Re: [CentOS] died again
On 12/08/2013 03:31 PM, Michael Hennebry wrote: You mean it was rotting just sitting on a shelf? Perhaps surprisingly, systems of that age *can* fairly literally rot. There were a number of Taiwanese electrolytic capacitor manufacturers that borrowed a partial recipe from a Japanese company: One that was unfortunately missing an important component that kept the paste from eating the capacitor from inside out. It often initially manifested as system instability. See: https://en.wikipedia.org/wiki/Capacitor_plague I lost a couple of motherboards to it. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] died again
On 12/06/2013 06:57 PM, Michael Hennebry wrote: I suspect the pincushiony thing between the video card and the big black Intel fan of being the heat sink for the CPU, but I do not know. That case looks very dusty and 60C for an Intel CPU tells us that it is most likely overheating. The big black Intel fan is the fan for the CPU heatsink - which is what it is physically mounted on. *Don't try to remove it.* Since you didn't recognize a CPU fan on sight you clearly have no background in disassembling and reassembling PCs and you will most likely damage the CPU before you are done. Failure to reattach the CPU cooling fan correctly (which involves cleaning off the old heatsink compound and applying new heatsink compound correctly) **will** cause CPU overheating and system problems and can damage the CPU. I would start by gettting a can of compressed air, gently place a finger on the black Intel fan blades so it doesn't spin (spinning up a fan with air turns it into a generator pushing damaging voltage back into the motherboard - you don't want to do that) and blow the all the dust out of the heat sink for the CPU while moving the fan blades with your finger to allow access to the entire heatsink. Then boot the machine and verify that the CPU fan is in fact spinning. Also blow the dust out of the power supply (the silver box at the top left) and off the fins of the video card. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] evaluating backup systems: rsync
On 01/19/2013 11:31 AM, Nicolas Thierry-Mieg wrote: agreed, except if both source and dest are local, eg back up to a USB HD. If you test that you'll see the speedup is 1 (ie no speedup) That makes sense because it would take longer to locally checksum both files and then make a difference based copy than it would take to just do the copy without trying to be clever about it. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] su path hard coded?
On 07/24/2012 04:33 PM, Stephen Harris wrote: I want the ability to set the default path. That's all. Just so that when I do su - foobar then the path defaults to /bin:/usr/bin. If foobar wants to add /usr/local/bin then foobar decides. If I decide I want the default path to be /myspecial/bin:/bin:/usr/bin (so that all my users get this, by default) then I can. Just set the default path. Nothing more, nothing less. That isn't your problem. It's the solution you've come up with for your problem. What is the *problem* that removing /usr/local/bin from the default path is supposed to fix? What actual impact does it have on you if you *don't* change it? If it is just a matter of you don't like it, perhaps you should leave it alone. Changing configurations from the defaults in a way that requires additional work to maintain on the long term for no clear payoff is just wasting time and asking for mysterious breakages in the future when people who expect the system to work the way the vendor normally configures it run into your customizations without warning. But if it is actually causing a *problem*, present the problem itself. There may be other ways to address it you haven't thought of but others here may have used or can propose. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] partitions vs. LVs [was: Re: How to upgrade from 5.8 to 6.2]
On 06/24/2012 12:05 AM, Gene Heskett wrote: And what do you do when this LVM goes corrupt in about a month? I've had it self destruct on me twice. I hate it when that happens. I would look for some other issue like bad hardware. Over the last several years I've routinely used LVM for pretty much everything and have never had it go corrupt on me except when there was a hardware failure involved. My standard buildouts use LVM over RAID. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-virt] Guests pausing suddenly
On 04/26/2012 02:29 AM, Peter Hopfgartner wrote: The problem got slightly better when I upgraded all kernels, on host and guest, so that the MTBF went from 3-4 days to approx 50. Still, the problem is not solved, yet. A maybe stupid question: If the kernel in the guest sees an I/O error on sda, could this be a real error on the physical disk, even if there are no notices in the physical hosts log files, or is this more of a software problem? As the next step, I'll try to update the physical servers firmware. Any suggestion on this topic is welcome, even more then before. This could be being caused by failing areas on the underlaying disk drive. Particularly if you are using consumer grade hard drives instead of enterprise drives. The most relevant difference here is that consumer grade drives can try for up to a couple of minutes to read a bad sector and might eventually succeed if the error isn't too egregious while an enterprise drive will just quickly report the sector as unreadable and move on. I would install smartmontools on the physical server and check the SMART status of the drive after running a 'long' test. -- Benjamin Franz ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS] SSD for boot drive and OS
On 04/13/2012 06:00 PM, aurfalien wrote: Oh yea, sorry. Yep you got it, the OCZs. There is a significant mortality rate with consumer grade SSDs. If you are going to use one, pair it up in a software RAID1 with some matching partitions on the hard drive and then adjust the RAID to read preferentially from the SSD. See http://superuser.com/questions/293144/combining-ssd-and-hard-disk-in-software-raid1 for some links explaining how to do that. That way when the drive fails you aren't left with a completely crashed system. For any production system like this you should be using RAID anyway. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 6.x - find interface with link up
On 12/15/2011 12:45 PM, Les Mikesell wrote: In earlier versions 'mii-tool' would iterate over interfaces and show which have link up. In 6.x it wants an interface as a parameter. What is the appropriate way to find which of some number of of interfaces are connected? Better yet, what is the least typing to get the mac addresses of those interfaces /sbin/ip link ls -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Static routes with a metric?
On 12/7/2011 10:03 AM, Matt Garman wrote: Hi, [...] What I basically need to be able to do is this: route add -host h1 gw g1 metric 0 route add -host h1 gw g2 metric 10 Notice that everything is the same except the gateway and metric. I could put this in /etc/rc.local, but was wondering if there's a cleaner way to do it in e.g. the network-scripts directory. If you create files in the /etc/sysconfig/network-scripts directory named according to the scheme route-eth0 route-eth1 route-eth2 it will execute each line in the files as /sbin/ip route add line when each interface is brought up. Look in the /etc/sysconfig/network-scripts/ifup-routes script for all the gory details and features. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Changes at Red Hat confouding CentOS
On 11/15/2011 06:52 AM, Timothy Murphy wrote: What percentage are using iPhones and Androids to access the internet? I'd guess it is already over 50%. Mobile devices still have *under* 6% of the internet browser market. See http://www.netmarketshare.com/ -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Trouble with Mailman
On 11/13/2011 05:32 AM, John J. Boyer wrote: On Sat, Nov 12, 2011 at 09:45:04AM -0600, Johnny Hughes wrote: Linux puts things in cache using extra (unused) memory. It is absolutely normal to have Free Memory go down to a fairly small level and have Buffers and Cache grow. Why does Linux do this? It seems odd to me. Because it means that once you've accessed something once, accessing it a second time is orders of magnitude faster. Memory that is not being used at all is a waste of resources. It dramatically improves the performance of a system to use otherwise unused memory for caching and buffers. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] using KVM Virbr0 with bonded nics?
On 10/25/2011 10:48 AM, Bob Hoffman wrote: Still working on a solution. Apparently the bondn files demand an ipaddress, thus there might have to be one for each and every single ip coming into the computer...I guess you would have to do that anyway just like eth0, eth0:0, eth0:1, etc. I think I am going to try to just make a separate ethn for each ip, going to their respective bondn with the proper ipaddress in them. Then use the bridge as normal, with each bondn calling a respective bridge Not sure how that works with multiple ips going to same machine (as in, can the bridge handle more than one ip, or can the machine look for more than one bridge...?) For various reasons I base my host machines on Ubuntu 10.04-LTS and run CentOS under KVM. My bonded/bridged host configuration looks like this. You will have to figure out the CentOS equivalents. # The primary network interface iface eth0 inet manual iface eth1 inet manual # eth0 eth1 form bond0 for x.x.x.0/25 subnet auto bond0 iface bond0 inet static bond_miimon 100 bond_mode active-backup bond_downdelay 200 bond_updelay 200 address x.x.x.35 netmask 255.255.255.128 network x.x.x.0 post-up ifenslave bond0 eth0 eth1 pre-down ifenslave -d bond0 eth0 eth1 auto br0 iface br0 inet static bridge_ports bond0 address x.x.x.35 netmask 255.255.255.128 network x.x.x.0 gateway x.x.x.126 I then configured the virtual interface for each virtual machine like this: interface type='bridge' mac address='xx:xx:xx:xx:xx:xx'/ source bridge='br0'/ model type='virtio'/ /interface and configured each machine using regular 'eth0'. Don't forget to make sure forwarding is turned on and that your firewall on the host machine allows FORWARD chain packets to the bridged interface. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] add on sata card relabeling drives, installation
On 9/30/2011 8:41 AM, Les Mikesell wrote: On Fri, Sep 30, 2011 at 4:56 AM, Hakan Koseogluha...@koseoglu.org wrote: Why would you move disks around machines unless you're recovering them after a failure? Because I can. Why wouldn't you? Mine are nearly all in swappable carriers and it is a lot faster to move them than to ship data any other way. Because you are wearing the machine's connectors out. They are rated to be *infrequently* changed out. When you do it on a regular basis it will just be a matter of time until they develop electrical/physical problems. If you want to use drives to ship data around plug in a USB hub and connect USB drives to it. That way when the connectors inevitably wear out all you need to replace is the hub (and/or the drives). -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS-6 Status updates
On 06/14/2011 06:19 AM, m.r...@5-cent.us wrote: Timeliness, dunno. Ubuntu (or fedora) for production? NOT IF I HAVE ANY CONTROL!!! Given how many developers write incredibly fragile code, that is utterly dependent upon a very, very special environment, I guarantee that the almost daily updates will break it, or the New Features! will have changed interfaces The LTS server releases are very good. I use them routinely and they have been quite stable. I currently use them for all new 'base metal' server installations with my CentOS systems in VMs on top of them. Over the next few years I anticipate migrating everything at all levels to them as I get more comfortable with it. My only real complaint is having to learn the way a Debian derived system hangs together vs how a Redhat derived system is put together. And AppArmor has yet to 'knee-cap' me like SELinux has (repeatedly) by breaking previously stable systems. Where I routinely disable SELinux on CentOS, I have yet to have AppArmor interfere with normal ops - ever. It just works. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: high static in server room
On 06/14/2011 08:39 AM, Fajar Priyanto wrote: Hi guys, Sorry for the OT. For the last couple of weeks I notice that the static in my server room is worrisomely noticeable. I cannot see what may be causing it Care to share some of your experience what may be the cause and the remedy? Low humidity would be my first guess. The relative humidity in your server room should be between 50% +/- 10%. Too high and you can get condensation. Too low and you get electrostatic discharges. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Possible to use multiple disk to bypass I/O wait?
On 06/09/2011 02:24 AM, Emmanuel Noobadmin wrote: I'm trying to resolve an I/O problem on a CentOS 5.6 server. The process basically scans through Maildirs, checking for space usage and quota. Because there are hundred odd user folders and several 10s of thousands of small files, this sends the I/O wait % way high. The server hits a very high load level and stops responding to other requests until the crawl is done. I am wondering if I add another disk and symlink the sub-directories to that, would that free up the server to respond to other requests despite the wait on that disk? Alternatively, if I mdraid mirror the existing disk, would md be smart enough to read using the other disk while the first's tied up with the first process? You should look at running your process using 'ionice -c3 program'. That way it won't starve everything else for I/O cycles. Also, you may want to experiment with using the 'deadline' elevator instead of the default 'cfq' (see http://www.redhat.com/magazine/008jun05/features/schedulers/ and http://www.wlug.org.nz/LinuxIoScheduler). Neither of those would require you to change your hardware out. Also, setting 'noatime' for the mount options for partition holding the files will reduce the number of required I/Os quite a lot. But yes, in general, distributing your load across more disks should improve your I/O profile. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Where is the Centos Linux 5.5 kernel syscall handler for mmap? (Keith Roberts)
On 05/29/2011 01:37 AM, Frank Chang wrote: Keith Roberts, Thank you for your suggestion about doing a grep of the source code. We found mmap.S in ../sysdeps/unix/sysv/linux/i386. We looked in mmap.S and found a lot of assembly code. Could you please tell us if any of the assembly code call the kernel syscall handler for mmap.s? Also, we ran make for the kernel Makefile and we obtained the following result shown below. Could you please suggest us how to fix the kernel Makeconfig so that it skips over libc_pic.os? Thank you for your help. 1) This is probably the wrong list for these questions. More appropriate lists can be found here: http://kernelnewbies.org/ML 2) You may want to look at this web page: http://www.makelinux.net/kernel_map 3) http://kernelnewbies.org/ -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] hi CentOS
On 05/25/2011 08:54 AM, John R Pierce wrote: On 05/25/11 8:52 AM, tro...@gmail.com wrote: Hello CentOS it took a ... (spamcrap deleted) geez, all my email lists are getting hit with this sort of spam. becoming quite annoying, the way the list servers filter on the 'from' address has become inadequate :( The problem is the defacto standardized address obfuscation on the mailman web archive is easily reversible. All it takes is someone with the interest to write an automated 'use this address to email this mailman list' bot. The From addresses need to be rendered irreversibly unusable for email when displayed on the web archive to prevent that from happening. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSD for Centos SWAP /tmp /var/ partition
On 05/24/2011 08:25 AM, Rudi Ahlers wrote: But don't you think that a SSD, or rather Solid State Drive, would still be seen as a different type of drive than a SATA drive, even though they share the same type of bus connector + power cable? Interface and media type are completely independent. You can have SATA DVD, SSD, hard drives, Blue Ray, magnetic tape drives, etc.. You can have SAS DVD, SSD, hard drives, Blue Ray,tape drives, etc.. You can have USB DVD, SSD, hard drives, Blue Ray, magnetic tape drives, etc.. That a drive uses a SATA interface tells you *nothing* about the physical media itself. You are making a category error. It is as if you claimed a laptop was fundamentally different because you were using it with a 230V AC to DC power adaptor instead of a 120V AC to DC power adaptor. I know you get some USB type SSD's, but people still refer to them as SSD drives, and not USB drives I know a lot of people who call hard drives 'memory' - that doesn't make them right. The correct way to describe it is 'a SSD drive *with a USB interface*' or 'a SSD drive *with a SATA interface*'. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSD for Centos SWAP /tmp /var/ partition
On 05/23/2011 12:27 PM, Ray Van Dolson wrote: Quote from http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/newmds-ssdtuning.html : Red Hat also warns that software RAID levels 1, 4, 5, and 6 are not recommended for use on SSDs. During the initialization stage of these RAID levels, some RAID management utilities (such as mdadm) write to all of the blocks on the storage device to ensure that checksums operate properly. This will cause the performance of the SSD to degrade quickly. Huh. Maybe LVM mirroring would be alright. Not actually a problem if you are just using it for journaling. Journals max out at 400MB - so you are using only a tiny fraction of the entire SSD for the journal while getting a large performance pop on small writes since the OS can safely return to you before the data is actually written to the slower magnetic disk. Another alternative is to *not use the entire SSD*. Deliberately leave say 25% or so unallocated. Kind of like short stroking a disk for performance: You sacrifice capacity for speed. -- Benjamin Franz -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Feed a list of filenames to vim
On 05/17/2011 09:19 AM, Jussi Hirvi wrote: There are some googlable ways to feed a list of filenames to vim, but I stumble on weird results. [...] The easy way for me is 'avoid the shell - use Perl instead': perl -e 'my @files = grep(!/^\s*$/,ARGV); chomp @files; system(vim,@files);' example_list.txt -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] EL 6 rollout strategies? (Scientific Linux)
On 05/16/2011 02:44 PM, ne...@grayhatlabs.com wrote: I never thought sliced bread was all that great. Wouldn't it be better for people to donate money to help push things along faster? I mean if your really upset about how long its taken to come out why don't you donate some money to help the people who are working for free? Love to. Actually got approval from my company to do so years ago: The project donations page has been down (CentOS is currently reviewing our cash donation program. In the mean time we are not accepting any financial donations. We do appreciate though, if you want to - for example - help out with promo material. See our Wiki page on donations http://wiki.centos.org/Donate for more up to date information.) for around two years now. It is very hard to take dev complaints about how 'no one wants to contribute' seriously when the devs have avoided setting up an easy mechanism for people to contribute money *to the project* for years now. Money doesn't solve all problems (and creates some new ones of its own), but it can pay developers, buy new servers for development, and create other resources. But I will not throw money at the devs as no-string gifts to them as individuals. If they want to 'board the gravy train' by making a living from the project, I'm thrilled for them. I've no problem with people being compensated for their work. Form a formally chartered organization with accountable mechanisms for paying the devs. Go to town on it. If they just want people to give them money personally (which some devs have, perhaps tongue in cheek, suggested on this list) with no accountability or expectation that that money actually specifically support the project, well, they can keep dreaming. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-virt] Discover what vnet is attached to a kvm guest
On 05/13/2011 04:13 AM, carlopmart wrote: Hi all, How can I see what vnet is attached to a certain kvm guest?? For example: I have a kvmguest1. When I launch this guest with virsh command, virsh creates a new vnetX interface for this guest. How can I extract this virtual net interface (vnet0, vnet1, vnet2 or so on) using a script?? The information is available in the output of 'virsh dumpxml domain'. -- Benjamin Franz ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS] Am I being to paranoid?
On 05/08/2011 10:46 AM, Jason wrote: 4. Why does LogWatch show this to me as a 404 , when a rewrite rule is hit and they are re-directed back to themselves? My rules seem to be working, if I try and hit /scripts right now, it does what I expect. [...] Because the remote loader is a robot, not a web browser. It is throwing stuff at the wall and seeing what sticks. It flat out doesn't care if you send back a redirect - it is just looking for a response that indicates a vulnerability and anything else is ignored by it. Redirects are largely ineffective in combating bots hunting for exploitable scripts and programs. You would be better off using something like Fail2Ban to dynamically update firewall rules against detected attackers. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 40TB File System Recommendations
On 04/14/2011 09:00 PM, Christopher Chan wrote: Wanna try that again with 64MB of cache only and tell us whether there is a difference in performance? There is a reason why 3ware 85xx cards were complete rubbish when used for raid5 and which led to the 95xx/96xx series. _ I don't happen to have any systems I can test with the 1.5TB drives without controller cache right now, but I have a system with some old 500GB drives (which are about half as fast as the 1.5TB drives in individual sustained I/O throughput) attached directly to onboard SATA ports in a 8 x RAID6 with *no* controller cache at all. The machine has 16GB of RAM and bonnie++ therefore used 32GB of data for the test. Version 1.96 --Sequential Output-- --Sequential Input- --Random- Concurrency 1 -Per Chr- --Block-- -Rewrite- -Per Chr- --Block-- --Seeks-- MachineSize K/sec %CP K/sec %CP K/sec %CP K/sec %CP K/sec %CP /sec %CP pbox332160M 389 98 76709 22 91071 26 2209 95 264892 26 590.5 11 Latency 24190us1244ms1580ms 60411us 69901us 42586us Version 1.96 --Sequential Create-- Random Create pbox3 -Create-- --Read--- -Delete-- -Create-- --Read--- -Delete-- files /sec %CP /sec %CP /sec %CP /sec %CP /sec %CP /sec %CP 16 10910 31 + +++ + +++ 29293 80 + +++ + +++ Latency 775us 610us 979us 740us 370us 380us Given that the underlaying drives are effectively something like half as fast as the drives in the other test, the results are quite comparable. Cache doesn't make a lot of difference when you quickly write a lot more data than the cache can hold. The limiting factor becomes the slowest component - usually the drives themselves. Cache isn't magic performance pixie dust. It helps in certain use cases and is nearly irrelevant in others. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 40TB File System Recommendations
On 04/14/2011 08:04 AM, Christopher Chan wrote: Then try both for your use case and your hardware. We have wide raid6 setups that does well over 500 MB/s write (that is: not all raid6 writes suck...). /me replaces all of Peter's cache with 64MB modules. Let's try again. If you are trying to imply that RAID6 can't go fast when write size is larger than the cache, you are simply wrong. Even with just a 8 x RAID6, I've tested a system as sustained sequential (not burst) 156Mbytes/s out and 387 Mbytes/s in using 7200 rpm 1.5 TB drives. Bonnie++ results attached. Bonnie++ by default uses twice as much data as your available RAM to make sure you aren't just seeing cache. IOW: That machine only had 4GB of RAM and 256 MB of controller cache during the test but wrote and read 8 GB of data for the tests. Version 1.96 --Sequential Output-- --Sequential Input- --Random- Concurrency 1 -Per Chr- --Block-- -Rewrite- -Per Chr- --Block-- --Seeks-- MachineSize K/sec %CP K/sec %CP K/sec %CP K/sec %CP K/sec %CP /sec %CP 8G 248 99 155996 74 85600 42 961 99 386900 62 628.3 29 Latency 33323us 224ms1105ms 19047us 77599us 113ms Version 1.96 --Sequential Create-- Random Create -Create-- --Read--- -Delete-- -Create-- --Read--- -Delete-- files /sec %CP /sec %CP /sec %CP /sec %CP /sec %CP /sec %CP 16 17395 56 + +++ 23951 61 27125 84 + +++ 32154 84 Latency 330us 993us 980us 344us 64us 80us -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] bizarre system slowness
On 04/13/2011 01:34 PM, Cal Webster wrote: tar -zxf with a large file on this machine takes 1.5 minutes, but takes only 10 seconds on any of its siblings. CPU usage seems high while untarring, with lots of user and sys cycles being used, but almost no wait cycles. It doesn't matter whether I untar on a local disk, or on a fiber channel SAN volume, it's slow anyway. 1) Are you untarring from *and* to the SAN volume or is the source on the local volume? 2) What kind of local drives? If the local drive is IDE or SATA it is possible the machine is using PIO mode. That would match the symptoms of very high CPU usage and very slow I/O (yes - I've seen it happen with SATA drives with certain Supermicro chipsets). -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS-virt] VMware Server 2 fails on 5.6
So others can avoid the lesson I learned this morning, VMware Server 2 stopped working after upgrading to 5.6 from a working 5.5 install (with the libc workaround for 5.4+ already in place). Some Google-Fu indicates the problem is linked to more supporting libraries being changed (zlib, libxml2, possibly others) in addition to the existing libc issue. I get a segmentation fault trying to launch VM Server 2 and have been unsuccessful so far in getting my install to work again. My own solution is I am rebuilding the physical hardware for KVM support and temporarily hosting the VMware VMs on a second machine I have still running 5.5 as I transition to KVM since it became apparent some time ago that VMware Server 2 is no longer a tenable platform. -- Benjamin Franz ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS] Migrating standalone systems to KVM
On 03/31/2011 02:38 AM, Jussi Hirvi wrote: A while ago I got great instructions from Pasi for migrating standalone systems to *xen*. However, now I have decided to use KVM instead, which raises a new question: How to migrate a standalone system to *KVM*? I know a two-step way to do it: standalone system - xen pv guest xen pv guest - KVM pv guest I read that xen - KVM migration is trivially easy. But is there an easier (one-step) way to do this? - Jussi I haven't tried it, but in theory you could take a clonezilla image of the physical machine and restore it to a KVM disk image: Just create the initial virtual drives at least as large as the originals, boot clonezilla in the VM and restore from the images. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] perl one-liner issue
On 03/16/2011 01:42 PM, Joseph L. Casale wrote: $conf['nagios_base'] = I'd just search for that part, above. Me to, and I never even got to the replacement as the search for that was bailing:) The problem is trying to pass valid Perl though the bash shell . There is an insane amount of interaction between all the escapings involved in this specific pattern. The hard problem is getting bash to *not* change what you are passing to Perl before Perl sees it. Use 'echo' as a stand-in for Perl and you will see what is actually being passed to Perl for execution (it most likely isn't what you think it is). Once you know you are feeding Perl the right thing, you can worry about getting the pattern for the substitution correct. After enough poking and prodding you'll get something like this (after giving up on getting bash to not molest the ' characters before passing them to Perl): 's/(\$conf\[\047nagios_base\047]\s*=\s*)\/nagios\/cgi-bin;/$1stuffhere\;/' Is there some reason you can't use a straight Perl script instead of using bash to run a perl one liner? -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] VMware (was Re: current bind version)
On 02/24/2011 06:04 PM, Les Mikesell wrote: Can someone remind me why VMware server 2.x broke with a RHEL/CentOS 5.x glibc update? I switched back to 1.x which I like better anyway, but if the reason for putting up with oldness is to keep that from happening, it didn't work. Ultimately it broke because VMware was never interested in actually supporting VMServer 2. It had 'issues' right from the start such as some type of resource leak that would (still does) slowly degrade performance unless it was rebooted every week or two. It would stop running on a kernel upgrade unless you wrote a script to automatically recompile the necessary drivers when a kernel upgrade was detected. After two sub-point releases they never addressed the glib incompatibility at all. Those of us who continued to use it did so by hacking around so an older glibc was loaded just for it. Then there was the 'the manager console only works with SSLv2' issue that was never addressed and known security problems they pretty much said 'not going to fix'. Finally they 'redefined' their way out of their own support policy where a previous support level became 'you can look for any solutions on the forum'. You couldn't even *buy* support for it. It has been abandonware for years. I've been migrating our systems to KVM for some months now. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] java-1.6.0-openjdk.x86_64 keeps clobbering logging.properties
On 02/21/2011 07:27 AM, Jason Pyeron wrote: It appears that the rpm does not list the logging.properties as a config file, as such every time yum updates the file get overwritten. /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/jre/lib/logging.properties For now I have a cron job to replace it. Any suggestions? Try making the file immutable. chattr +i /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/jre/lib/logging.properties Just remember to remove the immutable flag when you want to edit it. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] system clock
On 02/06/2011 01:35 PM, Buz Davis wrote: I am running CntOS 5 with Gnome. Every now and then I have noticed that the computer will somehow get the time wrong by several hours. Is there a simple way to adjust the time? So far the only way I have found is to boot into windows (it is a dual boot system), make the change there, and then get back into CentOS. [...] CentOS likes to store the hardware system clock in GMT time. Windows likes to store it in the local time zone. The multi-hour switch is an artifact of dual booting with this disparity in play. If either system updates the hardware clock while running, the other OS will get thrown off by several hours. The fastest way to 'resync' the clock is using the ntpdate utiltity. It is part of the 'ntp' package. As root run: 'yum install ntp'. You can then reset the clock in CentOS by running 'ntpdate' as root. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Let's talk about HTTPS Everywhere
On 01/19/2011 03:29 AM, S Mathias wrote: Ok. It's a Firefox Add-on: https://www.eff.org/https-everywhere Questions: 1) But: Why can't i find it on the offical Firefox Add-ons site?: https://addons.mozilla.org/en-US/firefox/ https://www.eff.org/https-everywhere/faq/ 2) Did anyone audited the HTTPS Everywhere code? The place to ask that question would be the mail list for HTTPS everywhere: https://mail1.eff.org/mailman/listinfo/https-everywhere 3) Can someone trust this Add-on? Is it safe to install/use? Safe in the sense that you can trust the people who wrote it not to be distributing a trojan? The EFF is behind it. They are about as trusted on this as anyone. 4) If it's so great why isn't it more prevalent? See #1. ;) Most of these question would be better addressed to the HTTPS everywhere maillist. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ext4 or XFS
On 01/11/2011 10:56 AM, aurfal...@gmail.com wrote: I read where ext4 supports 1EB partition size The format supports it - the e2fsprogs tools do not. 16TB is the practical limit. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ext4 or XFS
On 01/11/2011 11:07 AM, aurfal...@gmail.com wrote: On Jan 11, 2011, at 11:01 AM, Benjamin Franz wrote: On 01/11/2011 10:56 AM, aurfal...@gmail.com wrote: I read where ext4 supports 1EB partition size The format supports it - the e2fsprogs tools do not. 16TB is the practical limit. Have you installed e4fsprogs? The tools do not support over 16TB. https://ext4.wiki.kernel.org/index.php/Ext4_Howto#Bigger_File_System_and_File_Sizes -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT] RHEVM List
On 01/07/2011 05:02 AM, Nico Kadel-Garcia wrote: I was testing it with KVM, for comparison to VMWare, and didn't get as far as that. The network configuration, multiple disk at install time, and dog-slow performance of KVM prevented further exploration. KVM was being heavily advertised by RedHat so I wanted a look, and was completely underwhelmed. The requisite bridged network ports have to be set manually on the server, since the built-in network configuration tools have no clue how to do it. This means network pair-bonding has to be done in the guest domain, and it turned out that PXE didn't work at all in the guests. It was completely useless: hopefully RHEL 6 and CentOS 6 get it right. I'm successfully running KVM on top of Ubuntu 10.04LTS with CentOS5.5 guests with virtio ethernet drivers. I've got my physical ethernet ports bonded (three pairs of two) and bridged to the guests such that they don't even know any magic is happening. The configuration is completely non-obvious (and way under documented) but not very complex to implement. The only performance issues I have encountered so far are linked to the abysmal disk write performance of the qcow2 image file format. It can be partially ameliorated by turning on writeback for the disk images (or by using raw format instead of qcow2). I've got 17 running guests on one machine (8 cores, 32GB RAM, 2+ TB of battery backed RAIDed disk) and it is working like a champ. The only major complaint I have is that by default 10.04LTS doesn't cleanly shutdown the VMs on a reboot or shutdown - instead just effectively 'pulling the plug' on them. RH apparently does the same thing in 5.x: kills guests rather than shutting them down on reboot/shutdown. :O I had to do some surgery on the init system to make it do a clean shutdown on guests (and hid 'shutdown' and 'reboot' behind some scripts that do a parallel vm shutdown before actually calling the real 'shutdown' or 'reboot' just to be really sure). -- Benjamin Franz -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Graphing System Load MRTG
On 01/05/2011 09:33 PM, Jobst Schmalenbach wrote: On Tue, Dec 21, 2010 at 10:09:30AM -0600, Matt (lm7...@gmail.com) wrote: I check system load like so: [r...@server cron.daily]# w 10:07:33 up 4 days, 15:01, 2 users, load average: 4.22, 3.17, 3.09 I would like to to graph the 3.17 5 minute average with MRTG. Anyone know of some examples of doing this? Make yourself a script, include this: [...] That is doing it the hard way. Use scripts only if there isn't an OID for what you want. Target[hostname_load]: laLoadInt.2laLoadInt.2:commun...@host:2 RouterUptime[hostname_load]: commun...@host:2 MaxBytes[hostname_load]: 3 Title[hostname_load]: System Load Factor[hostname_load]: 0.01 YTicsFactor[hostname_load]: 0.01 YLegend[hostname_load]: System Load Legend1[hostname_load]: Load Legend2[hostname_load]: Legend3[hostname_load]: Legend4[hostname_load]: LegendI[hostname_load]: Load LegendO[hostname_load]: ShortLegend[hostname_load]: load Options[hostname_load]: gauge,growright,nopercent Directory[hostname_load]: hostname Make sure you load the correct MIB otherwise you might have to use the OID instead of the symbolic name. LoadMIBs: /usr/share/snmp/mibs/UCD-SNMP-MIB.txt -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Converting to maildir
On 01/04/2011 06:14 AM, Adam Tauno Williams wrote: On Tue, 2011-01-04 at 15:06 +0100, Dominik Zyla wrote: Many people care about storage format. And they are misguided in doing so. Details of message storage is an internal [server's] problem. No. They are being eminently practical. mbox format's 'one big file' approach results in significant I/O overhead for update operations, locking complexity (file locks on shared network storage - 'nuff said) and bloat in differential backups. I have literally tens of gigabytes of email stored on our servers. mbox storage would make backups slower, take significantly more backup storage space and add quite a lot of disk I/O for routine mailbox use as well as slow down email for the end users. It is also more prone to 'one error took out everything' problems. The idea that low level/internal details don't matter is only true when you are so far from your resource limits that they are effectively infinite. The real world often isn't that way. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum update troubles
On 01/04/2011 11:48 AM, Luigi Rosa wrote: -- I am not a Perl expert, but in my experience the packages installed with CPAN and with RPM does not overwrite each other. CPAN stores the libraries in a different directory in which Perl looks for libraries before than looking for the libraries downloaded with RPM. This is according my experience, but some Perl installation expert will be able to clarify this issue. Right up until an update for Perl itself is pushed - and then you will find all your packages gone. If you need to tweek, use cpan2rpm to generate rpms. I've generally found the issues are tied to man files - so if you suppress the man file generation in the spec and stick with perldoc for a module's documentation you can generally work around the conflicts. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] two cents or not two cents
On 12/18/2010 08:12 AM, Les Mikesell wrote: Apple is not really a software company. Everything you buy from them is tied/bundled with hardware. I think their goal in updating software is always to force you to buy new hardware. +2000 :) -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /dev/null permission changes figured out
On 12/16/2010 10:29 AM, Joe Pruett wrote: a while back i reported an issue where /dev/null was getting set to 600 perms after a system update. i finally figured out what it is. i don't care about failed logins and have limited space on some servers, so i symlinked /var/log/btmp to /dev/null. the initscripts package does a chmod 600 /var/log/btmp, so voila /dev/null gets changed. so now i know why it happened just to me. i now need to figure out a better way to deal with btmp. any ideas from the list? Put a logrotate config for /var/log/btmp in /etc/logrotate.d that rotates it once a day and use 'rotate 0' to just throw them away. See 'man logrotate' for the configuration syntax. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /dev/null permission changes figured out
On 12/16/2010 11:14 AM, Benjamin Franz wrote: On 12/16/2010 10:29 AM, Joe Pruett wrote: a while back i reported an issue where /dev/null was getting set to 600 perms after a system update. i finally figured out what it is. i don't care about failed logins and have limited space on some servers, so i symlinked /var/log/btmp to /dev/null. the initscripts package does a chmod 600 /var/log/btmp, so voila /dev/null gets changed. so now i know why it happened just to me. i now need to figure out a better way to deal with btmp. any ideas from the list? Put a logrotate config for /var/log/btmp in /etc/logrotate.d that rotates it once a day and use 'rotate 0' to just throw them away. See 'man logrotate' for the configuration syntax. The man page for lastb says if you just complete delete /var/log/btmp the system shouldn't recreate it on its own. That is the simplest answer. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: programming language for morons (newbie friendly language in Open Source world)
On 12/13/2010 08:53 AM, m.r...@5-cent.us wrote: snip And python's the only language to use whitespace as a syntax element http://en.wikipedia.org/wiki/Whitespace_%28programming_language%29 But seriously, there are a fair number of (mostly older) languages that are fairly picky about whitespace. I still remember writing FORTRAN. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: programming language for morons (newbie friendly language in Open Source world)
On 12/13/2010 03:49 PM, Les Mikesell wrote: I doubt if there are a lot that can simultaneously think in procedural and object concepts, though. Someone who learns that code and data are different things and that data is not to be trusted will have a hard time dealing with objects where the only way to access data is to execute code associated with it. I don't know about that. I started on Apple Integer BASIC back in 1980, dropped to assembly on multiple platforms, and eventually ended up doing OO style design in Perl in the 90s *before* it officially had OO. I remember my sister commenting something to the effect that I seemed to design code mentally in OO styles regardless of the actual implementation language a decade or so ago. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /bin/env
On 12/10/2010 11:20 AM, James B. Byrne wrote: Please forgive my ignorance but I need a explanation of how to accomplish the following since I cannot figure it out from the documents. I have a Ruby script with a shebang line that looks like this: #!/usr/bin/env ruby On one particular host I have two Ruby interpreters installed; one the CentOS base version 1.8.6 in /usr/bin/ruby the other version 1.8.7 in /usr/local/bin/ruby. In my shell the which command finds /usr/local/bin/ruby. In a cron job the /usr/bin/ruby is used by the /bin/env invocation. My question is: How does one configure /bin/env to return the /usr/local/bin/ruby version? or does that question even make sense? Why not just change the shebang line to use #!/usr/local/bin/ruby ? -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 5.5 with MediaWiki
On 12/06/2010 09:24 AM, Clovis Tristao wrote: Hi, How do I install php-xml 5.2.10 on CentOS 5.5? I'm trying to install MediaWiki, and asks that package as a dependency. Cheers, I've found that a tarball install of 1.15.5 works fine on a CentOS5.5 machine without any special installation of upgraded RPMs. My PHP related installed RPMs are as follows: php-gd-5.1.6-27.el5_5.3 php-common-5.1.6-27.el5_5.3 php-pear-1.4.9-6.el5 php-cli-5.1.6-27.el5_5.3 php-odbc-5.1.6-27.el5_5.3 php-5.1.6-27.el5_5.3 php-mbstring-5.1.6-27.el5_5.3 php-mysql-5.1.6-27.el5_5.3 php-pdo-5.1.6-27.el5_5.3 php-devel-5.1.6-27.el5_5.3 php-pgsql-5.1.6-27.el5_5.3 php-eaccelerator-5.1.6_0.9.5.2-4.el5.rf php-ldap-5.1.6-27.el5_5.3 php-jpgraph-1.19-1.2.el5.rf -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] http request, which command is good for testing
On 12/06/2010 10:52 AM, adrian kok wrote: Hi all I just know there are curl / lwp-request, lynx and elinks Which command is good for http testing? What kind of testing? Throughput? Testing the output of scripts? Broken link detection? You need to define what you mean by 'http testing'. For simple 'how fast is my webserver' testing, 'ab' works ok and is part of the default Apache webserver install. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
On 12/06/2010 06:47 AM, Daniel J Walsh wrote:
I agree, and would like to look at the AVC's to understand what could
have broken the labeling
Well - since it happened again this morning, here you go. On further
investigation in backups, I previously had the user account that I use
for the FTP based update with its home directory set to a location
inside the /var/www/html tree. Since that unknowingly passed this rule,
it silently worked. It was changed to a /home/ based directory instead a
while ago - tripping this rule. But not consistently: FTP appears to at
least partially work outside the home tree even with the rule active.
I *really* dislike landmines when doing routine system tasks.
Dec 7 07:14:19 10.96.1.9 setroubleshoot: SELinux is preventing the ftp
daemon from writing files outside the home directory (./upgrade). For
complete SELinux messages. run sealert -l
e7787694-644e-4e4e-9b45-bd86c7eb33ce
sealert -l e7787694-644e-4e4e-9b45-bd86c7eb33ce
Summary:
SELinux is preventing the ftp daemon from writing files outside the home
directory (./upgrade).
Detailed Description:
SELinux has denied the ftp daemon write access to directories outside
the home
directory (./upgrade). Someone has logged in via your ftp daemon and is
trying
to create or write a file. If you only setup ftp to allow anonymous ftp,
this
could signal a intrusion attempt.
Allowing Access:
If you do not want SELinux preventing ftp from writing files anywhere on the
system you need to turn on the allow_ftpd_full_access boolean: setsebool -P
allow_ftpd_full_access=1
The following command will allow this access:
setsebool -P allow_ftpd_full_access=1
Additional Information:
Source Contextsystem_u:system_r:ftpd_t
Target Contextsystem_u:object_r:httpd_sys_content_t
Target Objects./upgrade [ dir ]
Sourcevsftpd
Source Path /usr/sbin/vsftpd
Port Unknown
Host XX
Source RPM Packages vsftpd-2.1.0-2
Target RPM Packages
Policy RPMselinux-policy-2.4.6-279.el5_5.2
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing ModeEnforcing
Plugin Name allow_ftpd_full_access
Host Name X
Platform Linux 2.6.18-194.26.1.el5 #1 SMP
Tue Nov 9 12:54:40 EST 2010 i686 i686
Alert Count 17
First SeenThu Dec 2 12:10:14 2010
Last Seen Tue Dec 7 07:14:19 2010
Local ID e7787694-644e-4e4e-9b45-bd86c7eb33ce
Line Numbers
Raw Audit Messages
host= type=AVC msg=audit(1291734859.344:6678): avc:
denied { write } for pid=1018 comm=vsftpd name=upgrade dev=dm-5
ino=1926503 scontext=system_u:system_r:ftpd_t:s0
tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir
host= type=SYSCALL msg=audit(1291734859.344:6678):
arch=4003 syscall=39 success=no exit=-13 a0=8e340d0 a1=1ff a2=802330
a3=1 items=0 ppid=1014 pid=1018 auid=502 uid=502 gid=100 euid=502
suid=502 fsuid=502 egid=100 sgid=100 fsgid=100 tty=(none) ses=1017
comm=vsftpd exe=/usr/sbin/vsftpd subj=system_u:system_r:ftpd_t:s0
key=(null)
--
Benjamin Franz
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
On 12/07/2010 07:36 AM, Benjamin Franz wrote:
On 12/06/2010 06:47 AM, Daniel J Walsh wrote:
I agree, and would like to look at the AVC's to understand what could
have broken the labeling
Well - since it happened again this morning, here you go. On further
investigation in backups, I previously had the user account that I use
for the FTP based update with its home directory set to a location
inside the /var/www/html tree. Since that unknowingly passed this
rule, it silently worked. It was changed to a /home/ based directory
instead a while ago - tripping this rule. But not consistently: FTP
appears to at least partially work outside the home tree even with the
rule active.
I *really* dislike landmines when doing routine system tasks.
Ok. SELinux blew up something else that was previously working on that
machine (yes - I've already done something to fix it for now. I don't
need anyone saying 'well run sealert'. Been there - done that. Things
are running now.) This repeated time suckage is why people routinely
turn it off.
sealert -l e6e017f5-9c2b-4e7b-895e-51a232042588
Summary:
SELinux is preventing the httpd from using potentially mislabeled files
/var/XX/misc/manage_clients/config.xml (var_t).
Detailed Description:
SELinux has denied the httpd access to potentially mislabeled files
/var/XX/misc/manage_clients/config.xml. This means that SELinux
will not
allow httpd to use these files. Many third party apps install html files in
directories that SELinux policy cannot predict. These directories have to be
labeled with a file context which httpd can access.
Allowing Access:
If you want to change the file context of
/var/XX/misc/manage_clients/config.xml so that the httpd daemon can
access it, you need to execute it using chcon -t httpd_sys_content_t
'/var/XX/misc/manage_clients/config.xml'. You can look at the
httpd_selinux man page for additional information.
Additional Information:
Source Contextsystem_u:system_r:httpd_t
Target Contextuser_u:object_r:var_t
Target Objects
/var/XX/misc/manage_clients/config.xml [
file ]
Sourcehttpd
Source Path /usr/sbin/httpd
Port Unknown
Host XX
Source RPM Packages httpd-2.2.3-43.el5.centos.3
Target RPM Packages
Policy RPMselinux-policy-2.4.6-279.el5_5.2
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing ModeEnforcing
Plugin Name httpd_bad_labels
Host Name XX
Platform Linux XX 2.6.18-194.26.1.el5 #1 SMP
Tue Nov 9 12:54:40 EST 2010 i686 i686
Alert Count 3
First SeenMon Apr 26 10:20:36 2010
Last Seen Tue Dec 7 07:38:17 2010
Local ID e6e017f5-9c2b-4e7b-895e-51a232042588
Line Numbers
Raw Audit Messages
host=XX type=AVC msg=audit(1291736297.720:6786): avc: denied {
getattr } for pid=21363 comm=httpd
path=/var/XX/misc/manage_clients/config.xml dev=dm-0
ino=5355222 scontext=system_u:system_r:httpd_t:s0
tcontext=user_u:object_r:var_t:s0 tclass=file
host=XX type=SYSCALL msg=audit(1291736297.720:6786):
arch=4003 syscall=195 success=no exit=-13 a0=82e7380 a1=8297c68
a2=296ff4 a3=82e7380 items=0 ppid=3398 pid=21363 auid=4294967295 uid=48
gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none)
ses=4294967295 comm=httpd exe=/usr/sbin/httpd
subj=system_u:system_r:httpd_t:s0 key=(null)
--
Benjamin Franz
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
On 12/07/2010 08:12 AM, Daniel J Walsh wrote: Yes SELinux and all MAC systems require that if the administrator puts files in non default directories, then they have to have to be told. In the case of SELinux, this involves correcting the labeling. DAC has similar problems, in that you need to make sure the permission flags and ownership is correct. Of course admins have been dealing with DAC for years so they understand it, and the number of UID/Permision combinations is more limited then the amounts of labels that SELinux presents. I wrote this paper to try to explain what SELinux tends to complain about. http://people.fedoraproject.org/~dwalsh/SELinux/Presentations/selinux_four_things.pdf The fact remains that as the old saw goes: Make it hard enough to do something and people will quit doing it. SELinux remains *hard* for most non-default users. As the lead SE developer, things you find utterly routine and only slightly annoying are major roadblocks to many other people. You aren't the average user. You aren't even close to one. A *sophisticated* user will see the suggestion given by sealeart to run chcon, follow it, *and have no idea that a system relabel can screw it up again*. sealert doesn't even mention the issue! It is as if the person who wrote the sealert messages never considered that people would like things fixed permanently rather than just until the next SELinux update relabels the system. I have 15 years experience running Linux servers. And I find SELinux damn annoying. I can work with it at need - but I'm generally pissed off when I find 'yet another SELinux issue'. My boss, who is the fallback admin here, would find it utterly opaque. He would have no idea where to even start looking for an SELinux issue. The issue is similar to that of using passwords of more than 10 characters composed of random mixed-case alphanumeric characters (ideally with special characters mixed in). Yes - they are provably more secure in a technical sense than virtually any easily remembered system. However *real people* have to use the passwords. And they will put the damn things on taped notes on the bottom of their laptop if you make them too hard (not conjectural - I've caught people here doing exactly that). BTW: You have a typographical error on your semanage example. You don't have a closing ' character on the file_spec. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
On 11/30/2010 10:42 AM, Lamar Owen wrote: It boils down to balancing 'it breaks my app that I can't or won't fix' against 'you've been pwned!' Actually, it boils down to 'what causes more total costs to the business'. Right now, in my experience, that is SELinux. Break ins to my servers are extremely rare (one machine out of several dozen internet exposed machines in 13 years). SELinux randomly taking out some aspect of operations is fairly frequent in comparison (several incidents on just the handful of machines I have that it was left active on). Security in not an end unto itself. It exists to support the business making money. If a cost saving measure is costing the business more than it is saving it, it is *not* a good idea no matter how technically superior it is. This in a very real sense is similar to the 'how much resources should measures to prevent shoplifting be given' in a retail store. If the anti-shoplifting measures are costing *more* than the shoplifting you are preventing - you have lost sight of the actual reason for anti-shoplifting measures in the first place. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
On 11/27/2010 02:52 PM, Marko Vojinovic wrote: On Saturday 27 November 2010 18:57:50 Benjamin Franz wrote: On 11/26/2010 05:17 PM, Patrick Lists wrote: What's with people recommending to turn off SELinux?! That's just bad advice and like recommending people keep their doors unlocked at all times. Really, stop doing that. SELinux is there for a reason. SELinux is like a automatic collision avoidance system for an airplane that unpredictably crashes the plane during normal flight. While the basic idea is good, until it stops crashing planes without warning it isn't going to be accepted. I don't understand this analogy. I have never seen SELinux crashing the system or doing some damage otherwise. What experience do you have with SELinux crashing anything on a working system? My experience with SELinux updates are that you can't predict. It could be filling up your disk with logs it forgot to delete after rotateing . It could be breaking X, disabling a previously working Apache configuration, breaking previously working mail systems, and so on. It is not enough that it mitigates certain classes of attacks when it actively breaks running systems *more often* than it mitigates attacks. And that is my personal experience. Every year or two I try turning it on on a few systems. And then, after it suddenly decides to break a previously stable system - it gets turned back off. If your system was running for some time with SELinux disabled (not in permissive mode, but disabled), turning it on without doing a proper relabeling of the filesystem is known to be a very Bad Idea. Typically all problems that occur in this situation can be eliminated by relabeling the whole filesystem once. Maybe that was the step you missed? No. I didn't phrase it clearly enough. I build systems fairly frequently. And periodically I'll decide that one of them will have SELinux turned on right from the start. And after I spend the time to make everything happy, it will work. The system will be stable. For a while. And then, one day, it won't work. Worse - it doesn't always *log* what it is doing in a way that you can figure out. Occasionally not at all. So you spend a few hours poking at the system until you try the magic of turning off SELinux. And then it starts working again. My experience is that *unless you have a system configured exactly like the defaults*, SELinux is prone to suddenly deciding after an update that it doesn't like your configuration anymore. Once because an update to SELinux changed the labeling on an existing directory tree - blowing away my own applied labeling with no warning. And there are even RH supplied rpms that *do not work* with SELinux without being SELinux being tweaked first. I've had one machine (of several dozen running) hacked in 15 years (entirely because I forgot to keep it updated). It was several years ago. I've had several instances of SELinux breaking a previously stable system after an update to SELinux or its policies. On about the same number of machines. The most recent within the last year. I've been burned by SELinux's misbehavior multiple times. It will take a very long time for it to earn my trust again. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Question about a hard drive error
On 11/15/2010 10:41 AM, Gilbert Sebenste wrote: Thanks John, I appreciate it! Both are being replaced after a nearby 55 KV power line shorted to ground and blew a manhole cover 50' into the air, damaging a lot of equipment over here, even those on UPS's. Nobody was hurt, thank goodness. But, I'll be looking into RAID 5 in the future. In these days of multi-terabyte drives you should be looking at RAID6 instead. The chances of a 'double failure' during degraded operation/resync is too high to ignore. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Question about a hard drive error
On 11/16/2010 09:25 AM, John R Pierce wrote: These days of cheap drives, I use raid10 almost exclusively. and if its at all mission critical, I like to have 1-2 hotspares. if I was deploying a new server, and its workload was at all database-centric, I'd want to use use 2.5 SAS rather than 3.5 SATA With RAID10, the rebuild time is how long it takes to copy the one drive. if you have 6 drives in a raid10 and one fails, leaving 5, and another fails, there's only a 1 in 5 chance of that other failure being the mirror of the dead drive. If you have a hot spare, that rebuild starts immediately, reducing the window for that dreaded double failure to a minimum. Oh, I agree - and when price is no object, or if write performance is the bottleneck, or if you need huge numbers of drives, I love RAID10. You can take it to crazy levels of redundancy + performance by going to RAID0 layered over multiple three-way RAID1 arrays. Why have multiple hotspares when you can go for N2-RAID1 + 0 instead and get a hefty performance boost on reads for almost free at even higher reliability? -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Question about a hard drive error
On 11/16/2010 10:47 AM, John R Pierce wrote: raid sets really shouldn't be much bigger than about 8 drives, anyways. rebuild times for a 12 drive raid6 would be astronomical. You are ok up to here. Rebuild time for replacement of a failed drive scales by drive size, not raid set size, regardless of whether it is RAID1, 5, 6 or 10. It remains roughly the amount of time it takes to completely write one drive at full speed (at least unless you run out of bus bandwidth - but that takes a lot of drives). However, system availability/performance is much better for RAID10 than for the others during a rebuild because of the isolation of the rebuild work to only the involved spindles. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-virt] KVM: where are the directions?
On 11/14/2010 05:25 PM, compdoc wrote: Unless you have old cards you have to retain, PCI-x isn't useful anymore. Too slow. Depends on what you consider 'too slow'. I just benchmarked an 8 drive software RAID6 (8 x 1.5 TByte Seagate drives) on a PCI-X card (Areca ARC-1120 configured for JBOD operation) at 196 megabytes/second sustained sequential write and 420 megabytes/second sustained sequential read with bonnie++ on a Supermicro PDSMi board. Just how fast do you need? -- Benjamin Franz ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] KVM: where are the directions?
On 11/15/2010 09:00 AM, compdoc wrote: It's still useful, but why invest in an older technology when the newer technology is there and doesn't cost more? Because it *does* cost more and doesn't (in my case) provide anything special I need feature wise. I already had a nice hot swappable 2U case with dual p/s, a not incredibly old server motherboard, dual core CPU, memory et al available. For an incremental cost of about $460 dollars I bought an Areca 1120 PCI-X controller to match my existing hardware rather than buying more like two thousand dollars in new hardware to do exactly the same thing, at pretty much the same performance level. -- Benjamin Franz ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS] Best practices for the maximal length of user names
On 11/13/2010 05:25 AM, Mathieu Baudier wrote: But people are sometimes frustrated with having their last name truncated and I wonder if limiting the user name to 8 characters is not a kind of superstition coming from some old times... CentOS5 supports 31 characters for user names (I tested it). 8 character limits for user names was a holdover from some truly ancient Unix systems and has been pretty much irrelevant to Linux for more than ten years. There is no reason I can think of to limit user names in Linux to 8 characters now unless you need to inter-operate account logins with an old Unix box that still has that limit. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] PATA Hard Drive woes
On 11/03/2010 03:13 PM, Keith Roberts wrote: On Wed, 3 Nov 2010, Lamar Owen wrote: Might want to check the power supply as well. Bad/flakey power can indeed case damage to the drive surface; been there, done that, have two Maxtor 250GB drives with scribbled servo data to prove it. OK. I'm running the server from an APC UPS Back-UPS 650, so there should not be any glitches in the power supply, should there? Lamar was probably talking about the machine's *own* power supply. The one inside the computer case. When they start to fail they can produce incorrect DC voltages and then you can get all kinds of weird failures. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] send HTML formatted mail (for M$ Outlook) with mailx
On 10/25/2010 08:31 AM, Sven Aluoor wrote: I am just curious (I have my solution): what are alternatives for sending mails on Linux command line? Perl works well (especially if you want to do things like make HTML mails correctly). Here is a walk through for doing it: http://www.revsys.com/writings/perl/sending-email-with-perl.html At the other end of sophistication, you can just pipe it right into sendmail: http://www.perlfect.com/articles/sendmail.shtml -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] FYI: Red Hat Enterprise Linux 6 Release Candidate Available to Partners
On 10/19/2010 12:47 AM, Pasi Kärkkäinen wrote: On Mon, Oct 18, 2010 at 06:44:34PM +0300, Deyan Stoykov wrote: Available to partners? Aren't RH obliged to release the source as usual? Yes, to partners :) I'm pretty sure Deyan is referring to their GPL obligations to make the source code available for most of it. Given their heavy historical commitment to GPL, I have no doubt it will show up very shortly. They have always done a good job there. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] the wandering MAC?
On 10/13/2010 09:28 AM, Boris Epstein wrote: What's happening is, it is showing up under one of the two MAC's: either 00:0a:cd:1a:c1:71 or 00:00:00:00:c1:71. If you reboot it the MAC stays the same; if you shutdown and do a full powerdown it seems to change. I would say the card is probably dying and replace it. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: linux desktop market share more than 1%
On 10/08/2010 04:03 PM, Warren Young wrote: On 10/8/2010 4:29 PM, Jerry Franz wrote: On 10/08/2010 03:25 PM, Warren Young wrote: There's more to a PC than [a] spec list. Apple runs commodity hardware that is essentially identical to everyone else's - just priced 3X more. ...says the guy comparing machines based only on the spec list. We're just throwing blind assertions at each other, but since I don't want to go PC shopping just to pursue the argument, let's keep it theoretical. Which do you suppose is a harder task: a) for you to show me a third-the-price PC that's truly an apples-to-apples comparison with some given Mac; or Ok. Here is a fairly basic Mac Pro: * One 2.8GHz Quad-Core Intel Xeon “Nehalem” (8M cache, 2.8Ghz, 4.80 GT/s) * 6GB (PC3 1066, 3x2GB) (four memory slots, max RAM 16GB) * Two 1 Gbit ethernet interfaces * 2 x 1TB 7200-rpm Serial ATA 3Gb/s hard drives * ATI Radeon HD 5770 1GB * One 18x SuperDrive (DVD±R DL/DVD±RW/CD-RW) * Apple Magic Mouse * Apple Keyboard with Numeric Keypad (English) User's Guide * Mini DisplayPort to Dual-Link DVI Adapter * 4 x Firewire 800 ports * 5 x USB 2.0 ports * Front-panel headphone minijack * Optical digitial audio TOSLINK ports * Multichannel audio through Mini Display Port * 1 x 16x PCI-e, 2 x PCI-e 4x * 6 x 3Gb/s SATA II ports for a mere $2973. Here is what I'm running on my desk right now: * Gigabyte EX58-Extreme motherboard ($328) * One 3.06GHz Quad-Core Intel i7 950 (8M cache, 3.06Ghz, 6.4 GT/s) ($294) * 6GB (PC3 1600, 3x2GB) (six memory slots, max RAM 24GB) ($189) * Two 1 Gbit ethernet interfaces * ATI Radeon HD 5770 1GB ($150) * LiteOn DVD A DH24AYS (DVD±R DL/DVD±RW/CD-RW, DVD-RAM, Lightscribe, x24 speed) ($70) * 2 x 1TB 7200-rpm Serial ATA 3Gb/s hard drive (2 x $80) * Microsoft Natural 4000 Ergonomic Keyboard ($41) * Microsoft 3 button mouse with scroll wheel ($15) * 7.1 surround sound, S/PDIF in/out, High Definition Audio * 2 x 16x PCI-e, 1 x 8x PCI-e, 1 x PCI-e 4x, 1 x PCI-e 1x and 2 x PCI slots * 10 x 3Gb/s SATA II ports * Onboard RAID 0,1, 5 and 10 support * 12 x USB 2.0 ports * 3 x Firewire 400 ports * 750W Corsair power supply ($170) for a grand total of $1417 Which makes my machine 1/2 the price with *better* performance and features. The price ratios get really crazy once you get off the basic machine. Want 12GB of memory instead of 6GB? Add another $1050 to the Mac Pro. Or $189 to my machine. Want RAID support on the Mac Pro? Add another $700. RAID support is already included on my board, but even buying a card I would only spend $300 for a battery backed 8 port SATA II RAID card. Want built in system backups and restores right from the BIOS? Tough. Macs can't do it. Want Crossfire support for your video? Well, you're out of luck. Macs can't do Crossfire. What is special about Macs *is not their hardware*. It's all about the software. And the only reason that software doesn't run on every desk out there is because Apple is fundamentally a *hardware* company: The OS is just there to sell the machines at a very healthy profit margin. Don't take away that I'm slamming Macs. I'm not. They are very nice machines. I have no problem using one (in fact I've owned a couple over the decades). But they are substantially overpriced for what they actually are. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: linux desktop market share more than 1%
On 10/07/2010 05:05 AM, Rudi Ahlers wrote: You can register on this site if you use linux on your desktop, to prove that we have at least more than 1% market share today :-) http://www.dudalibre.com/gnulinuxcounter?lang=en Argh. This is a lousy way to get that kind of stat. Completely worthless. A much better approach (and one that doesn't require ten million people to voluntarily register on a site they are unlikely to even ever hear of) is just to look at web server logs on high traffic domains having nothing to do with computers or Linux per se. Checking my own logs for Google Analytics for the last couple of months, the percentage is around 0.3%. I love Linux dearly (I've used it for my primary desktop and servers since 1995), but it really doesn't have much desktop penetration. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RAID rebuild time and disk utilization....
On 09/27/2010 08:15 AM, Tom Bishop wrote: So I'm in the process of building and testing a raid setup and it appeared to take along time to build I came across some settings for setting the min amount of time and that helped but it appears that one of the disks is struggling (100 utilization) vs the other one...I was wondering if anyone else has seen this and if so, is their a solution for it...my 2 disks are 1 Samsung F3 1tb /dev/sdb and 1 Seagate 7200.12 1Tb /dev/sdc...smartctl looks good on both [...] What is the output from 'cat /proc/mdstat'? -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Raid 10 questions...2 drive
On 09/24/2010 07:50 PM, Digimer wrote: Raid 10 requires 4 drives. First you would make two RAID 0 arrays, then create a third array that is RAID 1 using the two RAID 0 arrays for it's devices. With only two drives, your option is RAID 1 (mirroring - proper redundancy) or RAID 0 (striping only - lose one drive and you lose *all* data). That's 0+1 not 1+0. And don't do it that way. If you have a single drive failure with RAID 0+1 you've lost *all* of your redundancy - one more failure and you are dead. If you create two RAID1 sets and then strip them into a RAID0 you get pretty much the same performance and space efficiency characteristics, but if you have a drive failure you still have partial redundancy. You could actually take a *second* drive failure as long as it was in the other RAID1 pair. With 4 drives raid0+1 can only survive 1 drive failure. With 4 drives in raid 1+0 you can survive an average of 1.67 drive failures. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] In the press, once again
On 09/24/2010 08:37 AM, Hakan Koseoglu wrote: On 24 September 2010 14:23, Timo Schoelertimo.schoe...@riscworks.net wrote: Windows admins use a virtualized CentOS machine to copy files because their own tools are not able to handle copying a bigger amount of data. :) Although I read the article with some amusement, I have to wonder what's wrong with rsync (has a Windows port, albeit somewhat slow with Cygwin implementation). His fallback is using cp which I found utterly incomprehensible. Until Cygwin's developers decide the join the rest of the window's universe in having an *uninstaller* it will remain not installed - ever on many people's systems, including mine. It is completely unacceptable that it is happy to install, but that you have to *manually* rip it out piece-by-piece if you ever want to uninstall it. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Problem with SSHD update.
On 09/13/2010 08:55 AM, James B. Byrne wrote: On: Mon Sep 13 11:41:17 EDT 2010, Joseph L. Casale jcasale at activenetwerx.com wrote: Selinux enabled? Yes. Then you should check your logs to see if SELinux is blocking it for some reason. You could also try turning SELinux off to directly test whether it makes a difference. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] e2fsck with millions of files
On 08/31/2010 06:19 AM, Matthew Miller wrote: On Tue, Aug 31, 2010 at 08:14:23AM -0500, Sean Carolan wrote: I have a large (1.5TB) partition with millions of files on it. e2fsck has been running nearly 12 hours and is still on Checking directory structure. Any tips for speeding this along? Yes -- use ext4. Otherwise, it's inevitable. To extend his comment: There is a bug in e2fsck for filesystems with many hardlinks. It could take *weeks* or longer, if it finishes at all, to run on a large filesystem with lots of hardlinks. http://www.mail-archive.com/scientific-linux-us...@listserv.fnal.gov/msg02180.html -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] slightly OT: dban
On 08/27/2010 08:25 AM, Todd Denniston wrote: m.r...@5-cent.us wrote, On 08/27/2010 10:57 AM: Oh, and I *do* have to do at DOD full sanitization: I work at a US gov't agency, and the machine's being surplused Suggestion, check with your local DRMO (or whatever they are calling themselves now) representative and make sure that you are allowed to send any hard drive with the machine at *ALL*. Concur. As far back as the early nineties when I was in the US Navy the standard for some materials on magnetic media was physical destruction of the media via specified means. *No* form of media erasure was considered acceptable for them. Given that modern hard drives can remap damaged sectors automatically, it is quite possible for an 'erased' drive to still have data on it that can't be removed by any software based erasure because it can't be accessed by the OS. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] slightly OT: dban
On 08/27/2010 10:27 AM, JohnS wrote: *GRIN* take a Sledge Hammer to it. Dban at once did not support HPA nor DCO it still may not. It still doesn't. There are just a *lot* of ways for a theoretically 'wiped' drive to not actually be fully wiped. As you said: Take a sledge hammer to it. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] best ways to do mysql backup
On 08/14/2010 12:51 PM, Agnello George wrote: we have multiple servers approx 10 and each has about 100 GB of data in the /var/lib/mysql dir , excluding tar , mysqldump and replication how do we take backup for these databases on to a remote machine and store them datewise , ( the remote machine is a 2TB HDD ) currently tar is not feasible as the data is too huge and the same goes with mysqldump suggestion will be of great help Assuming you installed using LVM partitions (and that you left space for snapshots ;) ), stop the database, take a LVM snapshot, restart the database, rsync the mysql data directory to the other machine, then release the snapshot. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] best ways to do mysql backup
On 08/14/2010 12:59 PM, Benjamin Franz wrote: On 08/14/2010 12:51 PM, Agnello George wrote: we have multiple servers approx 10 and each has about 100 GB of data in the /var/lib/mysql dir , excluding tar , mysqldump and replication how do we take backup for these databases on to a remote machine and store them datewise , ( the remote machine is a 2TB HDD ) currently tar is not feasible as the data is too huge and the same goes with mysqldump suggestion will be of great help Assuming you installed using LVM partitions (and that you left space for snapshots ;) ), stop the database, take a LVM snapshot, restart the database, rsync the mysql data directory to the other machine, then release the snapshot. Correction: rsync the *snapshot* of the mysql data directory to the other machine. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] NTFS is more resilient than ext3? Or is it hardware issue?
On 08/12/2010 01:55 AM, Fajar Priyanto wrote: Hi guys, I don't mean to incite debate or something, just want to share experience and a little curiosity. Back long time ago, we have an old file MS W2K (NTFS) server where due no admin was available to manage it, the server would get power off when the office closed, and auto power on again in the morning. That thing happened for years and it was fine ^^ Recently, I setup a Centos 5.5 file server with ext3 and got power blackout twice and I notice the filesystem got corrupted and also bad sectors. Is it just pure random luck, software or hardware issue? What's your experience? I would say 'luck'. No common system is normally 100% safe against 'pull the plug' shutdowns. Also, it matters how much disk I/O the system is doing. A system that is idle will tolerate 'pull the plug' better than one actually doing something. Additionally, powering up and powering down is the hardest thing you can do to the *hardware*. Servers should be let run 7/24 - they last longer. Finally, if power failures are taking the machine down, buy a UPS and connect the monitoring cable. I like APC UPSs and apcupsd for monitoring it and automatically shutting the system if needed. You can improve ext3's resistance to corruption quite a bit if you use the 'journal=data,barrier=1' mount options. Barriers is actually one of the few cases where software RAID or LVM hurts you - they don't honor barriers (at least not in CentOS/RHEL - newer kernels have improved this somewhat). If you are using a hardware RAID card with onboard cache - make **SURE** it has battery backup installed, too, or else turn off the cache completely. If you are using LVM/software RAID you will also need to turn off the hard drives *own* write caches as well. And yes - you are going to take some serious performance hits from doing all this. You are trading performance for reliability in the face of power failures. And use ext4 instead of ext3 (ext4 adds journal checksumming) if you can. Here is an article discussing making linux disk I/O safer: http://www.linux-mag.com/id/7773/ -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-virt] IP based VirtualHost: IP aliases vs. additional virtual interfaces
On 08/10/2010 02:01 AM, Mathieu Baudier wrote: n order to have the IPs available on some guests, I'm wondering whether I should: 1 - add additional virtual interfaces or 2 - set up IP aliases (eth0:1, etc.) in the guests I imagine that (1) would be faster and more efficient (but that's a guts feeling), and it feels cleaner. But with (2), I just need to restart the network in order to add new IPs (there won't be that many: like around 10 in the next few months), insteead of restarting the whole guest. You don't have to restart the guest to add or remove aliases: ifup eth0:1 ifdown eth0:1 work fine for starting and stopping them. -- Benjamin Franz ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS] ext4?
On 08/07/2010 10:55 AM, James Bensley wrote: On 7 August 2010 17:41, Laurent Wandrebeckl.wandreb...@gmail.com wrote: so a mount -t ext4 should work, as kernel-2.6.18-194.8.1.el5 provides /lib/modules/2.6.18-194.8.1.el5/kernel/fs/ext4/ext4.ko. This is probably going ot provide the answer (to you atleast, its not so clear to me); `uname -r` tells me I'm on kernel 2.6.18-92.el5. Within /lib/modules/2.6.18-92.el5/kernel/fs/ thers is no ext4, but I have do have a /lib/modules/2.6.18-194.8.1.el5 folder and in there is kernel/fs/ext4/ext4.ko so a newer kernel is preset with the required module but its not active, or something? I'm going to say I need to recompile my kernel and include the module since its present on my box or work out why the newer kernel files are present but not in use? You are *WAY* behind on your running kernel. Check /boot/grub/grub.cfg and, assuming you have the more recent kernels installed, change it to default to the current kernel and reboot. Alternatively, if you don't want to edit grub.cfg just yet, reboot and *choose* the most current kernel from the grub boot menu to test it. I use ext4 all the time and don't have any problems with it. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dogs, trolls, and neighborly free/open source
On 08/05/2010 11:23 AM, Les Mikesell wrote: No, the part I don't understand is why you can't ignore any request where you are unwilling or unable to help. If everyone did, there would only be one or two messages on this thread instead of the current mess. +1 -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT -- apcupsd messages
On 08/02/2010 07:07 AM, Robert wrote: Does anyone here have any feel for the Battery disconnected and Battery reattached log entries? The rebooting came as a result of me turning off modems, router, external drives, monitor, cordless phone and finally, the computer, trying to locate a quiet but annoying chirp. The chirps stopped when I tilted the UPS to look at the front panel. [...] Given the complaint was that the battery was disconnected and that it stopped when you moved the UPS, I would check the wires connections to the battery. Pop open the battery compartment and make sure the connectors are tight. ;) -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] When should LVM be used?
On 07/29/2010 10:57 PM, Fajar Priyanto wrote: On Fri, Jul 30, 2010 at 1:37 PM, Ron Blizzardrb4cen...@gmail.com wrote: Is there any reason to use LVM on a personal desktop install of CentOS? It seems to me, for my purposes, that LVM is just a pain in the neck -- although I've always just let CentOS set it up during the install in the past. I would like to be able to use parted to resize partitions when I want to, and also I'd like Vector Linux to be able to read and write data to the CentOS partition. Would I be missing something by not installing LVM, or is this mostly for server purposes anyhow? You don't need LVM if you don't plan to expand the filesystem (or a particular mount point). You can use LVM for taking snapshots as well (very useful if you want to quiesce databases for the shortest possible time for backups) . And you can use LVM to migrate data from an old drive to a new one or even to *shrink* a partition. I've never found LVM to 'be a pain'. 99% of the time it's invisible, and 1% of the time it's indispensable. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] mod_whatkilledus on Centos 5
On 07/28/2010 07:43 AM, Steve Campbell wrote: I'm getting those generic segmentation faults on a Centos 5 htpd 2.2.3-11 webserver. So far, I've not been able to track down what might be close to causing this. I've read about mod_whatkilledus, but don't know if I can install this in any way on my server or if it's still even valid. Has anyone used this? How was it installed, if so? I don't really want to start messing with configuring httpd, so I'd like to keep this simple and RPM-based if at all possible. If your Apache doesn't have any non-stock modules installed, I would look for a hardware fault first. Start with memtest86+. If you *do* have non-stock modules installed - look at them. I've run Apache for more than a decade and seg faults are very rare unless you have flaky hardware or are using unsupported modules. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 5.5/i386/32-bit CD installation hickups
On 07/27/2010 11:18 AM, Boris Epstein wrote: Hello listmates, I've got a few older 32-bit PC's that only have a CD drive (no DVD). So I downloaded all the ISO's and I thought I'd install CentOS 5.5 on this 1.25 GB P-3 (I think, don't remember what CPU it's got right off hand, not that it should matter). So I tried it there, got a fatal exception. OK, no problem - thinking that maybe something was wrong with that machine I decided to try it on a different one, a P-3 with 384 MB or RAM. Same thing happened. So here's my question: has anybody successfully installed CentOS 5.5 on a 32-bit machine (i386) using individual CD's as their installation media? The closest I have is a P3 with 1 GByte of RAM over HTTP using the 5.4 netinstall CD that I installed several months ago (I keep a local mirror of the CentOS tree). That worked fine for me. My first thought on a machine that old would be either flaky memory or or a flaky CD drive. I would run memtest86+ on them and then try a network install. You can mount the DVD ISO on loopback on a webserver for an install source. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 5.5/i386/32-bit CD installation hickups
On 07/27/2010 11:57 AM, Boris Epstein wrote: On Tue, Jul 27, 2010 at 2:52 PM, Benjamin Franzjfr...@freerun.com wrote: The closest I have is a P3 with 1 GByte of RAM over HTTP using the 5.4 netinstall CD that I installed several months ago (I keep a local mirror of the CentOS tree). That worked fine for me. My first thought on a machine that old would be either flaky memory or or a flaky CD drive. I would run memtest86+ on them and then try a network install. You can mount the DVD ISO on loopback on a webserver for an install source. Benjamin, Thank you, those are excellent suggestions. I will try that, most likely. By the way - since it sounds like you have the experience - how easy is it to mirror CentOS repositories locally? How much space do I need, roughly? I exclude the testing, build, apt, ia64, s390, s390x, and alpha sub-trees. The 5.5 tree (minus those) takes about 36 Gbytes. During an update cycle with a new release you can expect about double that between the old and new trees. It is pretty easy - I just run a nightly rsync against a good public mirror. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Odd fsck problem
On 07/20/2010 10:57 AM, m.r...@5-cent.us wrote: In the last month - definitely after going to 5.5 - I've tried to fsck a drive (340 days, or some such, unchecked). 960G RAID 5, I *think*, possibly serial port attachment to a JetStore RAID array. Every time I try, it gets to 70.0%, and stops. As in, I left it run last night, having started it late afternoon, and around 23:00, it was still exactly there, not even .1% more. On that, I also had a -dd flag, since running it the other day with a -d gave me nothing at all of debugging info; neither did the dd. I've seen e2fsck hang on large arrays (terabyte range) before, particularly if you have lots of hard links. It's a bug in fsck. http://www.redhat.com/archives/ext3-users/2007-March/msg00016.html -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Finding DHCP IP of guest system
On 07/19/2010 07:09 AM, m.r...@5-cent.us wrote: Jay Leafey wrote: As far as paranoia goes, one of my mentors once told me that a mild degree was a useful attribute for a system administrator. It tends to make one spend more time thinking about what CAN go wrong, which is great if you actually put the results into practice. A buddy of mine, who was the sr. systems and network admin I worked with 10 years ago, used to say he was professionally paid to be paranoid. mark 'The question is not Am I paranoid?, it is Am I paranoid *enough*?' It's an old sysadmin adage. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Linux Kernel Physical Interface Limit
On 07/14/2010 08:17 AM, Whit Blauvelt wrote: On Wed, Jul 14, 2010 at 09:51:51AM -0500, Tim Nelson wrote: Even if the limit were lower, such as 10 physical interfaces as mentioned before, I have to imagine that the host system would have issues dealing with the number of interrupts needed to *PROPERLY* service all of those interfaces in addition to the other system hardware. There may (or may not) be another problem. As of a couple of years ago, on some Linux variants (didn't try RHEL/CentOS), I was having trouble even getting 6 NICs (on 3 cards) to work if I had IPv6 turned on. 4 NICs worked fine. Filed some bug reports, and it was evident from the response that very, very few Linux users ever go 4 eth's on a system. Thus the lack of properly debugged IPv6 support for that then. Fortunately I don't (yet) need IPv6. When I do, it'll be curious to see if the bug is still there. I've got six machines with 6 Gb interfaces (two on motherboard, 4 on a card) right now (the design called for 3 bonded pairs on separate nets for redundancy). I haven't tried IPV6 on them. I had 'issues' with bonding and VMs though. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Linux Kernel Physical Interface Limit
On 07/14/2010 10:30 AM, JohnS wrote: On Wed, 2010-07-14 at 08:52 -0700, Benjamin Franz wrote: I've got six machines with 6 Gb interfaces (two on motherboard, 4 on a card) right now (the design called for 3 bonded pairs on separate nets for redundancy). I haven't tried IPV6 on them. I had 'issues' with bonding and VMs though. --- Can you give me sar -I SUM the last timed entry intr/s? How many CPUs? I'm not questioning you but on the curious side. On the heaviest loaded machine: 10:10:01 AM sum 1637.48 10:20:01 AM sum 1640.73 10:30:01 AM sum 1653.58 10:40:01 AM sum 1617.78 10:50:01 AM sum 1727.97 11:00:01 AM sum 1767.88 11:10:01 AM sum 1798.93 11:20:01 AM sum 1782.14 Average: INTRintr/s Average: sum 1365.55 This is on a dual processor machine with a total of 8 cores. The highest I see on any of the machines for the last 24 hours is a brief (one ten minute interval) peak of 5300 intr/second during system backups and nothing over 3000 otherwise. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum update: When is new header data downloaded? (Trying to set up custom repository...)
On 07/12/2010 04:58 AM, Toralf Lund wrote: So, it seems like I managed to correctly update the repodata and all, but originally, yum concluded that it didn't need to download a new version, but could use the one cached earlier. instead. Does anyone have any idea why this happened? How exactly does yum decide when to download new headers and when to reuse cached data? You probably want the /etc/yum.conf file. There should be a line in it right now that reads 'metadata_expire=1h'. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] text to html
On 07/05/2010 03:20 AM, John Doe wrote:
From: Jozsi Avadkanjozsi.avad...@gmail.com
input: http://pastebin.com/raw.php?i=MqPXZwc3
output: http://pastebin.com/raw.php?i=8QCkp4yv
i have to make a one liner that get's the input,
and gives the mentioned output.--
Here's my one line:
awk -F/ ' { if (p != $1) { p=$1; print br\nbrfont
size=4$1/fontbr; } split($2, a, /\./); t=a[1]; printa
href=\$0\t/a; } 'MYFILE
JD
Both your solution and Jozsi's can produce severe security problems if
or are present in the data. For example:
bash/get-ssl-certificate-from-a-domain.html
debian/turn-off-all-logging.html?!--#include file=/etc/password --
debian/hosts/hosts.html
will do *bad things* if loaded from an Apache server with server side
includes turned on.
--
Benjamin Franz
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] text to html
On 07/03/2010 02:07 AM, Jozsi Avadkan wrote:
input:
http://pastebin.com/raw.php?i=MqPXZwc3
output:
http://pastebin.com/raw.php?i=8QCkp4yv
it will be a long day.. :D
could someone please help with it?
i have to make a one liner that get's the input, and gives the
mentioned output.
Why a 'one liner'? That sounds an awful lot like homework...But I'll
give you the benefit of the doubt. You can turn this Perl script into a
one liner easily. Or you can just save it as a script and use it like:
./convert-to-html.pl input_data.txt
#!/usr/bin/perl
use strict;
use warnings;
my (%section_info, @section_list);
while(STDIN) {
s/^\s+//s;
s/\s+$//;
next unless ($_ ne '');
s//\amp;/gs;
s//\lt;/gs;
s//\gt;/gs;
s//\quot;/gs;
my ($dir,$file) = m#(^[^/]+)/(.+)$#;
$file =~ s/\.html$//i;
push(@{$section_info{$dir}}, a href=\$_\$file/a);
push(@section_list, $dir);
}
foreach my $section (@section_list) {
print brfont size=4$section/fontbr\n;
print join( |\n, @{$section_info{$section}});
print \nbr\n;
}
--
Benjamin Franz
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] fresh install of centos looking for non-existant /dev/hda : /dev/hda: open failed: No medium found
On 06/29/2010 02:39 PM, Dave wrote: # lvm pvs /dev/hda: open failed: No medium found Couldn't find device with uuid r5HNPO-l18V-XfJ7-9RXY-AaWC-a4YY-3oL5h7. PV VG Fmt Attr PSize PFree /dev/sda2 VolGroup01 lvm2 a- 232.72G 0 /dev/sdb1 VolGroup00 lvm2 a- 232.81G 32.00M unknown device VolGroup00 lvm2 a- 232.72G 32.00M I just installed the OS, did some tweaks, but did nothing to hardware. There was no /dev/hda listed when I went through the partitioning page of the install. Where did this come from? How do I get rid of it? Does it matter? It's your CDROM/DVD drive. You can ignore it. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security compliance vs. old software versions
On 06/29/2010 03:52 PM, Les Mikesell wrote: It's internal, but requires a formal response - or an application update. The test tool says: These are the reported vulnerabilities Apache Server 2.x Prior To 2.2.14 Multiple Vulnerabilities Apache \'mod_proxy_ftp\' Wildcard Characters Cross-Site Scripting. Apache 2.2 prior to 2.2.15 Multiple Vulnerabilities Apache Prior to Version 2.2.8 Multiple Vulnerabilities Apache Prior to Version 2.2.9 Multiple Vulnerabilities Apache Server 2.x Prior To 2.2.12 Multiple Vulnerabilities Start with http://httpd.apache.org/security/vulnerabilities_22.html to identify the CVE numbers. You can then match them against the fixes for Apache with rpm -qi --changelog httpd | egrep CVE -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtualization as cheap redundancy option?
On 06/28/2010 10:15 AM, Scott Silva wrote: on 6-28-2010 6:34 AM Whit Blauvelt spake the following: If you look on their site, they clearly specify that they do not offer a paid support option for VMware Server, that it's community supported only. Does that seem like an attitude towards a product they plan to update? Whit That just looks like they don't want to support something they give away... They give away ESXi, too, so that argument is pretty weak. The difference is that ESXi is directly tied to their other tracks and support. VM Server has always been pretty 'standalone'. Not so good if your business models is convincing people to buy all the pretty add ons. They more-or-less abrogated their own lifecycle guidelines with VM Server by declaring that 'General' support for it only includes 'Technical Guidance' until EOL (there-by skipping directly to their lowest level of support - which is pretty much 'Google it and look in the forums'). At this point VM Server is in the 'if it breaks you get to keep all the pieces' mode. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum force
On 06/15/2010 03:26 PM, Kahlil Hodgson wrote: On 06/16/2010 06:10 AM, m.r...@5-cent.us wrote: I'm trying to do an update to some servers... and they have both i386 and x86_64 perl. The latter won't update, because the idiotic *man pages* are dups. Is there *any* way, short of using rpm directly with a --force, to get yum to ignore the dups and do the update? The only answer I've come up that works reliably is rebuilding at least one of the conflicting rpms with the man page generation suppressed. Add: INSTALLDIRS=site INSTALLMAN1DIR=none INSTALLMAN3DIR=none to the line of the spec file with the 'Makefile.PL' entry. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum force
On 06/15/2010 03:52 PM, Benjamin Franz wrote:
On 06/15/2010 03:26 PM, Kahlil Hodgson wrote:
On 06/16/2010 06:10 AM, m.r...@5-cent.us wrote:
I'm trying to do an update to some servers... and they have both i386 and
x86_64 perl. The latter won't update, because the idiotic *man pages* are
dups. Is there *any* way, short of using rpm directly with a --force, to
get yum to ignore the dups and do the update?
The only answer I've come up that works reliably is rebuilding at least
one of the conflicting rpms with the man page generation suppressed.
Add: INSTALLDIRS=site INSTALLMAN1DIR=none INSTALLMAN3DIR=none
to the line of the spec file with the 'Makefile.PL' entry.
I realized after I sent that that it wasn't clear how to do it. The
relevant line of the spec file will look something like this after editing:
%{__perl} Makefile.PL INSTALLDIRS=site INSTALLMAN1DIR=none
INSTALLMAN3DIR=none `%{__perl} -MExtUtils::MakeMaker -e ' print
qq|PREFIX=%{buildroot}%{_prefix}| if \$ExtUtils::MakeMaker::VERSION =~
/5\.9[1-6]|6\.0[0-5]/ '`
--
Benjamin Franz
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Package Distribution Server?
On 06/04/2010 07:24 AM, m.r...@5-cent.us wrote: If you set up a big number of workstations (my pain shreshold woud probably be around 20), or if you have hard requirements that the workstations are really equal in patch level you should maybe consider a Spacewalk server: https://fedorahosted.org/spacewalk/ http://wiki.centos.org/HowTos/PackageManagement/Spacewalk I was working with spacewalk a year ago. It went from 0.4 to 0.5, and as far as I was concerned, it is just that: *not* ready for prime time. I'd go with a cron yum -y update (don't forget the -y), or a cron rsync. mark Not to mention Spacewalk requires using Oracle for your database. I use a local repo for the 50 or so servers I maintain. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Odd failure of smbd to start from init.d - CentOS 5.4 - it's that fine SELinux
On 05/26/2010 07:40 AM, Craig White wrote: you can't make a useful argument out of ignorance. If you don't want to use SELinux, then disable it. Otherwise, learn to understand how it operates and deal with it. one certain way to cause issues with SELinux is to copy files created in other directories or other computers onto another computer because it will not have the proper security contexts so the way to fix that is to make sure your policy files are all up to date and then relabel your file system which should set the contexts to their proper labels. I can make a useful argument from experience. Over the last few years, as Redhat has progressively deployed SELinux, I have had *several* incidents (the most recent only a few weeks ago) where updates to SELinux broke existing, stable, systems. Each time sucking up hours of my time to diagnose and fix. And (as in this incident) there are not always useful error messages to track it with. The *theoretical* system security improvement of SELinux is trumped by the *practical* observation that I have had existing systems broken by SELinux multiple times on the mere handful of systems I have run it on in enforcing mode, but have yet to see a single one of several dozen (all internet exposed) up-to-date *non*-SELinux systems hacked. It is a 'safety' feature that is in practice more dangerous to system stability than what it is trying to fix. It is like having air bags in your car that go off at random times while you are driving: It is NOT acceptable behavior. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing from USB flash drive
On 05/26/2010 11:57 AM, m.r...@5-cent.us wrote: Bowie wrote: m.r...@5-cent.us wrote: Bowie wrote: And, in fact, that is exactly what happened. The default= line was set to 1, so it booted the old kernel instead of the new one. Other than that, it seems to be fine. I wonder what causes that? I've never noticed that behavior in my other systems. (But maybe I should go check now...) I have *no* idea. I've even seen it pointing to 2, or 4. Anyone here have any idea why it wouldn't *always* change the default to 0? Look at /etc/sysconfig/kernel - it specifies the default kernel type. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] raid resync speed? - laptop drive-
On 05/21/2010 02:32 PM, Les Mikesell wrote: [..] Disk /dev/sdh: 750.1 GB, 750156374016 bytes 255 heads, 63 sectors/track, 91201 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sdh1 1 91201 732572001 fd Linux raid autodetect These is a backuppc archive with millions of hardlinks that will take forever to copy if I have to do a file-oriented copy onto a different partition size. You can cheat. Remove partition 1 and use the *entire drive* as a RAID volume (no partition table at all). -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Odd failure of smbd to start from init.d - CentOS 5.4
On 05/20/2010 05:28 PM, Whit Blauvelt wrote: On Thu, May 20, 2010 at 04:55:29PM -0700, Jerry Franz wrote: I would start by comparing the values of all the environment variables between running as /bin/sh and /bin/bash: env bash_env.txt /bin/sh env sh_env.txt exit diff bash_env.txt sh_env.txt Jerry, That's a good idea. To repeat my earlier findings both these work: [...] Do you see something there I don't? Nope. I'm starting to feel the bad hardware hypothesis might be the only one left standing. The smb script and environment seems too simple to go so wrong. Have you looked in /var/log/messages for errors from smbd? I don't remember seeing that anywhere in your T/S list. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
