229.14.1.el7.centos.plus.x86_64
[root@centos7 ecryptfs-utils-108]# lsmod | grep ecryptfs
ecryptfs   85424  0

[root@centos7 ecryptfs-utils-108]# yum -q repolist
id del repositorio  nombre del
repositorio  estado
Webmin  Webmin Distribution
Neutral   229
base/7/x86_64   CentOS-7 -
Base 8.652
centosplus/7/x86_64 CentOS-7 -
Plus63
epel/x86_64 Extra Packages for Enterprise
Linux 7 - x86_64  8.654
extras/7/x86_64 CentOS-7 -
Extras 236
updates/7/x86_64CentOS-7 -
Updates  1.540
zfs/x86_64  ZFS on Linux for
EL7  145
[root@centos7 ecryptfs-utils-108]# LANG=C yum -q search ecryptfs-utils
Warning: No matches found for: ecryptfs-utils



Just I wonder why these package is not included in any CentOS repo (I guess
because is not included in upstream), do you know why?

Thanks in advance!

-- 
--
Sergio Belkin
LPIC-2 Certified - http://www.lpi.org
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] use pssh to restart a service

2015-10-31 Thread Nux! 
Can you try:
'sh -c "/bin/sudo -S /bin/systemctl restart elasticsearch"'

Or perhaps without the single quotes, as well.

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

- Original Message -
> From: "Tim Dunphy" 
> To: "CentOS mailing list" 
> Sent: Saturday, 31 October, 2015 23:16:57
> Subject: Re: [CentOS] use pssh to restart a service

>>
>> What does the sudo log say?
> 
> 
> This is all the secure logs say about the ssh session:
> 
> [root@logs:~] #tail -f /var/log/secure
> Oct 31 19:15:20 logs sshd[24407]: Accepted publickey for bluethundr from
> 47.18.111.100 port 47469 ssh2: RSA
> ae:62:1f:de:54:89:af:2c:10:16:0e:fd:8d:7e:81:06
> Oct 31 19:15:21 logs sshd[24407]: pam_unix(sshd:session): session opened
> for user bluethundr by (uid=0)
> Oct 31 19:15:21 logs sshd[24410]: Received disconnect from 47.18.111.100:
> 11: disconnected by user
> Oct 31 19:15:21 logs sshd[24407]: pam_unix(sshd:session): session closed
> for user bluethundr
> 
> No change in the logs after making the suggested change to disable tty:
> 
> [root@logs:~] #cat /etc/sudoers.d/bluethundr
> Defaults:myuser!requiretty, visiblepw
> 
> Got the same exact message!
> 
> Anything else I can try?
> 
> Thanks
> 
> On Sat, Oct 31, 2015 at 5:34 PM, Gordon Messmer 
> wrote:
> 
>> On 10/31/2015 02:04 PM, Tim Dunphy wrote:
>>
>>> pssh -h es_list   "/bin/sudo -S /bin/systemctl restart elasticsearch"
>>>
>>
>> The default configuration prohibits use if input echo can't be disabled.
>> That means no "-S".
>>
>> I modify that for users where necessary:
>>
>> /etc/sudoers.d/myuser:
>> Defaults:myuser!requiretty, visiblepw
>>
>>
>>
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
> 
> 
> 
> --
> GPG me!!
> 
> gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos