Re: [CentOS] CentOS Stream 8 dnf fails
Le 14/02/2022 à 13:36, Bill Gee a écrit : H. I thought I was already on stream, but apparently not. /etc/redhat-release says it is not stream. I looked for a method to upgrade. Found some notes at techrepublic. The first step is to install centos-release-stream, which fails. So what is the method for doing an upgrade? Bare metal reinstall is NOT an option. If that is the only way to do it, then I will just let this system run for a few years with no updates. As mentioned by Pete Biggs, you can also move to another RHEL clone, which have all the updates, for example Rocky Linux, or Alma Linux. There is a script to do it : https://docs.rockylinux.org/guides/migrate2rocky/ It is not recommended to not have any updates for years... Alain -- Administrateur Système/Réseau C2N Centre de Nanosciences et Nanotechnologies (UMR 9001) Boulevard Thomas Gobert (ex Avenue de La Vauve), 91120 Palaiseau Tel : 01-70-27-06-88 Bureau A255 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Grettings!
Le 19/11/2018 à 13:38, Gianluca Cecchi a écrit : Whats is CDE? https://en.wikipedia.org/wiki/Common_Desktop_Environment "This word was written in "Red Hat is Planning To Deprecate KDE on RHEL By 2024". ;) CDE not equal to KDE... Alain -- Administrateur Système/Réseau C2N (ex LPN) Centre de Nanosciences et Nanotechnologies (UMR 9001) Avenue de La Vauve, 91920 Palaiseau Tel : 01-70-27-06-88 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] IBM buying RedHat
Le 28/10/2018 à 22:10, Albert McCann a écrit : > Damn, this is bad enough to make one weep. Red Hat would stay as a distinct entity inside IBM. IBM has also contributed to Free software, and especially Linux kernel. I don't know how bad it is and the implications for CentOS... Alain -- Administrateur Système/Réseau C2N (ex LPN) Centre de Nanosciences et Nanotechnologies (UMR 9001) Avenue de La vauve, 91920 Palaiseau Tel : 01-70-27-06-88 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OpenVPN server and firewalld
Le 29/12/2017 à 10:32, Kenneth Porter a écrit : How do I insert the iptables rule below using firewalld? I'm moving up from CentOS 6 to 7 on an office gateway and I'm trying to get OpenVPN working to allow home workers to access PCs at the office. I've got it all working but only by manually inserting an ACCEPT rule in the FORWARD iptables chain: iptables -I FORWARD 3 -i tun+ -j ACCEPT This rule was extracted from my iptables firewall under CentOS6. The 3 puts it after the accepts for established connections and loopback connections, but before any firewalld sub-chains. With this I can connect to an internal Windows 10 system with Remote Desktop. How can I inject this rule using firewalld, either as a direct rule or as some more firewalld-approved kind of rule? You can see perhaps this link, to add opnvpn service to firewalld : https://unix.stackexchange.com/questions/149144/configuring-openvpn-to-use-firewalld-instead-of-iptables-on-centos-7 Alain -- Administrateur Système/Réseau C2N (ex LPN) Centre de Nanosciences et Nanotechnologies (UMR 9001) Site de Marcoussis, Data IV, route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] The future of centos
Le 04/04/2015 03:01, Francis Gerund a écrit : Almost everyone here has probably read this by now. If so, move along, nothing new here. But just in case you haven't, please take the time to read this. Here it is, in their own words: what Redhat thinks of Centos, and it's plans for the future of Centos. Can you read between the lines? In this case, it isn't very hard to do, IMHO. community.redhat.com/centos-faq Yes, I already read this last June, when RedHat announced they had recruited CentOS main developpers. I don't see anything new here, or at least no change since this time. So, nothing new concerning the future of CentOS. Could you elaborate what you read between the lines there ? Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] os-release file doesn't match upstream?
Le 01/04/2015 20:23, Stephen Harris a écrit : On a fully patched C7 machine... % cat /etc/redhat-release CentOS Linux release 7.1.1503 (Core) % cat /etc/os-release NAME=CentOS Linux VERSION=7 (Core) ID=centos ID_LIKE=rhel fedora VERSION_ID=7 PRETTY_NAME=CentOS Linux 7 (Core) ANSI_COLOR=0;31 CPE_NAME=cpe:/o:centos:centos:7 HOME_URL=https://www.centos.org/; BUG_REPORT_URL=https://bugs.centos.org/; CENTOS_MANTISBT_PROJECT=CentOS-7 CENTOS_MANTISBT_PROJECT_VERSION=7 REDHAT_SUPPORT_PRODUCT=centos REDHAT_SUPPORT_PRODUCT_VERSION=7 In particular note the version ID is 7 On a RedHat machine: % cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.1 (Maipo) % cat /etc/os-release NAME=Red Hat Enterprise Linux Server VERSION=7.1 (Maipo) ID=rhel ID_LIKE=fedora VERSION_ID=7.1 PRETTY_NAME=Red Hat Enterprise Linux Server 7.1 (Maipo) ANSI_COLOR=0;31 CPE_NAME=cpe:/o:redhat:enterprise_linux:7.1:GA:server HOME_URL=https://www.redhat.com/; BUG_REPORT_URL=https://bugzilla.redhat.com/; REDHAT_BUGZILLA_PRODUCT=Red Hat Enterprise Linux 7 REDHAT_BUGZILLA_PRODUCT_VERSION=7.1 REDHAT_SUPPORT_PRODUCT=Red Hat Enterprise Linux REDHAT_SUPPORT_PRODUCT_VERSION=7.1 Here the version ID is 7.1; different to CentOS. Is this a bug or is it deliberate? Just when CentOS 7.1 was released, the content of redhat-release file was : [root@centos-test ~]# cat /etc/redhat-release Derived from Red Hat Enterprise Linux 7.1 (Source) Then Karanbir corrected that, as it was not coherent with previous content, and broke some tools and scripts : [root@centos7 ~]# cat /etc/redhat-release CentOS Linux release 7.0.1406 (Core) It is now : [root@centos-test ~]# cat /etc/redhat-release CentOS Linux release 7.1.1503 (Core) I think the content of the os-release file has not been corrected accordingly, and is not coherent with RHEL. But if you read the announces mailing list, it seems indeed deliberate, as already said... Alain -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [CentOS-announce] Release for CentOS Linux 7 (1503 ) on x86_64
Le 02/04/2015 18:41, Johnny Hughes a écrit : Notice that a new minor release includes new drivers for new servers, so it is important to know if you can install at all the system on your server, before any updates ! what does that have to do with an ISO name? If you use the iso that does not include the correct drivers for your new server, it could be impossible to install the server. And with the confusing naming, it could be difficult to know if the iso you have at hand has indeed have the drivers you need... Alain -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [CentOS-announce] Release for CentOS Linux 7 (1503 ) on x86_64
Le 02/04/2015 18:22, Les Mikesell a écrit : Note that any CentOS machine, updated to the same point in time, regardless of where and how it was privisioned should give you the same functional package set. This is an important thing. Yes, but how do you explain that relationship to someone who only has a summary of the RH releases or where the Centos release stands compared to it. For example, what would you have said a few days ago? Notice that a new minor release includes new drivers for new servers, so it is important to know if you can install at all the system on your server, before any updates ! Alain -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [CentOS-announce] Release for CentOS Linux 7 (1503 ) on x86_64
Le 31/03/2015 23:24, Alain Péan a écrit : It seems that also the redhat-release file has changed.Previously, it was : [root@centos7 ~]# cat /etc/redhat-release CentOS Linux release 7.0.1406 (Core) Now it is : [root@centos-test ~]# cat /etc/redhat-release Derived from Red Hat Enterprise Linux 7.1 (Source) It is also my opinion that the name CentOS-7-x86_64-DVD-1503.iso is rather confusing, it is not immediately evident that it is release 7.1. I would have prefered the name CentOS-7.1-1503-x86_64-DVD.iso, following the previous name convention. After Karanbir answer, the redhat-release file has indeed changed after a new 'yum update'. It it now : [root@centos-test ~]# cat /etc/redhat-release CentOS Linux release 7.1.1503 (Core) Thanks. It could indeed impact such tools as Dell OMSA ant a lot others I think. Alain -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [CentOS-announce] Release for CentOS Linux 7 (1503 ) on x86_64
Le 01/04/2015 22:15, Lamar Owen a écrit : So, in essence you're saying that the builders of the OS that you use and trust for daily tasks are unwise, right? Sounds to me like you might want to use something different. just the change will satisfy everyone. It is impossible to satisfy everyone. So, you refuse to hear your users, who have stated good arguments, for something that is not very difficult to change, the name of the iso, which is not coherent with the 7.0 name and confusing ? Yes, not very wise... Karanbir corrected very quickly the content of the redhat-release file, because it was totally different from 7.0, and broke a lot of scripts and applications. Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [CentOS-announce] Release for CentOS Linux 7 (1503 ) on x86_64
Le 31/03/2015 20:30, Johnny Hughes a écrit : I would have assumed that this release would be 7.1.1503, and the URL on at least one mirror has: http://mirror.fdcservers.net/centos/7.1.1503/ Guess if that's the new convention, I'll need to keep my ISO files sorted out somehow, as this progression isn't intuitive: CentOS-7.0-1406-x86_64-DVD.iso CentOS-7-x86_64-DVD-1503.iso Please take a look at the Archived Versions, and the Release Announcement: They both tell you that 7 (1503) is derived from Red Hat Enterprise Linux 7.1 Sources. So, yes, this release, that you quoted in the Subject, is indeed exactly what you said. It seems that also the redhat-release file has changed.Previously, it was : [root@centos7 ~]# cat /etc/redhat-release CentOS Linux release 7.0.1406 (Core) Now it is : [root@centos-test ~]# cat /etc/redhat-release Derived from Red Hat Enterprise Linux 7.1 (Source) It is also my opinion that the name CentOS-7-x86_64-DVD-1503.iso is rather confusing, it is not immediately evident that it is release 7.1. I would have prefered the name CentOS-7.1-1503-x86_64-DVD.iso, following the previous name convention. Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fwd: CentOS7 buggy freeradius
Le 06/03/2015 12:41, Jean-Luc OMS a écrit : anyone using freeradius around ?? I am using freeradius, but with Ubuntu server 14.04. This is version 2.1.12. Freeradius 3.0 is the new version of freeradius, and the first versions had indeed bugs. See for exemple : http://lists.freeradius.org/pipermail/freeradius-users/2014-May/072066.html Alain -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CROSS-LIST Notice: Changes in EPEL
Le 04/11/2014 13:43, Jim Perrin a écrit : Please review the package lists to see if something you use is impacted. If you're impacted and you have the required skills, please consider taking over ownership of the package. I am surprised to see as orphan such well known packages as gparted, or mercurial, even if I don't use them at the moment. Alain -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 7 for i686
Le 12/09/2014 14:53, Jatin Davey a écrit : Is there going to CentOS 7 for i686 architecture ? If yes , when will it be released ? As already explained on this list, Red Hat (The Upstream Vendor, TUV) did not release a 32 bit version, CentOS project, which follows RHEL, did not provide a 32 bit iso too. See : https://access.redhat.com/solutions/509373 See also this forum thread : https://www.centos.org/forums/viewtopic.php?f=47t=47211 Now, all CPUs are 64 bits capable, and Red Hat is looking for the professional and server market, where there is no more interest for 32 bits (memory limited even if there is PAE, UEFI and so on...) Alain -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Install and configure Nagios
Le 19/08/2014 08:33, Chandran Manikandan a écrit : Hi All, How to install and configure monitoring tools Nagios,lcinga,Zabbix and Ngnix on COS5 and COS6. What search did you do by yourself ? I fear none : http://lmgtfy.com/?q=nagios+centos+6 Alain -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Samba4 questions
Le 22/04/2014 21:21, Steve Campbell a écrit : Another samba 4 advantage, I think: You can load and use Windows Remote Server Administration Tools (RSAT) to manage the domains. How completely? Time will tell. I think you should wait for RHEL 7 (and then CentOS 7), which will be released soon (June ?). Perhaps, it well include samba4 without anything to build from source, and a rather recent one, 4.2 ? Better than to recompile to source, and the maintainers take care of the updates (security one are the most important). Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Samba4 questions
Le 22/04/2014 21:54, Reindl Harald a écrit : I think you should wait for RHEL 7 (and then CentOS 7), which will be released soon (June ?). Perhaps, it well include samba4 without anything to build from source not perhaps, for sure samba-4.1.0-3.el7.x86_64 samba-client-4.1.0-3.el7.x86_64 samba-common-4.1.0-3.el7.x86_64 samba-libs-4.1.0-3.el7.x86_64 I notice it is samba-common-4, so samba 4 will be the default in RHEL 7, not samba 3.6.x ? Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Samba4 questions
Le 22/04/2014 22:14, Reindl Harald a écrit : not perhaps, for sure samba-4.1.0-3.el7.x86_64 samba-client-4.1.0-3.el7.x86_64 samba-common-4.1.0-3.el7.x86_64 samba-libs-4.1.0-3.el7.x86_64 I notice it is samba-common-4, so samba 4 will be the default in RHEL 7, not samba 3.6.x? samba 3.x is dead Fedora did the swicth to 4.x long ago RHEL7 is based on Fedora 19 / Fedora 20 Thanks for the information. Samba 4 domains are a very different beast than samba 3.x ones (NT4 style). A samba 4 (AD style) includes its own DNS, its own LDAP etc... Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
Le 08/04/2014 19:05, Tony Mountifield a écrit : And I notice that the new libraries after applying the update are STILL called 1.0.1e - is that correct? Could be confusing. Because at this time, it's only a workaround that disable certain services, not a fix to the libraries, as I read in the annoucement ? Alain -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-virt] OpenVZ variant
Hi, Le 03/04/2014 18:55, Scott Dowdle a écrit : Looking at the stats provided by the OpenVZ Project (http://stats.openvz.org/) it is obvious that CentOS is the most popular platform for both OpenVZ hosts and OpenVZ containers: Top host distros --- CentOS 56,725 Scientific2,471 RHEL 869 Debian576 Fedora111 Ubuntu 82 Gentoo 54 openSUS 18 ALT Linux10 Sabayon 6 I think these stats are more or less correct. They are based on the downloads on openvz site only. For example, I don't see the Proxmox distribution, based on debian, which offers KVM and openvz as virtualization solutions, and at the very least is installed on thousands of hosts. Proxmox uses the openvz kernel, which is based on the RHEL kernel, that is 2.6.32. I use Proxmox at work, but I am using using only KVM VMs. I would like to see something like proxmox (bare metal installation, web management...), but developped in Python, and based on CentoS... Alain ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS] [CentOS-announce] CentOS Project joins forces with Red Hat
Le 08/01/2014 11:54, Johnny Hughes a écrit : Red Hat wants their paid platforms to continue to be successful, they therefore want their community projects to be successful. I am a little bit dubious about that. Why would they sell RHEL, and give away the same thing, CentOS, just recompiled from sources ? The only thing I can see in this way is that Red Hat is mainly selling support, but why in this case don't give RHEL for free ? At least, I fear CentOS will lose its independance. Alain -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [CentOS-announce] CentOS Project joins forces with Red Hat
Le 08/01/2014 14:54, Reindl Harald a écrit : *which independence*?? CentOS is a*bug for bug* indentical rebuild of RHEL you will never face*any* change or bugfix in CentOS which is not done in the same RHEL package so about*what* independance are you talking about? For example to build a 100% bug for bug release of RHEL, and not : better able to serve the needs of open source community members who require different or faster-moving components From : http://community.redhat.com/centos-faq/ This is a kind of Fedora ? Will it supported 10 years, by recompiling the RHEL source updates too ? Alain -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [CentOS-announce] CentOS Project joins forces with Red Hat
Le 08/01/2014 15:01, Thomas Göttgens a écrit : They do that right now. - CentOS Plus-Kernel - CentOS Extras - Xen4CentOS Is RHEL interested by Xen ? In RHEL 6, there is no more Xen support, only KVM. This is the motivation for the Xen4CentOS project... -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 7 Beta is now public
Le 15/12/2013 05:55, Les Mikesell a écrit : On Sat, Dec 14, 2013 at 6:04 PM, Reindl Harald h.rei...@thelounge.net wrote: so stay on RHEL6/CentOS6 until this old hardware dies where is the problem? Google Chrome, etc. http://en.wikipedia.org/wiki/Red_Hat_Enterprise_Linux http://en.wikipedia.org/wiki/Red_Hat_Enterprise_Linux#Life-cycle_dates *who* is forcing you to RHEL7? Nobody wants old desktop apps. In this case, use Fedora. Since the release of windows 8 and 2012 (and even before) and UEFI, all new hardware are 64 bit capable, and even ARM will release a 64 bit version. Remember that in RHEL, 'E' is for Enterprise (and in CentOS, 'ent' means the same). That is, stability and maintennace on the long term are more important than recent desktop apps. Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 7 Beta is now public
Le 15/12/2013 10:23, LEVU BIS a écrit : How much GB RAM RHEL 7 64bit support ? From release notes, for x86_64, '3 TB supported/64 TB' That's the same as for RHEL 6. Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 7 Beta is now public
Le 12/12/2013 09:28, Peter a écrit : Within CentOS, we are going to do a CentOS7Beta1 build to match the release upsteam That said, there is, of course, no way to even speculate when CentOS 7 final will be released until upstream releases 7. Yes, but experience shows it takes about 6 months after the beta release, so I expect it for ~June. CentOS 6 has been released in November 2010, so it will be 3 years and a half after this. There is about 3 years between each major release. Alain -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 7 Beta is now public
Le 12/12/2013 10:41, Alain Péan a écrit : CentOS 6 has been released in November 2010 Ooops, I meant RHEL 6, of course. -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 7 Beta is now public
Le 12/12/2013 14:49, Leon Fauster a écrit : that is really an issue for us because we use EL for some small i586 hw (router etc.). You can still use CentOS 6 or RHEL 6 (maintained until 2020) ? Or buy a cheap hardware. They are now all 64 bits. You cannot say your i586 hw will live this long... Alain -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 7 Beta is now public
Le 11/12/2013 16:56, Karanbir Singh a écrit : http://ftp.redhat.com/redhat/rhel/beta/7/ Go get it ( maybe consider using a mirror ), play with it, test it, and file reports. Dont use it in production. As in the past, we highly encourage people to use the official beta builds from Red Hat and to report issues athttp://bugzilla.redhat.com/ Within CentOS, we are going to do a CentOS7Beta1 build to match the release upsteam, and do it in a manner that allows lots of people to get involved and track progress. Keep an eye out on posts on the centos-devel list to see how you can get involved and help with the CentOS Builds and testing process. There seems to be only x86_64 release ? That would be in the current trend... Alain -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 7 Beta is now public
Le 11/12/2013 18:26, Andrew Wyatt a écrit : Thanks for this, looking forward to kicking the tires to see what they did with GNOME 3. From the release notes : Red Hat Enterprise Linux 7.0 Beta features the next major version of the GNOME Desktop, GNOME 3. The user experience of GNOME 3 is largely defined by GNOME Shell, which replaces the GNOME 2 desktop shell. Apart from window management, GNOME Shell provides the top bar on the screen, which hosts the 'system status' area in the top right, a clock, and a hot corner that switches to |Activities Overview|, which provides easy access to applications and windows. The default GNOME Shell interface in Red Hat Enterprise Linux 7.0 Beta is GNOME Classic which features a window list at the bottom of the screen and traditional *Applications* and *Places* menus. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] NTLMv2 compatibility in Samba 3.0.33 standard packages
Le 25/04/2012 01:01, Andrew Reis a écrit : I've been running into the problem of clients using Windows 7 with CentOS 5.X and file/printer sharing. Correct me if I'm wrong, but the stand samba-3.0.33-x.x.x packages DO NOT provide compatibility with Windows Vista/7. I've had to manually compile samba from source or use the samba3x packages to fix the problem. Just wondering if we're ever going to have the NTLMv2 subroutines compiled into the update/centosplus repo packages. Hi Andrew, On my CentOS 5.x 5.6 machines, I removed standard samba, 3.0.33, and installed samba3x (3.5.6 at the time I did it first), for this very same reason. I don't want to compile anything if I can avoid it, and use the supported packages from the distribution, that provides updates for it. Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] FOUND_THE_ISSUE -- URGENT -- pseudo network interface creating problem with dhcp-- centos 5.5
Le 13/04/2012 10:29, John R Pierce a écrit : The BMC (Baseboard Management Controller or something like that) is another name for a management processor, similar to the IPMI I mentioned. This can be used for monitoring the system status, lights out management like remote power off and on (BMC is powered even when the server is shut down), etc. I would recommend you learn how to use it and not disable it. The BMC can also be used for remote system installation and such. Yes, it is a very useful device. It should be what is called by Dell 'iDRAC Express', because in such case, the BMC port is shared with the LAN port. If you have the 'Enterprise' version, there is a dedicated port. Certainly someone changed the default behaviour, because by default, iDRAC Express has a fixed IP, something like 192.168.1.120. As you can remote power off the server, it seems it can be used also as fencing device, in a virtualisation cluster with HA, even if I did not try myself. Alain -- = Alain Péan - LPP/CNRS Attention !! : Nouveau numéro de Telephone : 01-44-27-92-39 Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés = ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] windbind and AD authentication - UPPER CASE usernames?
Le 16/03/2012 00:15, Smithies, Russell a écrit : We're looking at using windbind and AD for our user account details but have run into a small snag. All user accounts in AD are upper case but our linux accounts are lower-case. Is there a simple solution we've overlooked? We really don't want to have to hack this... Hi Russel, For logins, windows does not make difference between uppercase and lowercase. So you can enter all your logins as lowercase, it will be fine for AD. Only for passwords, it makes a difference. Alain -- = Alain Péan - LPP/CNRS Attention !! : Nouveau numéro de Telephone : 01-44-27-92-39 Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés = ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 5.8 Critical Samba Update
Hi Johnny, Le 24/02/2012 01:34, Johnny Hughes a écrit : There is a critical update for samba for centos-5.8 ... we are working on CentOS-5.8 right now and I fully expect it to be released in a week or less. For those of you who can not wait for a week, here is the samba critical update: http://people.centos.org/hughesjr/c58-samba/x8664/critical/ http://people.centos.org/hughesjr/c58-samba/i386/critical/ These may or may not work without the rest of 5.8 ... for those who do try them, please provide feedback here in this thread. I took a look at this announce, see : http://www.securityhome.eu/mailings/mailing_pdf.php?mid=5086 And it seems to be related only to samba 3.0.33, not samba3x (3.5.6). Am I correct ? I switched all my samba installations on 5.7 to samba3x, so it seems I should not be concerned... Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] squirrelmail for 6.2
Le 01/02/2012 15:24, Giles Coochey a écrit : Hello list. I have install centos-release-6-2.el6.centos.7.x86_64 and I cant find squirrelmail. Does any know why? Check epel repo. squirrelmail-1.4.22-2.el6.noarch : webmail client written in php It may be available on the epel repo, but as it is just a bunch of php's put into a webfile I tend to just get the tarball and configure Apache/PHP to run it. Does the rpm have any features beyond that? Patches / Plugins? It is perhaps better to use the EPEL repository to get security updates (if there are) ? Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
Hi Dotan, Le 23/01/2012 17:49, Dotan Cohen a écrit : Thanks, all. I suppose that you all are right, considering that 5.2 is no longer supported. I was under the impression that this is an older but up-to-date install. This server sits in a datacenter hundreds or thousands of kilometers from anyone related to it, so I will back it all up via rsync. Do I risk my home Debian or Fedora boxes by downloading the server's files to them? Of course I won't deliberately execute any files that I download, and I won't be root, but I'd like to know if I need to take any extra precautions. Are you really sure it is CentOS 5.2 ? I am very surprised of that, as any 'yum update' would have update to 5.7. And for a public web server, I am surprised that no update at all have been done. Could you send to us the result of : # cat /etc/redhat-release For example, it is what I get from a new installed machine (CentOS 6) : $ cat /etc/redhat-release CentOS release 6.2 (Final) There could be other reasons why a machine becomes irresponsive (sleeping states for example)... Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Ad integration with centos 6
Hi dnk, Le 23/12/2011 07:23, dnk a écrit : Can anyone point me to a tutorial on using Active Directory to authenticate a centos 6 server? I just want to use it to authenticate, ssh and restrict access to a particular ad group. I prefer to use the lightest method possible. I know you can use ldap, or winbind, etc. I have been trying to follow the ones I have been googling, but none of them seem quit complete. My issue is that I have no ldap experience. Dnk I am personnally using SSSD (System Security Service Deamon) to authenticate C6 (SL6) against AD. See this blog link that looks good : http://www.ohjeah.net/2011/06/09/linux-ssh-pam-ldap-sssd-2008-r2-ad-deployment/ There is something more that I do before configuring Authentication, is to add the machine to AD with Samba (net join ads...). In /etc/krb5.conf, I added the encryption types required by AD 2008 : ... [libdefaults] ticket_lifetime = 24000 default_realm = EXAMPLE.COM default_tgs_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5 des3-hmac-sha1 default_tkt_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5 des3-hmac-sha1 clockskew = 300 Hopes that helps... Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 6.2 release: a thank you
Le 21/12/2011 19:49, Dennis Jacobfeuerborn a écrit : On 12/21/2011 07:25 PM, Louis Lagendijk wrote: Gents I would like to express my appreciation for the unbelievably quick release of Centos 6.2. Thanks a million! You managed to release 6.2 some 10 days after 6.1. Johnny, you are not that ugly after all :-). I concur and just out of curiosity does anyone have the upstream vs. downstream timing of all previous releases? Could the be the fastest release in the history of Centos so far? Regards, Dennis Hi Dennis, See wikipedia : http://en.wikipedia.org/wiki/CentOS I noticed that the release date of 6.2 was updated on this page at least as fast as 6.2 was released ! FWIW, 4.1, 4.2, and 4.3 were released faster, and 4.9 as fast. But I agree, it was a very pleasant surprise to see 6.2 released as fast, after the big delay of 6.0 and 6.1. Could the developpers explain what change in the process to achieve such a quick release (after a mail a few weeks ago of Johnny explaining how difficult it was now...) ? And yes, I agree, Johnny and Karanbir are not that ugly after all ! Thanks, Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Will CentOS 6.1 still be supported?
Le 21/12/2011 21:31, Edward Martinez a écrit : Hello, Got a question, will CentOS6.1 continue to be supported with updates, or is it mandatory to upgrade to 6.2? 6.2 is an update. So if you do an 'yum update', you will see a lot of packages being updated, and you will be automatically at 6.2. Why would you stay at 6.1 ? During all the life of a major version, 6.x for example, there are the same versions of packages, only with updates. For information, Scientific Linux does not work this way. You stay at a point version, 6.1 for example, and get updates for this point release (as CR repository). You have to ask explicitly to upgrade to next point release. Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum update for CentOS 6.2
Le 20/12/2011 22:09, Ljubomir Ljubojevic a écrit : Official announcement onwww.centos.org is dated today, Dec 20th. Congratulations to the developpers for this very quick release of CentOS 6.2. It is a very pleasant surprise. I read some posts saying that the framework for this release was in place, and it would come faster than the preceeding, but I did not expect it would come so fast ! Good point for CentOS ! Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] clustering
Le 16/11/2011 04:09, Tony Schreiner a écrit : I recommend you check out ROCKS http://www.rocksclusters.org CentOS based clustering with lots of built in goodness. Hi, I also recommend Rocks Cluster, that I used on my site. Recently, they switch to OGS, Open Grid Schduler, the open source version of SGE (there is another one too, SoGE, Son of Grid Engine), that does not depend on Oracle. In fact, SGE was relaesed by SUN under an open source license, SISSL, so open sources derivatives are allowed. For information, most SGE developpers from Oracle were hired by Univa, a company which claimed at first they would develop SGE as open source, but are now closing it... Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS versus Scientific
Le 14/11/2011 21:31, Alan McKay a écrit : Hey folks, I was just reminded of the Scientific distro, which on the surface appears to be quite similar to CentOS even when the developers over there are rather coy about which Enterprise Linux distro they base theirs on. I wonder if anyone here has done a comparison of the two that they'd care to share. I work in a Scientific Research Lab (Stem Cell Research) and am wondering if there is anything about the Scientific disto that might be better suited to our needs, even if it is only the fact that it is put together by people who work in similar environments and would therefore understand our needs better. I'm just starting to read up on it to see what I think and thought I would ask what others think. One thing I will have to look into of course is what kind of support there is - this list is absolutely fantastic for CentOS and that alone is worth a lot. cheers, -Alan Hi Alan, One difference is that SL 6.1 has been releasd on July, 28. See : http://www.scientificlinux.org/distributions/6x/rnotes/sl-release-notes-6.1.html The distrib is supported by Fermilab and CERN, and is in fact a rebuild of RHEL with very few elements added. Some which were added previously (Root...) are now in EPEL repository. There are at least two paid developpers to incure for releases and updates, which are said to be released within a couple of days : http://www.scientificlinux.org/documentation/faq/errata Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Redhat vs centos vs ubuntu
Le 11/11/2011 10:39, Bob Hoffman a écrit : Ubuntu opened the virtual host to the entire lan, all ports, and added forwarding to non existent virtual bridge that had not been built yet. This is simply false for Ubuntu Server. After first install, there is simply no single port opened, even 22, you need to install openssh for that. So there is no need for a firewall with the basic install. It is this philosophy that is not unsderstood by RHEL.CentOS users. You don't need a firewall when there are no ports opened. The first release was even delayed because it remained one open port ! Meanwhile, you can access the Internet (it does not open ports on the external), and update your machine. I am using Ubuntu Server for VMs, and I like this behavior. It is very light, and a fast installation. Then I install and open only the required services and ports, and control the ports that can reached from Internet with a site firewall. Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postfix mail server procedure
Le 09/11/2011 10:02, Leon Jacobs a écrit : On Wed, Nov 9, 2011 at 10:58 AM, John R. Dennisonj...@gerdesas.com wrote: On Wed, Nov 09, 2011 at 09:46:51AM +0100, Alexander Dalloz wrote: Am 09.11.2011 07:19, schrieb Leon Jacobs: A strong NO! Emphatically seconded. Forgetting to add A quick google came up with... and not reading the article, ill take the slap in the face this time.. These two links, even if I read them rapidly, seem more accurate : http://wiki.centos.org/HowTos/postfix http://wiki.centos.org/HowTos/Amavisd Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Back up system
Le 19/10/2011 17:43, Les Mikesell a écrit : On Wed, Oct 19, 2011 at 8:43 AM, Damas Allydama...@gmail.com wrote: I have centos 5.7 (server). I need to configure it for backup system, that means it have to back up or back up documents shall be posted or send to this server from various users (clients using windows machine and ubuntu). Can someone help me with instructions on how i can make this possible? And /or is it possible to set active directory on this machine and if possible how? Please help, i am not good enough on centos. Backuppc is about as good as it gets for online backups. It is packaged in EPEL but you can find docs and mail list info at http://backuppc.sourceforge.net/. If you want tape backups, look at amanda or bacula. And even if dated, this wiki doc is a good help for configuration under CentOS : http://wiki.centos.org/HowTos/BackupPC And this one helped me a lot to configure user authentication on Active Directory : http://tastycrepes.blogspot.com/2010/07/active-directory-and-backuppc.html Hope this helps... Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Odd issue with C6 and NIS
Hi Joe, Le 29/09/2011 18:18, Joe Pruett a écrit : since you mention nis, i'll guess you use automount as well. so be warned that centos 6 has some issues with automount. if automount requests are made rapidly (like on a mail server delivery to a large alias), it will quickly start failing to mount directories and get stuck that way for minutes. i don't have access to r*dh*t box to determine if this has been fixed with all the 6.1 updates. needless to say i can't roll out centos 6 yet. Did you try to install the CentOS 6 CR repo (continuous releaes), which brings to 6.0 the updates from 6.1 ? See : https://www.centos.org/modules/newbb/viewtopic.php?topic_id=33458forum=53 See if it solves the problem. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] this is strange and dark
Le 26/09/2011 01:44, Johnny Hughes a écrit : If he is complaining about 6.0CR ... we are getting close to releasing many of those packages. Should be a bunch in the next 2 days. Then the rest of the 6.1 updates to date couple of days after that. Of course, that assumes no issues. Hi Johnny, Thanks for the information. I understand that you want to stay cautious concerning possible problems that may arise. But I am confident, that, if you say this, you think there is a good hope to achieve this goal. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] This doesn't make sense
Le 22/09/2011 14:28, Johnny Hughes a écrit : No matter what we try to do ... some kind of rolling updates for people who do not want to wait ... or whatever the next thing is ... well you do not seem to be happy. Which rolling updates ? OK for 5.x, but 5.7 has been released, so this repo is no more useful at this time. But where is the 6.0 CR repo ? When 6.0 was relaesed, last July, it was written in the announcement it will be available within two days. More than two months after, still nothing. And no 6.1 release yet. So, there are no updates at all for 6.0 since months (6.1 has been released by upstream in May). Johnny, are you happy with this situation ? Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Yum segmentation fault updating from 5.6 to 5.7
Le 16/09/2011 17:26, sebasti...@datafaber.net a écrit : Many thanks to all the people on the list who have suggestions and advice, particularly to Alain Péan who pointed me in the right direction. You are welcome, but I don't know how my suggestions lead you to the idea to setup a local repo But I am glad it is working now for you. Cheers, Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Error in updating to 5.7
Le 14/09/2011 22:07, Karanbir Singh a écrit : Hi Alain, Do you have something interesting setup for caching, timeouts etc in yum ? or, are you perhaps behind a proxy that still served up an old ( stale ? ) repomd.xml for the same url ? Hi Karanbir, I don't have anything special in my setup I can think of, that would enable caching or timeouts... I am not behind a proxy, I have direct access to the Internet, so nothing cached on a proxy. I only enabled EPEL and Dell Open Manage repository, but I think it is fairly common. So the only thing I can imagine is a stale repond.xml on the mirror, distrib-coffee.ipsl.jussieu.fr... Notice that I am on the jussieu university network, so on the same LAN than the mirror (even if there are VLANs...). Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Yum segmentation fault updating from 5.6 to 5.7
Le 15/09/2011 18:16, sebasti...@datafaber.net a écrit : [root@picard ~]# ll /var/cache/yum/base total 1004K -rw-r--r-- 1 root root0 Sep 15 19:12 cachecookie -rw-r--r-- 1 root root 1017 Sep 15 19:11 mirrorlist.txt drwxr-xr-x 2 root root 4.0K Jul 10 12:19 packages/ -rw-r--r-- 1 root root 961K Sep 5 13:52 primary.xml.gz -rw-r--r-- 1 root root 20K Sep 15 19:12 primary.xml.gz.sqlite -rw-r--r-- 1 root root 1.2K Sep 5 13:52 repomd.xml The file /var/cache/yum/base/primary.xml.gz.sqlite is only 20KB, whereas in the normal case I'd expect it to be 6.5MB. Somehow, yum is failing to regenerate this file for the base repository, and is crashing with a segmentation fault when trying to read it. I don't know however how to make it generate a correct sqlite file. It is interesting because I had previously this error : # yum update http://mirror.centos.org/centos/5/cr/x86_64/repodata/filelists.sqlite.bz2: [Errno 14] HTTP Error 404: Not Found Trying other mirror. Error: failure: repodata/filelists.sqlite.bz2 from cr: [Errno 256] No more mirrors to try. See : http://lists.centos.org/pipermail/centos/2011-September/117615.html And here is the answer from Karanbir Singh : unfortunately, you hit an issue that I did not think anyone would see ( but was aware of... ). The issue originates from the fact that the new CR repo has no sqlite metadata store, its xml only. And your machine was trying to get the sqlite files - hitting a valid 404, since those files do not exist. See the full answer on the thread. So I wonder if it is related... I had the CR repo configured, before trying to update. In my case, yum clean all worked, but I have indeed a bigger primary.xml.gz.sqlite : # ls -lh total 36M -rw-r--r-- 1 root root 1,3M sep 6 00:28 primary.xml.gz -rw-r--r-- 1 root root 8,9M sep 14 15:11 primary.xml.gz.sqlite -rw-r--r-- 1 root root 1,2K sep 6 00:28 repomd.xml ... Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Yum segmentation fault updating from 5.6 to 5.7
Le 15/09/2011 18:37, sebasti...@datafaber.net a écrit : On Thu, 15 Sep 2011 18:33:39 +0200, Nicolas Thierry-Mieg wrote: sebasti...@datafaber.net wrote: The file /var/cache/yum/base/primary.xml.gz.sqlite is only 20KB, whereas in the normal case I'd expect it to be 6.5MB. Somehow, yum is you're not out of hard drive space on that partition, are you? Not at all: [root@picard ~]# df -h FilesystemSize Used Avail Use% Mounted on /dev/sda2 35G 3.1G 30G 10% / /dev/sdb1 1.8T 527G 1.2T 31% /data /dev/sda1 145M 34M 104M 25% /boot tmpfs1005M 0 1005M 0% /dev/shm And there's also plenty of available space on the other 5 boxes which exhibit the same issue. What if you delete (or save elsewhere) the primary.xml.gz.sqlite file ? If it is corrupted, it would do no arm, and perhaps it is no more used or regenerated if it missing ? Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Yum segmentation fault updating from 5.6 to 5.7
Le 15/09/2011 18:44, sebasti...@datafaber.net a écrit : You may be onto something, I've seen that the 5.6 base repo has the sqlite metadata store while the 5.7 base repo hasn't it. But the 20K sqlite file that yum generates on my boxes looks to have at least something related to sqlite inside it rather than the response from a 404 error: My (wild) guess would be that this file is corrupted but no more downloaded or regenerated, because it's only now a xml file that is now used. But when it exists, it is nevertheless read and crashes... Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Error in updating to 5.7
Hi all, I have a Dell server, CentOS 5.6 64 bits, on which I configured the CR repository. I just tried to update to 5.7, and had this error : # yum update http://mirror.centos.org/centos/5/cr/x86_64/repodata/filelists.sqlite.bz2: [Errno 14] HTTP Error 404: Not Found Trying other mirror. Error: failure: repodata/filelists.sqlite.bz2 from cr: [Errno 256] No more mirrors to try. You could try using --skip-broken to work around the problem You could try running: package-cleanup --problems package-cleanup --dupes rpm -Va --nofiles --nodigest The program package-cleanup is found in the yum-utils package. My repolist is this one : # yum repolist Loaded plugins: dellsysid, fastestmirror, refresh-updatesd Loading mirror speeds from cached hostfile * addons: distrib-coffee.ipsl.jussieu.fr * base: distrib-coffee.ipsl.jussieu.fr * epel: fr2.rpmfind.net * extras: centos.crazyfrogs.org * updates: centos.crazyfrogs.org repo id repo name status addonsCentOS-5 - Addons enabled:0 base CentOS-5 - Base enabled: 3535 crCentOS-5 - CR enabled: 573 dell-omsa-indep Dell OMSA repository - Hardware independent enabled: 719 dell-omsa-specificDell OMSA repository - Hardware specific enabled:2 epel Extra Packages for Enterprise Linux 5 - x86_64enabled: 6700 extrasCentOS-5 - Extras enabled: 233 updates CentOS-5 - Updatesenabled: 150 repolist: 11912 Other information : # cat /etc/redhat-release CentOS release 5.6 (Final) # uname -a Linux xxx 2.6.18-274.el5 #1 SMP Fri Jul 22 04:43:29 EDT 2011 x86_64 x86_64 x86_64 GNU/Linux Does anybody has an idea why I have this error ? Thanks for the help. -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Error in updating to 5.7
Le 14/09/2011 13:22, Always Learning a écrit : On Wed, 2011-09-14 at 13:14 +0200, Alain Péan wrote: I have a Dell server, CentOS 5.6 64 bits, on which I configured the CR repository. I just tried to update to 5.7, and had this error : # yum update http://mirror.centos.org/centos/5/cr/x86_64/repodata/filelists.sqlite.bz2: [Errno 14] HTTP Error 404: Not Found I do not know the answer. However please try yum clean all then try yum update Regards, Paul, England, EU. Hi Paul, Indeed, yum clean all fixed the error. Yum update completed without error. xulrunner.x86_64 0:1.9.2.22-1.el5_7 yum.noarch 0:3.2.22-37.el5.centos zlib.i386 0:1.2.3-4.el5 zlib.x86_64 0:1.2.3-4.el5 zlib-devel.i386 0:1.2.3-4.el5 zlib-devel.x86_64 0:1.2.3-4.el5 Complete! # cat /etc/redhat-release CentOS release 5.7 (Final) I must say I wondered how the yum update will deal with the CR updates, and if the error was related to this, but it seems that everything is OK now. Thanks. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] C6 continuous release repo
Le 12/09/2011 19:17, James B. Byrne a écrit : On Mon Sep 12 10:44:45 EDT 2011, Morten Stevens mstevens at imt-systems.com wrote: On Mon, 12 Sep 2011 10:42:30 -0400 (EDT), James B. Byrne wrote: Where on the CentOS website does one find the CentOS-6 CR repo install package? I can find the one for CentOS-5 but not for 6. Currently there is no CentOS-6 CR repo. So, what happened with the below announcement? Or, did I misunderstand what was meant by: the c6 build is running now, we will have the cr stuff up for that today and get this into there as well. On Thu Sep 1 06:39:31 EDT 2011, Karanbir Singh mail-lists at karan.org wrote: Thanks Tom, On 09/01/2011 02:05 AM, Tom Lanyon wrote: For EL 4, 5, 6: https://rhn.redhat.com/errata/RHSA-2011-1245.html rpms for C5 are pushed into the 5.6/cr/ repo; the c6 build is running now, we will have the cr stuff up for that today and get this into there as well. Unless Tru gets to it before me, I'll get the c4 builds out as well in a bit. - KB Yes, it was annouced, but it was not done, unfortunately. More than one week ago, Karanbir said he will be working on this during the week-end but still nothing. At this time, until the release of CentOS 6.1 or 6.0 CR, I think it is not advisable to install CentOS 6.0 for serious use (no security or bug fixes). If you need 6.0, and you don't want to pay RHEL subcription or other (Oracle...), you can try Scientific Linux. 6.0 and 6.1 have been released, and there are updates. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Cannot start SSH at boot
Le 01/09/2011 16:24, Dotan Cohen a écrit : Turns out that this install boots to runlevel 5. I didn't install it, so I don't know why. But now that I've identified that, giving the proper command [1] fixed the issue. Thanks. [1] chkconfig --level 5 sshd on I verified on CentOS 4 and 5, and SL6 servers, and they are all running on runlevel 5. I think it is the default runlevel for graphics interface (Gnome, KDE...). Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Does anyone know if I can reconfigure a PERC H700 without rebooting?
Le 22/08/2011 12:27, Fajar Priyanto a écrit : How did you add the spare drives in the first place? Need a reboot that time? I assume that the hard drives are hot pluggable, but the point is to add them to the Perc Raid volume group. I doubt it is possible without a reboot, but you it should be asked to Linux-PowerEdge mailing list... Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] centos6 xen
Le 28/07/2011 13:27, Tom H a écrit : On Thu, Jul 28, 2011 at 6:31 AM, Rudi Ahlersr...@softdux.com wrote: On Thu, Jul 28, 2011 at 11:23 AM, Peter Peltonen peter.pelto...@gmail.com wrote: On Thu, Jul 28, 2011 at 11:56 AM, John R. Dennisonj...@gerdesas.com wrote: On Thu, Jul 28, 2011 at 10:53:23AM +0200, Juergen Gotteswinter wrote: i think i am not the only one who wants to stay with with xen :) Far from it. Xen still has a place as a dom0. What are the reasons for people staying with Xen as dom0, just the learning curve? Or are there some technical considerations as well? KVM is not as mature as XEN. yet? And if you want to use a so called Enterprise Operating System like CentOS, then you'd probably expect a stable and enterprise grade virtualization kernel as well. KVM, IMO (and others as well ) is not enterprise ready yet. I'd edit what you've said in two ways. 1. The tools to manage KVM aren't as mature as the tools to manage Xen. 2. A so-called Enterprise Operating System like RHEL. IMO, KVM in itself is not the problem, it is the lack of management solutions as mature as Vmware or XenServer, and lack of (other) Enterprise support, yet (for example ESXi is supported by Dell and others). Libvirt, in my opinion, and others, is not an Enterprise grade solution. I am using KVM in a production environnement, for windows (2003 R2, 2008 R2), and Linux (Ubuntu, CentOS...). I don't see much difference with ESXi with the same kind of VMs (I never used Xen). But I am not using KVM with CentOS (or Red Hat), but under Debian, with Proxmox-ve. In the spirit of ESXi, it is a bare metal installer, which configure everything (bridge, LVM for snapshots, web interface management). I would not say it is as well known or mature as Vmware, but it fills my needs. The most interesting thing for me is the web management interface, which is very clear, permits to create or modify a VM, backup it, add a new storage, live migrate the VM (with shared storage), so it is a very convenient management solution, available from whatever system you want. Only a web browser supporting javascrip is needed, this is rather common these days... And the most important point for me is that KVM is included in mainline kernel, that is available under every linux distribution (RHEL, Ubuntu, Debian, Suse, etc...), and will remain free source (GPL). So, if Proxmox-ve disappears, I can rather easily migrate to another solution. The other important point is that behind, it is standard Linux, not close as Vmware, so you can access eveything, add the package you want very easily. One reason why RedHat discarded Xen was it was not included in the mainline kernel, so was difficult to maintain. You see, you have to compile your own kernel, that will not be supported upstream... I am waiting to see the free (source) Java (so Linux) version of RHEVM, but I saw nothing appear yet, and I fear it will not be as handy Proxmox-ve Web interface and solution is, and not so open... My two cents. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] fyi: RHEL 5.7 is out
Le 21/07/2011 14:45, Always Learning a écrit : On Thu, 2011-07-21 at 11:11 +0200, Rainer Traut wrote: it seems redhat has just pushed RHEL 5.7 out. I see amoung others: kernel-2.6.18-274.el5.x86_64.rpm redhat-release-5Server-5.7.0.3.x86_64.rpm Thanks Rainer. The dilemma is whether to upgrade from 5.6 to 6.1 or stay with 5.x as more 5.x versions (5.8, 5.9, 5.10 etc. might be possible). For me the only negative aspect of 5.x is old kernel 2.6.18 whereas 6.x is 2.6.32? The dilemna is for the CentOS developper team. Following the decision last January, it would be natural that the priority would be to release 5.7, as there are millions of existing systems needing to be updated, rather than releasing 6.1, where very few systems are already in production, and 6.1 updates are backported to 6.0. So I fear that 6.1 will be postponed... Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: Linus Torvalds delays Linux 3.0 launch due to a subtle bug (fwd)
Le 21/07/2011 14:13, John R. Dennison a écrit : On Thu, Jul 21, 2011 at 01:05:25PM +0100, Keith Roberts wrote: Kernel news :) For a kernel that will never be in CentOS-4, CentOS-5 or CentOS-6. But a lot of features of future kernels will be backported in CentOS 6 2.6.32, see CentOS 5.x and 2.6.18... Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: Linus Torvalds delays Linux 3.0 launch due to a subtle bug (fwd)
Le 21/07/2011 14:36, John R. Dennison a écrit : How about this list return to _CentOS_ _specific_ discussions? John I agree it is not, but I was answering on the fact that (part of it) will never been included in CentOS 6. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] fyi: RHEL 5.7 is out
Le 21/07/2011 14:47, Eric Viseur a écrit : Granted CentOS 4 continued getting updates while CentOS 5 was out, I guess we can hope this will continue with CentOS 5 getting updates while CentOS 6 is now out. There were two versions of RHEL that were supported, 4.x and 5.x. For a short time, there are three (4.x, 5.x and 6.x). But in February 2012, 4.x support will end, and there will again only two versiosn to support. I don't know if there will another 4.x (4.10) release after 4.9. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-virt] virtio-win for c6?
Hi Rainer, Le 11/07/2011 10:08, Rainer Traut a écrit : Hi there, I know it's in the supplementary channel and there is no srpm to rebuild windows drivers. But are these drivers anywhere available so that I can use them without a rhn subscription? Yes, you can find the virtio-win drivers on fedora site : http://alt.fedoraproject.org/pub/alt/virtio-win/latest/ The latest divers are signed by RedHat. You can use them without subscription. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] virtio-win for c6?
Le 11/07/2011 12:21, Rainer Traut a écrit : Thx Alain, Am 11.07.2011 10:24, schrieb Alain Péan: Yes, you can find the virtio-win drivers on fedora site : http://alt.fedoraproject.org/pub/alt/virtio-win/latest/ The latest divers are signed by RedHat. You can use them without subscription. I found two files in latest dir, one iso and one - I guess - floppy image. The foppy image contains older drivers than what rh currently ships in EL6 while the iso has newer drivers. I'd go with the newer ones, but... Are these drivers said to be compatible with the el6/c6 kvm stuff? I guess so, but just to be sure. And on the iso I cannot find a win2003 dir: drwxrwxrwx 4 tr tr 2048 4. Apr 10:53 Vista drwxrwxrwx 4 tr tr 2048 4. Apr 10:54 Win7 drwxrwxrwx 4 tr tr 2048 4. Apr 10:54 Wlh drwxrwxrwx 4 tr tr 2048 4. Apr 10:54 Wnet drwxrwxrwx 3 tr tr 2048 4. Apr 10:54 WXp drwxrwxrwx 4 tr tr 2048 4. Apr 10:53 XP Which dir might be the right one for w2k3? Thx Rainer In fact, these drivers are not especially for el6/c6, but for KVM, in general. I use them with KVM 0.14, with windoxs 2003R2, 2008 and 2008 R2, and they work fine (on Proxmox,, based on Debian...) . On the iso, I use the virtio-net drivers from 'Vista' for 2008 R2 and from win7 for viostor (virtio disk). Fedora does not supply officially drivers for server versions of windows, but in fact Vista, 7 or XP (for 2003) works fine with 2008 R2... Just try, you can come back to non virtio drivers (e1000) if something looks wrong... Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] virtio-win for c6?
Le 11/07/2011 14:30, Drew a écrit : drwxrwxrwx 4 tr tr 2048 4. Apr 10:53 Vista drwxrwxrwx 4 tr tr 2048 4. Apr 10:54 Win7 drwxrwxrwx 4 tr tr 2048 4. Apr 10:54 Wlh drwxrwxrwx 4 tr tr 2048 4. Apr 10:54 Wnet drwxrwxrwx 3 tr tr 2048 4. Apr 10:54 WXp drwxrwxrwx 4 tr tr 2048 4. Apr 10:53 XP Which dir might be the right one for w2k3? YMMV, but the the server desktop relations are thus: XP- Server 2003(r2) Vista- Server 2008 Win7- Server 2008r2 That information I gathered from reading M$ documentation from several sources online and in print. In fact, in my experience, it is not so clear. For 2008 R2, I was able to find the virtio net drivers only under Vista... But viostor was only available under win7, and not under Vista... Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS] make install?
Le 11/07/2011 14:33, Always Learning a écrit : On Mon, 2011-07-11 at 16:59 +0430, hadi motamedi wrote: On 7/11/11, Anthony Newmancen...@antiphase.net wrote: You mistyped 'yum install octave' Thank you for your reply. But I got its *.tar.gz package and tried from it. Do you mean '#yum install octave' is all sufficient to install it? Please confirm. No # prefix. Just type: yum install octave Did you verify ? I just did a 'yum info octave' on one of my CentOS 5.6 machine, and there it is what I get : Name : octave Arch : x86_64 Epoch : 6 Version: 3.0.5 Release: 1.el5 Size : 12 M Repo : epel Summary: A high-level language for numerical computations So, octave is not available from base repo, but only through an additional repository, EPEL in this case. As said by John Doe, for hadi, if installing from source and getting thesse make errors, you have to verify if there is any correct Makefile inside the directory from where you type 'make'. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Updates... What? already?
Le 11/07/2011 21:50, Mark Weaver a écrit : Just had a good laugh. I'm sitting here at my desk working with my laptop sitting off to the side; I've just loaded C6 this morning and as I understand it C6 _just_ finished syncing on the mirrors over the weekend. I look up from an email I'm composing to see the updates alert being displayed. I won't repeat what first entered my head, but I couldn't help but laugh and think, How the hell can there be updates already for an OS that just got released? Because 6.0 is in fact 8 months old (from RHEL 6.0 release). I don't think CenrOS team included the updates in the isos they released... And with rolling updates, you should find also updates backported from 6.1... Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] php 5.1.6 vulnerability in CentosPlus repo
Le 03/07/2011 10:28, Spike Turner a écrit : --- On Sat, 2/7/11, John R. Dennisonj...@gerdesas.com wrote: That's not been supported in, literally, ages. You may want to consider a yum update once in a while. And yes, that specific version has multiple known and exploitable security issues. John I'm running it on an internal box not accessible from the internet. I do run a yum update and that seems to be the latest CentOS Plus version. http://mirror.centos.org/centos/4/centosplus/i386/RPMS/ You can see that the kernels are updated but the php is not, so I don't see why you said I should consider running a yum update once in a while. Hi Spike, I agree. Here is what I have on a CentOS 5.6 machine : ]# yum info php Available Packages Name : php Arch : x86_64 Version: 5.1.6 Release: 27.el5_5.3 Size : 2.3 M Repo : base So 5.1.6 is the current package on CentOS, at least in base repo, I don't know for CentOSPlus, and your question is totally valid. I am not using PHP, so I am not aware of the last vulnerabilities, but you should know that RedHat backports security fixes, and features, from further releases, so the version number is not that informative. See for example this rather old thread (2010) : http://forums.whirlpool.net.au/archive/1424743 Hopes that helps... Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ext4 in CentOS 5.6?
Le 24/06/2011 03:44, Marian Marinov a écrit : On Friday 24 June 2011 04:34:20 Smithies, Russell wrote: We have a single 27TB partition (35 x 1TB drives as RAID5+0 in an HP MDS600), just formatted it xfs and had no problems with it so far. It's used as scratch space so not too concerned about performance. --Russell I have compared the performance of both XFS and Ext4. And since I use those big machines for backups, for me the write performance was very important. XFS was almost twice slower. But lets leave XFS alone :) Ext4 is the way to go :) Marian I am using XFS on an HPC cluster, one single partition of 14 TB, with no problem so far. See this news on Phoronix. XFS is becoming cleaner and leaner. I am happy to use ext4 instead of ext3 on usual partitions, but XFS on big partitions seems to me still a good choice. Let's see what happens in the future. http://www.phoronix.com/scan.php?page=news_itempx=OTU4OA Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-virt] Recommendations, please
Le 22/06/2011 23:12, R P Herrold a écrit : On Thu, 23 Jun 2011, Pasi Kärkkäinen wrote: The problem with RHEL6/CentOS6 is that Redhat bought Qumranet (the KVM company) and decided to only ship KVM host support in RHEL6. RHEL6/CentOS6 runs as Xen VM though, so you can use RHEL5/CentOS5 Xen host (dom0) and run EL6 VMs on it. The sources that will become CentOS 6 will run xen.org virtualization as a dom0, and KVM may be excluded I am very surprised ot that affirmation. What of the binary compatibility of CentOS with RHEL ? It would be going in the opposite direction off Red Hat. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Recommendations, please
Le 23/06/2011 17:16, R P Herrold a écrit : I did not say the CentOS project was ** going to ship ** xen; I said: The sources that will become CentOS 6 ** will run ** xen.org virtualization as a dom0, and KVM ** may be ** excluded CentOS proper at the 6 level will ship KVM as that tracks the upstream, warts and all I must say that the meaning of your message is not clear for me. What is the difference for you between The sources that will become CentOS 6, and CentOS proper ? What do you have in mind ? Why KVM may be excluded ? Regards, Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Recommendations, please
Le 23/06/2011 17:49, R P Herrold a écrit : On Thu, 23 Jun 2011, Alain Péan wrote: I must say that the meaning of your message is not clear for me. What is the difference for you between The sources that will become CentOS 6, and CentOS proper ? What do you have in mind ? Why KVM may be excluded ? for reasons out of scope here, CentOS 6 has not formally issued. Thus I must speak of the 'sources that will become' CentOS 6, as there is no binary CentOS 6 yet That said, I have been running private rebuilds of '[t]he sources that will become CentOS 6' at a virtual and colo hosting facility for which I admin, http://www.pmman.com/ As part of that work (related to KVM hardware minimum requirements, compatability with certain local libvirt based tools, and performance of KVM vs. xen), I and other techs have set up and run 'xen.org virtualization' to power the backend dom0's As such, we have working installations that demonstrate that a person may CHOOSE to fork from CentOS's prospective KVM virtualization providing mechanism (that is, may choose to NOT use KVM), and rather one might instead use xen.org based tools Yes ... I agree, English can be a unruly language to parse certain conditional constructs Hi Russ, Thanks for your explanations. I agree that a personal rebuild of CentOS source may choose a Xen kernel instead of upstream kernel, and tools associated with this. I must add that, due to the fact Dom0 has been included in recent Kernel 3.0 tree, it will certainly be possible in future releases of RHEL, then CentOS, to choose either Xen or KVM as virtualization solution. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Recommendations, please
Le 23/06/2011 18:04, Manuel Wolfshant a écrit : I'll give you my reasons : - existing infra, setup and knowledge - RH gave up promoting xen because it was acquired by a competitor, not because it was not good ( or worse ) than kvm I think there was another very good reason why Red Hat chose KVM instead of Xen : the fact that Xen was not included in mainstream kernel. It was painful to maintain a patched kernel for it. KVM is included in mainstream kernel since 2.6.20. I personnally chose KVM as virtualization solution because I know it is in fact available in every Linux distribution. So if one fails, you can choose another, free, solution. But with 3.0 kernel, it will perhaps also become true for Xen... Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Reading the new 6.0 manual - now questions
Hi Steve, Le 17/06/2011 17:22, Steve Campbell a écrit : Firstly, it occurred to me that Centos 6 might not provide the virtualization rpms like it did with Centos 5. RH makes this an add-on to their license. Does anyone know if the upcoming Centos 6 will provide the virtualization packages (right away or in the future)? I installed SL 6.0 on one of my machines, and indeed it provides KVM (Description in French): # yum groupinfo virtualization Loaded plugins: refresh-packagekit Setting up Group Process epel/group_gz | 201 kB 00:00 Group: Virtualisation Description: Fournit un environnement afin d'héberger des clients virtuels. Mandatory Packages: qemu-kvm Optional Packages: qemu-kvm-tools I think CentOS will do the same for 6.0. Secondly, I'm not sure I understand the CPU allocation stuff. If I have 6 cores, it appears I can only create VMs that use 6 cores total. Using the GUI for creating a new VM will provide me with a max number I can allocate. Does this mean that I can allocate, for example, 3 VMs that use 2 cores each and never be able to create any other new VMs or does this mean I can create as many VMs as I want but only start VMs that use the max total cores or less? You can assign multiple VMs to one CPU. For example, you can have a hostmachine with dual-CPUs quadcore, and have 15 VMs or more installed on it, and some of them assigned with two cores or more. It is only more threads on a core. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS] Vim scripting - cursor motion
Le 11/06/2011 17:56, Les Mikesell a écrit : On 6/11/11 4:03 AM, Jussi Hirvi wrote: So this was my first-ever vim script. So far I am not convinced about vim scripting (ok, I was warned, too)... Test cycle is slow (modify script, quit the realfile, open realfile again with vim -s script). Verbal error messages would be useful. There is supposed to be integrated debugger. I would like to know more. I'd still recommend learning to do it in perl as being likely faster and more generally useful, especially if the sql db you mentioned can be accessed directly. The regeps will be approximately the same and it is easy to find perl example code for DBI operations and manipulating files. And unlike working in shell/awk/editors, you very seldom find an operation that perl can't do itself so it often ends up simpler than the shell wrapper you need for other tools. I hope not to begin a flame war, but I would recommend Python. It can do the same things as Perl (regexp ansd so on), but is easier and faster to learn, and the code is also much more readeable... Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Vim scripting - cursor motion
Le 11/06/2011 18:22, Les Mikesell a écrit : On 6/11/11 11:08 AM, Alain Péan wrote: So this was my first-ever vim script. So far I am not convinced about vim scripting (ok, I was warned, too)... Test cycle is slow (modify script, quit the realfile, open realfile again with vim -s script). Verbal error messages would be useful. There is supposed to be integrated debugger. I would like to know more. I'd still recommend learning to do it in perl as being likely faster and more generally useful, especially if the sql db you mentioned can be accessed directly. The regeps will be approximately the same and it is easy to find perl example code for DBI operations and manipulating files. And unlike working in shell/awk/editors, you very seldom find an operation that perl can't do itself so it often ends up simpler than the shell wrapper you need for other tools. I hope not to begin a flame war, but I would recommend Python. It can do the same things as Perl (regexp ansd so on), but is easier and faster to learn, and the code is also much more readeable... There is sort-of a tradeoff in the syntax choices between the languages. Perl is easier to write because it is flexible and you can use a syntax that resembles something you already know (shell/c/awk) with simple changes. That makes other peoples perl less readable, but not your own. The other win for perl is that any operation that would take more than a page of code that you are likely to want to do has almost certainly already been done and is available as a module on CPAN (and possibly packaged as an rpm). Does python have anything to match that yet? How many database types can it access with available modules? Perl's DBI/DBD connector list is pretty large. Here it is. It seems to me rather large, even if I don't know the equivalent list for Perl : http://wiki.python.org/moin/DatabaseInterfaces There are also a very large number of Python modules available, and tools to easily install them, for example there : http://pypi.python.org/pypi Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] KVM vs ESXi
Le 19/05/2011 13:27, Lars Hecking a écrit : KVM is meant to be much closer to bare metal performance but doesn't have (at the moment) the all inclusive, easily managed from one console, turnkey solution to massive virtual installs at the datacentre level. If you need to be able to remotely provision VMs and move them whilst live from one centre to another whilst upscaling them then you will probably need to go with vmware. If you have got the Mike, Are you familiar with any of the tools listed here http://www.linux-kvm.org/page/Management_Tools e.g. Proxmox, ConVirt, OpenNebula, Ganeti, openQRM? Comments? Hi Lars, I am using Proxmox. It is based on Debian. It is a bare metal installer, like ESX. You manage your VMs from a web interface. You can live migrate your VMs from one node to another if you use a central storage or DRDB. The bare metal installer takes care of all the initial configuration (bridge, LVM for snapshot...). I wait to see what will do RHEVM, but at this time, I am not aware of such a convenient solution under RHEL/CentOS... Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] EL 6 rollout strategies? (Scientific Linux)
Le 09/05/2011 18:36, Benjamin Smith a écrit : On Saturday, May 07, 2011 11:52:21 AM Ljubomir Ljubojevic wrote: in-place upgrade of C5 to C6 will be most likely impossible. To many changes of how thing work. Thankfully, the only in-place upgrades I'll really consider is to cross-grade SL6 to C6. I've started testing with SL6 and will happily report to everyone how the cross-grade goes as soon as C6 is out! -Ben Hi, The problem is that when C6.0 will be released, it is likely that RHEL 6.1 will be already released. So there will be no security updates for C6.0, and it will be better to stay under SL6, until the release of C6.1. I already installed three machines under SL6, and it works fine. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kerberos/LDAP authentication no more working in 5.6 ?
Le 13/04/2011 11:35, John Hodrien a écrit : On Tue, 12 Apr 2011, Alain Péan wrote: Le 12/04/2011 22:03, John Hodrien a écrit : On Tue, 12 Apr 2011, Alain Péan wrote: Indeed, nothing fails now. I want my users to authenticate against Active directory, and it works, and I would like them to be able to use their kerberos credentials, if they need, to access domain ressources, as shares. But I have still to see a problem there.. Thanks again for your help and your comments ! So is it all working after taking out the ldap auth? With it in you'll not be generating kerberos tickets if there's anything wrong with your kerberos setup. jh No, you are right, things do not work as I expect. When I disable ldapauth, I cannot authenticate. So kerberos is not working. I have kerberos error messages with samba when I try to join AD domain with net ads join. But net rpc join succeeds. # net ads join -U pean -d3 [2011/04/12 22:19:45.797972, 3] libads/sasl.c:790(ads_sasl_spnego_bind) ads_sasl_spnego_bind: got server principal name = pc-2003-test$@TEST-LPP.LOCAL [2011/04/12 22:19:45.798331, 3] libsmb/clikrb5.c:698(ads_krb5_mk_req) ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache found) [2011/04/12 22:19:45.811493, 1] libsmb/clikrb5.c:710(ads_krb5_mk_req) ads_krb5_mk_req: smb_krb5_get_credentials failed for pc-2003-test$@TEST-LPP.LOCAL (Cannot find ticket for requested realm) Why 'no credential cache found' ? I would like to solve this annoying problem. Why it is no more working after upgrading to 5.6 ? I'm afraid you've cooked my brain with all the realms you've mentioned, so I'm not entirely clear what's going on. It's complaining about your kdc. Is pc-2003-test the KDC for the TEST-LPP.LOCAL realm, or is it KDC for the LAB-LPP.LOCAL realm? Is its FQDN pc-2003-test.test-lpp.local? Without worrying about the join, does 'kinit username' work? jh Hi John, There are only two realms I mentionned, LAB-LPP.LOCAL, and TEST-LPP.LOCAL. I am currently doing test with the latter, and indeed, pc-2003-test is the AD DC, so the KDC for TEST-LPP.LOCAL. The fdqn is also pc-2003-test.test-lpp.local. 'kinit username' works, [root@centos-test etc]# kinit pean Password for pean@TEST-LPP.LOCAL: [root@centos-test etc]# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: pean@TEST-LPP.LOCAL Valid starting ExpiresService principal 04/13/11 11:41:09 04/13/11 18:21:09 krbtgt/TEST-LPP.LOCAL@TEST-LPP.LOCAL Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached But nevertheless, it is asking for password when I issue the 'net ads join -U pean' command... As you understood, my KDC server is a windows 2003 R2 Active directory server. I don't understand where it is looking for the credentials. I tried to create the krb5.keytab with ktpass on the windows server, and replace the one on the centos-test, but it does not work either. There is something, perhaps obvious, I miss. I also tried with 'validate = true' in /etc/krb5.conf, but with no success. I found also that there is a 'krb5.conf.TEST-LPP' file in /var/lib/samba/smb_krb5, and this one is certainly used by samba (I replaced old version with samba3x, 3.5.4, and put 'kerberos method = secrets and keytab', instead of 'use kerberos keytab = true' that I used previously. I don't know if you have, or anyone else, an idea ? Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kerberos/LDAP authentication no more working in 5.6 ?
Le 13/04/2011 12:03, John Hodrien a écrit : On Wed, 13 Apr 2011, Alain Péan wrote: Hi John, There are only two realms I mentionned, LAB-LPP.LOCAL, and TEST-LPP.LOCAL. I am currently doing test with the latter, and indeed, pc-2003-test is the AD DC, so the KDC for TEST-LPP.LOCAL. The fdqn is also pc-2003-test.test-lpp.local. 'kinit username' works, [root@centos-test etc]# kinit pean Password for pean@TEST-LPP.LOCAL: [root@centos-test etc]# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: pean@TEST-LPP.LOCAL Valid starting ExpiresService principal 04/13/11 11:41:09 04/13/11 18:21:09 krbtgt/TEST-LPP.LOCAL@TEST-LPP.LOCAL Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached But nevertheless, it is asking for password when I issue the 'net ads join -U pean' command... As you understood, my KDC server is a windows 2003 R2 Active directory server. I don't understand where it is looking for the credentials. I tried to create the krb5.keytab with ktpass on the windows server, and replace the one on the centos-test, but it does not work either. There is something, perhaps obvious, I miss. I also tried with 'validate = true' in /etc/krb5.conf, but with no success. Have you tried with validate = false? I'd expect that to work, but it's not what you want to be doing long term. I just tried, before reading your answer, and indeed, it works ! I can now connect without ldap, only kerberos in system-auth-ac (/etc/pam.d). I found also that there is a 'krb5.conf.TEST-LPP' file in /var/lib/samba/smb_krb5, and this one is certainly used by samba (I replaced old version with samba3x, 3.5.4, and put 'kerberos method = secrets and keytab', instead of 'use kerberos keytab = true' that I used previously. Does that config file conflict in any way with the system krb5.conf? No, it is the newer syntax of 3.5.4, it's all. I don't know if you have, or anyone else, an idea ? Ah, I'm using samba-common-3.0.33 for the join not samba3x, so there's possibly some subtle differences. No, it was the same with 3.0.33. I only tried with 3.5.4, when I saw that it failed with the previous version. The join is reliant on /etc/samba/smb.conf (and presumably that krb5.conf.TEST-LPP) though, so you'd need to double check that's all correct. I'll try know, with the change in /etc/krb5.conf (validate = false), if it works now. Thanks for your help ! Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kerberos/LDAP authentication no more working in 5.6 ?
Le 13/04/2011 14:05, John Hodrien a écrit :
On Wed, 13 Apr 2011, Alain Péan wrote:
I'll try know, with the change in /etc/krb5.conf (validate = false), if
it works now.
It won't (or at least it shouldn't). Validate is essential as it
confirms
that the KDC providing the TGT to the user is the same KDC that you
registered
with when you joined the domain. If you don't have that check, I
believe it's
hideously insecure.
You are right. It fails...
But the samba join is affected by many things. /etc/hosts,
/etc/krb5.conf,
/etc/samba/smb.conf are all well worth double checking for correctness.
So you've still got problems that need sorting. If validate doesn't
work,
then there are keytab issues. The keytab only needs to contain a valid
principal for the domain, it doesn't even need to be a credential for
that
machine. Normally it *would* be for that machine, since you'd
generate it
through a 'net ads join' with an appropriate smb.conf.
Here are the appropriate files, enough simple :
# cat /etc/samba/smb.conf
# Test domaine test-lpp
# Global Parameters
[global]
workgroup = TEST-LPP
netbios name = centos-test
server string = Samba Server %v
security = ads
realm = TEST-LPP.LOCAL
#use kerberos keytab = true
kerberos method = secrets and keytab
passdb backend = tdbsam
password server = *
encrypt passwords = true
client use spnego = no
load printers = yes
printing = cups
printcap name = cups
admin users = pean
# Partages
[homes]
comment = Home Directories
read only = no
browseable = no
(samba3x, 3.5.4). I added passdb backend = tdbsam following the original
smb.conf file, but I don't know if this is necessary. It was not there
previously.
# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
134.x1.y1.z1 centos-test.test-lpp.local centos-test
# Serveur de domaine test-lpp.local
134.x2.y2.z2 pc-2003-test.test-lpp.localpc-2003-test
134.x3.y3.z3 dc1-test.test-lpp.localdc1-test
# cat /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5lib.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
ticket_lifetime = 24000
default_realm = TEST-LPP.LOCAL
default_tk_enctypes = des3-hmac-sha1 des-cbc-crc
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
dns_lookup_realm = true
dns_lookup_kdc = true
[realms]
TEST-LPP.LOCAL = {
kdc = pc-2003-test.test-lpp.local:88
kdc = dc1-test.test-lpp.local:88
#admin_server = pc-2003-test.test-lpp.local:749
default_domain = TEST-LPP.LOCAL
kpasswd_server = pc-2003-test.test-lpp.local
kdc = *
}
[domain_realm]
.test-lpp.local = TEST-LPP.LOCAL
test-lpp.local = TEST-LPP.LOCAL
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
validate = false
}
If you see something wrong, let me know !
The resolv.conf file contains the name of the domain (search
test-lpp.local), and the addresses of the AD servers of this domain, and
only them... selinux and iptables are disabled
Alain
--
==
Alain Péan - LPP/CNRS
Administrateur Système/Réseau
Laboratoire de Physique des Plasmas - UMR 7648
Observatoire de Saint-Maur
4, av de Neptune, Bat. A
94100 Saint-Maur des Fossés
Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33
==
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 40TB File System Recommendations
Le 12/04/2011 09:23, Matthew Feinberg a écrit : Hello All I have a brand spanking new 40TB Hardware Raid6 array to play around with. I am looking for recommendations for which filesystem to use. I am trying not to break this up into multiple file systems as we are going to use it for backups. Other factors is performance and reliability. CentOS 5.6 array is /dev/sdb So here is what I have tried so far reiserfs is limited to 16TB ext4 does not seem to be fully baked in 5.6 yet. parted 1.8 does not support creating ext4 (strange) Anyone work with large filesystems like this that have any suggestions/recommendations? Hi Matthew, I would go for xfs, which is now supported in CentOS. This is what I use for a 16 TB storage, with CentOS 5.3 (Rocks Cluster), and it woks fine. No problem with lengthy fsck, as with ext3 (which does not support such capacities). I did not try yet ext4... Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kerberos/LDAP authentication no more working in 5.6 ?
Le 12/04/2011 13:46, John Hodrien a écrit :
On Sun, 10 Apr 2011, Alain Péan wrote:
After further verification, it seems to be related to ticket granting.
Here is what I have in /var/log/messages :
su: pam_krb5[7200]: TGT failed verification using keytab and key for
'host/bardeen.lab-lpp.local@LAB-LPP.LOCAL': Cannot find ticket for
requested realm
I've yet to do a full upgrade to 5.6, but I have upgraded pam_krb5 to
peek at
this, and it works fine for me (tested against 2003 and 2008 DCs).
Contents of your /etc/krb5.conf and the output of 'klist -ke' could be
instructive.
jh
Hi John,
Thnks for your answer. Here are the content of /etc/krb5.conf and klist
-ke. I agree that there can be siomething missing, that was working
before...
]# cat /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5lib.log
[libdefaults]
ticket_lifetime = 24000
default_realm = LAB-LPP.LOCAL
default_tk_enctypes = des3-hmac-sha1 des-cbc-crc
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
dns_lookup_realm = true
dns_lookup_kdc = true
[realms]
LAB-LPP.LOCAL = {
kdc = pc-lpp1.lab-lpp.local:88
kdc = pc-lpp2.lab-lpp.local:88
kdc = pc-lpp3.lab-lpp.local:88
kdc = pc-lpp4.lab-lpp.local:88
kdc = pc-lppx.lab-lpp.local:88
admin_server = pc-lpp1.lab-lpp.local:749
default_domain = LAB-LPP.LOCAL
}
[domain_realm]
.lab-lpp.local = LAB-LPP.LOCAL
lab-lpp.local = LAB-LPP.LOCAL
and :
]# klist -ke
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
--
2 HOST/centos-test.test-lpp.local@TEST-LPP.LOCAL (DES cbc mode with
CRC-32)
2 host/centos-test.test-lpp.local@TEST-LPP.LOCAL (DES cbc mode with
CRC-32)
2 host/centos-test.test-lpp.local@TEST-LPP.LOCAL (DES cbc mode with
RSA-MD5)
2 host/centos-test.test-lpp.local@TEST-LPP.LOCAL (ArcFour with HMAC/md5)
2 host/centos-test@TEST-LPP.LOCAL (DES cbc mode with CRC-32)
2 host/centos-test@TEST-LPP.LOCAL (DES cbc mode with RSA-MD5)
2 host/centos-test@TEST-LPP.LOCAL (ArcFour with HMAC/md5)
2 CENTOS-TEST$@TEST-LPP.LOCAL (DES cbc mode with CRC-32)
2 CENTOS-TEST$@TEST-LPP.LOCAL (DES cbc mode with RSA-MD5)
2 CENTOS-TEST$@TEST-LPP.LOCAL (ArcFour with HMAC/md5)
2 HOST/centos-test.test-lpp.local@TEST-LPP.LOCAL (DES cbc mode with
RSA-MD5)
2 HOST/centos-test.test-lpp.local@TEST-LPP.LOCAL (ArcFour with HMAC/md5)
2 HOST/centos-test@TEST-LPP.LOCAL (DES cbc mode with CRC-32)
2 HOST/centos-test@TEST-LPP.LOCAL (DES cbc mode with RSA-MD5)
2 HOST/centos-test@TEST-LPP.LOCAL (ArcFour with HMAC/md5)
It is a local domain because it spans multiple real DNS domains.
Alain
--
==
Alain Péan - LPP/CNRS
Administrateur Système/Réseau
Laboratoire de Physique des Plasmas - UMR 7648
Observatoire de Saint-Maur
4, av de Neptune, Bat. A
94100 Saint-Maur des Fossés
Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33
==
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kerberos/LDAP authentication no more working in 5.6 ?
Le 12/04/2011 14:35, Alain Péan a écrit :
Le 12/04/2011 13:46, John Hodrien a écrit :
On Sun, 10 Apr 2011, Alain Péan wrote:
After further verification, it seems to be related to ticket granting.
Here is what I have in /var/log/messages :
su: pam_krb5[7200]: TGT failed verification using keytab and key for
'host/bardeen.lab-lpp.local@LAB-LPP.LOCAL': Cannot find ticket for
requested realm
I've yet to do a full upgrade to 5.6, but I have upgraded pam_krb5 to
peek at
this, and it works fine for me (tested against 2003 and 2008 DCs).
Contents of your /etc/krb5.conf and the output of 'klist -ke' could be
instructive.
jh
Hi John,
Thnks for your answer. Here are the content of /etc/krb5.conf and klist
-ke. I agree that there can be siomething missing, that was working
before...
]# cat /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5lib.log
[libdefaults]
ticket_lifetime = 24000
default_realm = LAB-LPP.LOCAL
default_tk_enctypes = des3-hmac-sha1 des-cbc-crc
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
dns_lookup_realm = true
dns_lookup_kdc = true
[realms]
LAB-LPP.LOCAL = {
kdc = pc-lpp1.lab-lpp.local:88
kdc = pc-lpp2.lab-lpp.local:88
kdc = pc-lpp3.lab-lpp.local:88
kdc = pc-lpp4.lab-lpp.local:88
kdc = pc-lppx.lab-lpp.local:88
admin_server = pc-lpp1.lab-lpp.local:749
default_domain = LAB-LPP.LOCAL
}
[domain_realm]
.lab-lpp.local = LAB-LPP.LOCAL
lab-lpp.local = LAB-LPP.LOCAL
and :
]# klist -ke
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
--
2 HOST/centos-test.test-lpp.local@TEST-LPP.LOCAL (DES cbc mode with
CRC-32)
2 host/centos-test.test-lpp.local@TEST-LPP.LOCAL (DES cbc mode with
CRC-32)
2 host/centos-test.test-lpp.local@TEST-LPP.LOCAL (DES cbc mode with
RSA-MD5)
2 host/centos-test.test-lpp.local@TEST-LPP.LOCAL (ArcFour with HMAC/md5)
2 host/centos-test@TEST-LPP.LOCAL (DES cbc mode with CRC-32)
2 host/centos-test@TEST-LPP.LOCAL (DES cbc mode with RSA-MD5)
2 host/centos-test@TEST-LPP.LOCAL (ArcFour with HMAC/md5)
2 CENTOS-TEST$@TEST-LPP.LOCAL (DES cbc mode with CRC-32)
2 CENTOS-TEST$@TEST-LPP.LOCAL (DES cbc mode with RSA-MD5)
2 CENTOS-TEST$@TEST-LPP.LOCAL (ArcFour with HMAC/md5)
2 HOST/centos-test.test-lpp.local@TEST-LPP.LOCAL (DES cbc mode with
RSA-MD5)
2 HOST/centos-test.test-lpp.local@TEST-LPP.LOCAL (ArcFour with HMAC/md5)
2 HOST/centos-test@TEST-LPP.LOCAL (DES cbc mode with CRC-32)
2 HOST/centos-test@TEST-LPP.LOCAL (DES cbc mode with RSA-MD5)
2 HOST/centos-test@TEST-LPP.LOCAL (ArcFour with HMAC/md5)
It is a local domain because it spans multiple real DNS domains.
Alain
Sorrry, little error with the output of klit -ke, because I am testing
on a test AD domain at this moment. On the first machine, output is :
# klist -ke
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
--
2 host/appleton.lab-lpp.local@LAB-LPP.LOCAL (DES cbc mode with CRC-32)
2 host/appleton.lab-lpp.local@LAB-LPP.LOCAL (DES cbc mode with RSA-MD5)
2 host/appleton.lab-lpp.local@LAB-LPP.LOCAL (ArcFour with HMAC/md5)
2 host/appleton@LAB-LPP.LOCAL (DES cbc mode with CRC-32)
2 host/appleton@LAB-LPP.LOCAL (DES cbc mode with RSA-MD5)
2 host/appleton@LAB-LPP.LOCAL (ArcFour with HMAC/md5)
2 APPLETON$@LAB-LPP.LOCAL (DES cbc mode with CRC-32)
2 APPLETON$@LAB-LPP.LOCAL (DES cbc mode with RSA-MD5)
2 APPLETON$@LAB-LPP.LOCAL (ArcFour with HMAC/md5)
Alain
--
==
Alain Péan - LPP/CNRS
Administrateur Système/Réseau
Laboratoire de Physique des Plasmas - UMR 7648
Observatoire de Saint-Maur
4, av de Neptune, Bat. A
94100 Saint-Maur des Fossés
Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33
==
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kerberos/LDAP authentication no more working in 5.6 ?
Le 12/04/2011 16:28, John Hodrien a écrit :
On Tue, 12 Apr 2011, Alain Péan wrote:
Sorrry, little error with the output of klit -ke, because I am testing
on a test AD domain at this moment. On the first machine, output is :
# klist -ke
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
--
2 host/appleton.lab-lpp.local@LAB-LPP.LOCAL (DES cbc mode with
CRC-32)
2 host/appleton.lab-lpp.local@LAB-LPP.LOCAL (DES cbc mode with
RSA-MD5)
2 host/appleton.lab-lpp.local@LAB-LPP.LOCAL (ArcFour with HMAC/md5)
2 host/appleton@LAB-LPP.LOCAL (DES cbc mode with CRC-32)
2 host/appleton@LAB-LPP.LOCAL (DES cbc mode with RSA-MD5)
2 host/appleton@LAB-LPP.LOCAL (ArcFour with HMAC/md5)
2 APPLETON$@LAB-LPP.LOCAL (DES cbc mode with CRC-32)
2 APPLETON$@LAB-LPP.LOCAL (DES cbc mode with RSA-MD5)
2 APPLETON$@LAB-LPP.LOCAL (ArcFour with HMAC/md5)
You're still lightly mixing machines though, as your error before
referred to
'bardeen' not appleton. I'm not certain that I've seen a complete
picture
here.
I think disabling validate would still get you back to your old
behaviour, but
that there's something wrong with the keytabs on these machines.
jh
John,
Thanks for your hint. You are true that error message and 'klist -ke'
come from different servers.
In fact, I solved the problem using the authconfig command, but I wonder
if it is really correct, as I mixed kerberos and ldap. Here is the
authconfig command for my test domain :
# authconfig --enablekrb5
--krb5kdc=pc-2003-test.test-lpp.local,dc1-test.test-lpp.local
--krb5adminserver=pc-2003-test.test-lpp.local --krb5realm=TEST-LPP.LOCAL
--enablekrb5kdcdns --enablekrb5realmdns --enableldap --enableldapauth
--ldapserver=pc-2003-test.test-lpp.local,dc1-test.test-lpp.local
--ldapbasedn=dc=test-lpp,dc=local --enablemkhomedir --update
My /etc/krb5.conf is then the following :
]# cat /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5lib.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
ticket_lifetime = 24000
default_realm = TEST-LPP.LOCAL
default_tk_enctypes = des3-hmac-sha1 des-cbc-crc
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
dns_lookup_realm = true
dns_lookup_kdc = true
[realms]
TEST-LPP.LOCAL = {
kdc = pc-2003-test.test-lpp.local
kdc = dc1-test.test-lpp.local
admin_server = pc-2003-test.test-lpp.local
default_domain = TEST-LPP.LOCAL
kpasswd_server = pc-2003-test.test-lpp.local
kdc = *
}
[domain_realm]
.test-lpp.local = TEST-LPP.LOCAL
test-lpp.local = TEST-LPP.LOCAL
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
But both kerberos and ldap appear in /etc/pam.d/system-auth-ac :
# cat /etc/pam.d/system-auth-ac
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
authrequired pam_env.so
authsufficientpam_unix.so nullok try_first_pass
authrequisite pam_succeed_if.so uid = 500 quiet
authsufficientpam_krb5.so use_first_pass
authsufficientpam_ldap.so use_first_pass
authrequired pam_deny.so
account required pam_unix.so broken_shadow
account sufficientpam_succeed_if.so uid 500 quiet
account [default=bad success=ok user_unknown=ignore] pam_ldap.so
account [default=bad success=ok user_unknown=ignore] pam_krb5.so
account required pam_permit.so
passwordrequisite pam_cracklib.so retry=3
passwordsufficientpam_unix.so md5 shadow nullok try_first_pass
use_authtok
passwordsufficientpam_krb5.so use_authtok
passwordsufficientpam_ldap.so use_authtok
passwordrequired pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session optional pam_mkhomedir.so skel=/etc/skel/ umask=0022
session [success=1 default=ignore] pam_succeed_if.so service in
crond quiet use_uid
session required pam_unix.so
session optional pam_krb5.so
session optional pam_ldap.so
I tried to remove the lines with pam_ldap.so and adding in
/etc/krb5.conf, as you suggested :
[appdefaults]
pam = {
novalidate = true
}
But it failed.
With the authconfig configuration, I can authenticate against Active
Directory.
So, it works now, but I am not sure it is completly correct.
Thanks for your help !
Alain
--
==
Alain Péan - LPP/CNRS
Administrateur Système/Réseau
Laboratoire de Physique des Plasmas - UMR 7648
Observatoire de Saint-Maur
4, av de Neptune, Bat. A
94100 Saint-Maur des Fossés
Tel : 01-45-11-42-39 - Fax : 01
Re: [CentOS] Kerberos/LDAP authentication no more working in 5.6 ?
Le 12/04/2011 18:29, John Hodrien a écrit :
On Tue, 12 Apr 2011, Alain Péan wrote:
In fact, I solved the problem using the authconfig command, but I wonder
if it is really correct, as I mixed kerberos and ldap. Here is the
authconfig command for my test domain :
Using kerberos and ldap is a perfectly reasonable thing to want to do,
but you
need to be sure you're doing what you want.
# authconfig --enablekrb5
--krb5kdc=pc-2003-test.test-lpp.local,dc1-test.test-lpp.local
--krb5adminserver=pc-2003-test.test-lpp.local --krb5realm=TEST-LPP.LOCAL
--enablekrb5kdcdns --enablekrb5realmdns --enableldap --enableldapauth
--ldapserver=pc-2003-test.test-lpp.local,dc1-test.test-lpp.local
--ldapbasedn=dc=test-lpp,dc=local --enablemkhomedir --update
I'd have thought you want kerberos authentication and ldap user
information.
--enableldapauth I suspect is wrong. You've switched your kerberos
REALM from
the original file you mailed.
My /etc/krb5.conf is then the following :
]# cat /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5lib.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
ticket_lifetime = 24000
default_realm = TEST-LPP.LOCAL
default_tk_enctypes = des3-hmac-sha1 des-cbc-crc
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
dns_lookup_realm = true
dns_lookup_kdc = true
[realms]
TEST-LPP.LOCAL = {
kdc = pc-2003-test.test-lpp.local
kdc = dc1-test.test-lpp.local
admin_server = pc-2003-test.test-lpp.local
default_domain = TEST-LPP.LOCAL
kpasswd_server = pc-2003-test.test-lpp.local
kdc = *
}
[domain_realm]
.test-lpp.local = TEST-LPP.LOCAL
test-lpp.local = TEST-LPP.LOCAL
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
That now looks plausible given what you mailed for the keytab (i.e.
the realms
match now).
But both kerberos and ldap appear in /etc/pam.d/system-auth-ac :
That's because you enabled ldap auth. You probably don't want that.
I tried to remove the lines with pam_ldap.so and adding in
/etc/krb5.conf, as you suggested :
[appdefaults]
pam = {
novalidate = true
}
But it failed.
Assuming the keytab setup is the same is was before, you shouldn't
need to
bother with that. I think it should have been validate = false rather
than
novalidate = true, I'd misunderstood the manpage.
But if you leave that off, what fails now?
jh
Indeed, nothing fails now. I want my users to authenticate against
Active directory, and it works, and I would like them to be able to use
their kerberos credentials, if they need, to access domain ressources,
as shares. But I have still to see a problem there..
Thanks again for your help and your comments !
Alain
--
==
Alain Péan - LPP/CNRS
Administrateur Système/Réseau
Laboratoire de Physique des Plasmas - UMR 7648
Observatoire de Saint-Maur
4, av de Neptune, Bat. A
94100 Saint-Maur des Fossés
Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33
==
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kerberos/LDAP authentication no more working in 5.6 ?
Le 12/04/2011 22:03, John Hodrien a écrit : On Tue, 12 Apr 2011, Alain Péan wrote: Indeed, nothing fails now. I want my users to authenticate against Active directory, and it works, and I would like them to be able to use their kerberos credentials, if they need, to access domain ressources, as shares. But I have still to see a problem there.. Thanks again for your help and your comments ! So is it all working after taking out the ldap auth? With it in you'll not be generating kerberos tickets if there's anything wrong with your kerberos setup. jh No, you are right, things do not work as I expect. When I disable ldapauth, I cannot authenticate. So kerberos is not working. I have kerberos error messages with samba when I try to join AD domain with net ads join. But net rpc join succeeds. # net ads join -U pean -d3 [2011/04/12 22:19:45.797972, 3] libads/sasl.c:790(ads_sasl_spnego_bind) ads_sasl_spnego_bind: got server principal name = pc-2003-test$@TEST-LPP.LOCAL [2011/04/12 22:19:45.798331, 3] libsmb/clikrb5.c:698(ads_krb5_mk_req) ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache found) [2011/04/12 22:19:45.811493, 1] libsmb/clikrb5.c:710(ads_krb5_mk_req) ads_krb5_mk_req: smb_krb5_get_credentials failed for pc-2003-test$@TEST-LPP.LOCAL (Cannot find ticket for requested realm) Why 'no credential cache found' ? I would like to solve this annoying problem. Why it is no more working after upgrading to 5.6 ? Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] KVM problem after update to 5.6
Le 11/04/2011 11:30, Riccardo Veraldi a écrit : Hello, after updating to Cents 5.6 and so to kvm-83-224 my KVM virtual machines qemu qcow2 based images do not start anymore. Looking at VM console the error message is that VM media is not bootable. Going back to previous KVM version kvm-83-164 from Centos 5.5 they works again. What's wrong with qemu images ? anyone has an idea on how to fix the problem ? thanks Rick Hi Ricardo, There is a known bug related to qcow2 images considered as raw images in latest kvm. I don't find the bug in red hat and fedora, but here is what I found with Ubuntu. http://ubuntuforums.org/showthread.php?t=1638708 Hope that helps Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Kerberos/LDAP authentication no more working in 5.6 ?
Hi all, I just upgraded more servers, and doing some tests I found that my setup for kerberos/ldap authentication against Active Directory is no more working. I don't know why... I followed some times ago scott Lowe blog for this setup : http://blog.scottlowe.org/2007/01/15/linux-ad-integration-version-4/ And it was working correctly until the upgrade. What is curious is that id command and getent passwd works correctly : # id pean uid=9808(pean) gid=5027(ida) groupes=5027(ida),10(wheel),100(users),5024(info) # getent passwd |grep pean pean:*:9808:5027:pean:/home/pean:/bin/bash 'pean' es an AD account. But when I try to autenticate, even locally : So LDAP is correctly found. It is the password that seems problematic... ]$ su - pean Mot de passe : Mot de passe : su: incorrect password Here is the content of my system-auth-ac pam module : ]$ cat /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_unix.so likeauth nullok auth sufficient pam_krb5.so auth required pam_deny.so account sufficient pam_unix.so account sufficient pam_krb5.so account sufficient pam_succeed_if.so uid 100 quiet account required pam_deny.so password requisite pam_cracklib.so retry=3 password sufficient pam_unix.so nullok use_authtok md5 shadow password required pam_deny.so session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 session required pam_limits.so session required pam_unix.so Has anyone an idea where to look ? I noticed that 5.6 introduced sssd, and I know that in RHEL 6.0 TLS/SSL authentication is mandatory for LDAP authentication... Thans for the help. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kerberos/LDAP authentication no more working in 5.6 ?
Le 10/04/2011 17:31, Alain Péan a écrit : Hi all, I just upgraded more servers, and doing some tests I found that my setup for kerberos/ldap authentication against Active Directory is no more working. I don't know why... I followed some times ago scott Lowe blog for this setup : http://blog.scottlowe.org/2007/01/15/linux-ad-integration-version-4/ And it was working correctly until the upgrade. What is curious is that id command and getent passwd works correctly : # id pean uid=9808(pean) gid=5027(ida) groupes=5027(ida),10(wheel),100(users),5024(info) # getent passwd |grep pean pean:*:9808:5027:pean:/home/pean:/bin/bash 'pean' es an AD account. But when I try to autenticate, even locally : So LDAP is correctly found. It is the password that seems problematic... ]$ su - pean Mot de passe : Mot de passe : su: incorrect password Here is the content of my system-auth-ac pam module : ]$ cat /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_unix.so likeauth nullok auth sufficient pam_krb5.so auth required pam_deny.so account sufficient pam_unix.so account sufficient pam_krb5.so account sufficient pam_succeed_if.so uid 100 quiet account required pam_deny.so password requisite pam_cracklib.so retry=3 password sufficient pam_unix.so nullok use_authtok md5 shadow password required pam_deny.so session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 session required pam_limits.so session required pam_unix.so Has anyone an idea where to look ? I noticed that 5.6 introduced sssd, and I know that in RHEL 6.0 TLS/SSL authentication is mandatory for LDAP authentication... Thans for the help. Alain After further verification, it seems to be related to ticket granting. Here is what I have in /var/log/messages : su: pam_krb5[7200]: TGT failed verification using keytab and key for 'host/bardeen.lab-lpp.local@LAB-LPP.LOCAL': Cannot find ticket for requested realm Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 5.6 is out, great my first upgrade didn't work...
Le 09/04/2011 08:23, Paul Daggett a écrit : - Original Message From: Nicolas Rossrossnick-li...@cybercat.ca To: centos@centos.org Sent: Fri, April 8, 2011 8:24:39 PM Subject: [CentOS] 5.6 is out, great my first upgrade didn't work... 5.6 is out. That is good news. I did a yum update on one of my non-critical server, and the server stoped responding to ping after the reboot, and never answered back. It's now been 10 minutes, so I'll have to take a ride to the colo... Nice work dev team, keep up the good work. Let's hope that C6 will come soon ! I'm eager to upgrade. ___ So what do you have at the console? All the more reason to have multiple levels of remote capability. -Paul Hi, I just updated remotely an old server (Dell PE 1850, Perc 4/i), and it rebooted fine : # cat /etc/redhat-release CentOS release 5.6 (Final) So, for me , no problem... Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Feeding CentOS build results to twitter
Le 06/04/2011 09:08, Emmanuel Noobadmin a écrit : Apologies, I wasn't subscribed to the dev list since I didn't think I would had been able to contribute anything. Fortunately, I'm also not fixated about when exactly is Centos 6 coming out. Maybe the standard reply to those chasing for status on Centos 6 should be Please subscribe to devel list to follow updates since chances are the majority of them are only checking the site or the user list. Hi Emmanuel, You don't have to subscribe to dev's mailing list, only consult the archives : http://lists.centos.org/pipermail/centos-devel/ Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 Update?
Le 05/04/2011 02:24, Brian Mathis a écrit : On Mon, Apr 4, 2011 at 8:10 PM, Rudi Ahlersr...@softdux.com wrote: On Tue, Apr 5, 2011 at 1:56 AM, Brian Mathis brian.mathis+cen...@betteradmin.com wrote: Rudi, Cut the crap. You're intentionally changing the context of the discussion, so please stop posting. No one has demanded that the Devs send an email every time they take a shi^H^H^H^H^H^H^H make a cup of coffee, as you have said. In fact no one has demanded anything. Requests, yes. A post once in a while with some real information (other than we're working on it) would be nice. Also I don't see any comments demanding anyone do anyone else's work for them. Again, you have twisted the conversation to become more of a flamefest by making things up that are not true. Not one post has demanded anything. Everyone is here because they care about the project. That's what is constantly missing in the replies by those who continue to browbeat and deride anyone simply looking for information. It's a symptom of a deeper problem that will only be made worse by that kind of treatment. // Brian Mathis Brian, since you take it so personal, you should cut the crap. And grow up. Have you actually followed, properly, what has been said the past few weeks about the last updates (i.e. 4.9 / 5.6 6.0?) about people leaving CentOS cause other products are better and how the devs should step up to keep up with the rest of the world? I personally, as well as many others (looking at their comments) are more than happy to wait for the next release - exactly when it released. I rely on CentOS for one reason - it's stability and security. I don't want a half-ass-baked distro.And I frankly don't care what you think about it. If you don't like it, then move on. Get RedHat, or Novell or Debian, or whatever fits your needs. BUT PLEASE, stop putting extra pressure on the devs cause you have some personal vendetta against how quickly they release their updates. Surely, when you started using CentOS, you knew exactly what it was and what it's relationship was with it's upstream vendor. Now, due to their changes, CentOS updates gets delayed. Live with it, or get in touch with Red Hat and take it out on them. The last thing I want to see if CentOS coming to a grinding halt because the demand for half-tested-and-released-too-soon-releases and everyone want an update every 5 days have become too so great the devs can't get to doing their work properly anymore. I really have no way to respond to such a thorough misreading of what I have said. I don't even know where to begin. For everything you claim I have said I have in fact said the exact opposite. I have no idea where you get the idea of lumping me in with those throwing a tizzy about the releases not being ready. The only thing I have said is that if we want these weekly threads to stop there needs to be better communication. How that translates in your head as me and everyone else demanding all sorts of things, pressuring the project, or wanting premature releases is simply beyond any ability of reasonable thought. // Brian Mathis P.S. I do take it very personally when someone mis-characterizes something I have said. Brian, I agree with you and am amazed of the misinterpretation of what we say. I too am only asking for more regular short updates of what is going on with the project. I think it is something normal for a community project, and that can give trust in it. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 Update?
Le 04/04/2011 18:53, David Brian Chait a écrit : All, As much as I hate to ask, how is this project coming along? We are approaching the 4 month post-release point... -David Hi David, The last news given by Karanbir on his twitter account, an March 30, was that 5.6 was mostly GA, and that 6 was not far... the QA guys are having a quick look over the 5.6/ tree's now - mostly considering it GA grade now. http://twitter.com/CentOS/status/53082820612075520 5:15 AM Mar 30th http://twitter.com/CentOS/status/53082820612075520 via web See : http://twitter.com/centos I don't know if QA guys found something wrong since... Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 Update?
Le 04/04/2011 20:31, Karanbir Singh a écrit : On 04/04/2011 07:26 PM, David Brian Chait wrote: If Karanbir says 3 weeks it takes 3 months. (as well as with CentOS 5.6) Well that and we have been a few days away from 5.6 for well over a few months now... If you have a problem with things - feel free to then ignore my updates. - KB Karanbir, You are one of the few who care to give updates, so thanks for that. Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Migrating standalone systems to KVM
Le 31/03/2011 11:38, Jussi Hirvi a écrit : A while ago I got great instructions from Pasi for migrating standalone systems to *xen*. However, now I have decided to use KVM instead, which raises a new question: How to migrate a standalone system to *KVM*? I know a two-step way to do it: standalone system - xen pv guest xen pv guest - KVM pv guest I read that xen - KVM migration is trivially easy. But is there an easier (one-step) way to do this? - Juss Hi Juss, This link explains how to migrate from physical machine to virtual (P2V), for Prowmox ve, which uses KVM (and openvz). But the techniques explained here (based on clonezilla or System rescue CD) should apply to KVM in a CentOS environnement too. http://pve.proxmox.com/wiki/Migration_of_servers_to_Proxmox_VE Basically, you copy the image file from the physical server, on the network, with clonezilla or System Rescue CD, then you prepare a VM using raw drives, and you replace the raw files by the image files of the physical machine. Notice that for a windows machine (no support for SCSI in KVM), you have first to prepare the machine to use IDE drives, using the registry patch mergeide.reg. Hope that helps. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kernel Panic on HP/Compaq ProLiant G7
Le 24/03/2011 16:03, Windsor Dave L. (AdP/TEF7.1) a écrit : Hello Everyone, I recently installed CentOS 5.5 x86_64 on a brand new ProLiant DL380 G7. I have identical OS software running reock-solid on two other DL380 ProLiant servers, but they are G6 models, not G7. On the G7, the installation went perfectly and the machine ran great for about 2 weeks, when it just seemed to stop. The system stopped responding on the network, and there was no video on the console (or remote console via iLO). It would not reboot or cold boot through iLO, I actually had to hold the power to turn it off and then hit it again to power up. This happened several times within a few days of each other. Each time, there was no evidence in any logs of a problem - the system just seemed to stop or lock up. We did have a CPU problem light appear on the front, so HP came in and replaced the one 4-core CPU. Since then, it has run as long as two weeks, but still crashes randomly. After the last reboot, I left the console in text mode on vt1, and when it crashed again this morning this was displayed on the screen: CS: 0010 DS: ES: CR0: 80050033 CR2: 8100dc435cf0 CR3: 8a6ca000 CR4: 06e0 Process smbd (pid: 18970, threadinfo 81001529e000, task 81011f5347a0) Stack: 81011e4e71c0 8100cf12a015 80009c41 81011e4e71c0 0001 00030027ea9d 8100cf12a011 81011e4e71c0 81010d9cf300 81011e4e71c0 8101044099c0 Call Trace: [80009c41] __link_path_walk+0x3a6/0xf5b [8000ea4b] link_path_walk+0x42/0xb2 [8000cd72] do_path_lookup+0x275/0x2f1 [80012851] getname+0x15b/0x1c2 [800239d1] __user_walk_fd+0x37/0x4c [80028905] vfs_stat_fd+0x1b/0x4a [80039fa2] fcntl_setlk+0x243/0x273 [80023703] sys_newstat+0x19/0x31 [8005d229] tracesys+0x71/0xe0 [8005d28d] tracesys+0xd5/0xe0 Code: 00 00 00 00 00 00 00 00 70 4d 4f 9d 00 81 ff ff 98 e4 4b dc RIP [8100dc435cf0] RSP81001529fd18 CR2: 8100dc435cf0 0Kernel panic - not syncing: Fatal exception This suggests that something happened in a Samba process. I have the Samba3x packages installed since we are beginning to introduce Win7 clients into our environment. Googling Kernel panic - not syncing: Fatal exception and CentOS produced many hits, but nothing that seemed to exactly match my problem. Since this is the only G7 server I have here right now, I can't reproduce the problem on another machine. The G6s I have running the identical version of CentOS have no problems. I am trying to determine if this is pointing to a hardware or software issue. Some of the Google results suggested using a Centosplus kernel - is this a good idea? The server is a HP DL380 G7 Server with 4 GB RAM (1 DIMM 1333 MHz), one 4-core CPU (2133 MHz), 4 built-in Broadcom NetExtreme II BCM5709 II Gigabit Ethernet NICs, and a P410 Smart Array Controller. The P410 and the system BIOS have both been updated to the latest levels to see if that fixes the crashes, with no change. Any idea where I should look next? Thanks for any help anyone can provide! The fact that it appears after two weeks or so reminds me of a bug I saw on linux PowerEdge mailing list, //the blocked for more than 120 seconds timeout bug. I don't know if your problem is related, but if it is the case you should see the message in your logs. Do you have any high IO load, at least at some moments, on your server ? See : http://lists.us.dell.com/pipermail/linux-poweredge/2011-March/044515.html In this case, using a newer kernel would be indeed it seems a good idea. See if it can help... Alain // -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kernel Panic on HP/Compaq ProLiant G7
Le 24/03/2011 18:30, Dave Windsor a écrit : On 3/24/2011 12:37 PM, Alain Péan wrote: Le 24/03/2011 16:03, Windsor Dave L. (AdP/TEF7.1) a écrit : snipped Code: 00 00 00 00 00 00 00 00 70 4d 4f 9d 00 81 ff ff 98 e4 4b dc RIP [8100dc435cf0] RSP81001529fd18 CR2: 8100dc435cf0 0Kernel panic - not syncing: Fatal exception snipped I am trying to determine if this is pointing to a hardware or software issue. Some of the Google results suggested using a Centosplus kernel - is this a good idea? The server is a HP DL380 G7 Server with 4 GB RAM (1 DIMM 1333 MHz), one 4-core CPU (2133 MHz), 4 built-in Broadcom NetExtreme II BCM5709 II Gigabit Ethernet NICs, and a P410 Smart Array Controller. The P410 and the system BIOS have both been updated to the latest levels to see if that fixes the crashes, with no change. Any idea where I should look next? Thanks for any help anyone can provide! The fact that it appears after two weeks or so reminds me of a bug I saw on linux PowerEdge mailing list, //the blocked for more than 120 seconds timeout bug. I don't know if your problem is related, but if it is the case you should see the message in your logs. Do you have any high IO load, at least at some moments, on your server ? See : http://lists.us.dell.com/pipermail/linux-poweredge/2011-March/044515.html In this case, using a newer kernel would be indeed it seems a good idea. See if it can help... Alain // Alain, Today, there are not high I/O loads. This server was intended to replace two older HP-UX servers. I had just begun to migrate the workload to the new server when the crashes began to occur. There are some minor, sporadic I/O loads but nothing that I would think could trigger the bug discussed in your link. However, I haven't measured the workload closely yet, so there could be spikes. Best Regards, *Dave Windsor* Your error message, Kernel panic - not syncing: Fatal exception is too generic to give any clue. Do you see other error messages in your log ? Did you run any hardware test (with Dell you have such utilities on DVD, I think they exist also on HP), to see if some hardware is failing, for example RAM ? Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Install on Dell PowerEdge T310
Le 23/03/2011 18:40, admin lewis a écrit : Hi, this is the first time I install linux on a dell server. Simply I booted from a centos 5.5 x64 dvd but I cant see the disks.. is there something I miss ? thanks very much for any help luigi What have you as Raid Controller ? H200, H700, something else ? Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
