Re: [CentOS] Differences between CentOS 7.x and CentOS 8.x OS

[David G. Miller]

On 10/4/19 6:59 PM, Fred Smith wrote:

On Fri, Oct 04, 2019 at 04:52:28PM -0600, David G. Miller wrote:

On 10/3/19 1:37 PM, Ljubomir Ljubojevic wrote:

On 10/3/19 5:49 PM, Kaushal Shriyan wrote:

Hi,

I will appreciate it if someone can help me understand the differences
between CentOS 7.x and CentOS 8.x OS. I look forward to hearing from you
and thanks in advance.


In short, CentOS 7.x is based on Fedora 19 while CentOS 8 is based on
Fedora 28. Most of what is in those Fedora's is also in coresponding
CentOS version. Fedora's might be much easier to compare.




This sort of cuts across two discussion threads but I found this one
first.  Silly question: has anyone tried using the Mate or Xfce
Fedora 28 spins as package sources with CentOS 8?

I think someone did post recently that he took Mate from F28
and with some judicious tweaking of the spec file got it built
and working on C8. Sorry, I have no details.



Hopefully, the perpetrator will 'fess up and provide the details.

Cheers,
Dave

--
"They that can give up essential liberty to obtain a little temporary safety deserve 
neither safety nor liberty."

-- Benjamin Franklin

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Differences between CentOS 7.x and CentOS 8.x OS

[Fred Smith]

On Fri, Oct 04, 2019 at 04:52:28PM -0600, David G. Miller wrote:
> On 10/3/19 1:37 PM, Ljubomir Ljubojevic wrote:
> >On 10/3/19 5:49 PM, Kaushal Shriyan wrote:
> >>Hi,
> >>
> >>I will appreciate it if someone can help me understand the differences
> >>between CentOS 7.x and CentOS 8.x OS. I look forward to hearing from you
> >>and thanks in advance.
> >>
> >In short, CentOS 7.x is based on Fedora 19 while CentOS 8 is based on
> >Fedora 28. Most of what is in those Fedora's is also in coresponding
> >CentOS version. Fedora's might be much easier to compare.



> This sort of cuts across two discussion threads but I found this one
> first.  Silly question: has anyone tried using the Mate or Xfce
> Fedora 28 spins as package sources with CentOS 8?

I think someone did post recently that he took Mate from F28
and with some judicious tweaking of the spec file got it built
and working on C8. Sorry, I have no details.


-- 
 Fred Smith -- fre...@fcshome.stoneham.ma.us -
The Lord is like a strong tower. 
 Those who do what is right can run to him for safety.
--- Proverbs 18:10 (niv) -
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Differences between CentOS 7.x and CentOS 8.x OS

[David G. Miller]

On 10/3/19 1:37 PM, Ljubomir Ljubojevic wrote:

On 10/3/19 5:49 PM, Kaushal Shriyan wrote:

Hi,

I will appreciate it if someone can help me understand the differences
between CentOS 7.x and CentOS 8.x OS. I look forward to hearing from you
and thanks in advance.


In short, CentOS 7.x is based on Fedora 19 while CentOS 8 is based on
Fedora 28. Most of what is in those Fedora's is also in coresponding
CentOS version. Fedora's might be much easier to compare.




Best Regards,

Kaushal
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos



This sort of cuts across two discussion threads but I found this one 
first.  Silly question: has anyone tried using the Mate or Xfce Fedora 
28 spins as package sources with CentOS 8?


I'm not a fan of Gnome 3 so would like to get Xfce up and running on 
CentOS 8 with a minimum of effort.  I'm thinking the folks asking about 
Mate in the other thread have the same sentiment.


Cheers,
Dave

--
"They that can give up essential liberty to obtain a little temporary safety deserve 
neither safety nor liberty."

-- Benjamin Franklin

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Japheth Cleaver]

On 10/4/2019 8:17 AM, Lamar Owen wrote:

On 10/4/19 10:40 AM, Valeri Galtsev wrote:
My impression is younger generation doesn't value rules that 
programmers were following 2-3 decades ago. One of which is:


Do not make any changes [in the program] unless they are absolutely 
necessary.


I have in the past agreed with this assessment more than once. And I 
_am_ somewhat of an old hand at this, having run Unix and Unix-like 
systems for a bit over 30 years.


The fact of the matter is that, even though some of the old ways work 
just fine and don't need to be changed, many more times I've seen 
that, if the old way was a kludge to begin with, maybe there really is 
a better way to do it.  Take the transition from horse and buggy to 
automobile for instance.  Iron rim tires work just great for the 
buggy, not so great for the automobile; a change had to be made in an 
old technology (the wheel) to meet the needs of the new automobile.  
Lots of wheelwrights probably fought that change, too.


...

Today, I'm doing things with containers, virtualization, dynamic load 
balancing, software-defined infrastructure/IaaS, etc that the old ways 
simply cannot handle.  NetworkManager/systemd/etc in CentOS are far 
from perfect, but at least they're trying to solve the newer problems 
that the old ways in many cases simply cannot.



This is a bit orthogonal, though. (Witness the effort to remove systemd 
requirements from containers.) An engineer is expected to understand the 
component parts rationally to arrive at some sort of professional 
conclusion that something is likely to work properly. This is not helped 
by a switch from imperative and deterministic to declarative and 
dynamic, which underlies many of the changes we've had to deal with in 
the past decade. There is a time and place for the latter, and it's good 
to have options available... but there are many times and places 
(especially in the Enterprise space) where the opposite is necessary, 
and it's FAR more reasonable to layer dynamic manipulation on top of a 
deterministically-configured core than the other way around.



-jc

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS-es] installing CloudStack [help please!!!]

[Eriel Perez]

Hello friends.

I just finished installing CloudStack 
(http://docs.cloudstack.apache.org/en/4.13.0.0/quickinstallationguide/qig.html), 
and I am unable to operate a host or configure primary storage.
I've seen manuals and videos but I can't make it work. Anyone know if 
that guide has problems?


Please I need help.
I insert the logs below.
Thank you.


Hola amigos.

Recien acabo de instalar CloudStack 
(http://docs.cloudstack.apache.org/en/4.13.0.0/quickinstallationguide/qig.html), 
y no logro poner funcionar un host ni configurar el primary storage.
He visto manuales y videos pero no logro hacerlo funcinar. Alguien sabe 
si esa guia tiene problemas?


Por favor necesito ayuda.
Abajo insterto los logs.
Gracias.






2019-10-04 11:49:20,758 DEBUG [c.c.a.ApiServlet] 
(qtp504527234-289:ctx-1e5d4f2b) (logid:acd38e93) ===START=== 10.20.11.22 
-- GET 
command=listNetworkOfferings=a21264b9-a8cd-41d9-8cae-a71e7ff51f68=json&_=1570218577221
2019-10-04 11:49:20,763 DEBUG [c.c.a.ApiServer] 
(qtp504527234-289:ctx-1e5d4f2b ctx-5daf456d) (logid:acd38e93) CIDRs from 
which account 'Acct[b908fe58-e6b9-11e9-835d-7427ea50bf96-admin]' is 
allowed to perform API calls: 0.0.0.0/0,::/0
2019-10-04 11:49:20,775 DEBUG [c.c.a.ApiServlet] 
(qtp504527234-289:ctx-1e5d4f2b ctx-5daf456d) (logid:acd38e93) ===END===  
10.20.11.22 -- GET 
command=listNetworkOfferings=a21264b9-a8cd-41d9-8cae-a71e7ff51f68=json&_=1570218577221
2019-10-04 11:49:21,267 INFO  [o.a.c.f.j.i.AsyncJobManagerImpl] 
(AsyncJobMgr-Heartbeat-1:ctx-12529967) (logid:c7fad834) Begin cleanup 
expired async-jobs
2019-10-04 11:49:21,272 INFO  [o.a.c.f.j.i.AsyncJobManagerImpl] 
(AsyncJobMgr-Heartbeat-1:ctx-12529967) (logid:c7fad834) End cleanup 
expired async-jobs
2019-10-04 11:49:23,082 DEBUG [c.c.a.ApiServlet] 
(qtp504527234-18:ctx-fa28dc7b) (logid:0abfd9a5) ===START=== 10.20.11.22 
-- GET command=listInfrastructure=json&_=1570218579507
2019-10-04 11:49:23,087 DEBUG [c.c.a.ApiServer] 
(qtp504527234-18:ctx-fa28dc7b ctx-0acdd12f) (logid:0abfd9a5) CIDRs from 
which account 'Acct[b908fe58-e6b9-11e9-835d-7427ea50bf96-admin]' is 
allowed to perform API calls: 0.0.0.0/0,::/0
2019-10-04 11:49:23,097 DEBUG [c.c.a.ApiServlet] 
(qtp504527234-18:ctx-fa28dc7b ctx-0acdd12f) (logid:0abfd9a5) ===END===  
10.20.11.22 -- GET command=listInfrastructure=json&_=1570218579507
2019-10-04 11:49:24,575 DEBUG [c.c.a.ApiServlet] 
(qtp504527234-13:ctx-1e577188) (logid:4a9558de) ===START=== 10.20.11.22 
-- GET 
command=listHosts=json=routing=true=1=20&_=1570218581056
2019-10-04 11:49:24,581 DEBUG [c.c.a.ApiServer] 
(qtp504527234-13:ctx-1e577188 ctx-7c50ebc8) (logid:4a9558de) CIDRs from 
which account 'Acct[b908fe58-e6b9-11e9-835d-7427ea50bf96-admin]' is 
allowed to perform API calls: 0.0.0.0/0,::/0
2019-10-04 11:49:24,585 WARN [c.c.a.d.ParamGenericValidationWorker] 
(qtp504527234-13:ctx-1e577188 ctx-7c50ebc8) (logid:4a9558de) Received 
unknown parameters for command listHosts. Unknown parameters : listall
2019-10-04 11:49:24,585 DEBUG [c.c.a.q.QueryManagerImpl] 
(qtp504527234-13:ctx-1e577188 ctx-7c50ebc8) (logid:4a9558de) 
>>>Searching for hosts>>>
2019-10-04 11:49:24,589 DEBUG [c.c.a.q.QueryManagerImpl] 
(qtp504527234-13:ctx-1e577188 ctx-7c50ebc8) (logid:4a9558de) 
>>>Generating Response>>>
2019-10-04 11:49:24,589 DEBUG [c.c.a.ApiServlet] 
(qtp504527234-13:ctx-1e577188 ctx-7c50ebc8) (logid:4a9558de) ===END===  
10.20.11.22 -- GET 
command=listHosts=json=routing=true=1=20&_=1570218581056
2019-10-04 11:49:26,374 DEBUG [c.c.s.StatsCollector] 
(StatsCollector-6:ctx-ab32d7be) (logid:292ba088) AutoScaling Monitor is 
running...
2019-10-04 11:49:26,409 DEBUG [c.c.s.StatsCollector] 
(StatsCollector-1:ctx-cee1dafa) (logid:cbf747f9) StorageCollector is 
running...
2019-10-04 11:49:26,411 DEBUG [c.c.s.StatsCollector] 
(StatsCollector-5:ctx-db751f5e) (logid:fdb2b819) HostStatsCollector is 
running...
2019-10-04 11:49:27,660 DEBUG [c.c.a.ApiServlet] 
(qtp504527234-18:ctx-4fc5887b) (logid:5a0223e0) ===START=== 10.20.11.22 
-- GET command=listZones=json&_=1570218584145
2019-10-04 11:49:27,665 DEBUG [c.c.a.ApiServer] 
(qtp504527234-18:ctx-4fc5887b ctx-a3dbb063) (logid:5a0223e0) CIDRs from 
which account 'Acct[b908fe58-e6b9-11e9-835d-7427ea50bf96-admin]' is 
allowed to perform API calls: 0.0.0.0/0,::/0
2019-10-04 11:49:27,676 DEBUG [c.c.a.ApiServlet] 
(qtp504527234-18:ctx-4fc5887b ctx-a3dbb063) (logid:5a0223e0) ===END===  
10.20.11.22 -- GET command=listZones=json&_=1570218584145
2019-10-04 11:49:27,695 DEBUG [c.c.a.ApiServlet] 
(qtp504527234-13:ctx-fca1f1a6) (logid:3c210e32) ===START=== 10.20.11.22 
-- GET 
command=listDomains=json=true=min&_=1570218584156
2019-10-04 11:49:27,698 DEBUG [c.c.a.ApiServlet] 
(qtp504527234-289:ctx-fc61d64a) (logid:d097d4f3) ===START=== 10.20.11.22 
-- GET command=listHostTags=json&_=1570218584163
2019-10-04 11:49:27,699 DEBUG [c.c.a.ApiServer] 
(qtp504527234-13:ctx-fca1f1a6 ctx-c107034f) (logid:3c210e32) CIDRs from 
which account 

Re: [CentOS] CentOS 8 network-scripts

[Jonathan Billings]

On Fri, Oct 04, 2019 at 08:27:08AM -0400, Phelps, Matthew wrote:
> Also, we have 150+ machines with fixed IP addresses, always-on connections,
> and no wireless. Having NetworkManager do seemingly random things is not
> desirable.

I mention this every time people bash NetworkManager on servers.

I have NM set up on all our servers.  Why?  Because the legacy
network-scripts service tries to bring up the interface once on boot.
We had a power outage to the entire floor of our datacenter and the
linux systems booted faster than the network infrastructure.  Any
linux system not using NM tried to bring up the interface, saw that
there was no connection, and gave up.  We had to physically reboot
those hosts.  Systems running NM dynamically brought up their
interface when the interface became active.

-- 
Jonathan Billings 
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] USB ISO for CentOS 8

[Young, Gregory]

Nope, that editable FAT partition is actually the EFI boot partition. IIRC, the 
grub config in that partition isn't actually used, only the EFI bootstrap 
files. Once it can access the config on the main .iso partition it loads 
everything from there.


Gregory Young 

-Original Message-
From: CentOS  On Behalf Of Jerry Geis
Sent: October 4, 2019 1:08 PM
To: CentOS mailing list 
Subject: Re: [CentOS] USB ISO for CentOS 8

>Then generate the .iso:

># cd /tmp/rhel7/
># mkisofs -o /tmp/rhel7test.iso -b isolinux/isolinux.bin -J -R -l -c
isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table 
-eltorito-alt-boot -e images/efiboot.img -no-emul->boot -graft-points -V
"RHEL-7.7 Server.x86_64"  .

>^^^ Change the "-V" label accordingly for CentOS 8 to match the CentOS 
>8
disk label.

>And the critical command for USB drive booting:

># isohybrid --uefi /tmp/rhel7test.iso

I was "thinking" all that was not needed -   the second partition is
"editable" - I change the file - I just need to regenerate grub right - not the 
whole ISO.
I was hoping that is why they split this out into two partitions - for just 
such an occasion? Just want to add a menu option.

THanks,

Jerry
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] USB ISO for CentOS 8

[Jerry Geis]

>Then generate the .iso:

># cd /tmp/rhel7/
># mkisofs -o /tmp/rhel7test.iso -b isolinux/isolinux.bin -J -R -l -c
isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table
-eltorito-alt-boot -e images/efiboot.img -no-emul->boot -graft-points -V
"RHEL-7.7 Server.x86_64"  .

>^^^ Change the "-V" label accordingly for CentOS 8 to match the CentOS 8
disk label.

>And the critical command for USB drive booting:

># isohybrid --uefi /tmp/rhel7test.iso

I was "thinking" all that was not needed -   the second partition is
"editable" - I change the file - I just need to regenerate grub right - not
the whole ISO.
I was hoping that is why they split this out into two partitions - for just
such an occasion? Just want to add a menu option.

THanks,

Jerry
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] USB ISO for CentOS 8

[Ljubomir Ljubojevic]

On 10/4/19 5:30 PM, Jerry Geis wrote:
> I did the dd of the ISO to a 16G USB device.
> 
> the second partition is FAT so I can edit it - I want to make a custom menu
> entry.
> I edited the grub.cfg - but that did not work - my menu option does not
> show.

If you boot via UEFI, you need to edit differnt grub.cfg,
EFI/BOOT/grub.cfg not isolinux/grub.cfg

> 
> Then I think I need to change BOOT.cfg and generate the grub.cfg - but I
> dont know
> in this case how to generate for the USB device.
> 
> What command do I use for that ?
> Thanks,
> 
> Jerry
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
> 


-- 
Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

StarOS, Mikrotik and CentOS/RHEL/Linux consultant
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Ljubomir Ljubojevic]

On 10/4/19 5:55 PM, Lamar Owen wrote:
> On 10/4/19 11:39 AM, Ljubomir Ljubojevic wrote:
>> ...
> I've kludged together a solution for those times here by using the NAT
> connection, but then running an OpenVPN client on the guest to an
> OpenVPN server with layer-2 adjacency to those sorts of devices.  That
> has the added bonus of letting those layer-2 services work even from
> off-site (part of the reason I use LUKS!).  I use static addresses in
> the OpenVPN setup as well, allowing controlled access to certain
> resources (like the control interface addresses and ports to our two
> 26-meter radio telescopes).

I also have OpenVPN server (on Mikrotik router in our office) and
OpenVPN client in Windows VM and I use it in the same maner as you do :-)

> 
> 
>> If this with NetworkManager-config-server package works, I can at most
>> times (if I want) plug a LAN to my laptop and be happy.
> 
> 
> I am interested in what you find!
> 
> 
>... 


-- 
Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

StarOS, Mikrotik and CentOS/RHEL/Linux consultant
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Tristan Hoar]

On Thu, 2019-10-03 at 15:14 -0400, Jerry Geis wrote:
> > > systemctl status network
> 
> AT BOOT:
> ● network.service - LSB: Bring up/down networking
>Loaded: loaded (/etc/rc.d/init.d/network; generated)
>Active: inactive (dead)
>  Docs: man:systemd-sysv-generator(8)
> 
> After: service network restart
> ● network.service - LSB: Bring up/down networking
>Loaded: loaded (/etc/rc.d/init.d/network; generated)
>Active: active (running) since Thu 2019-10-03 15:12:05 EDT; 7s ago
>  Docs: man:systemd-sysv-generator(8)
>   Process: 7755 ExecStart=/etc/rc.d/init.d/network start
> (code=exited,
> status=0/SUCCESS)
> Tasks: 1 (limit: 24034)
>Memory: 8.7M
>CGroup: /system.slice/network.service
>└─7940 /sbin/dhclient -1 -q -lf
> /var/lib/dhclient/dhclient-6ada23ed-d1ad-4f37-935c-86163fe61e7b-
> eth0.lease
> -pf /run/dhclient-eth0.pid eth0
> 
> Oct 03 15:12:02 localhost.localdomain network[7755]: WARN  :
> [network]
> 'network-scripts' will be removed in one of the next major releases
> of RHEL.
> Oct 03 15:12:02 localhost.localdomain network[7755]: WARN  :
> [network]
> It is advised to switch to 'NetworkManager' instead for network
> management.
> Oct 03 15:12:02 localhost.localdomain network[7755]: [46B blob data]
> Oct 03 15:12:02 localhost.localdomain network[7755]: Bringing up
> interface
> eth0:
> Oct 03 15:12:02 localhost.localdomain dhclient[7907]: DHCPREQUEST on
> eth0
> to 255.255.255.255 port 67 (xid=0x75ae6376)
> Oct 03 15:12:02 localhost.localdomain dhclient[7907]: DHCPACK from
> 10.0.2.2
> (xid=0x75ae6376)
> Oct 03 15:12:04 localhost.localdomain dhclient[7907]: bound to
> 10.0.2.15 --
> renewal in 34365 seconds.
> Oct 03 15:12:04 localhost.localdomain network[7755]: Determining IP
> information for eth0... done.
> Oct 03 15:12:04 localhost.localdomain network[7755]: [13B blob data]
> Oct 03 15:12:05 localhost.localdomain systemd[1]: Started LSB: Bring
> up/down networking.
> 
> Contents of ifcfg-eth0
> # Generated by parse-kickstart
> TYPE="Ethernet"
> DEVICE="eth0"
> UUID="6ada23ed-d1ad-4f37-935c-86163fe61e7b"
> ONBOOT="yes"
> BOOTPROTO="dhcp"
> IPV6INIT="yes"
> 
> 
> Why is it not starting at boot ?
> Thanks,
> 
> Jerry
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
> 
> 
> 

Don't run systemctl disable NetworkManager. You need to mask the
service to ensure interdependent services are not starting it up for
you behind you back. i.e. systemctl mask NetworkManager
Also, when you start it ensure it is set to start on boot. e.g.
systemctl enable --now network

Finally, heed the advice in the log. this is going away. I've had very
few issues with NetworkManager since ~7.4 onward and would suggest
giving it a go. I find it much easier to work with in scripts.

Tris

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Lamar Owen]

On 10/4/19 11:39 AM, Ljubomir Ljubojevic wrote:

...
I have VM in NAT mode mostly these days, but sometimes I need bridged
network to recognize some hardware on the network, Mikrotik WiFi routers
or printers so I need ability to go to bridge.



I've kludged together a solution for those times here by using the NAT 
connection, but then running an OpenVPN client on the guest to an 
OpenVPN server with layer-2 adjacency to those sorts of devices.  That 
has the added bonus of letting those layer-2 services work even from 
off-site (part of the reason I use LUKS!).  I use static addresses in 
the OpenVPN setup as well, allowing controlled access to certain 
resources (like the control interface addresses and ports to our two 
26-meter radio telescopes).




If this with NetworkManager-config-server package works, I can at most
times (if I want) plug a LAN to my laptop and be happy.



I am interested in what you find!



I have Dell Vostro 15 with Core i7,  12GB RAM and 512GB SSD + 1TB HDD
Dell Precision M6700 with Core i7-3740QM @ 2.7GHz, 24GB RAM, 500GB SSD 
plus 2x 1TB HGST 7K1000's.  I never buy new, always gently preowned, and 
it's amazing to me how well the 3740QM performs relative to newer 
stuff and I paid less than 10% of MSRP for it


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Valeri Galtsev]

On 2019-10-04 10:27, Lamar Owen wrote:

On 10/4/19 11:02 AM, Ljubomir Ljubojevic wrote:

...
It is OK if your KVM host is on LAN cable that never is disconnected 
or power goes down. But I have a laptop I use first at work where I 
use LAN and then at home where I use WLAN only, and suspending laptop 
is same as disconnecting LAN, bridge is disabled and KVM bridged 
network unhooked, and you can never reinitialize it without at least 
restarting kvm, and full treatmant is shuting down VM, restarting NM 
then network then starting VM again... So I just shutdown VM and 
laptop and boot everey itme I move. Maybe I can change this behavior now. 


You and I have nearly identical use cases, interestingly enough.  My 
laptop that I'm using right now to type this is my development machine 
for a number of KVM things I do in the data center as well. Since I run 
it docked with ethernet on my desk, but not docked and on WiFi at home, 
I've had to do two things:
1.) A real shutdown when I leave work.  For some reason I've never be a 
fan of suspend/hibernate, and since I use LUKS I'd rather not leave the 
volume unlocked as it would be in a suspend/hibernate scenario;
2.) NAT-connected VMs in development, since I've never been able to get 
bridging to work properly over wireless (specification says it can't 
work, and I think that's true in practice, but I always reserve the 
right to be wrong!).


I wonder if it is possible to do what I do on FreeBSD laptop: there I 
created link aggregation interface which includes wired adapter and 
wireless one (in that priority order), making networking acting "as 
smart as macintosh does ;-) ". I'm sure one of Linux Experts can point 
us in right direction (at the moment I just use GUI  applet to enable 
interfaces etc).


Valeri



My laptop is at least as powerful as most of our servers, and it works 
great for development purposes.


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos


--

Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] USB ISO for CentOS 8

[Young, Gregory]

You will want to follow the instructions for creating a custom .iso

https://access.redhat.com/solutions/60959
^^^ Requires a Red Hat account, or Red Hat Developer Account.

The keys are to modify both:

- /isolinux/isolinux.cfg - for legacy BIOS boot
- /EFI/BOOT/grub.cfg - for UEFI boot

Make sure not to change the Volume Label, as this can mess up the UEFI boot

Then generate the .iso:

# cd /tmp/rhel7/
# mkisofs -o /tmp/rhel7test.iso -b isolinux/isolinux.bin -J -R -l -c 
isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table 
-eltorito-alt-boot -e images/efiboot.img -no-emul-boot -graft-points -V 
"RHEL-7.7 Server.x86_64"  .

^^^ Change the "-V" label accordingly for CentOS 8 to match the CentOS 8 disk 
label.

And the critical command for USB drive booting:

# isohybrid --uefi /tmp/rhel7test.iso




Gregory Young 


-Original Message-
From: CentOS  On Behalf Of Jerry Geis
Sent: October 4, 2019 11:30 AM
To: CentOS mailing list 
Subject: [CentOS] USB ISO for CentOS 8

I did the dd of the ISO to a 16G USB device.

the second partition is FAT so I can edit it - I want to make a custom menu 
entry.
I edited the grub.cfg - but that did not work - my menu option does not show.

Then I think I need to change BOOT.cfg and generate the grub.cfg - but I dont 
know in this case how to generate for the USB device.

What command do I use for that ?
Thanks,

Jerry
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Mix/match C8 crypto policies

[Paul Heinlein]

Is it possible to mix and match crypto policies using approved tools 
in CentOS 8?


Our environment requires a LEGACY setting for OpenSSL so we can 
maintain connections with our LDAP servers (which we cannot update at 
this time), but I'd like especially the OpenSSH settings to use the 
DEFAULT policy (and maybe even FUTURE on a test host or two).


I think it's possible to manually repoint the symbolic links in 
/etc/crypto-policies/back-ends to achieve that result, and I'll set up 
puppet rules if that's the only way to do so, but I'd prefer to use a 
more canonical approach if one exists.


--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Ljubomir Ljubojevic]

On 10/4/19 5:27 PM, Lamar Owen wrote:
> On 10/4/19 11:02 AM, Ljubomir Ljubojevic wrote:
>> ...
>> It is OK if your KVM host is on LAN cable that never is disconnected
>> or power goes down. But I have a laptop I use first at work where I
>> use LAN and then at home where I use WLAN only, and suspending laptop
>> is same as disconnecting LAN, bridge is disabled and KVM bridged
>> network unhooked, and you can never reinitialize it without at least
>> restarting kvm, and full treatmant is shuting down VM, restarting NM
>> then network then starting VM again... So I just shutdown VM and
>> laptop and boot everey itme I move. Maybe I can change this behavior now. 
> 
> You and I have nearly identical use cases, interestingly enough.  My
> laptop that I'm using right now to type this is my development machine
> for a number of KVM things I do in the data center as well. Since I run
> it docked with ethernet on my desk, but not docked and on WiFi at home,
> I've had to do two things:
> 1.) A real shutdown when I leave work.  For some reason I've never be a
> fan of suspend/hibernate, and since I use LUKS I'd rather not leave the
> volume unlocked as it would be in a suspend/hibernate scenario;
> 2.) NAT-connected VMs in development, since I've never been able to get
> bridging to work properly over wireless (specification says it can't
> work, and I think that's true in practice, but I always reserve the
> right to be wrong!).

I have VM in NAT mode mostly these days, but sometimes I need bridged
network to recognize some hardware on the network, Mikrotik WiFi routers
or printers so I need ability to go to bridge.

If this with NetworkManager-config-server package works, I can at most
times (if I want) plug a LAN to my laptop and be happy. I do not use
LUKS so suspend until I get home 10 minutes later is ok.

> 
> My laptop is at least as powerful as most of our servers, and it works
> great for development purposes.

I have Dell Vostro 15 with Core i7,  12GB RAM and 512GB SSD + 1TB HDD

> 
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
> 


-- 
Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

StarOS, Mikrotik and CentOS/RHEL/Linux consultant
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] moving from centos 8 to stream? (and possibly back again?)

[Robert P. J. Day]

  just installed stock centos 8 x86_64 and did "dnf update", now
reading up on centos stream, and wondering:

1) can i, at any time, decide to convert this system to centos stream,
notwithstanding any normal updates i've done in the meantime?

2) if i'm running centos stream and decide it's just too progressive
for me, can i dial it back to "regular" centos down the road?

rday

-- 


Robert P. J. Day Ottawa, Ontario, CANADA
 http://crashcourse.ca

Twitter:   http://twitter.com/rpjday
LinkedIn:   http://ca.linkedin.com/in/rpjday

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] USB ISO for CentOS 8

[Jerry Geis]

I did the dd of the ISO to a 16G USB device.

the second partition is FAT so I can edit it - I want to make a custom menu
entry.
I edited the grub.cfg - but that did not work - my menu option does not
show.

Then I think I need to change BOOT.cfg and generate the grub.cfg - but I
dont know
in this case how to generate for the USB device.

What command do I use for that ?
Thanks,

Jerry
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Lamar Owen]

On 10/4/19 11:02 AM, Ljubomir Ljubojevic wrote:

...
It is OK if your KVM host is on LAN cable that never is disconnected 
or power goes down. But I have a laptop I use first at work where I 
use LAN and then at home where I use WLAN only, and suspending laptop 
is same as disconnecting LAN, bridge is disabled and KVM bridged 
network unhooked, and you can never reinitialize it without at least 
restarting kvm, and full treatmant is shuting down VM, restarting NM 
then network then starting VM again... So I just shutdown VM and 
laptop and boot everey itme I move. Maybe I can change this behavior now. 


You and I have nearly identical use cases, interestingly enough.  My 
laptop that I'm using right now to type this is my development machine 
for a number of KVM things I do in the data center as well. Since I run 
it docked with ethernet on my desk, but not docked and on WiFi at home, 
I've had to do two things:
1.) A real shutdown when I leave work.  For some reason I've never be a 
fan of suspend/hibernate, and since I use LUKS I'd rather not leave the 
volume unlocked as it would be in a suspend/hibernate scenario;
2.) NAT-connected VMs in development, since I've never been able to get 
bridging to work properly over wireless (specification says it can't 
work, and I think that's true in practice, but I always reserve the 
right to be wrong!).


My laptop is at least as powerful as most of our servers, and it works 
great for development purposes.


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Ljubomir Ljubojevic]

On 10/4/19 4:59 PM, Stephen John Smoogen wrote:
> On Fri, 4 Oct 2019 at 10:41, Valeri Galtsev  wrote:
>>
>>
>>
>> On 2019-10-04 08:03, Chris Adams wrote:
>>> Once upon a time, Ljubomir Ljubojevic  said:
 Bridge for VM's is main reason I hate NM.
>>
>> +1
>>
>> My impression is younger generation doesn't value rules that programmers
>> were following 2-3 decades ago. One of which is:
>>
> 
> It is the same evolution you see in other industries. Auto mechanics
> constantly complain about how the newer generation is 'dumber' for not
> knowing the beauty of a vehicle that the mechanic had when they were
> in their teens. [Of course they also rail on the fact that their
> grandparents car was a complete junk that was too simple to work.]
> Most of the tools we had 30 years ago in computers are like working on
> a Model T era vehicle. They allowed for a lot of configuration choices
> and fine tuning but they also were limited vastly in other ways. You
> can't run a fleet of 1000 Model TT trucks made in 1923 as well as you
> could 1000 1933 trucks. You ended up losing some of the knowledge of
> hand-crafting your own gears but you got the ability to go faster,
> carry heavier loads and better gas mileage without working as hard at
> getting a mile out of a quart.
> 
> The transmissions of the 1933 were considered 'automatic' compared to
> some 1912 vehicles.. even if you had a clutch because you no longer
> had to get out and turn something to make it go in reverse. The
> 'truly' automatic transmissions of the 1950's were horrible and it
> wasn't until the 1970's where they became 'liveable'. Today trying to
> find a real stick shift is almost impossible as you find out that the
> most are really talking to a computer which does the shifting when it
> decides is optimal.

In Europe most cars are still stick, around 80%.


> 
> As that happens the place where a programmer makes changes goes higher
> and higher. They no longer see a system by itself but see 10,000 nodes
> sitting in some cloud. They really could care less if 10% of them drop
> off because there is a tool which is going ot bring 1000 back online
> when that happens. However they may still be worrying about making a
> change 'low' level to them. It is just light years above where those
> of us with only 10 or a 100 systems can dream about.
> 


-- 
Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

StarOS, Mikrotik and CentOS/RHEL/Linux consultant
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Lamar Owen]

On 10/4/19 10:40 AM, Valeri Galtsev wrote:
My impression is younger generation doesn't value rules that 
programmers were following 2-3 decades ago. One of which is:


Do not make any changes [in the program] unless they are absolutely 
necessary.


I have in the past agreed with this assessment more than once.  And I 
_am_ somewhat of an old hand at this, having run Unix and Unix-like 
systems for a bit over 30 years.


The fact of the matter is that, even though some of the old ways work 
just fine and don't need to be changed, many more times I've seen that, 
if the old way was a kludge to begin with, maybe there really is a 
better way to do it.  Take the transition from horse and buggy to 
automobile for instance.  Iron rim tires work just great for the buggy, 
not so great for the automobile; a change had to be made in an old 
technology (the wheel) to meet the needs of the new automobile.  Lots of 
wheelwrights probably fought that change, too.


I've seen the old ways, and there are more kludges out there than some 
would like to admit.  (obOldWayRef: article on 'the kluge' from the 1966 
Datamation book 'Faith, Hope, and Parity.')  Just remember: the old ways 
back then was punch card and batch; what do you mean you want more than 
one person to use such an expensive thing as a computer live, wasting 
its valuable time?  Many seem to forget just how subversive Unix was 
back in the day relative the the old ways.



...
Yet one more thing is: building superstructure on top of what actually 
works.


The definition of what works can and does change over time.  Sure, an 
iron rim wheel can work for the new automobile, but the basic change in 
what the wheel needed to do (with buggy the wheel doesn't need to 
provide good traction, that's what hooves are for, and narrow and smooth 
work best; with the automobile all of a sudden the drive wheels need to 
provide traction, and even though the iron-rim wheel still works after a 
fashion on smooth ground, there is a better way to do it).  I can just 
hear the old-school wheelwrights saying "well, if it gets stuck in the 
mud then just don't go in the mud!"  or "why would anyone want to go 
faster than the horse-drawn buggy could?" or "why would you need to turn 
that quickly and at that speed?" or "why in the world would you want 
brakes to stop you that quickly?" and the list goes on.


I _am_ old-school in thought, but I do consciously make the effort to 
understand the newer reasoning, rather than be the greybeard that 
constantly talks about how I did it in the old days.  Heh, in the old 
days I made it work with K C, 1MB of RAM, and an 8MHz CPU and I 
griped about the misfeatures then!.


Today, I'm doing things with containers, virtualization, dynamic load 
balancing, software-defined infrastructure/IaaS, etc that the old ways 
simply cannot handle.  NetworkManager/systemd/etc in CentOS are far from 
perfect, but at least they're trying to solve the newer problems that 
the old ways in many cases simply cannot.


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Ljubomir Ljubojevic]

On 10/4/19 4:42 PM, Lamar Owen wrote:
> On 10/4/19 10:00 AM, Ljubomir Ljubojevic wrote:
>> On 10/4/19 3:03 PM, Chris Adams wrote:
>>> ...
>>> See the NetworkManager-config-server package. 
>> Ahh, thanks. I was wondering about it but never investigated.
> H.
> Description :
> This adds a NetworkManager configuration file to make it behave more
> like the old "network" service. In particular, it stops NetworkManager
> from automatically running DHCP on unconfigured ethernet devices, and
> allows connections with static IP addresses to be brought up even on
> ethernet devices with no carrier.
> 
> This package is intended to be installed by default for server
> deployments.
> ++
> Well, learn something new every day nice.  Time to learn a bit more
> about what it will do, and see about deploying to our KVM hosts. 
> I've not had the bridged network issues some seem to have been plagued
> with, and I have several KVM hosts with bridged networking (with
> multiple VLANs) using NetworkManager (using nmtui to configure a bridge
> isn't hard). I decided to configure it that way just ot see how easy or
> hard it was to do with NM, and to test its stability, and after passing
> testing under load I popped it into production, running a few Windows 7
> guests and a couple of CentOS 7 guests.

It is OK if your KVM host is on LAN cable that never is disconnected or
power goes down.
But I have a laptop I use first at work where I use LAN and then at home
where I use WLAN only, and suspending laptop is same as disconnecting
LAN, bridge is disabled and KVM bridged network unhooked, and you can
never reinitialize it without at least restarting kvm, and full
treatmant is shuting down VM, restarting NM then network then starting
VM again... So I just shutdown VM and laptop and boot everey itme I
move. Maybe I can change this behavior now.


> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
> 


-- 
Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

StarOS, Mikrotik and CentOS/RHEL/Linux consultant
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Stephen John Smoogen]

On Fri, 4 Oct 2019 at 10:41, Valeri Galtsev  wrote:
>
>
>
> On 2019-10-04 08:03, Chris Adams wrote:
> > Once upon a time, Ljubomir Ljubojevic  said:
> >> Bridge for VM's is main reason I hate NM.
>
> +1
>
> My impression is younger generation doesn't value rules that programmers
> were following 2-3 decades ago. One of which is:
>

It is the same evolution you see in other industries. Auto mechanics
constantly complain about how the newer generation is 'dumber' for not
knowing the beauty of a vehicle that the mechanic had when they were
in their teens. [Of course they also rail on the fact that their
grandparents car was a complete junk that was too simple to work.]
Most of the tools we had 30 years ago in computers are like working on
a Model T era vehicle. They allowed for a lot of configuration choices
and fine tuning but they also were limited vastly in other ways. You
can't run a fleet of 1000 Model TT trucks made in 1923 as well as you
could 1000 1933 trucks. You ended up losing some of the knowledge of
hand-crafting your own gears but you got the ability to go faster,
carry heavier loads and better gas mileage without working as hard at
getting a mile out of a quart.

The transmissions of the 1933 were considered 'automatic' compared to
some 1912 vehicles.. even if you had a clutch because you no longer
had to get out and turn something to make it go in reverse. The
'truly' automatic transmissions of the 1950's were horrible and it
wasn't until the 1970's where they became 'liveable'. Today trying to
find a real stick shift is almost impossible as you find out that the
most are really talking to a computer which does the shifting when it
decides is optimal.

As that happens the place where a programmer makes changes goes higher
and higher. They no longer see a system by itself but see 10,000 nodes
sitting in some cloud. They really could care less if 10% of them drop
off because there is a tool which is going ot bring 1000 back online
when that happens. However they may still be worrying about making a
change 'low' level to them. It is just light years above where those
of us with only 10 or a 100 systems can dream about.

-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Lamar Owen]

On 10/4/19 10:00 AM, Ljubomir Ljubojevic wrote:

On 10/4/19 3:03 PM, Chris Adams wrote:

...
See the NetworkManager-config-server package. 

Ahh, thanks. I was wondering about it but never investigated.

H.
Description :
This adds a NetworkManager configuration file to make it behave more
like the old "network" service. In particular, it stops NetworkManager
from automatically running DHCP on unconfigured ethernet devices, and
allows connections with static IP addresses to be brought up even on
ethernet devices with no carrier.

This package is intended to be installed by default for server
deployments.
++
Well, learn something new every day nice.  Time to learn a bit more 
about what it will do, and see about deploying to our KVM hosts.  
I've not had the bridged network issues some seem to have been plagued 
with, and I have several KVM hosts with bridged networking (with 
multiple VLANs) using NetworkManager (using nmtui to configure a bridge 
isn't hard). I decided to configure it that way just ot see how easy or 
hard it was to do with NM, and to test its stability, and after passing 
testing under load I popped it into production, running a few Windows 7 
guests and a couple of CentOS 7 guests.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Valeri Galtsev]

On 2019-10-04 08:03, Chris Adams wrote:

Once upon a time, Ljubomir Ljubojevic  said:

Bridge for VM's is main reason I hate NM.


+1

My impression is younger generation doesn't value rules that programmers 
were following 2-3 decades ago. One of which is:


Do not make any changes [in the program] unless they are absolutely 
necessary.


This rule was helping to not introduce new bugs. Debugging is really 
expensive process (that is why it often gets abridged in favor of 
spending effort on yet more "new features" - see, e.g. firefox and friends).


Yet one more thing is: building superstructure on top of what actually 
works. NM is one of examples. Printer configuration tool is another 
(whereas CUPS web interface - http://localhost:631 - is same simple, and 
is even better). I understand potential goal: to give newcomers the way 
to handle thing (by pointing, clicking and "it works" ;-). But there is 
a limit to the extent Linux can steal Microsoft's userbase. At some 
point having your machine behave as iPad gets so annoying that some 
Linux folks flee either their DE (Desktop Environment) to something 
"more traditional", e.g. mate; or some go lengths, and flee their 
workstations and laptops to one of BSD descendents (my main system on 
laptop is FreeBSD, though it also boots to MS Windows and Ubuntu Linux).


I know it sounds like a rant, but I decided against putting rant tags on 
this one.


Valeri


I now mess with both NM and
br0 controled by network because I use Windows VM on my laptop. As soon
as you disconnect LAN cable your eth and bridge connection are gone and
stupid KVM can not recover and reconnect to newly activated bridge when
you return LAN cable, even only a second later...


See the NetworkManager-config-server package.



--

Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-docs] CentOS 8 Release Notes - Czech translation

[Alan Bartlett]

On Fri, 4 Oct 2019 at 15:16, Alan Bartlett  wrote:
>
> On Fri, 4 Oct 2019 at 09:37, Jan Papež (honyczek)
>  wrote:
> >
> > Thank you David.
> >
> > As it is written in article
> > https://wiki.centos.org/Contribute#head-42b3d8e26400a106851a61aebe5c2cca54dd79e5
> > (Subheader 3. Contribute to the Wiki) it is necessary to write here to
> > allow access. So I did it.
> >
> > Is there anybody who can give me the right to edit pages on wiki, please?
> >
> > Jan
> >
> Sorry for the delay. I will attend to it in the next few minutes.
>
> Alan.

Please try now.

Alan.
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs

Re: [CentOS] kpatch (live kernel patching) in CentOS 7.7?

[Lamar Owen]

On 10/4/19 9:35 AM, Phelps, Matthew wrote:

...
I'm still puzzled why RedHat is doing it then, and making it more 
generally available (to paying customers even), if it's so dire a 
proposition that it will fail so badly, so often. That seems 
counter-intuitive to me. 


It would likely boil down to a risk-benefit analysis; for RHEL RH is 
willing to take the risks associated with it due to the added benefits 
of offering it.  And, well, the elephant in the room is that it is one 
of the things that make an RHEL subscription more attractive, whether 
that's an intended effect or not. Ubuntu/Canonical apparently made a 
different analysis, per another poster in-thread.


Of course, I'm in a similar situation to you in that we're a non-profit 
and don't have the budget for RHEL subscriptions.  So what I've done 
here is to stay on top of what the kernel issues are, and schedule 
reboots accordingly, and take those long-running analysis job machines 
and temporarily suspend general Internet accessibility until a reboot is 
possible if the kernel issue warrants that.  I likely don't have 
anywhere near as many of those jobs running as you, but I still can 
sympathize!



Anyway, I again point out that the CentOS documentation should be made 
clear that this functionality won't ever be coming to CentOS.


I would suggest the team, rather than a blanket statement that it's 
'never' coming to CentOS would articulate (Smooge's  posts are a great 
start!) what it would take from the community to make it happen, thus 
leaving the question open-ended.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-docs] CentOS 8 Release Notes - Czech translation

[Alan Bartlett]

On Fri, 4 Oct 2019 at 09:37, Jan Papež (honyczek)
 wrote:
>
> Thank you David.
>
> As it is written in article
> https://wiki.centos.org/Contribute#head-42b3d8e26400a106851a61aebe5c2cca54dd79e5
> (Subheader 3. Contribute to the Wiki) it is necessary to write here to
> allow access. So I did it.
>
> Is there anybody who can give me the right to edit pages on wiki, please?
>
> Jan
>
Sorry for the delay. I will attend to it in the next few minutes.

Alan.
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs

[CentOS-es] CloudStack

[Eriel Perez]

Hola colegas de la lista. Saludos antes que todo.

Deseo implementar CloudStack en mi empresa. Recientemente estoy haciendo 
algunos test.



Estoy desarrollando la guia 
(http://docs.cloudstack.apache.org/en/4.13.0.0/quickinstallationguide/qig.html) 



Pero no logro que se me adicione el host, ni tampoco logro que adicionar 
el primary storage.


Alguien aqui ha implementado con exito esta guia? Alguna documentacion 
mejor?


Cualquier ayuda es bienvenida.

Gracias.

___
CentOS-es mailing list
CentOS-es@centos.org
https://lists.centos.org/mailman/listinfo/centos-es

Re: [CentOS] CentOS 8 network-scripts

[Ljubomir Ljubojevic]

On 10/4/19 3:03 PM, Chris Adams wrote:
> Once upon a time, Ljubomir Ljubojevic  said:
>> Bridge for VM's is main reason I hate NM. I now mess with both NM and
>> br0 controled by network because I use Windows VM on my laptop. As soon
>> as you disconnect LAN cable your eth and bridge connection are gone and
>> stupid KVM can not recover and reconnect to newly activated bridge when
>> you return LAN cable, even only a second later...
> 
> See the NetworkManager-config-server package.
> 
Ahh, thanks. I was wondering about it but never investigated.

-- 
Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

StarOS, Mikrotik and CentOS/RHEL/Linux consultant
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] kpatch (live kernel patching) in CentOS 7.7?

[Stephen John Smoogen]

On Fri, 4 Oct 2019 at 09:36, Phelps, Matthew  wrote:
>
> On Fri, Oct 4, 2019 at 9:24 AM Stephen John Smoogen 
> wrote:
>

> Thanks for the explanation(s).
>
> I'm still puzzled why RedHat is doing it then, and making it more generally
> available (to paying customers even), if it's so dire a proposition that it
> will fail so badly, so often. That seems counter-intuitive to me.
>

Because they have kernel developers, qa, and other staff dedicated to
making that kpatch work? They have a large set of servers to test
different workloads? They have some time before the kernel is built
internally and when it is made available externally to do all this and
hand tune any problems found? Because big companies are paying a large
amount of money to make it work and so the extra labour is profitable?

In the past, all of this would be a challenge for people to come
together and show that they can also do it themselves... or improve on
something to make it so less labour intensive at parts. If that
happens, I am happy to have laid out the challenge :).

> Anyway, I again point out that the CentOS documentation should be made
> clear that this functionality won't ever be coming to CentOS.
>
> -Matt
>
>
> --
>
> *Matt Phelps*
>
> *Information Technology Specialist, Systems Administrator*
>
> (Computation Facility, Smithsonian Astrophysical Observatory)
>
> Center for Astrophysics | Harvard & Smithsonian
>
>
> 60 Garden Street | MS 39 | Cambridge, MA 02138
> email: mphe...@cfa.harvard.edu
>
>
> cfa.harvard.edu | Facebook  | Twitter
>  | YouTube 
> | Newsletter 
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos



-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] kpatch (live kernel patching) in CentOS 7.7?

[Kai Bojens]

Am 04.10.19 um 15:35 schrieb Phelps, Matthew:

> I'm still puzzled why RedHat is doing it then, and making it more generally
> available (to paying customers even), if it's so dire a proposition that it
> will fail so badly, so often. That seems counter-intuitive to me.

I've been using kernel live patching on an Ubuntu Machine for several
years now without any problems (Ubuntu offers them for registered users
for free (three machines per account)) and haven't noticed any downsides
so far.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] kpatch (live kernel patching) in CentOS 7.7?

[Phelps, Matthew]

On Fri, Oct 4, 2019 at 9:24 AM Stephen John Smoogen 
wrote:

> On Fri, 4 Oct 2019 at 08:18, Phelps, Matthew 
> wrote:
> >
> > On Fri, Oct 4, 2019 at 6:33 AM Jim Perrin  wrote:
> >
> > >
> > >
> > > On 10/3/19 9:35 PM, Stephen John Smoogen wrote:
> > > > On Thu, 3 Oct 2019 at 13:52, Phelps, Matthew <
> mphe...@cfa.harvard.edu>
> > > wrote:
> > > >>
> > > >> On Thu, Oct 3, 2019 at 1:42 PM Jim Perrin 
> wrote:
> > > >>
> > > >>>
> > > >>>
> > > >>> On 10/3/19 1:32 PM, Phelps, Matthew wrote:
> > >  Forgive me if this has been answered before and I've missed it.
> > > 
> > >  This https://access.redhat.com/solutions/2206511 says live kernel
> > > >>> patches
> > >  will be available via yum updates as of RHEL 7.7. Is this carried
> > > over to
> > >  CentOS 7.7.1908?
> > > 
> > > >>>
> > > >>> The functionality should be available, but we don't provide
> patches in
> > > >>> this way, no.
> > > >
> > > >>
> > > >> What would it take to make this happen? This would be a huge help to
> > > those
> > > >> of us running servers. Not to mention it would make the world a more
> > > secure
> > > >> place :)
> > > >>
> > >
> > > The short answer is "a team of kernel engineers, which we don't have".
> > > Smooge's overview which I've left below is great at explaining some of
> > > this:
> > >
> > >
> > I don't understand. If RHEL is putting out patches, and CentOS is a
> > recompile of RHEL, hasn't that "team of kernel engineers " already done
> the
> > work?
> >
>
> No. because most of the work on making a patch is after the kernel is
> compiled and working. Thus even though you have the same source code,
> similar compilers etc.. there are going to be differences which have
> to be looked at to make sure it is really working. A CentOS kernel is
> not exactly the same as a RHEL kernel is not the same as a Oracle
> kernel is not the same as the one you recompiled locally. From most
> operational points they seem the same, but kernel patching is where
> those differences really show up.
>
> Yes it would be easy to set up some automated tool which 'made'
> kpatches.. and I expect they may 'work' for most systems. But I also
> expect that they would also eat babies more times than people would
> like. If sites really need them, they can set up the tooling
> themselves and make them work when they know they want it. Trying to
> make it a general purpose answer for something which may corrupt data
> 5 or 20% or 40% of the time.. is just waiting to be on Slashdot daily
> (wait do we do Slashdot anymore.. Reddit? nope the kids aren't there
> anymore either.. ok someplace daily) in a bad way.
>
>
>
Thanks for the explanation(s).

I'm still puzzled why RedHat is doing it then, and making it more generally
available (to paying customers even), if it's so dire a proposition that it
will fail so badly, so often. That seems counter-intuitive to me.

Anyway, I again point out that the CentOS documentation should be made
clear that this functionality won't ever be coming to CentOS.

-Matt


-- 

*Matt Phelps*

*Information Technology Specialist, Systems Administrator*

(Computation Facility, Smithsonian Astrophysical Observatory)

Center for Astrophysics | Harvard & Smithsonian


60 Garden Street | MS 39 | Cambridge, MA 02138
email: mphe...@cfa.harvard.edu


cfa.harvard.edu | Facebook  | Twitter
 | YouTube 
| Newsletter 
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 Broken Installation

[Günther J . Niederwimmer]

Hello,

Am Mittwoch, 2. Oktober 2019, 22:22:09 CEST schrieb Ljubomir Ljubojevic:
> I saw it uses Intel hdd controler so I thought it could be similar.
> 
> Here is solution for instaling CentOS 8 on Dell T610 with SAS controler
> (copied from Mike Chan):

on this morning I tested this with a DUD CD from Elrepo. I like to tell all it 
is working again :-).

I found my drives again

Many many thanks for all helped People,

-- 
mit freundlichen Grüssen / best regards,

  Günther J. Niederwimmer


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] kpatch (live kernel patching) in CentOS 7.7?

[Stephen John Smoogen]

On Fri, 4 Oct 2019 at 08:18, Phelps, Matthew  wrote:
>
> On Fri, Oct 4, 2019 at 6:33 AM Jim Perrin  wrote:
>
> >
> >
> > On 10/3/19 9:35 PM, Stephen John Smoogen wrote:
> > > On Thu, 3 Oct 2019 at 13:52, Phelps, Matthew 
> > wrote:
> > >>
> > >> On Thu, Oct 3, 2019 at 1:42 PM Jim Perrin  wrote:
> > >>
> > >>>
> > >>>
> > >>> On 10/3/19 1:32 PM, Phelps, Matthew wrote:
> >  Forgive me if this has been answered before and I've missed it.
> > 
> >  This https://access.redhat.com/solutions/2206511 says live kernel
> > >>> patches
> >  will be available via yum updates as of RHEL 7.7. Is this carried
> > over to
> >  CentOS 7.7.1908?
> > 
> > >>>
> > >>> The functionality should be available, but we don't provide patches in
> > >>> this way, no.
> > >
> > >>
> > >> What would it take to make this happen? This would be a huge help to
> > those
> > >> of us running servers. Not to mention it would make the world a more
> > secure
> > >> place :)
> > >>
> >
> > The short answer is "a team of kernel engineers, which we don't have".
> > Smooge's overview which I've left below is great at explaining some of
> > this:
> >
> >
> I don't understand. If RHEL is putting out patches, and CentOS is a
> recompile of RHEL, hasn't that "team of kernel engineers " already done the
> work?
>

No. because most of the work on making a patch is after the kernel is
compiled and working. Thus even though you have the same source code,
similar compilers etc.. there are going to be differences which have
to be looked at to make sure it is really working. A CentOS kernel is
not exactly the same as a RHEL kernel is not the same as a Oracle
kernel is not the same as the one you recompiled locally. From most
operational points they seem the same, but kernel patching is where
those differences really show up.

Yes it would be easy to set up some automated tool which 'made'
kpatches.. and I expect they may 'work' for most systems. But I also
expect that they would also eat babies more times than people would
like. If sites really need them, they can set up the tooling
themselves and make them work when they know they want it. Trying to
make it a general purpose answer for something which may corrupt data
5 or 20% or 40% of the time.. is just waiting to be on Slashdot daily
(wait do we do Slashdot anymore.. Reddit? nope the kids aren't there
anymore either.. ok someplace daily) in a bad way.





-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS8 and crypto-policies

[Stephen John Smoogen]

On Fri, 4 Oct 2019 at 03:49, Todor Petkov  wrote:
>
> Hi,
>
> I started playing with CentOS8 and I am trying to set default crypto
> policies for openssh server/client. In CentOS7 I followed the guide
> from https://infosec.mozilla.org/guidelines/openssh.html and set
> KexAlgorithms /Ciphers/MACs in sshd_config.
>
> In CentOS8 I can edit
> /usr/share/crypto-policies/$POLICY/opensshserver.txt for the sshd
> arguments, but editing openssh.txt or even changing default crypto
> policy to FIPS seems to not affect the client options (ssh -Q mac)
>
> Is the client supposed to be affected by these policies or they are
> only for the server?
>

There seem to be 2 files in that directory
./DEFAULT/openssh.txt
./DEFAULT/opensshserver.txt
./EMPTY/openssh.txt
./EMPTY/opensshserver.txt
./FIPS/openssh.txt
./FIPS/opensshserver.txt
./FUTURE/openssh.txt
./FUTURE/opensshserver.txt
./LEGACY/openssh.txt
./LEGACY/opensshserver.txt

So I would guess that you need to edit the openssh.txt for clients.
HOWEVER, the /etc/ssh/ssh_config will tell you that this is only last
default:

# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

If the user sets things differently on the command line or in their
.ssh/config file.. it will override your defaults.


Another thing.. to determine how the policies are set, I would
recommend reading through those config files. They will say that they
are looking to include data in /etc/ssh/ssh_config.d/* which has
/etc/ssh/ssh_config.d/05-redhat.conf on my system. Going into that..
it says it will attempt to

Include /etc/crypto-policies/back-ends/openssh.config

which will be pointing to the file you want. Since htat file might
change in an update, you may want to override settings by putting the
defaults you want in
01_site_defaults.cfg

which would then get read in before 05-redhat.conf and be the ones to use.




-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Chris Adams]

Once upon a time, Ljubomir Ljubojevic  said:
> Bridge for VM's is main reason I hate NM. I now mess with both NM and
> br0 controled by network because I use Windows VM on my laptop. As soon
> as you disconnect LAN cable your eth and bridge connection are gone and
> stupid KVM can not recover and reconnect to newly activated bridge when
> you return LAN cable, even only a second later...

See the NetworkManager-config-server package.

-- 
Chris Adams 
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Ljubomir Ljubojevic]

On 10/4/19 2:27 PM, Phelps, Matthew wrote:
> On Fri, Oct 4, 2019 at 6:26 AM Jim Perrin  wrote:
> 
>>
>>
>> On 10/3/19 2:42 PM, Jerry Geis wrote:
>>> I have need to use the old network-scripts and not NetworkManager.
>>
>> Why? I'd like to understand more about the use case where this is a
>> requirement.
>>
>>
>>
> One example we have is qemu virtual machine hosts where setting up the
> bridge in the ifcfg scripts is easier and avoiding NetworkManager messing
> things up in a non-intuitive way is critical.
> 
> Also, we have 150+ machines with fixed IP addresses, always-on connections,
> and no wireless. Having NetworkManager do seemingly random things is not
> desirable.
> 
> FWIW we disable NetworkManager with systemctl in our potinstall kickstart
> scripts and it seems to do what we want.
> 

+1

Bridge for VM's is main reason I hate NM. I now mess with both NM and
br0 controled by network because I use Windows VM on my laptop. As soon
as you disconnect LAN cable your eth and bridge connection are gone and
stupid KVM can not recover and reconnect to newly activated bridge when
you return LAN cable, even only a second later...

-- 
Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

StarOS, Mikrotik and CentOS/RHEL/Linux consultant
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Ljubomir Ljubojevic]

On 10/4/19 2:08 PM, Mike Litoris via CentOS wrote:
> On 10/4/19 12:27 PM, Jim Perrin wrote: Why? I'd like to understand more 
> about the use case where this is a requirement.I'd say for the sake of 
> simplicity...Why complicate things with NM when you only need to set an IP 
> ?The ifconfig files were great.Why is the choice, to use or not to use NM, 
> not left the en end user ?That is the question...
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
> 

Almost all use Network Manager because it can be context/network
sensitive and is tied to systemd along with Firewald.

I do not like NM, but it is here to stay.

-- 
Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

StarOS, Mikrotik and CentOS/RHEL/Linux consultant
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Phelps, Matthew]

On Fri, Oct 4, 2019 at 6:26 AM Jim Perrin  wrote:

>
>
> On 10/3/19 2:42 PM, Jerry Geis wrote:
> > I have need to use the old network-scripts and not NetworkManager.
>
> Why? I'd like to understand more about the use case where this is a
> requirement.
>
>
>
One example we have is qemu virtual machine hosts where setting up the
bridge in the ifcfg scripts is easier and avoiding NetworkManager messing
things up in a non-intuitive way is critical.

Also, we have 150+ machines with fixed IP addresses, always-on connections,
and no wireless. Having NetworkManager do seemingly random things is not
desirable.

FWIW we disable NetworkManager with systemctl in our potinstall kickstart
scripts and it seems to do what we want.

-- 
> Jim Perrin
> The CentOS Project | http://www.centos.org
> twitter: @BitIntegrity | GPG Key: FA09AD77
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 

*Matt Phelps*

*Information Technology Specialist, Systems Administrator*

(Computation Facility, Smithsonian Astrophysical Observatory)

Center for Astrophysics | Harvard & Smithsonian


60 Garden Street | MS 39 | Cambridge, MA 02138
email: mphe...@cfa.harvard.edu


cfa.harvard.edu | Facebook  | Twitter
 | YouTube 
| Newsletter 
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] kpatch (live kernel patching) in CentOS 7.7?

[Phelps, Matthew]

On Fri, Oct 4, 2019 at 6:33 AM Jim Perrin  wrote:

>
>
> On 10/3/19 9:35 PM, Stephen John Smoogen wrote:
> > On Thu, 3 Oct 2019 at 13:52, Phelps, Matthew 
> wrote:
> >>
> >> On Thu, Oct 3, 2019 at 1:42 PM Jim Perrin  wrote:
> >>
> >>>
> >>>
> >>> On 10/3/19 1:32 PM, Phelps, Matthew wrote:
>  Forgive me if this has been answered before and I've missed it.
> 
>  This https://access.redhat.com/solutions/2206511 says live kernel
> >>> patches
>  will be available via yum updates as of RHEL 7.7. Is this carried
> over to
>  CentOS 7.7.1908?
> 
> >>>
> >>> The functionality should be available, but we don't provide patches in
> >>> this way, no.
> >
> >>
> >> What would it take to make this happen? This would be a huge help to
> those
> >> of us running servers. Not to mention it would make the world a more
> secure
> >> place :)
> >>
>
> The short answer is "a team of kernel engineers, which we don't have".
> Smooge's overview which I've left below is great at explaining some of
> this:
>
>
I don't understand. If RHEL is putting out patches, and CentOS is a
recompile of RHEL, hasn't that "team of kernel engineers " already done the
work?

I fully realize this is not a panacea for never rebooting again, but if we
can patch a critical kernel bug immediately, then schedule less disruptive
reboots in a week or three, this would help tremendously.

>> Is it an upstream issue? No SRPMS available? Etc?
> >>
>
> It's quite a bit more work than just SRPM (re) building. This is one of
> those things where if your workflow requires this functionality rather
> than the occasional reboot you should really just pay for RHEL. They put
> far more people and testing behind this feature than the team building
> CentOS is able to.
>
> (DISCLAIMER: I work for RH, so that may not sound as true as it is)
>
>
I knew someone was going to say that. :) In our case, as I'm sure is the
case for many other environments, we are a noncommercial CentOS shop that
can't afford the resources to have a mixed environment, not to mention the
RHEL licenses. Not all of the machines I'm thinking of are critical
infrastructure. We have many researchers running simulations that take
weeks, sometimes months, to finish, and avoiding the occasional forced
immediate reboot for a critical kernel bug would help expand Human
Knowledge :).

Anyway, I saw the functionality for live kernel patching in the RHEL 7.7
release notes, which the CentOS 7.7.1908 release notes pointed to, and
assumed (hoped?) that it would be available for us as well. If it won't
ever be provided, then I suggest the CentOS documentation be updated to
explicitly state so.


>
> >> Just trying to understand. I don't follow the centos-devel list. Has
> this
> >> been discussed there, or elsewhere?
> >>
> >
> > There is a lot to go into making a correct kpatch. You have to
> > determine that you have a working kpatch (you can have one which works
> > on 1% and corrupts 80% and crashes 19%), you have to determine that
> > the patch fixes the problem (you can build patches which should do the
> > right thing but don't), and you have to determine that it doesn't add
> > in some sort of long term corruption of memory/disk/etc. That takes
> > specialized kernel expertise, a large amount of varied hardware to
> > test the patch on, some amount of time, and a very large test suite.
> >
> > You can also only live patch a system so many times and in only
> > certain places. There are just some parts of the kernel which have to
> > be rebooted and others you can put in a patch which works but your
> > performance is going to be 25% of what it was before. There are other
> > places that if you patch.. that is it.. try another and you hardlock.
> > As much as some sites like to call it some sort of panacea for never
> > having to reboot again.. it is really meant to be a tourniquet to air
> > chopter the crash victim to a hospital. They may still not make it...
> > you are just giving them a chance.
> >
> >
> >
>
> --
> Jim Perrin
> The CentOS Project | http://www.centos.org
> twitter: @BitIntegrity | GPG Key: FA09AD77
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 

*Matt Phelps*

*Information Technology Specialist, Systems Administrator*

(Computation Facility, Smithsonian Astrophysical Observatory)

Center for Astrophysics | Harvard & Smithsonian


60 Garden Street | MS 39 | Cambridge, MA 02138
email: mphe...@cfa.harvard.edu


cfa.harvard.edu | Facebook  | Twitter
 | YouTube 
| Newsletter 
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Mike Litoris via CentOS]

On 10/4/19 12:27 PM, Jim Perrin wrote: Why? I'd like to understand more 
about the use case where this is a requirement.I'd say for the sake of 
simplicity...Why complicate things with NM when you only need to set an IP ?The 
ifconfig files were great.Why is the choice, to use or not to use NM, not left 
the en end user ?That is the question...
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Compiling latest postfix fails on C8

[Adrian van Bloois]

Problem solved by installing libnsl2-devel, thanks guys.
Any idea where I could fin clamav??
On Wed, Oct 02, 2019 at 02:33:34PM +0200, Adrian van Bloois wrote:
> Hi,
> I tried to compile the latest version of postfix, runs fine on C6 and C7,
> on C8 it fails.
> Complaining about missing ypclnt.h, this should com from glibc-headers.
> Any suggestions?
> 
>   Adrian
> 
> 
> 
> -- 
>   Adri P. van Bloois
> 
> 
> "Elegance is not a dispensable luxury but a factor that decides between 
>  success and failure."
>   Edsger W. Dijkstra

-- 
Adri P. van Bloois


"Elegance is not a dispensable luxury but a factor that decides between 
 success and failure."
Edsger W. Dijkstra
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] kpatch (live kernel patching) in CentOS 7.7?

[Jim Perrin]

On 10/3/19 9:35 PM, Stephen John Smoogen wrote:

On Thu, 3 Oct 2019 at 13:52, Phelps, Matthew  wrote:


On Thu, Oct 3, 2019 at 1:42 PM Jim Perrin  wrote:




On 10/3/19 1:32 PM, Phelps, Matthew wrote:

Forgive me if this has been answered before and I've missed it.

This https://access.redhat.com/solutions/2206511 says live kernel

patches

will be available via yum updates as of RHEL 7.7. Is this carried over to
CentOS 7.7.1908?



The functionality should be available, but we don't provide patches in
this way, no.




What would it take to make this happen? This would be a huge help to those
of us running servers. Not to mention it would make the world a more secure
place :)



The short answer is "a team of kernel engineers, which we don't have". 
Smooge's overview which I've left below is great at explaining some of this:



Is it an upstream issue? No SRPMS available? Etc?



It's quite a bit more work than just SRPM (re) building. This is one of 
those things where if your workflow requires this functionality rather 
than the occasional reboot you should really just pay for RHEL. They put 
far more people and testing behind this feature than the team building 
CentOS is able to.


(DISCLAIMER: I work for RH, so that may not sound as true as it is)



Just trying to understand. I don't follow the centos-devel list. Has this
been discussed there, or elsewhere?



There is a lot to go into making a correct kpatch. You have to
determine that you have a working kpatch (you can have one which works
on 1% and corrupts 80% and crashes 19%), you have to determine that
the patch fixes the problem (you can build patches which should do the
right thing but don't), and you have to determine that it doesn't add
in some sort of long term corruption of memory/disk/etc. That takes
specialized kernel expertise, a large amount of varied hardware to
test the patch on, some amount of time, and a very large test suite.

You can also only live patch a system so many times and in only
certain places. There are just some parts of the kernel which have to
be rebooted and others you can put in a patch which works but your
performance is going to be 25% of what it was before. There are other
places that if you patch.. that is it.. try another and you hardlock.
As much as some sites like to call it some sort of panacea for never
having to reboot again.. it is really meant to be a tourniquet to air
chopter the crash victim to a hospital. They may still not make it...
you are just giving them a chance.





--
Jim Perrin
The CentOS Project | http://www.centos.org
twitter: @BitIntegrity | GPG Key: FA09AD77
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 network-scripts

[Jim Perrin]

On 10/3/19 2:42 PM, Jerry Geis wrote:

I have need to use the old network-scripts and not NetworkManager.


Why? I'd like to understand more about the use case where this is a 
requirement.



--
Jim Perrin
The CentOS Project | http://www.centos.org
twitter: @BitIntegrity | GPG Key: FA09AD77
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS-8 QEMU guest won't bring virtio_net interface up.

[LAHAYE Olivier]

Hi,

I’m trying to PXE boot from qemu a CentOS-8 initrd, but despite I set 
rd.neednet=1, the virtio_net module is not loaded and the interface is not 
brought up.
If I modprobe it by hand, it brings an eth0 interface.

My initrd was created using dracut that includes network, qemu and qemu-net 
modules
Qemu is started with EFI bios and vritio ethernet emulation

Questions are:

  *   Is it a known bug/ issue?
  *   What Am I missing?
  *   Lspci does see the Red Hat, Inc. Virtio network device, but nothing 
triggers the module load (virtio_net)
  *   After doing modprobe virtio_net, the interface is named eth0 (it seems 
that it doesn’t follow the modern network device naming scheme)

Before reporting a bug, I want to make sure that I’m not missing something.

Regards,

Olivier.
--
Olivier LAHAYE
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-docs] CentOS 8 Release Notes - Czech translation

[honyczek]

Thank you David.

As it is written in article
https://wiki.centos.org/Contribute#head-42b3d8e26400a106851a61aebe5c2cca54dd79e5
(Subheader 3. Contribute to the Wiki) it is necessary to write here to
allow access. So I did it.

Is there anybody who can give me the right to edit pages on wiki, please?

Jan

pá 4. 10. 2019 v 10:14 odesílatel David Hrbáč  napsal:

>
> Jan,
>
> I'm not able to modify ACLs on the page... It must be done by admin.
>
> DH
>
> pá 4. 10. 2019 v 9:09 odesílatel Jan Papež (honyczek) 
>  napsal:
>>
>> Hello,
>>
>> I see the page, but there is no button to edit it. If I try to add
>> ?action=edit to URL, wiki shows message "Nemáte dovoleno editovat tuto
>> stránku." (You are not allowed to edit this page).
>>
>> Jan
>>
>> čt 3. 10. 2019 v 21:08 odesílatel David Hrbáč  napsal:
>> >
>> > Jan,
>> >
>> > I have created the page. Are you able to edit it?
>> >
>> > Regards.
>> > DH
>> >
>> > čt 3. 10. 2019 v 19:20 odesílatel Jan Papež (honyczek) 
>> >  napsal:
>> >>
>> >> Hello,
>> >>
>> >> I'm Jan Papež and I'd like to contribute to CentOS Wiki as translator. 
>> >> I'm planning to translate Release Notes of CentOS 8, but now I have no 
>> >> rights to create new page: 
>> >> https://wiki.centos.org/Manuals/ReleaseNotes/CentOS8.1905/Czech My 
>> >> username is JanPapez. Please, could you give me an access to make it?
>> >>
>> >> Thank you.
>> >>
>> >> Jan Papež
>> >> ___
>> >> CentOS-docs mailing list
>> >> CentOS-docs@centos.org
>> >> https://lists.centos.org/mailman/listinfo/centos-docs
>> >
>> > ___
>> > CentOS-docs mailing list
>> > CentOS-docs@centos.org
>> > https://lists.centos.org/mailman/listinfo/centos-docs
>>
>>
>>
>> --
>> Jan Papež (honyczek)
>> ___
>> CentOS-docs mailing list
>> CentOS-docs@centos.org
>> https://lists.centos.org/mailman/listinfo/centos-docs
>
> ___
> CentOS-docs mailing list
> CentOS-docs@centos.org
> https://lists.centos.org/mailman/listinfo/centos-docs



--
Jan Papež (honyczek)
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs

Re: [CentOS-docs] CentOS 8 Release Notes - Czech translation

[David Hrbáč]

Jan,

I'm not able to modify ACLs on the page... It must be done by admin.

DH

pá 4. 10. 2019 v 9:09 odesílatel Jan Papež (honyczek) <
honyczek-mail...@email.cz> napsal:

> Hello,
>
> I see the page, but there is no button to edit it. If I try to add
> ?action=edit to URL, wiki shows message "Nemáte dovoleno editovat tuto
> stránku." (You are not allowed to edit this page).
>
> Jan
>
> čt 3. 10. 2019 v 21:08 odesílatel David Hrbáč 
> napsal:
> >
> > Jan,
> >
> > I have created the page. Are you able to edit it?
> >
> > Regards.
> > DH
> >
> > čt 3. 10. 2019 v 19:20 odesílatel Jan Papež (honyczek) <
> honyczek-mail...@email.cz> napsal:
> >>
> >> Hello,
> >>
> >> I'm Jan Papež and I'd like to contribute to CentOS Wiki as translator.
> I'm planning to translate Release Notes of CentOS 8, but now I have no
> rights to create new page:
> https://wiki.centos.org/Manuals/ReleaseNotes/CentOS8.1905/Czech My
> username is JanPapez. Please, could you give me an access to make it?
> >>
> >> Thank you.
> >>
> >> Jan Papež
> >> ___
> >> CentOS-docs mailing list
> >> CentOS-docs@centos.org
> >> https://lists.centos.org/mailman/listinfo/centos-docs
> >
> > ___
> > CentOS-docs mailing list
> > CentOS-docs@centos.org
> > https://lists.centos.org/mailman/listinfo/centos-docs
>
>
>
> --
> Jan Papež (honyczek)
> ___
> CentOS-docs mailing list
> CentOS-docs@centos.org
> https://lists.centos.org/mailman/listinfo/centos-docs
>
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs

[CentOS] CentOS8 and crypto-policies

[Todor Petkov]

Hi,

I started playing with CentOS8 and I am trying to set default crypto
policies for openssh server/client. In CentOS7 I followed the guide
from https://infosec.mozilla.org/guidelines/openssh.html and set
KexAlgorithms /Ciphers/MACs in sshd_config.

In CentOS8 I can edit
/usr/share/crypto-policies/$POLICY/opensshserver.txt for the sshd
arguments, but editing openssh.txt or even changing default crypto
policy to FIPS seems to not affect the client options (ssh -Q mac)

Is the client supposed to be affected by these policies or they are
only for the server?

Regards,
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-docs] CentOS 8 Release Notes - Czech translation

[honyczek]

Hello,

I see the page, but there is no button to edit it. If I try to add
?action=edit to URL, wiki shows message "Nemáte dovoleno editovat tuto
stránku." (You are not allowed to edit this page).

Jan

čt 3. 10. 2019 v 21:08 odesílatel David Hrbáč  napsal:
>
> Jan,
>
> I have created the page. Are you able to edit it?
>
> Regards.
> DH
>
> čt 3. 10. 2019 v 19:20 odesílatel Jan Papež (honyczek) 
>  napsal:
>>
>> Hello,
>>
>> I'm Jan Papež and I'd like to contribute to CentOS Wiki as translator. I'm 
>> planning to translate Release Notes of CentOS 8, but now I have no rights to 
>> create new page: 
>> https://wiki.centos.org/Manuals/ReleaseNotes/CentOS8.1905/Czech My username 
>> is JanPapez. Please, could you give me an access to make it?
>>
>> Thank you.
>>
>> Jan Papež
>> ___
>> CentOS-docs mailing list
>> CentOS-docs@centos.org
>> https://lists.centos.org/mailman/listinfo/centos-docs
>
> ___
> CentOS-docs mailing list
> CentOS-docs@centos.org
> https://lists.centos.org/mailman/listinfo/centos-docs



-- 
Jan Papež (honyczek)
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs

Re: [CentOS] Keyboard backlight fails with recent kernels

[Ljubomir Ljubojevic]

On 10/3/19 10:24 PM, Rob Kampen wrote:
> I do not use my laptop often, normally my better half has possession and
> use of it.
> 
> It is a late 2011 ASUS ROG G73S which performs very well.
> 
> The keyboard backlight was an issue initially under CentOS6, but the
> kind folks at elrepo found the missing bits in a more recent kernel and
> created a package to add them to the older CentOS6 kernel.
> 
> An upgrade to CentOS7 went without a hitch and the keyboard lighting has
> worked fine.
> 
> Recently I sat infront of the machine and couldn't see the keys - no
> backlight.
> 
> A number of reboots later I have found that the latest kernel that I
> have on the machine, that works okay is 3.10.0-862.14.4.el7.x86_64
> 
> 3.10.0-957.21.2.el7 and 3.10.0-957.27.2.el7 both fail to load/activate
> the driver for the keyboard.
> 
> Would someone with the requisite knowledge please advise what I need to do.
> 
> Is this a case for using the CentOSplus kernel or do I need to find and
> load a driver or two? or do I need to request the elrepo folk to make a
> suitable package.
> 

I propose following:
Install and test with latest centosplus kernel (I use them exclusively
because all drivers are enabled and some stuff is added/enabled that
RHEL disables for speed since they do not not need them).

After you test centosplus kernel, not matter the outcome, file a bug
report with all the details at https://bugs.centos.org so devs can
triage the problem.




> Thanks
> Rob
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
> 


-- 
Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

StarOS, Mikrotik and CentOS/RHEL/Linux consultant
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8 Broken Installation

[Ljubomir Ljubojevic]

On 10/4/19 12:28 AM, Allan wrote:
> På Thu, 3 Oct 2019 07:38:05 -0500
> Valeri Galtsev
>  skrev:
>>> On Oct 3, 2019, at 6:24 AM, Günther J. Niederwimmer
>>>  wrote:
>>>
>>>
>>> 07:00.0 Serial Attached SCSI controller [0107]: Intel Corporation
>>> C602 chipset 4-Port SATA Storage Control Unit [8086:1d6b] (rev 06)?
>>>
>>> what is the Problem with this chipset and why it is no longer
>>> supported ?? 
>>
>> My impression is that you have it set to “RAID” instead of “AHCI” in
>> BIOS. Switch in BIOS its operation to AHCI, you will see attached
>> drives. Configure these drives as software RAID.
> 
> Of course he set it to RAID. He wouldn't be able to boot his raid, if he
> set it to AHCI. If set to AHCI, it would require an extra disk to boot
> the system.
> 
>> As a matter of fact neither of fake RAID cards were ever supported by
>> systems I know of (excluding MS Windows) as RAID cards. That is where
>> jargon “fake RAID” widely used by Linux Folks comes from.
> 
> Really ? You have really never heard of this small company called Intel,
> whos chipset have been able to boot Linux in RAID mode for a very long
> time ?
> 
>> System board manufacturers (motherboard is common jargon for system
>> board for over 20 years) share their part in the spreading of fake
>> RAID chips. Fake RAID chip is cheap (pun intended), so adding it to
>> system board does not increase its cost much, but increases it
>> apparent value in eyer of uninformed (I should say ignorant) mass
>> consumer. It is probably time to call garbage (fake RAID) garbage and
>> not expect from it to behave as real RAID (hardware RAID), and
>> definitely not put blame on the system for garbage hardware being
>> garbage hardware.
> 
> You are right, a BIOS chip is really very cheap, and that is all that
> the chipset needs to be able to boot in RAID mode on the existing AHCI
> controllers. There is no raid "card" in these systems - aka no special
> extra raid cpu to control anything.
> All the RAID BIOS does is boot the system to load GRUB ( and maybe GRUB
> uses the same BIOS INT13H service to load the kernel).
> After that, kernel drivers take over - and that is MDADM doing the rest
> of the job, as Intel RAID bios is MDADM compatible.>
> Call it FAKE raid, call it BIOS raid or whatever - it is in fact just a
> Linux software mdadm raid - with the added ability to boot directly from
> the BIOS. I don't see any reason to call this a bad solution or
> unstable in any way more than what mdadm is.

You are wrong. Mdraid (mdadm is only a tool for mdraid) is SOFTWARE
RAID, to create RAID system of regular or AHCI chipset. No part of
mdraid uses BIOS, it is all in kernel/driver.

What you described is actually "dmraid" (discover, configure and
activate software (ATA)RAID ). Dmraid is just an interface for fakeRAID
BIOS to work, and bugs in fakeRAID BIOSes (for which firmare updates
barely exist) are the reason (some) fakeRAID chipsets are removed from
kernel.



> 
> I have myself a small desktop/server system here running for almost 7
> years according to SMART on my disks - booting from such a Intel Z77
> chipset to a mdadm raid 5.
> 
> I do run Fedora on this system as RH most likely have removed my chipset
> from Centos 8 too.
> 
>   Allan.
> 
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
> 


-- 
Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

StarOS, Mikrotik and CentOS/RHEL/Linux consultant
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos