Re: [CentOS] Wow! Double wow!
That's exactly what I mean. It's not a matter of starting into the Windows world. My point was that Windows admins have not become obsessed with uptime, and hence given their users the expectation of 100% availability. I'm all for being responsible to users - and that means patching and if that means some downtime, then the users in general would not be put out, if their expectations had not been raised to expect no downtime. Cheers, Cliff On Thu, Oct 30, 2014 at 12:40 PM, Valeri Galtsev galt...@kicp.uchicago.edu wrote: On Wed, October 29, 2014 6:32 pm, Cliff Pratt wrote: On Thu, Oct 30, 2014 at 10:12 AM, Valeri Galtsev galt...@kicp.uchicago.edu wrote: On Wed, October 29, 2014 4:02 pm, Beartooth wrote: On Wed, 29 Oct 2014 11:44:42 -0500, Valeri Galtsev wrote: ... Basically, if one thinks he knows more than system vendor, he is just schizophrenic. And we, normal people, do give schizophrenics a privilege to be on their own. As we, normal people know that if the distro maintainers had to update kernel, they had a reason (otherwise, something else breaks). So, we are left running _this_ system, even though it's stressful, still not as stressful as running bleeding edge fedora, right? ;-) What? Stressful?? Fedora??? Naaahhh ... I'm sorry, apart from my laptop, I also run servers. And services are supposed to be up 24/7. And a bunch of people are always logged in... You do the math. This is a corner that system administrators have allowed themselves to be painted into. It's not a law of nature. Civilized organisations will always allow a maintenance Window. In the Windows world it is not an issue. Servers can be rebooted with much more freedom than in the Linux/Unix world. Yes, indeed. Those are blasted Unix sysadmins (Hm, I flatter myself by thinking of being one too) that push themselves into being too responsible to their users... No, I don't think Unix admins will start into the direction of Windows world, sorry. I don't even like Windows world mentioned as an example for Unix world! (Don't take me too literally, everybody welcomes good things other worlds have...) Valeri Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Wow! Double wow!
I used to work with IBM mainframes back when the dinosaurs were hatchlings. At one place I worked the machine was powered off on Friday at 5pm and powered up at 7am on Monday! Can you imagine that these days? We soon went to 24x7, but the reason was not because the users wanted it. It was because the engineers and systems programmers wanted time with no users. Cheers, Cliff On Thu, Oct 30, 2014 at 12:57 PM, John R Pierce pie...@hogranch.com wrote: On 10/29/2014 4:40 PM, Valeri Galtsev wrote: Yes, indeed. Those are blasted Unix sysadmins (Hm, I flatter myself by thinking of being one too) that push themselves into being too responsible to their users... No, I don't think Unix admins will start into the direction of Windows world, sorry. I don't even like Windows world mentioned as an example for Unix world! (Don't take me too literally, everybody welcomes good things other worlds have...) in my enterprise world, production systems are fully redundant, and have staging servers running identical software configurations. all upgrades and upgrade procedures are tested on staging before being deployed in production.quite often, the staging systems double as the Disaster Recovery systems, but thats another story. virtually all production systems either have a schedulable downtime (2am sunday morning?), or support rolling upgrades with no downtime (such as our 24/7 factory operations where downtime == no product). personally, I'm very glad I work in development, where our informal SLA is more like 9-9 5 days/week (developers like to work late). -- john r pierce 37N 122W somewhere on the middle of the left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Wow! Double wow!
On Thu, Oct 30, 2014 at 9:21 PM, John R Pierce pie...@hogranch.com wrote: On 10/30/2014 1:07 AM, Cliff Pratt wrote: I used to work with IBM mainframes back when the dinosaurs were hatchlings. At one place I worked the machine was powered off on Friday at 5pm and powered up at 7am on Monday! Can you imagine that these days? We soon went to 24x7, but the reason was not because the users wanted it. It was because the engineers and systems programmers wanted time with no users. main reason I remember for keeping stuff running was, it was more reliable if the temperature was relatively constant... temperature flucations led to more hardware failures than any other source input variable. Yes, that too. We had quite a few cases of machine mondayitis. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Wow! Double wow!
On Thu, Oct 30, 2014 at 10:12 AM, Valeri Galtsev galt...@kicp.uchicago.edu wrote: On Wed, October 29, 2014 4:02 pm, Beartooth wrote: On Wed, 29 Oct 2014 11:44:42 -0500, Valeri Galtsev wrote: ... Basically, if one thinks he knows more than system vendor, he is just schizophrenic. And we, normal people, do give schizophrenics a privilege to be on their own. As we, normal people know that if the distro maintainers had to update kernel, they had a reason (otherwise, something else breaks). So, we are left running _this_ system, even though it's stressful, still not as stressful as running bleeding edge fedora, right? ;-) What? Stressful?? Fedora??? Naaahhh ... I'm sorry, apart from my laptop, I also run servers. And services are supposed to be up 24/7. And a bunch of people are always logged in... You do the math. This is a corner that system administrators have allowed themselves to be painted into. It's not a law of nature. Civilized organisations will always allow a maintenance Window. In the Windows world it is not an issue. Servers can be rebooted with much more freedom than in the Linux/Unix world. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rsync question: building list taking forever
On Mon, Oct 20, 2014 at 3:05 PM, Tim Dunphy bluethu...@gmail.com wrote: Don't forget that the time taken to build the file list is a function of the number of files present, and not their size. If you have many millions of small files, it will indeed take a very long time. Over sshfs with a slowish link, it could be days. and it may end up failing silently or noisily anyway. Ahhh, but isn't that part of the beauty of adventure that being a linux admin is all about? *twitch* Adventure? Nah, that's why my rsync scripts rsync chunks of the filesystem rather than all of it in one go, and why it gets to run twice each time. Once bitten, twice shy. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rsync question: building list taking forever
On Mon, Oct 20, 2014 at 7:57 AM, Steve Thompson s...@vgersoft.com wrote: On Sun, 19 Oct 2014, Keith Keller wrote: I suspect that sshfs's relatively poor performance is having an impact on your transfer. I have a 30TB filesystem which I rsync over an OpenVPN link, and building the file list doesn't take that long (maybe an hour?). (The links themselves are reasonably fast; if yours are not that would have a negative impact too.) Don't forget that the time taken to build the file list is a function of the number of files present, and not their size. If you have many millions of small files, it will indeed take a very long time. Over sshfs with a slowish link, it could be days. and it may end up failing silently or noisily anyway. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Recommended way of handling iptables firewall in CentOS?
Bare bones is fine, but you miss out on the tools which may make your life easier. As an example you can configure a DB (PostgreSQL, mySQL, whatever) using the command, but it is frequently more time-cost effective to use a tool. Things like SSH used to be optional at one time. Now it is in every distribution's standard build. useradd is not really needed. How bare bones do you want to get? Cheers, Cliff On Tue, Oct 14, 2014 at 12:41 AM, Niki Kovacs i...@microlinux.fr wrote: Le 13/10/2014 13:36, Ron Loftin a écrit : Of course, if you are interested in something that will help you to organize your rules, there is always Shorewall ( Shoreline Firewall ) which I have used for years and found very effective and time-saving. Thanks for the suggestion, I'll look into it. Though I admit having a clear preference for the bare bones approach to all things Linux. My favorite configuration tool is Vi :o) Cheers, Niki -- Microlinux - Solutions informatiques 100% Linux et logiciels libres 7, place de l'église - 30730 Montpezat Web : http://www.microlinux.fr Mail : i...@microlinux.fr Tél. : 04 66 63 10 32 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Systemd Adding Its Own Console To Linux Systems
On Thu, Oct 9, 2014 at 7:25 AM, Les Mikesell lesmikes...@gmail.com wrote: On Wed, Oct 8, 2014 at 1:11 PM, Marcelo Ricardo Leitner marcelo.leit...@gmail.com wrote: https://plus.google.com/u/0/+LennartPoetteringTheOneAndOnly/posts/J2TZrTvu7vd No, do you dig a new foundation for your house every 10 years? Trade in your wife and kids? Yep, of course. Doesn't everyone? Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 7 docs, tutorials, etc...
On Fri, Oct 10, 2014 at 4:18 AM, Valeri Galtsev galt...@kicp.uchicago.edu wrote: On Thu, October 9, 2014 10:08 am, Igal @ getRailo.org wrote: On 10/9/2014 12:22 AM, Mihamina Rakotomandimby wrote: On 10/08/2014 07:50 PM, Valeri Galtsev wrote: Again, this is just $0.02 worth of my own opinion, definitely not a consensus (and likely not even a majority opinion) on this list. Just your humble opinion, but how do you insist and repeat it :-) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos as for my humble opinion: I've looked into systemd in the past 24 hours and I find it as a refreshing update to Linux, and I welcome the fact that Linux is becoming a little more Windows-like. whatever your opinion about Windows may be -- you can't argue its huge worldwide success and impact. There you have it! M$ Windows is the only OS (and I knew quite a few of the past and know quite a few of present) whose creators tell you you can not safely run it without 3rd part software (anti-virus)... IMHO this is changing. I recall that before Code Red (anyone remember that?) there was no antivirus worth talking about and no concern about security as such. The Shellshock exploit probably does two things. Firstly it raises awareness of many admins as regards security of Linux systems and it encourages hackers because they realise that there is now (and actually always has been) a target in Linux systems. It may be Linux's Code Red. There are definitely more exploits out there. Not all Linux admins are security aware, just as many are not backup aware. Many think that Linux systems are secure by default. Many will get around to security some time. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache wakes-up inactive Exim
The daemon only handles incoming mail, or in other words waits for incoming connections from other mail servers. Outgoing mail is sent on demand, or in other words a connection is made to a mail server or relay as and when required. Cheers, Cliff On Mon, Sep 29, 2014 at 8:01 AM, Always Learning cen...@u62.u22.net wrote: Had a surprising event on C 6.5. Exim was the only MTA installed. It was partially configured (with ACL, Router, Transport) and definitely not running. I was remotely testing a web page. A web page error condition invoked the embedded PHP mail() command. To my astonishment something in Centos woke-up Exim. Exim sent the email and then became inactive again. The Exim logs does not show any start-up lines, just 1. input from Apache. 2. output to remote server. 3. 'completed'. Hours later Logwatch, not yet customised, also caused inactive Exim to send an email (which got rejected by Exim because it was to local user 0). What causes Centos to temporarily activate in-active (meaning non-running) Exim ? Thanks, Paul. England EU. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] xfce on CentOS 7: can't lock screen
CDE? Shudder!! In spite of the way that modern desktops have turned out I can't imagine anyone using CDE these days. I used to use and loath it on HP/UX back when the Internet was a puppy. Cheers, Cliff On Sun, Sep 28, 2014 at 4:50 PM, Frank Cox thea...@melvilletheatre.com wrote: On Sat, 27 Sep 2014 20:43:20 -0600 Devin Reade wrote: I used CDE for years, This interests me. Is anyone using CDE on Centos these days? I've never used CDE myself so I'm wondering how it stacks up against modern desktops like KDE and Gnome. -- MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache wakes-up inactive Exim
On Mon, Sep 29, 2014 at 2:05 PM, Always Learning cen...@u62.u22.net wrote: On Mon, 2014-09-29 at 00:03 +0400, Александр Кириллов wrote: You don't really need an active smtp daemon to send email or deliver it locally. $ cat /etc/php.ini | grep sendmail Package(s) sendmail available, but not installed. It was Exim because the email headers said very clearly it was Exim. sendmail is a link to exim on most exim systems (like mine, though mine is Ubuntu). cliffp@ubuntu:~$ which sendmail /usr/sbin/sendmail cliffp@ubuntu:~$ file `which sendmail` /usr/sbin/sendmail: symbolic link to `exim4' Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firefox: annoyance
On Sat, Sep 27, 2014 at 11:02 AM, Keith Keller kkel...@wombat.san-francisco.ca.us wrote: On 2014-09-26, Valeri Galtsev galt...@kicp.uchicago.edu wrote: On Fri, September 26, 2014 5:13 pm, John R Pierce wrote: linux apache web servers with the bash exploit are getting owned en masse today. my (patched) internet web server has logged 100s and 100s of attempts like... 66.186.2.172 - - [26/Sep/2014:00:49:29 -0700] GET /cgi-bin/test.sh I feel really stupid, but I have to ask. If your server wasn't patched, it only would have owned by the above if that file exists, is executable by apache and it indeed invokes bash (say, has #!/bin/bash or whatever bash location is as first line), right? ;-) At first glance I would agree with you, but then I would wonder, if that request wouldn't work almost anywhere, why are the skr1pt k1dd13s doing it? Old source versions of Apache used to come with a test.sh file in the default cgi-bin directory, but those days are long gone, I suspect. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RPM install/upgrade problem
It may be that you have a bad bash RPM from somewhere. I believe that the cpio command works directly on the package so you could try with cpio on the command line to see if it will open the RPM. I suspect that it won't be able to. Cheers, Cliff On Thu, Sep 25, 2014 at 6:52 PM, Tony Molloy tony.mol...@ul.ie wrote: Hi, For the last few updates I'm having a yum problem. # yum update gives the following error for e.g. Running transaction Updating : bash-4.2.45-5.el7_0.2.x86_64 1/10 Error unpacking rpm package bash-4.2.45-5.el7_0.2.x86_64 error: unpacking of archive failed on file /usr/bin/alias;5423b9bc: cpio: open The same problem happens if I try to use rpm for the update so it appears to be an rpm problem rather than a yum one. I've rebuilt the rpm databases successfully but tthe problem persists. Regards, Tony -- Linux nogs.tonyshome.ie 2.6.32-431.29.2.el6.x86_64 #1 SMP Tue Sep 9 21:36:05 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Critical update for bash released today.
On Fri, Sep 26, 2014 at 6:28 PM, James Hogarth james.hoga...@gmail.com wrote: On 26 Sep 2014 05:46, Cliff Pratt enkiduonthe...@gmail.com wrote: Take the case of an Apache Bash CGI. This will have been loaded when Apache started, so Apache will have to be restarted to get the new one. There may be other similar cases. So the best thing is to reboot. This is false and a major misunderstanding of the vulnerability. 1) the vulnerability is just during initialisation of bash. Once it is running it is beyond the vulnerable stage and needs no restarting 2) in a CGI of #!/bin/bash or for a system call with any other language for CGI bash gets executed on demand... It does not do what you say... You are 100% correct, sir. Sorry about the noise.. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Critical update for bash released today.
Take the case of an Apache Bash CGI. This will have been loaded when Apache started, so Apache will have to be restarted to get the new one. There may be other similar cases. So the best thing is to reboot. Cheers, Cliff On Fri, Sep 26, 2014 at 2:39 AM, John Doe jd...@yahoo.com wrote: If I understood correctly, the current fix is incomplete and another fix is planned? Also, in the advisory, RH says that after the update, servers need to be rebooted... Really? Aside from cgi/php, just closing all shells isn't enough? Thx, JD ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Critical update for bash released today.
I didn't notice you had mentioned CGI. CGI (and PHP) is only one case where a copy of bash is loaded. There are many other possibilities, eg wrapper bash scripts, bash shell called from programs. I don't know whether or not there are any such cases on my machines, or if the exploit can be executed through them, so I'd say that the best way to be sure is to reboot. Cheers, Cliff On Fri, Sep 26, 2014 at 4:43 PM, Cliff Pratt enkiduonthe...@gmail.com wrote: Take the case of an Apache Bash CGI. This will have been loaded when Apache started, so Apache will have to be restarted to get the new one. There may be other similar cases. So the best thing is to reboot. Cheers, Cliff On Fri, Sep 26, 2014 at 2:39 AM, John Doe jd...@yahoo.com wrote: If I understood correctly, the current fix is incomplete and another fix is planned? Also, in the advisory, RH says that after the update, servers need to be rebooted... Really? Aside from cgi/php, just closing all shells isn't enough? Thx, JD ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS SSH Session Logging
That's not a fix. A fix is finding out where the logs are being written, not installing another package. Though, having said that, I realise that I am assuming that the minimal install contains *some* logging package, and that may possibly be incorrect. Cheers, Cliff On Fri, Aug 15, 2014 at 12:08 PM, Matt matt.mailingli...@gmail.com wrote: Fixed it. yum install rsyslog Thanks. On Thu, Aug 14, 2014 at 3:29 PM, Alexander Dalloz ad+li...@uni-x.org wrote: Am 14.08.2014 um 21:06 schrieb Matt: Have a OpenVZ Centos 7 Minimal instance running. Normally SSH sessions are logged too /var/log/secure. There is no such file. Where are they put then? Check /etc/rsyslog.conf Alexander ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS SSH Session Logging
Fair enough I withdraw my comment as irrelevant. Cheers, Cliff On Fri, Aug 15, 2014 at 1:11 PM, Matt matt.mailingli...@gmail.com wrote: That's not a fix. A fix is finding out where the logs are being written, not installing another package. Though, having said that, I realise that I am assuming that the minimal install contains *some* logging package, and that may possibly be incorrect. There appeared to be no logging package. This was a minimal openvz template for Centos 7 though. On Fri, Aug 15, 2014 at 12:08 PM, Matt matt.mailingli...@gmail.com wrote: Fixed it. yum install rsyslog Thanks. On Thu, Aug 14, 2014 at 3:29 PM, Alexander Dalloz ad+li...@uni-x.org wrote: Am 14.08.2014 um 21:06 schrieb Matt: Have a OpenVZ Centos 7 Minimal instance running. Normally SSH sessions are logged too /var/log/secure. There is no such file. Where are they put then? Check /etc/rsyslog.conf Alexander ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] don't use centos 7 as a developer workstation
On Sun, Aug 3, 2014 at 11:43 PM, Farkas Levente lfar...@lfarkas.org wrote: On 08/03/2014 01:27 PM, Reindl Harald wrote: Am 03.08.2014 um 13:19 schrieb Farkas Levente: May be it's not clear to everyone.. so this's just a quick notice to everyone. Don't use CentOS 7 as a developer workstation since currently there is not included any developer IDE. As eclipse was pulled out... what a nonsense i am using Fedora and guess what - Eclipse package the last 7 years lives uner /usr/local/ and not from the repos if one can't install an IDE because it is not in the repos he likely has no developer qulifications anyways if one can't build and install a linux os because it is not in the repos he likely has no developer qualifications anyways:-) i already build and install a few (!?), but still like to install everything from rpm and not mess the whole os with packages and files like on windows.. Nooo! Developers are not and should never be sysadmins!!! I'd give a developer a ready built base system and what he/she installs on it then, I don't really care. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Convert bare partition to RAID1 / mdadm?
rsync breaks silently or sometimes noisily on big directory/file structures. It depends on how the OP's files are distributed. We organised our files in a client/year/month/day and run a number of rsyncs on separate parts of the hierarchy. Older stuff doesn't need to be rsynced but gets backed up every so often. But it depends whether or not the OP's data is arranged so that he could do something like that. Cheers, Cliff On Tue, Jul 29, 2014 at 1:25 AM, John Doe jd...@yahoo.com wrote: From: Benjamin Smith li...@benjamindsmith.com Thanks for your feedback - it's advice I would have given myself just a few years ago. We have *literally* in the range of one hundred million small PDF documents. The simple command find /path/to/data /dev/null takes between 1 and 2 days, system load depending. We had to give up on rsync for backups in this context a while ago - we just couldn't get a daily backup more often then about 2x per week. What about: 1. Setup inotify (no idea how it would behave with your millions of files) 2. One big rsync 3. Bring it down and copy the few modified files reported by inotify. Or lsyncd? JD ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Convert bare partition to RAID1 / mdadm?
On Tue, Jul 29, 2014 at 1:25 AM, John Doe jd...@yahoo.com wrote: From: Benjamin Smith li...@benjamindsmith.com Thanks for your feedback - it's advice I would have given myself just a few years ago. We have *literally* in the range of one hundred million small PDF documents. The simple command find /path/to/data /dev/null takes between 1 and 2 days, system load depending. We had to give up on rsync for backups in this context a while ago - we just couldn't get a daily backup more often then about 2x per week. What about: 1. Setup inotify (no idea how it would behave with your millions of files) 2. One big rsync 3. Bring it down and copy the few modified files reported by inotify. Or lsyncd? On Tue, Jul 29, 2014 at 12:02 PM, Cliff Pratt enkiduonthe...@gmail.com wrote: rsync breaks silently or sometimes noisily on big directory/file structures. It depends on how the OP's files are distributed. We organised our files in a client/year/month/day and run a number of rsyncs on separate parts of the hierarchy. Older stuff doesn't need to be rsynced but gets backed up every so often. But it depends whether or not the OP's data is arranged so that he could do something like that. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Analyzing the MBR
I believe that the whole of the first track on a disk used to be reserved or rather used to contain the MBR only (and anything else needed by the boot loader) and the first filesystem on disk used to start at track 1. Of course, with the larger disks this got more complicated. Cheers, Cliff On Fri, Jun 6, 2014 at 2:09 PM, Robert Nichols rnicholsnos...@comcast.net wrote: On 06/05/2014 03:31 PM, John R Pierce wrote: traditional PC partitioning tools, dating back to MSDOS, put partitions on 'cylinder' boundaries. this is a bad idea on modern disks, whether they be SSD's that often have 128K physical write blocks, or newer HD's with 4096 byte physical sectors, or raids where there's several of the above striped together. the rest of the space between the sector 0 MBR and the first primary partition is completely empty, nothing puts anything there. That last sentence is simply wrong. GRUB will try to install stage1_5 of the boot loader there if space is available. This is to eliminate the problem with the boot sequence breaking if the stage2 boot loader ever gets physically moved on the disk. The stage1_5 boot loader understands one type of filesystem (there is a different stage1_5 for each supported filesystem), and loads stage2 from there. There is simply not enough room in the MBR for code to handle anything more complex than a short list of absolute disk addresses. If there is not space for a stage1_5, GRUB will still install successfully (you see an error message with This is not fatal), but will have to be reinstalled if the stage_2 file ever moves to a different physical location on the disk. This can result in a time bomb, because booting can work successfully for a while using the data still present in what are now free blocks in the filesystem, and will fail when some totally unrelated action causes those blocks to be rewritten with something else. A lot of other boot loaders and boot managers do something similar with that space. -- Bob Nichols NOSPAM is really part of my email address. Do NOT delete it. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] find with exclude directory
Why not copy the directory elsewhere, then delete the rest and move it
back? You'd take a copy of it anyway, if it is important, right?
Cheers,
Cliff
On Mon, May 12, 2014 at 4:44 AM, Tim Dunphy bluethu...@gmail.com wrote:
Thanks. But what if I want to turn that statement into one that will delete
everything it finds? I need to preserve the contents of that directory.
As in : find / -path '/usr/local/digitalplatform/*' -prune -o -name
*varnish* -exec rm -rfv {} \;
I'm thinking the grep -v would be a visual thing, but the above statement
would delete everything including the varnish files in the digitalplatform
directory.
On Sun, May 11, 2014 at 12:39 PM, Hal Wigoda hal.wig...@gmail.com wrote:
Just grep it out.
find . -print | grep -v digitalplatform
-v excludes
On Sun, May 11, 2014 at 11:33 AM, Tim Dunphy bluethu...@gmail.com
wrote:
Hey all,
I'm trying to do a find of all files with the phrase 'varnish' in the
name, but want to exclude a user home directory called
/usr/local/digitalplatform.
Here's what I was able to come up with:
find / -path '/usr/local/digitalplatform/*' -prune -o -name *varnish*
Which results in this:
[root@uszmpwsls014lb ~]# find / -path '/usr/local/digitalplatform/*'
-prune
-o -name *varnish* | grep digitalplatform
/usr/local/digitalplatform/.bash_logout
/usr/local/digitalplatform/varnish-2.1.5.tar.gz
/usr/local/digitalplatform/.viminfo
/usr/local/digitalplatform/.ssh
/usr/local/digitalplatform/varnish-1360.tar.gz
/usr/local/digitalplatform/.emacs
/usr/local/digitalplatform/varnishncsa-init
/usr/local/digitalplatform/varnish-sysconfig-stg
/usr/local/digitalplatform/memcached-1.4.7.tar.gz
/usr/local/digitalplatform/.bash_profile
/usr/local/digitalplatform/.mozilla
/usr/local/digitalplatform/.subversion
/usr/local/digitalplatform/.bashrc
/usr/local/digitalplatform/.zshrc
/usr/local/digitalplatform/varnish-sysconfig
/usr/local/digitalplatform/default.vcl
/usr/local/digitalplatform/1360-apache-stage.tar.gz
/usr/local/digitalplatform/.bash_history
/usr/local/digitalplatform/memcached-1.4.7
/usr/local/digitalplatform/httpd.conf
/usr/local/digitalplatform/varnish-2.1.5
/usr/local/digitalplatform/varnish_reload_vcl
/usr/local/digitalplatform/varnish-prod.tar.gz
/usr/local/digitalplatform/varnish-init
/usr/local/digitalplatform/1360-stage-apache.tar.gz
I'd like to know what I'm doing wrong, and how I can best achieve the
desired results?
Thanks
Tim
--
GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
--
-
Hal Wigoda
Chicago
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
--
GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Disappearing Network Manager config scripts
That file is 'sourced' by other network scripts so doesn't have to be executable, but the contents set environment variables for other scripts. Or so I believe. No doubt someone will correct me if I am wrong. 8-) Cheers, Cliff On Mon, May 5, 2014 at 11:27 AM, Matthew Miller mat...@mattdm.org wrote: On Sun, May 04, 2014 at 07:22:52PM -0400, Evan Rowley wrote: Apparently in Golang's net package, there is a DNS resolver function that's called whenever a server is started. That function depends on a working /etc/resolv.conf - As per usual, the /etc/resolv.conf file turned out to be the blank template NetworkManager always creates. The webserver starts now, but this /etc/resolv.conf will certainly be blown away by NetworkManager the next time the network service restarts. Are you not getting a _correct_ resolv.conf from NetworkManager? Why not? This doesn't seem like it is Go related at all -- if you want any DNS to be working at all, pretty much all resolvers need that file. I have one idea as to why this problem persists. This file: ll /etc/sysconfig/network-scripts/ifcfg-eth0 Is it meant to be executable? Being a configuration file, I'm assuming it doesn't need to be. Am I wrong? You're not wrong. This is not your problem. -- Matthew Miller mat...@mattdm.org http://mattdm.org/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] trouble installing Math::BigInt module
Mmm, top posting. I'd rather not do it but What I describe does not pollute the base install, and using a container seems over the top. Cheers, Cliff On Wed, Apr 2, 2014 at 12:50 PM, Daniel Condomitti dan...@condomitti.com wrote: Have you thought of doing this in a Linux container to avoid tainting the base install? On Tuesday, April 1, 2014 at 4:40 PM, Cliff Pratt wrote: Another approach used by people who want to use CPAN a lot, is to download and install Perl from source to say /usr/local, and point CPAN at that. That way you get the benefits of the latest Perl and CPAN without it fighting with yum/rpm. Your hashbang line in each Perl script that uses the alternate version of Perl would have to reflect the location of the alternate version of Perl and you would have to source any prerequisite Perl modules from CPAN, which is another chamber of hell. But it does avoid issues like you are having. Cheers, Cliff On Tue, Apr 1, 2014 at 9:04 PM, Bennett Haselton benn...@peacefire.org(mailto: benn...@peacefire.org)wrote: On 3/31/2014 10:42 PM, Tom Robinson wrote: On 01/04/14 16:19, Bennett Haselton wrote: On 3/31/2014 7:56 PM, Tom Robinson wrote: Can you verify to which packages thefiles belong? Try using RPM: rpm -qf /usr/lib/perl5/vendor_perl/5.8.8/Net/IP.pm On the old machine: perl-Net-IP-1.25-2.fc6 and rpm -qf /usr/lib/perl5/vendor_perl/5.8.8/Crypt/DSA/KeyChain.pm On the new machine: perl-Crypt-DSA-1.16-1.el5.rf That should be a good starting point. Your check on installed packages as preposed by John shows two very different packaged environments. Did you ever use CPAN on the old or new machine? Yes, on both. I needed it because I needed to install Crypt::Twofish and it didn't seem to be available from the default repositories used by yum but it was available from CPAN. Because there were dozens of sources that I read, plus probably thousands of others that I didn't read, saying that installing from CPAN was a way to install Perl modules, I figured it was reasonably safe to follow those directions, so I went ahead and did it. Now, later I found out that you can get your machine into an inconsistent state by installing things from both CPAN and yum repositories, and moreover apparently you can't even properly uninstall things that are installed by CPAN: http://stackoverflow.com/questions/2626449/how-can-i-de-install-a-perl-module-installed-via-cpan so by following directions to the letter which are repeated in thousands of sources, I apparently put my machine in a state that will cause frequent unpredictable conflicts with all the things installed by the system package manager, and the damage is irreversible. Is that about right? :) At about the same time I learned not to use CPAN, the person helping me solve the current problem said that I could make the run-time errors go away by going into CPAN and install Math::BigInt -- which led to a new error, getting Math::BigInt: couldn't load specified math lib(s), fallback to Math::BigInt::Calc at /usr/lib/perl5/vendor_perl/5.8.8/Crypt/DH.pm line 6, so then I installed Math::BigInt::Pari through CPAN and it fixed the problem. I had to use CPAN because it was the only solution he knew and it was an emergency to get that error fixed. So, going forward, to mitigate the damage, should I just take all the packages that are currently only listed as installed on the old machine, truncate the version number (so e.g. truncate perl-Compress-Raw-Zlib-2.052-1.el5.rf to just perl-Compress-Raw-Zlib2) and install that with yum on the command line? (Thanks for that list, by the way.) And more generally, what is the best practice if I want to install a module like Crypt::Twofish that was not in the default yum repositories, if John and C.L. are saying to avoid CPAN, and both John and Tom are saying to avoid adding extra yum repositories? I'd like to use yum just for consistency since it automatically handles dependencies and such, and at least if I always use yum, then yum will always be aware of what's installed already (as opposed to things installed from CPAN). Bennett I would work to bring the new machine's perl environment as close to that of the old machine's. Indeed, perl-Net-SFTP package is only installed on the new machine! Your package output is reformatted here. Work through this to bring your environments as close as possible and check if you have used CPAN to install packages in the past. $ diff -yW80 /tmp/oldlist /tmp/newlist perl-5.8.8-41.el5 perl-5.8.8-41.el5 perl-Compress-Raw-Bzip2-2.052-1.el5.r | perl-Class-Loader-2.03-1.2.el5.rf perl-Compress-Raw-Zlib-2.052-1.el5.rf | perl
Re: [CentOS] trouble installing Math::BigInt module
Another approach used by people who want to use CPAN a lot, is to download and install Perl from source to say /usr/local, and point CPAN at that. That way you get the benefits of the latest Perl and CPAN without it fighting with yum/rpm. Your hashbang line in each Perl script that uses the alternate version of Perl would have to reflect the location of the alternate version of Perl and you would have to source any prerequisite Perl modules from CPAN, which is another chamber of hell. But it does avoid issues like you are having. Cheers, Cliff On Tue, Apr 1, 2014 at 9:04 PM, Bennett Haselton benn...@peacefire.orgwrote: On 3/31/2014 10:42 PM, Tom Robinson wrote: On 01/04/14 16:19, Bennett Haselton wrote: On 3/31/2014 7:56 PM, Tom Robinson wrote: Can you verify to which packages thefiles belong? Try using RPM: rpm -qf /usr/lib/perl5/vendor_perl/5.8.8/Net/IP.pm On the old machine: perl-Net-IP-1.25-2.fc6 and rpm -qf /usr/lib/perl5/vendor_perl/5.8.8/Crypt/DSA/KeyChain.pm On the new machine: perl-Crypt-DSA-1.16-1.el5.rf That should be a good starting point. Your check on installed packages as preposed by John shows two very different packaged environments. Did you ever use CPAN on the old or new machine? Yes, on both. I needed it because I needed to install Crypt::Twofish and it didn't seem to be available from the default repositories used by yum but it was available from CPAN. Because there were dozens of sources that I read, plus probably thousands of others that I didn't read, saying that installing from CPAN was a way to install Perl modules, I figured it was reasonably safe to follow those directions, so I went ahead and did it. Now, later I found out that you can get your machine into an inconsistent state by installing things from both CPAN and yum repositories, and moreover apparently you can't even properly uninstall things that are installed by CPAN: http://stackoverflow.com/questions/2626449/how-can-i-de-install-a-perl-module-installed-via-cpan so by following directions to the letter which are repeated in thousands of sources, I apparently put my machine in a state that will cause frequent unpredictable conflicts with all the things installed by the system package manager, and the damage is irreversible. Is that about right? :) At about the same time I learned not to use CPAN, the person helping me solve the current problem said that I could make the run-time errors go away by going into CPAN and install Math::BigInt -- which led to a new error, getting Math::BigInt: couldn't load specified math lib(s), fallback to Math::BigInt::Calc at /usr/lib/perl5/vendor_perl/5.8.8/Crypt/DH.pm line 6, so then I installed Math::BigInt::Pari through CPAN and it fixed the problem. I had to use CPAN because it was the only solution he knew and it was an emergency to get that error fixed. So, going forward, to mitigate the damage, should I just take all the packages that are currently only listed as installed on the old machine, truncate the version number (so e.g. truncate perl-Compress-Raw-Zlib-2.052-1.el5.rf to just perl-Compress-Raw-Zlib2) and install that with yum on the command line? (Thanks for that list, by the way.) And more generally, what is the best practice if I want to install a module like Crypt::Twofish that was not in the default yum repositories, if John and C.L. are saying to avoid CPAN, and both John and Tom are saying to avoid adding extra yum repositories? I'd like to use yum just for consistency since it automatically handles dependencies and such, and at least if I always use yum, then yum will always be aware of what's installed already (as opposed to things installed from CPAN). Bennett I would work to bring the new machine's perl environment as close to that of the old machine's. Indeed, perl-Net-SFTP package is only installed on the new machine! Your package output is reformatted here. Work through this to bring your environments as close as possible and check if you have used CPAN to install packages in the past. $ diff -yW80 /tmp/oldlist /tmp/newlist perl-5.8.8-41.el5 perl-5.8.8-41.el5 perl-Compress-Raw-Bzip2-2.052-1.el5.r | perl-Class-Loader-2.03-1.2.el5.rf perl-Compress-Raw-Zlib-2.052-1.el5.rf | perl-Compress-Zlib-1.42-1.fc6 perl-Convert-ASN1-0.22-1.el5.rf | perl-Convert-ASCII-Armour-1.4-1.2.el5 perl-Crypt-SSLeay-0.57-3.el5.rf | perl-Convert-ASN1-0.20-1.1 perl-DBD-mysql-4.014-1.el5.rf | perl-Convert-PEM-0.07-1.2.el5.rf perl-DBI-1.615-1.el5.rf | perl-Crypt-CBC-2.30-1.el5.rf perl-Crypt-DES-2.05-3.2.el5.rf perl-Crypt-DH-0.06-1.2.el5.rf perl-Crypt-DSA-1.16-1.el5.rf perl-Crypt-IDEA-1.08-1.el5.rf
Re: [CentOS] has anybody gotten horde working?
On Wed, Mar 26, 2014 at 12:45 AM, Ned Slider n...@unixmail.co.uk wrote: On 25/03/14 04:05, Les Mikesell wrote: On Mon, Mar 24, 2014 at 6:38 PM, Johnny Hughes joh...@centos.org wrote: Has anybody gotten this working? By the way, this is CentOS 6.5. If you are starting from scratch building a mail server you might want to look at SME server or ClearOS where webmail works out of the box. It would be my personal preference that we help people run things on CentOS rather than always recommending another distribution. SME isn't exactly an 'other' distribution, and ClearOS wouldn't be if CentOS6 had had a timely release. They are the same code underneath, just already configured to work as installed and with a few additions. Whilst I understand why Johnny would prefer to be able to offer a CentOS-based solution rather than signposting users towards other products, I must admit I kind of agree with Les here. My initial thought to Johnny's reply was why would CentOS want to reinvent this particular wheel, looking to solve a problem that has already been solved, just not by CentOS. I thought that CentOS's space was to be plug compatible with RHEL. Or has that changed? As such any upgrade to a package that also in RHEL breaks that paradigm. Pragmatically that is going to happen in the hobbyist arena, but probably should not happen in the professional (for want of a better word) arena. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Does anyone use tcp wrappers (hosts.allow/hosts.deny) anymore?
On Sun, Mar 23, 2014 at 2:02 AM, Always Learning cen...@u62.u22.net wrote: On Sat, Mar 22, 2014 at 2:05 PM, Always Learning cen...@u62.u22.net wrote: Nothing is easier and simpler than [any-section] parameter1=value1 parameter2=value2 On Sat, 2014-03-22 at 18:24 +1300, Cliff Pratt wrote: That text format is simple. Too simple. If you have multiple similar sub-sections you have to use some ad-hoc construction. For example if you require sub entries with eg a default sub-section and a per-user sub-section then the simple example doesn't work, or at least it is rendered a lot less readable. It doesn't nest. Whoops your M$ heritage is showing. Hmm, I don't deny that I moved to Linux from the Dark Side... On Linux per-user values are usually stored in individual configuration files located in their users' ~ (/home/) directories - not in a single, fragile and all-embracing nightmare called The Windoze Registry. The Windoze Registry eh? Well, I don't have CentOS/RHEL to try this on here, but when I type gconf-editor at the command line, I get something much like Windows Registry Editor. WRT user configurations, I only used users as an example. Your configuration file format is not useful in an application that requires a nested configuration. Linux is much more logical and user-friendly. Hence the existence of simple configuration files capable of containing copious configuration hints and explanations - something omitted from the XML monstrosity. :-) Yeah right. Each and every configuration has its own format of configuration file (eg sudoers) which you have to learn. XML is a monstrocity, I agree. But it's useful across the board monstrosity. Centos is like a hot sunny day - a true joy to experience. And we are stll waay off topic! Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL/CentOS 7 Dual boot with CentOS 5.x/6.x - default boot quick solution/howto
On Sun, Mar 23, 2014 at 1:39 PM, Nux! n...@li.nux.ro wrote: On 22.03.2014 17:46, Ljubomir Ljubojevic wrote: I have RHEL 7 Beta installed in dual boot with CentOS 6.x. Since RHEL 7 installed GRUB2, I had problem that RHEL 7 is default boot. My personal solution was to go to /etc/grub.d and run command: mv 10_linux 31_linux grub2-mkconfig -o /boot/grub2/grub.cfg Explanation: - /etc/grub.d is where grub2 writes down config files used to create boot menu. - OS-prober creates 30_os-prober file in /etc/grub.d - 10_linux is created for RHEL/CentOS 7.x system installed. If you change order of files in /etc/grub.d (numbers at the start of the files) the list generated with grub2-mkconfig will change order in the GRUB2 menu :) Oh boy, I'm so going to miss Grub 0.97.. Thanks for sharing, though! That method of ordering configuration files has been around for decades, so nothing new there. (eg /etc/init.d). However I do find grub2's configuration a little confusing. Nothing new there. It'll sink in sometime, no doubt. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Does anyone use tcp wrappers (hosts.allow/hosts.deny) anymore?
On Fri, Mar 21, 2014 at 10:36 AM, Always Learning cen...@u62.u22.netwrote: On Thu, 2014-03-20 at 17:18 -0400, m.r...@5-cent.us wrote: On the other hand, what justifiable reason was there for the massively increased complexity of grub2? And why do all configuration files suddenly *desperately* need to be xml? Because misguided fools believe XML is wundervol and they don't want simplicity of use. The advantages of XML are that it is a common, mature standard, it is easily parseable by humans and computers. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Does anyone use tcp wrappers (hosts.allow/hosts.deny) anymore?
On Sat, Mar 22, 2014 at 2:05 PM, Always Learning cen...@u62.u22.net wrote: On Thu, 2014-03-20 at 17:18 -0400, m.r...@5-cent.us wrote: On the other hand, what justifiable reason was there for the massively increased complexity of grub2? And why do all configuration files suddenly *desperately* need to be xml? On Fri, Mar 21, 2014 at 10:36 AM, Always Learning wrote: Because misguided fools believe XML is wundervol and they don't want simplicity of use. On Sat, 2014-03-22 at 13:54 +1300, Cliff Pratt wrote: The advantages of XML are that it is a common, mature standard, it is easily parseable by humans and computers. Nothing is easier and simpler than [any-section] parameter1=value1 parameter2=value2 Compare to XML (= the WEB PAGE 'new idea'), plain text is common, well established and a significantly more mature standard. Plain text is easier to read with vastly improve clarity, compared to XML, and no line indentations or angular brackets required. I note your reference to XML being common, mature standard omits any praise for XML and also omits calling it good :-) http://lists.centos.org/mailman/listinfo/centos That text format is simple. Too simple. If you have multiple similar sub-sections you have to use some ad-hoc construction. For example if you require sub entries with eg a default sub-section and a per-user sub-section then the simple example doesn't work, or at least it is rendered a lot less readable. It doesn't nest. YAML is quite a good if you insist on a text type format, without the complexity of JSON. But back to XML. It is parseable using all sorts of libraries and on lots of platforms. We have a number of apps that use XML for configuration data. It is easy for the programmers to knock up a page to edit this and the app itself can easily parse the results. But I'm sorry, I must admit that there was an element of tongue in cheek in my reference to XML's advantages. I've been reading and writing it for years, so I speak it fluently, at least in the possibly limited set of usages that we have. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] weird apache issue
Does the same issue arise if the restart is split into a stop and start? My thinking is that the stop IS working, but is taking longer than the script expects, so the stop step fails when the program checks the PID to see if it has shutdown properly. Then when the start happens the Apache has not completely shutdown and is still holding the port. After the failure the stop completes and the PID file is deleted. The PID file could be empty because the startup creates the PID file, but can't write the PID to it because the startup failed. I'm just guessing though, as I don't have a CENTOS/RHEL system to look at. I'm not even sure if my suggested scenario makes sense! Cheers, Cliff On Sat, Mar 8, 2014 at 4:28 AM, Les Mikesell lesmikes...@gmail.com wrote: On Fri, Mar 7, 2014 at 5:37 AM, Tim Dunphy bluethu...@gmail.com wrote: Not really sure how to interpret that, unfortunately. However looked for the pid file for apache and noticed that it DOESN'T EXIST! [root@beta:~] #ls -l /var/run/httpd/ total 0 Well, that would explain why the init script isn';t able to kill the process. Maybe puppet is doing something weird with that pid file? I don't really know offhand, but I guess I will have to investigate that. Is one created at a successful startup? And how is puppet involved? -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] gnutls bug
I have some sympathy for Michael. There are organisations which are so paranoid that they will not allow updates between eg 6.4 and 6.5, either because they insist on rigorous (ie lengthy and time consuming) regression testing of applications or because a third party package vendor specifies a particular level of OS for their product (I can think of at least two). Who has not been caught in the not supported here trap? You install a package from the OS supplier, and have an issue with it. You go to the forum for the package and get the response upgrade to the latest release, but the OS supplier will not support the OS if you upgrade the package to the latest release! Cheers, Cliff Cheers, Cliff On Thu, Mar 6, 2014 at 1:43 PM, Stephen Harris li...@spuddy.org wrote: On Wed, Mar 05, 2014 at 06:12:49PM -0600, Les Mikesell wrote: On Wed, Mar 5, 2014 at 6:00 PM, Michael Coffman updated. I did not realize that once the OS was vaulted, there were no more updates. Now I know so thanks... No, what everyone has said is that there _are_ updates, and yum knows how to get them, even selectively. More to the point, 6.4 and 6.5 are just markers in the sand for CentOS 6. 6.5 is basically just a rebasing of the packages to make it easier to install; it's an accumulation of updates for 6.4 in an easy to digest form. If you stop thinking of 6.4 and 6.5 as different OS's but as the same OS but at different parts of their patch lifecycle then it becomes a lot simpler. -- rgds Stephen ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CLAMAV problem: Error message outdated version although yum list installed reports correct version
No. 0.98-2 is a patched version of 0.98. A patched version of 0.98.1 would be eg 0.98.1-3. Cheers, Cliff On Thu, Feb 20, 2014 at 4:53 PM, Jobst Schmalenbach jo...@barrett.com.auwrote: On Wed, Feb 19, 2014 at 09:20:05PM -0600, Johnny Hughes (joh...@centos.org) wrote: On 02/19/2014 08:29 PM, Jobst Schmalenbach wrote: Hi. I posted this on the clamav list as well, as I do not know whether this is a rpm issue or clamav issue. Strange problem indeed: [root /tmp] #yum list installed clamav* Loaded plugins: fastestmirror Installed Packages clamav.x86_64 0.98-2.el5.rf installed clamav-db.x86_64 0.98-2.el5.rf installed clamav-milter.x86_64 0.98-2.el5.rf installed [root /tmp] # Yes, repoforge needs to build the new version if clamav (version 0.98.1) instead of 0.98. But according to the RPM numbers (see above) it already did ... this is why it is so confusing. Jobst ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CLAMAV problem: Error message outdated version although yum list installed reports correct version
I should read right to the bottom, shouldn't I? Sigh! On Thu, Feb 20, 2014 at 7:54 PM, Cliff Pratt enkiduonthe...@gmail.comwrote: No. 0.98-2 is a patched version of 0.98. A patched version of 0.98.1 would be eg 0.98.1-3. Cheers, Cliff On Thu, Feb 20, 2014 at 4:53 PM, Jobst Schmalenbach jo...@barrett.com.auwrote: On Wed, Feb 19, 2014 at 09:20:05PM -0600, Johnny Hughes ( joh...@centos.org) wrote: On 02/19/2014 08:29 PM, Jobst Schmalenbach wrote: Hi. I posted this on the clamav list as well, as I do not know whether this is a rpm issue or clamav issue. Strange problem indeed: [root /tmp] #yum list installed clamav* Loaded plugins: fastestmirror Installed Packages clamav.x86_64 0.98-2.el5.rf installed clamav-db.x86_64 0.98-2.el5.rf installed clamav-milter.x86_64 0.98-2.el5.rf installed [root /tmp] # Yes, repoforge needs to build the new version if clamav (version 0.98.1) instead of 0.98. But according to the RPM numbers (see above) it already did ... this is why it is so confusing. Jobst ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iso burn
OIC. The partial answer to that is that the command line programs in general give you more control and often have more features. Often the GUI programs are simply front ends to the command line ones. Command line ones can be scripted. The usual GUI versus command line arguments. Though if it is a choice between command line and GUI running under Wine, you are adding an extra layer that isn't needed (and using up cycles and heating the environment). Also, I'm not suggesting that you should *only* use command line programs. Anyway, this is now so far off topic, it's not funny. Mea culpa. Cheers, Cliff On Sat, Feb 8, 2014 at 6:12 PM, Darr247 darr...@gmail.com wrote: On 07 February 2014 @06:45 zulu, Cliff Pratt wrote: Darr247, that is verging on the bizarre! Why on earth... The only reason I can think of doing that is because it was there. Because I couldn't find a GUI hasher in the stock repos (gHasher is in RPMForge). Why install a desktop and then use only command line programs? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iso burn
Rejy, for the record, I've downloaded many ISOs and other large files using my browser (Chrome) for many years. While years ago it was problematic to use the browser to download large files, it seems to me that that is not so these days. Of course if you have a very slow or bad connection, it may not work, and this is where download tools come into their own. But I think that for most people, browsers will work OK. The real advantage of the download tools is that a transfer is usually restartable and that is not always possible with a browser download. Cheers, Cliff On Thu, Feb 6, 2014 at 9:04 PM, Rejy M Cyriac rcyr...@redhat.com wrote: On 02/06/2014 01:11 PM, dOminic wrote: Since you are writing the DVD in Windows OS, I assume you don't have any Linux boxes !. I am not sure what are the checksum verify utilities will work perfectly in Windows . However, from a quick internet search, I could find an official tool from Windows - http://www.microsoft.com/en-in/download/details.aspx?id=11533 - which supports MD5 ans SHA1 . Please match the MD5 of your downloaded CentOS DVD with http://mirror.nbrc.ac.in/centos/6.5/isos/x86_64/md5sum.txt . Hope that helps . If you can find a Linux box, get to command line sha256sum ISO file compare output with provided hash if they match, burn the dvd with the following command cdrecord -v -sao ISO file If the hash values do not match, download the ISO again, preferably using a download tool. It is better not to use the browser to download big files like the ISO, - rejy (rmc) On Thu, Feb 6, 2014 at 12:49 PM, Hal Wigoda hal.wig...@gmail.com wrote: I did not check the hash values. How do you do that? Sent from my iPad On Feb 6, 2014, at 12:09 AM, Darr247 darr...@gmail.com wrote: On 06 February 2014 @ 03:42 zulu, Hal Wigoda wrote: I downloaded the CentOS-6.5-x86_64-bin-DVD1.iso and CentOS-6.5-x86_64-bin-DVD12.iso and tried to burn them to a DVD but both Windows 7 and IOS ( MacBook Pro ) do not recognize these as valid isos. What am I doing wrong? What are their hashes? Here are some hash values of the files I'm sharing in a bittorrent client: CentOS-6.5-x86_64-bin-DVD1.iso (4,467,982,336 bytes) MD5 - 83221db52687c7b857e65bfe60787838 SHA1 - 32c7695b97f7dcd1f59a77a71f64f2957dddf738 SHA256 - c796ab378319393f47b29acd8ceaf21e1f48439570657945226db61702a4a2a1 CentOS-6.5-x86_64-bin-DVD2.iso (1,284,395,008 bytes) MD5 - 91018b86ca338360bc1212f06ea1719f SHA1 - 25e5de362ba6c75d793dbeb060b27ba1865cb5df SHA256 - afd2fc37e1597c64b3c3464083c0022f436757085d9916350fb8310467123f77 There are currently over 1000 other people sharing the CentOS-6.5-x86_64-bin-DVD1to2.torrent, too. So, do the hashes of your files match those? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iso burn
Yep, it works OK for me, but it may not work for the guy down the road. I don't have an issue with that. But for most people it just works fine. Cheers, Cliff On Thu, Feb 6, 2014 at 10:44 PM, Lalatendu Mohanty lmoha...@redhat.comwrote: On 02/06/2014 03:08 PM, Cliff Pratt wrote: Rejy, for the record, I've downloaded many ISOs and other large files using my browser (Chrome) for many years. While years ago it was problematic to use the browser to download large files, it seems to me that that is not so these days. Of course if you have a very slow or bad connection, it may not work, and this is where download tools come into their own. But I think that for most people, browsers will work OK. The real advantage of the download tools is that a transfer is usually restartable and that is not always possible with a browser download. Cliff, I have recently faced checksum issue (i.e. checksum didn't match) when I had downloaded the ISO using browser (Firefox). I would say my internet connection is fairly good. After I faced issue with browser, wget worked fine for me. -Lala Cheers, Cliff On Thu, Feb 6, 2014 at 9:04 PM, Rejy M Cyriac rcyr...@redhat.com wrote: On 02/06/2014 01:11 PM, dOminic wrote: Since you are writing the DVD in Windows OS, I assume you don't have any Linux boxes !. I am not sure what are the checksum verify utilities will work perfectly in Windows . However, from a quick internet search, I could find an official tool from Windows - http://www.microsoft.com/en-in/download/details.aspx?id=11533 - which supports MD5 ans SHA1 . Please match the MD5 of your downloaded CentOS DVD with http://mirror.nbrc.ac.in/centos/6.5/isos/x86_64/md5sum.txt . Hope that helps . If you can find a Linux box, get to command line sha256sum ISO file compare output with provided hash if they match, burn the dvd with the following command cdrecord -v -sao ISO file If the hash values do not match, download the ISO again, preferably using a download tool. It is better not to use the browser to download big files like the ISO, - rejy (rmc) On Thu, Feb 6, 2014 at 12:49 PM, Hal Wigoda hal.wig...@gmail.com wrote: I did not check the hash values. How do you do that? Sent from my iPad On Feb 6, 2014, at 12:09 AM, Darr247 darr...@gmail.com wrote: On 06 February 2014 @ 03:42 zulu, Hal Wigoda wrote: I downloaded the CentOS-6.5-x86_64-bin-DVD1.iso and CentOS-6.5-x86_64-bin-DVD12.iso and tried to burn them to a DVD but both Windows 7 and IOS ( MacBook Pro ) do not recognize these as valid isos. What am I doing wrong? What are their hashes? Here are some hash values of the files I'm sharing in a bittorrent client: CentOS-6.5-x86_64-bin-DVD1.iso (4,467,982,336 bytes) MD5 - 83221db52687c7b857e65bfe60787838 SHA1 - 32c7695b97f7dcd1f59a77a71f64f2957dddf738 SHA256 - c796ab378319393f47b29acd8ceaf21e1f48439570657945226db61702a4a2a1 CentOS-6.5-x86_64-bin-DVD2.iso (1,284,395,008 bytes) MD5 - 91018b86ca338360bc1212f06ea1719f SHA1 - 25e5de362ba6c75d793dbeb060b27ba1865cb5df SHA256 - afd2fc37e1597c64b3c3464083c0022f436757085d9916350fb8310467123f77 There are currently over 1000 other people sharing the CentOS-6.5-x86_64-bin-DVD1to2.torrent, too. So, do the hashes of your files match those? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iso burn
Darr247, that is verging on the bizarre! Why on earth... The only reason I can think of doing that is because it was there. Cheers, Cliff On Fri, Feb 7, 2014 at 1:37 PM, Darr247 darr...@gmail.com wrote: Well that didn't take as long as I thought it would... HashCalc does run fine in WINE, too. :) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] netcdf
On Fri, Jan 31, 2014 at 6:00 AM, m.r...@5-cent.us wrote: dip patel wrote: i had used all the resources as below and when i had all the untar in a directories and then ./configure the netcdf file so it fives x lib developer is missing and some x11 library is also missing etc so please help me... netcdf-4.3.1.tar.gz hdf5-1.9.148.tar.gz ncview-2.1.2.tar.gz snip Oh. And where did you get the tarballs? Everyone, I think, has been assuming you did a yum install of the packages. Installing from a tarball can, sometimes, be... interesting, because a) some of them are written and built on someone's system that is NOT standard, or, more frequently, built on some other distro, like current fedora, or worse, ubuntu, and so some libraries required are *MUCH newer than are standard on an enterprise o/s, which doesn't put newer ones in until they're no longer half-baked. g Is there something that the versions from the tarballs provide that the ones from the standard repos (base, epel, rpmfusion) don't provide? From what he said he is not allowed to update the system by his 'head' (presumably he means his boss). I wonder why? That's presumably why he is trying to install from the tarballs. In later posts he has changed tack and started talking about installing CentOS, presumably on his own machine (which makes sense). Les directed him to vmware or virtualbox. Sounds like a beginner and there might be a language barrier. We've all been there at one time! Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] default gw route has gone? SOLVED
It will probably be the same elsewhere, because they are CHEAP. I've used a few NZ Telco supplied routers over the years and a couple of cheap bought ones. All had some issue or the other. Nowadays I put up with or workaround any issues. Cheers, Cliff On Thu, Jan 16, 2014 at 9:00 PM, Rob Kampen rkam...@kampensonline.comwrote: On a side note - the various ADSL broadband routers supplied by the NZ telcos all seem to have missing or broken bits - the vodafone one doesn't open the firewall properly for incoming http - the telecom device allows one to specify a different IP address for the router but not the gw address - thus it only works if you use their default IP/gw address. So many hours wasted. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Why does 'mysql' user has /bin/bash shell?
Can you not set up a test system and try it out? Or, if this is your only system, could you not back it up, and test your suggestions out? The mysql shell is for viewing data in your databases and manipulating the data in required. You can also add tables and things like that. It is a powerful tool if you know what you are doing. Cheers, Cliff On Thu, Jan 9, 2014 at 10:27 PM, Mihamina Rakotomandimby miham...@rktmb.org wrote: Hello, Default MySQL installation on CentOS sets /bin/bash as shell. I'm on a user cleanup task where I want reduce unneeded privileges to users. What is the mysql user shell for? (What will happen if I change it to /bin/false or whatever would disable it's shell?) It's not only a matter of SSH (I'm aware I can AllowUsers in sshd_config for example). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Can we trust RedHAt encryption tools?
I was shocked and horrified to find out that RHEL (and presumably CentOS) and Ubuntu no longer implement the 'rot13' program. Cheers, Cliff On Fri, Jan 10, 2014 at 11:32 AM, Robert Moskowitz r...@htt-consult.comwrote: On 01/09/2014 05:15 PM, Les Mikesell wrote: On Thu, Jan 9, 2014 at 3:55 PM, John R Pierce pie...@hogranch.com wrote: On 1/9/2014 1:27 PM, Kanwar Ranbir Sandhu wrote: I think everyone should assume the entire ecosystem is compromised and shouldn't trust anything. Code should be reviewed and bugs/weaknesses removed IMMEDIATELY. The problem is obviously not everyone is a programmer and not everyone will have the knowledge to understand how to fix/improve the security issues. Of course, some software is still good, but who's going to verify that and when? If you don't use free software, you're a goner because now you have no ability whatsoever to audit the code! I've programmed for 40 years, and I don't understand encryption algorithms nor can I evaluate their strengths and weaknesses. I know very few programmers who can. None personally, in fact. I always just assumed that blowfish was good precisely because it wasn't the one that was recommended/promoted by the groups likely to be compromised. But, I try to stay out of politics so I don't worry much about keeping secrets anyway. Bruce's twofish was better; it was his AES submission. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Can we trust RedHAt encryption tools?
Thanks! I got similar suggestions when I mentioned this at work. I was of course joking about rot13. Cheers, Cliff On Fri, Jan 10, 2014 at 12:41 PM, John R Pierce pie...@hogranch.com wrote: On 1/9/2014 3:33 PM, Cliff Pratt wrote: I was shocked and horrified to find out that RHEL (and presumably CentOS) and Ubuntu no longer implement the 'rot13' program. tr A-Za-z N-ZA-Mn-za-m infile outfile example... $ echo this is a message | tr A-Za-z N-ZA-Mn-za-m guvf vf n zrffntr $ echo guvf vf n zrffntr | tr A-Za-z N-ZA-Mn-za-m this is a message -- john r pierce 37N 122W somewhere on the middle of the left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ZFS on Linux testing effort
Grub only needs to know about the filesystems that it uses to boot the system. Mounting of the other file systems including /var is the responsibility of the system that has been booted. I suspect that you have something else wrong if you can't boot with /var/ on ZFS. I may be wrong, but I don't think so. If grub needed to know about the file systems other than the one it is using to boot, then it would have parameters to describe the other file systems. Cheers, Cliff On Tue, Jan 7, 2014 at 11:54 AM, Lists li...@benjamindsmith.com wrote: On 11/30/2013 06:20 AM, Andrew Holway wrote: Hey, http://zfsonlinux.org/epel.html If you have a little time and resource please install and report back any problems you see. Andrew, I want to run /var on zfs, but when I try to move /var over it won't boot thereafter, with errors about /var/log missing. Reading the ubuntu howto for ZFS indicates that while it's possible to even boot from zfs, it's a rather long and complicated process. I don't want to boot from ZFS, but it appears that grub needs to be set up to support ZFS in order to be able to mount zfs filesystems, and it's possible that EL6's grub just isn't new enough. Is there a howto/ instructions for setting up zfs on CentOS/6 so that it's available on boot? Thanks, Ben ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS eclipse
Probably not 4.3. Maybe 4.0 or 4.1. It is still going to be behind the latest release. Cheers, Cliff On Fri, Dec 27, 2013 at 8:48 AM, Steve zep...@cfl.rr.com wrote: John R Pierce pie...@hogranch.com wrote: On 12/26/2013 10:50 AM, Steve wrote: My understanding was that CentOS was generally about a year out-of-date. When a major RHEL version is released, the major.minor versions of most all components are frozen for the life cycle of that major release, this ensures package compatability, so if something is released for EL6 it can expect to run with any EL6.x update. OK, so since RHEL 6.0 was released on 11/10/2010, we get eclipse 3.6 which was released on 6/23/2010 (according to Wikipedia) and we can only get 3.6.x updates until RHEL 7.0 is release. If RHEL 7.0 was released today, eclipse would jump to 4.3 (ignoring any other complications) which was released on 6/26/2013. Got it. Thanks ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Log rolling with a daemon
John's suggestion is still pertinent. You'll need a SIGHUP handler in your script. Logrotate could send the SIGHUP in a postrotate 'script'. Cheers, Cliff On Sun, Dec 22, 2013 at 3:15 PM, Larry Martell larry.mart...@gmail.comwrote: On Sat, Dec 21, 2013 at 8:52 PM, John R Pierce pie...@hogranch.com wrote: On 12/21/2013 4:56 PM, Larry Martell wrote: I'm looking for advice or suggestions for rolling log files with a daemon. I have a python script that I daemonized with http://www.jejik.com/articles/2007/02/a_simple_unix_linux_daemon_in_python/ . Before I daemonized it it was run from a bash script that invoked the underlying python script. It ran the python script, waited for it to complete and then it slept for 5 seconds and ran it again. This was in a infinite loop. In between each invocation it checked the log file and if it was over 10MB it renamed it and then the next invocation started with a new empty log. Since each invocation was a separate run this worked fine. But now the daemonized python script doesn't exit - the same log file is attached to it forever. So my renaming of the file does nothing - the i node doesn't change and it's still logging to the same large file. Anyone have any ideas how I can achieve this sort of log rolling in this situation? send a SIGHUP to syslog and it shoudl re-opent he log files. silly question, but whats wrong with the logrotate daemon thats built into centos? This is not using syslog. If you look at the daemonizing script I gave the link to, you pass in the log files for stdout and stderr, and it does some double fork magic and then associates the given files with them. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS, linux and kernel version
3.9.3 is the kernel number. All Linux distributions use the Linux kernel, so Debian version X and CentOS version Y may use the same kernel as may Ubuntu version Z. There may be a list of CentOS versions and kernel numbers somewhere, but I can't see that it would be of great interest. My Ubuntu 13.10 shows 3.11.0 so you have a fairly old Ubuntu version there. In general the Ubuntu kernel will be newer than the more conservative CentOS/RHEL. Cheers Cliff On Thu, Dec 19, 2013 at 8:29 PM, Jayadevan Maymala jayadevan.technol...@gmail.com wrote: Hi, I am using CentOS 6.4. uname -r gives me 3.9.3-x86_64 Kernel version is 2.6.32. My questions - What is 3.9? In Ubuntu, uname -r and /boot give the same version numbers. Do we have a mapping of CentOS versions, the numbers like 3.9 and kernel versions maintained somewhere? Regards, Jayadevan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS, linux and kernel version
Ah, right. I was assuming (maybe erroneously) that the OP knew what was on his/her system. 8-) Cheers, Cliff On Fri, Dec 20, 2013 at 2:05 AM, SilverTip257 silvertip...@gmail.comwrote: On Thu, Dec 19, 2013 at 4:38 AM, Cliff Pratt enkiduonthe...@gmail.com wrote: 3.9.3 is the kernel number. All Linux distributions use the Linux kernel, so Debian version X and CentOS version Y may use the same kernel as may Ubuntu version Z. There may be a list of CentOS versions and kernel numbers somewhere, but I can't see that it would be of great interest. CentOS 6.5 doesn't ship with a 3.x kernel. If it was a 2.6.32-something kernel then it would likely be an official kernel ... not a 3.x though. Possibly from elrepo or another third party repo. That's why this might be of interest to the OP. My Ubuntu 13.10 shows 3.11.0 so you have a fairly old Ubuntu version there. In general the Ubuntu kernel will be newer than the more conservative CentOS/RHEL. Cheers Cliff On Thu, Dec 19, 2013 at 8:29 PM, Jayadevan Maymala jayadevan.technol...@gmail.com wrote: Hi, I am using CentOS 6.4. uname -r gives me 3.9.3-x86_64 Kernel version is 2.6.32. My questions - What is 3.9? In Ubuntu, uname -r and /boot give the same version numbers. Do we have a mapping of CentOS versions, the numbers like 3.9 and kernel versions maintained somewhere? Regards, Jayadevan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- ---~~.~~--- Mike // SilverTip257 // ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Story of an email
On Sat, Nov 30, 2013 at 2:33 PM, Timothy Murphy gayle...@eircom.net wrote: Mike Burger wrote: I'm running postfix + dovecot on my CentOS server, together with amavisd, clamd and spamassassin, following the instructions in http://wiki.centos.org/HowTos/postfix. As far as I can see it is all working, but I must admit I'm not clear exactly what path an incoming email travels along. I asked this question before, and someone suggested a document I should read, but unfortunately I've mislaid the note I made at the time. Assuming that you've properly configured the master.cf and main.cf to allow amavisd/clamav scanning of email, the following is how the process will flow: Remote mail client (user, some other mail server, etc) connects to port 25 to send an email through your Postfix installation. Postfix passes the email to amavisd over some port. Amavisd processes the email through clamav and, if the message is clean, passes it back to Postfix through a different port. Postfix delivers the message (to a remote mail server, or to a local user). Thanks for your response. I've a couple of queries. 1) Where does SpamAssassin come into the process? 2) In my case all incoming email comes through fetchmail from external mail servers like gmail. I take it that this is sent through port 25 to postfix, more precisely to the sendmail emulator of postfix? 3) I take it that in the last stage postfix passes the email to dovecot, which stores it in ~/Maildir/cur/ (in my case). It is picked up from there by KMail on my laptop, but that is another story. Why do you insist on calling it the sendmail emulator? Sendmail, postfix, exim and many others applications are merely servers that respond to and process emails according to the SMTP protocols. There's nothing special about sendmail except that it was one of the first and most widespread of mail servers. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine check events
He's not running the Poisson distro, he's using CentOS! 8-) On Fri, Nov 29, 2013 at 11:57 AM, Devin Reade g...@gno.org wrote: Quoting Glenn Eychaner geycha...@mac.com: This is brand-new Kingston 1600MHz ECC memory on a workstation/server running at high altitude [snip] Cosmic rays? Do you have a Poisson distribution for those machine check events? :) Devin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Filesystem labeling confusion or mess up
*Something* is causing it to appear that there are two paths. I can't think how else the two apparently different disks have the *same* file system. But I've not used iSCSI much. Perhaps if you post the type of the device someone might have any idea? Cheers, Cliff On Wed, Nov 27, 2013 at 11:30 PM, Götz Reinicke - IT Koordinator goetz.reini...@filmakademie.de wrote: Hi Cliff, theer is just one path; I rechecked. The storage and server are attached currently direct with one twinaxial cable and just one ip on each side. Multipathing was never configured. I'm confused. Currently I reattached the targets and reformatted the devices. in dmesg I just see one sdb and one sdc. sda is the internal disk and no more disk devices show up e.g. with fdisk -l. Any more suggestions or thoughts? /Götz Am 26.11.13 23:08, schrieb Cliff Pratt: Looks like you have more than one path to the devices. I would expect to see *4* devices. Cheers, Cliff On Wed, Nov 27, 2013 at 2:36 AM, Götz Reinicke - IT Koordinator goetz.reini...@filmakademie.de wrote: Hi, I do have an iscsi storage with two raidsets. I'm logged in to the target and get two devices: /dev/sdb and /dev/sdc. After formatting the devices with ext4 I realised, that I had used a wrong label, so I tried to relabel the devices. But now I'm confused: doing a e2label /dev/sdb or /dev/sdc returns always the same label name for both devices. so I did e2label /dev/sdb students and e2label /dev/sdc staff and now mounting the devices shows the same filesystem under sdb and sdc! Looks like sdc (an empty device) is gone... Any suggestions or explanations? Thanks and best regards . Götz ... -- Götz Reinicke IT-Koordinator Tel. +49 7141 969 82 420 E-Mail goetz.reini...@filmakademie.de Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzender des Aufsichtsrats: Jürgen Walter MdL Staatssekretär im Ministerium für Wissenschaft, Forschung und Kunst Baden-Württemberg Geschäftsführer: Prof. Thomas Schadt ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Filesystem labeling confusion or mess up
Looks like you have more than one path to the devices. I would expect to see *4* devices. Cheers, Cliff On Wed, Nov 27, 2013 at 2:36 AM, Götz Reinicke - IT Koordinator goetz.reini...@filmakademie.de wrote: Hi, I do have an iscsi storage with two raidsets. I'm logged in to the target and get two devices: /dev/sdb and /dev/sdc. After formatting the devices with ext4 I realised, that I had used a wrong label, so I tried to relabel the devices. But now I'm confused: doing a e2label /dev/sdb or /dev/sdc returns always the same label name for both devices. so I did e2label /dev/sdb students and e2label /dev/sdc staff and now mounting the devices shows the same filesystem under sdb and sdc! Looks like sdc (an empty device) is gone... Any suggestions or explanations? Thanks and best regards . Götz -- Götz Reinicke IT-Koordinator Tel. +49 7141 969 82 420 E-Mail goetz.reini...@filmakademie.de Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzender des Aufsichtsrats: Jürgen Walter MdL Staatssekretär im Ministerium für Wissenschaft, Forschung und Kunst Baden-Württemberg Geschäftsführer: Prof. Thomas Schadt ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RAM Requirements
Wow! RH9 was discontinued in 2004! It is likely that a machine from that era has the ability to run CentOS 6.4 both in terms of resources and the availability of drivers. Cheers, Cliff On Sat, Nov 23, 2013 at 6:35 PM, Mark LaPierre marklap...@aol.com wrote: Hey Y'all, Does anyone know where I can look, please post a URL, where I can find out what the minimum system requirements are for CentOS 6.4? I've searched the CentOS.org web site for this but I've come up empty. I've got an old machine that had RH9 on it. The HD died so I had to replace that. Now I'm thinking that I want to install CentOS 6.4 on it but the minimal install disk says that I don't have enough RAM for it to do the install. -- _ °v° /(_)\ ^ ^ Mark LaPierre Registered Linux user No #267004 https://linuxcounter.net/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RAM Requirements
unlikely.. not ...likely... Cheers, Cliff On Sat, Nov 23, 2013 at 6:51 PM, Cliff Pratt enkiduonthe...@gmail.comwrote: Wow! RH9 was discontinued in 2004! It is likely that a machine from that era has the ability to run CentOS 6.4 both in terms of resources and the availability of drivers. Cheers, Cliff On Sat, Nov 23, 2013 at 6:35 PM, Mark LaPierre marklap...@aol.com wrote: Hey Y'all, Does anyone know where I can look, please post a URL, where I can find out what the minimum system requirements are for CentOS 6.4? I've searched the CentOS.org web site for this but I've come up empty. I've got an old machine that had RH9 on it. The HD died so I had to replace that. Now I'm thinking that I want to install CentOS 6.4 on it but the minimal install disk says that I don't have enough RAM for it to do the install. -- _ °v° /(_)\ ^ ^ Mark LaPierre Registered Linux user No #267004 https://linuxcounter.net/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] file managementttttttttttt
On Tue, Nov 19, 2013 at 4:59 AM, m.r...@5-cent.us wrote: James B. Byrne wrote: On Sun, November 17, 2013 12:55, Michael Hennebry wrote: Last week, I installed CentOS 6 yet again. I took the default desktop: gnome. Whenever I open a directory, I get a new window. That gets rather annoying, especially when I have to drill down several levels. Is there around that behaviour? If it's in edit-preferences, I didn't find it. Eventually I expect to change desktops. Until then, any ideas? . Instead of clicking on a directory in the first window (which Opens that directory in an new window) try using the Browse Folder option instead. Or open the first directory by right clicking and sekecting Browse Folder to begin with. Well, I dislike gnome anyway - at work, we've got a lot of folks on kde. At home, I use IceWM. But what is this open a directory? Is that like rxvt, click into the xterm, ls ...dir/subdir/subsubdir? mark Very similar, but less archaic! 8-) Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Network Problem on New Install of 6.4
Are there any messages in the logs? In particular 'dmesg' messages. (I don't have a CentOS system right here so I can't see which log is appropriate.) Is there a DHCP server on the network? A little more detail on your situation would be handy. Is this a home network with ADSL or similar? Cheers, Cliff On Sun, Oct 27, 2013 at 3:26 PM, Gregory P. Ennis po...@pomec.net wrote: I have a new install of CentOS 6.4 on an HP Pavilion 500-27c with one mother board nic card. results of lspci : 01:00.0 Ethernet controller: Atheros Communications Inc. AR8161 Gigabit Ethernet (rev 10) 04:00.0 Network controller: Ralink corp. Device 539b results of ifconfig -a lo Link encap:Local Loopback wlan0 Link encap:Ethernet HWaddr 70:18:8B:80:AE:71 There is no /etc/sysconfig/network file present. The install was performed without incident from a DVD. I would surely appreciate your help in trying to activate this network. Is this a problem with the 6.4 disc or do I have a network card on this machine that is not supported by 6.4 -- Greg Ennis PoMec Corporation www.PoMec.Net ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Difficulty building custom Install CD
Then get disk 1 of the CentOS distribution and copy it from there.. Cheers, Cliff On Sun, Sep 15, 2013 at 2:31 PM, Rajagopal Swaminathan raju.rajs...@gmail.com wrote: Greetings, On Sat, Sep 14, 2013 at 5:37 PM, zGreenfelder zgreenfel...@gmail.com wrote: On Sat, Sep 14, 2013 at 12:16 AM, Rajagopal Swaminathan raju.rajs...@gmail.com wrote: the first page of that link says: Look in the file ~kickstart_build/comps.xml (which you copied from repodata/comps.xml on disc 1 of the CentOS distribution). Indeed, I did not miss that. But I am using the centos minimal ISO which does not seem to have that file. My original requests stand. -- Regards, Rajagopal ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ghostscript-8.70-14.el5_8.1.x86_64 hylafax+ 5.5.3
Greg, I haven't sent a fax in ages, so my suggestion would be to take a step back and see if you still need to use fax. You may still have a need for it, but I'm just suggesting that you think about it! Cheers, Cliff On Tue, Aug 6, 2013 at 10:19 AM, Gregory P. Ennis po...@pomec.net wrote: On 08/05/2013 12:26 AM, John R Pierce wrote: On 8/4/2013 3:09 PM, Ljubomir Ljubojevic wrote: First try installing compiled rpm on a TEST system, and if that does not work you can try recompiling the source rpm, or ask someone to help you, maybe maintainer of ghostscript in Fedora. if you rebuild it via the RPM, it likely will overwrite the 'stock' ghostscript. a tarball install could be built to run in /usr/local/ghostscript/... or /opt/mystuff/ghostscript/... or whatever, and not interfere with the distribution build. That is true if hylafax can be pointed to use optional version of ghostcript. If that is not the case, then ghostscript has to be replaced. P.S. I am not a hylafax user so I can not determine what should be done. -- Everyone, Thanks so much for everyone's help I am a new hylafax+ user and other than the ghostscript problem I am very impressed. Hylafax+ does allow you to control the location of ghostscript so once I get it compiled I should be able to point it to the correct version. Instead of using the Fedora RPM, I am going to compile it and try to route the files to a different location. I really screwed up a different system trying to do an rpm install with a Fedora module with a different piece of software. I am a little gun shy about doing that again. I am using Hylafax+ on CentOS 5.9 to replace a vsifax system installed on SCO. If I can get ghostscript 9.07 installed properly this will be a very good replacement. If any of you have additional suggestions, I sure appreciate your help. Greg ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] unprivileged users rebooting at console
How are you rebooting? What groups are you in? From the command line? When I try this on Ubuntu (don't have a RHEL/CentOS here) I get Have to be root if I issue the /sbin/reboot command as an ordinary user. Cheers, Cliff On Sun, May 5, 2013 at 10:38 PM, Joseph Spenner joseph85...@yahoo.comwrote: I'm curious why any user logged in at the console can issue the 'reboot' command and reboot the system. I've tested/verified this to work, and read some older posts about this. If it were a bug, I suspect it would be fixed by now. Also, if a user is logged into the console, and then logs in via ssh from another system, that user can also reboot the system from that ssh connection. It would seem that once a user authenticates on the console, and remains on the console, they can reboot from any other/new tty. Once they drop off the console, the ssh connections can no longer reboot. If this is by design, why? Thanks! Regards, Joseph Spenner --- If life gives you lemons, keep them-- because hey.. free lemons. ~heart~ Sticker fixer: http://microflush.org/stuff/stickers/heartFix.html ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] unprivileged users rebooting at console
On Mon, May 6, 2013 at 8:31 AM, Scott Robbins scot...@nyc.rr.com wrote: On Mon, May 06, 2013 at 08:20:31AM +1200, Cliff Pratt wrote: Please try not to top post. Sorry, I blame GMail, which hides the previous quoted posts under an ellipsis. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Cents OS from Bash Shell
re point 3, do you have 'telnetd' installed. You should probably use ssh unless you have a good reason not to. On Fri, Apr 26, 2013 at 12:04 AM, Adekoya Adekunle adekunleadek...@gmail.com wrote: I want to know the right command to type from a bash shell so that i can 1) Check the version of my cent os 2) Check all the open ports (tcp and udp) on my machine 3) Open a specific port say port 3306 so that a telnet request from a remote machiene can be accepted 4) Disable the effect of 3 above in case I want to Thanks in anticiaption of your kind responses to the questions above. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [centos-6.3-desktop] Unable to login
You should not have removed the i686 packages. The packaging system ensures that there are no conflicts. I suggest that you reinstall them. It may be that there is no need of them, but second-guessing the packaging system is never a good idea, unless you know *exactly* what you are doing. Cheers, Cliff On Tue, Apr 23, 2013 at 1:26 AM, Mayur Patil ram.nath241...@gmail.comwrote: Hello, I have trapped in weird problem. My Setup is CentOS 6.3 Desktop edition x86_64 arch. My login screen is blinking so frequently that I am unable to see and login into it. And also I am unable to reinstall the OS because it will take very long time re-setup everything as per my configuration as well as Data. The problem is as follows: I have several months ago libgcc-4.4.6.i686. Today for installing rsyslog, I updated the package libgcc-4.4.7.i686 and libgcc-4.4.7.x86_64. Then thinking about chances of conflict, I removed libgcc-4.4.7.i686 it has also removed the cups-libs gmp gnutils gtk2 libstdc++ libtiff peazip all are i686 type. Then I installed same packages for 64 bit through yum install above packages Message also said successfully installed. Then I try to open another terminal window but it was suddenly closing so I thought restart might solve this problem; so I restart the computer. I am getting normal CentOS login backgroud but getting faster blinking screen. How should I solve this problem (except formatting the CentOS) as CentOS is the only OS on that machine. 1. How to login into CentOS now?? 2. Which package should I need to install and how ?? Kindly do the needful, Thank you !! *-- Cheers, Mayur. * ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Supermicro Boot Failures with DVD Centos 6.2
On Sat, Apr 20, 2013 at 6:56 AM, Gregory P. Ennis po...@pomec.net wrote: Gregory P. Ennis wrote: Eve.8ryone, I have had a SuperMicro machine running Centos 5.8 that had been progressively updated with yum-cron from a 5.0 CD install. I upgraded the SuperMicro with more memory, switched out the CD with a DVD and tried to boot to the Centos x64 6.2 dvd. My plan was to test the memory before I added the hard drives, but I could not I could not get the machine to boot from the disc. I also tried some Fedora snip Ok. Next question: what *happens* when you try to boot? Do you get anywhere? Are there any errors showing up onscreen? We get a one line descriptor at the top of the screen that starts out with ISOLINUX ... Sorry, but I can not remember the full line. The system then hangs at this point, and after this is displayed it does not appear that the DVD drive is accessed again. At least the light on the DVD does not blink again. If you can boot another server from this DVD, it suggests that there's a driver missing, though if this is an install disk, that's odd. Have you tried ctrlaltf4 or f5? IIRC, those should show what goes into dmesg. mark - Mark, I have installed 4 other machines with this same DVD disc. The only thing that is a little different is that we have not attached a hard disc drive to the SuperMicro yet, we were only at the point of testing the memory. Thanks for your advice about ctrlaltF4 I will not be able to try this until I can get to the machine, prob 24 hrs. I'll let you know what happens. Greg, can you scare up a spare disk and attach it to test your theory? Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iptables settings for X11 forwarding in CentOS 6.2
On Sat, Mar 30, 2013 at 12:54 PM, SilverTip257 silvertip...@gmail.comwrote: On Fri, Mar 29, 2013 at 1:09 PM, zGreenfelder zgreenfel...@gmail.com wrote: On Fri, Mar 29, 2013 at 12:37 PM, Pat Haley pha...@mit.edu wrote: Hi, Actually we're talking about both SSH and XDMCP X11 forwarding. Both seem to be currently disabled by the iptables. We'll try out what you suggest and get back with the results. Thanks. Pat iptables should have no effect (well. I guess if you do some really Read the entire thread. The OP tested with firewall rules and then with fw off/flushed rules. He could run 'iptables -L -x' at the command line to get the counts of dropped packets. If he does that twice, one before and once after testing the differences will show which rules are being hit. odd config settings it -could-, but that's a bit of an edge case) on ssh X tunnels. check your /etc/ssh/sshd_config for X11Forwarding it should be set to yes. if you have iptables that apply to localhost/127.0.0.0/8 network, then I suppose iptables could be part of the problem. but I'd think it'd make sense to drop most all of those rules. it might also be helpful to look at the output of from your external machine when you run ssh - -X user@clusterhost (I wouldn't send it all to the list, cuz it'll be a ton of nonsense, but the last page or of output lines have helped me find issues in the past) ... or am I completely off in left field and you're saying you're unable to ssh into your machines? -- Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] nscd
On Tue, Mar 26, 2013 at 6:26 AM, m.r...@5-cent.us wrote: Has anyone had problems accessing random websites since going up to 6.4? Since about the day after I got partly upgraded, if I try to access nytimes.com, or orbitz.com, I get server not found. With a lot of work, I, my manager, and the other admin, found that setting options edns0 in /etc/resolv.conf fixed it - I suspect that the network folks updated their internal nameservers (which are M$) about that time... but... we got this Thurs. Friday, I went to look, lunchtime, at a story, and back to the same. Later, and I think I was playing around, it came back. Just now, over lunch, it failed... until I restarted nscd. My manager tells me it's caching... but it seems to be caching momentary failures. So: has anyone else seen oddness that might be related to nscd? Do you want the whole book? 'nscd' is a synonym for weird. I've had many strange DNS issues which have been solved by either bouncing nscd or purging its cache entries. However, you appear to be using nscd on your machine to cache DNS and using the internal MS DSN servers to do the actual lookups. Am I correct? In which case, the MS DNS server should be caching the DNS lookups anyway, so you probably don't derive a lot of benefit from the nscd unless you do a lot of repeated DNS lookups. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] nscd
On Tue, Mar 26, 2013 at 12:06 PM, Gary Greene ggre...@minervanetworks.com wrote: On Tuesday, Cliff Pratt wrote: On Tue, Mar 26, 2013 at 6:26 AM, m.r...@5-cent.us wrote: Has anyone had problems accessing random websites since going up to 6.4? Since about the day after I got partly upgraded, if I try to access nytimes.com, or orbitz.com, I get server not found. With a lot of work, I, my manager, and the other admin, found that setting options edns0 in /etc/resolv.conf fixed it - I suspect that the network folks updated their internal nameservers (which are M$) about that time... but... we got this Thurs. Friday, I went to look, lunchtime, at a story, and back to the same. Later, and I think I was playing around, it came back. Just now, over lunch, it failed... until I restarted nscd. My manager tells me it's caching... but it seems to be caching momentary failures. So: has anyone else seen oddness that might be related to nscd? Do you want the whole book? 'nscd' is a synonym for weird. I've had many strange DNS issues which have been solved by either bouncing nscd or purging its cache entries. However, you appear to be using nscd on your machine to cache DNS and using the internal MS DSN servers to do the actual lookups. Am I correct? In which case, the MS DNS server should be caching the DNS lookups anyway, so you probably don't derive a lot of benefit from the nscd unless you do a lot of repeated DNS lookups. Cheers, Cliff NSCD is also necessary if you're running an LDAP or NIS environment, so don't just turn it off if you're using external authentication services. In a Winbind environment, NSCD is unnecessary however. Ah, yes, indeed. Thanks Gary, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Ctrl-Alt-F? bindings broken under xen 3.0.3-142.el5_9.1 / 2.6.18-348.1.1.el5xen?
The graphics chip is probably relevant. FWIW I can't Ctrl-Alt-Fn to any Virtual Console (I just get a black screen, no login prompt). I have a nVidia graphics chip. There are many reports on the Internet of trouble with VC and nVidia and some other graphics chips. Cheers, Cliff On Fri, Mar 22, 2013 at 2:52 AM, Robert Heller hel...@deepsoft.com wrote: OK, some more information: I rebooted to a non-xen kernel (2.6.18-348.1.1.el5), and the problem remains, so it is not xen or a xen kernel issue. The machine has an AMD 64-bit processor (AMD Sempron(tm) Processor LE-1300), if that makes any difference. I have a LD450 keyboard (DEC VT220 flavored ps2 keyboard). The keyboard does work: the X server properly intercepts Ctrl-Alt-Fn and does a proper chvt call. The *kernel* itself is not handling Ctrl-Alt-Fn. (It is handling Ctrl-Alt-Delete, but I suspect that is something completely different.) My 32-bit laptop, running kernel 2.6.18-348.1.1.el5 is working just fine -- the kernel there is properly handling Ctrl-Alt-Fn and switches between consoles without problems. Oh, both machines boot to runlevel 3 and I use startx to fire up X (I loath graphical logins). At Wed, 20 Mar 2013 13:26:14 -0400 CentOS mailing list centos@centos.org wrote: I am not sure what I did, but for some reason Ctrl-Alt-F? bindings are broken on 64-bit xen desktop machine (but not on my laptop (32-bit, no xen)). Both machines are (mostly) up-to-date and running CentOS 5.9. I rarely hop to different Virtual Consoles (eg Ctrl-Alt-F1 ... Ctrl-Alt-F7), but today I wanted to go to the main console to watch some kernel verbage (I was checking something with hot-swap SATA disk). I discovered that I could not switch back to my X11 session (Ctrl-Alt-F7)! I did some googling, but did not find anything. So far as I can tell, I can switch to one of the other VT (Ctrl-Alt-Fn) *from* VT7 (my X11 session), but cannot then switch to any other VT from there, using the Ctrl-Alt-F? key bindings. The chvt command works, but the keybindings don't. It is most strange. I know this used to work (and still does work just fine on my laptop, running much the same system, including the same X11 configuration, with the same desktop setup (plain fvwm in MWM compatibity mode, same keybindings, etc.). Other than different video cards (and thus different X11 drivers) and 32-bit vs 64-bit and with xen virtualization on the 64-bit desktop box, the system setups are virtually identical. -- Robert Heller -- 978-544-6933 / hel...@deepsoft.com Deepwoods Software-- http://www.deepsoft.com/ () ascii ribbon campaign -- against html e-mail /\ www.asciiribbon.org -- against proprietary attachments ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using LAMP stacks
On Fri, Mar 15, 2013 at 6:53 AM, Bruce Whealton br...@futurewaveonline.com wrote: Your server has probably got all the components of a LAMP stack on it. If it hasn't it is a simple matter of installing them using yum. You would learn a lot by doing it that way. yum will put stuff in the correct locations. If you are sure that you want to use a pre-packed LAMP stack, then I guess that they must use different ports. I've never used one. I suspect that you will have issues down the track, eg when you need to upgrade either the system or the LAMP stack. One option is to find an appliance ISO and use that rather than try to install a LAMP stack on top of an existing system. I suppose you are correct. The real problem I was having was getting domain1.com to point to one location and domain2.com to point to another and to serve php files from both. Previously, I had problems with this, especially frustrating was when php didn't work. Didn't work meaning it wasn't being processed on the server. With my latest install that does work now. It was s frustrating. Nothing out there seemed to offer a solution and the log files were unhelpful. These packaged lamp stacks do not resolve the issue of running virtual domains, such as domain1.com and domain2.com. As noted in a prior email, when I added a vhost.conf file, the server would not restart. Thanks, I suggest that solving the issues that you get would be ultimately more useful than looking for a solution that works out of the box. I suggest that you look at the documentation for Apache virtual hosts. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using LAMP stacks
On Thu, Mar 14, 2013 at 1:42 PM, Bruce Whealton br...@futurewaveonline.com wrote: Hello all, I thought some of the LAMP stacks at Bitnami would be great for getting it all setup in Centos. Making sure everything is in the right place and referenced correctly. I'm curious, though, as Centos comes with Apache already and it's running on my system. So, I wonder what these installers do - ignore installing apache, when they discover it is already installed? Make it use a different port? What would be nice would be to put certain things on different domains. That goes back to my previous question about getting the vhost.conf to work and to get my system to use virtual hosts. ...and if you see other lamp relate stacks that look interesting, it would be nice if they could handle the situation where several components are already installed and running and just skip those components when installing... Is that possible? Thanks, Bruce Your server has probably got all the components of a LAMP stack on it. If it hasn't it is a simple matter of installing them using yum. You would learn a lot by doing it that way. yum will put stuff in the correct locations. If you are sure that you want to use a pre-packed LAMP stack, then I guess that they must use different ports. I've never used one. I suspect that you will have issues down the track, eg when you need to upgrade either the system or the LAMP stack. One option is to find an appliance ISO and use that rather than try to install a LAMP stack on top of an existing system. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LDAP users/groups not showing up with nis, pam, ldap
Do you have nscd running? If so, try stopping and starting that. Cheers, Cliff On Thu, Feb 21, 2013 at 12:50 PM, Wes Modes wmo...@ucsc.edu wrote: I am trying to configure NIS, PAM, LDAP on a CentOS 6.2 host. I've previously installed a similar configuration on RHEL4, but CentOS now uses nss-pam-ldapd and nslcd instead of nss_ldap, so the configurations are a little different. Currently, local users and groups are showing up but not LDAP users. When I do a /getent passwd/ and/getent group/ I don't get LDAP users. When I do a listing of a share directory that should have user and group ownership determined by LDAP, I get the uidNumbers and gidNumbers rather than the UIDs and GIDs. [root@edgar2 openldap]# ls -l /data/home | tail drwx--. 2 30634 30080 4096 Mar 18 2009 userdir1 drwx--. 33 30548 30075 4096 Jan 29 15:20 userdir2 drwx--. 3 30554 30075 4096 Jan 26 2009 userdir3 drwx--. 12 30467 30075 4096 Jun 21 2012 userdir4 drwx--. 4 30543 30075 4096 Oct 21 2008 userdir5 drwx--. 8 30555 30075 4096 Oct 31 10:36 userdir5 Other details: centos 6.2, smbldap-tools 0.9.6, openldap 2.4.23 I've fussed with /etc/nsswitch.conf, /etc/pam_ldap.conf, /etc/nslcd.conf, /etc/pam.d/system-auth, and /etc/sysconfig/authconfig. And selinux is off. I know the machine is successfully connecting to LDAP. An ldapsearch works from this machine, and I can even connect to a samba share with an ldap login through smbclient. Relevant parts of /etc/nsswitch: passwd: files ldap shadow: files ldap group: files ldap #hosts: db files nisplus nis dns hosts: files dns bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files ldap rpc:files services: files ldap netgroup: nisplus ldap #netgroup: ldap publickey: nisplus automount: files nisplus ldap #automount: files ldap aliases:files nisplus Relevant parts of /etc/pam_ldap.conf (everything else is commented out): host dir1.ourdomain.com base dc=.ourdomain,dc=com #uri ldaps://dir1.ourdomain.com uri ldap://dir1.ourdomain.com # basic auth config binddn cn=admin,dc=ourdomain,dc=com rootbinddn cn=admin,dc=ourdomain,dc=com # random stuff #timelimit 120 #bind_timelimit 120 #bind_policy hard # brought these times down wmodes Aug 11, 2008 timelimit 30 bind_timelimit 30 bind_policy soft idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap # pam config #pam_password md5 pam_password md5 # config for nss nss_base_passwd ou=people,dc=ourdomain,dc=com?one nss_base_shadow ou=people,dc=ourdomain,dc=com?one nss_base_group ou=group,dc=ourdomain,dc=com?one # OpenLDAP SSL mechanism # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 ssl no # OpenLDAP SSL options # Require and verify server certificate (yes/no) #tls_checkpeer yes # CA certificates for server certificate verification tls_cacertfile /etc/openldap/cacerts/cacert.pem tls_cacertdir /etc/openldap/cacerts # Client certificate and key tls_cert /etc/openldap/cacerts/servercert.pem tls_key /etc/openldap/cacerts/serverkey.pem Relevant parts of /etc/pam.d/system-auth: authrequired pam_env.so authsufficientpam_fprintd.so authsufficientpam_unix.so nullok try_first_pass authrequisite pam_succeed_if.so uid = 500 quiet authsufficientpam_ldap.so use_first_pass authrequired pam_deny.so account required pam_unix.so account sufficientpam_localuser.so account sufficientpam_succeed_if.so uid 500 quiet account [default=bad success=ok user_unknown=ignore] pam_ldap.so account required pam_permit.so passwordrequisite pam_cracklib.so try_first_pass retry=3 type= passwordsufficientpam_unix.so sha512 shadow nullok try_first_pass use_authtok passwordsufficientpam_ldap.so use_authtok passwordrequired pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_ldap.so session optional pam_mkhomedir.so skel=/etc/skel umask=077 And the only line in /etc/sysconfig/authconfig I changed was: USELDAP=yes Any thoughts? For those who are experienced with nis and pam, I'm sure this is a no brainer, but I could sure use the little bit of your brain that knows how to fix this. Wes -- Wes Modes Systems Designer,
Re: [CentOS] LDAP users/groups not showing up with nis, pam, ldap
Or just stopping it. On Thu, Feb 21, 2013 at 2:56 PM, Cliff Pratt enkiduonthe...@gmail.com wrote: Do you have nscd running? If so, try stopping and starting that. Cheers, Cliff On Thu, Feb 21, 2013 at 12:50 PM, Wes Modes wmo...@ucsc.edu wrote: I am trying to configure NIS, PAM, LDAP on a CentOS 6.2 host. I've previously installed a similar configuration on RHEL4, but CentOS now uses nss-pam-ldapd and nslcd instead of nss_ldap, so the configurations are a little different. Currently, local users and groups are showing up but not LDAP users. When I do a /getent passwd/ and/getent group/ I don't get LDAP users. When I do a listing of a share directory that should have user and group ownership determined by LDAP, I get the uidNumbers and gidNumbers rather than the UIDs and GIDs. [root@edgar2 openldap]# ls -l /data/home | tail drwx--. 2 30634 30080 4096 Mar 18 2009 userdir1 drwx--. 33 30548 30075 4096 Jan 29 15:20 userdir2 drwx--. 3 30554 30075 4096 Jan 26 2009 userdir3 drwx--. 12 30467 30075 4096 Jun 21 2012 userdir4 drwx--. 4 30543 30075 4096 Oct 21 2008 userdir5 drwx--. 8 30555 30075 4096 Oct 31 10:36 userdir5 Other details: centos 6.2, smbldap-tools 0.9.6, openldap 2.4.23 I've fussed with /etc/nsswitch.conf, /etc/pam_ldap.conf, /etc/nslcd.conf, /etc/pam.d/system-auth, and /etc/sysconfig/authconfig. And selinux is off. I know the machine is successfully connecting to LDAP. An ldapsearch works from this machine, and I can even connect to a samba share with an ldap login through smbclient. Relevant parts of /etc/nsswitch: passwd: files ldap shadow: files ldap group: files ldap #hosts: db files nisplus nis dns hosts: files dns bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files ldap rpc:files services: files ldap netgroup: nisplus ldap #netgroup: ldap publickey: nisplus automount: files nisplus ldap #automount: files ldap aliases:files nisplus Relevant parts of /etc/pam_ldap.conf (everything else is commented out): host dir1.ourdomain.com base dc=.ourdomain,dc=com #uri ldaps://dir1.ourdomain.com uri ldap://dir1.ourdomain.com # basic auth config binddn cn=admin,dc=ourdomain,dc=com rootbinddn cn=admin,dc=ourdomain,dc=com # random stuff #timelimit 120 #bind_timelimit 120 #bind_policy hard # brought these times down wmodes Aug 11, 2008 timelimit 30 bind_timelimit 30 bind_policy soft idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap # pam config #pam_password md5 pam_password md5 # config for nss nss_base_passwd ou=people,dc=ourdomain,dc=com?one nss_base_shadow ou=people,dc=ourdomain,dc=com?one nss_base_group ou=group,dc=ourdomain,dc=com?one # OpenLDAP SSL mechanism # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 ssl no # OpenLDAP SSL options # Require and verify server certificate (yes/no) #tls_checkpeer yes # CA certificates for server certificate verification tls_cacertfile /etc/openldap/cacerts/cacert.pem tls_cacertdir /etc/openldap/cacerts # Client certificate and key tls_cert /etc/openldap/cacerts/servercert.pem tls_key /etc/openldap/cacerts/serverkey.pem Relevant parts of /etc/pam.d/system-auth: authrequired pam_env.so authsufficientpam_fprintd.so authsufficientpam_unix.so nullok try_first_pass authrequisite pam_succeed_if.so uid = 500 quiet authsufficientpam_ldap.so use_first_pass authrequired pam_deny.so account required pam_unix.so account sufficientpam_localuser.so account sufficientpam_succeed_if.so uid 500 quiet account [default=bad success=ok user_unknown=ignore] pam_ldap.so account required pam_permit.so passwordrequisite pam_cracklib.so try_first_pass retry=3 type= passwordsufficientpam_unix.so sha512 shadow nullok try_first_pass use_authtok passwordsufficientpam_ldap.so use_authtok passwordrequired pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_ldap.so session optional pam_mkhomedir.so skel=/etc/skel umask=077 And the only line in /etc/sysconfig/authconfig I changed was: USELDAP=yes Any thoughts? For those who are experienced with nis and pam, I'm sure this is a no brainer, but I could sure
Re: [CentOS] The moving of VNC port from 580n to 590n
On Mon, Feb 4, 2013 at 10:20 AM, Robert Moskowitz r...@htt-consult.com wrote: On my 'older' systems that include Centos 5.5 and Fedora 12, vncserver is running on ports 580n where n is defined by userid in the /etc/sysconfig/vncserver I just spent a bit of time getting it working on my new Centos 6.3 server and found it listening on ports 590n. When did the change occur? And guess I should test out where it is on Fedora 17... There's a lot of conflicting information on this topic on the Internet. Most current VNC servers seem to listen on port 590n. I've seen it claimed that a) port 580n is not used and can be blocked, b) 580n is used for the Java VNC client, c) 580n is used for browser requests for VNC (probably via the Java VNC client, I'd guess). I don't know when the change occurred and it may be that it happened when RH changed from one VNC brand to another. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] crontab and gedit
On Fri, Jan 25, 2013 at 4:34 AM, m.r...@5-cent.us wrote: What, you're forgetting, was it LA or SF, that just had that happen very publicly, when that admin left and didn't want to tell the admins the passwords, a couple of years ago? No. A manager should *always* have the written passwords, somewhere, if you quit, or get hit by a car coming back from lunch I used to think that, but a password is almost always recoverable, on more or less any Linux system. It may be inconvenient and time consuming, even expensive for one reason or another, but a password is almost always recoverable or resettable so I've stopped worrying about making my passwords 100% safe from destruction or loss. However they should be as close to 100% secure from being stolen as possible. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] crontab and gedit
On Thu, Jan 24, 2013 at 7:52 AM, Robert Moskowitz r...@htt-consult.com wrote: On 01/23/2013 01:39 PM, m.r...@5-cent.us wrote: Robert Moskowitz wrote: On 01/23/2013 06:23 AM, Adekoya Adekunle wrote: How can I open crontab with gedit any any other editor ? i want to edit my cron jobs with other editors beside vi. From a terminal window: su gedit /etc/crontab I do it all the time. I suppose there is a one line variant with sudo, but I tend to have a root terminal open for lots of different things. Bad idea. Very much depreciated. You should edit crontab using -e [1], and sudoers with visudo. 1] to use a different editor, from the man pages: ENVIRONMENT VISUAL Invoked by visudo as the editor to use EDITOR Used by visudo if VISUAL is not set Using the correct tool invokes syntax checking *before* it's saved. If you don't have root password, you could seriously be up the creek if you make a typo in sudoers Serious typos abound. The most serious one I did was to fstab once upon a time. I don't use sudo. If I need root changes, I better have the root password to use su. If I don't have the root password, then it is either not my system to change, or I have a serious problem indeed. That's fine unless you have 100s of machines to administer. If you have 100 machines do you a) set all the root passwords to the same, or b) maintain a manual file of logins. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cronjob not running
Kunle, cron does not have the same environment as the user logged in as root. Specifically, it doesn't have the same 'PATH'. So the safest thing to do, when you refer to an executable such as 'curl' is provide the full path to the executable. If you run 'which curl' at the command prompt it will show the location of 'curl'. Probably it will be '/usr/bin/curl'. I would suggest that you modify the crontab to have the full path. Cheers, Cliff On Wed, Jan 23, 2013 at 7:23 AM, Adekoya Adekunle adekunleadek...@gmail.com wrote: i did this from the console crontab -e then i inserted this in my vi editor 10 * * * * curl http://mysite.com/test.php then i exited vi then i did crontab -l and the cron job was listed then i did /sbin/service crond start and i waited for 10 mins to get a message echo to my console. the message is displayed in my browser when the php script(http://mysite.com/test.php) is loaded via my browser. The message is also shown on my console when d curl command is run direct from the console. the problem is getting the message from the cronjob. what could be wrong ? could it be that the job is not well setup ? note , i logged in as root user. please help regards kunle ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /tmp directory
On Tue, Dec 11, 2012 at 9:57 PM, Leon Fauster leonfaus...@googlemail.com wrote: Am 10.12.2012 um 18:01 schrieb Rudi Ahlers: On Mon, Dec 10, 2012 at 6:58 PM, m.r...@5-cent.us wrote: i would suggest another point of view - what should use tmp? Users, Admins speak humans or scripts, apps speak machines? It's for whatever you like to use it for that you don't mind losing. I sometimes put packages there that I am going to install, sometimes script temporary files, sometimes data files I want to look at, eg chunks of log files. Some packages (eg Apache Tomcat) seem to use it too. I've used it for script generated scripts too. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing Java 7 on a system with Java 6
You can install version 7 alongside version 6, but you will most likely have to get the package directly from the Java site. Cheers, Cliff On Fri, Nov 9, 2012 at 2:30 PM, John J. Boyer john.bo...@abilitiessoft.com wrote: My system is 5.6, with upgrades. I installed Java 6 from the Centos repository. It doesn't seem to have Java 7. I need the development package. How can I install Java 7 development safely? I imagine I will first have to uninstall Java 6. Thanks, John -- John J. Boyer; President, Chief Software Developer Abilitiessoft, Inc. http://www.abilitiessoft.com Madison, Wisconsin USA Developing software for people with disabilities ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sending Email Via Telnet
On Wed, Oct 17, 2012 at 8:40 AM, Blake Hudson bl...@ispn.net wrote: Alexander Dalloz wrote the following on 10/16/2012 1:41 PM: Am 16.10.2012 20:13, schrieb Les Mikesell: ]# netstat -pant|grep :25|grep LISTEN tcp0 0 209.216.9.56:25 0.0.0.0:* LISTEN 14058/master tcp0 0 127.0.0.1:250.0.0.0:* LISTEN 14058/master Something is clearly going wrong. Try 'strace -p 14058' (the process currently listening) in one window while you telnet in another. Before tracing anything (processes or network traffic) the OP should check the maillog. It for sure will the the truth about what is going on. Alexander +1 The OP did say a few messages above that there was nothing in the logs. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Simple routing question
On Wed, Sep 5, 2012 at 9:00 AM, James B. Byrne byrn...@harte-lyne.ca wrote: On Tue, September 4, 2012 16:51, Les Mikesell wrote: That should happen directly without C's involvement if the netmask is 255.255.0.0 on A and B's eth1 interfaces. It is not. The netmask on those interfaces is 255.255.255.0. Instead it goes to Eth0 on C where it dies as one would expect. Why does C have both internet and LAN addresses on the same interfaces? I am experimenting to see if this arrangement is workable. I want to know if it is possible to have two separate 192.168.x subnets on the same network. Why? I do not have a purpose in mind. I am just checking out whether it can work or not. If it is impossible then then I will discover why that is so, which I think will be useful in itself. IMO you need to configure the two subnets separately and set the netmask to 255.255.255.0. Then route traffic between the LANs via either the firewall or another routing device on the shared network. I've done similar in the past to migrate from one IP range to another. Having both networks connect to the firewall router is risky in case of a misconfiguration. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using two subnets to change network configuration
On Thu, Jul 26, 2012 at 12:52 PM, Harold Pritchett har...@uga.edu wrote: Problem: My network uses the 192.168.1.0/24 network. Since is the most common network in all of the world it begins presenting problems when I want to set up vpns, or try to do other routing. The solution: Change the network from 192.168.1.0/24 to 172.24.24.0/22. This is somewhere in the middle of the less frequently used RFC-1918 20 bit private network range. My network contains 40 or so nodes, windows, linux, and proprietary operating systems of various types (TiVos, iPhones, iPads, TVs, BluRay players, WAP's, etc.) What I would like to do to minimize down time would be to create a single new machine on the network with addresses on both networks and set up as a router between the networks. That way, I can convert the machines one at a time, and not loose any connectivity. When all done, take the temporary router down and just use the new addresses. Machines are set up both static and DHCP, and there are some virtual servers running on a VMware machine. Updating all of the machines using DHCP can be done in a single pass, but the static machines will have to be done one at a time. Can anyone give me any pointers to web sites to help set this up. I know how to set up multiple addresses on the same NIC (eth0 and eth0:0). After that, I'm at a bit of a loss. I can confirm that this works - I've done it a few millennia ago. As I very vaguely recall you need to turn on forwarding and set up routing on the router machine. Also any routers on the network segment might need to be changed to send traffic destined for the new network to the router. You might have issues with DNS, WINS, etc. You would need to change any routers to not use the temporary router when you switch to the new network. And Yes, I know setting up multiple subnets on the same physical wire is a bad idea, but this is only for a couple of days until I can get everything moved to the new address scheme. Why? It can be confusing, yes, but many people route VOIP over the same cabling to desk phones. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Oracle tries to capture CentOS users
On Tue, Jul 24, 2012 at 11:47 AM, Timothy Murphy gayle...@eircom.net wrote: Fernando Cassia wrote: I don' t think that would happen anytime soon. AFAIK if you check distrowatch Oracle Linux ranks #50 and CentOS ranks #8. Also, I read somewhere that ORCL has 8,000 paid custmers to their Linux subscription hardly a major player still. But like I said, the more competition wrt pricing the better. Be difficult to beat CentOS on price, surely? RedHat and Oracle both provide value-add services. THAT is what you pay for. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] wins option in nsswitch.conf not working
On Mon, Jun 4, 2012 at 5:50 AM, Peter Peltonen peter.pelto...@gmail.com wrote: I am trying to get BackupPC working with automount as documented in this CentOS HowTo: http://wiki.centos.org/HowTos/BackupPC I think my CentOS6 box's NetBIOS name resolving is not working correctly as when I try to access the mount for Win7 machine called Parallels I get this: [root@au ~]# ls /windows ls: cannot access /windows/parallels: No such file or directory parallels [root@au ~]# cd /windows/parallels -bash: cd: /windows/parallels: No such file or directory and I cannot ping the Win7 machine with its NetBIOS name: [root@au ~]# ping parallels ping: unknown host parallels If I add wins at the end of the hosts section in /etc/nsswitch.conf the resolver seems to get stuck as after ping it just hangs (there is no output, I have to quit it with CTRL+C) smbclient seems to work though: [root@au ~]# smbclient -L parallels -U Administrator Enter Administrator's password: Domain=[PARALLELS] OS=[Windows 7 Professional 7601 Service Pack 1] Server=[Windows 7 Professional 6.1] Sharename Type Comment - --- ADMIN$ Disk Remote Admin C$ Disk Default share IPC$ IPC Remote IPC test Disk Domain=[PARALLELS] OS=[Windows 7 Professional 7601 Service Pack 1] Server=[Windows 7 Professional 6.1] Server Comment - --- Workgroup Master - --- Why does the wins option not work in nsswitch.conf? What should I do to get automount working with CentOS + Win7 shares? You don't give enough information. For instance, use the the 'mount' command to show the mount for the share. Secondly the message indicates that the file or directory cannot be found, not that name resolution is not happening. Thirdly, ping uses DNS not netbios by default so it is not able to find a DNS entry for 'parallels'. Please show the DNS entry for 'parallels' and the resolv.conf contents. Finally, a 'hang' usually indicates a lookup issue. What are the details for the wins server? Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] hack / spam/ probe /attack
On Fri, May 4, 2012 at 6:14 AM, m.r...@5-cent.us wrote: bob wrote: On 5/3/2012 1:59 PM, m.r...@5-cent.us wrote: Tim Evans wrote: On 05/03/2012 01:43 PM, bob wrote: so last night all my servers were severely probed and they tried to So I sent them the info and said it must be a hacked server (the ip is on their business network) Responsible ISP's maintain an 'abuse' mailbox (e.g., ab...@isp.com). Complaints I've sent to several ISP's via this route have always gotten prompt, responses. Same here. Did they not understand what you were contacting them about... or did you email their support, in which case that's not what they do. They *should* have told you who to contact, though, not go away, boy, you bother me. yea, I went to thier top tier support and asked where I should send my info and they told me to bugger off. will try abuse when I get home. Not sure any of this is worth the effort, but will try now and then when probed...lol Do it. And try abuse; if not, I meant it about asking for the legal service address, which is what you have your lawyer send a letter to. Or the FBI. Give them something to do other than setting up naive innocent idiots so they can bust them for Big Headlines. My mother told me that abuse rarely helps. Talking nicely often does. LOL. (Joking, of course). Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] build postfix rpm with mysql
On Sun, Mar 25, 2012 at 3:32 PM, Tim Dunphy bluethu...@gmail.com wrote: hello list, I'm trying to build a postfix rpm that has mysql support included. I've found the line where I need to define mysql support but it seems that I am being tripped up by some build dependencies: [root@beta SPECS]# rpmbuild -ba postfix.spec error: Failed build dependencies: MySQL-shared is needed by postfix-2.9.1-1.rhel5.x86_64 MySQL-devel is needed by postfix-2.9.1-1.rhel5.x86_64 Why don't you just install the packages? Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] testing a udp socket with netcat
On Thu, Mar 15, 2012 at 3:56 AM, Arif Hossain freefall1...@gmail.com wrote: On Wed, 2012-03-14 at 14:11 +, Giles Coochey wrote: --ms00020507030501060609 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable On 14/03/2012 13:59, Arif Hossain wrote: On Wed, 2012-03-14 at 08:37 -0500, Les Mikesell wrote: On Wed, Mar 14, 2012 at 8:25 AM, Arif Hossainfreefall1...@gmail.com = wrote: i've this udp daemon which is waiting for an incoming udp datagram. n= ow i want test this daemon for random garbage to test how it behaves. My= udp daemon is running because its shows on netstat. problem is if i issue following command for putting udp datagram : $nc -uvvzhost port it does not output any thing. i have straced the udp daemon. which do= es not returns from recv() call. my goal is to ppience regarding netcat so i'm asking if anyone can he= lp me out with this. Do you have iptables running? The default config would probably block your udp traffic. here is my iptable-rules # Generated by iptables-save v1.4.7 on Wed Mar 14 19:58:13 2012 *mangle :PREROUTING ACCEPT [329554:95268521] :INPUT ACCEPT [88918:46924677] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [7296:1924138] :POSTROUTING ACCEPT [7296:1924138] COMMIT # Completed on Wed Mar 14 19:58:13 2012 # Generated by iptables-save v1.4.7 on Wed Mar 14 19:58:13 2012 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [206514:24743648] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dportport -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT # Completed on Wed Mar 14 19:58:13 2012 And your INPUT chain rejects everything that is not matched by those=20 lines above it. You'll need a: -A INPUT -p udp --dport port -j ACCEPT in there before you go to REJECT= =2E --=20 Best Regards, for testing purpose i have flushed all rules in iptables -t filter $iptables -t filter --flush but still if try putting data by nc: $nc -uvv localhost 7160 outputs : write error: connection refused. Is the UDP daemon listening on 127.0.0.1 (localhost)? Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtual Machine Manager error
On Wed, Jan 18, 2012 at 9:17 PM, Rajagopal Swaminathan raju.rajs...@gmail.com wrote: Install libvirt and run the libvirtd service. . Complete! [root@centos Desktop]# service libvert status libvert: unrecognized service He said libvirtd not libvirt. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] what percent of time are there unpatched exploits against default config?
On Sun, Jan 1, 2012 at 11:45 AM, Timothy Murphy gayle...@alice.it wrote: Les Mikesell wrote: Someone cracked my gmail password and sent what seemed like an oddly small amount of spam from it. gmail and hotmail must be very easy to crack, or is there some check apart from the password? That doesn't work for web services open to the public. You need firewalls that can work at wire speed filtering the inbound URLs for known attack patterns, plus of course, updating the software as quickly as possible to fix the vulnerabilities. Yes, I'm more worried about attacks through port 80. Can anyone point me to documentation on protecting a web-server? A server serving just static pages on port 80 would be pretty much safe. A server that provides dynamic pages (eg script-generated with a database backend) can never be completely safe. A book like this is probably what you are looking for: http://www.wilyhacker.com/ Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] what percent of time are there unpatched exploits against default config?
On Fri, Dec 30, 2011 at 4:00 AM, m.r...@5-cent.us wrote: 夜神 岩男 wrote: On 12/29/2011 10:21 PM, Marko Vojinovic wrote: On Thursday 29 December 2011 13:07:56 Reindl Harald wrote: Am 29.12.2011 12:56, schrieb Leonard den Ottolander: On Thu, 2011-12-29 at 12:29 +0100, Reindl Harald wrote: Am 29.12.2011 09:17, schrieb Bennett Haselton: Even though the ssh key is more random, they're both sufficiently random that it would take at least hundreds of years to get in by trial and error. if you really think your 12-chars password is as secure as a ssh-key protcected with this password you should consider to take some education in security snip It is very inconvenient for people who need to login to their servers from random remote locations (ie. people who travel a lot or work in hardware-controlled environment). Besides, it is essentially a question of overkill. If password is not good enough, you could argue that the key is also not good enough --- two keys (or a larger one) would be more secure. Where do you draw the line? snip When traveling I log in to my home server and work servers with my laptop. Its really a *lot* easier than using a bunch of pasword schemes. snip Ah, that brings to mind another issue with only passwords: synchronization. I worked as a subcontractor for a *huge* US co a few years ago. I've *never* had to write passwords down... but for there, I had a page of them! Our group's, the corporate test systems, the corporate *production* systems, and *each* had their own, along with their own password aging (there was *no* single sign-on), the contracting co's We use PasswordSafe to solve that one. There are other similar products. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Group permission problems
On Tue, Dec 13, 2011 at 11:50 PM, Michael Velez mikev...@hotmail.com wrote: Hello all, I'm having an issue with group permissions which I really find hard to understand why. I have created a group called smbusers which I am a part of by doing the following: # groupadd smbusers# usermod -G smbusers michael I then created a directory called foodir, owned by adm with group smbusers and give the following permissions to it: 770 I verify the permissions are correct and are accessible by members of its group, but I cannot access the directory. Everytime I try to cd into the directory, I get a permission denied error. It is a group issue because when I change the permission to 777, I do have access. Below is output I get from different commands: # groups michaelmichael: michael, smbusers # groupsmichael adm #iduid=500(michael) gid=500(michael) groups=4(adm), 500(michael) The /etc/group file shows I'm in the smbusers group but does not show I'm in the adm group (although I believe I added myself to the adm group when I installed the operating system). Clear ly, I don't know what I'm doing and I am confused. Can anybody guide me to where I need to go? Thanks,Michael Use the id command to check what groups you are in. Stop nscd if it is running and run id again. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /etc/cron.d
You can put a crontab file in there. Just don't alter any of the others. Crond automatically runs everything in /etc/cron.d, in /etc/crontab, and in user crontabs. Cheers, Cliff On Thu, Dec 8, 2011 at 8:23 PM, Fajar Priyanto fajar...@arinet.org wrote: Hi all, Who takes care of cronjob in /etc/cron.d ? Should we tell crond to run it? /etc/crontab only mentions hourly, daily, weekly, monthly -- Thanks Fajar ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /etc/cron.d
On Thu, Dec 8, 2011 at 9:30 PM, Fajar Priyanto fajar...@arinet.org wrote: On Thu, Dec 8, 2011 at 4:27 PM, Cliff Pratt enkiduonthe...@gmail.com wrote: You can put a crontab file in there. Just don't alter any of the others. Crond automatically runs everything in /etc/cron.d, in /etc/crontab, and in user crontabs. That's what I thought, but /etc/crontab only mention this: # run-parts 01 * * * * root run-parts /etc/cron.hourly 02 4 * * * root run-parts /etc/cron.daily 22 4 * * 0 root run-parts /etc/cron.weekly 42 4 1 * * root run-parts /etc/cron.monthly No /etc/cron.d That's because crond already knows to look at /etc/crontab, /etc/cron.d and user cron tabs. It's hard coded. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] UC /etc/cron.d
It's a good idea NOT to put stuff in /etc/crontab and NOT to change the existing members of /etc/cron.d. It is a good idea NOT to change root's crontab. Any of these may get overwritten by maintenance. We generally put cron stuff in a locally named and created member in /etc/cron.d. Cheers, Cliff On Thu, Dec 8, 2011 at 11:01 PM, Rushton Martin jmrush...@qinetiq.com wrote: From man 8 cron Cron searches /var/spool/cron for crontab files which are named after accounts ... Cron also searches for /etc/crontab and the files in the directory, which are in a different format (see crontab(5) ). So cron itself knows about /etc/cron.d and checks it. No need to have an entry in /etc/crontab Martin Rushton HPC System Manager, Weapons Technologies Tel: 01959 514777, Mobile: 07939 219057 email: jmrush...@qinetiq.com www.QinetiQ.com QinetiQ - Delivering customer-focused solutions Please consider the environment before printing this email. -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Fajar Priyanto Sent: 08 December 2011 08:31 To: CentOS mailing list Subject: Re: [CentOS] /etc/cron.d On Thu, Dec 8, 2011 at 4:27 PM, Cliff Pratt enkiduonthe...@gmail.com wrote: You can put a crontab file in there. Just don't alter any of the others. Crond automatically runs everything in /etc/cron.d, in /etc/crontab, and in user crontabs. That's what I thought, but /etc/crontab only mention this: # run-parts 01 * * * * root run-parts /etc/cron.hourly 02 4 * * * root run-parts /etc/cron.daily 22 4 * * 0 root run-parts /etc/cron.weekly 42 4 1 * * root run-parts /etc/cron.monthly No /etc/cron.d ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. QinetiQ may monitor email traffic data and also the content of email for the purposes of security. QinetiQ Limited (Registered in England Wales: Company Number: 3796233) Registered office: Cody Technology Park, Ively Road, Farnborough, Hampshire, GU14 0LX http://www.qinetiq.com. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] UC /etc/cron.d
On Fri, Dec 9, 2011 at 10:07 AM, Reindl Harald h.rei...@thelounge.net wrote: Am 08.12.2011 22:04, schrieb Les Mikesell: On Thu, Dec 8, 2011 at 2:25 PM, Reindl Harald h.rei...@thelounge.net wrote: Am 08.12.2011 21:08, schrieb Cliff Pratt: It's a good idea NOT to put stuff in /etc/crontab and NOT to change the existing members of /etc/cron.d. It is a good idea NOT to change root's crontab. Any of these may get overwritten by maintenance. /etc/crontab will NEVER get overwritten to make it clear: NEVER EVER fedora did not overwrite any crontab from FC5 to F15 now because rpm-packages mark such configurations so the new versions get installed as .rpmnew Which means the changes those versions would like to have made won't take effect. So it is still best to avoid editing it yourself if you can put your local jobs in one of the other possible places. which means updates do not randomly change configurations and this is good so since it is your job as admin to look if the rpmnew contains anything which is interesting for you and if not let your working configuration in peace There should be no need to look at the .rpmnew files if you have done your job as admin properly. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] UC /etc/cron.d
On Fri, Dec 9, 2011 at 9:25 AM, Reindl Harald h.rei...@thelounge.net wrote: Am 08.12.2011 21:08, schrieb Cliff Pratt: It's a good idea NOT to put stuff in /etc/crontab and NOT to change the existing members of /etc/cron.d. It is a good idea NOT to change root's crontab. Any of these may get overwritten by maintenance. /etc/crontab will NEVER get overwritten to make it clear: NEVER EVER fedora did not overwrite any crontab from FC5 to F15 now because rpm-packages mark such configurations so the new versions get installed as .rpmnew Fair enough. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] UC /etc/cron.d
On Fri, Dec 9, 2011 at 1:03 PM, Reindl Harald h.rei...@thelounge.net wrote: Am 09.12.2011 00:53, schrieb Cliff Pratt: On Fri, Dec 9, 2011 at 10:07 AM, Reindl Harald h.rei...@thelounge.net wrote: Am 08.12.2011 22:04, schrieb Les Mikesell: On Thu, Dec 8, 2011 at 2:25 PM, Reindl Harald h.rei...@thelounge.net wrote: Am 08.12.2011 21:08, schrieb Cliff Pratt: It's a good idea NOT to put stuff in /etc/crontab and NOT to change the existing members of /etc/cron.d. It is a good idea NOT to change root's crontab. Any of these may get overwritten by maintenance. /etc/crontab will NEVER get overwritten to make it clear: NEVER EVER fedora did not overwrite any crontab from FC5 to F15 now because rpm-packages mark such configurations so the new versions get installed as .rpmnew Which means the changes those versions would like to have made won't take effect. So it is still best to avoid editing it yourself if you can put your local jobs in one of the other possible places. which means updates do not randomly change configurations and this is good so since it is your job as admin to look if the rpmnew contains anything which is interesting for you and if not let your working configuration in peace There should be no need to look at the .rpmnew files if you have done your job as admin properly. why are radnom people try to tell me how i have to do my job without knowing anyting about how i work? Touchy. no there is no need on the production machine becuase all preparing happens on a dedicated environment with where local and caching repos and build-environment is available and from where all TESTED updates are deployed Good for you. i do my job properly in making sure that no dumb change of any upstream maintainer is touching a configuration of relevant services Good. so what will you tell me after 200 ONLINE-dist-upgrades in the last view years on all sort of servers? I'd say that I been in the business for a long long time and I can still learn from other people. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] C6: ssh X-forwarding does not work
On Sat, Oct 29, 2011 at 8:58 PM, John Hodrien j.h.hodr...@leeds.ac.uk wrote: On Sat, 29 Oct 2011, Les Mikesell wrote: Do some of the checkbox installs omit it? I just ran into this on a system where I chose the 'web server' install, then wanted to run gparted remotely. Yes, it's definitely possible to install without it. I've done the same as you when setting up servers and had to add xauth afterwards to get remote X working. It's a real gotcha for people who don't know about it, as other than DISPLAY not being set, nothing leaps out at you to say it's because xauth isn't installed. It'd be quite nice if default ssh emitted a warning message about this at a non-debug level. It's not an ssh issue so why would ssh emit the message? Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6.0 i386 DVD
On Mon, Oct 17, 2011 at 11:47 PM, William L. Maltby centos4b...@triad.rr.com wrote: Frustration does funny things to logic. Ha! Nice one. Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] add on sata card relabeling drives, installation
On Sun, Oct 2, 2011 at 5:24 AM, Lamar Owen lo...@pari.edu wrote: On Saturday, October 01, 2011 12:56:46 AM Cliff Pratt wrote: prompt tune2fs /dev/sdb1 -U c491d94e-7004-4b08-9993-4c9a7a25b6b1 As the saying goes, try typing that fast ten times and see how many times the UUID ends up being fat-fignered. I said, in a bit that you snipped, cut-and-paste. Unless the UUID contains spellable words that use only the hex digits (like deadbeef, cafebabe, or similar). (you can find a list of 1196 hex words at http://nedbatchelder.com/text/hexwords.html ) Mnemonics are essential for jogging the memory... oh, wait Now, was that filesystem with the backup copy of that priceless one-in-a-lifetime video c491d94e-7004-4b08-9993-4c9a7a25b6b1 or was it bb6c2bb9-f01e-3135-a8de-9f885a7afdef or maybe it was f82ffa31-2587-3db8-970a-36e54e72621b... oh, I don't remember! That's silly. The UUID is probably only of interest when the disk or partition is being mounted. If it isn't mounted, mount it and *look*. But I guess if you physically label the disk with the partitioning and the UUID's of each filesystem, it might be workable. Too bad many, if not most, drive serial numbers are not spellable in hex Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
