[CentOS] Announcing the version 1.0 hexpeek release!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Announcing the version 1.0 hexpeek release! I am pleased to announce the first stable release of hexpeek, which seeks to be an efficient, powerful, and portable hex editor for files of all kinds and sizes. This release improves on the beta release with a live undo, a greatly increased backup depth, better support for writing to non-seekable files, and some miscellaneous cleanup. Visit https://www.hexpeek.com for more information. Out of respect for the bandwidth on this mailing list, I do not plan to announce future hexpeek releases here. There is a mailing list on https://www.hexpeek.com where future announcements will be posted. If you are interested in hexpeek becoming a package/port for your distro, please let me know. -BEGIN PGP SIGNATURE- iQJIBAEBCgAyFiEEfeRsn/lRU2hTiGbecMFr/kefAX8FAl8qMysUHGhleHBlZWtA aGV4cGVlay5jb20ACgkQcMFr/kefAX9U9w//QlTM/zrd25att9/yYcqbQPkDAqhr sjCtSfMoY6sLlsI1IFR1GDu0v0l+TiW4R2iDDn8dD7esLBrhHXe+QLWd9OjioCF7 jB3Tpg+ozk9GMmwDFglbU6hiwTAM4w7O4NKrLEuR/kQoWZzweEXGjIV2ytWhCpps tsl3c/t2rSG0SqlhcHrQpy0uZ38v7f7+o3BCH23gqzdAW+mvvPC9iYLfYJqUGDRt fc5zmouLai9ZAARpqK3Mhu/RTlv8DnxpmsIt2cSJ6OFVbonKBqvDk1RFbLqSUwhU iJv+wMF97f2HT7g1RCNG+GGClD0TvceFP+8qhwIYUhBaRXLe1u+gEEqXvmlURd0h m77ydS58Z1ND1YGw01rTTBzDxnW21HHTFCqGHfRKOjVcLEQrt8CkTvcf7tM5fX+n fodXdEv8k8rrhbOYDyWqurdekWPZCrvrzEPuF+Ww/W6ownW8RwP2cgNccfOiuC2P dTJdIe5j4VASLtC17iUcwDiQuZYWdK5oBlf/ws9flInFHOlGVUGXuD1pum05Iq1u OZeJEHJj+yvP1drm4A1O8z3r8XfPa2WmWsQBc0TP8lOvU3l/E20p1T3TPs8EQbqA dRJyN1PcAv63DE0USa2P+tB18jZkvDV15YT/6yDkOtKEgIdtSsw6H5oscs96LfuI cKK++c04aRN9e28= =02ro -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 7 shim fix failed
At 05:01 PM 8/4/2020, you wrote: Am 05.08.20 um 01:27 schrieb david: At 04:18 PM 8/4/2020, you wrote: Am 05.08.20 um 01:09 schrieb david: At 01:54 PM 8/4/2020, you wrote: On Tue, 04 Aug 2020 13:44:05 -0700 david wrote: > After all the updates, the system was NOT bootable. How long did you wait for it to boot, and what did it do when it failed to boot?àWhat text messages showed up on the console?àAny reported errors when you ran the update or when you rebooted the computer?àIf so, what did the say? I personally haven't had any issues updating any of my computers (using a mix of Centos 6, 7 and 8) but maybe they're all too old to for the issue to show up. -- How long did I wait:à5 minutes What on the console:ànothing, just a dull gray color Errors on update:ànone - But when I blocked the update, it booted within a minute, and ran. Can you boot the system with all updates and secureboot=off? (Just to be sure; I imply that you use UEFI, right?) -- Leon I'm not sure how to turn 'secure boot' off or if it exists. (MacMini5.2). I presume it uses UEFI, but not sure how to answer that. Oh, an apple device. AFAIK the openfirmware of such hardware have also a legacy mode. So first check if it uses the UEFI mode at all by checking if this directory exists (in the working/bootable system): # ls -la /sys/firmware/efi if so test the secure boot state with # mokutil --sb-state Boot failure only occurs when the grub2/shim/mokutil updates are applied. [root@xxx -]ls -la /sys/firmware/efi total 0 drwxr-xr-x 5 root root0 Aug 4 17:12 . drwxr-xr-x 7 root root0 Aug 4 14:30 .. -r--r--r-- 1 root root 4096 Aug 4 17:12 config_table drwxr-xr-x 2 root root0 Aug 4 14:30 efivars -r--r--r-- 1 root root 4096 Aug 4 17:12 fw_platform_size -r--r--r-- 1 root root 4096 Aug 4 17:12 fw_vendor -r--r--r-- 1 root root 4096 Aug 4 17:12 runtime drwxr-xr-x 10 root root0 Aug 4 17:12 runtime-map -r 1 root root 4096 Aug 4 14:31 systab drwxr-xr-x 23 root root0 Aug 4 17:12 vars [root@xxx ~]# mokutil --sb-state This system doesn't support Secure Boot [root@xxx ~]# ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 7 shim fix failed
Am 05.08.20 um 01:27 schrieb david: At 04:18 PM 8/4/2020, you wrote: Am 05.08.20 um 01:09 schrieb david: At 01:54 PM 8/4/2020, you wrote: On Tue, 04 Aug 2020 13:44:05 -0700 david wrote: > After all the updates, the system was NOT bootable. How long did you wait for it to boot, and what did it do when it failed to boot? What text messages showed up on the console? Any reported errors when you ran the update or when you rebooted the computer? If so, what did the say? I personally haven't had any issues updating any of my computers (using a mix of Centos 6, 7 and 8) but maybe they're all too old to for the issue to show up. -- How long did I wait: 5 minutes What on the console: nothing, just a dull gray color Errors on update: none - But when I blocked the update, it booted within a minute, and ran. Can you boot the system with all updates and secureboot=off? (Just to be sure; I imply that you use UEFI, right?) -- Leon I'm not sure how to turn 'secure boot' off or if it exists. (MacMini5.2). I presume it uses UEFI, but not sure how to answer that. Oh, an apple device. AFAIK the openfirmware of such hardware have also a legacy mode. So first check if it uses the UEFI mode at all by checking if this directory exists (in the working/bootable system): # ls -la /sys/firmware/efi if so test the secure boot state with # mokutil --sb-state Boot failure only occurs when the grub2/shim/mokutil updates are applied. -- Leon ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 7 shim fix failed
At 04:18 PM 8/4/2020, you wrote: Am 05.08.20 um 01:09 schrieb david: At 01:54 PM 8/4/2020, you wrote: On Tue, 04 Aug 2020 13:44:05 -0700 david wrote: > After all the updates, the system was NOT bootable. How long did you wait for it to boot, and what did it do when it failed to boot? What text messages showed up on the console? Any reported errors when you ran the update or when you rebooted the computer? If so, what did the say? I personally haven't had any issues updating any of my computers (using a mix of Centos 6, 7 and 8) but maybe they're all too old to for the issue to show up. -- How long did I wait: 5 minutes What on the console: nothing, just a dull gray color Errors on update: none - But when I blocked the update, it booted within a minute, and ran. Can you boot the system with all updates and secureboot=off? (Just to be sure; I imply that you use UEFI, right?) -- Leon I'm not sure how to turn 'secure boot' off or if it exists. (MacMini5.2). I presume it uses UEFI, but not sure how to answer that. Boot failure only occurs when the grub2/shim/mokutil updates are applied. David ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 7 shim fix failed
Am 05.08.20 um 01:09 schrieb david: At 01:54 PM 8/4/2020, you wrote: On Tue, 04 Aug 2020 13:44:05 -0700 david wrote: > After all the updates, the system was NOT bootable. How long did you wait for it to boot, and what did it do when it failed to boot? What text messages showed up on the console? Any reported errors when you ran the update or when you rebooted the computer? If so, what did the say? I personally haven't had any issues updating any of my computers (using a mix of Centos 6, 7 and 8) but maybe they're all too old to for the issue to show up. -- How long did I wait: 5 minutes What on the console: nothing, just a dull gray color Errors on update: none - But when I blocked the update, it booted within a minute, and ran. Can you boot the system with all updates and secureboot=off? (Just to be sure; I imply that you use UEFI, right?) -- Leon ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 7 shim fix failed
At 01:54 PM 8/4/2020, you wrote: On Tue, 04 Aug 2020 13:44:05 -0700 david wrote: > After all the updates, the system was NOT bootable. How long did you wait for it to boot, and what did it do when it failed to boot? What text messages showed up on the console? Any reported errors when you ran the update or when you rebooted the computer? If so, what did the say? I personally haven't had any issues updating any of my computers (using a mix of Centos 6, 7 and 8) but maybe they're all too old to for the issue to show up. -- How long did I wait: 5 minutes What on the console: nothing, just a dull gray color Errors on update: none - But when I blocked the update, it booted within a minute, and ran. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS Security Advisories OVAL feed??
On Tue, Aug 4, 2020 at 11:34 AM wrote: > Q5) If the answer to the last question is "no": shouldn't there be such > a resource? > CentOS doesn't publish security errata. If you need it then you should either buy RHEL, or deal with putting together your own set up with something like http://cefs.steve-meier.de/ ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 7 shim fix failed
On Tue, 04 Aug 2020 13:44:05 -0700 david wrote: > After all the updates, the system was NOT bootable. How long did you wait for it to boot, and what did it do when it failed to boot? What text messages showed up on the console? Any reported errors when you ran the update or when you rebooted the computer? If so, what did the say? I personally haven't had any issues updating any of my computers (using a mix of Centos 6, 7 and 8) but maybe they're all too old to for the issue to show up. -- Can we uninstall 2020 and install it again? This one has a virus. MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 7 shim fix failed
Your system was most likely rebuilding the initrd, and you interrupted it leaving you with a broken initrd. Try booting off a rescue disk and chroot into the install, and run: dracut -f -v to regenerate all the initrds. Also, you don't need to reinstall the kernel but just do a 'yum update' to get everything up to the latest release. The shim package with the fix is the latest. -- Jonathan Billings ___ Jonathan et al: On the assumption that all the updates should now "just work", I did a from-scratch reinstall of a minimal Centos 7 system starting from netinstall and added software that I've always added (perl, dhcp, mariadb, etc). I did not exclude shim, etc in "/etc/yum.conf". After all the updates, the system was NOT bootable. I repeated the install and updates, but this time including the line in /etc/yum.conf exclude=grub2* shim* mokutil and ended up with a usable system. This was not the result I was hoping for. David ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 7 shim fix failed
On Tue, Aug 04, 2020 at 10:54:50AM -0700, david wrote: > Yum got up to the point: > > Running transaction > Installing : kernel-3.10.0-1127.el7.x86_64 1/1 > > at which point the process appeared to hang. No further output happened for > five minutes. I opened a different terminal and entered "shutdown -r now". > The result is an unbootable system. > > > What did I do wrong? I must admit that there are multiple copies of advice > on the mailing list, so perhaps I followed the wrong one? Your system was most likely rebuilding the initrd, and you interrupted it leaving you with a broken initrd. Try booting off a rescue disk and chroot into the install, and run: dracut -f -v to regenerate all the initrds. Also, you don't need to reinstall the kernel but just do a 'yum update' to get everything up to the latest release. The shim package with the fix is the latest. -- Jonathan Billings ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Centos 7 shim fix failed
Following the advice on this mailing list, I rebuilt (from scratch) Centos 7.8. I added the following line into /etc/yum.conf before the first update: exclude=grub2* shim* mokutil The system worked fine. I was able to do general updates yum -y update and all was well. HOWEVER, following Johnny Hughes' directions: a) remove the 'exclude' line from yum.conf b) perform update: yum -y update c) reinstall kernel. Here the instructions were vague, so I typed in... yum reinstall kernel-3.10.0 deriving the "3.10.0" label by the output of rpm -qa | grep kernel Yum got up to the point: Running transaction Installing : kernel-3.10.0-1127.el7.x86_64 1/1 at which point the process appeared to hang. No further output happened for five minutes. I opened a different terminal and entered "shutdown -r now". The result is an unbootable system. What did I do wrong? I must admit that there are multiple copies of advice on the mailing list, so perhaps I followed the wrong one? -- So now, I tried the 'repair' mechanism, but couldn't make that work either. So, it was back to initial from-scratch install. David ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS Security Advisories OVAL feed??
Dear List, I have spent some time playing around with oscap and the RHEL OVAL feed (https://www.redhat.com/security/data/oval/v2/RHEL8/, also check Chapter 16 of the RHEL 8 Design Guide). Because I could not find an existing OVAL file for CentOS, I downloaded one of the RHEL8 files and managed to modify (eg. the rhel-8.1-e4s.oval.xml) it to make it work on a CentOS machine. Basically I just had to change the package signing key check to use the CentOS key and I had to replace the redhat-release RPM package name with "centos-release". Obviously, this would violate all kinds of rights if redistributed, due to the fact that the upstream vendor is named all over the place, but technically it "worked". On an internal system running a freshly updated CentOS 8.1 system I ended up with three errors, titled: * RHSA-2019:4269: container-tools:rhel8 security and bug fix update (Important) * RHSA-2019:3403: container-tools:rhel8 security, bug fix, and enhancement update (Important) * RHSA-2019:2799: nginx:1.14 security update (Important) This raises some questions (some of them connected), namely: Q1) There are no equivalent CESA advisories for those RHSA advisories: why is that? Note that there are also no equivalent CentOS packages to those mentioned in the RHSA advisories. (My guess: because, when the advisories where issued, Centos already had moved on to 8.2) Q2) Does this indicate a problem in the release process / handling of upstream updates on the side of the CentOS project? Were the advisories missed at the time of issuance? Q3) Does this indicate that only the latest CentOS (minor) release can be considered "secure" or "patched"? Q4) Is there a native OVAL file released from the CentOS project covering these issues? It could be extremely similar to the RHEL one, but it should take the answers to the above questions into account (eg. it could require the latests minor-release and there would only be one file for CentOS 8 if the answer to Q3 is "yes"). Q5) If the answer to the last question is "no": shouldn't there be such a resource? Thanks for any answers. peter ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Safe to do yum update now?
> Am 04.08.2020 um 17:59 schrieb Jerome Lille : > > Hello > > Luckily I was not afflicted by this boot hole problem. I haven't done > yum update in a week or so. I just want to make sure that now it is > safe to do yum update? It is. > > /Jerome > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Safe to do yum update now?
Hello Luckily I was not afflicted by this boot hole problem. I haven't done yum update in a week or so. I just want to make sure that now it is safe to do yum update? /Jerome ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fixing grub/shim issue Centos 7
On Tue, 2020-08-04 at 10:36 -0500, Chris Adams wrote: > Once upon a time, Johnny Hughes said: > > The issues should now be resolved. > > > > If you just mount /mnt/sysimage, set an ip address and upgrade (to get > > th new shim) .. then: > > > > yum reinstall > > I'm curious - why does the kernel need to be reinstalled? The shim-x64 > package installs its files directly to the EFI partition where they are > needed. > +1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fixing grub/shim issue Centos 7
Once upon a time, Johnny Hughes said: > The issues should now be resolved. > > If you just mount /mnt/sysimage, set an ip address and upgrade (to get > th new shim) .. then: > > yum reinstall I'm curious - why does the kernel need to be reinstalled? The shim-x64 package installs its files directly to the EFI partition where they are needed. -- Chris Adams ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fixing grub/shim issue Centos 7
On 8/4/20 9:51 AM, Johnny Hughes wrote: > On 8/4/20 1:31 AM, lpeci wrote: >> Hi all, >> >> I had the same problem with my UEFI bios machine and I fixed it so for >> Centos 7: >> >> 1) Boot from an rescue linux usb >> >> 2) When the rescue system is running: >> >> 2.1) #chroot /mnt/sysimage >> >> 3) Config network: >> >> 3.1) # ip addr add X.X.X.X/X dev X >> >> 3.2) # ip route add default via X.X.X.X <--- default router >> >> 4) And finally: >> >> #yum downgrade shim\* grub2\* mokutil >> >> #exit >> >> #reboot >> >> I hope you can fix it with these steps. >> >> El 4/8/20 a las 0:56, Nicolas Kovacs escribió: >>> Le 03/08/2020 à 19:24, david a écrit : After trying several paths, some suggested on this list, here's my results. >>> Hi, >>> >>> Just back from a hiking trip. One of my clients sent me a message that >>> his >>> CentOS server refuses to boot. So tomorrow I have to drive there to >>> figure out >>> what's going on. I guess there's a high probability it's the issue >>> discussed in >>> this thread. >>> >>> Simple question: besides a tsunami of mailing list and forum messages, >>> is there >>> some to-the-point reliable information about this mess ? As well as some >>> to-the-point reliable information about how to fix it ? >>> >>> Thanks, >>> >>> Niki > > The issues should now be resolved. > > If you just mount /mnt/sysimage, set an ip address and upgrade (to get > th new shim) .. then: > > yum reinstall > > Everything should just work. > sorry .. yum reinstall kernsl- signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fixing grub/shim issue Centos 7
On 8/4/20 1:31 AM, lpeci wrote: > Hi all, > > I had the same problem with my UEFI bios machine and I fixed it so for > Centos 7: > > 1) Boot from an rescue linux usb > > 2) When the rescue system is running: > > 2.1) #chroot /mnt/sysimage > > 3) Config network: > > 3.1) # ip addr add X.X.X.X/X dev X > > 3.2) # ip route add default via X.X.X.X <--- default router > > 4) And finally: > > #yum downgrade shim\* grub2\* mokutil > > #exit > > #reboot > > I hope you can fix it with these steps. > > El 4/8/20 a las 0:56, Nicolas Kovacs escribió: >> Le 03/08/2020 à 19:24, david a écrit : >>> After trying several paths, some suggested on this list, here's my >>> results. >> Hi, >> >> Just back from a hiking trip. One of my clients sent me a message that >> his >> CentOS server refuses to boot. So tomorrow I have to drive there to >> figure out >> what's going on. I guess there's a high probability it's the issue >> discussed in >> this thread. >> >> Simple question: besides a tsunami of mailing list and forum messages, >> is there >> some to-the-point reliable information about this mess ? As well as some >> to-the-point reliable information about how to fix it ? >> >> Thanks, >> >> Niki The issues should now be resolved. If you just mount /mnt/sysimage, set an ip address and upgrade (to get th new shim) .. then: yum reinstall Everything should just work. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fixing grub/shim issue Centos 7
On 8/4/20 2:31 AM, lpeci wrote: 3) Config network: 3.1) # ip addr add X.X.X.X/X dev X 3.2) # ip route add default via X.X.X.X <--- default router While I appreciate the thoughts behind this step in the instructions, and I thank you for the post that will be useful to those running fairly traditional servers, there are numerous cases where this simply will not work to bring up a network while booted into the rescue mode chroot. Not all, and maybe not even most, CentOS machines are traditional servers with simple direct ethernet connections that don't require more steps. I can just off the top of my head think of three cases where the above won't work: Case 1: Virtualization host with a bridge on multiple VLANs over a bond. Depending upon the type of bond, it may or may not be possible to bring up the host's interface to the network with the commands above. More than half of my server machines here fall under this case. Case 2: workstation with wired network and 802.1x authentication. Case 3: workstation or laptop with only a wireless interface that requires a supplicant to authenticate. Yes, workstation and laptop installs of CentOS do exist and are actively used and are just as important to recover as any traditional server. For my laptop I was able to recover thanks to the 'nmtui' text-mode interactive interface to NetworkManager, bringing up any of my WiFi SSIDs with authentication; if any of my virtualization hosts had hit this problem (none did, interestingly enough) nmtui would have allowed me to activate the bridge on the host admin vlan quickly and easily from, again, a nice interactive text interface that is dead-simple to use quickly and accurately, and where you don't have to do any extra steps to get the interface name or any other details; nmtui just takes care of it in an intuitive manner. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fixing grub/shim issue Centos 7
> Am 04.08.2020 um 08:31 schrieb lpeci : > > Hi all, > > I had the same problem with my UEFI bios machine and I fixed it so for Centos > 7: > > 1) Boot from an rescue linux usb > > 2) When the rescue system is running: > > 2.1) #chroot /mnt/sysimage > > 3) Config network: > > 3.1) # ip addr add X.X.X.X/X dev X > > 3.2) # ip route add default via X.X.X.X<--- default router > > 4) And finally: > > #yum downgrade shim\* grub2\* mokutil As there are updated and working packages available now, downgrading is no longer needed, another update will also work. # yum makecache # yum upgrade You should see a shim-x64 package with version 15.8 which is the working version (15.7 caused the problem) > > #exit > > #reboot > > I hope you can fix it with these steps. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fixing grub/shim issue Centos 7
Hi all, I had the same problem with my UEFI bios machine and I fixed it so for Centos 7: 1) Boot from an rescue linux usb 2) When the rescue system is running: 2.1) #chroot /mnt/sysimage 3) Config network: 3.1) # ip addr add X.X.X.X/X dev X 3.2) # ip route add default via X.X.X.X <--- default router 4) And finally: #yum downgrade shim\* grub2\* mokutil #exit #reboot I hope you can fix it with these steps. El 4/8/20 a las 0:56, Nicolas Kovacs escribió: Le 03/08/2020 à 19:24, david a écrit : After trying several paths, some suggested on this list, here's my results. Hi, Just back from a hiking trip. One of my clients sent me a message that his CentOS server refuses to boot. So tomorrow I have to drive there to figure out what's going on. I guess there's a high probability it's the issue discussed in this thread. Simple question: besides a tsunami of mailing list and forum messages, is there some to-the-point reliable information about this mess ? As well as some to-the-point reliable information about how to fix it ? Thanks, Niki -- ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos