Re: [CentOS] Accessing crashed disk

[J Martin Rushton]

On 13/12/17 21:42, Leon Fauster wrote:
> Am 13.12.2017 um 22:31 schrieb martin.wag...@mailbit.io:
> 
>> I have a Centos server that crashed, it would no longer boot. I thought it 
>> was the disk with the OS that was the problem so I bought a new one and did 
>> a fresh install and now the computer is again up and running. But I'm having 
>> problems with accessing the old failed disk. I can see it with 
>> gnome-disk-utility and it says that the disk is OK but has 8 bad sectors. I 
>> can mount the boot partition from it and I can decrypt the main partition. 
>> But then I can see no way to mount the main partition. It is a LVM physical 
>> volume.   
>>
>> Any advice?
> 
> Show us the output of (after decrypt):
> 
> lsblk -f
> 
> or directly - try:
> 
> vgchange -a y
> 
> mount /dev/mapper/"main partition" /oldfaileddisk 
> 
> 
> --
> LF
> 
If you think the disk is going faulty the very first thing to do is to
make a copy of it and then work on the copy.  If your failed disk is on
(as an example) /dev/sdc, the command is:

# dd if=/dev/sdc of=/home/dd-copy-of-sdc

It will take a long time, and ensure that /home has enough space for the
complete disk.  Use kpartx(8) to make the disk visible and you can then
mount the partitions.

lvs(8) will tell you about any logical volumes and IIRC, lvchange allows
you to activate them.  You can then mount them as normal.



signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Some problemas working with network namespaces

[C. L. Martinez]

Hi all,

 I am trying to virtually connect two bridges on different network namespaces 
inside a CentOS KVM host. I have tried different configs, but this is the most 
closer than I can test:

ip netns add pubnet
ip netns exec pubnet ip link set dev lo up
ip netns exec pubnet ifup pubif2
ip link add dev vethpubif1 type veth peer name vethpubif2
ovs-vsctl add-port pubif1 vethpubif1
ip link set vethpubif2 netns pubnet
ip netns exec pubnet brctl addif pubif2 vethpubif2
ip link set dev vethpubif1 up
ip netns exec pubnet ip link set dev vethpubif2 up

 Bridge in the root host network namespace is openvswitch based, and bridge 
inside pubnet's network namespace is brctl based. Using this config, vms 
attached to pubif1 openvswitch based can't ping to vms connected to vms in 
pubif2 bridge.

 What am i doing wrong?

Thanks.

-- 
Greetings,
C. L. Martinez
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Accessing crashed disk

[Leon Fauster]

Am 13.12.2017 um 22:31 schrieb martin.wag...@mailbit.io:

> I have a Centos server that crashed, it would no longer boot. I thought it 
> was the disk with the OS that was the problem so I bought a new one and did a 
> fresh install and now the computer is again up and running. But I'm having 
> problems with accessing the old failed disk. I can see it with 
> gnome-disk-utility and it says that the disk is OK but has 8 bad sectors. I 
> can mount the boot partition from it and I can decrypt the main partition. 
> But then I can see no way to mount the main partition. It is a LVM physical 
> volume.   
> 
> Any advice?

Show us the output of (after decrypt):

lsblk -f

or directly - try:

vgchange -a y

mount /dev/mapper/"main partition" /oldfaileddisk 


--
LF


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Accessing crashed disk

[martin . wagner]

Hi

I have a Centos server that crashed, it would no longer boot. I thought it was 
the disk with the OS that was the problem so I bought a new one and did a fresh 
install and now the computer is again up and running. But I'm having problems 
with accessing the old failed disk. I can see it with gnome-disk-utility and it 
says that the disk is OK but has 8 bad sectors. I can mount the boot partition 
from it and I can decrypt the main partition. But then I can see no way to 
mount the main partition. It is a LVM physical volume.   

Any advice?
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos 6 Samba 4 specific question

[Clint Dilks]

On Thu, Dec 14, 2017 at 10:00 AM, Kienker, Fred  wrote:

> I am setting up a Samba 4 installation on CentOS 6.9. I have installed
> the samba4, samba4-common, and samba4-libs with all of the dependencies
> using YUM which appear to be all of the samba4 packages which are
> available.
>
>
>
> In the /usr/bin directory I can find smbcontrol and smbstatus but the
> smbpasswd command is missing. Checking on a current CentOS 7 all three
> of these commands are found. Of course with this command missing it’s
> quite hard to set up standard Samba users in the .tdb file used in the
> Classic mode.
>
>
>
> Can someone enlighten me as to what I have done wrong?
>
> Best regards,
>
> Fred
>
>
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos


Hi,

It looks this should be provided by samba4-client, what result do you get
if you run

yum provides '/usr/bin/smbpasswd' ?
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Centos 6 Samba 4 specific question

[Kienker, Fred]

I am setting up a Samba 4 installation on CentOS 6.9. I have installed
the samba4, samba4-common, and samba4-libs with all of the dependencies
using YUM which appear to be all of the samba4 packages which are
available.

 

In the /usr/bin directory I can find smbcontrol and smbstatus but the
smbpasswd command is missing. Checking on a current CentOS 7 all three
of these commands are found. Of course with this command missing it’s
quite hard to set up standard Samba users in the .tdb file used in the
Classic mode.

 

Can someone enlighten me as to what I have done wrong?

Best regards, 

Fred 

 


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-virt] Xen 4.6.6-8 in virt-testing

[George Dunlap]

Great -- I also managed to do some testing, and so tagged it for
release earlier today.  Should get picked up in the signing run
tomorrow.

 -George

On Wed, Dec 13, 2017 at 3:58 PM, Johnny Hughes  wrote:
> George,
>
> This version of xen updates and allows both a CentOS 6 and CentOS 7 DomU
> to start and run in both HVM and PVHVM modes.  So it 'works for me'.
>
> Thanks,
> Johnny Hughes
>
> On 12/12/2017 08:34 AM, George Dunlap wrote:
>> Xen 4.6.6-8 has been tagged in virt-testing.  It contains XSAs
>> 248-251, as well as an additional fix to XSA 240.  Please test it if
>> you get a chance and report any bugs; I'll probably push it to mirrors
>> tomorrow if I don't hear anything.
>
>
> ___
> CentOS-virt mailing list
> CentOS-virt@centos.org
> https://lists.centos.org/mailman/listinfo/centos-virt
>
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS-docs] wiki.centos.org .. what's next ?

[Tamir allamiro]

I second Mediawiki, however we should have a discussion on the migration
plan.
Thanks
Allamiro
On Wed, Dec 13, 2017 at 1:50 PM Brian Exelbierd  wrote:

> On Mon, Dec 11, 2017, at 10:41 AM, Fabian Arrotin wrote:
> > On 11/12/17 10:22, Thibaut Perrin wrote:
> > > Hello Fabien,
> > >
> > > First, thank you for even trying for what seems to be an impossible
> task :(
> > >
> > > Quick points :
> > > - if it was decided not to continue, what would happen to the current
> > > wiki ? Dismantled or would it remain as read-only for documentation
> > > purpose ?
> > > - What about Sphinx  ? seems to
> be
> > > frequentely used nowadays
> > > - As you mentioned, a solution of the type of github with pull requests
> > > for documentation updates might be a solution here.
> > >
> > > There is a wiki feature  on
> > > Github. I don't know to which extend it would fit the needs of the
> project.
> > >
> > > Hope this helps,
> > >
> > > Thibaut
> >
> > So far there is no decision, reason why I started this thread :)
> > I guess our target would be to convert (and sanitize ?) existing content
> > anyway as we don't want to lose such content. Then either replacing
> > wiki.centos.org with new solution (but trying to keep the same structure
> > so that all the things in cache for search engines and/or articles
> > pointing to wiki can still work) or move to something different and
> > indeed keeping existing wiki.centos.org in Read-Only mode
>
> We've been working on a similar project in Fedora.  We have started by
> migrating the top doc pages out of our wiki and into a Pagure (git forge
> at pagure.io that we use and you're welcome to join us on) repository
> that can be used by our docs.fedoraproject.org builder.  We then marked
> these new pages as drafts because many need updates (a problem it sounds
> like you won't have).  In the wiki we put redirect links to the new
> pages on the docs website.
>
> > I'd like to avoid Github specifically but having something else that
> > would permit to use ACO (https://acccounts.centos.org) as auth source. I
> > already played with gitea and it works with openid so self-hosted git
> > instance using ACO works fine. (but that's a different thread)
>
> /me whispers *Pagure* :P
>
> > We should divide all parts into specific areas. Benefits of using .md
> > means being able to switch to something else even later and not be tied
> > to $yet_another_tool to generate the web part. (just my idea)
>
> We are using AsciiBinder to build our docs site.  I realize this is
> $yet_another_tool, but it is one that several other projects in our
> ecosystem and sponsor system are using.  The upstream is amenable to
> patches, if needed.  It is opinionated, so you have to decide what
> you're willing to let go of and what is a "line in the sand."  One of
> those opinions, today, is the use of AsciiDoc.  I have a PoC to use
> other markups, but it is not complete.
>
> Let me know if any details on what Fedora is doing would be helpful.
> I'd like to see us work more closely on documentation, especially now
> that CentOS SIGs are often building bits that are closer to Fedora than
> to CentOS core (as I understand it).
>
> regards,
>
> bex
> ___
> CentOS-docs mailing list
> CentOS-docs@centos.org
> https://lists.centos.org/mailman/listinfo/centos-docs
>
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs

Re: [CentOS-virt] Xen 4.6.6-8 in virt-testing

[Johnny Hughes]

George,

This version of xen updates and allows both a CentOS 6 and CentOS 7 DomU
to start and run in both HVM and PVHVM modes.  So it 'works for me'.

Thanks,
Johnny Hughes

On 12/12/2017 08:34 AM, George Dunlap wrote:
> Xen 4.6.6-8 has been tagged in virt-testing.  It contains XSAs
> 248-251, as well as an additional fix to XSA 240.  Please test it if
> you get a chance and report any bugs; I'll probably push it to mirrors
> tomorrow if I don't hear anything.



signature.asc
Description: OpenPGP digital signature
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS] LUKS question

[m . roth]

John Hodrien wrote:
> On Wed, 13 Dec 2017, Kern, Thomas (CONTR) wrote:
>
>> If your requirement is for the entire system to be encrypted then I
>> think the only is a system rebuild, but if you can convince management
that a
>> good compromise is encrypting only the applications and their data, you
>> should be
>> able to add encrypted storage, copy the sensitive files and wipe the old
>> allocations. I have done this for a test system encrypting a MySQL
>> database
>> instance and a web server instance, in anticipation of an "encrypted at
>> rest" directive coming down from management.
>
> How about:
>
> Add temporary storage, encrypted, set as a PV, add to VG.  Rebuild
> initramfs,
> and reboot, confirming that it properly unlocks the storage as expected.
> pvmove, delete internal PV and replace with encrypted PV, pvmove back?
>
> You'd hope that'd be quite tolerant of being interrupted in the middle.
>
> If you're happy that works, the same recipe should work without a reboot.
>
Or, as we're doing, make sure everyone's off, make a final full backup (I
assume you're doing nightly backups), rebuild, then restore from backup.

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] LUKS question

[John Hodrien]

On Wed, 13 Dec 2017, Kern, Thomas (CONTR) wrote:


If your requirement is for the entire system to be encrypted then I think
the only is a system rebuild, but if you can convince management that a good
compromise is encrypting only the applications and their data, you should be
able to add encrypted storage, copy the sensitive files and wipe the old
allocations. I have done this for a test system encrypting a MySQL database
instance and a web server instance, in anticipation of an "encrypted at
rest" directive coming down from management.


How about:

Add temporary storage, encrypted, set as a PV, add to VG.  Rebuild initramfs,
and reboot, confirming that it properly unlocks the storage as expected.
pvmove, delete internal PV and replace with encrypted PV, pvmove back?

You'd hope that'd be quite tolerant of being interrupted in the middle.

If you're happy that works, the same recipe should work without a reboot.

jh
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] LUKS question

[Kern, Thomas (CONTR)]

If your requirement is for the entire system to be encrypted then I think the 
only is a system rebuild, but if you can convince management that a good 
compromise is encrypting only the applications and their data, you should be 
able to add encrypted storage, copy the sensitive files and wipe the old 
allocations. I have done this for a test system encrypting a MySQL database 
instance and a web server instance, in anticipation of an "encrypted at rest" 
directive coming down from management.

--
Thomas Kern
Senior VM Systems Programmer/Linux Systems Administrator
Office of the Chief Information Officer
On Contract to U.S. Department of Energy
O: 301-903-2211 | M: 301-905-6427
thomas.k...@hq.doe.gov
--
A subtlety of Murphy's Law:
If it can go wrong, it already has, 
and you just haven't realized it yet.

-Original Message-
From: Wells, Roger K. [mailto:wel...@leidos.com] 
Sent: Tuesday, December 12, 2017 9:41 AM
To: CentOS mailing list 
Subject: [CentOS] LUKS question

I have existing systems with un-encrypted disks.
I have tried unsuccessfully to encrypt them using LUKS.
Has anyone out there been able to encrypt an existing system (after the 
fact, so to speak)?

TIA

-- 
Roger Wells, P.E.
leidos
221 Third St
Newport, RI 02840
401-847-4210 (voice)
401-849-1585 (fax)
roger.k.we...@leidos.com


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-docs] wiki.centos.org .. what's next ?

[Brian Exelbierd]

On Mon, Dec 11, 2017, at 10:41 AM, Fabian Arrotin wrote:
> On 11/12/17 10:22, Thibaut Perrin wrote:
> > Hello Fabien,
> > 
> > First, thank you for even trying for what seems to be an impossible task :(
> > 
> > Quick points : 
> > - if it was decided not to continue, what would happen to the current
> > wiki ? Dismantled or would it remain as read-only for documentation
> > purpose ?
> > - What about Sphinx  ? seems to be
> > frequentely used nowadays
> > - As you mentioned, a solution of the type of github with pull requests
> > for documentation updates might be a solution here. 
> > 
> > There is a wiki feature  on
> > Github. I don't know to which extend it would fit the needs of the project.
> > 
> > Hope this helps,
> > 
> > Thibaut
> 
> So far there is no decision, reason why I started this thread :)
> I guess our target would be to convert (and sanitize ?) existing content
> anyway as we don't want to lose such content. Then either replacing
> wiki.centos.org with new solution (but trying to keep the same structure
> so that all the things in cache for search engines and/or articles
> pointing to wiki can still work) or move to something different and
> indeed keeping existing wiki.centos.org in Read-Only mode

We've been working on a similar project in Fedora.  We have started by
migrating the top doc pages out of our wiki and into a Pagure (git forge
at pagure.io that we use and you're welcome to join us on) repository
that can be used by our docs.fedoraproject.org builder.  We then marked
these new pages as drafts because many need updates (a problem it sounds
like you won't have).  In the wiki we put redirect links to the new
pages on the docs website.

> I'd like to avoid Github specifically but having something else that
> would permit to use ACO (https://acccounts.centos.org) as auth source. I
> already played with gitea and it works with openid so self-hosted git
> instance using ACO works fine. (but that's a different thread)

/me whispers *Pagure* :P

> We should divide all parts into specific areas. Benefits of using .md
> means being able to switch to something else even later and not be tied
> to $yet_another_tool to generate the web part. (just my idea)

We are using AsciiBinder to build our docs site.  I realize this is
$yet_another_tool, but it is one that several other projects in our
ecosystem and sponsor system are using.  The upstream is amenable to
patches, if needed.  It is opinionated, so you have to decide what
you're willing to let go of and what is a "line in the sand."  One of
those opinions, today, is the use of AsciiDoc.  I have a PoC to use
other markups, but it is not complete.

Let me know if any details on what Fedora is doing would be helpful. 
I'd like to see us work more closely on documentation, especially now
that CentOS SIGs are often building bits that are closer to Fedora than
to CentOS core (as I understand it).

regards,

bex
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs