Re: [CentOS] CentOS-6.8 fsck report Maximal Count

2017-03-10 Thread Jay Hart 
Talk about missing the email I wanted to reply too. Disregard...


>> On Mar 10, 2017, at 9:28 AM, Valeri Galtsev  
>> wrote:
>>>
>>>
>>> On Fri, March 10, 2017 9:52 am, Warren Young wrote:
 On Mar 10, 2017, at 6:32 AM, James B. Byrne  wrote:
>
> On Thu, March 9, 2017 09:46, John Hodrien wrote:
>>
>> fsck's not good at finding disk errors, it finds filesystem errors.
>
> If not fsck then what?

 badblocks(8).
>>>
>>> And I definitely will unmount relevant filesystem(s) before using
>>> badblocks…
>>
>> You don’t necessarily have to.  The default mode of badblocks is a 
>> non-invasive read-only test
>> which is safe to run on a mounted filesystem.
>>
>> That said, a read-only badblocks pass can give a false “no errors” 
>> report in cases where a
>> non-destructive read-then-write pass (-n) will show errors.
>>
>> Alternatively, a read-only pass may show an error that a read-then-write 
>> pass will silently bury
>> by forcing the drive to relocate the bad sector.
>>
>> In extreme cases, you could potentially fix a problem with a 
>> read-random-random-write pass (-n
>> -t
>> random -t random) because that will statistically flip all the bits at least 
>> twice, which may
>> rub
>> the drive’s nose in a bad sector, forcing a reallocation where a normal 
>> read-then-write pass
>> (-n
>> alone) may not.
>>
>> Hard drives are weird.  It is only through the grace of ECC and such that 
>> they approximate
>> deterministic behavior as well as they do.
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] kernel memory accounting

2017-03-10 Thread David Both 
Well, that is exactly what it is supposed to do. The easy way to fix 
this is add more memory. A wildly impractical attempt to turn off memory 
accounting will result in a really borked system that will suck up all 
your time trying to recompile the kernel to make it work. Don't even go 
down that road.


Memory is very cheap these days. Your time is one of the most valuable 
commodities on the planet.


And oh, by the way - are you sure it is RAM you ran out of and not hard 
drive space?


So my questions now become -

How much RAM do you have?

How much swap space?

What error message did you get?

Are you using something like top, htop, iotop, or glances to monitor 
your system and discover the root cause of this problem.


Do you have SAR installed and enabled? You would also need to set the 
granularity for 1 minute instead of the default 10.


What does SAR tell you?

From where (what device or medium) are you copying the data from and to?

But no matter how many questions you answer, my response will probably 
still be the same - get more RAM. Or at least more of the limiting 
resource -and that does sound like RAM right now.



On 03/10/2017 03:51 PM, Wensheng Deng wrote:

I have 3.10 kernel. I am running some data processing job, need to first
copy big (>5 GB) input files. The jobs were killed, because the system
thought I used 5 GB memory from the file copying.


On Fri, Mar 10, 2017 at 3:04 PM, David Both

Re: [CentOS] kernel memory accounting

2017-03-10 Thread Wensheng Deng 
I have 3.10 kernel. I am running some data processing job, need to first
copy big (>5 GB) input files. The jobs were killed, because the system
thought I used 5 GB memory from the file copying.


On Fri, Mar 10, 2017 at 3:04 PM, David Both  wrote:

> First - why in the world would you want to disable kernel memory
> accounting? I don't think that is even possible (despite not being a kernel
> programmer myself) because the kernel must needs account for every bit of
> real and virtual memory in the system in order to do its job.
>
> Second - the first note in the doc to which you refer says that it is
> hopelessly out of date and further down it indicates it refers to 2.6
> kernels and we are now at 4.9.
>
> So now my question boils down to - what is it that you are trying to do
> that makes you think you have to disable kernel memory accounting?
>
>
>
> On 03/10/2017 02:25 PM, Wensheng Deng wrote:
>
>> Hi CentOS experts,
>>
>> I am using CentOS 7. Trying to disable kernel memory accounting:
>> according to https://www.kernel.org/doc/Documentation/cgroup-v1/memory.
>> txt,
>>   passing cgroup.memory=nokmem to the kernel at boot time, should be able
>> to
>> archive that.
>>
>> However it is not the case in my exercise.  These are what I have now
>> $ grep CONFIG_MEMCG_KMEM /boot/config-3.10.0-327.36.3.el7.x86_64
>>
>> CONFIG_MEMCG_KMEM=y
>>
>> $ cat /proc/cmdline
>>
>> BOOT_IMAGE=/vmlinuz-3.10.0-327.36.3.el7.x86_64
>> root=UUID=56568066-5719-46d9-981d-278c7559689b ro quiet
>> cgroup.memory=nokmem
>> systemd.log_level=debug
>>
>> But kernel memory is still accounted in user's applications. Any
>> suggestion
>> on how to chase the issue is greatly appreciated!  Thank you!
>>
>>
>> Best Regards,
>> Wensheng
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
>
> --
>
>
> *
> David P. Both, RHCE
> Millennium Technology Consulting LLC
> Raleigh, NC, USA
> 919-389-8678
>
> db...@millennium-technology.com
>
> www.millennium-technology.com
> www.databook.bz - Home of the DataBook for Linux
> DataBook is a Registered Trademark of David Both
> *
> This communication may be unlawfully collected and stored by the National
> Security Agency (NSA) in secret. The parties to this email do not consent
> to the
> retrieving or storing of this communication and any related metadata, as
> well as
> printing, copying, re-transmitting, disseminating, or otherwise using it.
> If you
> believe you have received this communication in error, please delete it
> immediately.
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] kernel memory accounting

2017-03-10 Thread David Both 
First - why in the world would you want to disable kernel memory 
accounting? I don't think that is even possible (despite not being a 
kernel programmer myself) because the kernel must needs account for 
every bit of real and virtual memory in the system in order to do its job.


Second - the first note in the doc to which you refer says that it is 
hopelessly out of date and further down it indicates it refers to 2.6 
kernels and we are now at 4.9.


So now my question boils down to - what is it that you are trying to do 
that makes you think you have to disable kernel memory accounting?



On 03/10/2017 02:25 PM, Wensheng Deng wrote:

Hi CentOS experts,

I am using CentOS 7. Trying to disable kernel memory accounting:
according to https://www.kernel.org/doc/Documentation/cgroup-v1/memory.txt,
  passing cgroup.memory=nokmem to the kernel at boot time, should be able to
archive that.

However it is not the case in my exercise.  These are what I have now
$ grep CONFIG_MEMCG_KMEM /boot/config-3.10.0-327.36.3.el7.x86_64

CONFIG_MEMCG_KMEM=y

$ cat /proc/cmdline

BOOT_IMAGE=/vmlinuz-3.10.0-327.36.3.el7.x86_64
root=UUID=56568066-5719-46d9-981d-278c7559689b ro quiet cgroup.memory=nokmem
systemd.log_level=debug

But kernel memory is still accounted in user's applications. Any suggestion
on how to chase the issue is greatly appreciated!  Thank you!


Best Regards,
Wensheng
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos


--


*
David P. Both, RHCE
Millennium Technology Consulting LLC
Raleigh, NC, USA
919-389-8678

db...@millennium-technology.com

www.millennium-technology.com
www.databook.bz - Home of the DataBook for Linux
DataBook is a Registered Trademark of David Both
*
This communication may be unlawfully collected and stored by the National
Security Agency (NSA) in secret. The parties to this email do not consent to the
retrieving or storing of this communication and any related metadata, as well as
printing, copying, re-transmitting, disseminating, or otherwise using it. If you
believe you have received this communication in error, please delete it
immediately.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] kernel memory accounting

2017-03-10 Thread Wensheng Deng 
Hi CentOS experts,

I am using CentOS 7. Trying to disable kernel memory accounting:
according to https://www.kernel.org/doc/Documentation/cgroup-v1/memory.txt,
 passing cgroup.memory=nokmem to the kernel at boot time, should be able to
archive that.

However it is not the case in my exercise.  These are what I have now
$ grep CONFIG_MEMCG_KMEM /boot/config-3.10.0-327.36.3.el7.x86_64

CONFIG_MEMCG_KMEM=y

$ cat /proc/cmdline

BOOT_IMAGE=/vmlinuz-3.10.0-327.36.3.el7.x86_64
root=UUID=56568066-5719-46d9-981d-278c7559689b ro quiet cgroup.memory=nokmem
systemd.log_level=debug

But kernel memory is still accounted in user's applications. Any suggestion
on how to chase the issue is greatly appreciated!  Thank you!


Best Regards,
Wensheng
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] kmod-jfs on Centos 6

2017-03-10 Thread H 

I am a bit of a noob with Linux and Centos but would like to be able to access 
an old external USB disk formatted JFS by OS/2. I have seen there is a kmod-jfs 
package on elrepo that ought to work with Centos 6 but am unsure how to install 
kmods without hosing my existing system...

If anyone would like to be so kind to give me a short how-to, I would be very 
grateful.

Thank you.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS-6.8 fsck report Maximal Count

2017-03-10 Thread Jay Hart 
I get up around 0630, u can come anytime after that. I want to hit the range 
that morning but if I
KNEW when you are arriving, I could plan around that...

> On Mar 10, 2017, at 9:28 AM, Valeri Galtsev  wrote:
>>
>>
>> On Fri, March 10, 2017 9:52 am, Warren Young wrote:
>>> On Mar 10, 2017, at 6:32 AM, James B. Byrne  wrote:

 On Thu, March 9, 2017 09:46, John Hodrien wrote:
>
> fsck's not good at finding disk errors, it finds filesystem errors.

 If not fsck then what?
>>>
>>> badblocks(8).
>>
>> And I definitely will unmount relevant filesystem(s) before using
>> badblocks…
>
> You don’t necessarily have to.  The default mode of badblocks is a 
> non-invasive read-only test
> which is safe to run on a mounted filesystem.
>
> That said, a read-only badblocks pass can give a false “no errors” report 
> in cases where a
> non-destructive read-then-write pass (-n) will show errors.
>
> Alternatively, a read-only pass may show an error that a read-then-write pass 
> will silently bury
> by forcing the drive to relocate the bad sector.
>
> In extreme cases, you could potentially fix a problem with a 
> read-random-random-write pass (-n -t
> random -t random) because that will statistically flip all the bits at least 
> twice, which may rub
> the drive’s nose in a bad sector, forcing a reallocation where a normal 
> read-then-write pass (-n
> alone) may not.
>
> Hard drives are weird.  It is only through the grace of ECC and such that 
> they approximate
> deterministic behavior as well as they do.
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] polkit helper timeout and defunct pkla-check-authorization processes on CentOS 7.3

2017-03-10 Thread Edgecombe, Jason 
Hi everyone,

We seem to be having issues on multiple CentOS 7.3 machines. The problem
seems to revolve around polkitd. At some random time, polkitd seems to stop
responding on my systems. Along with this, there might be hundreds of
defunct pkla-check-authorization processes. If I reboot, then things are
fine for a while.

I don't see any activity in the unabridged journal to suggest anything that
might be triggering polkitd. The puppet run finished 5 minutes before
polkitd lost it's head.

polkit version is polkit-0.112-11.el7_3.x86_64

Any help is appreciated.

Thanks,
Jason

Here is some condensed output from the "journalctl -u polkit" command:
Mar 09 04:02:14 myhost systemd[1]: Starting Authorization Manager...
Mar 09 04:02:14 myhost polkitd[1018]: Started polkitd version 0.112
Mar 09 04:02:14 myhost polkitd[1018]: Loading rules from directory
/etc/polkit-1/rules.d
Mar 09 04:02:14 myhost polkitd[1018]: Loading rules from directory
/usr/share/polkit-1/rules.d
Mar 09 04:02:14 myhost polkitd[1018]: Finished loading, compiling and
executing 7 rules
Mar 09 04:02:14 myhost systemd[1]: Started Authorization Manager.
Mar 09 04:02:14 myhost polkitd[1018]: Acquired the name
org.freedesktop.PolicyKit1 on the system bus
Mar 09 04:02:53 myhost polkitd[1018]: Registered Authentication Agent for
unix-session:c1 (system bus name :1.41 [gnome-shell --mode=gdm], object
path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
Mar 09 04:08:25 myhost polkitd[1018]: Reloading rules
Mar 09 04:08:25 myhost polkitd[1018]: Collecting garbage unconditionally...
Mar 09 04:08:25 myhost polkitd[1018]: Loading rules from directory
/etc/polkit-1/rules.d
Mar 09 04:08:25 myhost polkitd[1018]: Loading rules from directory
/usr/share/polkit-1/rules.d
Mar 09 04:08:25 myhost polkitd[1018]: Finished loading, compiling and
executing 8 rules
Mar 09 04:08:25 myhost polkitd[1018]: Reloading rules
Mar 09 04:08:25 myhost polkitd[1018]: Collecting garbage unconditionally...
Mar 09 04:08:25 myhost polkitd[1018]: Loading rules from directory
/etc/polkit-1/rules.d
Mar 09 04:08:25 myhost polkitd[1018]: Loading rules from directory
/usr/share/polkit-1/rules.d
Mar 09 04:08:25 myhost polkitd[1018]: Finished loading, compiling and
executing 8 rules
Mar 09 04:08:53 myhost polkitd[1018]: Reloading rules
... (snipped more rules loading)
Mar 09 04:10:39 myhost polkitd[1018]: Collecting garbage unconditionally...
Mar 09 04:10:39 myhost polkitd[1018]: Loading rules from directory
/etc/polkit-1/rules.d
Mar 09 04:10:39 myhost polkitd[1018]: Loading rules from directory
/usr/share/polkit-1/rules.d
Mar 09 04:10:39 myhost polkitd[1018]: Finished loading, compiling and
executing 7 rules
Mar 09 16:59:42 myhost polkitd[1018]:
/etc/polkit-1/rules.d/49-polkit-pkla-compat.rules:21: Error: Error spawning
helper: Timed out after 10 seconds (g-io-error-quark, 24)
Mar 09 16:59:42 myhost polkitd[1018]: Error evaluating authorization rules
Mar 10 04:13:34 myhost polkitd[1018]:
/etc/polkit-1/rules.d/49-polkit-pkla-compat.rules:21: Error: Error spawning
helper: Timed out after 10 seconds (g-io-error-quark, 24)
Mar 10 04:13:34 myhost polkitd[1018]: Error evaluating authorization rules
Mar 10 04:14:32 myhost polkitd[1018]:
/etc/polkit-1/rules.d/49-polkit-pkla-compat.rules:21: Error: Error spawning
helper: Timed out after 10 seconds (g-io-error-quark, 24)
... (snipped more lines about error evaluating rules)...

---
Jason Edgecombe | Linux Administrator
UNC Charlotte | The William States Lee College of Engineering
9201 University City Blvd. | Charlotte, NC 28223-0001
Phone: 704-687-1943
jwedg...@uncc.edu | http://engr.uncc.edu |  Facebook
---
If you are not the intended recipient of this transmission or a person
responsible for delivering it to the intended recipient, any disclosure,
copying, distribution, or other use of any of the information in this
transmission is strictly prohibited. If you have received this transmission
in error, please notify me immediately by reply e-mail or by telephone at
704-687-1943.  Thank you.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS-6.8 fsck report Maximal Count

2017-03-10 Thread Warren Young 
On Mar 10, 2017, at 9:28 AM, Valeri Galtsev  wrote:
> 
> 
> On Fri, March 10, 2017 9:52 am, Warren Young wrote:
>> On Mar 10, 2017, at 6:32 AM, James B. Byrne  wrote:
>>> 
>>> On Thu, March 9, 2017 09:46, John Hodrien wrote:
 
 fsck's not good at finding disk errors, it finds filesystem errors.
>>> 
>>> If not fsck then what?
>> 
>> badblocks(8).
> 
> And I definitely will unmount relevant filesystem(s) before using
> badblocks…

You don’t necessarily have to.  The default mode of badblocks is a non-invasive 
read-only test which is safe to run on a mounted filesystem.

That said, a read-only badblocks pass can give a false “no errors” report in 
cases where a non-destructive read-then-write pass (-n) will show errors.

Alternatively, a read-only pass may show an error that a read-then-write pass 
will silently bury by forcing the drive to relocate the bad sector.

In extreme cases, you could potentially fix a problem with a 
read-random-random-write pass (-n -t random -t random) because that will 
statistically flip all the bits at least twice, which may rub the drive’s nose 
in a bad sector, forcing a reallocation where a normal read-then-write pass (-n 
alone) may not.

Hard drives are weird.  It is only through the grace of ECC and such that they 
approximate deterministic behavior as well as they do.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS-6.8 fsck report Maximal Count

2017-03-10 Thread Valeri Galtsev 

On Fri, March 10, 2017 9:52 am, Warren Young wrote:
> On Mar 10, 2017, at 6:32 AM, James B. Byrne  wrote:
>>
>> On Thu, March 9, 2017 09:46, John Hodrien wrote:
>>>
>>> fsck's not good at finding disk errors, it finds filesystem errors.
>>
>> If not fsck then what?
>
> badblocks(8).

And I definitely will unmount relevant filesystem(s) before using
badblocks...

>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] OT: hardware suggestions for video capture card for a server

2017-03-10 Thread m . roth 
We've got several secure rooms, with video surveillance 24x7. A few years
ago, we got a couple of cards based on BT878 chips, which we use with the
motion package. I've posted here about hardware issues...

After a fair bit of testing, the cards just don't seem to be compatible
with Dell rackmount server firmware. They work fine... on older Penguins,
which are Supermicro. It's clearly not an o/s issue, it's hardware -
having tried two Dells, and swapped cards between the old Penguin and the
newer Dell, it's the Dell m/b.

Does anyone have any suggestions, possibly for video capture cards,
perhaps on newer chips? The two requirements are a) accept BNC connectors
from the cameras, and b) must have *four* actual channels, not one
multiplexed.

Thanks in advance, folks.

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS-6.8 fsck report Maximal Count

2017-03-10 Thread m . roth 
James B. Byrne wrote:
>
> On Thu, March 9, 2017 09:46, John Hodrien wrote:
>> On Thu, 9 Mar 2017, James B. Byrne wrote:
>>
>>> This indicated that a bad sector on the underlying disk system might
>>> be the source of the problem.  The guests were all shutdown, a
>>> /forcefsck file was created on the host system, and the host system
>>> remotely restarted.
>>
>> fsck's not good at finding disk errors, it finds filesystem errors.
>
> If not fsck then what?
>
fsck  run with -c, which forces badblocks to run. Or you can run that
directly.
>>
>> If it was a real disk issue, you'd expect matching errors in the host
>> logs.
>
> Yes, there are:
>
> Mar  9 09:14:13 vhost03 kernel: end_request: I/O error, dev sda,
> sector 1236929063
> Mar  9 09:14:30 vhost03 kernel: end_request: I/O error, dev sda,
> sector 1236929063
> Mar  9 09:14:48 vhost03 kernel: end_request: I/O error, dev sda,
> sector 1236929063

Looks like only one sector's bad. Running badblocks should, I think, mark
that sector as bad, so the system doesn't try to read or write there. I've
got a user whose workstation has had a bad sector running for over a year.
However, if it becomes two, or four, or 64 sectors, it's replacement time,
asap.

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS-6.8 fsck report Maximal Count

2017-03-10 Thread Warren Young 
On Mar 10, 2017, at 6:32 AM, James B. Byrne  wrote:
> 
> On Thu, March 9, 2017 09:46, John Hodrien wrote:
>> 
>> fsck's not good at finding disk errors, it finds filesystem errors.
> 
> If not fsck then what?

badblocks(8).

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-es] postfixadmin vs virtualmin

2017-03-10 Thread angel jauregui 
Pues hace un a~o que no uso webmin y virtualmin, sinceramente un completo
desastre y difícil de entender.

Termine optando por ISPConfig, hasta ahora super genial !

Saludos !

El 10 de marzo de 2017, 5:27, Wilmer Arambula 
escribió:

> Con centos7.3 he trabajado con
> postfixadmin+dovecot+spamassing+dkim+rouncube+MariaDb y me parece
> excelente, no he tenido problemas ni de spam ni virus, y siempre el correo
> llega cifrado y verificado, viendo el nuevo panel de webmin y virtualmin,
> que seria mejor usar postfixadmin o mail virtualmin,
>
> Espero sus comentarios,
>
> Saludos,
>
> --
> *Wilmer Arambula. *
> ___
> CentOS-es mailing list
> CentOS-es@centos.org
> https://lists.centos.org/mailman/listinfo/centos-es
>



-- 
M.S.I. Angel Haniel Cantu Jauregui.

Celular: (011-52-1)-899-871-17-22
E-Mail: angel.ca...@sie-group.net
Web: http://www.sie-group.net/
Cd. Reynosa Tamaulipas.
___
CentOS-es mailing list
CentOS-es@centos.org
https://lists.centos.org/mailman/listinfo/centos-es

Re: [CentOS-es] herramienta similar a fw-buider

2017-03-10 Thread Roberto Alvarado 
FW builder sigue vigente (por lo menos en github), 

https://github.com/fwbuilder/fwbuilder/releases

El ultimo release es del 14 de enero.


Saludos
Roberto
On 10-03-2017 11:11:44, Wilmer Arambula  wrote:
Yo uso shoreline (webminl), me parece seguro y facil de manejar,

Saludos,

El 10 de marzo de 2017, 10:08, Hector Martínez Romo
escribió:

> Estimados
>
>
> junto con saludarlos mi consulta es si me pueden sugerir una buena
> herramienta para trabajar con iptables como Fwbuider obviamente sobre
> centOS. El caso es que hace mas de tres años que dejo de existir fwbuider.
>
>
> quedo atento y gracias.
>
> Saludos
> ___
> CentOS-es mailing list
> CentOS-es@centos.org
> https://lists.centos.org/mailman/listinfo/centos-es
>



--
*Wilmer Arambula. *

*Asoc. Cooperativa Tecnologia Terabyte 124, RL.Tlfs: +58 02512623601 - +58
4125110921.*

*Representante para Venezuela.*
*Digital Identification Solutions* *EDI**secure*® *Fingertec*®
___
CentOS-es mailing list
CentOS-es@centos.org
https://lists.centos.org/mailman/listinfo/centos-es
___
CentOS-es mailing list
CentOS-es@centos.org
https://lists.centos.org/mailman/listinfo/centos-es

Re: [CentOS-es] herramienta similar a fw-buider

2017-03-10 Thread Wilmer Arambula 
Yo uso shoreline (webminl), me parece seguro y facil de manejar,

Saludos,

El 10 de marzo de 2017, 10:08, Hector Martínez Romo 
escribió:

> Estimados
>
>
> junto con saludarlos mi consulta es si me pueden sugerir una buena
> herramienta para trabajar con iptables como Fwbuider obviamente sobre
> centOS. El caso es que hace mas de tres años que dejo de existir fwbuider.
>
>
> quedo atento y gracias.
>
> Saludos
> ___
> CentOS-es mailing list
> CentOS-es@centos.org
> https://lists.centos.org/mailman/listinfo/centos-es
>



-- 
*Wilmer Arambula. *

*Asoc. Cooperativa Tecnologia Terabyte 124, RL.Tlfs: +58 02512623601 - +58
4125110921.*

*Representante para Venezuela.*
*Digital Identification Solutions* *EDI**secure*® *Fingertec*®
___
CentOS-es mailing list
CentOS-es@centos.org
https://lists.centos.org/mailman/listinfo/centos-es

[CentOS-es] herramienta similar a fw-buider

2017-03-10 Thread Hector Martínez Romo 
Estimados


junto con saludarlos mi consulta es si me pueden sugerir una buena
herramienta para trabajar con iptables como Fwbuider obviamente sobre
centOS. El caso es que hace mas de tres años que dejo de existir fwbuider.


quedo atento y gracias.

Saludos
___
CentOS-es mailing list
CentOS-es@centos.org
https://lists.centos.org/mailman/listinfo/centos-es

Re: [CentOS-es] Problemas de correos

2017-03-10 Thread Roberto Alvarado 
Con exim puedes ocupar rate limit de correos por usuario:

http://www.exim.org/exim-html-current/doc/html/spec_html/ch-access_control_lists.html#useratlim

Lo puedes combinar con lfd (https://configserver.com/cp/csf.html) para que te 
mande una alerta si alguien manda una rafaga de correo, lfd puede generar una 
acción o bloqueo automático ademas.

Basicamente es el mismo principio que ocupan paneles de control de hosting como 
cpanel o directadmin.


Saludos
Roberto
On 10-03-2017 10:23:17, Roberto Bermúdez  wrote:
Que tal Angel, pues en realidad no tengo alguna herramienta que me pueda
advertir al respecto de lo que indicas, sí he tenido pocas ocasiones de ser
víctima de eso y mi servidor envía spam, para alertar me de eso lo que
tengo es una tarea cron en las noches que me manda un correo con el
resultado de mailq, en caso de yo ver un uso indebido del smtp lo que hago
es dar de baja las interfaces y pasar un antivirus y luego después de una
horas subo nuevamente las interfaces del servidor, al siguiente día una vez
que ya no mande spam verifico que no se encuentre en listas negras mi
servidor, hasta ahora me ha funcionado bien, si alguien sabe de alguna
Herramienta u otro método para evitar que el servidor sea usado para mandar
spam, se lo agradeceríamos mucho

El mar. 9, 2017 21:05, "angel jauregui" escribió:

> Aprovechando que manejas directamente Servidor de Correos a nivel empresa
> al igual que yo, me gustaria preguntarte si no te ha pasado que a uno de
> tus clientes se les cuele malware y empiece a enviar como loco spam ?
>
> Tienes alguna herramienta para detectar el uso anomalo del smtp o alguna
> manera de que recibas alerta en el aumento en el uso del relay de un
> mailbox ?
>
> Saludos !
>
> El 9 de marzo de 2017, 19:59, Roberto Bermúdez
> escribió:
>
> > Muchas gracias estimados a todos por sus comentarios voy hacer las
> pruebas
> > y cualquier cosa estaré anunciando cómo me fue
> >
> > El mar. 9, 2017 20:58, "angel jauregui"
> escribió:
> >
> > > Te recomiendo:
> > >
> > > 1) Como dijo *Victor* usa Certificado para cifrar tu mensajeria (no
> tiene
> > > que ser oficial de SSLVerify o asi... generalo con openssl).
> > >
> > > 3) *Descarga los Certificados Oficiales* para no tener problemas de
> > > comunicacion con los diversos proveedores de correo, lee aqui:
> > > https://albertomolina.wordpress.com/2009/01/04/
> > > configurar-postfix-a-traves-de-un-relay-host-autenticado-gmail/
> > > ... OJO en el manual te indica como poner el Certificado que exige
> > Google,
> > > pero asi como Google pide, tambien hay un conjunto de certificados que
> > > puedes poner para evitar tener problemas de hacer llegar el correo.
> > >
> > > Saludos !
> > >
> > > El 8 de marzo de 2017, 15:37, Victor Padro
> escribió:
> > >
> > > > De preferencia usa certificados para cifrar los mensajes, ya que la
> > otra
> > > > parte si los esta usando.
> > > >
> > > > Saludos,
> > > >
> > > > 2017-03-08 15:27 GMT-06:00 Roberto Bermúdez :
> > > >
> > > > > Buenas tardes estimados listeros
> > > > >
> > > > > necesito acudir a ustedes a ver si alguien me puede ayudar con una
> > duda
> > > > que
> > > > > se me ocasiona con respecto a mi servidor de correos, primero debo
> > > > indicar
> > > > > que mi servidor lo tengo en un centos 5.5, con snedmail, y con
> > > > MailScanner
> > > > > y Spamassassin también
> > > > >
> > > > > pero desde la semana pasada tengo alguno usuarios que me indican
> que
> > no
> > > > > pueden recibir correo desde ciertos dominios (no todos los
> > dominios), y
> > > > > hasta la fecha solo uno me ha podido conseguir el mensaje de error
> > que
> > > > > reciben quienes mandan el correo y detallo a continuación, tampoco
> se
> > > > > observa nada extraño en los logs de mi servidore de correo.
> > > > >
> > > > > cabe aclarar que no uso certificados TLS, que según lo que he
> > googleado
> > > > > dice que es el problema, entonces como puedo superar el
> > inconveniente?
> > > > >
> > > > >
> > > > > De: Mail Delivery Subsystem
> > > > > Fecha: 7/3/17 13:38 (GMT-05:00)
> > > > > A: usua...@xx.com
> > > > > Asunto: Returned mail: see transcript for details
> > > > >
> > > > > The original message was received at Thu, 2 Mar 2017 13:35:42 -0500
> > > > > from [X.X.X.X]
> > > > >
> > > > > - The following addresses had permanent fatal errors -
> > > > >
> > > > > (reason: 403 4.7.0 TLS handshake failed.)
> > > > >
> > > > >
> > > > > de antemano agradezco inmensamente cualquier ayuda que me puedan
> > > aportar
> > > > >
> > > > > Roberto B.
> > > > > ___
> > > > > CentOS-es mailing list
> > > > > CentOS-es@centos.org
> > > > > https://lists.centos.org/mailman/listinfo/centos-es
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > "Everything that irritates us about others can lead us to an
> > > understanding
> > > > of ourselves"
> > > > ___
> > > > CentOS-es mailing list
>

Re: [CentOS] CentOS-6.8 fsck report Maximal Count

2017-03-10 Thread James B. Byrne 

On Thu, March 9, 2017 09:46, John Hodrien wrote:
> On Thu, 9 Mar 2017, James B. Byrne wrote:
>
>> This indicated that a bad sector on the underlying disk system might
>> be the source of the problem.  The guests were all shutdown, a
>> /forcefsck file was created on the host system, and the host system
>> remotely restarted.
>
> fsck's not good at finding disk errors, it finds filesystem errors.

If not fsck then what?

>
> If it was a real disk issue, you'd expect matching errors in the host
> logs.


Yes, there are:

Mar  9 09:14:13 vhost03 kernel: end_request: I/O error, dev sda,
sector 1236929063
Mar  9 09:14:30 vhost03 kernel: end_request: I/O error, dev sda,
sector 1236929063
Mar  9 09:14:48 vhost03 kernel: end_request: I/O error, dev sda,
sector 1236929063

I am running an extended SMART test on the drive at the moment. I
suspect that the drive is probably at its EOL for practical purposes. 
So likely we will be looking at an equipment upgrade given the age of
the rest of the equipment.

In the meantime what steps, if any, should I take to remediate this
problem?

>
>> /var/log/messages:Mar  9 08:34:48 vhost03 kernel: EXT4-fs (dm-6):
>> warning: maximal mount count reached, running e2fsck is recommended
>
> Unmount it and run fsck on it, and that message would go away.  But
> I'd not
> worry about that one.
>
> jh
>
>


-- 
***  e-Mail is NOT a SECURE channel  ***
Do NOT transmit sensitive data via e-Mail
 Do NOT open attachments nor follow links sent by e-Mail

James B. Byrnemailto:byrn...@harte-lyne.ca
Harte & Lyne Limited  http://www.harte-lyne.ca
9 Brockley Drive  vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada  L8E 3C3

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-es] Problemas de correos

2017-03-10 Thread Roberto Bermúdez 
Que tal Angel, pues en realidad no tengo alguna herramienta que me pueda
advertir al respecto de lo que indicas, sí he tenido pocas ocasiones de ser
víctima de eso y mi servidor envía spam, para alertar me de eso lo que
tengo es una tarea cron en las noches que me manda un correo con el
resultado de mailq, en caso de yo ver un uso indebido del smtp lo que hago
es dar de baja las interfaces y pasar un antivirus y luego después de una
horas subo nuevamente las interfaces del servidor, al siguiente día una vez
que ya no mande spam verifico que no se encuentre en listas negras mi
servidor, hasta ahora me ha funcionado bien, si alguien sabe de alguna
Herramienta u otro método para evitar que el servidor sea usado para mandar
spam, se lo agradeceríamos mucho

El mar. 9, 2017 21:05, "angel jauregui"  escribió:

> Aprovechando que manejas directamente Servidor de Correos a nivel empresa
> al igual que yo, me gustaria preguntarte si no te ha pasado que a uno de
> tus clientes se les cuele malware y empiece a enviar como loco spam ?
>
> Tienes alguna herramienta para detectar el uso anomalo del smtp o alguna
> manera de que recibas alerta en el aumento en el uso del relay de un
> mailbox ?
>
> Saludos !
>
> El 9 de marzo de 2017, 19:59, Roberto Bermúdez 
> escribió:
>
> > Muchas gracias estimados a todos por sus comentarios voy hacer las
> pruebas
> > y cualquier cosa estaré anunciando cómo me fue
> >
> > El mar. 9, 2017 20:58, "angel jauregui" 
> escribió:
> >
> > > Te recomiendo:
> > >
> > > 1) Como dijo *Victor* usa Certificado para cifrar tu mensajeria (no
> tiene
> > > que ser oficial de SSLVerify o asi... generalo con openssl).
> > >
> > > 3) *Descarga los Certificados Oficiales* para no tener problemas de
> > > comunicacion con los diversos proveedores de correo, lee aqui:
> > > https://albertomolina.wordpress.com/2009/01/04/
> > > configurar-postfix-a-traves-de-un-relay-host-autenticado-gmail/
> > > ... OJO en el manual te indica como poner el Certificado que exige
> > Google,
> > > pero asi como Google pide, tambien hay un conjunto de certificados que
> > > puedes poner para evitar tener problemas de hacer llegar el correo.
> > >
> > > Saludos !
> > >
> > > El 8 de marzo de 2017, 15:37, Victor Padro 
> escribió:
> > >
> > > > De preferencia usa certificados para cifrar los mensajes, ya que la
> > otra
> > > > parte si los esta usando.
> > > >
> > > > Saludos,
> > > >
> > > > 2017-03-08 15:27 GMT-06:00 Roberto Bermúdez :
> > > >
> > > > > Buenas tardes estimados listeros
> > > > >
> > > > > necesito acudir a ustedes a ver si alguien me puede ayudar con una
> > duda
> > > > que
> > > > > se me ocasiona con respecto a mi servidor de correos, primero debo
> > > > indicar
> > > > > que mi servidor lo tengo en un centos 5.5, con snedmail, y con
> > > > MailScanner
> > > > > y Spamassassin también
> > > > >
> > > > > pero desde la semana pasada tengo alguno usuarios que me indican
> que
> > no
> > > > > pueden recibir correo desde ciertos dominios (no todos los
> > dominios), y
> > > > > hasta la fecha solo uno me ha podido conseguir el mensaje de error
> > que
> > > > > reciben quienes mandan el correo y detallo a continuación, tampoco
> se
> > > > > observa nada extraño en los logs de mi servidore de correo.
> > > > >
> > > > > cabe aclarar que no uso certificados TLS, que según lo que he
> > googleado
> > > > > dice que es el problema, entonces como puedo superar el
> > inconveniente?
> > > > >
> > > > >
> > > > > De: Mail Delivery Subsystem 
> > > > > Fecha: 7/3/17 13:38 (GMT-05:00)
> > > > > A: usua...@xx.com
> > > > > Asunto: Returned mail: see transcript for details
> > > > >
> > > > > The original message was received at Thu, 2 Mar 2017 13:35:42 -0500
> > > > > from [X.X.X.X]
> > > > >
> > > > >- The following addresses had permanent fatal errors -
> > > > > 
> > > > > (reason: 403 4.7.0 TLS handshake failed.)
> > > > >
> > > > >
> > > > > de antemano agradezco inmensamente cualquier ayuda que me puedan
> > > aportar
> > > > >
> > > > > Roberto B.
> > > > > ___
> > > > > CentOS-es mailing list
> > > > > CentOS-es@centos.org
> > > > > https://lists.centos.org/mailman/listinfo/centos-es
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > "Everything that irritates us about others can lead us to an
> > > understanding
> > > > of ourselves"
> > > > ___
> > > > CentOS-es mailing list
> > > > CentOS-es@centos.org
> > > > https://lists.centos.org/mailman/listinfo/centos-es
> > > >
> > >
> > >
> > >
> > > --
> > > M.S.I. Angel Haniel Cantu Jauregui.
> > >
> > > Celular: (011-52-1)-899-871-17-22
> > > E-Mail: angel.ca...@sie-group.net
> > > Web: http://www.sie-group.net/
> > > Cd. Reynosa Tamaulipas.
> > > ___

[CentOS] CentOS-announce Digest, Vol 145, Issue 5

2017-03-10 Thread centos-announce-request 
Send CentOS-announce mailing list submissions to
centos-annou...@centos.org

To subscribe or unsubscribe via the World Wide Web, visit
https://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ...@centos.org

You can reach the person managing the list at
centos-announce-ow...@centos.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."


Today's Topics:

   1. Announcing the release for Gluster 3.10 on CentOS Linux 6
  x86_64 (Niels de Vos)
   2. Announcing the release for Gluster 3.10 on CentOS Linux 7
  x86_64 (Niels de Vos)


--

Message: 1
Date: Wed, 8 Mar 2017 22:44:15 +0100
From: Niels de Vos 
To: centos-annou...@centos.org
Subject: [CentOS-announce] Announcing the release for Gluster 3.10 on
CentOS  Linux 6 x86_64
Message-ID: <20170308214415.ga1...@chromebook.lan.nixpanic.net>
Content-Type: text/plain; charset="us-ascii"

I am happy to announce the General Availability of Gluster 3.10 for
CentOS 6 on x86_64. These packages are following the upstream Gluster
Community releases, and will receive monthly bugfix updates.

Gluster 3.10 is a Long-Term-Maintenance release, and will receive
updates for approximately 18 months. The difference between
Long-Term-Maintenance and Short-Term-Maintenance releases is explained
on the Gluster release schedule page:
  https://www.gluster.org/community/release-schedule/

Users of CentOS 6 can now simply install Gluster 3.10 with only these two
commands:

  # yum install centos-release-gluster
  # yum install glusterfs-server

The centos-release-gluster package is delivered via CentOS Extras repos.
This contains all the metadata and dependency information, needed to
install Gluster 3.10. The actual package that will get installed is
centos-release-gluster310. Users of the now End-Of-Life
Short-Term-Maintenance Gluster 3.9 will automatically get the update to
Gluster 3.10, whereas users of Gluster 3.8 can stay on that
Long-Term-Maintenance release for an other six months.

We have a quickstart guide specifically built around the packages are
available, it makes for a good introduction to Gluster and will help get
you started in just a few simple steps, this quick start is available at
  https://wiki.centos.org/SpecialInterestGroup/Storage/gluster-Quickstart

More details about the packages that the Gluster project provides in the
Storage SIG is available in the documentation:
  https://wiki.centos.org/SpecialInterestGroup/Storage/Gluster

The centos-release-gluster* repositories offer additional packages that
enhance the usability of Gluster itself. Utilities and tools that were
working with previous versions of Gluster are expected to stay working
fine. If there are any problems, or requests for additional tools and
applications to be provided, just send us an email with your
suggestions. The current list of packages that is (planned to become)
available can be found here:
  https://wiki.centos.org/SpecialInterestGroup/Storage/Gluster/Ecosystem-pkgs

We welcome all feedback, comments and contributions. You can get in
touch with the CentOS Storage SIG on the centos-devel mailing list
( [15]https://lists.centos.org ) and with the Gluster developer and user
communities at [16]https://www.gluster.org/mailman/listinfo , we are also
available on irc at #gluster on irc.freenode.net, and on twitter at
@gluster .

Cheers,
Niels de Vos
Storage SIG member & Gluster maintainer
-- next part --
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: 


--

Message: 2
Date: Wed, 8 Mar 2017 22:47:12 +0100
From: Niels de Vos 
To: centos-annou...@centos.org
Subject: [CentOS-announce] Announcing the release for Gluster 3.10 on
CentOS  Linux 7 x86_64
Message-ID: <20170308214712.gb1...@chromebook.lan.nixpanic.net>
Content-Type: text/plain; charset="us-ascii"

I am happy to announce the General Availability of Gluster 3.10 for
CentOS 7 on x86_64. These packages are following the upstream Gluster
Community releases, and will receive monthly bugfix updates.

Gluster 3.10 is a Long-Term-Maintenance release, and will receive
updates for approximately 18 months. The difference between
Long-Term-Maintenance and Short-Term-Maintenance releases is explained
on the Gluster release schedule page:
  https://www.gluster.org/community/release-schedule/

Users of CentOS 7 can now simply install Gluster 3.10 with only these two
commands:

  # yum install centos-release-gluster
  # yum install glusterfs-server

The centos-release-gluster package is delivered via CentOS Extras

[CentOS-es] postfixadmin vs virtualmin

2017-03-10 Thread Wilmer Arambula 
Con centos7.3 he trabajado con
postfixadmin+dovecot+spamassing+dkim+rouncube+MariaDb y me parece
excelente, no he tenido problemas ni de spam ni virus, y siempre el correo
llega cifrado y verificado, viendo el nuevo panel de webmin y virtualmin,
que seria mejor usar postfixadmin o mail virtualmin,

Espero sus comentarios,

Saludos,

-- 
*Wilmer Arambula. *
___
CentOS-es mailing list
CentOS-es@centos.org
https://lists.centos.org/mailman/listinfo/centos-es